Merge "feat(qemu): combine TF-A artefacts into ROM file" into integration
diff --git a/.husky/pre-commit.copyright b/.husky/pre-commit.copyright
index b5087a7..a4dfee8 100755
--- a/.husky/pre-commit.copyright
+++ b/.husky/pre-commit.copyright
@@ -18,7 +18,7 @@
exit_code=0
function user_warning() {
- echo -e "Copyright of $RED$FILE$BLANK is out of date"
+ echo -e "Copyright of $RED$FILE$BLANK is out of date/incorrect"
echo -e "Updated copyright to"
grep -nr "opyright.*$YEAR_RGX.*$ARM_RGX" "$FILE"
echo
@@ -38,15 +38,21 @@
if grep "opyright.*$YEAR_RGX.*-.*$YEAR_RGX.*$ARM_RGX" "$FILE" >/dev/null 2>&1
then
exit_code=1
- sed -i "s/\(opyright.*\)$YEAR_RGX\(.*$ARM_RGX\)/\1$(date +"%Y")\2/" $FILE
+ sed -i "s/\(opyright.*\)$YEAR_RGX\(.*$ARM_RGX\)/\1$(date +"%Y"), Arm/" $FILE
user_warning
# If it is single "date" type of entry - add the copyright extension to current year.
elif grep "opyright.*$YEAR_RGX.*$ARM_RGX" "$FILE" >/dev/null 2>&1
then
exit_code=1
- sed -i "s/\(opyright.*$YEAR_RGX\)\(.*$ARM_RGX\)/\1-$(date +"%Y")\2/" $FILE
+ sed -i "s/\(opyright.*$YEAR_RGX\)\(.*$ARM_RGX\)/\1-$(date +"%Y"), Arm/" $FILE
user_warning
fi
+ # Even if the year is correct - verify that Arm copyright is formatted correctly.
+ elif grep "opyright.*\(ARM\|arm\)" "$FILE">/dev/null 2>&1
+ then
+ exit_code=1
+ sed -i "s/\(opyright.*\)\(ARM\|arm\)/\1Arm/" $FILE
+ user_warning
fi
done <<< "$FILES"
diff --git a/.readthedocs.yaml b/.readthedocs.yaml
new file mode 100644
index 0000000..2b418ae
--- /dev/null
+++ b/.readthedocs.yaml
@@ -0,0 +1,24 @@
+# Copyright (c) 2023, Arm Limited. All rights reserved
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# Configuration file for the readthedocs deploy
+# Available at https://trustedfirmware-a.readthedocs.io/en/latest/
+
+
+# readthedocs config version
+version: 2
+
+build:
+ os: ubuntu-22.04 # Ubuntu Jammy LTS
+ tools:
+ python: "3.10"
+ apt_packages:
+ - plantuml
+
+python:
+ install:
+ - requirements: docs/requirements.txt
+
+sphinx:
+ configuration: docs/conf.py
diff --git a/Makefile b/Makefile
index e2922a2..b9ca664 100644
--- a/Makefile
+++ b/Makefile
@@ -445,6 +445,8 @@
GCC_V_OUTPUT := $(shell $(CC) -v 2>&1)
+TF_LDFLAGS += -z noexecstack
+
# LD = armlink
ifneq ($(findstring armlink,$(notdir $(LD))),)
TF_LDFLAGS += --diag_error=warning --lto_level=O1
@@ -456,6 +458,10 @@
# Pass ld options with Wl or Xlinker switches
TF_LDFLAGS += -Wl,--fatal-warnings -O1
TF_LDFLAGS += -Wl,--gc-sections
+
+TF_LDFLAGS += -Wl,-z,common-page-size=4096 # Configure page size constants
+TF_LDFLAGS += -Wl,-z,max-page-size=4096
+
ifeq ($(ENABLE_LTO),1)
ifeq (${ARCH},aarch64)
TF_LDFLAGS += -flto -fuse-linker-plugin
@@ -471,12 +477,21 @@
# LD = gcc-ld (ld) or llvm-ld (ld.lld) or other
else
-TF_LDFLAGS += --fatal-warnings -O1
+# With ld.bfd version 2.39 and newer new warnings are added. Skip those since we
+# are not loaded by a elf loader.
+TF_LDFLAGS += $(call ld_option, --no-warn-rwx-segments)
+TF_LDFLAGS += -O1
TF_LDFLAGS += --gc-sections
+
+TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
+TF_LDFLAGS += -z max-page-size=4096
+
# ld.lld doesn't recognize the errata flags,
-# therefore don't add those in that case
+# therefore don't add those in that case.
+# ld.lld reports section type mismatch warnings,
+# therefore don't add --fatal-warnings to it.
ifeq ($(findstring ld.lld,$(notdir $(LD))),)
-TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
+TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH)) --fatal-warnings
endif
endif
@@ -631,6 +646,22 @@
include ${PLAT_MAKEFILE_FULL}
+# This internal flag is common option which is set to 1 for scenarios
+# when the BL2 is running in EL3 level. This occurs in two scenarios -
+# 4 world system running BL2 at EL3 and two world system without BL1 running
+# BL2 in EL3
+
+ifeq (${RESET_TO_BL2},1)
+ BL2_RUNS_AT_EL3 := 1
+ ifeq (${ENABLE_RME},1)
+ $(error RESET_TO_BL2=1 and ENABLE_RME=1 configuration is not supported at the moment.)
+ endif
+else ifeq (${ENABLE_RME},1)
+ BL2_RUNS_AT_EL3 := 1
+else
+ BL2_RUNS_AT_EL3 := 0
+endif
+
$(eval $(call MAKE_PREREQ_DIR,${BUILD_PLAT}))
ifeq (${ARM_ARCH_MAJOR},7)
@@ -652,21 +683,25 @@
endif
ifeq ($(ENABLE_PIE),1)
-ifeq ($(BL2_AT_EL3),1)
+ifeq ($(RESET_TO_BL2),1)
ifneq ($(BL2_IN_XIP_MEM),1)
+ BL2_CPPFLAGS += -fpie
BL2_CFLAGS += -fpie
BL2_LDFLAGS += $(PIE_LDFLAGS)
endif
endif
- BL31_CFLAGS += -fpie
+ BL31_CPPFLAGS += -fpie
+ BL31_CFLAGS += -fpie
BL31_LDFLAGS += $(PIE_LDFLAGS)
+
+ BL32_CPPFLAGS += -fpie
BL32_CFLAGS += -fpie
BL32_LDFLAGS += $(PIE_LDFLAGS)
endif
ifeq (${ARCH},aarch64)
BL1_CPPFLAGS += -DIMAGE_AT_EL3
-ifeq ($(BL2_AT_EL3),1)
+ifeq ($(RESET_TO_BL2),1)
BL2_CPPFLAGS += -DIMAGE_AT_EL3
else
BL2_CPPFLAGS += -DIMAGE_AT_EL1
@@ -743,9 +778,9 @@
$(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
endif
-#For now, BL2_IN_XIP_MEM is only supported when BL2_AT_EL3 is 1.
-ifeq ($(BL2_AT_EL3)-$(BL2_IN_XIP_MEM),0-1)
-$(error "BL2_IN_XIP_MEM is only supported when BL2_AT_EL3 is enabled")
+#For now, BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is 1.
+ifeq ($(RESET_TO_BL2)-$(BL2_IN_XIP_MEM),0-1)
+$(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
endif
# For RAS_EXTENSION, require that EAs are handled in EL3 first
@@ -1098,7 +1133,7 @@
USE_ROMLIB \
USE_TBBR_DEFS \
WARMBOOT_ENABLE_DCACHE_EARLY \
- BL2_AT_EL3 \
+ RESET_TO_BL2 \
BL2_IN_XIP_MEM \
BL2_INV_DCACHE \
USE_SPINLOCK_CAS \
@@ -1143,6 +1178,7 @@
ENABLE_FEAT_RNG_TRAP \
ENABLE_FEAT_SB \
ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_TCR2 \
ENABLE_FEAT_VHE \
ENABLE_MPAM_FOR_LOWER_ELS \
ENABLE_RME \
@@ -1243,7 +1279,8 @@
USE_ROMLIB \
USE_TBBR_DEFS \
WARMBOOT_ENABLE_DCACHE_EARLY \
- BL2_AT_EL3 \
+ RESET_TO_BL2 \
+ BL2_RUNS_AT_EL3 \
BL2_IN_XIP_MEM \
BL2_INV_DCACHE \
USE_SPINLOCK_CAS \
@@ -1274,6 +1311,7 @@
ENABLE_FEAT_VHE \
ENABLE_FEAT_CSV2_2 \
ENABLE_FEAT_PAN \
+ ENABLE_FEAT_TCR2 \
FEATURE_DETECTION \
TWED_DELAY \
ENABLE_FEAT_TWED \
@@ -1350,7 +1388,7 @@
endif
ifeq (${NEED_BL2},yes)
-ifeq (${BL2_AT_EL3}, 0)
+ifeq (${RESET_TO_BL2}, 0)
FIP_BL2_ARGS := tb-fw
endif
diff --git a/bl1/bl1.ld.S b/bl1/bl1.ld.S
index c4ec5fe..bec234b 100644
--- a/bl1/bl1.ld.S
+++ b/bl1/bl1.ld.S
@@ -1,13 +1,12 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
- * The .data section gets copied from ROM to RAM at runtime.
- * Its LMA should be 16-byte aligned to allow efficient copying of 16-bytes
- * aligned regions in it.
+ * The .data section gets copied from ROM to RAM at runtime. Its LMA should be
+ * 16-byte aligned to allow efficient copying of 16-bytes aligned regions in it.
* Its VMA must be page-aligned as it marks the first read/write page.
*/
#define DATA_ALIGN 16
@@ -24,23 +23,26 @@
RAM (rwx): ORIGIN = BL1_RW_BASE, LENGTH = BL1_RW_LIMIT - BL1_RW_BASE
}
-SECTIONS
-{
+SECTIONS {
. = BL1_RO_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL1_RO_BASE address is not aligned on a page boundary.")
+ "BL1_RO_BASE address is not aligned on a page boundary.")
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
*bl1_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
} >ROM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
+ /* .ARM.extab and .ARM.exidx are only added because Clang needs them */
.ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
} >ROM
@@ -51,51 +53,57 @@
.rodata . : {
__RODATA_START__ = .;
+
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
/*
* No need to pad out the .rodata section to a page boundary. Next is
* the .data section, which can mapped in ROM with the same memory
* attributes as the .rodata section.
*
- * Pad out to 16 bytes though as .data section needs to be 16 byte
- * aligned and lld does not align the LMA to the aligment specified
+ * Pad out to 16 bytes though as .data section needs to be 16-byte
+ * aligned and lld does not align the LMA to the alignment specified
* on the .data section.
*/
__RODATA_END__ = .;
- . = ALIGN(16);
+
+ . = ALIGN(16);
} >ROM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*bl1_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
*(.vectors)
+
__RO_END__ = .;
/*
- * Pad out to 16 bytes as .data section needs to be 16 byte aligned and
- * lld does not align the LMA to the aligment specified on the .data
- * section.
+ * Pad out to 16 bytes as the .data section needs to be 16-byte aligned
+ * and lld does not align the LMA to the alignment specified on the
+ * .data section.
*/
- . = ALIGN(16);
+ . = ALIGN(16);
} >ROM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
ASSERT(__CPU_OPS_END__ > __CPU_OPS_START__,
- "cpu_ops not defined for this platform.")
+ "cpu_ops not defined for this platform.")
. = BL1_RW_BASE;
+
ASSERT(BL1_RW_BASE == ALIGN(PAGE_SIZE),
- "BL1_RW_BASE address is not aligned on a page boundary.")
+ "BL1_RW_BASE address is not aligned on a page boundary.")
DATA_SECTION >RAM AT>ROM
+
__DATA_RAM_START__ = __DATA_START__;
__DATA_RAM_END__ = __DATA_END__;
@@ -105,24 +113,26 @@
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
- * memory attributes for the coherent data page tables.
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct memory
+ * attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure the rest of
+ * the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
-#endif
+#endif /* USE_COHERENT_MEM */
__BL1_RAM_START__ = ADDR(.data);
__BL1_RAM_END__ = .;
@@ -135,15 +145,16 @@
* of BL1's actual content in Trusted ROM.
*/
__BL1_ROM_END__ = __DATA_ROM_START__ + __DATA_SIZE__;
+
ASSERT(__BL1_ROM_END__ <= BL1_RO_LIMIT,
- "BL1's ROM content has exceeded its limit.")
+ "BL1's ROM content has exceeded its limit.")
__BSS_SIZE__ = SIZEOF(.bss);
#if USE_COHERENT_MEM
__COHERENT_RAM_UNALIGNED_SIZE__ =
__COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__;
-#endif
+#endif /* USE_COHERENT_MEM */
ASSERT(. <= BL1_RW_LIMIT, "BL1's RW section has exceeded its limit.")
}
diff --git a/bl1/bl1.mk b/bl1/bl1.mk
index 9f63fd5..0c43f13 100644
--- a/bl1/bl1.mk
+++ b/bl1/bl1.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -29,4 +29,4 @@
BL1_SOURCES += bl1/bl1_fwu.c
endif
-BL1_LINKERFILE := bl1/bl1.ld.S
+BL1_DEFAULT_LINKER_SCRIPT_SOURCE := bl1/bl1.ld.S
diff --git a/bl1/bl1_fwu.c b/bl1/bl1_fwu.c
index b70bffd..6d4dc7e 100644
--- a/bl1/bl1_fwu.c
+++ b/bl1/bl1_fwu.c
@@ -420,7 +420,7 @@
* Image is in RESET state.
* Check the parameters and authenticate the source image in place.
*/
- if (bl1_plat_mem_check(image_src, image_size, \
+ if (bl1_plat_mem_check(image_src, image_size,
desc->ep_info.h.attr) != 0) {
WARN("BL1-FWU: Authentication arguments source/size not mapped\n");
return -ENOMEM;
diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S
index 80cf7db..458a12b 100644
--- a/bl2/bl2.ld.S
+++ b/bl2/bl2.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,28 +15,31 @@
RAM (rwx): ORIGIN = BL2_BASE, LENGTH = BL2_LIMIT - BL2_BASE
}
-
-SECTIONS
-{
+SECTIONS {
. = BL2_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL2_BASE address is not aligned on a page boundary.")
+ "BL2_BASE address is not aligned on a page boundary.")
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
#if ENABLE_RME
*bl2_rme_entrypoint.o(.text*)
#else /* ENABLE_RME */
*bl2_entrypoint.o(.text*)
#endif /* ENABLE_RME */
+
*(SORT_BY_ALIGNMENT(.text*))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
} >RAM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
+ /* .ARM.extab and .ARM.exidx are only added because Clang needs them */
.ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
} >RAM
@@ -47,39 +50,41 @@
.rodata . : {
__RODATA_START__ = .;
+
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
+
__RODATA_END__ = .;
} >RAM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*bl2_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
*(.vectors)
+
__RO_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked as
- * read-only, executable. No RW data from the next section must
- * creep in. Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as read-only,
+ * executable. No RW data from the next section must creep in. Ensure
+ * that the rest of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__RO_END__ = .;
} >RAM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ __RW_START__ = .;
DATA_SECTION >RAM
STACK_SECTION >RAM
@@ -88,29 +93,27 @@
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure the rest of
+ * the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
-#endif
+#endif /* USE_COHERENT_MEM */
- /*
- * Define a linker symbol to mark end of the RW memory area for this
- * image.
- */
__RW_END__ = .;
__BL2_END__ = .;
@@ -119,7 +122,7 @@
#if USE_COHERENT_MEM
__COHERENT_RAM_UNALIGNED_SIZE__ =
__COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__;
-#endif
+#endif /* USE_COHERENT_MEM */
ASSERT(. <= BL2_LIMIT, "BL2 image has exceeded its limit.")
}
diff --git a/bl2/bl2.mk b/bl2/bl2.mk
index 7a973e5..778e2c3 100644
--- a/bl2/bl2.mk
+++ b/bl2/bl2.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -23,12 +23,12 @@
bl2/${ARCH}/bl2_el3_exceptions.S \
bl2/${ARCH}/bl2_run_next_image.S \
${GPT_LIB_SRCS}
-BL2_LINKERFILE := bl2/bl2.ld.S
+BL2_DEFAULT_LINKER_SCRIPT_SOURCE := bl2/bl2.ld.S
-else ifeq (${BL2_AT_EL3},0)
+else ifeq (${RESET_TO_BL2},0)
# Normal operation, no RME, no BL2 at EL3
BL2_SOURCES += bl2/${ARCH}/bl2_entrypoint.S
-BL2_LINKERFILE := bl2/bl2.ld.S
+BL2_DEFAULT_LINKER_SCRIPT_SOURCE := bl2/bl2.ld.S
else
# BL2 at EL3, no RME
@@ -46,5 +46,5 @@
BL2_SOURCES += lib/cpus/aarch64/dsu_helpers.S
endif
-BL2_LINKERFILE := bl2/bl2_el3.ld.S
+BL2_DEFAULT_LINKER_SCRIPT_SOURCE := bl2/bl2_el3.ld.S
endif
diff --git a/bl2/bl2_el3.ld.S b/bl2/bl2_el3.ld.S
index c95706c..aa457fa 100644
--- a/bl2/bl2_el3.ld.S
+++ b/bl2/bl2_el3.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,140 +15,158 @@
#if BL2_IN_XIP_MEM
ROM (rx): ORIGIN = BL2_RO_BASE, LENGTH = BL2_RO_LIMIT - BL2_RO_BASE
RAM (rwx): ORIGIN = BL2_RW_BASE, LENGTH = BL2_RW_LIMIT - BL2_RW_BASE
-#else
+#else /* BL2_IN_XIP_MEM */
RAM (rwx): ORIGIN = BL2_BASE, LENGTH = BL2_LIMIT - BL2_BASE
-#endif
+#endif /* BL2_IN_XIP_MEM */
+
#if SEPARATE_BL2_NOLOAD_REGION
RAM_NOLOAD (rw!a): ORIGIN = BL2_NOLOAD_START, LENGTH = BL2_NOLOAD_LIMIT - BL2_NOLOAD_START
-#else
-#define RAM_NOLOAD RAM
-#endif
+#else /* SEPARATE_BL2_NOLOAD_REGION */
+# define RAM_NOLOAD RAM
+#endif /* SEPARATE_BL2_NOLOAD_REGION */
}
#if !BL2_IN_XIP_MEM
-#define ROM RAM
-#endif
+# define ROM RAM
+#endif /* !BL2_IN_XIP_MEM */
-SECTIONS
-{
+SECTIONS {
#if BL2_IN_XIP_MEM
. = BL2_RO_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL2_RO_BASE address is not aligned on a page boundary.")
-#else
+ "BL2_RO_BASE address is not aligned on a page boundary.")
+#else /* BL2_IN_XIP_MEM */
. = BL2_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL2_BASE address is not aligned on a page boundary.")
-#endif
+ "BL2_BASE address is not aligned on a page boundary.")
+#endif /* BL2_IN_XIP_MEM */
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
- __TEXT_RESIDENT_START__ = .;
- *bl2_el3_entrypoint.o(.text*)
- *(.text.asm.*)
- __TEXT_RESIDENT_END__ = .;
+ __TEXT_RESIDENT_START__ = .;
+
+ *bl2_el3_entrypoint.o(.text*)
+ *(.text.asm.*)
+
+ __TEXT_RESIDENT_END__ = .;
+
*(SORT_BY_ALIGNMENT(.text*))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
- } >ROM
+ } >ROM
.rodata . : {
__RODATA_START__ = .;
+
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
+
__RODATA_END__ = .;
} >ROM
ASSERT(__TEXT_RESIDENT_END__ - __TEXT_RESIDENT_START__ <= PAGE_SIZE,
- "Resident part of BL2 has exceeded its limit.")
-#else
- ro . : {
+ "Resident part of BL2 has exceeded its limit.")
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
- __TEXT_RESIDENT_START__ = .;
- *bl2_el3_entrypoint.o(.text*)
- *(.text.asm.*)
- __TEXT_RESIDENT_END__ = .;
+ __TEXT_RESIDENT_START__ = .;
+
+ *bl2_el3_entrypoint.o(.text*)
+ *(.text.asm.*)
+
+ __TEXT_RESIDENT_END__ = .;
+
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
*(.vectors)
+
__RO_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked as
- * read-only, executable. No RW data from the next section must
- * creep in. Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as read-only,
+ * executable. No RW data from the next section must creep in. Ensure
+ * that the rest of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
__RO_END__ = .;
} >ROM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
ASSERT(__CPU_OPS_END__ > __CPU_OPS_START__,
- "cpu_ops not defined for this platform.")
+ "cpu_ops not defined for this platform.")
#if BL2_IN_XIP_MEM
. = BL2_RW_BASE;
+
ASSERT(BL2_RW_BASE == ALIGN(PAGE_SIZE),
"BL2_RW_BASE address is not aligned on a page boundary.")
-#endif
+#endif /* BL2_IN_XIP_MEM */
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ __RW_START__ = .;
DATA_SECTION >RAM AT>ROM
+
__DATA_RAM_START__ = __DATA_START__;
__DATA_RAM_END__ = __DATA_END__;
RELA_SECTION >RAM
+
#if SEPARATE_BL2_NOLOAD_REGION
SAVED_ADDR = .;
+
. = BL2_NOLOAD_START;
+
__BL2_NOLOAD_START__ = .;
-#endif
+#endif /* SEPARATE_BL2_NOLOAD_REGION */
+
STACK_SECTION >RAM_NOLOAD
BSS_SECTION >RAM_NOLOAD
XLAT_TABLE_SECTION >RAM_NOLOAD
+
#if SEPARATE_BL2_NOLOAD_REGION
__BL2_NOLOAD_END__ = .;
+
. = SAVED_ADDR;
-#endif
+#endif /* SEPARATE_BL2_NOLOAD_REGION */
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+
+ *(.tzfw_coherent_mem)
+
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure the rest of
+ * the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
-#endif
+#endif /* USE_COHERENT_MEM */
- /*
- * Define a linker symbol to mark end of the RW memory area for this
- * image.
- */
__RW_END__ = .;
__BL2_END__ = .;
@@ -165,23 +183,24 @@
/*
* The .data section is the last PROGBITS section so its end marks the end
- * of BL2's RO content in XIP memory..
+ * of BL2's RO content in XIP memory.
*/
__BL2_ROM_END__ = __DATA_ROM_START__ + __DATA_SIZE__;
+
ASSERT(__BL2_ROM_END__ <= BL2_RO_LIMIT,
"BL2's RO content has exceeded its limit.")
-#endif
- __BSS_SIZE__ = SIZEOF(.bss);
+#endif /* BL2_IN_XIP_MEM */
+ __BSS_SIZE__ = SIZEOF(.bss);
#if USE_COHERENT_MEM
__COHERENT_RAM_UNALIGNED_SIZE__ =
__COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__;
-#endif
+#endif /* USE_COHERENT_MEM */
#if BL2_IN_XIP_MEM
ASSERT(. <= BL2_RW_LIMIT, "BL2's RW content has exceeded its limit.")
-#else
+#else /* BL2_IN_XIP_MEM */
ASSERT(. <= BL2_LIMIT, "BL2 image has exceeded its limit.")
-#endif
+#endif /* BL2_IN_XIP_MEM */
}
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index 5da8037..ce83692 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,9 +27,9 @@
#define NEXT_IMAGE "BL32"
#endif
-#if BL2_AT_EL3
+#if RESET_TO_BL2
/*******************************************************************************
- * Setup function for BL2 when BL2_AT_EL3=1
+ * Setup function for BL2 when RESET_TO_BL2=1
******************************************************************************/
void bl2_el3_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
u_register_t arg3)
@@ -48,9 +48,10 @@
assert(is_armv8_3_pauth_present());
#endif /* CTX_INCLUDE_PAUTH_REGS */
}
-#else /* BL2_AT_EL3 */
+#else /* RESET_TO_BL2 */
+
/*******************************************************************************
- * Setup function for BL2 when BL2_AT_EL3=0
+ * Setup function for BL2 when RESET_TO_BL2=0
******************************************************************************/
void bl2_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
u_register_t arg3)
@@ -69,7 +70,7 @@
assert(is_armv8_3_pauth_present());
#endif /* CTX_INCLUDE_PAUTH_REGS */
}
-#endif /* BL2_AT_EL3 */
+#endif /* RESET_TO_BL2 */
/*******************************************************************************
* The only thing to do in BL2 is to load further images and pass control to
@@ -107,7 +108,7 @@
/* Teardown the Measured Boot backend */
bl2_plat_mboot_finish();
-#if !BL2_AT_EL3 && !ENABLE_RME
+#if !BL2_RUNS_AT_EL3
#ifndef __aarch64__
/*
* For AArch32 state BL1 and BL2 share the MMU setup.
@@ -132,7 +133,8 @@
* be passed to next BL image as an argument.
*/
smc(BL1_SMC_RUN_IMAGE, (unsigned long)next_bl_ep_info, 0, 0, 0, 0, 0, 0);
-#else /* if BL2_AT_EL3 || ENABLE_RME */
+#else /* if BL2_RUNS_AT_EL3 */
+
NOTICE("BL2: Booting " NEXT_IMAGE "\n");
print_entry_point_info(next_bl_ep_info);
console_flush();
@@ -145,5 +147,5 @@
#endif /* ENABLE_PAUTH */
bl2_run_next_image(next_bl_ep_info);
-#endif /* BL2_AT_EL3 && ENABLE_RME */
+#endif /* BL2_RUNS_AT_EL3 */
}
diff --git a/bl2u/bl2u.ld.S b/bl2u/bl2u.ld.S
index a7752a4..52a925b 100644
--- a/bl2u/bl2u.ld.S
+++ b/bl2u/bl2u.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,67 +17,69 @@
RAM (rwx): ORIGIN = BL2U_BASE, LENGTH = BL2U_LIMIT - BL2U_BASE
}
-
-SECTIONS
-{
+SECTIONS {
. = BL2U_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL2U_BASE address is not aligned on a page boundary.")
+ "BL2U_BASE address is not aligned on a page boundary.")
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
*bl2u_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
- } >RAM
+ } >RAM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
- .ARM.extab . : {
+ /* .ARM.extab and .ARM.exidx are only added because Clang needs them */
+ .ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
- } >RAM
+ } >RAM
- .ARM.exidx . : {
+ .ARM.exidx . : {
*(.ARM.exidx* .gnu.linkonce.armexidx.*)
- } >RAM
+ } >RAM
.rodata . : {
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
__RODATA_END__ = .;
} >RAM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*bl2u_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
*(.vectors)
+
__RO_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked as
- * read-only, executable. No RW data from the next section must
- * creep in. Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as read-only,
+ * executable. No RW data from the next section must creep in. Ensure
+ * that the rest of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__RO_END__ = .;
} >RAM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ __RW_START__ = .;
DATA_SECTION >RAM
STACK_SECTION >RAM
@@ -86,29 +88,27 @@
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure the rest of
+ * the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
-#endif
+#endif /* USE_COHERENT_MEM */
- /*
- * Define a linker symbol to mark end of the RW memory area for this
- * image.
- */
__RW_END__ = .;
__BL2U_END__ = .;
diff --git a/bl2u/bl2u.mk b/bl2u/bl2u.mk
index b4d7634..9f29bde 100644
--- a/bl2u/bl2u.mk
+++ b/bl2u/bl2u.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,4 +12,4 @@
BL2U_SOURCES += common/aarch64/early_exceptions.S
endif
-BL2U_LINKERFILE := bl2u/bl2u.ld.S
+BL2U_DEFAULT_LINKER_SCRIPT_SOURCE := bl2u/bl2u.ld.S
diff --git a/bl31/aarch64/crash_reporting.S b/bl31/aarch64/crash_reporting.S
index d56b513..4cec110 100644
--- a/bl31/aarch64/crash_reporting.S
+++ b/bl31/aarch64/crash_reporting.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,8 +15,8 @@
.globl report_unhandled_exception
.globl report_unhandled_interrupt
- .globl el3_panic
- .globl elx_panic
+ .globl report_el3_panic
+ .globl report_elx_panic
#if CRASH_REPORTING
@@ -64,7 +64,7 @@
x30_msg:
.asciz "x30"
excpt_msg_el:
- .asciz "Unhandled Exception from EL"
+ .asciz "Unhandled Exception from lower EL.\n"
/*
* Helper function to print from crash buf.
@@ -194,28 +194,20 @@
/* -----------------------------------------------------
* This function allows to report a crash from the lower
* exception level (if crash reporting is enabled) when
- * panic() is invoked from C Runtime.
+ * lower_el_panic() is invoked from C Runtime.
* It prints the CPU state via the crash console making
* use of 'cpu_context' structure where general purpose
* registers are saved and the crash buf.
* This function will not return.
- *
- * x0: Exception level
* -----------------------------------------------------
*/
-func elx_panic
+func report_elx_panic
msr spsel, #MODE_SP_ELX
- mov x8, x0
/* Print the crash message */
adr x4, excpt_msg_el
bl asm_print_str
- /* Print exception level */
- add x0, x8, #'0'
- bl plat_crash_console_putc
- bl asm_print_newline
-
/* Report x0 - x29 values stored in 'gpregs_ctx' structure */
/* Store the ascii list pointer in x6 */
adr x6, gp_regs
@@ -295,7 +287,7 @@
mrs x2, sctlr_el1
mrs x1, tcr_el1
b test_pauth
-endfunc elx_panic
+endfunc report_elx_panic
/* -----------------------------------------------------
* This function allows to report a crash (if crash
@@ -305,7 +297,7 @@
* will not return.
* -----------------------------------------------------
*/
-func el3_panic
+func report_el3_panic
msr spsel, #MODE_SP_ELX
prepare_crash_buf_save_x0_x1
adr x0, panic_msg
@@ -463,7 +455,7 @@
/* Done reporting */
no_ret plat_panic_handler
-endfunc el3_panic
+endfunc report_el3_panic
#else /* CRASH_REPORTING */
func report_unhandled_exception
diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S
index dbb3234..9419476 100644
--- a/bl31/aarch64/ea_delegate.S
+++ b/bl31/aarch64/ea_delegate.S
@@ -16,9 +16,8 @@
#include <context.h>
.globl handle_lower_el_ea_esb
- .globl handle_lower_el_async_ea
- .globl enter_lower_el_sync_ea
- .globl enter_lower_el_async_ea
+ .globl handle_lower_el_sync_ea
+ .globl handle_lower_el_async_ea
/*
@@ -42,17 +41,12 @@
* Implementation Defined Exceptions. If any other kind of exception is detected,
* then this function reports unhandled exception.
*
- * Since it's part of exception vector, this function doesn't expect any GP
- * registers to have been saved. It delegates the handling of the EA to platform
- * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
+ * It delegates the handling of the EA to platform handler, and upon successfully
+ * handling the EA, exits EL3; otherwise panics.
+ *
+ * This function assumes x30 has been saved.
*/
-func enter_lower_el_sync_ea
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching.
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
-
+func handle_lower_el_sync_ea
mrs x30, esr_el3
ubfx x30, x30, #ESR_EC_SHIFT, #ESR_EC_LENGTH
@@ -114,24 +108,19 @@
/* Synchronous exceptions other than the above are assumed to be EA */
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
no_ret report_unhandled_exception
-endfunc enter_lower_el_sync_ea
+endfunc handle_lower_el_sync_ea
/*
* This function handles SErrors from lower ELs.
*
- * Since it's part of exception vector, this function doesn't expect any GP
- * registers to have been saved. It delegates the handling of the EA to platform
- * handler, and upon successfully handling the EA, exits EL3; otherwise panics.
+ * It delegates the handling of the EA to platform handler, and upon successfully
+ * handling the EA, exits EL3; otherwise panics.
+ *
+ * This function assumes x30 has been saved.
*/
-func enter_lower_el_async_ea
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+func handle_lower_el_async_ea
-handle_lower_el_async_ea:
/*
* Save general purpose and ARMv8.3-PAuth registers (if enabled).
* If Secure Cycle Counter is not disabled in MDCR_EL3 when
@@ -153,7 +142,7 @@
/* el3_exit assumes SP_EL0 on entry */
msr spsel, #MODE_SP_EL0
b el3_exit
-endfunc enter_lower_el_async_ea
+endfunc handle_lower_el_async_ea
/*
@@ -201,7 +190,7 @@
*/
ubfx x2, x1, #ESR_EC_SHIFT, #ESR_EC_LENGTH
cmp x2, EC_SERROR
- b.ne do_panic
+ b.ne el3_panic
/*
* Check for Implementation Defined Syndrome. If so, skip checking
* Uncontainable error type from the syndrome as the format is unknown.
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index 0c60859..500e87b 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -40,6 +40,14 @@
.globl serror_aarch32
/*
+ * Save LR and make x30 available as most of the routines in vector entry
+ * need a free register
+ */
+ .macro save_x30
+ str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ .endm
+
+ /*
* Macro that prepares entry to EL3 upon taking an exception.
*
* With RAS_EXTENSION, this macro synchronizes pending errors with an ESB
@@ -58,12 +66,6 @@
/* Unmask the SError interrupt */
msr daifclr, #DAIF_ABT_BIT
- /*
- * Explicitly save x30 so as to free up a register and to enable
- * branching
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
-
/* Check for SErrors synchronized by the ESB instruction */
mrs x30, DISR_EL1
tbz x30, #DISR_A_BIT, 1f
@@ -108,11 +110,7 @@
/* Use ISB for the above unmask operation to take effect immediately */
isb
- /*
- * Refer Note 1.
- * No need to restore X30 as macros following this modify x30 anyway.
- */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ /* Refer Note 1. */
mov x30, #1
str x30, [sp, #CTX_EL3STATE_OFFSET + CTX_IS_IN_EL3]
dmb sy
@@ -153,7 +151,7 @@
/* Synchronous exceptions other than the above are assumed to be EA */
ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
- b enter_lower_el_sync_ea
+ b handle_lower_el_sync_ea
.endm
@@ -316,7 +314,7 @@
* triggered due to explicit synchronization in EL3. Refer Note 1.
*/
/* Assumes SP_EL3 on entry */
- str x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]
+ save_x30
ldr x30, [sp, #CTX_EL3STATE_OFFSET + CTX_IS_IN_EL3]
cbnz x30, 1f
@@ -338,32 +336,36 @@
* to a valid cpu context where the general purpose and system register
* state can be saved.
*/
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_sync_exception
end_vector_entry sync_exception_aarch64
vector_entry irq_aarch64
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception irq_aarch64
end_vector_entry irq_aarch64
vector_entry fiq_aarch64
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception fiq_aarch64
end_vector_entry fiq_aarch64
vector_entry serror_aarch64
+ save_x30
apply_at_speculative_wa
#if RAS_EXTENSION
msr daifclr, #DAIF_ABT_BIT
- b enter_lower_el_async_ea
#else
check_and_unmask_ea
- b handle_lower_el_async_ea
#endif
+ b handle_lower_el_async_ea
+
end_vector_entry serror_aarch64
/* ---------------------------------------------------------------------
@@ -377,32 +379,36 @@
* to a valid cpu context where the general purpose and system register
* state can be saved.
*/
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_sync_exception
end_vector_entry sync_exception_aarch32
vector_entry irq_aarch32
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception irq_aarch32
end_vector_entry irq_aarch32
vector_entry fiq_aarch32
+ save_x30
apply_at_speculative_wa
check_and_unmask_ea
handle_interrupt_exception fiq_aarch32
end_vector_entry fiq_aarch32
vector_entry serror_aarch32
+ save_x30
apply_at_speculative_wa
#if RAS_EXTENSION
msr daifclr, #DAIF_ABT_BIT
- b enter_lower_el_async_ea
#else
check_and_unmask_ea
- b handle_lower_el_async_ea
#endif
+ b handle_lower_el_async_ea
+
end_vector_entry serror_aarch32
#ifdef MONITOR_TRAPS
@@ -563,7 +569,7 @@
*/
tst w0, w0
- b.mi do_panic /* negative return value: panic */
+ b.mi elx_panic /* negative return value: panic */
b.eq 1f /* zero: do not change ELR_EL3 */
/* advance the PC to continue after the instruction */
diff --git a/bl31/bl31.ld.S b/bl31/bl31.ld.S
index 309e752..c829058 100644
--- a/bl31/bl31.ld.S
+++ b/bl31/bl31.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,137 +11,145 @@
OUTPUT_ARCH(PLATFORM_LINKER_ARCH)
ENTRY(bl31_entrypoint)
-
MEMORY {
RAM (rwx): ORIGIN = BL31_BASE, LENGTH = BL31_LIMIT - BL31_BASE
+
#if SEPARATE_NOBITS_REGION
NOBITS (rw!a): ORIGIN = BL31_NOBITS_BASE, LENGTH = BL31_NOBITS_LIMIT - BL31_NOBITS_BASE
-#else
-#define NOBITS RAM
-#endif
+#else /* SEPARATE_NOBITS_REGION */
+# define NOBITS RAM
+#endif /* SEPARATE_NOBITS_REGION */
}
#ifdef PLAT_EXTRA_LD_SCRIPT
-#include <plat.ld.S>
-#endif
+# include <plat.ld.S>
+#endif /* PLAT_EXTRA_LD_SCRIPT */
-SECTIONS
-{
+SECTIONS {
. = BL31_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL31_BASE address is not aligned on a page boundary.")
+ "BL31_BASE address is not aligned on a page boundary.")
__BL31_START__ = .;
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
*bl31_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(SORT(.text*)))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
} >RAM
.rodata . : {
__RODATA_START__ = .;
+
*(SORT_BY_ALIGNMENT(.rodata*))
-#if PLAT_EXTRA_RODATA_INCLUDES
-#include <plat.ld.rodata.inc>
-#endif
+# if PLAT_EXTRA_RODATA_INCLUDES
+# include <plat.ld.rodata.inc>
+# endif /* PLAT_EXTRA_RODATA_INCLUDES */
- RODATA_COMMON
+ RODATA_COMMON
- /* Place pubsub sections for events */
. = ALIGN(8);
-#include <lib/el3_runtime/pubsub_events.h>
+
+# include <lib/el3_runtime/pubsub_events.h>
. = ALIGN(PAGE_SIZE);
+
__RODATA_END__ = .;
} >RAM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*bl31_entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
- /* Place pubsub sections for events */
. = ALIGN(8);
-#include <lib/el3_runtime/pubsub_events.h>
+
+# include <lib/el3_runtime/pubsub_events.h>
*(.vectors)
+
__RO_END_UNALIGNED__ = .;
+
/*
* Memory page(s) mapped to this section will be marked as read-only,
- * executable. No RW data from the next section must creep in.
- * Ensure the rest of the current memory page is unused.
+ * executable. No RW data from the next section must creep in. Ensure
+ * that the rest of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__RO_END__ = .;
} >RAM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
ASSERT(__CPU_OPS_END__ > __CPU_OPS_START__,
- "cpu_ops not defined for this platform.")
+ "cpu_ops not defined for this platform.")
#if SPM_MM
-#ifndef SPM_SHIM_EXCEPTIONS_VMA
-#define SPM_SHIM_EXCEPTIONS_VMA RAM
-#endif
+# ifndef SPM_SHIM_EXCEPTIONS_VMA
+# define SPM_SHIM_EXCEPTIONS_VMA RAM
+# endif /* SPM_SHIM_EXCEPTIONS_VMA */
/*
* Exception vectors of the SPM shim layer. They must be aligned to a 2K
- * address, but we need to place them in a separate page so that we can set
- * individual permissions to them, so the actual alignment needed is 4K.
+ * address but we need to place them in a separate page so that we can set
+ * individual permissions on them, so the actual alignment needed is the
+ * page size.
*
* There's no need to include this into the RO section of BL31 because it
* doesn't need to be accessed by BL31.
*/
- spm_shim_exceptions : ALIGN(PAGE_SIZE) {
+ .spm_shim_exceptions : ALIGN(PAGE_SIZE) {
__SPM_SHIM_EXCEPTIONS_START__ = .;
+
*(.spm_shim_exceptions)
+
. = ALIGN(PAGE_SIZE);
+
__SPM_SHIM_EXCEPTIONS_END__ = .;
} >SPM_SHIM_EXCEPTIONS_VMA AT>RAM
- PROVIDE(__SPM_SHIM_EXCEPTIONS_LMA__ = LOADADDR(spm_shim_exceptions));
- . = LOADADDR(spm_shim_exceptions) + SIZEOF(spm_shim_exceptions);
-#endif
+ PROVIDE(__SPM_SHIM_EXCEPTIONS_LMA__ = LOADADDR(.spm_shim_exceptions));
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ . = LOADADDR(.spm_shim_exceptions) + SIZEOF(.spm_shim_exceptions);
+#endif /* SPM_MM */
+
+ __RW_START__ = .;
DATA_SECTION >RAM
RELA_SECTION >RAM
#ifdef BL31_PROGBITS_LIMIT
ASSERT(. <= BL31_PROGBITS_LIMIT, "BL31 progbits has exceeded its limit.")
-#endif
+#endif /* BL31_PROGBITS_LIMIT */
#if SEPARATE_NOBITS_REGION
- /*
- * Define a linker symbol to mark end of the RW memory area for this
- * image.
- */
. = ALIGN(PAGE_SIZE);
+
__RW_END__ = .;
__BL31_END__ = .;
ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
. = BL31_NOBITS_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL31 NOBITS base address is not aligned on a page boundary.")
+ "BL31 NOBITS base address is not aligned on a page boundary.")
__NOBITS_START__ = .;
-#endif
+#endif /* SEPARATE_NOBITS_REGION */
STACK_SECTION >NOBITS
BSS_SECTION >NOBITS
@@ -149,49 +157,44 @@
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
+
/*
- * Bakery locks are stored in coherent memory
- *
- * Each lock's data is contiguous and fully allocated by the compiler
+ * Bakery locks are stored in coherent memory. Each lock's data is
+ * contiguous and fully allocated by the compiler.
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
+
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure the rest of
+ * the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >NOBITS
-#endif
+#endif /* USE_COHERENT_MEM */
#if SEPARATE_NOBITS_REGION
- /*
- * Define a linker symbol to mark end of the NOBITS memory area for this
- * image.
- */
__NOBITS_END__ = .;
ASSERT(. <= BL31_NOBITS_LIMIT, "BL31 NOBITS region has exceeded its limit.")
-#else
- /*
- * Define a linker symbol to mark end of the RW memory area for this
- * image.
- */
+#else /* SEPARATE_NOBITS_REGION */
__RW_END__ = .;
__BL31_END__ = .;
ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
-#endif
+#endif /* SEPARATE_NOBITS_REGION */
/DISCARD/ : {
*(.dynsym .dynstr .hash .gnu.hash)
diff --git a/bl31/bl31.mk b/bl31/bl31.mk
index ac15f9f..e9590d5 100644
--- a/bl31/bl31.mk
+++ b/bl31/bl31.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -112,11 +112,11 @@
BL31_SOURCES += lib/extensions/mpam/mpam.c
endif
-ifeq (${ENABLE_TRBE_FOR_NS},1)
+ifneq (${ENABLE_TRBE_FOR_NS},0)
BL31_SOURCES += lib/extensions/trbe/trbe.c
endif
-ifeq (${ENABLE_BRBE_FOR_NS},1)
+ifneq (${ENABLE_BRBE_FOR_NS},0)
BL31_SOURCES += lib/extensions/brbe/brbe.c
endif
@@ -124,7 +124,7 @@
BL31_SOURCES += lib/extensions/sys_reg_trace/aarch64/sys_reg_trace.c
endif
-ifeq (${ENABLE_TRF_FOR_NS},1)
+ifneq (${ENABLE_TRF_FOR_NS},0)
BL31_SOURCES += lib/extensions/trf/aarch64/trf.c
endif
@@ -157,7 +157,7 @@
${MBEDTLS_SOURCES}
endif
-BL31_LINKERFILE := bl31/bl31.ld.S
+BL31_DEFAULT_LINKER_SCRIPT_SOURCE := bl31/bl31.ld.S
# Flag used to indicate if Crash reporting via console should be included
# in BL31. This defaults to being present in DEBUG builds only
diff --git a/bl32/sp_min/sp_min.ld.S b/bl32/sp_min/sp_min.ld.S
index 475affa..1695e1e 100644
--- a/bl32/sp_min/sp_min.ld.S
+++ b/bl32/sp_min/sp_min.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,130 +16,132 @@
}
#ifdef PLAT_SP_MIN_EXTRA_LD_SCRIPT
-#include <plat_sp_min.ld.S>
-#endif
+# include <plat_sp_min.ld.S>
+#endif /* PLAT_SP_MIN_EXTRA_LD_SCRIPT */
-SECTIONS
-{
+SECTIONS {
. = BL32_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL32_BASE address is not aligned on a page boundary.")
+ "BL32_BASE address is not aligned on a page boundary.")
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
*entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
} >RAM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
- .ARM.extab . : {
+ /* .ARM.extab and .ARM.exidx are only added because Clang needs them */
+ .ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
- } >RAM
+ } >RAM
- .ARM.exidx . : {
+ .ARM.exidx . : {
*(.ARM.exidx* .gnu.linkonce.armexidx.*)
- } >RAM
+ } >RAM
.rodata . : {
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
- /* Place pubsub sections for events */
. = ALIGN(8);
-#include <lib/el3_runtime/pubsub_events.h>
+
+# include <lib/el3_runtime/pubsub_events.h>
. = ALIGN(PAGE_SIZE);
+
__RODATA_END__ = .;
} >RAM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*entrypoint.o(.text*)
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- RODATA_COMMON
+ RODATA_COMMON
- /* Place pubsub sections for events */
. = ALIGN(8);
-#include <lib/el3_runtime/pubsub_events.h>
+
+# include <lib/el3_runtime/pubsub_events.h>
*(.vectors)
+
__RO_END_UNALIGNED__ = .;
/*
- * Memory page(s) mapped to this section will be marked as
- * read-only, executable. No RW data from the next section must
- * creep in. Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure that the rest
+ * of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__RO_END__ = .;
} >RAM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
ASSERT(__CPU_OPS_END__ > __CPU_OPS_START__,
- "cpu_ops not defined for this platform.")
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ "cpu_ops not defined for this platform.")
+
+ __RW_START__ = .;
DATA_SECTION >RAM
RELA_SECTION >RAM
#ifdef BL32_PROGBITS_LIMIT
ASSERT(. <= BL32_PROGBITS_LIMIT, "BL32 progbits has exceeded its limit.")
-#endif
+#endif /* BL32_PROGBITS_LIMIT */
STACK_SECTION >RAM
BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
- __BSS_SIZE__ = SIZEOF(.bss);
+ __BSS_SIZE__ = SIZEOF(.bss);
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct
* memory attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
+
/*
- * Bakery locks are stored in coherent memory
- *
- * Each lock's data is contiguous and fully allocated by the compiler
+ * Bakery locks are stored in coherent memory. Each lock's data is
+ * contiguous and fully allocated by the compiler.
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
+
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure that the rest
+ * of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
__COHERENT_RAM_UNALIGNED_SIZE__ =
__COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__;
-#endif
+#endif /* USE_COHERENT_MEM */
- /*
- * Define a linker symbol to mark the end of the RW memory area for this
- * image.
- */
__RW_END__ = .;
-
__BL32_END__ = .;
/DISCARD/ : {
diff --git a/bl32/sp_min/sp_min.mk b/bl32/sp_min/sp_min.mk
index ab1287d..2a6612a 100644
--- a/bl32/sp_min/sp_min.mk
+++ b/bl32/sp_min/sp_min.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -50,11 +50,11 @@
BL32_SOURCES += lib/extensions/sys_reg_trace/aarch32/sys_reg_trace.c
endif
-ifeq (${ENABLE_TRF_FOR_NS},1)
+ifneq (${ENABLE_TRF_FOR_NS},0)
BL32_SOURCES += lib/extensions/trf/aarch32/trf.c
endif
-BL32_LINKERFILE := bl32/sp_min/sp_min.ld.S
+BL32_DEFAULT_LINKER_SCRIPT_SOURCE := bl32/sp_min/sp_min.ld.S
# Include the platform-specific SP_MIN Makefile
# If no platform-specific SP_MIN Makefile exists, it means SP_MIN is not supported
diff --git a/bl32/tsp/tsp.ld.S b/bl32/tsp/tsp.ld.S
index d86ae55..a6658dd 100644
--- a/bl32/tsp/tsp.ld.S
+++ b/bl32/tsp/tsp.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,71 +11,73 @@
OUTPUT_ARCH(PLATFORM_LINKER_ARCH)
ENTRY(tsp_entrypoint)
-
MEMORY {
RAM (rwx): ORIGIN = TSP_SEC_MEM_BASE, LENGTH = TSP_SEC_MEM_SIZE
}
-
-SECTIONS
-{
+SECTIONS {
. = BL32_BASE;
+
ASSERT(. == ALIGN(PAGE_SIZE),
- "BL32_BASE address is not aligned on a page boundary.")
+ "BL32_BASE address is not aligned on a page boundary.")
#if SEPARATE_CODE_AND_RODATA
.text . : {
__TEXT_START__ = .;
+
*tsp_entrypoint.o(.text*)
*(.text*)
*(.vectors)
+
. = ALIGN(PAGE_SIZE);
+
__TEXT_END__ = .;
} >RAM
.rodata . : {
__RODATA_START__ = .;
+
*(.rodata*)
- RODATA_COMMON
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
+
__RODATA_END__ = .;
} >RAM
-#else
- ro . : {
+#else /* SEPARATE_CODE_AND_RODATA */
+ .ro . : {
__RO_START__ = .;
+
*tsp_entrypoint.o(.text*)
*(.text*)
*(.rodata*)
- RODATA_COMMON
+ RODATA_COMMON
*(.vectors)
__RO_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked as
- * read-only, executable. No RW data from the next section must
- * creep in. Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as read-only,
+ * executable. No RW data from the next section must creep in. Ensure
+ * that the rest of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__RO_END__ = .;
} >RAM
-#endif
+#endif /* SEPARATE_CODE_AND_RODATA */
- /*
- * Define a linker symbol to mark start of the RW memory area for this
- * image.
- */
- __RW_START__ = . ;
+ __RW_START__ = .;
DATA_SECTION >RAM
RELA_SECTION >RAM
#ifdef TSP_PROGBITS_LIMIT
ASSERT(. <= TSP_PROGBITS_LIMIT, "TSP progbits has exceeded its limit.")
-#endif
+#endif /* TSP_PROGBITS_LIMIT */
STACK_SECTION >RAM
BSS_SECTION >RAM
@@ -83,29 +85,27 @@
#if USE_COHERENT_MEM
/*
- * The base address of the coherent memory section must be page-aligned (4K)
- * to guarantee that the coherent data are stored on their own pages and
- * are not mixed with normal data. This is required to set up the correct
- * memory attributes for the coherent data page tables.
+ * The base address of the coherent memory section must be page-aligned to
+ * guarantee that the coherent data are stored on their own pages and are
+ * not mixed with normal data. This is required to set up the correct memory
+ * attributes for the coherent data page tables.
*/
- coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .coherent_ram (NOLOAD) : ALIGN(PAGE_SIZE) {
__COHERENT_RAM_START__ = .;
- *(tzfw_coherent_mem)
+ *(.tzfw_coherent_mem)
__COHERENT_RAM_END_UNALIGNED__ = .;
+
/*
- * Memory page(s) mapped to this section will be marked
- * as device memory. No other unexpected data must creep in.
- * Ensure the rest of the current memory page is unused.
+ * Memory page(s) mapped to this section will be marked as device
+ * memory. No other unexpected data must creep in. Ensure that the rest
+ * of the current memory page is unused.
*/
. = ALIGN(PAGE_SIZE);
+
__COHERENT_RAM_END__ = .;
} >RAM
-#endif
+#endif /* USE_COHERENT_MEM */
- /*
- * Define a linker symbol to mark the end of the RW memory area for this
- * image.
- */
__RW_END__ = .;
__BL32_END__ = .;
@@ -114,10 +114,11 @@
}
__BSS_SIZE__ = SIZEOF(.bss);
+
#if USE_COHERENT_MEM
__COHERENT_RAM_UNALIGNED_SIZE__ =
__COHERENT_RAM_END_UNALIGNED__ - __COHERENT_RAM_START__;
-#endif
+#endif /* USE_COHERENT_MEM */
ASSERT(. <= BL32_LIMIT, "BL32 image has exceeded its limit.")
}
diff --git a/bl32/tsp/tsp.mk b/bl32/tsp/tsp.mk
index c31b9b5..cfffbdb 100644
--- a/bl32/tsp/tsp.mk
+++ b/bl32/tsp/tsp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -22,7 +22,7 @@
common/aarch64/early_exceptions.S \
lib/locks/exclusive/aarch64/spinlock.S
-BL32_LINKERFILE := bl32/tsp/tsp.ld.S
+BL32_DEFAULT_LINKER_SCRIPT_SOURCE := bl32/tsp/tsp.ld.S
# This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous
# method) or configures BL31 to pass control to BL32 instead of BL33
diff --git a/common/aarch32/debug.S b/common/aarch32/debug.S
index ae0bb7a..2937f56 100644
--- a/common/aarch32/debug.S
+++ b/common/aarch32/debug.S
@@ -12,7 +12,7 @@
.globl asm_print_hex
.globl asm_print_hex_bits
.globl asm_assert
- .globl do_panic
+ .globl el3_panic
.globl report_exception
.globl report_prefetch_abort
.globl report_data_abort
@@ -159,14 +159,14 @@
endfunc asm_print_hex
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
panic_msg: .asciz "PANIC at PC : 0x"
panic_end: .asciz "\r\n"
-func do_panic
+func el3_panic
/* Have LR copy point to PC at the time of panic */
sub r6, lr, #4
@@ -194,7 +194,7 @@
_panic_handler:
mov lr, r6
b plat_panic_handler
-endfunc do_panic
+endfunc el3_panic
/***********************************************************
* This function is called from the vector table for
diff --git a/common/aarch64/debug.S b/common/aarch64/debug.S
index 742e022..8768a1f 100644
--- a/common/aarch64/debug.S
+++ b/common/aarch64/debug.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023 Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,7 +13,8 @@
.globl asm_print_hex_bits
.globl asm_print_newline
.globl asm_assert
- .globl do_panic
+ .globl el3_panic
+ .globl elx_panic
/* Since the max decimal input number is 65536 */
#define MAX_DEC_DIVISOR 10000
@@ -145,54 +146,33 @@
endfunc asm_print_newline
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
panic_msg: .asciz "PANIC at PC : 0x"
+func elx_panic
+#if CRASH_REPORTING && defined(IMAGE_BL31)
+ b report_elx_panic
+#endif /* CRASH_REPORTING && IMAGE_BL31 */
+
+ b panic_common
+endfunc elx_panic
+
/* ---------------------------------------------------------------------------
- * do_panic assumes that it is invoked from a C Runtime Environment ie a
+ * el3_panic assumes that it is invoked from a C Runtime Environment ie a
* valid stack exists. This call will not return.
* Clobber list : if CRASH_REPORTING is not enabled then x30, x0 - x6
* ---------------------------------------------------------------------------
*/
-/* This is for the non el3 BL stages to compile through */
- .weak el3_panic
- .weak elx_panic
-
-func do_panic
-#if CRASH_REPORTING
- str x0, [sp, #-0x10]!
- mrs x0, currentel
- ubfx x0, x0, #MODE_EL_SHIFT, #MODE_EL_WIDTH
- cmp x0, #MODE_EL3
-#if !HANDLE_EA_EL3_FIRST_NS
- ldr x0, [sp], #0x10
- b.eq el3_panic
-#else
- b.ne to_panic_common
-
- /* Check EL the exception taken from */
- mrs x0, spsr_el3
- ubfx x0, x0, #SPSR_EL_SHIFT, #SPSR_EL_WIDTH
- cmp x0, #MODE_EL3
- b.ne elx_panic
- ldr x0, [sp], #0x10
- b el3_panic
-
-to_panic_common:
- ldr x0, [sp], #0x10
-#endif /* HANDLE_EA_EL3_FIRST_NS */
-#endif /* CRASH_REPORTING */
+func el3_panic
+#if CRASH_REPORTING && defined(IMAGE_BL31)
+ b report_el3_panic
+#endif /* CRASH_REPORTING && IMAGE_BL31 */
panic_common:
-/*
- * el3_panic will be redefined by the BL31
- * crash reporting mechanism (if enabled)
- */
-el3_panic:
mov x6, x30
bl plat_crash_console_init
@@ -218,4 +198,5 @@
* called, not the address of the call from el3_panic. */
mov x30, x6
b plat_panic_handler
-endfunc do_panic
+
+endfunc el3_panic
diff --git a/common/feat_detect.c b/common/feat_detect.c
index a8c40f7..4099732 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -36,19 +36,28 @@
/*******************************************************************************
* Function : check_feature
* Check for a valid combination of build time flags (ENABLE_FEAT_xxx) and
- * feature availability on the hardware.
- * Panics if a feature is forcefully enabled, but not available on the PE.
+ * feature availability on the hardware. <min> is the smallest feature
+ * ID field value that is required for that feature.
+ * Triggers a panic later if a feature is forcefully enabled, but not
+ * available on the PE. Also will panic if the hardware feature ID field
+ * is larger than the maximum known and supported number, specified by <max>.
*
* We force inlining here to let the compiler optimise away the whole check
* if the feature is disabled at build time (FEAT_STATE_DISABLED).
******************************************************************************/
static inline void __attribute((__always_inline__))
-check_feature(int state, unsigned long field, const char *feat_name)
+check_feature(int state, unsigned long field, const char *feat_name,
+ unsigned int min, unsigned int max)
{
- if (state == FEAT_STATE_ALWAYS && field == 0U) {
+ if (state == FEAT_STATE_ALWAYS && field < min) {
ERROR("FEAT_%s not supported by the PE\n", feat_name);
tainted = true;
}
+ if (state >= FEAT_STATE_ALWAYS && field > max) {
+ ERROR("FEAT_%s is version %ld, but is only known up to version %d\n",
+ feat_name, field, max);
+ tainted = true;
+ }
}
/******************************************
@@ -153,16 +162,6 @@
#endif
}
-/****************************************************
- * Feature : FEAT_TRF (Self-hosted Trace Extensions)
- ***************************************************/
-static void read_feat_trf(void)
-{
-#if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_arm8_4_feat_trf_present(), "TRF");
-#endif
-}
-
/************************************************
* Feature : FEAT_MTE (Memory Tagging Extension)
***********************************************/
@@ -239,26 +238,6 @@
#endif
}
-/******************************************************
- * Feature : FEAT_BRBE (Branch Record Buffer Extension)
- *****************************************************/
-static void read_feat_brbe(void)
-{
-#if (ENABLE_BRBE_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_feat_brbe_present(), "BRBE");
-#endif
-}
-
-/******************************************************
- * Feature : FEAT_TRBE (Trace Buffer Extension)
- *****************************************************/
-static void read_feat_trbe(void)
-{
-#if (ENABLE_TRBE_FOR_NS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_feat_trbe_present(), "TRBE");
-#endif
-}
-
/******************************************************************
* Feature : FEAT_RNG_TRAP (Trapping support for RNDR/RNDRRS)
*****************************************************************/
@@ -312,11 +291,13 @@
/* v8.4 features */
read_feat_dit();
- check_feature(ENABLE_FEAT_AMUv1, read_feat_amu_id_field(), "AMUv1");
+ check_feature(ENABLE_FEAT_AMUv1, read_feat_amu_id_field(),
+ "AMUv1", 1, 2);
read_feat_mpam();
read_feat_nv2();
read_feat_sel2();
- read_feat_trf();
+ check_feature(ENABLE_TRF_FOR_NS, read_feat_trf_id_field(),
+ "TRF", 1, 1);
/* v8.5 features */
read_feat_mte();
@@ -326,16 +307,22 @@
/* v8.6 features */
read_feat_amuv1p1();
- check_feature(ENABLE_FEAT_FGT, read_feat_fgt_id_field(), "FGT");
+ check_feature(ENABLE_FEAT_FGT, read_feat_fgt_id_field(), "FGT", 1, 1);
read_feat_ecv();
read_feat_twed();
/* v8.7 features */
- check_feature(ENABLE_FEAT_HCX, read_feat_hcx_id_field(), "HCX");
+ check_feature(ENABLE_FEAT_HCX, read_feat_hcx_id_field(), "HCX", 1, 1);
+
+ /* v8.9 features */
+ check_feature(ENABLE_FEAT_TCR2, read_feat_tcrx_id_field(),
+ "TCR2", 1, 1);
/* v9.0 features */
- read_feat_brbe();
- read_feat_trbe();
+ check_feature(ENABLE_BRBE_FOR_NS, read_feat_brbe_id_field(),
+ "BRBE", 1, 2);
+ check_feature(ENABLE_TRBE_FOR_NS, read_feat_trbe_id_field(),
+ "TRBE", 1, 1);
/* v9.2 features */
read_feat_rme();
diff --git a/docs/components/ffa-manifest-binding.rst b/docs/components/ffa-manifest-binding.rst
index 7483c90..1061ca0 100644
--- a/docs/components/ffa-manifest-binding.rst
+++ b/docs/components/ffa-manifest-binding.rst
@@ -128,18 +128,19 @@
- This field supersedes the managed-exit field in the FF-A v1.0 spec.
+- other-s-interrupts-action
+ - value type: <u32>
+ - Specifies the action that the SPMC must take in response to a Other-Secure
+ physical interrupt.
+
+ - 0x0: Other-Secure interrupt is queued
+ - 0x1: Other-Secure interrupt is signaled
+
- has-primary-scheduler
- value type: <empty>
- Presence of this field indicates that the partition implements the primary
scheduler. If so, run-time EL must be EL1.
-- run-time-model
- - value type: <u32>
- - Run time model that the SPM must enforce for this SP:
-
- - 0x0: Run to completion
- - 0x1: Preemptible
-
- time-slice-mem
- value type: <empty>
- Presence of this field indicates that the partition doesn't expect the
@@ -286,6 +287,18 @@
- PPI: 0b01
- SGI: 0b00
+- interrupts-target
+ - value type: <prop-encoded-array>
+ - A list of (id, mpdir upper bits, mpidr lower bits) tuples describing which
+ mpidr the interrupt is routed to, where:
+
+ - id: The <u32> interrupt ID. Must be one of those specified in the
+ "interrupts" field.
+ - mpidr upper bits: The <u32> describing the upper bits of the 64 bits
+ mpidr
+ - mpidr lower bits: The <u32> describing the lower bits of the 64 bits
+ mpidr
+
- exclusive-access
- value type: <empty>
- Presence of this field implies that this endpoint must be granted exclusive
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index 9db29e6..8a20186 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -317,6 +317,10 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, and r1p2, and
it is still open.
+- ``ERRATA_A78_2742426``: This applies erratum 2742426 workaround to Cortex-A78
+ CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1 and r1p2 and
+ it is still open.
+
- ``ERRATA_A78_2772019``: This applies errata 2772019 workaround to Cortex-A78
CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, and r1p2, and
it is still open.
@@ -365,6 +369,10 @@
Cortex-A78C CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2.
This erratum is still open.
+- ``ERRATA_A78C_2779484`` : This applies errata 2779484 workaround to
+ Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2.
+ This erratum is still open.
+
For Cortex-X1 CPU, the following errata build flags are defined:
- ``ERRATA_X1_1821534`` : This applies errata 1821534 workaround to Cortex-X1
@@ -476,6 +484,10 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1 and r1p2 of the
CPU. It is still open.
+- ``ERRATA_V1_2743233``: This applies erratum 2743233 workaround to Neoverse-V1
+ CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, and r1p2 of the
+ CPU. It is still open.
+
- ``ERRATA_V1_2779461``: This applies erratum 2779461 workaround to Neoverse-V1
CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, r1p2 of the
CPU. It is still open.
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index 84bba18..97f3550 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -25,7 +25,6 @@
:ref:`Translation (XLAT) Tables Library`.
TF-A can be built to support either AArch64 or AArch32 execution state.
-
.. note::
The descriptions in this chapter are for the Arm TrustZone architecture.
@@ -484,8 +483,8 @@
as its only purpose is to ensure TF-A BL2 is entered at S-EL1. To avoid
this waste, a special mode enables BL2 to execute at EL3, which allows
a non-TF-A Boot ROM to load and jump directly to BL2. This mode is selected
-when the build flag BL2_AT_EL3 is enabled. The main differences in this
-mode are:
+when the build flag RESET_TO_BL2 is enabled.
+The main differences in this mode are:
#. BL2 includes the reset code and the mailbox mechanism to differentiate
cold boot and warm boot. It runs at EL3 doing the arch
@@ -900,7 +899,7 @@
A runtime service is registered using the ``DECLARE_RT_SVC()`` macro, specifying
the name of the service, the range of OENs covered, the type of service and
initialization and call handler functions. This macro instantiates a ``const struct rt_svc_desc`` for the service with these details (see ``runtime_svc.h``).
-This structure is allocated in a special ELF section ``rt_svc_descs``, enabling
+This structure is allocated in a special ELF section ``.rt_svc_descs``, enabling
the framework to find all service descriptors included into BL31.
The specific service for a SMC Function is selected based on the OEN and call
@@ -1330,7 +1329,7 @@
(priority, group, configuration). Each element of the array shall be populated
by the macro ``INTR_PROP_DESC()``. The macro takes the following arguments:
-- 10-bit interrupt number,
+- 13-bit interrupt number,
- 8-bit interrupt priority,
@@ -2165,7 +2164,7 @@
has been redesigned. The changes utilise the characteristic of Lamport's Bakery
algorithm mentioned earlier. The bakery_lock structure only allocates the memory
for a single CPU. The macro ``DEFINE_BAKERY_LOCK`` allocates all the bakery locks
-needed for a CPU into a section ``bakery_lock``. The linker allocates the memory
+needed for a CPU into a section ``.bakery_lock``. The linker allocates the memory
for other cores by using the total size allocated for the bakery_lock section
and multiplying it with (PLATFORM_CORE_COUNT - 1). This enables software to
perform software cache maintenance on the lock data structure without running
@@ -2193,7 +2192,7 @@
::
- bakery_lock section start
+ .bakery_lock section start
|----------------|
| `bakery_info_t`| <-- Lock_0 per-CPU field
| Lock_0 | for CPU0
@@ -2230,7 +2229,7 @@
Consider a system of 2 CPUs with 'N' bakery locks as shown above. For an
operation on Lock_N, the corresponding ``bakery_info_t`` in both CPU0 and CPU1
-``bakery_lock`` section need to be fetched and appropriate cache operations need
+``.bakery_lock`` section need to be fetched and appropriate cache operations need
to be performed for each access.
On Arm Platforms, bakery locks are used in psci (``psci_locks``) and power controller
@@ -2752,7 +2751,7 @@
--------------
-*Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
.. _Power State Coordination Interface PDD: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
diff --git a/docs/design_documents/index.rst b/docs/design_documents/index.rst
index 3e20c07..3d82e69 100644
--- a/docs/design_documents/index.rst
+++ b/docs/design_documents/index.rst
@@ -9,6 +9,7 @@
context_mgmt_rework
measured_boot_poc
drtm_poc
+ rss
--------------
diff --git a/docs/design_documents/rss.rst b/docs/design_documents/rss.rst
new file mode 100644
index 0000000..2be8067
--- /dev/null
+++ b/docs/design_documents/rss.rst
@@ -0,0 +1,611 @@
+Runtime Security Subsystem (RSS)
+================================
+
+This document focuses on the relationship between the Runtime Security Subsystem
+(RSS) and the application processor (AP). According to the ARM reference design
+the RSS is an independent core next to the AP and the SCP on the same die. It
+provides fundamental security guarantees and runtime services for the rest of
+the system (e.g.: trusted boot, measured boot, platform attestation,
+key management, and key derivation).
+
+At power up RSS boots first from its private ROM code. It validates and loads
+its own images and the initial images of SCP and AP. When AP and SCP are
+released from reset and their initial code is loaded then they continue their
+own boot process, which is the same as on non-RSS systems. Please refer to the
+``RSS documentation`` [1]_ for more details about the RSS boot flow.
+
+The last stage of the RSS firmware is a persistent, runtime component. Much
+like AP_BL31, this is a passive entity which has no periodical task to do and
+just waits for external requests from other subsystems. RSS and other
+subsystems can communicate with each other over message exchange. RSS waits
+in idle for the incoming request, handles them, and sends a response then goes
+back to idle.
+
+RSS communication layer
+-----------------------
+
+The communication between RSS and other subsystems are primarily relying on the
+Message Handling Unit (MHU) module. The number of MHU interfaces between RSS
+and other cores is IMPDEF. Besides MHU other modules also could take part in
+the communication. RSS is capable of mapping the AP memory to its address space.
+Thereby either RSS core itself or a DMA engine if it is present, can move the
+data between memory belonging to RSS or AP. In this way, a bigger amount of data
+can be transferred in a short time.
+
+The MHU comes in pairs. There is a sender and receiver side. They are connected
+to each other. An MHU interface consists of two pairs of MHUs, one sender and
+one receiver on both sides. Bidirectional communication is possible over an
+interface. One pair provides message sending from AP to RSS and the other pair
+from RSS to AP. The sender and receiver are connected via channels. There is an
+IMPDEF number of channels (e.g: 4-16) between a sender and a receiver module.
+
+The RSS communication layer provides two ways for message exchange:
+
+- ``Embedded messaging``: The full message, including header and payload, are
+ exchanged over the MHU channels. A channel is capable of delivering a single
+ word. The sender writes the data to the channel register on its side and the
+ receiver can read the data from the channel on the other side. One dedicated
+ channel is used for signalling. It does not deliver any payload it is just
+ meant for signalling that the sender loaded the data to the channel registers
+ so the receiver can read them. The receiver uses the same channel to signal
+ that data was read. Signalling happens via IRQ. If the message is longer than
+ the data fit to the channel registers then the message is sent over in
+ multiple rounds. Both, sender and receiver allocate a local buffer for the
+ messages. Data is copied from/to these buffers to/from the channel registers.
+- ``Pointer-access messaging``: The message header and the payload are
+ separated and they are conveyed in different ways. The header is sent
+ over the channels, similar to the embedded messaging but the payload is
+ copied over by RSS core (or by DMA) between the sender and the receiver. This
+ could be useful in the case of long messages because transaction time is less
+ compared to the embedded messaging mode. Small payloads are copied by the RSS
+ core because setting up DMA would require more CPU cycles. The payload is
+ either copied into an internal buffer or directly read-written by RSS. Actual
+ behavior depends on RSS setup, whether the partition supports memory-mapped
+ ``iovec``. Therefore, the sender must handle both cases and prevent access to
+ the memory, where payload data lives, while the RSS handles the request.
+
+The RSS communication layer supports both ways of messaging in parallel. It is
+decided at runtime based on the message size which way to transfer the message.
+
+.. code-block:: bash
+
+ +----------------------------------------------+ +-------------------+
+ | | | |
+ | AP | | |
+ | | +--->| SRAM |
+ +----------------------------------------------| | | |
+ | BL1 / BL2 / BL31 | | | |
+ +----------------------------------------------+ | +-------------------+
+ | ^ | ^ ^
+ | send IRQ | receive |direct | |
+ V | |access | |
+ +--------------------+ +--------------------+ | | |
+ | MHU sender | | MHU receiver | | | Copy data |
+ +--------------------+ +--------------------+ | | |
+ | | | | | | | | | | |
+ | | channels | | | | channels | | | | |
+ | | e.g: 4-16 | | | | e.g: 4-16 | | | V |
+ +--------------------+ +--------------------+ | +-------+ |
+ | MHU receiver | | MHU sender | | +->| DMA | |
+ +--------------------+ +--------------------+ | | +-------+ |
+ | ^ | | ^ |
+ IRQ | receive | send | | | Copy data |
+ V | | | V V
+ +----------------------------------------------+ | | +-------------------+
+ | |--+-+ | |
+ | RSS | | SRAM |
+ | | | |
+ +----------------------------------------------+ +-------------------+
+
+.. Note::
+
+ The RSS communication layer is not prepared for concurrent execution. The
+ current use case only requires message exchange during the boot phase. In
+ the boot phase, only a single core is running and the rest of the cores are
+ in reset.
+
+Message structure
+^^^^^^^^^^^^^^^^^
+A description of the message format can be found in the ``RSS communication
+design`` [2]_ document.
+
+Source files
+^^^^^^^^^^^^
+- RSS comms: ``drivers/arm/rss``
+- MHU driver: ``drivers/arm/mhu``
+
+
+API for communication over MHU
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+The API is defined in these header files:
+
+- ``include/drivers/arm/rss_comms.h``
+- ``include/drivers/arm/mhu.h``
+
+RSS provided runtime services
+-----------------------------
+
+RSS provides the following runtime services:
+
+- ``Measured boot``: Securely store the firmware measurements which were
+ computed during the boot process and the associated metadata (image
+ description, measurement algorithm, etc.). More info on measured boot service
+ in RSS can be found in the ``measured_boot_integration_guide`` [3]_ .
+- ``Delegated attestation``: Query the platform attestation token and derive a
+ delegated attestation key. More info on the delegated attestation service
+ in RSS can be found in the ``delegated_attestation_integration_guide`` [4]_ .
+- ``OTP assets management``: RSS provides access for AP to assets in OTP.
+ These are keys for image signature verification and non-volatile counters
+ for anti-rollback protection. Only RSS has direct access to the OTP. Public
+ keys used by AP during the trusted boot process can be requested from RSS.
+ Furthermore, AP can request RSS to increase a non-volatile counter. Please
+ refer to the ``RSS key management`` [5]_ document for more details.
+
+Runtime service API
+^^^^^^^^^^^^^^^^^^^
+The RSS provided runtime services implement a PSA aligned API. The parameter
+encoding follows the PSA client protocol described in the
+``Firmware Framework for M`` [6]_ document in chapter 4.4. The implementation is
+restricted to the static handle use case therefore only the ``psa_call`` API is
+implemented.
+
+
+Software and API layers
+^^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: bash
+
+ +----------------+ +---------------------+
+ | BL1 / BL2 | | BL31 |
+ +----------------+ +---------------------+
+ | |
+ | extend_measurement() | get_delegated_key()
+ | | get_platform_token()
+ V V
+ +----------------+ +---------------------+
+ | PSA protocol | | PSA protocol |
+ +----------------+ +---------------------+
+ | |
+ | psa_call() | psa_call()
+ | |
+ V V
+ +------------------------------------------------+
+ | RSS communication protocol |
+ +------------------------------------------------+
+ | ^
+ | mhu_send_data() | mhu_receive_data()
+ | |
+ V |
+ +------------------------------------------------+
+ | MHU driver |
+ +------------------------------------------------+
+ | ^
+ | Register access | IRQ
+ V |
+ +------------------------------------------------+
+ | MHU HW on AP side |
+ +------------------------------------------------+
+ ^
+ | Physical wires
+ |
+ V
+ +------------------------------------------------+
+ | MHU HW on RSS side |
+ +------------------------------------------------+
+ | ^
+ | IRQ | Register access
+ V |
+ +------------------------------------------------+
+ | MHU driver |
+ +------------------------------------------------+
+ | |
+ V V
+ +---------------+ +------------------------+
+ | Measured boot | | Delegated attestation |
+ | service | | service |
+ +---------------+ +------------------------+
+
+
+RSS based Measured Boot
+-----------------------
+
+Measured Boot is the process of cryptographically measuring (computing the hash
+value of a binary) the code and critical data used at boot time. The
+measurement must be stored in a tamper-resistant way, so the security state
+of the device can be attested later to an external party. RSS provides a runtime
+service which is meant to store measurements and associated metadata alongside.
+
+Data is stored in internal SRAM which is only accessible by the secure runtime
+firmware of RSS. Data is stored in so-called measurement slots. A platform has
+IMPDEF number of measurement slots. The measurement storage follows extend
+semantics. This means that measurements are not stored directly (as it was
+taken) instead they contribute to the current value of the measurement slot.
+The extension implements this logic, where ``||`` stands for concatenation:
+
+.. code-block:: bash
+
+ new_value_of_measurement_slot = Hash(old_value_of_measurement_slot || measurement)
+
+Supported hash algorithms: sha-256, sha-512
+
+Measured Boot API
+^^^^^^^^^^^^^^^^^
+
+Defined here:
+
+- ``include/lib/psa/measured_boot.h``
+
+.. code-block:: c
+
+ psa_status_t
+ rss_measured_boot_extend_measurement(uint8_t index,
+ const uint8_t *signer_id,
+ size_t signer_id_size,
+ const uint8_t *version,
+ size_t version_size,
+ uint32_t measurement_algo,
+ const uint8_t *sw_type,
+ size_t sw_type_size,
+ const uint8_t *measurement_value,
+ size_t measurement_value_size,
+ bool lock_measurement);
+
+Measured Boot Metadata
+^^^^^^^^^^^^^^^^^^^^^^
+
+The following metadata can be stored alongside the measurement:
+
+- ``Signer-id``: Mandatory. The hash of the firmware image signing public key.
+- ``Measurement algorithm``: Optional. The hash algorithm which was used to
+ compute the measurement (e.g.: sha-256, etc.).
+- ``Version info``: Optional. The firmware version info (e.g.: 2.7).
+- ``SW type``: Optional. Short text description (e.g.: BL1, BL2, BL31, etc.)
+
+.. Note::
+ Signer-id and version info is not implemented in TF-A yet.
+
+The caller must specify in which measurement slot to extend a certain
+measurement and metadata. A measurement slot can be extended by multiple
+measurements. The default value is IMPDEF. All measurement slot is cleared at
+reset, there is no other way to clear them. In the reference implementation,
+the measurement slots are initialized to 0. At the first call to extend the
+measurement in a slot, the extend operation uses the default value of the
+measurement slot. All upcoming extend operation on the same slot contributes
+to the previous value of that measurement slot.
+
+The following rules are kept when a slot is extended multiple times:
+
+- ``Signer-id`` must be the same as the previous call(s), otherwise a
+ PSA_ERROR_NOT_PERMITTED error code is returned.
+
+- ``Measurement algorithm``: must be the same as the previous call(s),
+ otherwise, a PSA_ERROR_NOT_PERMITTED error code is returned.
+
+In case of error no further action is taken (slot is not locked). If there is
+a valid data in a sub-sequent call then measurement slot will be extended. The
+rest of the metadata is handled as follows when a measurement slot is extended
+multiple times:
+
+- ``SW type``: Cleared.
+- ``Version info``: Cleared.
+
+.. Note::
+
+ Extending multiple measurements in the same slot leads to some metadata
+ information loss. Since RSS is not constrained on special HW resources to
+ store the measurements and metadata, therefore it is worth considering to
+ store all of them one by one in distinct slots. However, they are one-by-one
+ included in the platform attestation token. So, the number of distinct
+ firmware image measurements has an impact on the size of the attestation
+ token.
+
+The allocation of the measurement slot among RSS, Root and Realm worlds is
+platform dependent. The platform must provide an allocation of the measurement
+slot at build time. An example can be found in
+``tf-a/plat/arm/board/tc/tc_bl1_measured_boot.c``
+Furthermore, the memory, which holds the metadata is also statically allocated
+in RSS memory. Some of the fields have a static value (measurement algorithm),
+and some of the values have a dynamic value (measurement value) which is updated
+by the bootloaders when the firmware image is loaded and measured. The metadata
+structure is defined in
+``include/drivers/measured_boot/rss/rss_measured_boot.h``.
+
+.. code-block:: c
+
+ struct rss_mboot_metadata {
+ unsigned int id;
+ uint8_t slot;
+ uint8_t signer_id[SIGNER_ID_MAX_SIZE];
+ size_t signer_id_size;
+ uint8_t version[VERSION_MAX_SIZE];
+ size_t version_size;
+ uint8_t sw_type[SW_TYPE_MAX_SIZE];
+ size_t sw_type_size;
+ bool lock_measurement;
+ };
+
+Build time config options
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- ``MEASURED_BOOT``: Enable measured boot. It depends on the platform
+ implementation whether RSS or TPM (or both) backend based measured boot is
+ enabled.
+- ``MBOOT_RSS_HASH_ALG``: Determine the hash algorithm to measure the images.
+ The default value is sha-256.
+
+Measured boot flow
+^^^^^^^^^^^^^^^^^^
+
+.. figure:: ../resources/diagrams/rss_measured_boot_flow.svg
+ :align: center
+
+Sample console log
+^^^^^^^^^^^^^^^^^^
+
+.. code-block:: bash
+
+ INFO: Measured boot extend measurement:
+ INFO: - slot : 6
+ INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: - version :
+ INFO: - version_size: 0
+ INFO: - sw_type : FW_CONFIG
+ INFO: - sw_type_size: 10
+ INFO: - algorithm : 2000009
+ INFO: - measurement : aa ea d3 a7 a8 e2 ab 7d 13 a6 cb 34 99 10 b9 a1
+ INFO: : 1b 9f a0 52 c5 a8 b1 d7 76 f2 c1 c1 ef ca 1a df
+ INFO: - locking : true
+ INFO: FCONF: Config file with image ID:31 loaded at address = 0x4001010
+ INFO: Loading image id=24 at address 0x4001300
+ INFO: Image id=24 loaded: 0x4001300 - 0x400153a
+ INFO: Measured boot extend measurement:
+ INFO: - slot : 7
+ INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: - version :
+ INFO: - version_size: 0
+ INFO: - sw_type : TB_FW_CONFIG
+ INFO: - sw_type_size: 13
+ INFO: - algorithm : 2000009
+ INFO: - measurement : 05 b9 dc 98 62 26 a7 1c 2d e5 bb af f0 90 52 28
+ INFO: : f2 24 15 8a 3a 56 60 95 d6 51 3a 7a 1a 50 9b b7
+ INFO: - locking : true
+ INFO: FCONF: Config file with image ID:24 loaded at address = 0x4001300
+ INFO: BL1: Loading BL2
+ INFO: Loading image id=1 at address 0x404d000
+ INFO: Image id=1 loaded: 0x404d000 - 0x406412a
+ INFO: Measured boot extend measurement:
+ INFO: - slot : 8
+ INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: - version :
+ INFO: - version_size: 0
+ INFO: - sw_type : BL_2
+ INFO: - sw_type_size: 5
+ INFO: - algorithm : 2000009
+ INFO: - measurement : 53 a1 51 75 25 90 fb a1 d9 b8 c8 34 32 3a 01 16
+ INFO: : c9 9e 74 91 7d 28 02 56 3f 5c 40 94 37 58 50 68
+ INFO: - locking : true
+
+Delegated Attestation
+---------------------
+
+Delegated Attestation Service was mainly developed to support the attestation
+flow on the ``ARM Confidential Compute Architecture`` (ARM CCA) [7]_.
+The detailed description of the delegated attestation service can be found in
+the ``Delegated Attestation Service Integration Guide`` [4]_ document.
+
+In the CCA use case, the Realm Management Monitor (RMM) relies on the delegated
+attestation service of the RSS to get a realm attestation key and the CCA
+platform token. BL31 does not use the service for its own purpose, only calls
+it on behalf of RMM. The access to MHU interface and thereby to RSS is
+restricted to BL31 only. Therefore, RMM does not have direct access, all calls
+need to go through BL31. The RMM dispatcher module of the BL31 is responsible
+for delivering the calls between the two parties.
+
+.. Note::
+ Currently the connection between the RMM dispatcher and the PSA/RSS layer
+ is not yet implemented. RMM dispatcher just returns hard coded data.
+
+Delegated Attestation API
+^^^^^^^^^^^^^^^^^^^^^^^^^
+Defined here:
+
+- ``include/lib/psa/delegated_attestation.h``
+
+.. code-block:: c
+
+ psa_status_t
+ rss_delegated_attest_get_delegated_key(uint8_t ecc_curve,
+ uint32_t key_bits,
+ uint8_t *key_buf,
+ size_t key_buf_size,
+ size_t *key_size,
+ uint32_t hash_algo);
+
+ psa_status_t
+ rss_delegated_attest_get_token(const uint8_t *dak_pub_hash,
+ size_t dak_pub_hash_size,
+ uint8_t *token_buf,
+ size_t token_buf_size,
+ size_t *token_size);
+
+Attestation flow
+^^^^^^^^^^^^^^^^
+
+.. figure:: ../resources/diagrams/rss_attestation_flow.svg
+ :align: center
+
+Sample attestation token
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+Binary format:
+
+.. code-block:: bash
+
+ INFO: DELEGATED ATTEST TEST START
+ INFO: Get delegated attestation key start
+ INFO: Get delegated attest key succeeds, len: 48
+ INFO: Delegated attest key:
+ INFO: 0d 2a 66 61 d4 89 17 e1 70 c6 73 56 df f4 11 fd
+ INFO: 7d 1f 3b 8a a3 30 3d 70 4c d9 06 c3 c7 ef 29 43
+ INFO: 0f ee b5 e7 56 e0 71 74 1b c4 39 39 fd 85 f6 7b
+ INFO: Get platform token start
+ INFO: Get platform token succeeds, len: 1086
+ INFO: Platform attestation token:
+ INFO: d2 84 44 a1 01 38 22 a0 59 03 d1 a9 0a 58 20 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19
+ INFO: 01 00 58 21 01 cb 8c 79 f7 a0 0a 6c ce 12 66 f8
+ INFO: 64 45 48 42 0e c5 10 bf 84 ee 22 18 b9 8f 11 04
+ INFO: c7 22 31 9d fb 19 09 5c 58 20 aa aa aa aa aa aa
+ INFO: aa aa bb bb bb bb bb bb bb bb cc cc cc cc cc cc
+ INFO: cc cc dd dd dd dd dd dd dd dd 19 09 5b 19 30 00
+ INFO: 19 09 5f 89 a4 05 58 20 bf e6 d8 6f 88 26 f4 ff
+ INFO: 97 fb 96 c4 e6 fb c4 99 3e 46 19 fc 56 5d a2 6a
+ INFO: df 34 c3 29 48 9a dc 38 04 67 31 2e 36 2e 30 2b
+ INFO: 30 01 64 52 54 5f 30 02 58 20 90 27 f2 46 ab 31
+ INFO: 85 36 46 c4 d7 c6 60 ed 31 0d 3c f0 14 de f0 6c
+ INFO: 24 0b de b6 7a 84 fc 3f 5b b7 a4 05 58 20 b3 60
+ INFO: ca f5 c9 8c 6b 94 2a 48 82 fa 9d 48 23 ef b1 66
+ INFO: a9 ef 6a 6e 4a a3 7c 19 19 ed 1f cc c0 49 04 67
+ INFO: 30 2e 30 2e 30 2b 30 01 64 52 54 5f 31 02 58 20
+ INFO: 52 13 15 d4 9d b2 cf 54 e4 99 37 44 40 68 f0 70
+ INFO: 7d 73 64 ae f7 08 14 b0 f7 82 ad c6 17 db a3 91
+ INFO: a4 05 58 20 bf e6 d8 6f 88 26 f4 ff 97 fb 96 c4
+ INFO: e6 fb c4 99 3e 46 19 fc 56 5d a2 6a df 34 c3 29
+ INFO: 48 9a dc 38 04 67 31 2e 35 2e 30 2b 30 01 64 52
+ INFO: 54 5f 32 02 58 20 8e 5d 64 7e 6f 6c c6 6f d4 4f
+ INFO: 54 b6 06 e5 47 9a cc 1b f3 7f ce 87 38 49 c5 92
+ INFO: d8 2f 85 2e 85 42 a4 05 58 20 bf e6 d8 6f 88 26
+ INFO: f4 ff 97 fb 96 c4 e6 fb c4 99 3e 46 19 fc 56 5d
+ INFO: a2 6a df 34 c3 29 48 9a dc 38 04 67 31 2e 35 2e
+ INFO: 30 2b 30 01 60 02 58 20 b8 01 65 a7 78 8b c6 59
+ INFO: 42 8d 33 10 85 d1 49 0a dc 9e c3 ee df 85 1b d2
+ INFO: f0 73 73 6a 0c 07 11 b8 a4 05 58 20 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 04 60 01 6a
+ INFO: 46 57 5f 43 4f 4e 46 49 47 00 02 58 20 21 9e a0
+ INFO: 13 82 e6 d7 97 5a 11 13 a3 5f 45 39 68 b1 d9 a3
+ INFO: ea 6a ab 84 23 3b 8c 06 16 98 20 ba b9 a4 05 58
+ INFO: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 04 60 01 6d 54 42 5f 46 57 5f 43 4f 4e 46 49
+ INFO: 47 00 02 58 20 41 39 f6 c2 10 84 53 c5 17 ae 9a
+ INFO: e5 be c1 20 7b cc 24 24 f3 9d 20 a8 fb c7 b3 10
+ INFO: e3 ee af 1b 05 a4 05 58 20 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 04 60 01 65 42 4c 5f
+ INFO: 32 00 02 58 20 5c 96 20 e1 e3 3b 0f 2c eb c1 8e
+ INFO: 1a 02 a6 65 86 dd 34 97 a7 4c 98 13 bf 74 14 45
+ INFO: 2d 30 28 05 c3 a4 05 58 20 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 04 60 01 6e 53 45 43
+ INFO: 55 52 45 5f 52 54 5f 45 4c 33 00 02 58 20 f6 fb
+ INFO: 62 99 a5 0c df db 02 0b 72 5b 1c 0b 63 6e 94 ee
+ INFO: 66 50 56 3a 29 9c cb 38 f0 ec 59 99 d4 2e a4 05
+ INFO: 58 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+ INFO: 00 00 04 60 01 6a 48 57 5f 43 4f 4e 46 49 47 00
+ INFO: 02 58 20 98 5d 87 21 84 06 33 9d c3 1f 91 f5 68
+ INFO: 8d a0 5a f0 d7 7e 20 51 ce 3b f2 a5 c3 05 2e 3c
+ INFO: 8b 52 31 19 01 09 78 1c 68 74 74 70 3a 2f 2f 61
+ INFO: 72 6d 2e 63 6f 6d 2f 43 43 41 2d 53 53 44 2f 31
+ INFO: 2e 30 2e 30 19 09 62 71 6e 6f 74 2d 68 61 73 68
+ INFO: 2d 65 78 74 65 6e 64 65 64 19 09 61 44 ef be ad
+ INFO: de 19 09 60 77 77 77 77 2e 74 72 75 73 74 65 64
+ INFO: 66 69 72 6d 77 61 72 65 2e 6f 72 67 58 60 29 4e
+ INFO: 4a d3 98 1e 3b 70 9f b6 66 ed 47 33 0e 99 f0 b1
+ INFO: c3 f2 bc b2 1d b0 ae 90 0c c4 82 ff a2 6f ae 45
+ INFO: f6 87 09 4a 09 21 77 ec 36 1c 53 b8 a7 9b 8e f7
+ INFO: 27 eb 7a 09 da 6f fb bf cb fd b3 e5 e9 36 91 b1
+ INFO: 92 13 c1 30 16 b4 5c 49 5e c0 c1 b9 01 5c 88 2c
+ INFO: f8 2f 3e a4 a2 6d e4 9d 31 6a 06 f7 a7 73
+ INFO: DELEGATED ATTEST TEST END
+
+JSON format:
+
+.. code-block:: JSON
+
+ {
+ "CCA_PLATFORM_CHALLENGE": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "CCA_PLATFORM_INSTANCE_ID": "b'01CB8C79F7A00A6CCE1266F8644548420EC510BF84EE2218B98F1104C722319DFB'",
+ "CCA_PLATFORM_IMPLEMENTATION_ID": "b'AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCCDDDDDDDDDDDDDDDD'",
+ "CCA_PLATFORM_LIFECYCLE": "secured_3000",
+ "CCA_PLATFORM_SW_COMPONENTS": [
+ {
+ "SIGNER_ID": "b'BFE6D86F8826F4FF97FB96C4E6FBC4993E4619FC565DA26ADF34C329489ADC38'",
+ "SW_COMPONENT_VERSION": "1.6.0+0",
+ "SW_COMPONENT_TYPE": "RT_0",
+ "MEASUREMENT_VALUE": "b'9027F246AB31853646C4D7C660ED310D3CF014DEF06C240BDEB67A84FC3F5BB7'"
+ },
+ {
+ "SIGNER_ID": "b'B360CAF5C98C6B942A4882FA9D4823EFB166A9EF6A6E4AA37C1919ED1FCCC049'",
+ "SW_COMPONENT_VERSION": "0.0.0+0",
+ "SW_COMPONENT_TYPE": "RT_1",
+ "MEASUREMENT_VALUE": "b'521315D49DB2CF54E49937444068F0707D7364AEF70814B0F782ADC617DBA391'"
+ },
+ {
+ "SIGNER_ID": "b'BFE6D86F8826F4FF97FB96C4E6FBC4993E4619FC565DA26ADF34C329489ADC38'",
+ "SW_COMPONENT_VERSION": "1.5.0+0",
+ "SW_COMPONENT_TYPE": "RT_2",
+ "MEASUREMENT_VALUE": "b'8E5D647E6F6CC66FD44F54B606E5479ACC1BF37FCE873849C592D82F852E8542'"
+ },
+ {
+ "SIGNER_ID": "b'BFE6D86F8826F4FF97FB96C4E6FBC4993E4619FC565DA26ADF34C329489ADC38'",
+ "SW_COMPONENT_VERSION": "1.5.0+0",
+ "SW_COMPONENT_TYPE": "",
+ "MEASUREMENT_VALUE": "b'B80165A7788BC659428D331085D1490ADC9EC3EEDF851BD2F073736A0C0711B8'"
+ },
+ {
+ "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SW_COMPONENT_VERSION": "",
+ "SW_COMPONENT_TYPE": "FW_CONFIG\u0000",
+ "MEASUREMENT_VALUE": "b'219EA01382E6D7975A1113A35F453968B1D9A3EA6AAB84233B8C06169820BAB9'"
+ },
+ {
+ "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SW_COMPONENT_VERSION": "",
+ "SW_COMPONENT_TYPE": "TB_FW_CONFIG\u0000",
+ "MEASUREMENT_VALUE": "b'4139F6C2108453C517AE9AE5BEC1207BCC2424F39D20A8FBC7B310E3EEAF1B05'"
+ },
+ {
+ "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SW_COMPONENT_VERSION": "",
+ "SW_COMPONENT_TYPE": "BL_2\u0000",
+ "MEASUREMENT_VALUE": "b'5C9620E1E33B0F2CEBC18E1A02A66586DD3497A74C9813BF7414452D302805C3'"
+ },
+ {
+ "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SW_COMPONENT_VERSION": "",
+ "SW_COMPONENT_TYPE": "SECURE_RT_EL3\u0000",
+ "MEASUREMENT_VALUE": "b'F6FB6299A50CDFDB020B725B1C0B636E94EE6650563A299CCB38F0EC5999D42E'"
+ },
+ {
+ "SIGNER_ID": "b'0000000000000000000000000000000000000000000000000000000000000000'",
+ "SW_COMPONENT_VERSION": "",
+ "SW_COMPONENT_TYPE": "HW_CONFIG\u0000",
+ "MEASUREMENT_VALUE": "b'985D87218406339DC31F91F5688DA05AF0D77E2051CE3BF2A5C3052E3C8B5231'"
+ }
+ ],
+ "CCA_ATTESTATION_PROFILE": "http://arm.com/CCA-SSD/1.0.0",
+ "CCA_PLATFORM_HASH_ALGO_ID": "not-hash-extended",
+ "CCA_PLATFORM_CONFIG": "b'EFBEADDE'",
+ "CCA_PLATFORM_VERIFICATION_SERVICE": "www.trustedfirmware.org"
+ }
+
+References
+----------
+
+.. [1] https://tf-m-user-guide.trustedfirmware.org/platform/arm/rss/readme.html
+.. [2] https://tf-m-user-guide.trustedfirmware.org/platform/arm/rss/rss_comms.html
+.. [3] https://git.trustedfirmware.org/TF-M/tf-m-extras.git/tree/partitions/measured_boot/measured_boot_integration_guide.rst
+.. [4] https://git.trustedfirmware.org/TF-M/tf-m-extras.git/tree/partitions/delegated_attestation/delegated_attest_integration_guide.rst
+.. [5] https://tf-m-user-guide.trustedfirmware.org/platform/arm/rss/rss_key_management.html
+.. [6] https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4&hash=3BFD6F3E687F324672F18E5BE9F08EDC48087C93
+.. [7] https://developer.arm.com/documentation/DEN0096/A_a/?lang=en
+
+--------------
+
+*Copyright (c) 2023, Arm Limited. All rights reserved.*
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index d5ded5e..abfc8ec 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -52,8 +52,14 @@
- ``BL2U``: This is an optional build option which specifies the path to
BL2U image. In this case, the BL2U in TF-A will not be built.
-- ``BL2_AT_EL3``: This is an optional build option that enables the use of
- BL2 at EL3 execution level.
+- ``RESET_TO_BL2``: Boolean option to enable BL2 entrypoint as the CPU reset
+ vector instead of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
+ entrypoint) or 1 (CPU reset to BL2 entrypoint).
+ The default value is 0.
+
+- ``BL2_RUNS_AT_EL3``: This is an implicit flag to denote that BL2 runs at EL3.
+ While it is explicitly set to 1 when RESET_TO_BL2 is set to 1 it can also be
+ true in a 4-world system where RESET_TO_BL2 is 0.
- ``BL2_ENABLE_SP_LOAD``: Boolean option to enable loading SP packages from the
FIP. Automatically enabled if ``SP_LAYOUT_FILE`` is provided.
@@ -61,8 +67,8 @@
- ``BL2_IN_XIP_MEM``: In some use-cases BL2 will be stored in eXecute In Place
(XIP) memory, like BL1. In these use-cases, it is necessary to initialize
the RW sections in RAM, while leaving the RO sections in place. This option
- enable this use-case. For now, this option is only supported when BL2_AT_EL3
- is set to '1'.
+ enable this use-case. For now, this option is only supported
+ when RESET_TO_BL2 is set to '1'.
- ``BL31``: This is an optional build option which specifies the path to
BL31 image for the ``fip`` target. In this case, the BL31 in TF-A will not
@@ -348,6 +354,13 @@
values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
Default value is ``0``.
+- ``ENABLE_FEAT_TCR2``: Numeric value to set the bit SCR_EL3.ENTCR2 in EL3 to
+ allow access to TCR2_EL2 (extended translation control) from EL2 as
+ well as adding TCR2_EL2 to the EL2 context save/restore operations. Its a
+ mandatory architectural feature and is enabled from v8.9 and upwards. This
+ flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
- ``ENABLE_LTO``: Boolean option to enable Link Time Optimization (LTO)
support in GCC for TF-A. This option is currently only supported for
AArch64. Default is 0.
@@ -377,8 +390,8 @@
- ``ENABLE_PIE``: Boolean option to enable Position Independent Executable(PIE)
support within generic code in TF-A. This option is currently only supported
- in BL2_AT_EL3, BL31, and BL32 (TSP) for AARCH64 binaries, and in BL32
- (SP_min) for AARCH32. Default is 0.
+ in BL2, BL31, and BL32 (TSP) for AARCH64 binaries, and
+ in BL32 (SP_min) for AARCH32. Default is 0.
- ``ENABLE_PMF``: Boolean option to enable support for optional Performance
Measurement Framework(PMF). Default is 0.
@@ -670,7 +683,7 @@
the measurements and recording them as per `PSA DRTM specification`_. For
platforms which use BL2 to load/authenticate BL31 ``TRUSTED_BOARD_BOOT`` can
be used and for the platforms which use ``RESET_TO_BL31`` platform owners
- should have mechanism to authenticate BL31.
+ should have mechanism to authenticate BL31. This is an experimental feature.
This option defaults to 0.
@@ -1199,7 +1212,7 @@
--------------
-*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
.. _DEN0115: https://developer.arm.com/docs/den0115/latest
.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/a/
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 80b72e5..6735cb1 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -14,10 +14,17 @@
The platform-specific functions and variables are declared in
``include/plat/common/platform.h``. The firmware provides a default
-implementation of variables and functions to fulfill the optional requirements.
-These implementations are all weakly defined; they are provided to ease the
-porting effort. Each platform port can override them with its own implementation
-if the default implementation is inadequate.
+implementation of variables and functions to fulfill the optional requirements
+in order to ease the porting effort. Each platform port can use them as is or
+provide their own implementation if the default implementation is inadequate.
+
+ .. note::
+
+ TF-A historically provided default implementations of platform interfaces
+ as *weak* functions. This practice is now discouraged and new platform
+ interfaces as they get introduced in the code base should be *strongly*
+ defined. We intend to convert existing weak functions over time. Until
+ then, you will find references to *weak* functions in this document.
Some modifications are common to all Boot Loader (BL) stages. Section 2
discusses these in detail. The subsequent sections discuss the remaining
@@ -66,22 +73,22 @@
If the build option ``USE_COHERENT_MEM`` is enabled, each platform can allocate a
block of identity mapped secure memory with Device-nGnRE attributes aligned to
page boundary (4K) for each BL stage. All sections which allocate coherent
-memory are grouped under ``coherent_ram``. For ex: Bakery locks are placed in a
-section identified by name ``bakery_lock`` inside ``coherent_ram`` so that its
+memory are grouped under ``.coherent_ram``. For ex: Bakery locks are placed in a
+section identified by name ``.bakery_lock`` inside ``.coherent_ram`` so that its
possible for the firmware to place variables in it using the following C code
directive:
::
- __section("bakery_lock")
+ __section(".bakery_lock")
Or alternatively the following assembler code directive:
::
- .section bakery_lock
+ .section .bakery_lock
-The ``coherent_ram`` section is a sum of all sections like ``bakery_lock`` which are
+The ``.coherent_ram`` section is a sum of all sections like ``.bakery_lock`` which are
used to allocate any data structures that are accessed both when a CPU is
executing with its MMU and caches enabled, and when it's running with its MMU
and caches disabled. Examples are given below.
@@ -2411,7 +2418,7 @@
accommodate all the bakery locks.
If this constant is not defined when ``USE_COHERENT_MEM = 0``, the linker
-calculates the size of the ``bakery_lock`` input section, aligns it to the
+calculates the size of the ``.bakery_lock`` input section, aligns it to the
nearest ``CACHE_WRITEBACK_GRANULE``, multiplies it with ``PLATFORM_CORE_COUNT``
and stores the result in a linker symbol. This constant prevents a platform
from relying on the linker and provide a more efficient mechanism for
@@ -3204,9 +3211,20 @@
Common helper functions
-----------------------
+Function : elx_panic()
+~~~~~~~~~~~~~~~~~~~~~~
+
+::
-Function : do_panic()
-~~~~~~~~~~~~~~~~~~~~~
+ Argument : void
+ Return : void
+
+This API is called from assembly files when reporting a critical failure
+that has occured in lower EL and is been trapped in EL3. This call
+**must not** return.
+
+Function : el3_panic()
+~~~~~~~~~~~~~~~~~~~~~~
::
@@ -3214,9 +3232,8 @@
Return : void
This API is called from assembly files when encountering a critical failure that
-cannot be recovered from. It also invokes elx_panic() which allows to report a
-crash from lower exception level. This function assumes that it is invoked from
-a C runtime environment i.e. valid stack exists. This call **must not** return.
+cannot be recovered from. This function assumes that it is invoked from a C
+runtime environment i.e. valid stack exists. This call **must not** return.
Function : panic()
~~~~~~~~~~~~~~~~~~
@@ -3228,7 +3245,7 @@
This API called from C files when encountering a critical failure that cannot
be recovered from. This function in turn prints backtrace (if enabled) and calls
-do_panic(). This call **must not** return.
+el3_panic(). This call **must not** return.
Crash Reporting mechanism (in BL31)
-----------------------------------
@@ -3540,7 +3557,7 @@
--------------
-*Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
.. _Arm Generic Interrupt Controller version 2.0 (GICv2): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0048b/index.html
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index 3723294..5b49d2e 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -31,12 +31,18 @@
You will need the targets ``arm-none-eabi`` and ``aarch64-none-elf`` for
AArch32 and AArch64 builds respectively.
-- Clang >= 14.0.0
-- Arm Compiler >= 6.18
+- Clang == 14.0.0
+- Arm Compiler == 6.18
In addition, a native compiler is required to build the supporting tools.
.. note::
+ Versions greater than the ones specified are likely but not guaranteed to
+ work. This is predominantly because TF-A carries its own copy of compiler-rt,
+ which may be older than the version expected by the compiler. Fixes and bug
+ reports are always welcome.
+
+.. note::
The software has also been built on Windows 7 Enterprise SP1, using CMD.EXE,
Cygwin, and Msys (MinGW) shells, using version 5.3.1 of the GNU toolchain.
diff --git a/docs/perf/psci-performance-juno.rst b/docs/perf/psci-performance-juno.rst
index eab3e4d..7418669 100644
--- a/docs/perf/psci-performance-juno.rst
+++ b/docs/perf/psci-performance-juno.rst
@@ -286,7 +286,7 @@
--------------
-*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited and Contributors. All rights reserved.*
-.. _Juno R1 platform: https://static.docs.arm.com/100122/0100/arm_versatile_express_juno_r1_development_platform_(v2m_juno_r1)_technical_reference_manual_100122_0100_05_en.pdf
+.. _Juno R1 platform: https://developer.arm.com/documentation/100122/latest/
.. _TF master as of 31/01/2017: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?id=c38b36d
diff --git a/docs/plat/arm/corstone1000/index.rst b/docs/plat/arm/corstone1000/index.rst
index b889b7f..dc626e1 100644
--- a/docs/plat/arm/corstone1000/index.rst
+++ b/docs/plat/arm/corstone1000/index.rst
@@ -47,7 +47,7 @@
ARCH=aarch64 \
TARGET_PLATFORM=<fpga or fvp> \
ENABLE_PIE=1 \
- BL2_AT_EL3=1 \
+ RESET_TO_BL2=1 \
CREATE_KEYS=1 \
GENERATE_COT=1 \
TRUSTED_BOARD_BOOT=1 \
@@ -58,4 +58,4 @@
BL33=<path to u-boot binary> \
bl2
-*Copyright (c) 2021, Arm Limited. All rights reserved.*
+*Copyright (c) 2021-2023, Arm Limited. All rights reserved.*
diff --git a/docs/plat/arm/juno/index.rst b/docs/plat/arm/juno/index.rst
index 91e681f..d741d58 100644
--- a/docs/plat/arm/juno/index.rst
+++ b/docs/plat/arm/juno/index.rst
@@ -241,7 +241,7 @@
--------------
-*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
.. _Linaro release software stack: http://releases.linaro.org/members/arm/platforms/
.. _Juno platform software user guide: https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/about/docs/juno/user-guide.rst
@@ -250,4 +250,3 @@
.. _Arm Platforms Portal: https://community.arm.com/dev-platforms/
.. _Juno Getting Started Guide: https://developer.arm.com/documentation/den0928/f/?lang=en
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
-.. _Juno Arm Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
diff --git a/docs/plat/qemu.rst b/docs/plat/qemu.rst
index 6986326..f2a39e9 100644
--- a/docs/plat/qemu.rst
+++ b/docs/plat/qemu.rst
@@ -44,7 +44,7 @@
Then, you will get ``Build/ArmVirtQemuKernel-AARCH64/DEBUG_GCC5/FV/QEMU_EFI.fd``
Please note you do not need to use GCC 5 in spite of the environment variable
-``GCC5_AARCH64_PREFIX``
+``GCC5_AARCH64_PREFIX``.
The rootfs can be built by using Buildroot as follows:
@@ -88,54 +88,73 @@
-initrd rootfs.cpio.gz -smp 2 -m 1024 -bios bl1.bin \
-d unimp -semihosting-config enable,target=native
-Booting via flash based firmwares
----------------------------------
+Booting via flash based firmware
+--------------------------------
-Boot firmwares are loaded via secure FLASH0 device so ``bl1.bin`` and
-``fip.bin`` should be concatenated to create a ``flash.bin`` that is flashed
-onto secure FLASH0.
+An alternate approach to deploy a full system stack on QEMU is to load the
+firmware via a secure flash device. This involves concatenating ``bl1.bin`` and
+``fip.bin`` to create a boot ROM that is flashed onto secure FLASH0 with the
+``-bios`` option.
-- ``bl32.bin`` -> BL32 (``tee-header_v2.bin``)
-- ``bl32_extra1.bin`` -> BL32 Extra1 (``tee-pager_v2.bin``)
-- ``bl32_extra2.bin`` -> BL32 Extra2 (``tee-pageable_v2.bin``)
-- ``bl33.bin`` -> BL33 (``QEMU_EFI.fd``)
+For example, to test the following firmware stack:
+
+
+- BL32 - ``bl32.bin`` -> ``tee-header_v2.bin``
+- BL32 Extra1 - ``bl32_extra1.bin`` -> ``tee-pager_v2.bin``
+- BL32 Extra2 - ``bl32_extra2.bin`` -> ``tee-pageable_v2.bin``
+- BL33 - ``bl33.bin`` -> ``QEMU_EFI.fd`` (EDK II)
- ``Image`` -> linux/arch/arm64/boot/Image
-To build:
-.. code:: shell
+1. Compile TF-A
- make CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu BL32=bl32.bin \
- BL32_EXTRA1=bl32_extra1.bin BL32_EXTRA2=bl32_extra2.bin \
- BL33=bl33.bin BL32_RAM_LOCATION=tdram SPD=opteed all fip
+ .. code:: shell
-To build with TBBR enabled, BL31 and BL32 encrypted with test key:
+ make CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu BL32=bl32.bin \
+ BL32_EXTRA1=bl32_extra1.bin BL32_EXTRA2=bl32_extra2.bin \
+ BL33=bl33.bin BL32_RAM_LOCATION=tdram SPD=opteed all fip
-.. code:: shell
+ Or, alternatively, to build with TBBR enabled, as well as, BL31 and BL32 encrypted with
+ test key:
- make CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu BL32=bl32.bin \
- BL32_EXTRA1=bl32_extra1.bin BL32_EXTRA2=bl32_extra2.bin \
- BL33=bl33.bin BL32_RAM_LOCATION=tdram SPD=opteed all fip \
- MBEDTLS_DIR=<path-to-mbedtls-repo> TRUSTED_BOARD_BOOT=1 \
- GENERATE_COT=1 DECRYPTION_SUPPORT=aes_gcm FW_ENC_STATUS=0 \
- ENCRYPT_BL31=1 ENCRYPT_BL32=1
+ .. code:: shell
-To build flash.bin:
+ make CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu BL32=bl32.bin \
+ BL32_EXTRA1=bl32_extra1.bin BL32_EXTRA2=bl32_extra2.bin \
+ BL33=bl33.bin BL32_RAM_LOCATION=tdram SPD=opteed all fip \
+ MBEDTLS_DIR=<path-to-mbedtls-repo> TRUSTED_BOARD_BOOT=1 \
+ GENERATE_COT=1 DECRYPTION_SUPPORT=aes_gcm FW_ENC_STATUS=0 \
+ ENCRYPT_BL31=1 ENCRYPT_BL32=1
-.. code:: shell
+2. Concatenate ``bl1.bin`` and ``fip.bin`` to create the boot ROM
- dd if=build/qemu/release/bl1.bin of=flash.bin bs=4096 conv=notrunc
- dd if=build/qemu/release/fip.bin of=flash.bin seek=64 bs=4096 conv=notrunc
+ .. code:: shell
-To start (QEMU v5.0.0):
+ dd if=build/qemu/release/bl1.bin of=flash.bin bs=4096 conv=notrunc
+ dd if=build/qemu/release/fip.bin of=flash.bin seek=64 bs=4096 conv=notrunc
-.. code:: shell
+3. Launch QEMU
- qemu-system-aarch64 -nographic -machine virt,secure=on -cpu cortex-a57 \
- -kernel Image -no-acpi \
- -append 'console=ttyAMA0,38400 keep_bootcon' \
- -initrd rootfs.cpio.gz -smp 2 -m 1024 -bios flash.bin \
- -d unimp
+ .. code:: shell
+
+ qemu-system-aarch64 -nographic -machine virt,secure=on
+ -cpu cortex-a57 -kernel Image \
+ -append 'console=ttyAMA0,38400 keep_bootcon' \
+ -initrd rootfs.cpio.gz -smp 2 -m 1024 -bios flash.bin \
+ -d unimp
+
+The ``-bios`` option abstracts the loading of raw bare metal binaries into flash
+or ROM memory. QEMU loads the binary into the region corresponding to
+the hardware's entrypoint, from which the binary is executed upon a platform
+"reset". In addition to this, it places the information about the kernel
+provided with option ``-kernel``, and the RamDisk provided with ``-initrd``,
+into the firmware configuration ``fw_cfg``. In this setup, EDK II is responsible
+for extracting and launching these from ``fw_cfg``.
+
+.. note::
+ QEMU may be launched with or without ACPI (``-acpi``/``-no-acpi``). In
+ either case, ensure that the kernel build options are aligned with the
+ parameters passed to QEMU.
Running QEMU in OpenCI
-----------------------
diff --git a/docs/plat/stm32mp1.rst b/docs/plat/stm32mp1.rst
index 23ea25a..a983606 100644
--- a/docs/plat/stm32mp1.rst
+++ b/docs/plat/stm32mp1.rst
@@ -107,11 +107,11 @@
Boot sequence
~~~~~~~~~~~~~
-ROM code -> BL2 (compiled with BL2_AT_EL3) -> BL32 (SP_min) -> BL33 (U-Boot)
+ROM code -> BL2(compiled with RESET_TO_BL2) -> BL32(SP_min)-> BL33(U-Boot)
or if Op-TEE is used:
-ROM code -> BL2 (compiled with BL2_AT_EL3) -> OP-TEE -> BL33 (U-Boot)
+ROM code -> BL2 (compiled with RESET_TO_BL2) -> OP-TEE -> BL33 (U-Boot)
Build Instructions
diff --git a/docs/plat/xilinx-zynqmp.rst b/docs/plat/xilinx-zynqmp.rst
index af1cb22..81f4fbe 100644
--- a/docs/plat/xilinx-zynqmp.rst
+++ b/docs/plat/xilinx-zynqmp.rst
@@ -31,6 +31,7 @@
ZynqMP platform specific build options
--------------------------------------
+- ``XILINX_OF_BOARD_DTB_ADDR`` : Specifies the base address of Device tree.
- ``ZYNQMP_ATF_MEM_BASE``: Specifies the base address of the bl31 binary.
- ``ZYNQMP_ATF_MEM_SIZE``: Specifies the size of the memory region of the bl31 binary.
- ``ZYNQMP_BL32_MEM_BASE``: Specifies the base address of the bl32 binary.
@@ -41,6 +42,53 @@
- ``cadence``, ``cadence0``: Cadence UART 0
- ``cadence1`` : Cadence UART 1
+ZynqMP Debug behavior
+---------------------
+
+With DEBUG=1, TF-A for ZynqMP uses DDR memory range instead of OCM memory range
+due to size constraints.
+For DEBUG=1 configuration for ZynqMP the BL31_BASE is set to the DDR location
+of 0x1000 and BL31_LIMIT is set to DDR location of 0x7FFFF. By default the
+above memory range will NOT be reserved in device tree.
+
+To reserve the above memory range in device tree, the device tree base address
+must be provided during build as,
+
+make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 \
+ XILINX_OF_BOARD_DTB_ADDR=<DTB address> bl31
+
+The default DTB base address for ZynqMP platform is 0x100000. This default value
+is not set in the code and to use this default address, user still needs to
+provide it through the build command as above.
+
+If the user wants to move the bl31 to a different DDR location, user can provide
+the DDR address location using the build time parameters ZYNQMP_ATF_MEM_BASE and
+ZYNQMP_ATF_MEM_SIZE.
+
+The DDR address must be reserved in the DTB by the user, either by manually
+adding the reserved memory node, in the device tree, with the required address
+range OR let TF-A modify the device tree on the run.
+
+To let TF-A access and modify the device tree, the DTB address must be provided
+to the build command as follows,
+
+make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 \
+ ZYNQMP_ATF_MEM_BASE=<DDR address> ZYNQMP_ATF_MEM_SIZE=<size> \
+ XILINX_OF_BOARD_DTB_ADDR=<DTB address> bl31
+
+DDR Address Range Usage
+-----------------------
+
+When FSBL runs on RPU and TF-A is to be placed in DDR address range,
+then the user needs to make sure that the DDR address is beyond 256KB.
+In the RPU view, the first 256 KB is TCM memory.
+
+For this use case, with the minimum base address in DDR for TF-A,
+the build command example is;
+
+make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 \
+ ZYNQMP_ATF_MEM_BASE=0x40000 ZYNQMP_ATF_MEM_SIZE=<size>
+
FSBL->TF-A Parameter Passing
----------------------------
@@ -71,3 +119,40 @@
The 4 leaf power domains represent the individual A53 cores, while resources
common to the cluster are grouped in the power domain on the top.
+
+CUSTOM SIP service support
+--------------------------
+
+- Dedicated SMC FID ZYNQMP_SIP_SVC_CUSTOM(0x82002000)(32-bit)/
+ (0xC2002000)(64-bit) to be used by a custom package for
+ providing CUSTOM SIP service.
+
+- by default platform provides bare minimum definition for
+ custom_smc_handler in this service.
+
+- to use this service, custom package should implement their
+ smc handler with the name custom_smc_handler. once custom package is
+ included in TF-A build, their definition of custom_smc_handler is
+ enabled.
+
+Custom package makefile fragment inclusion in TF-A build
+--------------------------------------------------------
+
+- custom package is not directly part of TF-A source.
+
+- <CUSTOM_PKG_PATH> is the location at which user clones a
+ custom package locally.
+
+- custom package needs to implement makefile fragment named
+ custom_pkg.mk so as to get included in TF-A build.
+
+- custom_pkg.mk specify all the rules to include custom package
+ specific header files, dependent libs, source files that are
+ supposed to be included in TF-A build.
+
+- when <CUSTOM_PKG_PATH> is specified in TF-A build command,
+ custom_pkg.mk is included from <CUSTOM_PKG_PATH> in TF-A build.
+
+- TF-A build command:
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1
+ bl31 CUSTOM_PKG_PATH=<...>
diff --git a/docs/process/coding-guidelines.rst b/docs/process/coding-guidelines.rst
index 26c272d..13fb7cb 100644
--- a/docs/process/coding-guidelines.rst
+++ b/docs/process/coding-guidelines.rst
@@ -461,9 +461,56 @@
- Low-level code where specific system-level instructions must be used, such
as cache maintenance operations.
+Do not use weak functions
+-------------------------
+
+.. note::
+
+ The following guideline applies more strongly to common, platform-independent
+ code. For plaform code (under ``plat/`` directory), it is up to each platform
+ maintainer to decide whether this should be striclty enforced or not.
+
+The use of weak functions is highly discouraged in the TF-A codebase. Newly
+introduced platform interfaces should be strongly defined, wherever possible. In
+the rare cases where this is not possible or where weak functions appear as the
+best tool to solve the problem at hand, this should be discussed with the
+project's maintainers and justified in the code.
+
+For the purpose of providing a default implementation of a platform interface,
+an alternative to weak functions is to provide a strongly-defined implementation
+under the ``plat/common/`` directory. Then platforms have two options to pull
+in this implementation:
+
+ - They can include the source file through the platform's makefile. Note that
+ this method is suitable only if the platform wants *all* default
+ implementations defined in this file, else either the file should be
+ refactored or the next approach should be used.
+
+ - They access the platform interface through a **constant** function pointer.
+
+In both cases, what matters is that platforms include the default implementation
+as a conscious decision.
+
+.. rubric:: Rationale
+
+Weak functions may sound useful to simplify the initial porting effort to a
+new platform, such that one can quickly get the firmware to build and link,
+without implementing all platform interfaces from the beginning. For this
+reason, the TF-A project used to make heavy use of weak functions and there
+are still many outstanding usages of them across the code base today. We
+intend to convert them to strongly-defined functions over time.
+
+However, weak functions also have major drawbacks, which we consider
+outweighing their benefits. They can make it hard to identify which
+implementation gets built into the firmware, especially when using multiple
+levels of "weakness". This has resulted in bugs in the past.
+
+Weak functions are also forbidden by MISRA coding guidelines, which TF-A aims to
+comply with.
+
--------------
-*Copyright (c) 2020, 2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2020 - 2023, Arm Limited and Contributors. All rights reserved.*
.. _`Linux master tree`: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/
.. _`Procedure Call Standard for the Arm Architecture`: https://github.com/ARM-software/abi-aa/blob/main/aapcs32/aapcs32.rst
diff --git a/docs/process/coding-style.rst b/docs/process/coding-style.rst
index be13b14..483780b 100644
--- a/docs/process/coding-style.rst
+++ b/docs/process/coding-style.rst
@@ -386,6 +386,27 @@
#include "a_header.h"
+The preferred approach for third-party headers is to include them immediately
+following system header files like in the example below, where the
+``version.h`` header from the Mbed TLS library immediately follows the
+``stddef.h`` system header.
+
+.. code:: c
+
+ /* system header files */
+ #include <stddef.h>
+
+ /* Mbed TLS header files */
+ #include <mbedtls/version.h>
+
+ /* project header files */
+ #include <drivers/auth/auth_mod.h>
+ #include <drivers/auth/tbbr_cot_common.h>
+
+ /* platform header files */
+ #include <platform_def.h>
+
+
Include statement variants
^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -463,7 +484,7 @@
--------------
-*Copyright (c) 2020, Arm Limited. All rights reserved.*
+*Copyright (c) 2020-2023, Arm Limited. All rights reserved.*
.. _`Linux kernel coding style`: https://www.kernel.org/doc/html/latest/process/coding-style.html
.. _`MISRA C:2012 Guidelines`: https://www.misra.org.uk/Activities/MISRAC/tabid/160/Default.aspx
diff --git a/docs/process/security.rst b/docs/process/security.rst
index f1e7a9d..c6429ad 100644
--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -67,6 +67,12 @@
| |TFV-8| | Not saving x0 to x3 registers can leak information from one |
| | Normal World SMC client to another |
+-----------+------------------------------------------------------------------+
+| |TFV-9| | Trusted Firmware-A exposure to speculative processor |
+| | vulnerabilities with branch prediction target reuse |
++-----------+------------------------------------------------------------------+
+| |TFV-10| | Incorrect validation of X.509 certificate extensions can result |
+| | in an out-of-bounds read |
++-----------+------------------------------------------------------------------+
.. _issue tracker: https://developer.trustedfirmware.org/project/board/1/
.. _mailing list: https://lists.trustedfirmware.org/mailman3/lists/tf-a.lists.trustedfirmware.org/
@@ -79,6 +85,8 @@
.. |TFV-6| replace:: :ref:`Advisory TFV-6 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)`
.. |TFV-7| replace:: :ref:`Advisory TFV-7 (CVE-2018-3639)`
.. |TFV-8| replace:: :ref:`Advisory TFV-8 (CVE-2018-19440)`
+.. |TFV-9| replace:: :ref:`Advisory TFV-9 (CVE-2022-23960)`
+.. |TFV-10| replace:: :ref:`Advisory TFV-10 (CVE-2022-47630)`
.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/
diff --git a/docs/requirements.in b/docs/requirements.in
index 5d771e5..ae20b7d 100644
--- a/docs/requirements.in
+++ b/docs/requirements.in
@@ -1,5 +1,5 @@
-myst-parser==0.15.2
+myst-parser==0.18.1
pip-tools==6.4.0
-sphinx==4.2.0
-sphinx-rtd-theme==1.0.0
-sphinxcontrib-plantuml==0.22
+sphinx==5.3.0
+sphinx-rtd-theme==1.1.1
+sphinxcontrib-plantuml==0.24.1
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 03b1189..1ed78d0 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -1,71 +1,71 @@
#
-# This file is autogenerated by pip-compile with python 3.8
-# To update, run:
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
#
-# pip-compile
+# pip-compile docs/requirements.in
#
alabaster==0.7.12
# via sphinx
-attrs==21.2.0
- # via markdown-it-py
-babel==2.9.1
+babel==2.11.0
# via sphinx
-certifi==2021.5.30
+certifi==2022.12.7
# via requests
-charset-normalizer==2.0.4
+charset-normalizer==2.1.1
# via requests
-click==8.0.1
+click==8.1.3
# via pip-tools
-docutils==0.16
+docutils==0.17.1
# via
# myst-parser
# sphinx
# sphinx-rtd-theme
-idna==3.2
+idna==3.4
# via requests
-imagesize==1.2.0
+imagesize==1.4.1
+ # via sphinx
+importlib-metadata==6.0.0
# via sphinx
-jinja2==3.0.1
+jinja2==3.1.2
# via
# myst-parser
# sphinx
-markdown-it-py==1.1.0
+markdown-it-py==2.1.0
# via
# mdit-py-plugins
# myst-parser
-markupsafe==2.0.1
+markupsafe==2.1.1
# via jinja2
-mdit-py-plugins==0.2.8
+mdit-py-plugins==0.3.3
# via myst-parser
-myst-parser==0.15.2
- # via -r requirements.in
-packaging==21.0
+mdurl==0.1.2
+ # via markdown-it-py
+myst-parser==0.18.1
+ # via -r docs/requirements.in
+packaging==23.0
# via sphinx
-pep517==0.11.0
+pep517==0.13.0
# via pip-tools
pip-tools==6.4.0
- # via -r requirements.in
-pygments==2.10.0
+ # via -r docs/requirements.in
+pygments==2.14.0
# via sphinx
-pyparsing==2.4.7
- # via packaging
-pytz==2021.1
+pytz==2022.7
# via babel
pyyaml==6.0
# via myst-parser
-requests==2.26.0
+requests==2.28.1
# via sphinx
-snowballstemmer==2.1.0
+snowballstemmer==2.2.0
# via sphinx
-sphinx==4.2.0
+sphinx==5.3.0
# via
- # -r requirements.in
+ # -r docs/requirements.in
# myst-parser
# sphinx-rtd-theme
# sphinxcontrib-plantuml
-sphinx-rtd-theme==1.0.0
- # via -r requirements.in
-sphinxcontrib-applehelp==1.0.2
+sphinx-rtd-theme==1.1.1
+ # via -r docs/requirements.in
+sphinxcontrib-applehelp==1.0.3
# via sphinx
sphinxcontrib-devhelp==1.0.2
# via sphinx
@@ -73,18 +73,22 @@
# via sphinx
sphinxcontrib-jsmath==1.0.1
# via sphinx
-sphinxcontrib-plantuml==0.22
- # via -r requirements.in
+sphinxcontrib-plantuml==0.24.1
+ # via -r docs/requirements.in
sphinxcontrib-qthelp==1.0.3
# via sphinx
sphinxcontrib-serializinghtml==1.1.5
# via sphinx
-tomli==1.2.1
+tomli==2.0.1
# via pep517
-urllib3==1.26.6
+typing-extensions==4.4.0
+ # via myst-parser
+urllib3==1.26.13
# via requests
-wheel==0.37.0
+wheel==0.38.4
# via pip-tools
+zipp==3.11.0
+ # via importlib-metadata
# The following packages are considered to be unsafe in a requirements file:
# pip
diff --git a/docs/resources/diagrams/plantuml/rss_attestation_flow.puml b/docs/resources/diagrams/plantuml/rss_attestation_flow.puml
new file mode 100644
index 0000000..aca5c01
--- /dev/null
+++ b/docs/resources/diagrams/plantuml/rss_attestation_flow.puml
@@ -0,0 +1,39 @@
+@startuml
+skinparam ParticipantPadding 10
+skinparam BoxPadding 10
+box AP
+participant RMM
+participant BL31
+endbox
+box RSS
+participant DelegAttest
+participant InitAttest
+participant MeasuredBoot
+participant Crypto
+endbox
+
+== RMM Boot phase ==
+
+RMM -> BL31: get_realm_key(\n\t**hash_algo**, ...)
+BL31 -> DelegAttest: get_delegated_key
+DelegAttest -> MeasuredBoot: read_measurement
+Rnote over DelegAttest: Compute input\n\ for key derivation\n\ (hash of measurements)
+DelegAttest -> Crypto: derive_key
+Rnote over DelegAttest: Compute public key\n\ hash with **hash_algo**.
+Rnote over Crypto: Seed is provisioned\n\ in the factory.
+DelegAttest --> BL31: get_delegated_key
+BL31 --> RMM: get_realm_key
+Rnote over RMM: Only private key\n\ is returned. Public\n\ key and its hash\n\ must be computed.\n\
+Public key is included\n\ in the realm token.\n\ Its hash is the input\n\ for get_platform_token
+RMM -> BL31: get_platform_token(\n\t**pub_key_hash**, ...)
+BL31 -> DelegAttest: get_delegated_token
+Rnote over DelegAttest: Check **pub_key_hash**\n\ against derived key.
+DelegAttest -> InitAttest: get_initial_token
+Rnote over InitAttest: Create the token including\n\ the **pub_key_hash** as the\n\ challenge claim
+InitAttest -> MeasuredBoot: read_measurement
+InitAttest -> Crypto: sign_token
+InitAttest --> DelegAttest: get_initial_token
+DelegAttest --> BL31: get_delegated_token
+BL31 --> RMM: get_platform_token
+Rnote over RMM: Platform token is\n\ cached. It is not\n\ changing within\n\ a power cycle.
+@enduml
diff --git a/docs/resources/diagrams/plantuml/rss_measured_boot_flow.puml b/docs/resources/diagrams/plantuml/rss_measured_boot_flow.puml
new file mode 100644
index 0000000..1aeb1a9
--- /dev/null
+++ b/docs/resources/diagrams/plantuml/rss_measured_boot_flow.puml
@@ -0,0 +1,79 @@
+@startuml
+skinparam ParticipantPadding 10
+skinparam BoxPadding 10
+box RSS
+participant RSS_BL1_1
+participant RSS_BL1_2
+participant RSS_BL2
+participant RSS_S
+endbox
+box SCP
+participant SCP_BL1
+endbox
+box AP
+participant AP_BL1
+participant AP_BL2
+participant AP_BL31
+endbox
+
+== RSS Boot phase ==
+-> RSS_BL1_1: Reset
+Rnote over RSS_BL1_1: ROM code, XIP
+Rnote over RSS_BL1_2: OTP code, XIP
+Rnote over RSS_BL2, AP_BL31: Stored in flash, loaded and executed in RAM
+activate RSS_BL1_1 #Green
+RSS_BL1_1 -->> RSS_BL1_2: Validate, measure
+Rnote over RSS_BL1_1: BL1_2 measurement\n\ saved to a shared buffer
+RSS_BL1_1 -> RSS_BL1_2: Pass execution
+deactivate RSS_BL1_1
+activate RSS_BL1_2 #Green
+RSS_BL1_2 -->> RSS_BL2: Validate, measure, load
+Rnote over RSS_BL1_2: RSS_BL2 measurement\n\ saved to a shared buffer
+RSS_BL1_2 -> RSS_BL2: Pass execution
+deactivate RSS_BL1_2
+activate RSS_BL2 #Green
+RSS_BL2 -->> RSS_S: Validate, measure, load
+RSS_BL2 -->> SCP_BL1: Validate, measure, load
+Rnote over RSS_BL2: RSS_S and SCP_BL1\n\ measurements saved\n\ to a shared buffer
+RSS_BL2 -> SCP_BL1: Release from reset
+activate SCP_BL1 #Green
+Rnote over RSS_BL2, SCP_BL1: MHU init between RSS and SCP
+Rnote over SCP_BL1: Configure memory
+Rnote over RSS_BL2: Waits for SCP
+SCP_BL1 --> RSS_BL2: Done
+RSS_BL2 -->> AP_BL1: Validate, measure, load
+Rnote over RSS_BL2: AP_BL1 measurement\n\ saved to a shared buffer
+RSS_BL2 -> AP_BL1: Release from reset
+activate AP_BL1 #Green
+RSS_BL2 -> RSS_S: Pass execution
+deactivate RSS_BL2
+activate RSS_S #Green
+Rnote over RSS_S: Measurements read from\n\ shared buffer and saved by\n\
+Measured Boot service to\n\ measurement slots.
+
+== RSS Runtime / AP Boot phase ==
+Rnote over RSS_S, AP_BL1: MHU init between RSS and AP
+Rnote over AP_BL1: Measure and load:\n\ FW_CONFIG\n\ TB_FW_CONFIG
+AP_BL1 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL1 -->> AP_BL2: Validate, measure,load
+AP_BL1 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL1 -> AP_BL2: Pass execution
+deactivate AP_BL1
+activate AP_BL2 #Green
+Rnote over AP_BL2: Measure and load:\n\ HW_CONFIG
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL2 -->> AP_BL31: Validate, measure,load
+Rnote over AP_BL2: Measure and load:\n\ BL31
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+Rnote over AP_BL2: Measure and load:\n\ RMM
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL2 -> AP_BL31: Pass execution
+deactivate AP_BL2
+activate AP_BL31 #Green
+== RSS / AP Runtime ==
+@enduml
diff --git a/docs/resources/diagrams/rss_attestation_flow.svg b/docs/resources/diagrams/rss_attestation_flow.svg
new file mode 100644
index 0000000..3728c6f
--- /dev/null
+++ b/docs/resources/diagrams/rss_attestation_flow.svg
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="1087px" preserveAspectRatio="none" style="width:900px;height:1087px;background:#FFFFFF;" version="1.1" viewBox="0 0 900 1087" width="900px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="1075.1719" style="stroke:#181818;stroke-width:0.5;" width="261.5" x="44" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="20" x="164.75" y="18.0669">AP</text><rect fill="#DDDDDD" height="1075.1719" style="stroke:#181818;stroke-width:0.5;" width="502" x="364" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="28" x="601" y="18.0669">RSS</text><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="82" x2="82" y1="56.4297" y2="1046.875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="266.5" x2="266.5" y1="56.4297" y2="1046.875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="426" x2="426" y1="56.4297" y2="1046.875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="553.5" x2="553.5" y1="56.4297" y2="1046.875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="705" x2="705" y1="56.4297" y2="1046.875"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="822" x2="822" y1="56.4297" y2="1046.875"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="48" x="58" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="34" x="65" y="45.1279">RMM</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="48" x="58" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="34" x="65" y="1065.8701">RMM</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="49" x="242.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="35" x="249.5" y="45.1279">BL31</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="49" x="242.5" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="35" x="249.5" y="1065.8701">BL31</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="96" x="378" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="82" x="385" y="45.1279">DelegAttest</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="96" x="378" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="82" x="385" y="1065.8701">DelegAttest</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="516.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="523.5" y="45.1279">InitAttest</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="516.5" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="523.5" y="1065.8701">InitAttest</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="116" x="647" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="102" x="654" y="45.1279">MeasuredBoot</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="116" x="647" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="102" x="654" y="1065.8701">MeasuredBoot</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="59" x="793" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="45" x="800" y="45.1279">Crypto</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="59" x="793" y="1045.875"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="45" x="800" y="1065.8701">Crypto</text><rect fill="#EEEEEE" height="3" style="stroke:#EEEEEE;stroke-width:1.0;" width="893" x="0" y="86.9961"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="893" y1="86.9961" y2="86.9961"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="893" y1="89.9961" y2="89.9961"/><rect fill="#EEEEEE" height="23.1328" style="stroke:#000000;stroke-width:2.0;" width="144" x="374.5" y="76.4297"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="125" x="380.5" y="92.4966">RMM Boot phase</text><polygon fill="#181818" points="255,141.8281,265,145.8281,255,149.8281,259,145.8281" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="82" x2="261" y1="145.8281" y2="145.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="99" x="89" y="125.6294">get_realm_key(</text><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="74" x="121" y="140.7622">hash_algo</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="25" x="195" y="140.7622">, ...)</text><polygon fill="#181818" points="414,170.9609,424,174.9609,414,178.9609,418,174.9609" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="267" x2="420" y1="174.9609" y2="174.9609"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="274" y="169.895">get_delegated_key</text><polygon fill="#181818" points="693,200.0938,703,204.0938,693,208.0938,697,204.0938" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="426" x2="699" y1="204.0938" y2="204.0938"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="127" x="433" y="199.0278">read_measurement</text><rect fill="#FEFFDD" height="53" style="stroke:#181818;stroke-width:0.5;" width="167" x="342" y="217.0938"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="95" x="346" y="233.1606">Compute input</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="110" x="346" y="248.2935">for key derivation</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="159" x="346" y="263.4263">(hash of measurements)</text><polygon fill="#181818" points="810.5,292.625,820.5,296.625,810.5,300.625,814.5,296.625" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="426" x2="816.5" y1="296.625" y2="296.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="68" x="433" y="291.5591">derive_key</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="150" x="351" y="309.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="126" x="355" y="325.6919">Compute public key</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="60" x="355" y="340.8247">hash with</text><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="74" x="419" y="340.8247">hash_algo</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="4" x="493" y="340.8247">.</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="132" x="756" y="357.8906"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="124" x="760" y="373.9575">Seed is provisioned</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="760" y="389.0903">in the factory.</text><polygon fill="#181818" points="278,418.2891,268,422.2891,278,426.2891,274,422.2891" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="272" x2="425" y1="422.2891" y2="422.2891"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="284" y="417.2231">get_delegated_key</text><polygon fill="#181818" points="93,447.4219,83,451.4219,93,455.4219,89,451.4219" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="87" x2="266" y1="451.4219" y2="451.4219"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="94" x="99" y="446.356">get_realm_key</text><rect fill="#FEFFDD" height="129" style="stroke:#181818;stroke-width:0.5;" width="154" x="5" y="464.4219"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="102" x="9" y="480.4888">Only private key</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="9" y="495.6216">is returned. Public</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="104" x="9" y="510.7544">key and its hash</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="126" x="9" y="525.8872">must be computed.</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="134" x="9" y="541.02">Public key is included</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="9" y="556.1528">in the realm token.</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="125" x="9" y="571.2856">Its hash is the input</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="146" x="9" y="586.4185">for get_platform_token</text><polygon fill="#181818" points="255,630.75,265,634.75,255,638.75,259,634.75" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="82" x2="261" y1="634.75" y2="634.75"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="130" x="89" y="614.5513">get_platform_token(</text><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="121" y="629.6841">pub_key_hash</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="25" x="225" y="629.6841">, ...)</text><polygon fill="#181818" points="414,659.8828,424,663.8828,414,667.8828,418,663.8828" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="267" x2="420" y1="663.8828" y2="663.8828"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="135" x="274" y="658.8169">get_delegated_token</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="155" x="348" y="676.8828"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="39" x="352" y="692.9497">Check</text><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="395" y="692.9497">pub_key_hash</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="352" y="708.0825">against derived key.</text><polygon fill="#181818" points="542,737.2813,552,741.2813,542,745.2813,546,741.2813" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="426" x2="548" y1="741.2813" y2="741.2813"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="104" x="433" y="736.2153">get_initial_token</text><rect fill="#FEFFDD" height="53" style="stroke:#181818;stroke-width:0.5;" width="181" x="463" y="754.2813"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="168" x="467" y="770.3481">Create the token including</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="21" x="467" y="785.481">the</text><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="104" x="492" y="785.481">pub_key_hash</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="40" x="600" y="785.481">as the</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="99" x="467" y="800.6138">challenge claim</text><polygon fill="#181818" points="693,829.8125,703,833.8125,693,837.8125,697,833.8125" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="554" x2="699" y1="833.8125" y2="833.8125"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="127" x="561" y="828.7466">read_measurement</text><polygon fill="#181818" points="810.5,858.9453,820.5,862.9453,810.5,866.9453,814.5,862.9453" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="554" x2="816.5" y1="862.9453" y2="862.9453"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="69" x="561" y="857.8794">sign_token</text><polygon fill="#181818" points="437,888.0781,427,892.0781,437,896.0781,433,892.0781" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="431" x2="553" y1="892.0781" y2="892.0781"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="104" x="443" y="887.0122">get_initial_token</text><polygon fill="#181818" points="278,917.2109,268,921.2109,278,925.2109,274,921.2109" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="272" x2="425" y1="921.2109" y2="921.2109"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="135" x="284" y="916.145">get_delegated_token</text><polygon fill="#181818" points="93,946.3438,83,950.3438,93,954.3438,89,950.3438" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="87" x2="266" y1="950.3438" y2="950.3438"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="125" x="99" y="945.2778">get_platform_token</text><rect fill="#FEFFDD" height="68" style="stroke:#181818;stroke-width:0.5;" width="116" x="24" y="963.3438"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="108" x="28" y="979.4106">Platform token is</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="28" y="994.5435">cached. It is not</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="98" x="28" y="1009.6763">changing within</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="90" x="28" y="1024.8091">a power cycle.</text><!--MD5=[84fabec568a656165bea957fac178b53]
+@startuml
+skinparam ParticipantPadding 10
+skinparam BoxPadding 10
+box AP
+participant RMM
+participant BL31
+endbox
+box RSS
+participant DelegAttest
+participant InitAttest
+participant MeasuredBoot
+participant Crypto
+endbox
+
+== RMM Boot phase ==
+
+RMM -> BL31: get_realm_key(\n\t**hash_algo**, ...)
+BL31 -> DelegAttest: get_delegated_key
+DelegAttest -> MeasuredBoot: read_measurement
+Rnote over DelegAttest: Compute input\n\ for key derivation\n\ (hash of measurements)
+DelegAttest -> Crypto: derive_key
+Rnote over DelegAttest: Compute public key\n\ hash with **hash_algo**.
+Rnote over Crypto: Seed is provisioned\n\ in the factory.
+DelegAttest - -> BL31: get_delegated_key
+BL31 - -> RMM: get_realm_key
+Rnote over RMM: Only private key\n\ is returned. Public\n\ key and its hash\n\ must be computed.\nPublic key is included\n\ in the realm token.\n\ Its hash is the input\n\ for get_platform_token
+RMM -> BL31: get_platform_token(\n\t**pub_key_hash**, ...)
+BL31 -> DelegAttest: get_delegated_token
+Rnote over DelegAttest: Check **pub_key_hash**\n\ against derived key.
+DelegAttest -> InitAttest: get_initial_token
+Rnote over InitAttest: Create the token including\n\ the **pub_key_hash** as the\n\ challenge claim
+InitAttest -> MeasuredBoot: read_measurement
+InitAttest -> Crypto: sign_token
+InitAttest - -> DelegAttest: get_initial_token
+DelegAttest - -> BL31: get_delegated_token
+BL31 - -> RMM: get_platform_token
+Rnote over RMM: Platform token is\n\ cached. It is not\n\ changing within\n\ a power cycle.
+@enduml
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: hu
+Country: HU
+--></g></svg>
\ No newline at end of file
diff --git a/docs/resources/diagrams/rss_measured_boot_flow.svg b/docs/resources/diagrams/rss_measured_boot_flow.svg
new file mode 100644
index 0000000..f5bf311
--- /dev/null
+++ b/docs/resources/diagrams/rss_measured_boot_flow.svg
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="1826px" preserveAspectRatio="none" style="width:1254px;height:1826px;background:#FFFFFF;" version="1.1" viewBox="0 0 1254 1826" width="1254px" zoomAndPan="magnify"><defs/><g><rect fill="#DDDDDD" height="1814.0938" style="stroke:#181818;stroke-width:0.5;" width="610.5" x="27" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="28" x="318.25" y="18.0669">RSS</text><rect fill="#DDDDDD" height="1814.0938" style="stroke:#181818;stroke-width:0.5;" width="103" x="659.5" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="29" x="696.5" y="18.0669">SCP</text><rect fill="#DDDDDD" height="1814.0938" style="stroke:#181818;stroke-width:0.5;" width="451.5" x="784.5" y="6"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="20" x="1000.25" y="18.0669">AP</text><rect fill="#008000" height="205.9297" style="stroke:#181818;stroke-width:1.0;" width="10" x="81.5" y="130.6953"/><rect fill="#008000" height="106.5313" style="stroke:#181818;stroke-width:1.0;" width="10" x="227.5" y="336.625"/><rect fill="#008000" height="414.9922" style="stroke:#181818;stroke-width:1.0;" width="10" x="408.5" y="443.1563"/><rect fill="#008000" height="918.6484" style="stroke:#181818;stroke-width:1.0;" width="10" x="589.5" y="858.1484"/><rect fill="#008000" height="1182.8438" style="stroke:#181818;stroke-width:1.0;" width="10" x="706" y="593.9531"/><rect fill="#008000" height="460.3906" style="stroke:#181818;stroke-width:1.0;" width="10" x="826" y="829.0156"/><rect fill="#008000" height="435.2578" style="stroke:#181818;stroke-width:1.0;" width="10" x="1003" y="1289.4063"/><rect fill="#008000" height="52.1328" style="stroke:#181818;stroke-width:1.0;" width="10" x="1180" y="1724.6641"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="86" x2="86" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="232" x2="232" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="413" x2="413" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="594.5" x2="594.5" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="710.5" x2="710.5" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="830.5" x2="830.5" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="1007.5" x2="1007.5" y1="56.4297" y2="1785.7969"/><line style="stroke:#181818;stroke-width:0.5;stroke-dasharray:5.0,5.0;" x1="1185" x2="1185" y1="56.4297" y2="1785.7969"/><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="91" x="41" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="77" x="48" y="45.1279">RSS_BL1_1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="91" x="41" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="77" x="48" y="1804.792">RSS_BL1_1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="91" x="187" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="77" x="194" y="45.1279">RSS_BL1_2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="91" x="187" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="77" x="194" y="1804.792">RSS_BL1_2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="376" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="383" y="45.1279">RSS_BL2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="376" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="383" y="1804.792">RSS_BL2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="58" x="565.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="44" x="572.5" y="45.1279">RSS_S</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="58" x="565.5" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="44" x="572.5" y="1804.792">RSS_S</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="673.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="680.5" y="45.1279">SCP_BL1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="75" x="673.5" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="61" x="680.5" y="1804.792">SCP_BL1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="65" x="798.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="51" x="805.5" y="45.1279">AP_BL1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="65" x="798.5" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="51" x="805.5" y="1804.792">AP_BL1</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="65" x="975.5" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="51" x="982.5" y="45.1279">AP_BL2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="65" x="975.5" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="51" x="982.5" y="1804.792">AP_BL2</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="1148" y="25.1328"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="1155" y="45.1279">AP_BL31</text><rect fill="#E2E2F0" height="30.2969" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="74" x="1148" y="1784.7969"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="1155" y="1804.792">AP_BL31</text><rect fill="#008000" height="205.9297" style="stroke:#181818;stroke-width:1.0;" width="10" x="81.5" y="130.6953"/><rect fill="#008000" height="106.5313" style="stroke:#181818;stroke-width:1.0;" width="10" x="227.5" y="336.625"/><rect fill="#008000" height="414.9922" style="stroke:#181818;stroke-width:1.0;" width="10" x="408.5" y="443.1563"/><rect fill="#008000" height="918.6484" style="stroke:#181818;stroke-width:1.0;" width="10" x="589.5" y="858.1484"/><rect fill="#008000" height="1182.8438" style="stroke:#181818;stroke-width:1.0;" width="10" x="706" y="593.9531"/><rect fill="#008000" height="460.3906" style="stroke:#181818;stroke-width:1.0;" width="10" x="826" y="829.0156"/><rect fill="#008000" height="435.2578" style="stroke:#181818;stroke-width:1.0;" width="10" x="1003" y="1289.4063"/><rect fill="#008000" height="52.1328" style="stroke:#181818;stroke-width:1.0;" width="10" x="1180" y="1724.6641"/><rect fill="#EEEEEE" height="3" style="stroke:#EEEEEE;stroke-width:1.0;" width="1247" x="0" y="86.9961"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="86.9961" y2="86.9961"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="89.9961" y2="89.9961"/><rect fill="#EEEEEE" height="23.1328" style="stroke:#000000;stroke-width:2.0;" width="136" x="555.5" y="76.4297"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="117" x="561.5" y="92.4966">RSS Boot phase</text><polygon fill="#181818" points="69.5,126.6953,79.5,130.6953,69.5,134.6953,73.5,130.6953" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="0" x2="75.5" y1="130.6953" y2="130.6953"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="36" x="7" y="125.6294">Reset</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="99" x="37" y="143.6953"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="91" x="41" y="159.7622">ROM code, XIP</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="95" x="185" y="176.8281"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="87" x="189" y="192.895">OTP code, XIP</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="861" x="368" y="209.9609"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="281" x="658" y="226.0278">Stored in flash, loaded and executed in RAM</text><line style="stroke:#181818;stroke-width:1.0;" x1="230.5" x2="220.5" y1="259.2266" y2="255.2266"/><line style="stroke:#181818;stroke-width:1.0;" x1="230.5" x2="220.5" y1="259.2266" y2="263.2266"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="91.5" x2="231.5" y1="259.2266" y2="259.2266"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="117" x="98.5" y="254.1606">Validate, measure</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="164" x="5" y="272.2266"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="134" x="9" y="288.2935">BL1_2 measurement</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="156" x="9" y="303.4263">saved to a shared buffer</text><polygon fill="#181818" points="215.5,332.625,225.5,336.625,215.5,340.625,219.5,336.625" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="86.5" x2="221.5" y1="336.625" y2="336.625"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="96" x="93.5" y="331.5591">Pass execution</text><line style="stroke:#181818;stroke-width:1.0;" x1="411.5" x2="401.5" y1="365.7578" y2="361.7578"/><line style="stroke:#181818;stroke-width:1.0;" x1="411.5" x2="401.5" y1="365.7578" y2="369.7578"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="237.5" x2="412.5" y1="365.7578" y2="365.7578"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="152" x="244.5" y="360.6919">Validate, measure, load</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="164" x="150" y="378.7578"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="152" x="154" y="394.8247">RSS_BL2 measurement</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="156" x="154" y="409.9575">saved to a shared buffer</text><polygon fill="#181818" points="396.5,439.1563,406.5,443.1563,396.5,447.1563,400.5,443.1563" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="232.5" x2="402.5" y1="443.1563" y2="443.1563"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="96" x="239.5" y="438.0903">Pass execution</text><line style="stroke:#181818;stroke-width:1.0;" x1="592.5" x2="582.5" y1="472.2891" y2="468.2891"/><line style="stroke:#181818;stroke-width:1.0;" x1="592.5" x2="582.5" y1="472.2891" y2="476.2891"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="418.5" x2="593.5" y1="472.2891" y2="472.2891"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="152" x="425.5" y="467.2231">Validate, measure, load</text><line style="stroke:#181818;stroke-width:1.0;" x1="709" x2="699" y1="501.4219" y2="497.4219"/><line style="stroke:#181818;stroke-width:1.0;" x1="709" x2="699" y1="501.4219" y2="505.4219"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="418.5" x2="710" y1="501.4219" y2="501.4219"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="152" x="425.5" y="496.356">Validate, measure, load</text><rect fill="#FEFFDD" height="53" style="stroke:#181818;stroke-width:0.5;" width="148" x="339" y="514.4219"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="131" x="343" y="530.4888">RSS_S and SCP_BL1</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="140" x="343" y="545.6216">measurements saved</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="114" x="343" y="560.7544">to a shared buffer</text><polygon fill="#181818" points="694,589.9531,704,593.9531,694,597.9531,698,593.9531" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="418.5" x2="700" y1="593.9531" y2="593.9531"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="425.5" y="588.8872">Release from reset</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="387" x="368" y="606.9531"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="200" x="461.75" y="623.02">MHU init between RSS and SCP</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="127" x="647" y="640.0859"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="119" x="651" y="656.1528">Configure memory</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="93" x="367" y="673.2188"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="85" x="371" y="689.2856">Waits for SCP</text><polygon fill="#181818" points="429.5,718.4844,419.5,722.4844,429.5,726.4844,425.5,722.4844" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="423.5" x2="705" y1="722.4844" y2="722.4844"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="34" x="435.5" y="717.4185">Done</text><line style="stroke:#181818;stroke-width:1.0;" x1="829" x2="819" y1="751.6172" y2="747.6172"/><line style="stroke:#181818;stroke-width:1.0;" x1="829" x2="819" y1="751.6172" y2="755.6172"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="418.5" x2="830" y1="751.6172" y2="751.6172"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="152" x="425.5" y="746.5513">Validate, measure, load</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="164" x="331" y="764.6172"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="143" x="335" y="780.6841">AP_BL1 measurement</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="156" x="335" y="795.8169">saved to a shared buffer</text><polygon fill="#181818" points="814,825.0156,824,829.0156,814,833.0156,818,829.0156" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="418.5" x2="820" y1="829.0156" y2="829.0156"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="121" x="425.5" y="823.9497">Release from reset</text><polygon fill="#181818" points="577.5,854.1484,587.5,858.1484,577.5,862.1484,581.5,858.1484" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="413.5" x2="583.5" y1="858.1484" y2="858.1484"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="96" x="420.5" y="853.0825">Pass execution</text><rect fill="#FEFFDD" height="68" style="stroke:#181818;stroke-width:0.5;" width="182" x="503" y="871.1484"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="163" x="507" y="887.2153">Measurements read from</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="174" x="507" y="902.3481">shared buffer and saved by</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="163" x="507" y="917.481">Measured Boot service to</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="129" x="507" y="932.6138">measurement slots.</text><rect fill="#EEEEEE" height="3" style="stroke:#EEEEEE;stroke-width:1.0;" width="1247" x="0" y="965.2461"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="965.2461" y2="965.2461"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="968.2461" y2="968.2461"/><rect fill="#EEEEEE" height="23.1328" style="stroke:#000000;stroke-width:2.0;" width="237" x="505" y="954.6797"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="218" x="511" y="970.7466">RSS Runtime / AP Boot phase</text><rect fill="#FEFFDD" height="23" style="stroke:#181818;stroke-width:0.5;" width="313" x="556" y="992.8125"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="191" x="617" y="1008.8794">MHU init between RSS and AP</text><rect fill="#FEFFDD" height="53" style="stroke:#181818;stroke-width:0.5;" width="126" x="768" y="1025.9453"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="118" x="772" y="1042.0122">Measure and load:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="74" x="772" y="1057.145">FW_CONFIG</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="97" x="772" y="1072.2778">TB_FW_CONFIG</text><polygon fill="#181818" points="610.5,1101.4766,600.5,1105.4766,610.5,1109.4766,606.5,1105.4766" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="604.5" x2="825" y1="1105.4766" y2="1105.4766"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="616.5" y="1100.4106">Extend measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="136" x="526" y="1118.4766"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="530" y="1134.5435">Measured Boot:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="530" y="1149.6763">store measurement</text><line style="stroke:#181818;stroke-width:1.0;" x1="1006" x2="996" y1="1182.875" y2="1178.875"/><line style="stroke:#181818;stroke-width:1.0;" x1="1006" x2="996" y1="1182.875" y2="1186.875"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="836" x2="1007" y1="1182.875" y2="1182.875"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="148" x="843" y="1177.8091">Validate, measure,load</text><polygon fill="#181818" points="610.5,1208.0078,600.5,1212.0078,610.5,1216.0078,606.5,1212.0078" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="604.5" x2="825" y1="1212.0078" y2="1212.0078"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="616.5" y="1206.9419">Extend measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="136" x="526" y="1225.0078"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="530" y="1241.0747">Measured Boot:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="530" y="1256.2075">store measurement</text><polygon fill="#181818" points="991,1285.4063,1001,1289.4063,991,1293.4063,995,1289.4063" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="831" x2="997" y1="1289.4063" y2="1289.4063"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="96" x="838" y="1284.3403">Pass execution</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="126" x="945" y="1302.4063"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="118" x="949" y="1318.4731">Measure and load:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="77" x="949" y="1333.606">HW_CONFIG</text><polygon fill="#181818" points="610.5,1362.8047,600.5,1366.8047,610.5,1370.8047,606.5,1366.8047" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="604.5" x2="1002" y1="1366.8047" y2="1366.8047"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="616.5" y="1361.7388">Extend measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="136" x="526" y="1379.8047"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="530" y="1395.8716">Measured Boot:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="530" y="1411.0044">store measurement</text><line style="stroke:#181818;stroke-width:1.0;" x1="1183" x2="1173" y1="1444.2031" y2="1440.2031"/><line style="stroke:#181818;stroke-width:1.0;" x1="1183" x2="1173" y1="1444.2031" y2="1448.2031"/><line style="stroke:#181818;stroke-width:1.0;stroke-dasharray:2.0,2.0;" x1="1013" x2="1184" y1="1444.2031" y2="1444.2031"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="148" x="1020" y="1439.1372">Validate, measure,load</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="126" x="945" y="1457.2031"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="118" x="949" y="1473.27">Measure and load:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="32" x="949" y="1488.4028">BL31</text><polygon fill="#181818" points="610.5,1517.6016,600.5,1521.6016,610.5,1525.6016,606.5,1521.6016" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="604.5" x2="1002" y1="1521.6016" y2="1521.6016"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="616.5" y="1516.5356">Extend measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="136" x="526" y="1534.6016"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="530" y="1550.6685">Measured Boot:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="530" y="1565.8013">store measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="126" x="945" y="1582.8672"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="118" x="949" y="1598.9341">Measure and load:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="30" x="949" y="1614.0669">RMM</text><polygon fill="#181818" points="610.5,1643.2656,600.5,1647.2656,610.5,1651.2656,606.5,1647.2656" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="604.5" x2="1002" y1="1647.2656" y2="1647.2656"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="139" x="616.5" y="1642.1997">Extend measurement</text><rect fill="#FEFFDD" height="38" style="stroke:#181818;stroke-width:0.5;" width="136" x="526" y="1660.2656"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="101" x="530" y="1676.3325">Measured Boot:</text><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="128" x="530" y="1691.4653">store measurement</text><polygon fill="#181818" points="1168,1720.6641,1178,1724.6641,1168,1728.6641,1172,1724.6641" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="1008" x2="1174" y1="1724.6641" y2="1724.6641"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="96" x="1015" y="1719.5981">Pass execution</text><rect fill="#EEEEEE" height="3" style="stroke:#EEEEEE;stroke-width:1.0;" width="1247" x="0" y="1753.2305"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="1753.2305" y2="1753.2305"/><line style="stroke:#000000;stroke-width:1.0;" x1="0" x2="1247" y1="1756.2305" y2="1756.2305"/><rect fill="#EEEEEE" height="23.1328" style="stroke:#000000;stroke-width:2.0;" width="148" x="549.5" y="1742.6641"/><text fill="#000000" font-family="sans-serif" font-size="13" font-weight="bold" lengthAdjust="spacing" textLength="129" x="555.5" y="1758.731">RSS / AP Runtime</text><!--MD5=[e3f0ee259d2a4aa9c2a97ff856de0312]
+@startuml
+skinparam ParticipantPadding 10
+skinparam BoxPadding 10
+box RSS
+participant RSS_BL1_1
+participant RSS_BL1_2
+participant RSS_BL2
+participant RSS_S
+endbox
+box SCP
+participant SCP_BL1
+endbox
+box AP
+participant AP_BL1
+participant AP_BL2
+participant AP_BL31
+endbox
+
+== RSS Boot phase ==
+-> RSS_BL1_1: Reset
+Rnote over RSS_BL1_1: ROM code, XIP
+Rnote over RSS_BL1_2: OTP code, XIP
+Rnote over RSS_BL2, AP_BL31: Stored in flash, loaded and executed in RAM
+activate RSS_BL1_1 #Green
+RSS_BL1_1 - ->> RSS_BL1_2: Validate, measure
+Rnote over RSS_BL1_1: BL1_2 measurement\n\ saved to a shared buffer
+RSS_BL1_1 -> RSS_BL1_2: Pass execution
+deactivate RSS_BL1_1
+activate RSS_BL1_2 #Green
+RSS_BL1_2 - ->> RSS_BL2: Validate, measure, load
+Rnote over RSS_BL1_2: RSS_BL2 measurement\n\ saved to a shared buffer
+RSS_BL1_2 -> RSS_BL2: Pass execution
+deactivate RSS_BL1_2
+activate RSS_BL2 #Green
+RSS_BL2 - ->> RSS_S: Validate, measure, load
+RSS_BL2 - ->> SCP_BL1: Validate, measure, load
+Rnote over RSS_BL2: RSS_S and SCP_BL1\n\ measurements saved\n\ to a shared buffer
+RSS_BL2 -> SCP_BL1: Release from reset
+activate SCP_BL1 #Green
+Rnote over RSS_BL2, SCP_BL1: MHU init between RSS and SCP
+Rnote over SCP_BL1: Configure memory
+Rnote over RSS_BL2: Waits for SCP
+SCP_BL1 - -> RSS_BL2: Done
+RSS_BL2 - ->> AP_BL1: Validate, measure, load
+Rnote over RSS_BL2: AP_BL1 measurement\n\ saved to a shared buffer
+RSS_BL2 -> AP_BL1: Release from reset
+activate AP_BL1 #Green
+RSS_BL2 -> RSS_S: Pass execution
+deactivate RSS_BL2
+activate RSS_S #Green
+Rnote over RSS_S: Measurements read from\n\ shared buffer and saved by\nMeasured Boot service to\n\ measurement slots.
+
+== RSS Runtime / AP Boot phase ==
+Rnote over RSS_S, AP_BL1: MHU init between RSS and AP
+Rnote over AP_BL1: Measure and load:\n\ FW_CONFIG\n\ TB_FW_CONFIG
+AP_BL1 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL1 - ->> AP_BL2: Validate, measure,load
+AP_BL1 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL1 -> AP_BL2: Pass execution
+deactivate AP_BL1
+activate AP_BL2 #Green
+Rnote over AP_BL2: Measure and load:\n\ HW_CONFIG
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL2 - ->> AP_BL31: Validate, measure,load
+Rnote over AP_BL2: Measure and load:\n\ BL31
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+Rnote over AP_BL2: Measure and load:\n\ RMM
+AP_BL2 -> RSS_S: Extend measurement
+Rnote over RSS_S: Measured Boot:\n\ store measurement
+AP_BL2 -> AP_BL31: Pass execution
+deactivate AP_BL2
+activate AP_BL31 #Green
+== RSS / AP Runtime ==
+@enduml
+
+PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
+(GPL source distribution)
+Java Runtime: OpenJDK Runtime Environment
+JVM: OpenJDK 64-Bit Server VM
+Default Encoding: UTF-8
+Language: hu
+Country: HU
+--></g></svg>
\ No newline at end of file
diff --git a/drivers/arm/css/mhu/css_mhu_doorbell.c b/drivers/arm/css/mhu/css_mhu_doorbell.c
index c51f3b1..479bb21 100644
--- a/drivers/arm/css/mhu/css_mhu_doorbell.c
+++ b/drivers/arm/css/mhu/css_mhu_doorbell.c
@@ -15,7 +15,6 @@
MHU_RING_DOORBELL(plat_info->db_reg_addr,
plat_info->db_modify_mask,
plat_info->db_preserve_mask);
- return;
}
void mhuv2_ring_doorbell(struct scmi_channel_plat_info *plat_info)
@@ -35,6 +34,4 @@
/* clear the access request for the receiver */
MHU_V2_CLEAR_REQUEST(mhuv2_base);
-
- return;
}
diff --git a/drivers/arm/gic/v3/gicv3_helpers.c b/drivers/arm/gic/v3/gicv3_helpers.c
index 446d0ad..940c939 100644
--- a/drivers/arm/gic/v3/gicv3_helpers.c
+++ b/drivers/arm/gic/v3/gicv3_helpers.c
@@ -253,7 +253,7 @@
}
/*******************************************************************************
- * Helper function to configure the default attributes of (E)SPIs
+ * Helper function to configure the default attributes of (E)PPIs/SGIs
******************************************************************************/
void gicv3_ppi_sgi_config_defaults(uintptr_t gicr_base)
{
@@ -292,7 +292,7 @@
regs_num = ppi_regs_num << 3;
for (i = 0U; i < regs_num; ++i) {
/* Setup the default (E)PPI/SGI priorities doing 4 at a time */
- gicr_write_ipriorityr(gicr_base, i, GICD_IPRIORITYR_DEF_VAL);
+ gicr_write_ipriorityr(gicr_base, i << 2, GICD_IPRIORITYR_DEF_VAL);
}
/* 16 interrupt IDs per GICR_ICFGR register */
diff --git a/drivers/arm/rss/rss_comms_protocol_embed.c b/drivers/arm/rss/rss_comms_protocol_embed.c
index 801b7cc..c453258 100644
--- a/drivers/arm/rss/rss_comms_protocol_embed.c
+++ b/drivers/arm/rss/rss_comms_protocol_embed.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -54,7 +54,9 @@
if (in_vec[i].len > sizeof(msg->trailer) - payload_size) {
return PSA_ERROR_INVALID_ARGUMENT;
}
- memcpy(msg->trailer + payload_size, in_vec[i].base, in_vec[i].len);
+ memcpy(msg->trailer + payload_size,
+ in_vec[i].base,
+ in_vec[i].len);
payload_size += in_vec[i].len;
}
@@ -77,12 +79,16 @@
assert(return_val != NULL);
for (i = 0U; i < out_len; ++i) {
- if (sizeof(reply) - sizeof(reply->trailer) + payload_offset > reply_size) {
+ if ((sizeof(*reply) - sizeof(reply->trailer) + payload_offset)
+ > reply_size) {
return PSA_ERROR_INVALID_ARGUMENT;
}
- memcpy(out_vec[i].base, reply->trailer + payload_offset, out_vec[i].len);
- payload_offset += out_vec[i].len;
+ memcpy(out_vec[i].base,
+ reply->trailer + payload_offset,
+ reply->out_size[i]);
+ out_vec[i].len = reply->out_size[i];
+ payload_offset += reply->out_size[i];
}
*return_val = reply->return_val;
diff --git a/drivers/auth/cca/cot.c b/drivers/auth/cca/cot.c
index d3f3087..e8f4d9c 100644
--- a/drivers/auth/cca/cot.c
+++ b/drivers/auth/cca/cot.c
@@ -1,13 +1,15 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
+#include <mbedtls/version.h>
+
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
-#include MBEDTLS_CONFIG_FILE
#include <tools_share/cca_oid.h>
#include <platform_def.h>
diff --git a/drivers/auth/cryptocell/712/cryptocell_crypto.c b/drivers/auth/cryptocell/712/cryptocell_crypto.c
index c7ee36f..e2b189b 100644
--- a/drivers/auth/cryptocell/712/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/712/cryptocell_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,7 +7,8 @@
#include <stddef.h>
#include <string.h>
-#include <platform_def.h>
+#include <mbedtls/oid.h>
+#include <mbedtls/x509.h>
#include <arch_helpers.h>
#include <common/debug.h>
@@ -21,8 +22,7 @@
#include <drivers/auth/mbedtls/mbedtls_common.h>
#include <lib/utils.h>
-#include <mbedtls/oid.h>
-#include <mbedtls/x509.h>
+#include <platform_def.h>
#define LIB_NAME "CryptoCell 712 SBROM"
#define RSA_SALT_LEN 32
@@ -95,11 +95,10 @@
CCError_t error;
CCSbNParams_t pk;
CCSbSignature_t signature;
- int rc, exp;
+ int rc, exp, expected_salt_len;
mbedtls_asn1_buf sig_oid, alg_oid, params;
- mbedtls_md_type_t md_alg;
+ mbedtls_md_type_t md_alg, mgf1_hash_id;
mbedtls_pk_type_t pk_alg;
- mbedtls_pk_rsassa_pss_options pss_opts;
size_t len;
uint8_t *p, *end;
/* Temp buf to store the public key modulo (N) in LE format */
@@ -110,70 +109,85 @@
p = sig_alg;
end = p + sig_alg_len;
rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the actual signature algorithm (MD + PK) */
rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports RSASSA-PSS signature */
- if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE)
+ if ((pk_alg != MBEDTLS_PK_RSASSA_PSS) || (md_alg != MBEDTLS_MD_NONE)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the RSASSA-PSS params */
/* The trailer field is verified to be 0xBC internally by this API */
rc = mbedtls_x509_get_rsassa_pss_params(¶ms, &md_alg,
- &pss_opts.mgf1_hash_id,
- &pss_opts.expected_salt_len);
- if (rc != 0)
+ &mgf1_hash_id,
+ &expected_salt_len);
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports SHA256 as hash algorithm */
- if (md_alg != MBEDTLS_MD_SHA256 || pss_opts.mgf1_hash_id != MBEDTLS_MD_SHA256)
+ if ((md_alg != MBEDTLS_MD_SHA256) || (mgf1_hash_id != MBEDTLS_MD_SHA256)) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pss_opts.expected_salt_len != RSA_SALT_LEN)
+ if (expected_salt_len != RSA_SALT_LEN) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Parse the public key */
p = pk_ptr;
end = p + pk_len;
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
end = p + len;
rc = mbedtls_asn1_get_alg_null(&p, end, &alg_oid);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0)
+ if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pk_alg != MBEDTLS_PK_RSA)
+ if (pk_alg != MBEDTLS_PK_RSA) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
if (*p == 0) {
p++; len--;
}
- if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end))
+
+ if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* The CCSbVerifySignature() API expects N and Np in BE format and
@@ -184,11 +198,13 @@
/* Verify the RSA exponent */
p += len;
rc = mbedtls_asn1_get_int(&p, end, &exp);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (exp != RSA_EXPONENT)
+ if (exp != RSA_EXPONENT) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Calculate the Np (Barrett n' value). The RSA_CalcNp() API expects
@@ -205,11 +221,13 @@
p = sig_ptr;
end = p + sig_len;
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != RSA_MOD_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* The signature is BE format. Convert it to LE before calling
@@ -227,8 +245,9 @@
error = CCSbVerifySignature((uintptr_t)PLAT_CRYPTOCELL_BASE,
(uint32_t *)data_ptr, &pk, &signature,
data_len, RSA_PSS);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Signature verification success */
return CRYPTO_SUCCESS;
@@ -256,29 +275,36 @@
end = p + digest_info_len;
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Get the hash algorithm */
rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
+
/* Verify that hash algorithm is SHA256 */
- if (md_alg != MBEDTLS_MD_SHA256)
+ if (md_alg != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_HASH;
+ }
/* Hash should be octet string type */
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Length of hash must match the algorithm's size */
- if (len != HASH_RESULT_SIZE_IN_BYTES)
+ if (len != HASH_RESULT_SIZE_IN_BYTES) {
return CRYPTO_ERR_HASH;
+ }
/*
* CryptoCell utilises DMA internally to transfer data. Flush the data
@@ -289,12 +315,14 @@
hash = p;
error = SBROM_CryptoHash((uintptr_t)PLAT_CRYPTOCELL_BASE,
(uintptr_t)data_ptr, data_len, pubKeyHash);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_HASH;
+ }
rc = memcmp(pubKeyHash, hash, HASH_RESULT_SIZE_IN_BYTES);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
return CRYPTO_SUCCESS;
}
diff --git a/drivers/auth/cryptocell/713/cryptocell_crypto.c b/drivers/auth/cryptocell/713/cryptocell_crypto.c
index 3ac16af..388264e 100644
--- a/drivers/auth/cryptocell/713/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/713/cryptocell_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023 ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,14 +8,14 @@
#include <stddef.h>
#include <string.h>
-#include <platform_def.h>
+#include <mbedtls/oid.h>
+#include <mbedtls/x509.h>
#include <drivers/arm/cryptocell/713/bsv_api.h>
#include <drivers/arm/cryptocell/713/bsv_crypto_asym_api.h>
#include <drivers/auth/crypto_mod.h>
-#include <mbedtls/oid.h>
-#include <mbedtls/x509.h>
+#include <platform_def.h>
#define LIB_NAME "CryptoCell 713 SBROM"
#define RSA_SALT_LEN 32
@@ -82,11 +82,11 @@
CCError_t error;
CCBsvNBuff_t NBuff;
CCBsvSignature_t signature;
- int rc, exp;
+ int rc, exp, expected_salt_len;
mbedtls_asn1_buf sig_oid, alg_oid, params;
- mbedtls_md_type_t md_alg;
+ mbedtls_md_type_t md_alg, mgf1_hash_id;
mbedtls_pk_type_t pk_alg;
- mbedtls_pk_rsassa_pss_options pss_opts;
+
size_t len;
uint8_t *p, *end;
CCHashResult_t digest;
@@ -99,72 +99,86 @@
p = sig_alg;
end = p + sig_alg_len;
rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the actual signature algorithm (MD + PK) */
rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports RSASSA-PSS signature */
- if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE)
+ if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the RSASSA-PSS params */
/* The trailer field is verified to be 0xBC internally by this API */
rc = mbedtls_x509_get_rsassa_pss_params(¶ms, &md_alg,
- &pss_opts.mgf1_hash_id,
- &pss_opts.expected_salt_len);
- if (rc != 0)
+ &mgf1_hash_id,
+ &expected_salt_len);
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* The CryptoCell only supports SHA256 as hash algorithm */
if (md_alg != MBEDTLS_MD_SHA256 ||
- pss_opts.mgf1_hash_id != MBEDTLS_MD_SHA256)
+ mgf1_hash_id != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pss_opts.expected_salt_len != RSA_SALT_LEN)
+ if (expected_salt_len != RSA_SALT_LEN) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Parse the public key */
p = pk_ptr;
end = p + pk_len;
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
end = p + len;
rc = mbedtls_asn1_get_alg_null(&p, end, &alg_oid);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0)
+ if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (pk_alg != MBEDTLS_PK_RSA)
+ if (pk_alg != MBEDTLS_PK_RSA) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
if (*p == 0) {
p++; len--;
}
- if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Copy N from certificate.
@@ -174,21 +188,25 @@
/* Verify the RSA exponent */
p += len;
rc = mbedtls_asn1_get_int(&p, end, &exp);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (exp != RSA_EXPONENT)
+ if (exp != RSA_EXPONENT) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Get the signature (bitstring) */
p = sig_ptr;
end = p + sig_len;
rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
+ }
- if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/*
* Copy the signature (in BE format)
@@ -197,15 +215,17 @@
error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE,
data_ptr, data_len, digest);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Verify the signature */
error = CC_BsvRsaPssVerify((uintptr_t)PLAT_CRYPTOCELL_BASE, NBuff,
NULL, signature, digest, workspace,
BSV_RSA_WORKSPACE_MIN_SIZE, &is_verified);
- if ((error != CC_OK) || (is_verified != CC_TRUE))
+ if ((error != CC_OK) || (is_verified != CC_TRUE)) {
return CRYPTO_ERR_SIGNATURE;
+ }
/* Signature verification success */
return CRYPTO_SUCCESS;
@@ -233,39 +253,48 @@
end = p + digest_info_len;
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Get the hash algorithm */
rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
+
/* Verify that hash algorithm is SHA256 */
- if (md_alg != MBEDTLS_MD_SHA256)
+ if (md_alg != MBEDTLS_MD_SHA256) {
return CRYPTO_ERR_HASH;
+ }
/* Hash should be octet string type */
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
/* Length of hash must match the algorithm's size */
- if (len != HASH_RESULT_SIZE_IN_BYTES)
+ if (len != HASH_RESULT_SIZE_IN_BYTES) {
return CRYPTO_ERR_HASH;
+ }
hash = p;
error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE, data_ptr,
data_len, pubKeyHash);
- if (error != CC_OK)
+ if (error != CC_OK) {
return CRYPTO_ERR_HASH;
+ }
rc = memcmp(pubKeyHash, hash, HASH_RESULT_SIZE_IN_BYTES);
- if (rc != 0)
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
+ }
return CRYPTO_SUCCESS;
}
diff --git a/drivers/auth/dualroot/cot.c b/drivers/auth/dualroot/cot.c
index 8368503..c89930c 100644
--- a/drivers/auth/dualroot/cot.c
+++ b/drivers/auth/dualroot/cot.c
@@ -1,17 +1,20 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
+#include <mbedtls/version.h>
-#include MBEDTLS_CONFIG_FILE
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
+
#include <tools_share/dualroot_oid.h>
+#include <platform_def.h>
+
/*
* Allocate static buffers to store the authentication parameters extracted from
* the certificates.
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c
index a12e49c..4f30d82 100644
--- a/drivers/auth/mbedtls/mbedtls_common.c
+++ b/drivers/auth/mbedtls/mbedtls_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,10 +10,11 @@
/* mbed TLS headers */
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/platform.h>
+#include <mbedtls/version.h>
#include <common/debug.h>
#include <drivers/auth/mbedtls/mbedtls_common.h>
-#include MBEDTLS_CONFIG_FILE
+
#include <plat/common/platform.h>
static void cleanup(void)
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index ae4b067..79c4512 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -15,42 +15,68 @@
MBEDTLS_INC = -I${MBEDTLS_DIR}/include
+MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+MBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}])
+
# Specify mbed TLS configuration file
-MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config.h>"
+ifeq (${MBEDTLS_MAJOR}, 2)
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config-2.h>"
+else ifeq (${MBEDTLS_MAJOR}, 3)
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config-3.h>"
+endif
+
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
-
-LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
- aes.c \
- asn1parse.c \
- asn1write.c \
- cipher.c \
- cipher_wrap.c \
- memory_buffer_alloc.c \
- oid.c \
- platform.c \
- platform_util.c \
- bignum.c \
- gcm.c \
- md.c \
- pk.c \
- pk_wrap.c \
- pkparse.c \
- pkwrite.c \
- sha256.c \
- sha512.c \
- ecdsa.c \
- ecp_curves.c \
- ecp.c \
- rsa.c \
- rsa_internal.c \
- x509.c \
- x509_crt.c \
- constant_time.c \
+LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ aes.c \
+ asn1parse.c \
+ asn1write.c \
+ cipher.c \
+ cipher_wrap.c \
+ constant_time.c \
+ memory_buffer_alloc.c \
+ oid.c \
+ platform.c \
+ platform_util.c \
+ bignum.c \
+ gcm.c \
+ md.c \
+ pk.c \
+ pk_wrap.c \
+ pkparse.c \
+ pkwrite.c \
+ sha256.c \
+ sha512.c \
+ ecdsa.c \
+ ecp_curves.c \
+ ecp.c \
+ rsa.c \
+ x509.c \
+ x509_crt.c \
)
+ifeq (${MBEDTLS_MAJOR}, 2)
+ LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ rsa_internal.c \
+ )
+else ifeq (${MBEDTLS_MAJOR}, 3)
+ LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ bignum_core.c \
+ rsa_alt_helpers.c \
+ hash_info.c \
+ )
+
+ # Currently on Mbedtls-3 there is outstanding bug due to usage
+ # of redundant declaration[1], So disable redundant-decls
+ # compilation flag to avoid compilation error when compiling with
+ # Mbedtls-3.
+ # [1]: https://github.com/Mbed-TLS/mbedtls/issues/6910
+ LIBMBEDTLS_CFLAGS += -Wno-error=redundant-decls
+endif
+
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
# algorithm to use. If the variable is not defined, select it based on
# algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c
index 42a0925..4241d21 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,12 +14,13 @@
#include <mbedtls/memory_buffer_alloc.h>
#include <mbedtls/oid.h>
#include <mbedtls/platform.h>
+#include <mbedtls/version.h>
#include <mbedtls/x509.h>
#include <common/debug.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/auth/mbedtls/mbedtls_common.h>
-#include <drivers/auth/mbedtls/mbedtls_config.h>
+
#include <plat/common/platform.h>
#define LIB_NAME "mbed TLS"
@@ -294,6 +295,7 @@
unsigned char *pt = data_ptr;
size_t dec_len;
int diff, i, rc;
+ size_t output_length __unused;
mbedtls_gcm_init(&ctx);
@@ -303,7 +305,11 @@
goto exit_gcm;
}
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0);
+#else
+ rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len);
+#endif
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
@@ -312,7 +318,12 @@
while (len > 0) {
dec_len = MIN(sizeof(buf), len);
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf);
+#else
+ rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length);
+#endif
+
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
@@ -323,7 +334,12 @@
len -= dec_len;
}
+#if (MBEDTLS_VERSION_MAJOR < 3)
rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf));
+#else
+ rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf));
+#endif
+
if (rc != 0) {
rc = CRYPTO_ERR_DECRYPTION;
goto exit_gcm;
diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c
index bbabd9b..fb5b036 100644
--- a/drivers/auth/mbedtls/mbedtls_x509_parser.c
+++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@@ -66,46 +66,63 @@
* Get X509v3 extension
*
* Global variable 'v3_ext' must point to the extensions region
- * in the certificate. No need to check for errors since the image has passed
- * the integrity check.
+ * in the certificate. OID may be NULL to request that get_ext()
+ * is only being called for integrity checking.
*/
static int get_ext(const char *oid, void **ext, unsigned int *ext_len)
{
- int oid_len;
+ int oid_len, ret, is_critical;
size_t len;
- unsigned char *end_ext_data, *end_ext_octet;
unsigned char *p;
const unsigned char *end;
char oid_str[MAX_OID_STR_LEN];
mbedtls_asn1_buf extn_oid;
- int is_critical;
-
- assert(oid != NULL);
p = v3_ext.p;
end = v3_ext.p + v3_ext.len;
- while (p < end) {
- zeromem(&extn_oid, sizeof(extn_oid));
- is_critical = 0; /* DEFAULT FALSE */
+ /*
+ * Check extensions integrity. At least one extension is
+ * required: the ASN.1 specifies a minimum size of 1, and at
+ * least one extension is needed to authenticate the next stage
+ * in the boot chain.
+ */
+ do {
+ unsigned char *end_ext_data;
- mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE);
+ ret = mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (ret != 0) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
end_ext_data = p + len;
/* Get extension ID */
- extn_oid.tag = *p;
- mbedtls_asn1_get_tag(&p, end, &extn_oid.len, MBEDTLS_ASN1_OID);
+ ret = mbedtls_asn1_get_tag(&p, end_ext_data, &extn_oid.len,
+ MBEDTLS_ASN1_OID);
+ if (ret != 0) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
+ extn_oid.tag = MBEDTLS_ASN1_OID;
extn_oid.p = p;
p += extn_oid.len;
/* Get optional critical */
- mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
+ ret = mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
+ if ((ret != 0) && (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
- /* Extension data */
- mbedtls_asn1_get_tag(&p, end_ext_data, &len,
- MBEDTLS_ASN1_OCTET_STRING);
- end_ext_octet = p + len;
+ /*
+ * Data should be octet string type and must use all bytes in
+ * the Extension.
+ */
+ ret = mbedtls_asn1_get_tag(&p, end_ext_data, &len,
+ MBEDTLS_ASN1_OCTET_STRING);
+ if ((ret != 0) || ((p + len) != end_ext_data)) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
/* Detect requested extension */
oid_len = mbedtls_oid_get_numeric_string(oid_str,
@@ -114,17 +131,20 @@
if ((oid_len == MBEDTLS_ERR_OID_BUF_TOO_SMALL) || (oid_len < 0)) {
return IMG_PARSER_ERR;
}
- if (((size_t)oid_len == strlen(oid_str)) && !strcmp(oid, oid_str)) {
+
+ if ((oid != NULL) &&
+ ((size_t)oid_len == strlen(oid_str)) &&
+ (strcmp(oid, oid_str) == 0)) {
*ext = (void *)p;
*ext_len = (unsigned int)len;
return IMG_PARSER_OK;
}
/* Next */
- p = end_ext_octet;
- }
+ p = end_ext_data;
+ } while (p < end);
- return IMG_PARSER_ERR_NOT_FOUND;
+ return (oid == NULL) ? IMG_PARSER_OK : IMG_PARSER_ERR_NOT_FOUND;
}
@@ -139,7 +159,7 @@
*/
static int cert_parse(void *img, unsigned int img_len)
{
- int ret, is_critical;
+ int ret;
size_t len;
unsigned char *p, *end, *crt_end, *pk_end;
mbedtls_asn1_buf sig_alg1;
@@ -161,7 +181,8 @@
p = (unsigned char *)img;
len = img_len;
- end = p + len;
+ crt_end = p + len;
+ end = crt_end;
/*
* Certificate ::= SEQUENCE {
@@ -171,15 +192,10 @@
*/
ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (ret != 0) {
+ if ((ret != 0) || ((p + len) != end)) {
return IMG_PARSER_ERR_FORMAT;
}
- if (len != (size_t)(end - p)) {
- return IMG_PARSER_ERR_FORMAT;
- }
- crt_end = p + len;
-
/*
* TBSCertificate ::= SEQUENCE {
*/
@@ -220,9 +236,6 @@
if (ret != 0) {
return IMG_PARSER_ERR_FORMAT;
}
- if ((end - p) < 1) {
- return IMG_PARSER_ERR_FORMAT;
- }
sig_alg1.len = (p + len) - sig_alg1.p;
p += len;
@@ -288,30 +301,24 @@
/*
* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- */
- ret = mbedtls_asn1_get_tag(&p, end, &len,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 1);
- if (ret != 0) {
- if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
- return IMG_PARSER_ERR_FORMAT;
- }
- } else {
- p += len;
- }
-
- /*
* subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
+ * -- technically these contain BIT STRINGs but that is not worth
+ * -- validating
*/
- ret = mbedtls_asn1_get_tag(&p, end, &len,
- MBEDTLS_ASN1_CONTEXT_SPECIFIC |
- MBEDTLS_ASN1_CONSTRUCTED | 2);
- if (ret != 0) {
+ for (int i = 1; i < 3; i++) {
+ ret = mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | i);
+ /*
+ * Unique IDs are obsolete, so MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+ * is the common case.
+ */
if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
- return IMG_PARSER_ERR_FORMAT;
+ if (ret != 0) {
+ return IMG_PARSER_ERR_FORMAT;
+ }
+ p += len;
}
- } else {
- p += len;
}
/*
@@ -347,51 +354,12 @@
}
v3_ext.p = p;
v3_ext.len = len;
-
- /*
- * Check extensions integrity. At least one extension is
- * required: the ASN.1 specifies a minimum size of 1, and at
- * least one extension is needed to authenticate the next stage
- * in the boot chain.
- */
- do {
- unsigned char *end_ext_data;
-
- ret = mbedtls_asn1_get_tag(&p, end, &len,
- MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE);
- if (ret != 0) {
- return IMG_PARSER_ERR_FORMAT;
- }
- end_ext_data = p + len;
-
- /* Get extension ID */
- ret = mbedtls_asn1_get_tag(&p, end_ext_data, &len, MBEDTLS_ASN1_OID);
- if (ret != 0) {
- return IMG_PARSER_ERR_FORMAT;
- }
- p += len;
-
- /* Get optional critical */
- ret = mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
- if ((ret != 0) && (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
- return IMG_PARSER_ERR_FORMAT;
- }
-
- /*
- * Data should be octet string type and must use all bytes in
- * the Extension.
- */
- ret = mbedtls_asn1_get_tag(&p, end_ext_data, &len,
- MBEDTLS_ASN1_OCTET_STRING);
- if ((ret != 0) || ((p + len) != end_ext_data)) {
- return IMG_PARSER_ERR_FORMAT;
- }
- p = end_ext_data;
- } while (p < end);
+ p += len;
- if (p != end) {
- return IMG_PARSER_ERR_FORMAT;
+ /* Check extensions integrity */
+ ret = get_ext(NULL, NULL, NULL);
+ if (ret != IMG_PARSER_OK) {
+ return ret;
}
end = crt_end;
@@ -414,19 +382,14 @@
/*
* signatureValue BIT STRING
+ * } -- must consume all bytes
*/
signature.p = p;
ret = mbedtls_asn1_get_bitstring_null(&p, end, &len);
- if (ret != 0) {
- return IMG_PARSER_ERR_FORMAT;
- }
- signature.len = (p + len) - signature.p;
- p += len;
-
- /* Check certificate length */
- if (p != end) {
+ if ((ret != 0) || ((p + len) != end)) {
return IMG_PARSER_ERR_FORMAT;
}
+ signature.len = end - signature.p;
return IMG_PARSER_OK;
}
@@ -511,5 +474,5 @@
return rc;
}
-REGISTER_IMG_PARSER_LIB(IMG_CERT, LIB_NAME, init, \
+REGISTER_IMG_PARSER_LIB(IMG_CERT, LIB_NAME, init,
check_integrity, get_auth_param);
diff --git a/drivers/auth/tbbr/tbbr_cot_bl1.c b/drivers/auth/tbbr/tbbr_cot_bl1.c
index 44f8638..21942b4 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl1.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl1.c
@@ -1,22 +1,24 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
+
static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
AUTH_PARAM_HASH, SCP_FWU_CFG_HASH_OID);
static auth_param_type_desc_t bl2u_hash = AUTH_PARAM_TYPE_DESC(
diff --git a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c b/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
index 78e38f6..236823a 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
@@ -1,13 +1,14 @@
/*
- * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
+#include <mbedtls/version.h>
+
#include <drivers/auth/auth_mod.h>
-#include MBEDTLS_CONFIG_FILE
#include <drivers/auth/tbbr_cot_common.h>
#if USE_TBBR_DEFS
@@ -15,8 +16,8 @@
#else
#include <platform_oid.h>
#endif
-#include <platform_def.h>
+#include <platform_def.h>
static unsigned char trusted_world_pk_buf[PK_DER_LEN];
static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
diff --git a/drivers/auth/tbbr/tbbr_cot_bl2.c b/drivers/auth/tbbr/tbbr_cot_bl2.c
index 11e2f46..ce2aa7e 100644
--- a/drivers/auth/tbbr/tbbr_cot_bl2.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl2.c
@@ -1,22 +1,24 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
+
static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN];
diff --git a/drivers/auth/tbbr/tbbr_cot_common.c b/drivers/auth/tbbr/tbbr_cot_common.c
index 0983d42..8c37248 100644
--- a/drivers/auth/tbbr/tbbr_cot_common.c
+++ b/drivers/auth/tbbr/tbbr_cot_common.c
@@ -1,22 +1,23 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <platform_def.h>
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/tbbr_cot_common.h>
+
#if USE_TBBR_DEFS
#include <tools_share/tbbr_oid.h>
#else
#include <platform_oid.h>
#endif
+#include <platform_def.h>
/*
* The platform must allocate buffers to store the authentication parameters
* extracted from the certificates. In this case, because of the way the CoT is
diff --git a/drivers/nxp/auth/tbbr/tbbr_cot.c b/drivers/nxp/auth/tbbr/tbbr_cot.c
index bb21fa0..ac4595f 100644
--- a/drivers/nxp/auth/tbbr/tbbr_cot.c
+++ b/drivers/nxp/auth/tbbr/tbbr_cot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* Copyright 2020 NXP
*
@@ -8,6 +8,7 @@
#include <stddef.h>
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
#if USE_TBBR_DEFS
diff --git a/drivers/nxp/timer/nxp_timer.c b/drivers/nxp/timer/nxp_timer.c
index 8eecd2e..448c0ba 100644
--- a/drivers/nxp/timer/nxp_timer.c
+++ b/drivers/nxp/timer/nxp_timer.c
@@ -59,7 +59,7 @@
static void delay_timer_init_args(uint32_t mult, uint32_t div)
{
- ops.get_timer_value = timer_get_value,
+ ops.get_timer_value = timer_get_value;
ops.clk_mult = mult;
ops.clk_div = div;
diff --git a/drivers/ufs/ufs.c b/drivers/ufs/ufs.c
index d8c0a14..ea82d02 100644
--- a/drivers/ufs/ufs.c
+++ b/drivers/ufs/ufs.c
@@ -30,9 +30,138 @@
static ufs_params_t ufs_params;
static int nutrs; /* Number of UTP Transfer Request Slots */
+/*
+ * ufs_uic_error_handler - UIC error interrupts handler
+ * @ignore_linereset: set to ignore PA_LAYER_GEN_ERR (UIC error)
+ *
+ * Returns
+ * 0 - ignore error
+ * -EIO - fatal error, needs re-init
+ * -EAGAIN - non-fatal error, retries are sufficient
+ */
+static int ufs_uic_error_handler(bool ignore_linereset)
+{
+ uint32_t data;
+ int result = 0;
+
+ data = mmio_read_32(ufs_params.reg_base + UECPA);
+ if (data & UFS_UIC_PA_ERROR_MASK) {
+ if (data & PA_LAYER_GEN_ERR) {
+ if (!ignore_linereset) {
+ return -EIO;
+ }
+ } else {
+ result = -EAGAIN;
+ }
+ }
+
+ data = mmio_read_32(ufs_params.reg_base + UECDL);
+ if (data & UFS_UIC_DL_ERROR_MASK) {
+ if (data & PA_INIT_ERR) {
+ return -EIO;
+ }
+ result = -EAGAIN;
+ }
+
+ /* NL/TL/DME error requires retries */
+ data = mmio_read_32(ufs_params.reg_base + UECN);
+ if (data & UFS_UIC_NL_ERROR_MASK) {
+ result = -EAGAIN;
+ }
+
+ data = mmio_read_32(ufs_params.reg_base + UECT);
+ if (data & UFS_UIC_TL_ERROR_MASK) {
+ result = -EAGAIN;
+ }
+
+ data = mmio_read_32(ufs_params.reg_base + UECDME);
+ if (data & UFS_UIC_DME_ERROR_MASK) {
+ result = -EAGAIN;
+ }
+
+ return result;
+}
+
+/*
+ * ufs_error_handler - error interrupts handler
+ * @status: interrupt status
+ * @ignore_linereset: set to ignore PA_LAYER_GEN_ERR (UIC error)
+ *
+ * Returns
+ * 0 - ignore error
+ * -EIO - fatal error, needs re-init
+ * -EAGAIN - non-fatal error, retries are sufficient
+ */
+static int ufs_error_handler(uint32_t status, bool ignore_linereset)
+{
+ int result;
+
+ if (status & UFS_INT_UE) {
+ result = ufs_uic_error_handler(ignore_linereset);
+ if (result != 0) {
+ return result;
+ }
+ }
+
+ /* Return I/O error on fatal error, it is upto the caller to re-init UFS */
+ if (status & UFS_INT_FATAL) {
+ return -EIO;
+ }
+
+ /* retry for non-fatal errors */
+ return -EAGAIN;
+}
+
+/*
+ * ufs_wait_for_int_status - wait for expected interrupt status
+ * @expected: expected interrupt status bit
+ * @timeout_ms: timeout in milliseconds to poll for
+ * @ignore_linereset: set to ignore PA_LAYER_GEN_ERR (UIC error)
+ *
+ * Returns
+ * 0 - received expected interrupt and cleared it
+ * -EIO - fatal error, needs re-init
+ * -EAGAIN - non-fatal error, caller can retry
+ * -ETIMEDOUT - timed out waiting for interrupt status
+ */
+static int ufs_wait_for_int_status(const uint32_t expected_status,
+ unsigned int timeout_ms,
+ bool ignore_linereset)
+{
+ uint32_t interrupt_status, interrupts_enabled;
+ int result = 0;
+
+ interrupts_enabled = mmio_read_32(ufs_params.reg_base + IE);
+ do {
+ interrupt_status = mmio_read_32(ufs_params.reg_base + IS) & interrupts_enabled;
+ if (interrupt_status & UFS_INT_ERR) {
+ mmio_write_32(ufs_params.reg_base + IS, interrupt_status & UFS_INT_ERR);
+ result = ufs_error_handler(interrupt_status, ignore_linereset);
+ if (result != 0) {
+ return result;
+ }
+ }
+
+ if (interrupt_status & expected_status) {
+ break;
+ }
+ mdelay(1);
+ } while (timeout_ms-- > 0);
+
+ if (!(interrupt_status & expected_status)) {
+ return -ETIMEDOUT;
+ }
+
+ mmio_write_32(ufs_params.reg_base + IS, expected_status);
+
+ return result;
+}
+
+
int ufshc_send_uic_cmd(uintptr_t base, uic_cmd_t *cmd)
{
unsigned int data;
+ int result;
if (base == 0 || cmd == NULL)
return -EINVAL;
@@ -46,10 +175,12 @@
mmio_write_32(base + UCMDARG3, cmd->arg3);
mmio_write_32(base + UICCMD, cmd->op);
- do {
- data = mmio_read_32(base + IS);
- } while ((data & UFS_INT_UCCS) == 0);
- mmio_write_32(base + IS, UFS_INT_UCCS);
+ result = ufs_wait_for_int_status(UFS_INT_UCCS, UIC_CMD_TIMEOUT_MS,
+ cmd->op == DME_SET);
+ if (result != 0) {
+ return result;
+ }
+
return mmio_read_32(base + UCMDARG2) & CONFIG_RESULT_CODE_MASK;
}
@@ -83,9 +214,10 @@
result = ufshc_send_uic_cmd(base, &cmd);
if (result == 0)
break;
- data = mmio_read_32(base + IS);
- if (data & UFS_INT_UE)
- return -EINVAL;
+ /* -EIO requires UFS re-init */
+ if (result == -EIO) {
+ return result;
+ }
}
if (retries >= UFS_UIC_COMMAND_RETRIES)
return -EIO;
@@ -97,7 +229,6 @@
int ufshc_dme_set(unsigned int attr, unsigned int idx, unsigned int val)
{
uintptr_t base;
- unsigned int data;
int result, retries;
uic_cmd_t cmd;
@@ -113,9 +244,10 @@
result = ufshc_send_uic_cmd(base, &cmd);
if (result == 0)
break;
- data = mmio_read_32(base + IS);
- if (data & UFS_INT_UE)
- return -EINVAL;
+ /* -EIO requires UFS re-init */
+ if (result == -EIO) {
+ return result;
+ }
}
if (retries >= UFS_UIC_COMMAND_RETRIES)
return -EIO;
@@ -193,9 +325,10 @@
return -EIO;
}
- /* Enable Interrupts */
- data = UFS_INT_UCCS | UFS_INT_ULSS | UFS_INT_UE | UFS_INT_UTPES |
- UFS_INT_DFES | UFS_INT_HCFES | UFS_INT_SBFES;
+ /* Enable UIC Interrupts alone. We can ignore other interrupts until
+ * link is up as there might be spurious error interrupts during link-up
+ */
+ data = UFS_INT_UCCS | UFS_INT_UHES | UFS_INT_UHXS | UFS_INT_UPMS;
mmio_write_32(base + IE, data);
return 0;
@@ -225,51 +358,49 @@
}
continue;
}
- assert((mmio_read_32(base + HCS) & HCS_DP) == 0);
+ assert(mmio_read_32(base + HCS) & HCS_DP);
data = mmio_read_32(base + IS);
if (data & UFS_INT_ULSS)
mmio_write_32(base + IS, UFS_INT_ULSS);
+
+ /* clear UE set due to line-reset */
+ if (data & UFS_INT_UE) {
+ mmio_write_32(base + IS, UFS_INT_UE);
+ }
+ /* clearing line-reset, UECPA is cleared on read */
+ mmio_read_32(base + UECPA);
return 0;
}
return -EIO;
}
-/* Check Door Bell register to get an empty slot */
-static int get_empty_slot(int *slot)
+/* Read Door Bell register to check if slot zero is available */
+static int is_slot_available(void)
{
- unsigned int data;
- int i;
-
- data = mmio_read_32(ufs_params.reg_base + UTRLDBR);
- for (i = 0; i < nutrs; i++) {
- if ((data & 1) == 0)
- break;
- data = data >> 1;
- }
- if (i >= nutrs)
+ if (mmio_read_32(ufs_params.reg_base + UTRLDBR) & 0x1) {
return -EBUSY;
- *slot = i;
+ }
return 0;
}
static void get_utrd(utp_utrd_t *utrd)
{
uintptr_t base;
- int slot = 0, result;
+ int result;
utrd_header_t *hd;
assert(utrd != NULL);
- result = get_empty_slot(&slot);
+ result = is_slot_available();
assert(result == 0);
/* clear utrd */
memset((void *)utrd, 0, sizeof(utp_utrd_t));
- base = ufs_params.desc_base + (slot * sizeof(utrd_header_t));
+ base = ufs_params.desc_base;
/* clear the descriptor */
memset((void *)base, 0, UFS_DESC_SIZE);
utrd->header = base;
- utrd->task_tag = slot + 1;
+ utrd->task_tag = 1; /* We always use the first slot */
/* CDB address should be aligned with 128 bytes */
utrd->upiu = ALIGN_CDB(utrd->header + sizeof(utrd_header_t));
utrd->resp_upiu = ALIGN_8(utrd->upiu + sizeof(cmd_upiu_t));
@@ -297,7 +428,8 @@
prdt_t *prdt;
unsigned int ulba;
unsigned int lba_cnt;
- int prdt_size;
+ uintptr_t desc_limit;
+ uintptr_t prdt_end;
hd = (utrd_header_t *)utrd->header;
upiu = (cmd_upiu_t *)utrd->upiu;
@@ -351,17 +483,24 @@
assert(0);
break;
}
- if (hd->dd == DD_IN)
+ if (hd->dd == DD_IN) {
flush_dcache_range(buf, length);
- else if (hd->dd == DD_OUT)
+ } else if (hd->dd == DD_OUT) {
inv_dcache_range(buf, length);
+ }
+
+ utrd->prdt_length = 0;
if (length) {
upiu->exp_data_trans_len = htobe32(length);
assert(lba_cnt <= UINT16_MAX);
prdt = (prdt_t *)utrd->prdt;
- prdt_size = 0;
+ desc_limit = ufs_params.desc_base + ufs_params.desc_size;
while (length > 0) {
+ if ((uintptr_t)prdt + sizeof(prdt_t) > desc_limit) {
+ ERROR("UFS: Exceeded descriptor limit. Image is too large\n");
+ panic();
+ }
prdt->dba = (unsigned int)(buf & UINT32_MAX);
prdt->dbau = (unsigned int)((buf >> 32) & UINT32_MAX);
/* prdt->dbc counts from 0 */
@@ -374,14 +513,14 @@
}
buf += MAX_PRDT_SIZE;
prdt++;
- prdt_size += sizeof(prdt_t);
+ utrd->prdt_length++;
}
- utrd->size_prdt = ALIGN_8(prdt_size);
- hd->prdtl = utrd->size_prdt >> 2;
+ hd->prdtl = utrd->prdt_length;
hd->prdto = (utrd->size_upiu + utrd->size_resp_upiu) >> 2;
}
- flush_dcache_range((uintptr_t)utrd->header, UFS_DESC_SIZE);
+ prdt_end = utrd->prdt + utrd->prdt_length * sizeof(prdt_t);
+ flush_dcache_range(utrd->header, prdt_end - utrd->header);
return 0;
}
@@ -473,21 +612,22 @@
mmio_setbits_32(ufs_params.reg_base + UTRLDBR, 1 << slot);
}
-static int ufs_check_resp(utp_utrd_t *utrd, int trans_type)
+static int ufs_check_resp(utp_utrd_t *utrd, int trans_type, unsigned int timeout_ms)
{
utrd_header_t *hd;
resp_upiu_t *resp;
sense_data_t *sense;
unsigned int data;
- int slot;
+ int slot, result;
hd = (utrd_header_t *)utrd->header;
resp = (resp_upiu_t *)utrd->resp_upiu;
- do {
- data = mmio_read_32(ufs_params.reg_base + IS);
- if ((data & ~(UFS_INT_UCCS | UFS_INT_UTRCS)) != 0)
- return -EIO;
- } while ((data & UFS_INT_UTRCS) == 0);
+
+ result = ufs_wait_for_int_status(UFS_INT_UTRCS, timeout_ms, false);
+ if (result != 0) {
+ return result;
+ }
+
slot = utrd->task_tag - 1;
data = mmio_read_32(ufs_params.reg_base + UTRLDBR);
@@ -511,6 +651,7 @@
(void)resp;
(void)slot;
+ (void)data;
return 0;
}
@@ -524,7 +665,7 @@
result = ufs_prepare_cmd(utrd, cmd_op, lun, lba, buf, length);
assert(result == 0);
ufs_send_request(utrd->task_tag);
- result = ufs_check_resp(utrd, RESPONSE_UPIU);
+ result = ufs_check_resp(utrd, RESPONSE_UPIU, CMD_TIMEOUT_MS);
if (result == 0 || result == -EIO) {
break;
}
@@ -575,7 +716,7 @@
get_utrd(&utrd);
ufs_prepare_nop_out(&utrd);
ufs_send_request(utrd.task_tag);
- result = ufs_check_resp(&utrd, NOP_IN_UPIU);
+ result = ufs_check_resp(&utrd, NOP_IN_UPIU, NOP_OUT_TIMEOUT_MS);
assert(result == 0);
(void)result;
}
@@ -608,7 +749,7 @@
get_utrd(&utrd);
ufs_prepare_query(&utrd, op, idn, index, sel, buf, size);
ufs_send_request(utrd.task_tag);
- result = ufs_check_resp(&utrd, QUERY_RESPONSE_UPIU);
+ result = ufs_check_resp(&utrd, QUERY_RESPONSE_UPIU, QUERY_REQ_TIMEOUT_MS);
assert(result == 0);
resp = (query_resp_upiu_t *)utrd.resp_upiu;
#ifdef UFS_RESP_DEBUG
@@ -896,6 +1037,11 @@
result = ufshc_link_startup(ufs_params.reg_base);
assert(result == 0);
+ /* enable all interrupts */
+ data = UFS_INT_UCCS | UFS_INT_UHES | UFS_INT_UHXS | UFS_INT_UPMS;
+ data |= UFS_INT_UTRCS | UFS_INT_ERR;
+ mmio_write_32(ufs_params.reg_base + IE, data);
+
ufs_enum();
ufs_get_device_info(&card);
diff --git a/fdts/fvp-base-psci-common.dtsi b/fdts/fvp-base-psci-common.dtsi
index 7838fde..79cf37d 100644
--- a/fdts/fvp-base-psci-common.dtsi
+++ b/fdts/fvp-base-psci-common.dtsi
@@ -186,10 +186,7 @@
pmu {
compatible = "arm,armv8-pmuv3";
- interrupts = <GIC_SPI 60 IRQ_TYPE_LEVEL_HIGH>,
- <GIC_SPI 61 IRQ_TYPE_LEVEL_HIGH>,
- <GIC_SPI 62 IRQ_TYPE_LEVEL_HIGH>,
- <GIC_SPI 63 IRQ_TYPE_LEVEL_HIGH>;
+ interrupts = <GIC_PPI 7 IRQ_TYPE_LEVEL_HIGH>;
};
panel {
diff --git a/fdts/morello-soc.dts b/fdts/morello-soc.dts
index 5f147b7..e87b617 100644
--- a/fdts/morello-soc.dts
+++ b/fdts/morello-soc.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -213,6 +213,29 @@
clock-output-names = "aclk";
};
+ gpu@2d000000 {
+ compatible = "arm,mali-bifrost";
+ reg = <0x0 0x2d000000 0x0 0x4000>;
+ interrupts =
+ <GIC_SPI 65 IRQ_TYPE_LEVEL_HIGH>,
+ <GIC_SPI 66 IRQ_TYPE_LEVEL_HIGH>,
+ <GIC_SPI 67 IRQ_TYPE_LEVEL_HIGH>;
+ interrupt-names =
+ "gpu",
+ "job",
+ "mmu";
+ clocks = <&clk_gpu>;
+ clock-names = "clk_mali";
+ status = "okay";
+ };
+
+ clk_gpu: clk_gpu {
+ compatible = "fixed-clock";
+ #clock-cells = <0>;
+ clock-frequency = <650000000>;
+ clock-output-names = "clk_mali";
+ };
+
firmware {
scmi {
compatible = "arm,scmi";
diff --git a/include/arch/aarch32/arch_features.h b/include/arch/aarch32/arch_features.h
index ddf0968..a5a5e27 100644
--- a/include/arch/aarch32/arch_features.h
+++ b/include/arch/aarch32/arch_features.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,17 +10,37 @@
#include <stdbool.h>
#include <arch_helpers.h>
+#include <common/feat_detect.h>
+
+#define ISOLATE_FIELD(reg, feat) \
+ ((unsigned int)(((reg) >> (feat ## _SHIFT)) & (feat ## _MASK)))
static inline bool is_armv7_gentimer_present(void)
{
- return ((read_id_pfr1() >> ID_PFR1_GENTIMER_SHIFT) &
- ID_PFR1_GENTIMER_MASK) != 0U;
+ return ISOLATE_FIELD(read_id_pfr1(), ID_PFR1_GENTIMER) != 0U;
}
static inline bool is_armv8_2_ttcnp_present(void)
{
- return ((read_id_mmfr4() >> ID_MMFR4_CNP_SHIFT) &
- ID_MMFR4_CNP_MASK) != 0U;
+ return ISOLATE_FIELD(read_id_mmfr4(), ID_MMFR4_CNP) != 0U;
+}
+
+static inline unsigned int read_feat_trf_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_dfr0(), ID_DFR0_TRACEFILT);
+}
+
+static inline bool is_feat_trf_supported(void)
+{
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trf_id_field() != 0U;
}
#endif /* ARCH_FEATURES_H */
diff --git a/include/arch/aarch32/el3_common_macros.S b/include/arch/aarch32/el3_common_macros.S
index 8b6765a..585a9ae 100644
--- a/include/arch/aarch32/el3_common_macros.S
+++ b/include/arch/aarch32/el3_common_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -374,7 +374,7 @@
* ---------------------------------------------------------------------
*/
.if \_init_c_runtime
-#if defined(IMAGE_BL32) || (defined(IMAGE_BL2) && BL2_AT_EL3)
+#if defined(IMAGE_BL32) || (defined(IMAGE_BL2) && RESET_TO_BL2)
/* -----------------------------------------------------------------
* Invalidate the RW memory used by the image. This
* includes the data and NOBITS sections. This is done to
@@ -426,7 +426,8 @@
/* Restore r12 */
mov r12, r7
-#if defined(IMAGE_BL1) || (defined(IMAGE_BL2) && BL2_AT_EL3 && BL2_IN_XIP_MEM)
+#if defined(IMAGE_BL1) || \
+ (defined(IMAGE_BL2) && RESET_TO_BL2 && BL2_IN_XIP_MEM)
/* -----------------------------------------------------
* Copy data from ROM to RAM.
* -----------------------------------------------------
diff --git a/include/arch/aarch32/smccc_helpers.h b/include/arch/aarch32/smccc_helpers.h
index 2ce7874..8876da9 100644
--- a/include/arch/aarch32/smccc_helpers.h
+++ b/include/arch/aarch32/smccc_helpers.h
@@ -90,21 +90,21 @@
* ensure that the assembler and the compiler view of the offsets of
* the structure members is the same.
*/
-CASSERT(SMC_CTX_GPREG_R0 == __builtin_offsetof(smc_ctx_t, r0), \
+CASSERT(SMC_CTX_GPREG_R0 == __builtin_offsetof(smc_ctx_t, r0),
assert_smc_ctx_greg_r0_offset_mismatch);
-CASSERT(SMC_CTX_GPREG_R1 == __builtin_offsetof(smc_ctx_t, r1), \
+CASSERT(SMC_CTX_GPREG_R1 == __builtin_offsetof(smc_ctx_t, r1),
assert_smc_ctx_greg_r1_offset_mismatch);
-CASSERT(SMC_CTX_GPREG_R2 == __builtin_offsetof(smc_ctx_t, r2), \
+CASSERT(SMC_CTX_GPREG_R2 == __builtin_offsetof(smc_ctx_t, r2),
assert_smc_ctx_greg_r2_offset_mismatch);
-CASSERT(SMC_CTX_GPREG_R3 == __builtin_offsetof(smc_ctx_t, r3), \
+CASSERT(SMC_CTX_GPREG_R3 == __builtin_offsetof(smc_ctx_t, r3),
assert_smc_ctx_greg_r3_offset_mismatch);
-CASSERT(SMC_CTX_GPREG_R4 == __builtin_offsetof(smc_ctx_t, r4), \
+CASSERT(SMC_CTX_GPREG_R4 == __builtin_offsetof(smc_ctx_t, r4),
assert_smc_ctx_greg_r4_offset_mismatch);
-CASSERT(SMC_CTX_SP_USR == __builtin_offsetof(smc_ctx_t, sp_usr), \
+CASSERT(SMC_CTX_SP_USR == __builtin_offsetof(smc_ctx_t, sp_usr),
assert_smc_ctx_sp_usr_offset_mismatch);
-CASSERT(SMC_CTX_LR_MON == __builtin_offsetof(smc_ctx_t, lr_mon), \
+CASSERT(SMC_CTX_LR_MON == __builtin_offsetof(smc_ctx_t, lr_mon),
assert_smc_ctx_lr_mon_offset_mismatch);
-CASSERT(SMC_CTX_SPSR_MON == __builtin_offsetof(smc_ctx_t, spsr_mon), \
+CASSERT(SMC_CTX_SPSR_MON == __builtin_offsetof(smc_ctx_t, spsr_mon),
assert_smc_ctx_spsr_mon_offset_mismatch);
CASSERT((sizeof(smc_ctx_t) & 0x7U) == 0U, assert_smc_ctx_not_aligned);
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 9e4a3b7..b786521 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -349,6 +349,12 @@
#define ID_AA64MMFR2_EL1_NV_SUPPORTED ULL(0x1)
#define ID_AA64MMFR2_EL1_NV2_SUPPORTED ULL(0x2)
+/* ID_AA64MMFR3_EL1 definitions */
+#define ID_AA64MMFR3_EL1 S3_0_C0_C7_3
+
+#define ID_AA64MMFR3_EL1_TCRX_SHIFT U(0)
+#define ID_AA64MMFR3_EL1_TCRX_MASK ULL(0xf)
+
/* ID_AA64PFR1_EL1 definitions */
#define ID_AA64PFR1_EL1_SSBS_SHIFT U(4)
#define ID_AA64PFR1_EL1_SSBS_MASK ULL(0xf)
@@ -501,6 +507,7 @@
#define SCR_GPF_BIT (UL(1) << 48)
#define SCR_TWEDEL_SHIFT U(30)
#define SCR_TWEDEL_MASK ULL(0xf)
+#define SCR_TCR2EN_BIT (UL(1) << 43)
#define SCR_TRNDR_BIT (UL(1) << 40)
#define SCR_HXEn_BIT (UL(1) << 38)
#define SCR_ENTP2_SHIFT U(41)
@@ -1302,6 +1309,11 @@
#define HCRX_EL2_EnAS0_BIT (UL(1) << 0)
/*******************************************************************************
+ * FEAT_TCR2 - Extended Translation Control Register
+ ******************************************************************************/
+#define TCR2_EL2 S3_4_C2_C0_3
+
+/*******************************************************************************
* Definitions for DynamicIQ Shared Unit registers
******************************************************************************/
#define CLUSTERPWRDN_EL1 S3_0_c15_c3_6
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 2b801ac..582aed1 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,6 +12,9 @@
#include <arch_helpers.h>
#include <common/feat_detect.h>
+#define ISOLATE_FIELD(reg, feat) \
+ ((unsigned int)(((reg) >> (feat ## _SHIFT)) & (feat ## _MASK)))
+
static inline bool is_armv7_gentimer_present(void)
{
/* The Generic Timer is always present in an ARMv8-A implementation */
@@ -100,8 +103,7 @@
static unsigned int read_feat_fgt_id_field(void)
{
- return (read_id_aa64mmfr0_el1() >> ID_AA64MMFR0_EL1_FGT_SHIFT) &
- ID_AA64MMFR0_EL1_FGT_MASK;
+ return ISOLATE_FIELD(read_id_aa64mmfr0_el1(), ID_AA64MMFR0_EL1_FGT);
}
static inline bool is_feat_fgt_supported(void)
@@ -129,13 +131,30 @@
ID_AA64ISAR0_RNDR_MASK);
}
+static unsigned int read_feat_tcrx_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64mmfr3_el1(), ID_AA64MMFR3_EL1_TCRX);
+}
+
+static inline bool is_feat_tcr2_supported(void)
+{
+ if (ENABLE_FEAT_TCR2 == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_FEAT_TCR2 == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_tcrx_id_field() != 0U;
+}
+
/*******************************************************************************
* Functions to identify the presence of the Activity Monitors Extension
******************************************************************************/
static unsigned int read_feat_amu_id_field(void)
{
- return (read_id_aa64pfr0_el1() >> ID_AA64PFR0_AMU_SHIFT) &
- ID_AA64PFR0_AMU_MASK;
+ return ISOLATE_FIELD(read_id_aa64pfr0_el1(), ID_AA64PFR0_AMU);
}
static inline bool is_feat_amu_supported(void)
@@ -175,8 +194,7 @@
static inline unsigned int read_feat_hcx_id_field(void)
{
- return (read_id_aa64mmfr1_el1() >> ID_AA64MMFR1_EL1_HCX_SHIFT) &
- ID_AA64MMFR1_EL1_HCX_MASK;
+ return ISOLATE_FIELD(read_id_aa64mmfr1_el1(), ID_AA64MMFR1_EL1_HCX);
}
static inline bool is_feat_hcx_supported(void)
@@ -268,10 +286,22 @@
/*************************************************************************
* Function to identify the presence of FEAT_TRF (TraceLift)
************************************************************************/
-static inline bool is_arm8_4_feat_trf_present(void)
+static inline unsigned int read_feat_trf_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_TRACEFILT);
+}
+
+static inline bool is_feat_trf_supported(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEFILT_SHIFT) &
- ID_AA64DFR0_TRACEFILT_MASK) == ID_AA64DFR0_TRACEFILT_SUPPORTED);
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRF_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trf_id_field() != 0U;
}
/********************************************************************************
@@ -288,19 +318,43 @@
* Function to identify the presence of FEAT_BRBE (Branch Record Buffer
* Extension)
******************************************************************************/
-static inline bool is_feat_brbe_present(void)
+static inline unsigned int read_feat_brbe_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_BRBE);
+}
+
+static inline bool is_feat_brbe_supported(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_BRBE_SHIFT) &
- ID_AA64DFR0_BRBE_MASK) == ID_AA64DFR0_BRBE_SUPPORTED);
+ if (ENABLE_BRBE_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_BRBE_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_brbe_id_field() != 0U;
}
/*******************************************************************************
* Function to identify the presence of FEAT_TRBE (Trace Buffer Extension)
******************************************************************************/
-static inline bool is_feat_trbe_present(void)
+static inline unsigned int read_feat_trbe_id_field(void)
{
- return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEBUFFER_SHIFT) &
- ID_AA64DFR0_TRACEBUFFER_MASK) == ID_AA64DFR0_TRACEBUFFER_SUPPORTED);
+ return ISOLATE_FIELD(read_id_aa64dfr0_el1(), ID_AA64DFR0_TRACEBUFFER);
}
+static inline bool is_feat_trbe_supported(void)
+{
+ if (ENABLE_TRBE_FOR_NS == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_TRBE_FOR_NS == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_trbe_id_field() != 0U;
+
+}
#endif /* ARCH_FEATURES_H */
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index 86c1dbe..81e0e06 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -555,6 +555,9 @@
/* Armv8.4 Data Independent Timing Register */
DEFINE_RENAME_SYSREG_RW_FUNCS(dit, DIT)
+/* Armv8.4 FEAT_TRF Register */
+DEFINE_RENAME_SYSREG_RW_FUNCS(trfcr_el2, TRFCR_EL2)
+
/* Armv8.5 MTE Registers */
DEFINE_RENAME_SYSREG_RW_FUNCS(tfsre0_el1, TFSRE0_EL1)
DEFINE_RENAME_SYSREG_RW_FUNCS(tfsr_el1, TFSR_EL1)
@@ -576,6 +579,12 @@
/* FEAT_HCX Register */
DEFINE_RENAME_SYSREG_RW_FUNCS(hcrx_el2, HCRX_EL2)
+/* Armv8.9 system registers */
+DEFINE_RENAME_IDREG_READ_FUNC(id_aa64mmfr3_el1, ID_AA64MMFR3_EL1)
+
+/* FEAT_TCR2 Register */
+DEFINE_RENAME_SYSREG_RW_FUNCS(tcr2_el2, TCR2_EL2)
+
/* DynamIQ Shared Unit power management */
DEFINE_RENAME_SYSREG_RW_FUNCS(clusterpwrdn_el1, CLUSTERPWRDN_EL1)
@@ -689,7 +698,7 @@
isb(); \
}
#else
-#define AT(_at_inst, _va) _at_inst(_va);
+#define AT(_at_inst, _va) _at_inst(_va)
#endif
#endif /* ARCH_HELPERS_H */
diff --git a/include/arch/aarch64/el2_common_macros.S b/include/arch/aarch64/el2_common_macros.S
index 7bf4806..dcaea3d 100644
--- a/include/arch/aarch64/el2_common_macros.S
+++ b/include/arch/aarch64/el2_common_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -347,7 +347,8 @@
sub x1, x1, x0
bl zeromem
-#if defined(IMAGE_BL1) || (defined(IMAGE_BL2) && BL2_AT_EL3 && BL2_IN_XIP_MEM)
+#if defined(IMAGE_BL1) || (defined(IMAGE_BL2) && \
+ RESET_TO_BL2 && BL2_IN_XIP_MEM)
adrp x0, __DATA_RAM_START__
add x0, x0, :lo12:__DATA_RAM_START__
adrp x1, __DATA_ROM_START__
@@ -384,13 +385,12 @@
.macro apply_at_speculative_wa
#if ERRATA_SPECULATIVE_AT
/*
- * Explicitly save x30 so as to free up a register and to enable
- * branching and also, save x29 which will be used in the called
- * function
+ * This function expects x30 has been saved.
+ * Also, save x29 which will be used in the called function.
*/
- stp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
bl save_and_update_ptw_el1_sys_regs
- ldp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
#endif
.endm
diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S
index de2b931..45a86c1 100644
--- a/include/arch/aarch64/el3_common_macros.S
+++ b/include/arch/aarch64/el3_common_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -433,7 +433,7 @@
*/
.if \_init_c_runtime
#if defined(IMAGE_BL31) || (defined(IMAGE_BL2) && \
- ((BL2_AT_EL3 && BL2_INV_DCACHE) || ENABLE_RME))
+ ((RESET_TO_BL2 && BL2_INV_DCACHE) || ENABLE_RME))
/* -------------------------------------------------------------
* Invalidate the RW memory used by the BL31 image. This
* includes the data and NOBITS sections. This is done to
@@ -495,7 +495,8 @@
bl zeromem
#endif
-#if defined(IMAGE_BL1) || (defined(IMAGE_BL2) && BL2_AT_EL3 && BL2_IN_XIP_MEM)
+#if defined(IMAGE_BL1) || \
+ (defined(IMAGE_BL2) && RESET_TO_BL2 && BL2_IN_XIP_MEM)
adrp x0, __DATA_RAM_START__
add x0, x0, :lo12:__DATA_RAM_START__
adrp x1, __DATA_ROM_START__
@@ -532,13 +533,12 @@
.macro apply_at_speculative_wa
#if ERRATA_SPECULATIVE_AT
/*
- * Explicitly save x30 so as to free up a register and to enable
- * branching and also, save x29 which will be used in the called
- * function
+ * This function expects x30 has been saved.
+ * Also, save x29 which will be used in the called function.
*/
- stp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
bl save_and_update_ptw_el1_sys_regs
- ldp x29, x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
+ ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
#endif
.endm
diff --git a/include/arch/aarch64/smccc_helpers.h b/include/arch/aarch64/smccc_helpers.h
index 920f294..950a811 100644
--- a/include/arch/aarch64/smccc_helpers.h
+++ b/include/arch/aarch64/smccc_helpers.h
@@ -75,6 +75,24 @@
#define SMC_SET_GP(_h, _g, _v) \
write_ctx_reg((get_gpregs_ctx(_h)), (_g), (_v))
+
+/* Useful for SMCCCv1.2 */
+#define SMC_RET18(_h, _x0, _x1, _x2, _x3, _x4, _x5, _x6, _x7, _x8, _x9, \
+ _x10, _x11, _x12, _x13, _x14, _x15, _x16, _x17) { \
+ SMC_SET_GP(_h, CTX_GPREG_X8, _x8); \
+ SMC_SET_GP(_h, CTX_GPREG_X9, _x9); \
+ SMC_SET_GP(_h, CTX_GPREG_X10, _x10); \
+ SMC_SET_GP(_h, CTX_GPREG_X11, _x11); \
+ SMC_SET_GP(_h, CTX_GPREG_X12, _x12); \
+ SMC_SET_GP(_h, CTX_GPREG_X13, _x13); \
+ SMC_SET_GP(_h, CTX_GPREG_X14, _x14); \
+ SMC_SET_GP(_h, CTX_GPREG_X15, _x15); \
+ SMC_SET_GP(_h, CTX_GPREG_X16, _x16); \
+ SMC_SET_GP(_h, CTX_GPREG_X17, _x17); \
+ SMC_RET8(_h, (_x0), (_x1), (_x2), (_x3), (_x4), (_x5), (_x6), \
+ (_x7)); \
+}
+
/*
* Convenience macros to access EL3 context registers using handle provided to
* SMC handler. These take the offset values defined in context.h
diff --git a/include/bl1/bl1.h b/include/bl1/bl1.h
index 21d3ae7..7cd7e72 100644
--- a/include/bl1/bl1.h
+++ b/include/bl1/bl1.h
@@ -90,8 +90,8 @@
/*
* Check if the total number of FWU SMC calls are as expected.
*/
-CASSERT(FWU_NUM_SMC_CALLS == \
- (FWU_SMC_FID_END - FWU_SMC_FID_START + 1),\
+CASSERT(FWU_NUM_SMC_CALLS ==
+ (FWU_SMC_FID_END - FWU_SMC_FID_START + 1),
assert_FWU_NUM_SMC_CALLS_mismatch);
/* Utility functions */
diff --git a/include/common/bl_common.ld.h b/include/common/bl_common.ld.h
index 080e331..c9bed1a 100644
--- a/include/common/bl_common.ld.h
+++ b/include/common/bl_common.ld.h
@@ -24,7 +24,7 @@
#define CPU_OPS \
. = ALIGN(STRUCT_ALIGN); \
__CPU_OPS_START__ = .; \
- KEEP(*(cpu_ops)) \
+ KEEP(*(.cpu_ops)) \
__CPU_OPS_END__ = .;
#define PARSER_LIB_DESCS \
@@ -36,14 +36,14 @@
#define RT_SVC_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__RT_SVC_DESCS_START__ = .; \
- KEEP(*(rt_svc_descs)) \
+ KEEP(*(.rt_svc_descs)) \
__RT_SVC_DESCS_END__ = .;
#if SPMC_AT_EL3
#define EL3_LP_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__EL3_LP_DESCS_START__ = .; \
- KEEP(*(el3_lp_descs)) \
+ KEEP(*(.el3_lp_descs)) \
__EL3_LP_DESCS_END__ = .;
#else
#define EL3_LP_DESCS
@@ -52,7 +52,7 @@
#define PMF_SVC_DESCS \
. = ALIGN(STRUCT_ALIGN); \
__PMF_SVC_DESCS_START__ = .; \
- KEEP(*(pmf_svc_descs)) \
+ KEEP(*(.pmf_svc_descs)) \
__PMF_SVC_DESCS_END__ = .;
#define FCONF_POPULATOR \
@@ -81,7 +81,7 @@
#define BASE_XLAT_TABLE \
. = ALIGN(16); \
__BASE_XLAT_TABLE_START__ = .; \
- *(base_xlat_table) \
+ *(.base_xlat_table) \
__BASE_XLAT_TABLE_END__ = .;
#if PLAT_RO_XLAT_TABLES
@@ -135,9 +135,9 @@
#if !(defined(IMAGE_BL31) && RECLAIM_INIT_CODE)
#define STACK_SECTION \
- stacks (NOLOAD) : { \
+ .stacks (NOLOAD) : { \
__STACKS_START__ = .; \
- *(tzfw_normal_stacks) \
+ *(.tzfw_normal_stacks) \
__STACKS_END__ = .; \
}
#endif
@@ -170,7 +170,7 @@
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__BAKERY_LOCK_START__ = .; \
__PERCPU_BAKERY_LOCK_START__ = .; \
- *(bakery_lock) \
+ *(.bakery_lock) \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PERCPU_BAKERY_LOCK_END__ = .; \
__PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__); \
@@ -191,7 +191,7 @@
#define PMF_TIMESTAMP \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PMF_TIMESTAMP_START__ = .; \
- KEEP(*(pmf_timestamp_array)) \
+ KEEP(*(.pmf_timestamp_array)) \
. = ALIGN(CACHE_WRITEBACK_GRANULE); \
__PMF_PERCPU_TIMESTAMP_END__ = .; \
__PERCPU_TIMESTAMP_SIZE__ = ABSOLUTE(. - __PMF_TIMESTAMP_START__); \
@@ -216,15 +216,15 @@
}
/*
- * The xlat_table section is for full, aligned page tables (4K).
+ * The .xlat_table section is for full, aligned page tables (4K).
* Removing them from .bss avoids forcing 4K alignment on
* the .bss section. The tables are initialized to zero by the translation
* tables library.
*/
#define XLAT_TABLE_SECTION \
- xlat_table (NOLOAD) : { \
+ .xlat_table (NOLOAD) : { \
__XLAT_TABLE_START__ = .; \
- *(xlat_table) \
+ *(.xlat_table) \
__XLAT_TABLE_END__ = .; \
}
diff --git a/include/common/debug.h b/include/common/debug.h
index af47999..5ea541d 100644
--- a/include/common/debug.h
+++ b/include/common/debug.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -99,15 +99,31 @@
#define backtrace(x)
#endif
-void __dead2 do_panic(void);
+void __dead2 el3_panic(void);
+void __dead2 elx_panic(void);
#define panic() \
do { \
backtrace(__func__); \
console_flush(); \
- do_panic(); \
+ el3_panic(); \
} while (false)
+#if CRASH_REPORTING
+/* --------------------------------------------------------------------
+ * do_lower_el_panic assumes it's called due to a panic from a lower EL
+ * This call will not return.
+ * --------------------------------------------------------------------
+ */
+#define lower_el_panic() \
+ do { \
+ console_flush(); \
+ elx_panic(); \
+ } while (false)
+#else
+#define lower_el_panic()
+#endif
+
/* Function called when stack protection check code detects a corrupted stack */
void __dead2 __stack_chk_fail(void);
diff --git a/include/common/interrupt_props.h b/include/common/interrupt_props.h
index 07bafaa..681c896 100644
--- a/include/common/interrupt_props.h
+++ b/include/common/interrupt_props.h
@@ -19,7 +19,7 @@
}
typedef struct interrupt_prop {
- unsigned int intr_num:10;
+ unsigned int intr_num:13;
unsigned int intr_pri:8;
unsigned int intr_grp:2;
unsigned int intr_cfg:2;
diff --git a/include/common/runtime_svc.h b/include/common/runtime_svc.h
index 472a32a..26e8d6f 100644
--- a/include/common/runtime_svc.h
+++ b/include/common/runtime_svc.h
@@ -72,7 +72,7 @@
*/
#define DECLARE_RT_SVC(_name, _start, _end, _type, _setup, _smch) \
static const rt_svc_desc_t __svc_desc_ ## _name \
- __section("rt_svc_descs") __used = { \
+ __section(".rt_svc_descs") __used = { \
.start_oen = (_start), \
.end_oen = (_end), \
.call_type = (_type), \
@@ -90,11 +90,11 @@
* 3. ensure that the assembler and the compiler see the handler
* routine at the same offset.
*/
-CASSERT((sizeof(rt_svc_desc_t) == SIZEOF_RT_SVC_DESC), \
+CASSERT((sizeof(rt_svc_desc_t) == SIZEOF_RT_SVC_DESC),
assert_sizeof_rt_svc_desc_mismatch);
-CASSERT(RT_SVC_DESC_INIT == __builtin_offsetof(rt_svc_desc_t, init), \
+CASSERT(RT_SVC_DESC_INIT == __builtin_offsetof(rt_svc_desc_t, init),
assert_rt_svc_desc_init_offset_mismatch);
-CASSERT(RT_SVC_DESC_HANDLE == __builtin_offsetof(rt_svc_desc_t, handle), \
+CASSERT(RT_SVC_DESC_HANDLE == __builtin_offsetof(rt_svc_desc_t, handle),
assert_rt_svc_desc_handle_offset_mismatch);
diff --git a/include/common/tbbr/cot_def.h b/include/common/tbbr/cot_def.h
index 60dfb8a..822c474 100644
--- a/include/common/tbbr/cot_def.h
+++ b/include/common/tbbr/cot_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,13 @@
#ifndef COT_DEF_H
#define COT_DEF_H
+/*
+ * Guard here with availability of mbedtls config since PLAT=lx2162aqds
+ * uses custom tbbr from 'drivers/nxp/auth/tbbr/tbbr_cot.c' and also may
+ * build without mbedtls folder only with TRUSTED_BOOT enabled.
+ */
#ifdef MBEDTLS_CONFIG_FILE
-#include MBEDTLS_CONFIG_FILE
+#include <mbedtls/version.h>
#endif
/* TBBR CoT definitions */
diff --git a/include/drivers/auth/auth_mod.h b/include/drivers/auth/auth_mod.h
index 94537f6..28aa407 100644
--- a/include/drivers/auth/auth_mod.h
+++ b/include/drivers/auth/auth_mod.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,7 +7,6 @@
#ifndef AUTH_MOD_H
#define AUTH_MOD_H
-#include <common/tbbr/cot_def.h>
#include <common/tbbr/tbbr_img_def.h>
#include <drivers/auth/auth_common.h>
#include <drivers/auth/img_parser_mod.h>
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config-2.h
similarity index 100%
rename from include/drivers/auth/mbedtls/mbedtls_config.h
rename to include/drivers/auth/mbedtls/mbedtls_config-2.h
diff --git a/include/drivers/auth/mbedtls/mbedtls_config-3.h b/include/drivers/auth/mbedtls/mbedtls_config-3.h
new file mode 100644
index 0000000..ba936a3
--- /dev/null
+++ b/include/drivers/auth/mbedtls/mbedtls_config-3.h
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/**
+ * This set of compile-time options may be used to enable
+ * or disable features selectively, and reduce the global
+ * memory footprint.
+ */
+
+/*
+ * Key algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_RSA 1
+#define TF_MBEDTLS_ECDSA 2
+#define TF_MBEDTLS_RSA_AND_ECDSA 3
+
+#define TF_MBEDTLS_USE_RSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA \
+ || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define TF_MBEDTLS_USE_ECDSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA \
+ || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+
+/*
+ * Hash algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_SHA256 1
+#define TF_MBEDTLS_SHA384 2
+#define TF_MBEDTLS_SHA512 3
+
+/*
+ * Configuration file to build mbed TLS with the required features for
+ * Trusted Boot
+ */
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#define MBEDTLS_PKCS1_V21
+
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_OID_C
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+
+#define MBEDTLS_PLATFORM_C
+
+#if TF_MBEDTLS_USE_ECDSA
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if TF_MBEDTLS_USE_RSA
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+
+/* The library does not currently support enabling SHA-256 without SHA-224. */
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+/*
+ * If either Trusted Boot or Measured Boot require a stronger algorithm than
+ * SHA-256, pull in SHA-512 support. Library currently needs to have SHA_384
+ * support when enabling SHA-512.
+ */
+#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256) /* TBB hash algo */
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#else
+ /* TBB uses SHA-256, what about measured boot? */
+#if defined(TF_MBEDTLS_MBOOT_USE_SHA512)
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#endif
+#endif
+
+#define MBEDTLS_VERSION_C
+
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+
+#if TF_MBEDTLS_USE_AES_GCM
+#define MBEDTLS_AES_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_GCM_C
+#endif
+
+/* MPI / BIGNUM options */
+#define MBEDTLS_MPI_WINDOW_SIZE 2
+
+#if TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define MBEDTLS_MPI_MAX_SIZE 256
+#else
+#define MBEDTLS_MPI_MAX_SIZE 512
+#endif
+#else
+#define MBEDTLS_MPI_MAX_SIZE 256
+#endif
+
+/* Memory buffer allocator options */
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
+
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
+#ifndef __ASSEMBLER__
+/* System headers required to build mbed TLS with the current configuration */
+#include <stdlib.h>
+#include <mbedtls/check_config.h>
+#endif
+
+/*
+ * Determine Mbed TLS heap size
+ * 13312 = 13*1024
+ * 11264 = 11*1024
+ * 7168 = 7*1024
+ */
+#if TF_MBEDTLS_USE_ECDSA
+#define TF_MBEDTLS_HEAP_SIZE U(13312)
+#elif TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define TF_MBEDTLS_HEAP_SIZE U(7168)
+#else
+#define TF_MBEDTLS_HEAP_SIZE U(11264)
+#endif
+#endif
+
+/*
+ * Warn if errors from certain functions are ignored.
+ *
+ * The warnings are always enabled (where supported) for critical functions
+ * where ignoring the return value is almost always a bug. This macro extends
+ * the warnings to more functions.
+ */
+#define MBEDTLS_CHECK_RETURN_WARNING
diff --git a/include/drivers/auth/tbbr_cot_common.h b/include/drivers/auth/tbbr_cot_common.h
index a51faee..b4f2d22 100644
--- a/include/drivers/auth/tbbr_cot_common.h
+++ b/include/drivers/auth/tbbr_cot_common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020,2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,7 @@
#ifndef TBBR_COT_COMMON_H
#define TBBR_COT_COMMON_H
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
extern unsigned char tb_fw_hash_buf[HASH_DER_LEN];
diff --git a/include/drivers/nxp/dcfg/dcfg.h b/include/drivers/nxp/dcfg/dcfg.h
index cf29b12..ee8f866 100644
--- a/include/drivers/nxp/dcfg/dcfg.h
+++ b/include/drivers/nxp/dcfg/dcfg.h
@@ -93,8 +93,8 @@
******************************************************************************/
bool check_boot_mode_secure(uint32_t *mode);
-const soc_info_t *get_soc_info();
-const devdisr5_info_t *get_devdisr5_info();
+const soc_info_t *get_soc_info(void);
+const devdisr5_info_t *get_devdisr5_info(void);
void dcfg_init(dcfg_init_info_t *dcfg_init_data);
bool is_sec_enabled(void);
diff --git a/include/drivers/ufs.h b/include/drivers/ufs.h
index 1cd1bee..2a63fd4 100644
--- a/include/drivers/ufs.h
+++ b/include/drivers/ufs.h
@@ -57,6 +57,21 @@
/* UTP Transfer Request Completion Status */
#define UFS_INT_UTRCS (1 << 0)
+#define UFS_INT_FATAL (UFS_INT_DFES |\
+ UFS_INT_HCFES |\
+ UFS_INT_SBFES)
+#define UFS_INT_ERR (UFS_INT_FATAL |\
+ UFS_INT_UE)
+
+#define UFS_UIC_PA_ERROR_MASK 0x8000001F
+#define UFS_UIC_DL_ERROR_MASK 0x8000FFFF
+#define UFS_UIC_NL_ERROR_MASK 0x80000007
+#define UFS_UIC_TL_ERROR_MASK 0x8000007F
+#define UFS_UIC_DME_ERROR_MASK 0x80000001
+
+#define PA_INIT_ERR (1 << 13)
+#define PA_LAYER_GEN_ERR (1 << 4)
+
/* Host Controller Status */
#define HCS 0x30
#define HCS_UPMCRS_MASK (7 << 8)
@@ -275,6 +290,11 @@
#define FDEVICEINIT_TIMEOUT_MS 1500
+#define UIC_CMD_TIMEOUT_MS 500
+#define QUERY_REQ_TIMEOUT_MS 1500
+#define NOP_OUT_TIMEOUT_MS 50
+#define CMD_TIMEOUT_MS 5000
+
/**
* ufs_dev_desc - ufs device details from the device descriptor
* @wmanufacturerid: card details
@@ -519,7 +539,7 @@
uintptr_t prdt;
size_t size_upiu;
size_t size_resp_upiu;
- size_t size_prdt;
+ size_t prdt_length;
int task_tag;
} utp_utrd_t;
diff --git a/include/lib/bakery_lock.h b/include/lib/bakery_lock.h
index 1fece01..2cf2b44 100644
--- a/include/lib/bakery_lock.h
+++ b/include/lib/bakery_lock.h
@@ -96,7 +96,7 @@
void bakery_lock_get(bakery_lock_t *bakery);
void bakery_lock_release(bakery_lock_t *bakery);
-#define DEFINE_BAKERY_LOCK(_name) bakery_lock_t _name __section("bakery_lock")
+#define DEFINE_BAKERY_LOCK(_name) bakery_lock_t _name __section(".bakery_lock")
#define DECLARE_BAKERY_LOCK(_name) extern bakery_lock_t _name
diff --git a/include/lib/cpus/aarch32/cpu_macros.S b/include/lib/cpus/aarch32/cpu_macros.S
index a5ae6a4..ab2f2c6 100644
--- a/include/lib/cpus/aarch32/cpu_macros.S
+++ b/include/lib/cpus/aarch32/cpu_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,7 +9,8 @@
#include <arch.h>
#include <lib/cpus/errata_report.h>
-#if defined(IMAGE_BL1) || defined(IMAGE_BL32) || (defined(IMAGE_BL2) && BL2_AT_EL3)
+#if defined(IMAGE_BL1) || defined(IMAGE_BL32) \
+ || (defined(IMAGE_BL2) && RESET_TO_BL2)
#define IMAGE_AT_EL3
#endif
@@ -129,7 +130,7 @@
*/
.macro declare_cpu_ops _name:req, _midr:req, _resetfunc:req, \
_power_down_ops:vararg
- .section cpu_ops, "a"
+ .section .cpu_ops, "a"
.align 2
.type cpu_ops_\_name, %object
.word \_midr
diff --git a/include/lib/cpus/aarch64/cortex_a78.h b/include/lib/cpus/aarch64/cortex_a78.h
index fb325b6..66f565d 100644
--- a/include/lib/cpus/aarch64/cortex_a78.h
+++ b/include/lib/cpus/aarch64/cortex_a78.h
@@ -20,8 +20,8 @@
#define CORTEX_A78_CPUECTLR_EL1 S3_0_C15_C1_4
#define CORTEX_A78_CPUECTLR_EL1_BIT_8 (ULL(1) << 8)
#define CORTEX_A78_CPUECTLR_EL1_PF_MODE_CNSRV ULL(3)
-#define CPUECTLR_EL1_PF_MODE_LSB U(6)
-#define CPUECTLR_EL1_PF_MODE_WIDTH U(2)
+#define CPUECTLR_EL1_PF_MODE_LSB U(6)
+#define CPUECTLR_EL1_PF_MODE_WIDTH U(2)
/*******************************************************************************
* CPU Power Control register specific definitions
@@ -42,6 +42,8 @@
#define CORTEX_A78_ACTLR3_EL1 S3_0_C15_C1_2
+#define CORTEX_A78_ACTLR5_EL1 S3_0_C15_C9_0
+
/*******************************************************************************
* CPU Activity Monitor Unit register specific definitions.
******************************************************************************/
diff --git a/include/lib/cpus/aarch64/cortex_a78c.h b/include/lib/cpus/aarch64/cortex_a78c.h
index 35e543c..18cba2c 100644
--- a/include/lib/cpus/aarch64/cortex_a78c.h
+++ b/include/lib/cpus/aarch64/cortex_a78c.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,11 @@
#define CORTEX_A78C_CPUPWRCTLR_EL1_CORE_PWRDN_EN_BIT U(1)
/*******************************************************************************
+ * CPU Auxiliary Control register 3 specific definitions.
+ ******************************************************************************/
+#define CORTEX_A78C_ACTLR3_EL1 S3_0_C15_C1_2
+
+/*******************************************************************************
* CPU Implementation Specific Selected Instruction registers
******************************************************************************/
#define CORTEX_A78C_IMP_CPUPSELR_EL3 S3_6_C15_C8_0
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index 92e65ae..041be51 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -157,7 +157,7 @@
*/
.macro declare_cpu_ops_base _name:req, _midr:req, _resetfunc:req, \
_extra1:req, _extra2:req, _extra3:req, _e_handler:req, _power_down_ops:vararg
- .section cpu_ops, "a"
+ .section .cpu_ops, "a"
.align 3
.type cpu_ops_\_name, %object
.quad \_midr
diff --git a/include/lib/cpus/aarch64/neoverse_v1.h b/include/lib/cpus/aarch64/neoverse_v1.h
index 4c10484..3d48623 100644
--- a/include/lib/cpus/aarch64/neoverse_v1.h
+++ b/include/lib/cpus/aarch64/neoverse_v1.h
@@ -43,4 +43,6 @@
#define NEOVERSE_V1_ACTLR3_EL1 S3_0_C15_C1_2
+#define NEOVERSE_V1_ACTLR5_EL1 S3_0_C15_C9_0
+
#endif /* NEOVERSE_V1_H */
diff --git a/include/lib/el3_runtime/aarch32/context.h b/include/lib/el3_runtime/aarch32/context.h
index 5604c8e..df77c0f 100644
--- a/include/lib/el3_runtime/aarch32/context.h
+++ b/include/lib/el3_runtime/aarch32/context.h
@@ -62,7 +62,7 @@
* ensure that the assembler and the compiler view of the offsets of
* the structure members is the same.
*/
-CASSERT(CTX_REGS_OFFSET == __builtin_offsetof(cpu_context_t, regs_ctx), \
+CASSERT(CTX_REGS_OFFSET == __builtin_offsetof(cpu_context_t, regs_ctx),
assert_core_context_regs_offset_mismatch);
#endif /* __ASSEMBLER__ */
diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h
index 6986e0e..31d8f07 100644
--- a/include/lib/el3_runtime/aarch64/context.h
+++ b/include/lib/el3_runtime/aarch64/context.h
@@ -229,6 +229,9 @@
// Register for FEAT_HCX
#define CTX_HCRX_EL2 U(0x1d0)
+// Starting with Armv8.9
+#define CTX_TCR2_EL2 U(0x1d8)
+
/* Align to the next 16 byte boundary */
#define CTX_EL2_SYSREGS_END U(0x1e0)
@@ -445,24 +448,24 @@
* ensure that the assembler and the compiler view of the offsets of
* the structure members is the same.
*/
-CASSERT(CTX_GPREGS_OFFSET == __builtin_offsetof(cpu_context_t, gpregs_ctx), \
+CASSERT(CTX_GPREGS_OFFSET == __builtin_offsetof(cpu_context_t, gpregs_ctx),
assert_core_context_gp_offset_mismatch);
-CASSERT(CTX_EL1_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el1_sysregs_ctx), \
+CASSERT(CTX_EL1_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el1_sysregs_ctx),
assert_core_context_el1_sys_offset_mismatch);
#if CTX_INCLUDE_EL2_REGS
-CASSERT(CTX_EL2_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el2_sysregs_ctx), \
+CASSERT(CTX_EL2_SYSREGS_OFFSET == __builtin_offsetof(cpu_context_t, el2_sysregs_ctx),
assert_core_context_el2_sys_offset_mismatch);
#endif
#if CTX_INCLUDE_FPREGS
-CASSERT(CTX_FPREGS_OFFSET == __builtin_offsetof(cpu_context_t, fpregs_ctx), \
+CASSERT(CTX_FPREGS_OFFSET == __builtin_offsetof(cpu_context_t, fpregs_ctx),
assert_core_context_fp_offset_mismatch);
#endif
-CASSERT(CTX_EL3STATE_OFFSET == __builtin_offsetof(cpu_context_t, el3state_ctx), \
+CASSERT(CTX_EL3STATE_OFFSET == __builtin_offsetof(cpu_context_t, el3state_ctx),
assert_core_context_el3state_offset_mismatch);
-CASSERT(CTX_CVE_2018_3639_OFFSET == __builtin_offsetof(cpu_context_t, cve_2018_3639_ctx), \
+CASSERT(CTX_CVE_2018_3639_OFFSET == __builtin_offsetof(cpu_context_t, cve_2018_3639_ctx),
assert_core_context_cve_2018_3639_offset_mismatch);
#if CTX_INCLUDE_PAUTH_REGS
-CASSERT(CTX_PAUTH_REGS_OFFSET == __builtin_offsetof(cpu_context_t, pauth_ctx), \
+CASSERT(CTX_PAUTH_REGS_OFFSET == __builtin_offsetof(cpu_context_t, pauth_ctx),
assert_core_context_pauth_offset_mismatch);
#endif
@@ -539,10 +542,6 @@
void el2_sysregs_context_save_nv2(el2_sysregs_t *regs);
void el2_sysregs_context_restore_nv2(el2_sysregs_t *regs);
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
-void el2_sysregs_context_save_trf(el2_sysregs_t *regs);
-void el2_sysregs_context_restore_trf(el2_sysregs_t *regs);
-#endif /* ENABLE_TRF_FOR_NS */
#if ENABLE_FEAT_CSV2_2
void el2_sysregs_context_save_csv2(el2_sysregs_t *regs);
void el2_sysregs_context_restore_csv2(el2_sysregs_t *regs);
diff --git a/include/lib/el3_runtime/pubsub.h b/include/lib/el3_runtime/pubsub.h
index 64fe5cc..cbd8ecc 100644
--- a/include/lib/el3_runtime/pubsub.h
+++ b/include/lib/el3_runtime/pubsub.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,7 +12,7 @@
/* For the linker ... */
#define __pubsub_start_sym(event) __pubsub_##event##_start
#define __pubsub_end_sym(event) __pubsub_##event##_end
-#define __pubsub_section(event) __pubsub_##event
+#define __pubsub_section(event) .__pubsub_##event
/*
* REGISTER_PUBSUB_EVENT has a different definition between linker and compiler
@@ -54,7 +54,7 @@
#define __pubsub_end_sym(event) __pubsub_##event##_end
#endif
-#define __pubsub_section(event) __section("__pubsub_" #event)
+#define __pubsub_section(event) __section(".__pubsub_" #event)
/*
* In compiler context, REGISTER_PUBSUB_EVENT declares the per-event symbols
diff --git a/include/lib/extensions/brbe.h b/include/lib/extensions/brbe.h
index aac1ace..aee208d 100644
--- a/include/lib/extensions/brbe.h
+++ b/include/lib/extensions/brbe.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef BRBE_H
#define BRBE_H
+#if ENABLE_BRBE_FOR_NS
void brbe_enable(void);
+#else
+void brbe_enable(void)
+{
+}
+#endif /* ENABLE_BRBE_FOR_NS */
#endif /* BRBE_H */
diff --git a/include/lib/extensions/trbe.h b/include/lib/extensions/trbe.h
index 1753ab6..0eff7c4 100644
--- a/include/lib/extensions/trbe.h
+++ b/include/lib/extensions/trbe.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef TRBE_H
#define TRBE_H
+#if ENABLE_TRBE_FOR_NS
void trbe_enable(void);
+#else
+void trbe_enable(void)
+{
+}
+#endif /* ENABLE_TRBE_FOR_NS */
#endif /* TRBE_H */
diff --git a/include/lib/extensions/trf.h b/include/lib/extensions/trf.h
index 18f17f3..a440abd 100644
--- a/include/lib/extensions/trf.h
+++ b/include/lib/extensions/trf.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,12 @@
#ifndef TRF_H
#define TRF_H
+#if ENABLE_TRF_FOR_NS
void trf_enable(void);
+#else
+void trf_enable(void)
+{
+}
+#endif /* ENABLE_TRF_FOR_NS */
#endif /* TRF_H */
diff --git a/include/lib/pmf/pmf_helpers.h b/include/lib/pmf/pmf_helpers.h
index b49c6da..01cc179 100644
--- a/include/lib/pmf/pmf_helpers.h
+++ b/include/lib/pmf/pmf_helpers.h
@@ -154,7 +154,7 @@
extern unsigned long long pmf_ts_mem_ ## _name[_total_id]; \
unsigned long long pmf_ts_mem_ ## _name[_total_id] \
__aligned(CACHE_WRITEBACK_GRANULE) \
- __section("pmf_timestamp_array") \
+ __section(".pmf_timestamp_array") \
__used;
/*
@@ -225,7 +225,7 @@
#define PMF_DEFINE_SERVICE_DESC(_name, _implid, _svcid, _totalid, \
_init, _getts_by_mpidr) \
static const pmf_svc_desc_t __pmf_desc_ ## _name \
- __section("pmf_svc_descs") __used = { \
+ __section(".pmf_svc_descs") __used = { \
.h.type = PARAM_EP, \
.h.version = VERSION_1, \
.h.size = sizeof(pmf_svc_desc_t), \
diff --git a/include/lib/xlat_tables/xlat_tables_v2.h b/include/lib/xlat_tables/xlat_tables_v2.h
index 69ad027..4d16ced 100644
--- a/include/lib/xlat_tables/xlat_tables_v2.h
+++ b/include/lib/xlat_tables/xlat_tables_v2.h
@@ -203,7 +203,7 @@
(_virt_addr_space_size), \
(_phy_addr_space_size), \
EL_REGIME_INVALID, \
- "xlat_table", "base_xlat_table")
+ ".xlat_table", ".base_xlat_table")
/*
* Same as REGISTER_XLAT_CONTEXT plus the additional parameters:
diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h
index 7cd32b1..925ff21 100644
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -82,6 +82,7 @@
* - L1 GPT DRAM: Reserved for L1 GPT if RME is enabled
* - REALM DRAM: Reserved for Realm world if RME is enabled
* - TF-A <-> RMM SHARED: Area shared for communication between TF-A and RMM
+ * - Event Log: Area for Event Log if MEASURED_BOOT feature is enabled
* - AP TZC DRAM: The remaining TZC secured DRAM reserved for AP use
*
* RME enabled(64MB) RME not enabled(16MB)
@@ -89,13 +90,15 @@
* | | | |
* | AP TZC (~28MB) | | AP TZC (~14MB) |
* -------------------- -------------------
+ * | Event Log | | Event Log |
+ * | (4KB) | | (4KB) |
+ * -------------------- -------------------
+ * | REALM (RMM) | | |
+ * | (32MB - 4KB) | | EL3 TZC (2MB) |
+ * -------------------- -------------------
* | | | |
- * | REALM (RMM) | | EL3 TZC (2MB) |
- * | (32MB - 4KB) | -------------------
- * -------------------- | |
- * | | | SCP TZC |
- * | TF-A <-> RMM | 0xFFFF_FFFF-------------------
- * | SHARED (4KB) |
+ * | TF-A <-> RMM | | SCP TZC |
+ * | SHARED (4KB) | 0xFFFF_FFFF-------------------
* --------------------
* | |
* | EL3 TZC (3MB) |
@@ -109,12 +112,11 @@
/*
* Define a region within the TZC secured DRAM for use by EL3 runtime
* firmware. This region is meant to be NOLOAD and will not be zero
- * initialized. Data sections with the attribute `arm_el3_tzc_dram` will be
+ * initialized. Data sections with the attribute `.arm_el3_tzc_dram` will be
* placed here. 3MB region is reserved if RME is enabled, 2MB otherwise.
*/
#define ARM_EL3_TZC_DRAM1_SIZE UL(0x00300000) /* 3MB */
#define ARM_L1_GPT_SIZE UL(0x00100000) /* 1MB */
-
/* 32MB - ARM_EL3_RMM_SHARED_SIZE */
#define ARM_REALM_SIZE (UL(0x02000000) - \
ARM_EL3_RMM_SHARED_SIZE)
@@ -134,6 +136,25 @@
#define ARM_SCP_TZC_DRAM1_SIZE PLAT_ARM_SCP_TZC_DRAM1_SIZE
#define ARM_SCP_TZC_DRAM1_END (ARM_SCP_TZC_DRAM1_BASE + \
ARM_SCP_TZC_DRAM1_SIZE - 1U)
+
+# if (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)) && \
+MEASURED_BOOT
+#define ARM_EVENT_LOG_DRAM1_SIZE UL(0x00001000) /* 4KB */
+
+#if ENABLE_RME
+#define ARM_EVENT_LOG_DRAM1_BASE (ARM_REALM_BASE - \
+ ARM_EVENT_LOG_DRAM1_SIZE)
+#else
+#define ARM_EVENT_LOG_DRAM1_BASE (ARM_EL3_TZC_DRAM1_BASE - \
+ ARM_EVENT_LOG_DRAM1_SIZE)
+#endif /* ENABLE_RME */
+#define ARM_EVENT_LOG_DRAM1_END (ARM_EVENT_LOG_DRAM1_BASE + \
+ ARM_EVENT_LOG_DRAM1_SIZE - \
+ 1U)
+#else
+#define ARM_EVENT_LOG_DRAM1_SIZE UL(0)
+#endif /* (SPD_tspd || SPD_opteed || SPD_spmd) && MEASURED_BOOT */
+
#if ENABLE_RME
#define ARM_L1_GPT_ADDR_BASE (ARM_DRAM1_BASE + \
ARM_DRAM1_SIZE - \
@@ -170,7 +191,9 @@
ARM_EL3_TZC_DRAM1_SIZE + \
ARM_EL3_RMM_SHARED_SIZE + \
ARM_REALM_SIZE + \
- ARM_L1_GPT_SIZE))
+ ARM_L1_GPT_SIZE + \
+ ARM_EVENT_LOG_DRAM1_SIZE))
+
#define ARM_AP_TZC_DRAM1_END (ARM_AP_TZC_DRAM1_BASE + \
ARM_AP_TZC_DRAM1_SIZE - 1U)
@@ -312,6 +335,15 @@
PLAT_ARM_TRUSTED_DRAM_BASE, \
PLAT_ARM_TRUSTED_DRAM_SIZE, \
MT_MEMORY | MT_RW | MT_SECURE)
+
+# if (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)) && \
+MEASURED_BOOT
+#define ARM_MAP_EVENT_LOG_DRAM1 \
+ MAP_REGION_FLAT( \
+ ARM_EVENT_LOG_DRAM1_BASE, \
+ ARM_EVENT_LOG_DRAM1_SIZE, \
+ MT_MEMORY | MT_RW | MT_SECURE)
+#endif /* (SPD_tspd || SPD_opteed || SPD_spmd) && MEASURED_BOOT */
#if ENABLE_RME
/*
@@ -554,7 +586,7 @@
/*******************************************************************************
* BL2 specific defines.
******************************************************************************/
-#if BL2_AT_EL3
+#if RESET_TO_BL2
#if ENABLE_PIE
/*
* As the BL31 image size appears to be increased when built with the ENABLE_PIE
@@ -614,10 +646,11 @@
- PLAT_ARM_MAX_BL31_SIZE)
#define BL31_PROGBITS_LIMIT BL2_BASE
/*
- * For BL2_AT_EL3 make sure the BL31 can grow up until BL2_BASE. This is
- * because in the BL2_AT_EL3 configuration, BL2 is always resident.
+ * For RESET_TO_BL2 make sure the BL31 can grow up until BL2_BASE.
+ * This is because in the RESET_TO_BL2 configuration,
+ * BL2 is always resident.
*/
-#if BL2_AT_EL3
+#if RESET_TO_BL2
#define BL31_LIMIT BL2_BASE
#else
#define BL31_LIMIT (ARM_BL_RAM_BASE + ARM_BL_RAM_SIZE)
diff --git a/include/plat/arm/common/arm_reclaim_init.ld.S b/include/plat/arm/common/arm_reclaim_init.ld.S
index 788e9ff..a77c964 100644
--- a/include/plat/arm/common/arm_reclaim_init.ld.S
+++ b/include/plat/arm/common/arm_reclaim_init.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -26,9 +26,9 @@
#define ABS ABSOLUTE
#define STACK_SECTION \
- stacks (NOLOAD) : { \
+ .stacks (NOLOAD) : { \
__STACKS_START__ = .; \
- *(tzfw_normal_stacks) \
+ *(.tzfw_normal_stacks) \
__STACKS_END__ = .; \
/* Allow room for the init section where necessary. */ \
OFFSET = ABS(SIZEOF(.init) - (. - __STACKS_START__)); \
diff --git a/include/plat/arm/common/arm_tzc_dram.ld.S b/include/plat/arm/common/arm_tzc_dram.ld.S
index 6dcea0b..c790bb9 100644
--- a/include/plat/arm/common/arm_tzc_dram.ld.S
+++ b/include/plat/arm/common/arm_tzc_dram.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,9 +17,9 @@
. = ARM_EL3_TZC_DRAM1_BASE;
ASSERT(. == ALIGN(PAGE_SIZE),
"ARM_EL3_TZC_DRAM_BASE address is not aligned on a page boundary.")
- el3_tzc_dram (NOLOAD) : ALIGN(PAGE_SIZE) {
+ .el3_tzc_dram (NOLOAD) : ALIGN(PAGE_SIZE) {
__EL3_SEC_DRAM_START__ = .;
- *(arm_el3_tzc_dram)
+ *(.arm_el3_tzc_dram)
__EL3_SEC_DRAM_UNALIGNED_END__ = .;
. = ALIGN(PAGE_SIZE);
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 8543ac7..a14d775 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -256,8 +256,8 @@
#endif /* MEASURED_BOOT */
/*******************************************************************************
- * Mandatory BL2 at EL3 functions: Must be implemented if BL2_AT_EL3 image is
- * supported
+ * Mandatory BL2 at EL3 functions: Must be implemented
+ * if RESET_TO_BL2 image is supported
******************************************************************************/
void bl2_el3_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3);
diff --git a/include/services/el3_spmc_logical_sp.h b/include/services/el3_spmc_logical_sp.h
index 7ec9958..5ce33ed 100644
--- a/include/services/el3_spmc_logical_sp.h
+++ b/include/services/el3_spmc_logical_sp.h
@@ -35,7 +35,7 @@
#define DECLARE_LOGICAL_PARTITION(_name, _init, _sp_id, _uuid, _properties, \
_direct_req) \
static const struct el3_lp_desc __partition_desc_ ## _name \
- __section("el3_lp_descs") __used = { \
+ __section(".el3_lp_descs") __used = { \
.debug_name = #_name, \
.init = (_init), \
.sp_id = (_sp_id), \
diff --git a/include/services/ffa_svc.h b/include/services/ffa_svc.h
index da016fd..8bc911a 100644
--- a/include/services/ffa_svc.h
+++ b/include/services/ffa_svc.h
@@ -24,7 +24,7 @@
/* The macros below are used to identify FFA calls from the SMC function ID */
#define FFA_FNUM_MIN_VALUE U(0x60)
-#define FFA_FNUM_MAX_VALUE U(0x87)
+#define FFA_FNUM_MAX_VALUE U(0x8B)
#define is_ffa_fid(fid) __extension__ ({ \
__typeof__(fid) _fid = (fid); \
((GET_SMC_NUM(_fid) >= FFA_FNUM_MIN_VALUE) && \
@@ -117,6 +117,7 @@
#define FFA_FNUM_SPM_ID_GET U(0x85)
#define FFA_FNUM_MSG_SEND2 U(0x86)
#define FFA_FNUM_SECONDARY_EP_REGISTER U(0x87)
+#define FFA_FNUM_PARTITION_INFO_GET_REGS U(0x8B)
/* FFA SMC32 FIDs */
#define FFA_ERROR FFA_FID(SMC_32, FFA_FNUM_ERROR)
@@ -180,6 +181,8 @@
FFA_FID(SMC_64, FFA_FNUM_SECONDARY_EP_REGISTER)
#define FFA_NOTIFICATION_INFO_GET_SMC64 \
FFA_FID(SMC_64, FFA_FNUM_NOTIFICATION_INFO_GET)
+#define FFA_PARTITION_INFO_GET_REGS_SMC64 \
+ FFA_FID(SMC_64, FFA_FNUM_PARTITION_INFO_GET_REGS)
/*
* FF-A partition properties values.
diff --git a/lib/aarch64/misc_helpers.S b/lib/aarch64/misc_helpers.S
index e8110b0..f9c4baf 100644
--- a/lib/aarch64/misc_helpers.S
+++ b/lib/aarch64/misc_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -164,7 +164,7 @@
* register value and panic if the MMU is disabled.
*/
#if defined(IMAGE_BL1) || defined(IMAGE_BL31) || (defined(IMAGE_BL2) && \
- (BL2_AT_EL3 || ENABLE_RME))
+ BL2_RUNS_AT_EL3)
mrs tmp1, sctlr_el3
#else
mrs tmp1, sctlr_el1
diff --git a/lib/compiler-rt/builtins/arm/aeabi_memset.S b/lib/compiler-rt/builtins/arm/aeabi_memset.S
new file mode 100644
index 0000000..2aa8ec0
--- /dev/null
+++ b/lib/compiler-rt/builtins/arm/aeabi_memset.S
@@ -0,0 +1,49 @@
+//===-- aeabi_memset.S - EABI memset implementation -----------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+
+#include "../assembly.h"
+
+// void __aeabi_memset(void *dest, size_t n, int c) { memset(dest, c, n); }
+// void __aeabi_memclr(void *dest, size_t n) { __aeabi_memset(dest, n, 0); }
+
+ .syntax unified
+ .p2align 2
+DEFINE_COMPILERRT_FUNCTION(__aeabi_memset)
+ mov r3, r1
+ mov r1, r2
+ mov r2, r3
+#ifdef USE_THUMB_1
+ push {r7, lr}
+ bl memset
+ pop {r7, pc}
+#else
+ b memset
+#endif
+END_COMPILERRT_FUNCTION(__aeabi_memset)
+
+DEFINE_AEABI_FUNCTION_ALIAS(__aeabi_memset4, __aeabi_memset)
+DEFINE_AEABI_FUNCTION_ALIAS(__aeabi_memset8, __aeabi_memset)
+
+ .p2align 2
+DEFINE_COMPILERRT_FUNCTION(__aeabi_memclr)
+ mov r2, r1
+ movs r1, #0
+#ifdef USE_THUMB_1
+ push {r7, lr}
+ bl memset
+ pop {r7, pc}
+#else
+ b memset
+#endif
+END_COMPILERRT_FUNCTION(__aeabi_memclr)
+
+DEFINE_AEABI_FUNCTION_ALIAS(__aeabi_memclr4, __aeabi_memclr)
+DEFINE_AEABI_FUNCTION_ALIAS(__aeabi_memclr8, __aeabi_memclr)
+
+NO_EXEC_STACK_DIRECTIVE
+
diff --git a/lib/compiler-rt/compiler-rt.mk b/lib/compiler-rt/compiler-rt.mk
index 2338908..b41c4d0 100644
--- a/lib/compiler-rt/compiler-rt.mk
+++ b/lib/compiler-rt/compiler-rt.mk
@@ -35,6 +35,7 @@
COMPILER_RT_SRCS += lib/compiler-rt/builtins/arm/aeabi_ldivmod.S \
lib/compiler-rt/builtins/arm/aeabi_uldivmod.S \
lib/compiler-rt/builtins/arm/aeabi_memcpy.S \
+ lib/compiler-rt/builtins/arm/aeabi_memset.S \
lib/compiler-rt/builtins/ctzdi2.c \
lib/compiler-rt/builtins/divdi3.c \
lib/compiler-rt/builtins/divmoddi4.c \
diff --git a/lib/cpus/aarch32/cpu_helpers.S b/lib/cpus/aarch32/cpu_helpers.S
index 6ed800c..e25ce2a 100644
--- a/lib/cpus/aarch32/cpu_helpers.S
+++ b/lib/cpus/aarch32/cpu_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,8 @@
#include <common/bl_common.h>
#include <lib/el3_runtime/cpu_data.h>
-#if defined(IMAGE_BL1) || defined(IMAGE_BL32) || (defined(IMAGE_BL2) && BL2_AT_EL3)
+#if defined(IMAGE_BL1) || defined(IMAGE_BL32) || \
+ (defined(IMAGE_BL2) && RESET_TO_BL2)
/*
* The reset handler common to all platforms. After a matching
* cpu_ops structure entry is found, the correponding reset_handler
diff --git a/lib/cpus/aarch64/cortex_a78.S b/lib/cpus/aarch64/cortex_a78.S
index a3932e8..421509d 100644
--- a/lib/cpus/aarch64/cortex_a78.S
+++ b/lib/cpus/aarch64/cortex_a78.S
@@ -327,6 +327,36 @@
endfunc check_errata_2395406
/* ----------------------------------------------------
+ * Errata Workaround for Cortex A78 Errata 2742426.
+ * This applies to revisions r0p0, r1p0, r1p1 and r1p2.
+ * It is still open.
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x1, x17
+ * ----------------------------------------------------
+ */
+func errata_a78_2742426_wa
+ /* Check revision. */
+ mov x17, x30
+ bl check_errata_2742426
+ cbz x0, 1f
+
+ /* Apply the workaround */
+ mrs x1, CORTEX_A78_ACTLR5_EL1
+ bic x1, x1, #BIT(56)
+ orr x1, x1, #BIT(55)
+ msr CORTEX_A78_ACTLR5_EL1, x1
+
+1:
+ ret x17
+endfunc errata_a78_2742426_wa
+
+func check_errata_2742426
+ /* Applies to r0p0, r1p0, r1p1, r1p2 */
+ mov x1, #CPU_REV(1, 2)
+ b cpu_rev_var_ls
+endfunc check_errata_2742426
+
+/* ----------------------------------------------------
* Errata Workaround for Cortex-A78 Errata 2772019
* This applies to revisions <= r1p2 and is still open.
* x0: variant[4:7] and revision[0:3] of current cpu.
@@ -443,6 +473,11 @@
bl errata_a78_2395406_wa
#endif
+#if ERRATA_A78_2742426
+ mov x0, x18
+ bl errata_a78_2742426_wa
+#endif
+
#if ERRATA_A78_2779479
mov x0, x18
bl errata_a78_2779479_wa
@@ -526,6 +561,7 @@
report_errata ERRATA_A78_2242635, cortex_a78, 2242635
report_errata ERRATA_A78_2376745, cortex_a78, 2376745
report_errata ERRATA_A78_2395406, cortex_a78, 2395406
+ report_errata ERRATA_A78_2742426, cortex_a78, 2742426
report_errata ERRATA_A78_2772019, cortex_a78, 2772019
report_errata ERRATA_A78_2779479, cortex_a78, 2779479
report_errata WORKAROUND_CVE_2022_23960, cortex_a78, cve_2022_23960
diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S
index 5cdce89..71f0725 100644
--- a/lib/cpus/aarch64/cortex_a78c.S
+++ b/lib/cpus/aarch64/cortex_a78c.S
@@ -177,6 +177,36 @@
b cpu_rev_var_ls
endfunc check_errata_2772121
+/* --------------------------------------------------
+ * Errata Workaround for Cortex A78C Errata 2779484.
+ * This applies to revisions r0p1 and r0p2.
+ * It is still open.
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x1, x17
+ * --------------------------------------------------
+ */
+func errata_a78c_2779484_wa
+ /* Check revision. */
+ mov x17, x30
+ bl check_errata_2779484
+ cbz x0, 1f
+
+ /* Apply the workaround */
+ mrs x1, CORTEX_A78C_ACTLR3_EL1
+ orr x1, x1, #BIT(47)
+ msr CORTEX_A78C_ACTLR3_EL1, x1
+
+1:
+ ret x17
+endfunc errata_a78c_2779484_wa
+
+func check_errata_2779484
+ /* Applies to r0p1 and r0p2*/
+ mov x1, #0x01
+ mov x2, #0x02
+ b cpu_rev_var_range
+endfunc check_errata_2779484
+
func check_errata_cve_2022_23960
#if WORKAROUND_CVE_2022_23960
mov x0, #ERRATA_APPLIES
@@ -215,6 +245,11 @@
bl errata_a78c_2395411_wa
#endif
+#if ERRATA_A78C_2779484
+ mov x0, x18
+ bl errata_a78c_2779484_wa
+#endif
+
#if IMAGE_BL31 && WORKAROUND_CVE_2022_23960
/*
* The Cortex-A78c generic vectors are overridden to apply errata
@@ -269,6 +304,7 @@
report_errata ERRATA_A78C_2376749, cortex_a78c, 2376749
report_errata ERRATA_A78C_2395411, cortex_a78c, 2395411
report_errata ERRATA_A78C_2772121, cortex_a78c, 2772121
+ report_errata ERRATA_A78C_2779484, cortex_a78c, 2779484
report_errata WORKAROUND_CVE_2022_23960, cortex_a78c, cve_2022_23960
ldp x8, x30, [sp], #16
diff --git a/lib/cpus/aarch64/cpu_helpers.S b/lib/cpus/aarch64/cpu_helpers.S
index 2385627..ee880f7 100644
--- a/lib/cpus/aarch64/cpu_helpers.S
+++ b/lib/cpus/aarch64/cpu_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,7 +14,8 @@
#include <lib/el3_runtime/cpu_data.h>
/* Reset fn is needed in BL at reset vector */
-#if defined(IMAGE_BL1) || defined(IMAGE_BL31) || (defined(IMAGE_BL2) && BL2_AT_EL3)
+#if defined(IMAGE_BL1) || defined(IMAGE_BL31) || \
+ (defined(IMAGE_BL2) && RESET_TO_BL2)
/*
* The reset handler common to all platforms. After a matching
* cpu_ops structure entry is found, the correponding reset_handler
diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S
index f9a5789..363c2e6 100644
--- a/lib/cpus/aarch64/neoverse_v1.S
+++ b/lib/cpus/aarch64/neoverse_v1.S
@@ -486,6 +486,37 @@
b cpu_rev_var_ls
endfunc check_errata_2743093
+ /* ---------------------------------------------------
+ * Errata Workaround for Neoverse V1 Errata #2743233.
+ * This applies to revisions r0p0, r1p0, r1p1 and r1p2.
+ * It is still open.
+ * x0: variant[4:7] and revisions[0:3] of current cpu.
+ * Shall clobber: x0-x1, x17
+ * ---------------------------------------------------
+ */
+func errata_neoverse_v1_2743233_wa
+ /* Check revision. */
+ mov x17, x30
+ bl check_errata_2743233
+ cbz x0, 1f
+
+ /* Apply the workaround */
+ mrs x1, NEOVERSE_V1_ACTLR5_EL1
+ bic x1, x1, #BIT(56)
+ orr x1, x1, #BIT(55)
+ msr NEOVERSE_V1_ACTLR5_EL1, x1
+
+1:
+ ret x17
+endfunc errata_neoverse_v1_2743233_wa
+
+func check_errata_2743233
+ /* Applies to r0p0, r1p0, r1p1 and r1p2 */
+ mov x1, #CPU_REV(1,2)
+ b cpu_rev_var_ls
+endfunc check_errata_2743233
+
+
/* ----------------------------------------------------
* Errata Workaround for Neoverse V1 Errata #2779461.
* This applies to revisions r0p0, r1p0, r1p1, and r1p2.
@@ -573,6 +604,7 @@
report_errata ERRATA_V1_2294912, neoverse_v1, 2294912
report_errata ERRATA_V1_2372203, neoverse_v1, 2372203
report_errata ERRATA_V1_2743093, neoverse_v1, 2743093
+ report_errata ERRATA_V1_2743233, neoverse_v1, 2743233
report_errata ERRATA_V1_2779461, neoverse_v1, 2779461
report_errata WORKAROUND_CVE_2022_23960, neoverse_v1, cve_2022_23960
@@ -652,6 +684,11 @@
bl errata_neoverse_v1_2372203_wa
#endif
+#if ERRATA_V1_2743233
+ mov x0, x18
+ bl errata_neoverse_v1_2743233_wa
+#endif
+
#if ERRATA_V1_2779461
mov x0, x18
bl errata_neoverse_v1_2779461_wa
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index 4582f28..51b2175 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -357,6 +357,11 @@
# to revisions r0p0, r1p0, r1p1, and r1p2 of the A78 cpu. It is still open.
ERRATA_A78_2395406 ?=0
+# Flag to apply erratum 2742426 workaround during reset. This erratum
+# applies to revisions r0p0, r1p0, r1p1 and r1p2 of the A78 cpu. It is still
+# open.
+ERRATA_A78_2742426 ?=0
+
# Flag to apply erratum 2772019 workaround during powerdown. This erratum
# applies to revisions r0p0, r1p0, r1p1 and r1p2 of the A78 cpu. It is still
# open.
@@ -402,6 +407,10 @@
# applies to revisions r0p0, r0p1 and r0p2 of the A78C cpu. It is still open.
ERRATA_A78C_2772121 ?=0
+# Flag to apply erratum 2779484 workaround during reset. This erratum
+# applies to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
+ERRATA_A78C_2779484 ?=0
+
# Flag to apply erratum 1821534 workaround during reset. This erratum applies
# to revisions r0p0 - r1p0 of the X1 cpu and fixed in r1p1.
ERRATA_X1_1821534 ?=0
@@ -530,6 +539,11 @@
# still open.
ERRATA_V1_2743093 ?=0
+# Flag to apply erratum 2743233 workaround during powerdown. This erratum
+# applies to revisions r0p0, r1p0, r1p1 and r1p2 of the Neoverse V1 cpu and is
+# still open.
+ERRATA_V1_2743233 ?=0
+
# Flag to apply erratum 2779461 workaround during powerdown. This erratum
# applies to revisions r0p0, r1p0, r1p1 and r1p2 of the Neoverse V1 cpu and is
# still open.
@@ -1044,6 +1058,10 @@
$(eval $(call assert_boolean,ERRATA_A78_2395406))
$(eval $(call add_define,ERRATA_A78_2395406))
+# Process ERRATA_A78_2742426 flag
+$(eval $(call assert_boolean,ERRATA_A78_2742426))
+$(eval $(call add_define,ERRATA_A78_2742426))
+
# Process ERRATA_A78_2772019 flag
$(eval $(call assert_boolean,ERRATA_A78_2772019))
$(eval $(call add_define,ERRATA_A78_2772019))
@@ -1088,6 +1106,10 @@
$(eval $(call assert_boolean,ERRATA_A78C_2772121))
$(eval $(call add_define,ERRATA_A78C_2772121))
+# Process ERRATA_A78C_2779484 flag
+$(eval $(call assert_boolean,ERRATA_A78C_2779484))
+$(eval $(call add_define,ERRATA_A78C_2779484))
+
# Process ERRATA_X1_1821534 flag
$(eval $(call assert_boolean,ERRATA_X1_1821534))
$(eval $(call add_define,ERRATA_X1_1821534))
@@ -1212,6 +1234,10 @@
$(eval $(call assert_boolean,ERRATA_V1_2743093))
$(eval $(call add_define,ERRATA_V1_2743093))
+# Process ERRATA_V1_2743233 flag
+$(eval $(call assert_boolean,ERRATA_V1_2743233))
+$(eval $(call add_define,ERRATA_V1_2743233))
+
# Process ERRATA_V1_2779461 flag
$(eval $(call assert_boolean,ERRATA_V1_2779461))
$(eval $(call add_define,ERRATA_V1_2779461))
diff --git a/lib/cpus/errata_report.c b/lib/cpus/errata_report.c
index 93b2744..5f41aee 100644
--- a/lib/cpus/errata_report.c
+++ b/lib/cpus/errata_report.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,7 +21,7 @@
# define BL_STRING "BL31"
#elif !defined(__aarch64__) && defined(IMAGE_BL32)
# define BL_STRING "BL32"
-#elif defined(IMAGE_BL2) && BL2_AT_EL3
+#elif defined(IMAGE_BL2) && RESET_TO_BL2
# define BL_STRING "BL2"
#else
# error This image should not be printing errata status
diff --git a/lib/el3_runtime/aarch32/context_mgmt.c b/lib/el3_runtime/aarch32/context_mgmt.c
index af8edf5..e494a86 100644
--- a/lib/el3_runtime/aarch32/context_mgmt.c
+++ b/lib/el3_runtime/aarch32/context_mgmt.c
@@ -11,6 +11,7 @@
#include <platform_def.h>
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <common/bl_common.h>
#include <context.h>
@@ -143,9 +144,9 @@
sys_reg_trace_enable();
#endif /* ENABLE_SYS_REG_TRACE_FOR_NS */
-#if ENABLE_TRF_FOR_NS
- trf_enable();
-#endif /* ENABLE_TRF_FOR_NS */
+ if (is_feat_trf_supported()) {
+ trf_enable();
+ }
#endif
}
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index 722b8ae..d439148 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -41,10 +41,6 @@
.global el2_sysregs_context_save_nv2
.global el2_sysregs_context_restore_nv2
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
- .global el2_sysregs_context_save_trf
- .global el2_sysregs_context_restore_trf
-#endif /* ENABLE_TRF_FOR_NS */
#if ENABLE_FEAT_CSV2_2
.global el2_sysregs_context_save_csv2
.global el2_sysregs_context_restore_csv2
@@ -536,26 +532,6 @@
endfunc el2_sysregs_context_restore_nv2
#endif /* CTX_INCLUDE_NEVE_REGS */
-#if ENABLE_TRF_FOR_NS
-func el2_sysregs_context_save_trf
- /*
- * TRFCR_EL2 register is saved only when FEAT_TRF is supported.
- */
- mrs x12, TRFCR_EL2
- str x12, [x0, #CTX_TRFCR_EL2]
- ret
-endfunc el2_sysregs_context_save_trf
-
-func el2_sysregs_context_restore_trf
- /*
- * TRFCR_EL2 register is restored only when FEAT_TRF is supported.
- */
- ldr x12, [x0, #CTX_TRFCR_EL2]
- msr TRFCR_EL2, x12
- ret
-endfunc el2_sysregs_context_restore_trf
-#endif /* ENABLE_TRF_FOR_NS */
-
#if ENABLE_FEAT_CSV2_2
func el2_sysregs_context_save_csv2
/*
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index dab25d6..507a8ce 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -348,6 +348,13 @@
#endif
/*
+ * SCR_EL3.TCR2EN: Enable access to TCR2_ELx for AArch64 if present.
+ */
+ if (is_feat_tcr2_supported() && (GET_RW(ep->spsr) == MODE_RW_64)) {
+ scr_el3 |= SCR_TCR2EN_BIT;
+ }
+
+ /*
* CPTR_EL3 was initialized out of reset, copy that value to the
* context register.
*/
@@ -495,21 +502,21 @@
mpam_enable(el2_unused);
#endif
-#if ENABLE_TRBE_FOR_NS
- trbe_enable();
-#endif /* ENABLE_TRBE_FOR_NS */
+ if (is_feat_trbe_supported()) {
+ trbe_enable();
+ }
-#if ENABLE_BRBE_FOR_NS
- brbe_enable();
-#endif /* ENABLE_BRBE_FOR_NS */
+ if (is_feat_brbe_supported()) {
+ brbe_enable();
+ }
#if ENABLE_SYS_REG_TRACE_FOR_NS
sys_reg_trace_enable(ctx);
#endif /* ENABLE_SYS_REG_TRACE_FOR_NS */
-#if ENABLE_TRF_FOR_NS
- trf_enable();
-#endif /* ENABLE_TRF_FOR_NS */
+ if (is_feat_trf_supported()) {
+ trf_enable();
+ }
#endif
}
@@ -805,30 +812,26 @@
static void el2_sysregs_context_save_fgt(el2_sysregs_t *ctx)
{
- if (is_feat_fgt_supported()) {
- write_ctx_reg(ctx, CTX_HDFGRTR_EL2, read_hdfgrtr_el2());
- if (is_feat_amu_supported()) {
- write_ctx_reg(ctx, CTX_HAFGRTR_EL2, read_hafgrtr_el2());
- }
- write_ctx_reg(ctx, CTX_HDFGWTR_EL2, read_hdfgwtr_el2());
- write_ctx_reg(ctx, CTX_HFGITR_EL2, read_hfgitr_el2());
- write_ctx_reg(ctx, CTX_HFGRTR_EL2, read_hfgrtr_el2());
- write_ctx_reg(ctx, CTX_HFGWTR_EL2, read_hfgwtr_el2());
+ write_ctx_reg(ctx, CTX_HDFGRTR_EL2, read_hdfgrtr_el2());
+ if (is_feat_amu_supported()) {
+ write_ctx_reg(ctx, CTX_HAFGRTR_EL2, read_hafgrtr_el2());
}
+ write_ctx_reg(ctx, CTX_HDFGWTR_EL2, read_hdfgwtr_el2());
+ write_ctx_reg(ctx, CTX_HFGITR_EL2, read_hfgitr_el2());
+ write_ctx_reg(ctx, CTX_HFGRTR_EL2, read_hfgrtr_el2());
+ write_ctx_reg(ctx, CTX_HFGWTR_EL2, read_hfgwtr_el2());
}
static void el2_sysregs_context_restore_fgt(el2_sysregs_t *ctx)
{
- if (is_feat_fgt_supported()) {
- write_hdfgrtr_el2(read_ctx_reg(ctx, CTX_HDFGRTR_EL2));
- if (is_feat_amu_supported()) {
- write_hafgrtr_el2(read_ctx_reg(ctx, CTX_HAFGRTR_EL2));
- }
- write_hdfgwtr_el2(read_ctx_reg(ctx, CTX_HDFGWTR_EL2));
- write_hfgitr_el2(read_ctx_reg(ctx, CTX_HFGITR_EL2));
- write_hfgrtr_el2(read_ctx_reg(ctx, CTX_HFGRTR_EL2));
- write_hfgwtr_el2(read_ctx_reg(ctx, CTX_HFGWTR_EL2));
+ write_hdfgrtr_el2(read_ctx_reg(ctx, CTX_HDFGRTR_EL2));
+ if (is_feat_amu_supported()) {
+ write_hafgrtr_el2(read_ctx_reg(ctx, CTX_HAFGRTR_EL2));
}
+ write_hdfgwtr_el2(read_ctx_reg(ctx, CTX_HDFGWTR_EL2));
+ write_hfgitr_el2(read_ctx_reg(ctx, CTX_HFGITR_EL2));
+ write_hfgrtr_el2(read_ctx_reg(ctx, CTX_HFGRTR_EL2));
+ write_hfgwtr_el2(read_ctx_reg(ctx, CTX_HFGWTR_EL2));
}
/*******************************************************************************
@@ -863,7 +866,9 @@
el2_sysregs_context_save_mpam(el2_sysregs_ctx);
#endif
- el2_sysregs_context_save_fgt(el2_sysregs_ctx);
+ if (is_feat_fgt_supported()) {
+ el2_sysregs_context_save_fgt(el2_sysregs_ctx);
+ }
#if ENABLE_FEAT_ECV
el2_sysregs_context_save_ecv(el2_sysregs_ctx);
@@ -877,15 +882,18 @@
#if CTX_INCLUDE_NEVE_REGS
el2_sysregs_context_save_nv2(el2_sysregs_ctx);
#endif
-#if ENABLE_TRF_FOR_NS
- el2_sysregs_context_save_trf(el2_sysregs_ctx);
-#endif
+ if (is_feat_trf_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_TRFCR_EL2, read_trfcr_el2());
+ }
#if ENABLE_FEAT_CSV2_2
el2_sysregs_context_save_csv2(el2_sysregs_ctx);
#endif
if (is_feat_hcx_supported()) {
write_ctx_reg(el2_sysregs_ctx, CTX_HCRX_EL2, read_hcrx_el2());
}
+ if (is_feat_tcr2_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_TCR2_EL2, read_tcr2_el2());
+ }
}
}
@@ -921,7 +929,9 @@
el2_sysregs_context_restore_mpam(el2_sysregs_ctx);
#endif
- el2_sysregs_context_restore_fgt(el2_sysregs_ctx);
+ if (is_feat_fgt_supported()) {
+ el2_sysregs_context_restore_fgt(el2_sysregs_ctx);
+ }
#if ENABLE_FEAT_ECV
el2_sysregs_context_restore_ecv(el2_sysregs_ctx);
@@ -935,15 +945,18 @@
#if CTX_INCLUDE_NEVE_REGS
el2_sysregs_context_restore_nv2(el2_sysregs_ctx);
#endif
-#if ENABLE_TRF_FOR_NS
- el2_sysregs_context_restore_trf(el2_sysregs_ctx);
-#endif
+ if (is_feat_trf_supported()) {
+ write_trfcr_el2(read_ctx_reg(el2_sysregs_ctx, CTX_TRFCR_EL2));
+ }
#if ENABLE_FEAT_CSV2_2
el2_sysregs_context_restore_csv2(el2_sysregs_ctx);
#endif
if (is_feat_hcx_supported()) {
write_hcrx_el2(read_ctx_reg(el2_sysregs_ctx, CTX_HCRX_EL2));
}
+ if (is_feat_tcr2_supported()) {
+ write_tcr2_el2(read_ctx_reg(el2_sysregs_ctx, CTX_TCR2_EL2));
+ }
}
}
#endif /* CTX_INCLUDE_EL2_REGS */
diff --git a/lib/extensions/brbe/brbe.c b/lib/extensions/brbe/brbe.c
index 1982619..329cf98 100644
--- a/lib/extensions/brbe/brbe.c
+++ b/lib/extensions/brbe/brbe.c
@@ -12,16 +12,14 @@
{
uint64_t val;
- if (is_feat_brbe_present()) {
- /*
- * MDCR_EL3.SBRBE = 0b01
- *
- * Allows BRBE usage in non-secure world and prohibited in
- * secure world.
- */
- val = read_mdcr_el3();
- val &= ~(MDCR_SBRBE_MASK << MDCR_SBRBE_SHIFT);
- val |= (0x1UL << MDCR_SBRBE_SHIFT);
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.SBRBE = 0b01
+ *
+ * Allows BRBE usage in non-secure world and prohibited in
+ * secure world.
+ */
+ val = read_mdcr_el3();
+ val &= ~(MDCR_SBRBE_MASK << MDCR_SBRBE_SHIFT);
+ val |= (0x1UL << MDCR_SBRBE_SHIFT);
+ write_mdcr_el3(val);
}
diff --git a/lib/extensions/trbe/trbe.c b/lib/extensions/trbe/trbe.c
index b346387..fa139ca 100644
--- a/lib/extensions/trbe/trbe.c
+++ b/lib/extensions/trbe/trbe.c
@@ -23,22 +23,20 @@
{
uint64_t val;
- if (is_feat_trbe_present()) {
- /*
- * MDCR_EL3.NSTB = 0b11
- * Allow access of trace buffer control registers from NS-EL1
- * and NS-EL2, tracing is prohibited in Secure and Realm state
- * (if implemented).
- */
- val = read_mdcr_el3();
- val |= MDCR_NSTB(MDCR_NSTB_EL1);
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.NSTB = 0b11
+ * Allow access of trace buffer control registers from NS-EL1
+ * and NS-EL2, tracing is prohibited in Secure and Realm state
+ * (if implemented).
+ */
+ val = read_mdcr_el3();
+ val |= MDCR_NSTB(MDCR_NSTB_EL1);
+ write_mdcr_el3(val);
}
static void *trbe_drain_trace_buffers_hook(const void *arg __unused)
{
- if (is_feat_trbe_present()) {
+ if (is_feat_trbe_supported()) {
/*
* Before switching from normal world to secure world
* the trace buffers need to be drained out to memory. This is
diff --git a/lib/extensions/trf/aarch32/trf.c b/lib/extensions/trf/aarch32/trf.c
index 834092d..0c63efa 100644
--- a/lib/extensions/trf/aarch32/trf.c
+++ b/lib/extensions/trf/aarch32/trf.c
@@ -10,26 +10,15 @@
#include <arch_helpers.h>
#include <lib/extensions/trf.h>
-static bool trf_supported(void)
-{
- uint32_t features;
-
- features = read_id_dfr0() >> ID_DFR0_TRACEFILT_SHIFT;
- return ((features & ID_DFR0_TRACEFILT_MASK) ==
- ID_DFR0_TRACEFILT_SUPPORTED);
-}
-
void trf_enable(void)
{
uint32_t val;
- if (trf_supported()) {
- /*
- * Allow access of trace filter control registers from
- * non-monitor mode
- */
- val = read_sdcr();
- val &= ~SDCR_TTRF_BIT;
- write_sdcr(val);
- }
+ /*
+ * Allow access of trace filter control registers from
+ * non-monitor mode
+ */
+ val = read_sdcr();
+ val &= ~SDCR_TTRF_BIT;
+ write_sdcr(val);
}
diff --git a/lib/extensions/trf/aarch64/trf.c b/lib/extensions/trf/aarch64/trf.c
index 1da5dce..941692b 100644
--- a/lib/extensions/trf/aarch64/trf.c
+++ b/lib/extensions/trf/aarch64/trf.c
@@ -4,33 +4,21 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <stdbool.h>
-
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <lib/extensions/trf.h>
-static bool trf_supported(void)
-{
- uint64_t features;
-
- features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEFILT_SHIFT;
- return ((features & ID_AA64DFR0_TRACEFILT_MASK) ==
- ID_AA64DFR0_TRACEFILT_SUPPORTED);
-}
-
void trf_enable(void)
{
uint64_t val;
- if (trf_supported()) {
- /*
- * MDCR_EL3.TTRF = b0
- * Allow access of trace filter control registers from NS-EL2
- * and NS-EL1 when NS-EL2 is implemented but not used
- */
- val = read_mdcr_el3();
- val &= ~MDCR_TTRF_BIT;
- write_mdcr_el3(val);
- }
+ /*
+ * MDCR_EL3.TTRF = b0
+ * Allow access of trace filter control registers from NS-EL2
+ * and NS-EL1 when NS-EL2 is implemented but not used
+ */
+ val = read_mdcr_el3();
+ val &= ~MDCR_TTRF_BIT;
+ write_mdcr_el3(val);
}
diff --git a/lib/fconf/fconf_cot_getter.c b/lib/fconf/fconf_cot_getter.c
index ae59d8c..1033018 100644
--- a/lib/fconf/fconf_cot_getter.c
+++ b/lib/fconf/fconf_cot_getter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,10 @@
#include <assert.h>
#include <stddef.h>
+#include <mbedtls/version.h>
+
#include <common/fdt_wrappers.h>
-#include MBEDTLS_CONFIG_FILE
+#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_mod.h>
#include <lib/fconf/fconf.h>
#include <lib/object_pool.h>
diff --git a/lib/locks/bakery/bakery_lock_normal.c b/lib/locks/bakery/bakery_lock_normal.c
index faea6c5..3c03ae6 100644
--- a/lib/locks/bakery/bakery_lock_normal.c
+++ b/lib/locks/bakery/bakery_lock_normal.c
@@ -44,7 +44,7 @@
* Using this value, if provided, rather than the linker generated value results in
* more efficient code
*/
-CASSERT((PLAT_PERCPU_BAKERY_LOCK_SIZE & (CACHE_WRITEBACK_GRANULE - 1)) == 0, \
+CASSERT((PLAT_PERCPU_BAKERY_LOCK_SIZE & (CACHE_WRITEBACK_GRANULE - 1)) == 0,
PLAT_PERCPU_BAKERY_LOCK_SIZE_not_cacheline_multiple);
#define PERCPU_BAKERY_LOCK_SIZE (PLAT_PERCPU_BAKERY_LOCK_SIZE)
#else
diff --git a/lib/pmf/pmf_main.c b/lib/pmf/pmf_main.c
index 131a055..ce2f0d9 100644
--- a/lib/pmf/pmf_main.c
+++ b/lib/pmf/pmf_main.c
@@ -17,7 +17,7 @@
/*******************************************************************************
* The 'pmf_svc_descs' array holds the PMF service descriptors exported by
- * services by placing them in the 'pmf_svc_descs' linker section.
+ * services by placing them in the '.pmf_svc_descs' linker section.
* The 'pmf_svc_descs_indices' array holds the index of a descriptor in the
* 'pmf_svc_descs' array. The TIF[15:10] bits in the time-stamp id are used
* to get an index into the 'pmf_svc_descs_indices' array. This gives the
diff --git a/lib/psci/psci_common.c b/lib/psci/psci_common.c
index 8d736cc..f233be1 100644
--- a/lib/psci/psci_common.c
+++ b/lib/psci/psci_common.c
@@ -55,7 +55,7 @@
******************************************************************************/
non_cpu_pd_node_t psci_non_cpu_pd_nodes[PSCI_NUM_NON_CPU_PWR_DOMAINS]
#if USE_COHERENT_MEM
-__section("tzfw_coherent_mem")
+__section(".tzfw_coherent_mem")
#endif
;
diff --git a/lib/romlib/romlib.ld.S b/lib/romlib/romlib.ld.S
index 2aac4ad..d54a684 100644
--- a/lib/romlib/romlib.ld.S
+++ b/lib/romlib/romlib.ld.S
@@ -8,37 +8,42 @@
#include <platform_def.h>
MEMORY {
- ROM (rx): ORIGIN = ROMLIB_RO_BASE, LENGTH = ROMLIB_RO_LIMIT - ROMLIB_RO_BASE
- RAM (rwx): ORIGIN = ROMLIB_RW_BASE, LENGTH = ROMLIB_RW_END - ROMLIB_RW_BASE
+ ROM (rx): ORIGIN = ROMLIB_RO_BASE, LENGTH = ROMLIB_RO_LIMIT - ROMLIB_RO_BASE
+ RAM (rwx): ORIGIN = ROMLIB_RW_BASE, LENGTH = ROMLIB_RW_END - ROMLIB_RW_BASE
}
OUTPUT_FORMAT(PLATFORM_LINKER_FORMAT)
OUTPUT_ARCH(PLATFORM_LINKER_ARCH)
ENTRY(jmptbl)
-SECTIONS
-{
- . = ROMLIB_RO_BASE;
- .text : {
- *jmptbl.o(.text)
- *(.text*)
- *(.rodata*)
- } >ROM
+SECTIONS {
+ . = ROMLIB_RO_BASE;
- __DATA_ROM_START__ = LOADADDR(.data);
+ .text : {
+ *jmptbl.o(.text)
+ *(.text*)
+ *(.rodata*)
+ } >ROM
- .data : {
- __DATA_RAM_START__ = .;
- *(.data*)
- __DATA_RAM_END__ = .;
- } >RAM AT>ROM
+ __DATA_ROM_START__ = LOADADDR(.data);
- __DATA_SIZE__ = SIZEOF(.data);
+ .data : {
+ __DATA_RAM_START__ = .;
+
+ *(.data*)
+
+ __DATA_RAM_END__ = .;
+ } >RAM AT>ROM
+
+ __DATA_SIZE__ = SIZEOF(.data);
+
+ .bss : {
+ __BSS_START__ = .;
+
+ *(.bss*)
+
+ __BSS_END__ = .;
+ } >RAM
- .bss : {
- __BSS_START__ = .;
- *(.bss*)
- __BSS_END__ = .;
- } >RAM
- __BSS_SIZE__ = SIZEOF(.bss);
+ __BSS_SIZE__ = SIZEOF(.bss);
}
diff --git a/lib/xlat_tables/aarch32/nonlpae_tables.c b/lib/xlat_tables/aarch32/nonlpae_tables.c
index 7cd509d..5646f34 100644
--- a/lib/xlat_tables/aarch32/nonlpae_tables.c
+++ b/lib/xlat_tables/aarch32/nonlpae_tables.c
@@ -138,10 +138,10 @@
static uintptr_t xlat_max_va;
static uint32_t mmu_l1_base[NUM_1MB_IN_4GB]
- __aligned(MMU32B_L1_TABLE_ALIGN) __attribute__((section("xlat_table")));
+ __aligned(MMU32B_L1_TABLE_ALIGN) __attribute__((section(".xlat_table")));
static uint32_t mmu_l2_base[MAX_XLAT_TABLES][NUM_4K_IN_1MB]
- __aligned(MMU32B_L2_TABLE_ALIGN) __attribute__((section("xlat_table")));
+ __aligned(MMU32B_L2_TABLE_ALIGN) __attribute__((section(".xlat_table")));
/*
* Array of all memory regions stored in order of ascending base address.
@@ -518,9 +518,9 @@
/* Enable Access flag (simplified access permissions) and TEX remap */
write_sctlr(read_sctlr() | SCTLR_AFE_BIT | SCTLR_TRE_BIT);
- prrr = MMU32B_PRRR_IDX(MMU32B_ATTR_DEVICE_INDEX, 1, 0) \
+ prrr = MMU32B_PRRR_IDX(MMU32B_ATTR_DEVICE_INDEX, 1, 0)
| MMU32B_PRRR_IDX(MMU32B_ATTR_IWBWA_OWBWA_INDEX, 2, 1);
- nmrr = MMU32B_NMRR_IDX(MMU32B_ATTR_DEVICE_INDEX, 0, 0) \
+ nmrr = MMU32B_NMRR_IDX(MMU32B_ATTR_DEVICE_INDEX, 0, 0)
| MMU32B_NMRR_IDX(MMU32B_ATTR_IWBWA_OWBWA_INDEX, 1, 1);
prrr |= MMU32B_PRRR_NS1 | MMU32B_PRRR_DS1;
diff --git a/lib/xlat_tables/xlat_tables_common.c b/lib/xlat_tables/xlat_tables_common.c
index 23fe3f0..71273cb 100644
--- a/lib/xlat_tables/xlat_tables_common.c
+++ b/lib/xlat_tables/xlat_tables_common.c
@@ -39,7 +39,7 @@
#define MT_UNKNOWN ~0U
static uint64_t xlat_tables[MAX_XLAT_TABLES][XLAT_TABLE_ENTRIES]
- __aligned(XLAT_TABLE_SIZE) __section("xlat_table");
+ __aligned(XLAT_TABLE_SIZE) __section(".xlat_table");
static unsigned int next_xlat;
static unsigned long long xlat_max_pa;
diff --git a/lib/zlib/crc32.c b/lib/zlib/crc32.c
index f8357b0..21a69a8 100644
--- a/lib/zlib/crc32.c
+++ b/lib/zlib/crc32.c
@@ -279,7 +279,7 @@
combinations of CRC register values and incoming bytes.
*/
-local void make_crc_table()
+local void make_crc_table(void)
{
unsigned i, j, n;
z_crc_t p;
@@ -498,7 +498,7 @@
}
/* Actually do the deed. */
-int main()
+int main(void)
{
make_crc_table();
return 0;
diff --git a/lib/zlib/inflate.c b/lib/zlib/inflate.c
index 8acbef4..aa25e61 100644
--- a/lib/zlib/inflate.c
+++ b/lib/zlib/inflate.c
@@ -342,7 +342,7 @@
a.out > inffixed.h
*/
-void makefixed()
+void makefixed(void)
{
unsigned low, size;
struct inflate_state state;
diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk
index 426e344..89f43f2 100644
--- a/make_helpers/build_macros.mk
+++ b/make_helpers/build_macros.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -13,6 +13,7 @@
# Some utility macros for manipulating awkward (whitespace) characters.
blank :=
space :=${blank} ${blank}
+comma := ,
# A user defined function to recursively search for a filename below a directory
# $1 is the directory root of the recursive search (blank for current directory).
@@ -86,6 +87,12 @@
$(foreach num,$1,$(eval $(call assert_numeric,$(num))))
endef
+# Convenience function to check for a given linker option. An call to
+# $(call ld_option, --no-XYZ) will return --no-XYZ if supported by the linker
+define ld_option
+ $(shell if $(LD) $(1) -v >/dev/null 2>&1; then echo $(1); fi )
+endef
+
# CREATE_SEQ is a recursive function to create sequence of numbers from 1 to
# $(2) and assign the sequence to $(1)
define CREATE_SEQ
@@ -97,12 +104,6 @@
)
endef
-# IMG_LINKERFILE defines the linker script corresponding to a BL stage
-# $(1) = BL stage
-define IMG_LINKERFILE
- ${BUILD_DIR}/$(1).ld
-endef
-
# IMG_MAPFILE defines the output file describing the memory map corresponding
# to a BL stage
# $(1) = BL stage
@@ -279,10 +280,11 @@
define MAKE_C_LIB
$(eval OBJ := $(1)/$(patsubst %.c,%.o,$(notdir $(2))))
$(eval DEP := $(patsubst %.o,%.d,$(OBJ)))
+$(eval LIB := $(call uppercase, $(notdir $(1))))
$(OBJ): $(2) $(filter-out %.d,$(MAKEFILE_LIST)) | lib$(3)_dirs
$$(ECHO) " CC $$<"
- $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) $(MAKE_DEP) -c $$< -o $$@
+ $$(Q)$$(CC) $$($(LIB)_CFLAGS) $$(TF_CFLAGS) $$(CFLAGS) $(MAKE_DEP) -c $$< -o $$@
-include $(DEP)
@@ -457,6 +459,15 @@
$$(Q)$$(AR) cr $$@ $$?
endef
+# Generate the path to one or more preprocessed linker scripts given the paths
+# of their sources.
+#
+# Arguments:
+# $(1) = path to one or more linker script sources
+define linker_script_path
+ $(patsubst %.S,$(BUILD_DIR)/%,$(1))
+endef
+
# MAKE_BL macro defines the targets and options to build each BL image.
# Arguments:
# $(1) = BL stage
@@ -468,17 +479,22 @@
$(eval BL_SOURCES := $($(call uppercase,$(1))_SOURCES))
$(eval SOURCES := $(BL_SOURCES) $(BL_COMMON_SOURCES) $(PLAT_BL_COMMON_SOURCES))
$(eval OBJS := $(addprefix $(BUILD_DIR)/,$(call SOURCES_TO_OBJS,$(SOURCES))))
- $(eval LINKERFILE := $(call IMG_LINKERFILE,$(1)))
$(eval MAPFILE := $(call IMG_MAPFILE,$(1)))
$(eval ELF := $(call IMG_ELF,$(1)))
$(eval DUMP := $(call IMG_DUMP,$(1)))
$(eval BIN := $(call IMG_BIN,$(1)))
$(eval ENC_BIN := $(call IMG_ENC_BIN,$(1)))
- $(eval BL_LINKERFILE := $($(call uppercase,$(1))_LINKERFILE))
$(eval BL_LIBS := $($(call uppercase,$(1))_LIBS))
+
+ $(eval DEFAULT_LINKER_SCRIPT_SOURCE := $($(call uppercase,$(1))_DEFAULT_LINKER_SCRIPT_SOURCE))
+ $(eval DEFAULT_LINKER_SCRIPT := $(call linker_script_path,$(DEFAULT_LINKER_SCRIPT_SOURCE)))
+
+ $(eval LINKER_SCRIPT_SOURCES := $($(call uppercase,$(1))_LINKER_SCRIPT_SOURCES))
+ $(eval LINKER_SCRIPTS := $(call linker_script_path,$(LINKER_SCRIPT_SOURCES)))
+
# We use sort only to get a list of unique object directory names.
# ordering is not relevant but sort removes duplicates.
- $(eval TEMP_OBJ_DIRS := $(sort $(dir ${OBJS} ${LINKERFILE})))
+ $(eval TEMP_OBJ_DIRS := $(sort $(dir ${OBJS} ${DEFAULT_LINKER_SCRIPT} ${LINKER_SCRIPTS})))
# The $(dir ) function leaves a trailing / on the directory names
# Rip off the / to match directory names with make rule targets.
$(eval OBJ_DIRS := $(patsubst %/,%,$(TEMP_OBJ_DIRS)))
@@ -487,7 +503,8 @@
$(eval $(call MAKE_PREREQ_DIR,${BUILD_DIR},${BUILD_PLAT}))
-$(eval $(foreach objd,${OBJ_DIRS},$(call MAKE_PREREQ_DIR,${objd},${BUILD_DIR})))
+$(eval $(foreach objd,${OBJ_DIRS},
+ $(call MAKE_PREREQ_DIR,${objd},${BUILD_DIR})))
.PHONY : ${1}_dirs
@@ -496,7 +513,11 @@
${1}_dirs: | ${OBJ_DIRS}
$(eval $(call MAKE_OBJS,$(BUILD_DIR),$(SOURCES),$(1)))
-$(eval $(call MAKE_LD,$(LINKERFILE),$(BL_LINKERFILE),$(1)))
+
+# Generate targets to preprocess each required linker script
+$(eval $(foreach source,$(DEFAULT_LINKER_SCRIPT_SOURCE) $(LINKER_SCRIPT_SOURCES), \
+ $(call MAKE_LD,$(call linker_script_path,$(source)),$(source),$(1))))
+
$(eval BL_LDFLAGS := $($(call uppercase,$(1))_LDFLAGS))
ifeq ($(USE_ROMLIB),1)
@@ -507,7 +528,7 @@
# object file path, and prebuilt object file path.
$(eval OBJS += $(MODULE_OBJS))
-$(ELF): $(OBJS) $(LINKERFILE) | $(1)_dirs libraries $(BL_LIBS)
+$(ELF): $(OBJS) $(DEFAULT_LINKER_SCRIPT) $(LINKER_SCRIPTS) | $(1)_dirs libraries $(BL_LIBS)
$$(ECHO) " LD $$@"
ifdef MAKE_BUILD_STRINGS
$(call MAKE_BUILD_STRINGS, $(BUILD_DIR)/build_message.o)
@@ -526,11 +547,13 @@
$(BUILD_DIR)/build_message.o $(OBJS)
else ifneq ($(findstring gcc,$(notdir $(LD))),)
$$(Q)$$(LD) -o $$@ $$(TF_LDFLAGS) $$(LDFLAGS) -Wl,-Map=$(MAPFILE) \
- -Wl,-dT $(LINKERFILE) $(EXTRA_LINKERFILE) $(BUILD_DIR)/build_message.o \
+ $(addprefix -Wl$(comma)--script$(comma),$(LINKER_SCRIPTS)) -Wl,--script,$(DEFAULT_LINKER_SCRIPT) \
+ $(BUILD_DIR)/build_message.o \
$(OBJS) $(LDPATHS) $(LIBWRAPPER) $(LDLIBS) $(BL_LIBS)
else
$$(Q)$$(LD) -o $$@ $$(TF_LDFLAGS) $$(LDFLAGS) $(BL_LDFLAGS) -Map=$(MAPFILE) \
- --script $(LINKERFILE) $(BUILD_DIR)/build_message.o \
+ $(addprefix -T ,$(LINKER_SCRIPTS)) --script $(DEFAULT_LINKER_SCRIPT) \
+ $(BUILD_DIR)/build_message.o \
$(OBJS) $(LDPATHS) $(LIBWRAPPER) $(LDLIBS) $(BL_LIBS)
endif
ifeq ($(DISABLE_BIN_GENERATION),1)
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index a66123a..d8c6210 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2016-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -30,13 +30,13 @@
BASE_COMMIT := origin/master
# Execute BL2 at EL3
-BL2_AT_EL3 := 0
+RESET_TO_BL2 := 0
# Only use SP packages if SP layout JSON is defined
BL2_ENABLE_SP_LOAD := 0
# BL2 image is stored in XIP memory, for now, this option is only supported
-# when BL2_AT_EL3 is 1.
+# when RESET_TO_BL2 is 1.
BL2_IN_XIP_MEM := 0
# Do dcache invalidate upon BL2 entry at EL3
@@ -176,6 +176,9 @@
# Flag to enable delayed trapping of WFE instruction (FEAT_TWED)
ENABLE_FEAT_TWED := 0
+# Flag to enable access to TCR2 (FEAT_TCR2)
+ENABLE_FEAT_TCR2 := 0
+
# By default BL31 encryption disabled
ENCRYPT_BL31 := 0
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk
index 5ef2d85..8605bae 100644
--- a/make_helpers/tbbr/tbbr_tools.mk
+++ b/make_helpers/tbbr/tbbr_tools.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -83,7 +83,7 @@
# Add the BL2 CoT (image cert)
ifeq (${NEED_BL2},yes)
-ifeq (${BL2_AT_EL3}, 0)
+ifeq (${RESET_TO_BL2}, 0)
ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert))
endif
diff --git a/plat/arm/board/arm_fpga/build_axf.ld.S b/plat/arm/board/arm_fpga/build_axf.ld.S
index d8254e5..bd3d163 100644
--- a/plat/arm/board/arm_fpga/build_axf.ld.S
+++ b/plat/arm/board/arm_fpga/build_axf.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -46,7 +46,7 @@
KEEP(*(.kern_tramp))
}
- /DISCARD/ : { *(stacks) }
+ /DISCARD/ : { *(.stacks) }
/DISCARD/ : { *(.debug_*) }
/DISCARD/ : { *(.note*) }
/DISCARD/ : { *(.comment*) }
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
index 29b6619..7b0673a 100644
--- a/plat/arm/board/fvp/fvp_bl2_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,6 +15,11 @@
#include <plat/arm/common/plat_arm.h>
#include <plat/common/common_def.h>
+#if defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)
+CASSERT(ARM_EVENT_LOG_DRAM1_SIZE >= PLAT_ARM_EVENT_LOG_MAX_SIZE, \
+ assert_res_eventlog_mem_insufficient);
+#endif /* defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd) */
+
/* Event Log data */
static uint64_t event_log_base;
@@ -195,9 +200,19 @@
event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
+#if defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)
+ /* Copy Event Log to TZC secured DRAM memory */
+ (void)memcpy((void *)ARM_EVENT_LOG_DRAM1_BASE,
+ (const void *)event_log_base,
+ event_log_cur_size);
+
+ /* Ensure that the Event Log is visible in TZC secured DRAM memory */
+ flush_dcache_range(ARM_EVENT_LOG_DRAM1_BASE, event_log_cur_size);
+#endif /* defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd) */
+
rc = arm_set_nt_fw_info(
#ifdef SPD_opteed
- (uintptr_t)event_log_base,
+ (uintptr_t)ARM_EVENT_LOG_DRAM1_BASE,
#endif
event_log_cur_size, &ns_log_addr);
if (rc != 0) {
@@ -222,7 +237,7 @@
#if defined(SPD_tspd) || defined(SPD_spmd)
/* Set Event Log data in TOS_FW_CONFIG */
- rc = arm_set_tos_fw_info((uintptr_t)event_log_base,
+ rc = arm_set_tos_fw_info((uintptr_t)ARM_EVENT_LOG_DRAM1_BASE,
event_log_cur_size);
if (rc != 0) {
ERROR("%s(): Unable to update %s_FW_CONFIG\n",
diff --git a/plat/arm/board/fvp/fvp_bl2_setup.c b/plat/arm/board/fvp/fvp_bl2_setup.c
index 4c71d81..b93922a 100644
--- a/plat/arm/board/fvp/fvp_bl2_setup.c
+++ b/plat/arm/board/fvp/fvp_bl2_setup.c
@@ -45,7 +45,7 @@
arm_bl_params = arm_get_next_bl_params();
-#if !BL2_AT_EL3 && !EL3_PAYLOAD_BASE
+#if !RESET_TO_BL2 && !EL3_PAYLOAD_BASE
const struct dyn_cfg_dtb_info_t *fw_config_info;
uintptr_t fw_config_base = 0UL;
entry_point_info_t *ep_info;
@@ -99,7 +99,7 @@
/* Update BL33's ep info with NS HW config address */
param_node->ep_info.args.arg1 = hw_config_info->secondary_config_addr;
-#endif /* !BL2_AT_EL3 && !EL3_PAYLOAD_BASE */
+#endif /* !RESET_TO_BL2 && !EL3_PAYLOAD_BASE */
return arm_bl_params;
}
diff --git a/plat/arm/board/fvp/fvp_bl31_setup.c b/plat/arm/board/fvp/fvp_bl31_setup.c
index 57865eb..e46dbc9 100644
--- a/plat/arm/board/fvp/fvp_bl31_setup.c
+++ b/plat/arm/board/fvp/fvp_bl31_setup.c
@@ -25,7 +25,7 @@
/* Initialize the console to provide early debug support */
arm_console_boot_init();
-#if !RESET_TO_BL31 && !BL2_AT_EL3
+#if !RESET_TO_BL31 && !RESET_TO_BL2
const struct dyn_cfg_dtb_info_t *soc_fw_config_info;
INFO("BL31 FCONF: FW_CONFIG address = %lx\n", (uintptr_t)arg1);
@@ -47,7 +47,7 @@
assert(hw_config_info != NULL);
assert(hw_config_info->secondary_config_addr != 0UL);
arg2 = hw_config_info->secondary_config_addr;
-#endif /* !RESET_TO_BL31 && !BL2_AT_EL3 */
+#endif /* !RESET_TO_BL31 && !RESET_TO_BL2 */
arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
@@ -93,7 +93,7 @@
* TODO: remove the ARM_XLAT_TABLES_LIB_V1 check when its support
* gets deprecated.
*/
-#if !RESET_TO_BL31 && !BL2_AT_EL3 && !ARM_XLAT_TABLES_LIB_V1
+#if !RESET_TO_BL31 && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1
assert(hw_config_info != NULL);
assert(hw_config_info->config_addr != 0UL);
@@ -129,14 +129,14 @@
rc);
panic();
}
-#endif /* !RESET_TO_BL31 && !BL2_AT_EL3 && !ARM_XLAT_TABLES_LIB_V1 */
+#endif /* !RESET_TO_BL31 && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1 */
}
unsigned int plat_get_syscnt_freq2(void)
{
unsigned int counter_base_frequency;
-#if !RESET_TO_BL31 && !BL2_AT_EL3
+#if !RESET_TO_BL31 && !RESET_TO_BL2
/* Get the frequency through FCONF API for HW_CONFIG */
counter_base_frequency = FCONF_GET_PROPERTY(hw_config, cpu_timer, clock_freq);
if (counter_base_frequency > 0U) {
diff --git a/plat/arm/board/fvp/fvp_common.c b/plat/arm/board/fvp/fvp_common.c
index c7bf93e..283918b 100644
--- a/plat/arm/board/fvp/fvp_common.c
+++ b/plat/arm/board/fvp/fvp_common.c
@@ -111,6 +111,15 @@
* Required to load HW_CONFIG, SPMC and SPs to trusted DRAM.
*/
ARM_MAP_TRUSTED_DRAM,
+
+ /*
+ * Required to load Event Log in TZC secured memory
+ */
+#if MEASURED_BOOT && (defined(SPD_tspd) || defined(SPD_opteed) || \
+defined(SPD_spmd))
+ ARM_MAP_EVENT_LOG_DRAM1,
+#endif /* MEASURED_BOOT && (SPD_tspd || SPD_opteed || SPD_spmd) */
+
#if ENABLE_RME
ARM_MAP_RMM_DRAM,
ARM_MAP_GPT_L1_DRAM,
@@ -123,13 +132,13 @@
MAP_DEVICE2,
#endif /* TRUSTED_BOARD_BOOT */
-#if CRYPTO_SUPPORT && !BL2_AT_EL3
+#if CRYPTO_SUPPORT && !RESET_TO_BL2
/*
* To access shared the Mbed TLS heap while booting the
* system with Crypto support
*/
ARM_MAP_BL1_RW,
-#endif /* CRYPTO_SUPPORT && !BL2_AT_EL3 */
+#endif /* CRYPTO_SUPPORT && !RESET_TO_BL2 */
#if SPM_MM || SPMC_AT_EL3
ARM_SP_IMAGE_MMAP,
#endif
@@ -180,8 +189,8 @@
#if defined(IMAGE_BL31) && SPM_MM
const mmap_region_t plat_arm_secure_partition_mmap[] = {
V2M_MAP_IOFPGA_EL0, /* for the UART */
- MAP_REGION_FLAT(DEVICE0_BASE, \
- DEVICE0_SIZE, \
+ MAP_REGION_FLAT(DEVICE0_BASE,
+ DEVICE0_SIZE,
MT_DEVICE | MT_RO | MT_SECURE | MT_USER),
ARM_SP_IMAGE_MMAP,
ARM_SP_IMAGE_NS_BUF_MMAP,
diff --git a/plat/arm/board/fvp/fvp_console.c b/plat/arm/board/fvp/fvp_console.c
index 1a6cd42..3aa454b 100644
--- a/plat/arm/board/fvp/fvp_console.c
+++ b/plat/arm/board/fvp/fvp_console.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,9 +24,9 @@
/*
* fconf APIs are not supported for RESET_TO_SP_MIN, RESET_TO_BL31 and
- * BL2_AT_EL3 systems.
+ * RESET_TO_BL2 systems.
*/
-#if RESET_TO_SP_MIN || RESET_TO_BL31 || BL2_AT_EL3
+#if RESET_TO_SP_MIN || RESET_TO_BL31 || RESET_TO_BL2
uart_base = PLAT_ARM_RUN_UART_BASE;
uart_clk = PLAT_ARM_RUN_UART_CLK_IN_HZ;
#else
diff --git a/plat/arm/board/fvp/fvp_el3_spmc.c b/plat/arm/board/fvp/fvp_el3_spmc.c
index 2b347ed..6b44f63 100644
--- a/plat/arm/board/fvp/fvp_el3_spmc.c
+++ b/plat/arm/board/fvp/fvp_el3_spmc.c
@@ -18,7 +18,7 @@
#define PLAT_SPMC_SHMEM_DATASTORE_SIZE 512 * 1024
-__section("arm_el3_tzc_dram") static uint8_t
+__section(".arm_el3_tzc_dram") static uint8_t
plat_spmc_shmem_datastore[PLAT_SPMC_SHMEM_DATASTORE_SIZE];
int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size)
diff --git a/plat/arm/board/fvp/fvp_plat_attest_token.c b/plat/arm/board/fvp/fvp_plat_attest_token.c
index 4dd37a4..dda2156 100644
--- a/plat/arm/board/fvp/fvp_plat_attest_token.c
+++ b/plat/arm/board/fvp/fvp_plat_attest_token.c
@@ -10,88 +10,90 @@
/* Using hardcoded token values for AEM FVP */
static uint8_t platform_token[] = {
- 0xD2, 0x84, 0x40, 0xA0, 0x59, 0x02, 0x46, 0xA9,
- 0x19, 0x01, 0x09, 0x78, 0x1C, 0x68, 0x74, 0x74,
- 0x70, 0x3A, 0x2F, 0x2F, 0x61, 0x72, 0x6D, 0x2E,
- 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x43, 0x41, 0x2D,
- 0x53, 0x53, 0x44, 0x2F, 0x31, 0x2E, 0x30, 0x2E,
- 0x30, 0x0A, 0x58, 0x20, 0x07, 0x06, 0x05, 0x04,
- 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C,
- 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14,
- 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C,
- 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x5C, 0x58,
- 0x40, 0x7F, 0x45, 0x4C, 0x46, 0x02, 0x01, 0x01,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x03, 0x00, 0x3E, 0x00, 0x01, 0x00, 0x00,
- 0x00, 0x50, 0x58, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0xA0, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x38,
- 0x00, 0x09, 0x00, 0x40, 0x00, 0x1C, 0x00, 0x1B,
- 0x00, 0x19, 0x01, 0x00, 0x58, 0x21, 0x01, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19,
- 0x09, 0x61, 0x58, 0x21, 0x01, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x5B,
- 0x19, 0x30, 0x03, 0x19, 0x09, 0x62, 0x67, 0x73,
- 0x68, 0x61, 0x2D, 0x32, 0x35, 0x36, 0x19, 0x09,
- 0x5F, 0x84, 0xA5, 0x01, 0x62, 0x42, 0x4C, 0x05,
- 0x58, 0x20, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02,
- 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A,
- 0x09, 0x08, 0x17, 0x16, 0x15, 0x14, 0x13, 0x12,
- 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A,
- 0x19, 0x18, 0x04, 0x65, 0x33, 0x2E, 0x34, 0x2E,
- 0x32, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05, 0x04,
- 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C,
- 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14,
- 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C,
- 0x1B, 0x1A, 0x19, 0x18, 0x06, 0x67, 0x73, 0x68,
- 0x61, 0x2D, 0x32, 0x35, 0x36, 0xA4, 0x01, 0x62,
- 0x4D, 0x31, 0x05, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x63, 0x31,
- 0x2E, 0x32, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4, 0x01, 0x62,
- 0x4D, 0x32, 0x05, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65, 0x31,
- 0x2E, 0x32, 0x2E, 0x33, 0x02, 0x58, 0x20, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4,
- 0x01, 0x62, 0x4D, 0x33, 0x05, 0x58, 0x20, 0x07,
- 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F,
- 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17,
- 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F,
- 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04,
- 0x61, 0x31, 0x02, 0x58, 0x20, 0x07, 0x06, 0x05,
- 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D,
- 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15,
- 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D,
- 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09, 0x60,
- 0x6C, 0x77, 0x68, 0x61, 0x74, 0x65, 0x76, 0x65,
- 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x58, 0x40, 0x84,
- 0x32, 0x12, 0x5B, 0x92, 0x6B, 0x20, 0xD8, 0x14,
- 0xC1, 0xC1, 0x8C, 0x3C, 0x73, 0xB8, 0x29, 0x0F,
- 0x42, 0xBC, 0x0B, 0x25, 0x87, 0x5C, 0x4F, 0xA4,
- 0xFA, 0xD9, 0xDE, 0xC1, 0x2B, 0x20, 0xED, 0xDF,
- 0x1C, 0xDD, 0x1A, 0x09, 0xBD, 0xA0, 0x25, 0x48,
- 0xC6, 0xBB, 0x99, 0xA1, 0x30, 0x4F, 0x2C, 0xDC,
- 0x89, 0xE8, 0xB7, 0xFF, 0x32, 0xE9, 0x3F, 0xBB,
- 0xC6, 0xBF, 0x9D, 0x38, 0x68, 0xE1, 0xB2,
+ 0xD2, 0x84, 0x44, 0xA1, 0x01, 0x38, 0x22, 0xA0,
+ 0x59, 0x02, 0x33, 0xA9, 0x19, 0x01, 0x09, 0x78,
+ 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F,
+ 0x61, 0x72, 0x6D, 0x2E, 0x63, 0x6F, 0x6D, 0x2F,
+ 0x43, 0x43, 0x41, 0x2D, 0x53, 0x53, 0x44, 0x2F,
+ 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x0A, 0x58, 0x20,
+ 0xB5, 0x97, 0x3C, 0xB6, 0x8B, 0xAA, 0x9F, 0xC5,
+ 0x55, 0x58, 0x78, 0x6B, 0x7E, 0xC6, 0x7F, 0x69,
+ 0xE4, 0x0D, 0xF5, 0xBA, 0x5A, 0xA9, 0x21, 0xCD,
+ 0x0C, 0x27, 0xF4, 0x05, 0x87, 0xA0, 0x11, 0xEA,
+ 0x19, 0x09, 0x5C, 0x58, 0x20, 0x7F, 0x45, 0x4C,
+ 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x3E,
+ 0x00, 0x01, 0x00, 0x00, 0x00, 0x50, 0x58, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x19, 0x01, 0x00,
+ 0x58, 0x21, 0x01, 0x07, 0x06, 0x05, 0x04, 0x03,
+ 0x02, 0x01, 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B,
+ 0x0A, 0x09, 0x08, 0x17, 0x16, 0x15, 0x14, 0x13,
+ 0x12, 0x11, 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B,
+ 0x1A, 0x19, 0x18, 0x19, 0x09, 0x61, 0x58, 0x21,
+ 0x01, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01,
+ 0x00, 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09,
+ 0x08, 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11,
+ 0x10, 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19,
+ 0x18, 0x19, 0x09, 0x5B, 0x19, 0x30, 0x03, 0x19,
+ 0x09, 0x62, 0x67, 0x73, 0x68, 0x61, 0x2D, 0x32,
+ 0x35, 0x36, 0x19, 0x09, 0x5F, 0x84, 0xA5, 0x01,
+ 0x62, 0x42, 0x4C, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65,
+ 0x33, 0x2E, 0x34, 0x2E, 0x32, 0x02, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0x06, 0x74, 0x54, 0x46, 0x2D, 0x4D, 0x5F, 0x53,
+ 0x48, 0x41, 0x32, 0x35, 0x36, 0x4D, 0x65, 0x6D,
+ 0x50, 0x72, 0x65, 0x58, 0x49, 0x50, 0xA4, 0x01,
+ 0x62, 0x4D, 0x31, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x63,
+ 0x31, 0x2E, 0x32, 0x02, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0xA4, 0x01,
+ 0x62, 0x4D, 0x32, 0x05, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x04, 0x65,
+ 0x31, 0x2E, 0x32, 0x2E, 0x33, 0x02, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0xA4, 0x01, 0x62, 0x4D, 0x33, 0x05, 0x58, 0x20,
+ 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,
+ 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08,
+ 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x10,
+ 0x1F, 0x1E, 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18,
+ 0x04, 0x61, 0x31, 0x02, 0x58, 0x20, 0x07, 0x06,
+ 0x05, 0x04, 0x03, 0x02, 0x01, 0x00, 0x0F, 0x0E,
+ 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x17, 0x16,
+ 0x15, 0x14, 0x13, 0x12, 0x11, 0x10, 0x1F, 0x1E,
+ 0x1D, 0x1C, 0x1B, 0x1A, 0x19, 0x18, 0x19, 0x09,
+ 0x60, 0x6C, 0x77, 0x68, 0x61, 0x74, 0x65, 0x76,
+ 0x65, 0x72, 0x2E, 0x63, 0x6F, 0x6D, 0x58, 0x60,
+ 0xE6, 0xB6, 0x38, 0x4F, 0xAE, 0x3F, 0x6E, 0x67,
+ 0xF5, 0xD4, 0x97, 0x4B, 0x3F, 0xFD, 0x0A, 0xFA,
+ 0x1D, 0xF0, 0x2F, 0x73, 0xB8, 0xFF, 0x5F, 0x02,
+ 0xC0, 0x0F, 0x40, 0xAC, 0xF3, 0xA2, 0x9D, 0xB5,
+ 0x31, 0x50, 0x16, 0x4F, 0xFA, 0x34, 0x3D, 0x0E,
+ 0xAF, 0xE0, 0xD0, 0xD1, 0x6C, 0xF0, 0x9D, 0xC1,
+ 0x01, 0x42, 0xA2, 0x3C, 0xCE, 0xD4, 0x4A, 0x59,
+ 0xDC, 0x29, 0x0A, 0x30, 0x93, 0x5F, 0xB4, 0x98,
+ 0x61, 0xBA, 0xE3, 0x91, 0x22, 0x95, 0x24, 0xF4,
+ 0xAE, 0x47, 0x93, 0xD3, 0x84, 0xA3, 0x76, 0xD0,
+ 0xC1, 0x26, 0x96, 0x53, 0xA3, 0x60, 0x3F, 0x6C,
+ 0x75, 0x96, 0x90, 0x6A, 0xF9, 0x4E, 0xDA, 0x30
};
int plat_rmmd_get_cca_attest_token(uintptr_t buf, size_t *len,
diff --git a/plat/arm/board/fvp/fvp_topology.c b/plat/arm/board/fvp/fvp_topology.c
index 80cfbd5..971e35b 100644
--- a/plat/arm/board/fvp/fvp_topology.c
+++ b/plat/arm/board/fvp/fvp_topology.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,9 +34,9 @@
/*
* fconf APIs are not supported for RESET_TO_SP_MIN, RESET_TO_BL31 and
- * BL2_AT_EL3 systems.
+ * RESET_TO_BL2 systems.
*/
-#if RESET_TO_SP_MIN || RESET_TO_BL31 || BL2_AT_EL3
+#if RESET_TO_SP_MIN || RESET_TO_BL31 || RESET_TO_BL2
cluster_count = FVP_CLUSTER_COUNT;
cpus_per_cluster = FVP_MAX_CPUS_PER_CLUSTER * FVP_MAX_PE_PER_CPU;
#else
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 1ef6c87..039f8e2 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +16,10 @@
#include "../fvp_def.h"
+#if TRUSTED_BOARD_BOOT
+#include MBEDTLS_CONFIG_FILE
+#endif
+
/* Required platform porting definitions */
#define PLATFORM_CORE_COUNT (U(FVP_CLUSTER_COUNT) * \
U(FVP_MAX_CPUS_PER_CLUSTER) * \
@@ -164,14 +168,23 @@
# define MAX_XLAT_TABLES 5
#else
# define PLAT_ARM_MMAP_ENTRIES 12
-# define MAX_XLAT_TABLES 6
+# if (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)) && \
+defined(IMAGE_BL2) && MEASURED_BOOT
+# define MAX_XLAT_TABLES 7
+# else
+# define MAX_XLAT_TABLES 6
+# endif /* (SPD_tspd || SPD_opteed || SPD_spmd) && IMAGE_BL2 && MEASURED_BOOT */
#endif
/*
* PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
* plus a little space for growth.
*/
+#if TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA
+#define PLAT_ARM_MAX_BL1_RW_SIZE UL(0xC000)
+#else
#define PLAT_ARM_MAX_BL1_RW_SIZE UL(0xB000)
+#endif
/*
* PLAT_ARM_MAX_ROMLIB_RW_SIZE is define to use a full page
@@ -191,10 +204,12 @@
* PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
* little space for growth.
*/
-#if TRUSTED_BOARD_BOOT && COT_DESC_IN_DTB
+#if CRYPTO_SUPPORT
+#if (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA) || COT_DESC_IN_DTB
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1E000) - FVP_BL2_ROMLIB_OPTIMIZATION)
-#elif CRYPTO_SUPPORT
+#else
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1D000) - FVP_BL2_ROMLIB_OPTIMIZATION)
+#endif
#elif ARM_BL31_IN_DRAM
/* When ARM_BL31_IN_DRAM is set, BL2 can use almost all of Trusted SRAM. */
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1F000) - FVP_BL2_ROMLIB_OPTIMIZATION)
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index efbf68f..207e0d7 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -65,7 +65,8 @@
plat/common/plat_gicv3.c \
plat/arm/common/arm_gicv3.c
- ifeq ($(filter 1,${BL2_AT_EL3} ${RESET_TO_BL31} ${RESET_TO_SP_MIN}),)
+ ifeq ($(filter 1,${RESET_TO_BL2} \
+ ${RESET_TO_BL31} ${RESET_TO_SP_MIN}),)
FVP_GIC_SOURCES += plat/arm/board/fvp/fvp_gicv3.c
endif
@@ -202,7 +203,7 @@
BL31_SOURCES += plat/arm/board/fvp/fvp_sync_traps.c
endif
-ifeq (${BL2_AT_EL3},1)
+ifeq (${RESET_TO_BL2},1)
BL2_SOURCES += plat/arm/board/fvp/${ARCH}/fvp_helpers.S \
plat/arm/board/fvp/fvp_bl2_el3_setup.c \
${FVP_CPU_LIBS} \
@@ -238,7 +239,7 @@
# Support for fconf in BL31
# Added separately from the above list for better readability
-ifeq ($(filter 1,${BL2_AT_EL3} ${RESET_TO_BL31}),)
+ifeq ($(filter 1,${RESET_TO_BL2} ${RESET_TO_BL31}),)
BL31_SOURCES += lib/fconf/fconf.c \
lib/fconf/fconf_dyn_cfg_getter.c \
plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
@@ -338,7 +339,7 @@
endif
# Enable the dynamic translation tables library.
-ifeq ($(filter 1,${BL2_AT_EL3} ${ARM_XLAT_TABLES_LIB_V1}),)
+ifeq ($(filter 1,${RESET_TO_BL2} ${ARM_XLAT_TABLES_LIB_V1}),)
ifeq (${ARCH},aarch32)
BL32_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
else # AArch64
@@ -364,7 +365,7 @@
# Add support for platform supplied linker script for BL31 build
$(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT))
-ifneq (${BL2_AT_EL3}, 0)
+ifneq (${RESET_TO_BL2}, 0)
override BL1_SOURCES =
endif
@@ -446,14 +447,14 @@
endif
# enable trace buffer control registers access to NS by default
-ENABLE_TRBE_FOR_NS := 1
+ENABLE_TRBE_FOR_NS := 2
# enable branch record buffer control registers access in NS by default
# only enable for aarch64
# do not enable when ENABLE_RME=1
ifeq (${ARCH}, aarch64)
ifeq (${ENABLE_RME},0)
- ENABLE_BRBE_FOR_NS := 1
+ ENABLE_BRBE_FOR_NS := 2
endif
endif
@@ -461,11 +462,12 @@
ENABLE_SYS_REG_TRACE_FOR_NS := 1
# enable trace filter control registers access to NS by default
-ENABLE_TRF_FOR_NS := 1
+ENABLE_TRF_FOR_NS := 2
# Linux relies on EL3 enablement if those features are present
ENABLE_FEAT_FGT := 2
ENABLE_FEAT_HCX := 2
+ENABLE_FEAT_TCR2 := 2
ifeq (${SPMC_AT_EL3}, 1)
PLAT_BL_COMMON_SOURCES += plat/arm/board/fvp/fvp_el3_spmc.c
diff --git a/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c b/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
index 9ab36a6..b961da9 100644
--- a/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
+++ b/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -22,7 +22,7 @@
/* Initialize the console to provide early debug support */
arm_console_boot_init();
-#if !RESET_TO_SP_MIN && !BL2_AT_EL3
+#if !RESET_TO_SP_MIN && !RESET_TO_BL2
INFO("SP_MIN FCONF: FW_CONFIG address = %lx\n", (uintptr_t)arg1);
/* Fill the properties struct with the info from the config dtb */
@@ -32,7 +32,7 @@
if (tos_fw_config_info != NULL) {
arg1 = tos_fw_config_info->config_addr;
}
-#endif /* !RESET_TO_SP_MIN && !BL2_AT_EL3 */
+#endif /* !RESET_TO_SP_MIN && !RESET_TO_BL2 */
arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
@@ -68,13 +68,14 @@
* For RESET_TO_SP_MIN systems, SP_MIN(BL32) is the first bootloader
* to run. So there is no BL2 to load the HW_CONFIG dtb into memory
* before control is passed to SP_MIN.
- * Also, BL2 skips loading HW_CONFIG dtb for BL2_AT_EL3 builds.
- * The code below relies on dynamic mapping capability, which is not
- * supported by xlat tables lib V1.
+ * Also, BL2 skips loading HW_CONFIG dtb for
+ * RESET_TO_BL2 builds.
+ * The code below relies on dynamic mapping capability,
+ * which is not supported by xlat tables lib V1.
* TODO: remove the ARM_XLAT_TABLES_LIB_V1 check when its support
* gets deprecated.
*/
-#if !RESET_TO_SP_MIN && !BL2_AT_EL3 && !ARM_XLAT_TABLES_LIB_V1
+#if !RESET_TO_SP_MIN && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1
hw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, HW_CONFIG_ID);
assert(hw_config_info != NULL);
assert(hw_config_info->config_addr != 0UL);
@@ -117,5 +118,5 @@
rc);
panic();
}
-#endif /* !RESET_TO_SP_MIN && !BL2_AT_EL3 && !ARM_XLAT_TABLES_LIB_V1 */
+#endif /*!RESET_TO_SP_MIN && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1*/
}
diff --git a/plat/arm/board/fvp/sp_min/sp_min-fvp.mk b/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
index 183d802..4ddba6f 100644
--- a/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
+++ b/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -23,7 +23,7 @@
# Support for fconf in SP_MIN(BL32)
# Added separately from the above list for better readability
-ifeq ($(filter 1,${BL2_AT_EL3} ${RESET_TO_SP_MIN}),)
+ifeq ($(filter 1,${RESET_TO_BL2} ${RESET_TO_SP_MIN}),)
BL32_SOURCES += lib/fconf/fconf.c \
lib/fconf/fconf_dyn_cfg_getter.c \
plat/arm/board/fvp/fconf/fconf_hw_config_getter.c \
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
index 1ac0a9c..a642929 100644
--- a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
+++ b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
@@ -109,10 +109,10 @@
ARM_MAP_BL_COHERENT_RAM,
#endif
/* DRAM1_region: */
- MAP_REGION_FLAT( \
- PLAT_ARM_DRAM1_BASE, \
- PLAT_ARM_DRAM1_SIZE, \
- MT_MEMORY | MT_SECURE | MT_EXECUTE \
+ MAP_REGION_FLAT(
+ PLAT_ARM_DRAM1_BASE,
+ PLAT_ARM_DRAM1_SIZE,
+ MT_MEMORY | MT_SECURE | MT_EXECUTE
| MT_RW | MT_NON_CACHEABLE),
/* NULL terminator: */
{0}
diff --git a/plat/arm/board/fvp_r/fvp_r_debug.S b/plat/arm/board/fvp_r/fvp_r_debug.S
index 88f0a29..cc5ffc0 100644
--- a/plat/arm/board/fvp_r/fvp_r_debug.S
+++ b/plat/arm/board/fvp_r/fvp_r_debug.S
@@ -11,7 +11,7 @@
.globl el2_panic
/***********************************************************
- * The common implementation of do_panic for all BL stages
+ * The common implementation of el3_panic for all BL stages
***********************************************************/
.section .rodata.panic_str, "aS"
diff --git a/plat/arm/board/juno/juno_common.c b/plat/arm/board/juno/juno_common.c
index 038f604..451c7df 100644
--- a/plat/arm/board/juno/juno_common.c
+++ b/plat/arm/board/juno/juno_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -50,7 +50,7 @@
ARM_MAP_OPTEE_CORE_MEM,
ARM_OPTEE_PAGEABLE_LOAD_MEM,
#endif
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
{0}
diff --git a/plat/arm/board/morello/include/platform_def.h b/plat/arm/board/morello/include/platform_def.h
index 08e2d60..76e63aa 100644
--- a/plat/arm/board/morello/include/platform_def.h
+++ b/plat/arm/board/morello/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -191,4 +191,7 @@
/* Number of SCMI channels on the platform */
#define PLAT_ARM_SCMI_CHANNEL_COUNT U(1)
+/* Platform ID address */
+#define SSC_VERSION (SSC_REG_BASE + SSC_VERSION_OFFSET)
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/morello/morello_bl2_setup.c b/plat/arm/board/morello/morello_bl2_setup.c
index da1f7ae..ec87a8e 100644
--- a/plat/arm/board/morello/morello_bl2_setup.c
+++ b/plat/arm/board/morello/morello_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,6 +33,7 @@
* - remote_chip_count
* - multichip mode
* - scc configuration
+ * - silicon revision
*/
struct morello_plat_info {
uint64_t local_ddr_size;
@@ -40,6 +41,7 @@
uint8_t remote_chip_count;
bool multichip_mode;
uint32_t scc_config;
+ uint32_t silicon_revision;
} __packed;
#endif
diff --git a/plat/arm/board/morello/morello_bl31_setup.c b/plat/arm/board/morello/morello_bl31_setup.c
index e04587d..8f01592 100644
--- a/plat/arm/board/morello/morello_bl31_setup.c
+++ b/plat/arm/board/morello/morello_bl31_setup.c
@@ -1,16 +1,57 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <drivers/arm/css/css_mhu_doorbell.h>
#include <drivers/arm/css/scmi.h>
+#include <drivers/arm/css/sds.h>
+#include <lib/smccc.h>
#include <plat/arm/common/plat_arm.h>
+#include <services/arm_arch_svc.h>
#include "morello_def.h"
#include <platform_def.h>
+#ifdef TARGET_PLATFORM_FVP
+/*
+ * Platform information structure stored in SDS.
+ * This structure holds information about platform's DDR
+ * size
+ * - Local DDR size in bytes, DDR memory in main board
+ */
+struct morello_plat_info {
+ uint64_t local_ddr_size;
+} __packed;
+#else
+/*
+ * Platform information structure stored in SDS.
+ * This structure holds information about platform's DDR
+ * size which is an information about multichip setup
+ * - Local DDR size in bytes, DDR memory in main board
+ * - Remote DDR size in bytes, DDR memory in remote board
+ * - remote_chip_count
+ * - multichip mode
+ * - scc configuration
+ * - silicon revision
+ */
+struct morello_plat_info {
+ uint64_t local_ddr_size;
+ uint64_t remote_ddr_size;
+ uint8_t remote_chip_count;
+ bool multichip_mode;
+ uint32_t scc_config;
+ uint32_t silicon_revision;
+} __packed;
+
+struct morello_plat_info plat_info;
+#endif
+
+/* Compile time assertion to ensure the size of structure is of the required bytes */
+CASSERT(sizeof(struct morello_plat_info) == MORELLO_SDS_PLATFORM_INFO_SIZE,
+ assert_invalid_plat_info_size);
+
static scmi_channel_plat_info_t morello_scmi_plat_info = {
.scmi_mbx_mem = MORELLO_SCMI_PAYLOAD_BASE,
.db_reg_addr = PLAT_CSS_MHU_BASE + CSS_SCMI_MHU_DB_REG_OFF,
@@ -31,5 +72,63 @@
void bl31_platform_setup(void)
{
+#ifdef TARGET_PLATFORM_SOC
+ int ret;
+
+ ret = sds_init();
+ if (ret != SDS_OK) {
+ ERROR("SDS initialization failed. ret:%d\n", ret);
+ panic();
+ }
+
+ ret = sds_struct_read(MORELLO_SDS_PLATFORM_INFO_STRUCT_ID,
+ MORELLO_SDS_PLATFORM_INFO_OFFSET,
+ &plat_info,
+ MORELLO_SDS_PLATFORM_INFO_SIZE,
+ SDS_ACCESS_MODE_NON_CACHED);
+ if (ret != SDS_OK) {
+ ERROR("Error getting platform info from SDS. ret:%d\n", ret);
+ panic();
+ }
+#endif
arm_bl31_platform_setup();
}
+
+#ifdef TARGET_PLATFORM_SOC
+/*****************************************************************************
+ * plat_is_smccc_feature_available() - This function checks whether SMCCC
+ * feature is availabile for platform.
+ * @fid: SMCCC function id
+ *
+ * Return SMC_ARCH_CALL_SUCCESS if SMCCC feature is available and
+ * SMC_ARCH_CALL_NOT_SUPPORTED otherwise.
+ *****************************************************************************/
+int32_t plat_is_smccc_feature_available(u_register_t fid)
+{
+ switch (fid) {
+ case SMCCC_ARCH_SOC_ID:
+ return SMC_ARCH_CALL_SUCCESS;
+ default:
+ return SMC_ARCH_CALL_NOT_SUPPORTED;
+ }
+}
+
+/* Get SOC version */
+int32_t plat_get_soc_version(void)
+{
+ int ssc_version;
+
+ ssc_version = mmio_read_32(SSC_VERSION);
+
+ return (int32_t)
+ (SOC_ID_SET_JEP_106(ARM_SOC_CONTINUATION_CODE,
+ ARM_SOC_IDENTIFICATION_CODE) |
+ (GET_SSC_VERSION_PART_NUM(ssc_version) & SOC_ID_IMPL_DEF_MASK));
+}
+
+/* Get SOC revision */
+int32_t plat_get_soc_revision(void)
+{
+ return (int32_t)plat_info.silicon_revision;
+}
+#endif
diff --git a/plat/arm/board/morello/morello_def.h b/plat/arm/board/morello/morello_def.h
index f154924..2898774 100644
--- a/plat/arm/board/morello/morello_def.h
+++ b/plat/arm/board/morello/morello_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,7 +21,7 @@
#ifdef TARGET_PLATFORM_FVP
# define MORELLO_SDS_PLATFORM_INFO_SIZE U(8)
#else
-# define MORELLO_SDS_PLATFORM_INFO_SIZE U(22)
+# define MORELLO_SDS_PLATFORM_INFO_SIZE U(26)
#endif
#define MORELLO_MAX_DDR_CAPACITY U(0x1000000000)
#define MORELLO_MAX_REMOTE_CHIP_COUNT U(16)
diff --git a/plat/arm/board/morello/morello_image_load.c b/plat/arm/board/morello/morello_image_load.c
index 52d46f3..5fc87a0 100644
--- a/plat/arm/board/morello/morello_image_load.c
+++ b/plat/arm/board/morello/morello_image_load.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,7 @@
* - remote_chip_count
* - multichip mode
* - scc configuration
+ * - silicon revision
*/
struct morello_plat_info {
uint64_t local_ddr_size;
@@ -41,6 +42,7 @@
uint8_t remote_chip_count;
bool multichip_mode;
uint32_t scc_config;
+ uint32_t silicon_revision;
} __packed;
#endif
diff --git a/plat/arm/board/morello/morello_plat.c b/plat/arm/board/morello/morello_plat.c
index 1da0ff9..2ca3d08 100644
--- a/plat/arm/board/morello/morello_plat.c
+++ b/plat/arm/board/morello/morello_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -42,7 +42,7 @@
MORELLO_MAP_NS_SRAM,
ARM_MAP_DRAM1,
ARM_MAP_DRAM2,
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
{0}
diff --git a/plat/arm/board/n1sdp/n1sdp_plat.c b/plat/arm/board/n1sdp/n1sdp_plat.c
index 502268c..747ff06 100644
--- a/plat/arm/board/n1sdp/n1sdp_plat.c
+++ b/plat/arm/board/n1sdp/n1sdp_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,7 +33,7 @@
N1SDP_MAP_NS_SRAM,
ARM_MAP_DRAM1,
ARM_MAP_DRAM2,
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
{0}
diff --git a/plat/arm/board/rde1edge/rde1edge_topology.c b/plat/arm/board/rde1edge/rde1edge_topology.c
index a16283e..91cc37e 100644
--- a/plat/arm/board/rde1edge/rde1edge_topology.c
+++ b/plat/arm/board/rde1edge/rde1edge_topology.c
@@ -31,6 +31,6 @@
* to the SCMI power domain ID implemented by SCP.
******************************************************************************/
const uint32_t plat_css_core_pos_to_scmi_dmn_id_map[] = {
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, \
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31
};
diff --git a/plat/arm/board/tc/include/platform_def.h b/plat/arm/board/tc/include/platform_def.h
index a3b7839..eea1be6 100644
--- a/plat/arm/board/tc/include/platform_def.h
+++ b/plat/arm/board/tc/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -200,11 +200,7 @@
#define PLAT_ARM_NSTIMER_FRAME_ID 0
-#if (TARGET_PLATFORM >= 2)
-#define PLAT_ARM_TRUSTED_ROM_BASE 0x1000
-#else
#define PLAT_ARM_TRUSTED_ROM_BASE 0x0
-#endif
/* PLAT_ARM_TRUSTED_ROM_SIZE 512KB minus ROM base. */
#define PLAT_ARM_TRUSTED_ROM_SIZE (0x00080000 - PLAT_ARM_TRUSTED_ROM_BASE)
@@ -308,4 +304,17 @@
/* virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
+#if ARM_GPT_SUPPORT
+/*
+ * This overrides the default PLAT_ARM_FIP_OFFSET_IN_GPT in board_css_def.h.
+ * Offset of the FIP in the GPT image. BL1 component uses this option
+ * as it does not load the partition table to get the FIP base
+ * address. At sector 48 for TC to align with ATU page size boundaries (8KiB)
+ * (i.e. after reserved sectors 0-47).
+ * Offset = 48 * 512 = 0x6000
+ */
+#undef PLAT_ARM_FIP_OFFSET_IN_GPT
+#define PLAT_ARM_FIP_OFFSET_IN_GPT 0x6000
+#endif /* ARM_GPT_SUPPORT */
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/tc/include/tc_plat.h b/plat/arm/board/tc/include/tc_plat.h
index f7ce2fe..ba1831f 100644
--- a/plat/arm/board/tc/include/tc_plat.h
+++ b/plat/arm/board/tc/include/tc_plat.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,6 +11,7 @@
#ifdef PLATFORM_TEST
void run_platform_tests(void);
+void nv_counter_test(void);
#endif
#endif /* TC_PLAT_H */
diff --git a/plat/arm/board/tc/nv_counter_test.c b/plat/arm/board/tc/nv_counter_test.c
new file mode 100644
index 0000000..76c9915
--- /dev/null
+++ b/plat/arm/board/tc/nv_counter_test.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2023, ARM Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+
+#include <drivers/arm/rss_comms.h>
+#include <plat/common/platform.h>
+#include "rss_platform_api.h"
+
+#include <platform_def.h>
+
+void nv_counter_test(void)
+{
+ psa_status_t status;
+ uint32_t old_val;
+ uint32_t new_val;
+ uint32_t id;
+
+ status = rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE, PLAT_RSS_AP_RCV_MHU_BASE);
+ if (status != PSA_SUCCESS) {
+ printf("Failed to initialize RSS communication channel\n");
+ plat_error_handler(-1);
+ }
+
+ for (id = 0; id < 3; id++) {
+ status = rss_platform_nv_counter_read(id, sizeof(old_val), (uint8_t *)&old_val);
+ if (status != PSA_SUCCESS) {
+ printf("Failed during first id=(%d) rss_platform_nv_counter_read\n",
+ id);
+ plat_error_handler(-1);
+ }
+
+ status = rss_platform_nv_counter_increment(id);
+ if (status != PSA_SUCCESS) {
+ printf("Failed during id=(%d) rss_platform_nv_counter_increment\n",
+ id);
+ plat_error_handler(-1);
+ }
+
+ status = rss_platform_nv_counter_read(id, sizeof(new_val), (uint8_t *)&new_val);
+ if (status != PSA_SUCCESS) {
+ printf("Failed during second id=(%d) rss_platform_nv_counter_read\n",
+ id);
+ plat_error_handler(-1);
+ }
+
+ if (old_val + 1 != new_val) {
+ printf("Failed nv_counter_test: old_val (%d) + 1 != new_val (%d)\n",
+ old_val, new_val);
+ plat_error_handler(-1);
+ }
+ }
+ printf("Passed nv_counter_test\n");
+}
diff --git a/plat/arm/board/tc/platform.mk b/plat/arm/board/tc/platform.mk
index 2182477..05dca91 100644
--- a/plat/arm/board/tc/platform.mk
+++ b/plat/arm/board/tc/platform.mk
@@ -1,4 +1,4 @@
-# Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2021-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -196,10 +196,30 @@
endif
-# Add this include as first, before arm_common.mk. This is necessary because
-# arm_common.mk builds Mbed TLS, and platform_test.mk can change the list of
-# Mbed TLS files that are to be compiled (LIBMBEDTLS_SRCS).
-include plat/arm/board/tc/platform_test.mk
+ifeq (${PLATFORM_TEST},rss-nv-counters)
+ include drivers/arm/rss/rss_comms.mk
+
+ # Test code.
+ BL31_SOURCES += plat/arm/board/tc/nv_counter_test.c
+
+ # Code under testing.
+ BL31_SOURCES += lib/psa/rss_platform.c \
+ drivers/arm/rss/rss_comms.c \
+ ${RSS_COMMS_SOURCES}
+
+ PLAT_INCLUDES += -Iinclude/lib/psa
+
+ $(eval $(call add_define,PLATFORM_TEST))
+else ifeq (${PLATFORM_TEST},tfm-testsuite)
+ # Add this include as first, before arm_common.mk. This is necessary
+ # because arm_common.mk builds Mbed TLS, and platform_test.mk can
+ # change the list of Mbed TLS files that are to be compiled
+ # (LIBMBEDTLS_SRCS).
+ include plat/arm/board/tc/platform_test.mk
+else ifneq (${PLATFORM_TEST},)
+ $(error "Unsupported PLATFORM_TEST value")
+endif
+
include plat/arm/common/arm_common.mk
include plat/arm/css/common/css_common.mk
diff --git a/plat/arm/board/tc/platform_test.mk b/plat/arm/board/tc/platform_test.mk
index c2ee69e..5cdbb86 100644
--- a/plat/arm/board/tc/platform_test.mk
+++ b/plat/arm/board/tc/platform_test.mk
@@ -1,9 +1,9 @@
-# Copyright (c) 2022, Arm Limited. All rights reserved.
+# Copyright (c) 2022-2023, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
-ifeq (${PLATFORM_TEST},1)
+ifeq (${PLATFORM_TEST},tfm-testsuite)
# The variables need to be set to compile the platform test:
ifeq (${TF_M_TESTS_PATH},)
diff --git a/plat/arm/board/tc/tc_bl31_setup.c b/plat/arm/board/tc/tc_bl31_setup.c
index c79558d..1c1e2fb 100644
--- a/plat/arm/board/tc/tc_bl31_setup.c
+++ b/plat/arm/board/tc/tc_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -52,9 +52,13 @@
void tc_bl31_common_platform_setup(void)
{
arm_bl31_platform_setup();
-#ifdef PLATFORM_TEST
- run_platform_tests();
+#ifdef PLATFORM_TEST
+#if PLATFORM_TEST == rss-nv-counters
+ nv_counter_test();
+#elif PLATFORM_TEST == tfm-testsuite
+ run_platform_tests()
+#endif
/* Suspend booting */
plat_error_handler(-1);
#endif
diff --git a/plat/arm/board/tc/tc_plat.c b/plat/arm/board/tc/tc_plat.c
index 77db023..228f2fa 100644
--- a/plat/arm/board/tc/tc_plat.c
+++ b/plat/arm/board/tc/tc_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -48,7 +48,7 @@
#if SPM_MM
ARM_SP_IMAGE_MMAP,
#endif
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
#ifdef SPD_opteed
diff --git a/plat/arm/common/aarch64/arm_helpers.S b/plat/arm/common/aarch64/arm_helpers.S
index b470781..ed85ea1 100644
--- a/plat/arm/common/aarch64/arm_helpers.S
+++ b/plat/arm/common/aarch64/arm_helpers.S
@@ -129,7 +129,7 @@
* Single cpu stack in coherent memory.
* ----------------------------------------------------
*/
-declare_stack platform_coherent_stacks, tzfw_coherent_mem, \
+declare_stack platform_coherent_stacks, .tzfw_coherent_mem, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
#endif /* defined(IMAGE_BL1) || defined(IMAGE_BL2) */
diff --git a/plat/arm/common/aarch64/arm_sdei.c b/plat/arm/common/aarch64/arm_sdei.c
index 3c74a46..2e76118 100644
--- a/plat/arm/common/aarch64/arm_sdei.c
+++ b/plat/arm/common/aarch64/arm_sdei.c
@@ -38,7 +38,7 @@
}
for (i = 0; i < FCONF_GET_PROPERTY(sdei, dyn_config, shared_ev_cnt); i++) {
- arm_sdei_shared[i] = (sdei_ev_map_t)SDEI_SHARED_EVENT( \
+ arm_sdei_shared[i] = (sdei_ev_map_t)SDEI_SHARED_EVENT(
FCONF_GET_PROPERTY(sdei, dyn_config, shared_ev_nums[i]),
FCONF_GET_PROPERTY(sdei, dyn_config, shared_ev_intrs[i]),
FCONF_GET_PROPERTY(sdei, dyn_config, shared_ev_flags[i]));
diff --git a/plat/arm/common/arm_bl2_el3_setup.c b/plat/arm/common/arm_bl2_el3_setup.c
index 97b5a88..b598c59 100644
--- a/plat/arm/common/arm_bl2_el3_setup.c
+++ b/plat/arm/common/arm_bl2_el3_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,7 +34,7 @@
/*
* Allow BL2 to see the whole Trusted RAM. This is determined
* statically since we cannot rely on BL1 passing this information
- * in the BL2_AT_EL3 case.
+ * in the RESET_TO_BL2 case.
*/
bl2_el3_tzram_layout.total_base = ARM_BL_RAM_BASE;
bl2_el3_tzram_layout.total_size = ARM_BL_RAM_SIZE;
@@ -71,7 +71,9 @@
{
#if USE_COHERENT_MEM
- /* Ensure ARM platforms dont use coherent memory in BL2_AT_EL3 */
+ /* Ensure ARM platforms dont use coherent memory
+ * in RESET_TO_BL2
+ */
assert(BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE == 0U);
#endif
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index 7162ce9..4d5a56a 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -283,7 +283,7 @@
BL1_SOURCES += ${DYN_CFG_SOURCES}
BL2_SOURCES += ${DYN_CFG_SOURCES}
-ifeq (${BL2_AT_EL3},1)
+ifeq (${RESET_TO_BL2},1)
BL2_SOURCES += plat/arm/common/arm_bl2_el3_setup.c
endif
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index c88621e..99e2809 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,20 +8,20 @@
#include <string.h>
#include <libfdt.h>
-#include <platform_def.h>
+#if CRYPTO_SUPPORT
+#include <mbedtls/version.h>
+#endif /* CRYPTO_SUPPORT */
#include <common/debug.h>
#include <common/desc_image_load.h>
#include <common/tbbr/tbbr_img_def.h>
-#if CRYPTO_SUPPORT
-#include MBEDTLS_CONFIG_FILE
-#endif /* CRYPTO_SUPPORT */
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
#include <lib/fconf/fconf_tbbr_getter.h>
#include <plat/arm/common/arm_dyn_cfg_helpers.h>
#include <plat/arm/common/plat_arm.h>
+#include <platform_def.h>
#if CRYPTO_SUPPORT
@@ -45,9 +45,9 @@
assert(heap_addr != NULL);
assert(heap_size != NULL);
-#if defined(IMAGE_BL1) || BL2_AT_EL3 || defined(IMAGE_BL31)
+#if defined(IMAGE_BL1) || RESET_TO_BL2 || defined(IMAGE_BL31)
- /* If in BL1 or BL2_AT_EL3 define a heap */
+ /* If in BL1 or RESET_TO_BL2 define a heap */
static unsigned char heap[TF_MBEDTLS_HEAP_SIZE];
*heap_addr = heap;
diff --git a/plat/arm/common/arm_gicv3.c b/plat/arm/common/arm_gicv3.c
index 469e22a..1c95afb 100644
--- a/plat/arm/common/arm_gicv3.c
+++ b/plat/arm/common/arm_gicv3.c
@@ -48,8 +48,8 @@
* data in the designated EL3 Secure carve-out memory. The `used` attribute
* is used to prevent the compiler from removing the gicv3 contexts.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("arm_el3_tzc_dram") __used;
-static gicv3_dist_ctx_t dist_ctx __section("arm_el3_tzc_dram") __used;
+static gicv3_redist_ctx_t rdist_ctx __section(".arm_el3_tzc_dram") __used;
+static gicv3_dist_ctx_t dist_ctx __section(".arm_el3_tzc_dram") __used;
/* Define accessor function to get reference to the GICv3 context */
DEFINE_LOAD_SYM_ADDR(rdist_ctx)
diff --git a/plat/arm/common/arm_pm.c b/plat/arm/common/arm_pm.c
index 5434c94..62cc8bb 100644
--- a/plat/arm/common/arm_pm.c
+++ b/plat/arm/common/arm_pm.c
@@ -191,7 +191,7 @@
* ARM_SHARED_RAM region.
*/
assert((PLAT_ARM_TRUSTED_MAILBOX_BASE >= ARM_SHARED_RAM_BASE) &&
- ((PLAT_ARM_TRUSTED_MAILBOX_BASE + sizeof(*mailbox)) <= \
+ ((PLAT_ARM_TRUSTED_MAILBOX_BASE + sizeof(*mailbox)) <=
(ARM_SHARED_RAM_BASE + ARM_SHARED_RAM_SIZE)));
}
diff --git a/plat/arm/css/sgi/sgi_plat.c b/plat/arm/css/sgi/sgi_plat.c
index a0199c3..b8ba49f 100644
--- a/plat/arm/css/sgi/sgi_plat.c
+++ b/plat/arm/css/sgi/sgi_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -64,7 +64,7 @@
#if SPM_MM
ARM_SP_IMAGE_MMAP,
#endif
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
{0}
diff --git a/plat/arm/css/sgi/sgi_plat_v2.c b/plat/arm/css/sgi/sgi_plat_v2.c
index cef5345..8d38108 100644
--- a/plat/arm/css/sgi/sgi_plat_v2.c
+++ b/plat/arm/css/sgi/sgi_plat_v2.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -57,7 +57,7 @@
#if SPM_MM
ARM_SP_IMAGE_MMAP,
#endif
-#if TRUSTED_BOARD_BOOT && !BL2_AT_EL3
+#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
{0}
diff --git a/plat/common/aarch32/platform_mp_stack.S b/plat/common/aarch32/platform_mp_stack.S
index 6c3d08d..314e87a 100644
--- a/plat/common/aarch32/platform_mp_stack.S
+++ b/plat/common/aarch32/platform_mp_stack.S
@@ -43,5 +43,5 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT
diff --git a/plat/common/aarch32/platform_up_stack.S b/plat/common/aarch32/platform_up_stack.S
index 836c13a..69e112f 100644
--- a/plat/common/aarch32/platform_up_stack.S
+++ b/plat/common/aarch32/platform_up_stack.S
@@ -43,5 +43,5 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
diff --git a/plat/common/aarch64/plat_common.c b/plat/common/aarch64/plat_common.c
index 8ce1d6c..042916a 100644
--- a/plat/common/aarch64/plat_common.c
+++ b/plat/common/aarch64/plat_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -77,7 +77,7 @@
return "EL1";
}
-/* RAS functions common to AArch64 ARM platforms */
+/* Handler for External Aborts from lower EL including RAS errors */
void plat_default_ea_handler(unsigned int ea_reason, uint64_t syndrome, void *cookie,
void *handle, uint64_t flags)
{
@@ -93,12 +93,9 @@
ERROR("Unhandled External Abort received on 0x%lx from %s\n",
read_mpidr_el1(), get_el_str(level));
ERROR("exception reason=%u syndrome=0x%" PRIx64 "\n", ea_reason, syndrome);
-#if HANDLE_EA_EL3_FIRST_NS
- /* Skip backtrace for lower EL */
- if (level != MODE_EL3) {
- console_flush();
- do_panic();
- }
-#endif
- panic();
+
+ /* We reached here due to a panic from a lower EL and assuming this is the default
+ * platform registered handler that we could call on a lower EL panic.
+ */
+ lower_el_panic();
}
diff --git a/plat/common/aarch64/platform_mp_stack.S b/plat/common/aarch64/platform_mp_stack.S
index c0668ea..fa1ca22 100644
--- a/plat/common/aarch64/platform_mp_stack.S
+++ b/plat/common/aarch64/platform_mp_stack.S
@@ -56,6 +56,6 @@
* stack of PLATFORM_STACK_SIZE bytes.
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, PLATFORM_CORE_COUNT, \
CACHE_WRITEBACK_GRANULE
diff --git a/plat/common/aarch64/platform_up_stack.S b/plat/common/aarch64/platform_up_stack.S
index c6e5e2d..2c87219 100644
--- a/plat/common/aarch64/platform_up_stack.S
+++ b/plat/common/aarch64/platform_up_stack.S
@@ -46,5 +46,5 @@
* are allocated
* -----------------------------------------------------
*/
-declare_stack platform_normal_stacks, tzfw_normal_stacks, \
+declare_stack platform_normal_stacks, .tzfw_normal_stacks, \
PLATFORM_STACK_SIZE, 1, CACHE_WRITEBACK_GRANULE
diff --git a/plat/hisilicon/hikey/platform.mk b/plat/hisilicon/hikey/platform.mk
index 2bfc582..807a915 100644
--- a/plat/hisilicon/hikey/platform.mk
+++ b/plat/hisilicon/hikey/platform.mk
@@ -1,11 +1,11 @@
#
-# Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
# On Hikey, the TSP can execute from TZC secure area in DRAM (default)
# or SRAM.
diff --git a/plat/hisilicon/hikey960/hikey960_bl31_setup.c b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
index 0debe1e..50751ee 100644
--- a/plat/hisilicon/hikey960/hikey960_bl31_setup.c
+++ b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
@@ -183,7 +183,7 @@
#define SPMC_SHARED_MEMORY_OBJ_SIZE (512 * 1024)
-__section("ram2_region") uint8_t plat_spmc_shmem_datastore[SPMC_SHARED_MEMORY_OBJ_SIZE];
+__section(".ram2_region") uint8_t plat_spmc_shmem_datastore[SPMC_SHARED_MEMORY_OBJ_SIZE];
int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size)
{
diff --git a/plat/hisilicon/hikey960/include/plat.ld.S b/plat/hisilicon/hikey960/include/plat.ld.S
index 0cc25cd..f8bd376 100644
--- a/plat/hisilicon/hikey960/include/plat.ld.S
+++ b/plat/hisilicon/hikey960/include/plat.ld.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,8 +14,8 @@
SECTIONS
{
- ram2_region (NOLOAD) : {
- *(ram2_region)
+ .ram2_region (NOLOAD) : {
+ *(.ram2_region)
}>RAM2
}
diff --git a/plat/hisilicon/hikey960/platform.mk b/plat/hisilicon/hikey960/platform.mk
index 4c3c817..fd11a4d 100644
--- a/plat/hisilicon/hikey960/platform.mk
+++ b/plat/hisilicon/hikey960/platform.mk
@@ -1,11 +1,11 @@
#
-# Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
# On Hikey960, the TSP can execute from TZC secure area in DRAM.
HIKEY960_TSP_RAM_LOCATION ?= dram
diff --git a/plat/imx/common/imx_sip_svc.c b/plat/imx/common/imx_sip_svc.c
index 11d02f3..6d6633c 100644
--- a/plat/imx/common/imx_sip_svc.c
+++ b/plat/imx/common/imx_sip_svc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,6 +33,11 @@
case IMX_SIP_GET_SOC_INFO:
SMC_RET1(handle, imx_soc_info_handler(smc_fid, x1, x2, x3));
break;
+ case IMX_SIP_GPC:
+ SMC_RET1(handle, imx_gpc_handler(smc_fid, x1, x2, x3));
+ break;
+ case IMX_SIP_DDR_DVFS:
+ return dram_dvfs_handler(smc_fid, handle, x1, x2, x3);
#endif
#if defined(PLAT_imx8mm) || defined(PLAT_imx8mn) || defined(PLAT_imx8mp)
case IMX_SIP_DDR_DVFS:
diff --git a/plat/imx/common/include/imx_sip_svc.h b/plat/imx/common/include/imx_sip_svc.h
index 1f45985..0e91c71 100644
--- a/plat/imx/common/include/imx_sip_svc.h
+++ b/plat/imx/common/include/imx_sip_svc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -55,6 +55,10 @@
#if defined(PLAT_imx8mq)
int imx_soc_info_handler(uint32_t smc_fid, u_register_t x1,
u_register_t x2, u_register_t x3);
+int imx_gpc_handler(uint32_t smc_fid, u_register_t x1,
+ u_register_t x2, u_register_t x3);
+int dram_dvfs_handler(uint32_t smc_fid, void *handle,
+ u_register_t x1, u_register_t x2, u_register_t x3);
#endif
#if defined(PLAT_imx8mm) || defined(PLAT_imx8mn) || defined(PLAT_imx8mp)
int dram_dvfs_handler(uint32_t smc_fid, void *handle,
diff --git a/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c b/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
index 66a57a1..228cff8 100644
--- a/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
+++ b/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c
@@ -412,8 +412,6 @@
RPC_SIZE(&msg) = 2U;
sc_call_rpc(ipc, &msg, SC_TRUE);
-
- return;
}
sc_err_t sc_pm_reboot_partition(sc_ipc_t ipc, sc_rm_pt_t pt,
diff --git a/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c b/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
index 16771a5..2cea01f 100644
--- a/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
+++ b/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c
@@ -632,8 +632,6 @@
RPC_SIZE(&msg) = 1U;
sc_call_rpc(ipc, &msg, SC_FALSE);
-
- return;
}
/**@}*/
diff --git a/plat/imx/imx7/picopi/platform.mk b/plat/imx/imx7/picopi/platform.mk
index 5901001..0267a8b 100644
--- a/plat/imx/imx7/picopi/platform.mk
+++ b/plat/imx/imx7/picopi/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -22,7 +22,7 @@
RESET_TO_BL31 := 0
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
# Indicate single-core
COLD_BOOT_SINGLE_CPU := 1
diff --git a/plat/imx/imx7/warp7/platform.mk b/plat/imx/imx7/warp7/platform.mk
index ea0f001..bd3d8d3 100644
--- a/plat/imx/imx7/warp7/platform.mk
+++ b/plat/imx/imx7/warp7/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -22,7 +22,7 @@
RESET_TO_BL31 := 0
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
# Indicate single-core
COLD_BOOT_SINGLE_CPU := 1
diff --git a/plat/imx/imx8m/ddr/clock.c b/plat/imx/imx8m/ddr/clock.c
index 7fb5730..8b132d2 100644
--- a/plat/imx/imx8m/ddr/clock.c
+++ b/plat/imx/imx8m/ddr/clock.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2022 NXP
+ * Copyright 2018-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -76,7 +76,7 @@
/* unbypass the PLL */
mmio_clrbits_32(HW_DRAM_PLL_CFG0, 0x30);
- while (!(mmio_read_32(HW_DRAM_PLL_CFG0) & (1 << 31))) {
+ while (!(mmio_read_32(HW_DRAM_PLL_CFG0) & BIT(31))) {
;
}
}
@@ -88,6 +88,12 @@
mmio_clrbits_32(DRAM_PLL_CTRL, (1 << 9));
switch (drate) {
+ case 4000:
+ mmio_write_32(DRAM_PLL_CTRL + 0x4, (250 << 12) | (3 << 4) | 1);
+ break;
+ case 3200:
+ mmio_write_32(DRAM_PLL_CTRL + 0x4, (200 << 12) | (3 << 4) | 1);
+ break;
case 2400:
mmio_write_32(DRAM_PLL_CTRL + 0x4, (300 << 12) | (3 << 4) | 2);
break;
diff --git a/plat/imx/imx8m/ddr/ddr4_dvfs.c b/plat/imx/imx8m/ddr/ddr4_dvfs.c
index cdc7dc2..94bfaba 100644
--- a/plat/imx/imx8m/ddr/ddr4_dvfs.c
+++ b/plat/imx/imx8m/ddr/ddr4_dvfs.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2022 NXP
+ * Copyright 2018-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,7 +9,8 @@
#include <dram.h>
-void ddr4_mr_write(uint32_t mr, uint32_t data, uint32_t mr_type, uint32_t rank)
+void ddr4_mr_write(uint32_t mr, uint32_t data, uint32_t mr_type,
+ uint32_t rank, uint32_t dram_type)
{
uint32_t val, mr_mirror, data_mirror;
@@ -17,20 +18,40 @@
* 1. Poll MRSTAT.mr_wr_busy until it is 0 to make sure
* that there is no outstanding MR transAction.
*/
- while (mmio_read_32(DDRC_MRSTAT(0)) & 0x1) {
- ;
- }
/*
+ * ERR050712:
+ * When performing a software driven MR access, the following sequence
+ * must be done automatically before performing other APB register accesses.
+ * 1. Set MRCTRL0.mr_wr=1
+ * 2. Check for MRSTAT.mr_wr_busy=0. If not, go to step (2)
+ * 3. Check for MRSTAT.mr_wr_busy=0 again (for the second time). If not, go to step (2)
+ */
+ mmio_setbits_32(DDRC_MRCTRL0(0), BIT(31));
+
+ do {
+ while (mmio_read_32(DDRC_MRSTAT(0)) & 0x1) {
+ ;
+ }
+
+ } while (mmio_read_32(DDRC_MRSTAT(0)) & 0x1);
+
+ /*
* 2. Write the MRCTRL0.mr_type, MRCTRL0.mr_addr, MRCTRL0.mr_rank
* and (for MRWs) MRCTRL1.mr_data to define the MR transaction.
*/
val = mmio_read_32(DDRC_DIMMCTL(0));
if ((val & 0x2) && (rank == 0x2)) {
mr_mirror = (mr & 0x4) | ((mr & 0x1) << 1) | ((mr & 0x2) >> 1); /* BA0, BA1 swap */
- data_mirror = (data & 0x1607) | ((data & 0x8) << 1) | ((data & 0x10) >> 1) |
+ if (dram_type == DDRC_DDR4) {
+ data_mirror = (data & 0x1607) | ((data & 0x8) << 1) | ((data & 0x10) >> 1) |
((data & 0x20) << 1) | ((data & 0x40) >> 1) | ((data & 0x80) << 1) |
- ((data & 0x100) >> 1) | ((data & 0x800) << 2) | ((data & 0x2000) >> 2) ;
+ ((data & 0x100) >> 1) | ((data & 0x800) << 2) | ((data & 0x2000) >> 2) ;
+ } else {
+ data_mirror = (data & 0xfe07) | ((data & 0x8) << 1) | ((data & 0x10) >> 1) |
+ ((data & 0x20) << 1) | ((data & 0x40) >> 1) | ((data & 0x80) << 1) |
+ ((data & 0x100) >> 1);
+ }
} else {
mr_mirror = mr;
data_mirror = data;
@@ -56,6 +77,7 @@
void dram_cfg_all_mr(struct dram_info *info, uint32_t pstate)
{
uint32_t num_rank = info->num_rank;
+ uint32_t dram_type = info->dram_type;
/*
* 15. Perform MRS commands as required to re-program
* timing registers in the SDRAM for the new frequency
@@ -64,9 +86,9 @@
for (int i = 1; i <= num_rank; i++) {
for (int j = 0; j < 6; j++) {
- ddr4_mr_write(j, info->mr_table[pstate][j], 0, i);
+ ddr4_mr_write(j, info->mr_table[pstate][j], 0, i, dram_type);
}
- ddr4_mr_write(6, info->mr_table[pstate][7], 0, i);
+ ddr4_mr_write(6, info->mr_table[pstate][7], 0, i, dram_type);
}
}
@@ -189,8 +211,8 @@
* 12. Wait until STAT.operating_mode[1:0]!=11 indicating that the
* controller is not in self-refresh mode.
*/
- while ((mmio_read_32(DDRC_STAT(0)) & 0x3) == 0x3) {
- ;
+ if ((mmio_read_32(DDRC_STAT(0)) & 0x3) == 0x3) {
+ VERBOSE("DRAM is in Self Refresh\n");
}
/*
diff --git a/plat/imx/imx8m/ddr/dram.c b/plat/imx/imx8m/ddr/dram.c
index 8ea9ba1..b5f6973 100644
--- a/plat/imx/imx8m/ddr/dram.c
+++ b/plat/imx/imx8m/ddr/dram.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2022 NXP
+ * Copyright 2019-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,6 +11,7 @@
#include <plat/common/platform.h>
#include <dram.h>
+#include <gpc.h>
#define IMX_SIP_DDR_DVFS_GET_FREQ_COUNT 0x10
#define IMX_SIP_DDR_DVFS_GET_FREQ_INFO 0x11
@@ -20,6 +21,11 @@
/* lock used for DDR DVFS */
spinlock_t dfs_lock;
+#if defined(PLAT_imx8mq)
+/* ocram used to dram timing */
+static uint8_t dram_timing_saved[13 * 1024] __aligned(8);
+#endif
+
static volatile uint32_t wfe_done;
static volatile bool wait_ddrc_hwffc_done = true;
static unsigned int dev_fsp = 0x1;
@@ -30,6 +36,64 @@
{ DDRC_FREQ2_INIT3(0), DDRC_FREQ2_INIT4(0), DDRC_FREQ2_INIT6(0), DDRC_FREQ2_INIT7(0) },
};
+#if defined(PLAT_imx8mq)
+static inline struct dram_cfg_param *get_cfg_ptr(void *ptr,
+ void *old_base, void *new_base)
+{
+ uintptr_t offset = (uintptr_t)ptr & ~((uintptr_t)old_base);
+
+ return (struct dram_cfg_param *)(offset + new_base);
+}
+
+/* copy the dram timing info from DRAM to OCRAM */
+void imx8mq_dram_timing_copy(struct dram_timing_info *from)
+{
+ struct dram_timing_info *info = (struct dram_timing_info *)dram_timing_saved;
+
+ /* copy the whole 13KB content used for dram timing info */
+ memcpy(dram_timing_saved, from, sizeof(dram_timing_saved));
+
+ /* correct the header after copied into ocram */
+ info->ddrc_cfg = get_cfg_ptr(info->ddrc_cfg, from, dram_timing_saved);
+ info->ddrphy_cfg = get_cfg_ptr(info->ddrphy_cfg, from, dram_timing_saved);
+ info->ddrphy_trained_csr = get_cfg_ptr(info->ddrphy_trained_csr, from, dram_timing_saved);
+ info->ddrphy_pie = get_cfg_ptr(info->ddrphy_pie, from, dram_timing_saved);
+}
+#endif
+
+#if defined(PLAT_imx8mp)
+static uint32_t lpddr4_mr_read(unsigned int mr_rank, unsigned int mr_addr)
+{
+ unsigned int tmp, drate_byte;
+
+ tmp = mmio_read_32(DRC_PERF_MON_MRR0_DAT(0));
+ mmio_write_32(DRC_PERF_MON_MRR0_DAT(0), tmp | 0x1);
+ do {
+ tmp = mmio_read_32(DDRC_MRSTAT(0));
+ } while (tmp & 0x1);
+
+ mmio_write_32(DDRC_MRCTRL0(0), (mr_rank << 4) | 0x1);
+ mmio_write_32(DDRC_MRCTRL1(0), (mr_addr << 8));
+ mmio_write_32(DDRC_MRCTRL0(0), (mr_rank << 4) | BIT(31) | 0x1);
+
+ /* Workaround for SNPS STAR 9001549457 */
+ do {
+ tmp = mmio_read_32(DDRC_MRSTAT(0));
+ } while (tmp & 0x1);
+
+ do {
+ tmp = mmio_read_32(DRC_PERF_MON_MRR0_DAT(0));
+ } while (!(tmp & 0x8));
+ tmp = mmio_read_32(DRC_PERF_MON_MRR1_DAT(0));
+
+ drate_byte = (mmio_read_32(DDRC_DERATEEN(0)) >> 4) & 0xff;
+ tmp = (tmp >> (drate_byte * 8)) & 0xff;
+ mmio_write_32(DRC_PERF_MON_MRR0_DAT(0), 0x4);
+
+ return tmp;
+}
+#endif
+
static void get_mr_values(uint32_t (*mr_value)[8])
{
uint32_t init_val;
@@ -41,9 +105,38 @@
mr_value[fsp_index][2*i] = init_val >> 16;
mr_value[fsp_index][2*i + 1] = init_val & 0xFFFF;
}
+
+#if defined(PLAT_imx8mp)
+ if (dram_info.dram_type == DDRC_LPDDR4) {
+ mr_value[fsp_index][5] = lpddr4_mr_read(1, MR12); /* read MR12 from DRAM */
+ mr_value[fsp_index][7] = lpddr4_mr_read(1, MR14); /* read MR14 from DRAM */
+ }
+#endif
}
}
+static void save_rank_setting(void)
+{
+ uint32_t i, offset;
+ uint32_t pstate_num = dram_info.num_fsp;
+
+ /* only support maximum 3 setpoints */
+ pstate_num = (pstate_num > MAX_FSP_NUM) ? MAX_FSP_NUM : pstate_num;
+
+ for (i = 0U; i < pstate_num; i++) {
+ offset = i ? (i + 1) * 0x1000 : 0U;
+ dram_info.rank_setting[i][0] = mmio_read_32(DDRC_DRAMTMG2(0) + offset);
+ if (dram_info.dram_type != DDRC_LPDDR4) {
+ dram_info.rank_setting[i][1] = mmio_read_32(DDRC_DRAMTMG9(0) + offset);
+ }
+#if !defined(PLAT_imx8mq)
+ dram_info.rank_setting[i][2] = mmio_read_32(DDRC_RANKCTL(0) + offset);
+#endif
+ }
+#if defined(PLAT_imx8mq)
+ dram_info.rank_setting[0][2] = mmio_read_32(DDRC_RANKCTL(0));
+#endif
+}
/* Restore the ddrc configs */
void dram_umctl2_init(struct dram_timing_info *timing)
{
@@ -129,13 +222,19 @@
ddrc_mstr = mmio_read_32(DDRC_MSTR(0));
dram_info.dram_type = ddrc_mstr & DDR_TYPE_MASK;
- dram_info.num_rank = (ddrc_mstr >> 24) & ACTIVE_RANK_MASK;
+ dram_info.num_rank = ((ddrc_mstr >> 24) & ACTIVE_RANK_MASK) == 0x3 ?
+ DDRC_ACTIVE_TWO_RANK : DDRC_ACTIVE_ONE_RANK;
/* Get current fsp info */
- current_fsp = mmio_read_32(DDRC_DFIMISC(0)) & 0xf;
+ current_fsp = mmio_read_32(DDRC_DFIMISC(0));
+ current_fsp = (current_fsp >> 8) & 0xf;
dram_info.boot_fsp = current_fsp;
dram_info.current_fsp = current_fsp;
+#if defined(PLAT_imx8mq)
+ imx8mq_dram_timing_copy((struct dram_timing_info *)dram_timing_base);
+ dram_timing_base = (unsigned long) dram_timing_saved;
+#endif
get_mr_values(dram_info.mr_table);
dram_info.timing_info = (struct dram_timing_info *)dram_timing_base;
@@ -147,7 +246,17 @@
}
idx = i;
}
- dram_info.num_fsp = i;
+
+ /* only support maximum 3 setpoints */
+ dram_info.num_fsp = (i > MAX_FSP_NUM) ? MAX_FSP_NUM : i;
+
+ /* no valid fsp table, return directly */
+ if (i == 0U) {
+ return;
+ }
+
+ /* save the DRAMTMG2/9 for rank to rank workaround */
+ save_rank_setting();
/* check if has bypass mode support */
if (dram_info.timing_info->fsp_table[idx] < 666) {
@@ -162,8 +271,18 @@
if (rc != 0) {
panic();
}
-}
+ if (dram_info.dram_type == DDRC_LPDDR4 && current_fsp != 0x0) {
+ /* flush the L1/L2 cache */
+ dcsw_op_all(DCCSW);
+ lpddr4_swffc(&dram_info, dev_fsp, 0x0);
+ dev_fsp = (~dev_fsp) & 0x1;
+ } else if (current_fsp != 0x0) {
+ /* flush the L1/L2 cache */
+ dcsw_op_all(DCCSW);
+ ddr4_swffc(&dram_info, 0x0);
+ }
+}
/*
* For each freq return the following info:
@@ -222,7 +341,7 @@
SMC_RET1(handle, dram_info.num_fsp);
} else if (x1 == IMX_SIP_DDR_DVFS_GET_FREQ_INFO) {
return dram_dvfs_get_freq_info(handle, x2);
- } else if (x1 < 4) {
+ } else if (x1 < 3U) {
wait_ddrc_hwffc_done = true;
dsb();
@@ -232,7 +351,13 @@
plat_ic_raise_el3_sgi(0x8, i);
}
}
-
+#if defined(PLAT_imx8mq)
+ for (unsigned int i = 0; i < PLATFORM_CORE_COUNT; i++) {
+ if (i != cpu_id && online_cores & (1 << (i * 8))) {
+ imx_gpc_core_wake(1 << i);
+ }
+ }
+#endif
/* make sure all the core in WFE */
online_cores &= ~(0x1 << (cpu_id * 8));
while (1) {
@@ -247,7 +372,7 @@
if (dram_info.dram_type == DDRC_LPDDR4) {
lpddr4_swffc(&dram_info, dev_fsp, fsp_index);
dev_fsp = (~dev_fsp) & 0x1;
- } else if (dram_info.dram_type == DDRC_DDR4) {
+ } else {
ddr4_swffc(&dram_info, fsp_index);
}
diff --git a/plat/imx/imx8m/ddr/dram_retention.c b/plat/imx/imx8m/ddr/dram_retention.c
index 7d4f823..983f6e2 100644
--- a/plat/imx/imx8m/ddr/dram_retention.c
+++ b/plat/imx/imx8m/ddr/dram_retention.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2022 NXP
+ * Copyright 2018-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -18,13 +18,38 @@
#define GPC_PU_PWRHSK (IMX_GPC_BASE + 0x01FC)
#define CCM_SRC_CTRL_OFFSET (IMX_CCM_BASE + 0x800)
#define CCM_CCGR_OFFSET (IMX_CCM_BASE + 0x4000)
+#define CCM_TARGET_ROOT_OFFSET (IMX_CCM_BASE + 0x8000)
#define CCM_SRC_CTRL(n) (CCM_SRC_CTRL_OFFSET + 0x10 * (n))
#define CCM_CCGR(n) (CCM_CCGR_OFFSET + 0x10 * (n))
-
-#define DRAM_PLL_CTRL (IMX_ANAMIX_BASE + 0x50)
+#define CCM_TARGET_ROOT(n) (CCM_TARGET_ROOT_OFFSET + 0x80 * (n))
#define DBGCAM_EMPTY 0x36000000
+static void rank_setting_update(void)
+{
+ uint32_t i, offset;
+ uint32_t pstate_num = dram_info.num_fsp;
+
+ /* only support maximum 3 setpoints */
+ pstate_num = (pstate_num > MAX_FSP_NUM) ? MAX_FSP_NUM : pstate_num;
+
+ for (i = 0U; i < pstate_num; i++) {
+ offset = i ? (i + 1) * 0x1000 : 0U;
+ mmio_write_32(DDRC_DRAMTMG2(0) + offset, dram_info.rank_setting[i][0]);
+ if (dram_info.dram_type != DDRC_LPDDR4) {
+ mmio_write_32(DDRC_DRAMTMG9(0) + offset, dram_info.rank_setting[i][1]);
+ }
+
+#if !defined(PLAT_imx8mq)
+ mmio_write_32(DDRC_RANKCTL(0) + offset,
+ dram_info.rank_setting[i][2]);
+#endif
+ }
+#if defined(PLAT_imx8mq)
+ mmio_write_32(DDRC_RANKCTL(0), dram_info.rank_setting[0][2]);
+#endif
+}
+
void dram_enter_retention(void)
{
/* Wait DBGCAM to be empty */
@@ -120,6 +145,10 @@
mmio_write_32(CCM_CCGR(5), 2);
mmio_write_32(CCM_SRC_CTRL(15), 2);
+ /* change the clock source of dram_apb_clk_root */
+ mmio_write_32(CCM_TARGET_ROOT(65) + 0x8, (0x7 << 24) | (0x7 << 16));
+ mmio_write_32(CCM_TARGET_ROOT(65) + 0x4, (0x4 << 24) | (0x3 << 16));
+
/* disable iso */
mmio_setbits_32(IMX_GPC_BASE + PU_PGC_UP_TRG, BIT(5));
mmio_write_32(SRC_DDR1_RCR, 0x8F000006);
@@ -157,6 +186,9 @@
/* dram phy re-init */
dram_phy_init(dram_info.timing_info);
+ /* workaround for rank-to-rank issue */
+ rank_setting_update();
+
/* DWC_DDRPHYA_APBONLY0_MicroContMuxSel */
dwc_ddrphy_apb_wr(0xd0000, 0x0);
while (dwc_ddrphy_apb_rd(0x20097)) {
diff --git a/plat/imx/imx8m/ddr/lpddr4_dvfs.c b/plat/imx/imx8m/ddr/lpddr4_dvfs.c
index 2b4f300..2f5f7b5 100644
--- a/plat/imx/imx8m/ddr/lpddr4_dvfs.c
+++ b/plat/imx/imx8m/ddr/lpddr4_dvfs.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2022 NXP
+ * Copyright 2018-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -37,6 +37,7 @@
uint32_t val;
uint32_t derate_backup[3];
uint32_t (*mr_data)[8];
+ uint32_t phy_master;
/* 1. program targetd UMCTL2_REGS_FREQ1/2/3,already done, skip it. */
@@ -57,6 +58,8 @@
/* 12. set PWRCTL.selfref_en=0 */
mmio_clrbits_32(DDRC_PWRCTL(0), 0xf);
+ phy_master = mmio_read_32(DDRC_DFIPHYMSTR(0));
+
/* It is more safe to config it here */
mmio_clrbits_32(DDRC_DFIPHYMSTR(0), 0x1);
@@ -225,8 +228,8 @@
emr3 = (emr3 & 0x00f7) | 0x0d00;
lpddr4_mr_write(3, 13, emr3);
- /* enable PHY master */
- mmio_write_32(DDRC_DFIPHYMSTR(0), 0x1);
+ /* restore the PHY master */
+ mmio_write_32(DDRC_DFIPHYMSTR(0), phy_master);
/* 32. issue ZQ if required: zq_calib_short, bit 4 */
/* polling zq_calib_short_busy */
diff --git a/plat/imx/imx8m/gpc_common.c b/plat/imx/imx8m/gpc_common.c
index e674d7a..32a35ef 100644
--- a/plat/imx/imx8m/gpc_common.c
+++ b/plat/imx/imx8m/gpc_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -29,6 +29,10 @@
#pragma weak imx_set_cpu_pwr_on
#pragma weak imx_set_cpu_lpm
#pragma weak imx_set_cluster_powerdown
+#pragma weak imx_set_sys_wakeup
+#pragma weak imx_noc_slot_config
+#pragma weak imx_gpc_handler
+#pragma weak imx_anamix_override
void imx_set_cpu_secure_entry(unsigned int core_id, uintptr_t sec_entrypoint)
{
@@ -211,7 +215,6 @@
}
}
-#pragma weak imx_noc_slot_config
/*
* this function only need to be override by platform
* that support noc power down, for example: imx8mm.
@@ -233,7 +236,7 @@
if (retention)
val |= (SLPCR_EN_DSM | SLPCR_VSTBY | SLPCR_SBYOS |
- SLPCR_BYPASS_PMIC_READY | SLPCR_A53_FASTWUP_STOP_MODE);
+ SLPCR_BYPASS_PMIC_READY);
mmio_write_32(IMX_GPC_BASE + SLPCR, val);
@@ -256,11 +259,6 @@
(0x3f << SLPCR_RBC_COUNT_SHIFT));
}
-struct pll_override {
- uint32_t reg;
- uint32_t override_mask;
-};
-
struct pll_override pll[MAX_PLL_NUM] = {
{.reg = 0x0, .override_mask = (1 << 12) | (1 << 8), },
{.reg = 0x14, .override_mask = (1 << 12) | (1 << 8), },
diff --git a/plat/imx/imx8m/imx8m_psci_common.c b/plat/imx/imx8m/imx8m_psci_common.c
index 8f545d6..48eb8a6 100644
--- a/plat/imx/imx8m/imx8m_psci_common.c
+++ b/plat/imx/imx8m/imx8m_psci_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,6 +24,7 @@
* reuse below ones.
*/
#pragma weak imx_validate_power_state
+#pragma weak imx_pwr_domain_off
#pragma weak imx_domain_suspend
#pragma weak imx_domain_suspend_finish
#pragma weak imx_get_sys_suspend_power_state
diff --git a/plat/imx/imx8m/imx8mm/platform.mk b/plat/imx/imx8m/imx8mm/platform.mk
index 7a42554..24582f8 100644
--- a/plat/imx/imx8m/imx8mm/platform.mk
+++ b/plat/imx/imx8m/imx8mm/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -101,7 +101,7 @@
$(eval $(call add_define,NEED_BL2))
LOAD_IMAGE_V2 := 1
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
endif
ifneq (${TRUSTED_BOARD_BOOT},0)
diff --git a/plat/imx/imx8m/imx8mp/include/platform_def.h b/plat/imx/imx8m/imx8mp/include/platform_def.h
index 14cb709..1281270 100644
--- a/plat/imx/imx8m/imx8mp/include/platform_def.h
+++ b/plat/imx/imx8m/imx8mp/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2020-2022 NXP
+ * Copyright 2020-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -112,7 +112,7 @@
#define IMX_DDRC_BASE U(0x3d400000)
#define IMX_DDRPHY_BASE U(0x3c000000)
#define IMX_DDR_IPS_BASE U(0x3d000000)
-#define IMX_DDR_IPS_SIZE U(0x1800000)
+#define IMX_DDR_IPS_SIZE U(0x1900000)
#define IMX_ROM_BASE U(0x0)
#define IMX_ROM_SIZE U(0x40000)
#define IMX_NS_OCRAM_BASE U(0x900000)
diff --git a/plat/imx/imx8m/imx8mp/platform.mk b/plat/imx/imx8m/imx8mp/platform.mk
index 5414c0a..1102316 100644
--- a/plat/imx/imx8m/imx8mp/platform.mk
+++ b/plat/imx/imx8m/imx8mp/platform.mk
@@ -98,7 +98,7 @@
$(eval $(call add_define,NEED_BL2))
LOAD_IMAGE_V2 := 1
# Non-TF Boot ROM
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
endif
ifneq (${TRUSTED_BOARD_BOOT},0)
diff --git a/plat/imx/imx8m/imx8mq/gpc.c b/plat/imx/imx8m/imx8mq/gpc.c
index fa83324..0a029d6 100644
--- a/plat/imx/imx8m/imx8mq/gpc.c
+++ b/plat/imx/imx8m/imx8mq/gpc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,14 +8,210 @@
#include <stdint.h>
#include <stdbool.h>
+#include <arch_helpers.h>
#include <common/debug.h>
#include <drivers/delay_timer.h>
#include <lib/mmio.h>
#include <lib/psci/psci.h>
-#include <platform_def.h>
+#include <lib/smccc.h>
+#include <lib/spinlock.h>
+#include <plat/common/platform.h>
#include <services/std_svc.h>
#include <gpc.h>
+#include <platform_def.h>
+
+#define FSL_SIP_CONFIG_GPC_MASK U(0x00)
+#define FSL_SIP_CONFIG_GPC_UNMASK U(0x01)
+#define FSL_SIP_CONFIG_GPC_SET_WAKE U(0x02)
+#define FSL_SIP_CONFIG_GPC_PM_DOMAIN U(0x03)
+#define FSL_SIP_CONFIG_GPC_SET_AFF U(0x04)
+#define FSL_SIP_CONFIG_GPC_CORE_WAKE U(0x05)
+
+#define MAX_HW_IRQ_NUM U(128)
+#define MAX_IMR_NUM U(4)
+
+static uint32_t gpc_saved_imrs[16];
+static uint32_t gpc_wake_irqs[4];
+static uint32_t gpc_imr_offset[] = {
+ IMX_GPC_BASE + IMR1_CORE0_A53,
+ IMX_GPC_BASE + IMR1_CORE1_A53,
+ IMX_GPC_BASE + IMR1_CORE2_A53,
+ IMX_GPC_BASE + IMR1_CORE3_A53,
+ IMX_GPC_BASE + IMR1_CORE0_M4,
+};
+
+spinlock_t gpc_imr_lock[4];
+
+static void gpc_imr_core_spin_lock(unsigned int core_id)
+{
+ spin_lock(&gpc_imr_lock[core_id]);
+}
+
+static void gpc_imr_core_spin_unlock(unsigned int core_id)
+{
+ spin_unlock(&gpc_imr_lock[core_id]);
+}
+
+static void gpc_save_imr_lpm(unsigned int core_id, unsigned int imr_idx)
+{
+ uint32_t reg = gpc_imr_offset[core_id] + imr_idx * 4;
+
+ gpc_imr_core_spin_lock(core_id);
+
+ gpc_saved_imrs[core_id + imr_idx * 4] = mmio_read_32(reg);
+ mmio_write_32(reg, ~gpc_wake_irqs[imr_idx]);
+
+ gpc_imr_core_spin_unlock(core_id);
+}
+
+static void gpc_restore_imr_lpm(unsigned int core_id, unsigned int imr_idx)
+{
+ uint32_t reg = gpc_imr_offset[core_id] + imr_idx * 4;
+ uint32_t val = gpc_saved_imrs[core_id + imr_idx * 4];
+
+ gpc_imr_core_spin_lock(core_id);
+
+ mmio_write_32(reg, val);
+
+ gpc_imr_core_spin_unlock(core_id);
+}
+
+/*
+ * On i.MX8MQ, only in system suspend mode, the A53 cluster can
+ * enter LPM mode and shutdown the A53 PLAT power domain. So LPM
+ * wakeup only used for system suspend. when system enter suspend,
+ * any A53 CORE can be the last core to suspend the system, But
+ * the LPM wakeup can only use the C0's IMR to wakeup A53 cluster
+ * from LPM, so save C0's IMRs before suspend, restore back after
+ * resume.
+ */
+void imx_set_sys_wakeup(unsigned int last_core, bool pdn)
+{
+ unsigned int imr, core;
+
+ if (pdn) {
+ for (imr = 0U; imr < MAX_IMR_NUM; imr++) {
+ for (core = 0U; core < PLATFORM_CORE_COUNT; core++) {
+ gpc_save_imr_lpm(core, imr);
+ }
+ }
+ } else {
+ for (imr = 0U; imr < MAX_IMR_NUM; imr++) {
+ for (core = 0U; core < PLATFORM_CORE_COUNT; core++) {
+ gpc_restore_imr_lpm(core, imr);
+ }
+ }
+ }
+}
+
+static void imx_gpc_hwirq_mask(unsigned int hwirq)
+{
+ uintptr_t reg;
+ unsigned int val;
+
+ if (hwirq >= MAX_HW_IRQ_NUM) {
+ return;
+ }
+
+ gpc_imr_core_spin_lock(0);
+ reg = gpc_imr_offset[0] + (hwirq / 32) * 4;
+ val = mmio_read_32(reg);
+ val |= 1 << hwirq % 32;
+ mmio_write_32(reg, val);
+ gpc_imr_core_spin_unlock(0);
+}
+
+static void imx_gpc_hwirq_unmask(unsigned int hwirq)
+{
+ uintptr_t reg;
+ unsigned int val;
+
+ if (hwirq >= MAX_HW_IRQ_NUM) {
+ return;
+ }
+
+ gpc_imr_core_spin_lock(0);
+ reg = gpc_imr_offset[0] + (hwirq / 32) * 4;
+ val = mmio_read_32(reg);
+ val &= ~(1 << hwirq % 32);
+ mmio_write_32(reg, val);
+ gpc_imr_core_spin_unlock(0);
+}
+
+static void imx_gpc_set_wake(uint32_t hwirq, bool on)
+{
+ uint32_t mask, idx;
+
+ if (hwirq >= MAX_HW_IRQ_NUM) {
+ return;
+ }
+
+ mask = 1 << hwirq % 32;
+ idx = hwirq / 32;
+ gpc_wake_irqs[idx] = on ? gpc_wake_irqs[idx] | mask :
+ gpc_wake_irqs[idx] & ~mask;
+}
+
+static void imx_gpc_mask_irq0(uint32_t core_id, uint32_t mask)
+{
+ gpc_imr_core_spin_lock(core_id);
+ if (mask) {
+ mmio_setbits_32(gpc_imr_offset[core_id], 1);
+ } else {
+ mmio_clrbits_32(gpc_imr_offset[core_id], 1);
+ }
+
+ dsb();
+ gpc_imr_core_spin_unlock(core_id);
+}
+
+void imx_gpc_core_wake(uint32_t cpumask)
+{
+ for (int i = 0; i < PLATFORM_CORE_COUNT; i++) {
+ if (cpumask & (1 << i)) {
+ imx_gpc_mask_irq0(i, false);
+ }
+ }
+}
+
+void imx_gpc_set_a53_core_awake(uint32_t core_id)
+{
+ imx_gpc_mask_irq0(core_id, true);
+}
+
+static void imx_gpc_set_affinity(uint32_t hwirq, unsigned int cpu_idx)
+{
+ uintptr_t reg;
+ unsigned int val;
+
+ if (hwirq >= MAX_HW_IRQ_NUM || cpu_idx >= 4) {
+ return;
+ }
+
+ /*
+ * using the mask/unmask bit as affinity function.unmask the
+ * IMR bit to enable IRQ wakeup for this core.
+ */
+ gpc_imr_core_spin_lock(cpu_idx);
+ reg = gpc_imr_offset[cpu_idx] + (hwirq / 32) * 4;
+ val = mmio_read_32(reg);
+ val &= ~(1 << hwirq % 32);
+ mmio_write_32(reg, val);
+ gpc_imr_core_spin_unlock(cpu_idx);
+
+ /* clear affinity of other core */
+ for (int i = 0; i < PLATFORM_CORE_COUNT; i++) {
+ if (cpu_idx != i) {
+ gpc_imr_core_spin_lock(i);
+ reg = gpc_imr_offset[i] + (hwirq / 32) * 4;
+ val = mmio_read_32(reg);
+ val |= (1 << hwirq % 32);
+ mmio_write_32(reg, val);
+ gpc_imr_core_spin_unlock(i);
+ }
+ }
+}
/* use wfi power down the core */
void imx_set_cpu_pwr_off(unsigned int core_id)
@@ -65,7 +261,7 @@
mmio_setbits_32(IMX_GPC_BASE + SLTx_CFG(2), SLT_COREx_PUP(last_core));
/* ACK setting: PLAT ACK for PDN, CORE ACK for PUP */
mmio_clrsetbits_32(IMX_GPC_BASE + PGC_ACK_SEL_A53, 0xFFFFFFFF,
- A53_PLAT_PDN_ACK | A53_PLAT_PUP_ACK);
+ A53_PLAT_PDN_ACK | SLT_COREx_PUP_ACK(last_core));
} else {
mmio_clrbits_32(IMX_GPC_BASE + SLTx_CFG(0), 0xFFFFFFFF);
mmio_clrbits_32(IMX_GPC_BASE + SLTx_CFG(1), 0xFFFFFFFF);
@@ -124,26 +320,89 @@
}
}
+#define MAX_PLL_NUM U(12)
+
+static const struct pll_override imx8mq_pll[MAX_PLL_NUM] = {
+ {.reg = 0x0, .override_mask = 0x140000, },
+ {.reg = 0x8, .override_mask = 0x140000, },
+ {.reg = 0x10, .override_mask = 0x140000, },
+ {.reg = 0x18, .override_mask = 0x140000, },
+ {.reg = 0x20, .override_mask = 0x140000, },
+ {.reg = 0x28, .override_mask = 0x140000, },
+ {.reg = 0x30, .override_mask = 0x1555540, },
+ {.reg = 0x3c, .override_mask = 0x1555540, },
+ {.reg = 0x48, .override_mask = 0x140, },
+ {.reg = 0x54, .override_mask = 0x140, },
+ {.reg = 0x60, .override_mask = 0x140, },
+ {.reg = 0x70, .override_mask = 0xa, },
+};
+
+void imx_anamix_override(bool enter)
+{
+ unsigned int i;
+
+ /* enable the pll override bit before entering DSM mode */
+ for (i = 0; i < MAX_PLL_NUM; i++) {
+ if (enter) {
+ mmio_setbits_32(IMX_ANAMIX_BASE + imx8mq_pll[i].reg,
+ imx8mq_pll[i].override_mask);
+ } else {
+ mmio_clrbits_32(IMX_ANAMIX_BASE + imx8mq_pll[i].reg,
+ imx8mq_pll[i].override_mask);
+ }
+ }
+}
+
+int imx_gpc_handler(uint32_t smc_fid,
+ u_register_t x1,
+ u_register_t x2,
+ u_register_t x3)
+{
+ switch (x1) {
+ case FSL_SIP_CONFIG_GPC_CORE_WAKE:
+ imx_gpc_core_wake(x2);
+ break;
+ case FSL_SIP_CONFIG_GPC_SET_WAKE:
+ imx_gpc_set_wake(x2, x3);
+ break;
+ case FSL_SIP_CONFIG_GPC_MASK:
+ imx_gpc_hwirq_mask(x2);
+ break;
+ case FSL_SIP_CONFIG_GPC_UNMASK:
+ imx_gpc_hwirq_unmask(x2);
+ break;
+ case FSL_SIP_CONFIG_GPC_SET_AFF:
+ imx_gpc_set_affinity(x2, x3);
+ break;
+ default:
+ return SMC_UNK;
+ }
+
+ return 0;
+}
+
void imx_gpc_init(void)
{
uint32_t val;
- int i;
+ unsigned int i, j;
+
/* mask all the interrupt by default */
- for (i = 0; i < 4; i++) {
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE0_A53 + i * 4, ~0x0);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE1_A53 + i * 4, ~0x0);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE2_A53 + i * 4, ~0x0);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE3_A53 + i * 4, ~0x0);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE0_M4 + i * 4, ~0x0);
+ for (i = 0U; i < PLATFORM_CORE_COUNT; i++) {
+ for (j = 0U; j < ARRAY_SIZE(gpc_imr_offset); j++) {
+ mmio_write_32(gpc_imr_offset[j] + i * 4, ~0x0);
+ }
}
+
/* Due to the hardware design requirement, need to make
* sure GPR interrupt(#32) is unmasked during RUN mode to
* avoid entering DSM mode by mistake.
*/
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE0_A53, 0xFFFFFFFE);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE1_A53, 0xFFFFFFFE);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE2_A53, 0xFFFFFFFE);
- mmio_write_32(IMX_GPC_BASE + IMR1_CORE3_A53, 0xFFFFFFFE);
+ for (i = 0U; i < PLATFORM_CORE_COUNT; i++) {
+ mmio_write_32(gpc_imr_offset[i], ~0x1);
+ }
+
+ /* leave the IOMUX_GPC bit 12 on for core wakeup */
+ mmio_setbits_32(IMX_IOMUX_GPR_BASE + 0x4, 1 << 12);
/* use external IRQs to wakeup C0~C3 from LPM */
val = mmio_read_32(IMX_GPC_BASE + LPCR_A53_BSC);
diff --git a/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c b/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
index 4706c20..661f8e2 100644
--- a/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
+++ b/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,6 +21,7 @@
#include <lib/xlat_tables/xlat_tables_v2.h>
#include <plat/common/platform.h>
+#include <dram.h>
#include <gpc.h>
#include <imx_aipstz.h>
#include <imx_uart.h>
@@ -34,6 +35,8 @@
MAP_REGION_FLAT(IMX_ROM_BASE, IMX_ROM_SIZE, MT_MEMORY | MT_RO), /* ROM map */
MAP_REGION_FLAT(IMX_AIPS_BASE, IMX_AIPS_SIZE, MT_DEVICE | MT_RW), /* AIPS map */
MAP_REGION_FLAT(IMX_GIC_BASE, IMX_GIC_SIZE, MT_DEVICE | MT_RW), /* GIC map */
+ MAP_REGION_FLAT(IMX_DDRPHY_BASE, IMX_DDR_IPS_SIZE, MT_DEVICE | MT_RW), /* DDRMIX map */
+ MAP_REGION_FLAT(IMX_DRAM_BASE, IMX_DRAM_SIZE, MT_MEMORY | MT_RW | MT_NS),
{0},
};
@@ -82,7 +85,11 @@
ocotp_val = mmio_read_32(IMX_OCOTP_BASE + OCOTP_SOC_INFO_B1);
if (ocotp_val == 0xff0055aa) {
imx_soc_revision &= ~0xff;
- imx_soc_revision |= 0x21;
+ if (rom_version == 0x22) {
+ imx_soc_revision |= 0x22;
+ } else {
+ imx_soc_revision |= 0x21;
+ }
return;
}
}
@@ -208,6 +215,8 @@
/* gpc init */
imx_gpc_init();
+
+ dram_info_init(SAVED_DRAM_TIMING_BASE);
}
entry_point_info_t *bl31_plat_get_next_image_ep_info(unsigned int type)
diff --git a/plat/imx/imx8m/imx8mq/imx8mq_psci.c b/plat/imx/imx8m/imx8mq/imx8mq_psci.c
index 01582af..3375ce7 100644
--- a/plat/imx/imx8m/imx8mq/imx8mq_psci.c
+++ b/plat/imx/imx8m/imx8mq/imx8mq_psci.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,9 +9,11 @@
#include <arch.h>
#include <arch_helpers.h>
#include <common/debug.h>
+#include <drivers/delay_timer.h>
#include <lib/mmio.h>
#include <lib/psci/psci.h>
+#include <dram.h>
#include <gpc.h>
#include <imx8m_psci.h>
#include <plat_imx8.h>
@@ -39,6 +41,21 @@
return PSCI_E_SUCCESS;
}
+void imx_pwr_domain_off(const psci_power_state_t *target_state)
+{
+ uint64_t mpidr = read_mpidr_el1();
+ unsigned int core_id = MPIDR_AFFLVL0_VAL(mpidr);
+
+ plat_gic_cpuif_disable();
+ imx_set_cpu_pwr_off(core_id);
+
+ /*
+ * TODO: Find out why this is still
+ * needed in order not to break suspend
+ */
+ udelay(50);
+}
+
void imx_domain_suspend(const psci_power_state_t *target_state)
{
uint64_t base_addr = BL31_START;
@@ -57,12 +74,14 @@
}
if (is_local_state_off(CLUSTER_PWR_STATE(target_state)))
- imx_set_cluster_powerdown(core_id, true);
+ imx_set_cluster_powerdown(core_id, CLUSTER_PWR_STATE(target_state));
else
imx_set_cluster_standby(true);
if (is_local_state_retn(SYSTEM_PWR_STATE(target_state))) {
imx_set_sys_lpm(core_id, true);
+ dram_enter_retention();
+ imx_anamix_override(true);
}
}
@@ -73,18 +92,22 @@
/* check the system level status */
if (is_local_state_retn(SYSTEM_PWR_STATE(target_state))) {
+ imx_anamix_override(false);
+ dram_exit_retention();
imx_set_sys_lpm(core_id, false);
imx_clear_rbc_count();
}
/* check the cluster level power status */
if (is_local_state_off(CLUSTER_PWR_STATE(target_state)))
- imx_set_cluster_powerdown(core_id, false);
+ imx_set_cluster_powerdown(core_id, PSCI_LOCAL_STATE_RUN);
else
imx_set_cluster_standby(false);
/* check the core level power status */
if (is_local_state_off(CORE_PWR_STATE(target_state))) {
+ /* mark this core as awake by masking IRQ0 */
+ imx_gpc_set_a53_core_awake(core_id);
/* clear the core lpm setting */
imx_set_cpu_lpm(core_id, false);
/* enable the gic cpu interface */
diff --git a/plat/imx/imx8m/imx8mq/include/platform_def.h b/plat/imx/imx8m/imx8mq/include/platform_def.h
index bb57074..2526a02 100644
--- a/plat/imx/imx8m/imx8mq/include/platform_def.h
+++ b/plat/imx/imx8m/imx8mq/include/platform_def.h
@@ -4,6 +4,7 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <lib/utils_def.h>
#include <plat/common/common_def.h>
#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64"
@@ -82,6 +83,9 @@
#define IMX_DDRC_BASE U(0x3d400000)
#define IMX_DDRPHY_BASE U(0x3c000000)
#define IMX_DDR_IPS_BASE U(0x3d000000)
+#define IMX_DDR_IPS_SIZE U(0x1800000)
+#define IMX_DRAM_BASE U(0x40000000)
+#define IMX_DRAM_SIZE U(0xc0000000)
#define IMX_ROM_BASE U(0x00000000)
#define IMX_ROM_SIZE U(0x20000)
@@ -119,6 +123,12 @@
#define SNVS_LPCR_DP_EN BIT(5)
#define SNVS_LPCR_TOP BIT(6)
+#define SAVED_DRAM_TIMING_BASE U(0x40000000)
+
+#define HW_DRAM_PLL_CFG0 (IMX_ANAMIX_BASE + 0x60)
+#define HW_DRAM_PLL_CFG1 (IMX_ANAMIX_BASE + 0x64)
+#define HW_DRAM_PLL_CFG2 (IMX_ANAMIX_BASE + 0x68)
+#define DRAM_PLL_CTRL HW_DRAM_PLL_CFG0
#define IOMUXC_GPR10 U(0x28)
#define GPR_TZASC_EN BIT(0)
diff --git a/plat/imx/imx8m/imx8mq/platform.mk b/plat/imx/imx8m/imx8mq/platform.mk
index 901a974..b1c189f 100644
--- a/plat/imx/imx8m/imx8mq/platform.mk
+++ b/plat/imx/imx8m/imx8mq/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -14,6 +14,12 @@
# Include GICv3 driver files
include drivers/arm/gic/v3/gicv3.mk
+IMX_DRAM_SOURCES := plat/imx/imx8m/ddr/dram.c \
+ plat/imx/imx8m/ddr/clock.c \
+ plat/imx/imx8m/ddr/dram_retention.c \
+ plat/imx/imx8m/ddr/ddr4_dvfs.c \
+ plat/imx/imx8m/ddr/lpddr4_dvfs.c
+
IMX_GIC_SOURCES := ${GICV3_SOURCES} \
plat/common/plat_gicv3.c \
plat/common/plat_psci_common.c \
@@ -36,12 +42,14 @@
drivers/delay_timer/delay_timer.c \
drivers/delay_timer/generic_delay_timer.c \
${XLAT_TABLES_LIB_SRCS} \
+ ${IMX_DRAM_SOURCES} \
${IMX_GIC_SOURCES}
ENABLE_PIE := 1
USE_COHERENT_MEM := 1
RESET_TO_BL31 := 1
A53_DISABLE_NON_TEMPORAL_HINT := 0
+WARMBOOT_ENABLE_DCACHE_EARLY := 1
ERRATA_A53_835769 := 1
ERRATA_A53_843419 := 1
diff --git a/plat/imx/imx8m/include/dram.h b/plat/imx/imx8m/include/dram.h
index ad11a27..719c390 100644
--- a/plat/imx/imx8m/include/dram.h
+++ b/plat/imx/imx8m/include/dram.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2019-2022 NXP
+ * Copyright 2019-2023 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +20,13 @@
#define DDRC_DDR3L BIT(0)
#define DDR_TYPE_MASK U(0x3f)
#define ACTIVE_RANK_MASK U(0x3)
+#define DDRC_ACTIVE_ONE_RANK U(0x1)
+#define DDRC_ACTIVE_TWO_RANK U(0x2)
+
+#define MR12 U(12)
+#define MR14 U(14)
+
+#define MAX_FSP_NUM U(3)
/* reg & config param */
struct dram_cfg_param {
@@ -57,6 +64,8 @@
struct dram_timing_info *timing_info;
/* mr, emr, emr2, emr3, mr11, mr12, mr22, mr14 */
uint32_t mr_table[3][8];
+ /* used for workaround for rank to rank issue */
+ uint32_t rank_setting[3][3];
};
extern struct dram_info dram_info;
diff --git a/plat/imx/imx8m/include/gpc.h b/plat/imx/imx8m/include/gpc.h
index a41030e..8eb3e06 100644
--- a/plat/imx/imx8m/include/gpc.h
+++ b/plat/imx/imx8m/include/gpc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,6 +24,7 @@
#define COREx_LPM_PUP(core_id) ((core_id) < 2 ? (1 << ((core_id) * 2 + 9)) : (1 << ((core_id) * 2 + 21)))
#define SLTx_CFG(n) ((SLT0_CFG + ((n) * 4)))
#define SLT_COREx_PUP(core_id) (0x2 << ((core_id) * 2))
+#define SLT_COREx_PUP_ACK(core_id) ((core_id) < 2 ? (1 << ((core_id) + 16)) : (1 << ((core_id) + 27)))
#define IMR_MASK_ALL 0xffffffff
@@ -54,6 +55,11 @@
bool always_on;
};
+struct pll_override {
+ uint32_t reg;
+ uint32_t override_mask;
+};
+
DECLARE_BAKERY_LOCK(gpc_lock);
/* function declare */
@@ -72,4 +78,9 @@
void imx_anamix_override(bool enter);
void imx_gpc_pm_domain_enable(uint32_t domain_id, bool on);
+#if defined(PLAT_imx8mq)
+void imx_gpc_set_a53_core_awake(uint32_t core_id);
+void imx_gpc_core_wake(uint32_t cpumask);
+#endif
+
#endif /*IMX8M_GPC_H */
diff --git a/plat/intel/soc/agilex/platform.mk b/plat/intel/soc/agilex/platform.mk
index a1e58fc..e9fa666 100644
--- a/plat/intel/soc/agilex/platform.mk
+++ b/plat/intel/soc/agilex/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -77,7 +77,7 @@
plat/intel/soc/common/soc/socfpga_reset_manager.c
PROGRAMMABLE_RESET_ADDRESS := 0
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
BL2_INV_DCACHE := 0
MULTI_CONSOLE_API := 1
USE_COHERENT_MEM := 1
diff --git a/plat/intel/soc/n5x/platform.mk b/plat/intel/soc/n5x/platform.mk
index be1ad8c..4f3da4e 100644
--- a/plat/intel/soc/n5x/platform.mk
+++ b/plat/intel/soc/n5x/platform.mk
@@ -46,7 +46,7 @@
plat/intel/soc/common/soc/socfpga_reset_manager.c
PROGRAMMABLE_RESET_ADDRESS := 0
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
BL2_INV_DCACHE := 0
MULTI_CONSOLE_API := 1
USE_COHERENT_MEM := 1
diff --git a/plat/intel/soc/stratix10/platform.mk b/plat/intel/soc/stratix10/platform.mk
index b7eb4bd..6bc96fb 100644
--- a/plat/intel/soc/stratix10/platform.mk
+++ b/plat/intel/soc/stratix10/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
# Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -76,5 +76,5 @@
plat/intel/soc/common/soc/socfpga_reset_manager.c
PROGRAMMABLE_RESET_ADDRESS := 0
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
USE_COHERENT_MEM := 1
diff --git a/plat/marvell/armada/a8k/common/ble/ble.ld.S b/plat/marvell/armada/a8k/common/ble/ble.ld.S
index d7a0592..446849b 100644
--- a/plat/marvell/armada/a8k/common/ble/ble.ld.S
+++ b/plat/marvell/armada/a8k/common/ble/ble.ld.S
@@ -19,7 +19,7 @@
{
. = BLE_BASE;
- ro . : {
+ .ro . : {
__RO_START__ = .;
*ble_main.o(.entry*)
*(.text*)
@@ -40,9 +40,9 @@
__DATA_END__ = .;
} >RAM
- stacks . (NOLOAD) : {
+ .stacks . (NOLOAD) : {
__STACKS_START__ = .;
- *(tzfw_normal_stacks)
+ *(.tzfw_normal_stacks)
__STACKS_END__ = .;
} >RAM
diff --git a/plat/marvell/armada/a8k/common/ble/ble.mk b/plat/marvell/armada/a8k/common/ble/ble.mk
index 160e98f..752ab41 100644
--- a/plat/marvell/armada/a8k/common/ble/ble.mk
+++ b/plat/marvell/armada/a8k/common/ble/ble.mk
@@ -21,7 +21,7 @@
-I$(CURDIR)/include/lib/libc \
-I$(CURDIR)/include/lib/libc/aarch64
-BLE_LINKERFILE := $(BLE_PATH)/ble.ld.S
+BLE_DEFAULT_LINKER_SCRIPT_SOURCE := $(BLE_PATH)/ble.ld.S
BLE_OBJS := $(addprefix $(BUILD_PLAT)/ble/,$(call SOURCES_TO_OBJS,$(BLE_SOURCES)))
$(BLE_OBJS): PLAT_INCLUDES += -I$(MV_DDR_PATH)
diff --git a/plat/marvell/armada/common/marvell_gicv3.c b/plat/marvell/armada/common/marvell_gicv3.c
index 0bd5545..5419506 100644
--- a/plat/marvell/armada/common/marvell_gicv3.c
+++ b/plat/marvell/armada/common/marvell_gicv3.c
@@ -38,8 +38,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory
*/
-static gicv3_redist_ctx_t rdist_ctx __section("arm_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("arm_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".arm_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".arm_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/mediatek/build_helpers/mtk_build_helpers.mk b/plat/mediatek/build_helpers/mtk_build_helpers.mk
index fc3876e..83a4dd2 100644
--- a/plat/mediatek/build_helpers/mtk_build_helpers.mk
+++ b/plat/mediatek/build_helpers/mtk_build_helpers.mk
@@ -61,31 +61,6 @@
$(eval $(call uppercase,$(2))_SOURCES += $(1))
endef
-# MAKE_LINKERFILE change linker script source file name to
-# target linker script
-# $(1) = linker script source file
-# $(2) = BL stage
-define MAKE_LINKERFILE
-$(eval EXTRA_GENERATED_LINKER_SCRIPT += $(BUILD_PLAT)/$(2)/$(patsubst %.ld.S,%.ld,$(notdir $(1))))
-endef
-
-# MAKE_LINKERFILE_ITER call MAKE_LINKERFILE iteratively
-# $(1) = linker script source file
-# $(2) = BL stage
-define MAKE_LINKERFILE_ITER
-$(eval $(foreach link_src,$(1),$(call MAKE_LINKERFILE,$(link_src),$(2))))
-endef
-
-# MAKE_LD_ITER generate the linker scripts using the C preprocessor iteratively
-# $(1) = output linker script
-# $(2) = input template
-# $(3) = BL stage (1, 2, 2u, 31, 32)
-define MAKE_LD_ITER
-$(eval index_list=$(shell seq $(words $(1))))
-$(eval $(foreach i, $(index_list), \
-$(call MAKE_LD,$(word $(i), $(1)), $(word $(i), $(2)),$(3))))
-endef
-
# MAKE_MODULE reference MAKE_OBJS.
# Create module folder under out/bl$(BL)/$(module)
# Arguments:
diff --git a/plat/mediatek/build_helpers/mtk_build_helpers_epilogue.mk b/plat/mediatek/build_helpers/mtk_build_helpers_epilogue.mk
index 22a546c..4fed41f 100644
--- a/plat/mediatek/build_helpers/mtk_build_helpers_epilogue.mk
+++ b/plat/mediatek/build_helpers/mtk_build_helpers_epilogue.mk
@@ -9,22 +9,7 @@
# Make next section align to page size
ifneq ($(MTK_EXTRA_LINKERFILE),)
-$(eval $(call MAKE_LINKERFILE_ITER,$(MTK_LINKERFILE_SOURCE),bl31))
-
-# EXTRA_GENERATED_LINKER_SCRIPT is a global variable of derived linker
-# script list(from MTK_LINKERFILE_SOURCE) after MAKE_LINKERFILE_ITER
-# function call
-EXTRA_LINKERFILE += ${EXTRA_GENERATED_LINKER_SCRIPT}
-
-# Expand derived linker script as build target
-$(eval $(call MAKE_LD_ITER, $(EXTRA_GENERATED_LINKER_SCRIPT),$(MTK_LINKERFILE_SOURCE),bl31))
-
-# mtk_align.ld MUST BE THE LAST LINKER SCRIPT!
-EXTRA_LINKERFILE += ${MTK_PLAT}/include/mtk_align.ld
-
-# bl31.ld should depend on EXTRA_LINKERFILE
-$(eval ${BUILD_PLAT}/bl31/bl31.ld: ${EXTRA_LINKERFILE})
-EXTRA_LINKERFILE := $(addprefix -T,$(EXTRA_LINKERFILE))
-else
-EXTRA_LINKERFILE :=
+ # mtk_align.ld MUST BE THE LAST LINKER SCRIPT!
+ BL31_LINKER_SCRIPT_SOURCES += $(MTK_LINKERFILE_SOURCE)
+ BL31_LINKER_SCRIPT_SOURCES += ${MTK_PLAT}/include/mtk_align.ld
endif
diff --git a/plat/mediatek/common/mtk_smc_handlers.c b/plat/mediatek/common/mtk_smc_handlers.c
index 92b3873..a8a5a48 100644
--- a/plat/mediatek/common/mtk_smc_handlers.c
+++ b/plat/mediatek/common/mtk_smc_handlers.c
@@ -72,7 +72,7 @@
}
#define SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX(_smc_id, _smc_num) \
- short _smc_id##_descriptor_index __section("mtk_plat_ro") = -1;
+ short _smc_id##_descriptor_index __section(".mtk_plat_ro") = -1;
MTK_SIP_SMC_FROM_BL33_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX);
MTK_SIP_SMC_FROM_NS_EL1_TABLE(SMC_ID_EXPAND_AS_DESCRIPTOR_INDEX);
diff --git a/plat/mediatek/include/plat.ld.rodata.inc b/plat/mediatek/include/plat.ld.rodata.inc
index 06ad491..e766472 100644
--- a/plat/mediatek/include/plat.ld.rodata.inc
+++ b/plat/mediatek/include/plat.ld.rodata.inc
@@ -25,6 +25,6 @@
__MTK_SMC_POOL_END_UNALIGNED__ = .;
. = ALIGN(8);
#include <vendor_pubsub_events.h>
- *(mtk_plat_ro)
+ *(.mtk_plat_ro)
#endif /* PLAT_LD_RODATA_INC */
diff --git a/plat/mediatek/mt8173/drivers/spm/spm.c b/plat/mediatek/mt8173/drivers/spm/spm.c
index 1caab3b..8980e07 100644
--- a/plat/mediatek/mt8173/drivers/spm/spm.c
+++ b/plat/mediatek/mt8173/drivers/spm/spm.c
@@ -29,9 +29,9 @@
DEFINE_BAKERY_LOCK(spm_lock);
-static int spm_hotplug_ready __section("tzfw_coherent_mem");
-static int spm_mcdi_ready __section("tzfw_coherent_mem");
-static int spm_suspend_ready __section("tzfw_coherent_mem");
+static int spm_hotplug_ready __section(".tzfw_coherent_mem");
+static int spm_mcdi_ready __section(".tzfw_coherent_mem");
+static int spm_suspend_ready __section(".tzfw_coherent_mem");
void spm_lock_init(void)
{
diff --git a/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
index 0103612..efcf87f 100644
--- a/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c
@@ -62,7 +62,7 @@
#define MCDI_INIT_2 U(2)
#define MCDI_INIT_DONE U(3)
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
index 1635b67..765c7b2 100644
--- a/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c
@@ -63,7 +63,7 @@
#define MCDI_INIT_2 2
#define MCDI_INIT_DONE 3
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c b/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
index c14e83b..f7dfec3 100644
--- a/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
+++ b/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c
@@ -63,7 +63,7 @@
#define MCDI_INIT_2 2
#define MCDI_INIT_DONE 3
-static int mcdi_init_status __section("tzfw_coherent_mem");
+static int mcdi_init_status __section(".tzfw_coherent_mem");
static inline uint32_t mcdi_mbox_read(uint32_t id)
{
diff --git a/plat/nvidia/tegra/common/tegra_platform.c b/plat/nvidia/tegra/common/tegra_platform.c
index f3aa3ea..6d736b5 100644
--- a/plat/nvidia/tegra/common/tegra_platform.c
+++ b/plat/nvidia/tegra/common/tegra_platform.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
- * Copyright (c) 2020-2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2020-2023, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -272,10 +272,12 @@
*/
int32_t plat_get_soc_version(void)
{
- uint32_t chip_id = ((tegra_get_chipid() >> CHIP_ID_SHIFT) & CHIP_ID_MASK);
+ uint32_t chip_id = (tegra_get_chipid() >> CHIP_ID_SHIFT) & CHIP_ID_MASK;
+ uint32_t major_rev = tegra_get_chipid_major();
uint32_t manfid = SOC_ID_SET_JEP_106(JEDEC_NVIDIA_BKID, JEDEC_NVIDIA_MFID);
- return (int32_t)(manfid | (chip_id & SOC_ID_IMPL_DEF_MASK));
+ return (int32_t)(manfid | (((chip_id << MAJOR_VERSION_SHIFT) | major_rev) &
+ SOC_ID_IMPL_DEF_MASK));
}
/*
diff --git a/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c b/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c
index 8f55554..4c9f4af 100644
--- a/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c
+++ b/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c
@@ -84,7 +84,7 @@
void tegra_fc_ccplex_pgexit_lock(void)
{
unsigned int i, cpu = read_mpidr() & MPIDR_CPU_MASK;
- uint32_t flags = tegra_fc_read_32(FLOWCTRL_FC_SEQ_INTERCEPT) & ~INTERCEPT_IRQ_PENDING;;
+ uint32_t flags = tegra_fc_read_32(FLOWCTRL_FC_SEQ_INTERCEPT) & ~INTERCEPT_IRQ_PENDING;
uint32_t icept_cpu_flags[] = {
INTERCEPT_EXIT_PG_CORE0,
INTERCEPT_EXIT_PG_CORE1,
diff --git a/plat/nvidia/tegra/drivers/pmc/pmc.c b/plat/nvidia/tegra/drivers/pmc/pmc.c
index 6c5a73b..e70e7a6 100644
--- a/plat/nvidia/tegra/drivers/pmc/pmc.c
+++ b/plat/nvidia/tegra/drivers/pmc/pmc.c
@@ -103,7 +103,7 @@
bool tegra_pmc_is_last_on_cpu(void)
{
int i, cpu = read_mpidr() & MPIDR_CPU_MASK;
- uint32_t val = tegra_pmc_read_32(PMC_PWRGATE_STATUS);;
+ uint32_t val = tegra_pmc_read_32(PMC_PWRGATE_STATUS);
bool status = true;
/* check if this is the last standing CPU */
diff --git a/plat/nvidia/tegra/platform.mk b/plat/nvidia/tegra/platform.mk
index 6ed1cdf..2365564 100644
--- a/plat/nvidia/tegra/platform.mk
+++ b/plat/nvidia/tegra/platform.mk
@@ -90,8 +90,8 @@
# o resolve undefined symbols to el3_panic
# o include only required sections
TF_LDFLAGS += --diag_suppress=L6314,L6332 --no_scanlib --callgraph
-TF_LDFLAGS += --keep="*(__pubsub*)" --keep="*(rt_svc_descs*)" --keep="*(*cpu_ops)"
+TF_LDFLAGS += --keep="*(.__pubsub*)" --keep="*(.rt_svc_descs*)" --keep="*(.cpu_ops)"
ifeq (${ENABLE_PMF},1)
-TF_LDFLAGS += --keep="*(*pmf_svc_descs*)"
+TF_LDFLAGS += --keep="*(.pmf_svc_descs*)"
endif
endif
diff --git a/plat/nvidia/tegra/scat/bl31.scat b/plat/nvidia/tegra/scat/bl31.scat
index 2d6d2b3..fdd6e33 100644
--- a/plat/nvidia/tegra/scat/bl31.scat
+++ b/plat/nvidia/tegra/scat/bl31.scat
@@ -48,14 +48,14 @@
/* Ensure 8-byte alignment for descriptors and ensure inclusion */
__RT_SVC_DESCS__ AlignExpr(ImageLimit(__RODATA__), 8) FIXED
{
- *(rt_svc_descs)
+ *(.rt_svc_descs)
}
#if ENABLE_PMF
/* Ensure 8-byte alignment for descriptors and ensure inclusion */
__PMF_SVC_DESCS__ AlignExpr(ImageLimit(__RT_SVC_DESCS__), 8) FIXED
{
- *(pmf_svc_descs)
+ *(.pmf_svc_descs)
}
#endif /* ENABLE_PMF */
@@ -65,7 +65,7 @@
*/
__CPU_OPS__ AlignExpr(+0, 8) FIXED
{
- *(cpu_ops)
+ *(.cpu_ops)
}
/*
@@ -150,7 +150,7 @@
{
__STACKS__ AlignExpr(+0, 64) FIXED
{
- *(tzfw_normal_stacks)
+ *(.tzfw_normal_stacks)
}
}
@@ -180,7 +180,7 @@
*/
__BAKERY_LOCKS__ AlignExpr(ImageLimit(__BSS__), CACHE_WRITEBACK_GRANULE) FIXED
{
- *(bakery_lock)
+ *(.bakery_lock)
}
__BAKERY_LOCKS_EPILOGUE__ AlignExpr(ImageLimit(__BAKERY_LOCKS__), CACHE_WRITEBACK_GRANULE) FIXED EMPTY 0
@@ -229,9 +229,9 @@
LR_XLAT_TABLE +0
{
- xlat_table +0 FIXED
+ .xlat_table +0 FIXED
{
- *(xlat_table)
+ *(.xlat_table)
}
}
@@ -251,8 +251,8 @@
*
* Each lock's data is contiguous and fully allocated by the compiler
*/
- *(bakery_lock)
- *(tzfw_coherent_mem)
+ *(.bakery_lock)
+ *(.tzfw_coherent_mem)
}
__COHERENT_RAM_EPILOGUE_UNALIGNED__ +0 FIXED EMPTY 0
diff --git a/plat/nvidia/tegra/soc/t186/drivers/mce/ari.c b/plat/nvidia/tegra/soc/t186/drivers/mce/ari.c
index a57bc11..6414e07 100644
--- a/plat/nvidia/tegra/soc/t186/drivers/mce/ari.c
+++ b/plat/nvidia/tegra/soc/t186/drivers/mce/ari.c
@@ -372,8 +372,8 @@
* StandbyWFI or the equivalent signal, and always keeping the IDLE
* voltage/frequency request register enabled.
*/
- val = (((freq & MCE_AUTO_CC3_FREQ_MASK) << MCE_AUTO_CC3_FREQ_SHIFT) |\
- ((volt & MCE_AUTO_CC3_VTG_MASK) << MCE_AUTO_CC3_VTG_SHIFT) |\
+ val = (((freq & MCE_AUTO_CC3_FREQ_MASK) << MCE_AUTO_CC3_FREQ_SHIFT) |
+ ((volt & MCE_AUTO_CC3_VTG_MASK) << MCE_AUTO_CC3_VTG_SHIFT) |
((enable != 0U) ? MCE_AUTO_CC3_ENABLE_BIT : 0U));
return ari_request_wait(ari_base, 0U,
diff --git a/plat/nvidia/tegra/soc/t186/drivers/mce/nvg.c b/plat/nvidia/tegra/soc/t186/drivers/mce/nvg.c
index cbc9aa3..1a48563 100644
--- a/plat/nvidia/tegra/soc/t186/drivers/mce/nvg.c
+++ b/plat/nvidia/tegra/soc/t186/drivers/mce/nvg.c
@@ -246,8 +246,8 @@
* StandbyWFI or the equivalent signal, and always keeping the IDLE
* voltage/frequency request register enabled.
*/
- val = (((freq & MCE_AUTO_CC3_FREQ_MASK) << MCE_AUTO_CC3_FREQ_SHIFT) |\
- ((volt & MCE_AUTO_CC3_VTG_MASK) << MCE_AUTO_CC3_VTG_SHIFT) |\
+ val = (((freq & MCE_AUTO_CC3_FREQ_MASK) << MCE_AUTO_CC3_FREQ_SHIFT) |
+ ((volt & MCE_AUTO_CC3_VTG_MASK) << MCE_AUTO_CC3_VTG_SHIFT) |
((enable != 0U) ? MCE_AUTO_CC3_ENABLE_BIT : 0U));
nvg_set_request_data((uint64_t)TEGRA_NVG_CHANNEL_CC3_CTRL, (uint64_t)val);
diff --git a/plat/nvidia/tegra/soc/t194/plat_ras.c b/plat/nvidia/tegra/soc/t194/plat_ras.c
index 02f6158..a9fed0a 100644
--- a/plat/nvidia/tegra/soc/t194/plat_ras.c
+++ b/plat/nvidia/tegra/soc/t194/plat_ras.c
@@ -249,7 +249,6 @@
* of range.
*/
*cookie = 0ULL;
- return;
}
/* Function to probe an error from error record group. */
diff --git a/plat/nvidia/tegra/soc/t194/plat_smmu.c b/plat/nvidia/tegra/soc/t194/plat_smmu.c
index 310e951..710d5c5 100644
--- a/plat/nvidia/tegra/soc/t194/plat_smmu.c
+++ b/plat/nvidia/tegra/soc/t194/plat_smmu.c
@@ -24,7 +24,7 @@
uint32_t plat_get_num_smmu_devices(void)
{
uint32_t ret_num = MAX_NUM_SMMU_DEVICES;
- uint32_t board_revid = ((tegra_misc_read_32(MISCREG_EMU_REVID) >> \
+ uint32_t board_revid = ((tegra_misc_read_32(MISCREG_EMU_REVID) >>
BOARD_SHIFT_BITS) & BOARD_MASK_BITS);
if (board_revid == BOARD_SYSTEM_FPGA_BASE) {
diff --git a/plat/nvidia/tegra/soc/t210/plat_sip_calls.c b/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
index e3484be..93d1283 100644
--- a/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
+++ b/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
- * Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2020-2023, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,6 +33,7 @@
/*******************************************************************************
* Tegra210 SiP SMCs
******************************************************************************/
+#define TEGRA_SIP_PMC_COMMANDS_LEGACY U(0xC2FEFE00)
#define TEGRA_SIP_PMC_COMMANDS U(0xC2FFFE00)
/*******************************************************************************
@@ -54,7 +55,7 @@
if (!ns)
SMC_RET1(handle, SMC_UNK);
- if (smc_fid == TEGRA_SIP_PMC_COMMANDS) {
+ if ((smc_fid == TEGRA_SIP_PMC_COMMANDS) || (smc_fid == TEGRA_SIP_PMC_COMMANDS_LEGACY)) {
/* check the address is within PMC range and is 4byte aligned */
if ((x2 >= TEGRA_PMC_SIZE) || (x2 & 0x3))
return -EINVAL;
diff --git a/plat/nxp/common/setup/common.mk b/plat/nxp/common/setup/common.mk
index 1fcf1d0..b7e16ae 100644
--- a/plat/nxp/common/setup/common.mk
+++ b/plat/nxp/common/setup/common.mk
@@ -7,7 +7,7 @@
###############################################################################
# Flow begins in BL2 at EL3 mode
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
# Though one core is powered up by default, there are
# platform specific ways to release more than one core
diff --git a/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S b/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S
index d2a48ea..a213594 100644
--- a/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S
+++ b/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S
@@ -44,7 +44,7 @@
func plat_reset_handler
mov x29, x30
-#if (defined(IMAGE_BL2) && BL2_AT_EL3)
+#if (defined(IMAGE_BL2) && RESET_TO_BL2)
bl l2_mem_init
#endif
bl apply_platform_errata
diff --git a/plat/qemu/qemu_sbsa/include/platform_def.h b/plat/qemu/qemu_sbsa/include/platform_def.h
index d971ebe..85fbb4d 100644
--- a/plat/qemu/qemu_sbsa/include/platform_def.h
+++ b/plat/qemu/qemu_sbsa/include/platform_def.h
@@ -364,8 +364,8 @@
* Name of the section to put the translation tables used by the S-EL1/S-EL0
* context of a Secure Partition.
*/
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "qemu_sp_xlat_table"
-#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME "qemu_sp_xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".qemu_sp_xlat_table"
+#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".qemu_sp_xlat_table"
/* Cookies passed to the Secure Partition at boot. Not used by QEMU platforms.*/
#define PLAT_SPM_COOKIE_0 ULL(0)
diff --git a/plat/renesas/common/aarch64/plat_helpers.S b/plat/renesas/common/aarch64/plat_helpers.S
index 21c3bed..a7fdfa0 100644
--- a/plat/renesas/common/aarch64/plat_helpers.S
+++ b/plat/renesas/common/aarch64/plat_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2021, Renesas Electronics Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -126,7 +126,7 @@
exit:
ret x9
_panic:
- b do_panic
+ b el3_panic
#endif
endfunc plat_get_my_entrypoint
diff --git a/plat/renesas/common/aarch64/platform_common.c b/plat/renesas/common/aarch64/platform_common.c
index b0a88cb..17ccb28 100644
--- a/plat/renesas/common/aarch64/platform_common.c
+++ b/plat/renesas/common/aarch64/platform_common.c
@@ -28,7 +28,7 @@
#endif
const uint8_t version_of_renesas[VERSION_OF_RENESAS_MAXLEN]
- __attribute__ ((__section__("ro"))) = VERSION_OF_RENESAS;
+ __attribute__ ((__section__(".ro"))) = VERSION_OF_RENESAS;
#define MAP_SHARED_RAM MAP_REGION_FLAT(RCAR_SHARED_MEM_BASE, \
RCAR_SHARED_MEM_SIZE, \
diff --git a/plat/renesas/common/common.mk b/plat/renesas/common/common.mk
index ca61f0e..25fbb2f 100644
--- a/plat/renesas/common/common.mk
+++ b/plat/renesas/common/common.mk
@@ -10,7 +10,7 @@
TRUSTED_BOARD_BOOT := 1
RESET_TO_BL31 := 1
GENERATE_COT := 1
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
ENABLE_SVE_FOR_NS := 0
MULTI_CONSOLE_API := 1
diff --git a/plat/rockchip/common/aarch32/plat_helpers.S b/plat/rockchip/common/aarch32/plat_helpers.S
index 475c297..9f49cbd 100644
--- a/plat/rockchip/common/aarch32/plat_helpers.S
+++ b/plat/rockchip/common/aarch32/plat_helpers.S
@@ -151,7 +151,7 @@
* Per-CPU Secure entry point - resume or power up
* --------------------------------------------------------------------
*/
- .section tzfw_coherent_mem, "a"
+ .section .tzfw_coherent_mem, "a"
.align 3
cpuson_entry_point:
.rept PLATFORM_CORE_COUNT
diff --git a/plat/rockchip/common/aarch64/plat_helpers.S b/plat/rockchip/common/aarch64/plat_helpers.S
index 4af052b..c4c0dec 100644
--- a/plat/rockchip/common/aarch64/plat_helpers.S
+++ b/plat/rockchip/common/aarch64/plat_helpers.S
@@ -150,7 +150,7 @@
* Per-CPU Secure entry point - resume or power up
* --------------------------------------------------------------------
*/
- .section tzfw_coherent_mem, "a"
+ .section .tzfw_coherent_mem, "a"
.align 3
cpuson_entry_point:
.rept PLATFORM_CORE_COUNT
diff --git a/plat/rockchip/px30/drivers/pmu/pmu.c b/plat/rockchip/px30/drivers/pmu/pmu.c
index 5f4e64f..8770b2e 100644
--- a/plat/rockchip/px30/drivers/pmu/pmu.c
+++ b/plat/rockchip/px30/drivers/pmu/pmu.c
@@ -45,7 +45,7 @@
static uint32_t cores_pd_cfg_info[PLATFORM_CORE_COUNT]
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;
@@ -101,7 +101,7 @@
static struct px30_sleep_ddr_data ddr_data
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;
diff --git a/plat/rockchip/rk3399/drivers/dp/cdn_dp.h b/plat/rockchip/rk3399/drivers/dp/cdn_dp.h
index c5cbae2..52c72d6 100644
--- a/plat/rockchip/rk3399/drivers/dp/cdn_dp.h
+++ b/plat/rockchip/rk3399/drivers/dp/cdn_dp.h
@@ -34,7 +34,7 @@
#define HDCP_KEY_1X_STORE_DATA_ALIGN_SIZE (6 * 64) / 8
/* Checks the cdn_dp_hdcp_key_1x must be aligned on 6 x 64-bit word boundary */
-CASSERT(sizeof(struct cdn_dp_hdcp_key_1x) % HDCP_KEY_1X_STORE_DATA_ALIGN_SIZE, \
+CASSERT(sizeof(struct cdn_dp_hdcp_key_1x) % HDCP_KEY_1X_STORE_DATA_ALIGN_SIZE,
assert_hdcp_key_1x_store_data_align_size_mismatch);
uint64_t dp_hdcp_ctrl(uint64_t type);
diff --git a/plat/rockchip/rk3399/drivers/pmu/pmu.c b/plat/rockchip/rk3399/drivers/pmu/pmu.c
index 3084c4f..7bdefcc 100644
--- a/plat/rockchip/rk3399/drivers/pmu/pmu.c
+++ b/plat/rockchip/rk3399/drivers/pmu/pmu.c
@@ -64,7 +64,7 @@
static uint32_t core_pm_cfg_info[PLATFORM_CORE_COUNT]
#if USE_COHERENT_MEM
-__attribute__ ((section("tzfw_coherent_mem")))
+__attribute__ ((section(".tzfw_coherent_mem")))
#endif
;/* coheront */
diff --git a/plat/socionext/synquacer/include/plat.ld.S b/plat/socionext/synquacer/include/plat.ld.S
index af7a172..d02afa7 100644
--- a/plat/socionext/synquacer/include/plat.ld.S
+++ b/plat/socionext/synquacer/include/plat.ld.S
@@ -23,8 +23,8 @@
* not support inner shareable WBWA mappings so it is mapped normal
* non-cacheable)
*/
- sp_xlat_table (NOLOAD) : ALIGN(PAGE_SIZE) {
- *(sp_xlat_table)
+ .sp_xlat_table (NOLOAD) : ALIGN(PAGE_SIZE) {
+ *(.sp_xlat_table)
} >SP_DRAM
}
diff --git a/plat/socionext/synquacer/include/platform_def.h b/plat/socionext/synquacer/include/platform_def.h
index d6bfe42..acc74e2 100644
--- a/plat/socionext/synquacer/include/platform_def.h
+++ b/plat/socionext/synquacer/include/platform_def.h
@@ -180,8 +180,8 @@
#define PLAT_SP_IMAGE_MMAP_REGIONS 30
#define PLAT_SP_IMAGE_MAX_XLAT_TABLES 20
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "sp_xlat_table"
-#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME "sp_xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".sp_xlat_table"
+#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".sp_xlat_table"
#define PLAT_SQ_UART1_BASE PLAT_SQ_BOOT_UART_BASE
#define PLAT_SQ_UART1_SIZE ULL(0x1000)
diff --git a/plat/socionext/synquacer/platform.mk b/plat/socionext/synquacer/platform.mk
index b76ae88..a6d9bef 100644
--- a/plat/socionext/synquacer/platform.mk
+++ b/plat/socionext/synquacer/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -17,7 +17,7 @@
SQ_USE_SCMI_DRIVER ?= 0
else
override RESET_TO_BL31 := 0
-override BL2_AT_EL3 := 1
+override RESET_TO_BL2 := 1
SQ_USE_SCMI_DRIVER := 1
BL2_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
diff --git a/plat/socionext/uniphier/platform.mk b/plat/socionext/uniphier/platform.mk
index 378497a..d466aa1 100644
--- a/plat/socionext/uniphier/platform.mk
+++ b/plat/socionext/uniphier/platform.mk
@@ -1,10 +1,10 @@
#
-# Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
-override BL2_AT_EL3 := 1
+override RESET_TO_BL2 := 1
override COLD_BOOT_SINGLE_CPU := 1
override PROGRAMMABLE_RESET_ADDRESS := 1
override USE_COHERENT_MEM := 1
diff --git a/plat/st/stm32mp1/include/stm32mp1_mbedtls_config.h b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-2.h
similarity index 100%
rename from plat/st/stm32mp1/include/stm32mp1_mbedtls_config.h
rename to plat/st/stm32mp1/include/stm32mp1_mbedtls_config-2.h
diff --git a/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h
new file mode 100644
index 0000000..d7dab1f
--- /dev/null
+++ b/plat/st/stm32mp1/include/stm32mp1_mbedtls_config-3.h
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2022, STMicroelectronics - All Rights Reserved
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/*
+ * Key algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_USE_RSA 0
+#define TF_MBEDTLS_USE_ECDSA 1
+
+/*
+ * Hash algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_SHA256 1
+#define TF_MBEDTLS_SHA384 2
+#define TF_MBEDTLS_SHA512 3
+
+/*
+ * Configuration file to build mbed TLS with the required features for
+ * Trusted Boot
+ */
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#define MBEDTLS_PKCS1_V21
+
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_OID_C
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+
+#define MBEDTLS_PLATFORM_C
+
+#if TF_MBEDTLS_USE_ECDSA
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if TF_MBEDTLS_USE_RSA
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+
+/* The library does not currently support enabling SHA-256 without SHA-224. */
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+
+#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256)
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#endif
+
+#define MBEDTLS_VERSION_C
+
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+
+#if TF_MBEDTLS_USE_AES_GCM
+#define MBEDTLS_AES_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_GCM_C
+#endif
+
+/* MPI / BIGNUM options */
+#define MBEDTLS_MPI_WINDOW_SIZE 2
+
+#if TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define MBEDTLS_MPI_MAX_SIZE 256
+#else
+#define MBEDTLS_MPI_MAX_SIZE 512
+#endif
+#else
+#define MBEDTLS_MPI_MAX_SIZE 256
+#endif
+
+/* Memory buffer allocator options */
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
+
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
+#ifndef __ASSEMBLER__
+/* System headers required to build mbed TLS with the current configuration */
+#include <stdlib.h>
+#include <mbedtls/check_config.h>
+#endif
+
+/*
+ * Mbed TLS heap size is smal as we only use the asn1
+ * parsing functions
+ * digest, signature and crypto algorithm are done by
+ * other library.
+ */
+
+#define TF_MBEDTLS_HEAP_SIZE U(5120)
diff --git a/plat/st/stm32mp1/platform.mk b/plat/st/stm32mp1/platform.mk
index 236296e..cddc695 100644
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@@ -1,12 +1,12 @@
#
-# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
ARM_CORTEX_A7 := yes
ARM_WITH_NEON := yes
-BL2_AT_EL3 := 1
+RESET_TO_BL2 := 1
USE_COHERENT_MEM := 0
STM32MP_EARLY_CONSOLE ?= 0
@@ -381,7 +381,19 @@
endif
TF_MBEDTLS_KEY_ALG := ecdsa
-MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config.h>"
+
+ifneq (${MBEDTLS_DIR},)
+MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" \
+${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+
+ifeq (${MBEDTLS_MAJOR}, 2)
+MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config-2.h>"
+endif
+
+ifeq (${MBEDTLS_MAJOR}, 3)
+MBEDTLS_CONFIG_FILE ?= "<stm32mp1_mbedtls_config-3.h>"
+endif
+endif
include drivers/auth/mbedtls/mbedtls_x509.mk
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
index 569e60c..ade10a6 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
+++ b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
@@ -21,7 +21,7 @@
#include "ti_sci.h"
#if USE_COHERENT_MEM
-__section("tzfw_coherent_mem")
+__section(".tzfw_coherent_mem")
#endif
static uint8_t message_sequence;
diff --git a/plat/ti/k3/common/k3_bl31_setup.c b/plat/ti/k3/common/k3_bl31_setup.c
index 9a1fd94..242b1ea 100644
--- a/plat/ti/k3/common/k3_bl31_setup.c
+++ b/plat/ti/k3/common/k3_bl31_setup.c
@@ -121,10 +121,6 @@
k3_gic_init();
ti_sci_init();
-
- if (ti_sci_device_get(PLAT_BOARD_DEVICE_ID)) {
- WARN("Unable to take system power reference\n");
- }
}
void platform_mem_init(void)
diff --git a/plat/xilinx/common/include/plat_startup.h b/plat/xilinx/common/include/plat_startup.h
index 1733930..ce356f6 100644
--- a/plat/xilinx/common/include/plat_startup.h
+++ b/plat/xilinx/common/include/plat_startup.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (C) 2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -38,4 +39,8 @@
entry_point_info_t *bl33,
uint64_t atf_handoff_addr);
+/* JEDEC Standard Manufacturer's Identification Code and Bank ID JEP106 */
+#define JEDEC_XILINX_MFID U(0x49)
+#define JEDEC_XILINX_BKID U(0)
+
#endif /* PLAT_STARTUP_H */
diff --git a/plat/xilinx/common/include/pm_ipi.h b/plat/xilinx/common/include/pm_ipi.h
index 52dfc47..ede71df 100644
--- a/plat/xilinx/common/include/pm_ipi.h
+++ b/plat/xilinx/common/include/pm_ipi.h
@@ -25,7 +25,7 @@
enum pm_ret_status pm_ipi_send_sync(const struct pm_proc *proc,
uint32_t payload[PAYLOAD_ARG_CNT],
uint32_t *value, size_t count);
-void pm_ipi_buff_read_callb(uint32_t *value, size_t count);
+enum pm_ret_status pm_ipi_buff_read_callb(uint32_t *value, size_t count);
void pm_ipi_irq_enable(const struct pm_proc *proc);
void pm_ipi_irq_clear(const struct pm_proc *proc);
uint32_t pm_ipi_irq_status(const struct pm_proc *proc);
diff --git a/plat/xilinx/common/pm_service/pm_ipi.c b/plat/xilinx/common/pm_service/pm_ipi.c
index 513d6be..37d0384 100644
--- a/plat/xilinx/common/pm_service/pm_ipi.c
+++ b/plat/xilinx/common/pm_service/pm_ipi.c
@@ -136,7 +136,9 @@
uint32_t *value, size_t count)
{
size_t i;
+ enum pm_ret_status ret;
#if IPI_CRC_CHECK
+ uint32_t *payload_ptr = value;
size_t j;
uint32_t response_payload[PAYLOAD_ARG_CNT];
#endif
@@ -155,6 +157,8 @@
*value = mmio_read_32(buffer_base + (i * PAYLOAD_ARG_SIZE));
value++;
}
+
+ ret = mmio_read_32(buffer_base);
#if IPI_CRC_CHECK
for (j = 0; j < PAYLOAD_ARG_CNT; j++) {
response_payload[j] = mmio_read_32(buffer_base +
@@ -165,30 +169,39 @@
calculate_crc(response_payload, IPI_W0_TO_W6_SIZE)) {
NOTICE("ERROR in CRC response payload value:0x%x\n",
response_payload[PAYLOAD_CRC_POS]);
+ ret = PM_RET_ERROR_INVALID_CRC;
+ /* Payload data is invalid as CRC validation failed
+ * Clear the payload to avoid leakage of data to upper layers
+ */
+ memset(payload_ptr, 0, count);
}
#endif
- return mmio_read_32(buffer_base);
+ return ret;
}
/**
- * pm_ipi_buff_read_callb() - Reads IPI response after remote processor has
- * handled interrupt
- * @value Used to return value from IPI buffer element (optional)
+ * pm_ipi_buff_read_callb() - Callback function that reads value from
+ * ipi response buffer
+ * @value Used to return value from IPI buffer element
* @count Number of values to return in @value
*
- * @return Returns status, either success or error+reason
+ * This callback function fills requested data in @value from ipi response
+ * buffer.
+ * @return Returns status, either success or error
*/
-void pm_ipi_buff_read_callb(uint32_t *value, size_t count)
+enum pm_ret_status pm_ipi_buff_read_callb(uint32_t *value, size_t count)
{
size_t i;
#if IPI_CRC_CHECK
+ uint32_t *payload_ptr = value;
size_t j;
unsigned int response_payload[PAYLOAD_ARG_CNT] = {0};
#endif
uintptr_t buffer_base = IPI_BUFFER_REMOTE_BASE +
IPI_BUFFER_TARGET_LOCAL_OFFSET +
IPI_BUFFER_REQ_OFFSET;
+ enum pm_ret_status ret = PM_RET_SUCCESS;
if (count > IPI_BUFFER_MAX_WORDS) {
count = IPI_BUFFER_MAX_WORDS;
@@ -208,8 +221,14 @@
calculate_crc(response_payload, IPI_W0_TO_W6_SIZE)) {
NOTICE("ERROR in CRC response payload value:0x%x\n",
response_payload[PAYLOAD_CRC_POS]);
+ ret = PM_RET_ERROR_INVALID_CRC;
+ /* Payload data is invalid as CRC validation failed
+ * Clear the payload to avoid leakage of data to upper layers
+ */
+ memset(payload_ptr, 0, count);
}
#endif
+ return ret;
}
/**
diff --git a/plat/xilinx/versal/include/plat_ipi.h b/plat/xilinx/versal/include/plat_ipi.h
index 36a4380..9143dc6 100644
--- a/plat/xilinx/versal/include/plat_ipi.h
+++ b/plat/xilinx/versal/include/plat_ipi.h
@@ -34,7 +34,6 @@
#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
diff --git a/plat/xilinx/versal/include/versal_def.h b/plat/xilinx/versal/include/versal_def.h
index 60431a5..ce4d98c 100644
--- a/plat/xilinx/versal/include/versal_def.h
+++ b/plat/xilinx/versal/include/versal_def.h
@@ -129,9 +129,10 @@
#define PMC_GLOBAL_GLOB_GEN_STORAGE4 (PMC_GLOBAL_BASE + 0x40U)
/* IPI registers and bitfields */
+#define PMC_REG_BASE U(0xFF320000)
+#define PMC_IPI_TRIG_BIT (1U << 1U)
#define IPI0_REG_BASE U(0xFF330000)
#define IPI0_TRIG_BIT (1U << 2U)
-#define PMC_IPI_TRIG_BIT (1U << 1U)
#define IPI1_REG_BASE U(0xFF340000)
#define IPI1_TRIG_BIT (1U << 3U)
#define IPI2_REG_BASE U(0xFF350000)
diff --git a/plat/xilinx/versal/pm_service/pm_api_sys.c b/plat/xilinx/versal/pm_service/pm_api_sys.c
index db9fae4..cc99f11 100644
--- a/plat/xilinx/versal/pm_service/pm_api_sys.c
+++ b/plat/xilinx/versal/pm_service/pm_api_sys.c
@@ -196,19 +196,23 @@
* 1 - Ack IPI after reading payload
*
* Read value from ipi buffer response buffer.
+ * @return Returns status, either success or error
*/
-void pm_get_callbackdata(uint32_t *data, size_t count, uint32_t flag, uint32_t ack)
+enum pm_ret_status pm_get_callbackdata(uint32_t *data, size_t count, uint32_t flag, uint32_t ack)
{
+ enum pm_ret_status ret = PM_RET_SUCCESS;
/* Return if interrupt is not from PMU */
if (pm_ipi_irq_status(primary_proc) == 0) {
- return;
+ return ret;
}
- pm_ipi_buff_read_callb(data, count);
+ ret = pm_ipi_buff_read_callb(data, count);
if (ack != 0U) {
pm_ipi_irq_clear(primary_proc);
}
+
+ return ret;
}
/**
diff --git a/plat/xilinx/versal/pm_service/pm_api_sys.h b/plat/xilinx/versal/pm_service/pm_api_sys.h
index c539aa7..8625e95 100644
--- a/plat/xilinx/versal/pm_service/pm_api_sys.h
+++ b/plat/xilinx/versal/pm_service/pm_api_sys.h
@@ -38,7 +38,7 @@
uintptr_t address, uint8_t ack, uint32_t flag);
enum pm_ret_status pm_set_wakeup_source(uint32_t target, uint32_t device_id,
uint8_t enable, uint32_t flag);
-void pm_get_callbackdata(uint32_t *data, size_t count, uint32_t flag,
+enum pm_ret_status pm_get_callbackdata(uint32_t *data, size_t count, uint32_t flag,
uint32_t ack);
enum pm_ret_status pm_pll_set_param(uint32_t clk_id, uint32_t param,
uint32_t value, uint32_t flag);
diff --git a/plat/xilinx/versal/pm_service/pm_defs.h b/plat/xilinx/versal/pm_service/pm_defs.h
index 2922b5d..dbc801c 100644
--- a/plat/xilinx/versal/pm_service/pm_defs.h
+++ b/plat/xilinx/versal/pm_service/pm_defs.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -115,11 +116,13 @@
XPM_SUBSYSID_MAX,
} XPm_SubsystemId;
+/* TODO: move pm_ret_status from device specific location to common location */
/**
* @PM_RET_SUCCESS: success
* @PM_RET_ERROR_ARGS: illegal arguments provided (deprecated)
* @PM_RET_ERROR_NOTSUPPORTED: feature not supported (deprecated)
* @PM_RET_ERROR_NOFEATURE: feature is not available
+ * @PM_RET_ERROR_INVALID_CRC: invalid crc in IPI communication
* @PM_RET_ERROR_INTERNAL: internal error
* @PM_RET_ERROR_CONFLICT: conflict
* @PM_RET_ERROR_ACCESS: access rights violation
@@ -134,6 +137,7 @@
PM_RET_ERROR_ARGS = 1,
PM_RET_ERROR_NOTSUPPORTED = 4,
PM_RET_ERROR_NOFEATURE = 19,
+ PM_RET_ERROR_INVALID_CRC = 301,
PM_RET_ERROR_INTERNAL = 2000,
PM_RET_ERROR_CONFLICT = 2001,
PM_RET_ERROR_ACCESS = 2002,
diff --git a/plat/xilinx/versal/pm_service/pm_svc_main.c b/plat/xilinx/versal/pm_service/pm_svc_main.c
index c90f9e1..185bfdb 100644
--- a/plat/xilinx/versal/pm_service/pm_svc_main.c
+++ b/plat/xilinx/versal/pm_service/pm_svc_main.c
@@ -48,12 +48,17 @@
void *cookie)
{
uint32_t payload[4] = {0};
+ enum pm_ret_status ret;
VERBOSE("Received IPI FIQ from firmware\n");
(void)plat_ic_acknowledge_interrupt();
+ ret = pm_get_callbackdata(payload, ARRAY_SIZE(payload), 0, 0);
+ if (ret != PM_RET_SUCCESS) {
+ payload[0] = ret;
+ }
+
- pm_get_callbackdata(payload, ARRAY_SIZE(payload), 0, 0);
switch (payload[0]) {
case PM_INIT_SUSPEND_CB:
case PM_NOTIFY_CB:
@@ -61,6 +66,11 @@
notify_os();
}
break;
+ case PM_RET_ERROR_INVALID_CRC:
+ pm_ipi_irq_clear(primary_proc);
+ WARN("Invalid CRC in the payload\n");
+ break;
+
default:
pm_ipi_irq_clear(primary_proc);
WARN("Invalid IPI payload\n");
@@ -274,8 +284,13 @@
case PM_GET_CALLBACK_DATA:
{
uint32_t result[4] = {0};
+ enum pm_ret_status ret;
+
+ ret = pm_get_callbackdata(result, ARRAY_SIZE(result), security_flag, 1U);
+ if (ret != 0) {
+ result[0] = ret;
+ }
- pm_get_callbackdata(result, ARRAY_SIZE(result), security_flag, 1U);
SMC_RET2(handle,
(uint64_t)result[0] | ((uint64_t)result[1] << 32U),
(uint64_t)result[2] | ((uint64_t)result[3] << 32U));
diff --git a/plat/xilinx/versal/sip_svc_setup.c b/plat/xilinx/versal/sip_svc_setup.c
index 6f2ff94..28a4cb9 100644
--- a/plat/xilinx/versal/sip_svc_setup.c
+++ b/plat/xilinx/versal/sip_svc_setup.c
@@ -6,6 +6,8 @@
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
+#include <inttypes.h>
+
#include <common/debug.h>
#include <common/runtime_svc.h>
#include <tools_share/uuid.h>
@@ -23,11 +25,12 @@
#define SIP_SVC_VERSION_MINOR U(1)
/* These macros are used to identify PM calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(versal_sip_uuid,
@@ -62,6 +65,14 @@
void *handle,
u_register_t flags)
{
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
if (is_pm_fid(smc_fid)) {
return pm_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
diff --git a/plat/xilinx/versal/versal_gicv3.c b/plat/xilinx/versal/versal_gicv3.c
index d410906..0959c8e 100644
--- a/plat/xilinx/versal/versal_gicv3.c
+++ b/plat/xilinx/versal/versal_gicv3.c
@@ -36,8 +36,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("versal_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("versal_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".versal_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".versal_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/xilinx/versal/versal_ipi.c b/plat/xilinx/versal/versal_ipi.c
index d821929..67915f4 100644
--- a/plat/xilinx/versal/versal_ipi.c
+++ b/plat/xilinx/versal/versal_ipi.c
@@ -20,16 +20,16 @@
/* versal ipi configuration table */
static const struct ipi_config versal_ipi_table[] = {
- /* A72 IPI */
- [IPI_ID_APU] = {
- .ipi_bit_mask = IPI0_TRIG_BIT,
- .ipi_reg_base = IPI0_REG_BASE,
- .secure_only = 0U,
- },
-
/* PMC IPI */
[IPI_ID_PMC] = {
.ipi_bit_mask = PMC_IPI_TRIG_BIT,
+ .ipi_reg_base = PMC_REG_BASE,
+ .secure_only = 0U,
+ },
+
+ /* A72 IPI */
+ [IPI_ID_APU] = {
+ .ipi_bit_mask = IPI0_TRIG_BIT,
.ipi_reg_base = IPI0_REG_BASE,
.secure_only = 0U,
},
diff --git a/plat/xilinx/versal_net/include/plat_ipi.h b/plat/xilinx/versal_net/include/plat_ipi.h
index 5255f8f..5ac611c 100644
--- a/plat/xilinx/versal_net/include/plat_ipi.h
+++ b/plat/xilinx/versal_net/include/plat_ipi.h
@@ -37,7 +37,6 @@
#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
diff --git a/plat/xilinx/versal_net/include/platform_def.h b/plat/xilinx/versal_net/include/platform_def.h
index 696771f..9aa1441 100644
--- a/plat/xilinx/versal_net/include/platform_def.h
+++ b/plat/xilinx/versal_net/include/platform_def.h
@@ -103,12 +103,15 @@
* terminology. On a GICv2 system or mode, the lists will be merged and treated
* as Group 0 interrupts.
*/
-#define PLAT_VERSAL_IPI_IRQ 62
+#define PLAT_VERSAL_NET_IPI_IRQ 89
+#define PLAT_VERSAL_IPI_IRQ PLAT_VERSAL_NET_IPI_IRQ
#define PLAT_VERSAL_NET_G1S_IRQ_PROPS(grp) \
INTR_PROP_DESC(VERSAL_NET_IRQ_SEC_PHY_TIMER, GIC_HIGHEST_SEC_PRIORITY, grp, \
GIC_INTR_CFG_LEVEL)
-#define PLAT_VERSAL_NET_G0_IRQ_PROPS(grp)
+#define PLAT_VERSAL_NET_G0_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(PLAT_VERSAL_IPI_IRQ, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
#endif /* PLATFORM_DEF_H */
diff --git a/plat/xilinx/versal_net/sip_svc_setup.c b/plat/xilinx/versal_net/sip_svc_setup.c
index 0e3940f..c91497c 100644
--- a/plat/xilinx/versal_net/sip_svc_setup.c
+++ b/plat/xilinx/versal_net/sip_svc_setup.c
@@ -9,6 +9,7 @@
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
#include <errno.h>
+#include <inttypes.h>
#include <common/debug.h>
#include <common/runtime_svc.h>
@@ -28,11 +29,12 @@
#define SIP_SVC_VERSION_MINOR (1U)
/* These macros are used to identify PM calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(versal_net_sip_uuid,
@@ -62,6 +64,14 @@
void *handle,
u_register_t flags)
{
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
if (is_pm_fid(smc_fid)) {
return smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
diff --git a/plat/xilinx/versal_net/versal_net_gicv3.c b/plat/xilinx/versal_net/versal_net_gicv3.c
index 1d45a58..138d2c2 100644
--- a/plat/xilinx/versal_net/versal_net_gicv3.c
+++ b/plat/xilinx/versal_net/versal_net_gicv3.c
@@ -39,8 +39,8 @@
* We save and restore the GICv3 context on system suspend. Allocate the
* data in the designated EL3 Secure carve-out memory.
*/
-static gicv3_redist_ctx_t rdist_ctx __section("versal_net_el3_tzc_dram");
-static gicv3_dist_ctx_t dist_ctx __section("versal_net_el3_tzc_dram");
+static gicv3_redist_ctx_t rdist_ctx __section(".versal_net_el3_tzc_dram");
+static gicv3_dist_ctx_t dist_ctx __section(".versal_net_el3_tzc_dram");
/*
* MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
diff --git a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
index 30af4d5..95a266e 100644
--- a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
+++ b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
@@ -11,10 +11,13 @@
#include <common/debug.h>
#include <drivers/generic_delay_timer.h>
#include <lib/mmio.h>
+#include <lib/smccc.h>
#include <lib/xlat_tables/xlat_tables.h>
#include <plat_ipi.h>
#include <plat_private.h>
+#include <plat_startup.h>
#include <plat/common/platform.h>
+#include <services/arm_arch_svc.h>
#include "pm_api_sys.h"
@@ -311,6 +314,31 @@
return zynqmp_get_silicon_idcode_name();
}
+int32_t plat_is_smccc_feature_available(u_register_t fid)
+{
+ switch (fid) {
+ case SMCCC_ARCH_SOC_ID:
+ return SMC_ARCH_CALL_SUCCESS;
+ default:
+ return SMC_ARCH_CALL_NOT_SUPPORTED;
+ }
+
+ return SMC_ARCH_CALL_NOT_SUPPORTED;
+}
+
+int32_t plat_get_soc_version(void)
+{
+ uint32_t chip_id = zynqmp_get_silicon_ver();
+ uint32_t manfid = SOC_ID_SET_JEP_106(JEDEC_XILINX_BKID, JEDEC_XILINX_MFID);
+
+ return (int32_t)(manfid | (chip_id & 0xFFFF));
+}
+
+int32_t plat_get_soc_revision(void)
+{
+ return mmio_read_32(ZYNQMP_CSU_BASEADDR + ZYNQMP_CSU_IDCODE_OFFSET);
+}
+
static uint32_t zynqmp_get_ps_ver(void)
{
uint32_t ver = mmio_read_32(ZYNQMP_CSU_BASEADDR + ZYNQMP_CSU_VERSION_OFFSET);
diff --git a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
index 1d59537..0ebd088 100644
--- a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
+++ b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +17,7 @@
#include <plat/common/platform.h>
#include <lib/mmio.h>
+#include <custom_svc.h>
#include <plat_startup.h>
#include <plat_private.h>
#include <zynqmp_def.h>
@@ -118,9 +120,7 @@
enum fsbl_handoff ret = fsbl_atf_handover(&bl32_image_ep_info,
&bl33_image_ep_info,
atf_handoff_addr);
- if (ret == FSBL_HANDOFF_NO_STRUCT) {
- bl31_set_default_config();
- } else if (ret != FSBL_HANDOFF_SUCCESS) {
+ if (ret != FSBL_HANDOFF_SUCCESS) {
panic();
}
}
@@ -130,6 +130,9 @@
if (bl33_image_ep_info.pc != 0) {
VERBOSE("BL31: Non secure code at 0x%lx\n", bl33_image_ep_info.pc);
}
+
+ custom_early_setup();
+
}
#if ZYNQMP_WDT_RESTART
@@ -168,7 +171,7 @@
}
#endif
-#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
+#if (defined(XILINX_OF_BOARD_DTB_ADDR) && !IS_TFA_IN_OCM(BL31_BASE))
static void prepare_dtb(void)
{
void *dtb = (void *)XILINX_OF_BOARD_DTB_ADDR;
@@ -197,8 +200,9 @@
}
/* Reserve memory used by Trusted Firmware. */
- if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE, BL31_LIMIT - BL31_BASE)) {
- WARN("Failed to add reserved memory nodes to DT.\n");
+ if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE,
+ BL31_LIMIT - BL31_BASE + 1)) {
+ WARN("Failed to add reserved memory nodes for BL31 to DT.\n");
}
ret = fdt_pack(dtb);
@@ -213,8 +217,8 @@
void bl31_platform_setup(void)
{
-#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
- prepare_dtb();
+#if (defined(XILINX_OF_BOARD_DTB_ADDR) && !IS_TFA_IN_OCM(BL31_BASE))
+ prepare_dtb();
#endif
/* Initialize the gic cpu and distributor interfaces */
@@ -245,9 +249,8 @@
plat_arm_interconnect_init();
plat_arm_interconnect_enter_coherency();
-
const mmap_region_t bl_regions[] = {
-#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
+#if (defined(XILINX_OF_BOARD_DTB_ADDR) && !IS_TFA_IN_OCM(BL31_BASE))
MAP_REGION_FLAT(XILINX_OF_BOARD_DTB_ADDR, XILINX_OF_BOARD_DTB_MAX_SIZE,
MT_MEMORY | MT_RW | MT_NS),
#endif
@@ -263,6 +266,8 @@
{0}
};
+ custom_mmap_add();
+
setup_page_tables(bl_regions, plat_arm_get_mmap());
enable_mmu_el3(0);
}
diff --git a/plat/xilinx/zynqmp/custom_sip_svc.c b/plat/xilinx/zynqmp/custom_sip_svc.c
new file mode 100644
index 0000000..fbb0a33
--- /dev/null
+++ b/plat/xilinx/zynqmp/custom_sip_svc.c
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <smccc_helpers.h>
+
+uint64_t custom_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
+ uint64_t x3, uint64_t x4, void *cookie,
+ void *handle, uint64_t flags)
+{
+ WARN("Unimplemented SiP Service Call: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+}
+
+void custom_early_setup(void)
+{
+}
+
+void custom_mmap_add(void)
+{
+}
diff --git a/plat/xilinx/zynqmp/include/custom_svc.h b/plat/xilinx/zynqmp/include/custom_svc.h
new file mode 100644
index 0000000..ef0eb67
--- /dev/null
+++ b/plat/xilinx/zynqmp/include/custom_svc.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef CUSTOM_SVC_H
+#define CUSTOM_SVC_H
+
+#define ZYNQMP_SIP_SVC_CUSTOM U(0x82002000)
+#define ZYNQMP_SIP_SVC64_CUSTOM U(0xC2002000)
+
+uint64_t custom_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
+ uint64_t x3, uint64_t x4, void *cookie,
+ void *handle, uint64_t flags);
+
+void custom_early_setup(void);
+void custom_mmap_add(void);
+
+#endif /* CUSTOM_SVC_H */
diff --git a/plat/xilinx/zynqmp/include/plat_ipi.h b/plat/xilinx/zynqmp/include/plat_ipi.h
index a78f93a..bf56d5e 100644
--- a/plat/xilinx/zynqmp/include/plat_ipi.h
+++ b/plat/xilinx/zynqmp/include/plat_ipi.h
@@ -35,7 +35,6 @@
#define IPI_BUFFER_APU_BASE (IPI_BUFFER_BASEADDR + 0x400U)
#define IPI_BUFFER_PMU_BASE (IPI_BUFFER_BASEADDR + 0xE00U)
-#define IPI_BUFFER_LOCAL_BASE IPI_BUFFER_APU_BASE
#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMU_BASE
#define IPI_BUFFER_TARGET_LOCAL_OFFSET 0x80U
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index c2d22c2..aebce30 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -1,5 +1,7 @@
/*
* Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -40,8 +42,8 @@
# define BL31_BASE U(0xfffea000)
# define BL31_LIMIT U(0x100000000)
#else
-# define BL31_BASE U(0xfffe5000)
-# define BL31_LIMIT U(0x100000000)
+# define BL31_BASE U(0x1000)
+# define BL31_LIMIT U(0x7ffff)
#endif
#else
# define BL31_BASE (ZYNQMP_ATF_MEM_BASE)
@@ -83,19 +85,31 @@
/*******************************************************************************
* Platform specific page table and MMU setup constants
******************************************************************************/
-#define XILINX_OF_BOARD_DTB_ADDR U(0x100000)
#define XILINX_OF_BOARD_DTB_MAX_SIZE U(0x200000)
#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
+#define PLAT_OCM_BASE U(0xFFFC0000)
+#define PLAT_OCM_LIMIT U(0xFFFFFFFF)
+
+#define IS_TFA_IN_OCM(x) ((x >= PLAT_OCM_BASE) && (x < PLAT_OCM_LIMIT))
#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
-#if (BL31_LIMIT < PLAT_DDR_LOWMEM_MAX)
+
+#ifndef MAX_MMAP_REGIONS
+#if (defined(XILINX_OF_BOARD_DTB_ADDR) && !IS_TFA_IN_OCM(BL31_BASE))
#define MAX_MMAP_REGIONS 8
-#define MAX_XLAT_TABLES 6
#else
#define MAX_MMAP_REGIONS 7
+#endif
+#endif
+
+#ifndef MAX_XLAT_TABLES
+#if !IS_TFA_IN_OCM(BL31_BASE)
+#define MAX_XLAT_TABLES 8
+#else
#define MAX_XLAT_TABLES 5
#endif
+#endif
#define CACHE_WRITEBACK_SHIFT 6
#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
diff --git a/plat/xilinx/zynqmp/platform.mk b/plat/xilinx/zynqmp/platform.mk
index 05adbd0..4671f5f 100644
--- a/plat/xilinx/zynqmp/platform.mk
+++ b/plat/xilinx/zynqmp/platform.mk
@@ -1,10 +1,13 @@
#
# Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
# Portions copyright (c) 2021-2022, ProvenRun S.A.S. All rights reserved.
+# Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
+# Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
override ERRATA_A53_855873 := 1
+ERRATA_A53_1530924 := 1
override PROGRAMMABLE_RESET_ADDRESS := 1
PSCI_EXTENDED_STATE_ID := 1
A53_DISABLE_NON_TEMPORAL_HINT := 0
@@ -74,6 +77,10 @@
$(eval $(call add_define,ZYNQMP_SECURE_EFUSES))
endif
+ifdef XILINX_OF_BOARD_DTB_ADDR
+$(eval $(call add_define,XILINX_OF_BOARD_DTB_ADDR))
+endif
+
PLAT_INCLUDES := -Iinclude/plat/arm/common/ \
-Iinclude/plat/arm/common/aarch64/ \
-Iplat/xilinx/common/include/ \
@@ -138,6 +145,12 @@
BL31_CPPFLAGS += -fno-jump-tables
TF_CFLAGS_aarch64 += -mbranch-protection=none
+ifdef CUSTOM_PKG_PATH
+include $(CUSTOM_PKG_PATH)/custom_pkg.mk
+else
+BL31_SOURCES += plat/xilinx/zynqmp/custom_sip_svc.c
+endif
+
ifneq (${RESET_TO_BL31},1)
$(error "Using BL31 as the reset vector is only one option supported on ZynqMP. Please set RESET_TO_BL31 to 1.")
endif
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
index a17b6c5..58491a0 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -252,10 +253,6 @@
return pm_shutdown_scope;
}
-#define EM_PACK_PAYLOAD1(pl, arg0) { \
- pl[0] = (uint16_t)(0xE) << 16 | (uint16_t)arg0; \
-}
-
/**
* pm_self_suspend() - PM call for processor to suspend itself
* @nid Node id of the processor or subsystem
@@ -690,16 +687,19 @@
* @data - array of PAYLOAD_ARG_CNT elements
*
* Read value from ipi buffer response buffer.
+ * @return Returns status, either success or error
*/
-void pm_get_callbackdata(uint32_t *data, size_t count)
+enum pm_ret_status pm_get_callbackdata(uint32_t *data, size_t count)
{
+ enum pm_ret_status ret = PM_RET_SUCCESS;
/* Return if interrupt is not from PMU */
if (!pm_ipi_irq_status(primary_proc)) {
- return;
+ return ret;
}
- pm_ipi_buff_read_callb(data, count);
+ ret = pm_ipi_buff_read_callb(data, count);
pm_ipi_irq_clear(primary_proc);
+ return ret;
}
/**
@@ -786,7 +786,7 @@
{
switch (api_id) {
case PM_QUERY_DATA:
- *version = ATF_API_BASE_VERSION;
+ *version = TFA_API_QUERY_DATA_VERSION;
bit_mask[0] = (uint32_t)(PM_QUERY_FEATURE_BITMASK);
bit_mask[1] = (uint32_t)(PM_QUERY_FEATURE_BITMASK >> 32);
return PM_RET_SUCCESS;
@@ -922,14 +922,16 @@
*version = ret_payload[0];
/* Update IOCTL bit mask which are implemented in ATF */
- if (api_id == PM_IOCTL) {
+ if ((api_id == PM_IOCTL) || (api_id == PM_GET_OP_CHARACTERISTIC)) {
if (len < 2) {
return PM_RET_ERROR_ARGS;
}
bit_mask[0] = ret_payload[1];
bit_mask[1] = ret_payload[2];
- /* Get IOCTL's implemented by ATF */
- status = atf_ioctl_bitmask(bit_mask);
+ if (api_id == PM_IOCTL) {
+ /* Get IOCTL's implemented by ATF */
+ status = atf_ioctl_bitmask(bit_mask);
+ }
} else {
/* Requires for MISRA */
}
@@ -1805,32 +1807,5 @@
/* Send request to the PMU */
PM_PACK_PAYLOAD3(payload, PM_EFUSE_ACCESS, address_high, address_low);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
-
-enum pm_ret_status em_set_action(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_SET_ACTION);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
-
-enum pm_ret_status em_remove_action(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_REMOVE_ACTION);
- return pm_ipi_send_sync(primary_proc, payload, value, 1);
-}
-
-enum pm_ret_status em_send_errors(uint32_t *value)
-{
- uint32_t payload[PAYLOAD_ARG_CNT];
-
- /* Send request to the PMU */
- EM_PACK_PAYLOAD1(payload, EM_SEND_ERRORS);
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
index 9ba9475..1341e7b 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -127,7 +128,7 @@
uint32_t size,
uint32_t flags);
uint32_t pm_get_shutdown_scope(void);
-void pm_get_callbackdata(uint32_t *data, size_t count);
+enum pm_ret_status pm_get_callbackdata(uint32_t *data, size_t count);
enum pm_ret_status pm_ioctl(enum pm_node_id nid,
uint32_t ioctl_id,
uint32_t arg1,
@@ -187,9 +188,6 @@
enum pm_ret_status pm_pll_get_mode(enum pm_node_id nid, enum pm_pll_mode *mode);
enum pm_ret_status pm_efuse_access(uint32_t address_high,
uint32_t address_low, uint32_t *value);
-enum pm_ret_status em_set_action(uint32_t *value);
-enum pm_ret_status em_remove_action(uint32_t *value);
-enum pm_ret_status em_send_errors(uint32_t *value);
enum pm_ret_status pm_feature_check(uint32_t api_id, uint32_t *version,
uint32_t *bit_mask, uint8_t len);
enum pm_ret_status check_api_dependency(uint8_t id);
diff --git a/plat/xilinx/zynqmp/pm_service/pm_defs.h b/plat/xilinx/zynqmp/pm_service/pm_defs.h
index e335b94..f00ab4b 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_defs.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_defs.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,6 +32,9 @@
#define FW_API_VERSION_2 (2U)
/* Version of APIs implemented in ATF */
#define ATF_API_BASE_VERSION (1U)
+/* Updating the QUERY_DATA API versioning as the bitmask functionality
+ * support is added in the v2.*/
+#define TFA_API_QUERY_DATA_VERSION (2U)
/* Capabilities for RAM */
#define PM_CAP_ACCESS 0x1U
@@ -49,8 +53,6 @@
#define PM_PROC_STATE_SLEEP 2U
#define PM_PROC_STATE_SUSPENDING 3U
-#define EM_FUNID_NUM_MASK 0xF0000U
-
#define PM_GET_CALLBACK_DATA 0xa01
#define PM_SET_SUSPEND_MODE 0xa02
#define PM_GET_TRUSTZONE_VERSION 0xa03
@@ -122,9 +124,9 @@
/* PM Register Access API */
PM_REGISTER_ACCESS,
PM_EFUSE_ACCESS,
- PM_FPGA_GET_VERSION,
- PM_FPGA_GET_FEATURE_LIST,
PM_FEATURE_CHECK = 63,
+ PM_FPGA_GET_VERSION = 72,
+ PM_FPGA_GET_FEATURE_LIST,
PM_API_MAX
};
@@ -241,11 +243,13 @@
PM_OPCHAR_TYPE_LATENCY,
};
+/* TODO: move pm_ret_status from device specific location to common location */
/**
* @PM_RET_SUCCESS: success
* @PM_RET_ERROR_ARGS: illegal arguments provided (deprecated)
* @PM_RET_ERROR_NOTSUPPORTED: feature not supported (deprecated)
* @PM_RET_ERROR_NOT_ENABLED: feature is not enabled
+ * @PM_RET_ERROR_INVALID_CRC: invalid crc in IPI communication
* @PM_RET_ERROR_INTERNAL: internal error
* @PM_RET_ERROR_CONFLICT: conflict
* @PM_RET_ERROR_ACCESS: access rights violation
@@ -260,6 +264,7 @@
PM_RET_ERROR_ARGS = (1U),
PM_RET_ERROR_NOTSUPPORTED = (4U),
PM_RET_ERROR_NOT_ENABLED = (29U),
+ PM_RET_ERROR_INVALID_CRC = (301U),
PM_RET_ERROR_INTERNAL = (2000U),
PM_RET_ERROR_CONFLICT = (2001U),
PM_RET_ERROR_ACCESS = (2002U),
@@ -351,13 +356,4 @@
PM_CLOCK_DIV1_ID,
};
-/**
- * EM API IDs
- */
-enum em_api_id {
- EM_SET_ACTION = 1,
- EM_REMOVE_ACTION,
- EM_SEND_ERRORS,
-};
-
#endif /* PM_DEFS_H */
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
index a3f0278..b35859d 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -364,7 +365,11 @@
SMC_RET1(handle, (uint64_t)ret);
case PM_GET_CALLBACK_DATA:
- pm_get_callbackdata(result, ARRAY_SIZE(result));
+ ret = pm_get_callbackdata(result, ARRAY_SIZE(result));
+ if (ret != PM_RET_SUCCESS) {
+ result[0] = ret;
+ }
+
SMC_RET2(handle,
(uint64_t)result[0] | ((uint64_t)result[1] << 32),
(uint64_t)result[2] | ((uint64_t)result[3] << 32));
@@ -568,56 +573,3 @@
(uint64_t)result[1] | ((uint64_t)result[2] << 32U));
}
}
-
-/**
- * em_smc_handler() - SMC handler for EM-API calls coming from EL1/EL2.
- * @smc_fid - Function Identifier
- * @x1 - x4 - Arguments
- * @cookie - Unused
- * @handler - Pointer to caller's context structure
- *
- * @return - Unused
- *
- * Determines that smc_fid is valid and supported EM SMC Function ID from the
- * list of em_api_ids, otherwise completes the request with
- * the unknown SMC Function ID
- *
- * The SMC calls for EM service are forwarded from SIP Service SMC handler
- * function with rt_svc_handle signature
- */
-uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, const void *cookie, void *handle, uint64_t flags)
-{
- enum pm_ret_status ret;
-
- switch (smc_fid & FUNCID_NUM_MASK) {
- /* EM API Functions */
- case EM_SET_ACTION:
- {
- uint32_t value;
-
- ret = em_set_action(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- case EM_REMOVE_ACTION:
- {
- uint32_t value;
-
- ret = em_remove_action(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- case EM_SEND_ERRORS:
- {
- uint32_t value;
-
- ret = em_send_errors(&value);
- SMC_RET1(handle, (uint64_t)ret | ((uint64_t)value) << 32U);
- }
-
- default:
- WARN("Unimplemented EM Service Call: 0x%x\n", smc_fid);
- SMC_RET1(handle, SMC_UNK);
- }
-}
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
index c1781f3..3c3082f 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,8 +14,4 @@
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
-
-uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, const void *cookie, void *handle,
- uint64_t flags);
#endif /* PM_SVC_MAIN_H */
diff --git a/plat/xilinx/zynqmp/sip_svc_setup.c b/plat/xilinx/zynqmp/sip_svc_setup.c
index 4ce9b8a..c55784e 100644
--- a/plat/xilinx/zynqmp/sip_svc_setup.c
+++ b/plat/xilinx/zynqmp/sip_svc_setup.c
@@ -1,14 +1,18 @@
/*
* Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
/* Top level SMC handler for SiP calls. Dispatch PM calls to PM SMC handler. */
+#include <inttypes.h>
+
#include <common/runtime_svc.h>
#include <tools_share/uuid.h>
+#include <custom_svc.h>
#include "ipi_mailbox_svc.h"
#include "pm_svc_main.h"
@@ -22,14 +26,12 @@
#define SIP_SVC_VERSION_MINOR 1
/* These macros are used to identify PM, IPI calls from the SMC function ID */
-#define PM_FID_MASK 0xf000u
+#define SIP_FID_MASK GENMASK(23, 16)
+#define XLNX_FID_MASK GENMASK(23, 12)
#define PM_FID_VALUE 0u
#define IPI_FID_VALUE 0x1000u
-#define EM_FID_MASK 0xf0000u
-#define EM_FID_VALUE 0xE0000u
-#define is_em_fid(_fid) (((_fid) & EM_FID_MASK) == EM_FID_VALUE)
-#define is_pm_fid(_fid) (((_fid) & PM_FID_MASK) == PM_FID_VALUE)
-#define is_ipi_fid(_fid) (((_fid) & PM_FID_MASK) == IPI_FID_VALUE)
+#define is_pm_fid(_fid) (((_fid) & XLNX_FID_MASK) == PM_FID_VALUE)
+#define is_ipi_fid(_fid) (((_fid) & XLNX_FID_MASK) == IPI_FID_VALUE)
/* SiP Service UUID */
DEFINE_SVC_UUID2(zynqmp_sip_uuid,
@@ -62,12 +64,16 @@
void *handle,
u_register_t flags)
{
- /* Let EM SMC handler deal with EM-related requests */
- if (is_em_fid(smc_fid)) {
- return em_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
- flags);
- } else if (is_pm_fid(smc_fid)) {
+ VERBOSE("SMCID: 0x%08x, x1: 0x%016" PRIx64 ", x2: 0x%016" PRIx64 ", x3: 0x%016" PRIx64 ", x4: 0x%016" PRIx64 "\n",
+ smc_fid, x1, x2, x3, x4);
+
+ if (smc_fid & SIP_FID_MASK) {
+ WARN("SMC out of SiP assinged range: 0x%x\n", smc_fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+
/* Let PM SMC handler deal with PM-related requests */
+ if (is_pm_fid(smc_fid)) {
return pm_smc_handler(smc_fid, x1, x2, x3, x4, cookie, handle,
flags);
}
@@ -89,6 +95,11 @@
case ZYNQMP_SIP_SVC_VERSION:
SMC_RET2(handle, SIP_SVC_VERSION_MAJOR, SIP_SVC_VERSION_MINOR);
+ case ZYNQMP_SIP_SVC_CUSTOM:
+ case ZYNQMP_SIP_SVC64_CUSTOM:
+ return custom_smc_handler(smc_fid, x1, x2, x3, x4, cookie,
+ handle, flags);
+
default:
WARN("Unimplemented SiP Service Call: 0x%x\n", smc_fid);
SMC_RET1(handle, SMC_UNK);
diff --git a/services/spd/opteed/opteed_private.h b/services/spd/opteed/opteed_private.h
index ab6e4cd..c8fbc22 100644
--- a/services/spd/opteed/opteed_private.h
+++ b/services/spd/opteed/opteed_private.h
@@ -114,7 +114,7 @@
* have the same double word aligned view of the size of the C runtime
* register context.
*/
-CASSERT(OPTEED_C_RT_CTX_SIZE == sizeof(c_rt_regs_t), \
+CASSERT(OPTEED_C_RT_CTX_SIZE == sizeof(c_rt_regs_t),
assert_spd_c_rt_regs_size_mismatch);
/*******************************************************************************
diff --git a/services/spd/tlkd/tlkd_private.h b/services/spd/tlkd/tlkd_private.h
index 5d5d0e8..ad36f5e 100644
--- a/services/spd/tlkd/tlkd_private.h
+++ b/services/spd/tlkd/tlkd_private.h
@@ -85,7 +85,7 @@
* have the same double word aligned view of the size of the C runtime
* register context.
*/
-CASSERT(TLKD_C_RT_CTX_SIZE == sizeof(c_rt_regs_t), \
+CASSERT(TLKD_C_RT_CTX_SIZE == sizeof(c_rt_regs_t),
assert_tlkd_c_rt_regs_size_mismatch);
/*******************************************************************************
diff --git a/services/spd/tspd/tspd_private.h b/services/spd/tspd/tspd_private.h
index d6c03c9..043644a 100644
--- a/services/spd/tspd/tspd_private.h
+++ b/services/spd/tspd/tspd_private.h
@@ -146,7 +146,7 @@
* have the same double word aligned view of the size of the C runtime
* register context.
*/
-CASSERT(TSPD_C_RT_CTX_SIZE == sizeof(c_rt_regs_t), \
+CASSERT(TSPD_C_RT_CTX_SIZE == sizeof(c_rt_regs_t),
assert_spd_c_rt_regs_size_mismatch);
/* SEL1 Secure payload (SP) caller saved register context structure. */
@@ -157,7 +157,7 @@
* have the same double word aligned view of the size of the C runtime
* register context.
*/
-CASSERT(TSPD_SP_CTX_SIZE == sizeof(sp_ctx_regs_t), \
+CASSERT(TSPD_SP_CTX_SIZE == sizeof(sp_ctx_regs_t),
assert_spd_sp_regs_size_mismatch);
/*******************************************************************************
diff --git a/services/std_svc/rmmd/trp/linker.lds b/services/std_svc/rmmd/trp/linker.ld.S
similarity index 89%
rename from services/std_svc/rmmd/trp/linker.lds
rename to services/std_svc/rmmd/trp/linker.ld.S
index 2b7f383..9895cf9 100644
--- a/services/std_svc/rmmd/trp/linker.lds
+++ b/services/std_svc/rmmd/trp/linker.ld.S
@@ -1,6 +1,7 @@
/*
- * (C) COPYRIGHT 2021 Arm Limited or its affiliates.
- * ALL RIGHTS RESERVED
+ * Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
*/
#include <common/bl_common.ld.h>
diff --git a/services/std_svc/rmmd/trp/trp.mk b/services/std_svc/rmmd/trp/trp.mk
index 44bbf22..e511bf5 100644
--- a/services/std_svc/rmmd/trp/trp.mk
+++ b/services/std_svc/rmmd/trp/trp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2022 Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2021-2023 Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -8,7 +8,7 @@
services/std_svc/rmmd/trp/trp_main.c \
services/std_svc/rmmd/trp/trp_helpers.c
-RMM_LINKERFILE := services/std_svc/rmmd/trp/linker.lds
+RMM_DEFAULT_LINKER_SCRIPT_SOURCE := services/std_svc/rmmd/trp/linker.ld.S
# Include the platform-specific TRP Makefile
# If no platform-specific TRP Makefile exists, it means TRP is not supported
diff --git a/services/std_svc/spm/spm_mm/spm_mm_xlat.c b/services/std_svc/spm/spm_mm/spm_mm_xlat.c
index 6261016..b1ca55a 100644
--- a/services/std_svc/spm/spm_mm/spm_mm_xlat.c
+++ b/services/std_svc/spm/spm_mm/spm_mm_xlat.c
@@ -19,7 +19,7 @@
/* Place translation tables by default along with the ones used by BL31. */
#ifndef PLAT_SP_IMAGE_XLAT_SECTION_NAME
-#define PLAT_SP_IMAGE_XLAT_SECTION_NAME "xlat_table"
+#define PLAT_SP_IMAGE_XLAT_SECTION_NAME ".xlat_table"
#endif
#ifndef PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME
#define PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME ".bss"
diff --git a/services/std_svc/spmd/spmd_main.c b/services/std_svc/spmd/spmd_main.c
index dde1622..e85109d 100644
--- a/services/std_svc/spmd/spmd_main.c
+++ b/services/std_svc/spmd/spmd_main.c
@@ -513,15 +513,15 @@
rc = spmc_setup();
if (rc != 0) {
- ERROR("SPMC initialisation failed 0x%x.\n", rc);
+ WARN("SPMC initialisation failed 0x%x.\n", rc);
}
- return rc;
+ return 0;
}
spmc_ep_info = bl31_plat_get_next_image_ep_info(SECURE);
if (spmc_ep_info == NULL) {
WARN("No SPM Core image provided by BL2 boot loader.\n");
- return -EINVAL;
+ return 0;
}
/* Under no circumstances will this parameter be 0 */
@@ -533,8 +533,8 @@
*/
spmc_manifest = (void *)spmc_ep_info->args.arg0;
if (spmc_manifest == NULL) {
- ERROR("Invalid or absent SPM Core manifest.\n");
- return -EINVAL;
+ WARN("Invalid or absent SPM Core manifest.\n");
+ return 0;
}
/* Load manifest, init SPMC */
@@ -543,7 +543,7 @@
WARN("Booting device without SPM initialization.\n");
}
- return rc;
+ return 0;
}
/*******************************************************************************
@@ -581,10 +581,40 @@
#endif
cm_set_next_eret_context(secure_state_out);
+#if SPMD_SPM_AT_SEL2
+ /*
+ * If SPMC is at SEL2, save additional registers x8-x17, which may
+ * be used in FF-A calls such as FFA_PARTITION_INFO_GET_REGS.
+ * Note that technically, all SPMCs can support this, but this code is
+ * under ifdef to minimize breakage in case other SPMCs do not save
+ * and restore x8-x17.
+ * We also need to pass through these registers since not all FF-A ABIs
+ * modify x8-x17, in which case, SMCCC requires that these registers be
+ * preserved, so the SPMD passes through these registers and expects the
+ * SPMC to save and restore (potentially also modify) them.
+ */
+ SMC_RET18(cm_get_context(secure_state_out), smc_fid, x1, x2, x3, x4,
+ SMC_GET_GP(handle, CTX_GPREG_X5),
+ SMC_GET_GP(handle, CTX_GPREG_X6),
+ SMC_GET_GP(handle, CTX_GPREG_X7),
+ SMC_GET_GP(handle, CTX_GPREG_X8),
+ SMC_GET_GP(handle, CTX_GPREG_X9),
+ SMC_GET_GP(handle, CTX_GPREG_X10),
+ SMC_GET_GP(handle, CTX_GPREG_X11),
+ SMC_GET_GP(handle, CTX_GPREG_X12),
+ SMC_GET_GP(handle, CTX_GPREG_X13),
+ SMC_GET_GP(handle, CTX_GPREG_X14),
+ SMC_GET_GP(handle, CTX_GPREG_X15),
+ SMC_GET_GP(handle, CTX_GPREG_X16),
+ SMC_GET_GP(handle, CTX_GPREG_X17)
+ );
+
+#else
SMC_RET8(cm_get_context(secure_state_out), smc_fid, x1, x2, x3, x4,
SMC_GET_GP(handle, CTX_GPREG_X5),
SMC_GET_GP(handle, CTX_GPREG_X6),
SMC_GET_GP(handle, CTX_GPREG_X7));
+#endif
}
/*******************************************************************************
@@ -1042,7 +1072,23 @@
return spmd_ffa_error_return(handle, FFA_ERROR_DENIED);
}
break; /* Not reached */
+#if MAKE_FFA_VERSION(1, 1) <= FFA_VERSION_COMPILED
+ case FFA_PARTITION_INFO_GET_REGS_SMC64:
+ if (secure_origin) {
+ /* TODO: Future patches to enable support for this */
+ return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ }
+ /* Call only supported with SMCCC 1.2+ */
+ if (MAKE_SMCCC_VERSION(SMCCC_MAJOR_VERSION, SMCCC_MINOR_VERSION) < 0x10002) {
+ return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ }
+
+ return spmd_smc_forward(smc_fid, secure_origin,
+ x1, x2, x3, x4, cookie,
+ handle, flags);
+ break; /* Not reached */
+#endif
default:
WARN("SPM: Unsupported call 0x%08x\n", smc_fid);
return spmd_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
diff --git a/tools/marvell/doimage/doimage.c b/tools/marvell/doimage/doimage.c
index e08b820..513f33f 100644
--- a/tools/marvell/doimage/doimage.c
+++ b/tools/marvell/doimage/doimage.c
@@ -17,12 +17,6 @@
#ifdef CONFIG_MVEBU_SECURE_BOOT
#include <libconfig.h> /* for parsing config file */
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
/* mbedTLS stuff */
#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_SHA256_C) && \
@@ -34,6 +28,7 @@
#include <mbedtls/md.h>
#include <mbedtls/pk.h>
#include <mbedtls/sha256.h>
+#include <mbedtls/version.h>
#include <mbedtls/x509.h>
#else
#error "Bad mbedTLS configuration!"
