Merge "feat(qemu): increase max cpus per cluster to 16" into integration
diff --git a/.gitignore b/.gitignore
index ab2c0c4..ac9a11d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,6 +11,7 @@
# Ignore build products from tools
tools/**/*.o
+tools/**/*.d
tools/renesas/rcar_layout_create/*.bin
tools/renesas/rcar_layout_create/*.srec
tools/renesas/rcar_layout_create/*.map
diff --git a/Makefile b/Makefile
index d242722..98e448f 100644
--- a/Makefile
+++ b/Makefile
@@ -1124,7 +1124,6 @@
PSCI_EXTENDED_STATE_ID \
PSCI_OS_INIT_MODE \
RESET_TO_BL31 \
- RESET_TO_BL31_WITH_PARAMS \
SAVE_KEYS \
SEPARATE_CODE_AND_RODATA \
SEPARATE_BL2_NOLOAD_REGION \
@@ -1186,6 +1185,10 @@
ENABLE_FEAT_RNG_TRAP \
ENABLE_FEAT_SEL2 \
ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
ENABLE_FEAT_VHE \
ENABLE_MPAM_FOR_LOWER_ELS \
ENABLE_RME \
@@ -1270,7 +1273,6 @@
PSCI_OS_INIT_MODE \
RAS_EXTENSION \
RESET_TO_BL31 \
- RESET_TO_BL31_WITH_PARAMS \
SEPARATE_CODE_AND_RODATA \
SEPARATE_BL2_NOLOAD_REGION \
SEPARATE_NOBITS_REGION \
@@ -1323,6 +1325,10 @@
ENABLE_FEAT_CSV2_2 \
ENABLE_FEAT_PAN \
ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
FEATURE_DETECTION \
TWED_DELAY \
ENABLE_FEAT_TWED \
diff --git a/bl31/aarch64/bl31_entrypoint.S b/bl31/aarch64/bl31_entrypoint.S
index b0c46dc..dfb14e9 100644
--- a/bl31/aarch64/bl31_entrypoint.S
+++ b/bl31/aarch64/bl31_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -66,19 +66,6 @@
_init_c_runtime=1 \
_exception_vectors=runtime_exceptions \
_pie_fixup_size=BL31_LIMIT - BL31_BASE
-
-#if !RESET_TO_BL31_WITH_PARAMS
- /* ---------------------------------------------------------------------
- * For RESET_TO_BL31 systems, BL31 is the first bootloader to run so
- * there's no argument to relay from a previous bootloader. Zero the
- * arguments passed to the platform layer to reflect that.
- * ---------------------------------------------------------------------
- */
- mov x20, 0
- mov x21, 0
- mov x22, 0
- mov x23, 0
-#endif /* RESET_TO_BL31_WITH_PARAMS */
#endif /* RESET_TO_BL31 */
/* --------------------------------------------------------------------
diff --git a/changelog.yaml b/changelog.yaml
index e100f82..a514abd 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -1219,6 +1219,9 @@
- title: Threat Model
scope: threat-model
+ - title: Porting Guide
+ scope: porting
+
- title: Build System
scope: build
diff --git a/common/feat_detect.c b/common/feat_detect.c
index 9394304..1582b9d 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -210,6 +210,14 @@
/* v8.9 features */
check_feature(ENABLE_FEAT_TCR2, read_feat_tcrx_id_field(),
"TCR2", 1, 1);
+ check_feature(ENABLE_FEAT_S2PIE, read_feat_s2pie_id_field(),
+ "S2PIE", 1, 1);
+ check_feature(ENABLE_FEAT_S1PIE, read_feat_s1pie_id_field(),
+ "S1PIE", 1, 1);
+ check_feature(ENABLE_FEAT_S2POE, read_feat_s2poe_id_field(),
+ "S2POE", 1, 1);
+ check_feature(ENABLE_FEAT_S1POE, read_feat_s1poe_id_field(),
+ "S1POE", 1, 1);
/* v9.0 features */
check_feature(ENABLE_BRBE_FOR_NS, read_feat_brbe_id_field(),
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index db412f5..9b934c9 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -175,10 +175,14 @@
^^^^^^^^^^^^^^^^^^^^^^^^
:|M|: Joshua Slater <joshua.slater@arm.com>
:|G|: `jslater8`_
-:|M|: Mikael Olsson <mikael.olsson@arm.com>
-:|G|: `mikaelolsson-arm`_
+:|M|: Ştefana Simion <stefana.simion@arm.com>
+:|G|: `stefanasimion`_
:|F|: drivers/arm/ethosn/
:|F|: include/drivers/arm/ethosn.h
+:|F|: include/drivers/arm/ethosn_cert.h
+:|F|: include/drivers/arm/ethosn_fip.h
+:|F|: include/drivers/arm/ethosn_oid.h
+:|F|: plat/arm/board/juno/juno_ethosn_tzmp1_def.h
:|F|: plat/arm/common/fconf/fconf_ethosn_getter.c
:|F|: include/plat/arm/common/fconf_ethosn_getter.h
:|F|: fdts/juno-ethosn.dtsi
@@ -473,8 +477,8 @@
Arm Morello and N1SDP Platform ports
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-:|M|: Manoj Kumar <manoj.kumar3@arm.com>
-:|G|: `manojkumar-arm`_
+:|M|: Anurag Koul <anurag.koul@arm.com>
+:|G|: `anukou`_
:|M|: Chandni Cherukuri <chandni.cherukuri@arm.com>
:|G|: `chandnich`_
:|F|: plat/arm/board/morello
@@ -908,7 +912,6 @@
.. _marex: https://github.com/marex
.. _masahir0y: https://github.com/masahir0y
.. _michalsimek: https://github.com/michalsimek
-.. _mikaelolsson-arm: https://github.com/mikaelolsson-arm
.. _mmind: https://github.com/mmind
.. _MrVan: https://github.com/MrVan
.. _mtk-rex-bc-chen: https://github.com/mtk-rex-bc-chen
@@ -927,6 +930,7 @@
.. _smaeul: https://github.com/smaeul
.. _soby-mathew: https://github.com/soby-mathew
.. _sreekare: https://github.com/sreekare
+.. _stefanasimion: https://github.com/stefanasimion
.. _stephan-gh: https://github.com/stephan-gh
.. _sieumunt: https://github.com/sieumunt
.. _BenjaminLimJL: https://github.com/BenjaminLimJL
@@ -950,7 +954,7 @@
.. _raghuncstate: https://github.com/raghuncstate
.. _CJKay: https://github.com/cjkay
.. _nmenon: https://github.com/nmenon
-.. _manojkumar-arm: https://github.com/manojkumar-arm
+.. _anukou: https://github.com/anukou
.. _chandnich: https://github.com/chandnich
.. _abdellatif-elkhlifi: https://github.com/abdellatif-elkhlifi
.. _vishnu-banavath: https://github.com/vishnu-banavath
diff --git a/docs/design/reset-design.rst b/docs/design/reset-design.rst
index 666ee4f..f8c5a43 100644
--- a/docs/design/reset-design.rst
+++ b/docs/design/reset-design.rst
@@ -141,26 +141,27 @@
Platform initialization
~~~~~~~~~~~~~~~~~~~~~~~
-In this configuration, when the CPU resets to BL31 there should be no parameters
-that can be passed in registers by previous boot stages. Instead, the platform
-code in BL31 needs to know, or be able to determine, the location of the BL32
-(if required) and BL33 images and provide this information in response to the
-``bl31_plat_get_next_image_ep_info()`` function.
-
-.. note::
- Some platforms that configure ``RESET_TO_BL31`` might still be able to
- receive parameters in registers depending on their actual boot sequence. On
- those occasions, and in addition to ``RESET_TO_BL31``, these platforms should
- set ``RESET_TO_BL31_WITH_PARAMS`` to avoid the input registers from being
- zeroed before entering BL31.
+In this configuration, since the CPU resets to BL31, no parameters are expected
+to be passed to BL31 (see notes below for clarification).
+Instead, the platform code in BL31 needs to know, or be able to determine, the
+location of the BL32 (if required) and BL33 images and provide this information
+in response to the ``bl31_plat_get_next_image_ep_info()`` function.
Additionally, platform software is responsible for carrying out any security
initialisation, for example programming a TrustZone address space controller.
This might be done by the Trusted Boot Firmware or by platform code in BL31.
+.. note::
+ Even though RESET_TO_BL31 is designed such that BL31 is the reset BL image,
+ some platforms may wish to pass some arguments to BL31 as per the defined
+ contract between BL31 and previous bootloaders. Previous bootloaders can
+ pass arguments through registers x0 through x3. BL31 will preserve them and
+ propagate them to platform code, which will handle these arguments in an
+ IMPDEF manner.
+
--------------
-*Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.*
.. |Default reset code flow| image:: ../resources/diagrams/default_reset_code.png
.. |Reset code flow with programmable reset address| image:: ../resources/diagrams/reset_code_no_boot_type_check.png
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index a5c2c9e..03be786 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -354,6 +354,26 @@
flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
mechanism. Default value is ``0``.
+- ``ENABLE_FEAT_S2PIE``: Numeric value to enable support for FEAT_S2PIE
+ at EL2 and below, and context switch relevant registers. This flag
+ can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_S1PIE``: Numeric value to enable support for FEAT_S1PIE
+ at EL2 and below, and context switch relevant registers. This flag
+ can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_S2POE``: Numeric value to enable support for FEAT_S2POE
+ at EL2 and below, and context switch relevant registers. This flag
+ can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_S1POE``: Numeric value to enable support for FEAT_S1POE
+ at EL2 and below, and context switch relevant registers. This flag
+ can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
- ``ENABLE_LTO``: Boolean option to enable Link Time Optimization (LTO)
support in GCC for TF-A. This option is currently only supported for
AArch64. Default is 0.
@@ -755,11 +775,6 @@
entrypoint) or 1 (CPU reset to BL31 entrypoint).
The default value is 0.
-- ``RESET_TO_BL31_WITH_PARAMS``: If ``RESET_TO_BL31`` has been enabled, setting
- this additional option guarantees that the input registers are not cleared
- therefore allowing parameters to be passed to the BL31 entrypoint.
- The default value is 0.
-
- ``RESET_TO_SP_MIN``: SP_MIN is the minimal AArch32 Secure Payload provided
in TF-A. This flag configures SP_MIN entrypoint as the CPU reset vector
instead of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
diff --git a/docs/getting_started/index.rst b/docs/getting_started/index.rst
index 5ebabea..8180a3f 100644
--- a/docs/getting_started/index.rst
+++ b/docs/getting_started/index.rst
@@ -12,10 +12,9 @@
build-options
build-internals
image-terminology
- porting-guide
psci-lib-integration-guide
rt-svc-writers-guide
--------------
-*Copyright (c) 2019, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
diff --git a/docs/index.rst b/docs/index.rst
index 3860199..d5ab8fc 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -11,6 +11,7 @@
process/index
components/index
design/index
+ porting-guide
plat/index
perf/index
security_advisories/index
@@ -84,7 +85,7 @@
--------------
-*Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
diff --git a/docs/plat/arm/arm-build-options.rst b/docs/plat/arm/arm-build-options.rst
index 68eb3ec..e7e7ee7 100644
--- a/docs/plat/arm/arm-build-options.rst
+++ b/docs/plat/arm/arm-build-options.rst
@@ -101,6 +101,14 @@
the Arm Juno platform has this included in its ``HW_CONFIG`` and the platform
only loads the ``HW_CONFIG`` in AArch64 builds. Default is 0.
+- ``ARM_ETHOSN_NPU_TZMP1``: boolean option to enable TZMP1 support for the
+ Arm® Ethos™-N NPU. Requires ``ARM_ETHOSN_NPU_DRIVER`` and
+ ``TRUSTED_BOARD_BOOT`` to be enabled.
+
+- ``ARM_ETHOSN_NPU_FW``: location of the NPU firmware binary
+ (```ethosn.bin```). This firmware image will be included in the FIP and
+ loaded at runtime.
+
- ``ARM_SPMC_MANIFEST_DTS`` : path to an alternate manifest file used as the
SPMC Core manifest. Valid when ``SPD=spmd`` is selected.
@@ -165,4 +173,4 @@
.. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
-*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
diff --git a/docs/plat/xilinx-zynqmp.rst b/docs/plat/xilinx-zynqmp.rst
index 81f4fbe..4fe0d2f 100644
--- a/docs/plat/xilinx-zynqmp.rst
+++ b/docs/plat/xilinx-zynqmp.rst
@@ -89,6 +89,16 @@
make CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 \
ZYNQMP_ATF_MEM_BASE=0x40000 ZYNQMP_ATF_MEM_SIZE=<size>
+Configurable Stack Size
+-----------------------
+
+The stack size in TF-A for ZynqMP platform is configurable.
+The custom package can define the desired stack size as per the requirement in
+the make file as follows,
+
+PLATFORM_STACK_SIZE := <value>
+$(eval $(call add_define,PLATFORM_STACK_SIZE))
+
FSBL->TF-A Parameter Passing
----------------------------
diff --git a/docs/getting_started/porting-guide.rst b/docs/porting-guide.rst
similarity index 97%
rename from docs/getting_started/porting-guide.rst
rename to docs/porting-guide.rst
index 8d6a2bf..bc9c00f 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -26,6 +26,13 @@
defined. We intend to convert existing weak functions over time. Until
then, you will find references to *weak* functions in this document.
+Please review the :ref:`Threat Model` documents as part of the porting
+effort. Some platform interfaces play a key role in mitigating against some of
+the threats. Failing to fulfill these expectations could undermine the security
+guarantees offered by TF-A. These platform responsibilities are highlighted in
+the threat assessment section, under the "`Mitigations implemented?`" box for
+each threat.
+
Some modifications are common to all Boot Loader (BL) stages. Section 2
discusses these in detail. The subsequent sections discuss the remaining
modifications for each BL stage in detail.
@@ -38,7 +45,7 @@
source files in ``plat/arm/common/``. This is done so that there are no
dependencies between platforms maintained by different people/companies. If you
want to use any of the functionality present in ``plat/arm`` files, please
-create a pull request that moves the code to ``plat/common`` so that it can be
+propose a patch that moves the code to ``plat/common`` so that it can be
discussed.
Common modifications
@@ -54,7 +61,7 @@
A platform port must enable the Memory Management Unit (MMU) as well as the
instruction and data caches for each BL stage. Setting up the translation
tables is the responsibility of the platform port because memory maps differ
-across platforms. A memory translation library (see ``lib/xlat_tables/``) is
+across platforms. A memory translation library (see ``lib/xlat_tables_v2/``) is
provided to help in this setup.
Note that although this library supports non-identity mappings, this is intended
@@ -574,6 +581,68 @@
PLAT_PARTITION_BLOCK_SIZE := 4096
$(eval $(call add_define,PLAT_PARTITION_BLOCK_SIZE))
+If the platform port uses the Arm® Ethos™-N NPU driver, the following
+configuration must be performed:
+
+- The NPU SiP service handler must be hooked up. This consists of both the
+ initial setup (``ethosn_smc_setup``) and the handler itself
+ (``ethosn_smc_handler``)
+
+If the platform port uses the Arm® Ethos™-N NPU driver with TZMP1 support
+enabled, the following constants and configuration must also be defined:
+
+- **ARM_ETHOSN_NPU_PROT_FW_NSAID**
+
+ Defines the Non-secure Access IDentity (NSAID) that the NPU shall use to
+ access the protected memory that contains the NPU's firmware.
+
+- **ARM_ETHOSN_NPU_PROT_DATA_RW_NSAID**
+
+ Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+ read/write access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_PROT_DATA_RO_NSAID**
+
+ Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+ read-only access to the protected memory that contains inference data.
+
+- **ARM_ETHOSN_NPU_NS_RW_DATA_NSAID**
+
+ Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+ read/write access to the non-protected memory.
+
+- **ARM_ETHOSN_NPU_NS_RO_DATA_NSAID**
+
+ Defines the Non-secure Access IDentity (NSAID) that the NPU shall use for
+ read-only access to the non-protected memory.
+
+- **ARM_ETHOSN_NPU_FW_IMAGE_BASE** and **ARM_ETHOSN_NPU_FW_IMAGE_LIMIT**
+
+ Defines the physical address range that the NPU's firmware will be loaded
+ into and executed from.
+
+- Configure the platforms TrustZone Controller (TZC) with appropriate regions
+ of protected memory. At minimum this must include a region for the NPU's
+ firmware code and a region for protected inference data, and these must be
+ accessible using the NSAIDs defined above.
+
+- Include the NPU firmware and certificates in the FIP.
+
+- Provide FCONF entries to configure the image source for the NPU firmware
+ and certificates.
+
+- Add MMU mappings such that:
+
+ - BL2 can write the NPU firmware into the region defined by
+ ``ARM_ETHOSN_NPU_FW_IMAGE_BASE`` and ``ARM_ETHOSN_NPU_FW_IMAGE_LIMIT``
+ - BL31 (SiP service) can read the NPU firmware from the same region
+
+- Add the firmware image ID ``ARM_ETHOSN_NPU_FW_IMAGE_ID`` to the list of images
+ loaded by BL2.
+
+Please see the reference implementation code for the Juno platform as an example.
+
+
The following constant is optional. It should be defined to override the default
behaviour of the ``assert()`` function (for example, to save memory).
@@ -3516,7 +3585,7 @@
storage access is only required by BL1 and BL2 phases and performed inside the
``load_image()`` function in ``bl_common.c``.
-.. uml:: ../resources/diagrams/plantuml/io_framework_usage_overview.puml
+.. uml:: resources/diagrams/plantuml/io_framework_usage_overview.puml
It is mandatory to implement at least one storage driver. For the Arm
development platforms the Firmware Image Package (FIP) driver is provided as
@@ -3526,7 +3595,7 @@
in ``drivers/io/io_storage.c`` and the driver files are located in
``drivers/io/``.
-.. uml:: ../resources/diagrams/plantuml/io_arm_class_diagram.puml
+.. uml:: resources/diagrams/plantuml/io_arm_class_diagram.puml
Each IO driver must provide ``io_dev_*`` structures, as described in
``drivers/io/io_driver.h``. These are returned via a mandatory registration
@@ -3537,12 +3606,12 @@
abstraction layer. These drivers then need to be initialized by bootloader
phases as required in their respective ``blx_platform_setup()`` functions.
-.. uml:: ../resources/diagrams/plantuml/io_dev_registration.puml
+.. uml:: resources/diagrams/plantuml/io_dev_registration.puml
The storage abstraction layer provides mechanisms (``io_dev_init()``) to
initialize storage devices before IO operations are called.
-.. uml:: ../resources/diagrams/plantuml/io_dev_init_and_check.puml
+.. uml:: resources/diagrams/plantuml/io_dev_init_and_check.puml
The basic operations supported by the layer
include ``open()``, ``close()``, ``read()``, ``write()``, ``size()`` and ``seek()``.
diff --git a/docs/threat_model/index.rst b/docs/threat_model/index.rst
index 9fd55a9..b22fb18 100644
--- a/docs/threat_model/index.rst
+++ b/docs/threat_model/index.rst
@@ -4,9 +4,27 @@
Threat modeling is an important part of Secure Development Lifecycle (SDL)
that helps us identify potential threats and mitigations affecting a system.
-In the next sections, we first give a description of the target of evaluation
-using a data flow diagram. Then we provide a list of threats we have identified
-based on the data flow diagram and potential threat mitigations.
+As the TF-A codebase is highly configurable to allow tailoring it best for each
+platform's needs, providing a holistic threat model covering all of its features
+is not necessarily the best approach. Instead, we provide a collection of
+documents which, together, form the project's threat model. These are
+articulated around a core document, called the :ref:`Generic Threat Model`,
+which focuses on the most common configuration we expect to see. The other
+documents typically focus on specific features not covered in the core document.
+
+As the TF-A codebase evolves and new features get added, these threat model
+documents will be updated and extended in parallel to reflect at best the
+current status of the code from a security standpoint.
+
+ .. note::
+
+ Although our aim is eventually to provide threat model material for all
+ features within the project, we have not reached that point yet. We expect
+ to gradually fill these gaps over time.
+
+Each of these documents give a description of the target of evaluation using a
+data flow diagram, as well as a list of threats we have identified using the
+`STRIDE threat modeling technique`_ and corresponding mitigations.
.. toctree::
:maxdepth: 1
@@ -20,4 +38,6 @@
--------------
-*Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.*
+
+.. _STRIDE threat modeling technique: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model
diff --git a/drivers/arm/ethosn/ethosn_big_fw.c b/drivers/arm/ethosn/ethosn_big_fw.c
new file mode 100644
index 0000000..628f5d9
--- /dev/null
+++ b/drivers/arm/ethosn/ethosn_big_fw.c
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+
+#include "ethosn_big_fw.h"
+
+/* Magic (FourCC) number to identify the big firmware binary */
+#define ETHOSN_BIG_FW_MAGIC ('E' | ('N' << 8) | ('F' << 16) | ('W' << 24))
+
+/* Supported big firmware version */
+#define ETHOSN_BIG_FW_VERSION_MAJOR 11
+
+#define ETHOSN_ARCH_VER_MAJOR_MASK U(0xF000)
+#define ETHOSN_ARCH_VER_MAJOR_SHIFT U(0xC)
+#define ETHOSN_ARCH_VER_MINOR_MASK U(0xF00)
+#define ETHOSN_ARCH_VER_MINOR_SHIFT U(0x8)
+#define ETHOSN_ARCH_VER_REV_MASK U(0xFF)
+
+/* Convert Arm(R) Ethos(TM)-N NPU architecture version to big firmware format */
+#define ETHOSN_BIG_FW_FORMAT_ARCH_VER(arch_ver) \
+ (arch_ver & ETHOSN_ARCH_VER_MAJOR_MASK) << ETHOSN_ARCH_VER_MAJOR_SHIFT | \
+ (arch_ver & ETHOSN_ARCH_VER_MINOR_MASK) << ETHOSN_ARCH_VER_MINOR_SHIFT | \
+ (arch_ver & ETHOSN_ARCH_VER_REV_MASK)
+
+
+bool ethosn_big_fw_verify_header(const struct ethosn_big_fw *big_fw,
+ uint32_t npu_arch_ver)
+{
+ const uint32_t arch_ver = ETHOSN_BIG_FW_FORMAT_ARCH_VER(npu_arch_ver);
+
+ if (big_fw->fw_magic != ETHOSN_BIG_FW_MAGIC) {
+ ERROR("ETHOSN: Unable to find firmware. Invalid magic value: 0x%02x\n",
+ big_fw->fw_magic);
+
+ return false;
+ }
+
+ if (big_fw->fw_ver_major != ETHOSN_BIG_FW_VERSION_MAJOR) {
+ ERROR("ETHOSN: Unsupported firmware version: %u.%u.%u. Expected Version %u.x.x.\n",
+ big_fw->fw_ver_major, big_fw->fw_ver_minor,
+ big_fw->fw_ver_patch, ETHOSN_BIG_FW_VERSION_MAJOR);
+
+ return false;
+ }
+
+ if (big_fw->arch_min > arch_ver || arch_ver > big_fw->arch_max) {
+ ERROR("ETHOSN: Firmware is not compatbile with architecture version: 0x%02x\n",
+ npu_arch_ver);
+ return false;
+ }
+
+ return true;
+}
diff --git a/drivers/arm/ethosn/ethosn_big_fw.h b/drivers/arm/ethosn/ethosn_big_fw.h
new file mode 100644
index 0000000..a321322
--- /dev/null
+++ b/drivers/arm/ethosn/ethosn_big_fw.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdbool.h>
+#include <stdint.h>
+
+/*
+ * Big FW binary structure.
+ * Must be kept in sync with the Arm(R) Ethos(TM)-N NPU firmware binary layout.
+ */
+struct ethosn_big_fw {
+ uint32_t fw_magic;
+ uint32_t fw_ver_major;
+ uint32_t fw_ver_minor;
+ uint32_t fw_ver_patch;
+ uint32_t arch_min;
+ uint32_t arch_max;
+ uint32_t offset;
+ uint32_t size;
+ uint32_t code_offset;
+ uint32_t code_size;
+ uint32_t ple_offset;
+ uint32_t ple_size;
+ uint32_t vector_table_offset;
+ uint32_t vector_table_size;
+ uint32_t unpriv_stack_offset;
+ uint32_t unpriv_stack_size;
+ uint32_t priv_stack_offset;
+ uint32_t priv_stack_size;
+} __packed;
+
+bool ethosn_big_fw_verify_header(const struct ethosn_big_fw *big_fw,
+ uint32_t npu_arch_ver);
diff --git a/drivers/arm/ethosn/ethosn_smc.c b/drivers/arm/ethosn/ethosn_smc.c
index 915a0d8..85a12c5 100644
--- a/drivers/arm/ethosn/ethosn_smc.c
+++ b/drivers/arm/ethosn/ethosn_smc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,6 +15,12 @@
#include <lib/utils_def.h>
#include <plat/arm/common/fconf_ethosn_getter.h>
+#include <platform_def.h>
+
+#if ARM_ETHOSN_NPU_TZMP1
+#include "ethosn_big_fw.h"
+#endif
+
/*
* Number of Arm(R) Ethos(TM)-N NPU (NPU) devices available
*/
@@ -28,27 +34,89 @@
#define ETHOSN_CORE_SEC_REG(core_addr, reg_offset) \
(core_addr + reg_offset)
+#define ETHOSN_FW_VA_BASE 0x20000000UL
+#define ETHOSN_WORKING_DATA_VA_BASE 0x40000000UL
+#define ETHOSN_COMMAND_STREAM_VA_BASE 0x60000000UL
+
/* Reset timeout in us */
#define ETHOSN_RESET_TIMEOUT_US U(10 * 1000 * 1000)
#define ETHOSN_RESET_WAIT_US U(1)
+#define ETHOSN_AUX_FEAT_LEVEL_IRQ U(0x1)
+#define ETHOSN_AUX_FEAT_STASHING U(0x2)
+
+#define SEC_AUXCTLR_REG U(0x0024)
+#define SEC_AUXCTLR_VAL U(0x80)
+#define SEC_AUXCTLR_LEVEL_IRQ_VAL U(0x04)
+#define SEC_AUXCTLR_STASHING_VAL U(0xA5000000)
+
#define SEC_DEL_REG U(0x0004)
-#define SEC_DEL_VAL U(0x81C)
+#if ARM_ETHOSN_NPU_TZMP1
+#define SEC_DEL_VAL U(0x808)
+#else
+#define SEC_DEL_VAL U(0x80C)
+#endif
#define SEC_DEL_EXCC_MASK U(0x20)
#define SEC_SECCTLR_REG U(0x0010)
-#define SEC_SECCTLR_VAL U(0x3)
+/* Set bit[10] = 1 to workaround erratum 2838783 */
+#define SEC_SECCTLR_VAL U(0x403)
-#define SEC_DEL_ADDR_EXT_REG U(0x201C)
-#define SEC_DEL_ADDR_EXT_VAL U(0x15)
+#define SEC_DEL_ADDR_EXT_REG U(0x201C)
+#define SEC_DEL_ADDR_EXT_VAL U(0x1)
#define SEC_SYSCTRL0_REG U(0x0018)
+#define SEC_SYSCTRL0_CPU_WAIT U(1)
+#define SEC_SYSCTRL0_SLEEPING U(1U << 4)
+#define SEC_SYSCTRL0_INITVTOR_MASK U(0x1FFFFF80)
#define SEC_SYSCTRL0_SOFT_RESET U(3U << 29)
#define SEC_SYSCTRL0_HARD_RESET U(1U << 31)
+#define SEC_SYSCTRL1_REG U(0x001C)
+#define SEC_SYSCTRL1_VAL U(0x180110)
+
+#define SEC_NSAID_REG_BASE U(0x3004)
+#define SEC_NSAID_OFFSET U(0x1000)
+
#define SEC_MMUSID_REG_BASE U(0x3008)
#define SEC_MMUSID_OFFSET U(0x1000)
+#define SEC_ADDR_EXT_REG_BASE U(0x3018)
+#define SEC_ADDR_EXT_OFFSET U(0x1000)
+#define SEC_ADDR_EXT_SHIFT U(0x14)
+#define SEC_ADDR_EXT_MASK U(0x1FFFFE00)
+
+#define SEC_ATTR_CTLR_REG_BASE U(0x3010)
+#define SEC_ATTR_CTLR_OFFSET U(0x1000)
+#define SEC_ATTR_CTLR_NUM U(9)
+#define SEC_ATTR_CTLR_VAL U(0x1)
+
+#define SEC_NPU_ID_REG U(0xF000)
+#define SEC_NPU_ID_ARCH_VER_SHIFT U(0X10)
+
+#define FIRMWARE_STREAM_INDEX U(0x0)
+#define WORKING_STREAM_INDEX U(0x1)
+#define PLE_STREAM_INDEX U(0x4)
+#define INPUT_STREAM_INDEX U(0x6)
+#define INTERMEDIATE_STREAM_INDEX U(0x7)
+#define OUTPUT_STREAM_INDEX U(0x8)
+
+#define TO_EXTEND_ADDR(addr) \
+ ((addr >> SEC_ADDR_EXT_SHIFT) & SEC_ADDR_EXT_MASK)
+
+#if ARM_ETHOSN_NPU_TZMP1
+CASSERT(ARM_ETHOSN_NPU_FW_IMAGE_BASE > 0U, assert_ethosn_invalid_fw_image_base);
+static const struct ethosn_big_fw *big_fw;
+
+#define FW_INITVTOR_ADDR(big_fw) \
+ ((ETHOSN_FW_VA_BASE + big_fw->vector_table_offset) & \
+ SEC_SYSCTRL0_INITVTOR_MASK)
+
+#define SYSCTRL0_INITVTOR_ADDR(value) \
+ (value & SEC_SYSCTRL0_INITVTOR_MASK)
+
+#endif
+
static bool ethosn_get_device_and_core(uintptr_t core_addr,
const struct ethosn_device_t **dev_match,
const struct ethosn_core_t **core_match)
@@ -74,6 +142,83 @@
return false;
}
+#if ARM_ETHOSN_NPU_TZMP1
+static uint32_t ethosn_core_read_arch_version(uintptr_t core_addr)
+{
+ uint32_t npu_id = mmio_read_32(ETHOSN_CORE_SEC_REG(core_addr,
+ SEC_NPU_ID_REG));
+
+ return (npu_id >> SEC_NPU_ID_ARCH_VER_SHIFT);
+}
+
+static void ethosn_configure_stream_nsaid(const struct ethosn_core_t *core,
+ bool is_protected)
+{
+ size_t i;
+ uint32_t streams[9] = {[0 ... 8] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID};
+
+ streams[FIRMWARE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;
+ streams[PLE_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_FW_NSAID;
+
+ streams[WORKING_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+
+ if (is_protected) {
+ streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID;
+ streams[INTERMEDIATE_STREAM_INDEX] =
+ ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+ streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID;
+ } else {
+ streams[INPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RO_DATA_NSAID;
+ streams[INTERMEDIATE_STREAM_INDEX] =
+ ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+ streams[OUTPUT_STREAM_INDEX] = ARM_ETHOSN_NPU_NS_RW_DATA_NSAID;
+ }
+
+ for (i = 0U; i < ARRAY_SIZE(streams); ++i) {
+ const uintptr_t reg_addr = SEC_NSAID_REG_BASE +
+ (SEC_NSAID_OFFSET * i);
+ mmio_write_32(ETHOSN_CORE_SEC_REG(core->addr, reg_addr),
+ streams[i]);
+ }
+}
+
+static void ethosn_configure_vector_table(uintptr_t core_addr)
+{
+ mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_SYSCTRL0_REG),
+ FW_INITVTOR_ADDR(big_fw));
+}
+
+#endif
+
+static void ethosn_configure_events(uintptr_t core_addr)
+{
+ mmio_write_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_SYSCTRL1_REG), SEC_SYSCTRL1_VAL);
+}
+
+static bool ethosn_configure_aux_features(const struct ethosn_device_t *device,
+ uintptr_t core_addr,
+ uint32_t features)
+{
+ uint32_t val = SEC_AUXCTLR_VAL;
+
+ if (features & ETHOSN_AUX_FEAT_LEVEL_IRQ) {
+ val |= SEC_AUXCTLR_LEVEL_IRQ_VAL;
+ }
+
+ if (features & ETHOSN_AUX_FEAT_STASHING) {
+ /* Stashing can't be used with reserved memory */
+ if (device->has_reserved_memory) {
+ return false;
+ }
+
+ val |= SEC_AUXCTLR_STASHING_VAL;
+ }
+
+ mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_AUXCTLR_REG), val);
+
+ return true;
+}
+
static void ethosn_configure_smmu_streams(const struct ethosn_device_t *device,
const struct ethosn_core_t *core,
uint32_t asset_alloc_idx)
@@ -103,6 +248,44 @@
}
}
+static void ethosn_configure_stream_addr_extends(const struct ethosn_device_t *device,
+ uintptr_t core_addr)
+{
+ uint32_t addr_extends[3] = { 0 };
+ size_t i;
+
+ if (device->has_reserved_memory) {
+ const uint32_t addr = TO_EXTEND_ADDR(device->reserved_memory_addr);
+
+ addr_extends[0] = addr;
+ addr_extends[1] = addr;
+ addr_extends[2] = addr;
+ } else {
+ addr_extends[0] = TO_EXTEND_ADDR(ETHOSN_FW_VA_BASE);
+ addr_extends[1] = TO_EXTEND_ADDR(ETHOSN_WORKING_DATA_VA_BASE);
+ addr_extends[2] = TO_EXTEND_ADDR(ETHOSN_COMMAND_STREAM_VA_BASE);
+ }
+
+ for (i = 0U; i < ARRAY_SIZE(addr_extends); ++i) {
+ const uintptr_t reg_addr = SEC_ADDR_EXT_REG_BASE +
+ (SEC_ADDR_EXT_OFFSET * i);
+ mmio_write_32(ETHOSN_CORE_SEC_REG(core_addr, reg_addr),
+ addr_extends[i]);
+ }
+}
+
+static void ethosn_configure_stream_attr_ctlr(uintptr_t core_addr)
+{
+ size_t i;
+
+ for (i = 0U; i < SEC_ATTR_CTLR_NUM; ++i) {
+ const uintptr_t reg_addr = SEC_ATTR_CTLR_REG_BASE +
+ (SEC_ATTR_CTLR_OFFSET * i);
+ mmio_write_32(ETHOSN_CORE_SEC_REG(core_addr, reg_addr),
+ SEC_ATTR_CTLR_VAL);
+ }
+}
+
static void ethosn_delegate_to_ns(uintptr_t core_addr)
{
mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_SECCTLR_REG),
@@ -125,13 +308,22 @@
return 1;
}
+static int ethosn_core_is_sleeping(uintptr_t core_addr)
+{
+ const uintptr_t sysctrl0_reg =
+ ETHOSN_CORE_SEC_REG(core_addr, SEC_SYSCTRL0_REG);
+ const uint32_t sleeping_mask = SEC_SYSCTRL0_SLEEPING;
+
+ return ((mmio_read_32(sysctrl0_reg) & sleeping_mask) == sleeping_mask);
+}
+
-static bool ethosn_reset(uintptr_t core_addr, int hard_reset)
+static bool ethosn_core_reset(uintptr_t core_addr, bool hard_reset)
{
unsigned int timeout;
const uintptr_t sysctrl0_reg =
ETHOSN_CORE_SEC_REG(core_addr, SEC_SYSCTRL0_REG);
- const uint32_t reset_val = (hard_reset != 0) ? SEC_SYSCTRL0_HARD_RESET
- : SEC_SYSCTRL0_SOFT_RESET;
+ const uint32_t reset_val = hard_reset ? SEC_SYSCTRL0_HARD_RESET :
+ SEC_SYSCTRL0_SOFT_RESET;
mmio_write_32(sysctrl0_reg, reset_val);
@@ -149,18 +341,184 @@
return timeout < ETHOSN_RESET_TIMEOUT_US;
}
+static int ethosn_core_boot_fw(uintptr_t core_addr)
+{
+#if ARM_ETHOSN_NPU_TZMP1
+ const uintptr_t sysctrl0_reg = ETHOSN_CORE_SEC_REG(core_addr, SEC_SYSCTRL0_REG);
+ const uint32_t sysctrl0_val = mmio_read_32(sysctrl0_reg);
+ const bool waiting = (sysctrl0_val & SEC_SYSCTRL0_CPU_WAIT);
+
+ if (!waiting) {
+ WARN("ETHOSN: Firmware is already running.\n");
+ return ETHOSN_INVALID_STATE;
+ }
+
+ if (SYSCTRL0_INITVTOR_ADDR(sysctrl0_val) != FW_INITVTOR_ADDR(big_fw)) {
+ WARN("ETHOSN: Unknown vector table won't boot firmware.\n");
+ return ETHOSN_INVALID_CONFIGURATION;
+ }
+
+ mmio_clrbits_32(sysctrl0_reg, SEC_SYSCTRL0_CPU_WAIT);
+
+ return ETHOSN_SUCCESS;
+#else
+ return ETHOSN_NOT_SUPPORTED;
+#endif
+}
+
+static int ethosn_core_full_reset(const struct ethosn_device_t *device,
+ const struct ethosn_core_t *core,
+ bool hard_reset,
+ u_register_t asset_alloc_idx,
+ u_register_t is_protected,
+ u_register_t aux_features)
+{
+ if (!device->has_reserved_memory &&
+ asset_alloc_idx >= device->num_allocators) {
+ WARN("ETHOSN: Unknown asset allocator index given to SMC call.\n");
+ return ETHOSN_UNKNOWN_ALLOCATOR_IDX;
+ }
+
+ if (!ethosn_core_reset(core->addr, hard_reset)) {
+ return ETHOSN_FAILURE;
+ }
+
+ if (!ethosn_configure_aux_features(device, core->addr, aux_features)) {
+ return ETHOSN_INVALID_CONFIGURATION;
+ }
+
+ ethosn_configure_events(core->addr);
+
+ if (!device->has_reserved_memory) {
+ ethosn_configure_smmu_streams(device, core, asset_alloc_idx);
+
+#if ARM_ETHOSN_NPU_TZMP1
+ ethosn_configure_stream_nsaid(core, is_protected);
+#endif
+ }
+
+ ethosn_configure_stream_addr_extends(device, core->addr);
+ ethosn_configure_stream_attr_ctlr(core->addr);
+
+#if ARM_ETHOSN_NPU_TZMP1
+ ethosn_configure_vector_table(core->addr);
+#endif
+
+ ethosn_delegate_to_ns(core->addr);
+
+ return ETHOSN_SUCCESS;
+}
+
+static uintptr_t ethosn_smc_core_reset_handler(const struct ethosn_device_t *device,
+ const struct ethosn_core_t *core,
+ bool hard_reset,
+ u_register_t asset_alloc_idx,
+ u_register_t reset_type,
+ u_register_t is_protected,
+ u_register_t aux_features,
+ void *handle)
+{
+ int ret;
+
+ switch (reset_type) {
+ case ETHOSN_RESET_TYPE_FULL:
+ ret = ethosn_core_full_reset(device, core, hard_reset,
+ asset_alloc_idx, is_protected,
+ aux_features);
+ break;
+ case ETHOSN_RESET_TYPE_HALT:
+ ret = ethosn_core_reset(core->addr, hard_reset) ? ETHOSN_SUCCESS : ETHOSN_FAILURE;
+ break;
+ default:
+ WARN("ETHOSN: Invalid reset type given to SMC call.\n");
+ ret = ETHOSN_INVALID_PARAMETER;
+ break;
+ }
+
+ SMC_RET1(handle, ret);
+}
+
+static uintptr_t ethosn_smc_core_handler(uint32_t fid,
+ u_register_t core_addr,
+ u_register_t asset_alloc_idx,
+ u_register_t reset_type,
+ u_register_t is_protected,
+ u_register_t aux_features,
+ void *handle)
+{
+ bool hard_reset = false;
+ const struct ethosn_device_t *device = NULL;
+ const struct ethosn_core_t *core = NULL;
+
+ if (!ethosn_get_device_and_core(core_addr, &device, &core)) {
+ SMC_RET1(handle, ETHOSN_UNKNOWN_CORE_ADDRESS);
+ }
+
+ switch (fid) {
+ case ETHOSN_FNUM_IS_SEC:
+ SMC_RET1(handle, ethosn_is_sec(core->addr));
+ case ETHOSN_FNUM_IS_SLEEPING:
+ SMC_RET1(handle, ethosn_core_is_sleeping(core->addr));
+ case ETHOSN_FNUM_HARD_RESET:
+ hard_reset = true;
+ /* Fallthrough */
+ case ETHOSN_FNUM_SOFT_RESET:
+ return ethosn_smc_core_reset_handler(device, core,
+ hard_reset,
+ asset_alloc_idx,
+ reset_type,
+ is_protected,
+ aux_features,
+ handle);
+ case ETHOSN_FNUM_BOOT_FW:
+ SMC_RET1(handle, ethosn_core_boot_fw(core->addr));
+ default:
+ WARN("ETHOSN: Unimplemented SMC call: 0x%x\n", fid);
+ SMC_RET1(handle, SMC_UNK);
+ }
+}
+
+static uintptr_t ethosn_smc_fw_prop_handler(u_register_t fw_property,
+ void *handle)
+{
+#if ARM_ETHOSN_NPU_TZMP1
+ switch (fw_property) {
+ case ETHOSN_FW_PROP_VERSION:
+ SMC_RET4(handle, ETHOSN_SUCCESS,
+ big_fw->fw_ver_major,
+ big_fw->fw_ver_minor,
+ big_fw->fw_ver_patch);
+ case ETHOSN_FW_PROP_MEM_INFO:
+ SMC_RET3(handle, ETHOSN_SUCCESS,
+ ((void *)big_fw) + big_fw->offset,
+ big_fw->size);
+ case ETHOSN_FW_PROP_OFFSETS:
+ SMC_RET3(handle, ETHOSN_SUCCESS,
+ big_fw->ple_offset,
+ big_fw->unpriv_stack_offset);
+ case ETHOSN_FW_PROP_VA_MAP:
+ SMC_RET4(handle, ETHOSN_SUCCESS,
+ ETHOSN_FW_VA_BASE,
+ ETHOSN_WORKING_DATA_VA_BASE,
+ ETHOSN_COMMAND_STREAM_VA_BASE);
+ default:
+ WARN("ETHOSN: Unknown firmware property\n");
+ SMC_RET1(handle, ETHOSN_INVALID_PARAMETER);
+ }
+#else
+ SMC_RET1(handle, ETHOSN_NOT_SUPPORTED);
+#endif
+}
+
uintptr_t ethosn_smc_handler(uint32_t smc_fid,
- u_register_t core_addr,
- u_register_t asset_alloc_idx,
+ u_register_t x1,
+ u_register_t x2,
u_register_t x3,
u_register_t x4,
void *cookie,
void *handle,
u_register_t flags)
{
- int hard_reset = 0;
- const struct ethosn_device_t *device = NULL;
- const struct ethosn_core_t *core = NULL;
const uint32_t fid = smc_fid & FUNCID_NUM_MASK;
/* Only SiP fast calls are expected */
@@ -171,59 +529,69 @@
/* Truncate parameters to 32-bits for SMC32 */
if (GET_SMC_CC(smc_fid) == SMC_32) {
- core_addr &= 0xFFFFFFFF;
- asset_alloc_idx &= 0xFFFFFFFF;
+ x1 &= 0xFFFFFFFF;
+ x2 &= 0xFFFFFFFF;
x3 &= 0xFFFFFFFF;
x4 &= 0xFFFFFFFF;
}
- if (!is_ethosn_fid(smc_fid) ||
- (fid < ETHOSN_FNUM_VERSION || fid > ETHOSN_FNUM_SOFT_RESET)) {
+ if (!is_ethosn_fid(smc_fid) || (fid > ETHOSN_FNUM_BOOT_FW)) {
WARN("ETHOSN: Unknown SMC call: 0x%x\n", smc_fid);
SMC_RET1(handle, SMC_UNK);
}
- /* Commands that do not require a valid core address */
switch (fid) {
case ETHOSN_FNUM_VERSION:
SMC_RET2(handle, ETHOSN_VERSION_MAJOR, ETHOSN_VERSION_MINOR);
+ case ETHOSN_FNUM_GET_FW_PROP:
+ return ethosn_smc_fw_prop_handler(x1, handle);
}
- if (!ethosn_get_device_and_core(core_addr, &device, &core)) {
- SMC_RET1(handle, ETHOSN_UNKNOWN_CORE_ADDRESS);
- }
+ return ethosn_smc_core_handler(fid, x1, x2, x3, x4,
+ SMC_GET_GP(handle, CTX_GPREG_X5),
+ handle);
+}
- /* Commands that require a valid core address */
- switch (fid) {
- case ETHOSN_FNUM_IS_SEC:
- SMC_RET1(handle, ethosn_is_sec(core->addr));
+int ethosn_smc_setup(void)
+{
+#if ARM_ETHOSN_NPU_TZMP1
+ struct ethosn_device_t *dev;
+ uint32_t arch_ver;
+#endif
+
+ if (ETHOSN_NUM_DEVICES == 0U) {
+ ERROR("ETHOSN: No NPU found\n");
+ return ETHOSN_FAILURE;
}
- if (!device->has_reserved_memory &&
- asset_alloc_idx >= device->num_allocators) {
- WARN("ETHOSN: Unknown asset allocator index given to SMC call.\n");
- SMC_RET1(handle, ETHOSN_UNKNOWN_ALLOCATOR_IDX);
+#if ARM_ETHOSN_NPU_TZMP1
+
+ /* Only one NPU core is supported in the TZMP1 setup */
+ if ((ETHOSN_NUM_DEVICES != 1U) ||
+ (ETHOSN_GET_DEVICE(0U)->num_cores != 1U)) {
+ ERROR("ETHOSN: TZMP1 doesn't support multiple NPU cores\n");
+ return ETHOSN_FAILURE;
}
- /* Commands that require a valid device, core and asset allocator */
- switch (fid) {
- case ETHOSN_FNUM_HARD_RESET:
- hard_reset = 1;
- /* Fallthrough */
- case ETHOSN_FNUM_SOFT_RESET:
- if (!ethosn_reset(core->addr, hard_reset)) {
- SMC_RET1(handle, ETHOSN_FAILURE);
- }
+ dev = ETHOSN_GET_DEVICE(0U);
+ if (dev->has_reserved_memory) {
+ ERROR("ETHOSN: TZMP1 doesn't support using reserved memory\n");
+ return ETHOSN_FAILURE;
+ }
- if (!device->has_reserved_memory) {
- ethosn_configure_smmu_streams(device, core,
- asset_alloc_idx);
- }
+ arch_ver = ethosn_core_read_arch_version(dev->cores[0U].addr);
+ big_fw = (struct ethosn_big_fw *)ARM_ETHOSN_NPU_FW_IMAGE_BASE;
- ethosn_delegate_to_ns(core->addr);
- SMC_RET1(handle, ETHOSN_SUCCESS);
- default:
- WARN("ETHOSN: Unimplemented SMC call: 0x%x\n", fid);
- SMC_RET1(handle, SMC_UNK);
+ if (!ethosn_big_fw_verify_header(big_fw, arch_ver)) {
+ return ETHOSN_FAILURE;
}
+
+ NOTICE("ETHOSN: TZMP1 setup succeeded with firmware version %u.%u.%u\n",
+ big_fw->fw_ver_major, big_fw->fw_ver_minor,
+ big_fw->fw_ver_patch);
+#else
+ NOTICE("ETHOSN: Setup succeeded\n");
+#endif
+
+ return 0;
}
diff --git a/drivers/rpi3/sdhost/rpi3_sdhost.c b/drivers/rpi3/sdhost/rpi3_sdhost.c
index c4b6fca..90c8509 100644
--- a/drivers/rpi3/sdhost/rpi3_sdhost.c
+++ b/drivers/rpi3/sdhost/rpi3_sdhost.c
@@ -245,13 +245,12 @@
static void rpi3_sdhost_initialize(void)
{
- uintptr_t reg_base = rpi3_sdhost_params.reg_base;
-
assert((rpi3_sdhost_params.reg_base & MMC_BLOCK_MASK) == 0);
rpi3_sdhost_reset();
- mmio_write_32(reg_base + HC_CLOCKDIVISOR, HC_CLOCKDIVISOR_PREFERVAL);
+ rpi3_sdhost_set_ios(rpi3_sdhost_params.clk_rate_initial,
+ rpi3_sdhost_params.bus_width);
udelay(300);
}
diff --git a/drivers/scmi-msg/base.c b/drivers/scmi-msg/base.c
index 2db4d7e..52502a5 100644
--- a/drivers/scmi-msg/base.c
+++ b/drivers/scmi-msg/base.c
@@ -151,7 +151,8 @@
count = count_protocols_in_list(list);
if (count > a2p->skip) {
- count = MIN(count - a2p->skip, msg->out_size - sizeof(p2a));
+ count = MIN((uint32_t)(count - a2p->skip),
+ (uint32_t)(msg->out_size - sizeof(p2a)));
} else {
count = 0U;
}
diff --git a/fdts/juno-ethosn.dtsi b/fdts/juno-ethosn.dtsi
index 4609524..6f8e8ae 100644
--- a/fdts/juno-ethosn.dtsi
+++ b/fdts/juno-ethosn.dtsi
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -48,28 +48,253 @@
};
};
- asset_allocator {
+ asset_allocator0 {
compatible = "ethosn-asset_allocator";
status = "okay";
command_stream {
compatible = "ethosn-memory";
- iommus = <&smmu_ethosn0 2>;
+ iommus = <&smmu_ethosn0 4>;
};
weight_data {
compatible = "ethosn-memory";
- iommus = <&smmu_ethosn0 3>;
+ iommus = <&smmu_ethosn0 5>;
};
buffer_data {
compatible = "ethosn-memory";
- iommus = <&smmu_ethosn0 4>;
+ iommus = <&smmu_ethosn0 6>;
};
intermediate_data {
compatible = "ethosn-memory";
- iommus = <&smmu_ethosn0 5>;
+ iommus = <&smmu_ethosn0 7>;
+ };
+ };
+
+ asset_allocator1 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 8>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 9>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 10>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 11>;
+ };
+ };
+
+ asset_allocator2 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 12>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 13>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 14>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 15>;
+ };
+ };
+
+ asset_allocator3 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 16>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 17>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 18>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 19>;
+ };
+ };
+
+ asset_allocator4 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 20>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 21>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 22>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 23>;
+ };
+ };
+
+ asset_allocator5 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 24>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 25>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 26>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 27>;
+ };
+ };
+
+ asset_allocator6 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 28>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 29>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 30>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 31>;
+ };
+ };
+
+ asset_allocator7 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 32>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 33>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 34>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 35>;
+ };
+ };
+
+ asset_allocator8 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 36>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 37>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 38>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 39>;
+ };
+ };
+
+ asset_allocator9 {
+ compatible = "ethosn-asset_allocator";
+ status = "okay";
+
+ command_stream {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 40>;
+ };
+
+ weight_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 41>;
+ };
+
+ buffer_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 42>;
+ };
+
+ intermediate_data {
+ compatible = "ethosn-memory";
+ iommus = <&smmu_ethosn0 43>;
};
};
};
diff --git a/fdts/stm32mp15-bl2.dtsi b/fdts/stm32mp15-bl2.dtsi
index f956b05..18a4ba9 100644
--- a/fdts/stm32mp15-bl2.dtsi
+++ b/fdts/stm32mp15-bl2.dtsi
@@ -3,6 +3,9 @@
* Copyright (c) 2020-2023, STMicroelectronics - All Rights Reserved
*/
+/omit-if-no-ref/ &i2c6;
+/omit-if-no-ref/ &spi6;
+
/ {
#if !STM32MP_EMMC && !STM32MP_SDMMC
aliases {
@@ -39,11 +42,9 @@
#if !STM32MP_USB_PROGRAMMER
/delete-node/ usbphyc@5a006000;
#endif
- /delete-node/ spi@5c001000;
/delete-node/ rtc@5c004000;
/delete-node/ etzpc@5c007000;
/delete-node/ stgen@5c008000;
- /delete-node/ i2c@5c009000;
/delete-node/ tamp@5c00a000;
};
diff --git a/fdts/stm32mp15-bl32.dtsi b/fdts/stm32mp15-bl32.dtsi
index c5a815e..6882224 100644
--- a/fdts/stm32mp15-bl32.dtsi
+++ b/fdts/stm32mp15-bl32.dtsi
@@ -3,6 +3,9 @@
* Copyright (c) 2020-2023, STMicroelectronics - All Rights Reserved
*/
+/omit-if-no-ref/ &i2c6;
+/omit-if-no-ref/ &spi6;
+
/ {
aliases {
/delete-property/ mmc0;
@@ -23,8 +26,6 @@
/delete-node/ mmc@58005000;
/delete-node/ mmc@58007000;
/delete-node/ usbphyc@5a006000;
- /delete-node/ spi@5c001000;
/delete-node/ stgen@5c008000;
- /delete-node/ i2c@5c009000;
};
};
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index dee7fdc..89f4b40 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -355,6 +355,18 @@
/* ID_AA64MMFR3_EL1 definitions */
#define ID_AA64MMFR3_EL1 S3_0_C0_C7_3
+#define ID_AA64MMFR3_EL1_S2POE_SHIFT U(20)
+#define ID_AA64MMFR3_EL1_S2POE_MASK ULL(0xf)
+
+#define ID_AA64MMFR3_EL1_S1POE_SHIFT U(16)
+#define ID_AA64MMFR3_EL1_S1POE_MASK ULL(0xf)
+
+#define ID_AA64MMFR3_EL1_S2PIE_SHIFT U(12)
+#define ID_AA64MMFR3_EL1_S2PIE_MASK ULL(0xf)
+
+#define ID_AA64MMFR3_EL1_S1PIE_SHIFT U(8)
+#define ID_AA64MMFR3_EL1_S1PIE_MASK ULL(0xf)
+
#define ID_AA64MMFR3_EL1_TCRX_SHIFT U(0)
#define ID_AA64MMFR3_EL1_TCRX_MASK ULL(0xf)
@@ -512,6 +524,7 @@
#define SCR_GPF_BIT (UL(1) << 48)
#define SCR_TWEDEL_SHIFT U(30)
#define SCR_TWEDEL_MASK ULL(0xf)
+#define SCR_PIEN_BIT (UL(1) << 45)
#define SCR_TCR2EN_BIT (UL(1) << 43)
#define SCR_TRNDR_BIT (UL(1) << 40)
#define SCR_HXEn_BIT (UL(1) << 38)
@@ -1309,11 +1322,19 @@
* FEAT_HCX - Extended Hypervisor Configuration Register
******************************************************************************/
#define HCRX_EL2 S3_4_C1_C2_2
+#define HCRX_EL2_MSCEn_BIT (UL(1) << 11)
+#define HCRX_EL2_MCE2_BIT (UL(1) << 10)
+#define HCRX_EL2_CMOW_BIT (UL(1) << 9)
+#define HCRX_EL2_VFNMI_BIT (UL(1) << 8)
+#define HCRX_EL2_VINMI_BIT (UL(1) << 7)
+#define HCRX_EL2_TALLINT_BIT (UL(1) << 6)
+#define HCRX_EL2_SMPME_BIT (UL(1) << 5)
#define HCRX_EL2_FGTnXS_BIT (UL(1) << 4)
#define HCRX_EL2_FnXS_BIT (UL(1) << 3)
#define HCRX_EL2_EnASR_BIT (UL(1) << 2)
#define HCRX_EL2_EnALS_BIT (UL(1) << 1)
#define HCRX_EL2_EnAS0_BIT (UL(1) << 0)
+#define HCRX_EL2_INIT_VAL ULL(0x0)
/*******************************************************************************
* FEAT_TCR2 - Extended Translation Control Register
@@ -1321,6 +1342,15 @@
#define TCR2_EL2 S3_4_C2_C0_3
/*******************************************************************************
+ * Permission indirection and overlay
+ ******************************************************************************/
+
+#define PIRE0_EL2 S3_4_C10_C2_2
+#define PIR_EL2 S3_4_C10_C2_3
+#define POR_EL2 S3_4_C10_C2_4
+#define S2PIR_EL2 S3_4_C10_C2_5
+
+/*******************************************************************************
* Definitions for DynamicIQ Shared Unit registers
******************************************************************************/
#define CLUSTERPWRDN_EL1 S3_0_c15_c3_6
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 3ea08a6..840b117 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -234,6 +234,88 @@
return read_feat_tcrx_id_field() != 0U;
}
+static unsigned int read_feat_s2poe_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64mmfr3_el1(), ID_AA64MMFR3_EL1_S2POE);
+}
+
+static inline bool is_feat_s2poe_supported(void)
+{
+ if (ENABLE_FEAT_S2POE == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_FEAT_S2POE == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_s2poe_id_field() != 0U;
+}
+
+static unsigned int read_feat_s1poe_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64mmfr3_el1(), ID_AA64MMFR3_EL1_S1POE);
+}
+
+static inline bool is_feat_s1poe_supported(void)
+{
+ if (ENABLE_FEAT_S1POE == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_FEAT_S1POE == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_s1poe_id_field() != 0U;
+}
+
+static inline bool is_feat_sxpoe_supported(void)
+{
+ return is_feat_s1poe_supported() || is_feat_s2poe_supported();
+}
+
+static unsigned int read_feat_s2pie_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64mmfr3_el1(), ID_AA64MMFR3_EL1_S2PIE);
+}
+
+static inline bool is_feat_s2pie_supported(void)
+{
+ if (ENABLE_FEAT_S2PIE == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_FEAT_S2PIE == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_s2pie_id_field() != 0U;
+}
+
+static unsigned int read_feat_s1pie_id_field(void)
+{
+ return ISOLATE_FIELD(read_id_aa64mmfr3_el1(), ID_AA64MMFR3_EL1_S1PIE);
+}
+
+static inline bool is_feat_s1pie_supported(void)
+{
+ if (ENABLE_FEAT_S1PIE == FEAT_STATE_DISABLED) {
+ return false;
+ }
+
+ if (ENABLE_FEAT_S1PIE == FEAT_STATE_ALWAYS) {
+ return true;
+ }
+
+ return read_feat_s1pie_id_field() != 0U;
+}
+
+static inline bool is_feat_sxpie_supported(void)
+{
+ return is_feat_s1pie_supported() || is_feat_s2pie_supported();
+}
+
/*******************************************************************************
* Functions to identify the presence of the Activity Monitors Extension
******************************************************************************/
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index 04b64be..f877f5b 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -605,6 +605,14 @@
/* FEAT_TCR2 Register */
DEFINE_RENAME_SYSREG_RW_FUNCS(tcr2_el2, TCR2_EL2)
+/* FEAT_SxPIE Registers */
+DEFINE_RENAME_SYSREG_RW_FUNCS(pire0_el2, PIRE0_EL2)
+DEFINE_RENAME_SYSREG_RW_FUNCS(pir_el2, PIR_EL2)
+DEFINE_RENAME_SYSREG_RW_FUNCS(s2pir_el2, S2PIR_EL2)
+
+/* FEAT_SxPOE Registers */
+DEFINE_RENAME_SYSREG_RW_FUNCS(por_el2, POR_EL2)
+
/* DynamIQ Shared Unit power management */
DEFINE_RENAME_SYSREG_RW_FUNCS(clusterpwrdn_el1, CLUSTERPWRDN_EL1)
diff --git a/include/drivers/arm/ethosn.h b/include/drivers/arm/ethosn.h
index dbaf16c..993dd12 100644
--- a/include/drivers/arm/ethosn.h
+++ b/include/drivers/arm/ethosn.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,7 +14,16 @@
#define ETHOSN_FNUM_IS_SEC U(0x51)
#define ETHOSN_FNUM_HARD_RESET U(0x52)
#define ETHOSN_FNUM_SOFT_RESET U(0x53)
-/* 0x54-0x5F reserved for future use */
+#define ETHOSN_FNUM_IS_SLEEPING U(0x54)
+#define ETHOSN_FNUM_GET_FW_PROP U(0x55)
+#define ETHOSN_FNUM_BOOT_FW U(0x56)
+/* 0x57-0x5F reserved for future use */
+
+/* Properties for ETHOSN_FNUM_TZMP_GET_FW_PROP */
+#define ETHOSN_FW_PROP_VERSION U(0xF00)
+#define ETHOSN_FW_PROP_MEM_INFO U(0xF01)
+#define ETHOSN_FW_PROP_OFFSETS U(0xF02)
+#define ETHOSN_FW_PROP_VA_MAP U(0xF03)
/* SMC64 function IDs */
#define ETHOSN_FID_64(func_num) U(0xC2000000 | func_num)
@@ -38,22 +47,33 @@
#define is_ethosn_fid(_fid) (((_fid) & ETHOSN_FID_MASK) == ETHOSN_FID_VALUE)
/* Service version */
-#define ETHOSN_VERSION_MAJOR U(2)
+#define ETHOSN_VERSION_MAJOR U(3)
#define ETHOSN_VERSION_MINOR U(0)
/* Return codes for function calls */
#define ETHOSN_SUCCESS 0
#define ETHOSN_NOT_SUPPORTED -1
/* -2 Reserved for NOT_REQUIRED */
-/* -3 Reserved for INVALID_PARAMETER */
+#define ETHOSN_INVALID_PARAMETER -3
#define ETHOSN_FAILURE -4
#define ETHOSN_UNKNOWN_CORE_ADDRESS -5
#define ETHOSN_UNKNOWN_ALLOCATOR_IDX -6
+#define ETHOSN_INVALID_CONFIGURATION -7
+#define ETHOSN_INVALID_STATE -8
+
+/*
+ * Argument types for soft and hard resets to indicate whether to reset
+ * and reconfigure the NPU or only halt it
+ */
+#define ETHOSN_RESET_TYPE_FULL U(0)
+#define ETHOSN_RESET_TYPE_HALT U(1)
+
+int ethosn_smc_setup(void);
uintptr_t ethosn_smc_handler(uint32_t smc_fid,
u_register_t core_addr,
u_register_t asset_alloc_idx,
- u_register_t x3,
+ u_register_t reset_type,
u_register_t x4,
void *cookie,
void *handle,
diff --git a/include/drivers/arm/ethosn_cert.h b/include/drivers/arm/ethosn_cert.h
new file mode 100644
index 0000000..7aa887d
--- /dev/null
+++ b/include/drivers/arm/ethosn_cert.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ETHOSN_CERT_H
+#define ETHOSN_CERT_H
+
+#include "ethosn_oid.h"
+#include <tbbr/tbb_ext.h>
+#include <tbbr/tbb_key.h>
+
+/* Arm(R) Ethos(TM)-N NPU Certificates */
+#define ETHOSN_NPU_FW_KEY_CERT_DEF { \
+ .id = ETHOSN_NPU_FW_KEY_CERT, \
+ .opt = "npu-fw-key-cert", \
+ .help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Key Certificate (output file)", \
+ .fn = NULL, \
+ .cn = "NPU Firmware Key Certificate", \
+ .key = NON_TRUSTED_WORLD_KEY, \
+ .issuer = ETHOSN_NPU_FW_KEY_CERT, \
+ .ext = { \
+ NON_TRUSTED_FW_NVCOUNTER_EXT, \
+ ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT, \
+ }, \
+ .num_ext = 2 \
+}
+
+#define ETHOSN_NPU_FW_CONTENT_CERT_DEF { \
+ .id = ETHOSN_NPU_FW_CONTENT_CERT, \
+ .opt = "npu-fw-cert", \
+ .help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Content Certificate (output file)",\
+ .fn = NULL, \
+ .cn = "NPU Firmware Content Certificate", \
+ .key = ETHOSN_NPU_FW_CONTENT_CERT_KEY, \
+ .issuer = ETHOSN_NPU_FW_CONTENT_CERT, \
+ .ext = { \
+ NON_TRUSTED_FW_NVCOUNTER_EXT, \
+ ETHOSN_NPU_FW_HASH_EXT, \
+ }, \
+ .num_ext = 2 \
+}
+
+/* NPU Extensions */
+#define ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT_DEF { \
+ .oid = ETHOSN_NPU_FW_CONTENT_CERT_PK_OID, \
+ .help_msg = "Arm(R) Ethos(TM)-N NPU Firmware content certificate public key", \
+ .sn = "NPUFirmwareContentCertPK", \
+ .ln = "NPU Firmware content cerificate public key", \
+ .asn1_type = V_ASN1_OCTET_STRING, \
+ .type = EXT_TYPE_PKEY, \
+ .attr.key = ETHOSN_NPU_FW_CONTENT_CERT_KEY \
+}
+
+#define ETHOSN_NPU_FW_HASH_EXT_DEF { \
+ .oid = ETHOSN_NPU_FW_BINARY_OID, \
+ .opt = "npu-fw", \
+ .help_msg = "Arm(R) Ethos(TM)-N NPU Firmware image file (input file)", \
+ .sn = "NPUFirmwareHash", \
+ .ln = "NPU Firmware Hash (SHA256)", \
+ .asn1_type = V_ASN1_OCTET_STRING, \
+ .type = EXT_TYPE_HASH \
+}
+
+/* NPU Keys */
+#define ETHOSN_NPU_FW_CONTENT_CERT_KEY_DEF { \
+ .id = ETHOSN_NPU_FW_CONTENT_CERT_KEY, \
+ .opt = "npu-fw-key", \
+ .help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Content Certificate key (input/output file)",\
+ .desc = "NPU Firmware Content Certificate key" \
+}
+
+#endif /* ETHOSN_CERT_H */
diff --git a/include/drivers/arm/ethosn_fip.h b/include/drivers/arm/ethosn_fip.h
new file mode 100644
index 0000000..f2c7f93
--- /dev/null
+++ b/include/drivers/arm/ethosn_fip.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ETHOSN_FIP_H
+#define ETHOSN_FIP_H
+
+#define UUID_ETHOSN_FW_KEY_CERTIFICATE \
+ { { 0x56, 0x66, 0xd0, 0x04 }, { 0xab, 0x98 }, { 0x40, 0xaa }, \
+ 0x89, 0x88, { 0xb7, 0x2a, 0x3, 0xa2, 0x56, 0xe2 } }
+
+#define UUID_ETHOSN_FW_CONTENT_CERTIFICATE \
+ { { 0xa5, 0xc4, 0x18, 0xda }, { 0x43, 0x0f }, { 0x48, 0xb1 }, \
+ 0x88, 0xcd, { 0x93, 0xf6, 0x78, 0x89, 0xd9, 0xed } }
+
+#define UUID_ETHOSN_FW \
+ { { 0xcf, 0xd4, 0x99, 0xb5 }, { 0xa3, 0xbc }, { 0x4a, 0x7e }, \
+ 0x98, 0xcb, { 0x48, 0xa4, 0x1c, 0xb8, 0xda, 0xe1 } }
+
+#define ETHOSN_FW_KEY_CERTIFICATE_DEF \
+ { "Arm(R) Ethos(TM)-N NPU Firmware Key Certificate", \
+ UUID_ETHOSN_FW_KEY_CERTIFICATE, \
+ "npu-fw-key-cert" }
+
+#define ETHOSN_FW_CONTENT_CERTIFICATE_DEF \
+ { "Arm(R) Ethos(TM)-N NPU Firmware Content Certificate",\
+ UUID_ETHOSN_FW_CONTENT_CERTIFICATE, \
+ "npu-fw-cert" }
+
+#define ETHOSN_FW_DEF \
+ { "Arm(R) Ethos(TM)-N NPU Firmware", \
+ UUID_ETHOSN_FW, \
+ "npu-fw" }
+
+#endif /* ETHOSN_FIP_H */
diff --git a/include/drivers/arm/ethosn_oid.h b/include/drivers/arm/ethosn_oid.h
new file mode 100644
index 0000000..a83cd09
--- /dev/null
+++ b/include/drivers/arm/ethosn_oid.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ETHOSN_OID_H
+#define ETHOSN_OID_H
+
+/* Arm(R) Ethos(TM)-N NPU Platform OID */
+#define ETHOSN_NPU_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2300.1"
+#define ETHOSN_NPU_FW_BINARY_OID "1.3.6.1.4.1.4128.2300.2"
+
+#endif /* ETHOSN_OID_H */
diff --git a/include/drivers/rpi3/sdhost/rpi3_sdhost.h b/include/drivers/rpi3/sdhost/rpi3_sdhost.h
index 1653240..f4f6ec8 100644
--- a/include/drivers/rpi3/sdhost/rpi3_sdhost.h
+++ b/include/drivers/rpi3/sdhost/rpi3_sdhost.h
@@ -15,6 +15,7 @@
struct rpi3_sdhost_params {
uintptr_t reg_base;
uint32_t clk_rate;
+ uint32_t clk_rate_initial;
uint32_t bus_width;
uint32_t flags;
uint32_t current_cmd;
@@ -57,6 +58,8 @@
#define HC_CMD_READ 0x0040
#define HC_CMD_COMMAND_MASK 0x003f
+#define RPI3_SDHOST_MAX_CLOCK 250000000 // technically, we should obtain this number from the mailbox
+
#define HC_CLOCKDIVISOR_MAXVAL 0x07ff
#define HC_CLOCKDIVISOR_PREFERVAL 0x027b
#define HC_CLOCKDIVISOR_SLOWVAL 0x0148
diff --git a/include/drivers/scmi-msg.h b/include/drivers/scmi-msg.h
index a9a99cf..eb90859 100644
--- a/include/drivers/scmi-msg.h
+++ b/include/drivers/scmi-msg.h
@@ -22,7 +22,7 @@
*
* @shm_addr: Address of the shared memory for the SCMI channel
* @shm_size: Byte size of the shared memory for the SCMI channel
- * @busy: True when channel is busy, flase when channel is free
+ * @busy: True when channel is busy, false when channel is free
* @agent_name: Agent name, SCMI protocol exposes 16 bytes max, or NULL
*/
struct scmi_msg_channel {
diff --git a/include/lib/bl_aux_params/bl_aux_params.h b/include/lib/bl_aux_params/bl_aux_params.h
index f6ce802..072a29d 100644
--- a/include/lib/bl_aux_params/bl_aux_params.h
+++ b/include/lib/bl_aux_params/bl_aux_params.h
@@ -13,7 +13,7 @@
/*
* Handler function that handles an individual aux parameter. Return true if
- * the parameter was handled, and flase if bl_aux_params_parse() should make its
+ * the parameter was handled, and false if bl_aux_params_parse() should make its
* own attempt at handling it (for generic parameters).
*/
typedef bool (*bl_aux_param_handler_t)(struct bl_aux_param_header *param);
diff --git a/include/lib/cpus/aarch64/cortex_blackhawk.h b/include/lib/cpus/aarch64/cortex_blackhawk.h
new file mode 100644
index 0000000..bfb3039
--- /dev/null
+++ b/include/lib/cpus/aarch64/cortex_blackhawk.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CORTEX_BLACKHAWK_H
+#define CORTEX_BLACKHAWK_H
+
+#define CORTEX_BLACKHAWK_MIDR U(0x410FD850)
+
+/*******************************************************************************
+ * CPU Extended Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_BLACKHAWK_CPUECTLR_EL1 S3_0_C15_C1_4
+
+/*******************************************************************************
+ * CPU Power Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_BLACKHAWK_CPUPWRCTLR_EL1 S3_0_C15_C2_7
+#define CORTEX_BLACKHAWK_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1)
+
+#endif /* CORTEX_BLACKHAWK_H */
diff --git a/include/lib/cpus/aarch64/cortex_chaberton.h b/include/lib/cpus/aarch64/cortex_chaberton.h
new file mode 100644
index 0000000..8f10b68
--- /dev/null
+++ b/include/lib/cpus/aarch64/cortex_chaberton.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CORTEX_CHABERTON_H
+#define CORTEX_CHABERTON_H
+
+#define CORTEX_CHABERTON_MIDR U(0x410FD870)
+
+/*******************************************************************************
+ * CPU Extended Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_CHABERTON_CPUECTLR_EL1 S3_0_C15_C1_4
+
+/*******************************************************************************
+ * CPU Power Control register specific definitions
+ ******************************************************************************/
+#define CORTEX_CHABERTON_CPUPWRCTLR_EL1 S3_0_C15_C2_7
+#define CORTEX_CHABERTON_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1)
+
+#endif /* CORTEX_CHABERTON_H */
diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h
index e5e7e74..a8e6d8a 100644
--- a/include/lib/el3_runtime/aarch64/context.h
+++ b/include/lib/el3_runtime/aarch64/context.h
@@ -230,9 +230,13 @@
// Starting with Armv8.9
#define CTX_TCR2_EL2 U(0x1d8)
+#define CTX_POR_EL2 U(0x1e0)
+#define CTX_PIRE0_EL2 U(0x1e8)
+#define CTX_PIR_EL2 U(0x1f0)
+#define CTX_S2PIR_EL2 U(0x1f8)
/* Align to the next 16 byte boundary */
-#define CTX_EL2_SYSREGS_END U(0x1e0)
+#define CTX_EL2_SYSREGS_END U(0x200)
#endif /* CTX_INCLUDE_EL2_REGS */
diff --git a/include/plat/arm/common/fconf_ethosn_getter.h b/include/plat/arm/common/fconf_ethosn_getter.h
index 5b9a7ed..cafbc3e 100644
--- a/include/plat/arm/common/fconf_ethosn_getter.h
+++ b/include/plat/arm/common/fconf_ethosn_getter.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -45,6 +45,7 @@
struct ethosn_device_t {
bool has_reserved_memory;
+ uint64_t reserved_memory_addr;
uint32_t num_cores;
struct ethosn_core_t cores[ETHOSN_DEV_CORE_NUM_MAX];
uint32_t num_allocators;
diff --git a/lib/cpus/aarch64/cortex_a510.S b/lib/cpus/aarch64/cortex_a510.S
index 886e1f3..e10ebb0 100644
--- a/lib/cpus/aarch64/cortex_a510.S
+++ b/lib/cpus/aarch64/cortex_a510.S
@@ -382,7 +382,11 @@
bl check_errata_2684597
cbz x0, 2f
- tsb csync
+ /*
+ * Many assemblers do not yet understand the "tsb csync" mnemonic,
+ * so use the equivalent hint instruction.
+ */
+ hint #18 /* tsb csync */
2:
ret x17
endfunc errata_cortex_a510_2684597_wa
diff --git a/lib/cpus/aarch64/cortex_blackhawk.S b/lib/cpus/aarch64/cortex_blackhawk.S
new file mode 100644
index 0000000..8dac4e9
--- /dev/null
+++ b/lib/cpus/aarch64/cortex_blackhawk.S
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <asm_macros.S>
+#include <common/bl_common.h>
+#include <cortex_blackhawk.h>
+#include <cpu_macros.S>
+#include <plat_macros.S>
+
+/* Hardware handled coherency */
+#if HW_ASSISTED_COHERENCY == 0
+#error "Cortex blackhawk must be compiled with HW_ASSISTED_COHERENCY enabled"
+#endif
+
+/* 64-bit only core */
+#if CTX_INCLUDE_AARCH32_REGS == 1
+#error "Cortex blackhawk supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0"
+#endif
+
+func cortex_blackhawk_reset_func
+ /* Disable speculative loads */
+ msr SSBS, xzr
+ isb
+ ret
+endfunc cortex_blackhawk_reset_func
+
+ /* ----------------------------------------------------
+ * HW will do the cache maintenance while powering down
+ * ----------------------------------------------------
+ */
+func cortex_blackhawk_core_pwr_dwn
+ /* ---------------------------------------------------
+ * Enable CPU power down bit in power control register
+ * ---------------------------------------------------
+ */
+ mrs x0, CORTEX_BLACKHAWK_CPUPWRCTLR_EL1
+ orr x0, x0, #CORTEX_BLACKHAWK_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
+ msr CORTEX_BLACKHAWK_CPUPWRCTLR_EL1, x0
+ isb
+ ret
+endfunc cortex_blackhawk_core_pwr_dwn
+
+#if REPORT_ERRATA
+/*
+ * Errata printing function for Cortex Blackhawk. Must follow AAPCS.
+ */
+func cortex_blackhawk_errata_report
+ ret
+endfunc cortex_blackhawk_errata_report
+#endif
+
+ /* ---------------------------------------------
+ * This function provides Cortex Blackhawk specific
+ * register information for crash reporting.
+ * It needs to return with x6 pointing to
+ * a list of register names in ascii and
+ * x8 - x15 having values of registers to be
+ * reported.
+ * ---------------------------------------------
+ */
+.section .rodata.cortex_blackhawk_regs, "aS"
+cortex_blackhawk_regs: /* The ascii list of register names to be reported */
+ .asciz "cpuectlr_el1", ""
+
+func cortex_blackhawk_cpu_reg_dump
+ adr x6, cortex_blackhawk_regs
+ mrs x8, CORTEX_BLACKHAWK_CPUECTLR_EL1
+ ret
+endfunc cortex_blackhawk_cpu_reg_dump
+
+declare_cpu_ops cortex_blackhawk, CORTEX_BLACKHAWK_MIDR, \
+ cortex_blackhawk_reset_func, \
+ cortex_blackhawk_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_chaberton.S b/lib/cpus/aarch64/cortex_chaberton.S
new file mode 100644
index 0000000..2c47bd3
--- /dev/null
+++ b/lib/cpus/aarch64/cortex_chaberton.S
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <asm_macros.S>
+#include <common/bl_common.h>
+#include <cortex_chaberton.h>
+#include <cpu_macros.S>
+#include <plat_macros.S>
+
+/* Hardware handled coherency */
+#if HW_ASSISTED_COHERENCY == 0
+#error "Cortex Chaberton must be compiled with HW_ASSISTED_COHERENCY enabled"
+#endif
+
+/* 64-bit only core */
+#if CTX_INCLUDE_AARCH32_REGS == 1
+#error "Cortex Chaberton supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0"
+#endif
+
+func cortex_chaberton_reset_func
+ /* Disable speculative loads */
+ msr SSBS, xzr
+ isb
+ ret
+endfunc cortex_chaberton_reset_func
+
+ /* ----------------------------------------------------
+ * HW will do the cache maintenance while powering down
+ * ----------------------------------------------------
+ */
+func cortex_chaberton_core_pwr_dwn
+ /* ---------------------------------------------------
+ * Enable CPU power down bit in power control register
+ * ---------------------------------------------------
+ */
+ mrs x0, CORTEX_CHABERTON_CPUPWRCTLR_EL1
+ orr x0, x0, #CORTEX_CHABERTON_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
+ msr CORTEX_CHABERTON_CPUPWRCTLR_EL1, x0
+ isb
+ ret
+endfunc cortex_chaberton_core_pwr_dwn
+
+#if REPORT_ERRATA
+/*
+ * Errata printing function for Cortex Chaberton. Must follow AAPCS.
+ */
+func cortex_chaberton_errata_report
+ ret
+endfunc cortex_chaberton_errata_report
+#endif
+
+ /* ---------------------------------------------
+ * This function provides Cortex Chaberton specific
+ * register information for crash reporting.
+ * It needs to return with x6 pointing to
+ * a list of register names in ascii and
+ * x8 - x15 having values of registers to be
+ * reported.
+ * ---------------------------------------------
+ */
+.section .rodata.cortex_chaberton_regs, "aS"
+cortex_chaberton_regs: /* The ascii list of register names to be reported */
+ .asciz "cpuectlr_el1", ""
+
+func cortex_chaberton_cpu_reg_dump
+ adr x6, cortex_chaberton_regs
+ mrs x8, CORTEX_CHABERTON_CPUECTLR_EL1
+ ret
+endfunc cortex_chaberton_cpu_reg_dump
+
+declare_cpu_ops cortex_chaberton, CORTEX_CHABERTON_MIDR, \
+ cortex_chaberton_reset_func, \
+ cortex_chaberton_core_pwr_dwn
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 42166eb..c411b73 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -274,6 +274,19 @@
u_register_t mdcr_el2 = ((read_pmcr_el0() >> PMCR_EL0_N_SHIFT) &
PMCR_EL0_N_MASK);
write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_MDCR_EL2, mdcr_el2);
+
+ if (is_feat_hcx_supported()) {
+ /*
+ * Initialize register HCRX_EL2 with its init value.
+ * As the value of HCRX_EL2 is UNKNOWN on reset, there is a
+ * chance that this can lead to unexpected behavior in lower
+ * ELs that have not been updated since the introduction of
+ * this feature if not properly initialized, especially when
+ * it comes to those bits that enable/disable traps.
+ */
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_HCRX_EL2,
+ HCRX_EL2_INIT_VAL);
+ }
#endif /* CTX_INCLUDE_EL2_REGS */
}
@@ -355,6 +368,14 @@
}
/*
+ * SCR_EL3.PIEN: Enable permission indirection and overlay
+ * registers for AArch64 if present.
+ */
+ if (is_feat_sxpie_supported() || is_feat_sxpoe_supported()) {
+ scr_el3 |= SCR_PIEN_BIT;
+ }
+
+ /*
* CPTR_EL3 was initialized out of reset, copy that value to the
* context register.
*/
@@ -604,8 +625,22 @@
assert(ctx != NULL);
if (security_state == NON_SECURE) {
+ uint64_t el2_implemented = el_implemented(2);
+
scr_el3 = read_ctx_reg(get_el3state_ctx(ctx),
CTX_SCR_EL3);
+
+ if (((scr_el3 & SCR_HCE_BIT) != 0U)
+ || (el2_implemented != EL_IMPL_NONE)) {
+ /*
+ * If context is not being used for EL2, initialize
+ * HCRX_EL2 with its init value here.
+ */
+ if (is_feat_hcx_supported()) {
+ write_hcrx_el2(HCRX_EL2_INIT_VAL);
+ }
+ }
+
if ((scr_el3 & SCR_HCE_BIT) != 0U) {
/* Use SCTLR_EL1.EE value to initialise sctlr_el2 */
sctlr_elx = read_ctx_reg(get_el1_sysregs_ctx(ctx),
@@ -621,7 +656,7 @@
sctlr_elx |= SCTLR_IESB_BIT;
#endif
write_sctlr_el2(sctlr_elx);
- } else if (el_implemented(2) != EL_IMPL_NONE) {
+ } else if (el2_implemented != EL_IMPL_NONE) {
el2_unused = true;
/*
@@ -994,6 +1029,16 @@
if (is_feat_tcr2_supported()) {
write_ctx_reg(el2_sysregs_ctx, CTX_TCR2_EL2, read_tcr2_el2());
}
+ if (is_feat_sxpie_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_PIRE0_EL2, read_pire0_el2());
+ write_ctx_reg(el2_sysregs_ctx, CTX_PIR_EL2, read_pir_el2());
+ }
+ if (is_feat_s2pie_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_S2PIR_EL2, read_s2pir_el2());
+ }
+ if (is_feat_sxpoe_supported()) {
+ write_ctx_reg(el2_sysregs_ctx, CTX_POR_EL2, read_por_el2());
+ }
}
}
@@ -1061,6 +1106,16 @@
if (is_feat_tcr2_supported()) {
write_tcr2_el2(read_ctx_reg(el2_sysregs_ctx, CTX_TCR2_EL2));
}
+ if (is_feat_sxpie_supported()) {
+ write_pire0_el2(read_ctx_reg(el2_sysregs_ctx, CTX_PIRE0_EL2));
+ write_pir_el2(read_ctx_reg(el2_sysregs_ctx, CTX_PIR_EL2));
+ }
+ if (is_feat_s2pie_supported()) {
+ write_s2pir_el2(read_ctx_reg(el2_sysregs_ctx, CTX_S2PIR_EL2));
+ }
+ if (is_feat_sxpoe_supported()) {
+ write_por_el2(read_ctx_reg(el2_sysregs_ctx, CTX_POR_EL2));
+ }
}
}
#endif /* CTX_INCLUDE_EL2_REGS */
diff --git a/lib/psci/psci_main.c b/lib/psci/psci_main.c
index 276c3a5..326f125 100644
--- a/lib/psci/psci_main.c
+++ b/lib/psci/psci_main.c
@@ -567,10 +567,6 @@
ret = psci_migrate_info_up_cpu();
break;
- case PSCI_FEATURES:
- ret = (u_register_t)psci_features(x1);
- break;
-
case PSCI_NODE_HW_STATE_AARCH64:
ret = (u_register_t)psci_node_hw_state(
x1, (unsigned int) x2);
@@ -580,12 +576,6 @@
ret = (u_register_t)psci_system_suspend(x1, x2);
break;
-#if PSCI_OS_INIT_MODE
- case PSCI_SET_SUSPEND_MODE:
- ret = (u_register_t)psci_set_suspend_mode(x1);
- break;
-#endif
-
#if ENABLE_PSCI_STAT
case PSCI_STAT_RESIDENCY_AARCH64:
ret = psci_stat_residency(x1, (unsigned int) x2);
diff --git a/lib/psci/psci_on.c b/lib/psci/psci_on.c
index c70b377..6c6b23c 100644
--- a/lib/psci/psci_on.c
+++ b/lib/psci/psci_on.c
@@ -62,12 +62,17 @@
int rc;
aff_info_state_t target_aff_state;
int ret = plat_core_pos_by_mpidr(target_cpu);
- unsigned int target_idx = (unsigned int)ret;
+ unsigned int target_idx;
/* Calling function must supply valid input arguments */
- assert(ret >= 0);
assert(ep != NULL);
+ if ((ret < 0) || (ret >= (int)PLATFORM_CORE_COUNT)) {
+ ERROR("Unexpected core index.\n");
+ panic();
+ }
+
+ target_idx = (unsigned int)ret;
/*
* This function must only be called on platforms where the
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index 63617b2..808a058 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -176,6 +176,18 @@
# Flag to enable access to TCR2 (FEAT_TCR2)
ENABLE_FEAT_TCR2 := 0
+# Flag to enable access to Stage 2 Permission Indirection (FEAT_S2PIE)
+ENABLE_FEAT_S2PIE := 0
+
+# Flag to enable access to Stage 1 Permission Indirection (FEAT_S1PIE)
+ENABLE_FEAT_S1PIE := 0
+
+# Flag to enable access to Stage 2 Permission Overlay (FEAT_S2POE)
+ENABLE_FEAT_S2POE := 0
+
+# Flag to enable access to Stage 1 Permission Overlay (FEAT_S1POE)
+ENABLE_FEAT_S1POE := 0
+
# By default BL31 encryption disabled
ENCRYPT_BL31 := 0
@@ -264,9 +276,6 @@
# By default, BL1 acts as the reset handler, not BL31
RESET_TO_BL31 := 0
-# By default, clear the input registers when RESET_TO_BL31 is enabled
-RESET_TO_BL31_WITH_PARAMS := 0
-
# For Chain of Trust
SAVE_KEYS := 0
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index 6fd334d..6ba76db 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, ARM Limited. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -59,7 +59,7 @@
soc_fw_content_cert_uuid = "e2b20c20-5e63-e411-9ce8-abccf92bb666";
tos_fw_content_cert_uuid = "a49f4411-5e63-e411-8728-3f05722af33d";
nt_fw_content_cert_uuid = "8ec4c1f3-5d63-e411-a7a9-87ee40b23fa7";
- sp_content_cert_uuid = "776dfd44-8697-4c3b-91eb-c13e025a2a6f";
+ plat_sp_content_cert_uuid = "776dfd44-8697-4c3b-91eb-c13e025a2a6f";
};
};
#endif /* ARM_IO_IN_DTB */
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index e5091c3..3fb323b 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -37,8 +37,11 @@
# The fix is to enable everything, as before. When the tsp is included, though,
# we need to slim the size down. In that case, disable all optional features,
# that will not be present in CI when the tsp is.
+# Similarly, DRTM support is only tested on v8.0 models. Disable everything just
+# for it.
# TODO: make all of this unconditional (or only base the condition on
# ARM_ARCH_* when the makefile supports it).
+ifneq (${DRTM_SUPPORT}, 1)
ifneq (${SPD}, tspd)
ENABLE_FEAT_AMU := 2
ENABLE_FEAT_AMUv1p1 := 2
@@ -74,6 +77,11 @@
ENABLE_FEAT_ECV := 2
ENABLE_FEAT_FGT := 2
ENABLE_FEAT_TCR2 := 2
+ENABLE_FEAT_S2PIE := 2
+ENABLE_FEAT_S1PIE := 2
+ENABLE_FEAT_S2POE := 2
+ENABLE_FEAT_S1POE := 2
+endif
# The FVP platform depends on this macro to build with correct GIC driver.
$(eval $(call add_define,FVP_USE_GIC_DRIVER))
@@ -198,7 +206,9 @@
lib/cpus/aarch64/cortex_hunter.S \
lib/cpus/aarch64/cortex_hunter_elp_arm.S \
lib/cpus/aarch64/cortex_x2.S \
- lib/cpus/aarch64/neoverse_poseidon.S
+ lib/cpus/aarch64/neoverse_poseidon.S \
+ lib/cpus/aarch64/cortex_chaberton.S \
+ lib/cpus/aarch64/cortex_blackhawk.S
endif
# AArch64/AArch32 cores
FVP_CPU_LIBS += lib/cpus/aarch64/cortex_a55.S \
diff --git a/plat/arm/board/juno/cert_create_tbbr.mk b/plat/arm/board/juno/cert_create_tbbr.mk
new file mode 100644
index 0000000..c092fe0
--- /dev/null
+++ b/plat/arm/board/juno/cert_create_tbbr.mk
@@ -0,0 +1,25 @@
+#
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+PLAT_DEF_OID := 1
+
+ifeq (${PLAT_DEF_OID},1)
+ ifeq (${ARM_ETHOSN_NPU_DRIVER},1)
+ $(eval $(call add_define, PLAT_DEF_OID))
+ $(eval $(call add_define, PDEF_CERTS))
+ $(eval $(call add_define, PDEF_EXTS))
+ $(eval $(call add_define, PDEF_KEYS))
+
+ PLAT_INCLUDE += -I ${PLAT_DIR}/certificate/include \
+ -I ../../include/drivers/arm
+
+ PLAT_OBJECTS += ${PLAT_DIR}certificate/src/juno_tbb_cert.o \
+ ${PLAT_DIR}certificate/src/juno_tbb_ext.o \
+ ${PLAT_DIR}certificate/src/juno_tbb_key.o
+
+ OBJECTS += ${PLAT_OBJECTS}
+ endif
+endif
diff --git a/plat/arm/board/juno/certificate/include/juno_tbb_cert.h b/plat/arm/board/juno/certificate/include/juno_tbb_cert.h
new file mode 100644
index 0000000..9799405
--- /dev/null
+++ b/plat/arm/board/juno/certificate/include/juno_tbb_cert.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_TBB_CERT_H
+#define JUNO_TBB_CERT_H
+
+#include <tbbr/tbb_cert.h>
+
+/*
+ * Juno platform certificates that are used to establish the COT
+ */
+enum {
+ ETHOSN_NPU_FW_KEY_CERT = FWU_CERT + 1,
+ ETHOSN_NPU_FW_CONTENT_CERT,
+};
+
+#endif /* JUNO_TBB_CERT_H */
diff --git a/plat/arm/board/juno/certificate/include/juno_tbb_ext.h b/plat/arm/board/juno/certificate/include/juno_tbb_ext.h
new file mode 100644
index 0000000..ec38227
--- /dev/null
+++ b/plat/arm/board/juno/certificate/include/juno_tbb_ext.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_TBB_EXT_H
+#define JUNO_TBB_EXT_H
+
+#include <tbbr/tbb_ext.h>
+
+/* Juno platform defined TBBR extensions */
+enum {
+ ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT = FWU_HASH_EXT + 1,
+ ETHOSN_NPU_FW_HASH_EXT,
+};
+
+#endif /* JUNO_TBB_EXT_H */
diff --git a/plat/arm/board/juno/certificate/include/juno_tbb_key.h b/plat/arm/board/juno/certificate/include/juno_tbb_key.h
new file mode 100644
index 0000000..9576b9d
--- /dev/null
+++ b/plat/arm/board/juno/certificate/include/juno_tbb_key.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_TBB_KEY_H
+#define JUNO_TBB_KEY_H
+
+#include <tbbr/tbb_key.h>
+
+/*
+ * Juno platform keys that are used to establish the COT
+ */
+enum {
+ ETHOSN_NPU_FW_CONTENT_CERT_KEY =
+ NON_TRUSTED_FW_CONTENT_CERT_KEY + 1,
+};
+#endif /* JUNO_TBB_KEY_H */
diff --git a/plat/arm/board/juno/certificate/include/platform_oid.h b/plat/arm/board/juno/certificate/include/platform_oid.h
new file mode 100644
index 0000000..22173c1
--- /dev/null
+++ b/plat/arm/board/juno/certificate/include/platform_oid.h
@@ -0,0 +1,12 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_PLATFORM_OID_H
+#define JUNO_PLATFORM_OID_H
+
+#include <ethosn_oid.h>
+
+#endif /* JUNO_PLATFORM_OID_H */
diff --git a/plat/arm/board/juno/certificate/src/juno_tbb_cert.c b/plat/arm/board/juno/certificate/src/juno_tbb_cert.c
new file mode 100644
index 0000000..3cb8304
--- /dev/null
+++ b/plat/arm/board/juno/certificate/src/juno_tbb_cert.c
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <ethosn_cert.h>
+
+#include <juno_tbb_cert.h>
+#include <juno_tbb_ext.h>
+#include <juno_tbb_key.h>
+
+static cert_t juno_plat_tbb_certificates[] = {
+ ETHOSN_NPU_FW_KEY_CERT_DEF,
+ ETHOSN_NPU_FW_CONTENT_CERT_DEF,
+};
+
+PLAT_REGISTER_COT(juno_plat_tbb_certificates);
diff --git a/plat/arm/board/juno/certificate/src/juno_tbb_ext.c b/plat/arm/board/juno/certificate/src/juno_tbb_ext.c
new file mode 100644
index 0000000..d8fe9e9
--- /dev/null
+++ b/plat/arm/board/juno/certificate/src/juno_tbb_ext.c
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <ethosn_cert.h>
+
+#include <juno_tbb_ext.h>
+#include <juno_tbb_key.h>
+
+static ext_t juno_plat_tbb_extensions[] = {
+ ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT_DEF,
+ ETHOSN_NPU_FW_HASH_EXT_DEF,
+};
+
+PLAT_REGISTER_EXTENSIONS(juno_plat_tbb_extensions);
diff --git a/plat/arm/board/juno/certificate/src/juno_tbb_key.c b/plat/arm/board/juno/certificate/src/juno_tbb_key.c
new file mode 100644
index 0000000..470755f
--- /dev/null
+++ b/plat/arm/board/juno/certificate/src/juno_tbb_key.c
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <ethosn_cert.h>
+
+#include <juno_tbb_key.h>
+
+static key_t juno_plat_tbb_keys[] = {
+ ETHOSN_NPU_FW_CONTENT_CERT_KEY_DEF
+};
+
+PLAT_REGISTER_KEYS(juno_plat_tbb_keys);
diff --git a/plat/arm/board/juno/fdts/juno_fw_config.dts b/plat/arm/board/juno/fdts/juno_fw_config.dts
index 4b88efe..2d79ac7 100644
--- a/plat/arm/board/juno/fdts/juno_fw_config.dts
+++ b/plat/arm/board/juno/fdts/juno_fw_config.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,7 +14,7 @@
tb_fw-config {
load-address = <0x0 0x4001300>;
- max-size = <0x200>;
+ max-size = <0xA00>;
id = <TB_FW_CONFIG_ID>;
};
diff --git a/plat/arm/board/juno/fdts/juno_tb_fw_config.dts b/plat/arm/board/juno/fdts/juno_tb_fw_config.dts
index 80cfa3e..986299e 100644
--- a/plat/arm/board/juno/fdts/juno_tb_fw_config.dts
+++ b/plat/arm/board/juno/fdts/juno_tb_fw_config.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -23,4 +23,41 @@
mbedtls_heap_addr = <0x0 0x0>;
mbedtls_heap_size = <0x0>;
};
+
+#if ARM_IO_IN_DTB
+ arm-io_policies {
+ fip-handles {
+ compatible = "arm,io-fip-handle";
+ scp_bl2_uuid = "9766fd3d-89be-e849-ae5d-78a140608213";
+ bl31_uuid = "47d4086d-4cfe-9846-9b95-2950cbbd5a00";
+ bl32_uuid = "05d0e189-53dc-1347-8d2b-500a4b7a3e38";
+ bl32_extra1_uuid = "0b70c29b-2a5a-7840-9f65-0a5682738288";
+ bl32_extra2_uuid = "8ea87bb1-cfa2-3f4d-85fd-e7bba50220d9";
+ bl33_uuid = "d6d0eea7-fcea-d54b-9782-9934f234b6e4";
+ hw_cfg_uuid = "08b8f1d9-c9cf-9349-a962-6fbc6b7265cc";
+ soc_fw_cfg_uuid = "9979814b-0376-fb46-8c8e-8d267f7859e0";
+ tos_fw_cfg_uuid = "26257c1a-dbc6-7f47-8d96-c4c4b0248021";
+ nt_fw_cfg_uuid = "28da9815-93e8-7e44-ac66-1aaf801550f9";
+ cca_cert_uuid = "36d83d85-761d-4daf-96f1-cd99d6569b00";
+ core_swd_cert_uuid = "52222d31-820f-494d-8bbc-ea6825d3c35a";
+ plat_cert_uuid = "d43cd902-5b9f-412e-8ac6-92b6d18be60d";
+ t_key_cert_uuid = "827ee890-f860-e411-a1b4-777a21b4f94c";
+ scp_fw_key_uuid = "024221a1-f860-e411-8d9b-f33c0e15a014";
+ soc_fw_key_uuid = "8ab8becc-f960-e411-9ad0-eb4822d8dcf8";
+ tos_fw_key_cert_uuid = "9477d603-fb60-e411-85dd-b7105b8cee04";
+ nt_fw_key_cert_uuid = "8ad5832a-fb60-e411-8aaf-df30bbc49859";
+ scp_fw_content_cert_uuid = "44be6f04-5e63-e411-b28b-73d8eaae9656";
+ soc_fw_content_cert_uuid = "e2b20c20-5e63-e411-9ce8-abccf92bb666";
+ tos_fw_content_cert_uuid = "a49f4411-5e63-e411-8728-3f05722af33d";
+ nt_fw_content_cert_uuid = "8ec4c1f3-5d63-e411-a7a9-87ee40b23fa7";
+ plat_sp_content_cert_uuid = "776dfd44-8697-4c3b-91eb-c13e025a2a6f";
+#if ARM_ETHOSN_NPU_TZMP1
+ arm_ethosn_npu_fw_uuid = "cfd499b5-a3bc-4a7e-98cb-48a41cb8dae1";
+ arm_ethosn_npu_fw_key_cert_uuid = "5666d004-ab98-40aa-8988-b72a03a256e2";
+ arm_ethosn_npu_fw_content_cert_uuid = "a5c418da-430f-48b1-88cd-93f67889d9ed";
+#endif
+ };
+ };
+#endif /* ARM_IO_IN_DTB */
+
};
diff --git a/plat/arm/board/juno/fip/plat_def_fip_uuid.h b/plat/arm/board/juno/fip/plat_def_fip_uuid.h
new file mode 100644
index 0000000..0f0d11d
--- /dev/null
+++ b/plat/arm/board/juno/fip/plat_def_fip_uuid.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLAT_DEF_FIP_UUID_H
+#define PLAT_DEF_FIP_UUID_H
+
+#ifdef ARM_ETHOSN_NPU_TZMP1
+#include <drivers/arm/ethosn_fip.h>
+#endif
+
+#endif /* PLAT_DEF_FIP_UUID_H */
diff --git a/plat/arm/board/juno/fip/plat_def_uuid_config.c b/plat/arm/board/juno/fip/plat_def_uuid_config.c
new file mode 100644
index 0000000..8133927
--- /dev/null
+++ b/plat/arm/board/juno/fip/plat_def_uuid_config.c
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+
+#include <firmware_image_package.h>
+#include <tbbr_config.h>
+
+#include "plat_def_fip_uuid.h"
+
+toc_entry_t plat_def_toc_entries[] = {
+#ifdef ARM_ETHOSN_NPU_TZMP1
+ ETHOSN_FW_KEY_CERTIFICATE_DEF,
+ ETHOSN_FW_CONTENT_CERTIFICATE_DEF,
+ ETHOSN_FW_DEF,
+#endif
+ {
+ .name = NULL,
+ .uuid = { { 0 } },
+ .cmdline_name = NULL,
+ }
+};
diff --git a/plat/arm/board/juno/include/plat_tbbr_img_def.h b/plat/arm/board/juno/include/plat_tbbr_img_def.h
new file mode 100644
index 0000000..3e17ed3
--- /dev/null
+++ b/plat/arm/board/juno/include/plat_tbbr_img_def.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_IMG_DEF_H
+#define JUNO_IMG_DEF_H
+
+#if ARM_ETHOSN_NPU_TZMP1
+/* Arm(R) Ethos(TM)-N NPU images */
+#define ARM_ETHOSN_NPU_FW_KEY_CERT_ID U(MAX_IMG_IDS_WITH_SPMDS + 1)
+#define ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID U(MAX_IMG_IDS_WITH_SPMDS + 2)
+#define ARM_ETHOSN_NPU_FW_IMAGE_ID U(MAX_IMG_IDS_WITH_SPMDS + 3)
+#define MAX_NUMBER_IDS U(MAX_IMG_IDS_WITH_SPMDS + 4)
+#endif
+
+#endif /* JUNO_IMG_DEF_H */
diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index 409d7a6..47258cb 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,6 +19,9 @@
#include <plat/common/common_def.h>
#include "../juno_def.h"
+#ifdef JUNO_ETHOSN_TZMP1
+#include "../juno_ethosn_tzmp1_def.h"
+#endif
/* Required platform porting definitions */
/* Juno supports system power domain */
@@ -62,6 +65,18 @@
JUNO_DTB_DRAM_MAP_SIZE, \
MT_MEMORY | MT_RO | MT_NS)
+#ifdef JUNO_ETHOSN_TZMP1
+#define JUNO_ETHOSN_PROT_FW_RO MAP_REGION_FLAT( \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE, \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE, \
+ MT_RO_DATA | MT_SECURE)
+
+#define JUNO_ETHOSN_PROT_FW_RW MAP_REGION_FLAT( \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE, \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE, \
+ MT_MEMORY | MT_RW | MT_SECURE)
+#endif
+
/* virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
@@ -102,11 +117,11 @@
#ifdef IMAGE_BL2
#ifdef SPD_opteed
-# define PLAT_ARM_MMAP_ENTRIES 11
+# define PLAT_ARM_MMAP_ENTRIES 13
# define MAX_XLAT_TABLES 5
#else
-# define PLAT_ARM_MMAP_ENTRIES 10
-# define MAX_XLAT_TABLES 4
+# define PLAT_ARM_MMAP_ENTRIES 11
+# define MAX_XLAT_TABLES 5
#endif
#endif
@@ -116,8 +131,8 @@
#endif
#ifdef IMAGE_BL31
-# define PLAT_ARM_MMAP_ENTRIES 7
-# define MAX_XLAT_TABLES 5
+# define PLAT_ARM_MMAP_ENTRIES 8
+# define MAX_XLAT_TABLES 6
#endif
#ifdef IMAGE_BL32
@@ -310,4 +325,18 @@
/* Number of SCMI channels on the platform */
#define PLAT_ARM_SCMI_CHANNEL_COUNT U(1)
+/* Protected NSAIDs and memory regions for the Arm(R) Ethos(TM)-N NPU driver */
+#ifdef JUNO_ETHOSN_TZMP1
+#define ARM_ETHOSN_NPU_PROT_FW_NSAID JUNO_ETHOSN_TZC400_NSAID_FW_PROT
+#define ARM_ETHOSN_NPU_PROT_RW_DATA_NSAID JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT
+#define ARM_ETHOSN_NPU_PROT_RO_DATA_NSAID JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT
+
+#define ARM_ETHOSN_NPU_NS_RW_DATA_NSAID JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS
+#define ARM_ETHOSN_NPU_NS_RO_DATA_NSAID JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS
+
+#define ARM_ETHOSN_NPU_FW_IMAGE_BASE JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE
+#define ARM_ETHOSN_NPU_FW_IMAGE_LIMIT \
+ (JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE + JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE)
+#endif
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/juno/juno_common.c b/plat/arm/board/juno/juno_common.c
index 451c7df..02614da 100644
--- a/plat/arm/board/juno/juno_common.c
+++ b/plat/arm/board/juno/juno_common.c
@@ -53,6 +53,9 @@
#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
ARM_MAP_BL1_RW,
#endif
+#ifdef JUNO_ETHOSN_TZMP1
+ JUNO_ETHOSN_PROT_FW_RW,
+#endif
{0}
};
#endif
@@ -76,6 +79,9 @@
#endif
SOC_CSS_MAP_DEVICE,
ARM_DTB_DRAM_NS,
+#ifdef JUNO_ETHOSN_TZMP1
+ JUNO_ETHOSN_PROT_FW_RO,
+#endif
{0}
};
#endif
diff --git a/plat/arm/board/juno/juno_ethosn_tzmp1_def.h b/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
new file mode 100644
index 0000000..c3e816a
--- /dev/null
+++ b/plat/arm/board/juno/juno_ethosn_tzmp1_def.h
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef JUNO_ETHOSN_TZMP1_DEF_H
+#define JUNO_ETHOSN_TZMP1_DEF_H
+
+#define JUNO_ETHOSN_TZC400_NSAID_FW_PROT 7
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT 8
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT 13
+
+/* 0 is the default NSAID and is included in PLAT_ARM_TZC_NS_DEV_ACCESS */
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RW_NS 0
+#define JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS 14
+
+#define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE UL(0x000400000) /* 4 MB */
+#define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE (ARM_DRAM2_BASE)
+#define JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END (ARM_DRAM2_BASE + \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_SIZE \
+ - 1U)
+
+#define JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_SIZE UL(0x004000000) /* 64 MB */
+#define JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_BASE ( \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END + 1)
+#define JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END ( \
+ JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_BASE + \
+ JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_SIZE - 1U)
+
+#define JUNO_ETHOSN_NS_DRAM2_BASE (JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END + \
+ 1)
+#define JUNO_ETHOSN_NS_DRAM2_END (ARM_DRAM2_END)
+#define JUNO_ETHOSN_NS_DRAM2_SIZE (ARM_DRAM2_SIZE - \
+ JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END)
+
+#define JUNO_FW_TZC_PROT_ACCESS \
+ (TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_FW_PROT))
+#define JUNO_DATA_TZC_PROT_ACCESS \
+ (TZC_REGION_ACCESS_RDWR(JUNO_ETHOSN_TZC400_NSAID_DATA_RW_PROT) | \
+ TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_PROT))
+#define JUNO_DATA_TZC_NS_ACCESS \
+ (PLAT_ARM_TZC_NS_DEV_ACCESS | \
+ TZC_REGION_ACCESS_RD(JUNO_ETHOSN_TZC400_NSAID_DATA_RO_NS))
+
+#define JUNO_ETHOSN_TZMP_REGIONS_DEF \
+ { ARM_AP_TZC_DRAM1_BASE, ARM_EL3_TZC_DRAM1_END + ARM_L1_GPT_SIZE, \
+ TZC_REGION_S_RDWR, 0 }, \
+ { ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END, \
+ ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS}, \
+ { JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE, \
+ JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END, \
+ TZC_REGION_S_RDWR, JUNO_FW_TZC_PROT_ACCESS }, \
+ { JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_BASE, \
+ JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END, \
+ TZC_REGION_S_NONE, JUNO_DATA_TZC_PROT_ACCESS }, \
+ { JUNO_ETHOSN_NS_DRAM2_BASE, JUNO_ETHOSN_NS_DRAM2_END, \
+ ARM_TZC_NS_DRAM_S_ACCESS, JUNO_DATA_TZC_NS_ACCESS}
+
+#endif /* JUNO_ETHOSN_TZMP1_DEF_H */
diff --git a/plat/arm/board/juno/juno_security.c b/plat/arm/board/juno/juno_security.c
index 654a7f1..72e7e78 100644
--- a/plat/arm/board/juno/juno_security.c
+++ b/plat/arm/board/juno/juno_security.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,6 +13,7 @@
#include <plat/arm/soc/common/soc_css.h>
#include <plat/common/platform.h>
+#include "juno_ethosn_tzmp1_def.h"
#include "juno_tzmp1_def.h"
#ifdef JUNO_TZMP1
@@ -78,6 +79,15 @@
#endif /* JUNO_TZMP1 */
+#ifdef JUNO_ETHOSN_TZMP1
+
+static const arm_tzc_regions_info_t juno_ethosn_tzmp1_tzc_regions[] = {
+ JUNO_ETHOSN_TZMP_REGIONS_DEF,
+ {},
+};
+
+#endif /* JUNO_ETHOSN_TZMP1 */
+
/*******************************************************************************
* Set up the MMU-401 SSD tables. The power-on configuration has all stream IDs
* assigned to Non-Secure except some for the DMA-330. Assign those back to the
@@ -140,6 +150,17 @@
(void *)JUNO_AP_TZC_SHARE_DRAM1_BASE);
INFO("TZC protected shared memory end address for TZMP usecase: %p\n",
(void *)JUNO_AP_TZC_SHARE_DRAM1_END);
+#elif defined(JUNO_ETHOSN_TZMP1)
+ arm_tzc400_setup(PLAT_ARM_TZC_BASE, juno_ethosn_tzmp1_tzc_regions);
+ INFO("TZC protected shared memory range for NPU TZMP usecase: %p - %p\n",
+ (void *)JUNO_ETHOSN_NS_DRAM2_BASE,
+ (void *)JUNO_ETHOSN_NS_DRAM2_END);
+ INFO("TZC protected Data memory range for NPU TZMP usecase: %p - %p\n",
+ (void *)JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_BASE,
+ (void *)JUNO_ETHOSN_DATA_TZC_PROT_DRAM2_END);
+ INFO("TZC protected FW memory range for NPU TZMP usecase: %p - %p\n",
+ (void *)JUNO_ETHOSN_FW_TZC_PROT_DRAM2_BASE,
+ (void *)JUNO_ETHOSN_FW_TZC_PROT_DRAM2_END);
#else
arm_tzc400_setup(PLAT_ARM_TZC_BASE, NULL);
#endif
diff --git a/plat/arm/board/juno/juno_tbbr_cot_bl2.c b/plat/arm/board/juno/juno_tbbr_cot_bl2.c
new file mode 100644
index 0000000..d48d2e6
--- /dev/null
+++ b/plat/arm/board/juno/juno_tbbr_cot_bl2.c
@@ -0,0 +1,789 @@
+/*
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+
+#include <mbedtls/version.h>
+
+#include <drivers/auth/auth_mod.h>
+#include <drivers/auth/tbbr_cot_common.h>
+
+#if USE_TBBR_DEFS
+#include <tools_share/tbbr_oid.h>
+#else
+#include <platform_oid.h>
+#endif
+
+#include <platform_def.h>
+
+static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_extra2_hash_buf[HASH_DER_LEN];
+static unsigned char trusted_world_pk_buf[PK_DER_LEN];
+static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
+static unsigned char content_pk_buf[PK_DER_LEN];
+static unsigned char soc_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN];
+#if defined(SPD_spmd)
+static unsigned char sp_pkg_hash_buf[MAX_SP_IDS][HASH_DER_LEN];
+#endif /* SPD_spmd */
+#if ARM_ETHOSN_NPU_TZMP1
+static unsigned char npu_fw_image_hash_buf[HASH_DER_LEN];
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
+
+
+static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID);
+static auth_param_type_desc_t trusted_world_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, TRUSTED_WORLD_PK_OID);
+static auth_param_type_desc_t non_trusted_world_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, NON_TRUSTED_WORLD_PK_OID);
+static auth_param_type_desc_t scp_fw_content_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, SCP_FW_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t soc_fw_content_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, SOC_FW_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t tos_fw_content_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, TRUSTED_OS_FW_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t nt_fw_content_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, NON_TRUSTED_FW_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t scp_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SCP_FW_HASH_OID);
+static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID);
+static auth_param_type_desc_t soc_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SOC_FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID);
+static auth_param_type_desc_t tos_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t tos_fw_extra1_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA1_HASH_OID);
+static auth_param_type_desc_t tos_fw_extra2_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA2_HASH_OID);
+static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID);
+static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID);
+#if defined(SPD_spmd)
+static auth_param_type_desc_t sp_pkg1_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG1_HASH_OID);
+static auth_param_type_desc_t sp_pkg2_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG2_HASH_OID);
+static auth_param_type_desc_t sp_pkg3_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG3_HASH_OID);
+static auth_param_type_desc_t sp_pkg4_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG4_HASH_OID);
+static auth_param_type_desc_t sp_pkg5_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG5_HASH_OID);
+static auth_param_type_desc_t sp_pkg6_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG6_HASH_OID);
+static auth_param_type_desc_t sp_pkg7_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG7_HASH_OID);
+static auth_param_type_desc_t sp_pkg8_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG8_HASH_OID);
+#endif /* SPD_spmd */
+#if ARM_ETHOSN_NPU_TZMP1
+static auth_param_type_desc_t npu_fw_cert_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, ETHOSN_NPU_FW_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t npu_fw_image_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, ETHOSN_NPU_FW_BINARY_OID);
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
+
+/*
+ * Trusted key certificate
+ */
+static const auth_img_desc_t trusted_key_cert = {
+ .img_id = TRUSTED_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = NULL,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &subject_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &trusted_world_pk,
+ .data = {
+ .ptr = (void *)trusted_world_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &non_trusted_world_pk,
+ .data = {
+ .ptr = (void *)non_trusted_world_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+/*
+ * SCP Firmware
+ */
+static const auth_img_desc_t scp_fw_key_cert = {
+ .img_id = SCP_FW_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &scp_fw_content_pk,
+ .data = {
+ .ptr = (void *)content_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t scp_fw_content_cert = {
+ .img_id = SCP_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &scp_fw_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &scp_fw_content_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &scp_fw_hash,
+ .data = {
+ .ptr = (void *)scp_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t scp_bl2_image = {
+ .img_id = SCP_BL2_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &scp_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &scp_fw_hash
+ }
+ }
+ }
+};
+/*
+ * SoC Firmware
+ */
+static const auth_img_desc_t soc_fw_key_cert = {
+ .img_id = SOC_FW_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &soc_fw_content_pk,
+ .data = {
+ .ptr = (void *)content_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t soc_fw_content_cert = {
+ .img_id = SOC_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &soc_fw_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &soc_fw_content_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &soc_fw_hash,
+ .data = {
+ .ptr = (void *)soc_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &soc_fw_config_hash,
+ .data = {
+ .ptr = (void *)soc_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t bl31_image = {
+ .img_id = BL31_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &soc_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &soc_fw_hash
+ }
+ }
+ }
+};
+/* SOC FW Config */
+static const auth_img_desc_t soc_fw_config = {
+ .img_id = SOC_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &soc_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &soc_fw_config_hash
+ }
+ }
+ }
+};
+/*
+ * Trusted OS Firmware
+ */
+static const auth_img_desc_t trusted_os_fw_key_cert = {
+ .img_id = TRUSTED_OS_FW_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &tos_fw_content_pk,
+ .data = {
+ .ptr = (void *)content_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t trusted_os_fw_content_cert = {
+ .img_id = TRUSTED_OS_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_os_fw_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &tos_fw_content_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &tos_fw_hash,
+ .data = {
+ .ptr = (void *)tos_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &tos_fw_extra1_hash,
+ .data = {
+ .ptr = (void *)tos_fw_extra1_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &tos_fw_extra2_hash,
+ .data = {
+ .ptr = (void *)tos_fw_extra2_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [3] = {
+ .type_desc = &tos_fw_config_hash,
+ .data = {
+ .ptr = (void *)tos_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t bl32_image = {
+ .img_id = BL32_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_hash
+ }
+ }
+ }
+};
+static const auth_img_desc_t bl32_extra1_image = {
+ .img_id = BL32_EXTRA1_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_extra1_hash
+ }
+ }
+ }
+};
+static const auth_img_desc_t bl32_extra2_image = {
+ .img_id = BL32_EXTRA2_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_extra2_hash
+ }
+ }
+ }
+};
+/* TOS FW Config */
+static const auth_img_desc_t tos_fw_config = {
+ .img_id = TOS_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_config_hash
+ }
+ }
+ }
+};
+/*
+ * Non-Trusted Firmware
+ */
+static const auth_img_desc_t non_trusted_fw_key_cert = {
+ .img_id = NON_TRUSTED_FW_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &non_trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &nt_fw_content_pk,
+ .data = {
+ .ptr = (void *)content_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t non_trusted_fw_content_cert = {
+ .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &non_trusted_fw_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &nt_fw_content_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &nt_world_bl_hash,
+ .data = {
+ .ptr = (void *)nt_world_bl_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &nt_fw_config_hash,
+ .data = {
+ .ptr = (void *)nt_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+static const auth_img_desc_t bl33_image = {
+ .img_id = BL33_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &non_trusted_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &nt_world_bl_hash
+ }
+ }
+ }
+};
+/* NT FW Config */
+static const auth_img_desc_t nt_fw_config = {
+ .img_id = NT_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &non_trusted_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &nt_fw_config_hash
+ }
+ }
+ }
+};
+/* Secure Partitions */
+#if defined(SPD_spmd)
+static const auth_img_desc_t sip_sp_content_cert = {
+ .img_id = SIP_SP_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &sp_pkg1_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[0],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &sp_pkg2_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[1],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &sp_pkg3_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[2],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [3] = {
+ .type_desc = &sp_pkg4_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[3],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [4] = {
+ .type_desc = &sp_pkg5_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[4],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [5] = {
+ .type_desc = &sp_pkg6_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[5],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [6] = {
+ .type_desc = &sp_pkg7_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[6],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [7] = {
+ .type_desc = &sp_pkg8_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[7],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+DEFINE_SIP_SP_PKG(1);
+DEFINE_SIP_SP_PKG(2);
+DEFINE_SIP_SP_PKG(3);
+DEFINE_SIP_SP_PKG(4);
+DEFINE_SIP_SP_PKG(5);
+DEFINE_SIP_SP_PKG(6);
+DEFINE_SIP_SP_PKG(7);
+DEFINE_SIP_SP_PKG(8);
+#endif /* SPD_spmd */
+
+#if ARM_ETHOSN_NPU_TZMP1
+static const auth_img_desc_t npu_fw_key_cert = {
+ .img_id = ARM_ETHOSN_NPU_FW_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &trusted_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &non_trusted_world_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &npu_fw_cert_pk,
+ .data = {
+ .ptr = (void *)content_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+
+static const auth_img_desc_t npu_fw_content_cert = {
+ .img_id = ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &npu_fw_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &npu_fw_cert_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &npu_fw_image_hash,
+ .data = {
+ .ptr = (void *)npu_fw_image_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ }
+};
+
+static const auth_img_desc_t npu_fw_image = {
+ .img_id = ARM_ETHOSN_NPU_FW_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &npu_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &npu_fw_image_hash
+ }
+ }
+ }
+};
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
+
+
+static const auth_img_desc_t * const cot_desc[] = {
+ [TRUSTED_BOOT_FW_CERT_ID] = &trusted_boot_fw_cert,
+ [HW_CONFIG_ID] = &hw_config,
+ [TRUSTED_KEY_CERT_ID] = &trusted_key_cert,
+ [SCP_FW_KEY_CERT_ID] = &scp_fw_key_cert,
+ [SCP_FW_CONTENT_CERT_ID] = &scp_fw_content_cert,
+ [SCP_BL2_IMAGE_ID] = &scp_bl2_image,
+ [SOC_FW_KEY_CERT_ID] = &soc_fw_key_cert,
+ [SOC_FW_CONTENT_CERT_ID] = &soc_fw_content_cert,
+ [BL31_IMAGE_ID] = &bl31_image,
+ [SOC_FW_CONFIG_ID] = &soc_fw_config,
+ [TRUSTED_OS_FW_KEY_CERT_ID] = &trusted_os_fw_key_cert,
+ [TRUSTED_OS_FW_CONTENT_CERT_ID] = &trusted_os_fw_content_cert,
+ [BL32_IMAGE_ID] = &bl32_image,
+ [BL32_EXTRA1_IMAGE_ID] = &bl32_extra1_image,
+ [BL32_EXTRA2_IMAGE_ID] = &bl32_extra2_image,
+ [TOS_FW_CONFIG_ID] = &tos_fw_config,
+ [NON_TRUSTED_FW_KEY_CERT_ID] = &non_trusted_fw_key_cert,
+ [NON_TRUSTED_FW_CONTENT_CERT_ID] = &non_trusted_fw_content_cert,
+ [BL33_IMAGE_ID] = &bl33_image,
+ [NT_FW_CONFIG_ID] = &nt_fw_config,
+#if defined(SPD_spmd)
+ [SIP_SP_CONTENT_CERT_ID] = &sip_sp_content_cert,
+ [SP_PKG1_ID] = &sp_pkg1,
+ [SP_PKG2_ID] = &sp_pkg2,
+ [SP_PKG3_ID] = &sp_pkg3,
+ [SP_PKG4_ID] = &sp_pkg4,
+ [SP_PKG5_ID] = &sp_pkg5,
+ [SP_PKG6_ID] = &sp_pkg6,
+ [SP_PKG7_ID] = &sp_pkg7,
+ [SP_PKG8_ID] = &sp_pkg8,
+#endif
+#if ARM_ETHOSN_NPU_TZMP1
+ [ARM_ETHOSN_NPU_FW_KEY_CERT_ID] = &npu_fw_key_cert,
+ [ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID] = &npu_fw_content_cert,
+ [ARM_ETHOSN_NPU_FW_IMAGE_ID] = &npu_fw_image,
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
+};
+
+/* Register the CoT in the authentication module */
+REGISTER_COT(cot_desc);
diff --git a/plat/arm/board/juno/plat_fiptool.mk b/plat/arm/board/juno/plat_fiptool.mk
new file mode 100644
index 0000000..46b5179
--- /dev/null
+++ b/plat/arm/board/juno/plat_fiptool.mk
@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+PLAT_DEF_UUID := yes
+
+ifeq (${PLAT_DEF_UUID}, yes)
+HOSTCCFLAGS += -DPLAT_DEF_FIP_UUID
+ifeq (${ARM_ETHOSN_NPU_TZMP1},1)
+HOSTCCFLAGS += -DARM_ETHOSN_NPU_TZMP1
+endif
+INCLUDE_PATHS += -I./ -I${PLAT_DIR}fip -I../../include/
+OBJECTS += ${PLAT_DIR}fip/plat_def_uuid_config.o
+endif
diff --git a/plat/arm/board/juno/platform.mk b/plat/arm/board/juno/platform.mk
index 2c84eb3..a4e6407 100644
--- a/plat/arm/board/juno/platform.mk
+++ b/plat/arm/board/juno/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -43,7 +43,11 @@
JUNO_TZMP1 := 0
$(eval $(call assert_boolean,JUNO_TZMP1))
ifeq (${JUNO_TZMP1}, 1)
-$(eval $(call add_define,JUNO_TZMP1))
+ ifeq (${ARM_ETHOSN_NPU_TZMP1},1)
+ $(error JUNO_TZMP1 cannot be used together with ARM_ETHOSN_NPU_TZMP1)
+ else
+ $(eval $(call add_define,JUNO_TZMP1))
+ endif
endif
TRNG_SUPPORT := 1
@@ -102,8 +106,16 @@
endif
ifeq (${TRUSTED_BOARD_BOOT}, 1)
-BL1_SOURCES += plat/arm/board/juno/juno_trusted_boot.c
-BL2_SOURCES += plat/arm/board/juno/juno_trusted_boot.c
+ # Enable Juno specific TBBR images
+ $(eval $(call add_define,PLAT_TBBR_IMG_DEF))
+ DTC_CPPFLAGS += ${PLAT_INCLUDES}
+
+ BL1_SOURCES += plat/arm/board/juno/juno_trusted_boot.c
+ BL2_SOURCES += plat/arm/board/juno/juno_trusted_boot.c
+
+ ifeq (${COT_DESC_IN_DTB},0)
+ BL2_SOURCES += plat/arm/board/juno/juno_tbbr_cot_bl2.c
+ endif
endif
endif
diff --git a/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c b/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
index 3d7b361..e512192 100644
--- a/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
+++ b/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -220,8 +220,20 @@
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_2, image_info_t, IMAGE_ATTRIB_SKIP_LOADING),
.next_handoff_image_id = INVALID_IMAGE_ID,
- }
+ },
#endif /* EL3_PAYLOAD_BASE */
+
+# if ARM_ETHOSN_NPU_TZMP1
+ {
+ .image_id = ARM_ETHOSN_NPU_FW_IMAGE_ID,
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
+ VERSION_2, image_info_t, 0),
+ .image_info.image_base = ARM_ETHOSN_NPU_FW_IMAGE_BASE,
+ .image_info.image_max_size = ARM_ETHOSN_NPU_FW_IMAGE_LIMIT -
+ ARM_ETHOSN_NPU_FW_IMAGE_BASE,
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
+# endif
};
REGISTER_BL_IMAGE_DESCS(bl2_mem_params_descs)
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index de2c4f8..fca6f4f 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -119,6 +119,43 @@
$(eval $(call assert_boolean,ARM_ETHOSN_NPU_DRIVER))
$(eval $(call add_define,ARM_ETHOSN_NPU_DRIVER))
+# Arm(R) Ethos(TM)-N NPU TZMP1
+ARM_ETHOSN_NPU_TZMP1 := 0
+$(eval $(call assert_boolean,ARM_ETHOSN_NPU_TZMP1))
+$(eval $(call add_define,ARM_ETHOSN_NPU_TZMP1))
+ifeq (${ARM_ETHOSN_NPU_TZMP1},1)
+ ifeq (${ARM_ETHOSN_NPU_DRIVER},0)
+ $(error ARM_ETHOSN_NPU_TZMP1 is only available if ARM_ETHOSN_NPU_DRIVER=1)
+ endif
+ ifeq (${PLAT},juno)
+ $(eval $(call add_define,JUNO_ETHOSN_TZMP1))
+ else
+ $(error ARM_ETHOSN_NPU_TZMP1 only supported on Juno platform, not ${PLAT})
+ endif
+
+ ifeq (${TRUSTED_BOARD_BOOT},0)
+ # We rely on TRUSTED_BOARD_BOOT to prevent the firmware code from being
+ # tampered with, which is required to protect the confidentiality of protected
+ # inference data.
+ $(error ARM_ETHOSN_NPU_TZMP1 is only available if TRUSTED_BOARD_BOOT is enabled)
+ endif
+
+ # We need the FW certificate and key certificate
+ $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/npu_fw_key.crt,--npu-fw-key-cert))
+ $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/npu_fw_content.crt,--npu-fw-cert))
+ # Needed for our OIDs to be available in tbbr_cot_bl2.c
+ $(eval $(call add_define, PLAT_DEF_OID))
+ PLAT_INCLUDES += -I${PLAT_DIR}certificate/include
+ PLAT_INCLUDES += -Iinclude/drivers/arm/
+
+ # We need the firmware to be built into the FIP
+ $(eval $(call TOOL_ADD_IMG,ARM_ETHOSN_NPU_FW,--npu-fw))
+
+ # Needed so that UUIDs from the FIP are available in BL2
+ $(eval $(call add_define,PLAT_DEF_FIP_UUID))
+ PLAT_INCLUDES += -I${PLAT_DIR}fip
+endif # ARM_ETHOSN_NPU_TZMP1
+
# Use an implementation of SHA-256 with a smaller memory footprint but reduced
# speed.
$(eval $(call add_define,MBEDTLS_SHA256_SMALLER))
@@ -322,6 +359,9 @@
ARM_SVC_HANDLER_SRCS += plat/arm/common/fconf/fconf_ethosn_getter.c \
drivers/delay_timer/delay_timer.c \
drivers/arm/ethosn/ethosn_smc.c
+ifeq (${ARM_ETHOSN_NPU_TZMP1},1)
+ARM_SVC_HANDLER_SRCS += drivers/arm/ethosn/ethosn_big_fw.c
+endif
endif
ifeq (${ARCH}, aarch64)
@@ -381,8 +421,11 @@
ifneq (${COT_DESC_IN_DTB},0)
BL2_SOURCES += lib/fconf/fconf_cot_getter.c
else
- BL2_SOURCES += drivers/auth/tbbr/tbbr_cot_common.c \
- drivers/auth/tbbr/tbbr_cot_bl2.c
+ BL2_SOURCES += drivers/auth/tbbr/tbbr_cot_common.c
+ # Juno has its own TBBR CoT file for BL2
+ ifneq (${PLAT},juno)
+ BL2_SOURCES += drivers/auth/tbbr/tbbr_cot_bl2.c
+ endif
endif
else ifeq (${COT},dualroot)
AUTH_SOURCES += drivers/auth/dualroot/cot.c
diff --git a/plat/arm/common/arm_sip_svc.c b/plat/arm/common/arm_sip_svc.c
index 6456c78..af8a02f 100644
--- a/plat/arm/common/arm_sip_svc.c
+++ b/plat/arm/common/arm_sip_svc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2019,2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,14 @@
#endif /* USE_DEBUGFS */
+#if ARM_ETHOSN_NPU_DRIVER
+
+ if (ethosn_smc_setup() != 0) {
+ return 1;
+ }
+
+#endif /* ARM_ETHOSN_NPU_DRIVER */
+
return 0;
}
diff --git a/plat/arm/common/fconf/arm_fconf_io.c b/plat/arm/common/fconf/arm_fconf_io.c
index 6c32331..743cc90 100644
--- a/plat/arm/common/fconf/arm_fconf_io.c
+++ b/plat/arm/common/fconf/arm_fconf_io.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -68,6 +68,9 @@
[TOS_FW_CONFIG_ID] = {UUID_TOS_FW_CONFIG},
[NT_FW_CONFIG_ID] = {UUID_NT_FW_CONFIG},
[RMM_IMAGE_ID] = {UUID_REALM_MONITOR_MGMT_FIRMWARE},
+#if ARM_ETHOSN_NPU_TZMP1
+ [ARM_ETHOSN_NPU_FW_IMAGE_ID] = {UUID_ETHOSN_FW},
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#endif /* ARM_IO_IN_DTB */
#if TRUSTED_BOARD_BOOT
[TRUSTED_BOOT_FW_CERT_ID] = {UUID_TRUSTED_BOOT_FW_CERT},
@@ -88,6 +91,10 @@
[SIP_SP_CONTENT_CERT_ID] = {UUID_SIP_SECURE_PARTITION_CONTENT_CERT},
[PLAT_SP_CONTENT_CERT_ID] = {UUID_PLAT_SECURE_PARTITION_CONTENT_CERT},
#endif
+#if ARM_ETHOSN_NPU_TZMP1
+ [ARM_ETHOSN_NPU_FW_KEY_CERT_ID] = {UUID_ETHOSN_FW_KEY_CERTIFICATE},
+ [ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID] = {UUID_ETHOSN_FW_CONTENT_CERTIFICATE},
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#endif /* ARM_IO_IN_DTB */
#endif /* TRUSTED_BOARD_BOOT */
};
@@ -191,6 +198,13 @@
(uintptr_t)&arm_uuid_spec[NT_FW_CONFIG_ID],
open_fip
},
+#if ARM_ETHOSN_NPU_TZMP1
+ [ARM_ETHOSN_NPU_FW_IMAGE_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[ARM_ETHOSN_NPU_FW_IMAGE_ID],
+ open_fip
+ },
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#endif /* ARM_IO_IN_DTB */
#if TRUSTED_BOARD_BOOT
[TRUSTED_BOOT_FW_CERT_ID] = {
@@ -271,18 +285,56 @@
open_fip
},
#endif
+#if ARM_ETHOSN_NPU_TZMP1
+ [ARM_ETHOSN_NPU_FW_KEY_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[ARM_ETHOSN_NPU_FW_KEY_CERT_ID],
+ open_fip
+ },
+ [ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID],
+ open_fip
+ },
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#endif /* ARM_IO_IN_DTB */
#endif /* TRUSTED_BOARD_BOOT */
};
#ifdef IMAGE_BL2
-#if TRUSTED_BOARD_BOOT
-#define FCONF_ARM_IO_UUID_NUMBER U(24)
+#define FCONF_ARM_IO_UUID_NUM_BASE U(10)
+
+#if ARM_ETHOSN_NPU_TZMP1
+#define FCONF_ARM_IO_UUID_NUM_NPU U(1)
#else
-#define FCONF_ARM_IO_UUID_NUMBER U(10)
+#define FCONF_ARM_IO_UUID_NUM_NPU U(0)
#endif
+#if TRUSTED_BOARD_BOOT
+#define FCONF_ARM_IO_UUID_NUM_TBB U(12)
+#else
+#define FCONF_ARM_IO_UUID_NUM_TBB U(0)
+#endif /* TRUSTED_BOARD_BOOT */
+
+#if TRUSTED_BOARD_BOOT && defined(SPD_spmd)
+#define FCONF_ARM_IO_UUID_NUM_SPD U(2)
+#else
+#define FCONF_ARM_IO_UUID_NUM_SPD U(0)
+#endif /* TRUSTED_BOARD_BOOT && defined(SPD_spmd) */
+
+#if TRUSTED_BOARD_BOOT && ARM_ETHOSN_NPU_TZMP1
+#define FCONF_ARM_IO_UUID_NUM_NPU_TBB U(2)
+#else
+#define FCONF_ARM_IO_UUID_NUM_NPU_TBB U(0)
+#endif /* TRUSTED_BOARD_BOOT && ARM_ETHOSN_NPU_TZMP1 */
+
+#define FCONF_ARM_IO_UUID_NUMBER FCONF_ARM_IO_UUID_NUM_BASE + \
+ FCONF_ARM_IO_UUID_NUM_NPU + \
+ FCONF_ARM_IO_UUID_NUM_TBB + \
+ FCONF_ARM_IO_UUID_NUM_SPD + \
+ FCONF_ARM_IO_UUID_NUM_NPU_TBB
+
static io_uuid_spec_t fconf_arm_uuids[FCONF_ARM_IO_UUID_NUMBER];
static OBJECT_POOL_ARRAY(fconf_arm_uuids_pool, fconf_arm_uuids);
@@ -303,6 +355,9 @@
{SOC_FW_CONFIG_ID, "soc_fw_cfg_uuid"},
{TOS_FW_CONFIG_ID, "tos_fw_cfg_uuid"},
{NT_FW_CONFIG_ID, "nt_fw_cfg_uuid"},
+#if ARM_ETHOSN_NPU_TZMP1
+ {ARM_ETHOSN_NPU_FW_IMAGE_ID, "arm_ethosn_npu_fw_uuid"},
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#if TRUSTED_BOARD_BOOT
{CCA_CONTENT_CERT_ID, "cca_cert_uuid"},
{CORE_SWD_KEY_CERT_ID, "core_swd_cert_uuid"},
@@ -320,6 +375,10 @@
{SIP_SP_CONTENT_CERT_ID, "sip_sp_content_cert_uuid"},
{PLAT_SP_CONTENT_CERT_ID, "plat_sp_content_cert_uuid"},
#endif
+#if ARM_ETHOSN_NPU_TZMP1
+ {ARM_ETHOSN_NPU_FW_KEY_CERT_ID, "arm_ethosn_npu_fw_key_cert_uuid"},
+ {ARM_ETHOSN_NPU_FW_CONTENT_CERT_ID, "arm_ethosn_npu_fw_content_cert_uuid"},
+#endif /* ARM_ETHOSN_NPU_TZMP1 */
#endif /* TRUSTED_BOARD_BOOT */
};
diff --git a/plat/arm/common/fconf/fconf_ethosn_getter.c b/plat/arm/common/fconf/fconf_ethosn_getter.c
index 251471e..7394e42 100644
--- a/plat/arm/common/fconf/fconf_ethosn_getter.c
+++ b/plat/arm/common/fconf/fconf_ethosn_getter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +20,38 @@
uint32_t stream_id;
};
+static int fdt_node_read_reserved_memory_addr(const void *fdt,
+ int dev_node,
+ uint64_t *reserved_mem_addrs)
+{
+ uintptr_t addr;
+ uint32_t phandle;
+ int err;
+ int mem_node;
+
+ err = fdt_read_uint32(fdt, dev_node, "memory-region", &phandle);
+ if (err != 0) {
+ ERROR("FCONF: Failed to get reserved memory phandle\n");
+ return err;
+ }
+
+ mem_node = fdt_node_offset_by_phandle(fdt, phandle);
+ if (mem_node < 0) {
+ ERROR("FCONF: Failed to find reserved memory node from phandle\n");
+ return mem_node;
+ }
+
+ err = fdt_get_reg_props_by_index(fdt, mem_node, 0U, &addr, NULL);
+ if (err != 0) {
+ ERROR("FCONF: Failed to read reserved memory address\n");
+ return err;
+ }
+
+ *reserved_mem_addrs = addr;
+
+ return 0;
+}
+
static bool fdt_node_has_reserved_memory(const void *fdt, int dev_node)
{
return fdt_get_property(fdt, dev_node, "memory-region", NULL) != NULL;
@@ -233,8 +265,10 @@
struct ethosn_device_t *dev = ðosn_config.devices[dev_count];
uint32_t dev_asset_alloc_count = 0U;
uint32_t dev_core_count = 0U;
+ uint64_t reserved_memory_addr = 0U;
bool has_reserved_memory;
int sub_node;
+ int err;
if (!fdt_node_is_enabled(hw_conf_dtb, ethosn_node)) {
continue;
@@ -246,8 +280,16 @@
}
has_reserved_memory = fdt_node_has_reserved_memory(hw_conf_dtb, ethosn_node);
+ if (has_reserved_memory) {
+ err = fdt_node_read_reserved_memory_addr(hw_conf_dtb,
+ ethosn_node,
+ &reserved_memory_addr);
+ if (err != 0) {
+ return err;
+ }
+ }
+
fdt_for_each_subnode(sub_node, hw_conf_dtb, ethosn_node) {
- int err;
if (!fdt_node_is_enabled(hw_conf_dtb, sub_node)) {
/* Ignore disabled sub node */
@@ -323,6 +365,7 @@
dev->num_cores = dev_core_count;
dev->num_allocators = dev_asset_alloc_count;
dev->has_reserved_memory = has_reserved_memory;
+ dev->reserved_memory_addr = reserved_memory_addr;
++dev_count;
}
diff --git a/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c b/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
index 661f8e2..7065a65 100644
--- a/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
+++ b/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c
@@ -30,6 +30,20 @@
#define TRUSTY_PARAMS_LEN_BYTES (4096*2)
+/*
+ * Avoid the pointer dereference of the canonical mmio_read_8() implementation.
+ * This prevents the compiler from mis-interpreting the MMIO access as an
+ * illegal memory access to a very low address (the IMX ROM is mapped at 0).
+ */
+static uint8_t mmio_read_8_ldrb(uintptr_t address)
+{
+ uint8_t reg;
+
+ __asm__ volatile ("ldrb %w0, [%1]" : "=r" (reg) : "r" (address));
+
+ return reg;
+}
+
static const mmap_region_t imx_mmap[] = {
MAP_REGION_FLAT(GPV_BASE, GPV_SIZE, MT_DEVICE | MT_RW), /* GPV map */
MAP_REGION_FLAT(IMX_ROM_BASE, IMX_ROM_SIZE, MT_MEMORY | MT_RO), /* ROM map */
@@ -70,11 +84,11 @@
uint32_t ocotp_val;
imx_soc_revision = mmio_read_32(IMX_ANAMIX_BASE + ANAMIX_DIGPROG);
- rom_version = mmio_read_8(IMX_ROM_BASE + ROM_SOC_INFO_A0);
+ rom_version = mmio_read_8_ldrb(IMX_ROM_BASE + ROM_SOC_INFO_A0);
if (rom_version == 0x10)
return;
- rom_version = mmio_read_8(IMX_ROM_BASE + ROM_SOC_INFO_B0);
+ rom_version = mmio_read_8_ldrb(IMX_ROM_BASE + ROM_SOC_INFO_B0);
if (rom_version == 0x20) {
imx_soc_revision &= ~0xff;
imx_soc_revision |= rom_version;
diff --git a/plat/intel/soc/common/include/socfpga_f2sdram_manager.h b/plat/intel/soc/common/include/socfpga_f2sdram_manager.h
index 82bb6cb..b30a11e 100644
--- a/plat/intel/soc/common/include/socfpga_f2sdram_manager.h
+++ b/plat/intel/soc/common/include/socfpga_f2sdram_manager.h
@@ -21,17 +21,25 @@
#define FLAGOUTSETCLR_F2SDRAM0_IDLEREQ (BIT(0))
#define FLAGOUTSETCLR_F2SDRAM1_IDLEREQ (BIT(3))
#define FLAGOUTSETCLR_F2SDRAM2_IDLEREQ (BIT(6))
-#define FLAGINTSTATUS_F2SDRAM0_IDLEACK (BIT(1))
-#define FLAGINTSTATUS_F2SDRAM1_IDLEACK (BIT(5))
-#define FLAGINTSTATUS_F2SDRAM2_IDLEACK (BIT(9))
+#define FLAGINSTATUS_F2SDRAM0_IDLEACK (BIT(1))
+#define FLAGINSTATUS_F2SDRAM1_IDLEACK (BIT(5))
+#define FLAGINSTATUS_F2SDRAM2_IDLEACK (BIT(9))
+#define FLAGINSTATUS_F2SDRAM0_CMDIDLE (BIT(2))
+#define FLAGINSTATUS_F2SDRAM1_CMDIDLE (BIT(6))
+#define FLAGINSTATUS_F2SDRAM2_CMDIDLE (BIT(10))
+#define FLAGINSTATUS_F2SDRAM0_NOCIDLE (BIT(0))
+#define FLAGINSTATUS_F2SDRAM1_NOCIDLE (BIT(4))
+#define FLAGINSTATUS_F2SDRAM2_NOCIDLE (BIT(8))
+
#define FLAGOUTSETCLR_F2SDRAM0_FORCE_DRAIN (BIT(2))
#define FLAGOUTSETCLR_F2SDRAM1_FORCE_DRAIN (BIT(5))
#define FLAGOUTSETCLR_F2SDRAM2_FORCE_DRAIN (BIT(8))
-#define FLAGINTSTATUS_F2SOC_RESPEMPTY (BIT(3))
-#define FLAGINTSTATUS_F2SDRAM0_RESPEMPTY (BIT(3))
-#define FLAGINTSTATUS_F2SDRAM1_RESPEMPTY (BIT(7))
-#define FLAGINTSTATUS_F2SDRAM2_RESPEMPTY (BIT(11))
+#define FLAGINSTATUS_F2SOC_RESPEMPTY (BIT(3))
+#define FLAGINSTATUS_F2SDRAM0_RESPEMPTY (BIT(3))
+#define FLAGINSTATUS_F2SDRAM1_RESPEMPTY (BIT(7))
+#define FLAGINSTATUS_F2SDRAM2_RESPEMPTY (BIT(11))
+#define FLAGINSTATUS_F2S_FM_TRACKERIDLE (BIT(4))
#define SOCFPGA_F2SDRAMMGR(_reg) (SOCFPGA_F2SDRAMMGR_REG_BASE \
+ (SOCFPGA_F2SDRAMMGR_##_reg))
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index 3b0b370..508043f 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -283,6 +283,7 @@
uint32_t load_size;
uintptr_t id_offset;
+ inv_dcache_range(src_addr, src_size); /* flush cache before mmio read to avoid reading old values */
id_offset = src_addr + FCS_OWNER_ID_OFFSET;
fcs_decrypt_payload payload = {
FCS_DECRYPTION_DATA_0,
@@ -392,6 +393,7 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ inv_dcache_range(src_addr, src_size); /* flush cache before mmio read to avoid reading old values */
id_offset = src_addr + FCS_OWNER_ID_OFFSET;
fcs_decrypt_ext_payload payload = {
session_id,
@@ -822,6 +824,7 @@
CMD_CASUAL, (uint32_t *) dst_addr, &resp_len);
if (resp_len > 0) {
+ inv_dcache_range(dst_addr, (resp_len * MBOX_WORD_BYTE)); /* flush cache before mmio read to avoid reading old values */
op_status = mmio_read_32(dst_addr) &
FCS_CS_KEY_RESP_STATUS_MASK;
}
@@ -1269,7 +1272,7 @@
memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
src_size - data_size);
- memset((void *)&dst_addr, 0, sizeof(dst_size));
+ memset((void *) dst_addr, 0, *dst_size);
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
@@ -1874,7 +1877,7 @@
memcpy((uint8_t *) &payload[i], (uint8_t *) sig_pubkey_offset,
src_size - data_size);
- memset((void *)&dst_addr, 0, sizeof(dst_size));
+ memset((void *) dst_addr, 0, *dst_size);
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
diff --git a/plat/intel/soc/common/soc/socfpga_reset_manager.c b/plat/intel/soc/common/soc/socfpga_reset_manager.c
index bb4efab..77d9a73 100644
--- a/plat/intel/soc/common/soc/socfpga_reset_manager.c
+++ b/plat/intel/soc/common/soc/socfpga_reset_manager.c
@@ -14,7 +14,6 @@
#include "socfpga_reset_manager.h"
#include "socfpga_system_manager.h"
-
void deassert_peripheral_reset(void)
{
mmio_clrbits_32(SOCFPGA_RSTMGR(PER1MODRST),
@@ -89,11 +88,12 @@
mmio_setbits_32(SOCFPGA_RSTMGR(HDSKEN), or_mask);
}
-static int poll_idle_status(uint32_t addr, uint32_t mask, uint32_t match)
+static int poll_idle_status(uint32_t addr, uint32_t mask, uint32_t match, uint32_t delay_ms)
{
- int time_out = 300;
+ int time_out = delay_ms;
+
+ while (time_out-- > 0) {
- while (time_out--) {
if ((mmio_read_32(addr) & mask) == match) {
return 0;
}
@@ -102,9 +102,24 @@
return -ETIMEDOUT;
}
+static int poll_idle_status_by_clkcycles(uint32_t addr, uint32_t mask,
+ uint32_t match, uint32_t delay_clk_cycles)
+{
+ int time_out = delay_clk_cycles;
+
+ while (time_out-- > 0) {
+
+ if ((mmio_read_32(addr) & mask) == match) {
+ return 0;
+ }
+ udelay(1);
+ }
+ return -ETIMEDOUT;
+}
+
static void socfpga_s2f_bridge_mask(uint32_t mask,
- uint32_t *brg_mask,
- uint32_t *noc_mask)
+ uint32_t *brg_mask,
+ uint32_t *noc_mask)
{
*brg_mask = 0;
*noc_mask = 0;
@@ -121,12 +136,13 @@
}
static void socfpga_f2s_bridge_mask(uint32_t mask,
- uint32_t *brg_mask,
- uint32_t *f2s_idlereq,
- uint32_t *f2s_force_drain,
- uint32_t *f2s_en,
- uint32_t *f2s_idleack,
- uint32_t *f2s_respempty)
+ uint32_t *brg_mask,
+ uint32_t *f2s_idlereq,
+ uint32_t *f2s_force_drain,
+ uint32_t *f2s_en,
+ uint32_t *f2s_idleack,
+ uint32_t *f2s_respempty,
+ uint32_t *f2s_cmdidle)
{
*brg_mask = 0;
*f2s_idlereq = 0;
@@ -134,6 +150,7 @@
*f2s_en = 0;
*f2s_idleack = 0;
*f2s_respempty = 0;
+ *f2s_cmdidle = 0;
#if PLATFORM_MODEL == PLAT_SOCFPGA_STRATIX10
if ((mask & FPGA2SOC_MASK) != 0U) {
@@ -144,24 +161,27 @@
*f2s_idlereq |= FLAGOUTSETCLR_F2SDRAM0_IDLEREQ;
*f2s_force_drain |= FLAGOUTSETCLR_F2SDRAM0_FORCE_DRAIN;
*f2s_en |= FLAGOUTSETCLR_F2SDRAM0_ENABLE;
- *f2s_idleack |= FLAGINTSTATUS_F2SDRAM0_IDLEACK;
- *f2s_respempty |= FLAGINTSTATUS_F2SDRAM0_RESPEMPTY;
+ *f2s_idleack |= FLAGINSTATUS_F2SDRAM0_IDLEACK;
+ *f2s_respempty |= FLAGINSTATUS_F2SDRAM0_RESPEMPTY;
+ *f2s_cmdidle |= FLAGINSTATUS_F2SDRAM0_CMDIDLE;
}
if ((mask & F2SDRAM1_MASK) != 0U) {
*brg_mask |= RSTMGR_FIELD(BRG, F2SSDRAM1);
*f2s_idlereq |= FLAGOUTSETCLR_F2SDRAM1_IDLEREQ;
*f2s_force_drain |= FLAGOUTSETCLR_F2SDRAM1_FORCE_DRAIN;
*f2s_en |= FLAGOUTSETCLR_F2SDRAM1_ENABLE;
- *f2s_idleack |= FLAGINTSTATUS_F2SDRAM1_IDLEACK;
- *f2s_respempty |= FLAGINTSTATUS_F2SDRAM1_RESPEMPTY;
+ *f2s_idleack |= FLAGINSTATUS_F2SDRAM1_IDLEACK;
+ *f2s_respempty |= FLAGINSTATUS_F2SDRAM1_RESPEMPTY;
+ *f2s_cmdidle |= FLAGINSTATUS_F2SDRAM1_CMDIDLE;
}
if ((mask & F2SDRAM2_MASK) != 0U) {
*brg_mask |= RSTMGR_FIELD(BRG, F2SSDRAM2);
*f2s_idlereq |= FLAGOUTSETCLR_F2SDRAM2_IDLEREQ;
*f2s_force_drain |= FLAGOUTSETCLR_F2SDRAM2_FORCE_DRAIN;
*f2s_en |= FLAGOUTSETCLR_F2SDRAM2_ENABLE;
- *f2s_idleack |= FLAGINTSTATUS_F2SDRAM2_IDLEACK;
- *f2s_respempty |= FLAGINTSTATUS_F2SDRAM2_RESPEMPTY;
+ *f2s_idleack |= FLAGINSTATUS_F2SDRAM2_IDLEACK;
+ *f2s_respempty |= FLAGINSTATUS_F2SDRAM2_RESPEMPTY;
+ *f2s_cmdidle |= FLAGINSTATUS_F2SDRAM2_CMDIDLE;
}
#else
if ((mask & FPGA2SOC_MASK) != 0U) {
@@ -169,8 +189,9 @@
*f2s_idlereq |= FLAGOUTSETCLR_F2SDRAM0_IDLEREQ;
*f2s_force_drain |= FLAGOUTSETCLR_F2SDRAM0_FORCE_DRAIN;
*f2s_en |= FLAGOUTSETCLR_F2SDRAM0_ENABLE;
- *f2s_idleack |= FLAGINTSTATUS_F2SDRAM0_IDLEACK;
- *f2s_respempty |= FLAGINTSTATUS_F2SDRAM0_RESPEMPTY;
+ *f2s_idleack |= FLAGINSTATUS_F2SDRAM0_IDLEACK;
+ *f2s_respempty |= FLAGINSTATUS_F2SDRAM0_RESPEMPTY;
+ *f2s_cmdidle |= FLAGINSTATUS_F2SDRAM0_CMDIDLE;
}
#endif
}
@@ -185,6 +206,7 @@
uint32_t f2s_en = 0;
uint32_t f2s_idleack = 0;
uint32_t f2s_respempty = 0;
+ uint32_t f2s_cmdidle = 0;
/* Enable s2f bridge */
socfpga_s2f_bridge_mask(mask, &brg_mask, &noc_mask);
@@ -198,7 +220,7 @@
/* Wait until idle ack becomes 0 */
ret = poll_idle_status(SOCFPGA_SYSMGR(NOC_IDLEACK),
- noc_mask, 0);
+ noc_mask, 0, 300);
if (ret < 0) {
ERROR("S2F bridge enable: "
"Timeout waiting for idle ack\n");
@@ -207,37 +229,84 @@
/* Enable f2s bridge */
socfpga_f2s_bridge_mask(mask, &brg_mask, &f2s_idlereq,
- &f2s_force_drain, &f2s_en,
- &f2s_idleack, &f2s_respempty);
+ &f2s_force_drain, &f2s_en,
+ &f2s_idleack, &f2s_respempty, &f2s_cmdidle);
if (brg_mask != 0U) {
mmio_clrbits_32(SOCFPGA_RSTMGR(BRGMODRST), brg_mask);
- mmio_clrbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
- f2s_idlereq);
+ mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTCLR0),
+ f2s_idlereq);
- ret = poll_idle_status(SOCFPGA_F2SDRAMMGR(
- SIDEBANDMGR_FLAGINSTATUS0), f2s_idleack, 0);
+ ret = poll_idle_status(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGINSTATUS0),
+ f2s_idleack, 0, 300);
+
if (ret < 0) {
ERROR("F2S bridge enable: "
- "Timeout waiting for idle ack");
+ "Timeout waiting for idle ack");
}
- mmio_clrbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
- f2s_force_drain);
+ /* Clear the force drain */
+ mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTCLR0),
+ f2s_force_drain);
udelay(5);
mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
- f2s_en);
+ f2s_en);
udelay(5);
}
return ret;
}
+int socfpga_bridge_nongraceful_disable(uint32_t mask)
+{
+ int ret = 0;
+ int timeout = 1000;
+ uint32_t brg_mask = 0;
+ uint32_t f2s_idlereq = 0;
+ uint32_t f2s_force_drain = 0;
+ uint32_t f2s_en = 0;
+ uint32_t f2s_idleack = 0;
+ uint32_t f2s_respempty = 0;
+ uint32_t f2s_cmdidle = 0;
+
+ socfpga_f2s_bridge_mask(mask, &brg_mask, &f2s_idlereq,
+ &f2s_force_drain, &f2s_en,
+ &f2s_idleack, &f2s_respempty, &f2s_cmdidle);
+
+ mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
+ f2s_idlereq);
+
+ /* Time out Error - Bus is still active */
+ /* Performing a non-graceful shutdown with Force drain */
+ mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
+ f2s_force_drain);
+
+ ret = -ETIMEDOUT;
+ do {
+ /* Read response queue status to ensure it is empty */
+ uint32_t idle_status;
+
+ idle_status = mmio_read_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGINSTATUS0));
+ if ((idle_status & f2s_respempty) != 0U) {
+ idle_status = mmio_read_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGINSTATUS0));
+ if ((idle_status & f2s_respempty) != 0U) {
+ /* No time-out we are good! */
+ ret = 0;
+ break;
+ }
+ }
+
+ asm("nop");
+
+ } while (timeout-- > 0);
+
+ return ret;
+}
+
int socfpga_bridges_disable(uint32_t mask)
{
int ret = 0;
- int timeout = 300;
uint32_t brg_mask = 0;
uint32_t noc_mask = 0;
uint32_t f2s_idlereq = 0;
@@ -245,6 +314,7 @@
uint32_t f2s_en = 0;
uint32_t f2s_idleack = 0;
uint32_t f2s_respempty = 0;
+ uint32_t f2s_cmdidle = 0;
/* Disable s2f bridge */
socfpga_s2f_bridge_mask(mask, &brg_mask, &noc_mask);
@@ -255,17 +325,17 @@
mmio_write_32(SOCFPGA_SYSMGR(NOC_TIMEOUT), 1);
ret = poll_idle_status(SOCFPGA_SYSMGR(NOC_IDLEACK),
- noc_mask, noc_mask);
+ noc_mask, noc_mask, 300);
if (ret < 0) {
ERROR("S2F Bridge disable: "
- "Timeout waiting for idle ack\n");
+ "Timeout waiting for idle ack\n");
}
ret = poll_idle_status(SOCFPGA_SYSMGR(NOC_IDLESTATUS),
- noc_mask, noc_mask);
+ noc_mask, noc_mask, 300);
if (ret < 0) {
ERROR("S2F Bridge disable: "
- "Timeout waiting for idle status\n");
+ "Timeout waiting for idle status\n");
}
mmio_setbits_32(SOCFPGA_RSTMGR(BRGMODRST), brg_mask);
@@ -275,43 +345,35 @@
/* Disable f2s bridge */
socfpga_f2s_bridge_mask(mask, &brg_mask, &f2s_idlereq,
- &f2s_force_drain, &f2s_en,
- &f2s_idleack, &f2s_respempty);
+ &f2s_force_drain, &f2s_en,
+ &f2s_idleack, &f2s_respempty, &f2s_cmdidle);
if (brg_mask != 0U) {
+
+ if (mmio_read_32(SOCFPGA_RSTMGR(BRGMODRST)) & brg_mask) {
+ /* Bridge cannot be reset twice */
+ return 0;
+ }
+
+ /* Starts the fence and drain traffic from F2SDRAM to MPFE */
mmio_setbits_32(SOCFPGA_RSTMGR(HDSKEN),
RSTMGR_HDSKEN_FPGAHSEN);
-
+ udelay(5);
+ /* Ignoring FPGA ACK as it will time-out */
mmio_setbits_32(SOCFPGA_RSTMGR(HDSKREQ),
RSTMGR_HDSKREQ_FPGAHSREQ);
- poll_idle_status(SOCFPGA_RSTMGR(HDSKACK),
- RSTMGR_HDSKACK_FPGAHSACK_MASK,
- RSTMGR_HDSKACK_FPGAHSACK_MASK);
+ ret = poll_idle_status_by_clkcycles(SOCFPGA_RSTMGR(HDSKACK),
+ RSTMGR_HDSKACK_FPGAHSACK_MASK,
+ RSTMGR_HDSKACK_FPGAHSACK_MASK, 1000);
- mmio_clrbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
+ /* DISABLE F2S Bridge */
+ mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTCLR0),
f2s_en);
udelay(5);
- mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTSET0),
- f2s_force_drain);
- udelay(5);
-
- do {
- /* Read response queue status to ensure it is empty */
- uint32_t idle_status;
+ ret = socfpga_bridge_nongraceful_disable(mask);
- idle_status = mmio_read_32(SOCFPGA_F2SDRAMMGR(
- SIDEBANDMGR_FLAGINSTATUS0));
- if ((idle_status & f2s_respempty) != 0U) {
- idle_status = mmio_read_32(SOCFPGA_F2SDRAMMGR(
- SIDEBANDMGR_FLAGINSTATUS0));
- if ((idle_status & f2s_respempty) != 0U) {
- break;
- }
- }
- udelay(1000);
- } while (timeout-- > 0);
-
+ /* Bridge reset */
#if PLATFORM_MODEL == PLAT_SOCFPGA_STRATIX10
/* Software must never write a 0x1 to FPGA2SOC_MASK bit */
mmio_setbits_32(SOCFPGA_RSTMGR(BRGMODRST),
@@ -320,8 +382,9 @@
mmio_setbits_32(SOCFPGA_RSTMGR(BRGMODRST),
brg_mask);
#endif
+ /* Re-enable traffic to SDRAM*/
mmio_clrbits_32(SOCFPGA_RSTMGR(HDSKREQ),
- RSTMGR_HDSKEQ_FPGAHSREQ);
+ RSTMGR_HDSKREQ_FPGAHSREQ);
mmio_setbits_32(SOCFPGA_F2SDRAMMGR(SIDEBANDMGR_FLAGOUTCLR0),
f2s_idlereq);
diff --git a/plat/intel/soc/common/socfpga_psci.c b/plat/intel/soc/common/socfpga_psci.c
index 5fd6559..bdece93 100644
--- a/plat/intel/soc/common/socfpga_psci.c
+++ b/plat/intel/soc/common/socfpga_psci.c
@@ -14,6 +14,7 @@
#include "socfpga_mailbox.h"
#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
+#include "socfpga_system_manager.h"
#include "socfpga_sip_svc.h"
@@ -38,12 +39,19 @@
int socfpga_pwr_domain_on(u_register_t mpidr)
{
unsigned int cpu_id = plat_core_pos_by_mpidr(mpidr);
+ uint32_t psci_boot = 0x00;
VERBOSE("%s: mpidr: 0x%lx\n", __func__, mpidr);
if (cpu_id == -1)
return PSCI_E_INTERN_FAIL;
+ if (cpu_id == 0x00) {
+ psci_boot = mmio_read_32(SOCFPGA_SYSMGR(BOOT_SCRATCH_COLD_8));
+ psci_boot |= 0x20000; /* bit 17 */
+ mmio_write_32(SOCFPGA_SYSMGR(BOOT_SCRATCH_COLD_8), psci_boot);
+ }
+
mmio_write_64(PLAT_CPUID_RELEASE, cpu_id);
/* release core reset */
diff --git a/plat/rpi/rpi3/rpi3_bl2_setup.c b/plat/rpi/rpi3/rpi3_bl2_setup.c
index db71817..80e4d8d 100644
--- a/plat/rpi/rpi3/rpi3_bl2_setup.c
+++ b/plat/rpi/rpi3/rpi3_bl2_setup.c
@@ -35,7 +35,9 @@
params.reg_base = RPI3_SDHOST_BASE;
params.bus_width = MMC_BUS_WIDTH_1;
params.clk_rate = 50000000;
+ params.clk_rate_initial = (RPI3_SDHOST_MAX_CLOCK / HC_CLOCKDIVISOR_MAXVAL);
mmc_info.mmc_dev_type = MMC_IS_SD_HC;
+ mmc_info.ocr_voltage = OCR_3_2_3_3 | OCR_3_3_3_4;
rpi3_sdhost_init(¶ms, &mmc_info);
}
diff --git a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
index 50fd67b..c99d1b1 100644
--- a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
+++ b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
@@ -239,6 +239,8 @@
panic();
}
#endif
+
+ custom_runtime_setup();
}
/*
diff --git a/plat/xilinx/zynqmp/custom_sip_svc.c b/plat/xilinx/zynqmp/custom_sip_svc.c
index fbb0a33..7ffffd2 100644
--- a/plat/xilinx/zynqmp/custom_sip_svc.c
+++ b/plat/xilinx/zynqmp/custom_sip_svc.c
@@ -23,3 +23,7 @@
void custom_mmap_add(void)
{
}
+
+void custom_runtime_setup(void)
+{
+}
diff --git a/plat/xilinx/zynqmp/include/custom_svc.h b/plat/xilinx/zynqmp/include/custom_svc.h
index ef0eb67..7ccde24 100644
--- a/plat/xilinx/zynqmp/include/custom_svc.h
+++ b/plat/xilinx/zynqmp/include/custom_svc.h
@@ -15,5 +15,6 @@
void custom_early_setup(void);
void custom_mmap_add(void);
+void custom_runtime_setup(void);
#endif /* CUSTOM_SVC_H */
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index aebce30..fb1130f 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -21,7 +21,9 @@
******************************************************************************/
/* Size of cacheable stacks */
+#ifndef PLATFORM_STACK_SIZE
#define PLATFORM_STACK_SIZE 0x440
+#endif
#define PLATFORM_CORE_COUNT U(4)
#define PLAT_NUM_POWER_DOMAINS U(5)
diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile
index d7e0fe5..ac262cd 100644
--- a/tools/fiptool/Makefile
+++ b/tools/fiptool/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -61,6 +61,8 @@
include ${PLAT_FIPTOOL_HELPER_MK}
endif
+DEPS := $(patsubst %.o,%.d,$(OBJECTS))
+
.PHONY: all clean distclean --openssl
all: ${PROJECT}
@@ -74,7 +76,9 @@
%.o: %.c Makefile
@echo " HOSTCC $<"
- ${Q}${HOSTCC} -c ${CPPFLAGS} ${HOSTCCFLAGS} ${INCLUDE_PATHS} $< -o $@
+ ${Q}${HOSTCC} -c ${CPPFLAGS} ${HOSTCCFLAGS} ${INCLUDE_PATHS} -MD -MP $< -o $@
+
+-include $(DEPS)
--openssl:
ifeq ($(DEBUG),1)
@@ -83,4 +87,4 @@
clean:
- $(call SHELL_DELETE_ALL, ${PROJECT} ${OBJECTS})
+ $(call SHELL_DELETE_ALL, ${PROJECT} ${OBJECTS} $(DEPS))