Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/arm: Load and populate fw_config and tb_fw_config
fconf: Handle error from fconf_load_config
plat/arm: Update the fw_config load call and populate it's information
fconf: Allow fconf to load additional firmware configuration
fconf: Clean confused naming between TB_FW and FW_CONFIG
tbbr/dualroot: Add fw_config image in chain of trust
cert_tool: Update cert_tool for fw_config image support
fiptool: Add fw_config in FIP
plat/arm: Rentroduce tb_fw_config device tree
diff --git a/docs/components/cot-binding.rst b/docs/components/cot-binding.rst
new file mode 100644
index 0000000..cc69d79
--- /dev/null
+++ b/docs/components/cot-binding.rst
@@ -0,0 +1,287 @@
+Chain of trust bindings
+=======================
+
+The device tree allows to describes the chain of trust with the help of
+certificates and images nodes, which in turn contains number of sub-nodes
+(i.e. certificate and image) mentioning properties for every certificate
+and image respectively.
+Also, this binding allows to describe OID of non-volatile counters, memory
+mapped address and size of non-volatile counter register.
+
+Convention used in this document
+--------------------------------
+
+This document follows the conventions described in the Device-tree
+Specification
+
+certificates, certificate and extension node bindings definition
+----------------------------------------------------------------
+
+- Certificates node
+ Description: Container of certificate nodes.
+
+ PROPERTIES
+
+ - compatible:
+ Usage: required
+
+ Value type: <string>
+
+ Definition: must be "arm, certificate-descriptors"
+
+- Certificate node
+ Description: Describes certificate properties which are used
+ during the authentication process.
+
+ PROPERTIES
+
+ - root-certificate
+ Usage: Required for the certificate with no parent.
+ In other words, Certificates which are validated
+ using root of trust public key.
+
+ Value type: <boolean>
+
+ - image-id
+ Usage: Required for every certificate with unique id.
+
+ Value type: <u32>
+
+ - parent
+ Usage: It refers to their parent image, which typically contains
+ information to authenticate the certificate.
+ This property is required for all non-root certificates.
+
+ This property is not required for root-certificates
+ as it is validated using root of trust public key
+ provided by platform.
+
+ Value type: <phandle>
+
+ - signing-key
+ Usage: This property is used to refer extension node present in
+ parent certificate and it is required property for all non-
+ root certificates which are authenticated using public-key
+ present in parent certificate.
+
+ This property is not required for root-certificates
+ as root-certificates are validated using root of trust
+ public key provided by platform.
+
+ Value type: <phandle>
+
+ - antirollback-counter
+ Usage: This property is used by all certificates which are protected
+ against rollback attacks using a non-volatile counter and it
+ is optional property.
+
+ This property is used to refer trusted or non-trusted
+ non-volatile counter node.
+
+ Value type: <phandle>
+
+ SUBNODES
+
+ - extensions node
+ Description: This is sub-node of certificate node.
+ Describes OIDs present in the certificate which will
+ be used during authentication process to extract
+ hash/public key information from this certificate.
+ OIDs in extension node are represented using number of
+ sub-nodes which contains 'oid' as property
+
+ PROPERTIES
+
+ - oid
+ Usage: This property provides the Object ID of an extension
+ provided in the certificate.
+
+ Value type: <string>
+
+Example:
+
+.. code:: c
+
+ certificates {
+ compatible = "arm, certificate-descriptors”
+
+ trusted-key-cert: trusted-key-cert {
+ root-certificate;
+ image-id = <TRUSTED_KEY_CERT_ID>;
+ antirollback-counter = <&trusted_nv_counter>;
+ extensions {
+ trusted-world-pk: trusted-world-pk {
+ oid = TRUSTED_WORLD_PK_OID;
+ };
+ non-trusted-world-pk: non-trusted-world-pk {
+ oid = NON_TRUSTED_WORLD_PK_OID;
+ };
+ };
+ };
+
+ scp_fw_key_cert: scp_fw_key_cert {
+ image-id = <SCP_FW_KEY_CERT_ID>;
+ parent = <&trusted-key-cert>;
+ signing-key = <&trusted_world_pk>;
+ antirollback-counter = <&trusted_nv_counter>;
+ extensions {
+ scp_fw_content_pk: scp_fw_content_pk {
+ oid = SCP_FW_CONTENT_CERT_PK_OID;
+ };
+ };
+ };
+
+ .
+ .
+ .
+
+ next-cert {
+
+ };
+ };
+
+Images and image node bindings definition
+-----------------------------------------
+
+- Images node
+ Description: Container of image nodes
+
+ PROPERTIES
+
+ - compatible:
+ Usage: required
+
+ Value type: <string>
+
+ Definition: must be "arm, image-descriptors"
+
+- Image node
+ Description: Describes image properties which will be used during
+ authentication process.
+
+ PROPERTIES
+
+ - image-id
+ Usage: Required for every image with unique id.
+
+ Value type: <u32>
+
+ - parent
+ Usage: Required for every image to provide a reference to
+ it's parent image, which contains the necessary information
+ to authenticate it.
+
+ Value type: <phandle>
+
+ - hash
+ Usage: Required for all images which are validated using
+ hash method. This property is used to refer extension
+ node present in parent certificate and it is required
+ property for all images.
+
+ Value type: <phandle>
+
+ Note: Currently, all images are validated using "hash"
+ method. In future, there may be multiple methods can
+ be used to validate the image.
+
+Example:
+
+.. code:: c
+
+ images {
+ compatible = "arm, imgage-descriptors";
+
+ scp_bl2_image {
+ image-id = <SCP_BL2_IMAGE_ID>;
+ parent = <&scp_fw_content_cert>;
+ hash = <&scp_fw_hash>;
+ };
+
+ .
+ .
+ .
+
+ next-img {
+ };
+ };
+
+non-volatile counter node binding definition
+--------------------------------------------
+
+- non-volatile counters node
+ Description: Contains properties for non-volatile counters.
+
+ PROPERTIES
+
+ - compatible:
+ Usage: required
+
+ Value type: <string>
+
+ Definition: must be "arm, non-volatile-counter"
+
+ - #address-cells
+ Usage: required
+
+ Value type: <u32>
+
+ Definition: Must be set according to address size
+ of non-volatile counter register
+
+ - #size-cells
+ Usage: required
+
+ Value type: <u32>
+
+ Definition: must be set to 0
+
+ SUBNODE
+ - counters node
+ Description: Contains various non-volatile counters present in the platform.
+
+ PROPERTIES
+
+ - reg
+ Usage: Register base address of non-volatile counter and it is required
+ property.
+
+ Value type: <u32>
+
+ - oid
+ Usage: This property provides the Object ID of non-volatile counter
+ provided in the certificate and it is required property.
+
+ Value type: <string>
+
+Example:
+Below is non-volatile counters example for ARM platform
+
+.. code:: c
+
+ non-volatile-counters {
+ compatible = "arm, non-volatile-counter";
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ counters {
+ trusted-nv-counter: trusted_nv_counter {
+ reg = <TFW_NVCTR_BASE>;
+ oid = TRUSTED_FW_NVCOUNTER_OID;
+ };
+ non_trusted_nv_counter: non_trusted_nv_counter {
+ reg = <NTFW_CTR_BASE>;
+ oid = NON_TRUSTED_FW_NVCOUNTER_OID;
+
+ };
+ };
+ };
+
+Future update to chain of trust binding
+---------------------------------------
+
+This binding document need to be revisited to generalise some terminologies
+like Object IDs, extensions etc which are currently specific to X.509
+certificates.
+
+*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/components/index.rst b/docs/components/index.rst
index c5f6264..18b1e38 100644
--- a/docs/components/index.rst
+++ b/docs/components/index.rst
@@ -19,3 +19,4 @@
secure-partition-manager-design
psa-ffa-manifest-binding
xlat-tables-lib-v2-design
+ cot-binding
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index 264d0c6..6b6c639 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -233,6 +233,11 @@
- ``ERRATA_A76_1800710``: This applies errata 1800710 workaround to Cortex-A76
CPU. This needs to be enabled only for revision <= r4p0 of the CPU.
+For Cortex-A77, the following errata build flags are defined :
+
+- ``ERRATA_A77_1800714``: This applies errata 1800714 workaround to Cortex-A77
+ CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
+
For Cortex-A78, the following errata build flags are defined :
- ``ERRATA_A78_1688305``: This applies errata 1688305 workaround to Cortex-A78
diff --git a/docs/process/security-reporting.asc b/docs/process/security-reporting.asc
deleted file mode 100644
index 8c41f7b..0000000
--- a/docs/process/security-reporting.asc
+++ /dev/null
@@ -1,45 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: PGP Desktop 10.2.0 (Build 2317)
-
-mQENBFey/QMBCACyxJaLsMYU794ZfzLdY172tHXRJfP0X3b34HU35G7kYl1zNiYc
-/NoygtQdtDv/aW1B2A/YTNhGge+gX4BWAREd5CYDbdPEoMWC395/qbnmMmez7YNY
-PEJ9Iq9e5AayAWwZTL1zgKwdvE+WTwWok/nMbsifJSEdhdrOIHNqRcZgplUUyZ2R
-sDqFtSbACO3xj4Psk8KJ23Ax7UZgULouZOJaHOnyq8F9V/U7zWvX4Odf96XaC1Em
-cUTsG0kQfa7Y4Hqqjzowq366I4k2o2LAtuLPWNCvq5jjEceLs2+qV4cNLgyL2dzO
-wtUL6EdkrGfkxsPHpsVKXig4wjeX9ehCSqRlABEBAAG0PVRydXN0ZWQgRmlybXdh
-cmUgU2VjdXJpdHkgPHRydXN0ZWQtZmlybXdhcmUtc2VjdXJpdHlAYXJtLmNvbT6J
-AYwEEAECAHYFAley/SEwFIAAAAAAIAAHcHJlZmVycmVkLWVtYWlsLWVuY29kaW5n
-QHBncC5jb21wZ3BtaW1lCAsJCAcDAgEKAhkBGRhsZGFwOi8va2V5c2VydmVyLnBn
-cC5jb20FGwMAAAAFFgADAgEFHgEAAAAGFQgJCgMCAAoJEDq378tFoN/QFJsH/0ly
-H91LYYzKIQrbolQw7Rp47lgzH88uN1rInYpW2GaTbjwPffAhYJ4VsN8RaiFskD9m
-DjMg4vY8p0jPTCUX1Acq20Wq0Ybv3HcrtjUp4ie0+rLUi3043yJyKFMWkJC2Kr+p
-SobnxSrAie4HDFUgSaPoh9Qf1zXEzOavdgcziMiyS5iVUf6NXYZ9z82OTZ6TdPKS
-u+L5zOHTdrV3+hD54w00Xa+EIE7u4v0to6Uwm977508hyGuvpOVq+u7+S3qJQvnY
-+JheStbgLsm6CyoRjyrlTE01ujAD6hI6Ef9yMgEljOBEy4phKAJ67SCRLEOiCp5U
-YHFCULwhzIyg2y3WmZSJASIEEAECAAwFAlezAnwFAwASdQAACgkQlxC4m8pXrXzd
-GAf/T8YEICI9qQt2vnCtCbBvVaTc2sAphVZ51kZVDqCDPB7znDtJYRBpi/9IPELt
-mYwIElMx2mqmahVaeUghmbzmcLZe8QHUi8GanO1mh+ook6uyjRojSIq6VUVV5uUf
-tuscfhpilOvUclqMqYEIgXfl08YwS40Kmmj0qokwad0co0zGQ8GEhlgMi2yvJfiG
-fPS0Xcn1J0980E/VgJQCAKwZvukrbb32WVwuhgepqs/4/62PZNxglcErioFt6P0A
-ik4t9Hr0uErqCeEKiYtmEw5e9ioRdX7CV+tJgIk907Tpv6E0iDFRJHmJBvmsz82O
-stOazS3wZ5Xck7asTqkvoyo9Z7kBDQRXsv0DAQgAsmL1UUIWyoNmYJWixSPDmclP
-0ul3T1FCOsIlWTeVeshnHByYdgZOfce78ETCUoq8G7qvYm4GRrEDpqVbxqTxJioP
-4Li05WDdNCKzSoqWd8ADA48gYnnJEu2NhA7ZkEC6u3+Mdbmd3M0J6nsAWeE0BV1p
-F5zI600sJuoH2QNWB7Kv5N3GCFE4IgCIH8MwDo4Y4FTZtygx4GjEtSExiOIz+bpX
-2+GkFCQGpIyLHLP4FmQmrsNzsIdEyFuG0IdoVuQ2PtNLiw+Wkm7CXWgRmFx/dtPN
-eVnOFWdbTtjBWVv/Z6zbANos2knfc75KR4FCQ6pWRvVeJuMuMopUDkfFDMtR8QAR
-AQABiQJBBBgBAgErBQJXsv0EBRsMAAAAwF0gBBkBCAAGBQJXsv0DAAoJENaB8ph8
-s9hu/nsH/Rx696ZR+1vZi5qCTUwo6s0Qa15x4OuyJEM85VgMLVY7/MZpp1Y8If6u
-A5BynQpy4QIPxIRsRx6twduW9/gb8UVhpMRPyuJ+5sSv0/KeUqkPbKSUGro2zGlR
-sjqPrchi6uafWZqOR/y/DNkEvkgZZaP+f9xs2qWKuoF08yTioo76QoroA4DVuVAT
-MkDFe9d3natAmfmjO4kvxuthg3y7R+sdXrCHpYYJZdbiR6gyj7e8whlSLwHQT3lz
-7QBL/CvVvL/dmhu5pk8fsksbehepMQTkCJ6GGEamOPEhwh7IvlzhEt97U4uzjuMd
-BPjqOCes+4QTmn/+lMTySG0kXxnHOEUACgkQOrfvy0Wg39D8Jgf/Uf3epkMOJ9xm
-N1l5vW8tQQ6RR055YQxQ9P6JMyCQGEJmGOcvrasCho69wMQDy4AYVtJaZd25LH/3
-LX/lcyDOP4C9VYXM+IxlcaRmjBKqWx9UzQeeioIkfmjMpJFU846ZP1dacge0lPx8
-p6ocPbM0rkv0xuF/dwkDQd4BPSmv4/3/UM8FRoYo8Q7SHkDR98wJ8FCm6k9wRtWC
-K/jzmBswY2TewAHom3jLzTM0FZ/n5Sini3EGAI2EvnQrxWRpeE7ZOkHKqLHEOaHl
-zeST4U/cUgxhwgnhbGJ7zmrFsHpYnnZYM3mIKfQ3/EhksZ68TF9IB1tfUiQTij4r
-9jWa0ybRdQ==
-=nZZb
------END PGP PUBLIC KEY BLOCK-----
diff --git a/docs/process/security.rst b/docs/process/security.rst
index c3935da..516eb98 100644
--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -20,40 +20,13 @@
Although we try to keep TF-A secure, we can only do so with the help of the
community of developers and security researchers.
-If you think you have found a security vulnerability, please **do not** report it
-in the `issue tracker`_. Instead send an email to
-trusted-firmware-security@arm.com
-
-Please include:
-
-* Trusted Firmware-A version (or commit) affected
-
-* A description of the concern or vulnerability
-
-* Details on how to replicate the vulnerability, including:
-
- - Configuration details
-
- - Proof of concept exploit code
-
- - Any additional software or tools required
-
-We recommend using :download:`this PGP/GPG key <./security-reporting.asc>` for
-encrypting the information. This key is also available at
-http://keyserver.pgp.com and LDAP port 389 of the same server.
-
-The fingerprint for this key is:
-
-::
-
- 1309 2C19 22B4 8E87 F17B FE5C 3AB7 EFCB 45A0 DFD0
-
-If you would like replies to be encrypted, please provide your public key.
-
-Please give us the time to respond to you and fix the vulnerability before going
-public. We do our best to respond and fix any issues quickly. We also need to
-ensure providers of products that use TF-A have a chance to consider the
-implications of the vulnerability and its remedy.
+If you think you have found a security vulnerability, please **do not** report
+it in the `issue tracker`_. Instead, please follow the `TrustedFirmware.org
+security incident process`_. One of the goals of this process is to ensure
+providers of products that use TF-A have a chance to consider the implications
+of the vulnerability and its remedy before it is made public. As such, please
+follow the disclosure plan outlined in the process. We do our best to respond
+and fix any issues quickly.
Afterwards, we encourage you to write-up your findings about the TF-A source
code.
@@ -61,8 +34,8 @@
Attribution
-----------
-We will name and thank you in the :ref:`Change Log & Release Notes` distributed with the source
-code and in any published security advisory.
+We will name and thank you in the :ref:`Change Log & Release Notes` distributed
+with the source code and in any published security advisory.
Security Advisories
-------------------
@@ -96,7 +69,6 @@
+-----------+------------------------------------------------------------------+
.. _issue tracker: https://developer.trustedfirmware.org/project/board/1/
-.. _this PGP/GPG key: security-reporting.asc
.. |TFV-1| replace:: :ref:`Advisory TFV-1 (CVE-2016-10319)`
.. |TFV-2| replace:: :ref:`Advisory TFV-2 (CVE-2017-7564)`
@@ -107,6 +79,8 @@
.. |TFV-7| replace:: :ref:`Advisory TFV-7 (CVE-2018-3639)`
.. |TFV-8| replace:: :ref:`Advisory TFV-8 (CVE-2018-19440)`
+.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/
+
--------------
-*Copyright (c) 2019, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
diff --git a/include/lib/cpus/aarch64/cortex_a77.h b/include/lib/cpus/aarch64/cortex_a77.h
index 0467ef3..bbd647c 100644
--- a/include/lib/cpus/aarch64/cortex_a77.h
+++ b/include/lib/cpus/aarch64/cortex_a77.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +16,7 @@
* CPU Extended Control register specific definitions.
******************************************************************************/
#define CORTEX_A77_CPUECTLR_EL1 S3_0_C15_C1_4
+#define CORTEX_A77_CPUECTLR_EL1_BIT_53 (ULL(1) << 53)
/*******************************************************************************
* CPU Power Control register specific definitions.
diff --git a/lib/cpus/aarch64/cortex_a77.S b/lib/cpus/aarch64/cortex_a77.S
index f3fd5e1..0c30460 100644
--- a/lib/cpus/aarch64/cortex_a77.S
+++ b/lib/cpus/aarch64/cortex_a77.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,6 +21,53 @@
#error "Cortex-A77 supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0"
#endif
+ /* --------------------------------------------------
+ * Errata Workaround for Cortex A77 Errata #1800714.
+ * This applies to revision <= r1p1 of Cortex A77.
+ * Inputs:
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * --------------------------------------------------
+ */
+func errata_a77_1800714_wa
+ /* Compare x0 against revision <= r1p1 */
+ mov x17, x30
+ bl check_errata_1800714
+ cbz x0, 1f
+
+ /* Disable allocation of splintered pages in the L2 TLB */
+ mrs x1, CORTEX_A77_CPUECTLR_EL1
+ orr x1, x1, CORTEX_A77_CPUECTLR_EL1_BIT_53
+ msr CORTEX_A77_CPUECTLR_EL1, x1
+ isb
+1:
+ ret x17
+endfunc errata_a77_1800714_wa
+
+func check_errata_1800714
+ /* Applies to everything <= r1p1 */
+ mov x1, #0x11
+ b cpu_rev_var_ls
+endfunc check_errata_1800714
+
+ /* -------------------------------------------------
+ * The CPU Ops reset function for Cortex-A77.
+ * Shall clobber: x0-x19
+ * -------------------------------------------------
+ */
+func cortex_a77_reset_func
+ mov x19, x30
+ bl cpu_get_rev_var
+ mov x18, x0
+
+#if ERRATA_A77_1800714
+ mov x0, x18
+ bl errata_a77_1800714_wa
+#endif
+
+ ret x19
+endfunc cortex_a77_reset_func
+
/* ---------------------------------------------
* HW will do the cache maintenance while powering down
* ---------------------------------------------
@@ -42,6 +89,18 @@
* Errata printing function for Cortex-A77. Must follow AAPCS.
*/
func cortex_a77_errata_report
+ stp x8, x30, [sp, #-16]!
+
+ bl cpu_get_rev_var
+ mov x8, x0
+
+ /*
+ * Report all errata. The revision-variant information is passed to
+ * checking functions of each errata.
+ */
+ report_errata ERRATA_A77_1800714, cortex_a77, 1800714
+
+ ldp x8, x30, [sp], #16
ret
endfunc cortex_a77_errata_report
#endif
@@ -67,5 +126,5 @@
endfunc cortex_a77_cpu_reg_dump
declare_cpu_ops cortex_a77, CORTEX_A77_MIDR, \
- CPU_NO_RESET_FUNC, \
+ cortex_a77_reset_func, \
cortex_a77_core_pwr_dwn
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index e809000..e494375 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -258,6 +258,10 @@
# only to revision <= r4p0 of the Cortex A76 cpu.
ERRATA_A76_1800710 ?=0
+# Flag to apply erratum 1800714 workaround during reset. This erratum applies
+# only to revision <= r1p1 of the Cortex A77 cpu.
+ERRATA_A77_1800714 ?=0
+
# Flag to apply erratum 1688305 workaround during reset. This erratum applies
# to revisions r0p0 - r1p0 of the A78 cpu.
ERRATA_A78_1688305 ?=0
@@ -503,6 +507,10 @@
$(eval $(call assert_boolean,ERRATA_A76_1800710))
$(eval $(call add_define,ERRATA_A76_1800710))
+# Process ERRATA_A77_1800714 flag
+$(eval $(call assert_boolean,ERRATA_A77_1800714))
+$(eval $(call add_define,ERRATA_A77_1800714))
+
# Process ERRATA_A78_1688305 flag
$(eval $(call assert_boolean,ERRATA_A78_1688305))
$(eval $(call add_define,ERRATA_A78_1688305))
diff --git a/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c b/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
index 8172a6e..35a777b 100644
--- a/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
+++ b/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
@@ -14,6 +14,7 @@
struct gicv3_config_t gicv3_config;
struct hw_topology_t soc_topology;
struct uart_serial_config_t uart_serial_config;
+struct cpu_timer_t cpu_timer;
#define ILLEGAL_ADDR ULL(~0)
@@ -260,9 +261,36 @@
VERBOSE("FCONF: UART serial device clk frequency: %x\n",
uart_serial_config.uart_clk);
+
+ return 0;
+}
+
+int fconf_populate_cpu_timer(uintptr_t config)
+{
+ int err, node;
+
+ /* Necessary to work with libfdt APIs */
+ const void *hw_config_dtb = (const void *)config;
+
+ /* Find the node offset point to "arm,armv8-timer" compatible property,
+ * a per-core architected timer attached to a GIC to deliver its per-processor
+ * interrupts via PPIs */
+ node = fdt_node_offset_by_compatible(hw_config_dtb, -1, "arm,armv8-timer");
+ if (node < 0) {
+ ERROR("FCONF: Unrecognized hardware configuration dtb (%d)\n", node);
+ return node;
+ }
+
+ /* Locate the cell holding the clock-frequency, an optional field */
+ err = fdt_read_uint32(hw_config_dtb, node, "clock-frequency", &cpu_timer.clock_freq);
+ if (err < 0) {
+ WARN("FCONF failed to read clock-frequency property\n");
+ }
+
return 0;
}
FCONF_REGISTER_POPULATOR(HW_CONFIG, gicv3_config, fconf_populate_gicv3_config);
FCONF_REGISTER_POPULATOR(HW_CONFIG, topology, fconf_populate_topology);
FCONF_REGISTER_POPULATOR(HW_CONFIG, uart_config, fconf_populate_uart_config);
+FCONF_REGISTER_POPULATOR(HW_CONFIG, cpu_timer, fconf_populate_cpu_timer);
diff --git a/plat/arm/board/fvp/fvp_bl31_setup.c b/plat/arm/board/fvp/fvp_bl31_setup.c
index dc7bfa2..4cc1c1b 100644
--- a/plat/arm/board/fvp/fvp_bl31_setup.c
+++ b/plat/arm/board/fvp/fvp_bl31_setup.c
@@ -7,7 +7,9 @@
#include <assert.h>
#include <common/debug.h>
#include <drivers/arm/smmu_v3.h>
+#include <fconf_hw_config_getter.h>
#include <lib/fconf/fconf.h>
+#include <lib/mmio.h>
#include <plat/arm/common/arm_config.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
@@ -65,3 +67,26 @@
fconf_populate("HW_CONFIG", hw_config_dtb);
#endif
}
+
+unsigned int plat_get_syscnt_freq2(void)
+{
+ unsigned int counter_base_frequency;
+
+#if !RESET_TO_BL31 && !BL2_AT_EL3
+ /* Get the frequency through FCONF API for HW_CONFIG */
+ counter_base_frequency = FCONF_GET_PROPERTY(hw_config, cpu_timer, clock_freq);
+ if (counter_base_frequency > 0U) {
+ return counter_base_frequency;
+ }
+#endif
+
+ /* Read the frequency from Frequency modes table */
+ counter_base_frequency = mmio_read_32(ARM_SYS_CNTCTL_BASE + CNTFID_OFF);
+
+ /* The first entry of the frequency modes table must not be 0 */
+ if (counter_base_frequency == 0U) {
+ panic();
+ }
+
+ return counter_base_frequency;
+}
diff --git a/plat/arm/board/fvp/include/fconf_hw_config_getter.h b/plat/arm/board/fvp/include/fconf_hw_config_getter.h
index b53e00a..ca85f7a 100644
--- a/plat/arm/board/fvp/include/fconf_hw_config_getter.h
+++ b/plat/arm/board/fvp/include/fconf_hw_config_getter.h
@@ -11,10 +11,9 @@
/* Hardware Config related getter */
#define hw_config__gicv3_config_getter(prop) gicv3_config.prop
-
#define hw_config__topology_getter(prop) soc_topology.prop
-
#define hw_config__uart_serial_config_getter(prop) uart_serial_config.prop
+#define hw_config__cpu_timer_getter(prop) cpu_timer.prop
struct gicv3_config_t {
uint64_t gicd_base;
@@ -33,12 +32,17 @@
uint32_t uart_clk;
};
+struct cpu_timer_t {
+ uint32_t clock_freq;
+};
+
int fconf_populate_gicv3_config(uintptr_t config);
int fconf_populate_topology(uintptr_t config);
int fconf_populate_uart_config(uintptr_t config);
+int fconf_populate_cpu_timer(uintptr_t config);
extern struct gicv3_config_t gicv3_config;
extern struct hw_topology_t soc_topology;
extern struct uart_serial_config_t uart_serial_config;
-
+extern struct cpu_timer_t cpu_timer;
#endif /* FCONF_HW_CONFIG_GETTER_H */
diff --git a/plat/brcm/board/stingray/src/bl31_setup.c b/plat/brcm/board/stingray/src/bl31_setup.c
index d947551..a2a274d 100644
--- a/plat/brcm/board/stingray/src/bl31_setup.c
+++ b/plat/brcm/board/stingray/src/bl31_setup.c
@@ -923,7 +923,7 @@
scp_image_info.image_base = PRELOADED_SCP_BASE;
scp_image_info.image_size = PRELOADED_SCP_SIZE;
- bcm_bl2_plat_handle_scp_bl2(&scp_image_info);
+ plat_bcm_bl2_plat_handle_scp_bl2(&scp_image_info);
#endif
/*
* In BL31, logs are saved to DDR and we have much larger space to
diff --git a/plat/st/stm32mp1/sp_min/sp_min-stm32mp1.mk b/plat/st/stm32mp1/sp_min/sp_min-stm32mp1.mk
index 180620e..de54e09 100644
--- a/plat/st/stm32mp1/sp_min/sp_min-stm32mp1.mk
+++ b/plat/st/stm32mp1/sp_min/sp_min-stm32mp1.mk
@@ -25,3 +25,6 @@
# stm32mp1 specific services
BL32_SOURCES += plat/st/stm32mp1/services/bsec_svc.c \
plat/st/stm32mp1/services/stm32mp1_svc_setup.c
+
+# Arm Archtecture services
+BL32_SOURCES += services/arm_arch_svc/arm_arch_svc_setup.c
diff --git a/plat/st/stm32mp1/sp_min/sp_min_setup.c b/plat/st/stm32mp1/sp_min/sp_min_setup.c
index e1799ed..1f96239 100644
--- a/plat/st/stm32mp1/sp_min/sp_min_setup.c
+++ b/plat/st/stm32mp1/sp_min/sp_min_setup.c
@@ -77,7 +77,25 @@
return next_image_info;
}
+CASSERT((STM32MP_SEC_SYSRAM_BASE == STM32MP_SYSRAM_BASE) &&
+ ((STM32MP_SEC_SYSRAM_BASE + STM32MP_SEC_SYSRAM_SIZE) <=
+ (STM32MP_SYSRAM_BASE + STM32MP_SYSRAM_SIZE)),
+ assert_secure_sysram_fits_at_begining_of_sysram);
+
+#ifdef STM32MP_NS_SYSRAM_BASE
+CASSERT((STM32MP_NS_SYSRAM_BASE >= STM32MP_SEC_SYSRAM_BASE) &&
+ ((STM32MP_NS_SYSRAM_BASE + STM32MP_NS_SYSRAM_SIZE) ==
+ (STM32MP_SYSRAM_BASE + STM32MP_SYSRAM_SIZE)),
+ assert_non_secure_sysram_fits_at_end_of_sysram);
+
+CASSERT((STM32MP_NS_SYSRAM_BASE & (PAGE_SIZE_4KB - U(1))) == 0U,
+ assert_non_secure_sysram_base_is_4kbyte_aligned);
+
+#define TZMA1_SECURE_RANGE \
+ (((STM32MP_NS_SYSRAM_BASE - STM32MP_SYSRAM_BASE) >> FOUR_KB_SHIFT) - 1U)
+#else
#define TZMA1_SECURE_RANGE STM32MP1_ETZPC_TZMA_ALL_SECURE
+#endif /* STM32MP_NS_SYSRAM_BASE */
#define TZMA0_SECURE_RANGE STM32MP1_ETZPC_TZMA_ALL_SECURE
static void stm32mp1_etzpc_early_setup(void)
diff --git a/plat/st/stm32mp1/stm32mp1_def.h b/plat/st/stm32mp1/stm32mp1_def.h
index 0a12b6e..4fae2d7 100644
--- a/plat/st/stm32mp1/stm32mp1_def.h
+++ b/plat/st/stm32mp1/stm32mp1_def.h
@@ -56,6 +56,15 @@
#define STM32MP_SYSRAM_BASE U(0x2FFC0000)
#define STM32MP_SYSRAM_SIZE U(0x00040000)
+#define STM32MP_NS_SYSRAM_SIZE PAGE_SIZE
+#define STM32MP_NS_SYSRAM_BASE (STM32MP_SYSRAM_BASE + \
+ STM32MP_SYSRAM_SIZE - \
+ STM32MP_NS_SYSRAM_SIZE)
+
+#define STM32MP_SEC_SYSRAM_BASE STM32MP_SYSRAM_BASE
+#define STM32MP_SEC_SYSRAM_SIZE (STM32MP_SYSRAM_SIZE - \
+ STM32MP_NS_SYSRAM_SIZE)
+
/* DDR configuration */
#define STM32MP_DDR_BASE U(0xC0000000)
#define STM32MP_DDR_MAX_SIZE U(0x40000000) /* Max 1GB */
@@ -81,18 +90,18 @@
/* 256 Octets reserved for header */
#define STM32MP_HEADER_SIZE U(0x00000100)
-#define STM32MP_BINARY_BASE (STM32MP_SYSRAM_BASE + \
+#define STM32MP_BINARY_BASE (STM32MP_SEC_SYSRAM_BASE + \
STM32MP_PARAM_LOAD_SIZE + \
STM32MP_HEADER_SIZE)
-#define STM32MP_BINARY_SIZE (STM32MP_SYSRAM_SIZE - \
+#define STM32MP_BINARY_SIZE (STM32MP_SEC_SYSRAM_SIZE - \
(STM32MP_PARAM_LOAD_SIZE + \
STM32MP_HEADER_SIZE))
#ifdef AARCH32_SP_OPTEE
#define STM32MP_BL32_SIZE U(0)
-#define STM32MP_OPTEE_BASE STM32MP_SYSRAM_BASE
+#define STM32MP_OPTEE_BASE STM32MP_SEC_SYSRAM_BASE
#define STM32MP_OPTEE_SIZE (STM32MP_DTB_BASE - \
STM32MP_OPTEE_BASE)
@@ -104,8 +113,8 @@
#endif
#endif
-#define STM32MP_BL32_BASE (STM32MP_SYSRAM_BASE + \
- STM32MP_SYSRAM_SIZE - \
+#define STM32MP_BL32_BASE (STM32MP_SEC_SYSRAM_BASE + \
+ STM32MP_SEC_SYSRAM_SIZE - \
STM32MP_BL32_SIZE)
#ifdef AARCH32_SP_OPTEE
diff --git a/plat/st/stm32mp1/stm32mp1_private.c b/plat/st/stm32mp1/stm32mp1_private.c
index 779228d..fd60db2 100644
--- a/plat/st/stm32mp1/stm32mp1_private.c
+++ b/plat/st/stm32mp1/stm32mp1_private.c
@@ -30,13 +30,30 @@
BOARD_ID_REVISION_SHIFT)
#define BOARD_ID2BOM(_id) ((_id) & BOARD_ID_BOM_MASK)
-#define MAP_SRAM MAP_REGION_FLAT(STM32MP_SYSRAM_BASE, \
+#if defined(IMAGE_BL2)
+#define MAP_SEC_SYSRAM MAP_REGION_FLAT(STM32MP_SYSRAM_BASE, \
STM32MP_SYSRAM_SIZE, \
MT_MEMORY | \
MT_RW | \
MT_SECURE | \
MT_EXECUTE_NEVER)
+#elif defined(IMAGE_BL32)
+#define MAP_SEC_SYSRAM MAP_REGION_FLAT(STM32MP_SEC_SYSRAM_BASE, \
+ STM32MP_SEC_SYSRAM_SIZE, \
+ MT_MEMORY | \
+ MT_RW | \
+ MT_SECURE | \
+ MT_EXECUTE_NEVER)
+/* Non-secure SYSRAM is used a uncached memory for SCMI message transfer */
+#define MAP_NS_SYSRAM MAP_REGION_FLAT(STM32MP_NS_SYSRAM_BASE, \
+ STM32MP_NS_SYSRAM_SIZE, \
+ MT_DEVICE | \
+ MT_RW | \
+ MT_NS | \
+ MT_EXECUTE_NEVER)
+#endif
+
#define MAP_DEVICE1 MAP_REGION_FLAT(STM32MP1_DEVICE1_BASE, \
STM32MP1_DEVICE1_SIZE, \
MT_DEVICE | \
@@ -53,7 +70,7 @@
#if defined(IMAGE_BL2)
static const mmap_region_t stm32mp1_mmap[] = {
- MAP_SRAM,
+ MAP_SEC_SYSRAM,
MAP_DEVICE1,
MAP_DEVICE2,
{0}
@@ -61,7 +78,8 @@
#endif
#if defined(IMAGE_BL32)
static const mmap_region_t stm32mp1_mmap[] = {
- MAP_SRAM,
+ MAP_SEC_SYSRAM,
+ MAP_NS_SYSRAM,
MAP_DEVICE1,
MAP_DEVICE2,
{0}