Merge "feat(plat/qti/sc7280): add support for pmk7325" into integration
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index fd60232..663ec64 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -126,6 +126,9 @@
auth_mod_init();
#endif /* TRUSTED_BOARD_BOOT */
+ /* Initialize the measured boot */
+ bl1_plat_mboot_init();
+
/* Perform platform setup in BL1. */
bl1_platform_setup();
@@ -147,6 +150,9 @@
else
NOTICE("BL1-FWU: *******FWU Process Started*******\n");
+ /* Teardown the measured boot driver */
+ bl1_plat_mboot_finish();
+
bl1_prepare_next_image(image_id);
console_flush();
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index 197c057..90fe39b 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -15,9 +15,6 @@
#include <drivers/auth/auth_mod.h>
#include <drivers/console.h>
#include <drivers/fwu/fwu.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
#include <lib/extensions/pauth.h>
#include <plat/common/platform.h>
@@ -95,24 +92,19 @@
#if TRUSTED_BOARD_BOOT
/* Initialize authentication module */
auth_mod_init();
-
-#if MEASURED_BOOT
- /* Initialize measured boot module */
- measured_boot_init();
-
-#endif /* MEASURED_BOOT */
#endif /* TRUSTED_BOARD_BOOT */
+ /* Initialize the Measured Boot backend */
+ bl2_plat_mboot_init();
+
/* Initialize boot source */
bl2_plat_preload_setup();
/* Load the subsequent bootloader images. */
next_bl_ep_info = bl2_load_images();
-#if MEASURED_BOOT
- /* Finalize measured boot */
- measured_boot_finish();
-#endif /* MEASURED_BOOT */
+ /* Teardown the Measured Boot backend */
+ bl2_plat_mboot_finish();
#if !BL2_AT_EL3 && !ENABLE_RME
#ifndef __aarch64__
diff --git a/common/bl_common.c b/common/bl_common.c
index a7e2816..eb2352a 100644
--- a/common/bl_common.c
+++ b/common/bl_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -202,12 +202,26 @@
return -EAUTH;
}
- /*
- * Flush the image to main memory so that it can be executed later by
- * any CPU, regardless of cache and MMU state. This is only needed for
- * child images, not for the parents (certificates).
- */
if (is_parent_image == 0) {
+ /*
+ * Measure the image.
+ * We do not measure its parents because these only play a role
+ * in authentication, which is orthogonal to measured boot.
+ *
+ * TODO: Change this code if we change our minds about measuring
+ * certificates.
+ */
+ rc = plat_mboot_measure_image(image_id, image_data);
+ if (rc != 0) {
+ return rc;
+ }
+
+ /*
+ * Flush the image to main memory so that it can be executed
+ * later by any CPU, regardless of cache and MMU state. This
+ * is only needed for child images, not for the parents
+ * (certificates).
+ */
flush_dcache_range(image_data->image_base,
image_data->image_size);
}
diff --git a/docs/components/measured_boot/event_log.rst b/docs/components/measured_boot/event_log.rst
index 5347dcc..0881248 100644
--- a/docs/components/measured_boot/event_log.rst
+++ b/docs/components/measured_boot/event_log.rst
@@ -9,7 +9,7 @@
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Measured Boot driver expects a *tpm_event_log* node with the following field
-in 'nt_fw_config' and 'tsp_fw_config' DTS files:
+in 'tb_fw_config', 'nt_fw_config' and 'tsp_fw_config' DTS files:
- compatible [mandatory]
- value type: <string>
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 54754fe..6569a47 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -1199,6 +1199,25 @@
the SMCCC function specified in the argument; otherwise returns
SMC_ARCH_CALL_NOT_SUPPORTED.
+Function : plat_mboot_measure_image()
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : unsigned int, image_info_t *
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function measures the given image and records its measurement using
+ the measured boot backend driver.
+- On the Arm FVP port, this function measures the given image using its
+ passed id and information and then records that measurement in the
+ Event Log buffer.
+- This function must return 0 on success, a negative error code otherwise.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Modifications specific to a Boot Loader stage
---------------------------------------------
@@ -1450,6 +1469,42 @@
The default implementation of this function asserts therefore platforms must
override it when using the FWU feature.
+Function : bl1_plat_mboot_init() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to initialize the backend driver(s) of measured boot.
+- On the Arm FVP port, this function is used to initialize the Event Log
+ backend driver, and also to write header information in the Event Log buffer.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
+Function : bl1_plat_mboot_finish() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to finalize the measured boot backend driver(s),
+ and also, set the information for the next bootloader component to
+ extend the measurement if needed.
+- On the Arm FVP port, this function is used to pass the base address of
+ the Event Log buffer and its size to BL2 via tb_fw_config to extend the
+ Event Log buffer with the measurement of various images loaded by BL2.
+ It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Boot Loader Stage 2 (BL2)
-------------------------
@@ -1738,6 +1793,42 @@
This function returns 0 on success, a negative error code otherwise.
This function is included if SCP_BL2U_BASE is defined.
+Function : bl2_plat_mboot_init() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to initialize the backend driver(s) of measured boot.
+- On the Arm FVP port, this function is used to initialize the Event Log
+ backend driver with the Event Log buffer information (base address and
+ size) received from BL1. It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
+Function : bl2_plat_mboot_finish() [optional]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : void
+ Return : void
+
+When the MEASURED_BOOT flag is enabled:
+
+- This function is used to finalize the measured boot backend driver(s),
+ and also, set the information for the next bootloader component to extend
+ the measurement if needed.
+- On the Arm FVP port, this function is used to pass the Event Log buffer
+ information (base address and size) to non-secure(BL33) and trusted OS(BL32)
+ via nt_fw and tos_fw config respectively. It results in panic on error.
+
+When the MEASURED_BOOT flag is disabled, this function doesn't do anything.
+
Boot Loader Stage 3-1 (BL31)
----------------------------
diff --git a/drivers/auth/cryptocell/713/cryptocell_crypto.c b/drivers/auth/cryptocell/713/cryptocell_crypto.c
index 5f390a2..077317e 100644
--- a/drivers/auth/cryptocell/713/cryptocell_crypto.c
+++ b/drivers/auth/cryptocell/713/cryptocell_crypto.c
@@ -13,6 +13,7 @@
#include <drivers/auth/crypto_mod.h>
#include <mbedtls/oid.h>
+#include <mbedtls/x509.h>
#define LIB_NAME "CryptoCell 713 SBROM"
#define RSA_SALT_LEN 32
diff --git a/drivers/marvell/comphy/phy-comphy-3700.c b/drivers/marvell/comphy/phy-comphy-3700.c
index 0ad14a8..a3e414c 100644
--- a/drivers/marvell/comphy/phy-comphy-3700.c
+++ b/drivers/marvell/comphy/phy-comphy-3700.c
@@ -815,6 +815,12 @@
debug_enter();
+ /* Configure phy selector for PCIe */
+ ret = mvebu_a3700_comphy_set_phy_selector(comphy_index, comphy_mode);
+ if (ret) {
+ return ret;
+ }
+
/* 1. Enable max PLL. */
reg_set16(LANE_CFG1_ADDR(PCIE) + COMPHY_SD_ADDR,
USE_MAX_PLL_RATE_EN, USE_MAX_PLL_RATE_EN);
diff --git a/drivers/measured_boot/event_log.c b/drivers/measured_boot/event_log.c
deleted file mode 100644
index 0157b03..0000000
--- a/drivers/measured_boot/event_log.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <errno.h>
-#include <string.h>
-#include <arch_helpers.h>
-
-#include <common/bl_common.h>
-#include <common/debug.h>
-#include <drivers/auth/crypto_mod.h>
-#include <drivers/measured_boot/event_log.h>
-#include <mbedtls/md.h>
-
-#include <plat/common/platform.h>
-
-/* Event Log data */
-static uint8_t event_log[EVENT_LOG_SIZE];
-
-/* End of Event Log */
-#define EVENT_LOG_END ((uintptr_t)event_log + sizeof(event_log) - 1U)
-
-CASSERT(sizeof(event_log) >= LOG_MIN_SIZE, assert_event_log_size);
-
-/* Pointer in event_log[] */
-static uint8_t *log_ptr = event_log;
-
-/* Pointer to measured_boot_data_t */
-const static measured_boot_data_t *plat_data_ptr;
-
-static uintptr_t tos_fw_config_base;
-static uintptr_t nt_fw_config_base;
-
-/* TCG_EfiSpecIdEvent */
-static const id_event_headers_t id_event_header = {
- .header = {
- .pcr_index = PCR_0,
- .event_type = EV_NO_ACTION,
- .digest = {0},
- .event_size = (uint32_t)(sizeof(id_event_struct_t) +
- (sizeof(id_event_algorithm_size_t) *
- HASH_ALG_COUNT))
- },
-
- .struct_header = {
- .signature = TCG_ID_EVENT_SIGNATURE_03,
- .platform_class = PLATFORM_CLASS_CLIENT,
- .spec_version_minor = TCG_SPEC_VERSION_MINOR_TPM2,
- .spec_version_major = TCG_SPEC_VERSION_MAJOR_TPM2,
- .spec_errata = TCG_SPEC_ERRATA_TPM2,
- .uintn_size = (uint8_t)(sizeof(unsigned int) /
- sizeof(uint32_t)),
- .number_of_algorithms = HASH_ALG_COUNT
- }
-};
-
-static const event2_header_t locality_event_header = {
- /*
- * All EV_NO_ACTION events SHALL set
- * TCG_PCR_EVENT2.pcrIndex = 0, unless otherwise specified
- */
- .pcr_index = PCR_0,
-
- /*
- * All EV_NO_ACTION events SHALL set
- * TCG_PCR_EVENT2.eventType = 03h
- */
- .event_type = EV_NO_ACTION,
-
- /*
- * All EV_NO_ACTION events SHALL set TCG_PCR_EVENT2.digests to all
- * 0x00's for each allocated Hash algorithm
- */
- .digests = {
- .count = HASH_ALG_COUNT
- }
-};
-
-/*
- * Add TCG_PCR_EVENT2 event
- *
- * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
- * @param[in] image_ptr Pointer to image_data_t structure
- *
- * There must be room for storing this new event into the event log buffer.
- */
-static void add_event2(const uint8_t *hash, const image_data_t *image_ptr)
-{
- void *ptr = log_ptr;
- uint32_t name_len;
-
- assert(image_ptr != NULL);
- assert(image_ptr->name != NULL);
-
- name_len = (uint32_t)strlen(image_ptr->name) + 1U;
-
- /* Check for space in Event Log buffer */
- assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <=
- EVENT_LOG_END);
-
- /*
- * As per TCG specifications, firmware components that are measured
- * into PCR[0] must be logged in the event log using the event type
- * EV_POST_CODE.
- */
- /* TCG_PCR_EVENT2.PCRIndex */
- ((event2_header_t *)ptr)->pcr_index = image_ptr->pcr;
-
- /* TCG_PCR_EVENT2.EventType */
- ((event2_header_t *)ptr)->event_type = EV_POST_CODE;
-
- /* TCG_PCR_EVENT2.Digests.Count */
- ptr = (uint8_t *)ptr + offsetof(event2_header_t, digests);
- ((tpml_digest_values *)ptr)->count = HASH_ALG_COUNT;
-
- /* TCG_PCR_EVENT2.Digests[] */
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(tpml_digest_values, digests));
-
- /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
- ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
-
- /* TCG_PCR_EVENT2.Digests[].Digest[] */
- ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
-
- if (hash == NULL) {
- /* Get BL2 hash from DTB */
- bl2_plat_get_hash(ptr);
- } else {
- /* Copy digest */
- (void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
- }
-
- /* TCG_PCR_EVENT2.EventSize */
- ptr = (uint8_t *)((uintptr_t)ptr + TCG_DIGEST_SIZE);
- ((event2_data_t *)ptr)->event_size = name_len;
-
- /* Copy event data to TCG_PCR_EVENT2.Event */
- (void)memcpy((void *)(((event2_data_t *)ptr)->event),
- (const void *)image_ptr->name, name_len);
-
- /* End of event data */
- log_ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(event2_data_t, event) + name_len);
-}
-
-/*
- * Init Event Log
- *
- * Initialises Event Log by writing Specification ID and
- * Startup Locality events.
- */
-void event_log_init(void)
-{
- const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
- void *ptr = event_log;
-
- /* Get pointer to platform's measured_boot_data_t structure */
- plat_data_ptr = plat_get_measured_boot_data();
-
- /*
- * Add Specification ID Event first
- *
- * Copy TCG_EfiSpecIDEventStruct structure header
- */
- (void)memcpy(ptr, (const void *)&id_event_header,
- sizeof(id_event_header));
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_header));
-
- /* TCG_EfiSpecIdEventAlgorithmSize structure */
- ((id_event_algorithm_size_t *)ptr)->algorithm_id = TPM_ALG_ID;
- ((id_event_algorithm_size_t *)ptr)->digest_size = TCG_DIGEST_SIZE;
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_algorithm_size_t));
-
- /*
- * TCG_EfiSpecIDEventStruct.vendorInfoSize
- * No vendor data
- */
- ((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(id_event_struct_data_t, vendor_info));
-
- /*
- * The Startup Locality event should be placed in the log before
- * any event which extends PCR[0].
- *
- * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
- */
-
- /* Copy Startup Locality Event Header */
- (void)memcpy(ptr, (const void *)&locality_event_header,
- sizeof(locality_event_header));
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(locality_event_header));
-
- /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
- ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
-
- /* TCG_PCR_EVENT2.Digests[].Digest[] */
- (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID);
- ptr = (uint8_t *)((uintptr_t)ptr +
- offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE);
-
- /* TCG_PCR_EVENT2.EventSize */
- ((event2_data_t *)ptr)->event_size =
- (uint32_t)sizeof(startup_locality_event_t);
- ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
-
- /* TCG_EfiStartupLocalityEvent.Signature */
- (void)memcpy(ptr, (const void *)locality_signature,
- sizeof(TCG_STARTUP_LOCALITY_SIGNATURE));
-
- /*
- * TCG_EfiStartupLocalityEvent.StartupLocality = 0:
- * the platform's boot firmware
- */
- ((startup_locality_event_t *)ptr)->startup_locality = 0U;
- ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
-
- log_ptr = (uint8_t *)ptr;
-
- /* Add BL2 event */
- add_event2(NULL, plat_data_ptr->images_data);
-}
-
-/*
- * Calculate and write hash of image, configuration data, etc.
- * to Event Log.
- *
- * @param[in] data_base Address of data
- * @param[in] data_size Size of data
- * @param[in] data_id Data ID
- * @return:
- * 0 = success
- * < 0 = error
- */
-int tpm_record_measurement(uintptr_t data_base, uint32_t data_size,
- uint32_t data_id)
-{
- const image_data_t *data_ptr = plat_data_ptr->images_data;
- unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
- int rc;
-
- /* Get the metadata associated with this image. */
- while ((data_ptr->id != INVALID_ID) && (data_ptr->id != data_id)) {
- data_ptr++;
- }
- assert(data_ptr->id != INVALID_ID);
-
- if (data_id == TOS_FW_CONFIG_ID) {
- tos_fw_config_base = data_base;
- } else if (data_id == NT_FW_CONFIG_ID) {
- nt_fw_config_base = data_base;
- } else {
- /* No action */
- }
-
- /* Calculate hash */
- rc = crypto_mod_calc_hash((unsigned int)MBEDTLS_MD_ID,
- (void *)data_base, data_size, hash_data);
- if (rc != 0) {
- return rc;
- }
-
- add_event2(hash_data, data_ptr);
- return 0;
-}
-
-/*
- * Finalise Event Log
- *
- * @param[out] log_addr Pointer to return Event Log address
- * @param[out] log_size Pointer to return Event Log size
- * @return:
- * 0 = success
- * < 0 = error code
- */
-int event_log_finalise(uint8_t **log_addr, size_t *log_size)
-{
- /* Event Log size */
- size_t num_bytes = (uintptr_t)log_ptr - (uintptr_t)event_log;
- int rc;
-
- assert(log_addr != NULL);
- assert(log_size != NULL);
-
- if (nt_fw_config_base == 0UL) {
- ERROR("%s(): %s_FW_CONFIG not loaded\n", __func__, "NT");
- return -ENOENT;
- }
-
- /*
- * Set Event Log data in NT_FW_CONFIG and
- * get Event Log address in Non-Secure memory
- */
- if (plat_data_ptr->set_nt_fw_info != NULL) {
-
- /* Event Log address in Non-Secure memory */
- uintptr_t ns_log_addr;
-
- rc = plat_data_ptr->set_nt_fw_info(
- nt_fw_config_base,
-#ifdef SPD_opteed
- (uintptr_t)event_log,
-#endif
- num_bytes, &ns_log_addr);
- if (rc != 0) {
- ERROR("%s(): Unable to update %s_FW_CONFIG\n",
- __func__, "NT");
- return rc;
- }
-
- /* Copy Event Log to Non-secure memory */
- (void)memcpy((void *)ns_log_addr, (const void *)event_log,
- num_bytes);
-
- /* Ensure that the Event Log is visible in Non-secure memory */
- flush_dcache_range(ns_log_addr, num_bytes);
-
- /* Return Event Log address in Non-Secure memory */
- *log_addr = (uint8_t *)ns_log_addr;
-
- } else {
- INFO("%s(): set_%s_fw_info not set\n", __func__, "nt");
-
- /* Return Event Log address in Secure memory */
- *log_addr = event_log;
- }
-
- if (tos_fw_config_base != 0UL) {
- if (plat_data_ptr->set_tos_fw_info != NULL) {
-
- /* Set Event Log data in TOS_FW_CONFIG */
- rc = plat_data_ptr->set_tos_fw_info(
- tos_fw_config_base,
- (uintptr_t)event_log,
- num_bytes);
- if (rc != 0) {
- ERROR("%s(): Unable to update %s_FW_CONFIG\n",
- __func__, "TOS");
- return rc;
- }
- } else {
- INFO("%s(): set_%s_fw_info not set\n", __func__, "tos");
- }
- } else {
- INFO("%s(): %s_FW_CONFIG not loaded\n", __func__, "TOS");
- }
-
- /* Ensure that the Event Log is visible in Secure memory */
- flush_dcache_range((uintptr_t)event_log, num_bytes);
-
- /* Return Event Log size */
- *log_size = num_bytes;
-
- return 0;
-}
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c
new file mode 100644
index 0000000..1755dd9
--- /dev/null
+++ b/drivers/measured_boot/event_log/event_log.c
@@ -0,0 +1,284 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <string.h>
+#include <arch_helpers.h>
+
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <drivers/auth/crypto_mod.h>
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <mbedtls/md.h>
+
+#include <plat/common/platform.h>
+
+/* Running Event Log Pointer */
+static uint8_t *log_ptr;
+
+/* Pointer to the first byte past end of the Event Log buffer */
+static uintptr_t log_end;
+
+/* Pointer to event_log_metadata_t */
+static const event_log_metadata_t *plat_metadata_ptr;
+
+/* TCG_EfiSpecIdEvent */
+static const id_event_headers_t id_event_header = {
+ .header = {
+ .pcr_index = PCR_0,
+ .event_type = EV_NO_ACTION,
+ .digest = {0},
+ .event_size = (uint32_t)(sizeof(id_event_struct_t) +
+ (sizeof(id_event_algorithm_size_t) *
+ HASH_ALG_COUNT))
+ },
+
+ .struct_header = {
+ .signature = TCG_ID_EVENT_SIGNATURE_03,
+ .platform_class = PLATFORM_CLASS_CLIENT,
+ .spec_version_minor = TCG_SPEC_VERSION_MINOR_TPM2,
+ .spec_version_major = TCG_SPEC_VERSION_MAJOR_TPM2,
+ .spec_errata = TCG_SPEC_ERRATA_TPM2,
+ .uintn_size = (uint8_t)(sizeof(unsigned int) /
+ sizeof(uint32_t)),
+ .number_of_algorithms = HASH_ALG_COUNT
+ }
+};
+
+static const event2_header_t locality_event_header = {
+ /*
+ * All EV_NO_ACTION events SHALL set
+ * TCG_PCR_EVENT2.pcrIndex = 0, unless otherwise specified
+ */
+ .pcr_index = PCR_0,
+
+ /*
+ * All EV_NO_ACTION events SHALL set
+ * TCG_PCR_EVENT2.eventType = 03h
+ */
+ .event_type = EV_NO_ACTION,
+
+ /*
+ * All EV_NO_ACTION events SHALL set TCG_PCR_EVENT2.digests to all
+ * 0x00's for each allocated Hash algorithm
+ */
+ .digests = {
+ .count = HASH_ALG_COUNT
+ }
+};
+
+/*
+ * Record a measurement as a TCG_PCR_EVENT2 event
+ *
+ * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
+ * @param[in] metadata_ptr Pointer to event_log_metadata_t structure
+ *
+ * There must be room for storing this new event into the event log buffer.
+ */
+static void event_log_record(const uint8_t *hash,
+ const event_log_metadata_t *metadata_ptr)
+{
+ void *ptr = log_ptr;
+ uint32_t name_len;
+
+ assert(hash != NULL);
+ assert(metadata_ptr != NULL);
+ assert(metadata_ptr->name != NULL);
+ /* event_log_init() must have been called prior to this. */
+ assert(log_ptr != NULL);
+
+ name_len = (uint32_t)strlen(metadata_ptr->name) + 1U;
+
+ /* Check for space in Event Log buffer */
+ assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <
+ log_end);
+
+ /*
+ * As per TCG specifications, firmware components that are measured
+ * into PCR[0] must be logged in the event log using the event type
+ * EV_POST_CODE.
+ */
+ /* TCG_PCR_EVENT2.PCRIndex */
+ ((event2_header_t *)ptr)->pcr_index = metadata_ptr->pcr;
+
+ /* TCG_PCR_EVENT2.EventType */
+ ((event2_header_t *)ptr)->event_type = EV_POST_CODE;
+
+ /* TCG_PCR_EVENT2.Digests.Count */
+ ptr = (uint8_t *)ptr + offsetof(event2_header_t, digests);
+ ((tpml_digest_values *)ptr)->count = HASH_ALG_COUNT;
+
+ /* TCG_PCR_EVENT2.Digests[] */
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(tpml_digest_values, digests));
+
+ /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
+ ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
+
+ /* TCG_PCR_EVENT2.Digests[].Digest[] */
+ ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
+
+ /* Copy digest */
+ (void)memcpy(ptr, (const void *)hash, TCG_DIGEST_SIZE);
+
+ /* TCG_PCR_EVENT2.EventSize */
+ ptr = (uint8_t *)((uintptr_t)ptr + TCG_DIGEST_SIZE);
+ ((event2_data_t *)ptr)->event_size = name_len;
+
+ /* Copy event data to TCG_PCR_EVENT2.Event */
+ (void)memcpy((void *)(((event2_data_t *)ptr)->event),
+ (const void *)metadata_ptr->name, name_len);
+
+ /* End of event data */
+ log_ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(event2_data_t, event) + name_len);
+}
+
+/*
+ * Initialise Event Log global variables, used during the recording
+ * of various payload measurements into the Event Log buffer
+ *
+ * @param[in] event_log_start Base address of Event Log buffer
+ * @param[in] event_log_finish End address of Event Log buffer,
+ * it is a first byte past end of the
+ * buffer
+ */
+void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+{
+ assert(event_log_start != NULL);
+ assert(event_log_finish > event_log_start);
+
+ log_ptr = event_log_start;
+ log_end = (uintptr_t)event_log_finish;
+
+ /* Get pointer to platform's event_log_metadata_t structure */
+ plat_metadata_ptr = plat_event_log_get_metadata();
+ assert(plat_metadata_ptr != NULL);
+}
+
+/*
+ * Initialises Event Log by writing Specification ID and
+ * Startup Locality events
+ */
+void event_log_write_header(void)
+{
+ const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
+ void *ptr = log_ptr;
+
+ /* event_log_init() must have been called prior to this. */
+ assert(log_ptr != NULL);
+
+ /*
+ * Add Specification ID Event first
+ *
+ * Copy TCG_EfiSpecIDEventStruct structure header
+ */
+ (void)memcpy(ptr, (const void *)&id_event_header,
+ sizeof(id_event_header));
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_header));
+
+ /* TCG_EfiSpecIdEventAlgorithmSize structure */
+ ((id_event_algorithm_size_t *)ptr)->algorithm_id = TPM_ALG_ID;
+ ((id_event_algorithm_size_t *)ptr)->digest_size = TCG_DIGEST_SIZE;
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(id_event_algorithm_size_t));
+
+ /*
+ * TCG_EfiSpecIDEventStruct.vendorInfoSize
+ * No vendor data
+ */
+ ((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(id_event_struct_data_t, vendor_info));
+
+ /*
+ * The Startup Locality event should be placed in the log before
+ * any event which extends PCR[0].
+ *
+ * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
+ */
+
+ /* Copy Startup Locality Event Header */
+ (void)memcpy(ptr, (const void *)&locality_event_header,
+ sizeof(locality_event_header));
+ ptr = (uint8_t *)((uintptr_t)ptr + sizeof(locality_event_header));
+
+ /* TCG_PCR_EVENT2.Digests[].AlgorithmId */
+ ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
+
+ /* TCG_PCR_EVENT2.Digests[].Digest[] */
+ (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID);
+ ptr = (uint8_t *)((uintptr_t)ptr +
+ offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE);
+
+ /* TCG_PCR_EVENT2.EventSize */
+ ((event2_data_t *)ptr)->event_size =
+ (uint32_t)sizeof(startup_locality_event_t);
+ ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
+
+ /* TCG_EfiStartupLocalityEvent.Signature */
+ (void)memcpy(ptr, (const void *)locality_signature,
+ sizeof(TCG_STARTUP_LOCALITY_SIGNATURE));
+
+ /*
+ * TCG_EfiStartupLocalityEvent.StartupLocality = 0:
+ * the platform's boot firmware
+ */
+ ((startup_locality_event_t *)ptr)->startup_locality = 0U;
+ log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
+}
+
+/*
+ * Calculate and write hash of image, configuration data, etc.
+ * to Event Log.
+ *
+ * @param[in] data_base Address of data
+ * @param[in] data_size Size of data
+ * @param[in] data_id Data ID
+ * @return:
+ * 0 = success
+ * < 0 = error
+ */
+int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
+ uint32_t data_id)
+{
+ unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
+ int rc;
+ const event_log_metadata_t *metadata_ptr = plat_metadata_ptr;
+
+ /* Get the metadata associated with this image. */
+ while ((metadata_ptr->id != INVALID_ID) &&
+ (metadata_ptr->id != data_id)) {
+ metadata_ptr++;
+ }
+ assert(metadata_ptr->id != INVALID_ID);
+
+ /* Calculate hash */
+ rc = crypto_mod_calc_hash((unsigned int)MBEDTLS_MD_ID,
+ (void *)data_base, data_size, hash_data);
+ if (rc != 0) {
+ return rc;
+ }
+
+ event_log_record(hash_data, metadata_ptr);
+
+ return 0;
+}
+
+/*
+ * Get current Event Log buffer size i.e. used space of Event Log buffer
+ *
+ * @param[in] event_log_start Base Pointer to Event Log buffer
+ *
+ * @return: current Size of Event Log buffer
+ */
+size_t event_log_get_cur_size(uint8_t *event_log_start)
+{
+ assert(event_log_start != NULL);
+ assert(log_ptr >= event_log_start);
+
+ return (size_t)((uintptr_t)log_ptr - (uintptr_t)event_log_start);
+}
diff --git a/drivers/measured_boot/measured_boot.mk b/drivers/measured_boot/event_log/event_log.mk
similarity index 63%
rename from drivers/measured_boot/measured_boot.mk
rename to drivers/measured_boot/event_log/event_log.mk
index 497fdba..37e5e29 100644
--- a/drivers/measured_boot/measured_boot.mk
+++ b/drivers/measured_boot/event_log/event_log.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2020, Arm Limited. All rights reserved.
+# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -7,7 +7,8 @@
# Default log level to dump the event log (LOG_LEVEL_INFO)
EVENT_LOG_LEVEL ?= 40
-# TPM hash algorithm
+# TPM hash algorithm.
+# SHA-256 (or stronger) is required for all devices that are TPM 2.0 compliant.
TPM_HASH_ALG := sha256
ifeq (${TPM_HASH_ALG}, sha512)
@@ -24,8 +25,6 @@
TCG_DIGEST_SIZE := 32U
endif
-# Event Log length in bytes
-EVENT_LOG_SIZE := 1024
# Set definitions for mbed TLS library and Measured Boot driver
$(eval $(call add_defines,\
@@ -33,20 +32,19 @@
MBEDTLS_MD_ID \
TPM_ALG_ID \
TCG_DIGEST_SIZE \
- EVENT_LOG_SIZE \
EVENT_LOG_LEVEL \
)))
ifeq (${HASH_ALG}, sha256)
-ifneq (${TPM_HASH_ALG}, sha256)
-$(eval $(call add_define,MBEDTLS_SHA512_C))
-endif
+ ifneq (${TPM_HASH_ALG}, sha256)
+ $(eval $(call add_define,MBEDTLS_SHA512_C))
+ endif
endif
-MEASURED_BOOT_SRC_DIR := drivers/measured_boot/
+MEASURED_BOOT_SRC_DIR := drivers/measured_boot/event_log/
-MEASURED_BOOT_SOURCES := ${MEASURED_BOOT_SRC_DIR}measured_boot.c \
- ${MEASURED_BOOT_SRC_DIR}event_log.c \
- ${MEASURED_BOOT_SRC_DIR}event_print.c
+MEASURED_BOOT_SOURCES := ${MEASURED_BOOT_SRC_DIR}event_log.c \
+ ${MEASURED_BOOT_SRC_DIR}event_print.c
BL2_SOURCES += ${MEASURED_BOOT_SOURCES}
+BL1_SOURCES += ${MEASURED_BOOT_SOURCES}
diff --git a/drivers/measured_boot/event_print.c b/drivers/measured_boot/event_log/event_print.c
similarity index 98%
rename from drivers/measured_boot/event_print.c
rename to drivers/measured_boot/event_log/event_print.c
index 84ed4b1..e2ba174 100644
--- a/drivers/measured_boot/event_print.c
+++ b/drivers/measured_boot/event_log/event_print.c
@@ -8,7 +8,7 @@
#include <string.h>
#include <common/debug.h>
-#include <drivers/measured_boot/event_log.h>
+#include <drivers/measured_boot/event_log/event_log.h>
#if LOG_LEVEL >= EVENT_LOG_LEVEL
diff --git a/drivers/measured_boot/measured_boot.c b/drivers/measured_boot/measured_boot.c
deleted file mode 100644
index 37fddfb..0000000
--- a/drivers/measured_boot/measured_boot.c
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <common/debug.h>
-#include <drivers/measured_boot/measured_boot.h>
-
-/*
- * Init Measured Boot driver
- *
- * Initialises Event Log.
- */
-void measured_boot_init(void)
-{
- event_log_init();
-}
-
-/*
- * Finish Measured Boot driver
- *
- * Finalises Event Log and dumps the records to the debug console.
- */
-void measured_boot_finish(void)
-{
- uint8_t *log_addr;
- size_t log_size;
- int rc;
-
- rc = event_log_finalise(&log_addr, &log_size);
- if (rc != 0) {
- panic();
- }
-
- dump_event_log(log_addr, log_size);
-}
diff --git a/drivers/nxp/sfp/fuse_prov.c b/drivers/nxp/sfp/fuse_prov.c
index 4d30f5f..165474f 100644
--- a/drivers/nxp/sfp/fuse_prov.c
+++ b/drivers/nxp/sfp/fuse_prov.c
@@ -326,7 +326,7 @@
struct sfp_ccsr_regs_t *sfp_ccsr_regs)
{
int ret;
- uint32_t mask;
+ uint32_t mask = 0;
#ifdef NXP_SFP_VER_3_4
if (((fuse_hdr->flags >> FLAG_MC_SHIFT) & 0x1) != 0) {
diff --git a/drivers/renesas/common/io/io_rcar.c b/drivers/renesas/common/io/io_rcar.c
index 17d7aaa..45ef386 100644
--- a/drivers/renesas/common/io/io_rcar.c
+++ b/drivers/renesas/common/io/io_rcar.c
@@ -380,7 +380,7 @@
static int32_t rcar_dev_init(io_dev_info_t *dev_info, const uintptr_t name)
{
- uint64_t header[64] __aligned(FLASH_TRANS_SIZE_UNIT) = {0UL};
+ static uint64_t header[64] __aligned(FLASH_TRANS_SIZE_UNIT) = {0UL};
uintptr_t handle;
ssize_t offset;
uint32_t i;
@@ -423,15 +423,17 @@
WARN("Firmware Image Package header failed to seek\n");
goto error;
}
-#if RCAR_BL2_DCACHE == 1
- inv_dcache_range((uint64_t) header, sizeof(header));
-#endif
+
rc = io_read(handle, (uintptr_t) &header, sizeof(header), &cnt);
if (rc != IO_SUCCESS) {
WARN("Firmware Image Package header failed to read\n");
goto error;
}
+#if RCAR_BL2_DCACHE == 1
+ inv_dcache_range((uint64_t) header, sizeof(header));
+#endif
+
rcar_image_number = header[0];
for (i = 0; i < rcar_image_number + 2; i++) {
rcar_image_header[i] = header[i * 2 + 1];
@@ -440,6 +442,7 @@
if (rcar_image_number == 0 || rcar_image_number > RCAR_MAX_BL3X_IMAGE) {
WARN("Firmware Image Package header check failed.\n");
+ rc = IO_FAIL;
goto error;
}
@@ -448,10 +451,7 @@
WARN("Firmware Image Package header failed to seek cert\n");
goto error;
}
-#if RCAR_BL2_DCACHE == 1
- inv_dcache_range(RCAR_SDRAM_certESS,
- RCAR_CERT_SIZE * (2 + rcar_image_number));
-#endif
+
rc = io_read(handle, RCAR_SDRAM_certESS,
RCAR_CERT_SIZE * (2 + rcar_image_number), &cnt);
if (rc != IO_SUCCESS) {
@@ -459,6 +459,11 @@
goto error;
}
+#if RCAR_BL2_DCACHE == 1
+ inv_dcache_range(RCAR_SDRAM_certESS,
+ RCAR_CERT_SIZE * (2 + rcar_image_number));
+#endif
+
rcar_cert_load = RCAR_CERT_LOAD;
error:
diff --git a/drivers/renesas/common/pwrc/pwrc.c b/drivers/renesas/common/pwrc/pwrc.c
index 4ebf049..4e175eb 100644
--- a/drivers/renesas/common/pwrc/pwrc.c
+++ b/drivers/renesas/common/pwrc/pwrc.c
@@ -776,14 +776,14 @@
memcpy((void *)sram.base, code.base, code.len);
flush_dcache_range((uint64_t) sram.base, code.len);
+ attr = MT_MEMORY | MT_RO | MT_SECURE | MT_EXECUTE;
+ ret = xlat_change_mem_attributes(sram.base, sram.len, attr);
+ assert(ret == 0);
+
/* Invalidate instruction cache */
plat_invalidate_icache();
dsb();
isb();
-
- attr = MT_MEMORY | MT_RO | MT_SECURE | MT_EXECUTE;
- ret = xlat_change_mem_attributes(sram.base, sram.len, attr);
- assert(ret == 0);
}
uint32_t rcar_pwrc_get_cluster(void)
diff --git a/drivers/st/clk/stm32mp1_clk.c b/drivers/st/clk/stm32mp1_clk.c
index 80b6408..3ebc376 100644
--- a/drivers/st/clk/stm32mp1_clk.c
+++ b/drivers/st/clk/stm32mp1_clk.c
@@ -467,12 +467,12 @@
_ACLK, _PLL3_R, _PLL4_P, _CK_PER
};
-static const uint8_t ass_parents[] = {
- _HSI, _HSE, _PLL2
+static const uint8_t axiss_parents[] = {
+ _HSI, _HSE, _PLL2_P
};
-static const uint8_t mss_parents[] = {
- _HSI, _HSE, _CSI, _PLL3
+static const uint8_t mcuss_parents[] = {
+ _HSI, _HSE, _CSI, _PLL3_P
};
static const uint8_t usbphy_parents[] = {
@@ -514,8 +514,8 @@
_CLK_PARENT_SEL(SDMMC3, RCC_SDMMC3CKSELR, sdmmc3_parents),
_CLK_PARENT_SEL(QSPI, RCC_QSPICKSELR, qspi_parents),
_CLK_PARENT_SEL(FMC, RCC_FMCCKSELR, fmc_parents),
- _CLK_PARENT_SEL(AXIS, RCC_ASSCKSELR, ass_parents),
- _CLK_PARENT_SEL(MCUS, RCC_MSSCKSELR, mss_parents),
+ _CLK_PARENT_SEL(AXIS, RCC_ASSCKSELR, axiss_parents),
+ _CLK_PARENT_SEL(MCUS, RCC_MSSCKSELR, mcuss_parents),
_CLK_PARENT_SEL(USBPHY, RCC_USBCKSELR, usbphy_parents),
_CLK_PARENT_SEL(USBO, RCC_USBCKSELR, usbo_parents),
};
@@ -850,9 +850,7 @@
reg = mmio_read_32(rcc_base + RCC_MPCKDIVR);
clkdiv = reg & RCC_MPUDIV_MASK;
- if (clkdiv != 0U) {
- clock /= stm32mp1_mpu_div[clkdiv];
- }
+ clock >>= stm32mp1_mpu_div[clkdiv];
break;
default:
break;
@@ -1093,6 +1091,10 @@
case PLL3_P:
case PLL3_Q:
case PLL3_R:
+ case CK_AXI:
+ case CK_MPU:
+ case CK_MCU:
+ case RTC:
return true;
default:
return false;
diff --git a/drivers/st/clk/stm32mp_clkfunc.c b/drivers/st/clk/stm32mp_clkfunc.c
index 2101171..d57f120 100644
--- a/drivers/st/clk/stm32mp_clkfunc.c
+++ b/drivers/st/clk/stm32mp_clkfunc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2017-2021, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -163,7 +163,13 @@
*/
static int fdt_get_rcc_node(void *fdt)
{
- return fdt_node_offset_by_compatible(fdt, -1, DT_RCC_CLK_COMPAT);
+ static int node;
+
+ if (node <= 0) {
+ node = fdt_node_offset_by_compatible(fdt, -1, DT_RCC_CLK_COMPAT);
+ }
+
+ return node;
}
/*
diff --git a/drivers/st/mmc/stm32_sdmmc2.c b/drivers/st/mmc/stm32_sdmmc2.c
index cff3a34..d3adeab 100644
--- a/drivers/st/mmc/stm32_sdmmc2.c
+++ b/drivers/st/mmc/stm32_sdmmc2.c
@@ -628,6 +628,7 @@
int sdmmc_node;
void *fdt = NULL;
const fdt32_t *cuint;
+ struct dt_node_info dt_info;
if (fdt_get_address(&fdt) == 0) {
return -FDT_ERR_NOTFOUND;
@@ -637,27 +638,14 @@
return -FDT_ERR_NOTFOUND;
}
- sdmmc_node = fdt_node_offset_by_compatible(fdt, -1, DT_SDMMC2_COMPAT);
-
- while (sdmmc_node != -FDT_ERR_NOTFOUND) {
- cuint = fdt_getprop(fdt, sdmmc_node, "reg", NULL);
- if (cuint == NULL) {
- continue;
- }
-
- if (fdt32_to_cpu(*cuint) == sdmmc2_params.reg_base) {
- break;
- }
-
- sdmmc_node = fdt_node_offset_by_compatible(fdt, sdmmc_node,
- DT_SDMMC2_COMPAT);
- }
-
+ sdmmc_node = dt_match_instance_by_compatible(DT_SDMMC2_COMPAT,
+ sdmmc2_params.reg_base);
if (sdmmc_node == -FDT_ERR_NOTFOUND) {
return -FDT_ERR_NOTFOUND;
}
- if (fdt_get_status(sdmmc_node) == DT_DISABLED) {
+ dt_fill_device_info(&dt_info, sdmmc_node);
+ if (dt_info.status == DT_DISABLED) {
return -FDT_ERR_NOTFOUND;
}
@@ -665,21 +653,8 @@
return -FDT_ERR_BADVALUE;
}
- cuint = fdt_getprop(fdt, sdmmc_node, "clocks", NULL);
- if (cuint == NULL) {
- return -FDT_ERR_NOTFOUND;
- }
-
- cuint++;
- sdmmc2_params.clock_id = fdt32_to_cpu(*cuint);
-
- cuint = fdt_getprop(fdt, sdmmc_node, "resets", NULL);
- if (cuint == NULL) {
- return -FDT_ERR_NOTFOUND;
- }
-
- cuint++;
- sdmmc2_params.reset_id = fdt32_to_cpu(*cuint);
+ sdmmc2_params.clock_id = dt_info.clock;
+ sdmmc2_params.reset_id = dt_info.reset;
if ((fdt_getprop(fdt, sdmmc_node, "st,use-ckin", NULL)) != NULL) {
sdmmc2_params.pin_ckin = SDMMC_CLKCR_SELCLKRX_0;
diff --git a/drivers/st/pmic/stpmic1.c b/drivers/st/pmic/stpmic1.c
index 9999630..0a35df3 100644
--- a/drivers/st/pmic/stpmic1.c
+++ b/drivers/st/pmic/stpmic1.c
@@ -1,9 +1,10 @@
/*
- * Copyright (c) 2016-2019, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2016-2021, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <errno.h>
#include <string.h>
#include <common/debug.h>
@@ -16,6 +17,7 @@
const uint16_t *voltage_table;
uint8_t voltage_table_size;
uint8_t control_reg;
+ uint8_t enable_mask;
uint8_t low_power_reg;
uint8_t pull_down_reg;
uint8_t pull_down;
@@ -426,6 +428,7 @@
.voltage_table = buck1_voltage_table,
.voltage_table_size = ARRAY_SIZE(buck1_voltage_table),
.control_reg = BUCK1_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = BUCK1_PWRCTRL_REG,
.pull_down_reg = BUCK_PULL_DOWN_REG,
.pull_down = BUCK1_PULL_DOWN_SHIFT,
@@ -437,6 +440,7 @@
.voltage_table = buck2_voltage_table,
.voltage_table_size = ARRAY_SIZE(buck2_voltage_table),
.control_reg = BUCK2_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = BUCK2_PWRCTRL_REG,
.pull_down_reg = BUCK_PULL_DOWN_REG,
.pull_down = BUCK2_PULL_DOWN_SHIFT,
@@ -448,6 +452,7 @@
.voltage_table = buck3_voltage_table,
.voltage_table_size = ARRAY_SIZE(buck3_voltage_table),
.control_reg = BUCK3_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = BUCK3_PWRCTRL_REG,
.pull_down_reg = BUCK_PULL_DOWN_REG,
.pull_down = BUCK3_PULL_DOWN_SHIFT,
@@ -459,6 +464,7 @@
.voltage_table = buck4_voltage_table,
.voltage_table_size = ARRAY_SIZE(buck4_voltage_table),
.control_reg = BUCK4_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = BUCK4_PWRCTRL_REG,
.pull_down_reg = BUCK_PULL_DOWN_REG,
.pull_down = BUCK4_PULL_DOWN_SHIFT,
@@ -470,6 +476,7 @@
.voltage_table = ldo1_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo1_voltage_table),
.control_reg = LDO1_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO1_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO1_MASK_RESET,
@@ -479,6 +486,7 @@
.voltage_table = ldo2_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo2_voltage_table),
.control_reg = LDO2_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO2_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO2_MASK_RESET,
@@ -488,6 +496,7 @@
.voltage_table = ldo3_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo3_voltage_table),
.control_reg = LDO3_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO3_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO3_MASK_RESET,
@@ -497,6 +506,7 @@
.voltage_table = ldo4_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo4_voltage_table),
.control_reg = LDO4_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO4_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO4_MASK_RESET,
@@ -506,6 +516,7 @@
.voltage_table = ldo5_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo5_voltage_table),
.control_reg = LDO5_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO5_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO5_MASK_RESET,
@@ -515,6 +526,7 @@
.voltage_table = ldo6_voltage_table,
.voltage_table_size = ARRAY_SIZE(ldo6_voltage_table),
.control_reg = LDO6_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = LDO6_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = LDO6_MASK_RESET,
@@ -524,6 +536,7 @@
.voltage_table = vref_ddr_voltage_table,
.voltage_table_size = ARRAY_SIZE(vref_ddr_voltage_table),
.control_reg = VREF_DDR_CONTROL_REG,
+ .enable_mask = LDO_BUCK_ENABLE_MASK,
.low_power_reg = VREF_DDR_PWRCTRL_REG,
.mask_reset_reg = MASK_RESET_LDO_REG,
.mask_reset = VREF_DDR_MASK_RESET,
@@ -581,14 +594,16 @@
{
const struct regul_struct *regul = get_regulator_data(name);
- return stpmic1_register_update(regul->control_reg, BIT(0), BIT(0));
+ return stpmic1_register_update(regul->control_reg, regul->enable_mask,
+ regul->enable_mask);
}
int stpmic1_regulator_disable(const char *name)
{
const struct regul_struct *regul = get_regulator_data(name);
- return stpmic1_register_update(regul->control_reg, 0, BIT(0));
+ return stpmic1_register_update(regul->control_reg, 0,
+ regul->enable_mask);
}
uint8_t stpmic1_is_regulator_enabled(const char *name)
@@ -600,7 +615,7 @@
panic();
}
- return (val & 0x1U);
+ return (val & regul->enable_mask);
}
int stpmic1_regulator_voltage_set(const char *name, uint16_t millivolts)
@@ -653,6 +668,7 @@
const struct regul_struct *regul = get_regulator_data(name);
uint8_t value;
uint8_t mask;
+ int status;
/* Voltage can be set for buck<N> or ldo<N> (except ldo4) regulators */
if (strncmp(name, "buck", 4) == 0) {
@@ -664,13 +680,16 @@
return 0;
}
- if (stpmic1_register_read(regul->control_reg, &value))
- return -1;
+ status = stpmic1_register_read(regul->control_reg, &value);
+ if (status < 0) {
+ return status;
+ }
value = (value & mask) >> LDO_BUCK_VOLTAGE_SHIFT;
- if (value > regul->voltage_table_size)
- return -1;
+ if (value > regul->voltage_table_size) {
+ return -ERANGE;
+ }
return (int)regul->voltage_table[value];
}
@@ -706,7 +725,7 @@
}
if (readval != value) {
- return -1;
+ return -EIO;
}
}
#endif
@@ -751,12 +770,12 @@
int stpmic1_get_version(unsigned long *version)
{
- int rc;
uint8_t read_val;
+ int status;
- rc = stpmic1_register_read(VERSION_STATUS_REG, &read_val);
- if (rc) {
- return -1;
+ status = stpmic1_register_read(VERSION_STATUS_REG, &read_val);
+ if (status < 0) {
+ return status;
}
*version = (unsigned long)read_val;
diff --git a/drivers/ufs/ufs.c b/drivers/ufs/ufs.c
index 6dbf372..ae42e32 100644
--- a/drivers/ufs/ufs.c
+++ b/drivers/ufs/ufs.c
@@ -34,6 +34,9 @@
{
unsigned int data;
+ if (base == 0 || cmd == NULL)
+ return -EINVAL;
+
data = mmio_read_32(base + HCS);
if ((data & HCS_UCRDY) == 0)
return -EBUSY;
@@ -54,9 +57,13 @@
{
uintptr_t base;
unsigned int data;
- int retries;
+ int result, retries;
+ uic_cmd_t cmd;
+
+ assert(ufs_params.reg_base != 0);
- assert((ufs_params.reg_base != 0) && (val != NULL));
+ if (val == NULL)
+ return -EINVAL;
base = ufs_params.reg_base;
for (retries = 0; retries < 100; retries++) {
@@ -68,19 +75,20 @@
if (retries >= 100)
return -EBUSY;
- mmio_write_32(base + IS, ~0);
- mmio_write_32(base + UCMDARG1, (attr << 16) | GEN_SELECTOR_IDX(idx));
- mmio_write_32(base + UCMDARG2, 0);
- mmio_write_32(base + UCMDARG3, 0);
- mmio_write_32(base + UICCMD, DME_GET);
- do {
+ cmd.arg1 = (attr << 16) | GEN_SELECTOR_IDX(idx);
+ cmd.arg2 = 0;
+ cmd.arg3 = 0;
+ cmd.op = DME_GET;
+ for (retries = 0; retries < UFS_UIC_COMMAND_RETRIES; ++retries) {
+ result = ufshc_send_uic_cmd(base, &cmd);
+ if (result == 0)
+ break;
data = mmio_read_32(base + IS);
if (data & UFS_INT_UE)
return -EINVAL;
- } while ((data & UFS_INT_UCCS) == 0);
- mmio_write_32(base + IS, UFS_INT_UCCS);
- data = mmio_read_32(base + UCMDARG2) & CONFIG_RESULT_CODE_MASK;
- assert(data == 0);
+ }
+ if (retries >= UFS_UIC_COMMAND_RETRIES)
+ return -EIO;
*val = mmio_read_32(base + UCMDARG3);
return 0;
@@ -90,58 +98,101 @@
{
uintptr_t base;
unsigned int data;
+ int result, retries;
+ uic_cmd_t cmd;
assert((ufs_params.reg_base != 0));
base = ufs_params.reg_base;
- data = mmio_read_32(base + HCS);
- if ((data & HCS_UCRDY) == 0)
- return -EBUSY;
- mmio_write_32(base + IS, ~0);
- mmio_write_32(base + UCMDARG1, (attr << 16) | GEN_SELECTOR_IDX(idx));
- mmio_write_32(base + UCMDARG2, 0);
- mmio_write_32(base + UCMDARG3, val);
- mmio_write_32(base + UICCMD, DME_SET);
- do {
+ cmd.arg1 = (attr << 16) | GEN_SELECTOR_IDX(idx);
+ cmd.arg2 = 0;
+ cmd.arg3 = val;
+ cmd.op = DME_SET;
+
+ for (retries = 0; retries < UFS_UIC_COMMAND_RETRIES; ++retries) {
+ result = ufshc_send_uic_cmd(base, &cmd);
+ if (result == 0)
+ break;
data = mmio_read_32(base + IS);
if (data & UFS_INT_UE)
return -EINVAL;
- } while ((data & UFS_INT_UCCS) == 0);
- mmio_write_32(base + IS, UFS_INT_UCCS);
- data = mmio_read_32(base + UCMDARG2) & CONFIG_RESULT_CODE_MASK;
- assert(data == 0);
+ }
+ if (retries >= UFS_UIC_COMMAND_RETRIES)
+ return -EIO;
+
return 0;
}
-static void ufshc_reset(uintptr_t base)
+static int ufshc_hce_enable(uintptr_t base)
{
unsigned int data;
+ int retries;
/* Enable Host Controller */
mmio_write_32(base + HCE, HCE_ENABLE);
+
/* Wait until basic initialization sequence completed */
- do {
+ for (retries = 0; retries < HCE_ENABLE_INNER_RETRIES; ++retries) {
data = mmio_read_32(base + HCE);
- } while ((data & HCE_ENABLE) == 0);
+ if (data & HCE_ENABLE) {
+ break;
+ }
+ udelay(HCE_ENABLE_TIMEOUT_US);
+ }
+ if (retries >= HCE_ENABLE_INNER_RETRIES) {
+ return -ETIMEDOUT;
+ }
+
+ return 0;
+}
+
+static int ufshc_reset(uintptr_t base)
+{
+ unsigned int data;
+ int retries, result;
+
+ for (retries = 0; retries < HCE_ENABLE_OUTER_RETRIES; ++retries) {
+ result = ufshc_hce_enable(base);
+ if (result == 0) {
+ break;
+ }
+ }
+ if (retries >= HCE_ENABLE_OUTER_RETRIES) {
+ return -EIO;
+ }
/* Enable Interrupts */
data = UFS_INT_UCCS | UFS_INT_ULSS | UFS_INT_UE | UFS_INT_UTPES |
UFS_INT_DFES | UFS_INT_HCFES | UFS_INT_SBFES;
mmio_write_32(base + IE, data);
+
+ return 0;
}
-static int ufshc_link_startup(uintptr_t base)
+static int ufshc_dme_link_startup(uintptr_t base)
{
uic_cmd_t cmd;
+
+ memset(&cmd, 0, sizeof(cmd));
+ cmd.op = DME_LINKSTARTUP;
+ return ufshc_send_uic_cmd(base, &cmd);
+}
+
+static int ufshc_link_startup(uintptr_t base)
+{
int data, result;
int retries;
- for (retries = 10; retries > 0; retries--) {
- memset(&cmd, 0, sizeof(cmd));
- cmd.op = DME_LINKSTARTUP;
- result = ufshc_send_uic_cmd(base, &cmd);
- if (result != 0)
+ for (retries = DME_LINKSTARTUP_RETRIES; retries > 0; retries--) {
+ result = ufshc_dme_link_startup(base);
+ if (result != 0) {
+ /* Reset controller before trying again */
+ result = ufshc_reset(base);
+ if (result != 0) {
+ return result;
+ }
continue;
+ }
while ((mmio_read_32(base + HCS) & HCS_DP) == 0)
;
data = mmio_read_32(base + IS);
@@ -772,7 +823,8 @@
assert((ops != NULL) && (ops->phy_init != NULL) &&
(ops->phy_set_pwr_mode != NULL));
- ufshc_reset(ufs_params.reg_base);
+ result = ufshc_reset(ufs_params.reg_base);
+ assert(result == 0);
ops->phy_init(&ufs_params);
result = ufshc_link_startup(ufs_params.reg_base);
assert(result == 0);
diff --git a/fdts/tc.dts b/fdts/tc.dts
index f66d556..31fcfe2 100644
--- a/fdts/tc.dts
+++ b/fdts/tc.dts
@@ -161,11 +161,6 @@
};
- memory@80000000 {
- device_type = "memory";
- reg = <0x0 0x80000000 0x0 0x7d000000>;
- };
-
reserved-memory {
#address-cells = <2>;
#size-cells = <2>;
diff --git a/include/drivers/arm/css/scmi.h b/include/drivers/arm/css/scmi.h
index adce7a6..9dd08e5 100644
--- a/include/drivers/arm/css/scmi.h
+++ b/include/drivers/arm/css/scmi.h
@@ -25,10 +25,16 @@
#define MAKE_SCMI_VERSION(maj, min) \
((((maj) & 0xffff) << 16) | ((min) & 0xffff))
-/* Macro to check if the driver is compatible with the SCMI version reported */
+/*
+ * Check that the driver's version is same or higher than the reported SCMI
+ * version. We accept lower major version numbers, as all affected protocols
+ * so far stay backwards compatible. This might need to be revisited in the
+ * future.
+ */
#define is_scmi_version_compatible(drv, scmi) \
+ ((GET_SCMI_MAJOR_VER(drv) > GET_SCMI_MAJOR_VER(scmi)) || \
((GET_SCMI_MAJOR_VER(drv) == GET_SCMI_MAJOR_VER(scmi)) && \
- (GET_SCMI_MINOR_VER(drv) <= GET_SCMI_MINOR_VER(scmi)))
+ (GET_SCMI_MINOR_VER(drv) <= GET_SCMI_MINOR_VER(scmi))))
/* SCMI Protocol identifiers */
#define SCMI_PWR_DMN_PROTO_ID 0x11
diff --git a/include/drivers/measured_boot/event_log.h b/include/drivers/measured_boot/event_log.h
deleted file mode 100644
index efde117..0000000
--- a/include/drivers/measured_boot/event_log.h
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef EVENT_LOG_H
-#define EVENT_LOG_H
-
-#include <stdint.h>
-
-#include <common/debug.h>
-#include <drivers/measured_boot/tcg.h>
-
-/*
- * Set Event Log debug level to one of:
- *
- * LOG_LEVEL_ERROR
- * LOG_LEVEL_INFO
- * LOG_LEVEL_WARNING
- * LOG_LEVEL_VERBOSE
- */
-#if EVENT_LOG_LEVEL == LOG_LEVEL_ERROR
-#define LOG_EVENT ERROR
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_NOTICE
-#define LOG_EVENT NOTICE
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_WARNING
-#define LOG_EVENT WARN
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_INFO
-#define LOG_EVENT INFO
-#elif EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
-#define LOG_EVENT VERBOSE
-#else
-#error "Not supported EVENT_LOG_LEVEL"
-#endif
-
-/* Number of hashing algorithms supported */
-#define HASH_ALG_COUNT 1U
-
-#define INVALID_ID MAX_NUMBER_IDS
-
-#define MEMBER_SIZE(type, member) sizeof(((type *)0)->member)
-
-#define BL2_STRING "BL_2"
-#define BL31_STRING "BL_31"
-#define BL32_STRING "BL_32"
-#define BL32_EXTRA1_IMAGE_STRING "BL32_EXTRA1_IMAGE"
-#define BL32_EXTRA2_IMAGE_STRING "BL32_EXTRA2_IMAGE"
-#define BL33_STRING "BL_33"
-#define GPT_IMAGE_STRING "GPT"
-#define HW_CONFIG_STRING "HW_CONFIG"
-#define NT_FW_CONFIG_STRING "NT_FW_CONFIG"
-#define SCP_BL2_IMAGE_STRING "SCP_BL2_IMAGE"
-#define SOC_FW_CONFIG_STRING "SOC_FW_CONFIG"
-#define STM32_IMAGE_STRING "STM32"
-#define TOS_FW_CONFIG_STRING "TOS_FW_CONFIG"
-
-typedef struct {
- unsigned int id;
- const char *name;
- unsigned int pcr;
-} image_data_t;
-
-typedef struct {
- const image_data_t *images_data;
- int (*set_nt_fw_info)(uintptr_t config_base,
-#ifdef SPD_opteed
- uintptr_t log_addr,
-#endif
- size_t log_size, uintptr_t *ns_log_addr);
- int (*set_tos_fw_info)(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size);
-} measured_boot_data_t;
-
-#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
- (sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
- sizeof(id_event_struct_data_t))
-
-#define LOC_EVENT_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
- sizeof(event2_data_t) + \
- sizeof(startup_locality_event_t))
-
-#define LOG_MIN_SIZE (ID_EVENT_SIZE + LOC_EVENT_SIZE)
-
-#define EVENT2_HDR_SIZE (sizeof(event2_header_t) + \
- sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
- sizeof(event2_data_t))
-
-/* Functions' declarations */
-void event_log_init(void);
-int event_log_finalise(uint8_t **log_addr, size_t *log_size);
-void dump_event_log(uint8_t *log_addr, size_t log_size);
-const measured_boot_data_t *plat_get_measured_boot_data(void);
-int tpm_record_measurement(uintptr_t data_base, uint32_t data_size,
- uint32_t data_id);
-#endif /* EVENT_LOG_H */
diff --git a/include/drivers/measured_boot/event_log/event_log.h b/include/drivers/measured_boot/event_log/event_log.h
new file mode 100644
index 0000000..c6eb29c
--- /dev/null
+++ b/include/drivers/measured_boot/event_log/event_log.h
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef EVENT_LOG_H
+#define EVENT_LOG_H
+
+#include <stdint.h>
+
+#include <common/debug.h>
+#include <common/tbbr/tbbr_img_def.h>
+#include <drivers/measured_boot/event_log/tcg.h>
+
+/*
+ * Set Event Log debug level to one of:
+ *
+ * LOG_LEVEL_ERROR
+ * LOG_LEVEL_INFO
+ * LOG_LEVEL_WARNING
+ * LOG_LEVEL_VERBOSE
+ */
+#if EVENT_LOG_LEVEL == LOG_LEVEL_ERROR
+#define LOG_EVENT ERROR
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_NOTICE
+#define LOG_EVENT NOTICE
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_WARNING
+#define LOG_EVENT WARN
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_INFO
+#define LOG_EVENT INFO
+#elif EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
+#define LOG_EVENT VERBOSE
+#else
+#error "Not supported EVENT_LOG_LEVEL"
+#endif
+
+/* Number of hashing algorithms supported */
+#define HASH_ALG_COUNT 1U
+
+#define INVALID_ID MAX_NUMBER_IDS
+
+#define MEMBER_SIZE(type, member) sizeof(((type *)0)->member)
+
+/*
+ * Each event log entry has some metadata (i.e. a string) that identifies
+ * what is measured.These macros define these strings.
+ * Note that these strings follow the standardization recommendations
+ * defined in the Arm Server Base Security Guide (a.k.a. SBSG, Arm DEN 0086),
+ * where applicable. They should not be changed in the code.
+ * Where the SBSG does not make recommendations, we are free to choose any
+ * naming convention.
+ * The key thing is to choose meaningful strings so that when the TPM event
+ * log is used in attestation, the different components can be identified.
+ */
+#define EVLOG_BL2_STRING "BL_2"
+#define EVLOG_BL31_STRING "SECURE_RT_EL3"
+#if defined(SPD_opteed)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_OPTEE"
+#elif defined(SPD_tspd)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TSPD"
+#elif defined(SPD_tlkd)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TLKD"
+#elif defined(SPD_trusty)
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_TRUSTY"
+#else
+#define EVLOG_BL32_STRING "SECURE_RT_EL1_UNKNOWN"
+#endif
+#define EVLOG_BL32_EXTRA1_STRING "SECURE_RT_EL1_OPTEE_EXTRA1"
+#define EVLOG_BL32_EXTRA2_STRING "SECURE_RT_EL1_OPTEE_EXTRA2"
+#define EVLOG_BL33_STRING "BL_33"
+#define EVLOG_FW_CONFIG_STRING "FW_CONFIG"
+#define EVLOG_HW_CONFIG_STRING "HW_CONFIG"
+#define EVLOG_NT_FW_CONFIG_STRING "NT_FW_CONFIG"
+#define EVLOG_SCP_BL2_STRING "SYS_CTRL_2"
+#define EVLOG_SOC_FW_CONFIG_STRING "SOC_FW_CONFIG"
+#define EVLOG_STM32_STRING "STM32"
+#define EVLOG_TB_FW_CONFIG_STRING "TB_FW_CONFIG"
+#define EVLOG_TOS_FW_CONFIG_STRING "TOS_FW_CONFIG"
+
+typedef struct {
+ unsigned int id;
+ const char *name;
+ unsigned int pcr;
+} event_log_metadata_t;
+
+#define ID_EVENT_SIZE (sizeof(id_event_headers_t) + \
+ (sizeof(id_event_algorithm_size_t) * HASH_ALG_COUNT) + \
+ sizeof(id_event_struct_data_t))
+
+#define LOC_EVENT_SIZE (sizeof(event2_header_t) + \
+ sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(event2_data_t) + \
+ sizeof(startup_locality_event_t))
+
+#define LOG_MIN_SIZE (ID_EVENT_SIZE + LOC_EVENT_SIZE)
+
+#define EVENT2_HDR_SIZE (sizeof(event2_header_t) + \
+ sizeof(tpmt_ha) + TCG_DIGEST_SIZE + \
+ sizeof(event2_data_t))
+
+/* Functions' declarations */
+void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish);
+void event_log_write_header(void);
+void dump_event_log(uint8_t *log_addr, size_t log_size);
+const event_log_metadata_t *plat_event_log_get_metadata(void);
+int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
+ uint32_t data_id);
+size_t event_log_get_cur_size(uint8_t *event_log_start);
+
+#endif /* EVENT_LOG_H */
diff --git a/include/drivers/measured_boot/tcg.h b/include/drivers/measured_boot/event_log/tcg.h
similarity index 100%
rename from include/drivers/measured_boot/tcg.h
rename to include/drivers/measured_boot/event_log/tcg.h
diff --git a/include/drivers/measured_boot/measured_boot.h b/include/drivers/measured_boot/measured_boot.h
deleted file mode 100644
index 05be4a9..0000000
--- a/include/drivers/measured_boot/measured_boot.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef MEASURED_BOOT_H
-#define MEASURED_BOOT_H
-
-#include <stdint.h>
-
-#include <drivers/measured_boot/event_log.h>
-
-/* Functions' declarations */
-void measured_boot_init(void);
-void measured_boot_finish(void);
-
-#endif /* MEASURED_BOOT_H */
diff --git a/include/drivers/nxp/dcfg/scfg.h b/include/drivers/nxp/dcfg/scfg.h
index b6e3df5..ef6ed6b 100644
--- a/include/drivers/nxp/dcfg/scfg.h
+++ b/include/drivers/nxp/dcfg/scfg.h
@@ -44,7 +44,7 @@
#define scfg_clrbits32(a, v) mmio_clrbits_32((uintptr_t)(a), v)
#define scfg_clrsetbits32(a, clear, set) \
mmio_clrsetbits_32((uintptr_t)(a), clear, set)
-#elif defined(NXP_GUR_LE)
+#elif defined(NXP_SCFG_LE)
#define scfg_in32(a) mmio_read_32((uintptr_t)(a))
#define scfg_out32(a, v) mmio_write_32((uintptr_t)(a), v)
#define scfg_setbits32(a, v) mmio_setbits_32((uintptr_t)(a), v)
diff --git a/include/drivers/st/stpmic1.h b/include/drivers/st/stpmic1.h
index f7e293b..dc096cd 100644
--- a/include/drivers/st/stpmic1.h
+++ b/include/drivers/st/stpmic1.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2019, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2016-2021, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -86,15 +86,15 @@
#define ITSOURCE4_REG 0xB3U
/* Registers masks */
-#define LDO_VOLTAGE_MASK 0x7CU
-#define BUCK_VOLTAGE_MASK 0xFCU
+#define LDO_VOLTAGE_MASK GENMASK(6, 2)
+#define BUCK_VOLTAGE_MASK GENMASK(7, 2)
#define LDO_BUCK_VOLTAGE_SHIFT 2
-#define LDO_BUCK_ENABLE_MASK 0x01U
-#define LDO_BUCK_HPLP_ENABLE_MASK 0x02U
+#define LDO_BUCK_ENABLE_MASK BIT(0)
+#define LDO_BUCK_HPLP_ENABLE_MASK BIT(1)
#define LDO_BUCK_HPLP_SHIFT 1
-#define LDO_BUCK_RANK_MASK 0x01U
-#define LDO_BUCK_RESET_MASK 0x01U
-#define LDO_BUCK_PULL_DOWN_MASK 0x03U
+#define LDO_BUCK_RANK_MASK BIT(0)
+#define LDO_BUCK_RESET_MASK BIT(0)
+#define LDO_BUCK_PULL_DOWN_MASK GENMASK(1, 0)
/* Pull down register */
#define BUCK1_PULL_DOWN_SHIFT 0
@@ -135,12 +135,12 @@
/* Main PMIC VINLOW Control Register (VIN_CONTROL_REGC DMSC) */
#define SWIN_DETECTOR_ENABLED BIT(7)
#define SWOUT_DETECTOR_ENABLED BIT(6)
-#define VINLOW_HYST_MASK 0x3
+#define VINLOW_HYST_MASK GENMASK(1, 0)
#define VINLOW_HYST_SHIFT 4
-#define VINLOW_THRESHOLD_MASK 0x7
+#define VINLOW_THRESHOLD_MASK GENMASK(2, 0)
#define VINLOW_THRESHOLD_SHIFT 1
-#define VINLOW_ENABLED 0x01
-#define VINLOW_CTRL_REG_MASK 0xFF
+#define VINLOW_ENABLED BIT(0)
+#define VINLOW_CTRL_REG_MASK GENMASK(7, 0)
/* USB Control Register */
#define BOOST_OVP_DISABLED BIT(7)
diff --git a/include/drivers/ufs.h b/include/drivers/ufs.h
index 574c4ea..c074e85 100644
--- a/include/drivers/ufs.h
+++ b/include/drivers/ufs.h
@@ -254,6 +254,17 @@
#define UFS_VENDOR_SKHYNIX U(0x1AD)
#define MAX_MODEL_LEN 16
+
+/* maximum number of retries for a general UIC command */
+#define UFS_UIC_COMMAND_RETRIES 3
+
+/* maximum number of link-startup retries */
+#define DME_LINKSTARTUP_RETRIES 10
+
+#define HCE_ENABLE_OUTER_RETRIES 3
+#define HCE_ENABLE_INNER_RETRIES 50
+#define HCE_ENABLE_TIMEOUT_US 100
+
/**
* ufs_dev_desc - ufs device details from the device descriptor
* @wmanufacturerid: card details
diff --git a/include/lib/fconf/fconf_tbbr_getter.h b/include/lib/fconf/fconf_tbbr_getter.h
index 6066af6..db98b68 100644
--- a/include/lib/fconf/fconf_tbbr_getter.h
+++ b/include/lib/fconf/fconf_tbbr_getter.h
@@ -23,9 +23,6 @@
uint32_t disable_auth;
void *mbedtls_heap_addr;
size_t mbedtls_heap_size;
-#if MEASURED_BOOT
- uint8_t bl2_hash_data[TCG_DIGEST_SIZE];
-#endif
};
extern struct tbbr_dyn_config_t tbbr_dyn_config;
diff --git a/include/plat/arm/common/arm_dyn_cfg_helpers.h b/include/plat/arm/common/arm_dyn_cfg_helpers.h
index 34bf07c..ff00fe7 100644
--- a/include/plat/arm/common/arm_dyn_cfg_helpers.h
+++ b/include/plat/arm/common/arm_dyn_cfg_helpers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,8 +14,4 @@
int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr,
size_t heap_size);
-#if MEASURED_BOOT
-int arm_set_bl2_hash_info(void *dtb, void *data);
-#endif
-
#endif /* ARM_DYN_CFG_HELPERS_H */
diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h
index 1500ed3..9618700 100644
--- a/include/plat/arm/common/plat_arm.h
+++ b/include/plat/arm/common/plat_arm.h
@@ -250,12 +250,8 @@
int arm_get_mbedtls_heap(void **heap_addr, size_t *heap_size);
#if MEASURED_BOOT
-/* Measured boot related functions */
-void arm_bl1_set_bl2_hash(const image_desc_t *image_desc);
-void arm_bl2_get_hash(void *data);
-int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size);
-int arm_set_nt_fw_info(uintptr_t config_base,
+int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size);
+int arm_set_nt_fw_info(
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this option should be removed when feature is supported.
@@ -264,6 +260,8 @@
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr);
+int arm_set_tb_fw_info(uintptr_t log_addr, size_t log_size);
+int arm_get_tb_fw_info(uint64_t *log_addr, size_t *log_size);
#endif /* MEASURED_BOOT */
/*
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 434835e..3fa63f5 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -122,6 +122,16 @@
void bl2_plat_preload_setup(void);
int plat_try_next_boot_source(void);
+#if MEASURED_BOOT
+int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data);
+#else
+static inline int plat_mboot_measure_image(unsigned int image_id __unused,
+ image_info_t *image_data __unused)
+{
+ return 0;
+}
+#endif /* MEASURED_BOOT */
+
/*******************************************************************************
* Mandatory BL1 functions
******************************************************************************/
@@ -182,12 +192,16 @@
int bl1_plat_handle_post_image_load(unsigned int image_id);
#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to the platform's defined location.
- * For ARM platforms the data are written to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc);
-#endif
+void bl1_plat_mboot_init(void);
+void bl1_plat_mboot_finish(void);
+#else
+static inline void bl1_plat_mboot_init(void)
+{
+}
+static inline void bl1_plat_mboot_finish(void)
+{
+}
+#endif /* MEASURED_BOOT */
/*******************************************************************************
* Mandatory BL2 functions
@@ -208,9 +222,16 @@
* Optional BL2 functions (may be overridden)
******************************************************************************/
#if MEASURED_BOOT
-/* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
-void bl2_plat_get_hash(void *data);
-#endif
+void bl2_plat_mboot_init(void);
+void bl2_plat_mboot_finish(void);
+#else
+static inline void bl2_plat_mboot_init(void)
+{
+}
+static inline void bl2_plat_mboot_finish(void)
+{
+}
+#endif /* MEASURED_BOOT */
/*******************************************************************************
* Mandatory BL2 at EL3 functions: Must be implemented if BL2_AT_EL3 image is
diff --git a/lib/cpus/errata_report.c b/lib/cpus/errata_report.c
index 5d1e3c5..93b2744 100644
--- a/lib/cpus/errata_report.c
+++ b/lib/cpus/errata_report.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,7 +19,7 @@
# define BL_STRING "BL1"
#elif defined(__aarch64__) && defined(IMAGE_BL31)
# define BL_STRING "BL31"
-#elif !defined(__arch64__) && defined(IMAGE_BL32)
+#elif !defined(__aarch64__) && defined(IMAGE_BL32)
# define BL_STRING "BL32"
#elif defined(IMAGE_BL2) && BL2_AT_EL3
# define BL_STRING "BL2"
diff --git a/lib/fconf/fconf_tbbr_getter.c b/lib/fconf/fconf_tbbr_getter.c
index 9a20ced..6f043e6 100644
--- a/lib/fconf/fconf_tbbr_getter.c
+++ b/lib/fconf/fconf_tbbr_getter.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2021, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -71,26 +71,13 @@
}
tbbr_dyn_config.mbedtls_heap_size = val32;
-#if MEASURED_BOOT
- /* Retrieve BL2 hash data details from the DTB */
- err = fdtw_read_bytes(dtb, node, "bl2_hash_data", TCG_DIGEST_SIZE,
- &tbbr_dyn_config.bl2_hash_data);
- if (err < 0) {
- ERROR("FCONF: Read %s failed for '%s'\n",
- "bytes", "bl2_hash_data");
- return err;
- }
-#endif
VERBOSE("%s%s%s %d\n", "FCONF: `tbbr.", "disable_auth",
"` cell found with value =", tbbr_dyn_config.disable_auth);
VERBOSE("%s%s%s %p\n", "FCONF: `tbbr.", "mbedtls_heap_addr",
"` cell found with value =", tbbr_dyn_config.mbedtls_heap_addr);
VERBOSE("%s%s%s %zu\n", "FCONF: `tbbr.", "mbedtls_heap_size",
"` cell found with value =", tbbr_dyn_config.mbedtls_heap_size);
-#if MEASURED_BOOT
- VERBOSE("%s%s%s %p\n", "FCONF: `tbbr.", "bl2_hash_data",
- "` array found at address =", tbbr_dyn_config.bl2_hash_data);
-#endif
+
return 0;
}
diff --git a/lib/optee/optee_utils.c b/lib/optee/optee_utils.c
index d090b38..72979cd 100644
--- a/lib/optee/optee_utils.c
+++ b/lib/optee/optee_utils.c
@@ -82,11 +82,14 @@
init_size = image->size;
/*
- * -1 indicates loader decided address; take our pre-mapped area
- * for current image since arm-tf could not allocate memory dynamically
+ * image->load_addr_hi & image->load_addr_lo set to UINT32_MAX indicate
+ * loader decided address; take our pre-mapped area for current image
+ * since arm-tf could not allocate memory dynamically
*/
- if (init_load_addr == -1)
+ if ((image->load_addr_hi == UINT32_MAX) &&
+ (image->load_addr_lo == UINT32_MAX)) {
init_load_addr = image_info->image_base;
+ }
/* Check that the default end address doesn't overflow */
if (check_uptr_overflow(image_info->image_base,
@@ -138,7 +141,8 @@
{
optee_header_t *header;
- int num, ret;
+ uint32_t num;
+ int ret;
assert(header_ep);
header = (optee_header_t *)header_ep->pc;
@@ -181,7 +185,7 @@
}
/* Parse OPTEE image */
- for (num = 0; num < header->nb_images; num++) {
+ for (num = 0U; num < header->nb_images; num++) {
if (header->optee_image_list[num].image_id ==
OPTEE_PAGER_IMAGE_ID) {
ret = parse_optee_image(pager_image_info,
diff --git a/lib/psci/psci_setup.c b/lib/psci/psci_setup.c
index 9c37d63..3cb4f7e 100644
--- a/lib/psci/psci_setup.c
+++ b/lib/psci/psci_setup.c
@@ -250,7 +250,8 @@
psci_caps |= define_psci_cap(PSCI_CPU_ON_AARCH64);
if ((psci_plat_pm_ops->pwr_domain_suspend != NULL) &&
(psci_plat_pm_ops->pwr_domain_suspend_finish != NULL)) {
- psci_caps |= define_psci_cap(PSCI_CPU_SUSPEND_AARCH64);
+ if (psci_plat_pm_ops->validate_power_state != NULL)
+ psci_caps |= define_psci_cap(PSCI_CPU_SUSPEND_AARCH64);
if (psci_plat_pm_ops->get_sys_suspend_power_state != NULL)
psci_caps |= define_psci_cap(PSCI_SYSTEM_SUSPEND_AARCH64);
}
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index 08d3c32..cf4ef2d 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -26,19 +26,6 @@
*/
mbedtls_heap_addr = <0x0 0x0>;
mbedtls_heap_size = <0x0>;
-
-#if MEASURED_BOOT
- /* BL2 image hash calculated by BL1 */
- bl2_hash_data = [
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#if BL2_HASH_SIZE > 32
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#if BL2_HASH_SIZE > 48
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
-#endif /* > 48 */
-#endif /* > 32 */
- 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00];
-#endif /* MEASURED_BOOT */
};
/*
@@ -117,6 +104,10 @@
#include "cot_descriptors.dtsi"
#endif
+#if MEASURED_BOOT
+ #include "event_log.dtsi"
+#endif
+
};
#if COT_DESC_IN_DTB
diff --git a/plat/arm/board/fvp/fvp_bl1_measured_boot.c b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
new file mode 100644
index 0000000..47af1f5
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+
+/* Event Log data */
+static uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
+
+/* FVP table with platform specific image IDs, names and PCRs */
+const event_log_metadata_t fvp_event_log_metadata[] = {
+ { FW_CONFIG_ID, EVLOG_FW_CONFIG_STRING, PCR_0 },
+ { TB_FW_CONFIG_ID, EVLOG_TB_FW_CONFIG_STRING, PCR_0 },
+ { BL2_IMAGE_ID, EVLOG_BL2_STRING, PCR_0 },
+ { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
+};
+
+void bl1_plat_mboot_init(void)
+{
+ event_log_init(event_log, event_log + sizeof(event_log));
+ event_log_write_header();
+}
+
+void bl1_plat_mboot_finish(void)
+{
+ size_t event_log_cur_size;
+
+ event_log_cur_size = event_log_get_cur_size(event_log);
+ int rc = arm_set_tb_fw_info((uintptr_t)event_log,
+ event_log_cur_size);
+ if (rc != 0) {
+ /*
+ * It is a fatal error because on FVP platform, BL2 software
+ * assumes that a valid Event Log buffer exist and it will use
+ * same Event Log buffer to append image measurements.
+ */
+ panic();
+ }
+}
diff --git a/plat/arm/board/fvp/fvp_bl1_setup.c b/plat/arm/board/fvp/fvp_bl1_setup.c
index 06ee037..59fc0f3 100644
--- a/plat/arm/board/fvp/fvp_bl1_setup.c
+++ b/plat/arm/board/fvp/fvp_bl1_setup.c
@@ -76,63 +76,6 @@
wfi();
}
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc)
-{
- arm_bl1_set_bl2_hash(image_desc);
-}
-
-/*
- * Implementation for bl1_plat_handle_post_image_load(). This function
- * populates the default arguments to BL2. The BL2 memory layout structure
- * is allocated and the calculated layout is populated in arg1 to BL2.
- */
-int bl1_plat_handle_post_image_load(unsigned int image_id)
-{
- meminfo_t *bl2_tzram_layout;
- meminfo_t *bl1_tzram_layout;
- image_desc_t *image_desc;
- entry_point_info_t *ep_info;
-
- if (image_id != BL2_IMAGE_ID) {
- return 0;
- }
-
- /* Get the image descriptor */
- image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
- assert(image_desc != NULL);
-
- /* Calculate BL2 hash and set it in TB_FW_CONFIG */
- bl1_plat_set_bl2_hash(image_desc);
-
- /* Get the entry point info */
- ep_info = &image_desc->ep_info;
-
- /* Find out how much free trusted ram remains after BL1 load */
- bl1_tzram_layout = bl1_plat_sec_mem_layout();
-
- /*
- * Create a new layout of memory for BL2 as seen by BL1 i.e.
- * tell it the amount of total and free memory available.
- * This layout is created at the first free address visible
- * to BL2. BL2 will read the memory layout before using its
- * memory for other purposes.
- */
- bl2_tzram_layout = (meminfo_t *)bl1_tzram_layout->total_base;
-
- bl1_calc_bl2_mem_layout(bl1_tzram_layout, bl2_tzram_layout);
-
- ep_info->args.arg1 = (uintptr_t)bl2_tzram_layout;
-
- VERBOSE("BL1: BL2 memory layout address = %p\n",
- (void *)bl2_tzram_layout);
- return 0;
-}
-#endif /* MEASURED_BOOT */
-
/*******************************************************************************
* The following function checks if Firmware update is needed by checking error
* reported in NV flag.
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
new file mode 100644
index 0000000..5ebfede
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+
+/* Event Log data */
+static uint64_t event_log_base;
+
+/* FVP table with platform specific image IDs, names and PCRs */
+const event_log_metadata_t fvp_event_log_metadata[] = {
+ { BL31_IMAGE_ID, EVLOG_BL31_STRING, PCR_0 },
+ { BL32_IMAGE_ID, EVLOG_BL32_STRING, PCR_0 },
+ { BL32_EXTRA1_IMAGE_ID, EVLOG_BL32_EXTRA1_STRING, PCR_0 },
+ { BL32_EXTRA2_IMAGE_ID, EVLOG_BL32_EXTRA2_STRING, PCR_0 },
+ { BL33_IMAGE_ID, EVLOG_BL33_STRING, PCR_0 },
+ { HW_CONFIG_ID, EVLOG_HW_CONFIG_STRING, PCR_0 },
+ { NT_FW_CONFIG_ID, EVLOG_NT_FW_CONFIG_STRING, PCR_0 },
+ { SCP_BL2_IMAGE_ID, EVLOG_SCP_BL2_STRING, PCR_0 },
+ { SOC_FW_CONFIG_ID, EVLOG_SOC_FW_CONFIG_STRING, PCR_0 },
+ { TOS_FW_CONFIG_ID, EVLOG_TOS_FW_CONFIG_STRING, PCR_0 },
+ { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
+};
+
+void bl2_plat_mboot_init(void)
+{
+ uint8_t *event_log_start;
+ uint8_t *event_log_finish;
+ size_t bl1_event_log_size;
+ int rc;
+
+ rc = arm_get_tb_fw_info(&event_log_base, &bl1_event_log_size);
+ if (rc != 0) {
+ ERROR("%s(): Unable to get Event Log info from TB_FW_CONFIG\n",
+ __func__);
+ /*
+ * It is a fatal error because on FVP platform, BL2 software
+ * assumes that a valid Event Log buffer exist and it will use
+ * same Event Log buffer to append image measurements.
+ */
+ panic();
+ }
+
+ /*
+ * BL1 and BL2 share the same Event Log buffer and that BL2 will
+ * append its measurements after BL1's
+ */
+ event_log_start = (uint8_t *)((uintptr_t)event_log_base +
+ bl1_event_log_size);
+ event_log_finish = (uint8_t *)((uintptr_t)event_log_base +
+ PLAT_ARM_EVENT_LOG_MAX_SIZE);
+
+ event_log_init((uint8_t *)event_log_start, event_log_finish);
+}
+
+void bl2_plat_mboot_finish(void)
+{
+ int rc;
+
+ /* Event Log address in Non-Secure memory */
+ uintptr_t ns_log_addr;
+
+ /* Event Log filled size */
+ size_t event_log_cur_size;
+
+ event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
+
+ rc = arm_set_nt_fw_info(
+#ifdef SPD_opteed
+ (uintptr_t)event_log_base,
+#endif
+ event_log_cur_size, &ns_log_addr);
+ if (rc != 0) {
+ ERROR("%s(): Unable to update %s_FW_CONFIG\n",
+ __func__, "NT");
+ /*
+ * It is a fatal error because on FVP secure world software
+ * assumes that a valid event log exists and will use it to
+ * record the measurements into the fTPM.
+ * Note: In FVP platform, OP-TEE uses nt_fw_config to get the
+ * secure Event Log buffer address.
+ */
+ panic();
+ }
+
+ /* Copy Event Log to Non-secure memory */
+ (void)memcpy((void *)ns_log_addr, (const void *)event_log_base,
+ event_log_cur_size);
+
+ /* Ensure that the Event Log is visible in Non-secure memory */
+ flush_dcache_range(ns_log_addr, event_log_cur_size);
+
+#if defined(SPD_tspd) || defined(SPD_spmd)
+ /* Set Event Log data in TOS_FW_CONFIG */
+ rc = arm_set_tos_fw_info((uintptr_t)event_log_base,
+ event_log_cur_size);
+ if (rc != 0) {
+ ERROR("%s(): Unable to update %s_FW_CONFIG\n",
+ __func__, "TOS");
+ panic();
+ }
+#endif /* defined(SPD_tspd) || defined(SPD_spmd) */
+
+ dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
+}
diff --git a/plat/arm/board/fvp/fvp_bl2_setup.c b/plat/arm/board/fvp/fvp_bl2_setup.c
index f2f2143..5a17a0d 100644
--- a/plat/arm/board/fvp/fvp_bl2_setup.c
+++ b/plat/arm/board/fvp/fvp_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,9 +9,6 @@
#include <common/debug.h>
#include <common/desc_image_load.h>
#include <drivers/arm/sp804_delay_timer.h>
-#if MEASURED_BOOT
-#include <drivers/measured_boot/measured_boot.h>
-#endif
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
@@ -73,45 +70,3 @@
return arm_bl_params;
}
-#if MEASURED_BOOT
-static int fvp_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- const bl_mem_params_node_t *bl_mem_params =
- get_bl_mem_params_node(image_id);
-
- assert(bl_mem_params != NULL);
-
- image_info_t info = bl_mem_params->image_info;
- int err;
-
- if ((info.h.attr & IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
- /* Calculate image hash and record data in Event Log */
- err = tpm_record_measurement(info.image_base,
- info.image_size, image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "record", image_id, err);
- return err;
- }
- }
-
- err = arm_bl2_handle_post_image_load(image_id);
- if (err != 0) {
- ERROR("%s%s image id %u (%i)\n",
- "BL2: Failed to ", "handle", image_id, err);
- }
-
- return err;
-}
-
-int arm_bl2_plat_handle_post_image_load(unsigned int image_id)
-{
- int err = fvp_bl2_plat_handle_post_image_load(image_id);
-
- if (err != 0) {
- ERROR("%s() returns %i\n", __func__, err);
- }
-
- return err;
-}
-#endif /* MEASURED_BOOT */
diff --git a/plat/arm/board/fvp/fvp_common_measured_boot.c b/plat/arm/board/fvp/fvp_common_measured_boot.c
new file mode 100644
index 0000000..6a403d9
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_common_measured_boot.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdint.h>
+
+#include <common/desc_image_load.h>
+#include <drivers/measured_boot/event_log/event_log.h>
+#include <plat/arm/common/plat_arm.h>
+#include <plat/common/platform.h>
+
+extern event_log_metadata_t fvp_event_log_metadata[];
+
+const event_log_metadata_t *plat_event_log_get_metadata(void)
+{
+ return fvp_event_log_metadata;
+}
+
+int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
+{
+ /* Calculate image hash and record data in Event Log */
+ int err = event_log_measure_and_record(image_data->image_base,
+ image_data->image_size,
+ image_id);
+ if (err != 0) {
+ ERROR("%s%s image id %u (%i)\n",
+ "Failed to ", "record", image_id, err);
+ return err;
+ }
+
+ return 0;
+}
diff --git a/plat/arm/board/fvp/fvp_measured_boot.c b/plat/arm/board/fvp/fvp_measured_boot.c
deleted file mode 100644
index 5dcadba..0000000
--- a/plat/arm/board/fvp/fvp_measured_boot.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <drivers/measured_boot/event_log.h>
-#include <plat/arm/common/plat_arm.h>
-
-/* FVP table with platform specific image IDs, names and PCRs */
-static const image_data_t fvp_images_data[] = {
- { BL2_IMAGE_ID, BL2_STRING, PCR_0 }, /* Reserved for BL2 */
- { BL31_IMAGE_ID, BL31_STRING, PCR_0 },
- { BL32_IMAGE_ID, BL32_STRING, PCR_0 },
- { BL32_EXTRA1_IMAGE_ID, BL32_EXTRA1_IMAGE_STRING, PCR_0 },
- { BL32_EXTRA2_IMAGE_ID, BL32_EXTRA2_IMAGE_STRING, PCR_0 },
- { BL33_IMAGE_ID, BL33_STRING, PCR_0 },
- { HW_CONFIG_ID, HW_CONFIG_STRING, PCR_0 },
- { NT_FW_CONFIG_ID, NT_FW_CONFIG_STRING, PCR_0 },
- { SCP_BL2_IMAGE_ID, SCP_BL2_IMAGE_STRING, PCR_0 },
- { SOC_FW_CONFIG_ID, SOC_FW_CONFIG_STRING, PCR_0 },
- { TOS_FW_CONFIG_ID, TOS_FW_CONFIG_STRING, PCR_0 },
- { INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
-};
-
-static const measured_boot_data_t fvp_measured_boot_data = {
- fvp_images_data,
- arm_set_nt_fw_info,
- arm_set_tos_fw_info
-};
-
-/*
- * Function retuns pointer to FVP plat_measured_boot_data_t structure
- */
-const measured_boot_data_t *plat_get_measured_boot_data(void)
-{
- return &fvp_measured_boot_data;
-}
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 96574e5..d89e122 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -341,4 +341,9 @@
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
#endif
+/*
+ * Maximum size of Event Log buffer used in Measured Boot Event Log driver
+ */
+#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x400)
+
#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index b375146..70b1051 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -376,7 +376,10 @@
BL2_SOURCES += plat/arm/board/fvp/fvp_trusted_boot.c
ifeq (${MEASURED_BOOT},1)
-BL2_SOURCES += plat/arm/board/fvp/fvp_measured_boot.c
+BL1_SOURCES += plat/arm/board/fvp/fvp_common_measured_boot.c \
+ plat/arm/board/fvp/fvp_bl1_measured_boot.c
+BL2_SOURCES += plat/arm/board/fvp/fvp_common_measured_boot.c \
+ plat/arm/board/fvp/fvp_bl2_measured_boot.c
endif
# FVP being a development platform, enable capability to disable Authentication
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
index 3f3fd5e..68872c1 100644
--- a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
+++ b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
@@ -140,7 +140,6 @@
*/
void arm_bl1_platform_setup(void)
{
- image_desc_t *desc;
uint32_t fw_config_max_size;
/* Initialise the IO layer and register platform IO devices */
@@ -157,8 +156,7 @@
fw_config_max_size = ARM_FW_CONFIG_LIMIT - ARM_FW_CONFIG_BASE;
set_config_info(ARM_FW_CONFIG_BASE, fw_config_max_size, FW_CONFIG_ID);
- desc = bl1_plat_get_image_desc(BL33_IMAGE_ID);
- assert(desc != NULL);
+ assert(bl1_plat_get_image_desc(BL33_IMAGE_ID) != NULL);
/*
* Allow access to the System counter timer module and program
diff --git a/plat/arm/board/tc/include/platform_def.h b/plat/arm/board/tc/include/platform_def.h
index ccabced..745d91c 100644
--- a/plat/arm/board/tc/include/platform_def.h
+++ b/plat/arm/board/tc/include/platform_def.h
@@ -185,6 +185,7 @@
#define PLAT_ARM_DRAM2_BASE ULL(0x8080000000)
#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000)
+#define PLAT_ARM_DRAM2_END (PLAT_ARM_DRAM2_BASE + PLAT_ARM_DRAM2_SIZE - 1ULL)
#define PLAT_ARM_G1S_IRQ_PROPS(grp) CSS_G1S_IRQ_PROPS(grp)
#define PLAT_ARM_G0_IRQ_PROPS(grp) ARM_G0_IRQ_PROPS(grp)
@@ -260,13 +261,15 @@
/*
* The first region below, TC_TZC_DRAM1_BASE (0xfd000000) to
* ARM_SCP_TZC_DRAM1_END (0xffffffff) will mark the last 48 MB of DRAM as
- * secure. The second region gives non secure access to rest of DRAM.
+ * secure. The second and third regions gives non secure access to rest of DRAM.
*/
-#define TC_TZC_REGIONS_DEF \
- {TC_TZC_DRAM1_BASE, ARM_SCP_TZC_DRAM1_END, \
- TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- {TC_NS_DRAM1_BASE, TC_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
- PLAT_ARM_TZC_NS_DEV_ACCESS}
+#define TC_TZC_REGIONS_DEF \
+ {TC_TZC_DRAM1_BASE, ARM_SCP_TZC_DRAM1_END, \
+ TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS}, \
+ {TC_NS_DRAM1_BASE, TC_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
+ PLAT_ARM_TZC_NS_DEV_ACCESS}, \
+ {PLAT_ARM_DRAM2_BASE, PLAT_ARM_DRAM2_END, \
+ ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS}
/* virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 2871b1b..08c014d 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -48,9 +48,6 @@
#pragma weak bl2_platform_setup
#pragma weak bl2_plat_arch_setup
#pragma weak bl2_plat_sec_mem_layout
-#if MEASURED_BOOT
-#pragma weak bl2_plat_get_hash
-#endif
#if ENABLE_RME
#define MAP_BL2_TOTAL MAP_REGION_FLAT( \
@@ -323,11 +320,3 @@
{
return arm_bl2_plat_handle_post_image_load(image_id);
}
-
-#if MEASURED_BOOT
-/* Read TCG_DIGEST_SIZE bytes of BL2 hash data */
-void bl2_plat_get_hash(void *data)
-{
- arm_bl2_get_hash(data);
-}
-#endif
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index f82392c..a20e258 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -406,7 +406,7 @@
endif
ifeq (${MEASURED_BOOT},1)
- MEASURED_BOOT_MK := drivers/measured_boot/measured_boot.mk
+ MEASURED_BOOT_MK := drivers/measured_boot/event_log/event_log.mk
$(info Including ${MEASURED_BOOT_MK})
include ${MEASURED_BOOT_MK}
endif
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index 30473be..6aae9ae 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,10 +15,6 @@
#include <common/tbbr/tbbr_img_def.h>
#if TRUSTED_BOARD_BOOT
#include <drivers/auth/mbedtls/mbedtls_config.h>
-#if MEASURED_BOOT
-#include <drivers/auth/crypto_mod.h>
-#include <mbedtls/md.h>
-#endif
#endif
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
@@ -115,82 +111,13 @@
* images. It's critical because BL2 won't be able to proceed
* without the heap info.
*
- * In MEASURED_BOOT case flushing is done in
- * arm_bl1_set_bl2_hash() function which is called after heap
- * information is written in the DTB.
+ * In MEASURED_BOOT case flushing is done in a function which
+ * is called after heap information is written in the DTB.
*/
flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize(dtb));
#endif /* !MEASURED_BOOT */
}
-}
-
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- * Executed only from BL1.
- */
-void arm_bl1_set_bl2_hash(const image_desc_t *image_desc)
-{
- unsigned char hash_data[MBEDTLS_MD_MAX_SIZE];
- const image_info_t image_info = image_desc->image_info;
- uintptr_t tb_fw_cfg_dtb;
- int err;
- const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
-
- tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
- assert(tb_fw_config_info != NULL);
-
- tb_fw_cfg_dtb = tb_fw_config_info->config_addr;
-
- /*
- * If tb_fw_cfg_dtb==NULL then DTB is not present for the current
- * platform. As such, we cannot write to the DTB at all and pass
- * measured data.
- */
- if (tb_fw_cfg_dtb == 0UL) {
- panic();
- }
-
- /* Calculate hash */
- err = crypto_mod_calc_hash(MBEDTLS_MD_ID,
- (void *)image_info.image_base,
- image_info.image_size, hash_data);
- if (err != 0) {
- ERROR("%scalculate%s\n", "BL1: unable to ",
- " BL2 hash");
- panic();
- }
-
- err = arm_set_bl2_hash_info((void *)tb_fw_cfg_dtb, hash_data);
- if (err < 0) {
- ERROR("%swrite%sdata%s\n", "BL1: unable to ",
- " BL2 hash ", "to DTB\n");
- panic();
- }
-
- /*
- * Ensure that the info written to the DTB is visible to other
- * images. It's critical because BL2 won't be able to proceed
- * without the heap info and its hash data.
- */
- flush_dcache_range(tb_fw_cfg_dtb, fdt_totalsize((void *)tb_fw_cfg_dtb));
-}
-
-/*
- * Reads TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB.
- * Executed only from BL2.
- */
-void arm_bl2_get_hash(void *data)
-{
- const void *bl2_hash;
-
- assert(data != NULL);
-
- /* Retrieve TCG_DIGEST_SIZE bytes of BL2 hash data from the DTB */
- bl2_hash = FCONF_GET_PROPERTY(tbbr, dyn_config, bl2_hash_data);
- (void)memcpy(data, bl2_hash, TCG_DIGEST_SIZE);
}
-#endif /* MEASURED_BOOT */
#endif /* TRUSTED_BOARD_BOOT */
/*
diff --git a/plat/arm/common/arm_dyn_cfg_helpers.c b/plat/arm/common/arm_dyn_cfg_helpers.c
index 5f20c8d..6a2a6f8 100644
--- a/plat/arm/common/arm_dyn_cfg_helpers.c
+++ b/plat/arm/common/arm_dyn_cfg_helpers.c
@@ -11,6 +11,8 @@
#endif
#include <common/fdt_wrappers.h>
+#include <lib/fconf/fconf.h>
+#include <lib/fconf/fconf_dyn_cfg_getter.h>
#include <libfdt.h>
#include <plat/arm/common/arm_dyn_cfg_helpers.h>
@@ -20,18 +22,15 @@
#define DTB_PROP_MBEDTLS_HEAP_SIZE "mbedtls_heap_size"
#if MEASURED_BOOT
-#define DTB_PROP_BL2_HASH_DATA "bl2_hash_data"
#ifdef SPD_opteed
/*
* Currently OP-TEE does not support reading DTBs from Secure memory
* and this property should be removed when this feature is supported.
*/
#define DTB_PROP_HW_SM_LOG_ADDR "tpm_event_log_sm_addr"
-#endif
+#endif /* SPD_opteed */
#define DTB_PROP_HW_LOG_ADDR "tpm_event_log_addr"
#define DTB_PROP_HW_LOG_SIZE "tpm_event_log_size"
-
-static int dtb_root = -1;
#endif /* MEASURED_BOOT */
/*******************************************************************************
@@ -81,9 +80,8 @@
*/
int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr, size_t heap_size)
{
-#if !MEASURED_BOOT
int dtb_root;
-#endif
+
/*
* Verify that the DTB is valid, before attempting to write to it,
* and get the DTB root node.
@@ -123,32 +121,8 @@
#if MEASURED_BOOT
/*
- * This function writes the BL2 hash data in HW_FW_CONFIG DTB.
- * When it is called, it is guaranteed that a DTB is available.
- *
- * This function is supposed to be called only by BL1.
- *
- * Returns:
- * 0 = success
- * < 0 = error
- */
-int arm_set_bl2_hash_info(void *dtb, void *data)
-{
- assert(dtb_root >= 0);
-
- /*
- * Write the BL2 hash data in the DTB.
- */
- return fdtw_write_inplace_bytes(dtb, dtb_root,
- DTB_PROP_BL2_HASH_DATA,
- TCG_DIGEST_SIZE, data);
-}
-
-/*
* Write the Event Log address and its size in the DTB.
*
- * This function is supposed to be called only by BL2.
- *
* Returns:
* 0 = success
* < 0 = error
@@ -231,14 +205,20 @@
* 0 = success
* < 0 = error
*/
-int arm_set_tos_fw_info(uintptr_t config_base, uintptr_t log_addr,
- size_t log_size)
+int arm_set_tos_fw_info(uintptr_t log_addr, size_t log_size)
{
+ uintptr_t config_base;
+ const bl_mem_params_node_t *cfg_mem_params;
int err;
- assert(config_base != 0UL);
assert(log_addr != 0UL);
+ /* Get the config load address and size of TOS_FW_CONFIG */
+ cfg_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID);
+ assert(cfg_mem_params != NULL);
+
+ config_base = cfg_mem_params->image_info.image_base;
+
/* Write the Event Log address and its size in the DTB */
err = arm_set_event_log_info(config_base,
#ifdef SPD_opteed
@@ -263,23 +243,25 @@
* 0 = success
* < 0 = error
*/
-int arm_set_nt_fw_info(uintptr_t config_base,
+int arm_set_nt_fw_info(
#ifdef SPD_opteed
uintptr_t log_addr,
#endif
size_t log_size, uintptr_t *ns_log_addr)
{
+ uintptr_t config_base;
uintptr_t ns_addr;
const bl_mem_params_node_t *cfg_mem_params;
int err;
- assert(config_base != 0UL);
assert(ns_log_addr != NULL);
/* Get the config load address and size from NT_FW_CONFIG */
cfg_mem_params = get_bl_mem_params_node(NT_FW_CONFIG_ID);
assert(cfg_mem_params != NULL);
+ config_base = cfg_mem_params->image_info.image_base;
+
/* Calculate Event Log address in Non-secure memory */
ns_addr = cfg_mem_params->image_info.image_base +
cfg_mem_params->image_info.image_max_size;
@@ -300,4 +282,87 @@
*ns_log_addr = (err < 0) ? 0UL : ns_addr;
return err;
}
+
+/*
+ * This function writes the Event Log address and its size
+ * in the TB_FW_CONFIG DTB.
+ *
+ * This function is supposed to be called only by BL1.
+ *
+ * Returns:
+ * 0 = success
+ * < 0 = error
+ */
+int arm_set_tb_fw_info(uintptr_t log_addr, size_t log_size)
+{
+ /*
+ * Read tb_fw_config device tree for Event Log properties
+ * and write the Event Log address and its size in the DTB
+ */
+ const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
+ uintptr_t tb_fw_cfg_dtb;
+ int err;
+
+ tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
+ assert(tb_fw_config_info != NULL);
+
+ tb_fw_cfg_dtb = tb_fw_config_info->config_addr;
+
+ err = arm_set_event_log_info(tb_fw_cfg_dtb,
+#ifdef SPD_opteed
+ 0UL,
+#endif
+ log_addr, log_size);
+ return err;
+}
+
+/*
+ * This function reads the Event Log address and its size
+ * properties present in TB_FW_CONFIG DTB.
+ *
+ * This function is supposed to be called only by BL2.
+ *
+ * Returns:
+ * 0 = success
+ * < 0 = error
+ * Alongside returns Event Log address and its size.
+ */
+
+int arm_get_tb_fw_info(uint64_t *log_addr, size_t *log_size)
+{
+ /* As libfdt uses void *, we can't avoid this cast */
+ const struct dyn_cfg_dtb_info_t *tb_fw_config_info;
+ int node, rc;
+
+ tb_fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID);
+ assert(tb_fw_config_info != NULL);
+
+ void *dtb = (void *)tb_fw_config_info->config_addr;
+ const char *compatible = "arm,tpm_event_log";
+
+ /* Assert the node offset point to compatible property */
+ node = fdt_node_offset_by_compatible(dtb, -1, compatible);
+ if (node < 0) {
+ WARN("The compatible property '%s'%s", compatible,
+ " not specified in TB_FW config.\n");
+ return node;
+ }
+
+ VERBOSE("Dyn cfg: '%s'%s", compatible, " found in the config\n");
+
+ rc = fdt_read_uint64(dtb, node, DTB_PROP_HW_LOG_ADDR, log_addr);
+ if (rc != 0) {
+ ERROR("%s%s", DTB_PROP_HW_LOG_ADDR,
+ " not specified in TB_FW config.\n");
+ return rc;
+ }
+
+ rc = fdt_read_uint32(dtb, node, DTB_PROP_HW_LOG_SIZE, (uint32_t *)log_size);
+ if (rc != 0) {
+ ERROR("%s%s", DTB_PROP_HW_LOG_SIZE,
+ " not specified in TB_FW config.\n");
+ }
+
+ return rc;
+}
#endif /* MEASURED_BOOT */
diff --git a/plat/common/plat_bl1_common.c b/plat/common/plat_bl1_common.c
index 1c6d68b..bcf9f89 100644
--- a/plat/common/plat_bl1_common.c
+++ b/plat/common/plat_bl1_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2021, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,9 +27,6 @@
#pragma weak bl1_plat_fwu_done
#pragma weak bl1_plat_handle_pre_image_load
#pragma weak bl1_plat_handle_post_image_load
-#if MEASURED_BOOT
-#pragma weak bl1_plat_set_bl2_hash
-#endif
unsigned int bl1_plat_get_next_image_id(void)
{
@@ -118,12 +115,3 @@
(void *) bl2_secram_layout);
return 0;
}
-
-#if MEASURED_BOOT
-/*
- * Calculates and writes BL2 hash data to TB_FW_CONFIG DTB.
- */
-void bl1_plat_set_bl2_hash(const image_desc_t *image_desc)
-{
-}
-#endif
diff --git a/plat/marvell/armada/a3k/common/a3700_common.mk b/plat/marvell/armada/a3k/common/a3700_common.mk
index 9550452..d0e8688 100644
--- a/plat/marvell/armada/a3k/common/a3700_common.mk
+++ b/plat/marvell/armada/a3k/common/a3700_common.mk
@@ -76,6 +76,7 @@
ifdef WTP
+# Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(wildcard $(value WTP)/*),,$(error "'WTP=$(value WTP)' was specified, but '$(value WTP)' directory does not exist"))
$(if $(shell git -C $(value WTP) rev-parse --show-cdup 2>&1),$(error "'WTP=$(value WTP)' was specified, but '$(value WTP)' does not contain valid A3700-utils-marvell git repository"))
@@ -143,6 +144,7 @@
CRYPTOPP_INCDIR ?= $(CRYPTOPP_PATH)
$(TBB): FORCE
+# Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(CRYPTOPP_LIBDIR),,$(error "Platform '$(PLAT)' for WTP image tool requires CRYPTOPP_PATH or CRYPTOPP_LIBDIR. Please set CRYPTOPP_PATH or CRYPTOPP_LIBDIR to point to the right directory"))
$(if $(CRYPTOPP_INCDIR),,$(error "Platform '$(PLAT)' for WTP image tool requires CRYPTOPP_PATH or CRYPTOPP_INCDIR. Please set CRYPTOPP_PATH or CRYPTOPP_INCDIR to point to the right directory"))
$(if $(wildcard $(CRYPTOPP_LIBDIR)/*),,$(error "Either 'CRYPTOPP_PATH' or 'CRYPTOPP_LIB' was set to '$(CRYPTOPP_LIBDIR)', but '$(CRYPTOPP_LIBDIR)' does not exist"))
@@ -159,6 +161,7 @@
$(Q)cp -a $(WTMI_MULTI_IMG) $(BUILD_PLAT)/wtmi.bin
$(TIMDDRTOOL): FORCE
+# Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(value MV_DDR_PATH),,$(error "Platform '${PLAT}' for ddr tool requires MV_DDR_PATH. Please set MV_DDR_PATH to point to the right directory"))
$(if $(wildcard $(value MV_DDR_PATH)/*),,$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' directory does not exist"))
$(if $(shell git -C $(value MV_DDR_PATH) rev-parse --show-cdup 2>&1),$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' does not contain valid mv-ddr-marvell git repository"))
diff --git a/plat/marvell/armada/a8k/common/ble/ble.mk b/plat/marvell/armada/a8k/common/ble/ble.mk
index 87e2ce0..160e98f 100644
--- a/plat/marvell/armada/a8k/common/ble/ble.mk
+++ b/plat/marvell/armada/a8k/common/ble/ble.mk
@@ -28,6 +28,7 @@
$(BLE_OBJS): $(MV_DDR_LIB)
$(MV_DDR_LIB): FORCE
+# Do not remove! Following checks are required to ensure correct TF-A builds, removing these checks leads to broken TF-A builds
$(if $(value MV_DDR_PATH),,$(error "Platform '$(PLAT)' for BLE requires MV_DDR_PATH. Please set MV_DDR_PATH to point to the right directory"))
$(if $(wildcard $(value MV_DDR_PATH)/*),,$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' directory does not exist"))
$(if $(shell git -C $(value MV_DDR_PATH) rev-parse --show-cdup 2>&1),$(error "'MV_DDR_PATH=$(value MV_DDR_PATH)' was specified, but '$(value MV_DDR_PATH)' does not contain valid mv-ddr-marvell git repository"))
diff --git a/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c b/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c
index b40fa87..d018953 100644
--- a/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c
+++ b/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c
@@ -46,7 +46,6 @@
R12_CCIF0_EVENT_B | \
R12_SSPM2SPM_WAKEUP_B | \
R12_SCP2SPM_WAKEUP_B | \
- R12_ADSP2SPM_WAKEUP_B | \
R12_USBX_CDSC_B | \
R12_USBX_POWERDWN_B | \
R12_SYS_TIMER_EVENT_B | \
diff --git a/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h b/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h
index 789b112..84f07e6 100644
--- a/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h
+++ b/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h
@@ -56,6 +56,11 @@
#define RCPM_POWMGTCSR_OFFSET 0x130
#define RCPM_IPPDEXPCR0_OFFSET 0x140
#define RCPM_POWMGTCSR_LPM20_REQ 0x00100000
-#endif
+#endif /* NXP_RCPM_ADDR */
+
+#define DCFG_SBEESR2_ADDR 0x20140534
+#define DCFG_MBEESR2_ADDR 0x20140544
+/* SBEESR and MBEESR bit mask */
+#define OCRAM_EESR_MASK 0x00000060
#endif /* SOC_DEFAULT_HELPER_MACROS_H */
diff --git a/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h b/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h
index 8de516e..1edd28d 100644
--- a/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h
+++ b/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h
@@ -79,4 +79,9 @@
#define ENABLE_WUO 0x10
#endif /* NXP_CCN_ADDR */
+#define DCFG_SBEESR2_ADDR 0x00100534
+#define DCFG_MBEESR2_ADDR 0x00100544
+/* SBEESR and MBEESR bit mask */
+#define OCRAM_EESR_MASK 0x00000008
+
#endif /* SOC_DEFAULT_HELPER_MACROS_H */
diff --git a/plat/nxp/common/ocram/aarch64/ocram.S b/plat/nxp/common/ocram/aarch64/ocram.S
new file mode 100644
index 0000000..ec53341
--- /dev/null
+++ b/plat/nxp/common/ocram/aarch64/ocram.S
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <asm_macros.S>
+
+#include <soc_default_base_addr.h>
+#include <soc_default_helper_macros.h>
+
+.global ocram_init
+
+/*
+ * void ocram_init(uintptr_t start_addr, size_t size)
+ *
+ * This function will do OCRAM ECC.
+ * OCRAM is initialized with 64-bit writes and then a write
+ * performed to address 0x0010_0534 with the value 0x0000_0008.
+ *
+ * x0: start_addr
+ * x1: size in bytes
+ * Called from C
+ */
+
+func ocram_init
+ /* save the aarch32/64 non-volatile registers */
+ stp x4, x5, [sp, #-16]!
+ stp x6, x7, [sp, #-16]!
+ stp x8, x9, [sp, #-16]!
+ stp x10, x11, [sp, #-16]!
+ stp x12, x13, [sp, #-16]!
+ stp x18, x30, [sp, #-16]!
+
+ /* convert bytes to 64-byte chunks */
+ lsr x1, x1, #6
+1:
+ /* for each location, read and write-back */
+ dc ivac, x0
+ dsb sy
+ ldp x4, x5, [x0]
+ ldp x6, x7, [x0, #16]
+ ldp x8, x9, [x0, #32]
+ ldp x10, x11, [x0, #48]
+ stp x4, x5, [x0]
+ stp x6, x7, [x0, #16]
+ stp x8, x9, [x0, #32]
+ stp x10, x11, [x0, #48]
+ dc cvac, x0
+
+ sub x1, x1, #1
+ cbz x1, 2f
+ add x0, x0, #64
+ b 1b
+2:
+ /* Clear OCRAM ECC status bit in SBEESR2 and MBEESR2 */
+ ldr w1, =OCRAM_EESR_MASK
+ ldr x0, =DCFG_SBEESR2_ADDR
+ str w1, [x0]
+ ldr x0, =DCFG_MBEESR2_ADDR
+ str w1, [x0]
+
+ /* restore the aarch32/64 non-volatile registers */
+ ldp x18, x30, [sp], #16
+ ldp x12, x13, [sp], #16
+ ldp x10, x11, [sp], #16
+ ldp x8, x9, [sp], #16
+ ldp x6, x7, [sp], #16
+ ldp x4, x5, [sp], #16
+ ret
+endfunc ocram_init
diff --git a/plat/nxp/common/ocram/ocram.h b/plat/nxp/common/ocram/ocram.h
new file mode 100644
index 0000000..479de61
--- /dev/null
+++ b/plat/nxp/common/ocram/ocram.h
@@ -0,0 +1,13 @@
+/*
+ * Copyright 2021 NXP
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef OCRAM_H
+#define OCRAM_H
+
+void ocram_init(uintptr_t start_addr, size_t size);
+
+#endif /* OCRAM_H */
diff --git a/plat/nxp/common/ocram/ocram.mk b/plat/nxp/common/ocram/ocram.mk
new file mode 100644
index 0000000..c77bd4a
--- /dev/null
+++ b/plat/nxp/common/ocram/ocram.mk
@@ -0,0 +1,14 @@
+#
+# Copyright 2021 NXP
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#
+
+PLAT_OCRAM_PATH := $(PLAT_COMMON_PATH)/ocram
+
+OCRAM_SOURCES := ${PLAT_OCRAM_PATH}/$(ARCH)/ocram.S
+
+BL2_SOURCES += ${OCRAM_SOURCES}
+
+PLAT_INCLUDES += -I${PLAT_COMMON_PATH}/ocram
diff --git a/plat/nxp/common/plat_make_helper/soc_common_def.mk b/plat/nxp/common/plat_make_helper/soc_common_def.mk
index fdd7249..22cd39a 100644
--- a/plat/nxp/common/plat_make_helper/soc_common_def.mk
+++ b/plat/nxp/common/plat_make_helper/soc_common_def.mk
@@ -112,3 +112,8 @@
ifneq (${PLAT_XLAT_TABLES_DYNAMIC},)
$(eval $(call add_define,PLAT_XLAT_TABLES_DYNAMIC))
endif
+
+ifeq (${OCRAM_ECC_EN},yes)
+$(eval $(call add_define,CONFIG_OCRAM_ECC_EN))
+include ${PLAT_COMMON_PATH}/ocram/ocram.mk
+endif
diff --git a/plat/nxp/soc-ls1028a/soc.c b/plat/nxp/soc-ls1028a/soc.c
index 4f67154..edfd657 100644
--- a/plat/nxp/soc-ls1028a/soc.c
+++ b/plat/nxp/soc-ls1028a/soc.c
@@ -16,6 +16,9 @@
#include <lib/xlat_tables/xlat_tables_v2.h>
#include <ls_interconnect.h>
#include <mmio.h>
+#ifdef POLICY_FUSE_PROVISION
+#include <nxp_gpio.h>
+#endif
#if TRUSTED_BOARD_BOOT
#include <nxp_smmu.h>
#endif
@@ -81,6 +84,15 @@
}
#ifdef IMAGE_BL2
+
+#ifdef POLICY_FUSE_PROVISION
+static gpio_init_info_t gpio_init_data = {
+ .gpio1_base_addr = NXP_GPIO1_ADDR,
+ .gpio2_base_addr = NXP_GPIO2_ADDR,
+ .gpio3_base_addr = NXP_GPIO3_ADDR,
+};
+#endif
+
void soc_preload_setup(void)
{
}
diff --git a/plat/nxp/soc-ls1028a/soc.def b/plat/nxp/soc-ls1028a/soc.def
index e133982..c23c1bb 100644
--- a/plat/nxp/soc-ls1028a/soc.def
+++ b/plat/nxp/soc-ls1028a/soc.def
@@ -88,6 +88,8 @@
NXP_ESDHC_ENDIANNESS := LE
NXP_QSPI_ENDIANNESS := LE
NXP_FSPI_ENDIANNESS := LE
+NXP_SCFG_ENDIANNESS := LE
+NXP_GPIO_ENDIANNESS := LE
NXP_SFP_VER := 3_4
diff --git a/plat/renesas/common/plat_pm.c b/plat/renesas/common/plat_pm.c
index 6a9ad45..1d4a7f6 100644
--- a/plat/renesas/common/plat_pm.c
+++ b/plat/renesas/common/plat_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, Renesas Electronics Corporation. All rights reserved.
+ * Copyright (c) 2015-2021, Renesas Electronics Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -128,11 +128,6 @@
rcar_pwrc_clusteroff(mpidr);
}
-
-#if RCAR_SYSTEM_SUSPEND
- if (SYSTEM_PWR_STATE(target_state) == PLAT_MAX_OFF_STATE)
- rcar_pwrc_suspend_to_ram();
-#endif
}
static void rcar_pwr_domain_suspend_finish(const psci_power_state_t
@@ -160,6 +155,18 @@
rcar_pwr_domain_on_finish(target_state);
}
+static void __dead2 rcar_pwr_domain_pwr_down_wfi(const psci_power_state_t *target_state)
+{
+#if RCAR_SYSTEM_SUSPEND
+ if (SYSTEM_PWR_STATE(target_state) == PLAT_MAX_OFF_STATE)
+ rcar_pwrc_suspend_to_ram();
+#endif
+ wfi();
+
+ ERROR("RCAR Power Down: operation not handled.\n");
+ panic();
+}
+
static void __dead2 rcar_system_off(void)
{
#if PMIC_ROHM_BD9571
@@ -292,6 +299,7 @@
.system_off = rcar_system_off,
.system_reset = rcar_system_reset,
.validate_power_state = rcar_validate_power_state,
+ .pwr_domain_pwr_down_wfi = rcar_pwr_domain_pwr_down_wfi,
#if RCAR_SYSTEM_SUSPEND
.get_sys_suspend_power_state = rcar_get_sys_suspend_power_state,
#endif
diff --git a/plat/st/common/include/stm32mp_dt.h b/plat/st/common/include/stm32mp_dt.h
index 299c0b1..f7201c0 100644
--- a/plat/st/common/include/stm32mp_dt.h
+++ b/plat/st/common/include/stm32mp_dt.h
@@ -34,6 +34,7 @@
void dt_fill_device_info(struct dt_node_info *info, int node);
int dt_get_node(struct dt_node_info *info, int offset, const char *compat);
int dt_get_stdout_uart_info(struct dt_node_info *info);
+int dt_match_instance_by_compatible(const char *compatible, uintptr_t address);
uint32_t dt_get_ddr_size(void);
uint32_t dt_get_pwr_vdd_voltage(void);
const char *dt_get_board_model(void);
diff --git a/plat/st/common/stm32mp_common.c b/plat/st/common/stm32mp_common.c
index 17ac145..9120408 100644
--- a/plat/st/common/stm32mp_common.c
+++ b/plat/st/common/stm32mp_common.c
@@ -17,6 +17,8 @@
#include <plat/common/platform.h>
#include <services/arm_arch_svc.h>
+#define HEADER_VERSION_MAJOR_MASK GENMASK(23, 16)
+
uintptr_t plat_get_ns_image_entrypoint(void)
{
return BL33_BASE;
@@ -93,7 +95,8 @@
return -EINVAL;
}
- if (header->header_version != BOOT_API_HEADER_VERSION) {
+ if ((header->header_version & HEADER_VERSION_MAJOR_MASK) !=
+ (BOOT_API_HEADER_VERSION & HEADER_VERSION_MAJOR_MASK)) {
ERROR("Header version\n");
return -EINVAL;
}
diff --git a/plat/st/common/stm32mp_dt.c b/plat/st/common/stm32mp_dt.c
index 0b35646..4dc9908 100644
--- a/plat/st/common/stm32mp_dt.c
+++ b/plat/st/common/stm32mp_dt.c
@@ -204,6 +204,33 @@
}
/*******************************************************************************
+ * This function returns the node offset matching compatible string in the DT,
+ * and also matching the reg property with the given address.
+ * Returns value on success, and error value on failure.
+ ******************************************************************************/
+int dt_match_instance_by_compatible(const char *compatible, uintptr_t address)
+{
+ int node;
+
+ fdt_for_each_compatible_node(fdt, node, compatible) {
+ const fdt32_t *cuint;
+
+ assert(fdt_get_node_parent_address_cells(node) == 1);
+
+ cuint = fdt_getprop(fdt, node, "reg", NULL);
+ if (cuint == NULL) {
+ continue;
+ }
+
+ if ((uintptr_t)fdt32_to_cpu(*cuint) == address) {
+ return node;
+ }
+ }
+
+ return -FDT_ERR_NOTFOUND;
+}
+
+/*******************************************************************************
* This function gets DDR size information from the DT.
* Returns value in bytes on success, and 0 on failure.
******************************************************************************/
diff --git a/plat/st/stm32mp1/platform.mk b/plat/st/stm32mp1/platform.mk
index 1c2c9f0..28463f1 100644
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@@ -323,7 +323,7 @@
-c plat/st/stm32mp1/stm32mp1.S -o $@
endif
-$(eval $(call MAKE_LD,${STM32_TF_LINKERFILE},plat/st/stm32mp1/stm32mp1.ld.S,2))
+$(eval $(call MAKE_LD,${STM32_TF_LINKERFILE},plat/st/stm32mp1/stm32mp1.ld.S,bl2))
tf-a-%.elf: stm32mp1-%.o ${STM32_TF_LINKERFILE}
@echo " LDS $<"
diff --git a/plat/st/stm32mp1/stm32mp1_shared_resources.c b/plat/st/stm32mp1/stm32mp1_shared_resources.c
index 208e34a..6b1bcaa 100644
--- a/plat/st/stm32mp1/stm32mp1_shared_resources.c
+++ b/plat/st/stm32mp1/stm32mp1_shared_resources.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2017-2021, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -114,7 +114,7 @@
if (bank != GPIO_BANK_Z) {
int count = fdt_get_gpio_bank_pin_count(bank);
- assert((count >= 0) || (count <= (GPIO_PIN_MAX + 1)));
+ assert((count >= 0) && ((unsigned int)count <= (GPIO_PIN_MAX + 1)));
return (unsigned int)count;
}
@@ -163,7 +163,7 @@
if ((id >= STM32MP1_SHRES_GPIOZ(0)) &&
(id <= STM32MP1_SHRES_GPIOZ(7)) &&
- ((id - STM32MP1_SHRES_GPIOZ(0)) >= get_gpioz_nbpin())) {
+ ((unsigned int)(id - STM32MP1_SHRES_GPIOZ(0)) >= get_gpioz_nbpin())) {
ERROR("Invalid GPIO pin %u, %u pin(s) available\n",
id - STM32MP1_SHRES_GPIOZ(0), get_gpioz_nbpin());
panic();