Merge changes from topic "brcm_initial_support" into integration
* changes:
doc: brcm: Add documentation file for brcm stingray platform
drivers: Add SPI Nor flash support
drivers: Add iproc spi driver
drivers: Add emmc driver for Broadcom platforms
Add BL31 support for Broadcom stingray platform
Add BL2 support for Broadcom stingray platform
Add bl31 support common across Broadcom platforms
Add bl2 setup code common across Broadcom platforms
drivers: Add support to retrieve plat_toc_flags
diff --git a/.gitreview b/.gitreview
index 36f2548..afdb74d 100644
--- a/.gitreview
+++ b/.gitreview
@@ -2,3 +2,4 @@
host=review.trustedfirmware.org
port=29418
project=TF-A/trusted-firmware-a
+defaultbranch=integration
diff --git a/Makefile b/Makefile
index ac461a5..d605ae9 100644
--- a/Makefile
+++ b/Makefile
@@ -39,12 +39,20 @@
CHECKCODE_ARGS := --no-patch
# Do not check the coding style on imported library files or documentation files
+INC_ARM_DIRS_TO_CHECK := $(sort $(filter-out \
+ include/drivers/arm/cryptocell, \
+ $(wildcard include/drivers/arm/*)))
+INC_ARM_DIRS_TO_CHECK += include/drivers/arm/cryptocell/*.h
+INC_DRV_DIRS_TO_CHECK := $(sort $(filter-out \
+ include/drivers/arm, \
+ $(wildcard include/drivers/*)))
INC_LIB_DIRS_TO_CHECK := $(sort $(filter-out \
include/lib/libfdt \
include/lib/libc, \
$(wildcard include/lib/*)))
INC_DIRS_TO_CHECK := $(sort $(filter-out \
- include/lib, \
+ include/lib \
+ include/drivers, \
$(wildcard include/*)))
LIB_DIRS_TO_CHECK := $(sort $(filter-out \
lib/compiler-rt \
@@ -60,7 +68,9 @@
CHECK_PATHS := ${ROOT_DIRS_TO_CHECK} \
${INC_DIRS_TO_CHECK} \
${INC_LIB_DIRS_TO_CHECK} \
- ${LIB_DIRS_TO_CHECK}
+ ${LIB_DIRS_TO_CHECK} \
+ ${INC_DRV_DIRS_TO_CHECK} \
+ ${INC_ARM_DIRS_TO_CHECK}
################################################################################
@@ -187,6 +197,34 @@
endif
endif
+# Memory tagging is supported in architecture Armv8.5-A AArch64 and onwards
+ifeq ($(ARCH), aarch64)
+ifeq ($(shell test $(ARM_ARCH_MAJOR) -gt 8; echo $$?),0)
+mem_tag_arch_support = yes
+else ifeq ($(shell test $(ARM_ARCH_MAJOR) -eq 8 -a $(ARM_ARCH_MINOR) -ge 5; \
+ echo $$?),0)
+mem_tag_arch_support = yes
+endif
+endif
+
+# Enabled required option for memory stack tagging. Currently, these options are
+# enabled only for clang and armclang compiler.
+ifeq (${SUPPORT_STACK_MEMTAG},yes)
+ifdef mem_tag_arch_support
+ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
+march64-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a+memtag
+ifeq ($(notdir $(CC)),armclang)
+TF_CFLAGS += -mmemtag-stack
+else ifeq ($(notdir $(CC)),clang)
+TF_CFLAGS += -fsanitize=memtag
+endif
+endif
+else
+$(error "Error: stack memory tagging is not supported for architecture \
+ ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
+endif
+endif
+
ifneq ($(findstring armclang,$(notdir $(CC))),)
TF_CFLAGS_aarch32 = -target arm-arm-none-eabi $(march32-directive)
TF_CFLAGS_aarch64 = -target aarch64-arm-none-eabi $(march64-directive)
@@ -509,15 +547,15 @@
endif
ifeq (${ARCH},aarch64)
-BL1_CFLAGS += -DIMAGE_AT_EL3
+BL1_CPPFLAGS += -DIMAGE_AT_EL3
ifeq ($(BL2_AT_EL3),1)
-BL2_CFLAGS += -DIMAGE_AT_EL3
+BL2_CPPFLAGS += -DIMAGE_AT_EL3
else
-BL2_CFLAGS += -DIMAGE_AT_EL1
+BL2_CPPFLAGS += -DIMAGE_AT_EL1
endif
-BL2U_CFLAGS += -DIMAGE_AT_EL1
-BL31_CFLAGS += -DIMAGE_AT_EL3
-BL32_CFLAGS += -DIMAGE_AT_EL1
+BL2U_CPPFLAGS += -DIMAGE_AT_EL1
+BL31_CPPFLAGS += -DIMAGE_AT_EL3
+BL32_CPPFLAGS += -DIMAGE_AT_EL1
endif
# Include the CPU specific operations makefile, which provides default
diff --git a/bl1/bl1.ld.S b/bl1/bl1.ld.S
index e65ab90..75355eb 100644
--- a/bl1/bl1.ld.S
+++ b/bl1/bl1.ld.S
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
@@ -47,20 +45,7 @@
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
+ RODATA_COMMON
/*
* No need to pad out the .rodata section to a page boundary. Next is
@@ -81,20 +66,7 @@
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
+ RODATA_COMMON
*(.vectors)
__RO_END__ = .;
@@ -137,18 +109,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
#if USE_COHERENT_MEM
diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S
index d08b046..15df5dd 100644
--- a/bl2/bl2.ld.S
+++ b/bl2/bl2.ld.S
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
@@ -47,16 +45,7 @@
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- . = ALIGN(8);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
__RODATA_END__ = .;
@@ -68,16 +57,7 @@
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- . = ALIGN(8);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
+ RODATA_COMMON
*(.vectors)
__RO_END_UNALIGNED__ = .;
@@ -114,18 +94,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
#if USE_COHERENT_MEM
diff --git a/bl2/bl2_el3.ld.S b/bl2/bl2_el3.ld.S
index a72818c..d04f226 100644
--- a/bl2/bl2_el3.ld.S
+++ b/bl2/bl2_el3.ld.S
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
@@ -55,30 +53,7 @@
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
-
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
__RODATA_END__ = .;
@@ -96,30 +71,7 @@
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
-
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PARSER_LIB_DESCS_START__ = .;
- KEEP(*(.img_parser_lib_descs))
- __PARSER_LIB_DESCS_END__ = .;
-
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
*(.vectors)
__RO_END_UNALIGNED__ = .;
@@ -177,18 +129,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
#if USE_COHERENT_MEM
diff --git a/bl2u/bl2u.ld.S b/bl2u/bl2u.ld.S
index 96545a3..8c0bbbd 100644
--- a/bl2u/bl2u.ld.S
+++ b/bl2u/bl2u.ld.S
@@ -46,6 +46,9 @@
.rodata . : {
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
+
+ RODATA_COMMON
+
. = ALIGN(PAGE_SIZE);
__RODATA_END__ = .;
} >RAM
@@ -56,6 +59,8 @@
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
+ RODATA_COMMON
+
*(.vectors)
__RO_END_UNALIGNED__ = .;
/*
@@ -91,18 +96,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
#if USE_COHERENT_MEM
diff --git a/bl31/bl31.ld.S b/bl31/bl31.ld.S
index 5f9f9df..1cdf7c9 100644
--- a/bl31/bl31.ld.S
+++ b/bl31/bl31.ld.S
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
@@ -49,43 +47,7 @@
__RODATA_START__ = .;
*(SORT_BY_ALIGNMENT(.rodata*))
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __RT_SVC_DESCS_START__ = .;
- KEEP(*(rt_svc_descs))
- __RT_SVC_DESCS_END__ = .;
-
- . = ALIGN(8);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
-#if ENABLE_PMF
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PMF_SVC_DESCS_START__ = .;
- KEEP(*(pmf_svc_descs))
- __PMF_SVC_DESCS_END__ = .;
-#endif /* ENABLE_PMF */
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
-
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
/* Place pubsub sections for events */
. = ALIGN(8);
@@ -101,43 +63,7 @@
*(SORT_BY_ALIGNMENT(.text*))
*(SORT_BY_ALIGNMENT(.rodata*))
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __RT_SVC_DESCS_START__ = .;
- KEEP(*(rt_svc_descs))
- __RT_SVC_DESCS_END__ = .;
-
- . = ALIGN(8);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
-#if ENABLE_PMF
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __PMF_SVC_DESCS_START__ = .;
- KEEP(*(pmf_svc_descs))
- __PMF_SVC_DESCS_END__ = .;
-#endif /* ENABLE_PMF */
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
-
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
/* Place pubsub sections for events */
. = ALIGN(8);
@@ -238,66 +164,7 @@
__STACKS_END__ = .;
} >NOBITS
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss (NOLOAD) : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
-#if !USE_COHERENT_MEM
- /*
- * Bakery locks are stored in normal .bss memory
- *
- * Each lock's data is spread across multiple cache lines, one per CPU,
- * but multiple locks can share the same cache line.
- * The compiler will allocate enough memory for one CPU's bakery locks,
- * the remaining cache lines are allocated by the linker script
- */
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __BAKERY_LOCK_START__ = .;
- __PERCPU_BAKERY_LOCK_START__ = .;
- *(bakery_lock)
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PERCPU_BAKERY_LOCK_END__ = .;
- __PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__);
- . = . + (__PERCPU_BAKERY_LOCK_SIZE__ * (PLATFORM_CORE_COUNT - 1));
- __BAKERY_LOCK_END__ = .;
-
- /*
- * If BL31 doesn't use any bakery lock then __PERCPU_BAKERY_LOCK_SIZE__
- * will be zero. For this reason, the only two valid values for
- * __PERCPU_BAKERY_LOCK_SIZE__ are 0 or the platform defined value
- * PLAT_PERCPU_BAKERY_LOCK_SIZE.
- */
-#ifdef PLAT_PERCPU_BAKERY_LOCK_SIZE
- ASSERT((__PERCPU_BAKERY_LOCK_SIZE__ == 0) || (__PERCPU_BAKERY_LOCK_SIZE__ == PLAT_PERCPU_BAKERY_LOCK_SIZE),
- "PLAT_PERCPU_BAKERY_LOCK_SIZE does not match bakery lock requirements");
-#endif
-#endif
-
-#if ENABLE_PMF
- /*
- * Time-stamps are stored in normal .bss memory
- *
- * The compiler will allocate enough memory for one CPU's time-stamps,
- * the remaining memory for other CPUs is allocated by the
- * linker script
- */
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PMF_TIMESTAMP_START__ = .;
- KEEP(*(pmf_timestamp_array))
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PMF_PERCPU_TIMESTAMP_END__ = .;
- __PERCPU_TIMESTAMP_SIZE__ = ABSOLUTE(. - __PMF_TIMESTAMP_START__);
- . = . + (__PERCPU_TIMESTAMP_SIZE__ * (PLATFORM_CORE_COUNT - 1));
- __PMF_TIMESTAMP_END__ = .;
-#endif /* ENABLE_PMF */
- __BSS_END__ = .;
- } >NOBITS
-
+ BSS_SECTION >NOBITS
XLAT_TABLE_SECTION >NOBITS
#if USE_COHERENT_MEM
diff --git a/bl32/sp_min/sp_min.ld.S b/bl32/sp_min/sp_min.ld.S
index 66f3b11..da005db 100644
--- a/bl32/sp_min/sp_min.ld.S
+++ b/bl32/sp_min/sp_min.ld.S
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
@@ -50,33 +48,7 @@
__RODATA_START__ = .;
*(.rodata*)
- /* Ensure 4-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(4);
- __RT_SVC_DESCS_START__ = .;
- KEEP(*(rt_svc_descs))
- __RT_SVC_DESCS_END__ = .;
-
- . = ALIGN(4);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
-#if ENABLE_PMF
- /* Ensure 4-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(4);
- __PMF_SVC_DESCS_START__ = .;
- KEEP(*(pmf_svc_descs))
- __PMF_SVC_DESCS_END__ = .;
-#endif /* ENABLE_PMF */
-
- /*
- * Ensure 4-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(4);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
+ RODATA_COMMON
/* Place pubsub sections for events */
. = ALIGN(8);
@@ -92,25 +64,7 @@
*(.text*)
*(.rodata*)
- /* Ensure 4-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(4);
- __RT_SVC_DESCS_START__ = .;
- KEEP(*(rt_svc_descs))
- __RT_SVC_DESCS_END__ = .;
-
- . = ALIGN(4);
- __FCONF_POPULATOR_START__ = .;
- KEEP(*(.fconf_populator))
- __FCONF_POPULATOR_END__ = .;
-
- /*
- * Ensure 4-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(4);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
+ RODATA_COMMON
/* Place pubsub sections for events */
. = ALIGN(8);
@@ -153,60 +107,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 8-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss (NOLOAD) : ALIGN(8) {
- __BSS_START__ = .;
- *(.bss*)
- *(COMMON)
-#if !USE_COHERENT_MEM
- /*
- * Bakery locks are stored in normal .bss memory
- *
- * Each lock's data is spread across multiple cache lines, one per CPU,
- * but multiple locks can share the same cache line.
- * The compiler will allocate enough memory for one CPU's bakery locks,
- * the remaining cache lines are allocated by the linker script
- */
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __BAKERY_LOCK_START__ = .;
- __PERCPU_BAKERY_LOCK_START__ = .;
- *(bakery_lock)
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PERCPU_BAKERY_LOCK_END__ = .;
- __PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__);
- . = . + (__PERCPU_BAKERY_LOCK_SIZE__ * (PLATFORM_CORE_COUNT - 1));
- __BAKERY_LOCK_END__ = .;
-#ifdef PLAT_PERCPU_BAKERY_LOCK_SIZE
- ASSERT(__PERCPU_BAKERY_LOCK_SIZE__ == PLAT_PERCPU_BAKERY_LOCK_SIZE,
- "PLAT_PERCPU_BAKERY_LOCK_SIZE does not match bakery lock requirements");
-#endif
-#endif
-
-#if ENABLE_PMF
- /*
- * Time-stamps are stored in normal .bss memory
- *
- * The compiler will allocate enough memory for one CPU's time-stamps,
- * the remaining memory for other CPUs is allocated by the
- * linker script
- */
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PMF_TIMESTAMP_START__ = .;
- KEEP(*(pmf_timestamp_array))
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PMF_PERCPU_TIMESTAMP_END__ = .;
- __PERCPU_TIMESTAMP_SIZE__ = ABSOLUTE(. - __PMF_TIMESTAMP_START__);
- . = . + (__PERCPU_TIMESTAMP_SIZE__ * (PLATFORM_CORE_COUNT - 1));
- __PMF_TIMESTAMP_END__ = .;
-#endif /* ENABLE_PMF */
-
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
__BSS_SIZE__ = SIZEOF(.bss);
diff --git a/bl32/tsp/tsp.ld.S b/bl32/tsp/tsp.ld.S
index da60c63..bf77c92 100644
--- a/bl32/tsp/tsp.ld.S
+++ b/bl32/tsp/tsp.ld.S
@@ -6,7 +6,6 @@
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <platform_def.h>
OUTPUT_FORMAT(PLATFORM_LINKER_FORMAT)
OUTPUT_ARCH(PLATFORM_LINKER_ARCH)
@@ -38,15 +37,7 @@
__RODATA_START__ = .;
*(.rodata*)
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
. = ALIGN(PAGE_SIZE);
__RODATA_END__ = .;
@@ -58,15 +49,7 @@
*(.text*)
*(.rodata*)
- /*
- * Keep the .got section in the RO section as it is patched
- * prior to enabling the MMU and having the .got in RO is better for
- * security. GOT is a table of addresses so ensure 8-byte alignment.
- */
- . = ALIGN(8);
- __GOT_START__ = .;
- *(.got)
- __GOT_END__ = .;
+ RODATA_COMMON
*(.vectors)
@@ -114,18 +97,7 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss : ALIGN(16) {
- __BSS_START__ = .;
- *(SORT_BY_ALIGNMENT(.bss*))
- *(COMMON)
- __BSS_END__ = .;
- } >RAM
-
+ BSS_SECTION >RAM
XLAT_TABLE_SECTION >RAM
#if USE_COHERENT_MEM
diff --git a/common/desc_image_load.c b/common/desc_image_load.c
index 0769226..47c80aa 100644
--- a/common/desc_image_load.c
+++ b/common/desc_image_load.c
@@ -214,11 +214,12 @@
{
bl_params_node_t *params_node;
unsigned int fw_config_id;
- uintptr_t hw_config_base = 0, fw_config_base;
-#if defined(SPD_spmd)
+#ifdef SPD_spmd
uint32_t fw_config_size = 0;
#endif
+ uintptr_t fw_config_base;
bl_mem_params_node_t *mem_params;
+ uintptr_t hw_config_base = 0;
assert(bl2_to_next_bl_params != NULL);
@@ -227,6 +228,7 @@
* if available.
*/
mem_params = get_bl_mem_params_node(HW_CONFIG_ID);
+
if (mem_params != NULL)
hw_config_base = mem_params->image_info.image_base;
@@ -240,8 +242,16 @@
fw_config_id = SOC_FW_CONFIG_ID;
break;
case BL32_IMAGE_ID:
+ /*
+ * At the moment, OPTEE cannot accept a DTB in secure memory,
+ * so fall back and use NT_FW_CONFIG instead.
+ * This MUST be fixed as soon as OPTEE has support to
+ * receive DTBs in secure memory.
+ */
+#ifndef SPD_opteed
fw_config_id = TOS_FW_CONFIG_ID;
break;
+#endif
case BL33_IMAGE_ID:
fw_config_id = NT_FW_CONFIG_ID;
break;
@@ -254,38 +264,57 @@
mem_params = get_bl_mem_params_node(fw_config_id);
if (mem_params != NULL) {
fw_config_base = mem_params->image_info.image_base;
-#if defined(SPD_spmd)
+#ifdef SPD_spmd
fw_config_size =
mem_params->image_info.image_size;
#endif
}
}
+
+#ifdef SPD_opteed
/*
- * Pass hw and tb_fw config addresses to next images. NOTE - for
- * EL3 runtime images (BL31 for AArch64 and BL32 for AArch32),
- * arg0 is already used by generic code. Take care of not
- * overwriting the previous initialisations.
+ * If SPD_opteed is enabled, arg[0,2] are populated by
+ * parse_optee_header(), which is called by
+ * arm_bl2_handle_post_image_load(). The meaning of the
+ * arguments are:
+ * arg0 <-- MODE_RW
+ * arg1 <-- Paged image base
+ * arg2 <-- Paged image size
*/
- if (params_node == bl2_to_next_bl_params->head) {
- if (params_node->ep_info->args.arg1 == 0U)
- params_node->ep_info->args.arg1 =
+ if (params_node->image_id == BL32_IMAGE_ID) {
+ params_node->ep_info->args.arg3 = fw_config_base;
+ } else {
+#endif
+ /*
+ * Pass hw and tb_fw config addresses to next images.
+ * NOTE - for EL3 runtime images (BL31 for AArch64
+ * and BL32 for AArch32), arg0 is already used by
+ * generic code. Take care of not overwriting the
+ * previous initialisations.
+ */
+ if (params_node == bl2_to_next_bl_params->head) {
+ if (params_node->ep_info->args.arg1 == 0U)
+ params_node->ep_info->args.arg1 =
fw_config_base;
- if (params_node->ep_info->args.arg2 == 0U)
- params_node->ep_info->args.arg2 =
+ if (params_node->ep_info->args.arg2 == 0U)
+ params_node->ep_info->args.arg2 =
hw_config_base;
- } else {
- if (params_node->ep_info->args.arg0 == 0U)
- params_node->ep_info->args.arg0 =
+ } else {
+ if (params_node->ep_info->args.arg0 == 0U)
+ params_node->ep_info->args.arg0 =
fw_config_base;
- if (params_node->ep_info->args.arg1 == 0U)
- params_node->ep_info->args.arg1 =
+ if (params_node->ep_info->args.arg1 == 0U)
+ params_node->ep_info->args.arg1 =
hw_config_base;
-#if defined(SPD_spmd)
- if (params_node->ep_info->args.arg2 == 0U)
- params_node->ep_info->args.arg2 =
+#ifdef SPD_spmd
+ if (params_node->ep_info->args.arg2 == 0U)
+ params_node->ep_info->args.arg2 =
fw_config_size;
#endif
+ }
+#ifdef SPD_opteed
}
+#endif
}
}
diff --git a/docs/change-log.rst b/docs/change-log.rst
index cf5b57a..7e072a9 100644
--- a/docs/change-log.rst
+++ b/docs/change-log.rst
@@ -17,6 +17,7 @@
- Enable Memory Tagging Extension (MTE) support in both secure and non-secure
worlds
+
- Adds support for the new Memory Tagging Extension arriving in
ARMv8.5. MTE support is now enabled by default on systems that
support it at EL0.
@@ -84,6 +85,7 @@
- gicv3: Enabled multi-socket GIC redistributor frame discovery and migrated
ARM platforms to the new API
+
- Adds ``gicv3_rdistif_probe`` function that delegates the responsibility
of discovering the corresponding redistributor base frame to each CPU
itself.
@@ -2841,7 +2843,7 @@
--------------
-*Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved.*
.. _SDEI Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
.. _tf-issue#501: https://github.com/ARM-software/tf-issues/issues/501
diff --git a/docs/components/fconf.rst b/docs/components/fconf.rst
index 3856600..7352ac3 100644
--- a/docs/components/fconf.rst
+++ b/docs/components/fconf.rst
@@ -107,6 +107,7 @@
sub-namespaces. The following concepts should be considered when adding new
properties/namespaces.
The framework differentiates two types of properties:
+
- Properties used inside common code.
- Properties used inside platform specific code.
@@ -114,6 +115,7 @@
across multiple platforms. They should be globally accessible and defined
inside the ``lib/fconf`` directory. The namespace must be chosen to reflect the
feature/data abstracted.
+
Example:
- |TBBR| related properties: tbbr.cot.bl2_id
- Dynamic configuration information: dyn_cfg.dtb_info.hw_config_id
@@ -123,6 +125,7 @@
within the platform API and are defined only inside the platform scope. The
namespace must contain the platform name under which the properties defined
belong.
+
Example:
- Arm io framework: arm.io_policies.bl31_id
diff --git a/docs/components/index.rst b/docs/components/index.rst
index ae78b2b..49986ca 100644
--- a/docs/components/index.rst
+++ b/docs/components/index.rst
@@ -17,4 +17,5 @@
romlib-design
sdei
secure-partition-manager-design
+ spci-manifest-binding
xlat-tables-lib-v2-design
diff --git a/docs/components/spci-manifest-binding.rst b/docs/components/spci-manifest-binding.rst
index 66cca64..5848169 100644
--- a/docs/components/spci-manifest-binding.rst
+++ b/docs/components/spci-manifest-binding.rst
@@ -16,6 +16,7 @@
minor versions fo the device tree binding for the SPCI manifest represented
by this node. The minor number is incremented if the binding changes in a
backwards compatible manner.
+
- X is an integer representing the major version number of this document.
- Y is an integer representing the minor version number of this document.
@@ -23,6 +24,7 @@
- value type: <u32>
- Must be two 16 bits values (X, Y), concatenated as 31:16 -> X,
15:0 -> Y, where:
+
- X is the major version of PSA-FF-A expected by the partition at the SPCI
instance it will execute.
- Y is the minor version of PSA-FF-A expected by the partition at the SPCI
@@ -34,10 +36,12 @@
implemented by this partition. The UUID format is described in RFC 4122.
UUID can be shared by multiple instances of partitions that offer the same
service For example:
+
- If there are multiple instances of a Trusted OS, then the UUID can be
shared by all instances.
- The TEE driver in the HLOS can use the UUID with the
SPCI_PARTITION_INFO_GET interface to determine the:
+
- Number of Trusted OSs
- The partition ID of each instance of the Trusted OS
@@ -56,6 +60,7 @@
- execution-ctx-count [mandatory]
- value type: <u32>
- Number of vCPUs that a VM or SP wants to instantiate.
+
- In the absence of virtualization, this is the number of execution
contexts that a partition implements.
- If value of this field = 1 and number of PEs > 1 then the partition is
@@ -66,6 +71,7 @@
- exception-level [mandatory]
- value type: <u32>
- The target exception level for the partition:
+
- 0x0: EL1
- 0x1: S_EL0
- 0x2: S_EL1
@@ -76,6 +82,7 @@
- execution-state [mandatory]
- value type: <u32>
- The target execution state of the partition:
+
- 0: AArch64
- 1: AArch32
@@ -94,6 +101,7 @@
- xlat-granule [mandatory]
- value type: <u32>
- Translation granule used with the partition:
+
- 0x0: 4k
- 0x1: 16k
- 0x2: 32k
@@ -113,6 +121,7 @@
- messaging-method [mandatory]
- value type: <u32>
- Specifies which messaging methods are supported by the partition:
+
- 0x0: direct messaging method
- 0x1: indirect messaging method
- 0x2: both direct and indirect messaging methods
@@ -125,6 +134,7 @@
- run-time-model
- value type: <u32>
- Run time model that the SPM must enforce for this SP:
+
- 0x0: Run to completion
- 0x1: Preemptible
@@ -195,6 +205,7 @@
- reg [mandatory]
- value type: <prop-encoded-array>
- A (address, num-pages) pair describing the device, where:
+
- address: The physical base address <u64> value of the device MMIO
region.
- num-pages: The <u32> number of pages of the region. The total size of
@@ -214,15 +225,18 @@
- stream-ids [mandatory]
- value type: <prop-encoded-array>
- A list of (id, mem-manage) pair, where:
+
- id: A unique <u32> value amongst all devices assigned to the partition.
- mem-manage: A <u32> value used in memory management operations.
- interrupts [mandatory]
- value type: <prop-encoded-array>
- A list of (id, attributes) pair describing the device interrupts, where:
+
- id: The <u32> interrupt IDs.
- attributes: A ?? TO DEFINE value,
containing the attributes for each interrupt ID:
+
- Interrupt type: SPI, PPI, SGI
- Interrupt configuration: Edge triggered, Level triggered
- Interrupt security state: Secure, Non-secure
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 69e103d..e1c6c8f 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -667,6 +667,11 @@
cluster platforms). If this option is enabled, then warm boot path
enables D-caches immediately after enabling MMU. This option defaults to 0.
+- ``SUPPORT_STACK_MEMTAG``: This flag determines whether to enable memory
+ tagging for stack or not. It accepts 2 values: ``yes`` and ``no``. The
+ default value of this flag is ``no``. Note this option must be enabled only
+ for ARM architecture greater than Armv8.5-A.
+
GICv3 driver options
--------------------
diff --git a/docs/plat/meson-gxbb.rst b/docs/plat/meson-gxbb.rst
index 2cd8342..dbd83e0 100644
--- a/docs/plat/meson-gxbb.rst
+++ b/docs/plat/meson-gxbb.rst
@@ -23,4 +23,4 @@
instructions in the `U-Boot repository`_, replacing the mentioned **bl31.bin**
by the one built from this port.
-.. _U-Boot repository: https://github.com/u-boot/u-boot/blob/master/board/amlogic/odroid-c2/README.odroid-c2
+.. _U-Boot repository: https://gitlab.denx.de/u-boot/u-boot/-/blob/master/board/amlogic/p200/README.odroid-c2
diff --git a/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml b/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml
index c36e544..e613eef 100644
--- a/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml
+++ b/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml
@@ -24,9 +24,9 @@
activate fconf
note over fconf
create and populate an
- image_desc_t for TB_FW_CONFIG
+ image_desc_t for FW_CONFIG
end note
- fconf -> bl_common : load_auth_image(TB_FW_CONFIG_ID, &image_info)
+ fconf -> bl_common : load_auth_image(FW_CONFIG_ID, &image_info)
activate bl_common
note over bl_common
load and auth image from fip
@@ -42,7 +42,7 @@
fconf <- plat_bl1_common : BL2_IMAGE_DESC
note over fconf
set ep_info.args.arg0 of BL2_IMAGE_DESC
- to TB_FW_CONFIG base address
+ to FW_CONFIG base address
end note
arm_bl1_setup <- fconf
deactivate fconf
diff --git a/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml b/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml
index 98a3ff1..881f253 100644
--- a/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml
+++ b/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml
@@ -20,12 +20,12 @@
bl2_entrypoint -> bl2_main : bl2_setup()
bl2_main -> arm_bl2_setup : bl2_early_platform_setup2(\n\t arg0, arg1, arg2, arg3)
note over arm_bl2_setup
- arg0 = tb_fw_config
+ arg0 = fw_config
arg1 = mem_layout
end note
-arm_bl2_setup -> arm_bl2_setup : arm_bl2_early_platform_setup(\n\t tb_fw_config, mem_layout)
+arm_bl2_setup -> arm_bl2_setup : arm_bl2_early_platform_setup(\n\t fw_config, mem_layout)
activate arm_bl2_setup
- arm_bl2_setup -> fconf: fconf_polulate(tb_fw_config)
+ arm_bl2_setup -> fconf: fconf_polulate("TB_FW", fw_config)
activate fconf
fconf -> fconf_tbbr_getter: fconf_populate_tbbr_dyn_config(uintptr_t dtb)
note over fconf_tbbr_getter: read tbbr propeties from dtb
diff --git a/drivers/auth/cryptocell/713/cryptocell_crypto.c b/drivers/auth/cryptocell/713/cryptocell_crypto.c
new file mode 100644
index 0000000..5f390a2
--- /dev/null
+++ b/drivers/auth/cryptocell/713/cryptocell_crypto.c
@@ -0,0 +1,273 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stddef.h>
+#include <string.h>
+
+#include <drivers/arm/cryptocell/713/bsv_api.h>
+#include <drivers/arm/cryptocell/713/bsv_crypto_asym_api.h>
+#include <drivers/auth/crypto_mod.h>
+
+#include <mbedtls/oid.h>
+
+#define LIB_NAME "CryptoCell 713 SBROM"
+#define RSA_SALT_LEN 32
+#define RSA_EXPONENT 65537
+
+/*
+ * AlgorithmIdentifier ::= SEQUENCE {
+ * algorithm OBJECT IDENTIFIER,
+ * parameters ANY DEFINED BY algorithm OPTIONAL
+ * }
+ *
+ * SubjectPublicKeyInfo ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * subjectPublicKey BIT STRING
+ * }
+ *
+ * DigestInfo ::= SEQUENCE {
+ * digestAlgorithm AlgorithmIdentifier,
+ * digest OCTET STRING
+ * }
+ *
+ * RSASSA-PSS-params ::= SEQUENCE {
+ * hashAlgorithm [0] HashAlgorithm,
+ * maskGenAlgorithm [1] MaskGenAlgorithm,
+ * saltLength [2] INTEGER,
+ * trailerField [3] TrailerField DEFAULT trailerFieldBC
+ * }
+ */
+
+/*
+ * Initialize the library and export the descriptor
+ */
+static void init(void)
+{
+ CCError_t ret;
+ uint32_t lcs;
+
+ /* Initialize CC SBROM */
+ ret = CC_BsvInit((uintptr_t)PLAT_CRYPTOCELL_BASE);
+ if (ret != CC_OK) {
+ ERROR("CryptoCell CC_BsvInit() error %x\n", ret);
+ panic();
+ }
+
+ /* Initialize lifecycle state */
+ ret = CC_BsvGetAndInitLcs((uintptr_t)PLAT_CRYPTOCELL_BASE, &lcs);
+ if (ret != CC_OK) {
+ ERROR("CryptoCell CC_BsvGetAndInitLcs() error %x\n", ret);
+ panic();
+ }
+}
+
+/*
+ * Verify a signature.
+ *
+ * Parameters are passed using the DER encoding format following the ASN.1
+ * structures detailed above.
+ */
+static int verify_signature(void *data_ptr, unsigned int data_len,
+ void *sig_ptr, unsigned int sig_len,
+ void *sig_alg, unsigned int sig_alg_len,
+ void *pk_ptr, unsigned int pk_len)
+{
+ CCError_t error;
+ CCBsvNBuff_t NBuff;
+ CCBsvSignature_t signature;
+ int rc, exp;
+ mbedtls_asn1_buf sig_oid, alg_oid, params;
+ mbedtls_md_type_t md_alg;
+ mbedtls_pk_type_t pk_alg;
+ mbedtls_pk_rsassa_pss_options pss_opts;
+ size_t len;
+ uint8_t *p, *end;
+ CCHashResult_t digest;
+ CCBool_t is_verified;
+ /* This is a rather large array, we don't want it on stack */
+ static uint32_t workspace[BSV_RSA_WORKSPACE_MIN_SIZE];
+
+ /* Verify the signature algorithm */
+ /* Get pointers to signature OID and parameters */
+ p = sig_alg;
+ end = p + sig_alg_len;
+ rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, ¶ms);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Get the actual signature algorithm (MD + PK) */
+ rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* The CryptoCell only supports RSASSA-PSS signature */
+ if (pk_alg != MBEDTLS_PK_RSASSA_PSS || md_alg != MBEDTLS_MD_NONE)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Verify the RSASSA-PSS params */
+ /* The trailer field is verified to be 0xBC internally by this API */
+ rc = mbedtls_x509_get_rsassa_pss_params(¶ms, &md_alg,
+ &pss_opts.mgf1_hash_id,
+ &pss_opts.expected_salt_len);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* The CryptoCell only supports SHA256 as hash algorithm */
+ if (md_alg != MBEDTLS_MD_SHA256 ||
+ pss_opts.mgf1_hash_id != MBEDTLS_MD_SHA256)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (pss_opts.expected_salt_len != RSA_SALT_LEN)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Parse the public key */
+ p = pk_ptr;
+ end = p + pk_len;
+ rc = mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ end = p + len;
+ rc = mbedtls_asn1_get_alg_null(&p, end, &alg_oid);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (mbedtls_oid_get_pk_alg(&alg_oid, &pk_alg) != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (pk_alg != MBEDTLS_PK_RSA)
+ return CRYPTO_ERR_SIGNATURE;
+
+ rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ rc = mbedtls_asn1_get_tag(&p, end, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (*p == 0) {
+ p++; len--;
+ }
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ return CRYPTO_ERR_SIGNATURE;
+
+ /*
+ * Copy N from certificate.
+ */
+ memcpy(NBuff, p, BSV_CERT_RSA_KEY_SIZE_IN_BYTES);
+
+ /* Verify the RSA exponent */
+ p += len;
+ rc = mbedtls_asn1_get_int(&p, end, &exp);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (exp != RSA_EXPONENT)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Get the signature (bitstring) */
+ p = sig_ptr;
+ end = p + sig_len;
+ rc = mbedtls_asn1_get_bitstring_null(&p, end, &len);
+ if (rc != 0)
+ return CRYPTO_ERR_SIGNATURE;
+
+ if (len != BSV_CERT_RSA_KEY_SIZE_IN_BYTES || ((p + len) > end))
+ return CRYPTO_ERR_SIGNATURE;
+
+ /*
+ * Copy the signature (in BE format)
+ */
+ memcpy((uint8_t *)signature, p, BSV_CERT_RSA_KEY_SIZE_IN_BYTES);
+
+ error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE,
+ data_ptr, data_len, digest);
+ if (error != CC_OK)
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Verify the signature */
+ error = CC_BsvRsaPssVerify((uintptr_t)PLAT_CRYPTOCELL_BASE, NBuff,
+ NULL, signature, digest, workspace,
+ BSV_RSA_WORKSPACE_MIN_SIZE, &is_verified);
+ if ((error != CC_OK) || (is_verified != CC_TRUE))
+ return CRYPTO_ERR_SIGNATURE;
+
+ /* Signature verification success */
+ return CRYPTO_SUCCESS;
+}
+
+/*
+ * Match a hash
+ *
+ * Digest info is passed in DER format following the ASN.1 structure detailed
+ * above.
+ */
+static int verify_hash(void *data_ptr, unsigned int data_len,
+ void *digest_info_ptr, unsigned int digest_info_len)
+{
+ mbedtls_asn1_buf hash_oid, params;
+ mbedtls_md_type_t md_alg;
+ uint8_t *p, *end, *hash;
+ CCHashResult_t pubKeyHash;
+ size_t len;
+ int rc;
+ CCError_t error;
+
+ /* Digest info should be an MBEDTLS_ASN1_SEQUENCE */
+ p = digest_info_ptr;
+ end = p + digest_info_len;
+ rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (rc != 0)
+ return CRYPTO_ERR_HASH;
+
+ /* Get the hash algorithm */
+ rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
+ if (rc != 0)
+ return CRYPTO_ERR_HASH;
+
+ rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);
+ if (rc != 0)
+ return CRYPTO_ERR_HASH;
+ /* Verify that hash algorithm is SHA256 */
+ if (md_alg != MBEDTLS_MD_SHA256)
+ return CRYPTO_ERR_HASH;
+
+ /* Hash should be octet string type */
+ rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
+ if (rc != 0)
+ return CRYPTO_ERR_HASH;
+
+ /* Length of hash must match the algorithm's size */
+ if (len != HASH_RESULT_SIZE_IN_BYTES)
+ return CRYPTO_ERR_HASH;
+
+ hash = p;
+ error = CC_BsvSha256((uintptr_t)PLAT_CRYPTOCELL_BASE, data_ptr,
+ data_len, pubKeyHash);
+ if (error != CC_OK)
+ return CRYPTO_ERR_HASH;
+
+ rc = memcmp(pubKeyHash, hash, HASH_RESULT_SIZE_IN_BYTES);
+ if (rc != 0)
+ return CRYPTO_ERR_HASH;
+
+ return CRYPTO_SUCCESS;
+}
+
+/*
+ * Register crypto library descriptor
+ */
+REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, NULL);
diff --git a/drivers/auth/cryptocell/713/cryptocell_plat_helpers.c b/drivers/auth/cryptocell/713/cryptocell_plat_helpers.c
new file mode 100644
index 0000000..17e1280
--- /dev/null
+++ b/drivers/auth/cryptocell/713/cryptocell_plat_helpers.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stddef.h>
+#include <string.h>
+
+#include <plat/common/platform.h>
+#include <tools_share/tbbr_oid.h>
+
+#include <lib/libc/endian.h>
+#include <drivers/arm/cryptocell/713/bsv_api.h>
+#include <drivers/arm/cryptocell/713/bsv_error.h>
+
+/*
+ * Return the ROTPK hash
+ *
+ * Return: 0 = success, Otherwise = error
+ */
+int cc_get_rotpk_hash(unsigned char *dst, unsigned int len, unsigned int *flags)
+{
+ CCError_t error;
+ uint32_t lcs;
+ int i;
+ uint32_t *key = (uint32_t *)dst;
+
+ assert(dst != NULL);
+ assert(len >= HASH_RESULT_SIZE_IN_WORDS);
+ assert(flags != NULL);
+
+ error = CC_BsvLcsGet(PLAT_CRYPTOCELL_BASE, &lcs);
+ if (error != CC_OK)
+ return 1;
+
+ if ((lcs == CC_BSV_CHIP_MANUFACTURE_LCS) || (lcs == CC_BSV_RMA_LCS)) {
+ *flags = ROTPK_NOT_DEPLOYED;
+ return 0;
+ }
+
+ error = CC_BsvPubKeyHashGet(PLAT_CRYPTOCELL_BASE,
+ CC_SB_HASH_BOOT_KEY_256B,
+ key, HASH_RESULT_SIZE_IN_WORDS);
+
+ if (error == CC_BSV_HASH_NOT_PROGRAMMED_ERR) {
+ *flags = ROTPK_NOT_DEPLOYED;
+ return 0;
+ }
+
+ if (error == CC_OK) {
+
+ /* Keys are stored in OTP in little-endian format */
+ for (i = 0; i < HASH_RESULT_SIZE_IN_WORDS; i++)
+ key[i] = le32toh(key[i]);
+
+ *flags = ROTPK_IS_HASH;
+ return 0;
+ }
+
+ return 1;
+}
+
+/*
+ * Return the non-volatile counter value stored in the platform. The cookie
+ * specifies the OID of the counter in the certificate.
+ *
+ * Return: 0 = success, Otherwise = error
+ */
+int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
+{
+ CCError_t error = CC_FAIL;
+
+ if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) {
+ error = CC_BsvSwVersionGet(PLAT_CRYPTOCELL_BASE,
+ CC_SW_VERSION_TRUSTED, nv_ctr);
+ } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
+ error = CC_BsvSwVersionGet(PLAT_CRYPTOCELL_BASE,
+ CC_SW_VERSION_NON_TRUSTED, nv_ctr);
+ }
+
+ return (error != CC_OK);
+}
+
+/*
+ * Store a new non-volatile counter value in the counter specified by the OID
+ * in the cookie. This function is not expected to be called if the Lifecycle
+ * state is RMA as the values in the certificate are expected to always match
+ * the nvcounter values. But if called when the LCS is RMA, the underlying
+ * helper functions will return success but without updating the counter.
+ *
+ * Return: 0 = success, Otherwise = error
+ */
+int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
+{
+ CCError_t error = CC_FAIL;
+
+ if (strcmp(cookie, TRUSTED_FW_NVCOUNTER_OID) == 0) {
+ error = CC_BsvSwVersionSet(PLAT_CRYPTOCELL_BASE,
+ CC_SW_VERSION_TRUSTED, nv_ctr);
+ } else if (strcmp(cookie, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
+ error = CC_BsvSwVersionSet(PLAT_CRYPTOCELL_BASE,
+ CC_SW_VERSION_NON_TRUSTED, nv_ctr);
+ }
+
+ return (error != CC_OK);
+}
+
diff --git a/drivers/auth/cryptocell/cryptocell_crypto.mk b/drivers/auth/cryptocell/cryptocell_crypto.mk
index 2fc4ddb..db39047 100644
--- a/drivers/auth/cryptocell/cryptocell_crypto.mk
+++ b/drivers/auth/cryptocell/cryptocell_crypto.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -22,6 +22,8 @@
CRYPTOCELL_VERSION ?= 712
ifeq (${CRYPTOCELL_VERSION},712)
CCSBROM_LIB_FILENAME := cc_712sbromx509
+else ifeq (${CRYPTOCELL_VERSION},713)
+ CCSBROM_LIB_FILENAME := cc_713bsv
else
$(error Error: CRYPTOCELL_VERSION set to invalid version)
endif
diff --git a/include/common/bl_common.ld.h b/include/common/bl_common.ld.h
index 32c54b4..8ea7d6a 100644
--- a/include/common/bl_common.ld.h
+++ b/include/common/bl_common.ld.h
@@ -7,6 +7,164 @@
#ifndef BL_COMMON_LD_H
#define BL_COMMON_LD_H
+#include <platform_def.h>
+
+#ifdef __aarch64__
+#define STRUCT_ALIGN 8
+#define BSS_ALIGN 16
+#else
+#define STRUCT_ALIGN 4
+#define BSS_ALIGN 8
+#endif
+
+#define CPU_OPS \
+ . = ALIGN(STRUCT_ALIGN); \
+ __CPU_OPS_START__ = .; \
+ KEEP(*(cpu_ops)) \
+ __CPU_OPS_END__ = .;
+
+#define PARSER_LIB_DESCS \
+ . = ALIGN(STRUCT_ALIGN); \
+ __PARSER_LIB_DESCS_START__ = .; \
+ KEEP(*(.img_parser_lib_descs)) \
+ __PARSER_LIB_DESCS_END__ = .;
+
+#define RT_SVC_DESCS \
+ . = ALIGN(STRUCT_ALIGN); \
+ __RT_SVC_DESCS_START__ = .; \
+ KEEP(*(rt_svc_descs)) \
+ __RT_SVC_DESCS_END__ = .;
+
+#define PMF_SVC_DESCS \
+ . = ALIGN(STRUCT_ALIGN); \
+ __PMF_SVC_DESCS_START__ = .; \
+ KEEP(*(pmf_svc_descs)) \
+ __PMF_SVC_DESCS_END__ = .;
+
+#define FCONF_POPULATOR \
+ . = ALIGN(STRUCT_ALIGN); \
+ __FCONF_POPULATOR_START__ = .; \
+ KEEP(*(.fconf_populator)) \
+ __FCONF_POPULATOR_END__ = .;
+
+/*
+ * Keep the .got section in the RO section as it is patched prior to enabling
+ * the MMU and having the .got in RO is better for security. GOT is a table of
+ * addresses so ensure pointer size alignment.
+ */
+#define GOT \
+ . = ALIGN(STRUCT_ALIGN); \
+ __GOT_START__ = .; \
+ *(.got) \
+ __GOT_END__ = .;
+
+/*
+ * The base xlat table
+ *
+ * It is put into the rodata section if PLAT_RO_XLAT_TABLES=1,
+ * or into the bss section otherwise.
+ */
+#define BASE_XLAT_TABLE \
+ . = ALIGN(16); \
+ *(base_xlat_table)
+
+#if PLAT_RO_XLAT_TABLES
+#define BASE_XLAT_TABLE_RO BASE_XLAT_TABLE
+#define BASE_XLAT_TABLE_BSS
+#else
+#define BASE_XLAT_TABLE_RO
+#define BASE_XLAT_TABLE_BSS BASE_XLAT_TABLE
+#endif
+
+#define RODATA_COMMON \
+ RT_SVC_DESCS \
+ FCONF_POPULATOR \
+ PMF_SVC_DESCS \
+ PARSER_LIB_DESCS \
+ CPU_OPS \
+ GOT \
+ BASE_XLAT_TABLE_RO
+
+#define STACK_SECTION \
+ stacks (NOLOAD) : { \
+ __STACKS_START__ = .; \
+ *(tzfw_normal_stacks) \
+ __STACKS_END__ = .; \
+ }
+
+/*
+ * If BL doesn't use any bakery lock then __PERCPU_BAKERY_LOCK_SIZE__
+ * will be zero. For this reason, the only two valid values for
+ * __PERCPU_BAKERY_LOCK_SIZE__ are 0 or the platform defined value
+ * PLAT_PERCPU_BAKERY_LOCK_SIZE.
+ */
+#ifdef PLAT_PERCPU_BAKERY_LOCK_SIZE
+#define BAKERY_LOCK_SIZE_CHECK \
+ ASSERT((__PERCPU_BAKERY_LOCK_SIZE__ == 0) || \
+ (__PERCPU_BAKERY_LOCK_SIZE__ == PLAT_PERCPU_BAKERY_LOCK_SIZE), \
+ "PLAT_PERCPU_BAKERY_LOCK_SIZE does not match bakery lock requirements");
+#else
+#define BAKERY_LOCK_SIZE_CHECK
+#endif
+
+/*
+ * Bakery locks are stored in normal .bss memory
+ *
+ * Each lock's data is spread across multiple cache lines, one per CPU,
+ * but multiple locks can share the same cache line.
+ * The compiler will allocate enough memory for one CPU's bakery locks,
+ * the remaining cache lines are allocated by the linker script
+ */
+#if !USE_COHERENT_MEM
+#define BAKERY_LOCK_NORMAL \
+ . = ALIGN(CACHE_WRITEBACK_GRANULE); \
+ __BAKERY_LOCK_START__ = .; \
+ __PERCPU_BAKERY_LOCK_START__ = .; \
+ *(bakery_lock) \
+ . = ALIGN(CACHE_WRITEBACK_GRANULE); \
+ __PERCPU_BAKERY_LOCK_END__ = .; \
+ __PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__); \
+ . = . + (__PERCPU_BAKERY_LOCK_SIZE__ * (PLATFORM_CORE_COUNT - 1)); \
+ __BAKERY_LOCK_END__ = .; \
+ BAKERY_LOCK_SIZE_CHECK
+#else
+#define BAKERY_LOCK_NORMAL
+#endif
+
+/*
+ * Time-stamps are stored in normal .bss memory
+ *
+ * The compiler will allocate enough memory for one CPU's time-stamps,
+ * the remaining memory for other CPUs is allocated by the
+ * linker script
+ */
+#define PMF_TIMESTAMP \
+ . = ALIGN(CACHE_WRITEBACK_GRANULE); \
+ __PMF_TIMESTAMP_START__ = .; \
+ KEEP(*(pmf_timestamp_array)) \
+ . = ALIGN(CACHE_WRITEBACK_GRANULE); \
+ __PMF_PERCPU_TIMESTAMP_END__ = .; \
+ __PERCPU_TIMESTAMP_SIZE__ = ABSOLUTE(. - __PMF_TIMESTAMP_START__); \
+ . = . + (__PERCPU_TIMESTAMP_SIZE__ * (PLATFORM_CORE_COUNT - 1)); \
+ __PMF_TIMESTAMP_END__ = .;
+
+
+/*
+ * The .bss section gets initialised to 0 at runtime.
+ * Its base address has bigger alignment for better performance of the
+ * zero-initialization code.
+ */
+#define BSS_SECTION \
+ .bss (NOLOAD) : ALIGN(BSS_ALIGN) { \
+ __BSS_START__ = .; \
+ *(SORT_BY_ALIGNMENT(.bss*)) \
+ *(COMMON) \
+ BAKERY_LOCK_NORMAL \
+ PMF_TIMESTAMP \
+ BASE_XLAT_TABLE_BSS \
+ __BSS_END__ = .; \
+ }
+
/*
* The xlat_table section is for full, aligned page tables (4K).
* Removing them from .bss avoids forcing 4K alignment on
diff --git a/include/drivers/arm/cryptocell/713/bsv_api.h b/include/drivers/arm/cryptocell/713/bsv_api.h
new file mode 100644
index 0000000..dc49473
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/bsv_api.h
@@ -0,0 +1,221 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _BSV_API_H
+#define _BSV_API_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*!
+@file
+@brief This file contains the Boot Services APIs and definitions.
+
+@defgroup cc_bsv_api CryptoCell Boot Services APIs and definitions
+@{
+@ingroup cc_bsv
+*/
+
+#include "cc_pal_types.h"
+#include "cc_sec_defs.h"
+#include "cc_boot_defs.h"
+
+/* Life cycle state definitions. */
+#define CC_BSV_CHIP_MANUFACTURE_LCS 0x0 /*!< The CM life-cycle state (LCS) value. */
+#define CC_BSV_DEVICE_MANUFACTURE_LCS 0x1 /*!< The DM life-cycle state (LCS) value. */
+#define CC_BSV_SECURE_LCS 0x5 /*!< The Secure life-cycle state (LCS) value. */
+#define CC_BSV_RMA_LCS 0x7 /*!< The RMA life-cycle state (LCS) value. */
+#define CC_BSV_INVALID_LCS 0xff /*!< The invalid life-cycle state (LCS) value. */
+
+/*----------------------------
+ TYPES
+-----------------------------------*/
+
+/*----------------------------
+ PUBLIC FUNCTIONS
+-----------------------------------*/
+
+
+/*!
+@brief This function verifies the product and version numbers of the HW, and initializes it.
+
+\warning This function must be the first CryptoCell-7xx SBROM library API called.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvInit(
+ unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */
+ );
+
+/*!
+@brief This function retrieves the HW LCS and performs validity checks.
+
+If the LCS is RMA, it also sets the OTP secret keys to a fixed value.
+
+@note An error is returned if there is an invalid LCS. If this happens, your code must
+completely disable the device.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvGetAndInitLcs(
+ unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ uint32_t *pLcs /*!< [out] The value of the current LCS. */
+ );
+
+/*!
+@brief This function retrieves the LCS from the NVM manager.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvLcsGet(
+ unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ uint32_t *pLcs /*!< [out] The value of the current LCS. */
+ );
+
+/*!
+@brief This function reads software revocation counter from OTP memory, according to the provided sw version index.
+SW version is stored in NVM counter and represented by ones. Meaning seVersion=5 would be stored as binary 0b11111;
+hence:
+ the maximal of trusted is 32
+ the maximal of non-trusted is 224
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvSwVersionGet(
+ unsigned long hwBaseAddress, /*!< [in] HW registers base address. */
+ CCSbSwVersionId_t id, /*!< [in] Enumeration defining the trusted/non-trusted counter to read. */
+ uint32_t *swVersion /*!< [out] The value of the requested counter as read from OTP memory. */
+ );
+
+/*!
+@brief This function sets the NVM counter according to swVersionID (trusted/non-trusted).
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvSwVersionSet(
+ unsigned long hwBaseAddress, /*!< [in] HW registers base address. */
+ CCSbSwVersionId_t id, /*!< [in] Enumeration defining the trusted/non-trusted counter to read. */
+ uint32_t swVersion /*!< [in] New value of the counter to be programmed in OTP memory. */
+ );
+
+/*!
+@brief This function sets the "fatal error" flag in the NVM manager, to disable the use of
+any HW keys or security services.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvFatalErrorSet(
+ unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */
+ );
+
+/*!
+@brief This function retrieves the public key hash from OTP memory, according to the provided index.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvPubKeyHashGet(
+ unsigned long hwBaseAddress, /*!< [in] HW registers base address. */
+ CCSbPubKeyIndexType_t keyIndex, /*!< [in] Enumeration defining the key hash to retrieve: 128-bit HBK0, 128-bit HBK1, or 256-bit HBK. */
+ uint32_t *hashedPubKey, /*!< [out] A buffer to contain the public key HASH. */
+ uint32_t hashResultSizeWords /*!< [in] The size of the hash in 32-bit words:
+ - Must be 4 for 128-bit hash.
+ - Must be 8 for 256bit hash. */
+ );
+
+/*!
+@brief This function permanently sets the RMA LCS for the ICV and the OEM.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvRMAModeEnable(
+ unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */
+ );
+
+/*!
+@brief This function is called by the ICV code, to disable the OEM code from changing the ICV RMA bit flag.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvICVRMAFlagBitLock(
+ unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */
+ );
+
+/*!
+@brief This function locks the defined ICV class keys from further usage.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvICVKeyLock(
+ unsigned long hwBaseAddress, /*!< [in] HW registers base address. */
+ CCBool_t isICVProvisioningKeyLock, /*!< [in] Should the provisioning key be locked. */
+ CCBool_t isICVCodeEncKeyLock /*!< [in] Should the encryption key be locked. */
+ );
+
+
+/*!
+@brief This function retrieves the value of "secure disable" bit.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvSecureDisableGet(
+ unsigned long hwBaseAddress, /*!< [in] HW registers base address. */
+ CCBool_t *isSDEnabled /*!< [out] The value of the SD Enable bit. */
+ );
+
+
+/*!
+@brief This function derives the platform key (Kplt) from the Kpicv, and then decrypts the customer key (Kcst)
+from the EKcst (burned in the OTP). The decryption is done only in Secure and RMA LCS mode using AES-ECB.
+The customer ROM should invoke this function during early boot, prior to running any non-ROM code, only if Kcst exists.
+The resulting Kcst is saved in a HW register.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvCustomerKeyDecrypt(
+ unsigned long hwBaseAddress /*!< [in] The base address of the CryptoCell HW registers. */
+ );
+#ifdef __cplusplus
+}
+#endif
+
+/*!
+@brief This function derives the unique SoC_ID for the device, as hashed (Hbk || AES_CMAC (HUK)).
+
+@note SoC_ID is required to create debug certificates.
+
+The OEM or ICV must provide a method for a developer to discover the SoC_ID of a target
+device without having to first enable debugging.
+One suggested implementation is to have the device ROM code compute the SoC_ID and place
+it in a specific location in the flash memory, from where it can be accessed by the developer.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvSocIDCompute(
+ unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ CCHashResult_t hashResult /*!< [out] The derived SoC_ID. */
+ );
+
+#endif /* _BSV_API_H */
+
+/**
+@}
+ */
+
diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_api.h b/include/drivers/arm/cryptocell/713/bsv_crypto_api.h
new file mode 100644
index 0000000..1e60579
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/bsv_crypto_api.h
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _BSV_CRYPTO_API_H
+#define _BSV_CRYPTO_API_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*!
+@file
+@brief This file contains the cryptographic ROM APIs of the Boot Services.
+
+@defgroup cc_bsv_crypto_api CryptoCell Boot Services cryptographic ROM APIs
+@{
+@ingroup cc_bsv
+*/
+
+#include "cc_pal_types.h"
+#include "cc_sec_defs.h"
+#include "cc_address_defs.h"
+#include "bsv_crypto_defs.h"
+
+/*----------------------------
+ PUBLIC FUNCTIONS
+-----------------------------------*/
+
+/*!
+@brief This function calculates the SHA-256 digest over contiguous memory
+in an integrated operation.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvSha256(
+ unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ uint8_t *pDataIn, /*!< [in] A pointer to the input buffer to be hashed. The buffer must be contiguous. */
+ size_t dataSize, /*!< [in] The size of the data to be hashed, in bytes. */
+ CCHashResult_t hashBuff /*!< [out] A pointer to a word-aligned 32-byte buffer. */
+ );
+
+
+/*!
+@brief This function allows you to calculate SHA256 digest of an image with decryption base on AES-CTR,
+with HW or user key.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure. (in this case, hashBuff will be returned clean, while the output data should be cleaned by the user).
+*/
+CCError_t CC_BsvCryptoImageDecrypt( unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ CCBsvflowMode_t flow, /*!< [in] The supported operations are: HASH, AES to HASH, AES and HASH. */
+ CCBsvKeyType_t keyType, /*!< [in] The key type to use: Kce, Kceicv, or user key. */
+ uint8_t *pUserKey, /*!< [in] A pointer to the user key buffer in case keyType is CC_BSV_USER_KEY. */
+ size_t userKeySize, /*!< [in] The user key size in bytes (128bits) in case keyType is CC_BSV_USER_KEY. */
+ uint8_t *pIvBuf, /*!< [in] A pointer to the IV / counter buffer. */
+ uint8_t *pInputData, /*!< [in] A pointer to the input data. */
+ uint8_t *pOutputData, /*!< [out] A pointer to the output buffer. (optional – should be null in case of hash only). */
+ size_t dataSize, /*!< [in] The size of the input data in bytes. MUST be multiple of AES block size. */
+ CCHashResult_t hashBuff /*!< [out] A pointer to a word-aligned 32-byte digest output buffer. */
+ );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+@}
+ */
+
diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h b/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h
new file mode 100644
index 0000000..406e1ef
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _BSV_CRYPTO_ASYM_API_H
+#define _BSV_CRYPTO_ASYM_API_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*!
+@file
+@brief This file contains the cryptographic Asymmetric ROM APIs of the Boot Services.
+
+@defgroup cc_bsv_crypto_asym_api CryptoCell Boot Services cryptographic Asymmetric ROM APIs
+@{
+@ingroup cc_bsv
+*/
+
+#include "cc_pal_types.h"
+#include "cc_pka_hw_plat_defs.h"
+#include "cc_sec_defs.h"
+#include "bsv_crypto_api.h"
+
+/*! Defines the workspace size in bytes needed for internal Asymmetric operations. */
+#define BSV_RSA_WORKSPACE_MIN_SIZE (4*BSV_CERT_RSA_KEY_SIZE_IN_BYTES +\
+ 2*RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES)
+
+/*! Definition for the RSA public modulus array. */
+typedef uint32_t CCBsvNBuff_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS];
+
+/*! Definition for the RSA Barrett mod tag array. */
+typedef uint32_t CCBsvNpBuff_t[RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES];
+
+/*! Definition for the RSA signature array. */
+typedef uint32_t CCBsvSignature_t[BSV_CERT_RSA_KEY_SIZE_IN_WORDS];
+
+
+/*----------------------------
+ PUBLIC FUNCTIONS
+-----------------------------------*/
+
+/*!
+@brief This function performs the primitive operation of RSA, meaning exponent and modulus.
+ outBuff = (pInBuff ^ Exp) mod NBuff. ( Exp = 0x10001 )
+
+ The function supports 2k and 3K bit size of modulus, based on compile time define.
+ There are no restriction on pInBuff location, however its size must be equal to BSV_RSA_KEY_SIZE_IN_BYTES and its
+ value must be smaller than the modulus.
+
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvRsaPrimVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */
+ CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */
+ uint32_t *pInBuff, /*!< [in] The DataIn buffer to be encrypted. */
+ size_t inBuffSize, /*!< [in] The DataIn buffer size in bytes, must be BSV_RSA_KEY_SIZE_IN_BYTES. */
+ CCBsvSignature_t pOutBuff, /*!< [out] The encrypted buffer in big endian format. */
+ uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */
+ size_t workBufferSize /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */
+);
+
+
+/*!
+@brief This function performs RSA PSS verify.
+
+ The function should support 2k and 3K bit size of modulus, based on compile time define.
+
+@return \c CC_OK on success.
+@return A non-zero value from bsv_error.h on failure.
+*/
+CCError_t CC_BsvRsaPssVerify (unsigned long hwBaseAddress, /*!< [in] The base address of the CryptoCell HW registers. */
+ CCBsvNBuff_t NBuff, /*!< [in] The modulus buffer big endian format. */
+ CCBsvNpBuff_t NpBuff, /*!< [in] The barret tag buffer big endian format - optional. */
+ CCBsvSignature_t signature, /*!< [in] The signature buffer to verify - big endian format. */
+ CCHashResult_t hashedData, /*!< [in] The data-in buffer to be verified as sha256 digest. */
+ uint32_t *pWorkSpace, /*!< [in] The pointer to user allocated buffer for internal use. */
+ size_t workBufferSize, /*!< [in] The size in bytes of pWorkSpace, must be at-least BSV_RSA_WORKSPACE_MIN_SIZE. */
+ CCBool_t *pIsVerified /*!< [out] The flag indicates whether the signature is verified or not.
+ If verified value will be CC_TRUE, otherwise CC_FALSE */
+);
+
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+@}
+ */
+
diff --git a/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h b/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h
new file mode 100644
index 0000000..9ea354d
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h
@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _BSV_CRYPTO_DEFS_H
+#define _BSV_CRYPTO_DEFS_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*!
+@file
+@brief This file contains the definitions of the cryptographic ROM APIs.
+
+@defgroup cc_bsv_crypto_defs CryptoCell Boot Services cryptographic ROM API definitions
+@{
+@ingroup cc_bsv
+*/
+
+/*! AES supported HW key code table. */
+typedef enum {
+
+ CC_BSV_USER_KEY = 0, /*!< Definition for a user key. */
+ CC_BSV_HUK_KEY = 1, /*!< Definition for the HW unique key. */
+ CC_BSV_RTL_KEY = 2, /*!< Definition for the RTL key. */
+ CC_BSV_SESSION_KEY = 3, /*!< Definition for the Session key. */
+ CC_BSV_CE_KEY = 4, /*!< Definition for the Kce. */
+ CC_BSV_PLT_KEY = 5, /*!< Definition for the Platform key. */
+ CC_BSV_KCST_KEY = 6, /*!< Definition for Kcst. */
+ CC_BSV_ICV_PROV_KEY = 0xd, /*!< Definition for the Kpicv. */
+ CC_BSV_ICV_CE_KEY = 0xe, /*!< Definition for the Kceicv. */
+ CC_BSV_PROV_KEY = 0xf, /*!< Definition for the Kcp. */
+ CC_BSV_END_OF_KEY_TYPE = INT32_MAX, /*!< Reserved. */
+}CCBsvKeyType_t;
+
+/*! AES directions. */
+typedef enum bsvAesDirection {
+ BSV_AES_DIRECTION_ENCRYPT = 0, /*!< Encrypt.*/
+ BSV_AES_DIRECTION_DECRYPT = 1, /*!< Decrypt.*/
+ BSV_AES_NUM_OF_ENCRYPT_MODES, /*!< The maximal number of operations. */
+ BSV_AES_DIRECTION_RESERVE32B = INT32_MAX /*!< Reserved.*/
+}bsvAesDirection_t;
+
+/*! Definitions of the cryptographic flow supported as part of the Secure Boot. */
+typedef enum {
+ CC_BSV_CRYPTO_HASH_MODE = 0, /*!< Hash mode only. */
+ CC_BSV_CRYPTO_AES_CTR_AND_HASH_MODE = 1, /*!< Data goes into the AES and Hash engines. */
+ CC_BSV_CRYPTO_AES_CTR_TO_HASH_MODE = 2 /*!< Data goes into the AES and from the AES to the Hash engine. */
+}CCBsvflowMode_t;
+
+/*! CryptoImage HW completion sequence mode */
+typedef enum
+{
+ BSV_CRYPTO_COMPLETION_NO_WAIT = 0, /*!< The driver waits only before reading the output. */
+ BSV_CRYPTO_COMPLETION_WAIT_UPON_END = 1 /*!< The driver waits after each chunk of data. */
+}bsvCryptoCompletionMode_t;
+
+
+/*! AES-CMAC result size, in words. */
+#define CC_BSV_CMAC_RESULT_SIZE_IN_WORDS 4 /* 128b */
+/*! AES-CMAC result size, in bytes. */
+#define CC_BSV_CMAC_RESULT_SIZE_IN_BYTES 16 /* 128b */
+/*! AES-CCM 128bit key size, in bytes. */
+#define CC_BSV_CCM_KEY_SIZE_BYTES 16
+/*! AES-CCM 128bit key size, in words. */
+#define CC_BSV_CCM_KEY_SIZE_WORDS 4
+/*! AES-CCM NONCE size, in bytes. */
+#define CC_BSV_CCM_NONCE_SIZE_BYTES 12
+
+
+/*! AES-CMAC result buffer. */
+typedef uint32_t CCBsvCmacResult_t[CC_BSV_CMAC_RESULT_SIZE_IN_WORDS];
+/*! AES-CCM key buffer.*/
+typedef uint32_t CCBsvCcmKey_t[CC_BSV_CCM_KEY_SIZE_WORDS];
+/*! AES-CCM nonce buffer.*/
+typedef uint8_t CCBsvCcmNonce_t[CC_BSV_CCM_NONCE_SIZE_BYTES];
+/*! AES-CCM MAC buffer.*/
+typedef uint8_t CCBsvCcmMacRes_t[CC_BSV_CMAC_RESULT_SIZE_IN_BYTES];
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+@}
+ */
+
diff --git a/include/drivers/arm/cryptocell/713/bsv_error.h b/include/drivers/arm/cryptocell/713/bsv_error.h
new file mode 100644
index 0000000..4d72e60
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/bsv_error.h
@@ -0,0 +1,161 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _BSV_ERROR_H
+#define _BSV_ERROR_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*!
+@file
+@brief This file defines the error code types that are returned from the Boot Services APIs.
+
+@defgroup cc_bsv_error CryptoCell Boot Services error codes
+@{
+@ingroup cc_bsv
+*/
+
+/*! Defines the base address for Boot Services errors. */
+#define CC_BSV_BASE_ERROR 0x0B000000
+/*! Defines the base address for Boot Services cryptographic errors. */
+#define CC_BSV_CRYPTO_ERROR 0x0C000000
+
+/*! Illegal input parameter. */
+#define CC_BSV_ILLEGAL_INPUT_PARAM_ERR (CC_BSV_BASE_ERROR + 0x00000001)
+/*! Illegal HUK value. */
+#define CC_BSV_ILLEGAL_HUK_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000002)
+/*! Illegal Kcp value. */
+#define CC_BSV_ILLEGAL_KCP_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000003)
+/*! Illegal Kce value. */
+#define CC_BSV_ILLEGAL_KCE_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000004)
+/*! Illegal Kpicv value. */
+#define CC_BSV_ILLEGAL_KPICV_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000005)
+/*! Illegal Kceicv value. */
+#define CC_BSV_ILLEGAL_KCEICV_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000006)
+/*! Illegal EKcst value. */
+#define CC_BSV_ILLEGAL_EKCST_VALUE_ERR (CC_BSV_BASE_ERROR + 0x00000007)
+/*! Hash boot key not programmed in the OTP. */
+#define CC_BSV_HASH_NOT_PROGRAMMED_ERR (CC_BSV_BASE_ERROR + 0x00000008)
+/*! Illegal Hash boot key zero count in the OTP. */
+#define CC_BSV_HBK_ZERO_COUNT_ERR (CC_BSV_BASE_ERROR + 0x00000009)
+/*! Illegal LCS. */
+#define CC_BSV_ILLEGAL_LCS_ERR (CC_BSV_BASE_ERROR + 0x0000000A)
+/*! OTP write compare failure. */
+#define CC_BSV_OTP_WRITE_CMP_FAIL_ERR (CC_BSV_BASE_ERROR + 0x0000000B)
+/*! OTP access error */
+#define CC_BSV_OTP_ACCESS_ERR (CC_BSV_BASE_ERROR + 0x0000000C)
+/*! Erase key in OTP failed. */
+#define CC_BSV_ERASE_KEY_FAILED_ERR (CC_BSV_BASE_ERROR + 0x0000000D)
+/*! Illegal PIDR. */
+#define CC_BSV_ILLEGAL_PIDR_ERR (CC_BSV_BASE_ERROR + 0x0000000E)
+/*! Illegal CIDR. */
+#define CC_BSV_ILLEGAL_CIDR_ERR (CC_BSV_BASE_ERROR + 0x0000000F)
+/*! Device failed to move to fatal error state. */
+#define CC_BSV_FAILED_TO_SET_FATAL_ERR (CC_BSV_BASE_ERROR + 0x00000010)
+/*! Failed to set RMA LCS. */
+#define CC_BSV_FAILED_TO_SET_RMA_ERR (CC_BSV_BASE_ERROR + 0x00000011)
+/*! Illegal RMA indication. */
+#define CC_BSV_ILLEGAL_RMA_INDICATION_ERR (CC_BSV_BASE_ERROR + 0x00000012)
+/*! Boot Services version is not initialized. */
+#define CC_BSV_VER_IS_NOT_INITIALIZED_ERR (CC_BSV_BASE_ERROR + 0x00000013)
+/*! APB secure mode is locked. */
+#define CC_BSV_APB_SECURE_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000014)
+/*! APB privilege mode is locked. */
+#define CC_BSV_APB_PRIVILEG_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000015)
+/*! Illegal operation. */
+#define CC_BSV_ILLEGAL_OPERATION_ERR (CC_BSV_BASE_ERROR + 0x00000016)
+/*! Illegal asset size. */
+#define CC_BSV_ILLEGAL_ASSET_SIZE_ERR (CC_BSV_BASE_ERROR + 0x00000017)
+/*! Illegal asset value. */
+#define CC_BSV_ILLEGAL_ASSET_VAL_ERR (CC_BSV_BASE_ERROR + 0x00000018)
+/*! Kpicv is locked. */
+#define CC_BSV_KPICV_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000019)
+/*! Illegal SW version. */
+#define CC_BSV_ILLEGAL_SW_VERSION_ERR (CC_BSV_BASE_ERROR + 0x0000001A)
+/*! AO write operation. */
+#define CC_BSV_AO_WRITE_FAILED_ERR (CC_BSV_BASE_ERROR + 0x0000001B)
+/*! Chip state is already initialized. */
+#define CC_BSV_CHIP_INITIALIZED_ERR (CC_BSV_BASE_ERROR + 0x0000001C)
+/*! SP is not enabled. */
+#define CC_BSV_SP_NOT_ENABLED_ERR (CC_BSV_BASE_ERROR + 0x0000001D)
+/*! Production secure provisioning - header fields. */
+#define CC_BSV_PROD_PKG_HEADER_ERR (CC_BSV_BASE_ERROR + 0x0000001E)
+/*! Production secure provisioning - header MAC. */
+#define CC_BSV_PROD_PKG_HEADER_MAC_ERR (CC_BSV_BASE_ERROR + 0x0000001F)
+/*! Overrun buffer or size. */
+#define CC_BSV_OVERRUN_ERR (CC_BSV_BASE_ERROR + 0x00000020)
+/*! Kceicv is locked. */
+#define CC_BSV_KCEICV_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000021)
+/*! Chip indication is CHIP_STATE_ERROR. */
+#define CC_BSV_CHIP_INDICATION_ERR (CC_BSV_BASE_ERROR + 0x00000022)
+/*! Device is locked in fatal error state. */
+#define CC_BSV_FATAL_ERR_IS_LOCKED_ERR (CC_BSV_BASE_ERROR + 0x00000023)
+/*! Device has security disable feature enabled. */
+#define CC_BSV_SECURE_DISABLE_ERROR (CC_BSV_BASE_ERROR + 0x00000024)
+/*! Device has Kcst in disabled state */
+#define CC_BSV_KCST_DISABLE_ERROR (CC_BSV_BASE_ERROR + 0x00000025)
+
+
+/*! Illegal data-in pointer. */
+#define CC_BSV_CRYPTO_INVALID_DATA_IN_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000001)
+/*! Illegal data-out pointer. */
+#define CC_BSV_CRYPTO_INVALID_DATA_OUT_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000002)
+/*! Illegal data size. */
+#define CC_BSV_CRYPTO_INVALID_DATA_SIZE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000003)
+/*! Illegal key type. */
+#define CC_BSV_CRYPTO_INVALID_KEY_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000004)
+/*! Illegal key size. */
+#define CC_BSV_CRYPTO_INVALID_KEY_SIZE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000005)
+/*! Invalid key pointer. */
+#define CC_BSV_CRYPTO_INVALID_KEY_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000006)
+/*! Illegal key DMA type. */
+#define CC_BSV_CRYPTO_INVALID_KEY_DMA_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000007)
+/*! Illegal IV pointer. */
+#define CC_BSV_CRYPTO_INVALID_IV_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000008)
+/*! Illegal cipher mode. */
+#define CC_BSV_CRYPTO_INVALID_CIPHER_MODE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000009)
+/*! Illegal result buffer pointer. */
+#define CC_BSV_CRYPTO_INVALID_RESULT_BUFFER_POINTER_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000A)
+/*! Invalid DMA type. */
+#define CC_BSV_CRYPTO_INVALID_DMA_TYPE_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000B)
+/*! Invalid in/out buffers overlapping. */
+#define CC_BSV_CRYPTO_DATA_OUT_DATA_IN_OVERLAP_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000C)
+/*! Invalid KDF label size. */
+#define CC_BSV_CRYPTO_ILLEGAL_KDF_LABEL_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000D)
+/*! Invalid KDF Context size. */
+#define CC_BSV_CRYPTO_ILLEGAL_KDF_CONTEXT_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000E)
+/*! Invalid CCM key. */
+#define CC_BSV_CCM_INVALID_KEY_ERROR (CC_BSV_CRYPTO_ERROR + 0x0000000f)
+/*! Invalid CCM Nonce. */
+#define CC_BSV_CCM_INVALID_NONCE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000010)
+/*! Invalid CCM associated data. */
+#define CC_BSV_CCM_INVALID_ASSOC_DATA_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000011)
+/*! Invalid CCM text data. */
+#define CC_BSV_CCM_INVALID_TEXT_DATA_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000012)
+/*! Invalid CCM-MAC buffer. */
+#define CC_BSV_CCM_INVALID_MAC_BUF_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000013)
+/*! CCM-MAC comparison failed. */
+#define CC_BSV_CCM_TAG_LENGTH_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000014)
+/*! CCM-MAC comparison failed. */
+#define CC_BSV_CCM_MAC_INVALID_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000015)
+/*! Illegal flow mode. */
+#define CC_BSV_CRYPTO_INVALID_FLOW_MODE_ERROR (CC_BSV_CRYPTO_ERROR + 0x00000016)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+@}
+ */
+
+
+
diff --git a/include/drivers/arm/cryptocell/713/cc_address_defs.h b/include/drivers/arm/cryptocell/713/cc_address_defs.h
new file mode 100644
index 0000000..0abc15c
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_address_defs.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _CC_ADDRESS_DEFS_H
+#define _CC_ADDRESS_DEFS_H
+
+/*!
+@file
+@brief This file contains general definitions.
+*/
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include "cc_pal_types.h"
+
+/************************ Defines ******************************/
+
+/**
+ * Address types within CC
+ */
+/*! Definition of DMA address type, can be 32 bits or 64 bits according to CryptoCell's HW. */
+typedef uint64_t CCDmaAddr_t;
+/*! Definition of CryptoCell address type, can be 32 bits or 64 bits according to platform. */
+typedef uint64_t CCAddr_t;
+/*! Definition of CC SRAM address type, can be 32 bits according to CryptoCell's HW. */
+typedef uint32_t CCSramAddr_t;
+
+/*
+ * CCSramAddr_t is being cast into pointer type which can be 64 bit.
+ */
+/*! Definition of MACRO that casts SRAM addresses to pointer types. */
+#define CCSramAddr2Ptr(sramAddr) ((uintptr_t)sramAddr)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+ @}
+ */
+
+
diff --git a/include/drivers/arm/cryptocell/713/cc_boot_defs.h b/include/drivers/arm/cryptocell/713/cc_boot_defs.h
new file mode 100644
index 0000000..4d29a6d
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_boot_defs.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _CC_BOOT_DEFS_H
+#define _CC_BOOT_DEFS_H
+
+/*!
+ @file
+ @brief This file contains general definitions of types and enums of Boot APIs.
+ */
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*! Version counters value. */
+typedef enum {
+
+ CC_SW_VERSION_TRUSTED = 0, /*!< Trusted counter. */
+ CC_SW_VERSION_NON_TRUSTED, /*!< Non trusted counter. */
+ CC_SW_VERSION_MAX = 0x7FFFFFFF /*!< Reserved */
+} CCSbSwVersionId_t;
+
+/*! The hash boot key definition. */
+typedef enum {
+ CC_SB_HASH_BOOT_KEY_0_128B = 0, /*!< Hbk0: 128-bit truncated SHA-256 digest of PubKB0. Used by ICV */
+ CC_SB_HASH_BOOT_KEY_1_128B = 1, /*!< Hbk1: 128-bit truncated SHA-256 digest of PubKB1. Used by OEM */
+ CC_SB_HASH_BOOT_KEY_256B = 2, /*!< Hbk: 256-bit SHA-256 digest of public key. */
+ CC_SB_HASH_BOOT_NOT_USED = 0xF, /*!< Hbk is not used. */
+ CC_SB_HASH_MAX_NUM = 0x7FFFFFFF, /*!< Reserved. */
+} CCSbPubKeyIndexType_t;
+
+/*! Chip state. */
+typedef enum {
+ CHIP_STATE_NOT_INITIALIZED = 0, /*! Chip is not initialized. */
+ CHIP_STATE_TEST = 1, /*! Chip is in Production state. */
+ CHIP_STATE_PRODUCTION = 2, /*! Chip is in Production state. */
+ CHIP_STATE_ERROR = 3, /*! Chip is in Error state. */
+} CCBsvChipState_t;
+#ifdef __cplusplus
+}
+#endif
+
+#endif /*_CC_BOOT_DEFS_H */
+
+/**
+@}
+ */
diff --git a/include/drivers/arm/cryptocell/713/cc_pal_types.h b/include/drivers/arm/cryptocell/713/cc_pal_types.h
new file mode 100644
index 0000000..4ab3960
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_pal_types.h
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CC_PAL_TYPES_H
+#define CC_PAL_TYPES_H
+
+/*!
+@file
+@brief This file contains platform-dependent definitions and types of the PAL layer.
+
+@defgroup cc_pal_types CryptoCell platform-dependent PAL layer definitions and types
+@{
+@ingroup cc_pal
+
+ @{
+ @ingroup cc_pal
+ @}
+*/
+
+#include "cc_pal_types_plat.h"
+
+/*! Definition of Boolean type.*/
+typedef enum {
+ /*! Boolean false.*/
+ CC_FALSE = 0,
+ /*! Boolean true.*/
+ CC_TRUE = 1
+} CCBool_t;
+
+/*! Success. */
+#define CC_SUCCESS 0UL
+/*! Failure. */
+#define CC_FAIL 1UL
+
+/*! Success (OK). */
+#define CC_OK 0
+
+/*! This macro handles unused parameters in the code, to avoid compilation warnings. */
+#define CC_UNUSED_PARAM(prm) ((void)prm)
+
+/*! The maximal uint32 value.*/
+#define CC_MAX_UINT32_VAL (0xFFFFFFFF)
+
+
+/* Minimal and Maximal macros */
+#ifdef min
+/*! Definition for minimal calculation. */
+#define CC_MIN(a,b) min( a , b )
+#else
+/*! Definition for minimal calculation. */
+#define CC_MIN( a , b ) ( ( (a) < (b) ) ? (a) : (b) )
+#endif
+
+#ifdef max
+/*! Definition for maximal calculation. */
+#define CC_MAX(a,b) max( a , b )
+#else
+/*! Definition for maximal calculation.. */
+#define CC_MAX( a , b ) ( ( (a) > (b) ) ? (a) : (b) )
+#endif
+
+/*! This macro calculates the number of full Bytes from bits, where seven bits are one Byte. */
+#define CALC_FULL_BYTES(numBits) ((numBits)/CC_BITS_IN_BYTE + (((numBits) & (CC_BITS_IN_BYTE-1)) > 0))
+/*! This macro calculates the number of full 32-bit words from bits where 31 bits are one word. */
+#define CALC_FULL_32BIT_WORDS(numBits) ((numBits)/CC_BITS_IN_32BIT_WORD + (((numBits) & (CC_BITS_IN_32BIT_WORD-1)) > 0))
+/*! This macro calculates the number of full 32-bit words from Bytes where three Bytes are one word. */
+#define CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) ((sizeBytes)/CC_32BIT_WORD_SIZE + (((sizeBytes) & (CC_32BIT_WORD_SIZE-1)) > 0))
+/*! This macro calculates the number of full 32-bit words from 64-bits dwords. */
+#define CALC_32BIT_WORDS_FROM_64BIT_DWORD(sizeWords) (sizeWords * CC_32BIT_WORD_IN_64BIT_DWORD)
+/*! This macro rounds up bits to 32-bit words. */
+#define ROUNDUP_BITS_TO_32BIT_WORD(numBits) (CALC_FULL_32BIT_WORDS(numBits) * CC_BITS_IN_32BIT_WORD)
+/*! This macro rounds up bits to Bytes. */
+#define ROUNDUP_BITS_TO_BYTES(numBits) (CALC_FULL_BYTES(numBits) * CC_BITS_IN_BYTE)
+/*! This macro rounds up bytes to 32-bit words. */
+#define ROUNDUP_BYTES_TO_32BIT_WORD(sizeBytes) (CALC_32BIT_WORDS_FROM_BYTES(sizeBytes) * CC_32BIT_WORD_SIZE)
+/*! This macro calculates the number Bytes from words. */
+#define CALC_WORDS_TO_BYTES(numwords) ((numwords)*CC_32BIT_WORD_SIZE)
+/*! Definition of 1 KB in Bytes. */
+#define CC_1K_SIZE_IN_BYTES 1024
+/*! Definition of number of bits in a Byte. */
+#define CC_BITS_IN_BYTE 8
+/*! Definition of number of bits in a 32-bits word. */
+#define CC_BITS_IN_32BIT_WORD 32
+/*! Definition of number of Bytes in a 32-bits word. */
+#define CC_32BIT_WORD_SIZE 4
+/*! Definition of number of 32-bits words in a 64-bits dword. */
+#define CC_32BIT_WORD_IN_64BIT_DWORD 2
+
+
+#endif
+
+/**
+@}
+ */
+
+
+
diff --git a/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h b/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h
new file mode 100644
index 0000000..9848472
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/*! @file
+@brief This file contains basic type definitions that are platform-dependent.
+*/
+#ifndef _CC_PAL_TYPES_PLAT_H
+#define _CC_PAL_TYPES_PLAT_H
+/* Host specific types for standard (ISO-C99) compilant platforms */
+
+#include <stddef.h>
+#include <stdint.h>
+
+typedef uint32_t CCStatus;
+
+#define CCError_t CCStatus
+#define CC_INFINITE 0xFFFFFFFF
+
+#define CEXPORT_C
+#define CIMPORT_C
+
+#endif /*_CC_PAL_TYPES_PLAT_H*/
diff --git a/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h b/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h
new file mode 100644
index 0000000..1a1bce0
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _CC_PKA_HW_PLAT_DEFS_H
+#define _CC_PKA_HW_PLAT_DEFS_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+
+#include "cc_pal_types.h"
+/*!
+@file
+@brief Contains the enums and definitions that are used in the PKA code (definitions that are platform dependent).
+*/
+
+/*! The size of the PKA engine word. */
+#define CC_PKA_WORD_SIZE_IN_BITS 128
+
+/*! The maximal supported size of modulus in RSA in bits. */
+#define CC_RSA_MAX_VALID_KEY_SIZE_VALUE_IN_BITS 4096
+/*! The maximal supported size of key-generation in RSA in bits. */
+#define CC_RSA_MAX_KEY_GENERATION_HW_SIZE_BITS 4096
+
+/*! Secure boot/debug certificate RSA public modulus key size in bits. */
+#if (KEY_SIZE == 3072)
+ #define BSV_CERT_RSA_KEY_SIZE_IN_BITS 3072
+#else
+ #define BSV_CERT_RSA_KEY_SIZE_IN_BITS 2048
+#endif
+/*! Secure boot/debug certificate RSA public modulus key size in bytes. */
+#define BSV_CERT_RSA_KEY_SIZE_IN_BYTES (BSV_CERT_RSA_KEY_SIZE_IN_BITS/CC_BITS_IN_BYTE)
+/*! Secure boot/debug certificate RSA public modulus key size in words. */
+#define BSV_CERT_RSA_KEY_SIZE_IN_WORDS (BSV_CERT_RSA_KEY_SIZE_IN_BITS/CC_BITS_IN_32BIT_WORD)
+
+/*! The maximal count of extra bits in PKA operations. */
+#define PKA_EXTRA_BITS 8
+/*! The number of memory registers in PKA operations. */
+#define PKA_MAX_COUNT_OF_PHYS_MEM_REGS 32
+
+/*! Size of buffer for Barrett modulus tag in words. */
+#define RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS 5
+/*! Size of buffer for Barrett modulus tag in bytes. */
+#define RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_BYTES (RSA_PKA_BARRETT_MOD_TAG_BUFF_SIZE_IN_WORDS*CC_32BIT_WORD_SIZE)
+
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif //_CC_PKA_HW_PLAT_DEFS_H
+
+/**
+ @}
+ */
+
diff --git a/include/drivers/arm/cryptocell/713/cc_sec_defs.h b/include/drivers/arm/cryptocell/713/cc_sec_defs.h
new file mode 100644
index 0000000..8fb698f
--- /dev/null
+++ b/include/drivers/arm/cryptocell/713/cc_sec_defs.h
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2017-2020 ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef _CC_SEC_DEFS_H
+#define _CC_SEC_DEFS_H
+
+/*!
+@file
+@brief This file contains general definitions and types.
+*/
+
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include "cc_pal_types.h"
+
+/*! Hashblock size in words. */
+#define HASH_BLOCK_SIZE_IN_WORDS 16
+/*! Hash - SHA2 results in words. */
+#define HASH_RESULT_SIZE_IN_WORDS 8
+/*! Hash - SHA2 results in bytes. */
+#define HASH_RESULT_SIZE_IN_BYTES 32
+
+/*! Definition for hash result array. */
+typedef uint32_t CCHashResult_t[HASH_RESULT_SIZE_IN_WORDS];
+
+/*! Definition for converting pointer to Host address. */
+#define CONVERT_TO_ADDR(ptr) (unsigned long)ptr
+
+/*! Definition for converting pointer to SRAM address. */
+#define CONVERT_TO_SRAM_ADDR(ptr) (0xFFFFFFFF & ptr)
+
+/*! The data size of the signed SW image, in bytes. */
+/*!\internal ContentCertImageRecord_t includes: HS(8W) + 64-b dstAddr(2W) + imgSize(1W) + isCodeEncUsed(1W) */
+#define SW_REC_SIGNED_DATA_SIZE_IN_BYTES 48
+
+/*! The data size of the unsigned SW image, in bytes. */
+/*!\internal CCSbSwImgAddData_t includes: 64-b srcAddr(2W)*/
+#define SW_REC_NONE_SIGNED_DATA_SIZE_IN_BYTES 8
+
+/*! The additional data size - storage address and length of the unsigned SW image, in words. */
+#define SW_REC_NONE_SIGNED_DATA_SIZE_IN_WORDS SW_REC_NONE_SIGNED_DATA_SIZE_IN_BYTES/CC_32BIT_WORD_SIZE
+
+/*! The additional data section size, in bytes. */
+#define CC_SB_MAX_SIZE_ADDITIONAL_DATA_BYTES 128
+
+/*! Indication of whether or not to load the SW image to memory. */
+#define CC_SW_COMP_NO_MEM_LOAD_INDICATION 0xFFFFFFFFFFFFFFFFUL
+
+/*! Indication of product version, stored in certificate version field. */
+#define CC_SB_CERT_VERSION_PROJ_PRD 0x713
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+/**
+@}
+ */
+
+
+
diff --git a/include/drivers/auth/auth_mod.h b/include/drivers/auth/auth_mod.h
index 6c48124..1dc9ff4 100644
--- a/include/drivers/auth/auth_mod.h
+++ b/include/drivers/auth/auth_mod.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,8 @@
#include <drivers/auth/auth_common.h>
#include <drivers/auth/img_parser_mod.h>
+#include <lib/utils_def.h>
+
/*
* Image flags
*/
@@ -41,9 +43,11 @@
/* Macro to register a CoT defined as an array of auth_img_desc_t pointers */
#define REGISTER_COT(_cot) \
const auth_img_desc_t *const *const cot_desc_ptr = (_cot); \
+ const size_t cot_desc_size = ARRAY_SIZE(_cot); \
unsigned int auth_img_flags[MAX_NUMBER_IDS]
extern const auth_img_desc_t *const *const cot_desc_ptr;
+extern const size_t cot_desc_size;
extern unsigned int auth_img_flags[MAX_NUMBER_IDS];
#endif /* TRUSTED_BOARD_BOOT */
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index c83824d..92891ce 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -25,10 +25,6 @@
/* Word size for 64-bit CPUs */
#define CPU_WORD_SIZE 8
-#if defined(IMAGE_BL1) || defined(IMAGE_BL31) ||(defined(IMAGE_BL2) && BL2_AT_EL3)
-#define IMAGE_AT_EL3
-#endif
-
/*
* Whether errata status needs reporting. Errata status is printed in debug
* builds for both BL1 and BL31 images.
diff --git a/include/lib/el3_runtime/context_mgmt.h b/include/lib/el3_runtime/context_mgmt.h
index b36cd3d..2090687 100644
--- a/include/lib/el3_runtime/context_mgmt.h
+++ b/include/lib/el3_runtime/context_mgmt.h
@@ -32,7 +32,7 @@
void cm_init_my_context(const struct entry_point_info *ep);
void cm_init_context_by_index(unsigned int cpu_idx,
const struct entry_point_info *ep);
-void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep);
+void cm_setup_context(cpu_context_t *ctx, const struct entry_point_info *ep);
void cm_prepare_el3_exit(uint32_t security_state);
#ifdef __aarch64__
diff --git a/include/lib/fconf/fconf_tbbr_getter.h b/include/lib/fconf/fconf_tbbr_getter.h
index eddc0c4..db98b68 100644
--- a/include/lib/fconf/fconf_tbbr_getter.h
+++ b/include/lib/fconf/fconf_tbbr_getter.h
@@ -7,10 +7,15 @@
#ifndef FCONF_TBBR_GETTER_H
#define FCONF_TBBR_GETTER_H
+#include <assert.h>
+
#include <lib/fconf/fconf.h>
/* TBBR related getter */
-#define tbbr__cot_getter(id) cot_desc_ptr[id]
+#define tbbr__cot_getter(id) __extension__ ({ \
+ assert((id) < cot_desc_size); \
+ cot_desc_ptr[id]; \
+})
#define tbbr__dyn_config_getter(id) tbbr_dyn_config.id
diff --git a/include/lib/xlat_tables/xlat_tables_v2.h b/include/lib/xlat_tables/xlat_tables_v2.h
index ab311f4..9fe4a6e 100644
--- a/include/lib/xlat_tables/xlat_tables_v2.h
+++ b/include/lib/xlat_tables/xlat_tables_v2.h
@@ -164,20 +164,15 @@
* Would typically be PLAT_VIRT_ADDR_SPACE_SIZE
* (resp. PLAT_PHY_ADDR_SPACE_SIZE) for the translation context describing the
* BL image currently executing.
-
- * _base_table_section:
- * Specify the name of the section where the base translation tables have to
- * be placed by the linker.
*/
#define REGISTER_XLAT_CONTEXT(_ctx_name, _mmap_count, _xlat_tables_count, \
- _virt_addr_space_size, _phy_addr_space_size, \
- _base_table_section) \
+ _virt_addr_space_size, _phy_addr_space_size) \
REGISTER_XLAT_CONTEXT_FULL_SPEC(_ctx_name, (_mmap_count), \
(_xlat_tables_count), \
(_virt_addr_space_size), \
(_phy_addr_space_size), \
EL_REGIME_INVALID, \
- "xlat_table", (_base_table_section))
+ "xlat_table", "base_xlat_table")
/*
* Same as REGISTER_XLAT_CONTEXT plus the additional parameters:
diff --git a/include/plat/arm/common/arm_fconf_getter.h b/include/plat/arm/common/arm_fconf_getter.h
index 28913a4..8fd8c7a 100644
--- a/include/plat/arm/common/arm_fconf_getter.h
+++ b/include/plat/arm/common/arm_fconf_getter.h
@@ -7,10 +7,15 @@
#ifndef ARM_FCONF_GETTER
#define ARM_FCONF_GETTER
+#include <assert.h>
+
#include <lib/fconf/fconf.h>
/* ARM io policies */
-#define arm__io_policies_getter(id) &policies[id]
+#define arm__io_policies_getter(id) __extension__ ({ \
+ assert((id) < MAX_NUMBER_IDS); \
+ &policies[id]; \
+})
struct plat_io_policy {
uintptr_t *dev_handle;
diff --git a/lib/xlat_tables_v2/xlat_tables_context.c b/lib/xlat_tables_v2/xlat_tables_context.c
index 032e142..95dae88 100644
--- a/lib/xlat_tables_v2/xlat_tables_context.c
+++ b/lib/xlat_tables_v2/xlat_tables_context.c
@@ -25,15 +25,8 @@
* Allocate and initialise the default translation context for the BL image
* currently executing.
*/
-#if PLAT_RO_XLAT_TABLES
-#define BASE_XLAT_TABLE_SECTION ".rodata"
-#else
-#define BASE_XLAT_TABLE_SECTION ".bss"
-#endif
-
REGISTER_XLAT_CONTEXT(tf, MAX_MMAP_REGIONS, MAX_XLAT_TABLES,
- PLAT_VIRT_ADDR_SPACE_SIZE, PLAT_PHY_ADDR_SPACE_SIZE,
- BASE_XLAT_TABLE_SECTION);
+ PLAT_VIRT_ADDR_SPACE_SIZE, PLAT_PHY_ADDR_SPACE_SIZE);
void mmap_add_region(unsigned long long base_pa, uintptr_t base_va, size_t size,
unsigned int attr)
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index 4e968e2..590a800 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -288,3 +288,8 @@
# S-EL2 firmware entry/exit. This flag is to be used with SPD=spmd option.
# Default is 0.
CTX_INCLUDE_EL2_REGS := 0
+
+# Enable Memory tag extension which is supported for architecture greater
+# than Armv8.5-A
+# By default it is set to "no"
+SUPPORT_STACK_MEMTAG := no
diff --git a/plat/arm/board/arm_fpga/fpga_pm.c b/plat/arm/board/arm_fpga/fpga_pm.c
index 4c37217..a306a23 100644
--- a/plat/arm/board/arm_fpga/fpga_pm.c
+++ b/plat/arm/board/arm_fpga/fpga_pm.c
@@ -41,9 +41,13 @@
*/
static int fpga_pwr_domain_on(u_register_t mpidr)
{
- unsigned int pos = plat_core_pos_by_mpidr(mpidr);
+ int pos = plat_core_pos_by_mpidr(mpidr);
unsigned long current_mpidr = read_mpidr_el1();
+ if (pos < 0) {
+ panic();
+ }
+
if (mpidr == current_mpidr) {
return PSCI_E_ALREADY_ON;
}
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index 15cd691..7843690 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -297,30 +297,30 @@
# Enable the dynamic translation tables library.
ifeq (${ARCH},aarch32)
ifeq (${RESET_TO_SP_MIN},1)
- BL32_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL32_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
else # AArch64
ifeq (${RESET_TO_BL31},1)
- BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
ifeq (${SPD},trusty)
- BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
endif
ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
ifeq (${ARCH},aarch32)
- BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES=1
+ BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
else # AArch64
- BL31_CPPFLAGS += -DPLAT_RO_XLAT_TABLES=1
+ BL31_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
ifeq (${SPD},tspd)
- BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES=1
+ BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
endif
endif
endif
ifeq (${USE_DEBUGFS},1)
- BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
# Add support for platform supplied linker script for BL31 build
diff --git a/plat/arm/board/juno/platform.mk b/plat/arm/board/juno/platform.mk
index dfdefa1..a871e81 100644
--- a/plat/arm/board/juno/platform.mk
+++ b/plat/arm/board/juno/platform.mk
@@ -147,19 +147,19 @@
# Enable the dynamic translation tables library.
ifeq (${ARCH},aarch32)
ifeq (${RESET_TO_SP_MIN},1)
- BL32_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL32_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
else
ifeq (${RESET_TO_BL31},1)
- BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+ BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
endif
endif
ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
ifeq (${JUNO_AARCH32_EL3_RUNTIME}, 1)
- BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES=1
+ BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
else
- BL31_CPPFLAGS += -DPLAT_RO_XLAT_TABLES=1
+ BL31_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
endif
endif
diff --git a/plat/arm/board/rdn1edge/platform.mk b/plat/arm/board/rdn1edge/platform.mk
index 1daf85f..e436542 100644
--- a/plat/arm/board/rdn1edge/platform.mk
+++ b/plat/arm/board/rdn1edge/platform.mk
@@ -38,7 +38,7 @@
endif
# Enable dynamic addition of MMAP regions in BL31
-BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC=1
+BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
# Add the FDT_SOURCES and options for Dynamic Config
FDT_SOURCES += ${RDN1EDGE_BASE}/fdts/${PLAT}_fw_config.dts
diff --git a/plat/arm/common/arm_io_storage.c b/plat/arm/common/arm_io_storage.c
index 6fcfbd6..34b4101 100644
--- a/plat/arm/common/arm_io_storage.c
+++ b/plat/arm/common/arm_io_storage.c
@@ -4,8 +4,6 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <assert.h>
-
#include <common/debug.h>
#include <drivers/io/io_driver.h>
#include <drivers/io/io_fip.h>
@@ -116,8 +114,6 @@
int result;
const struct plat_io_policy *policy;
- assert(image_id < MAX_NUMBER_IDS);
-
policy = FCONF_GET_PROPERTY(arm, io_policies, image_id);
result = policy->check(policy->image_spec);
if (result == 0) {
diff --git a/plat/mediatek/mt6795/bl31.ld.S b/plat/mediatek/mt6795/bl31.ld.S
index 0fd3866..b061b91 100644
--- a/plat/mediatek/mt6795/bl31.ld.S
+++ b/plat/mediatek/mt6795/bl31.ld.S
@@ -6,7 +6,6 @@
#include <common/bl_common.ld.h>
#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <platform_def.h>
OUTPUT_FORMAT(PLATFORM_LINKER_FORMAT)
OUTPUT_ARCH(PLATFORM_LINKER_ARCH)
@@ -39,20 +38,7 @@
*(.text*)
*(.rodata*)
- /* Ensure 8-byte alignment for descriptors and ensure inclusion */
- . = ALIGN(8);
- __RT_SVC_DESCS_START__ = .;
- KEEP(*(rt_svc_descs))
- __RT_SVC_DESCS_END__ = .;
-
- /*
- * Ensure 8-byte alignment for cpu_ops so that its fields are also
- * aligned. Also ensure cpu_ops inclusion.
- */
- . = ALIGN(8);
- __CPU_OPS_START__ = .;
- KEEP(*(cpu_ops))
- __CPU_OPS_END__ = .;
+ RODATA_COMMON
__RO_END_UNALIGNED__ = .;
/*
@@ -94,41 +80,8 @@
__STACKS_END__ = .;
} >RAM
- /*
- * The .bss section gets initialised to 0 at runtime.
- * Its base address should be 16-byte aligned for better performance of the
- * zero-initialization code.
- */
- .bss (NOLOAD) : ALIGN(16) {
- __BSS_START__ = .;
- *(.bss*)
- *(COMMON)
-#if !USE_COHERENT_MEM
- /*
- * Bakery locks are stored in normal .bss memory
- *
- * Each lock's data is spread across multiple cache lines, one per CPU,
- * but multiple locks can share the same cache line.
- * The compiler will allocate enough memory for one CPU's bakery locks,
- * the remaining cache lines are allocated by the linker script
- */
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __BAKERY_LOCK_START__ = .;
- __PERCPU_BAKERY_LOCK_START__ = .;
- *(bakery_lock)
- . = ALIGN(CACHE_WRITEBACK_GRANULE);
- __PERCPU_BAKERY_LOCK_END__ = .;
- __PERCPU_BAKERY_LOCK_SIZE__ = ABSOLUTE(__PERCPU_BAKERY_LOCK_END__ - __PERCPU_BAKERY_LOCK_START__);
- . = . + (__PERCPU_BAKERY_LOCK_SIZE__ * (PLATFORM_CORE_COUNT - 1));
- __BAKERY_LOCK_END__ = .;
-#ifdef PLAT_PERCPU_BAKERY_LOCK_SIZE
- ASSERT(__PERCPU_BAKERY_LOCK_SIZE__ == PLAT_PERCPU_BAKERY_LOCK_SIZE,
- "PLAT_PERCPU_BAKERY_LOCK_SIZE does not match bakery lock requirements");
-#endif
-#endif
- __BSS_END__ = .;
- __RW_END__ = .;
- } >RAM
+ BSS_SECTION >RAM
+ __RW_END__ = __BSS_END__;
ASSERT(. <= BL31_LIMIT, "BL3-1 image has exceeded its limit.")
diff --git a/plat/nvidia/tegra/common/tegra_fiq_glue.c b/plat/nvidia/tegra/common/tegra_fiq_glue.c
index dee99fb..bb5add8 100644
--- a/plat/nvidia/tegra/common/tegra_fiq_glue.c
+++ b/plat/nvidia/tegra/common/tegra_fiq_glue.c
@@ -9,6 +9,7 @@
#include <arch_helpers.h>
#include <bl31/interrupt_mgmt.h>
+#include <bl31/ehf.h>
#include <common/bl_common.h>
#include <common/debug.h>
#include <context.h>
@@ -25,6 +26,15 @@
/* Legacy FIQ used by earlier Tegra platforms */
#define LEGACY_FIQ_PPI_WDT 28U
+/* Install priority level descriptors for each dispatcher */
+ehf_pri_desc_t plat_exceptions[] = {
+ EHF_PRI_DESC(PLAT_PRI_BITS, PLAT_TEGRA_WDT_PRIO),
+};
+
+/* Expose priority descriptors to Exception Handling Framework */
+EHF_REGISTER_PRIORITIES(plat_exceptions, ARRAY_SIZE(plat_exceptions),
+ PLAT_PRI_BITS);
+
/*******************************************************************************
* Static variables
******************************************************************************/
@@ -35,27 +45,18 @@
/*******************************************************************************
* Handler for FIQ interrupts
******************************************************************************/
-static uint64_t tegra_fiq_interrupt_handler(uint32_t id,
- uint32_t flags,
- void *handle,
- void *cookie)
+static int tegra_fiq_interrupt_handler(unsigned int id, unsigned int flags,
+ void *handle, void *cookie)
{
cpu_context_t *ctx = cm_get_context(NON_SECURE);
el3_state_t *el3state_ctx = get_el3state_ctx(ctx);
uint32_t cpu = plat_my_core_pos();
- uint32_t irq;
- (void)id;
(void)flags;
(void)handle;
(void)cookie;
/*
- * Read the pending interrupt ID
- */
- irq = plat_ic_get_pending_interrupt_id();
-
- /*
* Jump to NS world only if the NS world's FIQ handler has
* been registered
*/
@@ -90,7 +91,7 @@
* disable the routing so that we can mark it as "complete" in the
* GIC later.
*/
- if (irq == LEGACY_FIQ_PPI_WDT) {
+ if (id == LEGACY_FIQ_PPI_WDT) {
tegra_fc_disable_fiq_to_ccplex_routing();
}
#endif
@@ -98,10 +99,7 @@
/*
* Mark this interrupt as complete to avoid a FIQ storm.
*/
- if (irq < 1022U) {
- (void)plat_ic_acknowledge_interrupt();
- plat_ic_end_of_interrupt(irq);
- }
+ plat_ic_end_of_interrupt(id);
return 0;
}
@@ -111,23 +109,13 @@
******************************************************************************/
void tegra_fiq_handler_setup(void)
{
- uint32_t flags;
- int32_t rc;
-
/* return if already registered */
if (fiq_handler_active == 0U) {
/*
* Register an interrupt handler for FIQ interrupts generated for
* NS interrupt sources
*/
- flags = 0U;
- set_interrupt_rm_flag((flags), (NON_SECURE));
- rc = register_interrupt_type_handler(INTR_TYPE_EL3,
- tegra_fiq_interrupt_handler,
- flags);
- if (rc != 0) {
- panic();
- }
+ ehf_register_priority_handler(PLAT_TEGRA_WDT_PRIO, tegra_fiq_interrupt_handler);
/* handler is now active */
fiq_handler_active = 1;
diff --git a/plat/nvidia/tegra/include/platform_def.h b/plat/nvidia/tegra/include/platform_def.h
index 91a24ca..6bfad23 100644
--- a/plat/nvidia/tegra/include/platform_def.h
+++ b/plat/nvidia/tegra/include/platform_def.h
@@ -86,5 +86,10 @@
#define MAX_IO_DEVICES U(0)
#define MAX_IO_HANDLES U(0)
+/*******************************************************************************
+ * Platform macros to support exception handling framework
+ ******************************************************************************/
+#define PLAT_PRI_BITS U(3)
+#define PLAT_TEGRA_WDT_PRIO U(0x40)
#endif /* PLATFORM_DEF_H */
diff --git a/plat/nvidia/tegra/platform.mk b/plat/nvidia/tegra/platform.mk
index 8758820..e03e1f3 100644
--- a/plat/nvidia/tegra/platform.mk
+++ b/plat/nvidia/tegra/platform.mk
@@ -20,6 +20,10 @@
PLAT_XLAT_TABLES_DYNAMIC := 1
$(eval $(call add_define,PLAT_XLAT_TABLES_DYNAMIC))
+# Enable exception handling at EL3
+EL3_EXCEPTION_HANDLING := 1
+GICV2_G0_FOR_EL3 := 1
+
# Enable PSCI v1.0 extended state ID format
PSCI_EXTENDED_STATE_ID := 1
diff --git a/plat/nvidia/tegra/soc/t186/plat_setup.c b/plat/nvidia/tegra/soc/t186/plat_setup.c
index e5d0d01..1c7c25d 100644
--- a/plat/nvidia/tegra/soc/t186/plat_setup.c
+++ b/plat/nvidia/tegra/soc/t186/plat_setup.c
@@ -214,9 +214,9 @@
/* Secure IRQs for Tegra186 */
static const interrupt_prop_t tegra186_interrupt_props[] = {
- INTR_PROP_DESC(TEGRA186_TOP_WDT_IRQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA186_TOP_WDT_IRQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE),
- INTR_PROP_DESC(TEGRA186_AON_WDT_IRQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA186_AON_WDT_IRQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE)
};
diff --git a/plat/nvidia/tegra/soc/t194/plat_setup.c b/plat/nvidia/tegra/soc/t194/plat_setup.c
index 8255540..f90a69e 100644
--- a/plat/nvidia/tegra/soc/t194/plat_setup.c
+++ b/plat/nvidia/tegra/soc/t194/plat_setup.c
@@ -275,9 +275,9 @@
/* Secure IRQs for Tegra194 */
static const interrupt_prop_t tegra194_interrupt_props[] = {
- INTR_PROP_DESC(TEGRA194_TOP_WDT_IRQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA194_TOP_WDT_IRQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE),
- INTR_PROP_DESC(TEGRA194_AON_WDT_IRQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA194_AON_WDT_IRQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE)
};
diff --git a/plat/nvidia/tegra/soc/t210/plat_setup.c b/plat/nvidia/tegra/soc/t210/plat_setup.c
index 6d014bf..930eeac 100644
--- a/plat/nvidia/tegra/soc/t210/plat_setup.c
+++ b/plat/nvidia/tegra/soc/t210/plat_setup.c
@@ -179,9 +179,9 @@
/* Secure IRQs for Tegra186 */
static const interrupt_prop_t tegra210_interrupt_props[] = {
- INTR_PROP_DESC(TEGRA210_TIMER1_IRQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA210_TIMER1_IRQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE),
- INTR_PROP_DESC(TEGRA210_WDT_CPU_LEGACY_FIQ, GIC_HIGHEST_SEC_PRIORITY,
+ INTR_PROP_DESC(TEGRA210_WDT_CPU_LEGACY_FIQ, PLAT_TEGRA_WDT_PRIO,
GICV2_INTR_GROUP0, GIC_INTR_CFG_EDGE),
};
diff --git a/plat/rpi/rpi4/aarch64/plat_helpers.S b/plat/rpi/common/aarch64/plat_helpers.S
similarity index 74%
rename from plat/rpi/rpi4/aarch64/plat_helpers.S
rename to plat/rpi/common/aarch64/plat_helpers.S
index fac1b20..e21233a 100644
--- a/plat/rpi/rpi4/aarch64/plat_helpers.S
+++ b/plat/rpi/common/aarch64/plat_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +20,7 @@
.globl plat_reset_handler
.globl plat_rpi3_calc_core_pos
.globl plat_secondary_cold_boot_setup
+ .globl plat_rpi_get_model
/* -----------------------------------------------------
* unsigned int plat_my_core_pos(void)
@@ -56,27 +57,29 @@
func plat_is_my_cpu_primary
mrs x0, mpidr_el1
and x0, x0, #(MPIDR_CLUSTER_MASK | MPIDR_CPU_MASK)
- cmp x0, #RPI4_PRIMARY_CPU
+ cmp x0, #RPI_PRIMARY_CPU
cset w0, eq
ret
endfunc plat_is_my_cpu_primary
/* -----------------------------------------------------
- * void plat_secondary_cold_boot_setup (void);
+ * void plat_wait_for_warm_boot (void);
*
* This function performs any platform specific actions
- * needed for a secondary cpu after a cold reset e.g
- * mark the cpu's presence, mechanism to place it in a
- * holding pen etc.
+ * needed for a CPU to be put into holding pen to wait
+ * for a warm boot request.
+ * The function will never return.
* -----------------------------------------------------
*/
-func plat_secondary_cold_boot_setup
- /* Calculate address of our hold entry */
+func plat_wait_for_warm_boot
+ /*
+ * Calculate address of our hold entry.
+ * As the function will never return, there is no need to save LR.
+ */
bl plat_my_core_pos
lsl x0, x0, #3
mov_imm x2, PLAT_RPI3_TM_HOLD_BASE
add x0, x0, x2
-
/*
* This code runs way before requesting the warmboot of this core,
* so it is possible to clear the mailbox before getting a request
@@ -96,6 +99,19 @@
mov_imm x0, PLAT_RPI3_TM_ENTRYPOINT
ldr x1, [x0]
br x1
+endfunc plat_wait_for_warm_boot
+
+ /* -----------------------------------------------------
+ * void plat_secondary_cold_boot_setup (void);
+ *
+ * This function performs any platform specific actions
+ * needed for a secondary cpu after a cold reset e.g
+ * mark the cpu's presence, mechanism to place it in a
+ * holding pen etc.
+ * -----------------------------------------------------
+ */
+func plat_secondary_cold_boot_setup
+ b plat_wait_for_warm_boot
endfunc plat_secondary_cold_boot_setup
/* ---------------------------------------------------------------------
@@ -110,9 +126,24 @@
* ---------------------------------------------------------------------
*/
func plat_get_my_entrypoint
- /* TODO: support warm boot */
- mov x0, #0
- ret
+ mov x1, x30
+ bl plat_is_my_cpu_primary
+ /*
+ * Secondaries always cold boot.
+ */
+ cbz w0, 1f
+ /*
+ * Primaries warm boot if they are requested
+ * to power off.
+ */
+ mov_imm x0, PLAT_RPI3_TM_HOLD_BASE
+ ldr x0, [x0]
+ cmp x0, PLAT_RPI3_TM_HOLD_STATE_BSP_OFF
+ adr x0, plat_wait_for_warm_boot
+ csel x0, x0, xzr, eq
+ ret x1
+1: mov x0, #0
+ ret x1
endfunc plat_get_my_entrypoint
/* ---------------------------------------------
@@ -165,10 +196,37 @@
endfunc plat_crash_console_flush
/* ---------------------------------------------
+ * int plat_rpi_get_model()
+ * Macro to determine whether we are running on
+ * a Raspberry Pi 3 or 4. Just checks the MIDR for
+ * being either a Cortex-A72 or a Cortex-A53.
+ * Out : return 4 if RPi4, 3 otherwise.
+ * Clobber list : x0
+ * ---------------------------------------------
+ */
+ .macro _plat_rpi_get_model
+ mrs x0, midr_el1
+ and x0, x0, #0xf0 /* Isolate low byte of part number */
+ cmp w0, #0x80 /* Cortex-A72 (RPi4) is 0xd08, A53 is 0xd03 */
+ mov w0, #3
+ csinc w0, w0, w0, ne
+ .endm
+
+ func plat_rpi_get_model
+ _plat_rpi_get_model
+ ret
+ endfunc plat_rpi_get_model
+
+ /* ---------------------------------------------
* void plat_reset_handler(void);
* ---------------------------------------------
*/
func plat_reset_handler
+ /* L2 cache setup only needed on RPi4 */
+ _plat_rpi_get_model
+ cmp w0, #4
+ b.ne 1f
+
/* ------------------------------------------------
* Set L2 read/write cache latency:
* - L2 Data RAM latency: 3 cycles (0b010)
@@ -181,5 +239,6 @@
msr CORTEX_A72_L2CTLR_EL1, x0
isb
+1:
ret
endfunc plat_reset_handler
diff --git a/plat/rpi/common/include/rpi_shared.h b/plat/rpi/common/include/rpi_shared.h
index 6863438..ddf239e 100644
--- a/plat/rpi/common/include/rpi_shared.h
+++ b/plat/rpi/common/include/rpi_shared.h
@@ -36,4 +36,6 @@
/* VideoCore firmware commands */
int rpi3_vc_hardware_get_board_revision(uint32_t *revision);
+int plat_rpi_get_model(void);
+
#endif /* RPI3_PRIVATE_H */
diff --git a/plat/rpi/common/rpi3_pm.c b/plat/rpi/common/rpi3_pm.c
index 2a6bf07..86c61f7 100644
--- a/plat/rpi/common/rpi3_pm.c
+++ b/plat/rpi/common/rpi3_pm.c
@@ -140,11 +140,14 @@
{
int rc = PSCI_E_SUCCESS;
unsigned int pos = plat_core_pos_by_mpidr(mpidr);
- uint64_t *hold_base = (uint64_t *)PLAT_RPI3_TM_HOLD_BASE;
+ uintptr_t hold_base = PLAT_RPI3_TM_HOLD_BASE;
assert(pos < PLATFORM_CORE_COUNT);
- hold_base[pos] = PLAT_RPI3_TM_HOLD_STATE_GO;
+ hold_base += pos * PLAT_RPI3_TM_HOLD_ENTRY_SIZE;
+
+ mmio_write_64(hold_base, PLAT_RPI3_TM_HOLD_STATE_GO);
+ /* No cache maintenance here, hold_base is mapped as device memory. */
/* Make sure that the write has completed */
dsb();
@@ -171,6 +174,32 @@
#endif
}
+static void __dead2 rpi3_pwr_down_wfi(
+ const psci_power_state_t *target_state)
+{
+ uintptr_t hold_base = PLAT_RPI3_TM_HOLD_BASE;
+ unsigned int pos = plat_my_core_pos();
+
+ if (pos == 0) {
+ /*
+ * The secondaries will always be in a wait
+ * for warm boot on reset, but the BSP needs
+ * to be able to distinguish between waiting
+ * for warm boot (e.g. after psci_off, waiting
+ * for psci_on) and a cold boot.
+ */
+ mmio_write_64(hold_base, PLAT_RPI3_TM_HOLD_STATE_BSP_OFF);
+ /* No cache maintenance here, we run with caches off already. */
+ dsb();
+ isb();
+ }
+
+ write_rmr_el3(RMR_EL3_RR_BIT | RMR_EL3_AA64_BIT);
+
+ while (1)
+ ;
+}
+
/*******************************************************************************
* Platform handlers for system reset and system off.
******************************************************************************/
@@ -236,6 +265,7 @@
.pwr_domain_pwr_down_wfi = rpi3_pwr_domain_pwr_down_wfi,
.pwr_domain_on = rpi3_pwr_domain_on,
.pwr_domain_on_finish = rpi3_pwr_domain_on_finish,
+ .pwr_domain_pwr_down_wfi = rpi3_pwr_down_wfi,
.system_off = rpi3_system_off,
.system_reset = rpi3_system_reset,
.validate_power_state = rpi3_validate_power_state,
diff --git a/plat/rpi/rpi3/aarch64/plat_helpers.S b/plat/rpi/rpi3/aarch64/plat_helpers.S
deleted file mode 100644
index ab925b6..0000000
--- a/plat/rpi/rpi3/aarch64/plat_helpers.S
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <assert_macros.S>
-#include <platform_def.h>
-
- .globl plat_crash_console_flush
- .globl plat_crash_console_init
- .globl plat_crash_console_putc
- .globl platform_mem_init
- .globl plat_get_my_entrypoint
- .globl plat_is_my_cpu_primary
- .globl plat_my_core_pos
- .globl plat_rpi3_calc_core_pos
- .globl plat_secondary_cold_boot_setup
-
- /* -----------------------------------------------------
- * unsigned int plat_my_core_pos(void)
- *
- * This function uses the plat_rpi3_calc_core_pos()
- * definition to get the index of the calling CPU.
- * -----------------------------------------------------
- */
-func plat_my_core_pos
- mrs x0, mpidr_el1
- b plat_rpi3_calc_core_pos
-endfunc plat_my_core_pos
-
- /* -----------------------------------------------------
- * unsigned int plat_rpi3_calc_core_pos(u_register_t mpidr);
- *
- * CorePos = (ClusterId * 4) + CoreId
- * -----------------------------------------------------
- */
-func plat_rpi3_calc_core_pos
- and x1, x0, #MPIDR_CPU_MASK
- and x0, x0, #MPIDR_CLUSTER_MASK
- add x0, x1, x0, LSR #6
- ret
-endfunc plat_rpi3_calc_core_pos
-
- /* -----------------------------------------------------
- * unsigned int plat_is_my_cpu_primary (void);
- *
- * Find out whether the current cpu is the primary
- * cpu.
- * -----------------------------------------------------
- */
-func plat_is_my_cpu_primary
- mrs x0, mpidr_el1
- and x0, x0, #(MPIDR_CLUSTER_MASK | MPIDR_CPU_MASK)
- cmp x0, #RPI3_PRIMARY_CPU
- cset w0, eq
- ret
-endfunc plat_is_my_cpu_primary
-
- /* -----------------------------------------------------
- * void plat_secondary_cold_boot_setup (void);
- *
- * This function performs any platform specific actions
- * needed for a secondary cpu after a cold reset e.g
- * mark the cpu's presence, mechanism to place it in a
- * holding pen etc.
- * -----------------------------------------------------
- */
-func plat_secondary_cold_boot_setup
- /* Calculate address of our hold entry */
- bl plat_my_core_pos
- lsl x0, x0, #3
- mov_imm x2, PLAT_RPI3_TM_HOLD_BASE
- add x0, x0, x2
-
- /*
- * This code runs way before requesting the warmboot of this core,
- * so it is possible to clear the mailbox before getting a request
- * to boot.
- */
- mov x1, PLAT_RPI3_TM_HOLD_STATE_WAIT
- str x1,[x0]
-
- /* Wait until we have a go */
-poll_mailbox:
- wfe
- ldr x1, [x0]
- cmp x1, PLAT_RPI3_TM_HOLD_STATE_GO
- bne poll_mailbox
-
- /* Jump to the provided entrypoint */
- mov_imm x0, PLAT_RPI3_TM_ENTRYPOINT
- ldr x1, [x0]
- br x1
-endfunc plat_secondary_cold_boot_setup
-
- /* ---------------------------------------------------------------------
- * uintptr_t plat_get_my_entrypoint (void);
- *
- * Main job of this routine is to distinguish between a cold and a warm
- * boot.
- *
- * This functions returns:
- * - 0 for a cold boot.
- * - Any other value for a warm boot.
- * ---------------------------------------------------------------------
- */
-func plat_get_my_entrypoint
- /* TODO: support warm boot */
- mov x0, #0
- ret
-endfunc plat_get_my_entrypoint
-
- /* ---------------------------------------------
- * void platform_mem_init (void);
- *
- * No need to carry out any memory initialization.
- * ---------------------------------------------
- */
-func platform_mem_init
- ret
-endfunc platform_mem_init
-
- /* ---------------------------------------------
- * int plat_crash_console_init(void)
- * Function to initialize the crash console
- * without a C Runtime to print crash report.
- * Clobber list : x0 - x3
- * ---------------------------------------------
- */
-func plat_crash_console_init
- mov_imm x0, PLAT_RPI_MINI_UART_BASE
- mov x1, xzr
- mov x2, xzr
- b console_16550_core_init
-endfunc plat_crash_console_init
-
- /* ---------------------------------------------
- * int plat_crash_console_putc(int c)
- * Function to print a character on the crash
- * console without a C Runtime.
- * Clobber list : x1, x2
- * ---------------------------------------------
- */
-func plat_crash_console_putc
- mov_imm x1, PLAT_RPI_MINI_UART_BASE
- b console_16550_core_putc
-endfunc plat_crash_console_putc
-
- /* ---------------------------------------------
- * int plat_crash_console_flush()
- * Function to force a write of all buffered
- * data that hasn't been output.
- * Out : return -1 on error else return 0.
- * Clobber list : x0, x1
- * ---------------------------------------------
- */
-func plat_crash_console_flush
- mov_imm x0, PLAT_RPI_MINI_UART_BASE
- b console_16550_core_flush
-endfunc plat_crash_console_flush
diff --git a/plat/rpi/rpi3/include/platform_def.h b/plat/rpi/rpi3/include/platform_def.h
index 9cacd99..f44d1f5 100644
--- a/plat/rpi/rpi3/include/platform_def.h
+++ b/plat/rpi/rpi3/include/platform_def.h
@@ -24,7 +24,7 @@
#define PLATFORM_CLUSTER0_CORE_COUNT PLATFORM_MAX_CPUS_PER_CLUSTER
#define PLATFORM_CORE_COUNT PLATFORM_CLUSTER0_CORE_COUNT
-#define RPI3_PRIMARY_CPU U(0)
+#define RPI_PRIMARY_CPU U(0)
#define PLAT_MAX_PWR_LVL MPIDR_AFFLVL1
#define PLAT_NUM_PWR_DOMAINS (PLATFORM_CLUSTER_COUNT + \
@@ -153,6 +153,7 @@
#define PLAT_RPI3_TM_HOLD_STATE_WAIT ULL(0)
#define PLAT_RPI3_TM_HOLD_STATE_GO ULL(1)
+#define PLAT_RPI3_TM_HOLD_STATE_BSP_OFF ULL(2)
/*
* BL1 specific defines.
diff --git a/plat/rpi/rpi3/platform.mk b/plat/rpi/rpi3/platform.mk
index a5b8904..bcfc34e 100644
--- a/plat/rpi/rpi3/platform.mk
+++ b/plat/rpi/rpi3/platform.mk
@@ -15,6 +15,7 @@
drivers/gpio/gpio.c \
drivers/delay_timer/delay_timer.c \
drivers/rpi3/gpio/rpi3_gpio.c \
+ plat/rpi/common/aarch64/plat_helpers.S \
plat/rpi/common/rpi3_common.c \
${XLAT_TABLES_LIB_SRCS}
@@ -23,7 +24,6 @@
drivers/io/io_storage.c \
lib/cpus/aarch64/cortex_a53.S \
plat/common/aarch64/platform_mp_stack.S \
- plat/rpi/rpi3/aarch64/plat_helpers.S \
plat/rpi/rpi3/rpi3_bl1_setup.c \
plat/rpi/common/rpi3_io_storage.c \
drivers/rpi3/mailbox/rpi3_mbox.c \
@@ -38,7 +38,6 @@
drivers/mmc/mmc.c \
drivers/rpi3/sdhost/rpi3_sdhost.c \
plat/common/aarch64/platform_mp_stack.S \
- plat/rpi/rpi3/aarch64/plat_helpers.S \
plat/rpi/rpi3/aarch64/rpi3_bl2_mem_params_desc.c \
plat/rpi/rpi3/rpi3_bl2_setup.c \
plat/rpi/common/rpi3_image_load.c \
@@ -46,7 +45,6 @@
BL31_SOURCES += lib/cpus/aarch64/cortex_a53.S \
plat/common/plat_psci_common.c \
- plat/rpi/rpi3/aarch64/plat_helpers.S \
plat/rpi/rpi3/rpi3_bl31_setup.c \
plat/rpi/common/rpi3_pm.c \
plat/rpi/common/rpi3_topology.c \
diff --git a/plat/rpi/rpi4/include/platform_def.h b/plat/rpi/rpi4/include/platform_def.h
index 6f6bbbe..6787ebf 100644
--- a/plat/rpi/rpi4/include/platform_def.h
+++ b/plat/rpi/rpi4/include/platform_def.h
@@ -24,7 +24,7 @@
#define PLATFORM_CLUSTER0_CORE_COUNT PLATFORM_MAX_CPUS_PER_CLUSTER
#define PLATFORM_CORE_COUNT PLATFORM_CLUSTER0_CORE_COUNT
-#define RPI4_PRIMARY_CPU U(0)
+#define RPI_PRIMARY_CPU U(0)
#define PLAT_MAX_PWR_LVL MPIDR_AFFLVL1
#define PLAT_NUM_PWR_DOMAINS (PLATFORM_CLUSTER_COUNT + \
@@ -93,6 +93,7 @@
#define PLAT_RPI3_TM_HOLD_STATE_WAIT ULL(0)
#define PLAT_RPI3_TM_HOLD_STATE_GO ULL(1)
+#define PLAT_RPI3_TM_HOLD_STATE_BSP_OFF ULL(2)
/*
* BL31 specific defines.
diff --git a/plat/rpi/rpi4/platform.mk b/plat/rpi/rpi4/platform.mk
index 49e78df..0744bce 100644
--- a/plat/rpi/rpi4/platform.mk
+++ b/plat/rpi/rpi4/platform.mk
@@ -16,7 +16,7 @@
${XLAT_TABLES_LIB_SRCS}
BL31_SOURCES += lib/cpus/aarch64/cortex_a72.S \
- plat/rpi/rpi4/aarch64/plat_helpers.S \
+ plat/rpi/common/aarch64/plat_helpers.S \
plat/rpi/rpi4/aarch64/armstub8_header.S \
drivers/arm/gic/common/gic_common.c \
drivers/arm/gic/v2/gicv2_helpers.c \
diff --git a/plat/socionext/uniphier/include/platform_def.h b/plat/socionext/uniphier/include/platform_def.h
index 7c6341d..b23386d 100644
--- a/plat/socionext/uniphier/include/platform_def.h
+++ b/plat/socionext/uniphier/include/platform_def.h
@@ -62,7 +62,6 @@
#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
-#define PLAT_XLAT_TABLES_DYNAMIC 1
#define MAX_XLAT_TABLES 9
#define MAX_MMAP_REGIONS 13
diff --git a/plat/socionext/uniphier/platform.mk b/plat/socionext/uniphier/platform.mk
index 0fcef1d..2c0ed92 100644
--- a/plat/socionext/uniphier/platform.mk
+++ b/plat/socionext/uniphier/platform.mk
@@ -14,6 +14,16 @@
# UNIPHIER_MEM_BASE so that all TF images are loaded at their link addresses.
override ENABLE_PIE := 1
+ALLOW_RO_XLAT_TABLES := 1
+
+ifeq ($(ALLOW_RO_XLAT_TABLES),1)
+BL31_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
+BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
+endif
+
+# The dynamic xlat table is only used in BL2
+BL2_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
+
# Cortex-A53 revision r0p4-51rel0
# needed for LD20, unneeded for LD11, PXs3 (no ACE)
ERRATA_A53_855873 := 1
diff --git a/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c b/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
index 091a6f7..4bbb259 100644
--- a/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
+++ b/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
@@ -9,7 +9,6 @@
#include <platform_def.h>
#include <common/bl_common.h>
-#include <lib/xlat_tables/xlat_mmu_helpers.h>
#include <plat/common/platform.h>
#include "../uniphier.h"
@@ -32,5 +31,4 @@
void tsp_plat_arch_setup(void)
{
uniphier_mmap_setup(uniphier_soc);
- enable_mmu_el1(0);
}
diff --git a/plat/socionext/uniphier/uniphier_bl2_setup.c b/plat/socionext/uniphier/uniphier_bl2_setup.c
index 7a7f786..679f14d 100644
--- a/plat/socionext/uniphier/uniphier_bl2_setup.c
+++ b/plat/socionext/uniphier/uniphier_bl2_setup.c
@@ -44,7 +44,6 @@
int ret;
uniphier_mmap_setup(uniphier_soc);
- enable_mmu_el3(0);
/* add relocation offset (run-time-address - link-address) */
uniphier_mem_base += BL_CODE_BASE - BL2_BASE;
diff --git a/plat/socionext/uniphier/uniphier_bl31_setup.c b/plat/socionext/uniphier/uniphier_bl31_setup.c
index f2f0b29..c2baebd 100644
--- a/plat/socionext/uniphier/uniphier_bl31_setup.c
+++ b/plat/socionext/uniphier/uniphier_bl31_setup.c
@@ -14,7 +14,6 @@
#include <common/debug.h>
#include <drivers/console.h>
#include <lib/mmio.h>
-#include <lib/xlat_tables/xlat_mmu_helpers.h>
#include <plat/common/platform.h>
#include "uniphier.h"
@@ -87,5 +86,4 @@
void bl31_plat_arch_setup(void)
{
uniphier_mmap_setup(uniphier_soc);
- enable_mmu_el3(0);
}
diff --git a/plat/socionext/uniphier/uniphier_xlat_setup.c b/plat/socionext/uniphier/uniphier_xlat_setup.c
index 66c7834..5043f4b 100644
--- a/plat/socionext/uniphier/uniphier_xlat_setup.c
+++ b/plat/socionext/uniphier/uniphier_xlat_setup.c
@@ -10,6 +10,7 @@
#include <common/debug.h>
#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <plat/common/platform.h>
#include "uniphier.h"
@@ -63,4 +64,18 @@
MT_DEVICE | MT_RW | MT_SECURE);
init_xlat_tables();
+
+ enable_mmu(0);
+
+#if PLAT_RO_XLAT_TABLES
+ {
+ int ret;
+
+ ret = xlat_make_tables_readonly();
+ if (ret) {
+ ERROR("Failed to make translation tables read-only.");
+ plat_error_handler(ret);
+ }
+ }
+#endif
}