Merge "refactor(trng): cleanup the existing TRNG support" into integration
diff --git a/Makefile b/Makefile
index 6d836e8..70d5338 100644
--- a/Makefile
+++ b/Makefile
@@ -278,7 +278,7 @@
TF_CFLAGS_aarch64 := -target aarch64-arm-none-eabi $(march64-directive)
LD := $(LINKER)
else
- TF_CFLAGS_aarch32 := $(target32-directive) $(march32-directive)
+ TF_CFLAGS_aarch32 = $(target32-directive) $(march32-directive)
TF_CFLAGS_aarch64 := -target aarch64-elf $(march64-directive)
LD := $(shell $(CC) --print-prog-name ld.lld)
diff --git a/bl1/bl1.ld.S b/bl1/bl1.ld.S
index bc23828..c4ec5fe 100644
--- a/bl1/bl1.ld.S
+++ b/bl1/bl1.ld.S
@@ -38,16 +38,16 @@
*(.vectors)
. = ALIGN(PAGE_SIZE);
__TEXT_END__ = .;
- } >ROM
+ } >ROM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
- .ARM.extab . : {
+ /* .ARM.extab and .ARM.exidx are only added because Clang need them */
+ .ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
- } >ROM
+ } >ROM
- .ARM.exidx . : {
+ .ARM.exidx . : {
*(.ARM.exidx* .gnu.linkonce.armexidx.*)
- } >ROM
+ } >ROM
.rodata . : {
__RODATA_START__ = .;
diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S
index d332ec0..80cf7db 100644
--- a/bl2/bl2.ld.S
+++ b/bl2/bl2.ld.S
@@ -34,16 +34,16 @@
*(.vectors)
. = ALIGN(PAGE_SIZE);
__TEXT_END__ = .;
- } >RAM
+ } >RAM
- /* .ARM.extab and .ARM.exidx are only added because Clang need them */
- .ARM.extab . : {
+ /* .ARM.extab and .ARM.exidx are only added because Clang need them */
+ .ARM.extab . : {
*(.ARM.extab* .gnu.linkonce.armextab.*)
- } >RAM
+ } >RAM
- .ARM.exidx . : {
+ .ARM.exidx . : {
*(.ARM.exidx* .gnu.linkonce.armexidx.*)
- } >RAM
+ } >RAM
.rodata . : {
__RODATA_START__ = .;
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index bf5bd8d..0283553 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -512,7 +512,7 @@
/*
* Shift copied SCR_EL3.NSE bit by 5 to create space for
- * SCR_EL3.NS bit. Bit 5 of the flag correspondes to
+ * SCR_EL3.NS bit. Bit 5 of the flag corresponds to
* the SCR_EL3.NSE bit.
*/
lsl x7, x7, #5
@@ -521,6 +521,16 @@
/* Copy SCR_EL3.NS bit to the flag to indicate caller's security */
bfi x7, x18, #0, #1
+ /*
+ * Per SMCCCv1.3 a caller can set the SVE hint bit in the SMC FID
+ * passed through x0. Copy the SVE hint bit to flags and mask the
+ * bit in smc_fid passed to the standard service dispatcher.
+ * A service/dispatcher can retrieve the SVE hint bit state from
+ * flags using the appropriate helper.
+ */
+ bfi x7, x0, #FUNCID_SVE_HINT_SHIFT, #FUNCID_SVE_HINT_MASK
+ bic x0, x0, #(FUNCID_SVE_HINT_MASK << FUNCID_SVE_HINT_SHIFT)
+
mov sp, x12
/* Get the unique owning entity number */
diff --git a/changelog.yaml b/changelog.yaml
index 83be618..cfb2bb5 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -89,18 +89,42 @@
- title: Activity Monitors Extension (FEAT_AMU)
scope: amu
+ - title: Branch Record Buffer Extension (FEAT_BRBE)
+ scope: brbe
+
+ - title: Branch Target Identification Extension
+ scope: bti
+
- title: Confidential Compute Architecture (CCA)
scope: cca
+ - title: Extended Cache Index (FEAT_CCIDX)
+ scope: ccidx
+
- title: Support for the `HCRX_EL2` register (FEAT_HCX)
scope: hcx
- title: Memory Partitioning and Monitoring (MPAM) Extension (FEAT_MPAM)
scope: mpam
+ - title: Memory Tagging Extension
+ scope: mte
+
+ - title: Pointer Authentication Extension
+ scope: pauth
+
+ - title: Performance Monitors Extension (FEAT_PMUv3)
+ scope: pmu
+
+ - title: Trapping support for RNDR/RNDRRS (FEAT_RNG_TRAP)
+ scope: rng-trap
+
- title: Scalable Matrix Extension (FEAT_SME)
scope: sme
+ - title: Statistical profiling Extension (FEAT_SPE)
+ scope: spe
+
- title: Scalable Vector Extension (FEAT_SVE)
scope: sve
@@ -116,21 +140,6 @@
- title: Self-hosted Trace Extensions (FEAT_TRF)
scope: trf
- - title: Statistical profiling Extension (FEAT_SPE)
- scope: spe
-
- - title: Branch Record Buffer Extension (FEAT_BRBE)
- scope: brbe
-
- - title: Extended Cache Index (FEAT_CCIDX)
- scope: ccidx
-
- - title: Trapping support for RNDR/RNDRRS (FEAT_RNG_TRAP)
- scope: rng-trap
-
- - title: Performance Monitors Extension (FEAT_PMUv3)
- scope: pmu
-
- title: Platforms
subsections:
@@ -147,6 +156,12 @@
- plat/arm
subsections:
+ - title: CSS
+ scope: css
+
+ deprecated:
+ - plat/arm/css
+
- title: FPGA
scope: fpga
@@ -160,6 +175,7 @@
deprecated:
- plat/fvp
+ - fvp/tsp_manifest
- title: FVP-R
scope: fvp-r
@@ -167,6 +183,9 @@
deprecated:
- fvp_r
+ - title: FVP Versatile Express
+ scope: fvp_ve
+
- title: Juno
scope: juno
@@ -209,6 +228,16 @@
- title: Broadcom
scope: brcm
+ - title: HiSilicon
+ scope: hisilicon
+
+ subsections:
+ - title: HiKey
+ scope: hikey
+
+ - title: HiKey960
+ scope: hikey960
+
- title: Intel
scope: intel
@@ -256,6 +285,16 @@
deprecated:
- plat/mediatek/mt8183
+ - title: MT8186
+ scope: mt8186
+
+ deprecated:
+ - plat/mediatek/mt8186
+ - mt8186-emi-mpu
+
+ - title: MT8188
+ scope: mt8188
+
- title: MT8192
scope: mt8192
@@ -270,12 +309,6 @@
- plat/mediatek/mt8195
- plat/mdeiatek/mt8195
- - title: MT8186
- scope: mt8186
-
- deprecated:
- - plat/mediatek/mt8186
-
- title: NVIDIA
scope: nvidia
@@ -426,6 +459,9 @@
- title: QTI
scope: qti
+ deprecated:
+ - plat/qti
+
subsections:
- title: SC1780
scope: sc7180
@@ -446,6 +482,9 @@
scope: rpi
subsections:
+ - title: Raspberry Pi 3
+ scope: rpi3
+
- title: Raspberry Pi 4
scope: rpi4
@@ -514,6 +553,9 @@
- title: K3
scope: k3
+ deprecated:
+ - ti-k3
+
- title: Xilinx
scope: xilinx
@@ -529,6 +571,13 @@
- plat/xilinx/versal
- plat/versal
+ subsections:
+ - title: Versal NET
+ scope: versal-net
+
+ deprecated:
+ - versal_net
+
- title: ZynqMP
scope: zynqmp
@@ -572,6 +621,9 @@
- title: RME
scope: rme
+ deprecated:
+ - rme/fid
+
subsections:
- title: TRP
scope: trp
@@ -586,6 +638,9 @@
- title: EL3 SPMC
scope: el3-spmc
+ deprecated:
+ - spmc
+
- title: SPMD
scope: spmd
@@ -619,6 +674,9 @@
- title: Context Management
scope: cm
+ - title: RAS
+ scope: ras
+
- title: FCONF
scope: fconf
@@ -655,8 +713,14 @@
- title: PSA
scope: psa
+ deprecated:
+ - lib/psa
+
- title: Context Management
- scope: context mgmt
+ scope: context-mgmt
+
+ deprecated:
+ - context mgmt
- title: Semihosting
scope: semihosting
@@ -738,6 +802,7 @@
deprecated:
- scmi_common
- drivers/scmi-msg
+ - scmi-msg
- title: UFS
scope: ufs
@@ -759,7 +824,13 @@
- title: GICv3
scope: gicv3
+ deprecated:
+ - gicv3/multichip
+
subsections:
+ - title: GIC-600
+ scope: gic600
+
- title: GIC-600AE
scope: gic600ae
@@ -1174,6 +1245,9 @@
- title: Certificate Creation Tool
scope: cert-create
+ deprecated:
+ - cert_create
+
- title: Dependencies
scope: deps
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index a980ed9..bbb8b18 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -631,6 +631,8 @@
:|G|: `lachitp`_
:|M|: Sreevyshanavi Kare <skare@codeaurora.org>
:|G|: `sreekare`_
+:|M|: Muhammad Arsath K F <quic_mkf@quicinc.com>
+:|G|: `quic_mkf`_
:|M|: QTI TF Maintainers <qti.trustedfirmware.maintainers@codeaurora.org>
:|F|: docs/plat/qti.rst
:|F|: plat/qti/
@@ -878,6 +880,7 @@
.. _niej: https://github.com/niej
.. _npoushin: https://github.com/npoushin
.. _prabhakarlad: https://github.com/prabhakarlad
+.. _quic_mkf: https://github.com/quicmkf
.. _remi-triplefault: https://github.com/repk
.. _rockchip-linux: https://github.com/rockchip-linux
.. _sandrine-bailleux-arm: https://github.com/sandrine-bailleux-arm
diff --git a/docs/components/realm-management-extension.rst b/docs/components/realm-management-extension.rst
index ea921fc..6fc0c2e 100644
--- a/docs/components/realm-management-extension.rst
+++ b/docs/components/realm-management-extension.rst
@@ -95,66 +95,218 @@
This section describes how you can build and run TF-A with RME enabled.
We assume you have all the :ref:`Prerequisites` to build TF-A.
-To enable RME, you need to set the ENABLE_RME build flag when building
-TF-A. Currently, this feature is only supported for the FVP platform.
-
The following instructions show you how to build and run TF-A with RME
-for two scenarios: TF-A with TF-A Tests, and four-world execution with
-Hafnium and TF-A Tests. The instructions assume you have already obtained
-TF-A. You can use the following command to clone TF-A.
+for two scenarios:
-.. code:: shell
+- Three-world execution: TF-A with TF-A Tests or Linux.
- git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
+ - NS (TF-A Test or Linux),
+ - Root (TF-A)
+ - Realm (RMM or TRP)
+
+- Four-world execution: TF-A, Hafnium and TF-A Tests or Linux.
+
+ - NS (TF-A Test or Linux),
+ - Root (TF-A)
+ - Realm (RMM or TRP)
+ - SPM (Hafnium)
To run the tests, you need an FVP model. Please use the :ref:`latest version
<Arm Fixed Virtual Platforms (FVP)>` of *FVP_Base_RevC-2xAEMvA* model.
-.. note::
+Three World Testing with TF-A Tests
+*************************************
- ENABLE_RME build option is currently experimental.
+**1. Obtain and build TF-A Tests with Realm Payload**
-Building TF-A with TF-A Tests
-********************************************
+The full set of instructions to setup build host and build options for
+TF-A-Tests can be found in the `TFTF Getting Started`_.
+
Use the following instructions to build TF-A with `TF-A Tests`_ as the
non-secure payload (BL33).
-**1. Obtain and build TF-A Tests**
-
.. code:: shell
git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git
cd tf-a-tests
- make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 all pack_realm
-This produces a TF-A Tests binary (*tftf.bin*) in the *build/fvp/debug* directory.
+This produces a TF-A Tests binary (**tftf.bin**) with Realm payload packaged
+and **sp_layout.json** in the **build/fvp/debug** directory.
-**2. Build TF-A**
+**2. Obtain and build RMM Image**
+
+Please refer to the `RMM Getting Started`_ on how to setup
+Host Environment and build RMM.
+
+The below command shows how to build RMM using the default build options for FVP.
.. code:: shell
+ git clone --recursive https://git.trustedfirmware.org/TF-RMM/tf-rmm.git
+ cd tf-rmm
+ cmake -DRMM_CONFIG=fvp_defcfg -S . -B build
+ cmake --build build
+
+This will generate **rmm.img** in **build** folder.
+
+**3. Build TF-A**
+
+The `TF-A Getting Started`_ has the necessary instructions to setup Host
+machine and build TF-A.
+
+To build for RME, set ``ENABLE_RME`` build option to 1 and provide the path to
+the RMM binary using the ``RMM`` build option.
+Currently, this feature is only supported for the FVP platform.
+
+.. note::
+
+ ENABLE_RME build option is currently experimental.
+
+If the ``RMM`` option is not used, then the Test Realm Payload (TRP) in TF-A
+will be built and used as the RMM.
+
+.. code:: shell
+
+ git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
cd trusted-firmware-a
make CROSS_COMPILE=aarch64-none-elf- \
PLAT=fvp \
ENABLE_RME=1 \
+ RMM=<path/to/rmm.img> \
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
DEBUG=1 \
BL33=<path/to/tftf.bin> \
all fip
+This produces **bl1.bin** and **fip.bin** binaries in the **build/fvp/debug** directory.
+
+Running the tests for a 3 world FVP setup
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Use the following command to run the tests on FVP. TF-A Tests should boot
+and run the default tests including Realm world tests.
+
+.. code:: shell
+
+ FVP_Base_RevC-2xAEMvA \
+ -C bp.refcounter.non_arch_start_at_default=1 \
+ -C bp.secureflashloader.fname=<path/to/bl1.bin> \
+ -C bp.flashloader0.fname=<path/to/fip.bin> \
+ -C bp.refcounter.use_real_time=0 \
+ -C bp.ve_sysregs.exit_on_shutdown=1 \
+ -C cache_state_modelled=1 \
+ -C bp.dram_size=2 \
+ -C bp.secure_memory=1 \
+ -C pci.pci_smmuv3.mmu.SMMU_ROOT_IDR0=3 \
+ -C pci.pci_smmuv3.mmu.SMMU_ROOT_IIDR=0x43B \
+ -C pci.pci_smmuv3.mmu.root_register_page_offset=0x20000 \
+ -C cluster0.NUM_CORES=4 \
+ -C cluster0.PA_SIZE=48 \
+ -C cluster0.ecv_support_level=2 \
+ -C cluster0.gicv3.cpuintf-mmap-access-level=2 \
+ -C cluster0.gicv3.without-DS-support=1 \
+ -C cluster0.gicv4.mask-virtual-interrupt=1 \
+ -C cluster0.has_arm_v8-6=1 \
+ -C cluster0.has_amu=1 \
+ -C cluster0.has_branch_target_exception=1 \
+ -C cluster0.rme_support_level=2 \
+ -C cluster0.has_rndr=1 \
+ -C cluster0.has_v8_7_pmu_extension=2 \
+ -C cluster0.max_32bit_el=-1 \
+ -C cluster0.stage12_tlb_size=1024 \
+ -C cluster0.check_memory_attributes=0 \
+ -C cluster0.ish_is_osh=1 \
+ -C cluster0.restriction_on_speculative_execution=2 \
+ -C cluster0.restriction_on_speculative_execution_aarch32=2 \
+ -C cluster1.NUM_CORES=4 \
+ -C cluster1.PA_SIZE=48 \
+ -C cluster1.ecv_support_level=2 \
+ -C cluster1.gicv3.cpuintf-mmap-access-level=2 \
+ -C cluster1.gicv3.without-DS-support=1 \
+ -C cluster1.gicv4.mask-virtual-interrupt=1 \
+ -C cluster1.has_arm_v8-6=1 \
+ -C cluster1.has_amu=1 \
+ -C cluster1.has_branch_target_exception=1 \
+ -C cluster1.rme_support_level=2 \
+ -C cluster1.has_rndr=1 \
+ -C cluster1.has_v8_7_pmu_extension=2 \
+ -C cluster1.max_32bit_el=-1 \
+ -C cluster1.stage12_tlb_size=1024 \
+ -C cluster1.check_memory_attributes=0 \
+ -C cluster1.ish_is_osh=1 \
+ -C cluster1.restriction_on_speculative_execution=2 \
+ -C cluster1.restriction_on_speculative_execution_aarch32=2 \
+ -C pctl.startup=0.0.0.0 \
+ -C bp.smsc_91c111.enabled=1 \
+ -C bp.hostbridge.userNetworking=1
+
+The bottom of the output from *uart0* should look something like the following.
+
+.. code-block:: shell
+
+ ...
+
+ > Test suite 'FF-A Interrupt'
+ Passed
+ > Test suite 'SMMUv3 tests'
+ Passed
+ > Test suite 'PMU Leakage'
+ Passed
+ > Test suite 'DebugFS'
+ Passed
+ > Test suite 'RMI and SPM tests'
+ Passed
+ > Test suite 'Realm payload at EL1'
+ Passed
+ > Test suite 'Invalid memory access'
+ Passed
+ ...
+
+Building TF-A with RME enabled Linux Kernel
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If an RME enabled Linux kernel and filesystem is available for testing,
+and a suitable NS boot loader is not available, then this option can be used to
+launch kernel directly after BL31:
+
+.. code-block:: shell
+
+ cd trusted-firmware-a
+ make CROSS_COMPILE=aarch64-none-elf- \
+ PLAT=fvp \
+ ENABLE_RME=1 \
+ RMM=<path/to/rmm.img> \
+ FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
+ DEBUG=1 \
+ ARM_LINUX_KERNEL_AS_BL33=1 \
+ PRELOADED_BL33_BASE=0x84000000 \
+ all fip
+
+Boot and run the RME enabled Linux Kernel
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Use the following additional arguments to boot the kernel on FVP.
+
+.. code-block:: shell
+
+ --data cluster0.cpu0=<path_to_kernel_Image>@0x84000000 \
+ -C bp.virtioblockdevice.image_path=<path_to_rootfs.ext4>
+
-This produces *bl1.bin* and *fip.bin* binaries in the *build/fvp/debug* directory.
-The above command also builds TRP. The TRP binary is packaged in *fip.bin*.
+.. tip::
+
+ Set the FVP option `cache_state_modelled=0` to run Linux based tests much faster.
Four-world execution with Hafnium and TF-A Tests
-****************************************************
-Four-world execution involves software components at each security state: root,
+*************************************************
+
+Four-world execution involves software components in each security state: root,
secure, realm and non-secure. This section describes how to build TF-A
-with four-world support. We use TF-A as the root firmware, `Hafnium`_ as the
-secure component, TRP as the realm-world firmware and TF-A Tests as the
-non-secure payload.
+with four-world support.
-Before building TF-A, you first need to build the other software components.
-You can find instructions on how to get and build TF-A Tests above.
+We use TF-A as the root firmware, `Hafnium SPM`_ is the reference Secure world component
+and the software components for the other 2 worlds (Realm and Non-Secure)
+are as described in the previous section.
**1. Obtain and build Hafnium**
@@ -164,6 +316,27 @@
cd hafnium
# Use the default prebuilt LLVM/clang toolchain
PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH
+
+Feature MTE needs to be disabled in Hafnium build, apply following patch to
+project/reference submodule
+
+.. code:: diff
+
+ diff --git a/BUILD.gn b/BUILD.gn
+ index cc6a78f..234b20a 100644
+ --- a/BUILD.gn
+ +++ b/BUILD.gn
+ @@ -83,7 +83,6 @@ aarch64_toolchains("secure_aem_v8a_fvp") {
+ pl011_base_address = "0x1c090000"
+ smmu_base_address = "0x2b400000"
+ smmu_memory_size = "0x100000"
+ - enable_mte = "1"
+ plat_log_level = "LOG_LEVEL_INFO"
+ }
+ }
+
+.. code:: shell
+
make PROJECT=reference
The Hafnium binary should be located at
@@ -173,6 +346,8 @@
Build TF-A with RME as well as SPM enabled.
+Use sp_layout.json previously generated in tf-a-test build.
+
.. code:: shell
make CROSS_COMPILE=aarch64-none-elf- \
@@ -184,92 +359,33 @@
BRANCH_PROTECTION=1 \
CTX_INCLUDE_PAUTH_REGS=1 \
DEBUG=1 \
- SP_LAYOUT_FILE=<path/to/tf-a-tests>/build/fvp/debug/sp_layout.json> \
+ SP_LAYOUT_FILE=<path/to/sp_layout.json> \
BL32=<path/to/hafnium.bin> \
BL33=<path/to/tftf.bin> \
+ RMM=<path/to/rmm.img> \
all fip
-Running the tests
-*********************
-Use the following command to run the tests on FVP. TF-A Tests should boot
-and run the default tests including RME tests.
+Running the tests for a 4 world FVP setup
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-.. code:: shell
-
- FVP_Base_RevC-2xAEMvA \
- -C bp.flashloader0.fname=<path/to/fip.bin> \
- -C bp.secureflashloader.fname=<path/to/bl1.bin> \
- -C bp.refcounter.non_arch_start_at_default=1 \
- -C bp.refcounter.use_real_time=0 \
- -C bp.ve_sysregs.exit_on_shutdown=1 \
- -C cache_state_modelled=1 \
- -C cluster0.NUM_CORES=4 \
- -C cluster0.PA_SIZE=48 \
- -C cluster0.ecv_support_level=2 \
- -C cluster0.gicv3.cpuintf-mmap-access-level=2 \
- -C cluster0.gicv3.without-DS-support=1 \
- -C cluster0.gicv4.mask-virtual-interrupt=1 \
- -C cluster0.has_arm_v8-6=1 \
- -C cluster0.has_branch_target_exception=1 \
- -C cluster0.has_rme=1 \
- -C cluster0.has_rndr=1 \
- -C cluster0.has_amu=1 \
- -C cluster0.has_v8_7_pmu_extension=2 \
- -C cluster0.max_32bit_el=-1 \
- -C cluster0.restriction_on_speculative_execution=2 \
- -C cluster0.restriction_on_speculative_execution_aarch32=2 \
- -C cluster1.NUM_CORES=4 \
- -C cluster1.PA_SIZE=48 \
- -C cluster1.ecv_support_level=2 \
- -C cluster1.gicv3.cpuintf-mmap-access-level=2 \
- -C cluster1.gicv3.without-DS-support=1 \
- -C cluster1.gicv4.mask-virtual-interrupt=1 \
- -C cluster1.has_arm_v8-6=1 \
- -C cluster1.has_branch_target_exception=1 \
- -C cluster1.has_rme=1 \
- -C cluster1.has_rndr=1 \
- -C cluster1.has_amu=1 \
- -C cluster1.has_v8_7_pmu_extension=2 \
- -C cluster1.max_32bit_el=-1 \
- -C cluster1.restriction_on_speculative_execution=2 \
- -C cluster1.restriction_on_speculative_execution_aarch32=2 \
- -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \
- -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \
- -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \
- -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \
- -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \
- -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \
- -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \
- -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 \
- -C bp.pl011_uart0.out_file=uart0.log \
- -C bp.pl011_uart1.out_file=uart1.log \
- -C bp.pl011_uart2.out_file=uart2.log \
- -C pctl.startup=0.0.0.0 \
- -Q 1000 \
- "$@"
+Use the following arguments in addition to
+`Running the tests for a 3 world FVP setup`_ to run tests for 4 world setup.
-The bottom of the output from *uart0* should look something like the following.
-
-.. code-block:: shell
-
- ...
-
- > Test suite 'FF-A Interrupt'
- Passed
- > Test suite 'SMMUv3 tests'
- Passed
- > Test suite 'PMU Leakage'
- Passed
- > Test suite 'DebugFS'
- Passed
- > Test suite 'Realm payload tests'
- Passed
- > Test suite 'Invalid memory access'
- Passed
- ...
+.. code:: shell
+ -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \
+ -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \
+ -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \
+ -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \
+ -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \
+ -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \
+ -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \
+ -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0
.. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture
.. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
+.. _TF-A Getting Started: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/index.html
.. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest
-.. _Hafnium: https://www.trustedfirmware.org/projects/hafnium
+.. _TFTF Getting Started: https://trustedfirmware-a-tests.readthedocs.io/en/latest/getting_started/index.html
+.. _Hafnium SPM: https://www.trustedfirmware.org/projects/hafnium
+.. _RMM Getting Started: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git/tree/docs/getting_started/index.rst
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index 71fdfcb..84bba18 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -990,9 +990,10 @@
directly, the others are saved into memory for retrieval (if needed) by the
handler. The handler is also provided with an opaque ``handle`` for use with the
supporting library for parameter retrieval, setting return values and context
-manipulation; and with ``flags`` indicating the security state of the caller. The
-framework finally sets up the execution stack for the handler, and invokes the
-services ``handle()`` function.
+manipulation. The ``flags`` parameter indicates the security state of the caller
+and the state of the SVE hint bit per the SMCCCv1.3. The framework finally sets
+up the execution stack for the handler, and invokes the services ``handle()``
+function.
On return from the handler the result registers are populated in X0-X7 as needed
before restoring the stack and CPU state and returning from the original SMC.
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index 65a66b6..9496576 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -104,14 +104,15 @@
sudo apt install device-tree-compiler
-Additionally, to install an up-to-date version of Node.js, you can use the `Node
-Version Manager`_ to install a version of your choosing (we recommend 16, but
-later LTS versions might offer a more stable experience):
+Additionally, to install a version of Node.js compatible with TF-A's repository
+scripts, you can use the `Node Version Manager`_. To install both NVM and an
+appropriate version of Node.js, run the following **from the root directory of
+the repository**:
.. code:: shell
- curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | "$SHELL"
- exec "$SHELL" -ic "nvm install 16; exec $SHELL"
+ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
+ exec "$SHELL" -ic "nvm install; exec $SHELL"
.. _Node Version Manager: https://github.com/nvm-sh/nvm#install--update-script
diff --git a/docs/plat/arm/fvp/index.rst b/docs/plat/arm/fvp/index.rst
index b28c247..42c0eda 100644
--- a/docs/plat/arm/fvp/index.rst
+++ b/docs/plat/arm/fvp/index.rst
@@ -12,61 +12,59 @@
(64-bit host machine only).
.. note::
- The FVP models used are Version 11.17 Build 21, unless otherwise stated.
+ The FVP models used are Version 11.19 Build 14, unless otherwise stated.
- ``Foundation_Platform``
-- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502``
-- ``FVP_Base_AEMv8A-AEMv8A`` (For certain configurations also uses 11.14/21)
-- ``FVP_Base_AEMv8A-GIC600AE``
-- ``FVP_Base_AEMvA`` (For certain configurations also uses 0.0/6684)
-- ``FVP_Base_Cortex-A32x4`` (Version 11.12/38)
+- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502`` (Version 11.17/21)
+- ``FVP_Base_AEMv8A-GIC600AE`` (Version 11.17/21)
+- ``FVP_Base_AEMvA``
+- ``FVP_Base_AEMvA-AEMvA``
+- ``FVP_Base_Cortex-A32x4`` (Version 11.12/38)
- ``FVP_Base_Cortex-A35x4``
- ``FVP_Base_Cortex-A53x4``
-- ``FVP_Base_Cortex-A55x4``
+- ``FVP_Base_Cortex-A55``
- ``FVP_Base_Cortex-A55x4+Cortex-A75x4``
+- ``FVP_Base_Cortex-A55x4+Cortex-A76x2``
- ``FVP_Base_Cortex-A57x1-A53x1``
- ``FVP_Base_Cortex-A57x2-A53x4``
-- ``FVP_Base_Cortex-A57x4-A53x4``
- ``FVP_Base_Cortex-A57x4``
-- ``FVP_Base_Cortex-A65AEx8``
-- ``FVP_Base_Cortex-A65x4``
-- ``FVP_Base_Cortex-A710x4``
-- ``FVP_Base_Cortex-A72x4-A53x4``
+- ``FVP_Base_Cortex-A57x4-A53x4``
+- ``FVP_Base_Cortex-A65``
+- ``FVP_Base_Cortex-A65AE``
+- ``FVP_Base_Cortex-A710x4`` (Version 11.17/21)
- ``FVP_Base_Cortex-A72x4``
-- ``FVP_Base_Cortex-A73x4-A53x4``
+- ``FVP_Base_Cortex-A72x4-A53x4``
- ``FVP_Base_Cortex-A73x4``
-- ``FVP_Base_Cortex-A75x4``
-- ``FVP_Base_Cortex-A76AEx4``
-- ``FVP_Base_Cortex-A76AEx8``
-- ``FVP_Base_Cortex-A76x4``
-- ``FVP_Base_Cortex-A77x4``
-- ``FVP_Base_Cortex-A78x4``
-- ``FVP_Base_Neoverse-E1x1``
-- ``FVP_Base_Neoverse-E1x2``
-- ``FVP_Base_Neoverse-E1x4``
-- ``FVP_Base_Neoverse-N1x4``
-- ``FVP_Base_Neoverse-N2x4`` (Version 11.12 build 38)
-- ``FVP_Base_Neoverse-V1x4``
-- ``FVP_Base_RevC-2xAEMvA`` (For certain configurations also uses 0.0/6557)
-- ``FVP_CSS_SGI-575`` (Version 11.17/33)
+- ``FVP_Base_Cortex-A73x4-A53x4``
+- ``FVP_Base_Cortex-A75``
+- ``FVP_Base_Cortex-A76``
+- ``FVP_Base_Cortex-A76AE``
+- ``FVP_Base_Cortex-A77``
+- ``FVP_Base_Cortex-A78``
+- ``FVP_Base_Cortex-A78C``
+- ``FVP_Base_Cortex-X2x4`` (Version 11.17/21)
+- ``FVP_Base_Neoverse-E1``
+- ``FVP_Base_Neoverse-N1``
+- ``FVP_Base_Neoverse-N2x4`` (Version 11.16/16)
+- ``FVP_Base_Neoverse-V1``
+- ``FVP_Base_RevC-2xAEMvA``
- ``FVP_Morello`` (Version 0.11/33)
-- ``FVP_RD_E1_edge`` (Version 11.17/33)
-- ``FVP_RD_N1_edge_dual`` (Version 11.17/33)
-- ``FVP_RD_N1_edge`` (Version 11.17/33)
-- ``FVP_RD_V1`` (Version 11.17/33)
-- ``FVP_TC0``
-- ``FVP_TC1``
+- ``FVP_RD_E1_edge`` (Version 11.17/29)
+- ``FVP_RD_V1`` (Version 11.17/29)
+- ``FVP_TC0`` (Version 11.17/18)
+- ``FVP_TC1`` (Version 11.17/33)
+- ``FVP_TC2`` (Version 11.18/28)
The latest version of the AArch32 build of TF-A has been tested on the
following Arm FVPs without shifted affinities, and that do not support threaded
CPU cores (64-bit host machine only).
- ``FVP_Base_AEMvA``
-- ``FVP_Base_AEMv8A-AEMv8A``
+- ``FVP_Base_AEMvA-AEMvA``
- ``FVP_Base_Cortex-A32x4``
.. note::
- The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which
+ The ``FVP_Base_RevC-2xAEMvA`` FVP only supports shifted affinities, which
is not compatible with legacy GIC configurations. Therefore this FVP does not
support these legacy GIC configurations.
diff --git a/docs/plat/index.rst b/docs/plat/index.rst
index 28b1787..25d8771 100644
--- a/docs/plat/index.rst
+++ b/docs/plat/index.rst
@@ -59,10 +59,9 @@
- Arm Neoverse N1 System Development Platform (N1SDP)
- Arm Neoverse Reference Design N1 Edge (RD-N1-Edge) FVP
- Arm Neoverse Reference Design E1 Edge (RD-E1-Edge) FVP
- - Arm SGI-575 and SGM-775
- - MediaTek MT6795 and MT8173 SoCs
- - Arm Morello Platform
+ - Arm SGI-575
+ - MediaTek MT8173 SoCs
--------------
-*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
diff --git a/docs/process/commit-style.rst b/docs/process/commit-style.rst
index de899ab..d7e937b 100644
--- a/docs/process/commit-style.rst
+++ b/docs/process/commit-style.rst
@@ -96,36 +96,25 @@
Adding Scopes
-------------
-Scopes that are either a) unblessed in the configuration file, or b) do not
-exist in the configuration file at all are considered to be deprecated. If you
-are adding a new component that does not yet have a designated scope, please
-feel free to add one.
+Scopes that are not present in the changelog configuration file are considered
+to be deprecated, and should be avoided. If you are adding a new component that
+does not yet have a designated scope, please add one.
For example, if you are adding or making modifications to `Foo`'s latest and
-greatest new platform `Bar`, you would add it to the `Platforms` changelog
-section, and the hierarchy should look something like this:
+greatest new platform `Bar` then you would add it to the `Platforms` changelog
+sub-section, and the hierarchy should look something like this:
-.. code:: json
+.. code:: yaml
- {
- "sections": [
- {
- "title": "Platforms",
- "sections": [
- {
- "title": "Foo",
- "scopes": ["foo"],
- "sections": [
- {
- "title": "Bar",
- "scopes": ["bar"]
- }
- ]
- }
- ]
- }
- ]
- }
+ - title: Platforms
+
+ subsections:
+ - title: Foo
+ scope: foo
+
+ subsections:
+ - title: Bar
+ scope: bar
When creating new scopes, try to keep them short and succinct, and use kebab
case (``this-is-kebab-case``). Components with a product name (i.e. most
@@ -138,7 +127,9 @@
Commits are expected to be signed off with the ``Signed-off-by:`` trailer using
your real name and email address. You can do this automatically by committing
-with Git's ``-s`` flag.
+with Git's ``-s`` flag. By adding this line the contributor certifies the
+contribution is made under the terms of the :download:`Developer Certificate of
+Origin <../../dco.txt>`.
There may be multiple ``Signed-off-by:`` lines depending on the history of the
patch, but one **must** be the committer. More details may be found in the
diff --git a/docs/security_advisories/security-advisory-tfv-9.rst b/docs/security_advisories/security-advisory-tfv-9.rst
index 08bfdc4..d73e74b 100644
--- a/docs/security_advisories/security-advisory-tfv-9.rst
+++ b/docs/security_advisories/security-advisory-tfv-9.rst
@@ -75,7 +75,7 @@
+----------------------+
| Cortex-A710 |
+----------------------+
-| Cortex-Makalu |
+| Cortex-A715 |
+----------------------+
| Cortex-Hunter |
+----------------------+
@@ -99,7 +99,9 @@
Convention specification`_ for more details.
`Gerrit topic #spectre_bhb`_ This patchset implements the Spectre-BHB loop
-workaround for CPUs mentioned in the above table. It also mitigates against
+workaround for CPUs mentioned in the above table. For CPUs supporting
+speculative barrier instruction, the loop workaround is optimised by using SB
+in place of the common DSB and ISB sequence. It also mitigates against
this vulnerability for Cortex-A72 CPU versions that support the CSV2 feature
(from r1p0). The patch stack also includes an implementation for a specified
`CVE-2022-23960`_ workaround SMC(``SMCCC_ARCH_WORKAROUND_3``) for use by normal
diff --git a/include/lib/smccc.h b/include/lib/smccc.h
index 9940ea9..cce91af 100644
--- a/include/lib/smccc.h
+++ b/include/lib/smccc.h
@@ -37,6 +37,10 @@
#define FUNCID_OEN_MASK U(0x3f)
#define FUNCID_OEN_WIDTH U(6)
+#define FUNCID_SVE_HINT_SHIFT U(16)
+#define FUNCID_SVE_HINT_MASK U(1)
+#define FUNCID_SVE_HINT_WIDTH U(1)
+
#define FUNCID_NUM_SHIFT U(0)
#define FUNCID_NUM_MASK U(0xffff)
#define FUNCID_NUM_WIDTH U(16)
@@ -122,6 +126,12 @@
* 0 0 SMC_FROM_SECURE
* 0 1 SMC_FROM_NON_SECURE
* 1 1 SMC_FROM_REALM
+ *
+ * Bit 16 of flags records the caller's SMC
+ * SVE hint bit according to SMCCCv1.3.
+ * It can be consumed by dispatchers using
+ * is_sve_hint_set macro.
+ *
*/
#define SMC_FROM_SECURE (U(0) << 0)
@@ -148,6 +158,9 @@
#define is_caller_secure(_f) (!is_caller_non_secure(_f))
#endif /* ENABLE_RME */
+#define is_sve_hint_set(_f) (((_f) & (FUNCID_SVE_HINT_MASK \
+ << FUNCID_SVE_HINT_SHIFT)) != U(0))
+
/* The macro below is used to identify a Standard Service SMC call */
#define is_std_svc_call(_fid) (GET_SMC_OEN(_fid) == OEN_STD_START)
diff --git a/plat/arm/board/rdn2/platform.mk b/plat/arm/board/rdn2/platform.mk
index 9728a08..7492fe5 100644
--- a/plat/arm/board/rdn2/platform.mk
+++ b/plat/arm/board/rdn2/platform.mk
@@ -18,6 +18,7 @@
# RD-N2 platform uses GIC-700 which is based on GICv4.1
GIC_ENABLE_V4_EXTN := 1
+GIC_EXT_INTID := 1
#Enable GIC Multichip Extension only for Multichip Platforms
ifeq (${CSS_SGI_PLATFORM_VARIANT}, 2)
diff --git a/plat/arm/board/rdn2/rdn2_plat.c b/plat/arm/board/rdn2/rdn2_plat.c
index 8cf1929..2506f9d 100644
--- a/plat/arm/board/rdn2/rdn2_plat.c
+++ b/plat/arm/board/rdn2/rdn2_plat.c
@@ -47,15 +47,15 @@
#endif
},
.spi_ids = {
- {32, 479},
+ {32, 511},
#if CSS_SGI_CHIP_COUNT > 1
- {0, 0},
+ {512, 991},
#endif
#if CSS_SGI_CHIP_COUNT > 2
- {0, 0},
+ {4096, 4575},
#endif
#if CSS_SGI_CHIP_COUNT > 3
- {0, 0},
+ {4576, 5055},
#endif
}
};
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index 682a278..7162ce9 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -195,8 +195,10 @@
# Enable CRC instructions via extension for ARMv8-A CPUs.
# For ARMv8.1-A, and onwards CRC instructions are default enabled.
# Enable HW computed CRC support unconditionally in BL2 component.
-ifeq (${ARM_ARCH_MINOR},0)
- BL2_CPPFLAGS += -march=armv8-a+crc
+ifeq (${ARM_ARCH_MAJOR},8)
+ ifeq (${ARM_ARCH_MINOR},0)
+ BL2_CPPFLAGS += -march=armv8-a+crc
+ endif
endif
ifeq ($(PSA_FWU_SUPPORT),1)
diff --git a/plat/hisilicon/hikey960/aarch64/hikey960_common.c b/plat/hisilicon/hikey960/aarch64/hikey960_common.c
index 612a7f2..c70286f 100644
--- a/plat/hisilicon/hikey960/aarch64/hikey960_common.c
+++ b/plat/hisilicon/hikey960/aarch64/hikey960_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,7 +12,7 @@
#include <common/bl_common.h>
#include <common/debug.h>
#include <lib/mmio.h>
-#include <lib/xlat_tables/xlat_tables.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
#include <plat/common/platform.h>
#include "../hikey960_def.h"
@@ -69,7 +69,6 @@
#ifdef IMAGE_BL31
static const mmap_region_t hikey960_mmap[] = {
MAP_DEVICE,
- MAP_TSP_MEM,
{0}
};
#endif
diff --git a/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c b/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c
index 39a54cb..e42785a 100644
--- a/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c
+++ b/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -138,6 +138,22 @@
#endif
.next_handoff_image_id = INVALID_IMAGE_ID,
},
+
+#ifdef SPD_spmd
+ /* Fill TOS_FW_CONFIG related information */
+ {
+ .image_id = TOS_FW_CONFIG_ID,
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
+ VERSION_2, entry_point_info_t, SECURE | NON_EXECUTABLE),
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
+ VERSION_2, image_info_t, 0),
+ .image_info.image_base = DDR_SEC_CONFIG_BASE,
+ .image_info.image_max_size = DDR_SEC_CONFIG_SIZE,
+
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
+#endif
+
# endif /* BL32_BASE */
/* Fill BL33 related information */
diff --git a/plat/hisilicon/hikey960/hikey960_bl2_setup.c b/plat/hisilicon/hikey960/hikey960_bl2_setup.c
index c1c2a8c..7334853 100644
--- a/plat/hisilicon/hikey960/hikey960_bl2_setup.c
+++ b/plat/hisilicon/hikey960/hikey960_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,6 +31,9 @@
#define BL2_RW_BASE (BL_CODE_END)
+/* BL2 platform parameters passed to BL31 */
+static plat_params_from_bl2_t plat_params_from_bl2;
+
static meminfo_t bl2_el3_tzram_layout;
static console_t console;
extern int load_lpm3(void);
@@ -217,6 +220,11 @@
assert(bl_mem_params);
switch (image_id) {
+ case BL31_IMAGE_ID:
+ /* Pass BL2 platform parameter to BL31 */
+ bl_mem_params->ep_info.args.arg1 = (uint64_t) &plat_params_from_bl2;
+ break;
+
#ifdef __aarch64__
case BL32_IMAGE_ID:
#ifdef SPD_opteed
@@ -307,6 +315,8 @@
void bl2_platform_setup(void)
{
+ int ret;
+
/* disable WDT0 */
if (mmio_read_32(WDT0_REG_BASE + WDT_LOCK_OFFSET) == WDT_LOCKED) {
mmio_write_32(WDT0_REG_BASE + WDT_LOCK_OFFSET, WDT_UNLOCK);
@@ -322,4 +332,13 @@
hikey960_gpio_init();
hikey960_init_ufs();
hikey960_io_setup();
+
+ /* Read serial number from storage */
+ plat_params_from_bl2.fastboot_serno = 0;
+ ret = hikey960_load_serialno(&plat_params_from_bl2.fastboot_serno);
+ if (ret != 0) {
+ ERROR("BL2: could not read serial number\n");
+ }
+ INFO("BL2: fastboot_serno %lx\n", plat_params_from_bl2.fastboot_serno);
+ flush_dcache_range((uintptr_t)&plat_params_from_bl2, sizeof(plat_params_from_bl2_t));
}
diff --git a/plat/hisilicon/hikey960/hikey960_bl31_setup.c b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
index f5f8ffe..0debe1e 100644
--- a/plat/hisilicon/hikey960/hikey960_bl31_setup.c
+++ b/plat/hisilicon/hikey960/hikey960_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,7 +20,9 @@
#include <drivers/console.h>
#include <drivers/generic_delay_timer.h>
#include <lib/mmio.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
#include <plat/common/platform.h>
+#include <services/el3_spmc_ffa_memory.h>
#include <hi3660.h>
#include <hisi_ipc.h>
@@ -31,6 +33,9 @@
static entry_point_info_t bl33_ep_info;
static console_t console;
+/* fastboot serial number consumed by Kinibi SPD/LP for gpd.tee.deviceID. */
+uint64_t fastboot_serno;
+
/******************************************************************************
* On a GICv2 system, the Group 1 secure interrupts are treated as Group 0
* interrupts.
@@ -71,6 +76,7 @@
{
unsigned int id, uart_base;
void *from_bl2;
+ plat_params_from_bl2_t *plat_params_from_bl2 = (plat_params_from_bl2_t *) arg1;
from_bl2 = (void *) arg0;
@@ -89,6 +95,10 @@
cci_init(CCI400_REG_BASE, cci_map, ARRAY_SIZE(cci_map));
cci_enable_snoop_dvm_reqs(MPIDR_AFFLVL1_VAL(read_mpidr_el1()));
+ /* Fastboot serial number passed from BL2 as a platform parameter */
+ fastboot_serno = plat_params_from_bl2->fastboot_serno;
+ INFO("BL31: fastboot_serno %lx\n", fastboot_serno);
+
/*
* Check params passed from BL2 should not be NULL,
*/
@@ -119,6 +129,11 @@
void bl31_plat_arch_setup(void)
{
+#if SPMC_AT_EL3
+ mmap_add_region(DDR2_SEC_BASE, DDR2_SEC_BASE, DDR2_SEC_SIZE,
+ MT_MEMORY | MT_RW | MT_SECURE);
+#endif
+
hikey960_init_mmu_el3(BL31_BASE,
BL31_LIMIT - BL31_BASE,
BL_CODE_BASE,
@@ -156,6 +171,48 @@
}
}
+#if SPMC_AT_EL3
+/*
+ * On the hikey960 platform when using the EL3 SPMC implementation allocate the
+ * datastore for tracking shared memory descriptors in the RAM2 DRAM section
+ * to ensure sufficient storage can be allocated.
+ * Provide an implementation of the accessor method to allow the datastore
+ * details to be retrieved by the SPMC.
+ * The SPMC will take care of initializing the memory region.
+ */
+
+#define SPMC_SHARED_MEMORY_OBJ_SIZE (512 * 1024)
+
+__section("ram2_region") uint8_t plat_spmc_shmem_datastore[SPMC_SHARED_MEMORY_OBJ_SIZE];
+
+int plat_spmc_shmem_datastore_get(uint8_t **datastore, size_t *size)
+{
+ *datastore = plat_spmc_shmem_datastore;
+ *size = SPMC_SHARED_MEMORY_OBJ_SIZE;
+ return 0;
+}
+
+/*
+ * Add dummy implementations of memory management related platform hooks.
+ * These can be used to implement platform specific functionality to support
+ * a memory sharing/lending operation.
+ *
+ * Note: The hooks must be located as part of the initial share request and
+ * final reclaim to prevent order dependencies with operations that may take
+ * place in the normal world without visibility of the SPMC.
+ */
+int plat_spmc_shmem_begin(struct ffa_mtd *desc)
+{
+ return 0;
+}
+
+int plat_spmc_shmem_reclaim(struct ffa_mtd *desc)
+{
+ return 0;
+}
+
+#endif
+
void bl31_platform_setup(void)
{
/* Initialize the GIC driver, cpu and distributor interfaces */
diff --git a/plat/hisilicon/hikey960/hikey960_def.h b/plat/hisilicon/hikey960/hikey960_def.h
index 9651d78..e103cf4 100644
--- a/plat/hisilicon/hikey960/hikey960_def.h
+++ b/plat/hisilicon/hikey960/hikey960_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,15 +21,21 @@
#define HIKEY960_DRAM_ID 1
/*
- * DDR for OP-TEE (32MB from 0x3E00000-0x3FFFFFFF) is divided in several
+ * DDR for TEE (80MB from 0x3E00000-0x43000FFF) is divided into several
* regions:
- * - Secure DDR (default is the top 16MB) used by OP-TEE
+ * - SPMC manifest (4KB at the top) used by SPMC_AT_EL3 and the TEE
+ * - Datastore for SPMC_AT_EL3 (4MB at the top) used by BL31
+ * - Secure DDR (default is the top 60MB) used by OP-TEE
* - Non-secure DDR used by OP-TEE (shared memory and padding) (4MB)
* - Secure DDR (4MB aligned on 4MB) for OP-TEE's "Secure Data Path" feature
* - Non-secure DDR (8MB) reserved for OP-TEE's future use
*/
-#define DDR_SEC_SIZE 0x01000000
+#define DDR_SEC_SIZE 0x03C00000 /* reserve 60MB secure memory */
#define DDR_SEC_BASE 0x3F000000
+#define DDR2_SEC_SIZE 0x00400000 /* SPMC_AT_EL3: 4MB for BL31 RAM2 */
+#define DDR2_SEC_BASE 0x42C00000
+#define DDR_SEC_CONFIG_SIZE 0x00001000 /* SPMC_AT_EL3: SPMC manifest */
+#define DDR_SEC_CONFIG_BASE 0x43000000
#define DDR_SDP_SIZE 0x00400000
#define DDR_SDP_BASE (DDR_SEC_BASE - 0x400000 /* align */ - \
@@ -50,4 +56,27 @@
#define HIKEY960_UFS_DATA_BASE 0x10000000
#define HIKEY960_UFS_DATA_SIZE 0x0A000000 /* 160MB */
+#if defined(SPMC_AT_EL3)
+/*
+ * Number of Secure Partitions supported.
+ * SPMC at EL3, uses this count to configure the maximum number of supported
+ * secure partitions.
+ */
+#define SECURE_PARTITION_COUNT 1
+
+/*
+ * Number of Nwld Partitions supported.
+ * SPMC at EL3, uses this count to configure the maximum number of supported
+ * nwld partitions.
+ */
+#define NS_PARTITION_COUNT 1
+/*
+ * Number of Logical Partitions supported.
+ * SPMC at EL3, uses this count to configure the maximum number of supported
+ * logical partitions.
+ */
+#define MAX_EL3_LP_DESCS_COUNT 1
+
+#endif /* SPMC_AT_EL3 */
+
#endif /* HIKEY960_DEF_H */
diff --git a/plat/hisilicon/hikey960/hikey960_el3_spmc_logical_sp.c b/plat/hisilicon/hikey960/hikey960_el3_spmc_logical_sp.c
new file mode 100644
index 0000000..b9e4f86
--- /dev/null
+++ b/plat/hisilicon/hikey960/hikey960_el3_spmc_logical_sp.c
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <services/el3_spmc_logical_sp.h>
+#include <services/ffa_svc.h>
+#include <smccc_helpers.h>
+
+#define LP_PARTITION_ID 0xC001
+#define LP_UUID {0x47a3bf57, 0xe98e43ad, 0xb7db524f, 0x1588f4e3}
+
+/* Our Logical SP currently only supports receipt of direct messaging. */
+#define PARTITION_PROPERTIES FFA_PARTITION_DIRECT_REQ_RECV
+
+static int32_t sp_init(void)
+{
+ INFO("LSP: Init function called.\n");
+ return 0;
+}
+
+static uint64_t handle_ffa_direct_request(uint32_t smc_fid, bool secure_origin,
+ uint64_t x1, uint64_t x2, uint64_t x3,
+ uint64_t x4, void *cookie,
+ void *handle, uint64_t flags)
+{
+ uint64_t ret;
+
+ /* Determine if we have a 64 or 32 direct request. */
+ if (smc_fid == FFA_MSG_SEND_DIRECT_REQ_SMC32) {
+ ret = FFA_MSG_SEND_DIRECT_RESP_SMC32;
+ } else if (smc_fid == FFA_MSG_SEND_DIRECT_REQ_SMC64) {
+ ret = FFA_MSG_SEND_DIRECT_RESP_SMC64;
+ } else {
+ panic(); /* Unknown SMC. */
+ }
+ /*
+ * Handle the incoming request. For testing purposes we echo the
+ * incoming message.
+ */
+ INFO("Logical Partition: Received Direct Request from %s world!\n",
+ secure_origin ? "Secure" : "Normal");
+
+ /*
+ * Logical SP's must always send a direct response so we can populate
+ * our response directly.
+ */
+ SMC_RET8(handle, ret, 0, 0, x4, 0, 0, 0, 0);
+}
+
+/* Register logical partition */
+DECLARE_LOGICAL_PARTITION(
+ my_logical_partition,
+ sp_init, /* Init Function */
+ LP_PARTITION_ID, /* FF-A Partition ID */
+ LP_UUID, /* UUID */
+ PARTITION_PROPERTIES, /* Partition Properties. */
+ handle_ffa_direct_request /* Callback for direct requests. */
+);
diff --git a/plat/hisilicon/hikey960/hikey960_image_load.c b/plat/hisilicon/hikey960/hikey960_image_load.c
index 57cb1b2..9a5b74e 100644
--- a/plat/hisilicon/hikey960/hikey960_image_load.c
+++ b/plat/hisilicon/hikey960/hikey960_image_load.c
@@ -1,9 +1,10 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <assert.h>
#include <common/bl_common.h>
#include <common/desc_image_load.h>
#include <plat/common/platform.h>
@@ -25,10 +26,30 @@
return get_bl_load_info_from_mem_params_desc();
}
+
+/*******************************************************************************
+ * ARM helper function to return the list of executable images. Since the default
+ * descriptors are allocated within BL2 RW memory, this prevents BL31/BL32
+ * overlay of BL2 memory. Hence this function also copies the descriptors to a
+ * pre-allocated memory indicated by ARM_BL2_MEM_DESC_BASE.
+ ******************************************************************************/
+struct bl_params *hikey960_get_next_bl_params(void)
+{
+ bl_params_t *next_bl_params;
+
+ next_bl_params = get_next_bl_params_from_mem_params_desc();
+ assert(next_bl_params != NULL);
+
+ populate_next_bl_params_config(next_bl_params);
+
+ return next_bl_params;
+}
+
+
/*******************************************************************************
* This function returns the list of executable images.
******************************************************************************/
bl_params_t *plat_get_next_bl_params(void)
{
- return get_next_bl_params_from_mem_params_desc();
+ return hikey960_get_next_bl_params();
}
diff --git a/plat/hisilicon/hikey960/hikey960_io_storage.c b/plat/hisilicon/hikey960/hikey960_io_storage.c
index e1c5845..475e416 100644
--- a/plat/hisilicon/hikey960/hikey960_io_storage.c
+++ b/plat/hisilicon/hikey960/hikey960_io_storage.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -23,6 +23,9 @@
#include <lib/semihosting.h>
#include <tools_share/firmware_image_package.h>
+#include "hikey960_def.h"
+#include "hikey960_private.h"
+
struct plat_io_policy {
uintptr_t *dev_handle;
uintptr_t image_spec;
@@ -45,6 +48,12 @@
(PLAT_PARTITION_MAX_ENTRIES / 4 + 2),
};
+/* Fastboot serial number stored within first UFS device blocks */
+static const io_block_spec_t ufs_fastboot_spec = {
+ .offset = UFS_BASE,
+ .length = 1 << 20,
+};
+
static const io_block_dev_spec_t ufs_dev_spec = {
/* It's used as temp buffer in block driver. */
.buffer = {
@@ -77,6 +86,12 @@
static const io_uuid_spec_t bl32_extra2_uuid_spec = {
.uuid = UUID_SECURE_PAYLOAD_BL32_EXTRA2,
};
+
+#ifdef SPD_spmd
+static const io_uuid_spec_t bl32_tos_fw_spec = {
+ .uuid = UUID_TOS_FW_CONFIG,
+};
+#endif
static const io_uuid_spec_t bl33_uuid_spec = {
.uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
@@ -151,6 +166,15 @@
(uintptr_t)&bl32_extra2_uuid_spec,
check_fip
},
+
+#ifdef SPD_spmd
+ [TOS_FW_CONFIG_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&bl32_tos_fw_spec,
+ check_fip
+ },
+#endif
+
[BL33_IMAGE_ID] = {
&fip_dev_handle,
(uintptr_t)&bl33_uuid_spec,
@@ -241,6 +265,54 @@
return result;
}
+int hikey960_load_serialno(uint64_t *serno)
+{
+ int result;
+ size_t len = 0;
+ uintptr_t local_handle;
+ uint64_t buf[HIKEY960_SERIAL_NUMBER_SIZE / sizeof(uint64_t)];
+
+ if (serno == NULL) {
+ return -1;
+ }
+
+ result = io_dev_init(ufs_dev_handle, (uintptr_t)NULL);
+ if (result != 0) {
+ return result;
+ }
+
+ result = io_open(ufs_dev_handle,
+ (uintptr_t)&ufs_fastboot_spec, &local_handle);
+ if (result != 0) {
+ return result;
+ }
+
+ result = io_seek(local_handle, IO_SEEK_SET,
+ HIKEY960_SERIAL_NUMBER_LBA * UFS_BLOCK_SIZE);
+ if (result != 0) {
+ goto closing;
+ }
+
+ result = io_read(local_handle, (uintptr_t)buf,
+ HIKEY960_SERIAL_NUMBER_SIZE, &len);
+ if (result != 0) {
+ goto closing;
+ }
+
+ if (len != HIKEY960_SERIAL_NUMBER_SIZE) {
+ result = -1;
+ goto closing;
+ }
+
+ /* UEFI fastboot app stores a 16 bytes blob */
+ /* We extract only relevant 8 bytes serial number */
+ *serno = buf[1];
+
+closing:
+ io_close(local_handle);
+ return result;
+}
+
void hikey960_io_setup(void)
{
int result;
diff --git a/plat/hisilicon/hikey960/hikey960_private.h b/plat/hisilicon/hikey960/hikey960_private.h
index 54bf501..742725c 100644
--- a/plat/hisilicon/hikey960/hikey960_private.h
+++ b/plat/hisilicon/hikey960/hikey960_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,6 +9,10 @@
#include <common/bl_common.h>
+/* Fastboot serial number */
+#define HIKEY960_SERIAL_NUMBER_LBA (UFS_BASE + 20)
+#define HIKEY960_SERIAL_NUMBER_SIZE 16
+
/*
* Function and variable prototypes
*/
@@ -27,6 +31,7 @@
void hikey960_io_setup(void);
int hikey960_read_boardid(unsigned int *id);
int hikey960_set_fip_addr(unsigned int image_id, const char *name);
+int hikey960_load_serialno(uint64_t *serno);
void hikey960_clk_init(void);
void hikey960_pmu_init(void);
void hikey960_regulator_enable(void);
@@ -39,4 +44,12 @@
void clr_ex(void);
void nop(void);
+/*******************************************************************************
+ * Struct for parameters received from BL2
+ ******************************************************************************/
+typedef struct plat_params_from_bl2 {
+ /* Fastboot serial number gathered from UFS */
+ uint64_t fastboot_serno;
+} plat_params_from_bl2_t;
+
#endif /* HIKEY960_PRIVATE_H */
diff --git a/plat/hisilicon/hikey960/include/plat.ld.S b/plat/hisilicon/hikey960/include/plat.ld.S
new file mode 100644
index 0000000..0cc25cd
--- /dev/null
+++ b/plat/hisilicon/hikey960/include/plat.ld.S
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef PLAT_LD_S
+#define PLAT_LD_S
+
+#include <lib/xlat_tables/xlat_tables_defs.h>
+
+MEMORY {
+ RAM2 (rw): ORIGIN = DDR2_SEC_BASE, LENGTH = DDR2_SEC_SIZE
+}
+
+SECTIONS
+{
+ ram2_region (NOLOAD) : {
+ *(ram2_region)
+ }>RAM2
+}
+
+#endif /* PLAT_LD_S */
diff --git a/plat/hisilicon/hikey960/include/platform_def.h b/plat/hisilicon/hikey960/include/platform_def.h
index 215eebe..10eff01 100644
--- a/plat/hisilicon/hikey960/include/platform_def.h
+++ b/plat/hisilicon/hikey960/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -114,15 +114,23 @@
/*
* Platform specific page table and MMU setup constants
*/
-#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
-#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
+#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 36)
+#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 36)
-#if defined(IMAGE_BL1) || defined(IMAGE_BL31) || defined(IMAGE_BL32)
+#if defined(IMAGE_BL1) || defined(IMAGE_BL32)
#define MAX_XLAT_TABLES 3
#endif
-#ifdef IMAGE_BL2
-#define MAX_XLAT_TABLES 4
+#if defined(IMAGE_BL2)
+#define MAX_XLAT_TABLES 5
+#endif
+
+#if defined(IMAGE_BL31)
+#if defined(SPMC_AT_EL3)
+#define MAX_XLAT_TABLES 17
+#else
+#define MAX_XLAT_TABLES 5
+#endif
#endif
#define MAX_MMAP_REGIONS 16
diff --git a/plat/hisilicon/hikey960/platform.mk b/plat/hisilicon/hikey960/platform.mk
index c8ad66c..4c3c817 100644
--- a/plat/hisilicon/hikey960/platform.mk
+++ b/plat/hisilicon/hikey960/platform.mk
@@ -46,11 +46,12 @@
PLAT_BL_COMMON_SOURCES := drivers/arm/pl011/aarch64/pl011_console.S \
drivers/delay_timer/delay_timer.c \
drivers/delay_timer/generic_delay_timer.c \
- lib/xlat_tables/aarch64/xlat_tables.c \
- lib/xlat_tables/xlat_tables_common.c \
plat/hisilicon/hikey960/aarch64/hikey960_common.c \
plat/hisilicon/hikey960/hikey960_boardid.c
+include lib/xlat_tables_v2/xlat_tables.mk
+PLAT_BL_COMMON_SOURCES += ${XLAT_TABLES_LIB_SRCS}
+
HIKEY960_GIC_SOURCES := drivers/arm/gic/common/gic_common.c \
drivers/arm/gic/v2/gicv2_main.c \
drivers/arm/gic/v2/gicv2_helpers.c \
@@ -160,3 +161,22 @@
ERRATA_A53_855873 := 1
FIP_ALIGN := 512
+
+# SPM dispatcher
+ifeq (${SPD},spmd)
+ifeq (${SPMC_AT_EL3},1)
+# include device tree helper library
+include lib/libfdt/libfdt.mk
+BL31_SOURCES += common/fdt_wrappers.c \
+ ${LIBFDT_SRCS} \
+ common/uuid.c
+
+# Add support for platform supplied linker script for BL31 build
+$(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT))
+endif
+
+ifeq ($(PLAT_SP_MANIFEST_DTS),)
+ $(error "Error: A SP manifest is required for the SPMC.")
+endif
+FDT_SOURCES += ${PLAT_SP_MANIFEST_DTS}
+endif
diff --git a/plat/imx/imx8m/ddr/dram.c b/plat/imx/imx8m/ddr/dram.c
index 6ccd6fd..8ea9ba1 100644
--- a/plat/imx/imx8m/ddr/dram.c
+++ b/plat/imx/imx8m/ddr/dram.c
@@ -120,6 +120,7 @@
void dram_info_init(unsigned long dram_timing_base)
{
uint32_t ddrc_mstr, current_fsp;
+ unsigned int idx = 0;
uint32_t flags = 0;
uint32_t rc;
unsigned int i;
@@ -144,11 +145,12 @@
if (!dram_info.timing_info->fsp_table[i]) {
break;
}
+ idx = i;
}
dram_info.num_fsp = i;
/* check if has bypass mode support */
- if (dram_info.timing_info->fsp_table[i-1] < 666) {
+ if (dram_info.timing_info->fsp_table[idx] < 666) {
dram_info.bypass_mode = true;
} else {
dram_info.bypass_mode = false;
diff --git a/plat/imx/imx8m/imx8m_psci_common.c b/plat/imx/imx8m/imx8m_psci_common.c
index d396902..8f545d6 100644
--- a/plat/imx/imx8m/imx8m_psci_common.c
+++ b/plat/imx/imx8m/imx8m_psci_common.c
@@ -40,7 +40,7 @@
int imx_pwr_domain_on(u_register_t mpidr)
{
unsigned int core_id;
- uint64_t base_addr = BL31_BASE;
+ uint64_t base_addr = BL31_START;
core_id = MPIDR_AFFLVL0_VAL(mpidr);
@@ -102,7 +102,7 @@
void imx_domain_suspend(const psci_power_state_t *target_state)
{
- uint64_t base_addr = BL31_BASE;
+ uint64_t base_addr = BL31_START;
uint64_t mpidr = read_mpidr_el1();
unsigned int core_id = MPIDR_AFFLVL0_VAL(mpidr);
diff --git a/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c b/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c
index 38fac92..67bfd36 100644
--- a/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c
+++ b/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c
@@ -184,24 +184,30 @@
bl31_tzc380_setup();
}
+#define MAP_BL31_TOTAL \
+ MAP_REGION_FLAT(BL31_START, BL31_SIZE, MT_MEMORY | MT_RW | MT_SECURE)
+#define MAP_BL31_RO \
+ MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE, MT_MEMORY | MT_RO | MT_SECURE)
+#define MAP_COHERENT_MEM \
+ MAP_REGION_FLAT(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE, \
+ MT_DEVICE | MT_RW | MT_SECURE)
+#define MAP_BL32_TOTAL \
+ MAP_REGION_FLAT(BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW)
+
void bl31_plat_arch_setup(void)
{
- mmap_add_region(BL31_BASE, BL31_BASE, (BL31_LIMIT - BL31_BASE),
- MT_MEMORY | MT_RW | MT_SECURE);
- mmap_add_region(BL_CODE_BASE, BL_CODE_BASE, (BL_CODE_END - BL_CODE_BASE),
- MT_MEMORY | MT_RO | MT_SECURE);
+ const mmap_region_t bl_regions[] = {
+ MAP_BL31_TOTAL,
+ MAP_BL31_RO,
#if USE_COHERENT_MEM
- mmap_add_region(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_BASE,
- (BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE),
- MT_DEVICE | MT_RW | MT_SECURE);
+ MAP_COHERENT_MEM,
#endif
- /* Map TEE memory */
- mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW);
-
- mmap_add(imx_mmap);
-
- init_xlat_tables();
+ /* Map TEE memory */
+ MAP_BL32_TOTAL,
+ {0}
+ };
+ setup_page_tables(bl_regions, imx_mmap);
enable_mmu_el3(0);
}
diff --git a/plat/imx/imx8m/imx8mm/include/platform_def.h b/plat/imx/imx8m/imx8mm/include/platform_def.h
index 930372f..65749f3 100644
--- a/plat/imx/imx8m/imx8mm/include/platform_def.h
+++ b/plat/imx/imx8m/imx8mm/include/platform_def.h
@@ -7,6 +7,7 @@
#include <arch.h>
#include <common/tbbr/tbbr_img_def.h>
#include <lib/utils_def.h>
+#include <plat/common/common_def.h>
#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64"
#define PLATFORM_LINKER_ARCH aarch64
@@ -40,9 +41,9 @@
#if defined(NEED_BL2)
#define BL2_BASE U(0x920000)
-#define BL2_LIMIT U(0x940000)
+#define BL2_SIZE SZ_128K
+#define BL2_LIMIT (BL2_BASE + BL2_SIZE)
#define BL31_BASE U(0x900000)
-#define BL31_LIMIT U(0x920000)
#define IMX_FIP_BASE U(0x40310000)
#define IMX_FIP_SIZE U(0x000300000)
#define IMX_FIP_LIMIT U(FIP_BASE + FIP_SIZE)
@@ -53,9 +54,11 @@
#define PLAT_IMX8MM_BOOT_MMC_BASE U(0x30B50000) /* SD */
#else
#define BL31_BASE U(0x920000)
-#define BL31_LIMIT U(0x940000)
#endif
+#define BL31_SIZE SZ_128K
+#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
+
/* non-secure uboot base */
#define PLAT_NS_IMAGE_OFFSET U(0x40200000)
#define PLAT_NS_IMAGE_SIZE U(0x00200000)
diff --git a/plat/imx/imx8m/imx8mm/platform.mk b/plat/imx/imx8m/imx8mm/platform.mk
index ebf5c7b..7a42554 100644
--- a/plat/imx/imx8m/imx8mm/platform.mk
+++ b/plat/imx/imx8m/imx8mm/platform.mk
@@ -142,6 +142,7 @@
${OPENSSL_BIN_PATH}/openssl dgst -sha256 -binary > $@ 2>/dev/null
endif
+ENABLE_PIE := 1
USE_COHERENT_MEM := 1
RESET_TO_BL31 := 1
A53_DISABLE_NON_TEMPORAL_HINT := 0
diff --git a/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c b/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c
index de30967..eff198d 100644
--- a/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c
+++ b/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c
@@ -181,25 +181,30 @@
bl31_tzc380_setup();
}
+#define MAP_BL31_TOTAL \
+ MAP_REGION_FLAT(BL31_START, BL31_SIZE, MT_MEMORY | MT_RW | MT_SECURE)
+#define MAP_BL31_RO \
+ MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE, MT_MEMORY | MT_RO | MT_SECURE)
+#define MAP_COHERENT_MEM \
+ MAP_REGION_FLAT(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE, \
+ MT_DEVICE | MT_RW | MT_SECURE)
+#define MAP_BL32_TOTAL \
+ MAP_REGION_FLAT(BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW)
+
void bl31_plat_arch_setup(void)
{
- mmap_add_region(BL31_BASE, BL31_BASE, (BL31_LIMIT - BL31_BASE),
- MT_MEMORY | MT_RW | MT_SECURE);
- mmap_add_region(BL_CODE_BASE, BL_CODE_BASE, (BL_CODE_END - BL_CODE_BASE),
- MT_MEMORY | MT_RO | MT_SECURE);
+ const mmap_region_t bl_regions[] = {
+ MAP_BL31_TOTAL,
+ MAP_BL31_RO,
#if USE_COHERENT_MEM
- mmap_add_region(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_BASE,
- (BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE),
- MT_DEVICE | MT_RW | MT_SECURE);
+ MAP_COHERENT_MEM,
#endif
-
- /* Map TEE memory */
- mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW);
-
- mmap_add(imx_mmap);
-
- init_xlat_tables();
+ /* Map TEE memory */
+ MAP_BL32_TOTAL,
+ {0}
+ };
+ setup_page_tables(bl_regions, imx_mmap);
enable_mmu_el3(0);
}
diff --git a/plat/imx/imx8m/imx8mn/include/platform_def.h b/plat/imx/imx8m/imx8mn/include/platform_def.h
index d4b1717..c75e250 100644
--- a/plat/imx/imx8m/imx8mn/include/platform_def.h
+++ b/plat/imx/imx8m/imx8mn/include/platform_def.h
@@ -8,8 +8,7 @@
#include <lib/utils_def.h>
#include <lib/xlat_tables/xlat_tables_v2.h>
-
-#include <lib/utils_def.h>
+#include <plat/common/common_def.h>
#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64"
#define PLATFORM_LINKER_ARCH aarch64
@@ -42,7 +41,8 @@
#define PLAT_SDEI_SGI_PRIVATE U(9)
#define BL31_BASE U(0x960000)
-#define BL31_LIMIT U(0x980000)
+#define BL31_SIZE SZ_128K
+#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
/* non-secure uboot base */
#define PLAT_NS_IMAGE_OFFSET U(0x40200000)
diff --git a/plat/imx/imx8m/imx8mn/platform.mk b/plat/imx/imx8m/imx8mn/platform.mk
index c70f3a1..1c0ad4f 100644
--- a/plat/imx/imx8m/imx8mn/platform.mk
+++ b/plat/imx/imx8m/imx8mn/platform.mk
@@ -48,6 +48,7 @@
${IMX_GIC_SOURCES} \
${XLAT_TABLES_LIB_SRCS}
+ENABLE_PIE := 1
USE_COHERENT_MEM := 1
RESET_TO_BL31 := 1
A53_DISABLE_NON_TEMPORAL_HINT := 0
diff --git a/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c b/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c
index 70dd8c8..4c31fa2 100644
--- a/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c
+++ b/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c
@@ -177,25 +177,30 @@
bl31_tzc380_setup();
}
+#define MAP_BL31_TOTAL \
+ MAP_REGION_FLAT(BL31_START, BL31_SIZE, MT_MEMORY | MT_RW | MT_SECURE)
+#define MAP_BL31_RO \
+ MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE, MT_MEMORY | MT_RO | MT_SECURE)
+#define MAP_COHERENT_MEM \
+ MAP_REGION_FLAT(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE, \
+ MT_DEVICE | MT_RW | MT_SECURE)
+#define MAP_BL32_TOTAL \
+ MAP_REGION_FLAT(BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW)
+
void bl31_plat_arch_setup(void)
{
- mmap_add_region(BL31_BASE, BL31_BASE, (BL31_LIMIT - BL31_BASE),
- MT_MEMORY | MT_RW | MT_SECURE);
- mmap_add_region(BL_CODE_BASE, BL_CODE_BASE, (BL_CODE_END - BL_CODE_BASE),
- MT_MEMORY | MT_RO | MT_SECURE);
+ const mmap_region_t bl_regions[] = {
+ MAP_BL31_TOTAL,
+ MAP_BL31_RO,
#if USE_COHERENT_MEM
- mmap_add_region(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_BASE,
- (BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE),
- MT_DEVICE | MT_RW | MT_SECURE);
+ MAP_COHERENT_MEM,
#endif
-
- /* Map TEE memory */
- mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE, MT_MEMORY | MT_RW);
-
- mmap_add(imx_mmap);
-
- init_xlat_tables();
+ /* Map TEE memory */
+ MAP_BL32_TOTAL,
+ {0}
+ };
+ setup_page_tables(bl_regions, imx_mmap);
enable_mmu_el3(0);
}
diff --git a/plat/imx/imx8m/imx8mp/include/platform_def.h b/plat/imx/imx8m/imx8mp/include/platform_def.h
index 1c58f48..14cb709 100644
--- a/plat/imx/imx8m/imx8mp/include/platform_def.h
+++ b/plat/imx/imx8m/imx8mp/include/platform_def.h
@@ -9,6 +9,7 @@
#include <common/tbbr/tbbr_img_def.h>
#include <lib/utils_def.h>
#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <plat/common/common_def.h>
#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64"
#define PLATFORM_LINKER_ARCH aarch64
@@ -37,9 +38,9 @@
#if defined(NEED_BL2)
#define BL2_BASE U(0x970000)
-#define BL2_LIMIT U(0x990000)
+#define BL2_SIZE SZ_128K
+#define BL2_LIMIT (BL2_BASE + BL2_SIZE)
#define BL31_BASE U(0x950000)
-#define BL31_LIMIT U(0x970000)
#define IMX_FIP_BASE U(0x40310000)
#define IMX_FIP_SIZE U(0x000300000)
#define IMX_FIP_LIMIT U(FIP_BASE + FIP_SIZE)
@@ -50,9 +51,11 @@
#define PLAT_IMX8MP_BOOT_MMC_BASE U(0x30B50000) /* SD */
#else
#define BL31_BASE U(0x970000)
-#define BL31_LIMIT U(0x990000)
#endif
+#define BL31_SIZE SZ_128K
+#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
+
#define PLAT_PRI_BITS U(3)
#define PLAT_SDEI_CRITICAL_PRI 0x10
#define PLAT_SDEI_NORMAL_PRI 0x20
diff --git a/plat/imx/imx8m/imx8mp/platform.mk b/plat/imx/imx8m/imx8mp/platform.mk
index 09f9ee9..5414c0a 100644
--- a/plat/imx/imx8m/imx8mp/platform.mk
+++ b/plat/imx/imx8m/imx8mp/platform.mk
@@ -139,6 +139,7 @@
${OPENSSL_BIN_PATH}/openssl dgst -sha256 -binary > $@ 2>/dev/null
endif
+ENABLE_PIE := 1
USE_COHERENT_MEM := 1
RESET_TO_BL31 := 1
A53_DISABLE_NON_TEMPORAL_HINT := 0
diff --git a/plat/mediatek/common/mtk_bl31_setup.c b/plat/mediatek/common/mtk_bl31_setup.c
index 79ab29d..7c9db8b 100644
--- a/plat/mediatek/common/mtk_bl31_setup.c
+++ b/plat/mediatek/common/mtk_bl31_setup.c
@@ -166,6 +166,7 @@
void bl31_plat_runtime_setup(void)
{
mtk_init_one_level(MTK_INIT_LVL_PLAT_RUNTIME);
+ console_switch_state(CONSOLE_FLAG_RUNTIME);
}
unsigned int plat_get_syscnt_freq2(void)
diff --git a/plat/qti/common/inc/qti_plat.h b/plat/qti/common/inc/qti_plat.h
index d616efe..7483c49 100644
--- a/plat/qti/common/inc/qti_plat.h
+++ b/plat/qti/common/inc/qti_plat.h
@@ -54,4 +54,9 @@
void qti_pmic_prepare_reset(void);
void qti_pmic_prepare_shutdown(void);
+typedef struct chip_id_info {
+ uint16_t jtag_id;
+ uint16_t chipinfo_id;
+} chip_id_info_t;
+
#endif /* QTI_PLAT_H */
diff --git a/plat/qti/common/src/qti_common.c b/plat/qti/common/src/qti_common.c
index 8821731..74ccb5b 100644
--- a/plat/qti/common/src/qti_common.c
+++ b/plat/qti/common/src/qti_common.c
@@ -17,6 +17,7 @@
#include <services/arm_arch_svc.h>
#include <platform_def.h>
+#include <qti_map_chipinfo.h>
#include <qti_plat.h>
#include <qtiseclib_interface.h>
@@ -154,9 +155,22 @@
*/
int32_t plat_get_soc_version(void)
{
- uint32_t soc_version = (QTI_SOC_VERSION & QTI_SOC_VERSION_MASK);
+ int i = 0;
+ /* Variant other than in mapped g_map_jtag_chipinfo_id variable will have
+ * default chipinfo id as 0xFFFF
+ */
+ uint32_t soc_version = (QTI_DEFAULT_CHIPINFO_ID & QTI_SOC_VERSION_MASK);
uint32_t jep106az_code = (JEDEC_QTI_BKID << QTI_SOC_CONTINUATION_SHIFT)
| (JEDEC_QTI_MFID << QTI_SOC_IDENTIFICATION_SHIFT);
+ uint32_t jtag_id = mmio_read_32(QTI_JTAG_ID_REG);
+ uint32_t jtag_id_val = (jtag_id >> QTI_JTAG_ID_SHIFT)
+ & QTI_SOC_VERSION_MASK;
+
+ for (i = 0; i < ARRAY_SIZE(g_map_jtag_chipinfo_id); i++) {
+ if (g_map_jtag_chipinfo_id[i].jtag_id == jtag_id_val)
+ soc_version = g_map_jtag_chipinfo_id[i].chipinfo_id
+ & QTI_SOC_VERSION_MASK;
+ }
return (int32_t)(jep106az_code | (soc_version));
}
diff --git a/plat/qti/sc7180/inc/platform_def.h b/plat/qti/sc7180/inc/platform_def.h
index e3dc811..b69dfd9 100644
--- a/plat/qti/sc7180/inc/platform_def.h
+++ b/plat/qti/sc7180/inc/platform_def.h
@@ -185,7 +185,6 @@
/*----------------------------------------------------------------------------*/
/* SOC hw version register */
/*----------------------------------------------------------------------------*/
-#define QTI_SOC_VERSION U(0x7180)
#define QTI_SOC_VERSION_MASK U(0xFFFF)
#define QTI_SOC_REVISION_REG 0x1FC8000
#define QTI_SOC_REVISION_MASK U(0xFFFF)
diff --git a/plat/qti/sc7180/inc/qti_map_chipinfo.h b/plat/qti/sc7180/inc/qti_map_chipinfo.h
new file mode 100644
index 0000000..4ab6191
--- /dev/null
+++ b/plat/qti/sc7180/inc/qti_map_chipinfo.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef QTI_MAP_CHIPINFO_H
+#define QTI_MAP_CHIPINFO_H
+
+#include <stdint.h>
+
+#include <qti_plat.h>
+
+#define QTI_JTAG_ID_REG 0x786130
+#define QTI_SOC_VERSION_MASK U(0xFFFF)
+#define QTI_SOC_REVISION_REG 0x1FC8000
+#define QTI_SOC_REVISION_MASK U(0xFFFF)
+#define QTI_JTAG_ID_SHIFT 12
+#define QTI_JTAG_ID_SC7180 U(0x012C)
+#define QTI_JTAG_ID_SC7180P U(0x0195)
+#define QTI_CHIPINFO_ID_SC7180 U(0x01A9)
+#define QTI_CHIPINFO_ID_SC7180P U(0x01EF)
+#define QTI_DEFAULT_CHIPINFO_ID U(0xFFFF)
+
+static const chip_id_info_t g_map_jtag_chipinfo_id[] = {
+ {QTI_JTAG_ID_SC7180, QTI_CHIPINFO_ID_SC7180},
+ {QTI_JTAG_ID_SC7180P, QTI_CHIPINFO_ID_SC7180P},
+};
+#endif /* QTI_MAP_CHIPINFO_H */
diff --git a/plat/qti/sc7280/inc/platform_def.h b/plat/qti/sc7280/inc/platform_def.h
index da7eddc..48b48ac 100644
--- a/plat/qti/sc7280/inc/platform_def.h
+++ b/plat/qti/sc7280/inc/platform_def.h
@@ -185,7 +185,6 @@
/*----------------------------------------------------------------------------*/
/* SOC hw version register */
/*----------------------------------------------------------------------------*/
-#define QTI_SOC_VERSION U(0x7280)
#define QTI_SOC_VERSION_MASK U(0xFFFF)
#define QTI_SOC_REVISION_REG 0x1FC8000
#define QTI_SOC_REVISION_MASK U(0xFFFF)
diff --git a/plat/qti/sc7280/inc/qti_map_chipinfo.h b/plat/qti/sc7280/inc/qti_map_chipinfo.h
new file mode 100644
index 0000000..7303e20
--- /dev/null
+++ b/plat/qti/sc7280/inc/qti_map_chipinfo.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef QTI_MAP_CHIPINFO_H
+#define QTI_MAP_CHIPINFO_H
+
+#include <stdint.h>
+
+#include <qti_plat.h>
+
+#define QTI_JTAG_ID_REG 0x786130
+#define QTI_JTAG_ID_SHIFT 12
+#define QTI_JTAG_ID_SC7280 U(0x0193)
+#define QTI_JTAG_ID_SC7280P U(0x01EB)
+#define QTI_JTAG_ID_SC8270 U(0x01E3)
+#define QTI_JTAG_ID_SC8270P U(0x020A)
+#define QTI_JTAG_ID_SC7270P U(0x0215)
+#define QTI_CHIPINFO_ID_SC7280 U(0x01E7)
+#define QTI_CHIPINFO_ID_SC7280P U(0x0222)
+#define QTI_CHIPINFO_ID_SC8270 U(0x0229)
+#define QTI_CHIPINFO_ID_SC8270P U(0x0233)
+#define QTI_CHIPINFO_ID_SC7270P U(0x0237)
+#define QTI_DEFAULT_CHIPINFO_ID U(0xFFFF)
+
+static const chip_id_info_t g_map_jtag_chipinfo_id[] = {
+ {QTI_JTAG_ID_SC7280, QTI_CHIPINFO_ID_SC7280},
+ {QTI_JTAG_ID_SC7280P, QTI_CHIPINFO_ID_SC7280P},
+ {QTI_JTAG_ID_SC8270, QTI_CHIPINFO_ID_SC8270},
+ {QTI_JTAG_ID_SC8270P, QTI_CHIPINFO_ID_SC8270P},
+ {QTI_JTAG_ID_SC7270P, QTI_CHIPINFO_ID_SC7270P},
+};
+#endif /* QTI_MAP_CHIPINFO_H */
diff --git a/plat/xilinx/versal_net/bl31_versal_net_setup.c b/plat/xilinx/versal_net/bl31_versal_net_setup.c
index 97080e9..c9942d6 100644
--- a/plat/xilinx/versal_net/bl31_versal_net_setup.c
+++ b/plat/xilinx/versal_net/bl31_versal_net_setup.c
@@ -88,6 +88,9 @@
uart_clock = 25000000;
break;
case VERSAL_NET_SILICON:
+ cpu_clock = 100000000;
+ uart_clock = 100000000;
+ break;
default:
panic();
}
diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c
index e0f5c17..3acf683 100644
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@@ -366,9 +366,10 @@
}
a = &args_buf;
- if (a->version != 1) {
- ERROR("DRTM: parameters structure incompatible with major version %d\n",
- ARM_DRTM_VERSION_MAJOR);
+ if (!((a->version >= ARM_DRTM_PARAMS_MIN_VERSION) &&
+ (a->version <= ARM_DRTM_PARAMS_MAX_VERSION))) {
+ ERROR("DRTM: parameters structure version %u is unsupported\n",
+ a->version);
return NOT_SUPPORTED;
}
diff --git a/services/std_svc/drtm/drtm_main.h b/services/std_svc/drtm/drtm_main.h
index baa37ae..6005163 100644
--- a/services/std_svc/drtm/drtm_main.h
+++ b/services/std_svc/drtm/drtm_main.h
@@ -36,6 +36,12 @@
#define DL_ARGS_GET_DLME_ENTRY_POINT(a) \
(((a)->dlme_paddr + (a)->dlme_img_off + (a)->dlme_img_ep_off))
+/*
+ * Range(Min/Max) of DRTM parameter structure versions supported
+ */
+#define ARM_DRTM_PARAMS_MIN_VERSION U(1)
+#define ARM_DRTM_PARAMS_MAX_VERSION U(1)
+
enum drtm_dlme_el {
DLME_AT_EL1 = MODE_EL1,
DLME_AT_EL2 = MODE_EL2
diff --git a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
index eab2096..1da2efc 100644
--- a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
+++ b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
@@ -1018,7 +1018,7 @@
/* Calculate the size that the v1.1 descriptor will required. */
size_t v1_1_desc_size =
spmc_shm_get_v1_1_descriptor_size((void *) &obj->desc,
- fragment_length);
+ obj->desc_size);
if (v1_1_desc_size == 0U) {
ERROR("%s: cannot determine size of descriptor.\n",
@@ -1030,7 +1030,7 @@
v1_1_obj =
spmc_shmem_obj_alloc(&spmc_shmem_obj_state, v1_1_desc_size);
- if (!obj) {
+ if (!v1_1_obj) {
ret = FFA_ERROR_NO_MEMORY;
goto err_arg;
}
@@ -1347,7 +1347,8 @@
if (req->emad_count == 0U) {
WARN("%s: unsupported attribute desc count %u.\n",
__func__, obj->desc.emad_count);
- return -EINVAL;
+ ret = FFA_ERROR_INVALID_PARAMETER;
+ goto err_unlock_mailbox;
}
/* Determine the appropriate minimum descriptor size. */