Merge changes from topic "ffa_el3_spmc_fixes" into integration
* changes:
fix(tsp): fix destination ID in direct request
fix(el3-spm): fix LSP direct message response
fix(el3-spm): improve direct messaging validation
diff --git a/Makefile b/Makefile
index 3ac31a5..03f9320 100644
--- a/Makefile
+++ b/Makefile
@@ -74,37 +74,85 @@
${INC_DRV_DIRS_TO_CHECK} \
${INC_ARM_DIRS_TO_CHECK}
-
################################################################################
# Process build options
################################################################################
# Verbose flag
ifeq (${V},0)
- Q:=@
- ECHO:=@echo
- CHECKCODE_ARGS += --no-summary --terse
+ Q:=@
+ ECHO:=@echo
+ CHECKCODE_ARGS += --no-summary --terse
else
- Q:=
- ECHO:=$(ECHO_QUIET)
+ Q:=
+ ECHO:=$(ECHO_QUIET)
endif
ifneq ($(findstring s,$(filter-out --%,$(MAKEFLAGS))),)
- Q:=@
- ECHO:=$(ECHO_QUIET)
+ Q:=@
+ ECHO:=$(ECHO_QUIET)
endif
export Q ECHO
-# The cert_create tool cannot generate certificates individually, so we use the
-# target 'certificates' to create them all
-ifneq (${GENERATE_COT},0)
- FIP_DEPS += certificates
- FWU_FIP_DEPS += fwu_certificates
+################################################################################
+# Toolchain
+################################################################################
+
+HOSTCC := gcc
+export HOSTCC
+
+CC := ${CROSS_COMPILE}gcc
+CPP := ${CROSS_COMPILE}cpp
+AS := ${CROSS_COMPILE}gcc
+AR := ${CROSS_COMPILE}ar
+LINKER := ${CROSS_COMPILE}ld
+OC := ${CROSS_COMPILE}objcopy
+OD := ${CROSS_COMPILE}objdump
+NM := ${CROSS_COMPILE}nm
+PP := ${CROSS_COMPILE}gcc -E
+DTC := dtc
+
+# Use ${LD}.bfd instead if it exists (as absolute path or together with $PATH).
+ifneq ($(strip $(wildcard ${LD}.bfd) \
+ $(foreach dir,$(subst :, ,${PATH}),$(wildcard ${dir}/${LINKER}.bfd))),)
+LINKER := ${LINKER}.bfd
endif
+################################################################################
+# Auxiliary tools (fiptool, cert_create, etc)
+################################################################################
+
+# Variables for use with Certificate Generation Tool
+CRTTOOLPATH ?= tools/cert_create
+CRTTOOL ?= ${CRTTOOLPATH}/cert_create${BIN_EXT}
+
+# Variables for use with Firmware Encryption Tool
+ENCTOOLPATH ?= tools/encrypt_fw
+ENCTOOL ?= ${ENCTOOLPATH}/encrypt_fw${BIN_EXT}
+
+# Variables for use with Firmware Image Package
+FIPTOOLPATH ?= tools/fiptool
+FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
+
+# Variables for use with sptool
+SPTOOLPATH ?= tools/sptool
+SPTOOL ?= ${SPTOOLPATH}/sptool.py
+SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
+
+# Variables for use with ROMLIB
+ROMLIBPATH ?= lib/romlib
+
+# Variable for use with Python
+PYTHON ?= python3
+
+# Variables for use with documentation build using Sphinx tool
+DOCS_PATH ?= docs
+
+################################################################################
# Process BRANCH_PROTECTION value and set
# Pointer Authentication and Branch Target Identification flags
+################################################################################
ifeq (${BRANCH_PROTECTION},0)
# Default value turns off all types of branch protection
BP_OPTION := none
@@ -129,151 +177,111 @@
ENABLE_BTI := 1
else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
-endif
+endif #(BRANCH_PROTECTION)
+################################################################################
+# RME dependent flags configuration
+################################################################################
# FEAT_RME
ifeq (${ENABLE_RME},1)
-# RME doesn't support PIE
-ifneq (${ENABLE_PIE},0)
- $(error ENABLE_RME does not support PIE)
-endif
-# RME doesn't support BRBE
-ifneq (${ENABLE_BRBE_FOR_NS},0)
- $(error ENABLE_RME does not support BRBE.)
-endif
-# RME requires AARCH64
-ifneq (${ARCH},aarch64)
- $(error ENABLE_RME requires AArch64)
-endif
-# RME requires el2 context to be saved for now.
-CTX_INCLUDE_EL2_REGS := 1
-CTX_INCLUDE_AARCH32_REGS := 0
-ARM_ARCH_MAJOR := 8
-ARM_ARCH_MINOR := 5
-ENABLE_FEAT_ECV = 1
-ENABLE_FEAT_FGT = 1
-CTX_INCLUDE_PAUTH_REGS := 1
-# RME enables CSV2_2 extension by default.
-ENABLE_FEAT_CSV2_2 = 1
+ # RME doesn't support PIE
+ ifneq (${ENABLE_PIE},0)
+ $(error ENABLE_RME does not support PIE)
+ endif
-endif
+ # RME doesn't support BRBE
+ ifneq (${ENABLE_BRBE_FOR_NS},0)
+ $(error ENABLE_RME does not support BRBE.)
+ endif
-# USE_SPINLOCK_CAS requires AArch64 build
-ifeq (${USE_SPINLOCK_CAS},1)
-ifneq (${ARCH},aarch64)
- $(error USE_SPINLOCK_CAS requires AArch64)
-endif
-endif
+ # RME requires AARCH64
+ ifneq (${ARCH},aarch64)
+ $(error ENABLE_RME requires AArch64)
+ endif
-# USE_DEBUGFS experimental feature recommended only in debug builds
-ifeq (${USE_DEBUGFS},1)
-ifeq (${DEBUG},1)
- $(warning DEBUGFS experimental feature is enabled.)
-else
- $(warning DEBUGFS experimental, recommended in DEBUG builds ONLY)
-endif
-endif
+ # RME requires el2 context to be saved for now.
+ CTX_INCLUDE_EL2_REGS := 1
+ CTX_INCLUDE_AARCH32_REGS := 0
+ ARM_ARCH_MAJOR := 8
+ ARM_ARCH_MINOR := 5
+ ENABLE_FEAT_ECV = 1
+ ENABLE_FEAT_FGT = 1
+ CTX_INCLUDE_PAUTH_REGS := 1
-ifneq (${DECRYPTION_SUPPORT},none)
-ENC_ARGS += -f ${FW_ENC_STATUS}
-ENC_ARGS += -k ${ENC_KEY}
-ENC_ARGS += -n ${ENC_NONCE}
-FIP_DEPS += enctool
-FWU_FIP_DEPS += enctool
-endif
+ # RME enables CSV2_2 extension by default.
+ ENABLE_FEAT_CSV2_2 = 1
+endif #(FEAT_RME)
################################################################################
-# Toolchain
+# Compiler Configuration based on ARCH_MAJOR and ARCH_MINOR flags
################################################################################
-
-HOSTCC := gcc
-export HOSTCC
-
-CC := ${CROSS_COMPILE}gcc
-CPP := ${CROSS_COMPILE}cpp
-AS := ${CROSS_COMPILE}gcc
-AR := ${CROSS_COMPILE}ar
-LINKER := ${CROSS_COMPILE}ld
-OC := ${CROSS_COMPILE}objcopy
-OD := ${CROSS_COMPILE}objdump
-NM := ${CROSS_COMPILE}nm
-PP := ${CROSS_COMPILE}gcc -E
-DTC := dtc
-
-# Use ${LD}.bfd instead if it exists (as absolute path or together with $PATH).
-ifneq ($(strip $(wildcard ${LD}.bfd) \
- $(foreach dir,$(subst :, ,${PATH}),$(wildcard ${dir}/${LINKER}.bfd))),)
-LINKER := ${LINKER}.bfd
-endif
-
ifeq (${ARM_ARCH_MAJOR},7)
-target32-directive = -target arm-none-eabi
+ target32-directive = -target arm-none-eabi
# Will set march32-directive from platform configuration
else
-target32-directive = -target armv8a-none-eabi
+ target32-directive = -target armv8a-none-eabi
# Set the compiler's target architecture profile based on
# ARM_ARCH_MAJOR ARM_ARCH_MINOR options
-ifeq (${ARM_ARCH_MINOR},0)
-march32-directive = -march=armv${ARM_ARCH_MAJOR}-a
-march64-directive = -march=armv${ARM_ARCH_MAJOR}-a
-else
-march32-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
-march64-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
-endif
-endif
+ ifeq (${ARM_ARCH_MINOR},0)
+ march32-directive = -march=armv${ARM_ARCH_MAJOR}-a
+ march64-directive = -march=armv${ARM_ARCH_MAJOR}-a
+ else
+ march32-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
+ march64-directive = -march=armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a
+ endif #(ARM_ARCH_MINOR)
+endif #(ARM_ARCH_MAJOR)
+
+################################################################################
+# Get Architecture Feature Modifiers
+################################################################################
+arch-features = ${ARM_ARCH_FEATURE}
+
+####################################################
+# Enable required options for Memory Stack Tagging.
+####################################################
# Memory tagging is supported in architecture Armv8.5-A AArch64 and onwards
ifeq ($(ARCH), aarch64)
-# Check if revision is greater than or equal to 8.5
-ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-mem_tag_arch_support = yes
-endif
-endif
-
-# Get architecture feature modifiers
-arch-features = ${ARM_ARCH_FEATURE}
+ # Check if revision is greater than or equal to 8.5
+ ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ mem_tag_arch_support = yes
+ endif
+endif #(ARCH=aarch64)
-# Enable required options for memory stack tagging.
# Currently, these options are enabled only for clang and armclang compiler.
ifeq (${SUPPORT_STACK_MEMTAG},yes)
-ifdef mem_tag_arch_support
-# Check for armclang and clang compilers
-ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
-# Add "memtag" architecture feature modifier if not specified
-ifeq ( ,$(findstring memtag,$(arch-features)))
-arch-features := $(arch-features)+memtag
-endif # memtag
-ifeq ($(notdir $(CC)),armclang)
-TF_CFLAGS += -mmemtag-stack
-else ifeq ($(notdir $(CC)),clang)
-TF_CFLAGS += -fsanitize=memtag
-endif # armclang
-endif # armclang clang
-else
-$(error "Error: stack memory tagging is not supported for architecture \
- ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
-endif # mem_tag_arch_support
-endif # SUPPORT_STACK_MEMTAG
+ ifdef mem_tag_arch_support
+ # Check for armclang and clang compilers
+ ifneq ( ,$(filter $(notdir $(CC)),armclang clang))
+ # Add "memtag" architecture feature modifier if not specified
+ ifeq ( ,$(findstring memtag,$(arch-features)))
+ arch-features := $(arch-features)+memtag
+ endif # memtag
+ ifeq ($(notdir $(CC)),armclang)
+ TF_CFLAGS += -mmemtag-stack
+ else ifeq ($(notdir $(CC)),clang)
+ TF_CFLAGS += -fsanitize=memtag
+ endif # armclang
+ endif
+ else
+ $(error "Error: stack memory tagging is not supported for \
+ architecture ${ARCH},armv${ARM_ARCH_MAJOR}.${ARM_ARCH_MINOR}-a")
+ endif #(mem_tag_arch_support)
+endif #(SUPPORT_STACK_MEMTAG)
# Set the compiler's architecture feature modifiers
ifneq ($(arch-features), none)
-# Strip "none+" from arch-features
-arch-features := $(subst none+,,$(arch-features))
-ifeq ($(ARCH), aarch32)
-march32-directive := $(march32-directive)+$(arch-features)
-else
-march64-directive := $(march64-directive)+$(arch-features)
-endif
+ # Strip "none+" from arch-features
+ arch-features := $(subst none+,,$(arch-features))
+ ifeq ($(ARCH), aarch32)
+ march32-directive := $(march32-directive)+$(arch-features)
+ else
+ march64-directive := $(march64-directive)+$(arch-features)
+ endif
# Print features
-$(info Arm Architecture Features specified: $(subst +, ,$(arch-features)))
-endif # arch-features
-
-# Determine if FEAT_RNG is supported
-ENABLE_FEAT_RNG = $(if $(findstring rng,${arch-features}),1,0)
-
-# Determine if FEAT_SB is supported
-ENABLE_FEAT_SB = $(if $(findstring sb,${arch-features}),1,0)
+ $(info Arm Architecture Features specified: $(subst +, ,$(arch-features)))
+endif #(arch-features)
ifneq ($(findstring clang,$(notdir $(CC))),)
ifneq ($(findstring armclang,$(notdir $(CC))),)
@@ -294,62 +302,65 @@
PP := $(CC) -E $(TF_CFLAGS_$(ARCH))
AS := $(CC) -c -x assembler-with-cpp $(TF_CFLAGS_$(ARCH))
else ifneq ($(findstring gcc,$(notdir $(CC))),)
-TF_CFLAGS_aarch32 = $(march32-directive)
-TF_CFLAGS_aarch64 = $(march64-directive)
-ifeq ($(ENABLE_LTO),1)
- # Enable LTO only for aarch64
- ifeq (${ARCH},aarch64)
- LTO_CFLAGS = -flto
- # Use gcc as a wrapper for the ld, recommended for LTO
- LINKER := ${CROSS_COMPILE}gcc
+ TF_CFLAGS_aarch32 = $(march32-directive)
+ TF_CFLAGS_aarch64 = $(march64-directive)
+ ifeq ($(ENABLE_LTO),1)
+ # Enable LTO only for aarch64
+ ifeq (${ARCH},aarch64)
+ LTO_CFLAGS = -flto
+ # Use gcc as a wrapper for the ld, recommended for LTO
+ LINKER := ${CROSS_COMPILE}gcc
+ endif
endif
-endif
-LD = $(LINKER)
+ LD = $(LINKER)
else
-TF_CFLAGS_aarch32 = $(march32-directive)
-TF_CFLAGS_aarch64 = $(march64-directive)
-LD = $(LINKER)
-endif
+ TF_CFLAGS_aarch32 = $(march32-directive)
+ TF_CFLAGS_aarch64 = $(march64-directive)
+ LD = $(LINKER)
+endif #(clang)
# Process Debug flag
$(eval $(call add_define,DEBUG))
ifneq (${DEBUG}, 0)
- BUILD_TYPE := debug
- TF_CFLAGS += -g -gdwarf-4
- ASFLAGS += -g -Wa,-gdwarf-4
+ BUILD_TYPE := debug
+ TF_CFLAGS += -g -gdwarf-4
+ ASFLAGS += -g -Wa,-gdwarf-4
- # Use LOG_LEVEL_INFO by default for debug builds
- LOG_LEVEL := 40
+ # Use LOG_LEVEL_INFO by default for debug builds
+ LOG_LEVEL := 40
else
- BUILD_TYPE := release
- # Use LOG_LEVEL_NOTICE by default for release builds
- LOG_LEVEL := 20
-endif
+ BUILD_TYPE := release
+ # Use LOG_LEVEL_NOTICE by default for release builds
+ LOG_LEVEL := 20
+endif #(Debug)
# Default build string (git branch and commit)
ifeq (${BUILD_STRING},)
- BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null)
+ BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null)
endif
VERSION_STRING := v${VERSION}(${BUILD_TYPE}):${BUILD_STRING}
ifeq (${AARCH32_INSTRUCTION_SET},A32)
-TF_CFLAGS_aarch32 += -marm
+ TF_CFLAGS_aarch32 += -marm
else ifeq (${AARCH32_INSTRUCTION_SET},T32)
-TF_CFLAGS_aarch32 += -mthumb
+ TF_CFLAGS_aarch32 += -mthumb
else
-$(error Error: Unknown AArch32 instruction set ${AARCH32_INSTRUCTION_SET})
-endif
+ $(error Error: Unknown AArch32 instruction set ${AARCH32_INSTRUCTION_SET})
+endif #(AARCH32_INSTRUCTION_SET)
TF_CFLAGS_aarch32 += -mno-unaligned-access
TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align
ifneq (${BP_OPTION},none)
-TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
-endif
+ TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
+endif #(BP_OPTION)
ASFLAGS_aarch32 = $(march32-directive)
ASFLAGS_aarch64 = $(march64-directive)
+##############################################################################
+# WARNINGS Configuration
+###############################################################################
# General warnings
WARNINGS := -Wall -Wmissing-include-dirs -Wunused \
-Wdisabled-optimization -Wvla -Wshadow \
@@ -395,18 +406,18 @@
# outside of the contributor's control. Don't fail the build on them so warnings
# can be seen and hopefully addressed
ifdef W
-ifneq (${W},0)
-E ?= 0
-endif
+ ifneq (${W},0)
+ E ?= 0
+ endif
endif
ifeq (${W},1)
-WARNINGS += $(WARNING1)
+ WARNINGS += $(WARNING1)
else ifeq (${W},2)
-WARNINGS += $(WARNING1) $(WARNING2)
+ WARNINGS += $(WARNING1) $(WARNING2)
else ifeq (${W},3)
-WARNINGS += $(WARNING1) $(WARNING2) $(WARNING3)
-endif
+ WARNINGS += $(WARNING1) $(WARNING2) $(WARNING3)
+endif #(W)
# Compiler specific warnings
ifeq ($(findstring clang,$(notdir $(CC))),)
@@ -422,12 +433,15 @@
# using clang
WARNINGS += -Wshift-overflow -Wshift-sign-overflow \
-Wlogical-op-parentheses
-endif
+endif #(Clang Warning)
ifneq (${E},0)
-ERRORS := -Werror
-endif
+ ERRORS := -Werror
+endif #(E)
+################################################################################
+# Compiler and Linker Directives
+################################################################################
CPPFLAGS = ${DEFINES} ${INCLUDES} ${MBEDTLS_INC} -nostdinc \
$(ERRORS) $(WARNINGS)
ASFLAGS += $(CPPFLAGS) $(ASFLAGS_$(ARCH)) \
@@ -437,15 +451,14 @@
-ffreestanding -fno-builtin -fno-common \
-Os -std=gnu99
-$(eval $(call add_define,SVE_VECTOR_LEN))
-
ifeq (${SANITIZE_UB},on)
-TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover
-endif
+ TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover
+endif #(${SANITIZE_UB},on)
+
ifeq (${SANITIZE_UB},trap)
-TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover \
+ TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover \
-fsanitize-undefined-trap-on-error
-endif
+endif #(${SANITIZE_UB},trap)
GCC_V_OUTPUT := $(shell $(CC) -v 2>&1)
@@ -453,51 +466,53 @@
# LD = armlink
ifneq ($(findstring armlink,$(notdir $(LD))),)
-TF_LDFLAGS += --diag_error=warning --lto_level=O1
-TF_LDFLAGS += --remove --info=unused,unusedsymbols
-TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
+ TF_LDFLAGS += --diag_error=warning --lto_level=O1
+ TF_LDFLAGS += --remove --info=unused,unusedsymbols
+ TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH))
# LD = gcc (used when GCC LTO is enabled)
else ifneq ($(findstring gcc,$(notdir $(LD))),)
-# Pass ld options with Wl or Xlinker switches
-TF_LDFLAGS += -Wl,--fatal-warnings -O1
-TF_LDFLAGS += -Wl,--gc-sections
+ # Pass ld options with Wl or Xlinker switches
+ TF_LDFLAGS += -Wl,--fatal-warnings -O1
+ TF_LDFLAGS += -Wl,--gc-sections
-TF_LDFLAGS += -Wl,-z,common-page-size=4096 # Configure page size constants
-TF_LDFLAGS += -Wl,-z,max-page-size=4096
+ TF_LDFLAGS += -Wl,-z,common-page-size=4096 #Configure page size constants
+ TF_LDFLAGS += -Wl,-z,max-page-size=4096
-ifeq ($(ENABLE_LTO),1)
- ifeq (${ARCH},aarch64)
- TF_LDFLAGS += -flto -fuse-linker-plugin
- endif
-endif
+ ifeq ($(ENABLE_LTO),1)
+ ifeq (${ARCH},aarch64)
+ TF_LDFLAGS += -flto -fuse-linker-plugin
+ endif
+ endif #(ENABLE_LTO)
+
# GCC automatically adds fix-cortex-a53-843419 flag when used to link
# which breaks some builds, so disable if errata fix is not explicitly enabled
-ifneq (${ERRATA_A53_843419},1)
- TF_LDFLAGS += -mno-fix-cortex-a53-843419
-endif
-TF_LDFLAGS += -nostdlib
-TF_LDFLAGS += $(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
+ ifneq (${ERRATA_A53_843419},1)
+ TF_LDFLAGS += -mno-fix-cortex-a53-843419
+ endif
+ TF_LDFLAGS += -nostdlib
+ TF_LDFLAGS += $(subst --,-Xlinker --,$(TF_LDFLAGS_$(ARCH)))
# LD = gcc-ld (ld) or llvm-ld (ld.lld) or other
else
# With ld.bfd version 2.39 and newer new warnings are added. Skip those since we
# are not loaded by a elf loader.
-TF_LDFLAGS += $(call ld_option, --no-warn-rwx-segments)
-TF_LDFLAGS += -O1
-TF_LDFLAGS += --gc-sections
+ TF_LDFLAGS += $(call ld_option, --no-warn-rwx-segments)
+ TF_LDFLAGS += -O1
+ TF_LDFLAGS += --gc-sections
-TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
-TF_LDFLAGS += -z max-page-size=4096
+ TF_LDFLAGS += -z common-page-size=4096 # Configure page size constants
+ TF_LDFLAGS += -z max-page-size=4096
# ld.lld doesn't recognize the errata flags,
# therefore don't add those in that case.
# ld.lld reports section type mismatch warnings,
# therefore don't add --fatal-warnings to it.
-ifeq ($(findstring ld.lld,$(notdir $(LD))),)
-TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH)) --fatal-warnings
-endif
-endif
+ ifeq ($(findstring ld.lld,$(notdir $(LD))),)
+ TF_LDFLAGS += $(TF_LDFLAGS_$(ARCH)) --fatal-warnings
+ endif
+
+endif #(LD = armlink)
DTC_FLAGS += -I dts -O dtb
DTC_CPPFLAGS += -P -nostdinc -Iinclude -Ifdts -undef \
@@ -525,15 +540,15 @@
ifeq (${ENABLE_PAUTH}, 1)
# arm/common/aarch64/arm_pauth.c contains a sample platform hook to complete the
# Pauth support. As it's not secure, it must be reimplemented for real platforms
-BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
+ BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
endif
ifeq ($(notdir $(CC)),armclang)
-BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
+ BL_COMMON_SOURCES += lib/${ARCH}/armclang_printf.S
endif
ifeq (${SANITIZE_UB},on)
-BL_COMMON_SOURCES += plat/common/ubsan.c
+ BL_COMMON_SOURCES += plat/common/ubsan.c
endif
INCLUDES += -Iinclude \
@@ -548,7 +563,6 @@
################################################################################
# Generic definitions
################################################################################
-
include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk
ifeq (${BUILD_BASE},)
@@ -561,96 +575,97 @@
# Platforms providing their own TBB makefile may override this value
INCLUDE_TBBR_MK := 1
-
################################################################################
# Include SPD Makefile if one has been specified
################################################################################
ifneq (${SPD},none)
- ifeq (${ARCH},aarch32)
- $(error "Error: SPD is incompatible with AArch32.")
- endif
+ ifeq (${ARCH},aarch32)
+ $(error "Error: SPD is incompatible with AArch32.")
+ endif
- ifdef EL3_PAYLOAD_BASE
- $(warning "SPD and EL3_PAYLOAD_BASE are incompatible build options.")
- $(warning "The SPD and its BL32 companion will be present but ignored.")
- endif
+ ifdef EL3_PAYLOAD_BASE
+ $(warning "SPD and EL3_PAYLOAD_BASE are incompatible build options.")
+ $(warning "The SPD and its BL32 companion will be present but \
+ ignored.")
+ endif
- ifeq (${SPD},spmd)
- # SPMD is located in std_svc directory
- SPD_DIR := std_svc
+ ifeq (${SPD},spmd)
+ # SPMD is located in std_svc directory
+ SPD_DIR := std_svc
- ifeq ($(SPMD_SPM_AT_SEL2),1)
- CTX_INCLUDE_EL2_REGS := 1
- ifeq ($(SPMC_AT_EL3),1)
- $(error SPM cannot be enabled in both S-EL2 and EL3.)
- endif
- endif
+ ifeq ($(SPMD_SPM_AT_SEL2),1)
+ CTX_INCLUDE_EL2_REGS := 1
+ ifeq ($(SPMC_AT_EL3),1)
+ $(error SPM cannot be enabled in both S-EL2 and EL3.)
+ endif
+ endif
- ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp)
- DTC_CPPFLAGS += -DOPTEE_SP_FW_CONFIG
- endif
+ ifeq ($(findstring optee_sp,$(ARM_SPMC_MANIFEST_DTS)),optee_sp)
+ DTC_CPPFLAGS += -DOPTEE_SP_FW_CONFIG
+ endif
- ifeq ($(TS_SP_FW_CONFIG),1)
- DTC_CPPFLAGS += -DTS_SP_FW_CONFIG
- endif
+ ifeq ($(TS_SP_FW_CONFIG),1)
+ DTC_CPPFLAGS += -DTS_SP_FW_CONFIG
+ endif
- ifneq ($(ARM_BL2_SP_LIST_DTS),)
- DTC_CPPFLAGS += -DARM_BL2_SP_LIST_DTS=$(ARM_BL2_SP_LIST_DTS)
- endif
+ ifneq ($(ARM_BL2_SP_LIST_DTS),)
+ DTC_CPPFLAGS += -DARM_BL2_SP_LIST_DTS=$(ARM_BL2_SP_LIST_DTS)
+ endif
- ifneq ($(SP_LAYOUT_FILE),)
- BL2_ENABLE_SP_LOAD := 1
- endif
- else
- # All other SPDs in spd directory
- SPD_DIR := spd
- endif
+ ifneq ($(SP_LAYOUT_FILE),)
+ BL2_ENABLE_SP_LOAD := 1
+ endif
+ else
+ # All other SPDs in spd directory
+ SPD_DIR := spd
+ endif #(SPD)
- # We expect to locate an spd.mk under the specified SPD directory
- SPD_MAKE := $(wildcard services/${SPD_DIR}/${SPD}/${SPD}.mk)
+ # We expect to locate an spd.mk under the specified SPD directory
+ SPD_MAKE := $(wildcard services/${SPD_DIR}/${SPD}/${SPD}.mk)
- ifeq (${SPD_MAKE},)
- $(error Error: No services/${SPD_DIR}/${SPD}/${SPD}.mk located)
- endif
- $(info Including ${SPD_MAKE})
- include ${SPD_MAKE}
+ ifeq (${SPD_MAKE},)
+ $(error Error: No services/${SPD_DIR}/${SPD}/${SPD}.mk located)
+ endif
+ $(info Including ${SPD_MAKE})
+ include ${SPD_MAKE}
- # If there's BL32 companion for the chosen SPD, we expect that the SPD's
- # Makefile would set NEED_BL32 to "yes". In this case, the build system
- # supports two mutually exclusive options:
- # * BL32 is built from source: then BL32_SOURCES must contain the list
- # of source files to build BL32
- # * BL32 is a prebuilt binary: then BL32 must point to the image file
- # that will be included in the FIP
- # If both BL32_SOURCES and BL32 are defined, the binary takes precedence
- # over the sources.
-endif
+ # If there's BL32 companion for the chosen SPD, we expect that the SPD's
+ # Makefile would set NEED_BL32 to "yes". In this case, the build system
+ # supports two mutually exclusive options:
+ # * BL32 is built from source: then BL32_SOURCES must contain the list
+ # of source files to build BL32
+ # * BL32 is a prebuilt binary: then BL32 must point to the image file
+ # that will be included in the FIP
+ # If both BL32_SOURCES and BL32 are defined, the binary takes precedence
+ # over the sources.
+endif #(SPD=none)
ifeq (${CTX_INCLUDE_EL2_REGS}, 1)
-ifeq (${SPD},none)
-ifeq (${ENABLE_RME},0)
- $(error CTX_INCLUDE_EL2_REGS is available only when SPD or RME is enabled)
-endif
-endif
+ ifeq (${SPD},none)
+ ifeq (${ENABLE_RME},0)
+ $(error CTX_INCLUDE_EL2_REGS is available only when SPD \
+ or RME is enabled)
+ endif
+ endif
endif
################################################################################
# Include rmmd Makefile if RME is enabled
################################################################################
-
ifneq (${ENABLE_RME},0)
-ifneq (${ARCH},aarch64)
- $(error ENABLE_RME requires AArch64)
-endif
-ifeq ($(SPMC_AT_EL3),1)
- $(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.)
-endif
-ifneq (${SPD}, none)
-ifneq (${SPD}, spmd)
- $(error ENABLE_RME is incompatible with SPD=${SPD}. Use SPD=spmd)
-endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error ENABLE_RME requires AArch64)
+ endif
+ ifeq ($(SPMC_AT_EL3),1)
+ $(error SPMC_AT_EL3 and ENABLE_RME cannot both be enabled.)
+ endif
+
+ ifneq (${SPD}, none)
+ ifneq (${SPD}, spmd)
+ $(error ENABLE_RME is incompatible with SPD=${SPD}. Use SPD=spmd)
+ endif
+ endif
include services/std_svc/rmmd/rmmd.mk
$(warning "RME is an experimental feature")
endif
@@ -669,9 +684,10 @@
ifeq (${RESET_TO_BL2},1)
BL2_RUNS_AT_EL3 := 1
- ifeq (${ENABLE_RME},1)
- $(error RESET_TO_BL2=1 and ENABLE_RME=1 configuration is not supported at the moment.)
- endif
+ ifeq (${ENABLE_RME},1)
+ $(error RESET_TO_BL2=1 and ENABLE_RME=1 configuration is not \
+ supported at the moment.)
+ endif
else ifeq (${ENABLE_RME},1)
BL2_RUNS_AT_EL3 := 1
else
@@ -690,7 +706,7 @@
ifneq ($(findstring gcc,$(notdir $(LD))),)
TF_LDFLAGS += -no-pie
endif
-endif
+endif #(PIE_FOUND)
ifneq ($(findstring gcc,$(notdir $(LD))),)
PIE_LDFLAGS += -Wl,-pie -Wl,--no-dynamic-linker
@@ -699,13 +715,13 @@
endif
ifeq ($(ENABLE_PIE),1)
-ifeq ($(RESET_TO_BL2),1)
-ifneq ($(BL2_IN_XIP_MEM),1)
- BL2_CPPFLAGS += -fpie
- BL2_CFLAGS += -fpie
- BL2_LDFLAGS += $(PIE_LDFLAGS)
-endif
-endif
+ ifeq ($(RESET_TO_BL2),1)
+ ifneq ($(BL2_IN_XIP_MEM),1)
+ BL2_CPPFLAGS += -fpie
+ BL2_CFLAGS += -fpie
+ BL2_LDFLAGS += $(PIE_LDFLAGS)
+ endif #(BL2_IN_XIP_MEM)
+ endif #(RESET_TO_BL2)
BL31_CPPFLAGS += -fpie
BL31_CFLAGS += -fpie
BL31_LDFLAGS += $(PIE_LDFLAGS)
@@ -713,7 +729,7 @@
BL32_CPPFLAGS += -fpie
BL32_CFLAGS += -fpie
BL32_LDFLAGS += $(PIE_LDFLAGS)
-endif
+endif #(ENABLE_PIE)
BL1_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
BL31_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
@@ -721,17 +737,17 @@
BL1_CPPFLAGS += -DIMAGE_AT_EL3
ifeq ($(RESET_TO_BL2),1)
-BL2_CPPFLAGS += -DIMAGE_AT_EL3
+ BL2_CPPFLAGS += -DIMAGE_AT_EL3
else
-BL2_CPPFLAGS += -DIMAGE_AT_EL1
-endif
+ BL2_CPPFLAGS += -DIMAGE_AT_EL1
+endif #(RESET_TO_BL2)
ifeq (${ARCH},aarch64)
-BL2U_CPPFLAGS += -DIMAGE_AT_EL1
-BL31_CPPFLAGS += -DIMAGE_AT_EL3
-BL32_CPPFLAGS += -DIMAGE_AT_EL1
+ BL2U_CPPFLAGS += -DIMAGE_AT_EL1
+ BL31_CPPFLAGS += -DIMAGE_AT_EL3
+ BL32_CPPFLAGS += -DIMAGE_AT_EL1
else
-BL32_CPPFLAGS += -DIMAGE_AT_EL3
+ BL32_CPPFLAGS += -DIMAGE_AT_EL3
endif
# Include the CPU specific operations makefile, which provides default
@@ -739,25 +755,23 @@
# This can be overridden by the platform.
include lib/cpus/cpu-ops.mk
-ifeq (${ARCH},aarch32)
-NEED_BL32 := yes
-
################################################################################
# Build `AARCH32_SP` as BL32 image for AArch32
################################################################################
-ifneq (${AARCH32_SP},none)
-# We expect to locate an sp.mk under the specified AARCH32_SP directory
-AARCH32_SP_MAKE := $(wildcard bl32/${AARCH32_SP}/${AARCH32_SP}.mk)
-
-ifeq (${AARCH32_SP_MAKE},)
- $(error Error: No bl32/${AARCH32_SP}/${AARCH32_SP}.mk located)
-endif
+ifeq (${ARCH},aarch32)
+ NEED_BL32 := yes
-$(info Including ${AARCH32_SP_MAKE})
-include ${AARCH32_SP_MAKE}
-endif
+ ifneq (${AARCH32_SP},none)
+ # We expect to locate an sp.mk under the specified AARCH32_SP directory
+ AARCH32_SP_MAKE := $(wildcard bl32/${AARCH32_SP}/${AARCH32_SP}.mk)
-endif
+ ifeq (${AARCH32_SP_MAKE},)
+ $(error Error: No bl32/${AARCH32_SP}/${AARCH32_SP}.mk located)
+ endif
+ $(info Including ${AARCH32_SP_MAKE})
+ include ${AARCH32_SP_MAKE}
+ endif
+endif #(ARCH=aarch32)
################################################################################
# Include libc if not overridden
@@ -767,226 +781,272 @@
endif
################################################################################
-# Check incompatible options
+# Check incompatible options and dependencies
################################################################################
-ifdef EL3_PAYLOAD_BASE
- ifdef PRELOADED_BL33_BASE
- $(warning "PRELOADED_BL33_BASE and EL3_PAYLOAD_BASE are \
- incompatible build options. EL3_PAYLOAD_BASE has priority.")
- endif
- ifneq (${GENERATE_COT},0)
- $(error "GENERATE_COT and EL3_PAYLOAD_BASE are incompatible build options.")
+# USE_DEBUGFS experimental feature recommended only in debug builds
+ifeq (${USE_DEBUGFS},1)
+ ifeq (${DEBUG},1)
+ $(warning DEBUGFS experimental feature is enabled.)
+ else
+ $(warning DEBUGFS experimental, recommended in DEBUG builds ONLY)
endif
- ifneq (${TRUSTED_BOARD_BOOT},0)
- $(error "TRUSTED_BOARD_BOOT and EL3_PAYLOAD_BASE are incompatible build options.")
+endif #(USE_DEBUGFS)
+
+# USE_SPINLOCK_CAS requires AArch64 build
+ifeq (${USE_SPINLOCK_CAS},1)
+ ifneq (${ARCH},aarch64)
+ $(error USE_SPINLOCK_CAS requires AArch64)
endif
+endif #(USE_SPINLOCK_CAS)
+
+# The cert_create tool cannot generate certificates individually, so we use the
+# target 'certificates' to create them all
+ifneq (${GENERATE_COT},0)
+ FIP_DEPS += certificates
+ FWU_FIP_DEPS += fwu_certificates
endif
+ifneq (${DECRYPTION_SUPPORT},none)
+ ENC_ARGS += -f ${FW_ENC_STATUS}
+ ENC_ARGS += -k ${ENC_KEY}
+ ENC_ARGS += -n ${ENC_NONCE}
+ FIP_DEPS += enctool
+ FWU_FIP_DEPS += enctool
+endif #(DECRYPTION_SUPPORT)
+
+ifdef EL3_PAYLOAD_BASE
+ ifdef PRELOADED_BL33_BASE
+ $(warning "PRELOADED_BL33_BASE and EL3_PAYLOAD_BASE are \
+ incompatible build options. EL3_PAYLOAD_BASE has priority.")
+ endif
+ ifneq (${GENERATE_COT},0)
+ $(error "GENERATE_COT and EL3_PAYLOAD_BASE are incompatible \
+ build options.")
+ endif
+ ifneq (${TRUSTED_BOARD_BOOT},0)
+ $(error "TRUSTED_BOARD_BOOT and EL3_PAYLOAD_BASE are \
+ incompatible \ build options.")
+ endif
+endif #(EL3_PAYLOAD_BASE)
+
ifeq (${NEED_BL33},yes)
- ifdef EL3_PAYLOAD_BASE
+ ifdef EL3_PAYLOAD_BASE
$(warning "BL33 image is not needed when option \
BL33_PAYLOAD_BASE is used and won't be added to the FIP file.")
- endif
- ifdef PRELOADED_BL33_BASE
+ endif
+ ifdef PRELOADED_BL33_BASE
$(warning "BL33 image is not needed when option \
- PRELOADED_BL33_BASE is used and won't be added to the FIP \
- file.")
- endif
-endif
+ PRELOADED_BL33_BASE is used and won't be added to the FIP file.")
+ endif
+endif #(NEED_BL33)
# When building for systems with hardware-assisted coherency, there's no need to
# use USE_COHERENT_MEM. Require that USE_COHERENT_MEM must be set to 0 too.
ifeq ($(HW_ASSISTED_COHERENCY)-$(USE_COHERENT_MEM),1-1)
-$(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
+ $(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
endif
#For now, BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is 1.
ifeq ($(RESET_TO_BL2)-$(BL2_IN_XIP_MEM),0-1)
-$(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
+ $(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
endif
# RAS_EXTENSION is deprecated, provide alternate build options
ifeq ($(RAS_EXTENSION),1)
- $(error "RAS_EXTENSION is now deprecated, please use ENABLE_FEAT_RAS and RAS_FFH_SUPPORT instead")
+ $(error "RAS_EXTENSION is now deprecated, please use ENABLE_FEAT_RAS \
+ and RAS_FFH_SUPPORT instead")
endif
+
# RAS firmware first handling requires that EAs are handled in EL3 first
ifeq ($(RAS_FFH_SUPPORT),1)
- ifneq ($(ENABLE_FEAT_RAS),1)
- $(error For RAS_FFH_SUPPORT, ENABLE_FEAT_RAS must also be 1)
- endif
- ifneq ($(HANDLE_EA_EL3_FIRST_NS),1)
- $(error For RAS_FFH_SUPPORT, HANDLE_EA_EL3_FIRST_NS must also be 1)
- endif
-endif
+ ifneq ($(ENABLE_FEAT_RAS),1)
+ $(error For RAS_FFH_SUPPORT, ENABLE_FEAT_RAS must also be 1)
+ endif
+ ifneq ($(HANDLE_EA_EL3_FIRST_NS),1)
+ $(error For RAS_FFH_SUPPORT, HANDLE_EA_EL3_FIRST_NS must also be 1)
+ endif
+endif #(RAS_FFH_SUPPORT)
+
# When FAULT_INJECTION_SUPPORT is used, require that FEAT_RAS is enabled
ifeq ($(FAULT_INJECTION_SUPPORT),1)
- ifeq ($(ENABLE_FEAT_RAS),0)
- $(error For FAULT_INJECTION_SUPPORT, ENABLE_FEAT_RAS must not be 0)
- endif
-endif
+ ifeq ($(ENABLE_FEAT_RAS),0)
+ $(error For FAULT_INJECTION_SUPPORT, ENABLE_FEAT_RAS must not be 0)
+ endif
+endif #(FAULT_INJECTION_SUPPORT)
# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1
ifeq ($(DYN_DISABLE_AUTH), 1)
- ifeq (${TRUSTED_BOARD_BOOT}, 0)
- $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH to be set.")
- endif
-endif
+ ifeq (${TRUSTED_BOARD_BOOT}, 0)
+ $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH \
+ to be set.")
+ endif
+endif #(DYN_DISABLE_AUTH)
ifeq ($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT),1-1)
# Support authentication verification and hash calculation
- CRYPTO_SUPPORT := 3
+ CRYPTO_SUPPORT := 3
else ifeq ($(DRTM_SUPPORT)-$(TRUSTED_BOARD_BOOT),1-1)
# Support authentication verification and hash calculation
- CRYPTO_SUPPORT := 3
+ CRYPTO_SUPPORT := 3
else ifneq ($(filter 1,${MEASURED_BOOT} ${DRTM_SUPPORT}),)
# Support hash calculation only
- CRYPTO_SUPPORT := 2
+ CRYPTO_SUPPORT := 2
else ifeq (${TRUSTED_BOARD_BOOT},1)
# Support authentication verification only
- CRYPTO_SUPPORT := 1
+ CRYPTO_SUPPORT := 1
else
- CRYPTO_SUPPORT := 0
-endif
+ CRYPTO_SUPPORT := 0
+endif #($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT))
# SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled.
ifeq ($(SDEI_SUPPORT)-$(SDEI_IN_FCONF),0-1)
-$(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
+ $(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
endif
# If pointer authentication is used in the firmware, make sure that all the
# registers associated to it are also saved and restored.
# Not doing it would leak the value of the keys used by EL3 to EL1 and S-EL1.
ifeq ($(ENABLE_PAUTH),1)
- ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
- $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS=1)
- endif
-endif
+ ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
+ $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS=1)
+ endif
+endif #(ENABLE_PAUTH)
ifeq ($(CTX_INCLUDE_PAUTH_REGS),1)
- ifneq (${ARCH},aarch64)
- $(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
- endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
+ endif
+endif #(CTX_INCLUDE_PAUTH_REGS)
ifeq ($(CTX_INCLUDE_MTE_REGS),1)
- ifneq (${ARCH},aarch64)
- $(error CTX_INCLUDE_MTE_REGS requires AArch64)
- endif
-endif
+ ifneq (${ARCH},aarch64)
+ $(error CTX_INCLUDE_MTE_REGS requires AArch64)
+ endif
+endif #(CTX_INCLUDE_MTE_REGS)
ifeq ($(PSA_FWU_SUPPORT),1)
- $(info PSA_FWU_SUPPORT is an experimental feature)
-endif
+ $(info PSA_FWU_SUPPORT is an experimental feature)
+endif #(PSA_FWU_SUPPORT)
ifeq ($(FEATURE_DETECTION),1)
- $(info FEATURE_DETECTION is an experimental feature)
-endif
+ $(info FEATURE_DETECTION is an experimental feature)
+endif #(FEATURE_DETECTION)
ifneq ($(ENABLE_SME2_FOR_NS), 0)
- ifeq (${ENABLE_SME_FOR_NS}, 0)
- $(warning "ENABLE_SME2_FOR_NS requires ENABLE_SME_FOR_NS also to be set")
- $(warning "Forced ENABLE_SME_FOR_NS=1")
- override ENABLE_SME_FOR_NS := 1
- endif
-endif
+ ifeq (${ENABLE_SME_FOR_NS}, 0)
+ $(warning "ENABLE_SME2_FOR_NS requires ENABLE_SME_FOR_NS also \
+ to be set")
+ $(warning "Forced ENABLE_SME_FOR_NS=1")
+ override ENABLE_SME_FOR_NS := 1
+ endif
+endif #(ENABLE_SME2_FOR_NS)
ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1)
- ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
- $(error "ALLOW_RO_XLAT_TABLES requires translation tables library v2")
- endif
-endif
+ ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
+ $(error "ALLOW_RO_XLAT_TABLES requires translation tables \
+ library v2")
+ endif
+endif #(ARM_XLAT_TABLES_LIB_V1)
ifneq (${DECRYPTION_SUPPORT},none)
- ifeq (${TRUSTED_BOARD_BOOT}, 0)
- $(error TRUSTED_BOARD_BOOT must be enabled for DECRYPTION_SUPPORT to be set)
- endif
-endif
+ ifeq (${TRUSTED_BOARD_BOOT}, 0)
+ $(error TRUSTED_BOARD_BOOT must be enabled for DECRYPTION_SUPPORT \
+ to be set)
+ endif
+endif #(DECRYPTION_SUPPORT)
# Ensure that no Aarch64-only features are enabled in Aarch32 build
ifeq (${ARCH},aarch32)
- # SME/SVE only supported on AArch64
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ # SME/SVE only supported on AArch64
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- ifeq (${ENABLE_SVE_FOR_NS},1)
- # Warning instead of error due to CI dependency on this
- $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ ifeq (${ENABLE_SVE_FOR_NS},1)
+ # Warning instead of error due to CI dependency on this
+ $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- # BRBE is not supported in AArch32
- ifeq (${ENABLE_BRBE_FOR_NS},1)
- $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
- endif
+ # BRBE is not supported in AArch32
+ ifeq (${ENABLE_BRBE_FOR_NS},1)
+ $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
+ endif
- # FEAT_RNG_TRAP is not supported in AArch32
- ifeq (${ENABLE_FEAT_RNG_TRAP},1)
- $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
- endif
-endif
+ # FEAT_RNG_TRAP is not supported in AArch32
+ ifeq (${ENABLE_FEAT_RNG_TRAP},1)
+ $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
+ endif
+endif #(ARCH=aarch32)
# Ensure ENABLE_RME is not used with SME
ifeq (${ENABLE_RME},1)
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with ENABLE_RME")
- endif
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with ENABLE_RME")
+ endif
endif
ifneq (${ENABLE_SME_FOR_NS},0)
- ifeq (${ENABLE_SVE_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS requires ENABLE_SVE_FOR_NS")
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS requires ENABLE_SVE_FOR_NS")
+ endif
+endif #(ENABLE_SME_FOR_NS)
# Secure SME/SVE requires the non-secure component as well
ifeq (${ENABLE_SME_FOR_SWD},1)
- ifeq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_SWD requires ENABLE_SME_FOR_NS")
- endif
- ifeq (${ENABLE_SVE_FOR_SWD},0)
- $(error "ENABLE_SME_FOR_SWD requires ENABLE_SVE_FOR_SWD")
- endif
-endif
+ ifeq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_SWD requires ENABLE_SME_FOR_NS")
+ endif
+ ifeq (${ENABLE_SVE_FOR_SWD},0)
+ $(error "ENABLE_SME_FOR_SWD requires ENABLE_SVE_FOR_SWD")
+ endif
+endif #(ENABLE_SME_FOR_SWD)
+
ifeq (${ENABLE_SVE_FOR_SWD},1)
- ifeq (${ENABLE_SVE_FOR_NS},0)
- $(error "ENABLE_SVE_FOR_SWD requires ENABLE_SVE_FOR_NS")
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},0)
+ $(error "ENABLE_SVE_FOR_SWD requires ENABLE_SVE_FOR_NS")
+ endif
+endif #(ENABLE_SVE_FOR_SWD)
# SVE and SME cannot be used with CTX_INCLUDE_FPREGS since secure manager does
# its own context management including FPU registers.
ifeq (${CTX_INCLUDE_FPREGS},1)
- ifneq (${ENABLE_SME_FOR_NS},0)
- $(error "ENABLE_SME_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
- endif
+ ifneq (${ENABLE_SME_FOR_NS},0)
+ $(error "ENABLE_SME_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
+ endif
- ifeq (${ENABLE_SVE_FOR_NS},1)
- # Warning instead of error due to CI dependency on this
- $(warning "ENABLE_SVE_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
- $(warning "Forced ENABLE_SVE_FOR_NS=0")
- override ENABLE_SVE_FOR_NS := 0
- endif
-endif
+ ifeq (${ENABLE_SVE_FOR_NS},1)
+ # Warning instead of error due to CI dependency on this
+ $(warning "ENABLE_SVE_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
+ $(warning "Forced ENABLE_SVE_FOR_NS=0")
+ override ENABLE_SVE_FOR_NS := 0
+ endif
+endif #(CTX_INCLUDE_FPREGS)
ifeq ($(DRTM_SUPPORT),1)
- $(info DRTM_SUPPORT is an experimental feature)
+ $(info DRTM_SUPPORT is an experimental feature)
endif
ifeq (${ENABLE_RME},1)
- ifneq (${SEPARATE_CODE_AND_RODATA},1)
- $(error `ENABLE_RME=1` requires `SEPARATE_CODE_AND_RODATA=1`)
- endif
+ ifneq (${SEPARATE_CODE_AND_RODATA},1)
+ $(error `ENABLE_RME=1` requires `SEPARATE_CODE_AND_RODATA=1`)
+ endif
endif
+# Determine if FEAT_RNG is supported
+ENABLE_FEAT_RNG = $(if $(findstring rng,${arch-features}),1,0)
+
+# Determine if FEAT_SB is supported
+ENABLE_FEAT_SB = $(if $(findstring sb,${arch-features}),1,0)
+
################################################################################
# Process platform overrideable behaviour
################################################################################
ifdef BL1_SOURCES
-NEED_BL1 := yes
-endif
+ NEED_BL1 := yes
+endif #(BL1_SOURCES)
ifdef BL2_SOURCES
NEED_BL2 := yes
@@ -994,64 +1054,64 @@
# Using BL2 implies that a BL33 image also needs to be supplied for the FIP and
# Certificate generation tools. This flag can be overridden by the platform.
ifdef EL3_PAYLOAD_BASE
- # If booting an EL3 payload there is no need for a BL33 image
- # in the FIP file.
- NEED_BL33 := no
- else
- ifdef PRELOADED_BL33_BASE
- # If booting a BL33 preloaded image there is no need of
- # another one in the FIP file.
- NEED_BL33 := no
- else
- NEED_BL33 ?= yes
- endif
- endif
-endif
+ # If booting an EL3 payload there is no need for a BL33 image
+ # in the FIP file.
+ NEED_BL33 := no
+ else
+ ifdef PRELOADED_BL33_BASE
+ # If booting a BL33 preloaded image there is no need of
+ # another one in the FIP file.
+ NEED_BL33 := no
+ else
+ NEED_BL33 ?= yes
+ endif
+ endif
+endif #(BL2_SOURCES)
ifdef BL2U_SOURCES
-NEED_BL2U := yes
-endif
+ NEED_BL2U := yes
+endif #(BL2U_SOURCES)
# If SCP_BL2 is given, we always want FIP to include it.
ifdef SCP_BL2
- NEED_SCP_BL2 := yes
-endif
+ NEED_SCP_BL2 := yes
+endif #(SCP_BL2)
# For AArch32, BL31 is not currently supported.
ifneq (${ARCH},aarch32)
- ifdef BL31_SOURCES
- # When booting an EL3 payload, there is no need to compile the BL31 image nor
- # put it in the FIP.
- ifndef EL3_PAYLOAD_BASE
- NEED_BL31 := yes
- endif
- endif
-endif
+ ifdef BL31_SOURCES
+ # When booting an EL3 payload, there is no need to compile the BL31
+ # image nor put it in the FIP.
+ ifndef EL3_PAYLOAD_BASE
+ NEED_BL31 := yes
+ endif
+ endif
+endif #(ARCH=aarch64)
# Process TBB related flags
ifneq (${GENERATE_COT},0)
- # Common cert_create options
- ifneq (${CREATE_KEYS},0)
+ # Common cert_create options
+ ifneq (${CREATE_KEYS},0)
$(eval CRT_ARGS += -n)
$(eval FWU_CRT_ARGS += -n)
- ifneq (${SAVE_KEYS},0)
+ ifneq (${SAVE_KEYS},0)
$(eval CRT_ARGS += -k)
$(eval FWU_CRT_ARGS += -k)
- endif
- endif
- # Include TBBR makefile (unless the platform indicates otherwise)
- ifeq (${INCLUDE_TBBR_MK},1)
+ endif
+ endif
+ # Include TBBR makefile (unless the platform indicates otherwise)
+ ifeq (${INCLUDE_TBBR_MK},1)
include make_helpers/tbbr/tbbr_tools.mk
- endif
-endif
+ endif
+endif #(GENERATE_COT)
ifneq (${FIP_ALIGN},0)
-FIP_ARGS += --align ${FIP_ALIGN}
-endif
+ FIP_ARGS += --align ${FIP_ALIGN}
+endif #(FIP_ALIGN)
ifdef FDT_SOURCES
-NEED_FDT := yes
-endif
+ NEED_FDT := yes
+endif #(FDT_SOURCES)
################################################################################
# Include libraries' Makefile that are used in all BL
@@ -1060,39 +1120,6 @@
include lib/stack_protector/stack_protector.mk
################################################################################
-# Auxiliary tools (fiptool, cert_create, etc)
-################################################################################
-
-# Variables for use with Certificate Generation Tool
-CRTTOOLPATH ?= tools/cert_create
-CRTTOOL ?= ${CRTTOOLPATH}/cert_create${BIN_EXT}
-
-# Variables for use with Firmware Encryption Tool
-ENCTOOLPATH ?= tools/encrypt_fw
-ENCTOOL ?= ${ENCTOOLPATH}/encrypt_fw${BIN_EXT}
-
-# Variables for use with Firmware Image Package
-FIPTOOLPATH ?= tools/fiptool
-FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
-
-# Variables for use with sptool
-SPTOOLPATH ?= tools/sptool
-SPTOOL ?= ${SPTOOLPATH}/sptool.py
-SP_MK_GEN ?= ${SPTOOLPATH}/sp_mk_generator.py
-
-# Variables for use with ROMLIB
-ROMLIBPATH ?= lib/romlib
-
-# Variable for use with Python
-PYTHON ?= python3
-
-# Variables for use with documentation build using Sphinx tool
-DOCS_PATH ?= docs
-
-# Defination of SIMICS flag
-SIMICS_BUILD ?= 0
-
-################################################################################
# Include BL specific makefiles
################################################################################
@@ -1116,78 +1143,78 @@
# Build options checks
################################################################################
+# Boolean_Flags
$(eval $(call assert_booleans,\
$(sort \
- ALLOW_RO_XLAT_TABLES \
- BL2_ENABLE_SP_LOAD \
- COLD_BOOT_SINGLE_CPU \
- CREATE_KEYS \
- CTX_INCLUDE_AARCH32_REGS \
- CTX_INCLUDE_FPREGS \
- CTX_INCLUDE_EL2_REGS \
- DEBUG \
- DISABLE_MTPMU \
- DYN_DISABLE_AUTH \
- EL3_EXCEPTION_HANDLING \
- ENABLE_AMU_AUXILIARY_COUNTERS \
- ENABLE_AMU_FCONF \
- AMU_RESTRICT_COUNTERS \
- ENABLE_ASSERTIONS \
- ENABLE_FEAT_SB \
- ENABLE_PIE \
- ENABLE_PMF \
- ENABLE_PSCI_STAT \
- ENABLE_RUNTIME_INSTRUMENTATION \
- ENABLE_SME_FOR_SWD \
- ENABLE_SVE_FOR_SWD \
- ERROR_DEPRECATED \
- FAULT_INJECTION_SUPPORT \
- GENERATE_COT \
- GICV2_G0_FOR_EL3 \
- HANDLE_EA_EL3_FIRST_NS \
- HW_ASSISTED_COHERENCY \
- MEASURED_BOOT \
- DRTM_SUPPORT \
- NS_TIMER_SWITCH \
- OVERRIDE_LIBC \
- PL011_GENERIC_UART \
- PLAT_RSS_NOT_SUPPORTED \
- PROGRAMMABLE_RESET_ADDRESS \
- PSCI_EXTENDED_STATE_ID \
- PSCI_OS_INIT_MODE \
- RESET_TO_BL31 \
- SAVE_KEYS \
- SEPARATE_CODE_AND_RODATA \
- SEPARATE_BL2_NOLOAD_REGION \
- SEPARATE_NOBITS_REGION \
- SPIN_ON_BL1_EXIT \
- SPM_MM \
- SPMC_AT_EL3 \
- SPMD_SPM_AT_SEL2 \
- TRUSTED_BOARD_BOOT \
- USE_COHERENT_MEM \
- USE_DEBUGFS \
- ARM_IO_IN_DTB \
- SDEI_IN_FCONF \
- SEC_INT_DESC_IN_FCONF \
- USE_ROMLIB \
- USE_TBBR_DEFS \
- WARMBOOT_ENABLE_DCACHE_EARLY \
- RESET_TO_BL2 \
- BL2_IN_XIP_MEM \
- BL2_INV_DCACHE \
- USE_SPINLOCK_CAS \
- ENCRYPT_BL31 \
- ENCRYPT_BL32 \
- ERRATA_SPECULATIVE_AT \
- RAS_TRAP_NS_ERR_REC_ACCESS \
- COT_DESC_IN_DTB \
- USE_SP804_TIMER \
- PSA_FWU_SUPPORT \
- ENABLE_MPMM \
- ENABLE_MPMM_FCONF \
- SIMICS_BUILD \
- FEATURE_DETECTION \
+ ALLOW_RO_XLAT_TABLES \
+ BL2_ENABLE_SP_LOAD \
+ COLD_BOOT_SINGLE_CPU \
+ CREATE_KEYS \
+ CTX_INCLUDE_AARCH32_REGS \
+ CTX_INCLUDE_FPREGS \
+ CTX_INCLUDE_EL2_REGS \
+ DEBUG \
+ DISABLE_MTPMU \
+ DYN_DISABLE_AUTH \
+ EL3_EXCEPTION_HANDLING \
+ ENABLE_AMU_AUXILIARY_COUNTERS \
+ ENABLE_AMU_FCONF \
+ AMU_RESTRICT_COUNTERS \
+ ENABLE_ASSERTIONS \
+ ENABLE_FEAT_SB \
+ ENABLE_PIE \
+ ENABLE_PMF \
+ ENABLE_PSCI_STAT \
+ ENABLE_RUNTIME_INSTRUMENTATION \
+ ENABLE_SME_FOR_SWD \
+ ENABLE_SVE_FOR_SWD \
+ ERROR_DEPRECATED \
+ FAULT_INJECTION_SUPPORT \
+ GENERATE_COT \
+ GICV2_G0_FOR_EL3 \
+ HANDLE_EA_EL3_FIRST_NS \
+ HW_ASSISTED_COHERENCY \
+ MEASURED_BOOT \
+ DRTM_SUPPORT \
+ NS_TIMER_SWITCH \
+ OVERRIDE_LIBC \
+ PL011_GENERIC_UART \
+ PLAT_RSS_NOT_SUPPORTED \
+ PROGRAMMABLE_RESET_ADDRESS \
+ PSCI_EXTENDED_STATE_ID \
+ PSCI_OS_INIT_MODE \
+ RESET_TO_BL31 \
+ SAVE_KEYS \
+ SEPARATE_CODE_AND_RODATA \
+ SEPARATE_BL2_NOLOAD_REGION \
+ SEPARATE_NOBITS_REGION \
+ SPIN_ON_BL1_EXIT \
+ SPM_MM \
+ SPMC_AT_EL3 \
+ SPMD_SPM_AT_SEL2 \
+ TRUSTED_BOARD_BOOT \
+ USE_COHERENT_MEM \
+ USE_DEBUGFS \
+ ARM_IO_IN_DTB \
+ SDEI_IN_FCONF \
+ SEC_INT_DESC_IN_FCONF \
+ USE_ROMLIB \
+ USE_TBBR_DEFS \
+ WARMBOOT_ENABLE_DCACHE_EARLY \
+ RESET_TO_BL2 \
+ BL2_IN_XIP_MEM \
+ BL2_INV_DCACHE \
+ USE_SPINLOCK_CAS \
+ ENCRYPT_BL31 \
+ ENCRYPT_BL32 \
+ ERRATA_SPECULATIVE_AT \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
+ COT_DESC_IN_DTB \
+ USE_SP804_TIMER \
+ PSA_FWU_SUPPORT \
+ ENABLE_MPMM \
+ ENABLE_MPMM_FCONF \
+ FEATURE_DETECTION \
TRNG_SUPPORT \
ERRATA_ABI_SUPPORT \
ERRATA_NON_ARM_INTERCONNECT \
@@ -1195,52 +1222,53 @@
RAS_FFH_SUPPORT \
)))
+# Numeric_Flags
$(eval $(call assert_numerics,\
$(sort \
- ARM_ARCH_MAJOR \
- ARM_ARCH_MINOR \
- BRANCH_PROTECTION \
- CTX_INCLUDE_PAUTH_REGS \
- CTX_INCLUDE_MTE_REGS \
- CTX_INCLUDE_NEVE_REGS \
- CRYPTO_SUPPORT \
- ENABLE_BRBE_FOR_NS \
- ENABLE_TRBE_FOR_NS \
- ENABLE_BTI \
- ENABLE_PAUTH \
- ENABLE_FEAT_AMU \
- ENABLE_FEAT_AMUv1p1 \
- ENABLE_FEAT_CSV2_2 \
- ENABLE_FEAT_RAS \
- ENABLE_FEAT_DIT \
- ENABLE_FEAT_ECV \
- ENABLE_FEAT_FGT \
- ENABLE_FEAT_HCX \
- ENABLE_FEAT_PAN \
- ENABLE_FEAT_RNG \
- ENABLE_FEAT_RNG_TRAP \
- ENABLE_FEAT_SEL2 \
- ENABLE_FEAT_TCR2 \
- ENABLE_FEAT_S2PIE \
- ENABLE_FEAT_S1PIE \
- ENABLE_FEAT_S2POE \
- ENABLE_FEAT_S1POE \
- ENABLE_FEAT_GCS \
- ENABLE_FEAT_VHE \
- ENABLE_MPAM_FOR_LOWER_ELS \
- ENABLE_RME \
- ENABLE_SPE_FOR_NS \
- ENABLE_SYS_REG_TRACE_FOR_NS \
- ENABLE_SME_FOR_NS \
- ENABLE_SME2_FOR_NS \
- ENABLE_SVE_FOR_NS \
- ENABLE_TRF_FOR_NS \
- FW_ENC_STATUS \
- NR_OF_FW_BANKS \
- NR_OF_IMAGES_IN_FW_BANK \
- TWED_DELAY \
- ENABLE_FEAT_TWED \
- SVE_VECTOR_LEN \
+ ARM_ARCH_MAJOR \
+ ARM_ARCH_MINOR \
+ BRANCH_PROTECTION \
+ CTX_INCLUDE_PAUTH_REGS \
+ CTX_INCLUDE_MTE_REGS \
+ CTX_INCLUDE_NEVE_REGS \
+ CRYPTO_SUPPORT \
+ ENABLE_BRBE_FOR_NS \
+ ENABLE_TRBE_FOR_NS \
+ ENABLE_BTI \
+ ENABLE_PAUTH \
+ ENABLE_FEAT_AMU \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_RAS \
+ ENABLE_FEAT_DIT \
+ ENABLE_FEAT_ECV \
+ ENABLE_FEAT_FGT \
+ ENABLE_FEAT_HCX \
+ ENABLE_FEAT_PAN \
+ ENABLE_FEAT_RNG \
+ ENABLE_FEAT_RNG_TRAP \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
+ ENABLE_FEAT_GCS \
+ ENABLE_FEAT_VHE \
+ ENABLE_MPAM_FOR_LOWER_ELS \
+ ENABLE_RME \
+ ENABLE_SPE_FOR_NS \
+ ENABLE_SYS_REG_TRACE_FOR_NS \
+ ENABLE_SME_FOR_NS \
+ ENABLE_SME2_FOR_NS \
+ ENABLE_SVE_FOR_NS \
+ ENABLE_TRF_FOR_NS \
+ FW_ENC_STATUS \
+ NR_OF_FW_BANKS \
+ NR_OF_IMAGES_IN_FW_BANK \
+ TWED_DELAY \
+ ENABLE_FEAT_TWED \
+ SVE_VECTOR_LEN \
IMPDEF_SYSREG_TRAP \
)))
@@ -1260,162 +1288,162 @@
$(eval $(call add_defines,\
$(sort \
- ALLOW_RO_XLAT_TABLES \
- ARM_ARCH_MAJOR \
- ARM_ARCH_MINOR \
- BL2_ENABLE_SP_LOAD \
- COLD_BOOT_SINGLE_CPU \
- CTX_INCLUDE_AARCH32_REGS \
- CTX_INCLUDE_FPREGS \
- CTX_INCLUDE_PAUTH_REGS \
- EL3_EXCEPTION_HANDLING \
- CTX_INCLUDE_MTE_REGS \
- CTX_INCLUDE_EL2_REGS \
- CTX_INCLUDE_NEVE_REGS \
- DECRYPTION_SUPPORT_${DECRYPTION_SUPPORT} \
- DISABLE_MTPMU \
- ENABLE_FEAT_AMU \
- ENABLE_AMU_AUXILIARY_COUNTERS \
- ENABLE_AMU_FCONF \
- AMU_RESTRICT_COUNTERS \
- ENABLE_ASSERTIONS \
- ENABLE_BTI \
- ENABLE_MPAM_FOR_LOWER_ELS \
- ENABLE_PAUTH \
- ENABLE_PIE \
- ENABLE_PMF \
- ENABLE_PSCI_STAT \
- ENABLE_RME \
- ENABLE_RUNTIME_INSTRUMENTATION \
- ENABLE_SME_FOR_NS \
- ENABLE_SME2_FOR_NS \
- ENABLE_SME_FOR_SWD \
- ENABLE_SPE_FOR_NS \
- ENABLE_SVE_FOR_NS \
- ENABLE_SVE_FOR_SWD \
- ENCRYPT_BL31 \
- ENCRYPT_BL32 \
- ERROR_DEPRECATED \
- FAULT_INJECTION_SUPPORT \
- GICV2_G0_FOR_EL3 \
- HANDLE_EA_EL3_FIRST_NS \
- HW_ASSISTED_COHERENCY \
- LOG_LEVEL \
- MEASURED_BOOT \
- DRTM_SUPPORT \
- NS_TIMER_SWITCH \
- PL011_GENERIC_UART \
- PLAT_${PLAT} \
- PLAT_RSS_NOT_SUPPORTED \
- PROGRAMMABLE_RESET_ADDRESS \
- PSCI_EXTENDED_STATE_ID \
- PSCI_OS_INIT_MODE \
- ENABLE_FEAT_RAS \
- RAS_FFH_SUPPORT \
- RESET_TO_BL31 \
- SEPARATE_CODE_AND_RODATA \
- SEPARATE_BL2_NOLOAD_REGION \
- SEPARATE_NOBITS_REGION \
- RECLAIM_INIT_CODE \
- SPD_${SPD} \
- SPIN_ON_BL1_EXIT \
- SPM_MM \
- SPMC_AT_EL3 \
- SPMD_SPM_AT_SEL2 \
- TRUSTED_BOARD_BOOT \
- CRYPTO_SUPPORT \
- TRNG_SUPPORT \
- ERRATA_ABI_SUPPORT \
+ ALLOW_RO_XLAT_TABLES \
+ ARM_ARCH_MAJOR \
+ ARM_ARCH_MINOR \
+ BL2_ENABLE_SP_LOAD \
+ COLD_BOOT_SINGLE_CPU \
+ CTX_INCLUDE_AARCH32_REGS \
+ CTX_INCLUDE_FPREGS \
+ CTX_INCLUDE_PAUTH_REGS \
+ EL3_EXCEPTION_HANDLING \
+ CTX_INCLUDE_MTE_REGS \
+ CTX_INCLUDE_EL2_REGS \
+ CTX_INCLUDE_NEVE_REGS \
+ DECRYPTION_SUPPORT_${DECRYPTION_SUPPORT} \
+ DISABLE_MTPMU \
+ ENABLE_FEAT_AMU \
+ ENABLE_AMU_AUXILIARY_COUNTERS \
+ ENABLE_AMU_FCONF \
+ AMU_RESTRICT_COUNTERS \
+ ENABLE_ASSERTIONS \
+ ENABLE_BTI \
+ ENABLE_MPAM_FOR_LOWER_ELS \
+ ENABLE_PAUTH \
+ ENABLE_PIE \
+ ENABLE_PMF \
+ ENABLE_PSCI_STAT \
+ ENABLE_RME \
+ ENABLE_RUNTIME_INSTRUMENTATION \
+ ENABLE_SME_FOR_NS \
+ ENABLE_SME2_FOR_NS \
+ ENABLE_SME_FOR_SWD \
+ ENABLE_SPE_FOR_NS \
+ ENABLE_SVE_FOR_NS \
+ ENABLE_SVE_FOR_SWD \
+ ENCRYPT_BL31 \
+ ENCRYPT_BL32 \
+ ERROR_DEPRECATED \
+ FAULT_INJECTION_SUPPORT \
+ GICV2_G0_FOR_EL3 \
+ HANDLE_EA_EL3_FIRST_NS \
+ HW_ASSISTED_COHERENCY \
+ LOG_LEVEL \
+ MEASURED_BOOT \
+ DRTM_SUPPORT \
+ NS_TIMER_SWITCH \
+ PL011_GENERIC_UART \
+ PLAT_${PLAT} \
+ PLAT_RSS_NOT_SUPPORTED \
+ PROGRAMMABLE_RESET_ADDRESS \
+ PSCI_EXTENDED_STATE_ID \
+ PSCI_OS_INIT_MODE \
+ ENABLE_FEAT_RAS \
+ RAS_FFH_SUPPORT \
+ RESET_TO_BL31 \
+ SEPARATE_CODE_AND_RODATA \
+ SEPARATE_BL2_NOLOAD_REGION \
+ SEPARATE_NOBITS_REGION \
+ RECLAIM_INIT_CODE \
+ SPD_${SPD} \
+ SPIN_ON_BL1_EXIT \
+ SPM_MM \
+ SPMC_AT_EL3 \
+ SPMD_SPM_AT_SEL2 \
+ TRUSTED_BOARD_BOOT \
+ CRYPTO_SUPPORT \
+ TRNG_SUPPORT \
+ ERRATA_ABI_SUPPORT \
ERRATA_NON_ARM_INTERCONNECT \
- USE_COHERENT_MEM \
- USE_DEBUGFS \
- ARM_IO_IN_DTB \
- SDEI_IN_FCONF \
- SEC_INT_DESC_IN_FCONF \
- USE_ROMLIB \
- USE_TBBR_DEFS \
- WARMBOOT_ENABLE_DCACHE_EARLY \
- RESET_TO_BL2 \
- BL2_RUNS_AT_EL3 \
- BL2_IN_XIP_MEM \
- BL2_INV_DCACHE \
- USE_SPINLOCK_CAS \
- ERRATA_SPECULATIVE_AT \
- RAS_TRAP_NS_ERR_REC_ACCESS \
- COT_DESC_IN_DTB \
- USE_SP804_TIMER \
- ENABLE_FEAT_RNG \
- ENABLE_FEAT_RNG_TRAP \
- ENABLE_FEAT_SB \
- ENABLE_FEAT_DIT \
- NR_OF_FW_BANKS \
- NR_OF_IMAGES_IN_FW_BANK \
- PSA_FWU_SUPPORT \
- ENABLE_BRBE_FOR_NS \
- ENABLE_TRBE_FOR_NS \
- ENABLE_SYS_REG_TRACE_FOR_NS \
- ENABLE_TRF_FOR_NS \
- ENABLE_FEAT_HCX \
- ENABLE_MPMM \
- ENABLE_MPMM_FCONF \
- ENABLE_FEAT_FGT \
- ENABLE_FEAT_ECV \
- SIMICS_BUILD \
- ENABLE_FEAT_AMUv1p1 \
- ENABLE_FEAT_SEL2 \
- ENABLE_FEAT_VHE \
- ENABLE_FEAT_CSV2_2 \
- ENABLE_FEAT_PAN \
- ENABLE_FEAT_TCR2 \
- ENABLE_FEAT_S2PIE \
- ENABLE_FEAT_S1PIE \
- ENABLE_FEAT_S2POE \
- ENABLE_FEAT_S1POE \
- ENABLE_FEAT_GCS \
- FEATURE_DETECTION \
- TWED_DELAY \
- ENABLE_FEAT_TWED \
+ USE_COHERENT_MEM \
+ USE_DEBUGFS \
+ ARM_IO_IN_DTB \
+ SDEI_IN_FCONF \
+ SEC_INT_DESC_IN_FCONF \
+ USE_ROMLIB \
+ USE_TBBR_DEFS \
+ WARMBOOT_ENABLE_DCACHE_EARLY \
+ RESET_TO_BL2 \
+ BL2_RUNS_AT_EL3 \
+ BL2_IN_XIP_MEM \
+ BL2_INV_DCACHE \
+ USE_SPINLOCK_CAS \
+ ERRATA_SPECULATIVE_AT \
+ RAS_TRAP_NS_ERR_REC_ACCESS \
+ COT_DESC_IN_DTB \
+ USE_SP804_TIMER \
+ ENABLE_FEAT_RNG \
+ ENABLE_FEAT_RNG_TRAP \
+ ENABLE_FEAT_SB \
+ ENABLE_FEAT_DIT \
+ NR_OF_FW_BANKS \
+ NR_OF_IMAGES_IN_FW_BANK \
+ PSA_FWU_SUPPORT \
+ ENABLE_BRBE_FOR_NS \
+ ENABLE_TRBE_FOR_NS \
+ ENABLE_SYS_REG_TRACE_FOR_NS \
+ ENABLE_TRF_FOR_NS \
+ ENABLE_FEAT_HCX \
+ ENABLE_MPMM \
+ ENABLE_MPMM_FCONF \
+ ENABLE_FEAT_FGT \
+ ENABLE_FEAT_ECV \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_VHE \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_PAN \
+ ENABLE_FEAT_TCR2 \
+ ENABLE_FEAT_S2PIE \
+ ENABLE_FEAT_S1PIE \
+ ENABLE_FEAT_S2POE \
+ ENABLE_FEAT_S1POE \
+ ENABLE_FEAT_GCS \
+ FEATURE_DETECTION \
+ TWED_DELAY \
+ ENABLE_FEAT_TWED \
CONDITIONAL_CMO \
IMPDEF_SYSREG_TRAP \
+ SVE_VECTOR_LEN \
)))
ifeq (${SANITIZE_UB},trap)
$(eval $(call add_define,MONITOR_TRAPS))
-endif
+endif #(SANITIZE_UB)
# Define the EL3_PAYLOAD_BASE flag only if it is provided.
ifdef EL3_PAYLOAD_BASE
$(eval $(call add_define,EL3_PAYLOAD_BASE))
else
- # Define the PRELOADED_BL33_BASE flag only if it is provided and
- # EL3_PAYLOAD_BASE is not defined, as it has priority.
- ifdef PRELOADED_BL33_BASE
+# Define the PRELOADED_BL33_BASE flag only if it is provided and
+# EL3_PAYLOAD_BASE is not defined, as it has priority.
+ ifdef PRELOADED_BL33_BASE
$(eval $(call add_define,PRELOADED_BL33_BASE))
- endif
-endif
+ endif
+endif #(EL3_PAYLOAD_BASE)
# Define the DYN_DISABLE_AUTH flag only if set.
ifeq (${DYN_DISABLE_AUTH},1)
-$(eval $(call add_define,DYN_DISABLE_AUTH))
+ $(eval $(call add_define,DYN_DISABLE_AUTH))
endif
ifneq ($(findstring armlink,$(notdir $(LD))),)
-$(eval $(call add_define,USE_ARM_LINK))
+ $(eval $(call add_define,USE_ARM_LINK))
endif
# Generate and include sp_gen.mk if SPD is spmd and SP_LAYOUT_FILE is defined
ifeq (${SPD},spmd)
ifdef SP_LAYOUT_FILE
- -include $(BUILD_PLAT)/sp_gen.mk
- FIP_DEPS += sp
- CRT_DEPS += sp
- NEED_SP_PKG := yes
+ -include $(BUILD_PLAT)/sp_gen.mk
+ FIP_DEPS += sp
+ CRT_DEPS += sp
+ NEED_SP_PKG := yes
else
- ifeq (${SPMD_SPM_AT_SEL2},1)
- $(error "SPMD with SPM at S-EL2 require SP_LAYOUT_FILE")
- endif
-endif
-endif
+ ifeq (${SPMD_SPM_AT_SEL2},1)
+ $(error "SPMD with SPM at S-EL2 require SP_LAYOUT_FILE")
+ endif
+endif #(SP_LAYOUT_FILE)
+endif #(SPD)
################################################################################
# Build targets
@@ -1436,7 +1464,7 @@
else
CPPFLAGS += -Wno-error=deprecated-declarations -Wno-error=cpp
endif
-endif # !ERROR_DEPRECATED
+endif #(!ERROR_DEPRECATED)
$(eval $(call MAKE_LIB_DIRS))
$(eval $(call MAKE_LIB,c))
@@ -1444,11 +1472,11 @@
# Expand build macros for the different images
ifeq (${NEED_BL1},yes)
BL1_SOURCES := $(sort ${BL1_SOURCES})
-
$(eval $(call MAKE_BL,bl1))
-endif
+endif #(NEED_BL1)
ifeq (${NEED_BL2},yes)
+
ifeq (${RESET_TO_BL2}, 0)
FIP_BL2_ARGS := tb-fw
endif
@@ -1457,11 +1485,12 @@
$(if ${BL2}, $(eval $(call TOOL_ADD_IMG,bl2,--${FIP_BL2_ARGS})),\
$(eval $(call MAKE_BL,bl2,${FIP_BL2_ARGS})))
-endif
+
+endif #(NEED_BL2)
ifeq (${NEED_SCP_BL2},yes)
$(eval $(call TOOL_ADD_IMG,scp_bl2,--scp-fw))
-endif
+endif #(NEED_SCP_BL2)
ifeq (${NEED_BL31},yes)
BL31_SOURCES += ${SPD_SOURCES}
@@ -1473,8 +1502,8 @@
else
$(if ${BL31}, $(eval $(call TOOL_ADD_IMG,bl31,--soc-fw)),\
$(eval $(call MAKE_BL,bl31,soc-fw)))
-endif
-endif
+endif #(DECRYPTION_SUPPORT)
+endif #(NEED_BL31)
# If a BL32 image is needed but neither BL32 nor BL32_SOURCES is defined, the
# build system will call TOOL_ADD_IMG to print a warning message and abort the
@@ -1490,8 +1519,8 @@
else
$(if ${BUILD_BL32}, $(eval $(call MAKE_BL,bl32,tos-fw)),\
$(eval $(call TOOL_ADD_IMG,bl32,--tos-fw)))
-endif
-endif
+endif #(DECRYPTION_SUPPORT)
+endif #(NEED_BL32)
# If RMM image is needed but RMM is not defined, Test Realm Payload (TRP)
# needs to be built from RMM_SOURCES.
@@ -1501,23 +1530,23 @@
BUILD_RMM := $(if $(RMM),,$(if $(RMM_SOURCES),1))
$(if ${BUILD_RMM}, $(eval $(call MAKE_BL,rmm,rmm-fw)),\
- $(eval $(call TOOL_ADD_IMG,rmm,--rmm-fw)))
-endif
+ $(eval $(call TOOL_ADD_IMG,rmm,--rmm-fw)))
+endif #(NEED_RMM)
# Add the BL33 image if required by the platform
ifeq (${NEED_BL33},yes)
$(eval $(call TOOL_ADD_IMG,bl33,--nt-fw))
-endif
+endif #(NEED_BL33)
ifeq (${NEED_BL2U},yes)
$(if ${BL2U}, $(eval $(call TOOL_ADD_IMG,bl2u,--ap-fwu-cfg,FWU_)),\
$(eval $(call MAKE_BL,bl2u,ap-fwu-cfg,FWU_)))
-endif
+endif #(NEED_BL2U)
# Expand build macros for the different images
ifeq (${NEED_FDT},yes)
$(eval $(call MAKE_DTBS,$(BUILD_PLAT)/fdts,$(FDT_SOURCES)))
-endif
+endif #(NEED_FDT)
# Add Secure Partition packages
ifeq (${NEED_SP_PKG},yes)
@@ -1527,7 +1556,7 @@
@${ECHO_BLANK_LINE}
@echo "Built SP Images successfully"
@${ECHO_BLANK_LINE}
-endif
+endif #(NEED_SP_PKG)
locate-checkpatch:
ifndef CHECKPATCH
@@ -1536,7 +1565,7 @@
ifeq (,$(wildcard ${CHECKPATCH}))
$(error "The file CHECKPATCH points to cannot be found, use eg: CHECKPATCH=../linux/scripts/checkpatch.pl")
endif
-endif
+endif #(CHECKPATCH)
clean:
@echo " CLEAN"
@@ -1547,7 +1576,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) clean
-endif
+endif #(UNIX_MK)
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} clean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
@@ -1562,7 +1591,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL)) realclean
-endif
+endif #(UNIX_MK)
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} realclean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${ENCTOOLPATH} realclean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
@@ -1616,7 +1645,7 @@
@echo "Built $@ successfully"
@echo "Certificates can be found in ${BUILD_PLAT}"
@${ECHO_BLANK_LINE}
-endif
+endif #(GENERATE_COT)
${BUILD_PLAT}/${FIP_NAME}: ${FIP_DEPS} ${FIPTOOL}
$(eval ${CHECK_FIP_CMD})
@@ -1633,7 +1662,7 @@
@echo "Built $@ successfully"
@echo "FWU certificates can be found in ${BUILD_PLAT}"
@${ECHO_BLANK_LINE}
-endif
+endif #(GENERATE_COT)
${BUILD_PLAT}/${FWU_FIP_NAME}: ${FWU_FIP_DEPS} ${FIPTOOL}
$(eval ${CHECK_FWU_FIP_CMD})
@@ -1654,7 +1683,7 @@
# Clear the MAKEFLAGS as we do not want
# to pass the gnumake flags to nmake.
${Q}set MAKEFLAGS= && ${MSVC_NMAKE} /nologo /f ${FIPTOOLPATH}/Makefile.msvc FIPTOOLPATH=$(subst /,\,$(FIPTOOLPATH)) FIPTOOL=$(subst /,\,$(FIPTOOL))
-endif
+endif #(UNIX_MK)
romlib.bin: libraries FORCE
${Q}${MAKE} PLAT_DIR=${PLAT_DIR} BUILD_PLAT=${BUILD_PLAT} ENABLE_BTI=${ENABLE_BTI} ARM_ARCH_MINOR=${ARM_ARCH_MINOR} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index 8bcf94e..851ac47 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -519,7 +519,8 @@
* flags using the appropriate helper.
*/
2:
- bfi x7, x0, #FUNCID_SVE_HINT_SHIFT, #FUNCID_SVE_HINT_MASK
+ and x16, x0, #(FUNCID_SVE_HINT_MASK << FUNCID_SVE_HINT_SHIFT)
+ orr x7, x7, x16
bic x0, x0, #(FUNCID_SVE_HINT_MASK << FUNCID_SVE_HINT_SHIFT)
/* Get the unique owning entity number */
diff --git a/changelog.yaml b/changelog.yaml
index 4703979..f21aa16 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -244,6 +244,13 @@
- title: Corstone-1000
scope: corstone-1000
+ - title: Aspeed
+ scope: aspeed
+
+ subsections:
+ - title: AST2700
+ scope: ast2700
+
- title: Broadcom
scope: brcm
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index b591f2a..663859f 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -527,6 +527,15 @@
:|G|: `rupsin01`_
:|F|: plat/arm/board/tc
+Aspeed platform port
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+:|M|: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
+:|G|: `ChiaweiW`_
+:|M|: Neal Liu <neal_liu@aspeedtech.com>
+:|G|: `Neal-liu`_
+:|F|: docs/plat/ast2700.rst
+:|F|: plat/aspeed/
+
HiSilicon HiKey and HiKey960 platform ports
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:|M|: Haojian Zhuang <haojian.zhuang@linaro.org>
@@ -983,3 +992,5 @@
.. _bytefire: https://github.com/bytefire
.. _rupsin01: https://github.com/rupsin01
.. _jimmy-brisson: https://github.com/theotherjimmy
+.. _ChiaweiW: https://github.com/chiaweiw
+.. _Neal-liu: https://github.com/neal-liu
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index 758d62b..ecbefdd 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -53,7 +53,7 @@
errata workaround is ``ERRATA_<Processor name>_<ID>``, where the ``Processor name``
is for example ``A57`` for the ``Cortex_A57`` CPU.
-Refer to :ref:`firmware_design_cpu_errata_reporting` for information on how to
+Refer to :ref:`firmware_design_cpu_errata_implementation` for information on how to
write errata workaround functions.
All workarounds are disabled by default. The platform is responsible for
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index 50839bd..131cca1 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -9,12 +9,12 @@
to the stage where it hands-off control to firmware running in the normal
world in DRAM. This is the cold boot path.
-TF-A also implements the `Power State Coordination Interface PDD`_ as a
-runtime service. PSCI is the interface from normal world software to firmware
-implementing power management use-cases (for example, secondary CPU boot,
-hotplug and idle). Normal world software can access TF-A runtime services via
-the Arm SMC (Secure Monitor Call) instruction. The SMC instruction must be
-used as mandated by the SMC Calling Convention (`SMCCC`_).
+TF-A also implements the `PSCI`_ as a runtime service. PSCI is the interface
+from normal world software to firmware implementing power management use-cases
+(for example, secondary CPU boot, hotplug and idle). Normal world software can
+access TF-A runtime services via the Arm SMC (Secure Monitor Call) instruction.
+The SMC instruction must be used as mandated by the SMC Calling Convention
+(`SMCCC`_).
TF-A implements a framework for configuring and managing interrupts generated
in either security state. The details of the interrupt management framework
@@ -400,8 +400,7 @@
memory with the entrypoint and Saved Program Status Register (``SPSR``) of the
normal world software image. The entrypoint is the load address of the BL33
image. The ``SPSR`` is determined as specified in Section 5.13 of the
-`Power State Coordination Interface PDD`_. This information is passed to the
-EL3 Runtime Software.
+`PSCI`_. This information is passed to the EL3 Runtime Software.
AArch64 BL31 (EL3 Runtime Software) execution
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -952,8 +951,8 @@
The PSCI v1.1 specification categorizes APIs as optional and mandatory. All the
mandatory APIs in PSCI v1.1, PSCI v1.0 and in PSCI v0.2 draft specification
-`Power State Coordination Interface PDD`_ are implemented. The table lists
-the PSCI v1.1 APIs and their support in generic code.
+`PSCI`_ are implemented. The table lists the PSCI v1.1 APIs and their support
+in generic code.
An API implementation might have a dependency on platform code e.g. CPU_SUSPEND
requires the platform to export a part of the implementation. Hence the level
@@ -1245,8 +1244,9 @@
handling functions.
Details for implementing a CPU specific reset handler can be found in
-Section 8. Details for implementing a platform specific reset handler can be
-found in the :ref:`Porting Guide` (see the ``plat_reset_handler()`` function).
+:ref:`firmware_design_cpu_specific_reset_handling`. Details for implementing a
+platform specific reset handler can be found in the :ref:`Porting Guide` (see
+the``plat_reset_handler()`` function).
When adding functionality to a reset handler, keep in mind that if a different
reset handling behavior is required between the first and the subsequent
@@ -1340,12 +1340,38 @@
the platform makefile. The generic CPU specific operations framework code exists
in ``lib/cpus/aarch64/cpu_helpers.S``.
+CPU PCS
+~~~~~~~
+
+All assembly functions in CPU files are asked to follow a modified version of
+the Procedure Call Standard (PCS) in their internals. This is done to ensure
+calling these functions from outside the file doesn't unexpectedly corrupt
+registers in the very early environment and to help the internals to be easier
+to understand. Please see the :ref:`firmware_design_cpu_errata_implementation`
+for any function specific restrictions.
+
++--------------+---------------------------------+
+| register | use |
++==============+=================================+
+| x0 - x15 | scratch |
++--------------+---------------------------------+
+| x16, x17 | do not use (used by the linker) |
++--------------+---------------------------------+
+| x18 | do not use (platform register) |
++--------------+---------------------------------+
+| x19 - x28 | callee saved |
++--------------+---------------------------------+
+| x29, x30 | FP, LR |
++--------------+---------------------------------+
+
+.. _firmware_design_cpu_specific_reset_handling:
+
CPU specific Reset Handling
~~~~~~~~~~~~~~~~~~~~~~~~~~~
After a reset, the state of the CPU when it calls generic reset handler is:
-MMU turned off, both instruction and data caches turned off and not part
-of any coherency domain.
+MMU turned off, both instruction and data caches turned off, not part
+of any coherency domain and no stack.
The BL entrypoint code first invokes the ``plat_reset_handler()`` to allow
the platform to perform any system initialization required and any system
@@ -1355,10 +1381,9 @@
in midr are used to find the matching ``cpu_ops`` entry. The ``reset_func()`` in
the returned ``cpu_ops`` is then invoked which executes the required reset
handling for that CPU and also any errata workarounds enabled by the platform.
-This function must preserve the values of general purpose registers x20 to x29.
-Refer to Section "Guidelines for Reset Handlers" for general guidelines
-regarding placement of code in a reset handler.
+It should be defined using the ``cpu_reset_func_{start,end}`` macros and its
+body may only clobber x0 to x14 with x14 being the cpu_rev parameter.
CPU specific power down sequence
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -1391,10 +1416,10 @@
be reported and a pointer to the ASCII list of register names in a format
expected by the crash reporting framework.
-.. _firmware_design_cpu_errata_reporting:
+.. _firmware_design_cpu_errata_implementation:
-CPU errata status reporting
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
+CPU errata implementation
+~~~~~~~~~~~~~~~~~~~~~~~~~
Errata workarounds for CPUs supported in TF-A are applied during both cold and
warm boots, shortly after reset. Individual Errata workarounds are enabled as
@@ -1402,59 +1427,92 @@
therefore some are enabled by default, others not. Platform ports shall
override build options to enable or disable errata as appropriate. The CPU
drivers take care of applying errata workarounds that are enabled and applicable
-to a given CPU. Refer to :ref:`arm_cpu_macros_errata_workarounds` for more
-information.
+to a given CPU.
-Functions in CPU drivers that apply errata workaround must follow the
-conventions listed below.
+Each erratum has a build flag in ``lib/cpus/cpu-ops.mk`` of the form:
+``ERRATA_<cpu_num>_<erratum_id>``. It also has a short description in
+:ref:`arm_cpu_macros_errata_workarounds` on when it should apply.
-The errata workaround must be authored as two separate functions:
+Errata framework
+^^^^^^^^^^^^^^^^
-- One that checks for errata. This function must determine whether that errata
- applies to the current CPU. Typically this involves matching the current
- CPUs revision and variant against a value that's known to be affected by the
- errata. If the function determines that the errata applies to this CPU, it
- must return ``ERRATA_APPLIES``; otherwise, it must return
- ``ERRATA_NOT_APPLIES``. The utility functions ``cpu_get_rev_var`` and
- ``cpu_rev_var_ls`` functions may come in handy for this purpose.
+The errata framework is a convention and a small library to allow errata to be
+automatically discovered. It enables compliant errata to be automatically
+applied and reported at runtime (either by status reporting or the errata ABI).
-For an errata identified as ``E``, the check function must be named
-``check_errata_E``.
+To write a compliant mitigation for erratum number ``erratum_id`` on a cpu that
+declared itself (with ``declare_cpu_ops``) as ``cpu_name`` one needs 3 things:
-This function will be invoked at different times, both from assembly and from
-C run time. Therefore it must follow AAPCS, and must not use stack.
+#. A CPU revision checker function: ``check_erratum_<cpu_name>_<erratum_id>``
-- Another one that applies the errata workaround. This function would call the
- check function described above, and applies errata workaround if required.
+ It should check whether this erratum applies on this revision of this CPU.
+ It will be called with the CPU revision as its first parameter (x0) and
+ should return one of ``ERRATA_APPLIES`` or ``ERRATA_NOT_APPLIES``.
-CPU drivers that apply errata workaround can optionally implement an assembly
-function that report the status of errata workarounds pertaining to that CPU.
-For a driver that registers the CPU, for example, ``cpux`` via ``declare_cpu_ops``
-macro, the errata reporting function, if it exists, must be named
-``cpux_errata_report``. This function will always be called with MMU enabled; it
-must follow AAPCS and may use stack.
+ It may only clobber x0 to x4. The rest should be treated as callee-saved.
-In a debug build of TF-A, on a CPU that comes out of reset, both BL1 and the
-runtime firmware (BL31 in AArch64, and BL32 in AArch32) will invoke errata
-status reporting function, if one exists, for that type of CPU.
+#. A workaround function: ``erratum_<cpu_name>_<erratum_id>_wa``
+
+ It should obtain the cpu revision (with ``cpu_get_rev_var``), call its
+ revision checker, and perform the mitigation, should the erratum apply.
-To report the status of each errata workaround, the function shall use the
-assembler macro ``report_errata``, passing it:
+ It may only clobber x0 to x8. The rest should be treated as callee-saved.
-- The build option that enables the errata;
+#. Register itself to the framework
-- The name of the CPU: this must be the same identifier that CPU driver
- registered itself with, using ``declare_cpu_ops``;
+ Do this with
+ ``add_erratum_entry <cpu_name>, ERRATUM(<erratum_id>), <errata_flag>``
+ where the ``errata_flag`` is the enable flag in ``cpu-ops.mk`` described
+ above.
-- And the errata identifier: the identifier must match what's used in the
- errata's check function described above.
+See the next section on how to do this easily.
-The errata status reporting function will be called once per CPU type/errata
-combination during the software's active life time.
+.. note::
+
+ CVEs have the format ``CVE_<year>_<number>``. To fit them in the framework, the
+ ``erratum_id`` for the checker and the workaround functions become the
+ ``number`` part of its name and the ``ERRATUM(<number>)`` part of the
+ registration should instead be ``CVE(<year>, <number>)``. In the extremely
+ unlikely scenario where a CVE and an erratum numbers clash, the CVE number
+ should be prefixed with a zero.
+
+ Also, their build flag should be ``WORKAROUND_CVE_<year>_<number>``.
-It's expected that whenever an errata workaround is submitted to TF-A, the
-errata reporting function is appropriately extended to report its status as
-well.
+.. note::
+
+ AArch32 uses the legacy convention. The checker function has the format
+ ``check_errata_<erratum_id>`` and the workaround has the format
+ ``errata_<cpu_number>_<erratum_id>_wa`` where ``cpu_number`` is the shortform
+ letter and number name of the CPU.
+
+ For CVEs the ``erratum_id`` also becomes ``cve_<year>_<number>``.
+
+Errata framework helpers
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+Writing these errata involves lots of boilerplate and repetitive code. On
+AArch64 there are helpers to omit most of this. They are located in
+``include/lib/cpus/aarch64/cpu_macros.S`` and the preferred way to implement
+errata. Please see their comments on how to use them.
+
+The most common type of erratum workaround, one that just sets a "chicken" bit
+in some arbitrary register, would have an implementation for the Cortex-A77,
+erratum #1925769 like::
+
+ workaround_reset_start cortex_a77, ERRATUM(1925769), ERRATA_A77_1925769
+ sysreg_bit_set CORTEX_A77_CPUECTLR_EL1, CORTEX_A77_CPUECTLR_EL1_BIT_8
+ workaround_reset_end cortex_a77, ERRATUM(1925769)
+
+ check_erratum_ls cortex_a77, ERRATUM(1925769), CPU_REV(1, 1)
+
+Status reporting
+^^^^^^^^^^^^^^^^
+
+In a debug build of TF-A, on a CPU that comes out of reset, both BL1 and the
+runtime firmware (BL31 in AArch64, and BL32 in AArch32) will invoke a generic
+errata status reporting function. It will read the ``errata_entries`` list of
+that cpu and will report whether each known erratum was applied and, if not,
+whether it should have been.
Reporting the status of errata workaround is for informational purpose only; it
has no functional significance.
@@ -2731,7 +2789,7 @@
- `Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A (ARM DEN0006D)`_
-- `Power State Coordination Interface PDD`_
+- `PSCI`_
- `SMC Calling Convention`_
@@ -2741,10 +2799,8 @@
*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
-.. _Power State Coordination Interface PDD: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
-.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
-.. _Power State Coordination Interface PDD: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
+.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
.. _Arm ARM: https://developer.arm.com/docs/ddi0487/latest
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
.. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A (ARM DEN0006D): https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 4eafb39..c8ff7d5 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -531,7 +531,8 @@
through feature specific build flags are supported by the PE or not by
validating them either at boot phase or at runtime based on the value
possessed by the feature flag (0 to 2) and report error messages at an early
- stage.
+ stage. This flag will also enable errata ordering checking for ``DEBUG``
+ builds.
This prevents and benefits us from EL3 runtime exceptions during context save
and restore routines guarded by these build flags. Henceforth validating them
diff --git a/docs/getting_started/psci-lib-integration-guide.rst b/docs/getting_started/psci-lib-integration-guide.rst
index 4d690a9..7e4b0db 100644
--- a/docs/getting_started/psci-lib-integration-guide.rst
+++ b/docs/getting_started/psci-lib-integration-guide.rst
@@ -3,7 +3,7 @@
This document describes the PSCI library interface with a focus on how to
integrate with a suitable Trusted OS for an Armv8-A AArch32 system. The PSCI
-Library implements the PSCI Standard as described in `PSCI spec`_ and is meant
+Library implements the PSCI Standard as described in `PSCI`_ and is meant
to be integrated with EL3 Runtime Software which invokes the PSCI Library
interface appropriately. **EL3 Runtime Software** refers to software executing
at the highest secure privileged mode, which is EL3 in AArch64 or Secure SVC/
@@ -74,7 +74,7 @@
---------------------------
PSCI library is in charge of initializing/restoring the non-secure CPU system
-registers according to `PSCI specification`_ during cold/warm boot.
+registers according to `PSCI`_ during cold/warm boot.
This is referred to as ``PSCI CPU Context Management``. Registers that need to
be preserved across CPU power down/power up cycles are maintained in
``cpu_context_t`` data structure. The initialization of other non-secure CPU
@@ -120,8 +120,8 @@
PSCI Library Interface
----------------------
-The PSCI library implements the `PSCI Specification`_. The interfaces
-to this library are declared in ``psci_lib.h`` and are as listed below:
+The PSCI library implements the `PSCI`_. The interfaces to this library are
+declared in ``psci_lib.h`` and are as listed below:
.. code:: c
@@ -254,7 +254,7 @@
argument) determines the PSCI API to be called. The ``x1`` to ``x4`` (2nd to 5th
arguments), are the values of the registers r1 - r4 (in AArch32) or x1 - x4
(in AArch64) when the SMC is received. These are the arguments to PSCI API as
-described in `PSCI spec`_. The 'flags' (8th argument) is a bit field parameter
+described in `PSCI`_. The 'flags' (8th argument) is a bit field parameter
and is detailed in 'smccc.h' header. It includes whether the call is from the
secure or non-secure world. The ``cookie`` (6th argument) and the ``handle``
(7th argument) are not used and are reserved for future use.
@@ -273,7 +273,7 @@
Return : void
This function performs the warm boot initialization/restoration as mandated by
-`PSCI spec`_. For AArch32, on wakeup from power down the CPU resets to secure SVC
+`PSCI`_. For AArch32, on wakeup from power down the CPU resets to secure SVC
mode and the EL3 Runtime Software must perform the prerequisite initializations
mentioned at top of this section. This function must be called with Data cache
disabled (unless build option ``HW_ASSISTED_COHERENCY`` is enabled) but with MMU
@@ -496,7 +496,7 @@
This callback is called in response to PSCI_MIGRATE_INFO_TYPE or
PSCI_MIGRATE_INFO_UP_CPU APIs. The return value of this callback must
correspond to the return value of PSCI_MIGRATE_INFO_TYPE API as described
- in `PSCI spec`_. If the secure payload is a Uniprocessor (UP)
+ in `PSCI`_. If the secure payload is a Uniprocessor (UP)
implementation, then it must update the mpidr of the CPU it is resident in
via ``resident_cpu`` (first argument). The updates to ``resident_cpu`` is
ignored if the secure payload is a multiprocessor (MP) implementation.
@@ -528,9 +528,7 @@
--------------
-*Copyright (c) 2016-2020, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.*
-.. _PSCI spec: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
+.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
-.. _PSCI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
-.. _PSCI Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
diff --git a/docs/getting_started/rt-svc-writers-guide.rst b/docs/getting_started/rt-svc-writers-guide.rst
index 5a4be4d..fe64558 100644
--- a/docs/getting_started/rt-svc-writers-guide.rst
+++ b/docs/getting_started/rt-svc-writers-guide.rst
@@ -314,7 +314,7 @@
--------------
-*Copyright (c) 2014-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.*
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
-.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
+.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
diff --git a/docs/index.rst b/docs/index.rst
index bce9bb7..a7a5993 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -90,7 +90,7 @@
.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
-.. _Power State Coordination Interface (PSCI): http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
+.. _Power State Coordination Interface (PSCI): https://developer.arm.com/documentation/den0022/latest/
.. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT): https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
.. _System Control and Management Interface (SCMI): http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
.. _Software Delegated Exception Interface (SDEI): http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
diff --git a/docs/plat/arm/juno/index.rst b/docs/plat/arm/juno/index.rst
index ea7d11c..5320a3b 100644
--- a/docs/plat/arm/juno/index.rst
+++ b/docs/plat/arm/juno/index.rst
@@ -249,4 +249,4 @@
.. _build the binaries from source: https://github.com/ARM-software/SCP-firmware/blob/master/user_guide.md#scp-firmware-user-guide
.. _Arm Platforms Portal: https://community.arm.com/dev-platforms/
.. _Juno Getting Started Guide: https://developer.arm.com/documentation/den0928/f/?lang=en
-.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
+.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
diff --git a/docs/plat/ast2700.rst b/docs/plat/ast2700.rst
new file mode 100644
index 0000000..0352aea
--- /dev/null
+++ b/docs/plat/ast2700.rst
@@ -0,0 +1,17 @@
+Aspeed AST2700
+==============
+
+Aspeed AST2700 is a 64-bit ARM SoC with 4-cores Cortex-A35 integrated.
+Each core operates at 1.6GHz.
+
+Boot Flow
+---------
+
+ BootRom --> BL1/BL2 --> TF-A BL31 --> BL32 (optional) --> BL33 --> Linux Kernel
+
+How to build
+------------
+
+.. code:: shell
+
+ make CROSS_COMPILE=aarch64-linux-gnu- PLAT=ast2700
diff --git a/docs/plat/index.rst b/docs/plat/index.rst
index 57c7303..188c986 100644
--- a/docs/plat/index.rst
+++ b/docs/plat/index.rst
@@ -8,6 +8,7 @@
allwinner
arm/index
+ ast2700
meson-axg
meson-gxbb
meson-gxl
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst
index 8182f91..b557a16 100644
--- a/docs/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -3668,7 +3668,7 @@
*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
-.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
+.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
.. _Arm Generic Interrupt Controller version 2.0 (GICv2): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0048b/index.html
.. _3.0 (GICv3): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0069b/index.html
.. _FreeBSD: https://www.freebsd.org
diff --git a/drivers/arm/gic/v3/gic600_multichip.c b/drivers/arm/gic/v3/gic600_multichip.c
index 7f0735d..a4786bb 100644
--- a/drivers/arm/gic/v3/gic600_multichip.c
+++ b/drivers/arm/gic/v3/gic600_multichip.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
* Copyright (c) 2022-2023, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -217,7 +217,7 @@
/* SPI IDs range check */
if (!(spi_id_min >= GIC600_SPI_ID_MIN) ||
- !(spi_id_max < GIC600_SPI_ID_MAX) ||
+ !(spi_id_max <= GIC600_SPI_ID_MAX) ||
!(spi_id_min <= spi_id_max) ||
!((spi_id_max - spi_id_min + 1) % 32 == 0)) {
ERROR("Invalid SPI IDs {%u, %u} passed for "
diff --git a/drivers/arm/gic/v3/gic600_multichip_private.h b/drivers/arm/gic/v3/gic600_multichip_private.h
index f6028ad..fd1cb57 100644
--- a/drivers/arm/gic/v3/gic600_multichip_private.h
+++ b/drivers/arm/gic/v3/gic600_multichip_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -39,7 +39,7 @@
/* SPI interrupt id minimum and maximum range */
#define GIC600_SPI_ID_MIN 32
-#define GIC600_SPI_ID_MAX 960
+#define GIC600_SPI_ID_MAX 991
#define GIC700_SPI_ID_MIN 32
#define GIC700_SPI_ID_MAX 991
diff --git a/drivers/arm/gic/v3/gicv3_helpers.c b/drivers/arm/gic/v3/gicv3_helpers.c
index 00bd7a1..b27debf 100644
--- a/drivers/arm/gic/v3/gicv3_helpers.c
+++ b/drivers/arm/gic/v3/gicv3_helpers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2023, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -223,13 +223,16 @@
current_prop = &interrupt_props[i];
unsigned int intr_num = current_prop->intr_num;
- uintptr_t multichip_gicd_base = gicv3_get_multichip_base(intr_num, gicd_base);
+ uintptr_t multichip_gicd_base;
/* Skip SGI, (E)PPI and LPI interrupts */
if (!IS_SPI(intr_num)) {
continue;
}
+ multichip_gicd_base =
+ gicv3_get_multichip_base(intr_num, gicd_base);
+
/* Configure this interrupt as a secure interrupt */
gicd_clr_igroupr(multichip_gicd_base, intr_num);
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c
index 6d6364f..230cec9 100644
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@@ -172,17 +172,20 @@
int rc;
/*
- * Digest info should be an MBEDTLS_ASN1_SEQUENCE
- * and consume all bytes.
+ * Digest info should be an MBEDTLS_ASN1_SEQUENCE, but padding after
+ * it is allowed. This is necessary to support multiple hash
+ * algorithms.
*/
p = (unsigned char *)digest_info_ptr;
end = p + digest_info_len;
rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
- if (rc != 0 || ((size_t)(end - p) != len)) {
+ if (rc != 0) {
return CRYPTO_ERR_HASH;
}
+ end = p + len;
+
/* Get the hash algorithm */
rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, ¶ms);
if (rc != 0) {
diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c
index fb5b036..8bde5bb 100644
--- a/drivers/auth/mbedtls/mbedtls_x509_parser.c
+++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@@ -135,8 +135,38 @@
if ((oid != NULL) &&
((size_t)oid_len == strlen(oid_str)) &&
(strcmp(oid, oid_str) == 0)) {
+ /* Extension must be ASN.1 DER */
+ if (len < 2) {
+ /* too short */
+ return IMG_PARSER_ERR_FORMAT;
+ }
+
+ if ((p[0] & 0x1F) == 0x1F) {
+ /* multi-byte ASN.1 DER tag, not allowed */
+ return IMG_PARSER_ERR_FORMAT;
+ }
+
+ if ((p[0] & 0xDF) == 0) {
+ /* UNIVERSAL 0 tag, not allowed */
+ return IMG_PARSER_ERR_FORMAT;
+ }
+
*ext = (void *)p;
*ext_len = (unsigned int)len;
+
+ /* Advance past the tag byte */
+ p++;
+
+ if (mbedtls_asn1_get_len(&p, end_ext_data, &len)) {
+ /* not valid DER */
+ return IMG_PARSER_ERR_FORMAT;
+ }
+
+ if (p + len != end_ext_data) {
+ /* junk after ASN.1 object */
+ return IMG_PARSER_ERR_FORMAT;
+ }
+
return IMG_PARSER_OK;
}
diff --git a/include/export/lib/utils_def_exp.h b/include/export/lib/utils_def_exp.h
index d4a4a85..2ee5769 100644
--- a/include/export/lib/utils_def_exp.h
+++ b/include/export/lib/utils_def_exp.h
@@ -27,10 +27,14 @@
#else
# define U_(_x) (_x##U)
# define U(_x) U_(_x)
-# define UL(_x) (_x##UL)
-# define ULL(_x) (_x##ULL)
-# define L(_x) (_x##L)
-# define LL(_x) (_x##LL)
+# define UL_(_x) (_x##UL)
+# define UL(_x) UL_(_x)
+# define ULL_(_x) (_x##ULL)
+# define ULL(_x) ULL_(_x)
+# define L_(_x) (_x##L)
+# define L(_x) L_(_x)
+# define LL_(_x) (_x##LL)
+# define LL(_x) LL_(_x)
#endif
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index 724624c..404b7f9 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -427,6 +427,23 @@
.endm
/*
+ * Clear a bit in a system register. Can clear multiple bits but is limited by
+ * the way the BIC instrucion encodes them.
+ *
+ * see sysreg_bit_set for usage
+ */
+.macro sysreg_bit_clear _reg:req, _bit:req
+ mrs x1, \_reg
+ bic x1, x1, #\_bit
+ msr \_reg, x1
+.endm
+
+.macro override_vector_table _table:req
+ adr x1, \_table
+ msr vbar_el3, x1
+.endm
+
+/*
* Apply erratum
*
* _cpu:
@@ -497,6 +514,27 @@
endfunc check_erratum_\_cpu\()_\_id
.endm
+.macro check_erratum_chosen _cpu:req, _cve:req, _id:req, _chosen:req
+ func check_erratum_\_cpu\()_\_id
+ .if \_chosen
+ mov x0, #ERRATA_APPLIES
+ .else
+ mov x0, #ERRATA_MISSING
+ .endif
+ ret
+ endfunc check_erratum_\_cpu\()_\_id
+.endm
+
+/* provide a shorthand for the name format for annoying errata */
+.macro check_erratum_custom_start _cpu:req, _cve:req, _id:req
+ func check_erratum_\_cpu\()_\_id
+.endm
+
+.macro check_erratum_custom_end _cpu:req, _cve:req, _id:req
+ endfunc check_erratum_\_cpu\()_\_id
+.endm
+
+
/*******************************************************************************
* CPU reset function wrapper
******************************************************************************/
diff --git a/include/lib/cpus/errata.h b/include/lib/cpus/errata.h
index f8f9555..b280435 100644
--- a/include/lib/cpus/errata.h
+++ b/include/lib/cpus/errata.h
@@ -64,6 +64,10 @@
#define CVE(year, id) year, id
#define NO_ISB 1
#define NO_ASSERT 0
+#define NO_APPLY_AT_RESET 0
+#define APPLY_AT_RESET 1
+/* useful for errata that end up always being worked around */
+#define ERRATUM_ALWAYS_CHOSEN 1
#endif /* __ASSEMBLER__ */
diff --git a/include/lib/libc/string.h b/include/lib/libc/string.h
index 9894483..7ddeed9 100644
--- a/include/lib/libc/string.h
+++ b/include/lib/libc/string.h
@@ -5,6 +5,7 @@
*/
/*
* Portions copyright (c) 2018-2020, ARM Limited and Contributors.
+ * Portions copyright (c) 2023, Intel Corporation. All rights reserved.
* All rights reserved.
*/
@@ -14,6 +15,7 @@
#include <stddef.h>
void *memcpy(void *dst, const void *src, size_t len);
+int memcpy_s(void *dst, size_t dsize, void *src, size_t ssize);
void *memmove(void *dst, const void *src, size_t len);
int memcmp(const void *s1, const void *s2, size_t len);
int strcmp(const char *s1, const char *s2);
diff --git a/include/lib/smccc.h b/include/lib/smccc.h
index 63637d5..fb2b3a2 100644
--- a/include/lib/smccc.h
+++ b/include/lib/smccc.h
@@ -20,7 +20,7 @@
SMCCC_VERSION_MINOR_SHIFT))
#define SMCCC_MAJOR_VERSION U(1)
-#define SMCCC_MINOR_VERSION U(2)
+#define SMCCC_MINOR_VERSION U(4)
/*******************************************************************************
* Bit definitions inside the function id as per the SMC calling convention
diff --git a/lib/cpus/aarch64/dsu_helpers.S b/lib/cpus/aarch64/dsu_helpers.S
index b7e028a..a34b9a6 100644
--- a/lib/cpus/aarch64/dsu_helpers.S
+++ b/lib/cpus/aarch64/dsu_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -44,11 +44,11 @@
/* --------------------------------------------------
* Errata Workaround for DSU erratum #798953.
*
- * Can clobber only: x0-x17
+ * Can clobber only: x0-x8
* --------------------------------------------------
*/
func errata_dsu_798953_wa
- mov x17, x30
+ mov x8, x30
bl check_errata_dsu_798953
cbz x0, 1f
@@ -58,7 +58,7 @@
msr CLUSTERACTLR_EL1, x0
isb
1:
- ret x17
+ ret x8
endfunc errata_dsu_798953_wa
/* -----------------------------------------------------------------------
@@ -72,7 +72,7 @@
* This function is called from both assembly and C environment. So it
* follows AAPCS.
*
- * Clobbers: x0-x15
+ * Clobbers: x0-x4
* -----------------------------------------------------------------------
*/
.globl check_errata_dsu_936184
@@ -83,7 +83,7 @@
* Default behaviour respresents SCU is always present with DSU.
* CPUs can override this definition if required.
*
- * Can clobber only: x0-x14
+ * Can clobber only: x0-x3
* --------------------------------------------------------------------
*/
func is_scu_present_in_dsu
@@ -92,7 +92,7 @@
endfunc is_scu_present_in_dsu
func check_errata_dsu_936184
- mov x15, x30
+ mov x4, x30
bl is_scu_present_in_dsu
cmp x0, xzr
/* Default error status */
@@ -116,17 +116,17 @@
b.hs 1f
mov x0, #ERRATA_APPLIES
1:
- ret x15
+ ret x4
endfunc check_errata_dsu_936184
/* --------------------------------------------------
* Errata Workaround for DSU erratum #936184.
*
- * Can clobber only: x0-x17
+ * Can clobber only: x0-x8
* --------------------------------------------------
*/
func errata_dsu_936184_wa
- mov x17, x30
+ mov x8, x30
bl check_errata_dsu_936184
cbz x0, 1f
@@ -137,7 +137,7 @@
msr CLUSTERACTLR_EL1, x0
isb
1:
- ret x17
+ ret x8
endfunc errata_dsu_936184_wa
/* -----------------------------------------------------------------------
@@ -176,11 +176,11 @@
/* --------------------------------------------------
* Errata Workaround for DSU erratum #2313941.
*
- * Can clobber only: x0-x17
+ * Can clobber only: x0-x8
* --------------------------------------------------
*/
func errata_dsu_2313941_wa
- mov x17, x30
+ mov x8, x30
bl check_errata_dsu_2313941
cbz x0, 1f
@@ -190,6 +190,5 @@
msr CLUSTERACTLR_EL1, x0
isb
1:
- ret x17
+ ret x8
endfunc errata_dsu_2313941_wa
-
diff --git a/lib/cpus/errata_report.c b/lib/cpus/errata_report.c
index a37ba81..4e9bdfc 100644
--- a/lib/cpus/errata_report.c
+++ b/lib/cpus/errata_report.c
@@ -34,38 +34,51 @@
#define CVE_FORMAT "%s: %s: CPU workaround for CVE %u_%u was %s\n"
#define ERRATUM_FORMAT "%s: %s: CPU workaround for erratum %u was %s\n"
-#define PRINT_STATUS_DISPATCH(status, ...) \
- do { \
- assert(status <= ERRATA_MISSING); \
- switch (status) { \
- case ERRATA_NOT_APPLIES: \
- VERBOSE(__VA_ARGS__, "not applied"); \
- break; \
- case ERRATA_APPLIES: \
- INFO(__VA_ARGS__, "applied"); \
- break; \
- case ERRATA_MISSING: \
- WARN(__VA_ARGS__, "missing!"); \
- break; \
- } \
- } while (0)
+static __unused void print_status(int status, char *cpu_str, uint16_t cve, uint32_t id)
+{
+ if (status == ERRATA_MISSING) {
+ if (cve) {
+ WARN(CVE_FORMAT, BL_STRING, cpu_str, cve, id, "missing!");
+ } else {
+ WARN(ERRATUM_FORMAT, BL_STRING, cpu_str, id, "missing!");
+ }
+ } else if (status == ERRATA_APPLIES) {
+ if (cve) {
+ INFO(CVE_FORMAT, BL_STRING, cpu_str, cve, id, "applied");
+ } else {
+ INFO(ERRATUM_FORMAT, BL_STRING, cpu_str, id, "applied");
+ }
+ } else {
+ if (cve) {
+ VERBOSE(CVE_FORMAT, BL_STRING, cpu_str, cve, id, "not applied");
+ } else {
+ VERBOSE(ERRATUM_FORMAT, BL_STRING, cpu_str, id, "not applied");
+ }
+ }
+}
#if !REPORT_ERRATA
void print_errata_status(void) {}
#else /* !REPORT_ERRATA */
-/* New errata status message printer */
+/*
+ * New errata status message printer
+ * The order checking function is hidden behind the FEATURE_DETECTION flag to
+ * save space. This functionality is only useful on development and platform
+ * bringup builds, when FEATURE_DETECTION should be used anyway
+ */
void __unused generic_errata_report(void)
{
struct cpu_ops *cpu_ops = get_cpu_ops_ptr();
struct erratum_entry *entry = cpu_ops->errata_list_start;
struct erratum_entry *end = cpu_ops->errata_list_end;
long rev_var = cpu_get_rev_var();
+#if FEATURE_DETECTION
uint32_t last_erratum_id = 0;
uint16_t last_cve_yr = 0;
bool check_cve = false;
- /* unused because assert goes away on release */
- bool failed __unused = false;
+ bool failed = false;
+#endif /* FEATURE_DETECTION */
for (; entry != end; entry += 1) {
uint64_t status = entry->check_func(rev_var);
@@ -81,10 +94,10 @@
status = ERRATA_MISSING;
}
- if (entry->cve) {
- PRINT_STATUS_DISPATCH(status, CVE_FORMAT, BL_STRING,
- cpu_ops->cpu_str, entry->cve, entry->id);
+ print_status(status, cpu_ops->cpu_str, entry->cve, entry->id);
+#if FEATURE_DETECTION
+ if (entry->cve) {
if (last_cve_yr > entry->cve ||
(last_cve_yr == entry->cve && last_erratum_id >= entry->id)) {
ERROR("CVE %u_%u was out of order!\n",
@@ -94,9 +107,6 @@
check_cve = true;
last_cve_yr = entry->cve;
} else {
- PRINT_STATUS_DISPATCH(status, ERRATUM_FORMAT, BL_STRING,
- cpu_ops->cpu_str, entry->id);
-
if (last_erratum_id >= entry->id || check_cve) {
ERROR("Erratum %u was out of order!\n",
entry->id);
@@ -104,13 +114,16 @@
}
}
last_erratum_id = entry->id;
+#endif /* FEATURE_DETECTION */
}
+#if FEATURE_DETECTION
/*
* enforce errata and CVEs are in ascending order and that CVEs are
* after errata
*/
assert(!failed);
+#endif /* FEATURE_DETECTION */
}
/*
diff --git a/lib/libc/libc.mk b/lib/libc/libc.mk
index b75d09c..5eb8b52 100644
--- a/lib/libc/libc.mk
+++ b/lib/libc/libc.mk
@@ -11,6 +11,7 @@
memchr.c \
memcmp.c \
memcpy.c \
+ memcpy_s.c \
memmove.c \
memrchr.c \
memset.c \
diff --git a/lib/libc/memcpy_s.c b/lib/libc/memcpy_s.c
new file mode 100644
index 0000000..01e88b0
--- /dev/null
+++ b/lib/libc/memcpy_s.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2013-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <errno.h>
+#include <stddef.h>
+#include <string.h>
+
+int memcpy_s(void *dst, size_t dsize, void *src, size_t ssize)
+{
+ unsigned int *s = (unsigned int *)src;
+ unsigned int *d = (unsigned int *)dst;
+
+ /*
+ * Check source and destination size is NULL
+ */
+ if ((dst == NULL) || (src == NULL)) {
+ return -ENOMEM;
+ }
+
+ /*
+ * Check source and destination size validity
+ */
+ if ((dsize == 0) || (ssize == 0)) {
+ return -ERANGE;
+ }
+
+ /*
+ * Check both source and destination size range
+ */
+ if ((ssize > dsize) || (dsize > ssize)) {
+ return -EINVAL;
+ }
+
+ /*
+ * Check both source and destination address overlapping
+ * When (s > d < s + ssize)
+ * Or (d > s < d + dsize)
+ */
+
+ if (d > s) {
+ if ((d) < (s + ssize)) {
+ return -EOPNOTSUPP;
+ }
+ }
+
+ if (s > d) {
+ if ((s) < (d + dsize)) {
+ return -EOPNOTSUPP;
+ }
+ }
+
+ /*
+ * Start copy process when there is no error
+ */
+ while (ssize--) {
+ d[ssize] = s[ssize];
+ }
+
+ return 0;
+}
diff --git a/plat/arm/board/fvp/jmptbl.i b/plat/arm/board/fvp/jmptbl.i
index 927ffef..dc8032f 100644
--- a/plat/arm/board/fvp/jmptbl.i
+++ b/plat/arm/board/fvp/jmptbl.i
@@ -43,6 +43,7 @@
mbedtls mbedtls_asn1_get_bitstring_null
mbedtls mbedtls_asn1_get_bool
mbedtls mbedtls_asn1_get_int
+mbedtls mbedtls_asn1_get_len
mbedtls mbedtls_asn1_get_tag
mbedtls mbedtls_free
mbedtls mbedtls_md
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index 0433b61..25c963b 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -197,6 +197,7 @@
lib/cpus/aarch64/cortex_a76ae.S \
lib/cpus/aarch64/cortex_a77.S \
lib/cpus/aarch64/cortex_a78.S \
+ lib/cpus/aarch64/cortex_a78_ae.S \
lib/cpus/aarch64/cortex_a78c.S \
lib/cpus/aarch64/cortex_a710.S \
lib/cpus/aarch64/neoverse_n_common.S \
diff --git a/plat/arm/board/juno/jmptbl.i b/plat/arm/board/juno/jmptbl.i
index 8932aa0..327a345 100644
--- a/plat/arm/board/juno/jmptbl.i
+++ b/plat/arm/board/juno/jmptbl.i
@@ -41,6 +41,7 @@
mbedtls mbedtls_asn1_get_bitstring_null
mbedtls mbedtls_asn1_get_bool
mbedtls mbedtls_asn1_get_int
+mbedtls mbedtls_asn1_get_len
mbedtls mbedtls_asn1_get_tag
mbedtls mbedtls_free
mbedtls mbedtls_md
diff --git a/plat/arm/board/n1sdp/n1sdp_bl31_setup.c b/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
index 2b9ed25..430aab6 100644
--- a/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
+++ b/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
@@ -52,8 +52,8 @@
PLAT_ARM_GICD_BASE >> 16
},
.spi_ids = {
- {PLAT_ARM_GICD_BASE, 32, 479},
- {PLAT_ARM_GICD_BASE, 512, 959}
+ {PLAT_ARM_GICD_BASE, 32, 511},
+ {PLAT_ARM_GICD_BASE, 512, 991}
}
};
diff --git a/plat/aspeed/ast2700/include/plat_macros.S b/plat/aspeed/ast2700/include/plat_macros.S
new file mode 100644
index 0000000..a58fd74
--- /dev/null
+++ b/plat/aspeed/ast2700/include/plat_macros.S
@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLAT_MACROS_S
+#define PLAT_MACROS_S
+
+ /* ---------------------------------------------
+ * The below required platform porting macro
+ * prints out relevant platform registers
+ * whenever an unhandled exception is taken in
+ * BL31.
+ * Clobbers: x0 - x10, x16, x17, sp
+ * ---------------------------------------------
+ */
+ .macro plat_crash_print_regs
+ .endm
+
+#endif /* PLAT_MACROS_S */
diff --git a/plat/aspeed/ast2700/include/platform_def.h b/plat/aspeed/ast2700/include/platform_def.h
new file mode 100644
index 0000000..3f2468f
--- /dev/null
+++ b/plat/aspeed/ast2700/include/platform_def.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLATFORM_DEF_H
+#define PLATFORM_DEF_H
+
+#include <arch.h>
+#include <plat/common/common_def.h>
+#include <platform_reg.h>
+
+#define PLATFORM_STACK_SIZE UL(0x1000)
+
+/* cpu topology */
+#define PLATFORM_SYSTEM_COUNT U(1)
+#define PLATFORM_CLUSTER_COUNT U(1)
+#define PLATFORM_CORE_PRIMARY U(0)
+#define PLATFORM_CORE_COUNT_PER_CLUSTER U(4)
+#define PLATFORM_CORE_COUNT (PLATFORM_CLUSTER_COUNT * \
+ PLATFORM_CORE_COUNT_PER_CLUSTER)
+
+/* arch timer */
+#define PLAT_SYSCNT_CLKIN_HZ U(1600000000)
+
+/* power domain */
+#define PLAT_MAX_PWR_LVL U(1)
+#define PLAT_NUM_PWR_DOMAINS U(5)
+#define PLAT_MAX_RET_STATE U(1)
+#define PLAT_MAX_OFF_STATE U(2)
+
+/* cache line size */
+#define CACHE_WRITEBACK_SHIFT U(6)
+#define CACHE_WRITEBACK_GRANULE (U(1) << CACHE_WRITEBACK_SHIFT)
+
+/* translation tables */
+#define PLAT_PHY_ADDR_SPACE_SIZE (ULL(1) << 36)
+#define PLAT_VIRT_ADDR_SPACE_SIZE (ULL(1) << 40)
+#define MAX_XLAT_TABLES U(8)
+#define MAX_MMAP_REGIONS U(32)
+
+/* BL31 region */
+#define BL31_BASE ULL(0x400000000)
+#define BL31_SIZE ULL(0x400000)
+#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
+
+/* BL32 region */
+#define BL32_BASE BL31_LIMIT
+#define BL32_SIZE ULL(0x400000)
+#define BL32_LIMIT (BL32_BASE + BL32_SIZE)
+
+/* console */
+#define CONSOLE_UART_BASE UART12_BASE
+#define CONSOLE_UART_CLKIN_HZ U(1846153)
+#define CONSOLE_UART_BAUDRATE U(115200)
+
+#endif /* PLATFORM_DEF_H */
diff --git a/plat/aspeed/ast2700/include/platform_reg.h b/plat/aspeed/ast2700/include/platform_reg.h
new file mode 100644
index 0000000..20ae32a
--- /dev/null
+++ b/plat/aspeed/ast2700/include/platform_reg.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLATFORM_REG_H
+#define PLATFORM_REG_H
+
+/* GIC */
+#define GICD_BASE U(0x12200000)
+#define GICD_SIZE U(0x10000)
+#define GICR_BASE U(0x12280000)
+#define GICR_SIZE U(0x100000)
+
+/* UART */
+#define UART_BASE U(0x14c33000)
+#define UART12_BASE (UART_BASE + 0xb00)
+
+/* CPU-die SCU */
+#define SCU_CPU_BASE U(0x12c02000)
+#define SCU_CPU_SMP_READY (SCU_CPU_BASE + 0x780)
+#define SCU_CPU_SMP_EP1 (SCU_CPU_BASE + 0x788)
+#define SCU_CPU_SMP_EP2 (SCU_CPU_BASE + 0x790)
+#define SCU_CPU_SMP_EP3 (SCU_CPU_BASE + 0x798)
+#define SCU_CPU_SMP_POLLINSN (SCU_CPU_BASE + 0x7a0)
+
+#endif /* PLATFORM_REG_H */
diff --git a/plat/aspeed/ast2700/plat_bl31_setup.c b/plat/aspeed/ast2700/plat_bl31_setup.c
new file mode 100644
index 0000000..36e7338
--- /dev/null
+++ b/plat/aspeed/ast2700/plat_bl31_setup.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <common/debug.h>
+#include <common/desc_image_load.h>
+#include <drivers/arm/gicv3.h>
+#include <drivers/console.h>
+#include <drivers/ti/uart/uart_16550.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <plat/common/platform.h>
+#include <platform_def.h>
+
+static console_t console;
+
+static entry_point_info_t bl32_ep_info;
+static entry_point_info_t bl33_ep_info;
+
+static uintptr_t rdistif_base_addrs[PLATFORM_CORE_COUNT];
+
+static unsigned int plat_mpidr_to_core_pos(u_register_t mpidr)
+{
+ /* to workaround the return type mismatch */
+ return plat_core_pos_by_mpidr(mpidr);
+}
+
+static const gicv3_driver_data_t plat_gic_data = {
+ .gicd_base = GICD_BASE,
+ .gicr_base = GICR_BASE,
+ .rdistif_num = PLATFORM_CORE_COUNT,
+ .rdistif_base_addrs = rdistif_base_addrs,
+ .mpidr_to_core_pos = plat_mpidr_to_core_pos,
+};
+
+static const mmap_region_t plat_mmap[] = {
+ MAP_REGION_FLAT(GICD_BASE, GICD_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ MAP_REGION_FLAT(GICR_BASE, GICR_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ MAP_REGION_FLAT(UART_BASE, PAGE_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ MAP_REGION_FLAT(SCU_CPU_BASE, PAGE_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ { 0 }
+};
+
+void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
+{
+ console_16550_register(CONSOLE_UART_BASE, CONSOLE_UART_CLKIN_HZ,
+ CONSOLE_UART_BAUDRATE, &console);
+
+ console_set_scope(&console, CONSOLE_FLAG_BOOT | CONSOLE_FLAG_RUNTIME | CONSOLE_FLAG_CRASH);
+
+ bl31_params_parse_helper(arg0, &bl32_ep_info, &bl33_ep_info);
+}
+
+void bl31_plat_arch_setup(void)
+{
+ mmap_add_region(BL_CODE_BASE, BL_CODE_BASE,
+ BL_CODE_END - BL_CODE_BASE,
+ MT_CODE | MT_SECURE);
+
+ mmap_add_region(BL_CODE_END, BL_CODE_END,
+ BL_END - BL_CODE_END,
+ MT_RW_DATA | MT_SECURE);
+
+ mmap_add_region(BL32_BASE, BL32_BASE, BL32_SIZE,
+ MT_MEMORY | MT_RW);
+
+ mmap_add(plat_mmap);
+
+ init_xlat_tables();
+
+ enable_mmu_el3(0);
+}
+
+void bl31_platform_setup(void)
+{
+ gicv3_driver_init(&plat_gic_data);
+ gicv3_distif_init();
+ gicv3_rdistif_init(plat_my_core_pos());
+ gicv3_cpuif_enable(plat_my_core_pos());
+}
+
+entry_point_info_t *bl31_plat_get_next_image_ep_info(uint32_t type)
+{
+ entry_point_info_t *ep_info;
+
+ ep_info = (type == NON_SECURE) ? &bl33_ep_info : &bl32_ep_info;
+
+ if (!ep_info->pc) {
+ return NULL;
+ }
+
+ return ep_info;
+}
diff --git a/plat/aspeed/ast2700/plat_helpers.S b/plat/aspeed/ast2700/plat_helpers.S
new file mode 100644
index 0000000..1457692
--- /dev/null
+++ b/plat/aspeed/ast2700/plat_helpers.S
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <asm_macros.S>
+#include <assert_macros.S>
+#include <arch.h>
+#include <cortex_a35.h>
+#include <platform_def.h>
+
+ .globl plat_is_my_cpu_primary
+ .globl plat_my_core_pos
+ .globl plat_secondary_cold_boot_setup
+ .globl plat_get_syscnt_freq2
+ .globl plat_crash_console_init
+ .globl plat_crash_console_putc
+ .globl plat_crash_console_flush
+
+/* unsigned int plat_is_my_cpu_primary(void); */
+func plat_is_my_cpu_primary
+ mrs x0, mpidr_el1
+ and x0, x0, #(MPIDR_CLUSTER_MASK | MPIDR_CPU_MASK)
+ cmp x0, #PLATFORM_CORE_PRIMARY
+ cset w0, eq
+ ret
+endfunc plat_is_my_cpu_primary
+
+/* unsigned int plat_my_core_pos(void); */
+func plat_my_core_pos
+ mrs x0, mpidr_el1
+ mov x2, #PLATFORM_CORE_COUNT_PER_CLUSTER
+ and x1, x0, #MPIDR_CPU_MASK
+ and x0, x0, #MPIDR_CLUSTER_MASK
+ madd x0, x0, x2, x1
+ ret
+endfunc plat_my_core_pos
+
+/* unsigned int plat_get_syscnt_freq2(void); */
+func plat_get_syscnt_freq2
+ mov_imm w0, PLAT_SYSCNT_CLKIN_HZ
+ ret
+endfunc plat_get_syscnt_freq2
+
+/* int plat_crash_console_init(void); */
+func plat_crash_console_init
+ mov_imm x0, CONSOLE_UART_BASE
+ mov_imm x1, CONSOLE_UART_CLKIN_HZ
+ mov_imm x2, CONSOLE_UART_BAUDRATE
+ b console_16550_core_init
+endfunc plat_crash_console_init
+
+/* int plat_crash_console_putc(int); */
+func plat_crash_console_putc
+ mov_imm x1, CONSOLE_UART_BASE
+ b console_16550_core_putc
+endfunc plat_crash_console_putc
+
+/* void plat_crash_console_flush(void); */
+func plat_crash_console_flush
+ mov_imm x0, CONSOLE_UART_BASE
+ b console_16550_core_flush
+endfunc plat_crash_console_flush
diff --git a/plat/aspeed/ast2700/plat_pm.c b/plat/aspeed/ast2700/plat_pm.c
new file mode 100644
index 0000000..8e69243
--- /dev/null
+++ b/plat/aspeed/ast2700/plat_pm.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <common/debug.h>
+#include <drivers/arm/gicv3.h>
+#include <drivers/console.h>
+#include <lib/mmio.h>
+#include <lib/psci/psci.h>
+#include <plat/common/platform.h>
+
+static uintptr_t sec_ep;
+
+static int plat_pwr_domain_on(u_register_t mpidr)
+{
+ unsigned int cpu = plat_core_pos_by_mpidr(mpidr);
+ uintptr_t ep_reg;
+
+ switch (cpu) {
+ case 1U:
+ ep_reg = SCU_CPU_SMP_EP1;
+ break;
+ case 2U:
+ ep_reg = SCU_CPU_SMP_EP2;
+ break;
+ case 3U:
+ ep_reg = SCU_CPU_SMP_EP3;
+ break;
+ default:
+ return PSCI_E_INVALID_PARAMS;
+ }
+
+ mmio_write_64(ep_reg, sec_ep);
+
+ dsbsy();
+
+ sev();
+
+ return PSCI_E_SUCCESS;
+}
+
+static void plat_pwr_domain_on_finish(const psci_power_state_t *target_state)
+{
+ gicv3_rdistif_init(plat_my_core_pos());
+ gicv3_cpuif_enable(plat_my_core_pos());
+}
+
+static const plat_psci_ops_t plat_psci_ops = {
+ .pwr_domain_on = plat_pwr_domain_on,
+ .pwr_domain_on_finish = plat_pwr_domain_on_finish,
+};
+
+int plat_setup_psci_ops(uintptr_t sec_entrypoint,
+ const plat_psci_ops_t **psci_ops)
+{
+ sec_ep = sec_entrypoint;
+ *psci_ops = &plat_psci_ops;
+
+ return 0;
+}
diff --git a/plat/aspeed/ast2700/plat_topology.c b/plat/aspeed/ast2700/plat_topology.c
new file mode 100644
index 0000000..1476fba
--- /dev/null
+++ b/plat/aspeed/ast2700/plat_topology.c
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2023, Aspeed Technology Inc.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch.h>
+#include <lib/psci/psci.h>
+#include <platform_def.h>
+
+static const unsigned char ast2700_power_domain_tree_desc[] = {
+ PLATFORM_SYSTEM_COUNT,
+ PLATFORM_CORE_COUNT_PER_CLUSTER,
+};
+
+const unsigned char *plat_get_power_domain_tree_desc(void)
+{
+ return ast2700_power_domain_tree_desc;
+}
+
+unsigned int plat_core_pos_by_mpidr(u_register_t mpidr)
+{
+ unsigned int cluster_id, cpu_id;
+
+ mpidr &= MPIDR_AFFINITY_MASK;
+
+ if (mpidr & ~(MPIDR_CLUSTER_MASK | MPIDR_CPU_MASK)) {
+ return -1;
+ }
+
+ cluster_id = (mpidr >> MPIDR_AFF1_SHIFT) & MPIDR_AFFLVL_MASK;
+ cpu_id = (mpidr >> MPIDR_AFF0_SHIFT) & MPIDR_AFFLVL_MASK;
+
+ if (cluster_id >= PLATFORM_CLUSTER_COUNT) {
+ return -1;
+ }
+
+ if (cpu_id >= PLATFORM_CORE_COUNT_PER_CLUSTER) {
+ return -1;
+ }
+
+ return (cluster_id * PLATFORM_CORE_COUNT_PER_CLUSTER) + cpu_id;
+}
diff --git a/plat/aspeed/ast2700/platform.mk b/plat/aspeed/ast2700/platform.mk
new file mode 100644
index 0000000..16ecf0a
--- /dev/null
+++ b/plat/aspeed/ast2700/platform.mk
@@ -0,0 +1,32 @@
+#
+# Copyright (c) 2023, Aspeed Technology Inc.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+include drivers/arm/gic/v3/gicv3.mk
+include lib/xlat_tables_v2/xlat_tables.mk
+
+PLAT_AST2700 := plat/aspeed/ast2700
+
+PLAT_INCLUDES := \
+ -I${PLAT_AST2700}/include
+
+BL31_SOURCES += \
+ common/desc_image_load.c \
+ lib/cpus/aarch64/cortex_a35.S \
+ plat/common/plat_gicv3.c \
+ plat/common/plat_psci_common.c \
+ drivers/ti/uart/aarch64/16550_console.S \
+ ${PLAT_AST2700}/plat_helpers.S \
+ ${PLAT_AST2700}/plat_topology.c \
+ ${PLAT_AST2700}/plat_bl31_setup.c \
+ ${PLAT_AST2700}/plat_pm.c \
+ ${GICV3_SOURCES} \
+ ${XLAT_TABLES_LIB_SRCS}
+
+PROGRAMMABLE_RESET_ADDRESS := 1
+
+COLD_BOOT_SINGLE_CPU := 1
+
+ENABLE_SVE_FOR_NS := 0
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index 6708edb..0668301 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -167,6 +167,7 @@
#define INTEL_SIP_SMC_V2_REG_WRITE 0xC2000402
#define INTEL_SIP_SMC_V2_REG_UPDATE 0xC2000403
#define INTEL_SIP_SMC_V2_HPS_SET_BRIDGES 0xC2000404
+#define INTEL_SIP_SMC_V2_RSU_UPDATE_ADDR 0xC2000405
/* V2: Mailbox function identifier */
#define INTEL_SIP_SMC_V2_MAILBOX_SEND_COMMAND 0xC2000420
@@ -185,7 +186,7 @@
/*
* Increase if there is new SMC function ID being added
*/
-#define SIP_SVC_VERSION_MINOR 1
+#define SIP_SVC_VERSION_MINOR 2
/* Structure Definitions */
@@ -219,6 +220,9 @@
uint32_t intel_secure_reg_update(uint64_t reg_addr, uint32_t mask,
uint32_t val, uint32_t *retval);
+/* Set RSU update address*/
+uint32_t intel_rsu_update(uint64_t update_address);
+
/* Miscellaneous HPS services */
uint32_t intel_hps_set_bridges(uint64_t enable, uint64_t mask);
diff --git a/plat/intel/soc/common/socfpga_sip_svc.c b/plat/intel/soc/common/socfpga_sip_svc.c
index ff050e4..1a18ee1 100644
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@@ -442,7 +442,7 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-static uint32_t intel_rsu_update(uint64_t update_address)
+uint32_t intel_rsu_update(uint64_t update_address)
{
if (update_address > SIZE_MAX) {
return INTEL_SIP_SMC_STATUS_REJECTED;
diff --git a/plat/intel/soc/common/socfpga_sip_svc_v2.c b/plat/intel/soc/common/socfpga_sip_svc_v2.c
index 791c714..e9996d3 100644
--- a/plat/intel/soc/common/socfpga_sip_svc_v2.c
+++ b/plat/intel/soc/common/socfpga_sip_svc_v2.c
@@ -158,6 +158,10 @@
status = intel_hps_set_bridges(x2, x3);
SMC_RET2(handle, status, x1);
+ case INTEL_SIP_SMC_V2_RSU_UPDATE_ADDR:
+ status = intel_rsu_update(x2);
+ SMC_RET2(handle, status, x1);
+
case INTEL_SIP_SMC_V2_MAILBOX_SEND_COMMAND:
status = intel_v2_mbox_send_cmd(x1, (uint32_t *)x2, x3);
SMC_RET2(handle, status, x1);
diff --git a/plat/qemu/common/qemu_sdei.c b/plat/qemu/common/qemu_sdei.c
new file mode 100644
index 0000000..820567e
--- /dev/null
+++ b/plat/qemu/common/qemu_sdei.c
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2023, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/* SDEI configuration for ARM platforms */
+
+#include <bl31/ehf.h>
+#include <common/debug.h>
+#include <lib/utils_def.h>
+#include <services/sdei.h>
+#include <platform_def.h>
+
+/* Private event mappings */
+static sdei_ev_map_t qemu_sdei_private[] = {
+ SDEI_DEFINE_EVENT_0(PLAT_SDEI_SGI_PRIVATE),
+};
+
+/* Shared event mappings */
+static sdei_ev_map_t qemu_sdei_shared[] = {
+};
+
+void plat_sdei_setup(void)
+{
+ INFO("SDEI platform setup\n");
+}
+
+/* Export Arm SDEI events */
+REGISTER_SDEI_MAP(qemu_sdei_private, qemu_sdei_shared);
diff --git a/plat/qemu/qemu/include/platform_def.h b/plat/qemu/qemu/include/platform_def.h
index 98b8254..93a3ce8 100644
--- a/plat/qemu/qemu/include/platform_def.h
+++ b/plat/qemu/qemu/include/platform_def.h
@@ -244,8 +244,7 @@
* interrupts.
*****************************************************************************/
#define PLATFORM_G1S_PROPS(grp) \
- INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_0, GIC_HIGHEST_SEC_PRIORITY, \
- grp, GIC_INTR_CFG_EDGE), \
+ DESC_G1S_IRQ_SEC_SGI_0(grp) \
INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_1, GIC_HIGHEST_SEC_PRIORITY, \
grp, GIC_INTR_CFG_EDGE), \
INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_2, GIC_HIGHEST_SEC_PRIORITY, \
@@ -261,7 +260,19 @@
INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_7, GIC_HIGHEST_SEC_PRIORITY, \
grp, GIC_INTR_CFG_EDGE)
-#define PLATFORM_G0_PROPS(grp)
+#if SDEI_SUPPORT
+#define DESC_G0_IRQ_SEC_SGI(grp) \
+ INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_0, PLAT_SDEI_NORMAL_PRI, (grp), \
+ GIC_INTR_CFG_EDGE)
+#define DESC_G1S_IRQ_SEC_SGI_0(grp)
+#else
+#define DESC_G0_IRQ_SEC_SGI(grp)
+#define DESC_G1S_IRQ_SEC_SGI_0(grp) \
+ INTR_PROP_DESC(QEMU_IRQ_SEC_SGI_0, PLAT_SDEI_NORMAL_PRI, (grp), \
+ GIC_INTR_CFG_EDGE),
+#endif
+
+#define PLATFORM_G0_PROPS(grp) DESC_G0_IRQ_SEC_SGI(grp)
/*
* DT related constants
@@ -270,6 +281,14 @@
#define PLAT_QEMU_DT_MAX_SIZE 0x100000
/*
+ * Platforms macros to support SDEI
+ */
+#define PLAT_PRI_BITS U(3)
+#define PLAT_SDEI_CRITICAL_PRI 0x60
+#define PLAT_SDEI_NORMAL_PRI 0x70
+#define PLAT_SDEI_SGI_PRIVATE QEMU_IRQ_SEC_SGI_0
+
+/*
* System counter
*/
#define SYS_COUNTER_FREQ_IN_TICKS ((1000 * 1000 * 1000) / 16)
diff --git a/plat/qemu/qemu/platform.mk b/plat/qemu/qemu/platform.mk
index 3a0e1c0..7a1dccd 100644
--- a/plat/qemu/qemu/platform.mk
+++ b/plat/qemu/qemu/platform.mk
@@ -230,6 +230,10 @@
${PLAT_QEMU_COMMON_PATH}/qemu_bl31_setup.c \
${QEMU_GIC_SOURCES}
+ifeq (${SDEI_SUPPORT}, 1)
+BL31_SOURCES += plat/qemu/common/qemu_sdei.c
+endif
+
# Pointer Authentication sources
ifeq (${ENABLE_PAUTH}, 1)
PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c \
@@ -323,3 +327,7 @@
ifneq (${BL33},)
all: qemu_fw.bios qemu_fw.rom
endif
+
+ifeq (${EL3_EXCEPTION_HANDLING},1)
+BL31_SOURCES += plat/common/aarch64/plat_ehf.c
+endif
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index f6d9ce1..0c83a56 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -47,10 +47,10 @@
# define BL31_LIMIT U(0x80000)
#endif
#else
-# define BL31_BASE (ZYNQMP_ATF_MEM_BASE)
-# define BL31_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_SIZE)
+# define BL31_BASE U(ZYNQMP_ATF_MEM_BASE)
+# define BL31_LIMIT (UL(ZYNQMP_ATF_MEM_BASE) + U(ZYNQMP_ATF_MEM_SIZE))
# ifdef ZYNQMP_ATF_MEM_PROGBITS_SIZE
-# define BL31_PROGBITS_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_PROGBITS_SIZE)
+# define BL31_PROGBITS_LIMIT (UL(ZYNQMP_ATF_MEM_BASE) + U(ZYNQMP_ATF_MEM_PROGBITS_SIZE))
# endif
#endif
@@ -61,8 +61,8 @@
# define BL32_BASE U(0x60000000)
# define BL32_LIMIT U(0x80000000)
#else
-# define BL32_BASE (ZYNQMP_BL32_MEM_BASE)
-# define BL32_LIMIT (ZYNQMP_BL32_MEM_BASE + ZYNQMP_BL32_MEM_SIZE)
+# define BL32_BASE U(ZYNQMP_BL32_MEM_BASE)
+# define BL32_LIMIT (UL(ZYNQMP_BL32_MEM_BASE) + U(ZYNQMP_BL32_MEM_SIZE))
#endif
/*******************************************************************************
@@ -71,7 +71,7 @@
#ifndef PRELOADED_BL33_BASE
# define PLAT_ARM_NS_IMAGE_BASE U(0x8000000)
#else
-# define PLAT_ARM_NS_IMAGE_BASE PRELOADED_BL33_BASE
+# define PLAT_ARM_NS_IMAGE_BASE U(PRELOADED_BL33_BASE)
#endif
/*******************************************************************************
diff --git a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
index 8183a0a..5c3d580 100644
--- a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
+++ b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
@@ -777,10 +777,16 @@
static int spmc_shmem_check_obj(struct spmc_shmem_obj *obj,
uint32_t ffa_version)
{
+ unsigned long long total_page_count;
const struct ffa_emad_v1_0 *first_emad;
const struct ffa_emad_v1_0 *end_emad;
size_t emad_size;
- uint32_t comp_mrd_offset = 0;
+ uint32_t comp_mrd_offset;
+ size_t header_emad_size;
+ size_t size;
+ size_t count;
+ size_t expected_size;
+ const struct ffa_comp_mrd *comp;
if (obj->desc_filled != obj->desc_size) {
ERROR("BUG: %s called on incomplete object (%zu != %zu)\n",
@@ -798,22 +804,12 @@
first_emad = spmc_shmem_obj_get_emad(&obj->desc, 0,
ffa_version, &emad_size);
end_emad = emad_advance(first_emad, obj->desc.emad_count * emad_size);
+ comp_mrd_offset = first_emad->comp_mrd_offset;
/* Loop through the endpoint descriptors, validating each of them. */
- for (const struct ffa_emad_v1_0 *emad = first_emad;
- emad < end_emad;
- emad = emad_advance(emad, emad_size)) {
- size_t size;
- size_t count;
- size_t expected_size;
- uint64_t total_page_count;
- size_t header_emad_size;
- uint32_t offset;
- struct ffa_comp_mrd *comp;
+ for (const struct ffa_emad_v1_0 *emad = first_emad; emad < end_emad;) {
ffa_endpoint_id16_t ep_id;
- offset = emad->comp_mrd_offset;
-
/*
* If a partition ID resides in the secure world validate that
* the partition ID is for a known partition. Ignore any
@@ -831,82 +827,121 @@
/*
* The offset provided to the composite memory region descriptor
- * should be consistent across endpoint descriptors. Store the
- * first entry and compare against subsequent entries.
+ * should be consistent across endpoint descriptors.
+ */
+ if (comp_mrd_offset != emad->comp_mrd_offset) {
+ ERROR("%s: mismatching offsets provided, %u != %u\n",
+ __func__, emad->comp_mrd_offset, comp_mrd_offset);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+
+ /* Advance to the next endpoint descriptor */
+ emad = emad_advance(emad, emad_size);
+
+ /*
+ * Ensure neither this emad nor any subsequent emads have
+ * the same partition ID as the previous emad.
*/
- if (comp_mrd_offset == 0) {
- comp_mrd_offset = offset;
- } else {
- if (comp_mrd_offset != offset) {
- ERROR("%s: mismatching offsets provided, %u != %u\n",
- __func__, offset, comp_mrd_offset);
+ for (const struct ffa_emad_v1_0 *other_emad = emad;
+ other_emad < end_emad;
+ other_emad = emad_advance(other_emad, emad_size)) {
+ if (ep_id == other_emad->mapd.endpoint_id) {
+ WARN("%s: Duplicated endpoint id 0x%x\n",
+ __func__, emad->mapd.endpoint_id);
return FFA_ERROR_INVALID_PARAMETER;
}
- continue; /* Remainder only executed on first iteration. */
}
+ }
- header_emad_size = (size_t)((uint8_t *)emad - (uint8_t *)&obj->desc) +
- (obj->desc.emad_count * emad_size);
+ header_emad_size = (size_t)((const uint8_t *)end_emad -
+ (const uint8_t *)&obj->desc);
- if (offset < header_emad_size) {
- WARN("%s: invalid object, offset %u < header + emad %zu\n",
- __func__, offset, header_emad_size);
- return FFA_ERROR_INVALID_PARAMETER;
- }
+ /*
+ * Check that the composite descriptor
+ * is after the endpoint descriptors.
+ */
+ if (comp_mrd_offset < header_emad_size) {
+ WARN("%s: invalid object, offset %u < header + emad %zu\n",
+ __func__, comp_mrd_offset, header_emad_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
- size = obj->desc_size;
+ /* Ensure the composite descriptor offset is aligned. */
+ if (!is_aligned(comp_mrd_offset, 16)) {
+ WARN("%s: invalid object, unaligned composite memory "
+ "region descriptor offset %u.\n",
+ __func__, comp_mrd_offset);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
- if (offset > size) {
- WARN("%s: invalid object, offset %u > total size %zu\n",
- __func__, offset, obj->desc_size);
- return FFA_ERROR_INVALID_PARAMETER;
- }
- size -= offset;
+ size = obj->desc_size;
- if (size < sizeof(struct ffa_comp_mrd)) {
- WARN("%s: invalid object, offset %u, total size %zu, no header space.\n",
- __func__, offset, obj->desc_size);
- return FFA_ERROR_INVALID_PARAMETER;
- }
- size -= sizeof(struct ffa_comp_mrd);
+ /* Check that the composite descriptor is in bounds. */
+ if (comp_mrd_offset > size) {
+ WARN("%s: invalid object, offset %u > total size %zu\n",
+ __func__, comp_mrd_offset, obj->desc_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ size -= comp_mrd_offset;
- count = size / sizeof(struct ffa_cons_mrd);
+ /* Check that there is enough space for the composite descriptor. */
+ if (size < sizeof(struct ffa_comp_mrd)) {
+ WARN("%s: invalid object, offset %u, total size %zu, no header space.\n",
+ __func__, comp_mrd_offset, obj->desc_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ size -= sizeof(*comp);
- comp = spmc_shmem_obj_get_comp_mrd(obj, ffa_version);
+ count = size / sizeof(struct ffa_cons_mrd);
- if (comp == NULL) {
- WARN("%s: invalid comp_mrd offset\n", __func__);
- return FFA_ERROR_INVALID_PARAMETER;
- }
+ comp = (const struct ffa_comp_mrd *)
+ ((const uint8_t *)(&obj->desc) + comp_mrd_offset);
- if (comp->address_range_count != count) {
- WARN("%s: invalid object, desc count %u != %zu\n",
- __func__, comp->address_range_count, count);
- return FFA_ERROR_INVALID_PARAMETER;
- }
+ if (comp->address_range_count != count) {
+ WARN("%s: invalid object, desc count %u != %zu\n",
+ __func__, comp->address_range_count, count);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
- expected_size = offset + sizeof(*comp) +
- count * sizeof(struct ffa_cons_mrd);
+ /* Ensure that the expected and actual sizes are equal. */
+ expected_size = comp_mrd_offset + sizeof(*comp) +
+ count * sizeof(struct ffa_cons_mrd);
- if (expected_size != obj->desc_size) {
- WARN("%s: invalid object, computed size %zu != size %zu\n",
- __func__, expected_size, obj->desc_size);
- return FFA_ERROR_INVALID_PARAMETER;
- }
+ if (expected_size != obj->desc_size) {
+ WARN("%s: invalid object, computed size %zu != size %zu\n",
+ __func__, expected_size, obj->desc_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
- total_page_count = 0;
+ total_page_count = 0;
- for (size_t i = 0; i < count; i++) {
- total_page_count +=
- comp->address_range_array[i].page_count;
- }
- if (comp->total_page_count != total_page_count) {
- WARN("%s: invalid object, desc total_page_count %u != %" PRIu64 "\n",
- __func__, comp->total_page_count,
- total_page_count);
- return FFA_ERROR_INVALID_PARAMETER;
+ /*
+ * comp->address_range_count is 32-bit, so 'count' must fit in a
+ * uint32_t at this point.
+ */
+ for (size_t i = 0; i < count; i++) {
+ const struct ffa_cons_mrd *mrd = comp->address_range_array + i;
+
+ if (!is_aligned(mrd->address, PAGE_SIZE)) {
+ WARN("%s: invalid object, address in region descriptor "
+ "%zu not 4K aligned (got 0x%016llx)",
+ __func__, i, (unsigned long long)mrd->address);
}
+
+ /*
+ * No overflow possible: total_page_count can hold at
+ * least 2^64 - 1, but will be have at most 2^32 - 1.
+ * values added to it, each of which cannot exceed 2^32 - 1.
+ */
+ total_page_count += mrd->page_count;
+ }
+
+ if (comp->total_page_count != total_page_count) {
+ WARN("%s: invalid object, desc total_page_count %u != %llu\n",
+ __func__, comp->total_page_count, total_page_count);
+ return FFA_ERROR_INVALID_PARAMETER;
}
+
return 0;
}
@@ -969,11 +1004,8 @@
void *smc_handle)
{
int ret;
- size_t emad_size;
uint32_t handle_low;
uint32_t handle_high;
- struct ffa_emad_v1_0 *emad;
- struct ffa_emad_v1_0 *other_emad;
if (mbox->rxtx_page_count == 0U) {
WARN("%s: buffer pair not registered.\n", __func__);
@@ -1056,26 +1088,6 @@
goto err_bad_desc;
}
- /* Ensure partition IDs are not duplicated. */
- for (size_t i = 0; i < obj->desc.emad_count; i++) {
- emad = spmc_shmem_obj_get_emad(&obj->desc, i, ffa_version,
- &emad_size);
-
- for (size_t j = i + 1; j < obj->desc.emad_count; j++) {
- other_emad = spmc_shmem_obj_get_emad(&obj->desc, j,
- ffa_version,
- &emad_size);
-
- if (emad->mapd.endpoint_id ==
- other_emad->mapd.endpoint_id) {
- WARN("%s: Duplicated endpoint id 0x%x\n",
- __func__, emad->mapd.endpoint_id);
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_bad_desc;
- }
- }
- }
-
ret = spmc_shmem_check_state_obj(obj, ffa_version);
if (ret) {
ERROR("%s: invalid memory region descriptor.\n", __func__);
diff --git a/tools/conventional-changelog-tf-a/index.js b/tools/conventional-changelog-tf-a/index.js
index 2a9d5b4..7d57c15 100644
--- a/tools/conventional-changelog-tf-a/index.js
+++ b/tools/conventional-changelog-tf-a/index.js
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -167,6 +167,17 @@
writerOpts.transform = function (commit, context) {
/*
+ * Feedback on the generated changelog has shown that having build system changes
+ * appear at the top of a section throws some people off. We make an exception for
+ * scopeless `build`-type changes and treat them as though they actually have the
+ * `build` scope.
+ */
+
+ if ((commit.type === "build") && (commit.scope == null)) {
+ commit.scope = "build";
+ }
+
+ /*
* Fix up commit trailers, which for some reason are not correctly recognized and
* end up showing up in the breaking changes.
*/