* changes:
feat(mhu): use compile flag to choose mhu version
feat(mhu): add MHUv3 wrapper APIs for RSS comm driver
feat(mhu): add MHUv3 doorbell driver
In the high system load situation, bus latency increase was observed
and it made impact to other feature (e.g. audio dropouts). This is
because some modules push as much as possible traffic into the DBSC4
CAM for execution, and make increasing bus latency. Re-defining swap
priorities reduce this situation. This advice has been confirmed by
hardware developer.
Signed-off-by: Dien Pham <dien.pham.ry@renesas.com>
Change-Id: Ifebafa883d5a997de6894198327a6025b64e4ee5
Add a new function to control the MCU subsystem
security state.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Change-Id: I070eec06fc93a1214227f25a6a4f1c40c66c86b0
Change list.entry_count to unsigned int to align with header.list_num,
removing the need for casting.
Change-Id: Id4259d9e841c8d34fe23fb74a7c627f2a643cbf2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Deprecation notice was sent to the community and no objection was
raised, so removing mbedtls 2.x support.
Change-Id: Id3eb98b55692df98aabe6a7c5a5ec910222c8abd
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header
MHUv3 and MHUv2 drivers can now be selected at build time by using
PLAT_MHU_VERSION.
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: I24f9e05f7969ed3be8f3261fdfed881a4ad18ba4
RSS comm driver interfaces with MHUv3 driver through specific
API calls. Add APIs to support the interface.
Signed-off-by: Aziz IDOMAR <aziz.idomar@arm.com>
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Shriram K <shriram.k@arm.com>
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: I815d43ca548d3640fceb4c91fe3bbeec31687210
MHUv3 reworks parts of MHUv2 and introduces MHU extensions. There are
currently 3 extensions:
* Doorbell extension: which works like MHUv2
* FIFO extension: which uses a buffer for faster inband data transfer
* Fastchannel extension: for fast data transfer
Add MHUv3 driver with support for Doorbell extension for both postbox
sender MHUs and mailbox receiver MHUs.
Signed-off-by: Aziz IDOMAR <aziz.idomar@arm.com>
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Shriram K <shriram.k@arm.com>
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: Icf49df56f1159f4c9830e0ffcda5b3a4bea8d2fd
GIC600 erratum 2384374 is a Category B erratum. Part 1 is fixed
in this patch, and the Part 1 failure mode is described as
'If the packet to be sent is a SET packet, then a higher priority SET
may not be sent when it should be until an unblocking event occurs.'
This is handled by calling gicv3_apply_errata_wa_2384374() in the
ehf_deactivate_priority() path, so that when EHF restores the priority
to the original priority, the interrupt packet buffered
in the GIC can be sent.
gicv3_apply_errata_wa_2384374() is the workaround for
the Part 2 of erratum 2384374 which flush packets from the GIC buffer
and is being used in this patch.
SDEN can be found here:
https://developer.arm.com/documentation/sden892601/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I4bb6dcf86c94125cbc574e0dc5119abe43e84731
This custom argument is meant to simplify to group
components into certificates. Components with
the same cert_id contribute to the same certificate
regardless of the load order or the structure of the
derivation tree. This argument aims to flatten the tree
structure and make it easy to include branches or
subtrees in the main derivation line.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I83c4abc399616063a5eb04792d603899f7513627
Modify the log level from WARNING to VERBOSE for the SDS region
validity check. An invalid region causes the initialization step
to fail, but normally it's only a temporary condition as the
actual initialization of the region (such as adding a valid region
descriptor structure) can happen asynchronously in another system
component. The goal of this tiny modification is to avoid flooding
the log with this message when we're waiting in a loop for the
region initialization to happen.
Change-Id: I180e35e25df3f31bbc816e6421ded17ba6ae1d85
Signed-off-by: David Vincze <david.vincze@arm.com>
Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle can be used for a single time then it will
be invalidated by the DPE service. In case of calls from
the same component, the next valid context handle is
returned in the response to a DPE command. When a component
finishes their job then the next component in the boot flow
inherits its first context handle from its parent.
How the inheritance is done can be client or
platform-dependent. It can be shared through shared
memory or be part of a DTB object passed to the next
bootloader stage.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ic82f074f1c5b15953e78f9fa5404ed7f48674cbb
To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from the parent
component via a DTB object.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id357fab3586398b1933444e1d10d1ab6d8243ab9
Implement a DPE specific backend within the
generic measured boot framework.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia3a0eac0ee6f7b4b337a93d08286613e7c8186b4
DPE commands are CBOR encoded. QCBOR library is used
in TF-A for CBOR encoding.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ifd01e1e6e1477cf991e765b97c446684fc6ef9b9
On STM32MP25, a new version of the SDMMC2 IP is embedded (v3.0).
The size of the FIFO is 1024 in this new IP version.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ie6b1fb215fc77b24b7c342d4cd69248a96039a4d
* changes:
style(fwu): change the metadata fields to align with specification
style(partition): use GUID values for GPT partition fields
feat(st): add logic to boot the platform from an alternate bank
feat(st): add a function to clear the FWU trial state counter
feat(fwu): add a function to obtain an alternate FWU bank to boot
feat(fwu): add some sanity checks for the FWU metadata
feat(fwu): modify the check for getting the FWU bank's state
feat(st): get the state of the active bank directly
feat(fwu): add a config flag for including image info in the FWU metadata
feat(fwu): migrate FWU metadata structure to version 2
feat(fwu): document the config flag for including image info in the FWU metadata
feat(fwu): update the URL links for the FWU specification
* changes:
docs(maintainers): add the maintainers for imx8ulp
docs(imx8ulp): add imx8ulp platform
fix(imx8ulp): increase the mmap region num
feat(imx8ulp): adjust the dram mapped region
feat(imx8ulp): ddrc switch auto low power and software interface
feat(imx8ulp): add some delay before cmc1 access
feat(imx8ulp): add a flag check for the ddr status
fix(imx8ulp): add sw workaround for csi/hotplug test hang
feat(imx8ulp): adjust the voltage when sys dvfs enabled
feat(imx8ulp): enable the DDR frequency scaling support
fix(imx8ulp): fix suspend/resume issue when DBD owner is s400 only
feat(imx8ulp): update XRDC for ELE to access DDR with CA35 DID
feat(imx8ulp): add memory region policy
feat(imx8ulp): protect TEE region for secure access only
feat(imx8ulp): add trusty support
feat(imx8ulp): add OPTEE support
feat(imx8ulp): update the upower config for power optimization
feat(imx8ulp): allow RTD to reset APD through MU
feat(imx8ulp): not power off LPAV PD when LPAV owner is RTD
feat(imx8ulp): add system power off support
feat(imx8ulp): add APD power down mode(PD) support in system suspend
feat(imx8ulp): add the basic support for idle & system suspned
feat(imx8ulp): enable 512KB cache after resume on imx8ulp
feat(imx8ulp): add the initial XRDC support
feat(imx8ulp): allocated caam did for the non secure world
feat(imx8ulp): add i.MX8ULP basic support
build(changelog): add new scopes for nxp imx8ulp platform
feat(scmi): add scmi sensor support
The GPT partition uses GUID values for identification of partition
types and partitions. Change the relevant functions to use GUID values
instead of UUID's.
Change-Id: I30df66a8a02fb502e04b0285f34131b65977988e
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add a function fwu_get_alternate_boot_bank() to return a valid bank to
boot from. This function can be called by a platform to get an
alternate bank to try to boot the platform in the unlikely scenario of
the active bank being in an invalid state, or if the number of times
the platform boots in trial state exceeds a pre-set count.
Change-Id: I4bcd88e68e334c452882255bf028e01b090369d1
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add some sanity checks on the values read from the FWU metadata
structure. This ensures that values in the metadata structure are
inline with certain config symbol values.
Change-Id: Ic4415da9048ac3980f8f811ed7852beb90683f7d
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The version 2 of the FWU metadata structure has a field bank_state in
the top level of the structure which can be used to check if a given
bank is in the either of Trial State, Accepted State, or in an Invalid
State. This is different from the binary states of Valid/Accepted
States that the bank could be in, as defined in the earlier version of
the specification.
Replace the fwu_is_trial_run_state() API with
fwu_get_active_bank_state() to get the state the current active bank
is in. The value returned by this API is then used by the caller to
take appropriate action.
Change-Id: I764f486840a3713bfe5f8e03d0634bfe09b23590
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
While loading partition entries, calculate CRC using tf_crc32() for each
entry to find the full CRC value of the partition entry array.
The start of the GPT partition entry array is located at the LBA
indicated by the partition entry array LBA field in the GPT header. The
size of the partition entry array is indicated by the size of partition
entry multiplied by the number of partition entries.
Compare the calculated CRC with the partition entry array CRC in the GPT
header, error out if the values do not match.
Change-Id: I4bfed8cf903125c1ef3fac2f0f4c0fb87d63aa78
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Alter the function parameter to pass the full GPT header to be filled
instead of the starting LBA of the array of partion entries to
load_partition_gpt()
Change-Id: Ib3dde62d5b9996e74157714634bea748bd3b55aa
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
LF-4715-1 drivers: scmi-msg: add sensor support
Add scmi sensor support
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I810e270b138bf5486b32df121056bfa5103c129f
Split the smmuv3_init() to separate smmuv3_security_init() from it in
order to allow skipping the default deny policy on reset for certain
SMMUv3 implementations.
Additionally, fix a couple of MISRA warnings.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Signed-off-by: Vivek Gautam <vivek.gautam@arm.com>
Change-Id: I2127943e709dd1ded34145bd022c930e351bbb4a
The SMMU_S_INIT register definition in the Arm SMMUv3 specification
says that if SMMUv3 has REALM_IMPL == 1 then it is root firmware’s
responsibility to write to INV_ALL before enabling granule protection
checks. So fix this flow during smmuv3 init.
Signed-off-by: Vivek Gautam <vivek.gautam@arm.com>
Change-Id: Ied9325e1658950c04f06c62485eeab3f28ca1285
* changes:
docs: update FVP TC2 model version and build (11.23/17)
fix(tc): increase BL2 maximum size limit
refactor(tc): update platform tests
feat(rss): add defines for 'type' range and use them in psa_call()
feat(rss): adjust parameter packing to match TF-M changes
refactor(tc): remap console logs
Extend the SDS driver to be able to handle multiple
SDS regions:
- AP-SCP
- AP-RSS
Change-Id: Id303840b248c383b3f960227cbf6333d1cc75e65
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
In gicv3_main.c the function is_sgi_ppi() returns true when its
sgi/ppi or false when the interrupt number matches an spi interrupt.
Introducing a new API is_valid_interrupt() which validates if
an interrupt number matches SGI/PPI or SPI as a valid interrupt,
any other interrupt number is considered invalid and panics.
Change-Id: Idce8f5432a94c8d300b9408cf5b2502c60e13318
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Fix the wrong placement of the closing parenthesis in the second
condition check that resulted in the incorrect calculation of the MHU
message size. Also, format the code for readability.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I0e012f3ff00bae2dfc12cdb1c2c636fc6c0a0b55
The function mhu_get_max_message_size() for MHUv2 should return only the
available memory for use after considering all the overheads for its own
use.
Signed-off-by: Sathyam Panda <sathyam.panda@arm.com>
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I14ad16e8f4b781e396bca6173077513db74157d5
Reading the SCMI mailbox status in polling mode causes a burst of bus
accesses. On certain platforms, this would not be ideal as the shared
bus on the CPU subsystem might cause contentions across all the CPUs.
So allow platforms to specify a delay to be introduced while polling.
Change-Id: Ib90ad7b5954854071cfd543f4a27a178dde3d5c6
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
This driver is used for the new version of the BSEC peripheral used
on STM32MP25.
Change-Id: I38ca0db22d06704769c994c6806ccd80b17dde6e
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Update nand driver to match GHRD design, fix row
address calculation method and other misc updates.
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I1cb3dda43e767ba243fbe89bfa18818db321c5c2
