* changes:
Revert "fix(ti): do not take system power reference in bl31_platform_setup()"
refactor(ti): remove ti_sci_init function
fix(k3): increment while reading trail bytes
Remove any residual RSS usage in the FVP platform, complementing the
changes made in commit dea307fd6c.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I9ced272503456361610ec0c7783d270349233926
Essentially revert [1] to permit specifying SME support along with
SPD=spmd on FVP platform.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/20764
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Iab15d5a4c966b9f5b265ccde6711765e242abeaa
* changes:
fix(spe): invoke spe_disable during power domain off/suspend
feat(psci): add psci_do_manage_extensions API
fix(arm_fpga): halve number of PEs per core
Added SiP calls to FVP platform to protect/unprotect a
memory range.
These leverage rme features to change the PAS of a given
memory range from non-secure to secure.
The mentioned call is leveraged by the SPMC in the memory
sharing flow, when memory is shared from the normal world
onto the secure world.
More details in the SPM related patches.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Iaf15d8603a549d247ffb1fc14c16bfb94d0e178a
Add minimal compilation step when enabling STM32MP_USB_PROGRAMMER flag
on STM32MP2. Add DWL_BUFFER_BASE in platform.mk and the compilation
of the new file plat/st/stm32mp2/stm32mp2_usb_dfu.c (just stubs for
the moment).
Signed-off-by: Pankaj Dev <pankaj.dev@st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I8891ff23ddc3d40d7477ada3e49e439dd8af8316
As these definitions will be the same for STM32MP1 and STM32MP2, move
PLATFORM_MTD_MAX_PAGE_SIZE and DWL_BUFFER_SIZE macro definition to the
file: plat/st/common/include/stm32mp_common.h
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I480669d009d15fec753298f47b136e34fa240132
PLAT_STM32MP_NS_IMAGE_OFFSET and PLAT_EMMC_BOOT_SSBL_OFFSET macros should
have been removed with patch [1].
[1] 981b9dcb87 ("refactor(stm32mp1): remove STM32MP_USE_STM32IMAGE")
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ice98c43c0257041226525199be06134fde8466c5
ti_sci_get_revision handles getting the firmware version and ti_sci_init
is just a wrapper around it with no added benefit.
Refactor the ti_sci_get_revision to give the version information and
remove ti_sci_init wrapper.
Change-Id: I39184af5b00bedc8b9220533f1ddac3b6672d2f1
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
spe_disable function, disables profiling and flushes all the buffers and
hence needs to be called on power-off/suspend path.
It needs to be invoked as SPE feature writes to memory as part of
regular operation and not disabling before exiting coherency
could potentially cause issues.
Currently, this is handled only for the FVP. Other platforms need
to replicate this behaviour and is covered as part of this patch.
Calling it from generic psci library code, before the platform specific
actions to turn off the CPUs, will make it applicable for all the
platforms which have ported the PSCI library.
Change-Id: I90b24c59480357e2ebfa3dfc356c719ca935c13d
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
When creating the Arm FPGA platform, we had plenty of memory available,
so assigned a generous four PEs per core for the potential CPU topology.
In reality we barely see implementations with two PEs per core, and
didn't have four at all so far.
With some design changes we now include more data per CPU type, and
since the Arm FPGA build supports many cores (and determines the correct
one at runtime), we run out of memory with certain build options.
Since we don't really need four PEs per core, just halve that number, to
reduce our memory footprint without sacrificing functionality.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Ieb37ccc9f362b10ff0ce038f72efca21512a71cb
This setup helps to mimic an end-to-end RAS handling flow inspired
by real world design with a dedicated RAS secure partition managed
by SPMC.
The detailed steps are documented as comments in the relevant source
files introduced in this patch.
Change-Id: I97737c66649f6e49840fa0bdf2e0af4fb6b08fc7
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Initialize generic delay timer to enable its use to insert delays
in execution paths as required.
Change-Id: I52232796f20d9692f0115d5e5395451a54b489c6
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
The trail bytes from the secure proxy driver were being overwritten,
increase the count each time to not overwrite the existing data and not
get the end data corrupted from secure proxy.
Fixes: d76fdd33e0 ("ti: k3: drivers: Add Secure Proxy driver")
Change-Id: I8e23f8b6959da886d6ab43049746f78765ae1766
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
When building TF-A (with SPMD support) with ARM_ARCH_MAJOR=8/
ARCH_ARCH_MINOR=8 options, this forces the -march=armv8.8-a compiler
option. In this condition, the compiler optimises statement [1] into
a store pair to an unaligned address resulting to a supposedly alignment
fault. With -march=armv8.7-a and earlier the compiler resolves with a
memcpy. Replacing this line by an explicit memcpy masks out the issue.
Prefer using the plain struct uuid in place of the uuid_helper union
for further clarity.
[1] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/
plat/arm/common/fconf/arm_fconf_sp.c?h=v2.10#n77
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I509b7bc50c7c4a894885d24dc8279d0fe634e8f2
* changes:
feat(arm): move GPT setup to common BL source
feat(arm): retrieve GPT related data from platform
refactor(arm): rename L0/L1 GPT base macros
This feature provides support to context save the
SCXTNUM_ELx register. FEAT_CSV2_3 implies the implementation
of FEAT_CSV2_2. FEAT_CSV2_3 is supported in AArch64 state only
and is an optional feature in Arm v8.0 implementations.
This patch adds feature detection for v8.9 feature FEAT_CSV2_3,
adds macros for ID_AA64PFR0_EL1.CSV2 bits [59:56] for detecting
FEAT_CSV2_3 and macro for ENABLE_FEAT_CSV2_3.
Change-Id: Ida9f31e832b5f11bd89eebd6cc9f10ddad755c14
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
In i.MX8MM/MQ it is possible to have two copies of bootloader in
SD/eMMC and switch between them. The switch is triggered either
by the BootROM in case the bootloader image is faulty OR can be
enforced by the user, and there is API introduced in
9ce232fe ("feat(plat/imx8m): add SiP call for secondary boot"),
which leverages this SoC feature.
However neither i.MX8MP nor i.MX8MN have a dedicated bit
which indicates what boot image set is currently booted.
According to AN12853 [1] "i.MX ROMs Log Events", it is
possible to determine whether fallback event occurred
by parsing the BootROM event log. In case ROM event ID 0x51 is
present,fallback event did occur and secondary boot image was booted.
Knowing which boot image was booted might be useful for reliable
bootloader A/B updates, detecting fallback event might be used for
making decision if boot firmware rollback is required.
This patche introduces implementation, that replicates the same
imx_src_handler() behaviour as on i.MX8MM/MQ SoCs.
The code is based on original U-Boot implementation [2].
[1]: https://www.nxp.com/webapp/Download?colCode=AN12853
[2]: a5ee05cf71
Change-Id: I9a4c5229aa0e53fa23b5261459da99cb3ce6bdbe
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
As of now, GPT setup is being handled from BL2 for plat/arm platforms.
However, for platforms having a separate entity to load firmware images,
it is possible for BL31 to setup the GPT. In order to address this
concern, move the GPT setup implementation from arm_bl2_setup.c file to
arm_common.c. Additionally, rename the API from arm_bl2_gpt_setup to
arm_gpt_setup to make it boot stage agnostic.
Signed-off-by: Rohit Mathew <Rohit.Mathew@arm.com>
Change-Id: I35d17a179c8746945c69db37fd23d763a7774ddc
For RME-enabled platforms, initializing L0 and L1 tables and enabling
GPC checks is necessary. For systems using BL2 to load firmware images,
the GPT initialization has to be done in BL2 prior to the image load.
The common Arm platform code currently implements this in the
"arm_bl2_plat_gpt_setup" function, relying on the FVP platform's
specifications (PAS definitions, GPCCR_PPS, and GPCCR_PGS).
Different Arm platforms may have distinct PAS definitions, GPCCR_PPS,
GPCCR_PGS, L0/L1 base, and size. To accommodate these variations,
introduce the "plat_arm_get_gpt_info" API. Platforms must implement
this API to provide the necessary data for GPT setup on RME-enabled
platforms. It is essential to note that these additions are relevant to
platforms under the plat/arm hierarchy that will reuse the
"arm_bl2_plat_gpt_setup" function.
As a result of these new additions, migrate data related to the FVP
platform to its source and header files.
Signed-off-by: Rohit Mathew <Rohit.Mathew@arm.com>
Change-Id: I4f4c8894c1cda0adc1f83e7439eb372e923f6147
In accordance with common naming conventions, macros specifying the base
address of a region typically use the prefix "BASE" combined with the
region name, rather than "ADDR_BASE."
Currently, the macros defining the base addresses for L0 and L1 GPT
tables within `arm_def.h` are named "ARM_L0_GPT_ADDR_BASE" and
"ARM_L1_GPT_ADDR_BASE" respectively. To adhere to the established naming
convention, rename these macros as "ARM_L1_GPT_BASE" and
"ARM_L0_GPT_BASE" respectively.
Signed-off-by: Rohit Mathew <Rohit.Mathew@arm.com>
Change-Id: Ibd50a58a1f63ba97d2df141f41a21a89ef97d6fb
* changes:
build: remove the `NM` variable
build: prefer `gcc-ar` over `ar`
build: add `--no-warn-rwx-segments` when linking with GCC
build: always use the C compiler to assemble
build: always use the C compiler to preprocess
fix(rcar): fix implicit rule invocations in tools
The fused monotonic counter is checked by the ROM bootloader. The ROM
bootloader won't allow booting images build with a lower
STM32_TF_VERSION value.
On non-closed devices a user can easily circumvent this. But it is
annoying for a developer when open development hardware gets the counter
value fused.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: Ie52561368a3178de9d9a44b9d089664241452651
Add compilation and initialization of BSEC peripheral, to access OTP
fuses. Add the definition of OTP fuses.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: If6403838b1e2c04c59effc8545b381aced5f7cda
* changes:
feat(stm32mp2-fdts): add board ID OTP in STM32MP257F-EV1
feat(stm32mp2-fdts): add OTP nodes in STM32MP251 SoC DT file
fix(stm32mp2): add missing include
feat(st): do not directly call BSEC functions in common code
feat(st): use stm32_get_otp_value_from_idx() in BL31
refactor(st): update test for closed chip
refactor(st-bsec): improve BSEC driver
refactor(st): use dashes for BSEC node names
Update nand driver to match GHRD design, fix row
address calculation method and other misc updates.
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I1cb3dda43e767ba243fbe89bfa18818db321c5c2
* changes:
fix(xilinx): add console_flush() before shutdown
fix(xilinx): fix sending sgi to linux
feat(xilinx): add new state to identify cpu power down
feat(xilinx): request cpu power down from reset
feat(xilinx): power down all cores on receiving cpu pwrdwn req
feat(xilinx): add handler for power down req sgi irq
feat(xilinx): add wrapper to handle cpu power down req
fix(versal-net): use arm common GIC handlers
fix(xilinx): rename macros to align with ARM
As a part of removing DeviceTree from EDK2, we move functions to TF-A:
- counting the number of memory nodes
- checking NUMA node id
- checking the memory address
Signed-off-by: Xiong Yining <xiongyining1480@phytium.com.cn>
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Change-Id: Ib7bce3a65c817a5b3bef6c9e0a459c7ce76c7e35
Update the version to match release versioning scheme.
No functional change.
Signed-off-by: Hieu Nguyen <hieu.nguyen.dn@renesas.com>
Change-Id: Ib481fade925f74dbea1dd2b39c1abfab888379e4
Add cache operations because BL2 disabled MMU at the end of the boot
process, but did not clean/invalidate for the cache used by MMU.
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Id4070b46103ca2b50788b3a99f6961a35df24418
This commit changes ENABLE_STACK_PROTECTOR value to "strong" for
enabling the stack protector by canary.
Signed-off-by: Koichi Yamaguchi <koichi.yamaguchi.zb@hitachi.com>
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Ice351d23c98daf12737a5e65cef743035d62dabe
* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name in doc
feat(dt-bindings): introduce CCA CoT, rename TBBR
