This renames tc0 platform folder and files to tc, and introduces
TARGET_PLATFORM variable to account for the differences between
TC0 and TC1.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I5b4a83f3453afd12542267091b3edab4c139c5cd
Update documentation and group platform specific build options into
their own subsections.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I05927d8abf9f811493c49b856f06329220e7d8bb
This commit enables trusted-firmware-a with Trusted Board Boot support
for the Diphda 64-bit platform.
Diphda uses a FIP image located in the flash. The FIP contains the
following components:
- BL2
- BL31
- BL32
- BL32 SPMC manifest
- BL33
- The TBB certificates
The board boot relies on CoT (chain of trust). The trusted-firmware-a
BL2 is extracted from the FIP and verified by the Secure Enclave
processor. BL2 verification relies on the signature area at the
beginning of the BL2 image. This area is needed by the SecureEnclave
bootloader.
Then, the application processor is released from reset and starts by
executing BL2.
BL2 performs the actions described in the trusted-firmware-a TBB design
document.
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: Iddb1cb9c2a0324a9635e23821c210ac81dfc305d
This patch adds the option HARDEN_SLS_ALL that can be used to enable
the -mharden-sls=all, which mitigates the straight-line speculation
vulnerability. Enable this by adding the option HARDEN_SLS_ALL=1,
default this will be disabled.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I0d498d9e96903fcb879993ad491949f6f17769b2
* changes:
fix(plat/marvell/a3k): Fix building uart-images.tgz.bin archive
refactor(plat/marvell/a3k): Rename *_CFG and *_SIG variables
refactor(plat/marvell/a3k): Rename DOIMAGETOOL to TBB
refactor(plat/marvell/a3k): Remove useless DOIMAGEPATH variable
fix(plat/marvell/a3k): Fix check for external dependences
fix(plat/marvell/a8k): Add missing build dependency for BLE target
fix(plat/marvell/a8k): Correctly set include directories for individual targets
fix(plat/marvell/a8k): Require that MV_DDR_PATH is correctly set
Old Marvell a3700_utils and mv-ddr tarballs do not have to work with
latest TF-A code base. Marvell do not provide these old tarballs on
Extranet anymore. Public version on github repository contains all
patches and is working fine, so for public TF-A builds use only public
external dependencies from git.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Iee5ac6daa9a1826a5b80a8d54968bdbb8fe72f61
Target mrvl_flash depends on external mv_ddr source code which is not
part of TF-A project. Do not expect that it is pre-downloaded at some
specific location and require user to specify correct path to mv_ddr
source code via MV_DDR_PATH build option.
TF-A code for Armada 37x0 platform also depends on mv_ddr source code
and already requires passing correct MV_DDR_PATH build option.
So for A8K implement same checks for validity of MV_DDR_PATH option as
are already used by TF-A code for Armada 37x0 platform.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I792f2bfeab0cec89b1b64e88d7b2c456e22de43a
For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
The underlying changes for enabling PIE in aarch32 is submitted in
commit 4324a14bf
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib8bb860198b3f97cdc91005503a3184d63e15469
Due to the small OCRAM space used for TF-A, we will
meet imx8mq build failure caused by too small RAM size.
We CANNOT support it in TF-A CI. It does NOT mean that
imx8mq will be dropped by NXP. NXP will still actively
maintain it in NXP official release.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: Iad726ffbc4eedc5f6770612bb9750986b9324ae9
We currently use Linaro release software stack version
20.01 in the CI. Reflect that change in the docs.
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I0fa9f0163afb0bf399ec503abe9af4f17231f173
Clean up instructions for building/running TF-A on the
Juno platform and add correct link to SCP binaries.
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I536f98082e167edbf45f29ca23cc0db44687bb3b
This patch adds support for the crypto and secure storage secure
partitions for the Total Compute platform. These secure partitions
have to be managed by Hafnium executing at S-EL2
Change-Id: I2df690e3a99bf6bf50e2710994a905914a07026e
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Reverting FVP versions to previous version 11.12.38 for Cortex-A32x4
and Neoverse-N2x4.
Change-Id: I81e8ad24794dd425a9e9a66dc8bb02b42191abf1
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Updated the list of supported FVP platforms as per the latest FVP
release.
Change-Id: I1abd0a7885b1133715062ee1b176733556a4820e
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Documented the build options used in Arm GPT parser enablement.
Change-Id: I9d7ef2f44b8f9d2731dd17c2639e5ed0eb6d0b3a
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This new compile option is only for Armada 3720 Development Board. When
it is set to 1 then TF-A will setup PM wake up src configuration.
By default this new option is disabled as it is board specific and no
other A37xx board has PM wake up src configuration.
Currently neither upstream U-Boot nor upstream Linux kernel has wakeup
support for A37xx platforms, so having it disabled does not cause any
issue.
Prior this commit PM wake up src configuration specific for Armada 3720
Development Board was enabled for every A37xx board. After this change it
is enabled only when compiling with build flag A3720_DB_PM_WAKEUP_SRC=1
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I09fea1172c532df639acb3bb009cfde32d3c5766
A Neoverse reference design platform can have two or more variants that
differ in core count, cluster count or other peripherals. To allow reuse
of platform code across all the variants of a platform, introduce build
option CSS_SGI_PLATFORM_VARIANT for Arm Neoverse reference design
platforms. The range of allowed values for the build option is platform
specific. The recommended range is an interval of non negative integers.
An example usage of the build option is
make PLAT=rdn2 CSS_SGI_PLATFORM_VARIANT=1
Change-Id: Iaae79c0b4d0dc700521bf6e9b4979339eafe0359
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
sgm775 is an old platform and is no longer maintained by Arm and its
fast model FVP_CSS_SGM-775 is no longer available for download.
This platform is now superseded by Total Compute(tc) platforms.
This platform is now deprecated but the source will be kept for cooling
off period of 2 release cycle before removing it completely.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I8fe1fc3da0c508dba62ed4fc60cbc1642e0f7f2a
By default the Arm Ethos-N NPU will boot up in secure mode. In this mode
the non-secure world cannot access the registers needed to use the NPU.
To still allow the non-secure world to use the NPU, a SiP service has
been added that can delegate non-secure access to the registers needed
to use it.
Only the HW_CONFIG for the Arm Juno platform has been updated to include
the device tree for the NPU and the platform currently only loads the
HW_CONFIG in AArch64 builds.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I65dfd864042ed43faae0a259dcf319cbadb5f3d2
Setting MSS_SUPPORT to 0 also removes requirement for SCP_BL2
definition.
Images build with MSS_SUPPORT=0 will not include service CPUs
FW and will not support PM, FC and other features implemented
in these FW images.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Change-Id: Idf301ebd218ce65a60f277f3876d0aeb6c72f105
Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/boot/atf/+/37769
Tested-by: sa_ip-sw-jenkins <sa_ip-sw-jenkins@marvell.com>
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Reviewed-by: Ofer Heifetz <oferh@marvell.com>
Reviewed-by: Nadav Haklai <nadavh@marvell.com>
CZ.NIC as part of Turris project released free and open source WTMI
application firmware 'wtmi_app.bin' for all Armada 3720 devices. This
firmware includes additional features like access to Hardware Random
Number Generator of Armada 3720 SoC which original Marvell's 'fuse.bin'
image does not have.
CZ.NIC's Armada 3720 Secure Firmware is available at website:
https://gitlab.nic.cz/turris/mox-boot-builder/
This change updates documentation to include steps how to build Marvell
firmware image for Espressobin with this firmware to enable Hardware
Random Number Generator on Espressobin.
In this change is fixed also URL to TF-A and U-Boot git repositories in
Espressobin build example. And as Marvell github repositories switched
default branch to master, explicit branch via -b parameter is redundant
and therefore from examples removed.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I59ee29cb6ed149264c5e4202f2af8f9ab3859418
As per the new multi-console framework, updating the JTAG DCC support.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I77994ce387caf0d695986df3d01d414a920978d0
As per the new multi-console framework, updating the JTAG DCC support.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Acked-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I62cfbb57ae7e454fbc91d1c54aafa6e99f9a35c8
The new Allwinner H616 SoC lacks the management controller and the secure
SRAM A2, so we need to tweak the memory map quite substantially:
We run BL31 in DRAM. Since the DRAM starts at 1GB, we cannot use our
compressed virtual address space (max 256MB) anymore, so we revert to
the full 32bit VA space and use a flat mapping throughout all of it.
The missing controller also means we need to always use the native PSCI
ops, using the CPUIDLE hardware, as SCPI and suspend depend on the ARISC.
Change-Id: I77169b452cb7f5dc2ef734f3fc6e5d931749141d
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Update the Allwinner platform documentation.
Reorder the section, to have the build instructions first, followed by
hints about the installation.
Add some ASCII art about the layout of our virtual memory map, which
uses a non-trivial condensed virtual address space.
Change-Id: Iaaa79b4366012394e15e4c1b26c212b5efb6ed6a
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Adds bl2 with FIP to the build required for mbed Linux booting where
we do:
BootROM -> SPL -> BL2 -> OPTEE -> u-boot
If NEED_BL2 is specified then BL2 will be built and BL31 will have
its address range modified upwards to accommodate. BL31 must be
loaded from a FIP in this case.
If NEED_BL2 is not specified then the current BL31 boot flow is
unaffected and u-boot SPL will load and execute BL31 directly.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I655343b3b689b1fc57cfbedda4d3dc2fbd549a96
Added GIC600AE FVP model version information.
Change-Id: I15d25fbdb8e09900976d5993032ec049f8db79f2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added a build option 'FVP_GICR_REGION_PROTECTION' to make
redistributor frame of fused/unused cores as read only.
Change-Id: Ie85f86e2465b93321a92a888ce8712a3144e4ccb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
* changes:
docs: marvell: Replace ESPRESSObin-Ultra TF-A build example by full example how to build production release of Marvell firmware image
docs: marvell: Fix description of flash-image.bin image
docs: marvell: Add information into CLOCKSPRESET option how to identify CPU frequency
docs: marvell: Reformat DDR_TOPOLOGY option and mention EspressoBin-Ultra board
docs: marvell: Move Supported Marvell platforms to PLAT build option
* changes:
docs: marvell: Update info about WTMI_IMG option
plat: marvell: armada: a3k: Remove unused variable WTMI_SYSINIT_IMG from Makefile
plat: marvell: armada: Show informative build messages and blank lines
plat: marvell: armada: Move definition of mrvl_flash target to common marvell_common.mk file
plat: marvell: armada: a3k: Use $(Q) instead of @
plat: marvell: armada: a3k: Add a new target mrvl_uart which builds UART image
plat: marvell: armada: a3k: Build UART image files directly in $(BUILD_UART) subdirectory
plat: marvell: armada: a3k: Build intermediate files in $(BUILD_PLAT) directory
plat: marvell: armada: a3k: Correctly set DDR_TOPOLOGY and CLOCKSPRESET for WTMI
plat: marvell: armada: a3k: Allow use of the system Crypto++ library
docs: marvell: Update info about WTP and MV_DDR_PATH parameters
plat: marvell: armada: a3k: Add checks that WTP, MV_DDR_PATH and CRYPTOPP_PATH are correctly defined
docs: marvell: Update mv-ddr-marvell and A3700-utils-marvell branches
ESPRESSObin-Ultra TF-A build example was now just a copy+paste of previous
mentioned example. It produced debug binary with custom log level, which
was not described. So rather replace this duplicate build example by a full
example with all steps how to build production release of Marvell firmware
image for EspressoBin with 1GHz CPU and 1GB DDR4 RAM.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Ief1b8bc96a3035ebd8421bd68dca5eb5c8d8fd52
Reformat list of boards, remove unsupported OcteonTX2 and mention
supported Turris MOX board.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I22cea7f77fd078554c7f0ed4108781626209e563
