TF-A makefile accepts a device-tree snippet to override hardcoded SP
nodes, via the `ARM_BL2_SP_LIST_DTS` variable. However the SPs declared
in `ARM_BL2_SP_LIST_DTS` must be in the same order as they are in the
FIP image, otherwise hash authentication will fail when loaded by BL2.
This patch generates the `ARM_BL2_SP_LIST_DTS` file from the
`sp_layout.json` file. The SPs in the FIP image are also generated from
`sp_layout.json`, so this ensures that there is only one source of truth
for the SP list, removing the possibility to have the lists disagree
with each other.
Signed-off-by: Karl Meakin <karl.meakin@arm.com>
Change-Id: I7d76715135c596605c6a02aad5196d967dfeb1ce
Not including the proper CPU file can halt execution at the
reset_handler since the cpu_ops obtained will be invalid and therefore
the cpu reset function will be invalid too, unless SUPPORT_UNKNOWN_MPID
is enabled.
This patch adds an assert to check for the validity of the obtained
cpu_ops object and will display an error if the object is invalid.
Change-Id: I0e1661745e4a692aab5e910e110c2de0caf64f46
Signed-off-by: Thaddeus Serna <Thaddeus.Gonzalez-Serna@arm.com>
* changes:
fix(versal-net): make pmc ipi channel as secure
fix(versal): make pmc ipi channel as secure
fix(versal-net): add redundant call to avoid glitches
fix(versal-net): change flag to increase security
This patch details the required packages and terminal commands for
building the documentation in PDF format locally.
Change-Id: Ic5f416b73e46d5f362fe9eb909200b95eda19e6a
Signed-off-by: Elizabeth Ho <elizabeth.ho@arm.com>
Similar to Cortex-A53, the AArch32-only Cortex-A7/12/15/17 have an
(optional) integrated L2 cache that might need to be flushed if the
whole cluster is powered down. However, unlike Cortex-A53 there is
currently no L2 cache flush in the cluster_pwr_dwn implementation for
some reason. This causes problems if there is unwritten data left in
the L2 cache during a cluster power off.
Fix this by adding the L2 cache flush similar to cortex_a53.S.
Change-Id: Icd087bef9acff11e03edcaa0d26dd8b8e30796b7
Signed-off-by: Stephan Gerhold <stephan@gerhold.net>
* changes:
refactor(cpus): convert the Cortex-A710 to use cpu helpers
refactor(cpus): convert Cortex-A710 to use the errata framework
refactor(cpus): reorder Cortex-A710 errata by ascending order
feat(cpus): make revision procedure call optional
Align entire TF-A to use Arm in copyright header.
Change-Id: Ief9992169efdab61d0da6bd8c5180de7a4bc2244
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
* changes:
chore(ethos-n): use non blocking soft reset on npu
docs(ethos-n): update build-options.rst
refactor(ethos-n): move build flags to ethosn_npu.mk
Make PMC IPI channel for Versal NET as secure so that NS
systems cannot directly access or modify secure systems.
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I75ba8796859dcb35644f3e144d7dc5926755ef78
Make PMC IPI channel for Versal as secure so that NS systems
cannot directly access or modify secure systems.
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I22148653fa2d27941cb3031ac790892cee0d1796
Add redundant macro call to increase security by making
code glitch immune as security operations might be
called with the IPI command.
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I84d84cca258b7cd981f62816c51032341e19095c
Currently security flag is set to SECURE by default and
is changed to NON_SECURE if NS system is detected. In this
case NS system may access secure system if condition check
gets skipped due to glitches.
So, initialize security_flag to NON_SECURE_FLAG and switch
to SECURE_FLAG if the TrustZone bit is detected to be
in more secure state.
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I7af54465bd8744ba97a58c02607631ee23619d47
override_vector_table does adr, followed by an msr ops.
Accidentally was used here for for adr and mrs op.
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
Change-Id: I2d3fda12acd097acabbde9b7dcc376d08419e223
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
...and for each erratum:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
It is important to note that the errata workaround and checking
sequences remain unchanged and preserve their git blame. Testing was
conducted by:
* Building for release with all errata flags enabled and running script
in change 19136 to compare output of objdump for each errata.
* Manual comparison of disassembly of converted functions with non-
converted functions
* Build for debug with all errata enabled and step through ArmDS
at reset to ensure all functions are entered.
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I417539ab292f13a4f0949625d2fef6b7792fbd35
Errata report order is enforced to be in ascending order. To achieve
this with the errata framework this has to be done at the definition
level.
Change-Id: I4a6ed55d48e91ec914b7a591c6d30da5ce5d915d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
For runtime errata, we should avoid generating calls to
`cpu_get_rev_var` unless its necessary. Make the path that generates
this call parameterized, and cache the result in a temporary register to
allow future calls that go down the alternate path to retrieve the cache
CPU revision.
Change-Id: I9882ede76568fbd9a7ccd4caa74eff0c66a7b20e
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Move documentation related to Arm(R) Ethos(TM)-N NPU driver from
docs/plat/arm/arm-build-options.rst to
docs/getting_started/build-options.rst.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I388e8dcd3950b11bc3305f5e6396ee2e49c04493
The build flags to enable the Arm(R) Ethos(TM)-N NPU driver are in arm
platform specific make files i.e. plat/arm/common/arm_common.mk. These
flags are renamed and moved to ethosn_npu.mk. Other source and make
files are changed to reflect the changes in these flags.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I6fd20225343c574cb5ac1f0f32ff2fc28ef37ea6
* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'plat_mboot_measure_key' function
feat(tc): implement platform function to measure and publish Public Key
feat(auth): measure and publicise the Public Key
feat(fvp): implement platform function to measure and publish Public Key
feat(fvp): add public key-OID information in RSS metadata structure
feat(auth): add explicit entries for key OIDs
feat(rss): set the signer-ID in the RSS metadata
feat(auth): create a zero-OID for Subject Public Key
docs: add details about plat_mboot_measure_key function
feat(measured-boot): introduce platform function to measure and publish Public Key
The ID field populated for every FVP PWRC register interface must be
computed from the affinity level values from MPIDR.
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Change-Id: If1474fd25704911f8f717dafb419a0734b99a4ec
Add common/debug.h and libfdt.h files to the common file
for XILINX_OF_BOARD_DTB_ADDR configuration.
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Change-Id: I577cc018eda34e186e48594a62c54eb55f11bbd3
* changes:
refactor(cpus): convert Cortex-A15 to use the errata framework
refactor(cpus): convert the Cortex-X3 to use the cpu helpers
refactor(cpus): convert Cortex-X3 to use the errata framework
refactor(cpus): reorder Cortex-X3 errata by ascending order
refactor(cpus): convert the Cortex-A73 to use the cpu helpers
refactor(cpus): convert Cortex-A73 to use the errata framework
refactor(cpus): reorder Cortex-A73 errata by ascending order
refactor(cpus): convert the Cortex-A35 to use the cpu helpers
refactor(cpus): convert Cortex-A35 to use the errata framework
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
...and for each erratum:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
* Manual comparison of disassembly of converted functions with non-
converted functions.
aarch64-none-elf-objdump -D <TF-A with
conversion>/build/../release/bl31/bl31.elf
vs
aarch64-none-elf-objdump -D <TF-A clean
repo>/build/fvp/release/bl31/bl31.elf
* Build for debug with all errata enabled and step through ArmDS
at reset to ensure all functions are entered.
Change-Id: I62e030962edf4e8e8be2c19e7a3176e319468c50
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
Errata report order is enforced to be in ascending order. To achieve
this with the errata framework this has to be done at the definition
level.
Change-Id: I168bf99be0cb0b046d6b641c855f9241991bb0bc
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
...and for each erratum:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
It is important to note that the errata workaround and checking
sequences remain unchanged and preserve their git blame. Testing was
conducted by:
* Manual comparison of disassembly of converted functions with non-
converted functions.
aarch64-none-elf-objdump -D <TF-A with
conversion>/build/../release/bl31/bl31.elf
vs
aarch64-none-elf-objdump -D <TF-A clean
repo>/build/fvp/release/bl31/bl31.elf
* Build for release with all errata flags enabled and compare
the disassembly of converted functions with non-converted
functions.
CROSS_COMPILE=aarch64-none-elf- make PLAT=fvp DEBUG=0 \
HW_ASSISTED_COHERENCY=0 BL33=<tf-a-tests>/build/fvp/debug/tftf.bin \
all fip ERRATA_A73_852427=1 \
ERRATA_A73_855423=1 \
WORKAROUND_CVE_2017_5715=1 \
WORKAROUND_CVE_2018_3639=1 \
WORKAROUND_CVE_2022_23960=1
* Build for debug with all errata enabled and step through ArmDS
at reset to ensure all functions are entered.
Change-Id: I63e5b2cc42e1e12daee0b727770cbc19ba729ff7
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
Errata report order is enforced to be in ascending order. To achieve
this with the errata framework this has to be done at the definition
level.
Change-Id: I70b05cc366c3b6d07a63edd88d23a52dd3d019c1
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
...and for each erratum:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
It is important to note that the errata workaround and checking
sequences remain unchanged and preserve their git blame. Testing was
conducted by:
* Manual comparison of disassembly of converted functions with non-
converted functions.
aarch64-none-elf-objdump -D <TF-A with
conversion>/build/../release/bl31/bl31.elf
vs
aarch64-none-elf-objdump -D <TF-A with
clean repo>/build/fvp/release/bl31/bl31.elf
* Build for release with all errata flags enabled and ensure the
changes were identical.
CROSS_COMPILE=aarch64-none-elf- make PLAT=fvp \
DEBUG=0 HW_ASSISTED_COHERENCY=0 \
BL33=<tf-a-tests>/build/fvp/debug/tftf.bin \
all fip ERRATA_A35_855472=1
* Build for debug with all errata enabled and step through ArmDS
at reset to ensure all functions are entered.
Change-Id: Ib001e9fc269e60369ccfda0245a3e6247f0d6aaa
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
* changes:
refactor(cpus): convert the Cortex-A78AE to use cpu helpers
refactor(cpus): convert the Denver cpu to use the errata framework
refactor(cpus): convert the Cortex-A78AE to use the errata framework
refactor(cpus): convert the Cortex-A5 to use the errata framework
refactor(cpus): convert the Cortex-A77 to use the bit set helpers
refactor(cpus): convert the Cortex-A77 to use the errata framework
refactor(cpus): reorder Cortex-A77 errata by ascending order
This involves replacing:
* the reset_func with the standard cpu_reset_func_{start,end} to apply
errata automatically
* the <cpu>_errata_report with the errata_report_shim to report errata
automatically
...and for each erratum:
* the prologue with the workaround_<type>_start to do the checks and
framework registration automatically
* the epilogue with the workaround_<type>_end
* the checker function with the check_erratum_<type> to make it more
descriptive
It is important to note that the errata workaround and checking
sequences remain unchanged and preserve their git blame.
At this point the binary output of all errata was checked with the
script from commit 19136. The reported discrepancies are immaterial.
All errata have been checked that they get invoked.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ideb6397f4ac7c3c1d04549a57af43bfa7ef25c1d
