When loading OPTEE via an SMC after we start Linux, we end up changing
the interrupt settings which is a violation of the Linux kernel's
policies. This change sets the interrupt handler before we proceed to
starting the kernel and ignores any incoming interrupts that occur
before OPTEE is loaded.
Signed-off-by: Jeffrey Kardatzke<jkardatzke@google.com>
Change-Id: I7da5334498e14f4a703e8cc3eeff386e3ecc0882
The ChromeOS will use the SMC to pass some secrets from firmware to
optee.
Change-Id: Iaf3357d40a7ed22415926acd9d7979df24dd81f1
Signed-off-by: Yi Chou <yich@google.com>
Enable handoff to OP-TEE using transfer list.
Create transfer list when loading OP-TEE image via non-secure SMC call.
Fallback to default handoff args when transfer list is disabled or
transfer list signature does not exist.
Change-Id: I94bb5b7fdfbb8829016a9d5d9ef5aff993d7cc99
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
This adds creation of a device tree that will be passed to OP-TEE.
Currently that device tree only contains the coreboot table per the
Linux coreboot device tree specification. This device tree is then
passed to OP-TEE so it can extract the CBMEM console information from
the coreboot table for logging purposes.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I6a26d335e16f7226018c56ad571cca77b81b0f6a
This adds return of a UUID when TF-A is in the state where it needs to
receive the SMC call to load the OP-TEE image. It also changes the OEN
used for the image loading call to match the OEN used for the UUID call.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I713cb602d8e53b3f20d179b5fb5162da6a2ed057
There were some late comments to the prior change (18635) which are
address in this commit. There was also an invalid return value check
which was changed and the wrong result was being returned via the SMC
call for loading OP-TEE which is now fixed.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I883ddf966662549a3ef9c801a2d4f47709422332
This adds the ability to load the OP-TEE image via an SMC called from
non-secure userspace rather than loading it during boot. This should
only be utilized on platforms that can ensure security is maintained up
until the point the SMC is invoked as it breaks the normal barrier
between the secure and non-secure world.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I21cfa9699617c493fa4190f01d1cbb714e7449cc
Enforce full include path for includes. Deprecate old paths.
The following folders inside include/lib have been left unchanged:
- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}
The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).
For example, this patch had to be created because two headers were
called the same way: e0ea0928d5 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3a2 ("drivers: add tzc380 support").
This problem was introduced in commit 4ecca33988 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.
Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.
Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Rule 5.7: A tag name shall be a unique identifier
Follow convention of shorter names for smaller scope to fix
violations of MISRA rule 5.7
Fixed For:
make ARM_TSP_RAM_LOCATION=tdram LOG_LEVEL=50 PLAT=fvp SPD=opteed
Change-Id: I5fbb5d6ebddf169550eddb07ed880f5c8076bb76
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Commit 4c0d039076 ("Rework type usage in Trusted Firmware") changed
the type usage in struct declarations, but did not touch the definition
side. Fix the type mismatch.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Pass device tree pointer to OP-TEE in x2. bl2 is expected to fill in the
device tree pointer in args.arg3. Passing 0 means that device tree is
unavailable.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
ARM TF need transfer information about pageable image load address
and memory limit to OPTEE. OPTEE will relocate the pageable image
to where it's needed.
The legacy OP-TEE images that do not include header information
are not affected.
Change-Id: Id057efbbc894de7c36b2209b391febea4729c455
Signed-off-by: Edison Ai <edison.ai@arm.com>
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.
Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
Since Issue B (November 2016) of the SMC Calling Convention document
standard SMC calls are renamed to yielding SMC calls to help avoid
confusion with the standard service SMC range, which remains unchanged.
http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pd
A previous patch introduced a new define for yielding SMC call type.
This patch updates the secure payload dispatchers (except the TSPD) to
use this new define and also migrates the code to use the new
terminology.
Change-Id: I3d2437c04e3b21fdbd32019f55c066c87679a5bf
Signed-off-by: David Cunado <david.cunado@arm.com>
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
OPTEE to execute in aarch64 bit mode, set it accordingly
when execution transitions from EL3 to EL1
Change-Id: I59f2f940bdc1aac10543045b006a137d107ec95f
Signed-off-by: Ashutosh Singh <ashutosh.singh@arm.com>
In new communication protocol between optee os and linux driver,
r0-r6 registers are used. opteed need to copy these registers
as well when optee context registers are initialized.
Change-Id: Ifb47b73f847c61746cb58ea78411c1c71f208030
Signed-off-by: Ashutosh Singh <ashutosh.singh@arm.com>
The IMF_READ_INTERRUPT_ID build option enables a feature where the interrupt
ID of the highest priority pending interrupt is passed as a parameter to the
interrupt handler registered for that type of interrupt. This additional read
of highest pending interrupt id from GIC is problematic as it is possible that
the original interrupt may get deasserted and another interrupt of different
type maybe become the highest pending interrupt. Hence it is safer to prevent
such behaviour by removing the IMF_READ_INTERRUPT_ID build option.
The `id` parameter of the interrupt handler `interrupt_type_handler_t` is
now made a reserved parameter with this patch. It will always contain
INTR_ID_UNAVAILABLE.
FixesARM-software/tf-issues#307
Change-Id: I2173aae1dd37edad7ba6bdfb1a99868635fa34de
The new PSCI frameworks mandates that the platform APIs and the various
frameworks in Trusted Firmware migrate away from MPIDR based core
identification to one based on core index. Deprecated versions of the old
APIs are still present to provide compatibility but their implementations
are not optimal. This patch migrates the various SPDs exisiting within
Trusted Firmware tree and TSP to the new APIs.
Change-Id: Ifc37e7071c5769b5ded21d0b6a071c8c4cab7836
