Updated the Measured Boot PoC to be compliant with the current TF-A
implementation that supports multiple Measured Boot backends, which
are the RSS and Event Log.
Change-Id: I8a38a801dd75e6282d103e154966959bba2d1ec7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Don't use BL31_LIMIT macro for validation logic directly but clearly
mark BL31_LIMIT as 64bit address to avoid compilation error when
-Werror=logical-op is passed.
Likely caused by ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_SIZE is in 64bit
logic 0x100000000 and compiler handles it as 32bit value. That's why
error is shown.
Use uint64_t variable for limit and also for base.
Here is command line to replicate this issue:
make realclean; make -j PLAT=zynqmp DEBUG=1 RESET_TO_BL31=1 \
SPD=tspd SDEI_SUPPORT=1 ZYNQMP_ATF_MEM_BASE=0xFFFC0000 \
ZYNQMP_ATF_MEM_SIZE=0x00040000 all -Werror=logical-op
Also error which is coming:
plat/xilinx/zynqmp/zynqmp_sdei.c: In function
'arm_validate_ns_entrypoint':
plat/xilinx/zynqmp/zynqmp_sdei.c:19:40: error: logical 'or' of
collectively exhaustive tests is always true [-Werror=logical-op]
19 | return (entrypoint < BL31_BASE ||
entrypoint > BL31_LIMIT) ? 0 : -1;
Change-Id: Ie1f1b4d2cd94b977aebb72786ecace0b062da418
Signed-off-by: Michal Simek <michal.simek@amd.com>
* changes:
refactor(el3-spmc): move function call out of loop
refactor(el3-spmc): crash instead of reading OOB
fix(el3-spmc): prevent total_page_count overflow
* changes:
fix(spi-nand): add Quad Enable management
fix(st-clock): disabling CKPER clock is not functional on stm32mp13
fix(st-uart): skip console flush if UART is disabled
fix(st): flush UART at the end of uart_read()
fix(stm32mp1): use the BSEC nodes compatible for stm32mp13
fix(stm32mp13-fdts): correct the BSEC nodes compatible
fix(stm32mp1-fdts): move /omit-if-no-ref/ to overlay files
fix(stm32mp1): properly check PSCI functions return
set_fw_config_info() interface got renamed into set_config_info() as
part of commit f441718936 ("lib/fconf:
Update 'set_fw_config_info' function"). Rename a few left-overs of the
old name.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I119719cd7f3ba544e0c4c438e5341d35c7b5bdc2
Since the Arm Trusted Firmware(ATF) has been renamed to Trusted
Firmware-A (TF-A), replace all the instances of ATF from code comments,
macros, variables and functions to TF-A.
Change-Id: Iab448d96158612a3effb4e49943f8d6cb43aaad5
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Add APU watchdog timeout control.
Change-Id: I21d65a88d20b6b2752a75f74487b5fe6596ebdf7
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Signed-off-by: Karl Li <karl.li@mediatek.com>
Add emi mpu protection of APU secure memory.
Change-Id: I949cfce97565d8a313caae4ea41af60a171042a6
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Signed-off-by: Karl Li <karl.li@mediatek.com>
Apusys rcx is a subsys in apusys, and it is a basic domain of APU and
it connects several components in APU.
The devapc control of apusys rcx is also inside APU and it can only be
set when APU is powered on.
Then apusys kernel driver will trigger rcx devapc init by ATF smc call.
Change-Id: If4249f22a08690b1e4f5aa5f0cbfb54ccacf90e1
Signed-off-by: Karl Li <karl.li@mediatek.com>
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Add APU backup/restore function when power on/off.
Change-Id: Id0451bd12f402e1acabeb5c12266a2e01836e9dd
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Signed-off-by: Karl Li <karl.li@mediatek.com>
Add APU bootup control smc call.
The steps of bootup flow:
1. set up APU config.
2. reset APU.
3. set up APU boot config.
4. boot APU.
Change-Id: I9e930070a64c7c4dcaa3a8b3d28b897823e9f53c
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Signed-off-by: Karl Li <karl.li@mediatek.com>
Enable apusys mailbox mpu protect.
Change-Id: Idbf67084037b7ecf4926f57a901075f98540ee57
Signed-off-by: Karl Li <karl.li@mediatek.com>
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Enable apusys domain remap to protect no-protect memory.
- Remap request which from domain 5 to domain 14.
- Remap request which from domain 7 to domain 14.
Change-Id: Iccd188e3b8edbe916fa9767c841a844b66c6011f
Signed-off-by: Karl Li <karl.li@mediatek.com>
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
Apusys ao devapc is a set of control registers inside APU, and it
controls the access permission of APU ao domain.
Moreover, apusys ao devapc must be set after apusys power init, so
we need to place the drivers in TF-A instead of coreboot.
Change-Id: Ife849c32d4dd9dca15432d4b8a51753fde61b148
Signed-off-by: Karl Li <karl.li@mediatek.com>
Signed-off-by: Chungying Lu <chungying.lu@mediatek.com>
If the size of a shmem descriptor is not a multiple of 16, the
descriptor would be unusable, but the problem would be caught much
later.
Change-Id: I907f3862b55c6341e39a6b8b2e24784127230478
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
The information is already available inline. No functional change
intended.
Change-Id: I13d2ad62a9315b233d7a5fd3ffcaac3dd01b055c
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Hopefully this will be a tiny speedup. No functional change intended.
Change-Id: Ia052c7f9b24d5ece6209a6fa2903b1271215ece7
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
If it is called on an invalid mtd, out-of-bounds memory reads are
likely. Checks elsewhere in the code ensure that the mtd has been
validated before calling this function.
Change-Id: If598680a5b79e1786a6e0a213779ec80cbf37494
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
This ensures that descriptor size calculation does not overflow and
removes a bounds check that does not actually work.
Change-Id: If8da2bb1b312941b7f9d0debf3149b984fc3809a
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
size_t is not guaranteed to be 64 bits, although it happens to be 64
bits on all systems that el3-spmc supports.
Change-Id: Ieae11722a15448641de50233597ac35869eab574
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Using uint64_t is cleaner, even though size_t is 64 bits on all
platforms el3-spmc supports.
Change-Id: I457deb0b7f3df0749cb5368cceda1bb530d039de
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Adding a static helper function plat_get_nv_ctr_addr() to be used by
both plat_set_nv_ctr() and plat_get_nv_ctr() to return the
non-volatile counter address stored in the platform.
Change-Id: I5124c19e4537bb369724aa0160cc55a3cb1ab7eb
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Assembly language is rarely required and when it is, there are a lot of
helpers available to reduce the amount needed. Update the guidelines to
give pointers to them.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ic484e4ba57242594c351a9185ecb625d6e5dc223
Debugging assembly is painful as it is, and having no useful stack trace
does not help. Code must emit CFI directives whenever the stack moves to
enable stack traces. Otherwise, the layout of the stack frame is
ambiguous, the debugger gives up, and shows nothing. The compiler does
this automatically for C but not assembly.
Add this information to the (currently unused) func_prologue macro.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ief5fd672285df8d9d90fa6a2214b5c6e45eddd81
QEMU provides GIC information in DeviceTree (on platform version 0.1+).
Read it and provide to next firmware level via SMC.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I383919bd172acc8873292a0c5e4469651dc96fb9
QEMU provides platform version information via DT. We want to use it
in firmware to handle differences between platform versions.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I8def66dac9dd5d7ab0e459baa40e27a11b65f0ba
At the moment, TF-A does not need to access VAs or PAs larger than
48 bits, so this patch just enables proper detection of support
for 4KB and 16KB granularity with 52 bits address support.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Iccebbd5acc21f09dbb234ef21a802300e290ec18
