Add required SMCs by RMM to push attestation signing requests to EL3
and get responses. EL3 may then choose to push these requests to a HES
as suitable for a platform. This patch also supports the new
RMM_EL3_FEATURES interface, that RMM can use to query for support for
HES based signing. The new interface exposes a feature register with
different bits defining different discoverable features. This new
interface is available starting the 0.4 version of the RMM-EL3
interface, causing the version to bump up. This patch also adds a
platform port for FVP that implements the platform hooks required to
enable the new SMCs, but it does not push to a HES and instead copies a
zeroed buffer in EL3.
Change-Id: I69c110252835122a9533e71bdcce10b5f2a686b2
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>
Due to change [1], the FIP tool was compiled with the default platform
instead of the one specified via the command line, as make_helpers.mk
set the PLAT option to default. This happened because the root Makefile
invoked FIP tool compilation without the PLAT option. The issue has
been fixed by explicitly providing the PLAT option for FIP tool
compilation.
[1]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/26597
Change-Id: Icc516f8d44706df03c7e6ee123b58afeda72cea7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The Yocto team has requested that we do not use Poetry from within the
Makefile, as Yocto does not have network access during the build
process.
We want to maintain the current behaviour, so this change makes our use
of Poetry contigent on it being available in the environment.
Additionally, explicitly passing an empty toolchain parameter now allows
a tool to be *disabled* (e.g. passing `POETRY=` will prevent the build
system from trying to use Poetry).
Change-Id: Ibf552a3fee1eaadee767a1b948b559700083b401
Signed-off-by: Chris Kay <chris.kay@arm.com>
Make the process of compiling a TL from DT source flexible. Provide a
top level recipe to make it easier for developers to build a transfer
list. Clean up integration of TLC into the build system.
Change-Id: I4466e27a457dfd5bf709dc3a360a2b63bf6030ce
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
In some cases it maybe needed to override some default settings on a
particular platform. For example, enable ENABLE_LTO on a size
constrained platform.
Change-Id: I556d26f6b81c0f3ceb40b7196180995dde22afd0
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Since the introduction of the toolchain detection framework into the
build system, we have done determination and identification of the
toolchain(s) used for the build at the initialization of the build
system.
This incurs a large cost to the build every time - for every toolchain
that has been requested by the current makefile, we try to identify each
tool in the list of known tool classes, even if that tool doesn't
actually see any use.
For the clean and check-like targets we worked around this by disabling
most of the toolchains if we detect these targets, but this is
inflexible and not very reliable, and it still means that when building
normal targets we are incurring that cost for all tools whether they are
used or not.
This change instead modifies the toolchain detection framework to only
initialize a tool for a given toolchain when it is first used. This does
mean that we can no longer warn about an incorrectly-configured
toolchain at the beginning of build system invocation, but it has the
advantage of substantially reducing build time and the complexity of
*using* the framework (at the cost of an increase in complexity in the
framework itself).
Change-Id: I7f3d06b2eb58c1b26a846791a13b0037f32c8013
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change fixes several breakages that were introduced in some build
configurations by the introduction of the cot-dt2c tool.
Some Python environments cannot be managed directly via `pip`, and
invocations of `make`, including `make distclean`, would cause errors
along the lines of:
error: externally-managed-environment
× This environment is externally managed
╰─> To install Python packages system-wide, try apt install
python3-xyz, where xyz is the package you are trying to
install.
This change has been resolved by ensuring that calls to the cot-dt2c
tool from the build system happen exclusively through Poetry, which
automatically sets up a virtual environment that *can* be modified.
Some environments saw the following error when building platforms where
the cot-dt2c tool was used:
make: *** No rule to make target '<..>/debug/bl2_cot.c', needed
by '<..>/debug/bl2/bl2_cot.o'. Stop.
Additionally, environments with a more recent version of Python saw the
following error:
File "<...>/lib/python3.12/site-packages/cot_dt2c/cot_parser.py",
line 637, in img_to_c
if ifdef:
^^^^^
NameError: name 'ifdef' is not defined
Both of these errors have now been resolved by modifications to the
build system and the cot-dt2c tool to enable preprocessing of the device
tree source file before it is processed by the tool.
As a consequence of this change, the `pydevicetree` library is no longer
vendored into the repository tree, and we instead pull it in via a
dependency in Poetry.
This change also resolves several MyPy warnings and errors related to
missing type hints.
Change-Id: I72b2d01caca3fcb789d3fe2549f318a9c92d77d1
Signed-off-by: Chris Kay <chris.kay@arm.com>
This patch performs necessary simd context management operations for
context switch from NWd to SWD and vice versa.
Change-Id: Ife01fffc4e2a7f3deb9b6273424161c225fdbbfb
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Illegal combinations of build flags associated with SIMD context
management are flagged by the build system.
Change-Id: I3192af3889e1e864c7875778616e167ba6894195
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch adds the common API to save and restore FP and SVE. When SVE
is enabled we save and restore SVE which automatically covers FP. If FP
is enabled while SVE is not, then we save and restore FP only.
The patch uses simd_ctx_t to save and restore both FP and SVE which
means developers need not use fp or sve routines directly. Once all the
calls to fpregs_context_* are replaced with simd_ctx_*, we can remove
fp_regs_t data structure and macros (taken care in a following patch).
simd_ctx_t is currently allocated in section of its own. This will go
into BSS section by default but platform will have option of relocating
it to a different section by overriding in plat.ld.S.
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I090f8b8fa3862e527b6c40385249adc69256bf24
This patch extends the simd data structure to hold the SVE state. A new
build flag CTX_INCLUDE_SVE_REGS is introduced in this patch to enable
SVE context management.
Necessary precautions are taken such as ensuring the field offsets are
not changed and necessary padding is added for alignment reasons.
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I54f5222c7d8c68638105003f68caa511d347cd60
The current implementation of make checkpatch does not detect issues
when Signed-off-by line is missing. The solution is to concatenate
the output of both git log and git diff before executing checkpatch
script.
Change-Id: Ic2d6f8bc10316d73b72a73a1807aa36cdec6900d
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change the makefile to call the cot-dt2c tool
during the build for Arm platform
Change-Id: Idb7c02cca6b9ddd87f575a42c88e7b2660b896e0
Signed-off-by: Xialin Liu <Xialin.Liu@ARM.com>
This target can currently fail as the `$(BUILD_PLAT)` target no longer exists, as it is now `$(BUILD_PLAT)/` (with an explicit trailing slash).
Change-Id: I9172b2f51f6e02e6369f62468ea63a64ec0f6dd1
Signed-off-by: Chris Kay <chris.kay@arm.com>
This commit streamlines directory creation by introducing a single
pattern rule to automatically make directories for which there is a
dependency.
We currently use several macros to generate rules to create directories
upon dependence, which is a significant amount of code and a lot of
redundancy. The rule introduced by this change represents a catch-all:
any rule dependency on a path ending in a forward slash is automatically
created.
Now, rules can rely on an unordered dependency (`|`) on `$$(@D)/` which,
when secondary expansion is enabled, expands to the directory of the
target being built, e.g.:
build/main.o: main.c | $$(@D)/ # automatically creates `build/`
Change-Id: I7e554efa2ac850e779bb302fd9c7fbb239886c9f
Signed-off-by: Chris Kay <chris.kay@arm.com>
This patch disables trapping to EL3 when the FEAT_FGT2
specific trap registers are accessed by setting the
SCR_EL3.FGTEn2 bit
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I6d2b614affb9067b2bc3d7bf0ae7d169d031592a
This patch enables FEAT_Debugv8p9 and prevents EL1/0 from
trapping to EL3 when accessing MDSELR_EL1 register by
setting the MDCR_EL3.EBWE bit.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I3613af1dd8cb8c0d3c33dc959f170846c0b9695a
This change introduces a few helper variables for dealing with verbose
and silent build modes: `silent`, `verbose`, `q` and `s`.
The `silent` and `verbose` variables are boolean values determining
whether the build system has been configured to run silently or
verbosely respectively (i.e. with `--silent` or `V=1`).
These two modes cannot be used together - if `silent` is truthy then
`verbose` is always falsy. As such:
make --silent V=1
... results in a silent build.
In addition to these boolean variables, we also introduce two new
variables - `s` and `q` - for use in rule recipes to conditionally
suppress the output of commands.
When building silently, `s` expands to a value which disables the
command that follows, and `q` expands to a value which supppresses
echoing of the command:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed but not echoed'
When building verbosely, `s` expands to a value which disables the
command that follows, and `q` expands to nothing:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed and echoed'
In all other cases, both `s` and `q` expand to a value which suppresses
echoing of the command that follows:
$(s)echo 'This command is executed but not echoed'
$(q)echo 'This command is executed but not echoed'
The `s` variable is predominantly useful for `echo` commands, where you
always want to suppress echoing of the command itself, whilst `q` is
more useful for all other commands.
Change-Id: I8d8ff6ed714d3cb401946c52955887ed7dca602b
Signed-off-by: Chris Kay <chris.kay@arm.com>
Generated this change-log using below command:
npm run release -- --skip.commit --skip.tag --release-as 2.11.0
Change-Id: I34c7b342549781057da1b18116500f110bc3f5ad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <JuanPablo.Conde@arm.com>
This patch adds support in GPT library for configuration
of the memory block size protected by one bit of 'bitlock'
structure. Build option 'RME_GPT_BITLOCK_BLOCK' defines the
number of 512MB blocks covered by each bit. This numeric
parameter must be a power of 2 and can take the values from
0 to 512. Setting this value to 0 chooses a single spinlock
for all GPT L1 table entries. The default value is set to 1
which corresponds to 512MB per bit.
Change-Id: I710d178072894a3ef40daebea701f74d19e8a3d7
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Most developers run the `clean`, `checkpatch` and other similar targets
without specifying any other additional build options. When combined
with a flow where the developer passes `CROSS_COMPILE` or `CC`
explicitly, and where the default-configured tools are not on the PATH,
these targets will warn about unrecognized toolchain tools.
This change is a workaround for this whereby the toolchain makefile is
not expanded unless a target *not* named `*clean`, `check*` `doc` or
`*tool` has been specified.
Change-Id: I2f2a275964b65253df07c2207043217b14f615fe
Signed-off-by: Chris Kay <chris.kay@arm.com>
This patch adds support for large GPT mappings using
Contiguous descriptors. The maximum size of supported
contiguous block in MB is defined in RME_GPT_MAX_BLOCK
build parameter and takes values 0, 2, 32 and 512 and
by default set to 2 in make_helpers/defaults.mk.
Setting RME_GPT_MAX_BLOCK value to 0 disables use of
Contiguous descriptors.
Function gpt_tlbi_by_pa_ll() and its declaration
are removed from lib/aarch64/misc_helpers.S and
include/arch/aarch64/arch_helpers.h, because the
GPT library now uses tlbirpalos_xxx() functions.
Change-Id: Ia9a59bde1741c5666b4ca1de9324e6dfd6f734eb
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Adds driver support to preserve DSU PMU register values over a DSU
power cycle. This driver needs to be enabled by the platforms that
support DSU and also need it's PMU registers to be preserved
Change-Id: I7fc68a3d7d99ee369379aa5cd114fffc763fc0d2
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
The PSA FWU support is significantly matured in terms of
its design, threat model documentation, and implementation
as well as its adherence to the latest PSA FWU specifications.
Consequently, the experimental mark for this feature has been
removed.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia6611e0c71485413b0da885f41ac59c93038e480
The DICE_PROTECTION_ENVIRONMENT support has been marked as experimental
since it has not incorporated into the threat model.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic1ea4d59fd8a3fde7ce0404488a56e9d11bc1b85
* changes:
feat(stm32mp2): use early traces
feat(st-bsec): use early traces
refactor(st): replace STM32MP_EARLY_CONSOLE with EARLY_CONSOLE
feat(console): introduce EARLY_CONSOLE
feat(bl32): create an sp_min_setup function
This function causes the build message to be generated and compiled in
two different ways, with one way done inside `build_macros.mk` and the
other done inside `windows.mk`, mostly because it's done by generating
the C file on the command line.
We can instead replace this whole build message generation sequence with
a simple standard C compilation command and a normal C file.
Change-Id: I8bc136380c9585ddeec9a11154ee39ef70526f81
Signed-off-by: Chris Kay <chris.kay@arm.com>
This is a generic porting of what was done on ST platforms with flag
STM32MP_EARLY_CONSOLE. It creates the flag and the prototype for
plat_setup_early_console(). This function depends on platform
implementation. This function call is added at the beginning of each BL
image early setup function.
The patch also introduce an extra log macro: EARLY_ERROR. This can
replace ERROR macro in code that will only be executed before the
default console is enabled, and will do nothing when the EARLY_CONSOLE
is not enabled. This can then save some space in memory.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I77bf0a0c4289b4c7df94e4bfb783a938e05bf023
Currently both FEAT_MTE and FEAT_MTE_PERM aren't used for enabling
of any feature bits in EL3. So remove both FEAT handling.
All mte regs that are currently context saved/restored are needed
only when FEAT_MTE2 is enabled, so move to usage of FEAT_MTE2 and
remove FEAT_MTE usage.
BREAKING CHANGE: Any platform or downstream code trying to use
SCR_EL3.ATA bit(26) will see failures as this is now moved to be
used only with FEAT_MTE2 with
commit@ef0d0e5478a3f19cbe70a378b9b184036db38fe2
Change-Id: Id01e154156571f7792135639e17dc5c8d0e17cf8
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
FEAT_RME is OPTIONAL in an Armv9.2 implementation,
so set ARM_ARCH_MAJOR := 9 and ARM_ARCH_MINOR := 2
when TF-A is built with 'ENABLE_RME = 1'.
Change-Id: Ibcdb23bd057983eb846eed0b0da8c4d72ed696ae
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot framework supports
multiple backends. A given platform always enables
the corresponding backend which is required by the
attestation scheme.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idc3360d0d7216e4859e99b5db3d377407e0aeee5
* changes:
build(fpga): correctly handle gcc as linker for LTO
fix(build): enforce single partition for LTO build
fix(rockchip): add support for building with LTO enabled
The version 2 of the FWU metadata structure is designed such that the
information on the updatable images can be omitted from the metadata
structure. Add a configuration flag, PSA_FWU_METADATA_FW_STORE_DESC,
which is used to select whether the metadata structure has this
information included or not. It's value is set to 1 by default.
Change-Id: I4463a20c94d2c745ddb0b2cc8932c12d418fbd42
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
For example, build for PLAT=fvp SPD=spmd fails with a following error
when LTO is enabled using GCC 13.2.1:
aarch64-none-elf/bin/ld: /tmp/ccrG0Z8D.ltrans0.ltrans.o: in function `spmd_smc_forward':
arm-trusted-firmware/services/std_svc/spmd/spmd_main.c:749:(.text+0xbe50): undefined reference to `rdist_ctx'
aarch64-none-elf/bin/ld: arm-trusted-firmware/services/std_svc/spmd/spmd_main.c:749:(.text+0xbe58): undefined reference to `dist_ctx'
collect2: error: ld returned 1 exit status
Access to rdist_ctx and dist_ctx is defined using inline assembler
like
__asm__ volatile ("ldr %0, =rdist_ctx" : "=r" (v) : "X" (rdist_ctx));
Access assembler function definitions moved to a different ltrans then
actual variables. Partitioner doesn't take into account defined and
used symbols in inline assembler. Depending on compiler partitioner
decision the same code builds for some platforms successfully.
This is a known gcc problem
1. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57703
2. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=46820
TF-A source code isn't that big and enforcing single partitioning will
not affect build performance, but will fix problems with 'undefined
references' related to inline assembler.
Change-Id: I72955ab0318f72b588d3a246824f99a48a92d8ef
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Also increase add PLAT_ARM_SP_MAX_SIZE to override the default
ARM_SP_MAX_SIZE to support Trusty image and move OPTEE_SP_FW_CONFIG
documentation to build-internals.rst as it's not externally set-able.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ief90ae9113d32265ee2200f35f3e517b7b9a4bea
Add support for feat mte2. tfsr_el2 is available only with mte2,
however currently its context_save/restore is done with mte rather than
mte2, so introduce 'is_feat_mte2_supported' to check mte2.
Change-Id: I108d9989a8f5b4d1d2f3b9865a914056fa566cf2
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Having a comment at the end of VERSION_PATCH definition line prevent
the release script to work properly. Move it on the previous line.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I4008ccbccd512edf33f67c645b38937ad1af9777
The toolchain refactor change introduces the `${toolchain}-${tool}-id`
variables, which provide identifiers for all of the toolchain tools used
by the build system. This change replaces the various conditions that
are in use to identify these tools based on the path with a standard set
of comparisons against these new identifier variables.
Change-Id: Ib60e592359fa6e415c19a012e68d660f87436ca7
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change migrates the values of `CC`, `CPP`, `AS` and other toolchain
variables to the new `$(toolchain)-$(tool)` variables, which were
introduced by the toolchain refactor patch. These variables should be
equivalent to the values that they're replacing.
Change-Id: I644fe4ce82ef1894bed129ddb4b6ab94fb04985d
Signed-off-by: Chris Kay <chris.kay@arm.com>
