This patch allows platforms to define their
own jump table list for library at ROM. The
file has the list of functions to be used
from library at ROM. It can also include
other list files.
Change-Id: I721c35d7dad3dcadbb3a7f3277bfd5d3e1f6e00a
Signed-off-by: Sathees Balya <sathees.balya@arm.com>
This patch updates the user guide instructions for
RESET_TO_SP_MIN and RESET_TO_BL31 cases. The load
address for BL31 had to be updated because of increase
in code size. Also, information about PIE support when
RESET_TO_BL31=1 for FVP is added.
In the case of RESET_TO_SP_MIN, the RVBAR address
was wrong in the instruction. This is also corrected
in the patch.
Change-Id: I65fe6d28c5cf79bee0a11fbde320d49fcc1aacf5
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
When the patch SHA 931f7c6 introduced PIE support for BL31,
adding the GOT section when the SEPARATE_CODE_AND_RODATA=0
to the linker script was erroneously omitted. This patch corrects
the same.
Also the patch reduces the alignment requirement for GOT and RELA
sections from 16 bytes to 8. Comments are added explain the
intent for alignment.
Change-Id: I8035cbf75f346f99bd56b13f32e0b3b70dd2fe6c
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
This patch defines BL31_BASE to 0x0 when RESET_TO_BL31=1 as the
executable is built with PIE support and can be loaded anywhere
in SRAM for execution.
Change-Id: I4007f4626322f1200a6304c9c565987d3357986c
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
The GIC lowest priority values for each world depends on the number of
priority values implemented in hardware. These constants currently
defined in gic_common.h only meant to enumerate lowest possible
architectural values. Since these values are not used in generic code or
upstream platforms, and that general use of these constants can be
wrong, remove these. Platforms should either define and use these as
appropriate, or determine correct values at run time.
Change-Id: I3805cea8ceb8a592b9eff681ea1b63b7496cec5f
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Also, add a disclaimer to explain that the current implementation of SPM
is a prototype that is going to undergo a lot of rework.
Change-Id: I303c1e61c51d9f286cc599fea565fc9ba5a996bf
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The old SMCs SP_MEMORY_ATTRIBUTES_{GET,SET}_AARCH64 have been removed in
favour of SPRT_MEMORY_PERM_ATTR_{GET,SET}_AARCH64.
Change-Id: Idb93cfa5461d0098df941037c5653f7c44b65227
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Note that the arguments passed during the SMC call don't comply with the
SPCI specifications. This will be fixed in following patches, but it is
needed to implement a few more SPCI SMCs to be able to do it. The
current code allows us to start testing it.
Change-Id: Ic13dcc54c40327df03be1b0f52e8a44f468f06b4
Co-authored-by: Jean-Paul Etienne <jean-paul.etienne@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This buffer is where all the responses from Secure Partitions are stored
until they are requested.
Change-Id: Iafeb8f0848c5ff6f3e187060cd3a47702484dc45
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Blocking calls can only succeed if the target Secure Partition is idle.
Change-Id: Iabeaa0b8d3e653fd8581fa086758936abfc1c772
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Note that the arguments passed during the SMC call don't comply with the
SPCI specifications. This will be fixed in following patches, but it is
needed to implement a few more SPCI SMCs to be able to do it. The
current code allows us to start testing it.
Change-Id: Ief0e75d072b311737fcdb0c6a60ba5b7406a9ee5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Introduce SMCs that open and close handles according to the SPCI
specification.
Change-Id: I65f365f15612e01aa445e783e96e48ae275c39fd
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Remove interfaces based on MM_COMMUNICATE.
Change-Id: I628c884b91d9f4758269ea2c4dedc37a66bb93cf
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
SPM needs to map a number of regions on behalf of the secure partition.
Previously, it used to get a list of them from platform code using the
plat_get_secure_partition_mmap() API. Now it gets them from the resource
description structure.
The SPM<->SP shared buffer is mapped dynamically at EL3. This buffer is
used to pass information between SPM and SP, so it must be mapped at EL3
as well in order to be used by SPM.
Dynamic translation tables have been enabled when the Trusted Firmware
is compiled with SPM support.
Change-Id: I64ad335e931661812a0a60558e60372e1e5e6b72
Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Read entrypoint of the Secure Partition from the resource description
struct.
Change-Id: Ie693c7b4d4fecafd85b6934d9d8c4232efb1dc55
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Load SP and RD from package instead of relying on RD being already
loaded in memory and the SP being loaded as a BL32 image.
Change-Id: I18d4fbf4597656c6a7e878e1d7c01a8a324f3f8a
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This tool packages Secure Partitions and Resource Descriptor blobs into
a simple file that can be loaded by SPM.
Change-Id: If3800064f30bdc3d7fc6a15ffbb3007ef632bcaa
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This avoids the following warnings:
no previous prototype for 'bl2_arch_setup' [-Wmissing-prototypes]
no previous prototype for 'plat_log_get_prefix' [-Wmissing-prototypes]
Also correct a compilation issue if BL2_IN_XIP_MEM is enabled:
uintptr_t is not defined.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The list of warning is taken from kernel and also divided in 3.
The option to activate that is W=x, with x=1, 2 or 3.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
This information is retrieved from the resource description now.
Change-Id: Iaae23945eb2c45305cdc6442853e42f4e04fe094
Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This information is defined by the Secure Partition in the resource
description.
Change-Id: Ia7db90c5de8360a596106880d3f6a632a88d3ea8
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Introduce helpers to create resource description struct, as well as code
to load the information from DTB files.
Change-Id: I0f5bb94eb8b01c6cb53fe807a9db0c05a70d7a43
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The structures and associated definitions are in different files so that
the definitions can be used inside DTS files while the structs are
private to SPM. They follow the SPRT specification.
Change-Id: Id6a629040a086c482b9d9fa1883b8aa6bbee619f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The current SPM is a prototype that only supports one secure partition
in EL0. The objective of SPM is to have multiple partitions. The current
MM interface isn't adequate for this, so it is needed to modify heavily
the code to add proper support for it.
However, there are platforms which are already using this (like SGI) and
removing the code would break it. For this reason, the current SPM code
has been duplicated in order to temporarily preserve compatibility. All
new improvements/changes to SPM will be done in the non-deprecated copy,
that may change without notice.
The new build option SPM_DEPRECATED has been introduced to select the SPM
implementation. It defaults to 1, that selects the deprecated SPM.
Change-Id: Ic9f80b53b450e97b4d3f47e4ef4a138ee8d87443
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
Armv8.5 feature, this can be implemented by CPUs implementing earlier
version of the architecture.
With this patch, when both PSTATE.SSBS is implemented and
DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for
SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to
indicate that mitigation on the PE is either permanently enabled or not
required.
When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset
of every BL stage. This means that EL3 always executes with mitigation
applied.
For Cortex A76, if the PE implements SSBS, the existing mitigation (by
using a different vector table, and tweaking CPU ACTLR2) is not used.
Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
I wrote most of this code and have a vested interest in keeping it
healthy, so adding myself as a maintainer.
Change-Id: I0edeebbc8336b6976dfaf393b3cfc7bc94089ac6
Signed-off-by: Julius Werner <jwerner@chromium.org>
Now that we have switched to using the stack in MULTI_CONSOLE_API
framework functions and have factored all code involved in crash
reporting out into a separate file, there's really no reason to keep the
main framework code in assembly anymore. This patch rewrites it in C
which allows us to have a single implementation across aarch32/64 and
should be much easier to maintain going forward.
Change-Id: I6c85a01e89a79e8b233f3f8bee812f0dbd026221
Signed-off-by: Julius Werner <jwerner@chromium.org>
This patch makes the build system link the console framework code by
default, like it already does with other common libraries (e.g. cache
helpers). This should not make a difference in practice since TF is
linked with --gc-sections, so the linker will garbage collect all
functions and data that are not referenced by any other code. Thus, if a
platform doesn't want to include console code for size reasons and
doesn't make any references to console functions, the code will not be
included in the final binary.
To avoid compatibility issues with older platform ports, only make this
change for the MULTI_CONSOLE_API.
Change-Id: I153a9dbe680d57aadb860d1c829759ba701130d3
Signed-off-by: Julius Werner <jwerner@chromium.org>
console_unregister() has always returned a pointer to the console that
was removed on success, not just an integer. Fix the C prototype to
match the assembly implementation.
Change-Id: Iafc43de0767a5c87c9ae5c3aba53761dd28d51e6
Signed-off-by: Julius Werner <jwerner@chromium.org>
