This patch introduces a platform-specific function to provide DLME
authentication features. While no platforms currently support DLME
authentication, this change offers a structured way for platforms
to define and expose their DLME authentication features, with the
flexibility to extend support in the future if needed.
Change-Id: Ia708914477c4d8cfee4809a9daade9a3e91ed073
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Introduces a platform-specific API to retrieve the ACPI table
region size. This will be used in a subsequent patch to specify
the minimum DLME size requirement for the DCE preamble.
Change-Id: I44ce9241733b22fea3cbce9d42f1c2cc5ef20852
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
* changes:
fix(qemu): statically allocate bitlocks array
feat(qemu): update for renamed struct memory_bank
feat(fvp): increase GPT PPS to 1TB
feat(gpt): statically allocate bitlocks array
chore(gpt): define PPS in platform header files
feat(fvp): allocate L0 GPT at the top of SRAM
feat(fvp): change size of PCIe memory region 2
feat(rmm): add PCIe IO info to Boot manifest
feat(fvp): define single Root region
* changes:
fix(cpus): clear CPUPWRCTLR_EL1.CORE_PWRDN_EN_BIT on reset
chore(docs): drop the "wfi" from `pwr_domain_pwr_down_wfi`
chore(psci): drop skip_wfi variable
feat(arm): convert arm platforms to expect a wakeup
fix(cpus): avoid SME related loss of context on powerdown
feat(psci): allow cores to wake up from powerdown
refactor: panic after calling psci_power_down_wfi()
refactor(cpus): undo errata mitigations
feat(cpus): add sysreg_bit_toggle
gpt_runtime_init() now takes the bitlock array's address and size as
argument. Rather than reserving space at the end of the L0 GPT for
storing bitlocks, allocate a static array and pass its address to
gpt_runtime_init(). This frees up a little bit of space formerly
reserved for alignment of the GPT.
Change-Id: I48a1a2bc230f64e13e3ed08b18ebdc2d387d77d0
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
- Increase PPS for FVP from 64GB to 1TB.
- GPT L0 table for 1TB PPS requires 8KB memory.
- Set FVP_TRUSTED_SRAM_SIZE to 384 with ENABLE_RME=1
option.
- Add 256MB of PCIe memory region 1 and 3GB of
PCIe memory region 2 to FVP PAS regions array.
Change-Id: Icadd528576f53c55b5d461ff4dcd357429ba622a
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
This patch allocates level 0 GPT at the top of SRAM
for FVP. This helps to meet L0 GPT alignment requirements
and prevent the occurrence of possible unused gaps in SRAM.
Load addresses for FVP TB_FW, SOC_FW and TOS_FW DTBs are
defined in fvp_fw_config.dts via ARM_BL_RAM_BASE macro.
Change-Id: Iaa52e302373779d9fdbaf4e1ba40c10aa8d1f8bd
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
- Add PCIe and SMMUv3 related information to DTS for
configurations with ENABLE_RME=1.
- Add entries for PCIe IO memory regions to Boot manifest
- Update RMMD_MANIFEST_VERSION_MINOR from 3 to 4.
- Read PCIe related information from DTB and write it to
Boot manifest.
- Rename structures that used to describe DRAM layout
and now describe both DRAM and PCIe IO memory regions:
- ns_dram_bank -> memory_bank
- ns_dram_info -> memory_info.
Change-Id: Ib75d1af86076f724f5c330074e231f1c2ba8e21d
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
For FVP model define single Root PAS which
includes EL3 DRAM data, L1 GPTs and SCP TZC.
This allows to decrease the number of PAS
regions passed to GPT library and use GPT
mapping with Contiguous descriptor of
larger block size.
Change-Id: I70f6babaebc14e5e0bce033783ec423c8a26c542
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
In RESET_TO_BL31, the SPMC manifest base address that is utilized by
bl32_image_ep_info has to be statically defined as DT is not available.
Common arm code sets this to the top of SRAM using macros but it can be
different for some platforms. Hence, introduce the macro
PLAT_ARM_SPMC_MANIFEST_BASE that could be re-defined by platform as per
their use-case. Platforms that utilize arm_def.h would use the existing
value from arm common code.
Signed-off-by: Rakshit Goyal <rakshit.goyal@arm.com>
Change-Id: I4491749ad2b5794e06c9bd11ff61e2e64f21a948
Newer cores in upcoming platforms may refuse to power down. The PSCI
library is already prepared for this so convert platform code to also
allow this. This is simple - drop the `wfi` + panic and let common code
deal with the fallout. The end result will be the same (sans the
message) except the platform will have fewer responsibilities. The only
exception is for cores being signalled to power off gracefully ahead of
system reset. That path must also be terminal so replace the end with
the same psci_pwrdown_cpu_end() to behave the same as the generic
implementation. It will handle wakeups and panic, hoping that the system
gets reset from under it. The dmb is upgraded to a dsb so no functional
change.
Change-Id: I381f96bec8532bda6ccdac65de57971aac42e7e8
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Create a common BL2 API to add a TE for TPM event log.
Change-Id: I459e70f40069aa9ea0625977e0bad8ec316439e6
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
This variable had a misleading name, as it is the length
of the header only when the ROTPK is a hash.
Also rename arm_rotpk_header to match the new pattern.
Change-Id: I36c29998eebf50c356a6ca959ec9223c8837b540
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
No longer hard code SHA-256 hashed dev rotpks, instead
use the algorithm given by HASH_ALG. This means that
we no longer need the plat_arm_configs (once the protpk and
swd_rotpk are also updated to use HASH_ALG).
The rot public key is now generated at build time, as is
the header for the key.
Also support some default 3k and 4k RSA keys.
Change-Id: I33538124aeb4fa7d67918d878d17f2a84d3a6756
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Mbed-TLS requires platforms to allocate it a heap for it's own internal
usage. This heap is typically between shared by BL1 and BL2 to conserve
memory.The base address and size of the heap are conveyed from BL1 to
BL2 through the config TB_FW_CONFIG.
This slightly awkward approach necessitates declaring a placeholder node
in the DTS. At runtime, this node is populated with the actual values of
the heap information. Instead, since this is dynamic information, and
simple to represent through C structures, transmit it to later stages
using the firmware handoff framework.
With this migration, remove references to TB_FW_CONFIG when firmware
handoff is enabled, as it is no longer needed. The setup code now relies
solely on TL structures to configure the TB firmware
Change-Id: Iff00dc742924a055b8bd304f15eec03ce3c6d1ef
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
The initialization logic for the secure transfer list is currently
scattered and duplicated across platform setup code. This not only leads
to inefficiency but also complicates access to transfer lists from other
parts of the code without invoking setup functions. For instance,
arm_bl2_setup_next_ep_info acts as a thin wrapper in arm_bl2_setup.c to
provide access to the secure transfer list.
To streamline the interface, all setup code has been consolidated into a
central location.
Change-Id: I99d2a567ff39df88baa57e7e08607fccb8af189c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Add required SMCs by RMM to push attestation signing requests to EL3
and get responses. EL3 may then choose to push these requests to a HES
as suitable for a platform. This patch also supports the new
RMM_EL3_FEATURES interface, that RMM can use to query for support for
HES based signing. The new interface exposes a feature register with
different bits defining different discoverable features. This new
interface is available starting the 0.4 version of the RMM-EL3
interface, causing the version to bump up. This patch also adds a
platform port for FVP that implements the platform hooks required to
enable the new SMCs, but it does not push to a HES and instead copies a
zeroed buffer in EL3.
Change-Id: I69c110252835122a9533e71bdcce10b5f2a686b2
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>
This commit introduces a new ARM platform-specific build option called
`ARM_FW_CONFIG_LOAD_ENABLE`. This option enables the loading of the
`fw_config` device tree when resetting to the BL2 scenario.
Additionally, the FW_CONFIG image reference has been added to the
fdts/tbbr_cot_descriptors.dtsi file in order to use in the scenario of
RESET_TO_BL2.
Signed-off-by: Divin Raj <divin.raj@arm.com>
Change-Id: I11de497b7dbb1386ed84d939d6fd2a11856e9e1b
Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token in pieces, so they fit in the shared buffer. A new
output parameter was added to the SMC call, which will return (along
with the size of bytes copied into the buffer) the number of bytes
of the token that remain to be retrieved.
TF-A will keep an offset variable that will indicate the position in
the token where the next call will retrieve bytes from. This offset
will be increased on every call by adding the number number of bytes
copied. If the received hash size is not 0, TF-A will reset the
offset to 0 and copy from that position on.
The SMC call will now return at most the size of the shared buffer
in bytes on every call. Therefore, from now on, multiple SMC calls
may be needed to be issued if the token size exceeds the shared
buffer size.
Change-Id: I591f7013d06f64e98afaf9535dbea6f815799723
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
NI-Tower's component's registers are need to be accessed from
kernel NI-PMU driver so enable NS access to it.
Change-Id: I83a8b3a1d2778baf767ff93263e246d127ef8114
Signed-off-by: Jagdish Gediya <jagdish.gediya@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>
Refactor DT relocation logic from BL2 to BL31 for non-secure DRAM.
Previously, BL2 was responsible for copying the DT into SRAM and DRAM,
resulting in duplicate code in BL31 to cater for the `RESET_TO_BL31`
case. By moving the re-location logic to BL31, we simplify handling of
the non-secure DT and TL.
Change-Id: Id239f9410669afe4b223fa8d8bb093084a0e5e1b
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
To support UEFI secure variable service,
StandaloneMm which runs in BL32 should know flash areas.
Add flash memory areas and system register region
so that StandaloneMm access to flash storages.
Change-Id: I803bda9664a17a0b978ebff90974eaf5442a91cd
Signed-off-by: levi.yun <yeoreum.yun@arm.com>
In case of load error, platform may need to try another instance, either
from another storage, or from the same storage in case of PSA FWU. On
MTD devices such as NAND, it is required to define backup partitions.
A new function plat_setup_try_img_ops() should be called by platform
code to register handlers (plat_try_images_ops) to manage loading
other images.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ideaecaf296c0037a26fb4e6680f33e507111378a
The plat_try_next_boot_source() API is not used by any upstream platform
and not used by platforms that asked for this API. It is then removed.
It will be replaced with a more generic interface in next patch.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I298c7acace8c5efb3c66422d8d9280ecd08e5ade
SPM-MM defines AP TZC-400 regions as such:
1: 0xff000000 0xffffffff S
2: 0x80000000 0xfeffffff NS
3: 0x880000000 0xfffffffff NS
4: 0xff600000 0xff60ffff NS
Region 4 (using filter 0) defines the SPM NS shared buffer between
normal world and secure world.
However region 4 overlaps with region 1 (using filter 0) defined as
secure.
It is forbidden to define overlapping regions beyond region 0 for the
same filter. This is reported as a violation in the TZC-400 controller.
With FVP models < 11.25 the error is latent but not reported to the PE
(reason for this behavior is unclear).
With greater FVP model version the error is reported as an asynchronous
external abort (SError exception).
By carving out the SPM NS shared region (with regions as defined below),
the violation is no longer reported and test passed with recent FVP
models:
1: 0x80000000 0xfeffffff NS
2: 0xff000000 0xff5fffff S
3: 0xff600000 0xff60ffff NS
4: 0xff610000 0xffffffff S
5: 0x880000000 0xfffffffff NS
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Idc3370803ad204ac29efeded77305e52e17cc1c1
MAP_DEVICE0 for internal (register) space access settings
flag MT_NS was changed to MT_SECURE to enable access
to the TSGEN register, otherwise it brings to MCR violation,
because access to the TSGEN register is locked and enabled
for secure only
Change-Id: Id2fe90d30342706c58064161360d8be6e0d5616b
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
This patch adds an API(plat_cluster_id_by_mpidr)
that retrieves the cluster ID by looking at
the MPIDR_EL1 for platforms that have ARM_PLAT_MT set
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I0266f2e49a3114d169a7708d7ddbd4f6229a7a41
* changes:
feat(stm32mp2): use early traces
feat(st-bsec): use early traces
refactor(st): replace STM32MP_EARLY_CONSOLE with EARLY_CONSOLE
feat(console): introduce EARLY_CONSOLE
feat(bl32): create an sp_min_setup function
In the ARM recommended StateID Encoding, the index for the power
level where the calling core is last to go idle use the last niblle
of the StateId.
Even if this nibble is necessary for OS-initiated mode, it can be
used by caller even when this OSI mode is not used.
In arm_validate_power_state() function, the StateId is compared with
content of arm_pm_idle_states[] build with the arm_make_pwrstate_lvl2
macro, without Last in Level information. So it is safe to mask this
nibble for ARM platform in all the cases, and that avoids issues with
caller with use the same StateId encoding with OSI mode activated or
not (in tftf tests for example, the input(power state) parameter =
(0x40001022) and the associated power state is 0x40000022).
Change-Id: I45e8e2b8f526fb61b94cf134d7d4aa3bac4c215d
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Move pmf support to vendor-specific EL3 Monitor Service Calls. Remove
pmf call count as it's not supported in vendor-specific el3 as per
SMCCC Documentation 1.5:
https://developer.arm.com/documentation/den0028/latest
Add a deprecation notice to inform PMF is moved from arm-sip range to
vendor-specific EL3 range. PMF support from arm-sip range will be
removed and will not available after TF-A 2.12 release.
Change-Id: Ie1e14aa601d4fc3db352cd5621d842017a18e9ec
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Move debugfs to Vendor-Specific EL3 Monitor Service Calls.
Function Identifier for Vendor-Specific EL3 Monitor Service is '7' and
allocated subranges of Function identifiers to different services are:
0x87000000-0x8700FFFF-SMC32: Vendor-Specific EL3 Monitor Service Calls
0xC7000000-0xC700FFFF-SMC64: Vendor-Specific EL3 Monitor Service Calls
Amend Debugfs FID's to use this range and id.
Add a deprecation notice to inform debugfs moved from arm-sip range to
Vendor-Specific EL3 range. Debugfs support from arm-sip range will be
removed and will not be available after TF-A 2.12 release.
Reference to debugfs component level documentation:
https://trustedfirmware-a.readthedocs.io/en/latest/components/debugfs-design.html#overview
Change-Id: I97a50170178f361f70c95ed0049bc4e278de59d7
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Leverage the framework between BL1 and BL2. Migrate all handoff
structures to the TL.
Change-Id: I79ff3a319596b5656184cde10b5204b10a4d03bb
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Layout calculation is spread out between core BL1 logic and common
platform code. Relocate these into common platform code so they are
organised logically.
Change-Id: I8b05403e41b800957a0367316cecd373d10bb1a4
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Add support for the firmware handoff framework between BL2 and BL31.
Create a transfer list in trusted SRAM, leveraging the larger SRAM sizes
in recent models. Load the HW_CONFIG as a TE along with entry point
parameters for BL31 execution.
Change-Id: I7c4c6e8353ca978a13520fb3e15fb2803f0f1d0e
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
This is a generic porting of what was done on ST platforms with flag
STM32MP_EARLY_CONSOLE. It creates the flag and the prototype for
plat_setup_early_console(). This function depends on platform
implementation. This function call is added at the beginning of each BL
image early setup function.
The patch also introduce an extra log macro: EARLY_ERROR. This can
replace ERROR macro in code that will only be executed before the
default console is enabled, and will do nothing when the EARLY_CONSOLE
is not enabled. This can then save some space in memory.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I77bf0a0c4289b4c7df94e4bfb783a938e05bf023
TC3 and TC4 SCP makes use of the system timer interrupt as its own
timer. Previously, this timer was marked as a G1S interrupt which
routes the interrupt to the secure world and also enables it. This
causes spurious interrupts once the SCP has unmasked the interrupt in
the timer control itself.
Note that we move the inclusion of the timer interrupt from
CSS_G1S_INT_PROPS to CSS_G1S_IRQ_PROPS as the former is only used by TC.
This will also result in removing the timer interrupt from TC2. This is
not an issue as it does not make use of this interrupt in either the SCP
or AP.
Change-Id: I5cc88e2adffbc93fc3c9d9d41b5ba7235dbc39d9
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>
The `arm_bl2_dyn_cfg_init` function is intended exclusively for BL2 - it
should not be compiled for any other bootloader image. This change hides
it for all but BL2.
Change-Id: I9fa95094dcc30f9fa4cc7bc5b3119ceae82df1ea
Signed-off-by: Chris Kay <chris.kay@arm.com>
Currently, tf-a has been refactored to support the multi UARTs (boot and
runtime UARTs). As a result, the SP_MIN UART related code has been
removed, and the macros are no longer used.
Therefore, this patch removes these unused UART macros.
Change-Id: I496349f876ba918fcafa7ed6c65d149914762290
Signed-off-by: Leo Yan <leo.yan@arm.com>
prevent changing clock frequency already set in BootBlock based on PLL value
Change-Id: I8b4b53448cc8e703fd88ad6166f85a4fe3ba9e46
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header
GIC600 erratum 2384374 is a Category B erratum. Part 1 is fixed
in this patch, and the Part 1 failure mode is described as
'If the packet to be sent is a SET packet, then a higher priority SET
may not be sent when it should be until an unblocking event occurs.'
This is handled by calling gicv3_apply_errata_wa_2384374() in the
ehf_deactivate_priority() path, so that when EHF restores the priority
to the original priority, the interrupt packet buffered
in the GIC can be sent.
gicv3_apply_errata_wa_2384374() is the workaround for
the Part 2 of erratum 2384374 which flush packets from the GIC buffer
and is being used in this patch.
SDEN can be found here:
https://developer.arm.com/documentation/sden892601/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I4bb6dcf86c94125cbc574e0dc5119abe43e84731
Child software components are inheriting their first valid
DPE context handle from their parent components (who loaded
and measured them). The context handle is shared through
the device tree object the following way:
- BL1 -> BL2 via TB_FW_CONFIG
- BL2 -> BL33 via NT_FW_CONFIG
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I9bf7808fb13a310ad7ca1895674a0c7e6725e08b
The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot framework supports
multiple backends. A given platform always enables
the corresponding backend which is required by the
attestation scheme.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idc3360d0d7216e4859e99b5db3d377407e0aeee5
Update all references to DRTM beta0 to be 1.0 instead.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: Ieda70f26f3be42f4705e9b267706674c94f120f2
The DRTM 1.0 spec changed the Firmware hash algorithm field
size from 32-bits to 16-bits.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: I713e32e01b1983bf21d97c93bbb28c77dc94a541
