Add documentation to build and run a PoC based on the OP-TEE toolkit
to show how TF-A Measured Boot can interact with a third party (f)TPM
service.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I11ac99c4ff54ea52aba0731aa7f707d7cd0c4216
MPMM - the Maximum Power Mitigation Mechanism - is an optional
microarchitectural feature present on some Armv9-A cores, introduced
with the Cortex-X2, Cortex-A710 and Cortex-A510 cores.
MPMM allows the SoC firmware to detect and limit high activity events
to assist in SoC processor power domain dynamic power budgeting and
limit the triggering of whole-rail (i.e. clock chopping) responses to
overcurrent conditions.
This feature is enabled via the `ENABLE_MPMM` build option.
Configuration can be done via FCONF by enabling `ENABLE_MPMM_FCONF`, or
by via the plaform-implemented `plat_mpmm_topology` function.
Change-Id: I77da82808ad4744ece8263f0bf215c5a091c3167
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change makes AMU auxiliary counters configurable on a per-core
basis, controlled by `ENABLE_AMU_AUXILIARY_COUNTERS`.
Auxiliary counters can be described via the `HW_CONFIG` device tree if
the `ENABLE_AMU_FCONF` build option is enabled, or the platform must
otherwise implement the `plat_amu_topology` function.
A new phandle property for `cpu` nodes (`amu`) has been introduced to
the `HW_CONFIG` specification to allow CPUs to describe the view of
their own AMU:
```
cpu0: cpu@0 {
...
amu = <&cpu0_amu>;
};
```
Multiple cores may share an `amu` handle if they implement the
same set of auxiliary counters.
AMU counters are described for one or more AMUs through the use of a new
`amus` node:
```
amus {
cpu0_amu: amu-0 {
#address-cells = <1>;
#size-cells = <0>;
counter@0 {
reg = <0>;
enable-at-el3;
};
counter@n {
reg = <n>;
...
};
};
};
```
This structure describes the **auxiliary** (group 1) AMU counters.
Architected counters have architecturally-defined behaviour, and as
such do not require DTB entries.
These `counter` nodes support two properties:
- The `reg` property represents the counter register index.
- The presence of the `enable-at-el3` property determines whether
the firmware should enable the counter prior to exiting EL3.
Change-Id: Ie43aee010518c5725a3b338a4899b0857caf4c28
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change adds some documentation on the AMU and its purpose. This is
expanded on in later patches.
Change-Id: If2834676790938d8da5ea2ceba37b674f6cc0f01
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change reduces preprocessor dependencies on the
`AMU_GROUP1_NR_COUNTERS` and `AMU_GROUP1_COUNTERS_MASK` definitions, as
these values will eventually be discovered dynamically.
In their stead, we introduce the `ENABLE_AMU_AUXILIARY_COUNTERS` build
option, which will enable support for dynamically detecting and
enabling auxiliary AMU counters.
This substantially reduces the amount of memory used by platforms that
know ahead of time that they do not have any auxiliary AMU counters.
Change-Id: I3d998aff44ed5489af4857e337e97634d06e3ea1
Signed-off-by: Chris Kay <chris.kay@arm.com>
With the introduction of MPMM, the auxiliary AMU counter logic requires
refactoring to move away from a single platform-defined group 1 counter
mask in order to support microarchitectural (per-core) group 1 counters.
BREAKING CHANGE: The `PLAT_AMU_GROUP1_COUNTERS_MASK` platform definition
has been removed. Platforms should specify per-core AMU counter masks
via FCONF or a platform-specific mechanism going forward.
Change-Id: I1e852797c7954f92409222b066a1ae57bc72bb05
Signed-off-by: Chris Kay <chris.kay@arm.com>
there are features which are marked as experimental even though they
are stable and used for quite some time.
Following features are no longer marked as experimental
- SPMD
- MEASURED_BOOT
- FCONF and associated build flags
- DECRYPTION_SUPPORT and associated build flags
- ENABLE_PAUTH
- ENABLE_BTI
- USE_SPINLOCK_CAS
- GICv3 Multichip support
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I4bb653d9c413c66095ec31f0b8aefeb13ea04ee9
When building a FIP with OP-TEE as BL32 on STM32MP1, AARCH32_SP=optee
has to be added to the make command.
Change-Id: I900c01957fe4ed7ed13ca955edd91ed1c5c5c4fa
Signed-off-by: Yann Gautier <yann.gautier@st.com>
This toolchain provides multiple cross compilers and is publicly
available on developer.arm.com
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I673e0dce8eb3ca3a004a43158a948431b032e93a
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Making tb_fw_config ready to pass the Event Log base address
and size information to BL2.
Change-Id: I5dd0e79007e3848b5d6d0e69275a46c2e9807a98
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add support for Globalscale MOCHAbin board.
Its based on Armada 7040 SoC and ships in multiple DRAM options:
* 2GB DDR4 (1CS)
* 4GB DDR4 (1CS)
* 8GB DDR4 (2CS)
Since it ships in multiple DRAM configurations, an
Armada 3k style DDR_TOPOLOGY variable is added.
Currently, this only has effect on the MOCHAbin, but
I expect more boards with multiple DRAM sizes to be
supported.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Change-Id: I8a1ec9268fed34f6a81c5cbf1e891f638d461305
* changes:
refactor(gpt): productize and refactor GPT library
feat(rme): disable Watchdog for Arm platforms if FEAT_RME enabled
docs(rme): add build and run instructions for FEAT_RME
fix(plat/fvp): bump BL2 stack size
fix(plat/fvp): allow changing the kernel DTB load address
refactor(plat/arm): rename ARM_DTB_DRAM_NS region macros
refactor(plat/fvp): update FVP platform DTS for FEAT_RME
feat(plat/arm): add GPT initialization code for Arm platforms
feat(plat/fvp): add memory map for FVP platform for FEAT_RME
refactor(plat/arm): modify memory region attributes to account for FEAT_RME
feat(plat/fvp): add RMM image support for FVP platform
feat(rme): add GPT Library
feat(rme): add ENABLE_RME build option and support for RMM image
refactor(makefile): remove BL prefixes in build macros
feat(rme): add context management changes for FEAT_RME
feat(rme): add Test Realm Payload (TRP)
feat(rme): add RMM dispatcher (RMMD)
feat(rme): run BL2 in root world when FEAT_RME is enabled
feat(rme): add xlat table library changes for FEAT_RME
feat(rme): add Realm security state definition
feat(rme): add register definitions and helper functions for FEAT_RME
This patch adds instructions on how to build and run TF-A
with FEAT_RME enabled. The patch also adds code owners for
FEAT_RME.
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: Id16dc52cb76b1ea56ac5c3fc38cb0794a62ac2a1
The changes include:
- A new build option (ENABLE_RME) to enable FEAT_RME
- New image called RMM. RMM is R-EL2 firmware that manages Realms.
When building TF-A, a path to RMM image can be specified using
the "RMM" build flag. If RMM image is not provided, TRP is built
by default and used as RMM image.
- Support for RMM image in fiptool
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I017c23ef02e465a5198baafd665a60858ecd1b25
Cortex-A78 erratum 2132060 is a Cat B erratum that applies to
revisions r0p0, r1p0, r1p1, and r1p2 of CPU. It is still open.
The workaround is to write the value 2'b11 to the PF_MODE bits
in the CPUECTLR_EL1 register which will place the data prefetcher
in the most conservative mode instead of disabling it.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1401784/latest
Signed-off-by: nayanpatel-arm <nayankumar.patel@arm.com>
Change-Id: If7dec72578633d37d110d103099e406c3a970ff7
Neoverse-V1 erratum 2108267 is a Cat B erratum that applies to
revisions r0p0, r1p0, and r1p1 of CPU. It is still open. The
workaround is to write the value 2'b11 to the PF_MODE bits in
the CPUECTLR_EL1 register which will place the data prefetcher
in the most conservative mode instead of disabling it.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1401781/latest
Signed-off-by: nayanpatel-arm <nayankumar.patel@arm.com>
Change-Id: Iedcb84a7ad34af7083116818f49d7296f7d9bf94
Neoverse-N2 erratum 2138953 is a Cat B erratum that applies to
revision r0p0 of CPU. It is still open. The workaround
is to write the value 4'b1001 to the PF_MODE bits in the
IMP_CPUECTLR2_EL1 register which will place the data prefetcher
in the most conservative mode instead of disabling it.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: nayanpatel-arm <nayankumar.patel@arm.com>
Change-Id: Ife0a4bece7ccf83cc99c1d5f5b5a43084bb69d64
Cortex-A710 erratum 2058056 is a Cat B erratum that applies to
revisions r0p0, r1p0, and r2p0. It is still open. The workaround
is to write the value 4'b1001 to the PF_MODE bits in the
IMP_CPUECTLR2_EL1 register which will place the data prefetcher
in the most conservative mode instead of disabling it.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775101/latest
Signed-off-by: nayanpatel-arm <nayankumar.patel@arm.com>
Change-Id: I7ce5181b3b469fbbb16501e633116e119b8bf4f1
For v8-R64, especially R82, creating code to run BL1 at EL2, using MPU.
Signed-off-by: Gary Morrison <gary.morrison@arm.com>
Change-Id: I439ac3915b982ad1e61d24365bdd1584b3070425
Currently the SP package loading mechanism is only enabled when S-EL2
SPMC is selected. Remove this limitation.
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Change-Id: I5bf5a32248e85a26d0345cacff7d539eed824cfc
FEAT_HCX adds the extended hypervisor configuration register (HCRX_EL2)
and access to this register must be explicitly enabled through the
SCR_EL3.HXEn bit. This patch adds a new build flag ENABLE_FEAT_HCX to
allow the register to be accessed from EL2.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ibb36ad90622f1dc857adab4b0d4d7a89456a522b
* changes:
feat(docs/nxp/layerscape): add ls1028a soc and board support
feat(plat/nxp/ls1028ardb): add ls1028ardb board support
feat(plat/nxp/ls1028a): add ls1028a soc support
feat(plat/nxp/common): define default SD buffer
feat(driver/nxp/xspi): add MT35XU02G flash info
feat(plat/nxp/common): add SecMon register definition for ch_3_2
feat(driver/nxp/dcfg): define RSTCR_RESET_REQ
feat(plat/nxp/common/psci): define CPUECTLR_TIMER_2TICKS
feat(plat/nxp/common): define default PSCI features if not defined
feat(plat/nxp/common): define common macro for ARM registers
feat(plat/nxp/common): add CCI and EPU address definition
Cortex-A710 erratum 2083908 is a Cat B erratum that applies to
revision r2p0 and is still open. The workaround is to set
CPUACTLR5_EL1[13] to 1.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775101/latest
Signed-off-by: nayanpatel-arm <nayankumar.patel@arm.com>
Change-Id: I876d26a7ac6ab0d7c567a9ec9f34fc0f952589d8
* changes:
feat(plat/fvp): enable trace extension features by default
feat(trf): enable trace filter control register access from lower NS EL
feat(trf): initialize trap settings of trace filter control registers access
feat(sys_reg_trace): enable trace system registers access from lower NS ELs
feat(sys_reg_trace): initialize trap settings of trace system registers access
feat(trbe): enable access to trace buffer control registers from lower NS EL
feat(trbe): initialize trap settings of trace buffer control registers access
Trusted Services had removed secure storage and added two new
trusted services - Protected Storage and Internal Trusted Storage.
Hence we are removing secure storage and adding support for the
internal trusted storage.
And enable external SP images in BL2 config for TC, so that
we do not have to modify this file whenever the list of SPs
changes. It is already implemented for fvp in the below commit.
commit 33993a3737
Author: Balint Dobszay <balint.dobszay@arm.com>
Date: Fri Mar 26 15:19:11 2021 +0100
feat(fvp): enable external SP images in BL2 config
Change-Id: I3e0a0973df3644413ca5c3a32f36d44c8efd49c7
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
This change refactors the SPMD to setup SPMC CPU contexts once and early
from spmd_spmc_init (single call to cm_setup_context rather than on each
and every warm boot).
Pass the core linear ID through a GP register as an implementation
defined behavior helping FF-A adoption to legacy TOSes (essentially
when secure virtualization is not used).
A first version of this change was originally submitted by Lukas [1].
Pasting below the original justification:
Our TEE, Kinibi, is used to receive the core linear ID in the x3
register of booting secondary cores.
This patch is necessary to bring up secondary cores with Kinibi as an
SPMC in SEL1.
In Kinibi, the TEE is mostly platform-independent and all platform-
specifics like topology is concentrated in TF-A of our customers.
That is why we don't have the MPIDR - linear ID mapping in Kinibi.
We need the correct linear ID to program the GICv2 target register,
for example in power management case.
It is not needed on GICv3/v4, because of using a fixed mapping from
MPIDR to ICDIPTR/GICD_ITARGETSRn register.
For debug and power management purpose, we also want a unified view to
linear id between Linux and the TEE.
E.g. to disable a core, to see what cores are printing a trace /
an event.
In the past, Kinibi had several other designs, but the complexity was
getting out of control:
* Platform-specific assembler macros in the kernel.
* A per-core SMC from Linux to tell the linear ID after the boot.
* With DynamiQ, it seems SIPs were playing with MPIDR register values,
reusing them between cores and changing them during boot.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/10235
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Lukas Hanel <lukas.hanel@trustonic.com>
Change-Id: Ifa8fa208e9b8eb1642c80b5f7b54152dadafa75e
This patch will fix the formatting errors concerning code snippet,
lines 245 and 256 respectively.
The code snippet is updated to 'shell' to lex it appropriately.
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: I53aefd81da350b6511e7a97b5fee7b0d6f9dde2d
Describe the boot using FIP, and how to compile it.
The STM32IMAGE boot chain is still available but it is not recommended.
Update the build command lines, for FIP.
The memory mapping is also updated.
Change-Id: I2b1e0df5500b6213d33dc558b0e0da38340a4d79
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
