Move libfdt includes into common file and use definitions from them.
Change-Id: Ic4fe784fdbedcf5e9e3804a633fcac68464f38a6
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Adds a dummy implementation of the plat_mboot_measure_key() function for
QEMU platform.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I64c1c751348c04cd359c075fc15a0d180ff55918
Add support to qemu "neoverse-v1" cpu for "qemu" ('virt') platform.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I4821115b54ca596fe27cb9d74a95429cd3cb21d9
Add support to qemu "neoverse-v1" cpu for "qemu_sbsa" ('sbsa-ref')
platform.
Change-Id: Id710e2b960e7938d2dbe7a88d9e158a7009fc3d1
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Read data from DeviceTree provided by QEMU, provide via SMC
to the next firmware level.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I95c5f00ab2cca3b5fda122dcc8d7704a7a82059b
Both march32-directive and march64-directive eventually generate the
same march option that will passed to compiler.
Merge this two separate directives to a common one as march-directive.
Change-Id: I220d2b782eb3b54e13ffd5b6a581d0e6da68756a
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Add sdei support for QEMU, this is to let jailhouse Hypervisor
use SDEI to do hypervisor management, after physical IRQ
has been disabled routing.
Note: To enable SDEI in QEMU, it needs to set "SDEI_SUPPORT=1
EL3_EXCEPTION_HANDLING=1" when compiling.
Signed-off-by: Dongjiu Geng <gengdongjiu1@gmail.com>
Change-Id: Ia7f9c5a0db36da03e5c6e6fb1270281f19924d77
QEMU provides GIC information in DeviceTree (on platform version 0.1+).
Read it and provide to next firmware level via SMC.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I383919bd172acc8873292a0c5e4469651dc96fb9
QEMU provides platform version information via DT. We want to use it
in firmware to handle differences between platform versions.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I8def66dac9dd5d7ab0e459baa40e27a11b65f0ba
Currently when we build with 'SPD=spmd SPMD_SPM_AT_SEL2=0'
options, this causes a build failure as
'plat_spmd_handle_group0_interrupt' is called irrespective of
'SPMD_SPM_AT_SEL2' usage in 'spmd_group0_interrupt_handler_nwd'
So make 'plat_spmd_handle_group0_interrupt' dummy implementation
available just when spmd is enabled and SPMC_AT_EL3 is disabled.
Change-Id: Iaccd38faab81671c98f9165f318145187dca9bc2
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
This patch introduces a handler for FVP platform to triage Group0
secure interrupts. Currently, it is empty but serves as a
placeholder for future Group0 interrupt sources.
Moreover, this patch also provides a dummy implementation of the
above mentioned platform hook for QEMU, corstone100, n1sdp and
hikey960 ports.
Change-Id: I01d3451408f47ac313b0af74046cce89f89b85bb
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
QEMU 7.2+ has FEAT_FGT support added to 'max' cpu.
So let's enable it to make Debian 'bookworm' kernel boot on sbsa-ref/max setup.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I49fb3e742b69ce7be5666e0144525dde21a68238
Qemu-tcg with GICv3 emulation enabled will by default configure MPIDR
topology to report up to 16 cpus per cluster. This is NOT overriden by
qemu's -smp setting, e.g. -smp 8,clusters=2,cores=4,threads=1 will still
generate MPIDR reads as if all 8 CPUs were within one cluster.
Increase the hardcoded limit to reflect that so that we accept PSCI
calls that provide MPIDRs based on what was actually read from the
emulated CPU.
Change-Id: Ia321d555f885c96a9a94ae053b340e3a9e300e6d
Signed-off-by: Evgeny Iakovlev <eiakovlev@linux.microsoft.com>
Currently, TF-A supports three states for feature flags:
0: FEAT_DISABLED
1: FEAT_STATE_ALWAYS ( for fixed/real platforms)
2: FEAT_STATE_CHECK ( for configurable platforms)
to meet the feature detection requirements dynamically, mainly
targetting configurable/Fixed Virtual platforms.
With this mechanism in place, we are refactoring all the existing
feature flags to the FEAT_STATE_CHECK option(=2), including
FEAT_SVE explicitly for FVPs.
SVE Patch Reference:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19888/25
This newly introduced change, breaks the existing behaviour especially
for virtual platforms, who have set the ENABLE_SVE_FOR_NS flag to 1.
Moving ahead, we advise the platforms to take the following steps while
enabling the features:
1. If the platform is configurable (virtual), and want to ensure feature
detection happens dynamically at runtime, set the build flags to
FEAT_STATE_CHECK(=2).
2. For real(fixed) platforms, depending on the features supported by the
hardware and platform wants to enable it, platforms could set build
flags to FEAT_STATE_ALWAYS(=1).
(Note: Only the non-secure world enablement related build flags have
been refactored to take the values within 0 to 2. As earlier Secure
world enablement flags will still remain boolean.)
Henceforth, in order to keep it aligned with this tri-state mechanism,
changing the qemu platform default to the now supported dynamic
option(=2), so the right decision can be made by the code at runtime.
Change-Id: Icc95b8b872378b7874d4345b631adfc314e4dada
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
* changes:
refactor(cpufeat): enable FEAT_RNG for FEAT_STATE_CHECKED
refactor(cpufeat): align FEAT_SEL2 to new feature handling
refactor(cpufeat): enable FEAT_NV2 for FEAT_STATE_CHECKED
refactor(cpufeat): enable FEAT_TWED for FEAT_STATE_CHECKED
refactor(cpufeat): enable FEAT_CSV2_2 for FEAT_STATE_CHECKED
refactor(cpufeat): enable FEAT_ECV for FEAT_STATE_CHECKED
refactor(cpufeat): enable FEAT_PAN for FEAT_STATE_CHECKED
refactor(cpufeat): align FEAT_SB to new feature handling
refactor(cpufeat): use alternative encoding for "SB" barrier
refactor(cpufeat): enable SYS_REG_TRACE for FEAT_STATE_CHECKED
fix(cpufeat): make stub enable functions "static inline"
fix(mpam): feat_detect: support major/minor
While aarch32 isn't currently supported on qemu, platform.mk contains
hard-coded references to aarch64 in BL1_SOURCES which should be ${ARCH}.
This improves the situation, but since aarch32/qemu_max.S doesn't exist
and there are other missing files for aarch32, this is only a partial
fix.
Signed-off-by: Rebecca Cran <rebecca@quicinc.com>
Change-Id: I3fa01483e572abfd781ceaecff16ecf57cda8316
At the moment we only support for FEAT_RNG to be either unconditionally
compiled in, or to be not supported at all.
Add support for runtime detection (FEAT_RNG=2), by splitting
is_armv8_5_rng_present() into an ID register reading function and a second
function to report the support status. That function considers both build
time settings and runtime information (if needed), and is used before we
access the RNDRRS system register.
Change the QEMU platform default to the now supported dynamic option (=2),
so the right decision can be made by the code at runtime.
Change-Id: I1a4a538d5ad395fead7324f297d0056bda4f84cb
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
* changes:
feat(qemu): add A76/N1 cpu support for virt
feat(qemu): add "neoverse-n1" cpu support
feat(qemu): make coherent memory section optional
refactor(qemu): make use of setup_page_tables()
Add support to "cortex-a76" and "neoverse-n1" cpu for "qemu" ('virt')
platform.
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Change-Id: I77a3e0bb8397a2fb45a2caa7d93ba38e39297f93
Add support to qemu "neoverse-n1" cpu for "qemu_sbsa" ('sbsa-ref')
platform.
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Change-Id: I4620e879c71115451ae91a1643812d89ec7c071f
Since CPUs such as cortex-a76 are hardware-assisted coherent, coherent
memory section is not required for them and should be an optional
section.
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Change-Id: I03c8e9148ca1780b8af92024359698f4452f7129
Use the setup_page_tables() helper function to setup page tables.
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
Change-Id: I0bca4e463ed68abf2ef1c79fc8e5cb2b635fcd1c
Pauth is a generic Arm feature that can be enabled on any platform that
implements it. It only needs a platform specific key generation hook. As
such, the generic Pauth enablement can be included in the generic build.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ibf32f79addab3515214594bb8d7168151b450f59
Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.
This change introduces the period prefix to all specialized section
names.
BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.
Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>
At the moment the QEMU platform documentation asks users to combine
bl1.bin and fip.bin in a certain way to get an image that can be used on
the QEMU command line.
Let the build system actually create those files already, if we provide
a non-secure payload (BL33), to simplify deployment and spare the user of
fragile operations.
Change-Id: Ia35f17b9d60aab41f0d53f1f73a1326a316c4950
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
* changes:
docs(build): describes the SPMC_OPTEE build option
feat(qemu): support el3 spmc
feat(el3-spmc): make platform logical partition optional
feat(qemu): support s-el2 spmc
feat(qemu): update abi between spmd and spmc
fix(sptool): add dependency to SP image
Introduce additional defines needed when compiling the QEMU platform
with SPMC at EL3.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: If6dbe41fa8761637e39579a1f6818dabc769c139
Supports S-EL2 SPMC + S-EL1 SP on qemu. S-EL1 SPs packaged in .pkg files
are added to the FIP as blob with an UUID. BL2 parses TB_FW_CONFIG to
know which SP blobs to load into memory.
Co-developed-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I4b61c4c048f31540d4f1ef9e05f0b12deb341e06
Updates the ABI between SPMD and the SPMC at S-EL1 so that the hard
coded SPMC manifest can be replaced by a proper manifest via TOS FW
Config. TOS FW Config is provided via QEMU_TOS_FW_CONFIG_DTS as a DTS
file when building. The DTS is turned into a DTB which is added to the
FIP.
Note that this is an incompatible change and requires corresponding
change in OP-TEE ("core: sel1 spmc: boot abi update").
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: Ibabe78ef50a24f775492854ce5ac54e4d471e369
* changes:
refactor(qemu): pass platform metadata as a function's argument
refactor(imx8m): pass platform metadata as a function's argument
refactor(fvp): pass platform metadata as a function's argument
refactor(measured-boot): accept metadata as a function's argument
This patch includes source code to support pointer authentication on
QEMU platform.
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Change-Id: I582923080fe1d5baffd7d0ccfe83e3b28f910ae1
Based on the prototype modification of the event_log_measure_and_record
function in the previous patch, platform metadata was passed as an
argument.
Change-Id: I9d8316914c046f47cdc6875b16649479e82087aa
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Increases BL2 size to have room to enable security features (like
measurement and TPM).
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Change-Id: Iba5e8923e2e154315499e9bfce2e0aff0ccc8f95
Commit 337ff4f1dd enabled SVE/SME for
qemu platform. Let do the same for qemu-sbsa one too.
With this change I can boot Debian 'bookworm' installed using Max cpu.
Info from referenced commit:
Starting with QEMU v3.1.0 (Dec 2018), QEMU's TCG emulation engine supports
the SVE architecture extension. In QEMU v7.1.0 (Aug 2022) it also gained
SME support.
As it stands today, running TF-A under QEMU with "-cpu max" makes Linux
hang, because SME and SVE accesses trap to EL3, but are never handled
there. This is because the Linux kernel sees the SVE or SME feature bits,
and assumes firmware has enabled the feature for lower exception levels.
This requirement is described in the Linux kernel booting protocol.
Enable those features in the TF-A build, so that BL31 does the proper
EL3 setup to make the feature usable in non-secure world.
We check the actual feature bits before accessing SVE or SME registers,
so this is safe even for older QEMU version or when not running with
-cpu max. As SVE and SME are AArch64 features only, do not enable them
when building for AArch32.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I9ea1f91e6b801218d944e8a7d798d5ae568ed59a
Starting with QEMU v3.1.0 (Dec 2018), QEMU's TCG emulation engine supports
the SVE architecture extension. In QEMU v7.1.0 (Aug 2022) it also gained
SME support.
As it stands today, running TF-A under QEMU with "-cpu max" makes Linux
hang, because SME and SVE accesses trap to EL3, but are never handled
there. This is because the Linux kernel sees the SVE or SME feature bits,
and assumes firmware has enabled the feature for lower exception levels.
This requirement is described in the Linux kernel booting protocol.
Enable those features in the TF-A build, so that BL31 does the proper
EL3 setup to make the feature usable in non-secure world.
We check the actual feature bits before accessing SVE or SME registers,
so this is safe even for older QEMU version or when not running with
-cpu max. As SVE and SME are AArch64 features only, do not enable them
when building for AArch32.
Change-Id: I5b718eb298a0bbcf36244479e8d42e54a2faca61
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
- Removing platform dependencies from libc modules.
- Replacing panicking with actual error handling.
- Debug macros are included indirectly from assert.h. Removing
"platform_def.h" from assert.h and adding "common/debug.h"
where the macros are used.
- Removing hack for fixing PLAT_LOG_LEVEL_ASSERT to 40.
Instead removing assert with expression, as this
does not provide additional information.
Signed-off-by: Claus Pedersen <claustbp@google.com>
Change-Id: Icc201ea7b63c1277e423c1cfd13fd6816c2bc568
Increases the SRAM to a full 1MB and also increase BL31 size to have
room to spare for debugging.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I584f9d409a1f653a3dfc7cf2b95706ada367c70e
Currently Tf-A uses whatever openssl binary is on the system to sign
images. However if OPENSSL_DIR is specified in the build flags this can
lead to linking issues as the system binary can end up being linked
against shared libraries provided in OPENSSL_DIR/lib if both binaries
(the system's and the on in OPENSSL_DIR/bin) are the same version.
This patch ensures that the binary used is always the one given by
OPENSSL_DIR to avoid those link issues.
Signed-off-by: Salome Thirot <salome.thirot@arm.com>
Change-Id: Ib534e06ebc8482e4391e376d3791a87968de4a99
Pull in MbedTLS support for sha512 when greater than sha256 is required
based on refactoring for hash algorithm selection for Measured Boot.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ib0ca5ecdee7906b41a0e1060339d43ce7a018d31
Adds support for SPMD with SPMC at S-EL1. A new config option SPMC_OPTEE
is added to support loading the special OP-TEE images when configured
with SPD=spmd. With or without SPMC_OPTEE. It should still be possible
to load another BL32 payload implementing a SPMC, provided that entry
point is the same as load address, that is, BL32_BASE.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: Ie61dcd1ee564688baee1b575030e63dc2bb85121
This has been introduced to simplify dependencies on the FDT wrappers.
We generally want to avoid pulling in components on a file-by-file
basis, particularly as we are trying to draw conceptual boxes around
components in preparation for transitioning the build system to CMake,
where dependencies are modelled on libraries rather than files.
Signed-off-by: Chris Kay <chris.kay@arm.com>
Change-Id: Idb7ee05a9b54a8caa3e07f36e608867e20b6dcd5
Use low to high gpio sequence to reboot/shutdown qemu machine.
Use low to high gpio pins level change which will cause an interrupt
in qemu virt platform. This change will supported with next qemu 6.1
release once patchset:
hw/arm: Make virt board secure powerdown/reset work
will be merged.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
CC: Peter Maydell <peter.maydell@linaro.org>
Change-Id: I70979517358c3b587722b2dcb33f63d29bf79d9b
