MbedTLS 3.6.1 fixed the issue which previously
produced this warning, so this hack is no longer
necessary.
Change-Id: I934adefbf2fed16e16b9d98bc8674125b70b08fc
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This new update to the LTS branch of MbedTLS provides minor
enhancements and bug fixes; including some security
fixes, and a fix to a compilation warning which
previously affected TF-A.
Full patch notes to this MbedTLS update can be found at
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1.
Change-Id: I1a68dfcb52a8361c1689cb6ef12d265a6462fda3
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The support for runtime-model has never been implemented by any SPMC.
Hence, remove the corresponding field from binding document.
Also, fix the incorrect description of the `managed-exit-virq` property.
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Change-Id: I0a5ef3f08202a8c76edd9a6e1ac680ac3a38ca60
The rpi3 does not initialize the generic timer in BL1, which is now
required to use the delay timer in the dTPM driver. This change sets the
counter frequency register (CNTFRQ) with the rpi3's system counter
frequency value, as a prerequisite for timer initialization, and then
initializes the generic timer all during BL1 setup.
Change-Id: I4e2475b63ce4a97653202f94f506b5d3edc4c1a7
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
The CPU crypto is not default on when power up, need to enable it by
software.
Signed-off-by: XiaoDong Huang <derrick.huang@rock-chips.com>
Change-Id: Ifee2eab55d9c13cef5f15926fb80016845e2a66d
In some cases it maybe needed to override some default settings on a
particular platform. For example, enable ENABLE_LTO on a size
constrained platform.
Change-Id: I556d26f6b81c0f3ceb40b7196180995dde22afd0
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Memory reservation for tf-a does not happen in
runtime if memory reservation node pre-exists in DT.
Presence of reserved area is checked and user is
warned if it pre-exists.
Change-Id: I50e18be942777747e9074bb9d8e0305a29c28178
Signed-off-by: Maheedhar Bollapalli <MaheedharSai.Bollapalli@amd.com>
When this is provided in the partition manifest, it should be added to
the load address to get the base address of the region.
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: Ib6d3d6a29af0a3eb87fac67c58220ba25342e1cd
QEMU COSIM introduces a new platform id for Versal Platform.
QEMU COSIM is equivalent to QEMU with additional COSIM
extensions, so just switching platform_id to QEMU if QEMU COSIM
id is detected.
Change-Id: If81e0bf04301c7101f89d0df13134f7d04e8c257
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
This feature is enabled by default using STM32MP_DDR_FIP_IO_STORAGE.
DDR firmware binary is loaded from FIP to SRAM1 which needs to be
mapped.
Only half of the SRAM1 will be allocated to TF-A.
RISAB3 has to be configured to allow access to SRAM1.
Add image ID and update maximum number on platform side also.
Fill related descriptor information, add policy and update numbers.
DDR_TYPE variable is used to identify binary file, and image is now
added in the fiptool command line.
The DDR PHY firmware is not in TF-A repository. It can be found at
https://github.com/STMicroelectronics/stm32-ddr-phy-binary
To ease the selection of the firmware path, STM32MP_DDR_FW_PATH is added
to platform.mk file.
Change-Id: I09ab0a5c63406055a7b5ccd16d65e443de47ca2f
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Binary size limitation implies to define DDR type build flags.
User must set one single type in the build command line.
DDR_TYPE is then deduced, and will help in relative definitions.
A check routine is implemented to verify correct configuration.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I87d0a492196efea33831d9c090e6e434cc7c0a1e
Describe the RISAB (Resource isolation slave unit for address space
protection (block-based)) peripheral registers.
Change-Id: I613a52ae6d94264137378b805119d38ee59ae762
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Add BL31 load address (beginning on SYSRAM) and size in fw-config DT
file.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I2fcd8d326f394090401ac59b47216d59d3e911bc
Add the required files to compile BL31 on STM32MP2.
Update BL2 configuration to load BL31. The platform boots until BL31,
but stops here as no other binaries are loaded as DDR is not
initialized.
At runtime, BL31 will use only the first half of the SYSRAM, the upper
half will be used for non-secure DMA LLIs. To be sure nothing from this
area is still in the cache, invalidate the upper SYSRAM before enabling
BL31 cache. BL31 should then map only first half of the SYSRAM. But it
must temporarily map the upper half read-only, as this is where we will
retrieve BL2 parameters, used to fill registers for next boot stages.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: Ie91527a7a26625624b4b3c65fb6a0ca9dd355dbd
* changes:
refactor(docs): update RSE docs to match the example CCA token
refactor(qemu): use the example CCA platform token from iat-verifier
refactor(fvp): use the example CCA platform token from iat-verifier
Update the parameters to rmmd_attest_get_platform_token(), which can now
handle platform tokens larger than 4kB. Since the QEMU sample token is
smaller than 4kB, our implementation remains the same. Take the
opportunity to clean up the function slightly.
Change-Id: Id5a1d576968ebd160d2b79c1f38392d4ecc89421
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token in pieces, so they fit in the shared buffer. A new
output parameter was added to the SMC call, which will return (along
with the size of bytes copied into the buffer) the number of bytes
of the token that remain to be retrieved.
TF-A will keep an offset variable that will indicate the position in
the token where the next call will retrieve bytes from. This offset
will be increased on every call by adding the number number of bytes
copied. If the received hash size is not 0, TF-A will reset the
offset to 0 and copy from that position on.
The SMC call will now return at most the size of the shared buffer
in bytes on every call. Therefore, from now on, multiple SMC calls
may be needed to be issued if the token size exceeds the shared
buffer size.
Change-Id: I591f7013d06f64e98afaf9535dbea6f815799723
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Due to deprecation of VERSAL_PLATFORM build argument,
the board detection is done at runtime due to this the cpu
and uart clock freq was not set as required to silicon values.
Updated Versal QEMU cpu_clock and uart_clock to silicon values.
Change-Id: I7c772f07ba45eb7e0ae095fd670718190e24f0d7
Signed-off-by: Maheedhar Bollapalli <MaheedharSai.Bollapalli@amd.com>
ENABLE_FEAT_MTE2 controls the trapping of some MTE related system
registers. If the memory_tagging_support_level parameter on the FVP
command line is set to higher values, non-secure world will see the
feature bits in the CPU ID registers and will use those registers,
triggering a panic in BL31.
Enable the feature in the optional form for the FVP build, to avoid any
panics.
Change-Id: I26ba444d784adf165db81048f93e11361c7f11ac
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The maximum size for SP_MIN in the FVP is currently
fixed and does not scale with the SRAM size.
This update adjusts the SP_MIN size according to
the SRAM size used to build the FVP platform.
Change-Id: I95527e8ae6f8a73c336ed4fe05ace5de86d8991d
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Currently, PMC_GPIO device node was not mapped with interrupt number
during the setup of wakeup source while suspending. As a result,
system cannot resume using PMC_GPIO as wakeup source.
To address this issue, add an entry for PMC_GPIO node to map with its
corresponding interrupt number.
Change-Id: Ic681b7b2e7c0b3bd542c8e4664a2129e4b91c459
Signed-off-by: Ronak Jain <ronak.jain@amd.com>
This change aims to reduce unnecessary information in the default log
output, so change to use VERBOSE.
Change-Id: I80ea57cd4164bdcef915db5392a63ae8982a634f
Signed-off-by: Gavin Liu <gavin.liu@mediatek.com>
This change enables a fairly commonly-requested use-case, which is to
fall back to the host system's native toolchain when building on AArch64
if the bare-metal toolchain is not available.
In this situation, if the `aarch64-none-elf` GCC toolchain cannot be
located, the build system will look for `aarch64-linux-gnu` before
giving up.
Change-Id: I39d2a8837b651b28cf0eafa92f6003a7f66767a0
Signed-off-by: Chris Kay <chris.kay@arm.com>
Since the introduction of the toolchain detection framework into the
build system, we have done determination and identification of the
toolchain(s) used for the build at the initialization of the build
system.
This incurs a large cost to the build every time - for every toolchain
that has been requested by the current makefile, we try to identify each
tool in the list of known tool classes, even if that tool doesn't
actually see any use.
For the clean and check-like targets we worked around this by disabling
most of the toolchains if we detect these targets, but this is
inflexible and not very reliable, and it still means that when building
normal targets we are incurring that cost for all tools whether they are
used or not.
This change instead modifies the toolchain detection framework to only
initialize a tool for a given toolchain when it is first used. This does
mean that we can no longer warn about an incorrectly-configured
toolchain at the beginning of build system invocation, but it has the
advantage of substantially reducing build time and the complexity of
*using* the framework (at the cost of an increase in complexity in the
framework itself).
Change-Id: I7f3d06b2eb58c1b26a846791a13b0037f32c8013
Signed-off-by: Chris Kay <chris.kay@arm.com>
The default mbedTLS configuration enables hash algorithms based on
the HASH_ALG or MBOOT_EL_HASH_ALG selected. However, the Arm ROTPK
is always embedded as a SHA256 hash in BL1 and BL2. In the future,
we may need to adjust this to use the HASH_ALG algorithm for
embedding the ROTPK hash.
As a temporary workaround, a separate mbedTLS configuration has
been created for Arm platforms to explicitly set SHA256 defines,
rather than relying on the default configuration. This adjustment
is reflected in the mbedTLS configuration file for the TC platform
as well as in the PSA Crypto configuration file.
Change-Id: Ib3128ce7b0fb5c0858624ecbc998d456968beddf
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
GITS_CTLR.Quiescent is bit31, not bit1.
So fix GITS_CTLR_QUIESCENT_BIT to BIT32(31).
Change-Id: Ic16a52e0c4e557d68a8128ccc7e7a0f1a316a23b
Signed-off-by: Joe Yang <magicse7en@outlook.com>
