This patch disables trapping to EL3 when the FEAT_D128
specific registers are accessed by setting the SCR_EL3.D128En bit.
If FEAT_D128 is implemented, then FEAT_SYSREG128 is implemented.
With FEAT_SYSREG128 certain system registers are treated as 128-bit,
so we should be context saving and restoring 128-bits instead of 64-bit
when FEAT_D128 is enabled.
FEAT_SYSREG128 adds support for MRRS and MSRR instruction which
helps us to read write to 128-bit system register.
Refer to Arm Architecture Manual for further details.
Change the FVP platform to default to handling this as a dynamic option
so the right decision can be made by the code at runtime.
Change-Id: I1a53db5eac29e56c8fbdcd4961ede3abfcb2411a
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
All new FVP's have incorporated the following PYSR bits
bit 31 is cluster ON status
bit 30 is core ON status
bit 29 is thread ON status
So add support to check cluster power ON which is supported from
affinity-level-2
But older cores with no DSU still uses affinity-level-1 for cluster
power-on status.
Ref: https://developer.arm.com/documentation/100964/1125/Base-Platform/Base---components
Change-Id: Id86811b14685d9ca900021301e5e8b7d52189963
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
The default dts doesn't describe the core topology correctly - it uses a
two level affinity, while new cores use 3 level with MPIDR_EL1.MT set.
As a result Linux doesn't discover secondary cores correctly unless this
is specifically provided on the command line. CI already accounts for
this in tf_config/fvp-dynamiq-aarch64-only.
Change-Id: I137b213cfc48d98b8856c113d4ec0bf6474d3e2d
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Add the basic CPU library code to support Cortex-A720AE.
The overall library code is adapted based on Cortex-A720 code.
Signed-off-by: David Hu <david.hu2@arm.com>
Signed-off-by: Ahmed Azeem <ahmed.azeem@arm.com>
Change-Id: I3d64dc5a3098cc823e656a5ad3ea05cd71598dc6
Recent change [1], caused failure in the TC2 run and this
change meant to be for TC3 and TC4.
[1]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/31424
Change-Id: Ibfd604a842815bcf6d413dcba2c440df81dbb486
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add basic CPU library code to support the Arcadia CPU.
Change-Id: Iecb0634dc6dcb34e9b5fda4902335530d237cc43
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Add required SMCs by RMM to push attestation signing requests to EL3
and get responses. EL3 may then choose to push these requests to a HES
as suitable for a platform. This patch also supports the new
RMM_EL3_FEATURES interface, that RMM can use to query for support for
HES based signing. The new interface exposes a feature register with
different bits defining different discoverable features. This new
interface is available starting the 0.4 version of the RMM-EL3
interface, causing the version to bump up. This patch also adds a
platform port for FVP that implements the platform hooks required to
enable the new SMCs, but it does not push to a HES and instead copies a
zeroed buffer in EL3.
Change-Id: I69c110252835122a9533e71bdcce10b5f2a686b2
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>
Arm v8.9 introduces FEAT_SCTLR2, adding SCTLR2_ELx registers.
Support this, context switching the registers and disabling
traps so lower ELs can access the new registers.
Change the FVP platform to default to handling this as a dynamic option
so the right decision can be made by the code at runtime.
Change-Id: I0c4cba86917b6b065a7e8dd6af7daf64ee18dcda
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Arm v8.9 introduces FEAT_THE, adding Translation Hardening Extension
Read-Check-Write mask registers, RCWMASK_EL1 and RCWSMASK_EL1.
Support this, context switching the registers and disabling
traps so lower ELs can access the new registers.
Change the FVP platform to default to handling this as a dynamic option
so the right decision can be made by the code at runtime.
Change-Id: I8775787f523639b39faf61d046ef482f73b2a562
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Move the flash address to its own devicetree node in
tc_spmc_manifest.dtsi. This patch also changes the device-type to
ns-device-memory which is the correct type for a flash device.
Change-Id: I19503ac35c433661faaaa01c0b83a16540d73810
Co-developed-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Icen Zeyada <Icen.Zeyada2@arm.com>
CBOR encoding in the platform test requires
a slightly bigger stack, so increase it with 0x100 bytes.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I1b151aa29b3ccfcefa733d189d7aab88653cef1f
The delegated attestation service was updated to be
aligned with RMM spec 1.0-rel0-rc2 version. The test
suite uses the QCBOR library to encode the public key
to be a CBOR serialized COSE_Key object.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ib9e1d80f7b4bca8783ae1f7cf4567725c2aa8538
With the updated firmware update implementation in the Trusted Services,
it is no longer needed to carve out static memory. Memory will be
allocated dynamically in U-Boot and shared with the firmware update
secure partition of Trusted Services.
Change-Id: I0fb128a458773236ee10526edfa1116b229e4d6e
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Icen Zeyada <Icen.Zeyada2@arm.com>
The non-secure (NS) timer in TC is AP_GTCLK_NS_CNTBase1. This commit
corrects the NS frame ID from its original value of 0 to U(1),
ensuring that the correct CNTACR register bits are written.
This change enables access to the counter registers.
Change-Id: I287ab9c373a60741f78d44a67f546326916473ea
Signed-off-by: Sandeep Chiluvuru <sandeep.chiluvuru@arm.com>
Signed-off-by: Icen Zeyada <Icen.Zeyada2@arm.com>
In this commit, Trusted Board Boot has been enabled for the RD-1 AE
platform, and the non-volatile counter remains at the default
values since the non-volatile counter is read-only for Arm
development platforms.
Signed-off-by: Divin Raj <divin.raj@arm.com>
Change-Id: I2e1072101e56da0e474d2a3e9802e5d65a77fd55
This commit introduces BL31 to the RD-1 AE platform. The RD-1 AE
platform incorporates an SCP for CPU power control.
Additinaly introducing the memory descriptor provides BL image
information that gets used by BL2 to load the images
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Divin Raj <divin.raj@arm.com>
Change-Id: I035cbfd09f254aa47483ad35676f1cb3ffb661bd
Create a new platform for the RD-1 AE automotive FVP.
This platform contains:
* Neoverse-V3AE, Arm9.2-A application processor
* A GICv4-compatible GIC-720AE
* 128 MB of SRAM, of which 1 MB is reserved for TF-A
and BL2 runs at ELmax (EL3).
Additionally, this commit updates the maintainers.rst file and
the changelog.yaml to add scope for RD-1 AE variants.
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Signed-off-by: Divin Raj <divin.raj@arm.com>
Signed-off-by: Rahul Singh <rahul.singh@arm.com>
Change-Id: I9ae64b3f05a52653ebd1d334b15b7f21821264e2
Currently, the BL2 base overflow check asserts for all cases,
but this check is only necessary if not reset to BL2 case.
Therefore, adding a condition for this check.
Signed-off-by: Divin Raj <divin.raj@arm.com>
Change-Id: Ia129921d76bcd32058ea0767db0319e6724be8ab
This commit introduces a new ARM platform-specific build option called
`ARM_FW_CONFIG_LOAD_ENABLE`. This option enables the loading of the
`fw_config` device tree when resetting to the BL2 scenario.
Additionally, the FW_CONFIG image reference has been added to the
fdts/tbbr_cot_descriptors.dtsi file in order to use in the scenario of
RESET_TO_BL2.
Signed-off-by: Divin Raj <divin.raj@arm.com>
Change-Id: I11de497b7dbb1386ed84d939d6fd2a11856e9e1b
* changes:
feat(neoverse-rd): allow RESET_TO_BL31 for third gen platforms
feat(arm): setup GPT in BL31 in RESET_TO_BL31 boot flow
feat(neoverse-rd): enable RESET_TO_BL31 for RD-V3
feat(neoverse-rd): add a routine to update NT_FW_CONFIG in BL31
The Yocto team has requested that we do not use Poetry from within the
Makefile, as Yocto does not have network access during the build
process.
We want to maintain the current behaviour, so this change makes our use
of Poetry contigent on it being available in the environment.
Additionally, explicitly passing an empty toolchain parameter now allows
a tool to be *disabled* (e.g. passing `POETRY=` will prevent the build
system from trying to use Poetry).
Change-Id: Ibf552a3fee1eaadee767a1b948b559700083b401
Signed-off-by: Chris Kay <chris.kay@arm.com>
In the normal boot flow, BL2 sets up the Granule Protection Tables
(GPT). As BL2 is not a part of RESET_TO_BL31, BL31 needs to set up GPT
for CPUs supporting FEAT_RME.
Signed-off-by: Rakshit Goyal <rakshit.goyal@arm.com>
Change-Id: I9ad16bd93ea9fbad422dd56e2ba1d600a30eea30
Update addresses for BL31, BL33 and NT_FW_CONFIG. Also add the PAS
entries to setup GPT tables in BL31.
Signed-off-by: Vivek Gautam <vivek.gautam@arm.com>
Signed-off-by: Rakshit Goyal <rakshit.goyal@arm.com>
Change-Id: I8947660bb96fdf2f178e560b387e4bc93bf68abf
In the BL1 based boot-flow, the non-secure DTB, NT_FW_CONFIG, is parsed
in BL2. As BL1 and BL2 are not part of RESET_TO_BL31, add support to
parse and configure this DTB in BL31. NT_FW_CONFIG contains the platform
information which is needed by BL33.
Signed-off-by: Rakshit Goyal <rakshit.goyal@arm.com>
Signed-off-by: Vivek Gautam <vivek.gautam@arm.com>
Change-Id: Ib1fb5417c36523eb2ec02aa22845218de68809aa
Make the process of compiling a TL from DT source flexible. Provide a
top level recipe to make it easier for developers to build a transfer
list. Clean up integration of TLC into the build system.
Change-Id: I4466e27a457dfd5bf709dc3a360a2b63bf6030ce
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
* changes:
refactor(docs): update RSE docs to match the example CCA token
refactor(qemu): use the example CCA platform token from iat-verifier
refactor(fvp): use the example CCA platform token from iat-verifier
Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token in pieces, so they fit in the shared buffer. A new
output parameter was added to the SMC call, which will return (along
with the size of bytes copied into the buffer) the number of bytes
of the token that remain to be retrieved.
TF-A will keep an offset variable that will indicate the position in
the token where the next call will retrieve bytes from. This offset
will be increased on every call by adding the number number of bytes
copied. If the received hash size is not 0, TF-A will reset the
offset to 0 and copy from that position on.
The SMC call will now return at most the size of the shared buffer
in bytes on every call. Therefore, from now on, multiple SMC calls
may be needed to be issued if the token size exceeds the shared
buffer size.
Change-Id: I591f7013d06f64e98afaf9535dbea6f815799723
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
ENABLE_FEAT_MTE2 controls the trapping of some MTE related system
registers. If the memory_tagging_support_level parameter on the FVP
command line is set to higher values, non-secure world will see the
feature bits in the CPU ID registers and will use those registers,
triggering a panic in BL31.
Enable the feature in the optional form for the FVP build, to avoid any
panics.
Change-Id: I26ba444d784adf165db81048f93e11361c7f11ac
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The maximum size for SP_MIN in the FVP is currently
fixed and does not scale with the SRAM size.
This update adjusts the SP_MIN size according to
the SRAM size used to build the FVP platform.
Change-Id: I95527e8ae6f8a73c336ed4fe05ace5de86d8991d
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The default mbedTLS configuration enables hash algorithms based on
the HASH_ALG or MBOOT_EL_HASH_ALG selected. However, the Arm ROTPK
is always embedded as a SHA256 hash in BL1 and BL2. In the future,
we may need to adjust this to use the HASH_ALG algorithm for
embedding the ROTPK hash.
As a temporary workaround, a separate mbedTLS configuration has
been created for Arm platforms to explicitly set SHA256 defines,
rather than relying on the default configuration. This adjustment
is reflected in the mbedTLS configuration file for the TC platform
as well as in the PSA Crypto configuration file.
Change-Id: Ib3128ce7b0fb5c0858624ecbc998d456968beddf
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Commit 4242262(feat(simd):add sve state to simd ctxt struct)
introduced the CTX_INCLUDE_SVE_REGS build flag that needs to be set
if SVE is enabled for more than one world, which is the case for
RD-V3. This build flag enables SVE registers to be included when
saving and restoring the CPU context.
Change-Id: Ic491939061e42e8c87a805ded99e271308f90352
Signed-off-by: Gautham Ravichandran <gautham.ravichandran@arm.com>
* changes:
feat(tc): bind DPU SMMU on TC4
feat(tc): bind GPU SMMU on TC4
feat(tc): update DT for Drage GPU
feat(tc): enable SME and SME2 options for TC4
feat(tc): add new TC4 RoS definitions
feat(tc): add system generic timer register definition for TC4
feat(tc): allow TARGET_VERSION=4
feat(tc): add MHUv3 register addresses for TC4
feat(tc): add device tree binding for TC4
Set the Make flags for TF-A to be able to enable SME and SME2 features.
Note that we enable these architectural features for both the secure and
non-secure worlds, which is required on TC4.
In the case of the non-secure world, we specify a value of 2 for the
flag which specifies that TF-A should check the feature register to
ensure that the feature is present before enabling it. This allows these
flags to be compatible with all platforms and stops TF-A doing anything
different if it does not detect that the feature is present.
Change-Id: I51f8c7e3eb1cf06767f4b155c93269e1f129f730
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>
