Arm v8.9 introduces FEAT_TCR2, adding extended translation control
registers. Support this, context switching TCR2_EL2 and disabling
traps so lower ELs can access the new registers.
Change the FVP platform to default to handling this as a dynamic option so
the right decision can be made by the code at runtime.
Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: I297452acd8646d58bac64fc15e05b06a543e5148
BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is running at EL3 exception level
These two scenarios are not exactly same even though first implicitly
means second to be true. To distinguish between these two use cases we
introduce new macros.
BL2_AT_EL3 is renamed to RESET_TO_BL2 to better convey both 1. and 2.
Additional macro BL2_RUNS_AT_EL3 is added to cover all scenarious where
BL2 runs at EL3 (including four world systems).
BREAKING CHANGE: BL2_AT_EL3 renamed to RESET_TO_BL2 across the
repository.
Change-Id: I477e1d0f843b44b799c216670e028fcb3509fb72
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Neoverse V1 erratum 2743233 is a Cat B erratum that applies to
all revisions <= r1p2 and is still open.
The workaround sets CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation: https://developer.arm.com/documentation/SDEN1401781/latest
Change-Id: If51a6f4293fa8b5b35c44edd564ebb715ba309a1
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
Cortex-A78C erratum 2779484 is a Cat B erratum that applies to
revisions r0p1 and r0p2 and is still open.
The workaround is to set the CPUACTLR3_EL1[47] bit to 1. Setting this
bit might have a small impact on power and negligible impact on
performance.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2004089/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I9a8c16a845c3ba6eb2f17a5119aa6ca09a0d27ed
Cortex-A78 erratum 2742426 is a Cat B erratum that applies to
all revisions <= r1p2 and is still open.
The workaround is to set the CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1401784/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I42506a87d41c9e2b30bc78c08d22f36e1f9635c1
Currently there is no guidelines in docs for including thirdparty
includes, trying to address that with a proposed method to use third
party includes.
Change-Id: Ieec7a5c88a60b66ca72228741ba1894545130a06
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Update documentation for TF-A DDR address range usage when the FSBL is
run on RPU instead of APU.
Change-Id: I223d67c35ac9ce3384820531a7453d3b32a1eb58
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
As a coding guideline, we now discourage introducing new weak
functions in platform-agnostic code going forward and provide the
rationale for this.
This was already enforced most of the time in code reviews but this
patch makes it explicit in the project's documentation.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I88f4a55788899fb4146c4d26afb3a7418376b30c
When the TF-A is placed in DDR memory range, the DDR memory range is
getting explicitly reserved in the default device tree by TF-A.
This creates an error condition in the use case where Device tree is
not present or it is present at a different location.
To fix this, a new build time parameter, XILINX_OF_BOARD_DTB_ADDR, is
introduced. The TF-A will reserve the DDR memory only when a valid
DTB address is provided to XILINX_OF_BOARD_DTB_ADDR during build.
Now the user has options, either manually reserve the desired
DDR address range for TF-A in device tree or let TF-A access and modify
the device tree, to reserve the DDR address range, in runtime using
the build parameter.
Change-Id: I846fa373ba9f7c984eda3a55ccaaa622082cad81
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
When we reach sysreg_handler64 from any trap handling we are entering
this path from lower EL and thus we should be calling lower_el_panic
reporting mechanism to print panic report.
Make report_elx_panic available through assembly func elx_panic which
could be used for reporting any lower_el_panic.
Change-Id: Ieb260cf20ea327a59db84198b2c6a6bfc9ca9537
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
which handles panic from lower ELs.
So now we can remove do_panic and just call el3_panic for all panics.
Change-Id: I739c69271b9fb15c1176050877a9b0c0394dc739
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in the
documentation of the build option as well.
[1]:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/Makefile#n897
Change-Id: Ibfa328ec8ed685ce715d144d979ba37e4f49f82e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.
This change introduces the period prefix to all specialized section
names.
BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.
Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>
Added few missed links for Security Advisories.
Change-Id: I9cab72b70a518273cbb1a291142f452198427127
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add support for custom sip service.
Bare minimum implementation for custom_smc_handler is provided
by platform. Actual definition for custom_smc_handler will be provided
by custom pkg.
This feature is going to be used by external libraries. For example
for checking it's status.
The similar approach is also used by qti/{sc7180,sc7280} platforms
by providing a way to select QTISECLIB_PATH.
This code is providing a generic way how to wire any code
via custom $(CUSTOM_PKG_PATH)/custom_pkg.mk makefile with also an
option to wire custom SMC. SMC functionality depends on "package".
Change-Id: Icedffd582f76f89fc399b0bb2e05cdaee9b743a0
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
Due to size constraints in OCM memory range keeping the bl31 with
DEBUG=1 overlaps with the memory range from other Firmware thus
affecting the bootflow on target.
bl31 binary can not be placed in OCM memory range when built with
DEBUG=1.
With DEBUG=1, by default bl31 is moved to DDR memory range
0x1000-0x7FFFF.
The user can provide a custom DDR memory range during build time using
the build parameters ZYNQMP_ATF_MEM_BASE and ZYNQMP_ATF_MEM_SIZE.
Change-Id: I167d5eadbae7c6d3ec9b32f494b0b1a819bea5b0
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Certain links to Juno documentation point to a location that were
removed at some point, or are unused. Fix links to point to the latest
available version on Arm's public documentation site, and remove those
that are no longer being used.
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I59202767db8834e9c302b2826f3faee47d3a5edd
Update the python dependencies for building the project's Sphinx
documentation. Sphinx plugins are updated to the latest version, while
Sphinx itself is only updated to 5.3.0 (latest 5.x.x revision) due to
sphinx-rtd-theme not supporting any higher (both require incompatible
versions of docutils). Myst-parser is also updated to the latest version
to prevent a docutils clash as well.
The effect of this is to bump certifi to version 2022.12.7 and wheel to
0.38.4 as suggested by dependabot.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I0ced5b127494255ce01aa7f51665bfcba161d135
TF-A carries its own compiler-rt so higher versions of the compilers may
not necessarily work. Because TF-A is only tested on the specified
versions in the CI, any breakage remains unknown. Update the
prerequisites guide to make it more apparent that this is the case.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ia5da9c5ff505ead99f579f3f5fbe3a480d697c1d
* changes:
feat(spmd): map SPMC manifest region as EL3_PAS
feat(fvp): update device tree with load addresses of TOS_FW config
refactor(fvp): rename the DTB info structure member
feat(fconf): rename 'ns-load-address' to 'secondary-load-address'
There were some late comments to the prior change (18635) which are
address in this commit. There was also an invalid return value check
which was changed and the wrong result was being returned via the SMC
call for loading OP-TEE which is now fixed.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I883ddf966662549a3ef9c801a2d4f47709422332
The 'ns-load-address' property has been renamed to 'secondary-load-
address' in order to make it more generic. It can be used to copy
the configuration to any location, be it root, secure, or non-secure.
Change-Id: I122508e155ccd99082296be3f6b8db2f908be221
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Make the language around the explanation for booting via secure flash
clearer. Provide details into the intent of the options given to QEMU.
Change-Id: Ia573b900aaa2346cad4f82191110b978f9bd5481
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
As the max ESPI can be 5119, so enlarge the intr_num range of
structure interrupt_prop_t. After the patch the ESPI can be add to
this macro:
define PLATFORM_G1S_PROPS(grp) \
INTR_PROP_DESC(197 - 32 + 4576, GIC_HIGHEST_SEC_PRIORITY, (grp), GIC_INTR_CFG_EDGE), \
INTR_PROP_DESC(199 - 32 + 4576, GIC_HIGHEST_SEC_PRIORITY, (grp), GIC_INTR_CFG_EDGE)
The firmware-design.rst will be updated accordingly.
Signed-off-by: Ming Huang <huangming@linux.alibaba.com>
Change-Id: Ic923868bb1b00c017410dc2aeabfda58ee54782f
In order to support the ability to target a SPI interrupt to a
particular core, an impdef field "interrupts-target" has been added to
associate and interrupt id with an mpidr. The field is optional and if
not provided, existing SPMC behavior of routing to boot strap core is
maintained.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I78ccfb45cd9b411cca4b36ff940064fc9dcd1622
* changes:
docs(rme): update RMM-EL3 Boot Manifest structure description
feat(rme): read DRAM information from FVP DTB
feat(rme): set DRAM information in Boot Manifest platform data
Add support for JTAG Debug Communication Channel(DCC), using the dcc
console driver, for Versal NET platform.
UART0/UART1 is not configured when the JTAG DCC is used as console for
the platform.
Though DCC is not using any UART, VERSAL_NET_UART_BASE needs
to be defined in the platform code. If its not defined, build errors
are observed.
Now VERSAL_NET_UART_BASE by default points to UART0 base.
Check for valid console(pl011, pl011_0, pl011_1, dcc) is
being done in the platform makefile, the error condition in
setting the value of VERSAL_NET_UART_BASE is redundant, thus the error
message is removed from the code.
Change-Id: I1085433055abea13526230cff4d4183ff7a01477
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
