Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
which handles panic from lower ELs.
So now we can remove do_panic and just call el3_panic for all panics.
Change-Id: I739c69271b9fb15c1176050877a9b0c0394dc739
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Cleanup weak links to el3_panic and restrict crash_reporting usage
to bl31.
Crash reporting is not used with bl1, bl2 and weak linkage to el3_panic
is used, this can cause ambiguity in understanding the code so remove
this weak linkage and introduce funcs that should be used when we have
crash reporting for el3 panics.
Change-Id: Ic5c711143ba36898ef9574a078b8fa02effceb12
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Currently we call el3_panic for panics from EL3 and elx_panic for
panics from lower ELs.
When we boot into a rich OS environment and interact with BL31 using
SMC/ABI calls and we can also decide to handle any lower EL panics in
EL3. Panic can occur in lower EL from rich OS or during SMC/ABI calls
after context switch to EL3.
But after booting into any rich OS we may land in panic either from
rich OS or while servicing any SMC call, here the logic to use
el3_panic or elx_panic is flawed as spsr_el3[3:0] is always EL3h
and end up in elx_panic even if panic occurred from EL3 during
SMC handling.
We try to decouple the elx_panic usage for its intended purpose,
introduce lower_el_panic which would call elx_panic, currently
lower_el_panic is called from default platform_ea_handle which
would be called due to panic from any of the lower ELs.
Also remove the weak linkage for elx_panic and rename it to
report_elx_panic which could be used with lower_el_panic.
Change-Id: I268bca89c01c60520d127ef6c7ba851460edc747
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Remove usage of HANDLE_EA_EL3_FIRST_NS in plat_default_ea_handler
Change-Id: I2bf4788960d20a090d66cf39c7bbbdea1d3243ca
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
CRYPTO_SUPPORT is enabled by default when TRUSTED_BOARD_BOOT is
enabled so usage CRYPTO_SUPPORT in conjunction with TRUSTED_BOARD_BOOT
might sometime be confusing to look at.
Adding minor cleanup to make it look simpler with conditions.
No functionality changes.
Change-Id: I800524d54ea56dc27b6c6da26c75a07f5f6de984
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in the
documentation of the build option as well.
[1]:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/Makefile#n897
Change-Id: Ibfa328ec8ed685ce715d144d979ba37e4f49f82e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Current CFLAGS if set for library builds could impact entire build, so
allow to pass additional CFLAGs for library builds based on format
<LIBNAME>_CFLAGS.
This support is currently needed to avoid 'redundant declaration'
error from latest mbedtls-3.3, the issue is reported to mbedtls[1]
and is under consideration to remove any redundant declarations.
But till then we have to disable that compiler option while building
for mbedtls-3.3
[1]: https://github.com/Mbed-TLS/mbedtls/issues/6910
Change-Id: Ic99af22b229f8089c82110d6545f762c14a62f5c
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
To support mbedtls3.3 increase BL1_RW and BL2 size rsa+ecdsa alg.
Increase both by one page size. In mbedtls3.3 numerous config options
have been tweaked and made defaults[1] thus a small increase in size
can result for mbedtls-3.3
This size limitation is observed when we build TF-A with
TF_MBEDTLS_KEY_ALG=rsa+ecdsa this approach is used in juno as well,
so use similar approach for FVP.
[1]: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md
Change-Id: I8a423711ac50b3d615c1d9650086cdbca5051c8e
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
TF-A support for mbedtls3.x has been overdue by number of releases.
As per mbedtls support it was advised to use latest and greatest
mbedtls-3.3. But mbedtls-3.x breaks API compatibility with
mbedtls-2.x
To maintain comptability for mbedtls-2.x and enable mbedtls-3.x
support add a functionality into makefile to determine the major version
of mbedtls and use that to selective include or compile files
that are present.
With mbedtls-3.x numerous other config changes have been done.
Some of the config options deprecated or enabled by default.
Thus we decided to introduce a new 3.x config file part of this
change for building TF-A with mbedtls-3.3.
For futher information on migrating to mbedtls 3.x refer to:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md
Change-Id: Ia8106d6f526809df927d608db27fe149623258ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
In preparation for supporting mbedtls 3.3, usage of
mbedtls_pk_rsassa_pss_options[1] is made private and is broken on 3.3
However looking closely into the usage in 'verify_signature' function
is no hard reason behind usage of this struct and they could be easily
replaced with independent variables.
This Minor refactor to avoid using the struct mbedtls_pk_rsassa_pss_options
and use independent variable will provide compatibility with both 2.x
and 3.x
[1]: https://github.com/Mbed-TLS/mbedtls/issues/7040
Change-Id: If0107d860d11d13cba7fd5d7941e7142e70c7b11
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.
However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3
Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
In case that FSBL (or SPL) doesn't provide valid handoff structure don't
fallback to default image location. In non JTAG boot mode all the time
structure should be passed. If it is not it can be opportunity to inject
any code to default locations and start it. That's why panic in all
these cases.
Change-Id: Ib3e11e2ae9ffec7406002cce4997b12b97bdc396
Signed-off-by: Michal Simek <michal.simek@amd.com>
The Device Present (DP) field is set to '1' after host controller
receive 'SUCCESS' return code on the response of the DME_LINKSTARTUP UIC
CMD during host controller initialization.
JEDEC Standard No. 223E
Page 28
Signed-off-by: Jorge Troncoso <jatron@google.com>
Change-Id: I9db0374c1df3530d64187b9e449cde3b27d63072
Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.
This change introduces the period prefix to all specialized section
names.
BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.
Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>
EM SMC where out of SIP range which is 15:0 bits only. EM was used 19:17
bits which is wrong but no code was checking it. That's why vove EM SMC
to SIP range.
Change-Id: I83f998a17a8b82b2c25ea8c9b247e42642c82178
Signed-off-by: Michal Simek <michal.simek@amd.com>
Added few missed links for Security Advisories.
Change-Id: I9cab72b70a518273cbb1a291142f452198427127
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add support for custom sip service.
Bare minimum implementation for custom_smc_handler is provided
by platform. Actual definition for custom_smc_handler will be provided
by custom pkg.
This feature is going to be used by external libraries. For example
for checking it's status.
The similar approach is also used by qti/{sc7180,sc7280} platforms
by providing a way to select QTISECLIB_PATH.
This code is providing a generic way how to wire any code
via custom $(CUSTOM_PKG_PATH)/custom_pkg.mk makefile with also an
option to wire custom SMC. SMC functionality depends on "package".
Change-Id: Icedffd582f76f89fc399b0bb2e05cdaee9b743a0
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
The docs say 3 is valid, but it is not. Jammy uses 3.10 so pin it to
that.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I73530750065294eb511d88318ba86a6c50c8aa7d
Specifying build.tools is mandatory. We use python, so use the latest
one available. For ubuntu 22.04 that should be 3.10 or thereabouts.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ifd184b9f3b2d8e91182ccb73c47b148e4aeaff05
Readthedocs uses weird defaults and the web interface gives limited
configuration options. Add the config file to allow them to be changed.
Bump build os image to Ubuntu 22.04 to be in line with the CI.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1a620b15ab3924244f305056096024fe117c63dd
23:16 bits when they gets to SMC handler should be all zeros but be
inside SIP Service Calls range which is defined as 0x82000000-0x8200ffff
or 0xc2000000-0xc200ffff. That's why make sure that code won't handle
any SMCs in SIP range out of predefined range.
Also fix MASK values to check the same range for PM/IPI calls to make
sure that masking covers all required bits including 23:16. Bits 15:12
are used for different class of requests.
Change-Id: I9d3e91aa521d6bb90f6b15b71ff1e89fa77ee379
Signed-off-by: Michal Simek <michal.simek@amd.com>
23:16 bits when they gets to SMC handler should be all zeros but be
inside SIP Service Calls range which is defined as 0x82000000-0x8200ffff
or 0xc2000000-0xc200ffff. That's why make sure that code won't handle
any SMCs in SIP range out of predefined range. Because EM SMC is out of
this range already on this SOC check it after it (EMC SMC will be
handled separately).
Also fix MASK values to check the same range for PM/IPI/EM calls to make
sure that masking covers all required bits including 23:16. Bits 15:12
are used for different class of requests.
Change-Id: If23ac769c91d206e47758aeaa1f14e8b9c3dc7bb
Signed-off-by: Michal Simek <michal.simek@amd.com>
There is no reason to use else and concatenate EM SMCs with PM SMCs via
if/else pair. Also synchronize comment location.
Change-Id: I147f9d193574c2417c9d92d41a675e35ba282c9f
Signed-off-by: Michal Simek <michal.simek@amd.com>
Inside pm_ipi.c file, corrected the function description of
pm_ipi_buff_read_callb() and removed the return type as this is a void
function.
Signed-off-by: Naman Patel <naman.patel@amd.com>
Change-Id: I6257894337ef64497afb3e80d70af91a20357d5f
In the ZynqMP, 0x36 EEMI API ID is used for PM_FPGA_GET_VERSION and 0x37
is used for PM_FPGA_GET_FEATURE_LIST. The same ID numbers in the Versal
are used for PM_ADD_SUBSYSTEM and PM_DESTROY_SUBSYSTEM and it leads to
the EEMI API ID conflict between the platforms. To fix this issue this
patch updates the PM_FPGA_GET_VERSION and PM_FPGA_GET_FEATURE_LIST EEMI
API ID's to 0x48 and 0x49.
In linux zynqmp_pm_fpga_get_version() and
zynqmp_pm_fpga_get_feature_list() API's are uses PM_FPGA_GET_VERSION
and PM_FPGA_GET_FEATURE_LIST to get the xilfpga version and
xilfpga-supported feature list info. These API's are called only in
zynqmp-fpga.c as part of the probe. In case of this caller API's are
failed it will fall to the default feature list and this default
feature list is same as latest xilfpga-supported feature list (No new
feature was added in the xilfpga after adding these APIs). So, these
updated IDs will not cause any functional issues between Linux, TF-A,
and firmware components.
Signed-off-by: Nava kishore Manne <nava.kishore.manne@amd.com>
Change-Id: I14d974dd44651681ecbf726ad8b6940e1850cbec
PMC ipi register base can't be the same as is for IPI_ID_APU that's why
that address is not correct and needs to be fixed.
Change-Id: I7ff2c9c0dd5995487e41f6b1060e4c9880c009fa
Signed-off-by: Michal Simek <michal.simek@amd.com>
