The attestation key derivation and platform attestation token
creation functionality is provided by the Delegated Attestation
partition in RSS.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2d8c0e6589d11e7c81c698adf75ee2a993e3a0c6
Delegated attestation is a service provided by RSS to:
- Derive a delegated attestation key: Realm Attestation Key
- Query the platform attestation token
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I3edf09fcbef24bca7c8a000ffac8c1ab64dfb812
Added a platform function to check passed region is within
the Non-Secure region of DRAM.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie5808fa6a1b6e6bc99f4185fa8acc52af0d5f14d
Added a platform function to set and get DRTM error.
Also, added a platform function to reset the system.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I471f2387f8c78b21a06af063a6fa02cda3646557
Reorganized a few Event Log functions into multiple functions so that
they can be used for the upcoming DRTM feature. This change mainly
implements below new functions -
1. event_log_buf_init - called by 'event_log_init' to initialise Event
Log buffer
2. event_log_write_specid_event - called by 'event_log_fixed_header' to
write specification id event to Event Log buffer
3. event_log_measure and event_log_record - called by
'event_log_measure_and_record' to measure and record the measurement
to the Event Log buffer
Change-Id: I1aabb57f79bead726fcf36d59839702cd6a3521d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added platform hooks to retrieve DRTM features and
address map.
Additionally, implemented these hooks for the FVP platform.
Signed-off-by: John Powell <john.powell@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I5621cc9807ffff8139ae8876250147f7b2c76759
This patch adds a public API to return the total number of registered
events. The purpose of this is primarily for DRTM to ensure that no
SDEI event can interfere with a dynamic launch.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I1d1cba2da7d5566cc340620ee1ce7d7844740b86
Added PCR entries for the measurement performed by the
DCE and D-CRTM in DRTM implementation
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: Ib9bfafe7fa2efa1cc36d7ff138468d648235dcf1
Updated crypto module to include crypto calls necessary for a
DRTM supported build.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I4f945997824393f46864b7fb7fd380308a025452
Added a dummy DRTM setup function and also, introduced DRTM SMCs
handling as per DRTM spec [1]. Few basic SMCs are handled in this
change such as ARM_DRTM_SVC_VERSION and ARM_DRTM_SVC_FEATURES
that returns DRTM version and functions ids supported respectively,
and others are dummy for now.
[1]: https://developer.arm.com/documentation/den0113/latest
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I8c7afe920c78e064cbab2298f59e6837c70ba8ff
Added necessary platform hooks for DRTM DMA protection.
These calls will be used by the subsequent DRTM implementation
patches.
DRTM platform API declarations have been listed down in a
separate header file.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: Ib9726d1d3570800241bde702ee7006a64f1739ec
New helper functions are created to handle data & prefetch aborts
in AARCH32. They call platform functions, just like what
report_exception is doing.
As extended MSR/MRS instructions (to access lr_abt in monitor mode)
are only available if CPU (Armv7) has virtualization extension,
the functions branch to original report_exception handlers if this is
not the case.
Those new helpers are created mainly to distinguish data and prefetch
aborts, as they both share the same mode.
This adds 40 bytes of code.
Change-Id: I5dd31930344ad4e3a658f8a9d366a87a300aeb67
Signed-off-by: Yann Gautier <yann.gautier@st.com>
For an easier debug on Aarch32, in case of abort, it is useful to access
DFSR, IFSR, DFAR and IFAR CP15 registers.
Change-Id: Ie6b5a2882cd701f76e9d455ec43bd4b0fbe3cc78
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Neoverse Demeter CPU has been renamed to Neoverse V2 CPU.
Correspondingly, update the CPU library, file names and other
references to use the updated IP name.
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: Ia4bf45bf47807c06f4c966861230faea420d088f
* changes:
feat(stm32mp1): add early console in SP_min
feat(st): properly manage early console
feat(st-uart): manage STM32MP_RECONFIGURE_CONSOLE
docs(st): introduce STM32MP_RECONFIGURE_CONSOLE
feat(st): add trace for early console
fix(stm32mp1): enable crash console in FIQ handler
feat(st-uart): add initialization with the device tree
refactor(stm32mp1): move DT_UART_COMPAT in include file
feat(stm32mp1): configure the serial boot load address
fix(stm32mp1): update the FIP load address for serial boot
refactor(st): configure baudrate for UART programmer
refactor(st-uart): compute the over sampling dynamically
The current comms protocol (where arguments and return data is embedded
into the MHU message) is now protocol v0. Protocol v1 embeds pointers
into the message, and has the RSS retrieve the data via DMA.
Change-Id: I08d7f09c4eaea673769fde9eee194447a99f1b78
Signed-off-by: Raef Coles <raef.coles@arm.com>
This fix solves problems with using PRI*PTR on aarch64 like so:
error: format '%x' expects argument of type 'unsigned int', but
argument 3 has type 'uintptr_t' {aka 'long unsigned int'}
Change-Id: I135d3e5cea5459f138b20331b5e9472e2e9e566c
Signed-off-by: K <kayo@illumium.org>
The parameter over_sampling of stm32_uart_init_s is not required
as it can be computed dynamically from clock rate of the serial
device and the requested baudrate.
Oversampling by 8 is allowed only for higher speed
(up to clock_rate / 8) to reduce the maximum receiver tolerance
to clock deviation.
This patch update the driver, the serial init struct and the
only user, the stm32cubeprogrammer over uart support.
Change-Id: I422731089730a288defeb7fa49886db65d0902b2
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
- Removing platform dependencies from libc modules.
- Replacing panicking with actual error handling.
- Debug macros are included indirectly from assert.h. Removing
"platform_def.h" from assert.h and adding "common/debug.h"
where the macros are used.
- Removing hack for fixing PLAT_LOG_LEVEL_ASSERT to 40.
Instead removing assert with expression, as this
does not provide additional information.
Signed-off-by: Claus Pedersen <claustbp@google.com>
Change-Id: Icc201ea7b63c1277e423c1cfd13fd6816c2bc568
Fix the "#if defined(FOO)" usage introduced by commit 7c2fe62f1
("fix(bl31): allow use of EHF with S-EL2 SPMC") since the defines are
always passed as -DFOO=0 or as -DFOO=1. The "#if defined(FOO)" will now
always be true which is wrong.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I84fb144debc9899727a1fc021acdd59b4a6f0171
Adds a dispatcher for ProvenCore based on the test secure payload
dispatcher.
Signed-off-by: Florian Lugou <florian.lugou@provenrun.com>
Change-Id: I978afc3af6a6f65791655685a7bc80070673c9f3
Add platform specific interrupt handler for handling the reboot of
all CPU's. On shutdown/reboot, only one CPU invoke PSCI and enter into
trusted firmware. The CPU which entered trusted firmware signals the
rest of the cores which are online using SGI to initiate power down
sequence. On receiving the SGI, the handler will power down the
GIC redistributor interface of the respective core, configure the power
control register and power down the CPU by executing wfi.
In addition to these changes, fix coding style issues that are not
directly related to the code being introduced in this patch.
Change-Id: I4917dfdc47be5ce7367bee629486a6344cdd706f
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
Move the psci_do_pwrdown_sequence() function declaration from PSCI
private header to common header. The psci_do_pwrdown_sequence is
required to support warm reset, where each CPU need to execute the
powerdown sequence.
Change-Id: I298e7a120be814941fa91c0b001002a080e56263
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
Add a new function to setup a SGI interrupt that will be used to trigger
a request for per-cpu power down when executing the PSCI SYSTEM_RESET
request. This will be used on CSS platform that require all the CPUs to
execute the CPU specific power down sequence to complete a warm reboot
sequence in which only the CPUs are power cycled.
Change-Id: I80da0f6c3cd0c5c442c82239ba1e1f773821a7f5
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
The GIC ICC_SGI0R_EL1 register's affinity fields are 8bit wide for GIC
v3 and v4. Fix the SGIR_AFF_MASK variable accordingly.
Change-Id: I09f3fdd006708b40162776620f82abcfc6c3f782
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
This patch adds two helper functions:
- plat_ic_raise_ns_sgi to raise a NS SGI
- plat_ic_raise_s_el1_sgi to raise a S-EL1 SGI
Signed-off-by: Florian Lugou <florian.lugou@provenrun.com>
Change-Id: I6f262dd1da1d77fec3f850eb74189e726b8e24da
Cortex-A78C erratum 2376749 is a Cat B erratum that applies
to revisions r0p1 and r0p2 of the A78C and is currently open.
The workaround is to set CPUACTLR2_EL1[0] to 1 to force
PLDW/PFRM ST to behave like PLD/PRFM LD and not cause
invalidations to other PE caches.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2004089/latest
Signed-off-by: Akram Ahmad <Akram.Ahmad@arm.com>
Change-Id: I3b29f4b7f167bf499d5d11ffef91a94861bd1383
The boot partition size of an eMMC is given in ext_csd register, at
offset 226 (BOOT_SIZE_MULT), which has to be multiplied by 128kB.
Add a helper function mmc_boot_part_size() to get this eMMC boot
partition size.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0e8e0fc9632f147fa1b1b3374accb78439025403
Cortex-A710 erratum 2216384 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r2p0, and is fixed in r2p1. The workaround is to set
CPUACTLR5_EL1[17] to 1 and applying an instruction patching sequence.
Setting this bit, along with these instructions will prevent the
deadlock, and thereby avoids the reset of the processor.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775101/latest
Change-Id: I2821591c23f854c12111288ad1fd1aef45db6add
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
* changes:
feat(stm32mp1): allow to override MTD base offset
feat(stm32mp1): manage second NAND OTP on STM32MP13
feat(stm32mp1): add define for external scratch buffer for nand devices
feat(mtd): add platform function to allow using external buffer
feat(libc): introduce __maybe_unused
Cortex-A510 erratum 2347730 is a Cat B erratum that affects
revisions r0p0, r0p1, r0p2, r0p3, r1p0 and r1p1. It is
fixed in r1p2. The workaround is to set CPUACTLR_EL1[17]
to 1, which will disable specific microarchitectural clock
gating behaviour.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1873351/latesthttps://developer.arm.com/documentation/SDEN1873361/latest
Signed-off-by: Akram Ahmad <Akram.Ahmad@arm.com>
Change-Id: I115386284c2d91bd61515142f971e2e72de43e68
Currently, when SPMC at S-EL2 is used, we cannot use the RAS framework
to handle Group 0 interrupts. This is required on platforms where first
level of triaging needs to occur at EL3, before forwarding RAS handling
to a secure partition running atop an SPMC (hafnium).
The RAS framework depends on EHF and EHF registers for Group 0
interrupts to be trapped to EL3 when execution is both in secure world
and normal world. However, an FF-A compliant SPMC requires secure
interrupts to be trapped by the SPMC when execution is in S-EL0/S-EL1.
Consequently, the SPMC (hafnium) is incompatible with EHF, since it is
not re-entrant, and a Group 0 interrupt trapped to EL3 when execution is
in secure world, cannot be forwarded to an SP running atop SPMC.
This patch changes EHF to only register for Group 0 interrupts to be
trapped to EL3 when execution is in normal world and also makes it a
valid routing model to do so, when EL3_EXCEPTION_HANDLING is set (when
enabling the RAS framework).
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I72d4cf4d8ecc549a832d1c36055fbe95866747fe
The scratch buffer could be large. The new function allows
platform to defined its own external buffer or use the default
one.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ib7ab8ff19fa0a9cb06e364f058b91af58c3c471a
Cortex-A78C erratum 2395411 is a Cat B erratum that affects
revisions r0p1 and r0p2, and is currently open. The workaround
is to set CPUACTLR2_EL1[40] to 1, which will disable folding
of demand requests into older prefetches with L2 miss requests
outstanding.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2004089/latest
Signed-off-by: Akram Ahmad <Akram.Ahmad@arm.com>
Change-Id: I4f0fb278ac20a2eb4dd7e4efd1b1246dd85e48c4
