Measurements taken during boot are stored in RSS.
These measurements are included in the platform
attestation token.
Change-Id: Iac3356f813fb417315681c718839319832a76191
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
The maximum size of BL1/BL2/BL31 is increased due to
the added new functionalities, such as RSS based
measured boot on TC2.
Change-Id: I939c7c3da6bf870db46b32cd2836c6737de278bb
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Adding PLAT_* prefix to indicate that the
platform needs to provide this definition.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I0bd02be405fd8b1e625bd2b82647ebb2b58265fc
Define the RSS_COMMS_PAYLOAD_MAX_SIZE macro. Its value is platform
specific and gives the largest message size which are exchanged
on the TC2 platform between RSS and AP.
Change-Id: Id831c282dc9a39755b82befead1a81767e217215
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache before DLME launch
feat(drtm): invalidate icache before DLME launch
feat(drtm): ensure that passed region lies within Non-Secure region of DRAM
feat(fvp): add plat API to validate that passed region is non-secure
feat(drtm): ensure that no SDEI event registered during dynamic launch
feat(drtm): prepare EL state during dynamic launch
feat(drtm): prepare DLME data for DLME launch
feat(drtm): take DRTM components measurements before DLME launch
feat(drtm): add a few DRTM DMA protection APIs
feat(drtm): add remediation driver support in DRTM
feat(fvp): add plat API to set and get the DRTM error
feat(drtm): add Event Log driver support for DRTM
feat(drtm): check drtm arguments during dynamic launch
feat(drtm): introduce drtm dynamic launch function
refactor(measured-boot): split out a few Event Log driver functions
feat(drtm): retrieve DRTM features
feat(drtm): add platform functions for DRTM
feat(sdei): add a function to return total number of events registered
feat(drtm): add PCR entries for DRTM
feat(drtm): update drtm setup function
refactor(crypto): change CRYPTO_SUPPORT flag to numeric
feat(mbedtls): update mbedTLS driver for DRTM support
feat(fvp): add crypto support in BL31
feat(crypto): update crypto module for DRTM support
build(changelog): add new scope for mbedTLS and Crypto module
feat(drtm): add standard DRTM service
build(changelog): add new scope for DRTM service
feat(fvp): increase MAX_XLAT_TABLES entries for DRTM support
feat(fvp): increase BL31's stack size for DRTM support
feat(fvp): add platform hooks for DRTM DMA protection
Adding SECURE rm flag to support INTR_EL3_VALID_RM1 routing model.
Signed-off-by: Muhammad Arsath K F <quic_mkf@quicinc.com>
Change-Id: Ie72d62148e81d3cf7fb05f46124f846cc45d9d41
Added a platform function to check passed region is within
the Non-Secure region of DRAM.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie5808fa6a1b6e6bc99f4185fa8acc52af0d5f14d
Added a platform function to set and get DRTM error.
Also, added a platform function to reset the system.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I471f2387f8c78b21a06af063a6fa02cda3646557
Added Event Log driver support for DRTM. This driver
is responsible for the doing the hash measurement of
various DRTM components as per [1], and putting these
measurements in the Event Log buffer.
[1]: https://developer.arm.com/documentation/den0113/a, section 3.16
Change-Id: I9892c313cf6640b82e261738116fe00f7975ee12
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added platform hooks to retrieve DRTM features and
address map.
Additionally, implemented these hooks for the FVP platform.
Signed-off-by: John Powell <john.powell@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I5621cc9807ffff8139ae8876250147f7b2c76759
DRTM implementation needs crypto support in BL31 to calculate
hash of various DRTM components
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I659ce8e54550946db253d23f150cca8b2fa7b880
DRTM implementation maps the DLME data region provided by the
DCE-preamble in BL31, hence increased MAX_XLAT_TABLES entries
count.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I5f0ac69e009c4f81d3590fdb1f4c0a7f73c5c99d
The stack size of BL31 has been increased to accommodate the
introduction of mbedTLS support for DRTM.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: Id0beacf4df553af4ecbe714af20e71604ccfed59
Added necessary platform hooks for DRTM DMA protection.
These calls will be used by the subsequent DRTM implementation
patches.
DRTM platform API declarations have been listed down in a
separate header file.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: Ib9726d1d3570800241bde702ee7006a64f1739ec
Starting with QEMU v3.1.0 (Dec 2018), QEMU's TCG emulation engine supports
the SVE architecture extension. In QEMU v7.1.0 (Aug 2022) it also gained
SME support.
As it stands today, running TF-A under QEMU with "-cpu max" makes Linux
hang, because SME and SVE accesses trap to EL3, but are never handled
there. This is because the Linux kernel sees the SVE or SME feature bits,
and assumes firmware has enabled the feature for lower exception levels.
This requirement is described in the Linux kernel booting protocol.
Enable those features in the TF-A build, so that BL31 does the proper
EL3 setup to make the feature usable in non-secure world.
We check the actual feature bits before accessing SVE or SME registers,
so this is safe even for older QEMU version or when not running with
-cpu max. As SVE and SME are AArch64 features only, do not enable them
when building for AArch32.
Change-Id: I5b718eb298a0bbcf36244479e8d42e54a2faca61
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Hardware video decoding is not working after enabling EMI MPU protection
for SCP.
According to coreboot DEVAPC setting, SCP belongs to domain 4 instead of
domain 3. So correct the permission setting.
BUG=b:249954378
TEST=play video and see codec irq count is incrementing.
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Change-Id: If71de3eabf8682909f96924c159aa92f25deb96c
In order to sync drivers with MediaTek internal code base, we move lpm
drivers back to common folder.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I1066e092febe0abb9782a46f668613e137737c88
- Add cpu_pm driver for CPU idle and SMP flow.
- Add SMP driver for CPU power on/off control.
- Add CPC driver to handle CPU powered on/off in CPU suspend.
- Add mbox driver for tinysys support.
Signed-off-by: Edward-JW Yang <edward-jw.yang@mediatek.com>
Change-Id: I20141474e1c43cdfacb9f2c6a2285721e50a617c
The new helpers are created in STM32MP1 platform for prefetch and data
aborts.
While at it, put plat_report_exception() under DEBUG flag. If DEBUG is
not set, the weak function which does the same will be used.
This plat_report_exception() function can also be simplified, as it will
no more be used to report aborts.
Change-Id: Ibe989b28e236693f317cffb0545ea0611b7bdde4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
New helper functions are created to handle data & prefetch aborts
in AARCH32. They call platform functions, just like what
report_exception is doing.
As extended MSR/MRS instructions (to access lr_abt in monitor mode)
are only available if CPU (Armv7) has virtualization extension,
the functions branch to original report_exception handlers if this is
not the case.
Those new helpers are created mainly to distinguish data and prefetch
aborts, as they both share the same mode.
This adds 40 bytes of code.
Change-Id: I5dd31930344ad4e3a658f8a9d366a87a300aeb67
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The purpose of this code is to extract api_id from smc_fid but this masking
is done already in the code with using generic mask from smccc.h
(FUNCID_NUM_MASK). That's why remove FUNCID_MASK is which not needed and
actually also equal to already used FUNCID_NUM_MASK.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: I1113825baa5d9d58d9d7c5d9d5855fecf62e8d45
On one hand, there is currently no upstream platform supporting the
RSS. On the other hand, we are gradually introducing driver code for
RSS. Even though we cannot test this code in the TF-A CI right now, we
can at least build it to make sure no build regressions are introduced
as we continue development.
This patch adds support for overriding PLAT_RSS_NOT_SUPPORTED build
flag (which defaults to 1 on the Base AEM FVP) from the command
line. This allows introducing an ad-hoc CI build config with
PLAT_RSS_NOT_SUPPORTED=0, which will correctly pull in the RSS and MHU
source files. Of course, the resulting firmware will not be
functional.
Change-Id: I2b0e8dd03bf301e7063dd4734ea5266b73265be1
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Neoverse Reference Design platform RD-Edmunds has been renamed to RD-V2
and so all corresponding references have been changed.
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: I134f125f8ce9ec2f42988ecd742de307da936f2b
Neoverse Demeter CPU has been renamed to Neoverse V2 CPU.
Correspondingly, update the CPU library, file names and other
references to use the updated IP name.
Signed-off-by: Joel Goddard <joel.goddard@arm.com>
Change-Id: Ia4bf45bf47807c06f4c966861230faea420d088f
* changes:
feat(stm32mp1): add early console in SP_min
feat(st): properly manage early console
feat(st-uart): manage STM32MP_RECONFIGURE_CONSOLE
docs(st): introduce STM32MP_RECONFIGURE_CONSOLE
feat(st): add trace for early console
fix(stm32mp1): enable crash console in FIQ handler
feat(st-uart): add initialization with the device tree
refactor(stm32mp1): move DT_UART_COMPAT in include file
feat(stm32mp1): configure the serial boot load address
fix(stm32mp1): update the FIP load address for serial boot
refactor(st): configure baudrate for UART programmer
refactor(st-uart): compute the over sampling dynamically
According to the Generic Names Recommendation in the Devicetree
Specification Release v0.3, and the DT Bindings for the Renesas Reduced
Pin Count Interface, the node name for a Renesas RPC-IF device should be
"spi". The node name matters, as the node is enabled by passing a DT
fragment from TF-A to subsequent software.
Fix this by renaming the device node in the passed DT fragment from
"rpc" to "spi".
Fixes: 12c75c8886 ("feat(plat/rcar3): emit RPC status to DT fragment if RPC unlocked")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Change-Id: Idb43353947607611331abc344f8c8ae932a20408
Since patch on libc refactoring, there is a compilation error with
STM32MP_USB_PROGRAMMER=1:
plat/st/common/stm32cubeprogrammer_usb.c:81:35: error:
implicit declaration of function 'strnlen'
[-Werror=implicit-function-declaration]
length += strnlen((char *)&dfu->buffer[GET_PHASE_LEN],
The string.h header file should be included.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I1fbb2d9714cbc0d0640cb5e3c5ae8201dbfbe14e
MISRA Violation: MISRA-C: 2012 R.10.1
- The operand to the operator does not have an essentially
unsigned type.
Signed-off-by: HariBabu Gattem <haribabu.gattem@amd.com>
Change-Id: I0f974e9d6f63dddfab55d55c952a57645d931e40
Update test CCA Platform token in fvp_plat_attest_token.c to be
up-to-date with RMM spec Beta0.
Change-Id: I0f5e2ac1149eb6f7a93a997682f41d90e109a049
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
DDR4 Chip is EOL during redesign of ls1043ardb pd version. The replacement from MT is MT40A1G8SA-062E:R.
New ddr configure is compatible with both pd and old version of ls1043ardb.
Signed-off-by: Chunlei Xu <chunlei.xu@nxp.com>
Change-Id: I714c091a2cf15046438d0723fb55a4410c386ef4
MISRA Violation: MISRA-C:2012 R.4.6
- Using basic numerical type int rather than a typedef
that includes size and signedness information.
Signed-off-by: HariBabu Gattem <haribabu.gattem@amd.com>
Change-Id: I3779f7b6e074e33cb66ace3bef2117029badce1e
Allow early console to be used at the beginning of SP_min, before
the clocks and UART have been reconfigured.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I53d66938d42fcec830d9b81e5ef62b3790d0c3b3
The new flag STM32MP_RECONFIGURE_CONSOLE is managed in platform.mk.
It is used in stm32mp_setup_early_console() when calling
plat_crash_console_init(). This call is also under:
"#if defined(IMAGE_BL2)"
as this crash console init shouldn't be done by default in BL32.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Ib6b89db83d80095b662a2016e18ceb3fa8668435
When the early console is configured with STM32MP_EARLY_CONSOLE,
display a message indicating it is enabled.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Iafdfa5afef27eba823d707841853a8a46de0b42d
When a FIQ occurs and is trapped by SP_min, it is an unrecoverable
error. As kernel may have switched the UART console off, we should
re-enable it with plat_crash_console_init() for those failing states.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ib02e1271b6213f8e383a062b74494abf8826188f
