* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build(tbbr): drive cert_create changes for cca CoT
refactor(arm): add cca CoT certificates to fconf
feat(fiptool): add cca, core_swd, plat cert in FIP
feat(cert_create): define the cca chain of trust
feat(cca): introduce new "cca" chain of trust
build(changelog): add new scope for CCA
refactor(fvp): increase bl2 size when bl31 in DRAM
Increase the size of bl31 image by 52K to accomodate increased size of
xlat table.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ic3a8d8be1104adf48d22aa829e2197f710b6b666
Add support to read the list of isolated CPUs from SDS and publish this
list via the non-trusted firmware configuration file for the next stages
of boot software to use.
Isolated CPUs are those that are not to be used on the platform for
various reasons. The isolated CPU list is an array of MPID values of the
CPUs that have to be isolated.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I4313cf025f4c9e9feffebca2d35b259f5bafce69
Add a new property named 'isolated-cpu-list' to list the CPUs that are
to be isolated and not used by the platform. The data represented by
this property is formatted as below.
strutct isolated_cpu_mpid_list {
uint64_t count;
uint64_t mpid_list[MAX Number of PE];
}
Also, the property is pre-initialized to 0 to reserve space for the
property in the dtb. The data for this property is read from SDS and
updated during boot. The number of entries in this list is equal to the
maximum number of PEs present on the platform.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I4119f899a273ccbf8259e0d711d3a25501c7ec64
Add the TPM event log node to the SPMC manifest such that the TF-A
measured boot infrastructure fills the properties with event log address
for components measured by BL2 at boot time.
For a SPMC there is a particular interest with SP measurements.
In the particular case of Hafnium SPMC, the tpm event log node is not
yet consumed, but the intent is later to pass this information to an
attestation SP.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ic30b553d979532c5dad9ed6d419367595be5485e
Add page table translation entry for secure uart so that logs from
secure partition can be routed via the same.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I3416d114bcee13824a7d0861ee54fb799e154897
Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the PE is in when logs are put out. In addition to this,
this allows consolidation of the UART related macros across all the
variants of the Neoverse reference design platforms.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I417f5d16457b602c94da4c74b4d88bba03da7462
The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the board
specific macros defined in the common Arm platform code will no longer
be usable for Neoverse reference design platforms.
In preparation for migrating to a different set of UART ports, add a
Neoverse reference design platform specific copy of the board
definitions. The value of these definitions will be changed in
subsequent patches.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I1ab17a3f02c8180b63be24e9266f7129beee819f
With RSS now introduced, we have 2 Measured Boot backends. Both backends
can be used in the same firmware build with potentially different hash
algorithms, so now there can be more than one hash algorithm in a build.
Therefore the logic for selecting the measured boot hash algorithm needs
to be updated and the coordination of algorithm selection added. This is
done by:
- Adding MBOOT_EL_HASH_ALG for Event Log to define the hash algorithm
to replace TPM_HASH_ALG, removing reference to TPM.
- Adding MBOOT_RSS_HASH_ALG for RSS to define the hash algorithm to
replace TPM_HASH_ALG.
- Coordinating MBOOT_EL_HASH_ALG and MBOOT_RSS_HASH_ALG to define the
Measured Boot configuration macros through defining
TF_MBEDTLS_MBOOT_USE_SHA512 to pull in SHA-512 support if either
backend requires a stronger algorithm than SHA-256.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I4ddf06ebdc3835beb4d1b6c7bab5a257ffc5c71a
The cca chain of trust involves 3 root-of-trust public keys:
- The CCA components ROTPK.
- The platform owner ROTPK (PROTPK).
- The secure world ROTPK (SWD_ROTPK).
Use the cookie argument as a key ID for plat_get_rotpk_info() to return
the appropriate one.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ieaae5b0bc4384dd12d0b616596596b031179044a
- Use the development PROTPK and SWD_ROTPK if using cca CoT.
- Define a cca CoT build flag for the platform code to provide
different implementations where needed.
- When ENABLE_RME=1, CCA CoT is selected by default on Arm
platforms if no specific CoT is specified by the user.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I70ae6382334a58d3c726b89c7961663eb8571a64
When using the new cca chain of trust, a new root of trust key is needed
to authenticate the images belonging to the secure world. Provide a
development one to deploy this on Arm platforms.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I9ea7bc1c15c0c94c1021d879a839cef40ba397e3
Adding support in fconf for the cca CoT certificates for cca, core_swd,
and plat key.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I8019cbcb7ccd4de6da624aebf3611b429fb53f96
Increase the space for BL2 by 0xC000 to accommodate the increase in size
of BL2 when ARM_BL31_IN_DRAM is set.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ifc99da51f2de3c152bbed1c8269dcc8b9100797a
Add SP entries to event_log_metadata if SPD_spmd is enabled. Otherwise
the platform cannot boot with measured boot enabled.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I525eb50e7bb60796b63a8c7f81962983017bbf87
* changes:
feat(fvp): add plat hook for memory transactions
feat(spmc): enable handling of the NS bit
feat(spmc): add support for v1.1 FF-A memory data structures
feat(spmc/mem): prevent duplicated sharing of memory regions
feat(spmc/mem): support multiple endpoints in memory transactions
feat(spmc): add support for v1.1 FF-A boot protocol
feat(plat/fvp): introduce accessor function to obtain datastore
feat(spmc/mem): add FF-A memory management code
Add call to platform hooks upon successful transmission of a
memory transaction request and as part of a memory reclaim request.
This allows for platform specific functionality to be performed
accordingly.
Note the hooks must be placed in the initial share request and final
reclaim to prevent order dependencies with operations that may take
place in the normal world without visibility of the SPMC.
Add a dummy implementation to the FVP platform.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I0c7441a9fdf953c4db0651512e5e2cdbc6656c79
In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptors, a accessor function is used.
This allows for the backing memory to be allocated in a
platform defined manner, to accommodate memory constraints
and desired use cases.
Provide an implementation for the Arm FVP platform to
use a default value of 512KB memory allocated in the
TZC RAM section.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I92bc55ba6e04bdad429eb52f0d2960ceda682804
This patch adds support to load nt_fw_config with the information from
plat_info sds structure which is then passed from BL2 to BL33.
Signed-off-by: sahil <sahil@arm.com>
Change-Id: I2fcf13b7bf5ab042ef830157fd9cceedbdca617a
This is required to prevent Nwd context corruption during StMM
execution.
Standalone MM uses OpenSSL for secure boot, which uses FP registers for
floating point calculations.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I6ed11d4fa5d64c3089a24b66fd048a841c480792
Enable the RSS backend based measured boot feature.
In the absence of RSS the mocked version of PSA APIs
are used. They always return with success and hard-code data.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I7543e9033a7a21f1b836d911d8d9498c6e09b956
* changes:
fix(sptool): update Optee FF-A manifest
feat(sptool): delete c version of the sptool
feat(sptool): use python version of sptool
feat(sptool): python version of the sptool
refactor(sptool): use SpSetupActions in sp_mk_generator.py
feat(sptool): add python SpSetupActions framework
This patch enables access to the branch record buffer control registers
in non-secure EL2 and EL1 using the new build option ENABLE_BRBE_FOR_NS.
It is disabled for all secure world, and cannot be used with ENABLE_RME.
This option is disabled by default, however, the FVP platform makefile
enables it for FVP builds.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I576a49d446a8a73286ea6417c16bd0b8de71fca0
Introduce additional #defines for running with the EL3
SPMC on the FVP.
The increase in xlat tables has been chosen to allow
the test cases to complete successfully and may need
adjusting depending on the desired usecase.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I7f44344ff8b74ae8907d53ebb652ff8def2d2562
Add an example logical partition to the FVP platform that
simply prints and echos the contents of a direct request
with the appropriate direct response.
Change-Id: Ib2052c9a63a74830e5e83bd8c128c5f9b0d94658
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change the OPTEE FF-A manifest to comply with changes to the sp pkg [1].
The sptool packs the image at the default offset of 0x4000, if it is not
provided in the arguments.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/14507
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I647950410114f7fc24926696212bb7f8101390ac
This change performs a basic configuration of the SMMU root registers
interface on an RME enabled system. This permits enabling GPC checks
for transactions originated from a non-secure or secure device upstream
to an SMMU. It re-uses the boot time GPT base address and configuration
programmed on the PE.
The root register file offset is platform dependent and has to be
supplied on a model command line.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I4f889be6b7afc2afb4d1d147c5c1c3ea68f32e07
Currently, HW-config is loaded into non-secure memory, which mean
a malicious NS-agent could tamper with it. Ideally, this shouldn't
be an issue since no software runs in non-secure world at this time
(non-secure world has not been started yet).
It does not provide a guarantee though since malicious external
NS-agents can take control of this memory region for update/corruption
after BL2 loads it and before BL31/BL32/SP_MIN consumes it. The threat
is mapped to Threat ID#3 (Bypass authentication scenario) in threat
model [1].
Hence modified the code as below -
1. BL2 loads the HW_CONFIG into secure memory
2. BL2 makes a copy of the HW_CONFIG in the non-secure memory at an
address provided by the newly added property(ns-load-address) in
the 'hw-config' node of the FW_CONFIG
3. SP_MIN receives the FW_CONFIG address from BL2 via arg1 so that
it can retrieve details (address and size) of HW_CONFIG from
FW_CONFIG
4. A secure and non-secure HW_CONFIG address will eventually be used
by BL31/SP_MIN/BL32 and BL33 components respectively
5. BL31/SP_MIN dynamically maps the Secure HW_CONFIG region and reads
information from it to local variables (structures) and then
unmaps it
6. Reduce HW_CONFIG maximum size from 16MB to 1MB; it appears
sufficient, and it will also create a free space for any future
components to be added to memory
[1]: https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html
Change-Id: I1d431f3e640ded60616604b1c33aa638b9a1e55e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
As part of the RFC:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/13651,
this patch adds the 'cm_prepare_el3_exit_ns' function. The function is
a wrapper to 'cm_prepare_el3_exit' function for Non-secure state.
When EL2 sysregs context exists (CTX_INCLUDE_EL2_REGS is
enabled) EL1 and EL2 sysreg values are restored from the context
instead of directly updating the registers.
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I9b071030576bb05500d54090e2a03b3f125d1653
Used MBEDTLS_CONFIG_FILE macro for including mbedTLS
configuration.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I374b59a31df3ab1e69481b2c37a6f7455a106b6e
There are plans to contribute a generic MHU driver to the TF-A code
base in the short term.
In preparation for this, rename the Corstone-700 MHU driver source
files and prefix them with the name of the platform to avoid any
ambiguity or name clashes with the upcoming generic MHU driver. Also
rename the header guard accordingly.
This renaming is inline with other platform-specific MHU drivers, such
as the ones used on Broadcom [1], Socionext [2] or Amlogic [3] platforms.
[1] plat/brcm/common/brcm_mhu.h
[2] plat/socionext/synquacer/drivers/mhu/sq_mhu.h
[3] plat/amlogic/common/aml_mhu.c
Change-Id: I8a5e5b16e7c19bf931a90422dfca8f6a2a0663b4
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
parameters:
* Fid (0xC400001B2).
* Attestation key buffer PA (the realm attestation key is copied
at this address by the monitor).
* Attestation key buffer length as input and size of realm
attesation key as output.
* Type of elliptic curve.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I12d8d98fd221f4638ef225c9383374ddf6e65eac
Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC40001B3).
* Platform token PA (the platform token is copied at this address by
the monitor). The challenge object needs to be passed by
the caller in this buffer.
* Platform token len.
* Challenge object len.
When calling the SMC, the platform token buffer received by EL3 contains
the challenge object. It is not used on the FVP and is only printed to
the log.
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Change-Id: I8b2f1d54426c04e76d7a3baa6b0fbc40b0116348
In anticipation of Spectre BHB workaround mitigation patches, we
disable the RECLAIM_INIT_CODE for FVP platform. Since the spectre
BHB mitigation workarounds inevitably increase the size of the various
segments due to additional instructions and/or macros, these segments
cannot be fit in the existing memory layout designated for BL31 image.
The issue is specifically seen in complex build configs for FVP
platform. One such config has TBB with Dual CoT and test secure
payload dispatcher(TSPD) enabled. Even a small increase in individual
segment size in order of few bytes might lead to build fails due to
alignment requirements(PAGE_ALIGN to 4KB).
This is needed to workaround the following build failures observed
across multiple build configs:
aarch64-none-elf-ld.bfd: BL31 init has exceeded progbits limit.
aarch64-none-elf-ld.bfd: /work/workspace/workspace/tf-worker_ws_2/trusted_firmware/build/fvp/debug/bl31/bl31.elf section coherent_ram will not fit in region RAM
aarch64-none-elf-ld.bfd: BL31 image has exceeded its limit.
aarch64-none-elf-ld.bfd: region RAM overflowed by 4096 bytes
Change-Id: Idfab539e9a40f4346ee11eea1e618c97e93e19a1
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Pass NS-load address as ~0UL to the 'set_config_info' function while
updating FW_CONFIG device tree information since it is always loaded
into secure memory.
Change-Id: I64e8531e0ad5cda63f14d838efb9da9cf20beea8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Pass NS-load address as ~0UL to the 'set_config_info' function while
updating FW_CONFIG device tree information since it is always loaded
into secure memory.
Change-Id: Ia33adfa9e7b0392f62056053a2df7db321a74e22
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
* changes:
Revert "feat(sgi): deviate from arm css common uart related defi..."
Revert "feat(sgi): route TF-A logs via secure uart"
Revert "feat(sgi): add page table translation entry for secure uart"
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Change-Id: I28a370dd8b3a37087da621460eccc1acd7a30287
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Change-Id: I7c488aed9fcb70c55686d705431b3fe017b8927d
Revert submission 14286-uart_segregation
Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.
Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...
Change-Id: I9bec02496f826e184c6efa643f869b2eb3b52539
Updating call order for arm_console_boot_init() and arm_bl31_early_platform_setup().
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: If932fff2ee4282a0aacf8751fa81e7665b886467
Add page table translation entry for secure uart so that logs from
secure partition can be routed via the same.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I8574b31d5d138d9f94972deb903124f8c5b70ce4
Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the PE is in when logs are put out. In addition to this,
this allows consolidation of the UART related macros across all the
variants of the Neoverse reference design platforms.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I8896ae05eaedf06dead520659375af0329f31015
The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the board
specific macros defined in the common Arm platform code will no longer
be usable for Neoverse reference design platforms.
In preparation for migrating to a different set of UART ports, add a
Neoverse reference design platform specific copy of the board
definitions. The value of these definitions will be changed in
subsequent patches.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I39170848ecd81a7c1bbd3689bd905e45f9435f5c
Remove reserved range for platform provider owned SPs if the dual root
CoT is disabled and allow SPs to populate the range up to MAX_SP_IDS.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ib4ec18f6530d2515ada21d2c0c388d55aa479d26
Following I2d274fa897171807e39b0ce9c8a28824ff424534:
Remove GICD registers S2 mapping from OP-TEE partition when it runs in a
secure partition on top of Hafnium.
The partition is not meant to access the GIC directly but use the
Hafnium provided interfaces.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1a38101f6ae9911662828734a3c9572642123f32
Platforms which support Realm world cannot boot up
properly if measured boot is enabled at build time.
An assertions occurs due to the missing RMM entry
in the event_log_metadata array.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I172f10a440797f7c9e1bc79dc72242b40c2521ea
Currently only the lowest 2 DRAM region were configured in the
TrustZone Controller, but the platform supports 6 regions spanning the
whole address space.
Configuring all of them to allow tests to access memory also in those
higher memory regions.
FVP memory map:
https://developer.arm.com/documentation/100964/1116/Base-Platform/Base---memory/Base-Platform-memory-map
Note that last row is wrong, describing a non-existing 56bit address,
all region labels should be shifted upward.
Issue has been reported and next release will be correct.
Change-Id: I695fe8e24aff67d75e74635ba32a133342289eb4
Signed-off-by: Federico Recanati <federico.recanati@arm.com>
Add initial support for RD-Edmunds platform. This platform is considered
as a variant of RD-N2 platform with only major change being the CPU
which is Demeter instead of Neoverse-N2.
Signed-off-by: Tony K Nadackal <tony.nadackal@arm.com>
Change-Id: I939d9eac652fa9e76ad002ee5e6107aa79baa013
Secure enclave decides the boot bank based on the firmware update
state of the system and updates the boot bank information at a given
location in the flash. In this commit, bl2 reads the given flash
location to indentify the bank from which it should load fip from.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I7f0f4ffc97189c9deb99db44afcd966082ffbf21
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: Ieaabe09374d707de18d36505c69b6c9a8c2ec2e9
This change implements platform specific psci reset
for the corstone1000.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I25f77234506416c3376ff4a028f6ea40ebe68437
These changes are required to accommodate 3MB for OP-TEE and this
is required for SP's part of optee
Added size macro's for better readability of the code
Moved uboot execution memory from CVM to DDR
Change-Id: I16657c6e336fe7c0fffdee1617d10af8a2c76732
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
diphda platform is now being renamed to corstone1000.
These changes are to replace all the instances and traces
of diphda corstone1000.
Change-Id: I330f3a112d232b99b4721b6bf0236253b068dbba
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Add board support for variant 2 of RD-N2 platform which is a four chip
variant with 4 cores on each chip. The "CSS_SGI_PLATFORM_VARIANT" value
is 2 for multi-chip variant. The "CSS_SGI_CHIP_COUNT_MACRO" can be in
the range [1, 4] for multi-chip variant.
Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
Change-Id: I6412106e80e2f17704c796226c2ee9fe808705ba
The Event Log sources are added to the source-list of BL1 and BL2
images in the Event Log Makefile. It doesn't seem correct since
some platforms only compile Event Log sources for BL2.
Hence, moved compilation decision of Event Log sources to the
platform makefile.
Change-Id: I1cb96e24d6bea5e091d08167f3d1470d22b461cc
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This patch adds the basic CPU library code to support the Poseidon CPU
in TF-A. Poseidon is derived from HunterELP core, an implementation of
v9.2 architecture. Currently, Hunter CPU the predecessor to HunterELP,
is supported in TF-A. Accordingly the Hunter CPU library code has been
as the base and adapted here.
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: I406b4de156a67132e6a5523370115aaac933f18d
The metadata structure copy is passed to the platform routine to set
the image source to boot the platform from. This is done by reading
the metadata structure. Pass the metadata as a read-only copy to the
routine -- the routine only needs to consume the metadata values and
should not be able to update the metadata fields.
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Change-Id: I399cad99ab89c71483e5a32a1de0e22df304f8b0
Total Compute has ETE and TRBE tracing components and they have
to be enabled to capture the execution trace of the processor.
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: I3c86c11be2c655a61ecefa3eb2e4e3951577a113
As Measured-Boot and Trusted-Boot are orthogonal, removed
Trusted-Boot's dependency on Measured-Boot by allowing them
to apply the Crypto module changes independently using the
CRYPTO_SUPPORT build flag.
Change-Id: I5a420e5d84f3fefe0c0092d822dab981e6390bbf
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This patch includes the errata workaround for erratum
1868343 for the Morello platform.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Change-Id: Ifea8148e10946db2276560f90bf2f32bf12b9dcc
Cortex X2 erratum 2083908 is a Cat B erratum present in the Cortex
X2 core. It applies to revision r2p0 and is still open.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775100
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Id9dca2b042bf48e75fb3013ab37d1c5925824728
SoC UART1 is internally connected to MCP UART1 so this
cannot be used as AP runtime UART instead we use the
IOFPGA UART0 as the AP runtime UART.
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: Iecefb0d2cb875b3ecf97e0983b06f6e914835021
This patch adds support to load nt_fw_config
with the information from plat_info sds
structure which is then passed from BL2 to BL33.
Signed-off-by: sah01 <sahil@arm.com>
Change-Id: I2242da7404c72a4f9c2e3d7f3b5c154890a78526
Different platform_info sds struct definition will be used
for fvp and soc.
Signed-off-by: sahil <sahil@arm.com>
Change-Id: I92f0e1b2d0d755ad0405ceebfeb78d6e4c67013d
This patch adds all SOC and FVP related changes required to boot
a standard TBBR style boot on Morello.
Signed-off-by: sahil <sahil@arm.com>
Change-Id: Ib8f7f326790b13082cbe8db21a980e048e3db88c
Based on the SCC configuration value obtained from the SDS
platform information structure configure DMC-Bing Server or
Client mode after zeroing out the memory.
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: I0555fa06c9c1906264848f4e32ca413b4742cdee
For Morello SoC, we use ECC capability for the RDIMMs
which require the entire DDR memory space to be zeroed
out before it can be accessed.
Change-Id: Icbe9916f9a2d3c4ce839d8bf7f867efa18f33e23
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
The same folder "plat/arm/board/morello" is going to be
used by both Morello FVP and Morello SoC platforms.
TARGET_PLATFORM build flag has been introduced to
differentiate between the two platforms
Change-Id: I3e94da372a3f1ba810b4259b85dd4c204306c359
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
There might be several platforms which use the
TARGET_PLATFORM build option to differentiate the code
between the platform variants.
Use of TARGET_PLATFORM in the common code leads to build
failures instead use PLAT build option.
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: I9724caf875bd56225e035ecffa8b9ca1a50d3401
Implemented a platform function 'plat_mboot_measure_critical_data' to
measure critical data and record its measurement using the Event Log
driver.
'bl2_plat_mboot_finish' function invokes this platform function
immediately after populating the critical data.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia198295c6e07ab26d436eab1ff90df2cf28303af
It doesn't look correct to use mbed TLS defines directly in the Event
Log driver as this driver may use another Crypto library in future.
Hence mbed TLS Crypto dependency on Event Log driver is removed by
introducing generic Crypto defines and uses those in the Event Log
driver to call Crypto functions.
Also, updated mbed TLS glue layer to map these generic Crypto defines
to mbed TLS library defines.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibc9c751f60cbce4d3f3cf049b7c53b3d05cc6735
