pm_ipi.h needs some definitions from stddef.h so include it.
Currently it is working because required file is included
indirectly due to other includes.
Signed-off-by: Rajan Vaja <rajan.vaja@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: Ic4a6c469c3152e21eaeb365ba96f3a29f14593bf
Add missing space in one line comment to follow common coding style.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: Idebf8f34bf48444ee20a68ac3e6fd7f5a41bf8b0
%p is already printing value in hex that's why 0x prefix is not needed.
Origin message looks like this
"NOTICE: Can't read DT at 0x0x100000"
and after fixing
"NOTICE: Can't read DT at 0x100000"
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: If83c485a61441f6105d8cbd797f04060dfce2817
Fix some Misra-C violations. The similar fixes were done by commit
eb0d2b1772 ("fix(zynqmp): resolve misra R15.6 warnings") and commit
dd1fe7178b ("fix(zynqmp): resolve misra R14.4 warnings").
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: I3ffa92724a09871f7f99c9ac6c326994c165e9bd
GICD reg write must complete before core goes to idle
mode. Achieve this with dsb() barrier instruction in IPI
ISR
Signed-off-by: Tanmay Shah <tanmay.shah@amd.com>
Change-Id: I5af42ca901567ee5e54a5434ebe3e673a92cb9be
The commit 389594dfa7 ("fix(zynqmp): move bl31 with DEBUG=1 back to OCM")
tried to move address to OCM but address was actually out of OCM and likely
it was typo. Correct default address should be 0xfffe5000. If TF-A size is
bigger please select location DDR which should be fine for DEBUG cases.
Reported-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: I055f3a59cdca527f6029fcc2a19d76be35924d24
Update TZ_VERSION macro name to generic macro name and move to
common header file so that it can be used for keystoneb.
Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@xilinx.com>
Acked-by: Tanmay Shah <tanmay.shah@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: Ic3819eea78b6c7b51ffaa13081026dd191b76125
Only one hardcode interrupt handler is supported as of now.
This is IPI interrupt between APU and PMC processor.
This patch adds infrastructure to register multiple interrupt
handlers. This infrastructure was used and tested for two
interrupts and so, interrupt id and handler container size is
2 which is defined by MAX_INTR_EL3. Interrupt id is not used
as container index due to size constraints. User is expected to
adjust MAX_INTR_EL3 based on how many interrupts are handled in
TF-A
Signed-off-by: Tanmay Shah <tanmay.shah@amd.com>
Change-Id: Id49d94f6773fbb6874ccf89c0d12572efc7e678e
PM_FEATURE_CHECK is supported only for platform
management API. PM_LOAD_PDI command is not intended
for platform management. This patch removes version
check of PM_LOAD_PDI and adds version check of command
that is used for SGI registartion.
Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>
Change-Id: I353163109b639acab73120f405a811770e8831a0
Some registers of MSDC need to be set in ATF, so we add MSDC drivers.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: Idde51a136ad08dbaece0bdaa804b934fca7046b6
- MTK_SIP_KERNEL_DFD can be moved to mtk_sip_def.h.
- Remove unused MTK_SIP_* definations which are already defined in
mtk_sip_def.h.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: Ife8f1e842d986691488548632426f194199d42b9
Renesas platform does not support crypto, but mbedtls_common.mk
is still included in its makefile. Therefore, this inclusion
was removed to avoid un-necessary compilation of mbedTLS source.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib6978255e39a7f5d5013952841930ae68b12c318
When putting FIP binary in eMMC boot partition (with STM32MP_EMMC_BOOT),
the FIP max size should be precised. If it is not, an assert fails in
io_block driver, as cur->size will be zero.
For this length, we then use the size of the eMMC boot partition minus
STM32MP_EMMC_BOOT_FIP_OFFSET.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I48b7635cff64f52d4b337a4c8c3becd9a0be72e8
* changes:
fix(n1sdp): mapping Run-time UART to IOFPGA UART0
fix(n1sdp): add numa node id for pcie controllers
fix(n1sdp): replace non-inclusive terms from dts file
* changes:
feat(stm32mp1): allow to override MTD base offset
feat(stm32mp1): manage second NAND OTP on STM32MP13
feat(stm32mp1): add define for external scratch buffer for nand devices
feat(mtd): add platform function to allow using external buffer
feat(libc): introduce __maybe_unused
* changes:
feat(mt8188): add pinctrl support
feat(mt8188): add RTC support
feat(mt8188): add pmic and pwrap support
refator(mediatek): move pmic.[c|h] to common folder
refator(mediatek): move common definitions of pmic wrap to common folder
feat(mt8188): add IOMMU enable control in SiP service
feat(mt8188): add display port control in SiP service
fix(mediatek): use uppercase for definition
feat(mediatek): move dp drivers to common folder
feat(mediatek): move mtk_cirq.c drivers to cirq folder
feat(mt8188): initialize GIC
feat(mt8188): initialize systimer
feat(mt8188): initialize platform for MediaTek MT8188
refator(mediatek): remove unused files
refator(mediatek): move drivers folder in common to plat/mediatek
feat(mediatek): support coreboot BL31 loading
TEST=build pass.
BUG=b:233720142
Signed-off-by: Song Fan <ot_song.fan@mediatek.corp-partner.google.com>
Change-Id: I348eff0f53341593f74a63780e2e8298cbc3ec88
Add PWRAP and PMIC driver to support power-off.
TEST=build pass.
BUG=b:233720142
Signed-off-by: Hui Liu <hui.liu@mediatek.corp-partner.google.com>
Change-Id: Id9951134925f6cb5f8d304a7b8e7901837809bd9
These two files are identical on MT8192 and MT8195. They can also be
used on MT8188. So move them to common/drivers/pmic/.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I8c12d15f1da79ab5767ac02b3ab70e8508155ee8
Some definitions can be shared among mt8192, mt8195, and
mt8186, so move them to pmic_wrap_init_common.h.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I992b61a47a84039fe8c246e2ff75721c57ee41a5
Add SiP service for multimedia & infra master to enable/disable
MM & INFRA IOMMU in secure world
TEST=build pass
BUG=b:236339614
Signed-off-by: Chengci Xu <chengci.xu@mediatek.corp-partner.google.com>
Change-Id: I4eb1fda6044cf2cb6c22c005cb2fa550906b71e9
MTK display port mute/unmute control registers need to be
set in secure world.
TEST=build pass
BUG=b:236331724
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I0aa0675f07c80aab4349493bfbb0782bf0bbef58
Display port driver can be reused, so we move it to common/drivers.
TEST=build mt8195 pass
BUG=b:233720142
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I58c7b41ba3ad653cdf6f6fbae6778abfd7e950a9
To use cirq drivers more easier, we place mtk_cirq.c and mtk_cirq.h
to common/drivers/cirq.
We also rename mtk_cirq.c/h to mt_cirq.c/h for consistency with other
driver folders.
TEST=build pass for mt8192/mt8195/mt8186
BUG=b:236331724
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I71bc442f00b16fb4031260937982c0496fcaaea0
We do not use oem_svc.[c|h], so remove them.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I0afb64d997cf4e23063f4fa2226e8d2649d22574
We plan to put some soc related drivers in common/drivers. To reduce
confision, we move them to plat/mediatek.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I6b344e660f40a23b15151aab073d3045b28f52aa
Currently the Run-time UART is mapped to AP UART1 which is internally
routed to MCP UART1, so unsharing it from AP UART1 and mapping it to
IOFPGA UART0 for exclusiveness among the usage of the UARTs.
Signed-off-by: Himanshu Sharma <Himanshu.Sharma@arm.com>
Change-Id: I366740a971a880decf0d373e9055e7ebda5df53a
* ASM files are renamed to have public IP names in their filename.
* updated other files to include ASM filename changes.
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: Ie899c512b11fd7c4312e3a808bb6b9d2376cdb8c
The ChromeOS project uses Coreboot as BL2 instead of MediaTek regular
bootloader, so we use COREBOOT flag to support Coreboot boot flow.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: I45e95ea51e90158187452eba52fc58090d1c60a4
The J784S4 SoC has two quad Cortex-A72 core clusters. This is the first
SoC in the K3 family with Quad cores in a A-72 cluster. So, a new board
configuration is introduced to support quad core clusters on the J784S4
SoC of the K3 family of devices.
See J784S4 Technical Reference Manual (SPRUJ52 - JUNE 2022)
for further details: http://www.ti.com/lit/zip/spruj52
Signed-off-by: Hari Nagalla <hnagalla@ti.com>
Change-Id: I0ed1f14ab32a56ae06e3df3161ace4597d14a48d
Implement mandatory platform port functions. Receive
boot arguments from bl2, populate bl33 and bl32 image
entry structs, call each MTK initcall levels
in these mandatory platform port functions.
After bl31_main exit and handover to 2nd boot loader,
mtk bl33 issues SMC and traps to TF-A to execute boot_to_kernel
and then handover to Linux kernel.
Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: I8d5a3511668fc749c4c71edf1ac700002cb5a9c8
To modularize SMC handler, provide macro function in mtk_sip_svc.h.
Drivers register SMC name with value in mtk_sip_def.h, and bind the SMC
handler with the SMC ID by calling DECLARE_SMC_HANDLER macro.
MTK_SIP_SMC_FROM_BL33_TABLE expand the SMC table as switch-case table
statically. DECLARE_SMC_HANDLER wrap SMC handlers with a structure and
put in a section.
During cold boot initialization, in MTK_EARLY_PLAT_INIT level parse the
section to assign each handler with an index. Each SMC request can be
identified with switch-case and take the index to call into
corresponding SMC handler.
Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: I03da212c786de0ec0ea646ba906065ecfcd82571
Provide six initcall levels for drivers/modules initialize HW
controllers or runtime arguments during cold boot.
The initcall level cold boot execution order:
-MTK_EARLY_PLAT_INIT
Call before MMU enabled.
-MTK_ARCH_INIT
MMU Enabled, arch related init(GiC init, interrupt type registration).
-MTK_PLAT_SETUP_0_INIT
MTK driver init level 0.
-MTK_PLAT_SETUP_1_INIT
MTK driver init level 1.
-MTK_PLAT_RUNTIME_INIT
MTK driver init. After this initcall, TF-A handovers to MTK 2nd
bootloader.
-MTK_PLAT_BL33_DEFER_INIT
MTK 2nd bootloader traps to TF-A before handover to rich OS.
This initcall executed in the trap handler(boot_to_kernel).
Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: Icd7fe95372441db73c975ccb6ce77a6c529df1cc
Manage MTK SiP SMC ID with macros for 32/64 bit and
function declaration code generation.
Partition SMC ID with different exception level sources.
Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: I8966cd94f0d825e7ebae08833d2bd9fceedfd45e
Leverage pubsub event framework to customize vendor's
event for better software modularization instead of adding
call entries in abstraction layer for customized platform function
with wrap-up define.
Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: I48be2303c45f759776fa2baa1c21130c1a8f0fa3
Add an external parameter STM32MP_FORCE_MTD_START_OFFSET that allows to
override the default FIP offset used to read the first programmed image.
It can be used for NOR, RAW_NAND or SPI_NAND boot device.
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Change-Id: Ibe664aae0e5ee90dd6629e544c9e034d751fffed
On STM32MP13, 2 OTP fuses can be used to configure NAND devices.
By default OTP CFG9 is used for sNAND. A new OTP (CFG10) is used
to configure raw NAND. Thanks to bit 0 of CFG10 OTP, this default
configuration can be switched.
For sNAND on STM32MP13, the NAND_PARAM_STORED_IN_OTP is not used.
The sNAND parameters have to be taken from OTP bits.
Change-Id: Ib95e0f9b9e66179a58b07f723ea01dce68b96475
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Override the default platform function to use an external buffer
on STM32MP13 platform.
It allows to use a temporary buffer located at the SRAM1 memory end.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ibd84bb336c60af24608268916b3a18bb5a0fa3db
* changes:
feat(tsp): enable test cases for EL3 SPMC
feat(tsp): increase stack size for tsp
feat(tsp): add ffa_helpers to enable more FF-A functionality
Currently, the AFIFM6_WRCTRL bus-width configuration is not happening
correctly due to the wrong register write mask value. To fix this issue
updated the mask value handling logic.
Signed-off-by: Nava kishore Manne <nava.kishore.manne@amd.com>
Signed-off-by: Akshay Belsare <Akshay.Belsare@amd.com>
Acked-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com>
Change-Id: I8443c369a84339018310cfb6cd498d21474da3e4
Add an example manifest for the EL3 SPMC on the FVP Platform
that allows booting the TSP example partition.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ie7f40328e0313abb5b1a121dfdc22a5f7387587f
Signed-off-by: Shruti Gupta <shruti.gupta@arm.com>
The new SoC version for STM32MP13 is the revision Y. The register
SYSCFG_IDC is updated for this new version with the value 0x1003.
The function stm32mp_get_soc_name() should also be updated to manage
this new SoC revision.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I4f2fa5f1503f17db93d8413c79c2b7a18d279f9b
This flag allows switching to High-Speed mode on SD-cards.
The gain is ~44ms when using SP_min, and ~55ms with OP-TEE.
Change-Id: Ic396c6a14201580b5e5627e6174b85b437b87cae
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Increases the SRAM to a full 1MB and also increase BL31 size to have
room to spare for debugging.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I584f9d409a1f653a3dfc7cf2b95706ada367c70e
Currently Tf-A uses whatever openssl binary is on the system to sign
images. However if OPENSSL_DIR is specified in the build flags this can
lead to linking issues as the system binary can end up being linked
against shared libraries provided in OPENSSL_DIR/lib if both binaries
(the system's and the on in OPENSSL_DIR/bin) are the same version.
This patch ensures that the binary used is always the one given by
OPENSSL_DIR to avoid those link issues.
Signed-off-by: Salome Thirot <salome.thirot@arm.com>
Change-Id: Ib534e06ebc8482e4391e376d3791a87968de4a99
Next line should be aligned with the previous code.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: I20d82ba5fa70fa252341b62e57fac265241f3391
Use only one space between #define and macro name.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Change-Id: Ieb9bdd5bcfa56bd265df72692a09c7340fe132cb
* changes:
feat(stm32mp1): retrieve FIP partition by type UUID
feat(guid-partition): allow to find partition by type UUID
refactor(stm32mp1): update PLAT_PARTITION_MAX_ENTRIES
MISRA Violation: MISRA-C: 2012 R.10.1
-The operand to the operator does not have an essentially
unsigned type.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I4873a620086dfd6f636fe730165a9d13a29e9652
MISRA Violation: MISRA-C:2012 R.4.6
- Using basic numerical type int rather than a typedef
that includes size and signedness information.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: Ieff90b5311a3bde8a2cb302ca81c23eeee6d235a
When configuration option ZYNQMP_SECURE_EFUSES is defined then Xilinx
ZynqMP's PS eFuses can only be accesses from secure state.
This enables eFuses to be reserved and protected only for security use
cases for example in OP-TEE.
Change-Id: I866905e35ce488f50f5f6e1b4667b08a9fa2386d
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
fix to support ARM CPU errata based on core used.
Signed-off-by: Saurabh Gorecha <quic_sgorecha@quicinc.com>
Change-Id: If1a438f98f743435a7a0b683a32ccf14164db37e
This patch gathers miscellaneous minor fixes to the xilinx
platforms like tabs for indentation and misra 10.1 warnings.
Signed-off-by: Michal Simek <michal.simek@amd.com>
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I4cdb89ffec7d5abc64e065ed5b5e5d10b30ab9f9
These changes are to add support for loading and booting
OP-TEE as SPMC running at SEL1 for N1SDP platform.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I0514db646d4868b6f0c56f1ea60495cb3f7364fd
TF-A doesn't configure clock on Versal. Setup is done by previous
bootloader (called PLM) that's why there is no need to have macro listed in
headers. Also previous phase can disable access to these registers that's
why better to remove them.
Change-Id: I53ba344ad932c532b0babdce9d2b26e4c2c1b846
Signed-off-by: Michal Simek <michal.simek@amd.com>
Added a platform support to use tc2 specific CPU cores.
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: Ib76d440e358e9bd1cf80aec5b8591f7a6e47ecbd
Change [1] is specific to TC2 model and breaks former TC0/TC1 test
configs.
BL1 start address is 0x0 on TC0/TC1 and 0x1000 from TC2 onwards.
Fix by adding conditional defines depending on TARGET_PLATFORM build
flag.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/15917
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I51f77e6a61ca8eaa6871c19cabe9deb1288f5a9d
MISRA Violation: MISRA-C:2012 R.10.1
-The operand to the operator does not have an essentially unsigned type.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I9cde2f1ebceaad8a41c69489ef1d2e6f21f04ed1
- move base register definition to platform_def.h for maintenance.
- SSPM_MBOX_3_BASE is redefined, use SSPM_MBOX_BASE instead.
Signed-off-by: Yidi Lin <yidilin@chromium.org>
Change-Id: Ibb0291ce7b7426068392e90bd70f29d1a90d5297
Locate BL1 at 0x1000 to compensate for the MCUBoot
header size.
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I30a5ccf8212786479bff8286f3d0abb9dec4b7d0
Use the IPI command GET_HANDOFF_PARAM to get the TF-A handoff
params, rather than using the PLM's PPU RAM area. With this
approach this resolves the issue when XPPU is enabled.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: I6828c391ad696d2d36e994684aa21b023711ba2d
Move the ATF handoff structure from the plat_startup.c to the
header file plat_startup.h, as these can be used by the platform code.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: Ifb425d444eb65fe8648952d2ff64d4e92c2b340a
Move the payload and module ID macros from the pm_api_sys.c file and
add it in the header file, as these macros can be used other than PM.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: I678444b79ac3799a82bd93915e4639b3babf5fb9
* changes:
feat(imx8m): keep pu domains in default state during boot stage
feat(imx8m): add the PU power domain support on imx8mm/mn
feat(imx8m): add the anamix pll override setting
feat(imx8m): add the ddr frequency change support for imx8m family
feat(imx8mn): enable dram retention suuport on imx8mn
feat(imx8mm): enable dram retention suuport on imx8mm
feat(imx8m): add dram retention flow for imx8m family
Added debug logs to show the reason behind skipping firmware
configuration loading, and also a few debug strings were corrected.
Additionally, a panic will be triggered if the configuration sanity
fails.
Change-Id: I6bbd67b72801e178a14cbe677a8831b25a907d0c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The value of the macro CSS_SGI_REMOTE_CHIP_MEM_OFFSET can be different
across all the Neoverse reference design platforms. This value depends
on the number of address bits used per chip. So let all platforms define
CSS_SGI_ADDR_BITS_PER_CHIP which specifies the number of address bits
used per chip.
In addition to this, reuse the definition of CSS_SGI_ADDR_BITS_PER_CHIP
for single chip platforms and CSS_SGI_REMOTE_CHIP_MEM_OFFSET for multi-
chip platforms to determine the maximum address space size. Also,
increase the RD-N2 multi-chip address space per chip from 4TB to 64TB.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: If5e69ec26c2389304c71911729d4addbdf8b2686
The EL3 runtime firmware has been running from internal trusted
SRAM space on the Morello platform. Due to unavailability of tag
support for the internal trusted SRAM this becomes a problem if
we enable capability pointers in BL31.
To support capability pointers in BL31 it has to be run from the
main DDR memory space. This patch updates the Morello platform
configuration such that BL31 is loaded and run from DDR space.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Change-Id: I16d4d757fb6f58c364f5133236d50fc06845e0b4
MISRA Violation: MISRA-C:2012 R.10.1
1) The expression of non-boolean essential type is being interpreted as a
boolean value for the operator.
2) The operand to the operator does not have an essentially unsigned type.
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I97bbc056f4fee167742429e144144ba793bf77b3
On STM32MP13, USART1 and USART2 addresses are 0x4C000000 and 0x4C001000.
Whereas on STM32MP15, the addresses were 0x5C000000 and 0x4000E000.
Use dedicated flags to choose the correct address, that could be use
for early or crash console.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I98bd97a0ac8b0408a50376801e2a1961b241a3d6
U-Boot is loaded at the beginning of the DDR:
STM32MP_DDR_BASE = 0xC0000000.
This patch remove the need to use the 0x100000 offset, reserved
on STM32MP15 for flashlayout.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Change-Id: I8d0a93f4db411cf59838e635a315c729cccee269
Modify the function to retrieve the FIP partition looking
the UUID type define for FIP. If not defined, compatibility
used to find the FIP partition by name.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: I76634dea891f51d913a549fb9a077cf7284d5cb2
Fix the maximum partition number to a default value. It must
also take care of the extra partition when FWU feature is enabled.
Change-Id: Ib64b1f19f1f0514f7e89d35fc367facd6df54bed
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
* changes:
docs(rmmd): document EL3-RMM Interfaces
feat(rmmd): add support to create a boot manifest
fix(rme): use RMM shared buffer for attest SMCs
feat(rmmd): add support for RMM Boot interface
This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I1374f8f9cb207028f1820953cd2a5cf6d6c3b948
Use the RMM shared buffer to attestation token and signing key SMCs.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I313838b26d3d9334fb0fe8cd4b229a326440d2f4
This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, among others, to pass a boot manifest to RMM. The buffer is
composed a single memory page be used by a later EL3 <-> RMM interface
by all CPUs.
The RMM boot manifest is not implemented by this patch.
In addition to that, this patch also enables support for RMM when
RESET_TO_BL31 is enabled.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I855cd4758ee3843eadd9fb482d70a6d18954d82a
According to Arm CCA security model [1],
"Root world firmware, including Monitor, is the most trusted CCA
component on application PE. It enforces CCA security guarantees for
not just Realm world, but also for Secure world and for itself.
It is expected to be small enough to feasibly fit in on-chip memory,
and typically needs to be available early in the boot process when
only on-chip memory is available."
For these reasons, it is expected that "monitor code executes entirely
from on-chip memory."
This precludes usage of ARM_BL31_IN_DRAM for RME-enlightened firmware.
[1] Arm DEN0096 A.a, section 7.3 "Use of external memory by CCA".
Change-Id: I752eb45f1e6ffddc7a6f53aadcc92a3e71c1759f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
On STM32MP15, there is currently an OP-TEE shared memory area at the end
of the DDR. But this area will in term be removed. To allow a smooth
transition, a new flag is added (STM32MP15_OPTEE_RSV_SHM). It reflects
the OP-TEE flag: CFG_CORE_RESERVED_SHM. The flag is enabled by default
(no behavior change). It will be set to 0 when OP-TEE is aligned, and
then later be removed.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I91146cd8a26a24be22143c212362294c1e880264
* changes:
feat(synquacer): add FWU Multi Bank Update support
feat(synquacer): add TBBR support
feat(synquacer): add BL2 support
refactor(synquacer): move common source files
Add FWU Multi Bank Update support. This reads the platform metadata
and update the FIP base address so that BL2 can load correct BL3X
based on the boot index.
Cc: Sumit Garg <sumit.garg@linaro.org>
Cc: Masahisa Kojima <masahisa.kojima@linaro.org>
Cc: Manish V Badarkhe <manish.badarkhe@arm.com>
Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org>
Change-Id: I5d96972bc4b3b9a12a8157117e53a05da5ce89f6
Signed-off-by: Masami Hiramatsu <masami.hiramatsu@linaro.org>
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
Prepare for introduction of BL2 support by moving
reusable files from BL31_SOURCES into PLAT_BL_COMMON_SOURCES
Cc: Sumit Garg <sumit.garg@linaro.org>
Cc: Masahisa Kojima <masahisa.kojima@linaro.org>
Cc: Manish V Badarkhe <manish.badarkhe@arm.com>
Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org>
Change-Id: I21137cdd40d027cfa77f1dec3598ee85d4873581
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
Introduce a functionality for saving/restoring boot auth status
and partition used for booting (FSBL partition on which the boot
was successful).
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Change-Id: I4d7f153b70dfc49dad8c1c3fa71111a350caf1ee
No need to keep all PU domains on as the full power domain driver
support has been added.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: Iec22dcabbbfe3f38b915104a437d396d7b1bb2d8
Add PLL power down override & bypass support when
system enter DSM mode.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I50cd6b82151961ab849f58714a8c307d3f7f4166
* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build(tbbr): drive cert_create changes for cca CoT
refactor(arm): add cca CoT certificates to fconf
feat(fiptool): add cca, core_swd, plat cert in FIP
feat(cert_create): define the cca chain of trust
feat(cca): introduce new "cca" chain of trust
build(changelog): add new scope for CCA
refactor(fvp): increase bl2 size when bl31 in DRAM
STM32MP13 can encrypt the DDR. OP-TEE is then fully in DDR, and there
is no need for paged image on STM32MP13. The management of the paged
OP-TEE is made conditional, and will be kept only for STM32MP15.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I85ac7aaf6a172c4ee529736113ed40fe66835fd7
Increase the size of bl31 image by 52K to accomodate increased size of
xlat table.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ic3a8d8be1104adf48d22aa829e2197f710b6b666
Add support to read the list of isolated CPUs from SDS and publish this
list via the non-trusted firmware configuration file for the next stages
of boot software to use.
Isolated CPUs are those that are not to be used on the platform for
various reasons. The isolated CPU list is an array of MPID values of the
CPUs that have to be isolated.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I4313cf025f4c9e9feffebca2d35b259f5bafce69
Add a new property named 'isolated-cpu-list' to list the CPUs that are
to be isolated and not used by the platform. The data represented by
this property is formatted as below.
strutct isolated_cpu_mpid_list {
uint64_t count;
uint64_t mpid_list[MAX Number of PE];
}
Also, the property is pre-initialized to 0 to reserve space for the
property in the dtb. The data for this property is read from SDS and
updated during boot. The number of entries in this list is equal to the
maximum number of PEs present on the platform.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I4119f899a273ccbf8259e0d711d3a25501c7ec64
* changes:
feat(sgi): add page table translation entry for secure uart
feat(sgi): route TF-A logs via secure uart
feat(sgi): deviate from arm css common uart related definitions
Add the TPM event log node to the SPMC manifest such that the TF-A
measured boot infrastructure fills the properties with event log address
for components measured by BL2 at boot time.
For a SPMC there is a particular interest with SP measurements.
In the particular case of Hafnium SPMC, the tpm event log node is not
yet consumed, but the intent is later to pass this information to an
attestation SP.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ic30b553d979532c5dad9ed6d419367595be5485e
Add page table translation entry for secure uart so that logs from
secure partition can be routed via the same.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I3416d114bcee13824a7d0861ee54fb799e154897
Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the PE is in when logs are put out. In addition to this,
this allows consolidation of the UART related macros across all the
variants of the Neoverse reference design platforms.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I417f5d16457b602c94da4c74b4d88bba03da7462
The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the board
specific macros defined in the common Arm platform code will no longer
be usable for Neoverse reference design platforms.
In preparation for migrating to a different set of UART ports, add a
Neoverse reference design platform specific copy of the board
definitions. The value of these definitions will be changed in
subsequent patches.
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I1ab17a3f02c8180b63be24e9266f7129beee819f
Pull in MbedTLS support for sha512 when greater than sha256 is required
based on refactoring for hash algorithm selection for Measured Boot.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I489392133435436a16edced1d810bc5204ba608f
Pull in MbedTLS support for sha512 when greater than sha256 is required
based on refactoring for hash algorithm selection for Measured Boot.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ib0ca5ecdee7906b41a0e1060339d43ce7a018d31
With RSS now introduced, we have 2 Measured Boot backends. Both backends
can be used in the same firmware build with potentially different hash
algorithms, so now there can be more than one hash algorithm in a build.
Therefore the logic for selecting the measured boot hash algorithm needs
to be updated and the coordination of algorithm selection added. This is
done by:
- Adding MBOOT_EL_HASH_ALG for Event Log to define the hash algorithm
to replace TPM_HASH_ALG, removing reference to TPM.
- Adding MBOOT_RSS_HASH_ALG for RSS to define the hash algorithm to
replace TPM_HASH_ALG.
- Coordinating MBOOT_EL_HASH_ALG and MBOOT_RSS_HASH_ALG to define the
Measured Boot configuration macros through defining
TF_MBEDTLS_MBOOT_USE_SHA512 to pull in SHA-512 support if either
backend requires a stronger algorithm than SHA-256.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I4ddf06ebdc3835beb4d1b6c7bab5a257ffc5c71a
By default placing bl31 to addrexx 0x1000 is not good. Because this
location is used by U-Boot SPL. That's why move TF-A back to OCM where it
should be placed. BL31_BASE address exactly matches which requested address
for U-BOOT SPL boot flow.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I608c1b88baffec538c6ae528f057820e34971c4c
The cca chain of trust involves 3 root-of-trust public keys:
- The CCA components ROTPK.
- The platform owner ROTPK (PROTPK).
- The secure world ROTPK (SWD_ROTPK).
Use the cookie argument as a key ID for plat_get_rotpk_info() to return
the appropriate one.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ieaae5b0bc4384dd12d0b616596596b031179044a
- Use the development PROTPK and SWD_ROTPK if using cca CoT.
- Define a cca CoT build flag for the platform code to provide
different implementations where needed.
- When ENABLE_RME=1, CCA CoT is selected by default on Arm
platforms if no specific CoT is specified by the user.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I70ae6382334a58d3c726b89c7961663eb8571a64
When using the new cca chain of trust, a new root of trust key is needed
to authenticate the images belonging to the secure world. Provide a
development one to deploy this on Arm platforms.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I9ea7bc1c15c0c94c1021d879a839cef40ba397e3
Adding support in fconf for the cca CoT certificates for cca, core_swd,
and plat key.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I8019cbcb7ccd4de6da624aebf3611b429fb53f96
Increase the space for BL2 by 0xC000 to accommodate the increase in size
of BL2 when ARM_BL31_IN_DRAM is set.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ifc99da51f2de3c152bbed1c8269dcc8b9100797a
* changes:
feat(stm32mp1): extend STM32MP_EMMC_BOOT support to FIP format
refactor(mmc): replace magic value with new PART_CFG_BOOT_PARTITION_NO_ACCESS
refactor(mmc): export user/boot partition switch functions
Instead of searching pinctrl node with its name, search with its
compatible. This will be necessary before pin-controller name changes
to pinctrl due to kernel yaml changes.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I00590414fa65e193c6a72941a372bcecac673f60
Add support for new xck24 device.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I913a34d5a48ea665aaa4348f573fc59566dd5a9b
