Update the path for firmware_image_package.h in firmware-design.md

Change-Id: Ic0a9b3c6d212e7171b37f944e11f079282dcce87
Signed-off-by: Summer Qin <summer.qin@arm.com>

FWU: Introduce FWU_SMC_IMAGE_RESET

This SMC is as a means for the image loading state machine to go from
COPYING, COPIED or AUTHENTICATED states to RESET state. Previously, this
was only done when t

FWU: Introduce FWU_SMC_IMAGE_RESET

This SMC is as a means for the image loading state machine to go from
COPYING, COPIED or AUTHENTICATED states to RESET state. Previously, this
was only done when the authentication of an image failed or when the
execution of the image finished.

Documentation updated.

Change-Id: Ida6d4c65017f83ae5e27465ec36f54499c6534d9
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

FWU: Check for overlaps when loading images

Added checks to FWU_SMC_IMAGE_COPY to prevent loading data into a
memory region where another image data is already loaded.

Without this check, if two im

FWU: Check for overlaps when loading images

Added checks to FWU_SMC_IMAGE_COPY to prevent loading data into a
memory region where another image data is already loaded.

Without this check, if two images are configured to be loaded in
overlapping memory regions, one of them can be loaded and
authenticated and the copy function is still able to load data from
the second image on top of the first one. Since the first image is
still in authenticated state, it can be executed, which could lead to
the execution of unauthenticated arbitrary code of the second image.

Firmware update documentation updated.

Change-Id: Ib6871e569794c8e610a5ea59fe162ff5dcec526c
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Remove `DISABLE_PEDANTIC` build option

It doesn't make sense to use the `-pedantic` flag when building the
Trusted Firmware as we use GNU extensions and so our code is not
fully ISO C compliant. Thi

Remove `DISABLE_PEDANTIC` build option

It doesn't make sense to use the `-pedantic` flag when building the
Trusted Firmware as we use GNU extensions and so our code is not
fully ISO C compliant. This flag only makes sense if the code intends to
be ISO C compliant.

Change-Id: I6273564112759ff57f03b273f5349733a5f38aef
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Introduce ARM GIC-600 driver

ARM GIC-600 IP complies with ARM GICv3 architecture, but among others,
implements a power control register in the Redistributor frame. This
register must be programmed t

Introduce ARM GIC-600 driver

ARM GIC-600 IP complies with ARM GICv3 architecture, but among others,
implements a power control register in the Redistributor frame. This
register must be programmed to mark the frame as powered on, before
accessing other registers in the frame. Rest of initialization sequence
remains the same.

The driver provides APIs for Redistributor power management, and
overrides those in the generic GICv3 driver. The driver data is shared
between generic GICv3 driver and that of GIC-600.

For FVP platform, the GIC-600 driver is chosen when FVP_USE_GIC_DRIVER
is set to FVP_GIC600. Also update user guide.

Change-Id: I321b2360728d69f6d4b0a747b2cfcc3fe5a20d67
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

show more ...

Merge pull request #949 from antonio-nino-diaz-arm/an/printf-memory

Reduce code size when building with Trusted Board Boot enabled

hikey: add hikey support

Add the description on hikey and how to build.

Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>

docs: Add note on how to build TF using clang or armclang

Change-Id: I92fd2fb920fcfc31bfcdadae787d8c84c5ca463b
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

Merge pull request #938 from masahir0y/tools_share

Collect headers shared between TF and host-tools into include/tools_share

mbedtls: Use `MBEDTLS_SHA256_SMALLER` in ARM platforms

This options enables an implementation of SHA-256 that has a smaller
code footprint (~1.6 KB less) but is also ~30% slower. For ARM
platforms,

mbedtls: Use `MBEDTLS_SHA256_SMALLER` in ARM platforms

This options enables an implementation of SHA-256 that has a smaller
code footprint (~1.6 KB less) but is also ~30% slower. For ARM
platforms, code size is currently considered more important than
execution speed in the mbed TLS crypto module.

Added a small note about this option to the documentation of the
authentication framework.

Change-Id: I4c0b221ea5d3466465261316ba07b627fa01b233
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

cert: move platform_oid.h to include/tools_share for all platforms

Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide a

cert: move platform_oid.h to include/tools_share for all platforms

Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).

For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.

The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h

Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Merge pull request #947 from davidcunado-arm/dc/update_userguide

Migrate to Linaro Release 17.01

Migrate to Linaro Release 17.01

This Linaro release updates just the binaries:

Linaro binaries upgraded 16.12 --> 17.01

The toolchain remains at 5.3-2015.05 (gcc 5.3) for both AArch64
and AArch32.

Migrate to Linaro Release 17.01

This Linaro release updates just the binaries:

Linaro binaries upgraded 16.12 --> 17.01

The toolchain remains at 5.3-2015.05 (gcc 5.3) for both AArch64
and AArch32.

The ARM TF codebase has been tested against these new binaries. This patch
updates the User Guide to reflect that the 17.01 release is now a supported
Linaro Release.

Change-Id: I83c579dabd3fa9861ba0d41507036efbd87abcb5
Signed-off-by: David Cunado <david.cunado@arm.com>

show more ...

Simplify assert() to reduce memory usage

The behaviour of assert() now depends on the value of the new optional
platform define `PLAT_LOG_LEVEL_ASSERT`. This defaults to `LOG_LEVEL` if
not defined b

Simplify assert() to reduce memory usage

The behaviour of assert() now depends on the value of the new optional
platform define `PLAT_LOG_LEVEL_ASSERT`. This defaults to `LOG_LEVEL` if
not defined by the platform.

- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_VERBOSE`, it prints the file
name, line and asserted expression.
- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_INFO`, it prints the file
name and line.
- If not, it doesn't print anything.

Note the old behaviour was to print the function name whereas now it
prints the file name. This reduces memory usage because the file name is
shared between all assert calls in a given file. Also, the default
behaviour in debug builds is to no longer print the asserted expression,
greatly reducing the string usage.

For FVP debug builds this change saves approximately:

No TBBR TBBR
BL1 1.6 KB 2.2 KB
BL2 1.7 KB 2.1 KB
BL31 2.6 KB 3.3 KB

Change-Id: I2947569d593df0b25611dc3c7a6096f42155c115
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #928 from davidcunado-arm/dc/update_userguide

Update AEM and Cortex Models versions

Merge pull request #927 from jeenu-arm/state-switch

Execution state switch

Update AEM and Cortex Models versions

AEMv8-A Model release v8.4 has been made available and Trusted Firmware
has been tested against these versions as part of its CI system. This
patch updates the

Update AEM and Cortex Models versions

AEMv8-A Model release v8.4 has been made available and Trusted Firmware
has been tested against these versions as part of its CI system. This
patch updates the user guide documentation to reflect the version of AEM
and Cortex Models that Trusted Firmware has been tested against.

Additionally, ARM FVPs FVP_Base_Cortex-A57x1-A53x1 and
FVP_Base_Cortex-A57x2-A53x4 are removed from the list of tested FVPs
as they are currently not being tested with the latest version of ARM
Trusted Firmware.

Also, documentation and links to Linaro pages have been updated to
reflect the changes in the ARM community document hosting.

Change-Id: Idae97303ce0929c82b137017de84ce94678f6f2b
Signed-off-by: David Cunado <david.cunado@arm.com>

show more ...

Introduce ARM SiP service to switch execution state

In AArch64, privileged exception levels control the execution state
(a.k.a. register width) of the immediate lower Exception Level; i.e.
whether t

Introduce ARM SiP service to switch execution state

In AArch64, privileged exception levels control the execution state
(a.k.a. register width) of the immediate lower Exception Level; i.e.
whether the lower exception level executes in AArch64 or AArch32 state.
For an exception level to have its execution state changed at run time,
it must request the change by raising a synchronous exception to the
higher exception level.

This patch implements and adds such a provision to the ARM SiP service,
by which an immediate lower exception level can request to switch its
execution state. The execution state is switched if the request is:

- raised from non-secure world;

- raised on the primary CPU, before any secondaries are brought online
with CPU_ON PSCI call;

- raised from an exception level immediately below EL3: EL2, if
implemented; otherwise NS EL1.

If successful, the SMC doesn't return to the caller, but to the entry
point supplied with the call. Otherwise, the caller will observe the SMC
returning with STATE_SW_E_DENIED code. If ARM Trusted Firmware is built
for AArch32, the feature is not supported, and the call will always
fail.

For the ARM SiP service:

- Add SMC function IDs for both AArch32 and AArch64;
- Increment the SiP service minor version to 2;
- Adjust the number of supported SiP service calls.

Add documentation for ARM SiP service.

Fixes ARM-software/tf-issues#436

Change-Id: I4347f2d6232e69fbfbe333b340fcd0caed0a4cea
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

show more ...

Update terminology: standard SMC to yielding SMC

Since Issue B (November 2016) of the SMC Calling Convention document
standard SMC calls are renamed to yielding SMC calls to help avoid
confusion wit

Update terminology: standard SMC to yielding SMC

Since Issue B (November 2016) of the SMC Calling Convention document
standard SMC calls are renamed to yielding SMC calls to help avoid
confusion with the standard service SMC range, which remains unchanged.

http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf

This patch adds a new define for yielding SMC call type and deprecates
the current standard SMC call type. The tsp is migrated to use this new
terminology and, additionally, the documentation and code comments are
updated to use this new terminology.

Change-Id: I0d7cc0224667ee6c050af976745f18c55906a793
Signed-off-by: David Cunado <david.cunado@arm.com>

show more ...

Merge pull request #898 from soby-mathew/sm/dcache-early

PSCI: Build option to enable D-Caches early in warmboot

Merge pull request #903 from antonio-nino-diaz-arm/an/build-xlat-v1

ARM platforms: Add option to use xlat tables lib v1

Remove build option `ASM_ASSERTION`

The build option `ENABLE_ASSERTIONS` should be used instead. That way
both C and ASM assertions can be enabled or disabled together.

All occurrences of `ASM_ASSE

Remove build option `ASM_ASSERTION`

The build option `ENABLE_ASSERTIONS` should be used instead. That way
both C and ASM assertions can be enabled or disabled together.

All occurrences of `ASM_ASSERTION` in common code and ARM platforms have
been replaced by `ENABLE_ASSERTIONS`.

ASM_ASSERTION has been removed from the user guide.

Change-Id: I51f1991f11b9b7ff83e787c9a3270c274748ec6f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Add `ENABLE_ASSERTIONS` build option

Add the new build option `ENABLE_ASSERTIONS` that controls whether or
not assert functions are compiled out. It defaults to 1 for debug builds
and to 0 for relea

Add `ENABLE_ASSERTIONS` build option

Add the new build option `ENABLE_ASSERTIONS` that controls whether or
not assert functions are compiled out. It defaults to 1 for debug builds
and to 0 for release builds.

Additionally, a following patch will be done to allow this build option
to hide auxiliary code used for the checks done in an `assert()`. This
code is is currently under the DEBUG build flag.

Assert messages are now only printed if LOG_LEVEL >= LOG_LEVEL_INFO,
which is the default for debug builds.

This patch also updates the User Guide.

Change-Id: I1401530b56bab25561bb0f274529f1d12c5263bc
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

PSCI: Build option to enable D-Caches early in warmboot

This patch introduces a build option to enable D-cache early on the CPU
after warm boot. This is applicable for platforms which do not require

PSCI: Build option to enable D-Caches early in warmboot

This patch introduces a build option to enable D-cache early on the CPU
after warm boot. This is applicable for platforms which do not require
interconnect programming to enable cache coherency (eg: single cluster
platforms). If this option is enabled, then warm boot path enables
D-caches immediately after enabling MMU.

Fixes ARM-Software/tf-issues#456

Change-Id: I44c8787d116d7217837ced3bcf0b1d3441c8d80e
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

show more ...

ARM platforms: Add option to use xlat tables lib v1

ARM platforms have migrated to the translation tables library v2.
However, for testing purposes, it can be useful to temporarily switch
back to th

ARM platforms: Add option to use xlat tables lib v1

ARM platforms have migrated to the translation tables library v2.
However, for testing purposes, it can be useful to temporarily switch
back to the old version.

This patch introduces the option `ARM_XLAT_TABLES_LIB_V1`, that switches
to v1 of the library when is set to 1. By default, it is 0, so that ARM
platforms use the new version unless specifically stated.

Updated User Guide.

Change-Id: I53d3c8dd97706f6af9c6fca0364a88ef341efd31
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...