Fix declarations of cache maintenance functions

Fix the parameter type of the maintenance functions of data cache.

Add missing declarations for AArch32 versions of dcsw_op_louis and
dcsw_op_all to

Fix declarations of cache maintenance functions

Fix the parameter type of the maintenance functions of data cache.

Add missing declarations for AArch32 versions of dcsw_op_louis and
dcsw_op_all to match the AAch64 ones.

Change-Id: I4226e8ea4f8b2b5bc2972992c83de659ee0da52c

show more ...

Merge pull request #801 from masahir0y/cleanup

Macro cleanups

Merge pull request #790 from masahir0y/utils

add utility macros to utils.h

Move BL_COHERENT_RAM_BASE/END defines to common_def.h

We have lots of duplicated defines (and comment blocks too).
Move them to include/plat/common/common_def.h.

While we are here, suffix the end a

Move BL_COHERENT_RAM_BASE/END defines to common_def.h

We have lots of duplicated defines (and comment blocks too).
Move them to include/plat/common/common_def.h.

While we are here, suffix the end address with _END instead of
_LIMIT. The _END is a better fit to indicate the linker-derived
real end address.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Use *_END instead of *_LIMIT for linker derived end addresses

The usage of _LIMIT seems odd here, so rename as follows:
BL_CODE_LIMIT --> BL_CODE_END
BL_RO_DATA_LIMIT --> BL_RO_DATA_END
B

Use *_END instead of *_LIMIT for linker derived end addresses

The usage of _LIMIT seems odd here, so rename as follows:
BL_CODE_LIMIT --> BL_CODE_END
BL_RO_DATA_LIMIT --> BL_RO_DATA_END
BL1_CODE_LIMIT --> BL1_CODE_END
BL1_RO_DATA_LIMIT --> BL1_RO_DATA_END

Basically, we want to use _LIMIT and _END properly as follows:
*_SIZE + *_MAX_SIZE = *_LIMIT
*_SIZE + *_SIZE = *_END

The _LIMIT is generally defined by platform_def.h to indicate the
platform-dependent memory constraint. So, its typical usage is
ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
in a linker script.

On the other hand, _END is used to indicate the end address of the
compiled image, i.e. we do not know it until the image is linked.

Here, all of these macros belong to the latter, so should be
suffixed with _END.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

libfdt: Replace v1.4.1 by v1.4.2

Delete old version of libfdt at lib/libfdt. Move new libfdt API
headers to include/lib/libfdt and all other files to lib/libfdt.

Change-Id: I32b7888f1f20d62205310e3

libfdt: Replace v1.4.1 by v1.4.2

Delete old version of libfdt at lib/libfdt. Move new libfdt API
headers to include/lib/libfdt and all other files to lib/libfdt.

Change-Id: I32b7888f1f20d62205310e363accbef169ad7b1b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #807 from nmenon/upstream/fix-16650-rx

uart: 16550: Fix getc

utils: move BIT(n) macro to utils.h

We are duplicating this macro define, and it is useful enough
to be placed in the common place.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

uart: 16550: Fix getc

tbz check for RDR status is to check for a bit being zero.
Unfortunately, we are using a mask rather than the bit position.

Further as per http://www.ti.com/lit/ds/symlink/pc1

uart: 16550: Fix getc

tbz check for RDR status is to check for a bit being zero.
Unfortunately, we are using a mask rather than the bit position.

Further as per http://www.ti.com/lit/ds/symlink/pc16550d.pdf (page 17),
LSR register bit 0 is Data ready status (RDR), not bit position 2.

Update the same to match the specification.

Reported-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>

show more ...

fiptool: Add support for operating on binary blobs using the UUID

Previously, fiptool only understood a fixed set of images as
specified in tbbr_config.c. It preserved unknown images during
the upd

fiptool: Add support for operating on binary blobs using the UUID

Previously, fiptool only understood a fixed set of images as
specified in tbbr_config.c. It preserved unknown images during
the update, unpack and remove operations but it was not possible to
explicitly refer to one of those unknown images.

Add a new --blob option to create/update/unpack/remove images that
are not known at compile time. This is accomplished by specifying
the UUID and filename pair as shown below:

$ ./fiptool create --blob uuid=01234567-89ab-cdef-0123-456789abcdef,file=foo.bin fip.bin
$ ./fiptool info fip.bin
01234567-89ab-cdef-0123-456789abcdef: offset=0x60, size=0x1AA68

Fixes ARM-software/tf-issues#420

Change-Id: Iaac2504b9a4252289c09e73d29645cbe240f3a82
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

show more ...

Abort preempted TSP STD SMC after PSCI CPU suspend

Standard SMC requests that are handled in the secure-world by the Secure
Payload can be preempted by interrupts that must be handled in the
normal

Abort preempted TSP STD SMC after PSCI CPU suspend

Standard SMC requests that are handled in the secure-world by the Secure
Payload can be preempted by interrupts that must be handled in the
normal world. When the TSP is preempted the secure context is stored and
control is passed to the normal world to handle the non-secure
interrupt. Once completed the preempted secure context is restored. When
restoring the preempted context, the dispatcher assumes that the TSP
preempted context is still stored as the SECURE context by the context
management library.

However, PSCI power management operations causes synchronous entry into
TSP. This overwrites the preempted SECURE context in the context
management library. When restoring back the SECURE context, the Secure
Payload crashes because this context is not the preempted context
anymore.

This patch avoids corruption of the preempted SECURE context by aborting
any preempted SMC during PSCI power management calls. The
abort_std_smc_entry hook of the TSP is called when aborting the SMC
request.

It also exposes this feature as a FAST SMC callable from normal world to
abort preempted SMC with FID TSP_FID_ABORT.

Change-Id: I7a70347e9293f47d87b5de20484b4ffefb56b770
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>

show more ...

Merge pull request #794 from douglas-raillard-arm/dr/fix_TSP_STD_FID_macro

Fix TSP_STD_FID macro

Fix TSP_STD_FID macro

Enforce valid FID input in TSP_STD_FID and TSP_FAST_FID macros.
Also remove an undefined behavior by using unsigned literals.

Change-Id: Id37e908da861980a4eaa3a70b37a729f416ce

Fix TSP_STD_FID macro

Enforce valid FID input in TSP_STD_FID and TSP_FAST_FID macros.
Also remove an undefined behavior by using unsigned literals.

Change-Id: Id37e908da861980a4eaa3a70b37a729f416ce272
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>

show more ...

Merge pull request #791 from jeenu-arm/asm-assert-32

AArch32: Print ASM_ASSERT and panic messages

Merge pull request #788 from jeenu-arm/cpuops-framework

Add provision to extend CPU operations at more levels

Merge pull request #793 from jeenu-arm/gic-changes

GIC driver changes for extended power management

Export is_mem_free() function

The is_mem_free() function used to be local to bl_common.c.
This patch exports it so that it can be used outside of bl_common.c.

Change-Id: I01dcb4229f3a36f56a4724b567

Export is_mem_free() function

The is_mem_free() function used to be local to bl_common.c.
This patch exports it so that it can be used outside of bl_common.c.

Change-Id: I01dcb4229f3a36f56a4724b567c5e6c416dc5e98
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

Merge pull request #785 from dp-arm/dp/nvcounter

Merge pull request #781 from yatharth-arm/yk/aarch64_tbbr_load_img_v2

Enable TRUSTED_BOARD_BOOT support for LOAD_IMAGE_V2=1

Merge pull request #779 from dp-arm/dp/rtinstr-cache

Add two timestamps to measure PSCI cache flush overhead

Merge pull request #778 from antonio-nino-diaz-arm/an/xlat-fixes

Fixes and improvements to translation tables library

AArch32: Print ASM_ASSERT and panic messages

ASM_ASSERT failure and panic messages are suppressed at present. This
patch enables printing the PC location for panic messages, and file name
and line n

AArch32: Print ASM_ASSERT and panic messages

ASM_ASSERT failure and panic messages are suppressed at present. This
patch enables printing the PC location for panic messages, and file name
and line number upon assembly assert failure.

Change-Id: I80cb715988e7ce766f64da1e1d7065a74a096a0c
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

show more ...

Merge pull request #782 from antonio-nino-diaz-arm/an/fix-copyright

Fix incorrect copyright notices

Add provision to extend CPU operations at more levels

Various CPU drivers in ARM Trusted Firmware register functions to handle
power-down operations. At present, separate functions are registered to

Add provision to extend CPU operations at more levels

Various CPU drivers in ARM Trusted Firmware register functions to handle
power-down operations. At present, separate functions are registered to
power down individual cores and clusters.

This scheme operates on the basis of core and cluster, and doesn't cater
for extending the hierarchy for power-down operations. For example,
future CPUs might support multiple threads which might need powering
down individually.

This patch therefore reworks the CPU operations framework to allow for
registering power down handlers on specific level basis. Henceforth:

- Generic code invokes CPU power down operations by the level
required.

- CPU drivers explicitly mention CPU_NO_RESET_FUNC when the CPU has no
reset function.

- CPU drivers register power down handlers as a list: a mandatory
handler for level 0, and optional handlers for higher levels.

All existing CPU drivers are adapted to the new CPU operations framework
without needing any functional changes within.

Also update firmware design guide.

Change-Id: I1826842d37a9e60a9e85fdcee7b4b8f6bc1ad043
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

show more ...

tbbr: Fix updating of Non-Trusted NV counter

The previous code required that a certificate be signed with the ROT
key before the platform's NV counter could be updated with the value
in the certific

tbbr: Fix updating of Non-Trusted NV counter

The previous code required that a certificate be signed with the ROT
key before the platform's NV counter could be updated with the value
in the certificate. This implies that the Non-Trusted NV counter was
not being updated for Non-Trusted content certificates, as they cannot
be signed with the ROT key in the TBBR CoT scheme.

The code is reworked to only allow updating the platform's Trusted NV
counter when a certificate protected by the Trusted NV counter is
signed with the ROT key.

Content certificates protected by the Non-Trusted NV counter are
allowed to update the platform's Non-Trusted NV counter, assuming
that the certificate value is higher than the platform's value.

A new optional platform API has been introduced, named
plat_set_nv_ctr2(). Platforms may choose to implement it and perform
additional checks based on the authentication image descriptor before
modifying the NV counters. A default weak implementation is available
that just calls into plat_set_nv_ctr().

Fixes ARM-software/tf-issues#426

Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

show more ...