fconf: necessary modifications to support fconf in BL31 & SP_MIN

Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG

fconf: necessary modifications to support fconf in BL31 & SP_MIN

Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.

This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation

Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge "TF-A GICv3 driver: Separate GICD and GICR accessor functions" into integration

TF-A GICv3 driver: Separate GICD and GICR accessor functions

This patch provides separation of GICD, GICR accessor
functions and adds new macros for GICv3 registers access
as a preparation for GICv3

TF-A GICv3 driver: Separate GICD and GICR accessor functions

This patch provides separation of GICD, GICR accessor
functions and adds new macros for GICv3 registers access
as a preparation for GICv3.1 and GICv4 support.
NOTE: Platforms need to modify to include both
'gicdv3_helpers.c' and 'gicrv3_helpers.c' instead of the
single helper file previously.

Change-Id: I1641bd6d217d6eb7d1228be3c4177b2d556da60a
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

show more ...

Merge "Read-only xlat tables for BL31 memory" into integration

Read-only xlat tables for BL31 memory

This patch introduces a build flag which allows the xlat tables
to be mapped in a read-only region within BL31 memory. It makes it
much harder for someone who h

Read-only xlat tables for BL31 memory

This patch introduces a build flag which allows the xlat tables
to be mapped in a read-only region within BL31 memory. It makes it
much harder for someone who has acquired the ability to write to
arbitrary secure memory addresses to gain control of the
translation tables.

The memory attributes of the descriptors describing the tables
themselves are changed to read-only secure data. This change
happens at the end of BL31 runtime setup. Until this point, the
tables have read-write permissions. This gives a window of
opportunity for changes to be made to the tables with the MMU on
(e.g. reclaiming init code). No changes can be made to the tables
with the MMU turned on from this point onwards. This change is also
enabled for sp_min and tspd.

To make all this possible, the base table was moved to .rodata. The
penalty we pay is that now .rodata must be aligned to the size of
the base table (512B alignment). Still, this is better than putting
the base table with the higher level tables in the xlat_table
section, as that would cost us a full 4KB page.

Changing the tables from read-write to read-only cannot be done with
the MMU on, as the break-before-make sequence would invalidate the
descriptor which resolves the level 3 page table where that very
descriptor is located. This would make the translation required for
writing the changes impossible, generating an MMU fault.

The caches are also flushed.

Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466

show more ...

Merge "Add Matterhorn CPU lib" into integration

Merge "Add CPULib for Klein Core" into integration

Add Matterhorn CPU lib

Also update copyright statements

Change-Id: Iba0305522ac0f2ddc4da99127fd773f340e67300
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>

Add CPULib for Klein Core

Change-Id: I686fd623b8264c85434853a2a26ecd71e9eeac01
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>

Merge changes from topic "lm/fconf" into integration

* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform

Merge changes from topic "lm/fconf" into integration

* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform io policies into fconf
fconf: Add mbedtls shared heap as property
fconf: Add TBBR disable_authentication property
fconf: Add dynamic config DTBs info as property
fconf: Populate properties from dtb during bl2 setup
fconf: Load config dtb from bl1
fconf: initial commit

show more ...

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0 spec
SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP
SPMD: add support for an example SPM core manifest
SPMD: add SPCI Beta 0 specification header file

show more ...

SPMD: add support for an example SPM core manifest

This patch repurposes the TOS FW configuration file as the manifest for
the SPM core component which will reside at the secure EL adjacent to
EL3.

SPMD: add support for an example SPM core manifest

This patch repurposes the TOS FW configuration file as the manifest for
the SPM core component which will reside at the secure EL adjacent to
EL3. The SPM dispatcher component will use the manifest to determine how
the core component must be initialised. Routines and data structure to
parse the manifest have also been added.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Id94f8ece43b4e05609f0a1d364708a912f6203cb

show more ...

fconf: Move platform io policies into fconf

Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the

fconf: Move platform io policies into fconf

Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.

The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.

This change currently only applies to FVP platform.

Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

show more ...

fconf: Add dynamic config DTBs info as property

This patch introduces a better separation between the trusted-boot
related properties, and the dynamic configuration DTBs loading
information.

The dy

fconf: Add dynamic config DTBs info as property

This patch introduces a better separation between the trusted-boot
related properties, and the dynamic configuration DTBs loading
information.

The dynamic configuration DTBs properties are moved to a new node:
`dtb-registry`. All the sub-nodes present will be provided to the
dynamic config framework to be loaded. The node currently only contains
the already defined configuration DTBs, but can be extended for future
features if necessary.
The dynamic config framework is modified to use the abstraction provided
by the fconf framework, instead of directly accessing the DTBs.

The trusted-boot properties are kept under the "arm,tb_fw" compatible
string, but in a separate `tb_fw-config` node.
The `tb_fw-config` property of the `dtb-registry` node simply points
to the load address of `fw_config`, as the `tb_fw-config` is currently
part of the same DTB.

Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

show more ...

Merge "Adds option to read ROTPK from registers for FVP" into integration

Adds option to read ROTPK from registers for FVP

Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys fro

Adds option to read ROTPK from registers for FVP

Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
Removes hard-coded developer keys. Instead, setting
ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
In case of ROT_KEY specified - generates a new hash and replaces the
original.

Note: Juno board was tested by original feature author and was not tested
for this patch since we don't have access to the private key. Juno
implementation was moved to board-specific file without changing
functionality. It is not known whether byte-swapping is still needed
for this platform.

Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>

show more ...

Merge "FVP: Stop reclaiming init code with Clang builds" into integration

FVP: Stop reclaiming init code with Clang builds

The reclaim init code functionality relies on forward reference in the
linker script. The LLVM linker does not process it correctly.

Change-Id: I993

FVP: Stop reclaiming init code with Clang builds

The reclaim init code functionality relies on forward reference in the
linker script. The LLVM linker does not process it correctly.

Change-Id: I993aeb9587bfa07af25b60ed823a6a2c5e970c94
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>

show more ...

Merge "debugfs: add SMC channel" into integration

Merge changes from topic "spm-devel" into integration

* changes:
spm-mm: Rename aarch64 assembly files
spm-mm: Rename source files
spm-mm: Rename spm_shim_private.h
spm-mm: Rename spm_privat

Merge changes from topic "spm-devel" into integration

* changes:
spm-mm: Rename aarch64 assembly files
spm-mm: Rename source files
spm-mm: Rename spm_shim_private.h
spm-mm: Rename spm_private.h
spm-mm: Rename component makefile
spm-mm: Remove mm_svc.h header
spm-mm: Refactor spm_svc.h and its contents
spm-mm: Refactor secure_partition.h and its contents
spm: Remove SPM Alpha 1 prototype and support files
Remove dependency between SPM_MM and ENABLE_SPM build flags

show more ...

spm: Remove SPM Alpha 1 prototype and support files

The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component

spm: Remove SPM Alpha 1 prototype and support files

The Secure Partition Manager (SPM) prototype implementation is
being removed. This is preparatory work for putting in place a
dispatcher component that, in turn, enables partition managers
at S-EL2 / S-EL1.

This patch removes:

- The core service files (std_svc/spm)
- The Resource Descriptor headers (include/services)
- SPRT protocol support and service definitions
- SPCI protocol support and service definitions

Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>

show more ...

Remove dependency between SPM_MM and ENABLE_SPM build flags

There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the oth

Remove dependency between SPM_MM and ENABLE_SPM build flags

There are two different implementations of Secure Partition
management in TF-A. One is based on the "Management Mode" (MM)
design, the other is based on the Secure Partition Client Interface
(SPCI) specification. Currently there is a dependency between their
build flags that shouldn't exist, making further development
harder than it should be. This patch removes that
dependency, making the two flags function independently.

Before: ENABLE_SPM=1 is required for using either implementation.
By default, the SPCI-based implementation is enabled and
this is overridden if SPM_MM=1.

After: ENABLE_SPM=1 enables the SPCI-based implementation.
SPM_MM=1 enables the MM-based implementation.
The two build flags are mutually exclusive.

Note that the name of the ENABLE_SPM flag remains a bit
ambiguous - this will be improved in a subsequent patch. For this
patch the intention was to leave the name as-is so that it is
easier to track the changes that were made.

Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
Signed-off-by: Paul Beesley <paul.beesley@arm.com>

show more ...

debugfs: add SMC channel

Provide an SMC interface to the 9p filesystem. This permits
accessing firmware drivers through a common interface, using
standardized read/write/control operations.

Signed-

debugfs: add SMC channel

Provide an SMC interface to the 9p filesystem. This permits
accessing firmware drivers through a common interface, using
standardized read/write/control operations.

Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I9314662314bb060f6bc02714476574da158b2a7d

show more ...

Merge "plat/arm: Re-enable PIE when RESET_TO_BL31=1" into integration

plat/arm: Re-enable PIE when RESET_TO_BL31=1

Earlier PIE support was enabled for all arm platforms when
RESET_TO_BL31=1, but later on it was restricted only to FVP with patch
SHA d4580d17 because of

plat/arm: Re-enable PIE when RESET_TO_BL31=1

Earlier PIE support was enabled for all arm platforms when
RESET_TO_BL31=1, but later on it was restricted only to FVP with patch
SHA d4580d17 because of n1sdp platform.

Now it has been verified that PIE does work for n1sdp platform also, so
enabling it again for all arm platforms.

Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>

show more ...