uniphier: get back original BL31/32 location used before BL2-AT-EL3

Commit 247fc0435191 ("uniphier: switch to BL2-AT-EL3 and remove BL1
support") accidentally changed the location of BL31 and BL32.

uniphier: get back original BL31/32 location used before BL2-AT-EL3

Commit 247fc0435191 ("uniphier: switch to BL2-AT-EL3 and remove BL1
support") accidentally changed the location of BL31 and BL32. The
new memory map overlaps with the audio DSP images, also gives impact
to OP-TEE. They are both out of control of ARM Trusted Firmware, so
not easy to change. This commit restores the image layout that was
originally used prior to the BL2-AT-EL3 migration.

Reported-by: Katsuhiro Suzuki <suzuki.katsuhiro@socionext.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

trusty: generic-arm64-smcall: Use SPDX license identifiers

Signed-off-by: Arve Hjønnevåg <arve@android.com>

Merge pull request #1247 from rockchip-linux/rk3399/fixes-memory-corruptions

rockchip/rk3399: Fix memory corruptions or illegal memory access

Merge pull request #1245 from antonio-nino-diaz-arm/an/checkpatch

Analyze coding style of patches individually

uniphier: support GZIP-compressed images

Allow to handle GZIP-compressed images by giving FIP_GZIP=1 from the
command line.

- Images are GZIP-compressed, then packed into FIP. If Trusted Board
B

uniphier: support GZIP-compressed images

Allow to handle GZIP-compressed images by giving FIP_GZIP=1 from the
command line.

- Images are GZIP-compressed, then packed into FIP. If Trusted Board
Boot is enabled, certificates are generated based on the compressed
images.

- GZIP decompressor is linked into BL2 to decompress images at
run-time.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

uniphier: add a helper to get image_info

In the next commit, I will have more usecases to get struct image_info
from image ID. It is better to make a helper function at a different
layer. I do not

uniphier: add a helper to get image_info

In the next commit, I will have more usecases to get struct image_info
from image ID. It is better to make a helper function at a different
layer. I do not need the current uniphier_image_descs_fixup() since
the code is small enough to be squashed into the caller side.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

image_decompress: add APIs for decompressing images

These APIs are used by platforms that need to decompress images.

image_decompress_init():
This registers a temporary buffer and a decompressor

image_decompress: add APIs for decompressing images

These APIs are used by platforms that need to decompress images.

image_decompress_init():
This registers a temporary buffer and a decompressor callback.
This should be called from platform init code.

image_decompress_prepare():
This should be called before each compressed image is loaded. The
best location to call this will be bl*_plat_handle_pre_image_load().

image_decompress():
This should be called after each compressed image is loaded. The
best location to call this will be bl*_plat_handle_post_image_load().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

bl1: add bl1_plat_handle_{pre,post}_image_load()

Just like bl2_, add pre/post image load handlers for BL1. No argument
is needed since BL2 is the only image loaded by BL1.

Signed-off-by: Masahiro

bl1: add bl1_plat_handle_{pre,post}_image_load()

Just like bl2_, add pre/post image load handlers for BL1. No argument
is needed since BL2 is the only image loaded by BL1.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

bl2: add bl2_plat_handle_pre_image_load()

There are cases where we need to manipulate image information before
the load. For example, for decompressing data, we cannot load the
compressed images to

bl2: add bl2_plat_handle_pre_image_load()

There are cases where we need to manipulate image information before
the load. For example, for decompressing data, we cannot load the
compressed images to their final destination. Instead, we need to
load them to the temporary buffer for the decompressor.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

plat/common: move arch-agnostic fallback functions to C file

When we add a new callback, we need to duplicate fallbacks among
plat/common/{aarch32,aarch64}/platform_helpers.S This is tedious.

I cr

plat/common: move arch-agnostic fallback functions to C file

When we add a new callback, we need to duplicate fallbacks among
plat/common/{aarch32,aarch64}/platform_helpers.S This is tedious.

I created a new C file, then moved 3 functions:
plat_error_handler
bl2_plat_preload_setup
plat_try_next_boot_source

They are called from C, so I do not see a good reason to implement
them in assembly.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

zlib: add gunzip() support

This commit adds some more files to use zlib from TF.

To use zlib, ->zalloc and ->zfree hooks are needed. The implementation
depends on the system. For user-space, the

zlib: add gunzip() support

This commit adds some more files to use zlib from TF.

To use zlib, ->zalloc and ->zfree hooks are needed. The implementation
depends on the system. For user-space, the libc provides malloc() and
friends. Unfortunately, ARM Trusted Firmware does not provide malloc()
or any concept of dynamic memory allocation.

I implemented very simple calloc() and free() for this. Stupidly,
zfree() never frees memory, but it works enough for this.

The purpose of using zlib is to implement gunzip() - this function
takes compressed data from in_buf, then dumps the decompressed data
to oub_buf. The work_buf is used for memory allocation during the
decompress. Upon exit, it updates in_buf and out_buf. If successful,
in_buf points to the end of input data, out_buf to the end of the
decompressed data.

To use this feature, you need to do:

- include lib/zlib/zlib.mk from your platform.mk

- add $(ZLIB_SOURCES) to your BL*_SOURCES

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

zlib: import zlib files from zlib 1.2.11

Import the following files from zlib 1.2.11:

adler32.c
crc32.c
crc32.h
inffast.c
inffast.h
inffixed.h
inflate.c
inflate.h
inftree

zlib: import zlib files from zlib 1.2.11

Import the following files from zlib 1.2.11:

adler32.c
crc32.c
crc32.h
inffast.c
inffast.h
inffixed.h
inflate.c
inflate.h
inftrees.c
inftrees.h
zconf.h
zlib.h
zutil.c
zutil.h

The original tarball is available from http://zlib.net/

The zlib is free software, distributed under the zlib license. The
license text is included in the "zlib.h" file. It should be compatible
with BSD-3-Clause.

The zlib license is included in the SPDX license list available at
https://spdx.org/licenses/, but I did not add the SPDX license tag to
the imported files above, to keep them as they are in the upstream
project. This seems the general policy for ARM Trusted Firmware, as
SPDX License Identifier was not added to files imported from FreeBSD.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: add GZIP compression filter

One typical usage of the pre-tool image filter is data compression,
and GZIP is one of the most commonly used compression methods.
I guess this is generic enough t

Build: add GZIP compression filter

One typical usage of the pre-tool image filter is data compression,
and GZIP is one of the most commonly used compression methods.
I guess this is generic enough to be put in the common script instead
of platform.mk.

If you want to use this, you can add something like follows to your
platform.mk:

BL32_PRE_TOOL_FILTER := GZIP
BL33_PRE_TOOL_FILTER := GZIP

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: support pre-tool image processing

There are cases where we want to process images before they are
passed to cert_create / fiptool.

My main motivation is data compression. By compressing ima

Build: support pre-tool image processing

There are cases where we want to process images before they are
passed to cert_create / fiptool.

My main motivation is data compression. By compressing images, we can
save data storage, and possibly speed up loading images. The image
verification will also get faster because certificates are generated
based on compressed images.

Other image transformation filters (for ex. encryption), and their
combinations would be possible. So, our build system should support
transformation filters in a generic manner.

The choice of applied filters is up to platforms (so specified in
platform.mk)

To define a new filter, <FILTER_NAME>_RULE and <FILTER_NAME>_SUFFIX
are needed.

For example, the GZIP compression filter can be implemented as follows:

------------------------>8------------------------
define GZIP_RULE
$(1): $(2)
@echo " GZIP $$@"
$(Q)gzip -n -f -9 $$< --stdout > $$@
endef

GZIP_SUFFIX := .gz
------------------------>8------------------------

The _RULE defines how to create the target $(1) from the source $(2).
The _SUFFIX defines the extension appended to the processed image path.
The suffix is not so important because the file name information is not
propagated to FIP, but adding a sensible suffix will be good to classify
the data file.

Platforms can specify which filter is applied to which BL image, like
this:

------------------------>8------------------------
BL32_PRE_TOOL_FILTER := GZIP
BL33_PRE_TOOL_FILTER := GZIP
------------------------>8------------------------

<IMAGE_NAME>_PRE_TOOL_FILTER specifies per-image filter. With this,
different images can be transformed differently. For the case above,
only BL32 and BL33 are GZIP-compressed. Nothing is done for other
images.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: change the first parameter of TOOL_ADD_IMG to lowercase

In the next commit, I need the image name in lowercase because
output files are generally named in lowercase.

Unfortunately, TOOL_ADD_

Build: change the first parameter of TOOL_ADD_IMG to lowercase

In the next commit, I need the image name in lowercase because
output files are generally named in lowercase.

Unfortunately, TOOL_ADD_IMG takes the first argument in uppercase
since we generally use uppercase Make variables.

make_helpers/build_macros.mk provides 'uppercase' macro to convert
a string into uppercase, but 'lowercase' does not exist. We can
implement it if we like, but it would be more straightforward to
change the argument of TOOL_ADD_IMG.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: make tools depend on $(BIN) instead of PHONY target

The PHONY target "bl*" generate $(BIN) and $(DUMP), but host tools
(fiptool, cert_create) only need $(BIN).

Signed-off-by: Masahiro Yamada

Build: make tools depend on $(BIN) instead of PHONY target

The PHONY target "bl*" generate $(BIN) and $(DUMP), but host tools
(fiptool, cert_create) only need $(BIN).

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: remove third argument of CERT_ADD_CMD_OPT

The third argument was given "true" by images, but it was moved
to TOOL_ADD_PAYLOAD. No more caller of CERT_ADD_CMD_OPT uses this.
So, the third arg

Build: remove third argument of CERT_ADD_CMD_OPT

The third argument was given "true" by images, but it was moved
to TOOL_ADD_PAYLOAD. No more caller of CERT_ADD_CMD_OPT uses this.
So, the third argument is always empty. Remove it.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: rename FIP_ADD_IMG to TOOL_ADD_IMG

Now FIP_ADD_IMG takes care of both fiptool and cert_create
symmetrically. Rename it so that it matches the behavior.

Signed-off-by: Masahiro Yamada <yamad

Build: rename FIP_ADD_IMG to TOOL_ADD_IMG

Now FIP_ADD_IMG takes care of both fiptool and cert_create
symmetrically. Rename it so that it matches the behavior.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: rename FIP_ADD_PAYLOAD to TOOL_ADD_PAYLOAD

Now FIP_ADD_PAYLOAD takes care of both fiptool and cert_create
symmetrically. Rename it so that it matches the behavior.

Signed-off-by: Masahiro Y

Build: rename FIP_ADD_PAYLOAD to TOOL_ADD_PAYLOAD

Now FIP_ADD_PAYLOAD takes care of both fiptool and cert_create
symmetrically. Rename it so that it matches the behavior.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: move cert_create arguments and dependency to FIP_ADD_PAYLOAD

The fiptool and cert_create use the same command options for images.
It is pretty easy to handle both in the same, symmetrical way

Build: move cert_create arguments and dependency to FIP_ADD_PAYLOAD

The fiptool and cert_create use the same command options for images.
It is pretty easy to handle both in the same, symmetrical way.

Move CRT_ARGS and CRT_DEPS to FIP_ADD_PAYLOAD. This refactoring makes
sense because FIP_ADD_PAYLOAD is called from MAKE_BL (when building
images from source), and from FIP_ADD_IMG (when including external
images). (FIP_ADD_PAYLOAD will be renamed later on since it now
caters to both fiptool and cert_create).

We can delete CERT_ADD_CMD_OPT for images in tbbr.mk. It still
needs to call CERT_ADD_CMD_OPT directly for certificates.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: rip off unneeded $(eval ...) from buid macros

The callers of these macros are supposed to use $(eval $(call, ...)).
The $(eval ...) on the callee side is unneeded.

Signed-off-by: Masahiro Ya

Build: rip off unneeded $(eval ...) from buid macros

The callers of these macros are supposed to use $(eval $(call, ...)).
The $(eval ...) on the callee side is unneeded.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: merge build macros between FIP_ and FWU_FIP_

The build system supports generating two FIP images, fip and fwu_fip.
Accordingly, we have similar build macros.

FIP_ADD_PAYLOAD <--> FWU_F

Build: merge build macros between FIP_ and FWU_FIP_

The build system supports generating two FIP images, fip and fwu_fip.
Accordingly, we have similar build macros.

FIP_ADD_PAYLOAD <--> FWU_FIP_ADD_PAYLOAD
CERT_ADD_CMD_OPT <--> FWU_CERT_ADD_CMD_OPT
FIP_ADD_IMG <--> FWU_FIP_ADD_IMG

The duplicated code increases the maintenance burden. Also, the build
rule of BL2U looks clumsy - we want to call MAKE_BL to compile it from
source files, but we want to put it in fwu_fip. We can not do it in a
single macro call since the current MAKE_BL does not support fwu_fip.

To refactor those in a clean way is to support one more argument to
specify the FIP prefix. If it is empty, the images are targeted to
fip, whereas if the argument is "FWU_", targeted to fwu_fip.

The build macros prefixed with FWU_ go away.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: squash MAKE_TOOL_ARGS into MAKE_BL

Now, MAKE_TOOL_ARGS is only called from MAKE_BL. Squash it.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Build: refactor BL32 build rules

This complicated if-conditional combo was introduced by commit
70d1fc5383b9 ("Fix build error when `BL32` is not defined") in order
to fix the compile error of "make

Build: refactor BL32 build rules

This complicated if-conditional combo was introduced by commit
70d1fc5383b9 ("Fix build error when `BL32` is not defined") in order
to fix the compile error of "make all" when SPD=opteed is given.

The requirement for the build system is like follows:

- If both BL32 and BL32_SOURCES are defined, the former takes
precedence.

- If BL32 is undefined but BL32_SOURCES is defined, we compile
BL32 from the source files.

- We want to let the build fail if neither of them is defined,
but we want to check it only when we are building FIP.

Refactor the code to not call FIP_ADD_IMG twice. The behavior is
still the same.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Build: replace $(call MAKE_TOOL_ARGS,...) with $(call FIP_ADD_IMG,...)

We use $(call MAKE_TOOL_ARGS,...) or $(call FIP_ADD_IMG,...) where we
expect externally built images. The difference between t

Build: replace $(call MAKE_TOOL_ARGS,...) with $(call FIP_ADD_IMG,...)

We use $(call MAKE_TOOL_ARGS,...) or $(call FIP_ADD_IMG,...) where we
expect externally built images. The difference between the two is
check_* target. It now checks if the given path exists, so it is a
good thing to use $(call FIP_ADD_IMG,...) in all the places.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...