| f98630fb | 24-Jan-2021 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
plat/arm: fvp: Protect GICR frames for fused/unused cores
Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.
This opens up the security hole where the active c
plat/arm: fvp: Protect GICR frames for fused/unused cores
Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.
This opens up the security hole where the active core can write
the GICR frame of fused/inactive core. To avoid this issue, disable
the GICR frame of all inactive cores as below:
1. After primary CPU boots up, map GICR region of all cores as
read-only.
2. After primary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
3. After secondary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
4. All unused/fused core's redistributor regions remain read-only and
write attempt to such protected regions results in an exception.
As mentioned above, this patch offers only the GICR memory-mapped
region protection considering there is no facility at the GIC IP
level to avoid writing the redistributor area.
These changes are currently done in BL31 of Arm FVP and guarded under
the flag 'FVP_GICR_REGION_PROTECTION'.
As of now, this patch is tested manually as below:
1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core.
2. Verify data abort triggered by manually updating the ‘GICR_CTLR’
register of core 1’s(fused) redistributor from core 0(active).
Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| d30a6615 | 24-Jan-2021 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
doc: Build option to protect GICR frame
Added a build option 'FVP_GICR_REGION_PROTECTION' to make
redistributor frame of fused/unused cores as read only.
Change-Id: Ie85f86e2465b93321a92a888ce8712a
doc: Build option to protect GICR frame
Added a build option 'FVP_GICR_REGION_PROTECTION' to make
redistributor frame of fused/unused cores as read only.
Change-Id: Ie85f86e2465b93321a92a888ce8712a3144e4ccb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| e0cea783 | 23-Jan-2021 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
plat/arm: fvp: Do not map GIC region in BL1 and BL2
GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memor
plat/arm: fvp: Do not map GIC region in BL1 and BL2
GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memory regions in the
future.
Retains mapping of CCN interconnect region in BL1 and BL2
overlapped with the GIC memory region.
Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| bb9ecd0d | 09-Feb-2021 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge "fdts: use scmi_dvfs clock index 1 for cores 4-7" into integration |
| a97c390b | 03-Feb-2021 |
Usama Arif <usama.arif@arm.com> |
fdts: use scmi_dvfs clock index 1 for cores 4-7
This allows Matterhorn cores to operate at their optimal OPPs.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I2e1b784da10154a1f1f65dd0e3a
fdts: use scmi_dvfs clock index 1 for cores 4-7
This allows Matterhorn cores to operate at their optimal OPPs.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I2e1b784da10154a1f1f65dd0e3a39213e7683116
show more ...
|
| e27340a7 | 08-Feb-2021 |
Andre Przywara <andre.przywara@arm.com> |
plat/arm: Remove ARM_LINUX_KERNEL_AS_BL33 relying on RESET_TO_BL31
So far the ARM platform Makefile would require that RESET_TO_BL31 is set
when we ask for the ARM_LINUX_KERNEL_AS_BL33 feature.
Ther
plat/arm: Remove ARM_LINUX_KERNEL_AS_BL33 relying on RESET_TO_BL31
So far the ARM platform Makefile would require that RESET_TO_BL31 is set
when we ask for the ARM_LINUX_KERNEL_AS_BL33 feature.
There is no real technical reason for that, and the one place in the
code where this was needed has been fixed.
Remove the requirement of those two options to be always enabled
together.
This enables the direct kernel boot feature for the Foundation FVP
(as described in the documentation), which requires a BL1/FIP
combination to boot, so cannot use RESET_TO_BL31.
Change-Id: I6814797b6431b6614d684bab3c5830bfd9481851
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
show more ...
|
| c99b8c89 | 08-Feb-2021 |
Andre Przywara <andre.przywara@arm.com> |
plat/arm: Always allow ARM_LINUX_KERNEL_AS_BL33
At the moment we have the somewhat artifical limitation of
ARM_LINUX_KERNEL_AS_BL33 only being used together with RESET_TO_BL31.
However there does n
plat/arm: Always allow ARM_LINUX_KERNEL_AS_BL33
At the moment we have the somewhat artifical limitation of
ARM_LINUX_KERNEL_AS_BL33 only being used together with RESET_TO_BL31.
However there does not seem to be a good technical reason for that,
it was probably just to differentate between two different boot flows.
Move the initial register setup for ARM_LINUX_KERNEL_AS_BL33 out of the
RESET_TO_BL31 #ifdef, so that we initialise the registers in any case.
This allows to use a preloaded kernel image when using BL1 and FIP.
Change-Id: I832df272d3829f077661f4ee6d3dd9a276a0118f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
show more ...
|
| d4c61c38 | 13-May-2020 |
Heyi Guo <guoheyi@linux.alibaba.com> |
tzc400: adjust filter flag if it is set to FILTER_BIT_ALL
TZC_400_REGION_ATTR_FILTER_BIT_ALL is a simple constant definition, so
it can't get the real filter number to construct the bit flag for all
tzc400: adjust filter flag if it is set to FILTER_BIT_ALL
TZC_400_REGION_ATTR_FILTER_BIT_ALL is a simple constant definition, so
it can't get the real filter number to construct the bit flag for all
existing filters. If the platform doesn't have 4 filters, passing
FILTER_BIT_ALL to tzc400_configure_region() will cause assertion or
misconfiguration. So adjust the bit flag against the real filter
number.
Signed-off-by: Heyi Guo <guoheyi@linux.alibaba.com>
Change-Id: Ie5c48303485f3b5015772961ee7c34746121ee84
show more ...
|
| 3d66ca6d | 13-May-2020 |
Heyi Guo <guoheyi@linux.alibaba.com> |
tzc400: fix logical error in FILTER_BIT definitions
The filters parameter passed to tzc400_configure_region() is supposed
to be filter bit flag without bit shift, so the macros
TZC_400_REGION_ATTR_F
tzc400: fix logical error in FILTER_BIT definitions
The filters parameter passed to tzc400_configure_region() is supposed
to be filter bit flag without bit shift, so the macros
TZC_400_REGION_ATTR_FILTER_BIT and TZC_400_REGION_ATTR_FILTER_BIT_ALL
should always construct the value without any shift.
It is not a functional issue for TZC_REGION_ATTR_F_EN_SHIFT is lucky
to be 0.
Signed-off-by: Heyi Guo <guoheyi@linux.alibaba.com>
Change-Id: I5d363c462b8517256523f637e670eefa56722afd
show more ...
|
| 42ea8d67 | 20-Jan-2021 |
Manoj Kumar <manoj.kumar3@arm.com> |
morello: Modify morello_plat_info structure
The structure has been modified to specify the memory
size in bytes instead of Gigabytes.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Signed-off-by
morello: Modify morello_plat_info structure
The structure has been modified to specify the memory
size in bytes instead of Gigabytes.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: I3384677d79af4f3cf55d3c353b6c20bb827b5ae7
show more ...
|
| 8098d544 | 05-Feb-2021 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
Merge "ddr: stm32mp1_ddr: correct SELFREF_TO_X32 mask" into integration |
| 8c7f156f | 05-Feb-2021 |
Lauren Wehrmeister <lauren.wehrmeister@arm.com> |
Merge "rainier: remove cpu workaround for errata 1542419" into integration |
| 6080aac9 | 05-Feb-2021 |
André Przywara <andre.przywara@arm.com> |
Merge "Add TRNG Firmware Interface service" into integration |
| 7dfb9911 | 22-Jun-2020 |
Jimmy Brisson <jimmy.brisson@arm.com> |
Add TRNG Firmware Interface service
This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and include
Add TRNG Firmware Interface service
This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and includes an entropy pool implementation to
avoid dropping any entropy requested from the platform.
Change-Id: I71cadb3cb377a507652eca9e0d68714c973026e9
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
show more ...
|
| 041d7c7b | 27-Jan-2021 |
Manoj Kumar <manoj.kumar3@arm.com> |
rainier: remove cpu workaround for errata 1542419
This patch removes the Neoverse N1 CPU errata workaround for
bug 1542419 as the bug is not present in Rainier R0P0 core.
Change-Id: Icaca299b13ef83
rainier: remove cpu workaround for errata 1542419
This patch removes the Neoverse N1 CPU errata workaround for
bug 1542419 as the bug is not present in Rainier R0P0 core.
Change-Id: Icaca299b13ef830b2ee5129576aae655a6288e69
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
show more ...
|
| edaaa98f | 01-Feb-2021 |
Yann Gautier <yann.gautier@st.com> |
ddr: stm32mp1_ddr: correct SELFREF_TO_X32 mask
In DDR controller PWRTMG register, the mask for field SELFREF_TO_X32 is
wrong. This field is from bit 16 to 23.
Change-Id: Id336fb08c88f0a153df186dd81
ddr: stm32mp1_ddr: correct SELFREF_TO_X32 mask
In DDR controller PWRTMG register, the mask for field SELFREF_TO_X32 is
wrong. This field is from bit 16 to 23.
Change-Id: Id336fb08c88f0a153df186dd819e41af72febb88
Signed-off-by: Yann Gautier <yann.gautier@st.com>
show more ...
|
| ffb07b04 | 14-Dec-2020 |
Maxim Uvarov <maxim.uvarov@linaro.org> |
plat/qemu: trigger reboot with secure pl061
Secure pl061 qemu driver allows to rize the GPIO pin
from the secure world to reboot and power down
virtual machine.
Do not define secure-gpio for sbsa-r
plat/qemu: trigger reboot with secure pl061
Secure pl061 qemu driver allows to rize the GPIO pin
from the secure world to reboot and power down
virtual machine.
Do not define secure-gpio for sbsa-ref platform due to
reboot is done via sbsa-ec watchdog.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Change-Id: I508d7c5cf4c75cb169b34b00682a76f6761d3869
show more ...
|
| de67080f | 28-Jan-2021 |
Julius Werner <jwerner@chromium.org> |
qti: spmi_arb: Fix NUM_APID and REG_APID_MAP() argument
The NUM_APID value was derived from kernel device tree sources, but I
made a conversion mistake: the amount of bytes in the APID map is the
to
qti: spmi_arb: Fix NUM_APID and REG_APID_MAP() argument
The NUM_APID value was derived from kernel device tree sources, but I
made a conversion mistake: the amount of bytes in the APID map is the
total size of the "core" register range (0x1100) minus the offset of the
APID map in that range (0x900). This is of course 0x1100 - 0x900 = 0x800
and not 0x200, so the amount of 4-byte integers it can fit is not 0x80
but 0x200. Fix this and make the math more explicit so it can be more
easily factored out and adjusted if that becomes necessary for a future
SoC.
Also fix a dangerous typo in REG_APID_MAP() where the macro would
reference a random variable `i` rather than its argument (`apid`), and
we just got lucky that the only caller in the current code happened to
pass in a variable called `i` as that argument.
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I049dd044fa5aeb65be0e7b12150afd6eb4bac0fa
show more ...
|
| d56b957c | 28-Jan-2021 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
libc: Import strtoull from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, t
libc: Import strtoull from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I2e94a0b227ec39f6f4530dc50bb477999d27730f
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| 587c1556 | 28-Jan-2021 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
libc: Import strtoll from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, th
libc: Import strtoll from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I9cb581574d46de73c3d6917ebf78935fc5ac075a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| 15c1c147 | 27-Jan-2021 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
libc: Import strtoul from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, th
libc: Import strtoul from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I8c3b92751d1ce226c966f7c81fedd83f0846865e
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| 015240d9 | 27-Jan-2021 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
libc: Import strtol from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the
libc: Import strtol from FreeBSD project
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: Ica95bf5da722913834fe90bf3fe743aa34e01e80
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| d5105d99 | 03-Feb-2021 |
Lauren Wehrmeister <lauren.wehrmeister@arm.com> |
Merge changes from topic "RD_INFRA_POWER_MODING" into integration
* changes:
plat/arm/board: enable AMU for RD-N2
plat/arm/board: enable AMU for RD-V1
plat/arm/sgi: allow all PSCI callbacks on
Merge changes from topic "RD_INFRA_POWER_MODING" into integration
* changes:
plat/arm/board: enable AMU for RD-N2
plat/arm/board: enable AMU for RD-V1
plat/arm/sgi: allow all PSCI callbacks on RD-V1
show more ...
|
| 6d0dcc7d | 03-Feb-2021 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "plat/arm:juno: fix parallel build issue for romlib config" into integration |
| 9bc3007d | 03-Feb-2021 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "product/tc0: Enable Theodul DSU in TC platform" into integration |