diff options
| -rw-r--r-- | docs/user-guide.rst | 2 | ||||
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.mk | 4 | ||||
| -rw-r--r-- | include/lib/aarch32/arch.h | 7 | ||||
| -rw-r--r-- | include/lib/aarch64/arch.h | 7 | ||||
| -rw-r--r-- | include/plat/arm/board/common/board_arm_def.h | 2 | ||||
| -rw-r--r-- | include/plat/arm/common/arm_def.h | 2 | ||||
| -rw-r--r-- | include/services/spm_svc.h | 3 | ||||
| -rw-r--r-- | lib/xlat_tables_v2/xlat_tables_internal.c | 6 | ||||
| -rw-r--r-- | plat/arm/common/arm_common.c | 20 | ||||
| -rw-r--r-- | plat/xilinx/zynqmp/aarch64/zynqmp_common.c | 15 | ||||
| -rw-r--r-- | plat/xilinx/zynqmp/include/platform_def.h | 2 | ||||
| -rw-r--r-- | services/std_svc/spm/spm_main.c | 49 |
12 files changed, 91 insertions, 28 deletions
diff --git a/docs/user-guide.rst b/docs/user-guide.rst index 7e50dc188..c7f7ef86d 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -1074,7 +1074,7 @@ images with support for these features: is important to use a version that is compatible with TF-A and fixes any known security vulnerabilities. See `mbed TLS Security Center`_ for more information. The latest version of TF-A is tested with tag - ``mbedtls-2.6.0``. + ``mbedtls-2.10.0``. The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS source files the modules depend upon. diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index 8c4123dbb..a5d19e6a9 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -27,6 +27,8 @@ MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \ memory_buffer_alloc.c \ oid.c \ platform.c \ + platform_util.c \ + rsa_internal.c \ ) endif diff --git a/include/lib/aarch32/arch.h b/include/lib/aarch32/arch.h index 3624cc689..910341a72 100644 --- a/include/lib/aarch32/arch.h +++ b/include/lib/aarch32/arch.h @@ -379,6 +379,7 @@ * Definitions of register offsets and fields in the CNTCTLBase Frame of the * system level implementation of the Generic Timer. ******************************************************************************/ +#define CNTCTLBASE_CNTFRQ U(0x0) #define CNTNSAR 0x4 #define CNTNSAR_NS_SHIFT(x) (x) @@ -390,6 +391,12 @@ #define CNTACR_RWVT_SHIFT 0x4 #define CNTACR_RWPT_SHIFT 0x5 +/******************************************************************************* + * Definitions of register offsets in the CNTBaseN Frame of the + * system level implementation of the Generic Timer. + ******************************************************************************/ +#define CNTBASE_CNTFRQ U(0x10) + /* MAIR macros */ #define MAIR0_ATTR_SET(attr, index) ((attr) << ((index) << 3)) #define MAIR1_ATTR_SET(attr, index) ((attr) << (((index) - 3) << 3)) diff --git a/include/lib/aarch64/arch.h b/include/lib/aarch64/arch.h index 92bb97d51..7cc4b2377 100644 --- a/include/lib/aarch64/arch.h +++ b/include/lib/aarch64/arch.h @@ -554,6 +554,7 @@ * Definitions of register offsets and fields in the CNTCTLBase Frame of the * system level implementation of the Generic Timer. ******************************************************************************/ +#define CNTCTLBASE_CNTFRQ U(0x0) #define CNTNSAR U(0x4) #define CNTNSAR_NS_SHIFT(x) (x) @@ -565,6 +566,12 @@ #define CNTACR_RWVT_SHIFT U(0x4) #define CNTACR_RWPT_SHIFT U(0x5) +/******************************************************************************* + * Definitions of register offsets in the CNTBaseN Frame of the + * system level implementation of the Generic Timer. + ******************************************************************************/ +#define CNTBASE_CNTFRQ U(0x10) + /* PMCR_EL0 definitions */ #define PMCR_EL0_RESET_VAL U(0x0) #define PMCR_EL0_N_SHIFT U(11) diff --git a/include/plat/arm/board/common/board_arm_def.h b/include/plat/arm/board/common/board_arm_def.h index 030e06737..96eefbbeb 100644 --- a/include/plat/arm/board/common/board_arm_def.h +++ b/include/plat/arm/board/common/board_arm_def.h @@ -87,7 +87,7 @@ * little space for growth. */ #if TRUSTED_BOARD_BOOT -# define PLAT_ARM_MAX_BL2_SIZE 0x1E000 +# define PLAT_ARM_MAX_BL2_SIZE 0x1F000 #else # define PLAT_ARM_MAX_BL2_SIZE 0x11000 #endif diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h index e07156c00..e3d0edbce 100644 --- a/include/plat/arm/common/arm_def.h +++ b/include/plat/arm/common/arm_def.h @@ -258,6 +258,8 @@ #define ARM_SYS_CNTCTL_BASE 0x2a430000 #define ARM_SYS_CNTREAD_BASE 0x2a800000 #define ARM_SYS_TIMCTL_BASE 0x2a810000 +#define ARM_SYS_CNT_BASE_S 0x2a820000 +#define ARM_SYS_CNT_BASE_NS 0x2a830000 #define ARM_CONSOLE_BAUDRATE 115200 diff --git a/include/services/spm_svc.h b/include/services/spm_svc.h index 8f872c39e..0200992c1 100644 --- a/include/services/spm_svc.h +++ b/include/services/spm_svc.h @@ -74,6 +74,9 @@ uint64_t spm_smc_handler(uint32_t smc_fid, void *handle, uint64_t flags); +/* Helper to enter a Secure Partition */ +uint64_t spm_sp_call(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3); + #endif /* __ASSEMBLY__ */ #endif /* __SPM_SVC_H__ */ diff --git a/lib/xlat_tables_v2/xlat_tables_internal.c b/lib/xlat_tables_v2/xlat_tables_internal.c index a38f97f2f..3b586b2a0 100644 --- a/lib/xlat_tables_v2/xlat_tables_internal.c +++ b/lib/xlat_tables_v2/xlat_tables_internal.c @@ -1087,13 +1087,13 @@ static void xlat_desc_print(const xlat_ctx_t *ctx, uint64_t desc) if (xlat_regime == EL3_REGIME) { /* For EL3, the XN bit is all what matters */ - tf_printf("%s", LOWER_ATTRS(XN) & desc ? xn_str : exec_str); + tf_printf("%s", (UPPER_ATTRS(XN) & desc) ? xn_str : exec_str); } else { /* For EL0 and EL1, we need to know who has which rights */ - tf_printf("%s", LOWER_ATTRS(PXN) & desc ? xn_str : exec_str); + tf_printf("%s", (UPPER_ATTRS(PXN) & desc) ? xn_str : exec_str); tf_printf("%s", priv_str); - tf_printf("%s", LOWER_ATTRS(UXN) & desc ? xn_str : exec_str); + tf_printf("%s", (UPPER_ATTRS(UXN) & desc) ? xn_str : exec_str); tf_printf("%s", user_str); } diff --git a/plat/arm/common/arm_common.c b/plat/arm/common/arm_common.c index 11bdeac66..32fd9ee68 100644 --- a/plat/arm/common/arm_common.c +++ b/plat/arm/common/arm_common.c @@ -160,6 +160,9 @@ void arm_configure_sys_timer(void) { unsigned int reg_val; + /* Read the frequency of the system counter */ + unsigned int freq_val = plat_get_syscnt_freq2(); + #if ARM_CONFIG_CNTACR reg_val = (1 << CNTACR_RPCT_SHIFT) | (1 << CNTACR_RVCT_SHIFT); reg_val |= (1 << CNTACR_RFRQ_SHIFT) | (1 << CNTACR_RVOFF_SHIFT); @@ -169,6 +172,23 @@ void arm_configure_sys_timer(void) reg_val = (1 << CNTNSAR_NS_SHIFT(PLAT_ARM_NSTIMER_FRAME_ID)); mmio_write_32(ARM_SYS_TIMCTL_BASE + CNTNSAR, reg_val); + + /* + * Initialize CNTFRQ register in CNTCTLBase frame. The CNTFRQ + * system register initialized during psci_arch_setup() is different + * from this and has to be updated independently. + */ + mmio_write_32(ARM_SYS_TIMCTL_BASE + CNTCTLBASE_CNTFRQ, freq_val); + +#ifdef PLAT_juno + /* + * Initialize CNTFRQ register in Non-secure CNTBase frame. + * This is only required for Juno, because it doesn't follow ARM ARM + * in that the value updated in CNTFRQ is not reflected in CNTBASE_CNTFRQ. + * Hence update the value manually. + */ + mmio_write_32(ARM_SYS_CNT_BASE_NS + CNTBASE_CNTFRQ, freq_val); +#endif } #endif /* ARM_SYS_TIMCTL_BASE */ diff --git a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c index b144c84bd..c3612706a 100644 --- a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c +++ b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c @@ -205,12 +205,21 @@ static char *zynqmp_get_silicon_idcode_name(void) { uint32_t id, ver, chipid[2]; size_t i, j, len; - enum pm_ret_status ret; const char *name = "EG/EV"; - ret = pm_get_chipid(chipid); - if (ret) +#ifdef IMAGE_BL32 + /* + * For BL32, get the chip id info directly by reading corresponding + * registers instead of making pm call. This has limitation + * that these registers should be configured to have access + * from APU which is default case. + */ + chipid[0] = mmio_read_32(ZYNQMP_CSU_BASEADDR + ZYNQMP_CSU_IDCODE_OFFSET); + chipid[1] = mmio_read_32(EFUSE_BASEADDR + EFUSE_IPDISABLE_OFFSET); +#else + if (pm_get_chipid(chipid) != PM_RET_SUCCESS) return "UNKN"; +#endif id = chipid[0] & (ZYNQMP_CSU_IDCODE_DEVICE_CODE_MASK | ZYNQMP_CSU_IDCODE_SVD_MASK); diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h index ebbc8c2cd..49766cc92 100644 --- a/plat/xilinx/zynqmp/include/platform_def.h +++ b/plat/xilinx/zynqmp/include/platform_def.h @@ -34,7 +34,7 @@ * little space for growth. */ #ifndef ZYNQMP_ATF_MEM_BASE -#if !DEBUG +#if !DEBUG && defined(SPD_none) # define BL31_BASE 0xfffea000 # define BL31_LIMIT 0xffffffff #else diff --git a/services/std_svc/spm/spm_main.c b/services/std_svc/spm/spm_main.c index f63f9c4f5..585707dc9 100644 --- a/services/std_svc/spm/spm_main.c +++ b/services/std_svc/spm/spm_main.c @@ -181,6 +181,35 @@ int32_t spm_setup(void) } /******************************************************************************* + * Function to perform a call to a Secure Partition. + ******************************************************************************/ +uint64_t spm_sp_call(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3) +{ + uint64_t rc; + sp_context_t *sp_ptr = &sp_ctx; + + /* Wait until the Secure Partition is idle and set it to busy. */ + sp_state_wait_switch(sp_ptr, SP_STATE_IDLE, SP_STATE_BUSY); + + /* Set values for registers on SP entry */ + cpu_context_t *cpu_ctx = &(sp_ptr->cpu_ctx); + + write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X0, smc_fid); + write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X1, x1); + write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X2, x2); + write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X3, x3); + + /* Jump to the Secure Partition. */ + rc = spm_sp_synchronous_entry(sp_ptr); + + /* Flag Secure Partition as idle. */ + assert(sp_ptr->state == SP_STATE_BUSY); + sp_state_set(sp_ptr, SP_STATE_IDLE); + + return rc; +} + +/******************************************************************************* * MM_COMMUNICATE handler ******************************************************************************/ static uint64_t mm_communicate(uint32_t smc_fid, uint64_t mm_cookie, @@ -188,7 +217,6 @@ static uint64_t mm_communicate(uint32_t smc_fid, uint64_t mm_cookie, uint64_t comm_size_address, void *handle) { uint64_t rc; - sp_context_t *ctx = &sp_ctx; /* Cookie. Reserved for future use. It must be zero. */ if (mm_cookie != 0U) { @@ -208,23 +236,8 @@ static uint64_t mm_communicate(uint32_t smc_fid, uint64_t mm_cookie, /* Save the Normal world context */ cm_el1_sysregs_context_save(NON_SECURE); - /* Wait until the Secure Partition is idle and set it to busy. */ - sp_state_wait_switch(ctx, SP_STATE_IDLE, SP_STATE_BUSY); - - /* Set values for registers on SP entry */ - cpu_context_t *cpu_ctx = &(ctx->cpu_ctx); - - write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X0, smc_fid); - write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X1, comm_buffer_address); - write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X2, comm_size_address); - write_ctx_reg(get_gpregs_ctx(cpu_ctx), CTX_GPREG_X3, plat_my_core_pos()); - - /* Jump to the Secure Partition. */ - rc = spm_sp_synchronous_entry(ctx); - - /* Flag Secure Partition as idle. */ - assert(ctx->state == SP_STATE_BUSY); - sp_state_set(ctx, SP_STATE_IDLE); + rc = spm_sp_call(smc_fid, comm_buffer_address, comm_size_address, + plat_my_core_pos()); /* Restore non-secure state */ cm_el1_sysregs_context_restore(NON_SECURE); |