| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Change-Id: I77d38758d18ba6dda1652b1b1e644fbfb14386cc
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pointer authentication is an Armv8.3 feature that introduces
instructions that can be used to authenticate and verify pointers.
Pointer authentication instructions are allowed to be accessed from all
ELs but only when EL3 explicitly allows for it; otherwise, their usage
will trap to EL3. Since EL3 doesn't have trap handling in place, this
patch unconditionally disables all related traps to EL3 to avoid
potential misconfiguration leading to an unhandled EL3 exception.
Fixes ARM-software/tf-issues#629
Change-Id: I9bd2efe0dc714196f503713b721ffbf05672c14d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |
|
|
|
|
|
|
|
|
| |
This patch introduces a build flag "RECLAIM_INIT_CODE" to mark boot time
code which allows platforms to place this memory in an appropriate
section to be reclaimed later. This features is primarily targeted for
BL31. Appropriate documentation updates are also done.
Change-Id: If0ca062851614805d769c332c771083d46599194
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
|
| |\
| |
| | |
docs: update for removal of deprecated interfaces.
|
| | |
| |
| |
| |
| | |
Change-Id: I69e2720f534583a0f8d0e44f2e7b6f393f6fd093
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I567a406edb090ae9d109382f6874846a79dd7473
Co-authored-by: Roberto Vargas <roberto.vargas@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
|
| |/
|
|
|
|
|
|
| |
The code of LOAD_IMAGE_V2=0 has been removed.
Change-Id: Iea03e5bebb90c66889bdb23f85c07d0c9717fffe
Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
|
| |
|
|
|
|
|
|
|
|
| |
Currenly the CNTFRQ register and system timer is initialized in BL31 for
use by the normal world. During firmware update, the NS-BL1 or NS-BL2U
may need to access the system timer. Hence this patch duplicates the
CNTFRQ and system timer initialization in BL1 as well.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I1ede78b4ae64080fb418cb93f3e48b26d7b724dc
|
| |
|
|
|
|
|
|
|
|
| |
For the BL2_AT_EL3 configuration, move BL2 higher up to make more
space for BL31. Adjust the BL31 limit to be up to BL2 base. This is
because BL2 is always resident for the BL2_AT_EL3 configuration and
thus we cannot overlay it with BL31.
Change-Id: I71e89863ed48f5159e8b619f49c7c73b253397aa
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
|
| |
|
|
|
|
|
|
| |
This patch updates the firmware design guide for the BL memory
layout change on ARM platforms.
Change-Id: Icbfe7249484bb8b4ba3c94421172d42f27605c52
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update Arm Trusted Firmware references in the upstream documents to
Trusted Firmware-A (TF-A). This is for consistency with and
disambiguation from Trusted Firmware-M (TF-M).
Also update other Arm trademarks, e.g. ARM->Arm, ARMv8->Armv8-A.
Change-Id: I8bb0e18af29c6744eeea2dc6c08f2c10b20ede22
Signed-off-by: Dan Handley <dan.handley@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updates the `firmware-design.rst` document for
changes in ARM-TF for supporting dynamic configuration features
as presented in `Secure Firmware BoF SFO'17`[1].
The patch also updates the user-guide for 2 build options for FVP
pertaining to dynamic config.
[1] https://www.slideshare.net/linaroorg/bof-device-tree-and-secure-firmware-bof-sfo17310
Change-Id: Ic099cf41e7f1a98718c39854e6286d884011d445
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
|
| |
|
|
|
|
|
|
|
| |
The CnP bit documentation in the Firmware Design Guide incorrectly
used the term "Page Entries" instead of "Processing Elements".
Fix that.
Change-Id: Ie44ee99c281b7b1a9ad90fba2c7d109f12425507
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
| |\
| |
| | |
Add BL2_AT_EL3 build option
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Update firmware-design.rst, porting-guide.rst and user-guide.rst
with the information about BL2 at EL3. Firmware-design.rst is
also update to explain how to test this feauture with FVP.
Change-Id: I86d64bc64594e13eb041cea9cefa3f7f3fa745bd
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
|
| |/
|
|
|
|
| |
Change-Id: I2e29a63f08aed3b8ea0bb10170a3d55b8d033e62
Signed-off-by: Jett Zhou <jett.zhou@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
|
| |\
| |
| | |
Support ARMv7 architectures
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
External build environment shall sets directive ARM_ARCH_MAJOR to 7
to specify a target ARMv7-A core.
As ARM-TF expects AARCH to be set, ARM_ARCH_MAJOR==7 mandates
AARCH=aarch32.
The toolchain target architecture/cpu is delegated after the platform
configuration is parsed. Platform shall define target core through
ARM_CORTEX_A<x>=yes, <x> being 5, 7, 9, 12, 15 and/or 17.
Platform can bypass ARM_CORTEX_A<x>=yes directive and provide straight
the toolchain target directive through MARCH32_DIRECTIVE.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FPEXC32_EL2 register controls SIMD and FP functionality when the
lower ELs are executing in AArch32 mode. It is architecturally mapped
to AArch32 system register FPEXC.
This patch removes FPEXC32_EL2 register from the System Register context
and adds it to the floating-point context. EL3 only saves / restores the
floating-point context if the build option CTX_INCLUDE_FPREGS is set to 1.
The rationale for this change is that if the Secure world is using FP
functionality and EL3 is not managing the FP context, then the Secure
world will save / restore the appropriate FP registers.
NOTE - this is a break in behaviour in the unlikely case that
CTX_INCLUDE_FPREGS is set to 0 and the platform contains an AArch32
Secure Payload that modifies FPEXC, but does not save and restore
this register
Change-Id: Iab80abcbfe302752d52b323b4abcc334b585c184
Signed-off-by: David Cunado <david.cunado@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add events that trigger before entry to normal/secure world. The
events trigger after the normal/secure context has been restored.
Similarly add events that trigger after leaving normal/secure world.
The events trigger after the normal/secure context has been saved.
Change-Id: I1b48a7ea005d56b1f25e2b5313d77e67d2f02bc5
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
|
| |
|
|
|
|
|
|
|
|
| |
This allows other EL3 components to subscribe to CPU on events.
Update Firmware Design guide to list psci_cpu_on_finish as an available
event.
Change-Id: Ida774afe0f9cdce4021933fcc33a9527ba7aaae2
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This light-weight framework enables some EL3 components to publish
events which other EL3 components can subscribe to. Publisher can
optionally pass opaque data for subscribers. The order in which
subscribers are called is not defined.
Firmware design updated.
Change-Id: I24a3a70b2b1dedcb1f73cf48313818aebf75ebb6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |\
| |
| | |
New GIC APIs and specifying interrupt propertes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The GIC driver initialization currently allows an array of interrupts to
be configured as secure. Future use cases would require more interrupt
configuration other than just security, such as priority.
This patch introduces a new interrupt property array as part of both
GICv2 and GICv3 driver data. The platform can populate the array with
interrupt numbers and respective properties. The corresponding driver
initialization iterates through the array, and applies interrupt
configuration as required.
This capability, and the current way of supplying array (or arrays, in
case of GICv3) of secure interrupts, are however mutually exclusive.
Henceforth, the platform should supply either:
- A list of interrupts to be mapped as secure (the current way).
Platforms that do this will continue working as they were. With this
patch, this scheme is deprecated.
- A list of interrupt properties (properties include interrupt group).
Individual interrupt properties are specified via. descriptors of
type 'interrupt_prop_desc_t', which can be populated with the macro
INTR_PROP_DESC().
A run time assert checks that the platform doesn't specify both.
Henceforth the old scheme of providing list of secure interrupts is
deprecated. When built with ERROR_DEPRECATED=1, GIC drivers will require
that the interrupt properties are supplied instead of an array of secure
interrupts.
Add a section to firmware design about configuring secure interrupts.
Fixes ARM-software/tf-issues#262
Change-Id: I8eec29e72eb69dbb6bce77879febf32c95376942
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |\ \
| | |
| | | |
docs: Update Trusted Board Boot Requirements document number
|
| | |/
| |
| |
| |
| |
| |
| | |
Update DEN0006B-5(2013) to DEN0006C-1(2015)
Change-Id: I753a14214dde827d004fd04c47b5ba112df38d73
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
|
| |/
|
|
|
|
|
|
| |
This patch adds documentation about the new PCSI API to the porting guide
and it also update the version and function list in the firmware design.
Change-Id: Ie4edd190926a501922c061f5fcad53c9b389e331
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
|
| |\
| |
| | |
Enable CnP bit for ARMv8.2 CPUs
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch enables the CnP (Common not Private) bit for secure page
tables so that multiple PEs in the same Inner Shareable domain can use
the same translation table entries for a given stage of translation in
a particular translation regime. This only takes effect when ARM
Trusted Firmware is built with ARM_ARCH_MINOR >= 2.
ARM Trusted Firmware Design has been updated to include a description
of this feature usage.
Change-Id: I698305f047400119aa1900d34c65368022e410b8
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
|
| |\ \
| | |
| | | |
firmware-design.rst: Fix formatting
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
The format conversion wrongly formatted a couple of sections. These were
also missing from the Table of Contents.
Change-Id: I324216c27e7b4711e6cc5e25782f4b53842140cc
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
| |/
|
|
|
| |
Change-Id: I00fae047dea0eaf7e60037598af020817c66f659
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The documentation describes the design of the translation tables
library version 2 used by the ARM Trusted Firmware.
The diagram file has been created with Dia version 0.97.2. This tool
can be obtained from: https://wiki.gnome.org/Apps/Dia/Download
Inkscape has been used to generate the *.png file from the *.dia file
to work around a bug in the generation of *.png files in some versions
of Dia.
Change-Id: Ie67d9998d4ae881b2c060200a318ad3ac2fa5e91
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
| |
|
|
|
|
|
| |
Non-automated fixes to the converted documentation.
Change-Id: I61f3d37c7a8d6a56a7351048060b970c5b3751e4
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
|
|
|
Due to recent issues in the rendering of the documentation on GitHub and
some long-standing issues like the lack of automatic table of content in
Markdown, the documentation has been converted to reStructuredText.
Basic constructs looks pretty similar to Markdown.
Automatically convert GitHub markdown documentation to reStructuredText
using pandoc.
Change-Id: If20b695acedc6d1b49c8d9fb64efd6b6ba23f4a9
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
|
