Merge pull request #1913 from marex/arm/master/m3wulcb-v2.0.1
rcar_gen3: plat: Set M3W ULCB DRAM size to 2 GiB
diff --git a/Makefile b/Makefile
index 11d0d7a..f3312c6 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@
# Trusted Firmware Version
#
VERSION_MAJOR := 2
-VERSION_MINOR := 0
+VERSION_MINOR := 1
# Default goal is build all images
.DEFAULT_GOAL := all
diff --git a/docs/change-log.rst b/docs/change-log.rst
index b0ef422..d652ff6 100644
--- a/docs/change-log.rst
+++ b/docs/change-log.rst
@@ -4,6 +4,450 @@
.. contents::
+Trusted Firmware-A - version 2.1
+================================
+
+New Features
+------------
+
+- Architecture
+ - Support for ARMv8.3 pointer authentication in the normal and secure worlds
+
+ The use of pointer authentication in the normal world is enabled whenever
+ architectural support is available, without the need for additional build
+ flags.
+
+ Use of pointer authentication in the secure world remains an
+ experimental configuration at this time. Using both the ``ENABLE_PAUTH``
+ and ``CTX_INCLUDE_PAUTH_REGS`` build flags, pointer authentication can be
+ enabled in EL3 and S-EL1/0.
+
+ See the `Firmware Design`_ document for additional details on the use of
+ pointer authentication.
+
+ - Enable Data Independent Timing (DIT) in EL3, where supported
+
+- Build System
+ - Support for BL-specific build flags
+
+ - Support setting compiler target architecture based on ``ARM_ARCH_MINOR``
+ build option.
+
+ - New ``RECLAIM_INIT_CODE`` build flag:
+
+ A significant amount of the code used for the initialization of BL31 is
+ not needed again after boot time. In order to reduce the runtime memory
+ footprint, the memory used for this code can be reclaimed after
+ initialization.
+
+ Certain boot-time functions were marked with the ``__init`` attribute to
+ enable this reclamation.
+
+- CPU Support
+ - cortex-a76: Workaround for erratum 1073348
+ - cortex-a76: Workaround for erratum 1220197
+ - cortex-a76: Workaround for erratum 1130799
+
+ - cortex-a75: Workaround for erratum 790748
+ - cortex-a75: Workaround for erratum 764081
+
+ - cortex-a73: Workaround for erratum 852427
+ - cortex-a73: Workaround for erratum 855423
+
+ - cortex-a57: Workaround for erratum 817169
+ - cortex-a57: Workaround for erratum 814670
+
+ - cortex-a55: Workaround for erratum 903758
+ - cortex-a55: Workaround for erratum 846532
+ - cortex-a55: Workaround for erratum 798797
+ - cortex-a55: Workaround for erratum 778703
+ - cortex-a55: Workaround for erratum 768277
+
+ - cortex-a53: Workaround for erratum 819472
+ - cortex-a53: Workaround for erratum 824069
+ - cortex-a53: Workaround for erratum 827319
+
+ - cortex-a17: Workaround for erratum 852423
+ - cortex-a17: Workaround for erratum 852421
+
+ - cortex-a15: Workaround for erratum 816470
+ - cortex-a15: Workaround for erratum 827671
+
+- Documentation
+ - Exception Handling Framework documentation
+
+ - Library at ROM (romlib) documentation
+
+ - RAS framework documentation
+
+ - Coding Guidelines document
+
+- Drivers
+ - ccn: Add API for setting and reading node registers
+ - Adds ``ccn_read_node_reg`` function
+ - Adds ``ccn_write_node_reg`` function
+
+ - partition: Support MBR partition entries
+
+ - scmi: Add ``plat_css_get_scmi_info`` function
+
+ Adds a new API ``plat_css_get_scmi_info`` which lets the platform
+ register a platform-specific instance of ``scmi_channel_plat_info_t`` and
+ remove the default values
+
+ - tzc380: Add TZC-380 TrustZone Controller driver
+
+ - tzc-dmc620: Add driver to manage the TrustZone Controller within the
+ DMC-620 Dynamic Memory Controller
+
+- Library at ROM (romlib)
+ - Add platform-specific jump table list
+
+ - Allow patching of romlib functions
+
+ This change allows patching of functions in the romlib. This can be done by
+ adding "patch" at the end of the jump table entry for the function that
+ needs to be patched in the file jmptbl.i.
+
+- Library Code
+ - Support non-LPAE-enabled MMU tables in AArch32
+
+ - mmio: Add ``mmio_clrsetbits_16`` function
+ - 16-bit variant of ``mmio_clrsetbits``
+
+ - object_pool: Add Object Pool Allocator
+ - Manages object allocation using a fixed-size static array
+ - Adds ``pool_alloc`` and ``pool_alloc_n`` functions
+ - Does not provide any functions to free allocated objects (by design)
+
+ - libc: Added ``strlcpy`` function
+
+ - libc: Import ``strrchr`` function from FreeBSD
+
+ - xlat_tables: Add support for ARMv8.4-TTST
+
+ - xlat_tables: Support mapping regions without an explicitly specified VA
+
+- Math
+ - Added softudiv macro to support software division
+
+- Memory Partitioning And Monitoring (MPAM)
+ - Enabled MPAM EL2 traps (``MPAMHCR_EL2`` and ``MPAM_EL2``)
+
+- Platforms
+ - amlogic: Add support for Meson S905 (GXBB)
+
+ - arm/fvp_ve: Add support for FVP Versatile Express platform
+
+ - arm/n1sdp: Add support for Neoverse N1 System Development platform
+
+ - arm/rde1edge: Add support for Neoverse E1 platform
+
+ - arm/rdn1edge: Add support for Neoverse N1 platform
+
+ - arm: Add support for booting directly to Linux without an intermediate
+ loader (AArch32)
+
+ - arm/juno: Enable new CPU errata workarounds for A53 and A57
+
+ - arm/juno: Add romlib support
+
+ Building a combined BL1 and ROMLIB binary file with the correct page
+ alignment is now supported on the Juno platform. When ``USE_ROMLIB`` is set
+ for Juno, it generates the combined file ``bl1_romlib.bin`` which needs to
+ be used instead of bl1.bin.
+
+ - intel/stratix: Add support for Intel Stratix 10 SoC FPGA platform
+
+ - marvell: Add support for Armada-37xx SoC platform
+
+ - nxp: Add support for i.MX8M and i.MX7 Warp7 platforms
+
+ - renesas: Add support for R-Car Gen3 platform
+
+ - xilinx: Add support for Versal ACAP platforms
+
+- Position-Independent Executable (PIE)
+
+ PIE support has initially been added to BL31. The ``ENABLE_PIE`` build flag is
+ used to enable or disable this functionality as required.
+
+- Secure Partition Manager
+ - New SPM implementation based on SPCI Alpha 1 draft specification
+
+ A new version of SPM has been implemented, based on the SPCI (Secure
+ Partition Client Interface) and SPRT (Secure Partition Runtime) draft
+ specifications.
+
+ The new implementation is a prototype that is expected to undergo intensive
+ rework as the specifications change. It has basic support for multiple
+ Secure Partitions and Resource Descriptions.
+
+ The older version of SPM, based on MM (ARM Management Mode Interface
+ Specification), is still present in the codebase. A new build flag,
+ ``SPM_MM`` has been added to allow selection of the desired implementation.
+ This flag defaults to 1, selecting the MM-based implementation.
+
+- Security
+ - Spectre Variant-1 mitigations (``CVE-2017-5753``)
+
+ - Use Speculation Store Bypass Safe (SSBS) functionality where available
+
+ Provides mitigation against ``CVE-2018-19440`` (Not saving x0 to x3
+ registers can leak information from one Normal World SMC client to another)
+
+
+Changed
+-------
+
+- Build System
+ - Warning levels are now selectable with ``W=<1,2,3>``
+
+ - Removed unneeded include paths in PLAT_INCLUDES
+
+ - "Warnings as errors" (Werror) can be disabled using ``E=0``
+
+ - Support totally quiet output with ``-s`` flag
+
+ - Support passing options to checkpatch using ``CHECKPATCH_OPTS=<opts>``
+
+ - Invoke host compiler with ``HOSTCC / HOSTCCFLAGS`` instead of ``CC / CFLAGS``
+
+ - Make device tree pre-processing similar to U-boot/Linux by:
+ - Creating separate ``CPPFLAGS`` for DT preprocessing so that compiler
+ options specific to it can be accommodated.
+ - Replacing ``CPP`` with ``PP`` for DT pre-processing
+
+- CPU Support
+ - Errata report function definition is now mandatory for CPU support files
+
+ CPU operation files must now define a ``<name>_errata_report`` function to
+ print errata status. This is no longer a weak reference.
+
+- Documentation
+ - Migrated some content from GitHub wiki to ``docs/`` directory
+
+ - Security advisories now have CVE links
+
+ - Updated copyright guidelines
+
+- Drivers
+ - console: The ``MULTI_CONSOLE_API`` framework has been rewritten in C
+
+ - console: Ported multi-console driver to AArch32
+
+ - gic: Remove 'lowest priority' constants
+
+ Removed ``GIC_LOWEST_SEC_PRIORITY`` and ``GIC_LOWEST_NS_PRIORITY``.
+ Platforms should define these if required, or instead determine the correct
+ priority values at runtime.
+
+ - delay_timer: Check that the Generic Timer extension is present
+
+ - mmc: Increase command reply timeout to 10 milliseconds
+
+ - mmc: Poll eMMC device status to ensure ``EXT_CSD`` command completion
+
+ - mmc: Correctly check return code from ``mmc_fill_device_info``
+
+- External Libraries
+
+ - libfdt: Upgraded from 1.4.2 to 1.4.6-9
+
+ - mbed TLS: Upgraded from 2.12 to 2.16
+
+ This change incorporates fixes for security issues that should be reviewed
+ to determine if they are relevant for software implementations using
+ Trusted Firmware-A. See the `mbed TLS releases`_ page for details on
+ changes from the 2.12 to the 2.16 release.
+
+- Library Code
+ - compiler-rt: Updated ``lshrdi3.c`` and ``int_lib.h`` with changes from
+ LLVM master branch (r345645)
+
+ - cpu: Updated macro that checks need for ``CVE-2017-5715`` mitigation
+
+ - libc: Made setjmp and longjmp C standard compliant
+
+ - libc: Allowed overriding the default libc (use ``OVERRIDE_LIBC``)
+
+ - libc: Moved setjmp and longjmp to the ``libc/`` directory
+
+- Platforms
+ - Removed Mbed TLS dependency from plat_bl_common.c
+
+ - arm: Removed unused ``ARM_MAP_BL_ROMLIB`` macro
+
+ - arm: Removed ``ARM_BOARD_OPTIMISE_MEM`` feature and build flag
+
+ - arm: Moved several components into ``drivers/`` directory
+
+ This affects the SDS, SCP, SCPI, MHU and SCMI components
+
+ - arm/juno: Increased maximum BL2 image size to ``0xF000``
+
+ This change was required to accommodate a larger ``libfdt`` library
+
+- SCMI
+ - Optimized bakery locks when hardware-assisted coherency is enabled using the
+ ``HW_ASSISTED_COHERENCY`` build flag
+
+- SDEI
+ - Added support for unconditionally resuming secure world execution after
+ SDEI event processing completes
+
+ SDEI interrupts, although targeting EL3, occur on behalf of the non-secure
+ world, and may have higher priority than secure world
+ interrupts. Therefore they might preempt secure execution and yield
+ execution to the non-secure SDEI handler. Upon completion of SDEI event
+ handling, resume secure execution if it was preempted.
+
+- Translation Tables (XLAT)
+ - Dynamically detect need for ``Common not Private (TTBRn_ELx.CnP)`` bit
+
+ Properly handle the case where ``ARMv8.2-TTCNP`` is implemented in a CPU
+ that does not implement all mandatory v8.2 features (and so must claim to
+ implement a lower architecture version).
+
+
+Resolved Issues
+---------------
+
+- Architecture
+ - Incorrect check for SSBS feature detection
+
+ - Unintentional register clobber in AArch32 reset_handler function
+
+- Build System
+ - Dependency issue during DTB image build
+
+ - Incorrect variable expansion in Arm platform makefiles
+
+ - Building on Windows with verbose mode (``V=1``) enabled is broken
+
+ - AArch32 compilation flags is missing ``$(march32-directive)``
+
+- BL-Specific Issues
+ - bl2: ``uintptr_t is not defined`` error when ``BL2_IN_XIP_MEM`` is defined
+
+ - bl2: Missing prototype warning in ``bl2_arch_setup``
+
+ - bl31: Omission of Global Offset Table (GOT) section
+
+- Code Quality Issues
+ - Multiple MISRA compliance issues
+
+ - Potential NULL pointer dereference (Coverity-detected)
+
+- Drivers
+ - mmc: Local declaration of ``scr`` variable causes a cache issue when
+ invalidating after the read DMA transfer completes
+
+ - mmc: ``ACMD41`` does not send voltage information during initialization,
+ resulting in the command being treated as a query. This prevents the
+ command from initializing the controller.
+
+ - mmc: When checking device state using ``mmc_device_state()`` there are no
+ retries attempted in the event of an error
+
+ - ccn: Incorrect Region ID calculation for RN-I nodes
+
+ - console: ``Fix MULTI_CONSOLE_API`` when used as a crash console
+
+ - partition: Improper NULL checking in gpt.c
+
+ - partition: Compilation failure in ``VERBOSE`` mode (``V=1``)
+
+- Library Code
+ - common: Incorrect check for Address Authentication support
+
+ - xlat: Fix XLAT_V1 / XLAT_V2 incompatibility
+
+ The file ``arm_xlat_tables.h`` has been renamed to ``xlat_tables_compat.h``
+ and has been moved to a common folder. This header can be used to guarantee
+ compatibility, as it includes the correct header based on
+ ``XLAT_TABLES_LIB_V2``.
+
+ - xlat: armclang unused-function warning on ``xlat_clean_dcache_range``
+
+ - xlat: Invalid ``mm_cursor`` checks in ``mmap_add`` and ``mmap_add_ctx``
+
+ - sdei: Missing ``context.h`` header
+
+- Platforms
+ - common: Missing prototype warning for ``plat_log_get_prefix``
+
+ - arm: Insufficient maximum BL33 image size
+
+ - arm: Potential memory corruption during BL2-BL31 transition
+
+ On Arm platforms, the BL2 memory can be overlaid by BL31/BL32. The memory
+ descriptors describing the list of executable images are created in BL2
+ R/W memory, which could be possibly corrupted later on by BL31/BL32 due
+ to overlay. This patch creates a reserved location in SRAM for these
+ descriptors and are copied over by BL2 before handing over to next BL
+ image.
+
+ - juno: Invalid behaviour when ``CSS_USE_SCMI_SDS_DRIVER`` is not set
+
+ In ``juno_pm.c`` the ``css_scmi_override_pm_ops`` function was used
+ regardless of whether the build flag was set. The original behaviour has
+ been restored in the case where the build flag is not set.
+
+- Tools
+ - fiptool: Incorrect UUID parsing of blob parameters
+
+ - doimage: Incorrect object rules in Makefile
+
+
+Deprecations
+------------
+
+- Common Code
+ - ``plat_crash_console_init`` function
+
+ - ``plat_crash_console_putc`` function
+
+ - ``plat_crash_console_flush`` function
+
+ - ``finish_console_register`` macro
+
+- AArch64-specific Code
+ - helpers: ``get_afflvl_shift``
+
+ - helpers: ``mpidr_mask_lower_afflvls``
+
+ - helpers: ``eret``
+
+- Secure Partition Manager (SPM)
+ - Boot-info structure
+
+
+Known Issues
+------------
+
+- Build System Issues
+ - dtb: DTB creation not supported when building on a Windows host.
+
+ This step in the build process is skipped when running on a Windows host. A
+ known issue from the 1.6 release.
+
+- Platform Issues
+ - arm/juno: System suspend from Linux does not function as documented in the
+ user guide
+
+ Following the instructions provided in the user guide document does not
+ result in the platform entering system suspend state as expected. A message
+ relating to the hdlcd driver failing to suspend will be emitted on the
+ Linux terminal.
+
+ - arm/juno: The firmware update use-cases do not work with motherboard
+ firmware version < v1.5.0 (the reset reason is not preserved). The Linaro
+ 18.04 release has MB v1.4.9. The MB v1.5.0 is available in Linaro 18.10
+ release.
+
+ - mediatek/mt6795: This platform does not build in this release
+
Trusted Firmware-A - version 2.0
================================
@@ -1983,3 +2427,5 @@
.. _OP-TEE Dispatcher: optee-dispatcher.rst
.. _tf-issue#501: https://github.com/ARM-software/tf-issues/issues/501
.. _PR#1002: https://github.com/ARM-software/arm-trusted-firmware/pull/1002#issuecomment-312650193
+.. _mbed TLS releases: https://tls.mbed.org/tech-updates/releases
+.. _Firmware Design: firmware-design.rst
diff --git a/docs/contents.rst b/docs/contents.rst
new file mode 100644
index 0000000..4b3f74f
--- /dev/null
+++ b/docs/contents.rst
@@ -0,0 +1,165 @@
+Trusted Firmware-A Documentation Contents
+=========================================
+
+This document serves as a list of the documentation that is included with the
+Trusted Firmware-A source.
+
+Introduction
+------------
+
+`About Trusted Firmware-A`_
+
+Getting Started
+---------------
+
+`Frequently-Asked Questions (FAQ)`_
+
+`Image Terminology`_
+
+`Porting Guide`_
+
+`User Guide`_
+
+Contributing
+------------
+
+`Coding Style and Guidelines`_
+
+`Contributor Acknowledgements`_
+
+`Contributor's Guide`_
+
+`License`_
+
+`Maintainers`_
+
+Processes and Policies
+----------------------
+
+`Platform Compatibility Policy`_
+
+`Release Processes`_
+
+Secure Payload Dispatch
+-----------------------
+
+`OP-TEE Dispatcher`_
+
+`Trusted Little Kernel (TLK) Dispatcher`_
+
+`Trusty Dispatcher`_
+
+System Design and Components
+----------------------------
+
+`Arm CPU Specific Build Macros`_
+
+`Arm SiP Services`_
+
+`Authentication Framework & Chain of Trust`_
+
+`CPU Reset`_
+
+`EL3 Runtime Service Writer’s Guide`_
+
+`Exception Handling Framework`_
+
+`Firmware Design Overview`_
+
+`Firmware Update (FWU)`_
+
+`Interrupt Management Framework`_
+
+`Library at ROM`_
+
+`Platform Interrupt Controller API`_
+
+`PSCI Library Integration Guide for Armv8-A AArch32 systems`_
+
+`PSCI Power Domain Tree design`_
+
+`Reliability, Availability, and Serviceability (RAS) Extensions`_
+
+`Secure Partition Manager`_
+
+`Software Delegated Exception Interface`_
+
+`Translation (XLAT) Tables Library`_
+
+`Trusted Board Boot Design Guide`_
+
+Performance and Testing
+-----------------------
+
+`PSCI Performance Measurements on Arm Juno Development Platform`_
+
+Security and Advisories
+-----------------------
+
+`Security Processes`_
+
+`TFV-1`_
+
+`TFV-2`_
+
+`TFV-3`_
+
+`TFV-4`_
+
+`TFV-5`_
+
+`TFV-6`_
+
+`TFV-7`_
+
+`TFV-8`_
+
+Other Documents
+---------------
+
+`Change Log`_
+
+.. _About Trusted Firmware-A: ../readme.rst
+.. _Frequently-Asked Questions (FAQ): ./frequently-asked-questions.rst
+.. _Image Terminology: ./image-terminology.rst
+.. _Porting Guide: ./porting-guide.rst
+.. _User Guide: ./user-guide.rst
+.. _Coding Style and Guidelines: ./coding-guidelines.rst
+.. _Contributor Acknowledgements: ../acknowledgements.rst
+.. _`Contributor's Guide`: ../contributing.rst
+.. _License: ../license.rst
+.. _Maintainers: ../maintainers.rst
+.. _Platform Compatibility Policy: ./platform-compatibility-policy.rst
+.. _Release Processes: ./release-information.rst
+.. _Arm SiP Services: ./arm-sip-service.rst
+.. _Exception Handling Framework: ./exception-handling.rst
+.. _Firmware Update (FWU): ./firmware-update.rst
+.. _Interrupt Management Framework: ./interrupt-framework-design.rst
+.. _Library at ROM: ./romlib-design.rst
+.. _Platform Interrupt Controller API: ./platform-interrupt-controller-API.rst
+.. _`Reliability, Availability, and Serviceability (RAS) Extensions`: ./ras.rst
+.. _Secure Partition Manager: ./secure-partition-manager-design.rst
+.. _Software Delegated Exception Interface: ./sdei.rst
+.. _Translation (XLAT) Tables Library: ./xlat-tables-lib-v2-design.rst
+.. _OP-TEE Dispatcher: ./spd/optee-dispatcher.rst
+.. _Trusted Little Kernel (TLK) Dispatcher: ./spd/tlk-dispatcher.rst
+.. _Trusty Dispatcher: ./spd/trusty-dispatcher.rst
+.. _Arm CPU Specific Build Macros: ./cpu-specific-build-macros.rst
+.. _`Authentication Framework & Chain of Trust`: ./auth-framework.rst
+.. _CPU Reset: ./reset-design.rst
+.. _`EL3 Runtime Service Writer’s Guide`: ./rt-svc-writers-guide.rst
+.. _Firmware Design Overview: ./firmware-design.rst
+.. _PSCI Library Integration Guide for Armv8-A AArch32 systems: ./psci-lib-integration-guide.rst
+.. _PSCI Power Domain Tree design: ./psci-pd-tree.rst
+.. _Trusted Board Boot Design Guide: ./trusted-board-boot.rst
+.. _PSCI Performance Measurements on Arm Juno Development Platform: ./psci-performance-juno.rst
+.. _Security Processes: ./security-center.rst
+.. _Change Log: ./change-log.rst
+.. _TFV-1: ./security_advisories/security-advisory-tfv-1.rst
+.. _TFV-2: ./security_advisories/security-advisory-tfv-2.rst
+.. _TFV-3: ./security_advisories/security-advisory-tfv-3.rst
+.. _TFV-4: ./security_advisories/security-advisory-tfv-4.rst
+.. _TFV-5: ./security_advisories/security-advisory-tfv-5.rst
+.. _TFV-6: ./security_advisories/security-advisory-tfv-6.rst
+.. _TFV-7: ./security_advisories/security-advisory-tfv-7.rst
+.. _TFV-8: ./security_advisories/security-advisory-tfv-8.rst
diff --git a/docs/user-guide.rst b/docs/user-guide.rst
index 5d6f4f8..0848769 100644
--- a/docs/user-guide.rst
+++ b/docs/user-guide.rst
@@ -56,11 +56,12 @@
TF-A has been tested with Linaro Release 18.04.
-Download and install the AArch32 or AArch64 little-endian GCC cross compiler.
-The `Linaro Release Notes`_ documents which version of the compiler to use for a
-given Linaro Release. Also, these `Linaro instructions`_ provide further
-guidance and a script, which can be used to download Linaro deliverables
-automatically.
+Download and install the AArch32 or AArch64 little-endian GCC cross compiler. If
+you would like to use the latest features available, download GCC 8.2-2019.01
+compiler from `arm Developer page`_. Otherwise, the `Linaro Release Notes`_
+documents which version of the compiler to use for a given Linaro Release. Also,
+these `Linaro instructions`_ provide further guidance and a script, which can be
+used to download Linaro deliverables automatically.
Optionally, TF-A can be built using clang version 4.0 or newer or Arm
Compiler 6. See instructions below on how to switch the default compiler.
@@ -413,7 +414,7 @@
and use partitions in EL3 as required. This option defaults to ``0``.
- ``ENABLE_PAUTH``: Boolean option to enable ARMv8.3 Pointer Authentication
- support for TF-A BL images itself. If enabled, it is needed to use a compiler
+ support for TF-A BL images itself. If enabled, it is needed to use a compiler
that supports the option ``-msign-return-address``. This flag defaults to 0
and this is an experimental feature.
Note that Pointer Authentication is enabled for Non-secure world irrespective
@@ -1014,18 +1015,13 @@
::
- make PLAT=fvp BL33=<path/to/bl33.bin> fip
+ make PLAT=fvp BL33=<path-to>/bl33.bin fip
For AArch32:
::
- make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path/to/bl33.bin> fip
-
-Note that AArch32 support for Normal world boot loader (BL33), like U-boot or
-UEFI, on FVP is not available upstream. Hence custom solutions are required to
-allow Linux boot on FVP. These instructions assume such a custom boot loader
-(BL33) is available.
+ make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path-to>/bl33.bin fip
The resulting FIP may be found in:
@@ -1276,8 +1272,7 @@
make [DEBUG=1] [V=1] fiptool
# Unpack firmware images from Linaro FIP
- ./tools/fiptool/fiptool unpack \
- <path/to/linaro/release>/fip.bin
+ ./tools/fiptool/fiptool unpack <path-to-linaro-release>/fip.bin
The unpack operation will result in a set of binary images extracted to the
current working directory. The SCP_BL2 image corresponds to
@@ -1287,8 +1282,8 @@
exist in the current directory. If that is the case, either delete those
files or use the ``--force`` option to overwrite.
- Note: For AArch32, the instructions below assume that nt-fw.bin is a custom
- Normal world boot loader that supports AArch32.
+ Note: For AArch32, the instructions below assume that nt-fw.bin is a normal
+ world boot loader that supports AArch32.
#. Build TF-A images and create a new FIP for FVP
@@ -1309,9 +1304,7 @@
::
- make PLAT=juno all fip \
- BL33=<path-to-juno-oe-uboot>/SOFTWARE/bl33-uboot.bin \
- SCP_BL2=<path-to-juno-busybox-uboot>/SOFTWARE/scp_bl2.bin
+ make PLAT=juno BL33=nt-fw.bin SCP_BL2=scp-fw.bin all fip
For AArch32:
@@ -1333,6 +1326,13 @@
make ARCH=aarch32 PLAT=juno AARCH32_SP=sp_min \
RESET_TO_SP_MIN=1 JUNO_AARCH32_EL3_RUNTIME=1 bl32
+ - Save ``bl32.bin`` to a temporary location and clean the build products.
+
+ ::
+
+ cp <path-to-build>/bl32.bin <path-to-temporary>
+ make realclean
+
- Before building BL1 and BL2, the environment variable ``CROSS_COMPILE``
must point to the AArch64 Linaro cross compiler.
@@ -1346,9 +1346,8 @@
::
make ARCH=aarch64 PLAT=juno JUNO_AARCH32_EL3_RUNTIME=1 \
- BL33=<path-to-juno32-oe-uboot>/SOFTWARE/bl33-uboot.bin \
- SCP_BL2=<path-to-juno32-oe-uboot>/SOFTWARE/scp_bl2.bin \
- BL32=<path-to-bl32>/bl32.bin all fip
+ BL33=nt-fw.bin SCP_BL2=scp-fw.bin \
+ BL32=<path-to-temporary>/bl32.bin all fip
The resulting BL1 and FIP images may be found in:
@@ -1504,7 +1503,7 @@
::
- -C bp.flashloader1.fname="/path/to/el3-payload"
+ -C bp.flashloader1.fname="<path-to>/<el3-payload>"
On Foundation FVP, there is no flash loader component and the EL3 payload
may be programmed anywhere in flash using method 3 below.
@@ -1514,15 +1513,15 @@
::
- load /path/to/el3-payload.elf
+ load <path-to>/el3-payload.elf
#. The EL3 payload may be pre-loaded in volatile memory using the following
model parameters:
::
- --data cluster0.cpu0="/path/to/el3-payload"@address [Base FVPs]
- --data="/path/to/el3-payload"@address [Foundation FVP]
+ --data cluster0.cpu0="<path-to>/el3-payload>"@address [Base FVPs]
+ --data="<path-to>/<el3-payload>"@address [Foundation FVP]
The address provided to the FVP must match the ``EL3_PAYLOAD_BASE`` address
used when building TF-A.
@@ -1650,18 +1649,18 @@
Arm FVPs without shifted affinities, and that do not support threaded CPU cores
(64-bit host machine only).
-NOTE: Unless otherwise stated, the model version is Version 11.4 Build 37.
+The FVP models used are Version 11.5 Build 33, unless otherwise stated.
-- ``FVP_Base_Aresx4``
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502``
-- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_RevC-2xAEMv8A``
- ``FVP_Base_Cortex-A32x4``
- ``FVP_Base_Cortex-A35x4``
- ``FVP_Base_Cortex-A53x4``
- ``FVP_Base_Cortex-A55x4+Cortex-A75x4``
- ``FVP_Base_Cortex-A55x4``
+- ``FVP_Base_Cortex-A57x1-A53x1``
+- ``FVP_Base_Cortex-A57x2-A53x4``
- ``FVP_Base_Cortex-A57x4-A53x4``
- ``FVP_Base_Cortex-A57x4``
- ``FVP_Base_Cortex-A72x4-A53x4``
@@ -1670,7 +1669,12 @@
- ``FVP_Base_Cortex-A73x4``
- ``FVP_Base_Cortex-A75x4``
- ``FVP_Base_Cortex-A76x4``
-- ``FVP_CSS_SGI-575`` (Version 11.3 build 40)
+- ``FVP_Base_Neoverse-N1x4`` (Tested with internal model)
+- ``FVP_Base_Deimos``
+- ``FVP_CSS_SGI-575`` (Version 11.3 build 42)
+- ``FVP_CSS_SGM-775`` (Version 11.3 build 42)
+- ``FVP_RD_E1Edge`` (Version 11.3 build 42)
+- ``FVP_RD_N1Edge`` (Version 11.3 build 42)
- ``Foundation_Platform``
The latest version of the AArch32 build of TF-A has been tested on the following
@@ -1832,6 +1836,9 @@
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
+Note: The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires a
+specific DTS for all the CPUs to be loaded.
+
Running on the AEMv8 Base FVP (AArch32) with reset to BL1 entrypoint
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -1928,7 +1935,7 @@
Notes:
-- Since Position Independent Executable (PIE) support is enabled for BL31
+- If Position Independent Executable (PIE) support is enabled for BL31
in this config, it can be loaded at any valid address for execution.
- Since a FIP is not loaded when using BL31 as reset entrypoint, the
@@ -1939,6 +1946,9 @@
and loaded via the ``--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000``
parameter.
+- The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires a
+ specific DTS for all the CPUs to be loaded.
+
- The ``-C cluster<X>.cpu<Y>.RVBAR=@<base-address-of-bl31>`` parameter, where
X and Y are the cluster and CPU numbers respectively, is used to set the
reset vector for each core.
@@ -2083,6 +2093,7 @@
*Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.*
+.. _arm Developer page: https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads
.. _Linaro: `Linaro Release Notes`_
.. _Linaro Release: `Linaro Release Notes`_
.. _Linaro Release Notes: https://community.arm.com/dev-platforms/w/docs/226/old-release-notes
@@ -2107,4 +2118,4 @@
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
.. _Secure Partition Manager Design guide: secure-partition-manager-design.rst
.. _`Trusted Firmware-A Coding Guidelines`: coding-guidelines.rst
- _`Library at ROM`: romlib-design.rst
\ No newline at end of file
+ _`Library at ROM`: romlib-design.rst
diff --git a/plat/intel/soc/stratix10/bl2_plat_setup.c b/plat/intel/soc/stratix10/bl2_plat_setup.c
index 9a2f9d3..58e8c02 100644
--- a/plat/intel/soc/stratix10/bl2_plat_setup.c
+++ b/plat/intel/soc/stratix10/bl2_plat_setup.c
@@ -32,6 +32,7 @@
#include "aarch64/stratix10_private.h"
#include "include/s10_mailbox.h"
#include "drivers/qspi/cadence_qspi.h"
+#include "drivers/wdt/watchdog.h"
const mmap_region_t plat_stratix10_mmap[] = {
@@ -72,6 +73,8 @@
deassert_peripheral_reset();
config_hps_hs_before_warm_reset();
+ watchdog_init(get_wdt_clk(&reverse_handoff_ptr));
+
console_16550_register(PLAT_UART0_BASE, PLAT_UART_CLOCK, PLAT_BAUDRATE,
&console);
diff --git a/plat/intel/soc/stratix10/drivers/wdt/watchdog.c b/plat/intel/soc/stratix10/drivers/wdt/watchdog.c
new file mode 100644
index 0000000..b4dbe5f
--- /dev/null
+++ b/plat/intel/soc/stratix10/drivers/wdt/watchdog.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2019, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <lib/mmio.h>
+#include <platform_def.h>
+
+#include "watchdog.h"
+
+
+/* Reset watchdog timer */
+void watchdog_sw_rst(void)
+{
+ mmio_write_32(WDT_CRR, WDT_SW_RST);
+}
+
+/* Print component information */
+void watchdog_info(void)
+{
+ INFO("Component Type : %x\r\n", mmio_read_32(WDT_COMP_VERSION));
+ INFO("Component Version : %x\r\n", mmio_read_32(WDT_COMP_TYPE));
+}
+
+/* Check watchdog current status */
+void watchdog_status(void)
+{
+ if (mmio_read_32(WDT_CR) & 1) {
+ INFO("Watchdog Timer in currently enabled\n");
+ INFO("Current Counter : 0x%x\r\n", mmio_read_32(WDT_CCVR));
+ } else {
+ INFO("Watchdog Timer in currently disabled\n");
+ }
+}
+
+/* Initialize & enable watchdog */
+void watchdog_init(int watchdog_clk)
+{
+ uint8_t cycles_i = 0;
+ uint32_t wdt_cycles = WDT_MIN_CYCLES;
+ uint32_t top_init_cycles = WDT_PERIOD * watchdog_clk;
+
+ while ((cycles_i < 15) && (wdt_cycles < top_init_cycles)) {
+ wdt_cycles = (wdt_cycles << 1);
+ cycles_i++;
+ }
+
+ mmio_write_32(WDT_TORR, (cycles_i << 4) | cycles_i);
+
+ watchdog_enable();
+}
+
+void watchdog_enable(void)
+{
+ mmio_write_32(WDT_CR, WDT_CR_RMOD|WDT_CR_EN);
+}
diff --git a/plat/intel/soc/stratix10/drivers/wdt/watchdog.h b/plat/intel/soc/stratix10/drivers/wdt/watchdog.h
new file mode 100644
index 0000000..e920236
--- /dev/null
+++ b/plat/intel/soc/stratix10/drivers/wdt/watchdog.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2019, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef __CAD_WATCHDOG_H__
+#define __CAD_WATCHDOG_H__
+
+#define WDT_BASE (0xFFD00200)
+#define WDT_REG_SIZE_OFFSET (0x4)
+#define WDT_MIN_CYCLES (65536)
+#define WDT_PERIOD (20)
+
+#define WDT_CR (WDT_BASE + 0x0)
+#define WDT_TORR (WDT_BASE + 0x4)
+
+#define WDT_CRR (WDT_BASE + 0xC)
+
+#define WDT_CCVR (WDT_BASE + 0x8)
+#define WDT_STAT (WDT_BASE + 0x10)
+#define WDT_EOI (WDT_BASE + 0x14)
+
+#define WDT_COMP_PARAM_1 (WDT_BASE + 0xF4)
+#define WDT_COMP_VERSION (WDT_BASE + 0xF8)
+#define WDT_COMP_TYPE (WDT_BASE + 0XFC)
+
+#define WDT_CR_RMOD (0x0)
+#define WDT_CR_EN (0x1)
+
+#define WDT_SW_RST (0x76)
+
+
+void watchdog_init(int watchdog_clk);
+void watchdog_enable(void);
+void watchdog_info(void);
+void watchdog_status(void);
+void watchdog_sw_rst(void);
+
+#endif
diff --git a/plat/intel/soc/stratix10/include/s10_clock_manager.h b/plat/intel/soc/stratix10/include/s10_clock_manager.h
index 28192fa..99eb7a6 100644
--- a/plat/intel/soc/stratix10/include/s10_clock_manager.h
+++ b/plat/intel/soc/stratix10/include/s10_clock_manager.h
@@ -50,6 +50,11 @@
#define ALT_CLKMGR_MAINPLL_VCOCALIB_HSCNT_SET(x) (((x) << 0) & 0x000000ff)
#define ALT_CLKMGR_MAINPLL_VCOCALIB_MSCNT_SET(x) (((x) << 9) & 0x0001fe00)
+#define ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC(x) (((x) & 0x00030000) >> 16)
+#define ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_EOSC1 0x0
+#define ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_INTOSC 0x1
+#define ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_F2S 0x2
+
#define ALT_CLKMGR_PERPLL 0xffd100a4
#define ALT_CLKMGR_PERPLL_EN 0x0
#define ALT_CLKMGR_PERPLL_BYPASS 0xc
@@ -78,6 +83,14 @@
#define ALT_CLKMGR_PERPLL_VCOCALIB_MSCNT_SET(x) (((x) << 9) & 0x0001fe00)
#define ALT_CLKMGR_PERPLL_VCOCALIB 0x58
+
+typedef struct {
+ uint32_t clk_freq_of_eosc1;
+ uint32_t clk_freq_of_f2h_free;
+ uint32_t clk_freq_of_cb_intosc_ls;
+} CLOCK_SOURCE_CONFIG;
+
void config_clkmgr_handoff(handoff *hoff_ptr);
+int get_wdt_clk(handoff *hoff_ptr);
#endif
diff --git a/plat/intel/soc/stratix10/platform.mk b/plat/intel/soc/stratix10/platform.mk
index 1f06fbd..fdd6e45 100644
--- a/plat/intel/soc/stratix10/platform.mk
+++ b/plat/intel/soc/stratix10/platform.mk
@@ -46,7 +46,8 @@
plat/intel/soc/stratix10/soc/s10_system_manager.c \
common/desc_image_load.c \
plat/intel/soc/stratix10/soc/s10_mailbox.c \
- plat/intel/soc/stratix10/drivers/qspi/cadence_qspi.c
+ plat/intel/soc/stratix10/drivers/qspi/cadence_qspi.c \
+ plat/intel/soc/stratix10/drivers/wdt/watchdog.c
BL31_SOURCES += drivers/arm/cci/cci.c \
lib/cpus/aarch64/cortex_a53.S \
diff --git a/plat/intel/soc/stratix10/soc/s10_clock_manager.c b/plat/intel/soc/stratix10/soc/s10_clock_manager.c
index 9d4617a..dc90076 100644
--- a/plat/intel/soc/stratix10/soc/s10_clock_manager.c
+++ b/plat/intel/soc/stratix10/soc/s10_clock_manager.c
@@ -15,6 +15,14 @@
#include "s10_clock_manager.h"
#include "s10_handoff.h"
+static const CLOCK_SOURCE_CONFIG clk_source = {
+ /* clk_freq_of_eosc1 */
+ (uint32_t) 25000000,
+ /* clk_freq_of_f2h_free */
+ (uint32_t) 460000000,
+ /* clk_freq_of_cb_intosc_ls */
+ (uint32_t) 50000000,
+};
void wait_pll_lock(void)
{
@@ -190,3 +198,37 @@
ALT_CLKMGR_INTRCLR_PERLOCKLOST_SET_MSK);
}
+int get_wdt_clk(handoff *hoff_ptr)
+{
+ int main_noc_base_clk, l3_main_free_clk, l4_sys_free_clk;
+ int data32, mdiv, refclkdiv, ref_clk;
+
+ data32 = mmio_read_32(ALT_CLKMGR_MAINPLL + ALT_CLKMGR_MAINPLL_PLLGLOB);
+
+ switch (ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC(data32)) {
+ case ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_EOSC1:
+ ref_clk = clk_source.clk_freq_of_eosc1;
+ break;
+ case ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_INTOSC:
+ ref_clk = clk_source.clk_freq_of_cb_intosc_ls;
+ break;
+ case ALT_CLKMGR_MAINPLL_PLLGLOB_PSRC_F2S:
+ ref_clk = clk_source.clk_freq_of_f2h_free;
+ break;
+ default:
+ ref_clk = 0;
+ assert(0);
+ break;
+ }
+
+ refclkdiv = ALT_CLKMGR_MAINPLL_PLLGLOB_REFCLKDIV(data32);
+ data32 = mmio_read_32(ALT_CLKMGR_MAINPLL + ALT_CLKMGR_MAINPLL_FDBCK);
+ mdiv = ALT_CLKMGR_MAINPLL_FDBCK_MDIV(data32);
+ ref_clk = (ref_clk / refclkdiv) * (6 + mdiv);
+
+ main_noc_base_clk = ref_clk / (hoff_ptr->main_pll_pllc1 & 0xff);
+ l3_main_free_clk = main_noc_base_clk / (hoff_ptr->main_pll_nocclk + 1);
+ l4_sys_free_clk = l3_main_free_clk / 4;
+
+ return l4_sys_free_clk;
+}
diff --git a/readme.rst b/readme.rst
index 1df8637..41ffc0f 100644
--- a/readme.rst
+++ b/readme.rst
@@ -1,4 +1,4 @@
-Trusted Firmware-A - version 2.0
+Trusted Firmware-A - version 2.1
================================
Trusted Firmware-A (TF-A) provides a reference implementation of secure world
@@ -15,6 +15,13 @@
Where possible, the code is designed for reuse or porting to other Armv7-A and
Armv8-A model and hardware platforms.
+This release provides a suitable starting point for productization of secure
+world boot and runtime firmware, in either the AArch32 or AArch64 execution
+states.
+
+Users are encouraged to do their own security validation, including penetration
+testing, on any secure world code derived from TF-A.
+
Arm will continue development in collaboration with interested parties to
provide a full reference implementation of Secure Monitor code and Arm standards
to the benefit of all developers working with Armv7-A and Armv8-A TrustZone
@@ -53,18 +60,8 @@
BSD-3-Clause license. Any contributions to this code must be made under the
terms of both licenses.
-This release
-------------
-
-This release provides a suitable starting point for productization of secure
-world boot and runtime firmware, in either the AArch32 or AArch64 execution
-states.
-
-Users are encouraged to do their own security validation, including penetration
-testing, on any secure world code derived from TF-A.
-
Functionality
-~~~~~~~~~~~~~
+-------------
- Initialization of the secure world, for example exception vectors, control
registers and interrupts for the platform.
@@ -136,37 +133,50 @@
- Support for the GCC, LLVM and Arm Compiler 6 toolchains.
-- Support for combining several libraries into a self-called "romlib" image
- that may be shared across images to reduce memory footprint. The romlib image
- is stored in ROM but is accessed through a jump-table that may be stored
+- Support for combining several libraries into a "romlib" image that may be
+ shared across images to reduce memory footprint. The romlib image is stored
+ in ROM but is accessed through a jump-table that may be stored
in read-write memory, allowing for the library code to be patched.
+- A prototype implementation of a Secure Partition Manager (SPM) that is based
+ on the SPCI Alpha 1 and SPRT draft specifications.
+
+- Support for ARMv8.3 pointer authentication in the normal and secure worlds.
+ The use of pointer authentication in the normal world is enabled whenever
+ architectural support is available, without the need for additional build
+ flags. Use of pointer authentication in the secure world remains an
+ experimental configuration at this time and requires the ``ENABLE_PAUTH``
+ build flag to be set.
+
+- Position-Independent Executable (PIE) support. Initially for BL31 only, with
+ further support to be added in a future release.
+
For a full description of functionality and implementation details, please
see the `Firmware Design`_ and supporting documentation. The `Change Log`_
provides details of changes made since the last release.
Platforms
-~~~~~~~~~
+---------
Various AArch32 and AArch64 builds of this release have been tested on r0, r1
and r2 variants of the `Juno Arm Development Platform`_.
-Various AArch64 builds of this release have been tested on the following Arm
-Fixed Virtual Platforms (`FVP`_) without shifted affinities that do not
-support threaded CPU cores (64-bit host machine only):
+The latest version of the AArch64 build of TF-A has been tested on the following
+Arm FVPs without shifted affinities, and that do not support threaded CPU cores
+(64-bit host machine only).
-NOTE: Unless otherwise stated, the model version is Version 11.4 Build 37.
+The FVP models used are Version 11.5 Build 33, unless otherwise stated.
-- ``FVP_Base_Aresx4``
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502``
-- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_RevC-2xAEMv8A``
- ``FVP_Base_Cortex-A32x4``
- ``FVP_Base_Cortex-A35x4``
- ``FVP_Base_Cortex-A53x4``
- ``FVP_Base_Cortex-A55x4+Cortex-A75x4``
- ``FVP_Base_Cortex-A55x4``
+- ``FVP_Base_Cortex-A57x1-A53x1``
+- ``FVP_Base_Cortex-A57x2-A53x4``
- ``FVP_Base_Cortex-A57x4-A53x4``
- ``FVP_Base_Cortex-A57x4``
- ``FVP_Base_Cortex-A72x4-A53x4``
@@ -175,16 +185,23 @@
- ``FVP_Base_Cortex-A73x4``
- ``FVP_Base_Cortex-A75x4``
- ``FVP_Base_Cortex-A76x4``
-- ``FVP_CSS_SGI-575`` (Version 11.3 build 40)
+- ``FVP_Base_Neoverse-N1x4`` (Tested with internal model)
+- ``FVP_Base_Deimos``
+- ``FVP_CSS_SGI-575`` (Version 11.3 build 42)
+- ``FVP_CSS_SGM-775`` (Version 11.3 build 42)
+- ``FVP_RD_E1Edge`` (Version 11.3 build 42)
+- ``FVP_RD_N1Edge`` (Version 11.3 build 42)
- ``Foundation_Platform``
The latest version of the AArch32 build of TF-A has been tested on the following
-Arm FVPs without shifted affinities that do not support threaded CPU cores
+Arm FVPs without shifted affinities, and that do not support threaded CPU cores
(64-bit host machine only).
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_Cortex-A32x4``
+NOTE: The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities.
+
The Foundation FVP can be downloaded free of charge. The Base FVPs can be
licensed from Arm. See the `Arm FVP website`_.
@@ -192,18 +209,23 @@
This release also contains the following platform support:
-- Allwinner sun50i_64 and sun50i_h6
+- Allwinner sun50i_a64 and sun50i_h6
- Amlogic Meson S905 (GXBB)
-- Arm SGI-575, RDN1Edge, RDE1Edge and SGM-775
-- Arm Neoverse N1 System Development Platform
+- Arm Juno Software Development Platform
+- Arm Neoverse N1 System Development Platform (N1SDP)
+- Arm Neoverse Reference Design N1 Edge (RD-N1-Edge) FVP
+- Arm Neoverse Reference Design E1 Edge (RD-E1-Edge) FVP
+- Arm SGI-575 and SGM-775
+- Arm Versatile Express FVP
- HiKey, HiKey960 and Poplar boards
+- Intel Stratix 10 SoC FPGA
- Marvell Armada 3700 and 8K
- MediaTek MT6795 and MT8173 SoCs
- NVIDIA T132, T186 and T210 SoCs
-- NXP QorIQ LS1043A, i.MX8MQ, i.MX8QX, i.MX8QM and i.MX7Solo WaRP7
+- NXP QorIQ LS1043A, i.MX8MM, i.MX8MQ, i.MX8QX, i.MX8QM and i.MX7Solo WaRP7
- QEMU
- Raspberry Pi 3
-- R-Car Generation 3
+- Renesas R-Car Generation 3
- RockChip RK3328, RK3368 and RK3399 SoCs
- Socionext UniPhier SoC family and SynQuacer SC2A11 SoCs
- STMicroelectronics STM32MP1
@@ -211,11 +233,16 @@
- Xilinx Versal and Zynq UltraScale + MPSoC
Still to come
-~~~~~~~~~~~~~
+-------------
-- More platform support.
+- Support for additional platforms.
-- Position independent executable (PIE) support.
+- Refinements to Position Independent Executable (PIE) support.
+
+- Refinements to the SPCI-based SPM implementation as the draft SPCI and SPRT
+ specifications continue to evolve.
+
+- Documentation enhancements.
- Ongoing support for new architectural features, CPUs and System IP.
@@ -243,6 +270,12 @@
project and the `Acknowledgments`_ file for a list of contributors to the
project.
+Documentation contents
+~~~~~~~~~~~~~~~~~~~~~~
+
+The `Trusted Firmware-A Documentation Contents`_ page contains an overview of
+the documentation that is available, with links to facilitate easier browsing.
+
IRC channel
~~~~~~~~~~~
@@ -261,7 +294,7 @@
Arm licensees may contact Arm directly via their partner managers.
Security advisories
-~~~~~~~~~~~~~~~~~~~
+-------------------
- `Security Advisory TFV-1`_
- `Security Advisory TFV-2`_
@@ -313,3 +346,4 @@
.. _Security Advisory TFV-6: ./docs/security_advisories/security-advisory-tfv-6.rst
.. _Security Advisory TFV-7: ./docs/security_advisories/security-advisory-tfv-7.rst
.. _Security Advisory TFV-8: ./docs/security_advisories/security-advisory-tfv-8.rst
+.. _Trusted Firmware-A Documentation Contents: ./docs/contents.rst