Merge changes from topic "st_nvmem_layout" into integration
* changes:
refactor(stm32mp1-fdts): remove nvmem_layout node
refactor(stm32mp1): drop the "st,stm32-nvmem-layout" node
refactor(st): remove useless includes
diff --git a/Makefile b/Makefile
index 95c9075..da3e493 100644
--- a/Makefile
+++ b/Makefile
@@ -263,24 +263,6 @@
# Determine if FEAT_SB is supported
ENABLE_FEAT_SB = $(if $(findstring sb,${arch-features}),1,0)
-ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-ENABLE_FEAT_SB = 1
-endif
-
-# Determine and enable FEAT_FGT to access HDFGRTR_EL2 register for v8.6 and higher versions.
-ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-ENABLE_FEAT_FGT = 1
-endif
-
-# Determine and enable FEAT_ECV to access CNTPOFF_EL2 register for v8.6 and higher versions.
-ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-ENABLE_FEAT_ECV = 1
-endif
-
-ifeq "8.4" "$(word 1, $(sort 8.4 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
-ENABLE_FEAT_DIT = 1
-endif
-
ifneq ($(findstring armclang,$(notdir $(CC))),)
TF_CFLAGS_aarch32 = -target arm-arm-none-eabi $(march32-directive)
TF_CFLAGS_aarch64 = -target aarch64-arm-none-eabi $(march64-directive)
@@ -467,13 +449,10 @@
DTC_CPPFLAGS += -P -nostdinc -Iinclude -Ifdts -undef \
-x assembler-with-cpp $(DEFINES)
-ifeq ($(MEASURED_BOOT),1)
-DTC_CPPFLAGS += -DMEASURED_BOOT -DBL2_HASH_SIZE=${TCG_DIGEST_SIZE}
-endif
-
################################################################################
# Common sources and include directories
################################################################################
+include ${MAKE_HELPERS_DIRECTORY}arch_features.mk
include lib/compiler-rt/compiler-rt.mk
BL_COMMON_SOURCES += common/bl_common.c \
@@ -776,6 +755,10 @@
$(info PSA_FWU_SUPPORT is an experimental feature)
endif
+ifeq ($(FEATURE_DETECTION),1)
+ $(info FEATURE_DETECTION is an experimental feature)
+endif
+
ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1)
ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
$(error "ALLOW_RO_XLAT_TABLES requires translation tables library v2")
@@ -980,10 +963,7 @@
CREATE_KEYS \
CTX_INCLUDE_AARCH32_REGS \
CTX_INCLUDE_FPREGS \
- CTX_INCLUDE_PAUTH_REGS \
- CTX_INCLUDE_MTE_REGS \
CTX_INCLUDE_EL2_REGS \
- CTX_INCLUDE_NEVE_REGS \
DEBUG \
DISABLE_MTPMU \
DYN_DISABLE_AUTH \
@@ -993,11 +973,9 @@
ENABLE_AMU_FCONF \
AMU_RESTRICT_COUNTERS \
ENABLE_ASSERTIONS \
- ENABLE_MPAM_FOR_LOWER_ELS \
ENABLE_PIE \
ENABLE_PMF \
ENABLE_PSCI_STAT \
- ENABLE_RME \
ENABLE_RUNTIME_INSTRUMENTATION \
ENABLE_SME_FOR_NS \
ENABLE_SME_FOR_SWD \
@@ -1017,7 +995,6 @@
PL011_GENERIC_UART \
PROGRAMMABLE_RESET_ADDRESS \
PSCI_EXTENDED_STATE_ID \
- RAS_EXTENSION \
RESET_TO_BL31 \
SAVE_KEYS \
SEPARATE_CODE_AND_RODATA \
@@ -1046,20 +1023,13 @@
RAS_TRAP_LOWER_EL_ERR_ACCESS \
COT_DESC_IN_DTB \
USE_SP804_TIMER \
- ENABLE_FEAT_RNG \
- ENABLE_FEAT_SB \
- ENABLE_FEAT_DIT \
PSA_FWU_SUPPORT \
ENABLE_TRBE_FOR_NS \
ENABLE_SYS_REG_TRACE_FOR_NS \
- ENABLE_TRF_FOR_NS \
- ENABLE_FEAT_HCX \
ENABLE_MPMM \
ENABLE_MPMM_FCONF \
- ENABLE_FEAT_FGT \
- ENABLE_FEAT_AMUv1 \
- ENABLE_FEAT_ECV \
SIMICS_BUILD \
+ FEATURE_DETECTION \
)))
$(eval $(call assert_numerics,\
@@ -1067,9 +1037,30 @@
ARM_ARCH_MAJOR \
ARM_ARCH_MINOR \
BRANCH_PROTECTION \
+ CTX_INCLUDE_PAUTH_REGS \
+ CTX_INCLUDE_MTE_REGS \
+ CTX_INCLUDE_NEVE_REGS \
+ ENABLE_BTI \
+ ENABLE_PAUTH \
+ ENABLE_FEAT_AMUv1 \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_DIT \
+ ENABLE_FEAT_ECV \
+ ENABLE_FEAT_FGT \
+ ENABLE_FEAT_HCX \
+ ENABLE_FEAT_PAN \
+ ENABLE_FEAT_RNG \
+ ENABLE_FEAT_SB \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_VHE \
+ ENABLE_MPAM_FOR_LOWER_ELS \
+ ENABLE_RME \
+ ENABLE_TRF_FOR_NS \
FW_ENC_STATUS \
NR_OF_FW_BANKS \
NR_OF_IMAGES_IN_FW_BANK \
+ RAS_EXTENSION \
)))
ifdef KEY_SIZE
@@ -1179,6 +1170,12 @@
ENABLE_FEAT_AMUv1 \
ENABLE_FEAT_ECV \
SIMICS_BUILD \
+ ENABLE_FEAT_AMUv1p1 \
+ ENABLE_FEAT_SEL2 \
+ ENABLE_FEAT_VHE \
+ ENABLE_FEAT_CSV2_2 \
+ ENABLE_FEAT_PAN \
+ FEATURE_DETECTION \
)))
ifeq (${SANITIZE_UB},trap)
diff --git a/bl31/bl31.mk b/bl31/bl31.mk
index e751824..25c7964 100644
--- a/bl31/bl31.mk
+++ b/bl31/bl31.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -128,6 +128,10 @@
${RMMD_SOURCES}
endif
+ifeq ($(FEATURE_DETECTION),1)
+BL31_SOURCES += common/feat_detect.c
+endif
+
BL31_LINKERFILE := bl31/bl31.ld.S
# Flag used to indicate if Crash reporting via console should be included
diff --git a/bl31/bl31_main.c b/bl31/bl31_main.c
index 9ac10e2..2a3d838 100644
--- a/bl31/bl31_main.c
+++ b/bl31/bl31_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,7 @@
#include <bl31/ehf.h>
#include <common/bl_common.h>
#include <common/debug.h>
+#include <common/feat_detect.h>
#include <common/runtime_svc.h>
#include <drivers/console.h>
#include <lib/el3_runtime/context_mgmt.h>
@@ -123,6 +124,11 @@
NOTICE("BL31: %s\n", version_string);
NOTICE("BL31: %s\n", build_message);
+#if FEATURE_DETECTION
+ /* Detect if features enabled during compilation are supported by PE. */
+ detect_arch_features();
+#endif /* FEATURE_DETECTION */
+
#ifdef SUPPORT_UNKNOWN_MPID
if (unsupported_mpid_flag == 0) {
NOTICE("Unsupported MPID detected!\n");
@@ -253,7 +259,16 @@
(image_type == SECURE) ? "secure" : "normal");
print_entry_point_info(next_image_info);
cm_init_my_context(next_image_info);
- cm_prepare_el3_exit(image_type);
+
+ /*
+ * If we are entering the Non-secure world, use
+ * 'cm_prepare_el3_exit_ns' to exit.
+ */
+ if (image_type == NON_SECURE) {
+ cm_prepare_el3_exit_ns();
+ } else {
+ cm_prepare_el3_exit(image_type);
+ }
}
/*******************************************************************************
diff --git a/changelog.yaml b/changelog.yaml
index 939fb65..add81ef 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -442,6 +442,13 @@
deprecated:
- plat/st/stm32mp1
+ - title: Texas Instruments
+ scope: ti
+
+ subsections:
+ - title: K3
+ scope: k3
+
- title: Xilinx
scope: xilinx
diff --git a/common/feat_detect.c b/common/feat_detect.c
new file mode 100644
index 0000000..ef09b86
--- /dev/null
+++ b/common/feat_detect.c
@@ -0,0 +1,288 @@
+/*
+ * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/feat_detect.h>
+
+/*******************************************************************************
+ * This section lists the wrapper modules for each feature to evaluate the
+ * feature states (FEAT_STATE_1 and FEAT_STATE_2) and perform necessary action
+ * as below:
+ *
+ * It verifies whether the FEAT_XXX (eg: FEAT_SB) is supported by the PE or not.
+ * Without this check an exception would occur during context save/restore
+ * routines, if the feature is enabled but not supported by PE.
+ ******************************************************************************/
+
+/******************************************
+ * Feature : FEAT_SB (Speculation Barrier)
+ *****************************************/
+static void read_feat_sb(void)
+{
+#if (ENABLE_FEAT_SB == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_0_feat_sb_present(), "SB");
+#endif
+}
+
+/******************************************************
+ * Feature : FEAT_CSV2_2 (Cache Speculation Variant 2)
+ *****************************************************/
+static void read_feat_csv2_2(void)
+{
+#if (ENABLE_FEAT_CSV2_2 == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_0_feat_csv2_2_present(), "CSV2_2");
+#endif
+}
+
+/***********************************************
+ * Feature : FEAT_PAN (Privileged Access Never)
+ **********************************************/
+static void read_feat_pan(void)
+{
+#if (ENABLE_FEAT_PAN == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_1_pan_present(), "PAN");
+#endif
+}
+
+/******************************************************
+ * Feature : FEAT_VHE (Virtualization Host Extensions)
+ *****************************************************/
+static void read_feat_vhe(void)
+{
+#if (ENABLE_FEAT_VHE == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_1_vhe_present(), "VHE");
+#endif
+}
+
+/*******************************************************************************
+ * Feature : FEAT_RAS (Reliability, Availability, and Serviceability Extension)
+ ******************************************************************************/
+static void read_feat_ras(void)
+{
+#if (RAS_EXTENSION == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_2_feat_ras_present(), "RAS");
+#endif
+}
+
+/************************************************
+ * Feature : FEAT_PAUTH (Pointer Authentication)
+ ***********************************************/
+static void read_feat_pauth(void)
+{
+#if (ENABLE_PAUTH == FEAT_STATE_1) || (CTX_INCLUDE_PAUTH_REGS == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_3_pauth_present(), "PAUTH");
+#endif
+}
+
+/************************************************************
+ * Feature : FEAT_DIT (Data Independent Timing Instructions)
+ ***********************************************************/
+static void read_feat_dit(void)
+{
+#if (ENABLE_FEAT_DIT == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_4_feat_dit_present(), "DIT");
+#endif
+}
+
+/*********************************************************
+ * Feature : FEAT_AMUv1 (Activity Monitors Extensions v1)
+ ********************************************************/
+static void read_feat_amuv1(void)
+{
+#if (ENABLE_FEAT_AMUv1 == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_4_feat_amuv1_present(), "AMUv1");
+#endif
+}
+
+/****************************************************************************
+ * Feature : FEAT_MPAM (Memory Partitioning and Monitoring (MPAM) Extension)
+ ***************************************************************************/
+static void read_feat_mpam(void)
+{
+#if (ENABLE_MPAM_FOR_LOWER_ELS == FEAT_STATE_1)
+ feat_detect_panic(get_mpam_version() != 0U, "MPAM");
+#endif
+}
+
+/**************************************************************
+ * Feature : FEAT_NV2 (Enhanced Nested Virtualization Support)
+ *************************************************************/
+static void read_feat_nv2(void)
+{
+#if (CTX_INCLUDE_NEVE_REGS == FEAT_STATE_1)
+ unsigned int nv = get_armv8_4_feat_nv_support();
+
+ feat_detect_panic((nv == ID_AA64MMFR2_EL1_NV2_SUPPORTED), "NV2");
+#endif
+}
+
+/***********************************
+ * Feature : FEAT_SEL2 (Secure EL2)
+ **********************************/
+static void read_feat_sel2(void)
+{
+#if (ENABLE_FEAT_SEL2 == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_4_sel2_present(), "SEL2");
+#endif
+}
+
+/****************************************************
+ * Feature : FEAT_TRF (Self-hosted Trace Extensions)
+ ***************************************************/
+static void read_feat_trf(void)
+{
+#if (ENABLE_TRF_FOR_NS == FEAT_STATE_1)
+ feat_detect_panic(is_arm8_4_feat_trf_present(), "TRF");
+#endif
+}
+
+/************************************************
+ * Feature : FEAT_MTE (Memory Tagging Extension)
+ ***********************************************/
+static void read_feat_mte(void)
+{
+#if (CTX_INCLUDE_MTE_REGS == FEAT_STATE_1)
+ unsigned int mte = get_armv8_5_mte_support();
+
+ feat_detect_panic((mte != MTE_UNIMPLEMENTED), "MTE");
+#endif
+}
+
+/***********************************************
+ * Feature : FEAT_RNG (Random Number Generator)
+ **********************************************/
+static void read_feat_rng(void)
+{
+#if (ENABLE_FEAT_RNG == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_5_rng_present(), "RNG");
+#endif
+}
+
+/****************************************************
+ * Feature : FEAT_BTI (Branch Target Identification)
+ ***************************************************/
+static void read_feat_bti(void)
+{
+#if (ENABLE_BTI == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_5_bti_present(), "BTI");
+#endif
+}
+
+/****************************************
+ * Feature : FEAT_FGT (Fine Grain Traps)
+ ***************************************/
+static void read_feat_fgt(void)
+{
+#if (ENABLE_FEAT_FGT == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_6_fgt_present(), "FGT");
+#endif
+}
+
+/***********************************************
+ * Feature : FEAT_AMUv1p1 (AMU Extensions v1.1)
+ **********************************************/
+static void read_feat_amuv1p1(void)
+{
+#if (ENABLE_FEAT_AMUv1p1 == FEAT_STATE_1)
+ feat_detect_panic(is_armv8_6_feat_amuv1p1_present(), "AMUv1p1");
+#endif
+}
+
+/*******************************************************
+ * Feature : FEAT_ECV (Enhanced Counter Virtualization)
+ ******************************************************/
+static void read_feat_ecv(void)
+{
+#if (ENABLE_FEAT_ECV == FEAT_STATE_1)
+ unsigned int ecv = get_armv8_6_ecv_support();
+
+ feat_detect_panic(((ecv == ID_AA64MMFR0_EL1_ECV_SUPPORTED) ||
+ (ecv == ID_AA64MMFR0_EL1_ECV_SELF_SYNCH)), "ECV");
+#endif
+}
+
+/******************************************************************
+ * Feature : FEAT_HCX (Extended Hypervisor Configuration Register)
+ *****************************************************************/
+static void read_feat_hcx(void)
+{
+#if (ENABLE_FEAT_HCX == FEAT_STATE_1)
+ feat_detect_panic(is_feat_hcx_present(), "HCX");
+#endif
+}
+
+/**************************************************
+ * Feature : FEAT_RME (Realm Management Extension)
+ *************************************************/
+static void read_feat_rme(void)
+{
+#if (ENABLE_RME == FEAT_STATE_1)
+ feat_detect_panic((get_armv9_2_feat_rme_support() !=
+ ID_AA64PFR0_FEAT_RME_NOT_SUPPORTED), "RME");
+#endif
+}
+
+/***********************************************************************************
+ * TF-A supports many Arm architectural features starting from arch version
+ * (8.0 till 8.7+). These features are mostly enabled through build flags. This
+ * mechanism helps in validating these build flags in the early boot phase
+ * either in BL1 or BL31 depending on the platform and assists in identifying
+ * and notifying the features which are enabled but not supported by the PE.
+ *
+ * It reads all the enabled features ID-registers and ensures the features
+ * are supported by the PE.
+ * In case if they aren't it stops booting at an early phase and logs the error
+ * messages, notifying the platforms about the features that are not supported.
+ *
+ * Further the procedure is implemented with a tri-state approach for each feature:
+ * ENABLE_FEAT_xxx = 0 : The feature is disabled statically at compile time
+ * ENABLE_FEAT_xxx = 1 : The feature is enabled and must be present in hardware.
+ * There will be panic if feature is not present at cold boot.
+ * ENABLE_FEAT_xxx = 2 : The feature is enabled but dynamically enabled at runtime
+ * depending on hardware capability.
+ *
+ * For better readability, state values are defined with macros namely:
+ * { FEAT_STATE_0, FEAT_STATE_1, FEAT_STATE_2 } taking values as their naming.
+ **********************************************************************************/
+void detect_arch_features(void)
+{
+ /* v8.0 features */
+ read_feat_sb();
+ read_feat_csv2_2();
+
+ /* v8.1 features */
+ read_feat_pan();
+ read_feat_vhe();
+
+ /* v8.2 features */
+ read_feat_ras();
+
+ /* v8.3 features */
+ read_feat_pauth();
+
+ /* v8.4 features */
+ read_feat_dit();
+ read_feat_amuv1();
+ read_feat_mpam();
+ read_feat_nv2();
+ read_feat_sel2();
+ read_feat_trf();
+
+ /* v8.5 features */
+ read_feat_mte();
+ read_feat_rng();
+ read_feat_bti();
+
+ /* v8.6 features */
+ read_feat_amuv1p1();
+ read_feat_fgt();
+ read_feat_ecv();
+
+ /* v8.7 features */
+ read_feat_hcx();
+
+ /* v9.2 features */
+ read_feat_rme();
+}
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index b7d1168..af0e769 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -298,13 +298,21 @@
For Cortex-A78 AE, the following errata build flags are defined :
-- ``ERRATA_A78_AE_1941500`` : This applies errata 1941500 workaround to Cortex-A78
- AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This erratum is
- still open.
+- ``ERRATA_A78_AE_1941500`` : This applies errata 1941500 workaround to
+ Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1.
+ This erratum is still open.
-- ``ERRATA_A78_AE_1951502`` : This applies errata 1951502 workaround to Cortex-A78
- AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This erratum is
- still open.
+- ``ERRATA_A78_AE_1951502`` : This applies errata 1951502 workaround to
+ Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
+ erratum is still open.
+
+- ``ERRATA_A78_AE_2376748`` : This applies errata 2376748 workaround to
+ Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
+ erratum is still open.
+
+- ``ERRATA_A78_AE_2395408`` : This applies errata 2395408 workaround to
+ Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
+ erratum is still open.
For Neoverse N1, the following errata build flags are defined :
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index adc05e6..4dbf5cb 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -174,14 +174,23 @@
registers to be included when saving and restoring the CPU context. Default
is 0.
-- ``CTX_INCLUDE_NEVE_REGS``: Boolean option that, when set to 1, will cause the
- Armv8.4-NV registers to be saved/restored when entering/exiting an EL2
- execution context. Default value is 0.
+- ``CTX_INCLUDE_MTE_REGS``: Numeric value to include Memory Tagging Extension
+ registers in cpu context. This must be enabled, if the platform wants to use
+ this feature in the Secure world and MTE is enabled at ELX. This flag can
+ take values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
+ Default value is 0.
-- ``CTX_INCLUDE_PAUTH_REGS``: Boolean option that, when set to 1, enables
- Pointer Authentication for Secure world. This will cause the ARMv8.3-PAuth
- registers to be included when saving and restoring the CPU context as
- part of world switch. Default value is 0.
+- ``CTX_INCLUDE_NEVE_REGS``: Numeric value, when set will cause the Armv8.4-NV
+ registers to be saved/restored when entering/exiting an EL2 execution
+ context. This flag can take values 0 to 2, to align with the
+ ``FEATURE_DETECTION`` mechanism. Default value is 0.
+
+- ``CTX_INCLUDE_PAUTH_REGS``: Numeric value to enable the Pointer
+ Authentication for Secure world. This will cause the ARMv8.3-PAuth registers
+ to be included when saving and restoring the CPU context as part of world
+ switch. This flag can take values 0 to 2, to align with ``FEATURE_DETECTION``
+ mechanism. Default value is 0.
+
Note that Pointer Authentication is enabled for Non-secure world irrespective
of the value of this flag if the CPU supports it.
@@ -246,42 +255,101 @@
builds, but this behaviour can be overridden in each platform's Makefile or
in the build command line.
-- ``ENABLE_FEAT_AMUv1``: Boolean option to enable access to the HAFGRTR_EL2
+- ``ENABLE_FEAT_AMUv1``: Numeric value to enable access to the HAFGRTR_EL2
(Hypervisor Activity Monitors Fine-Grained Read Trap Register) during EL2
- to EL3 context save/restore operations. It is an optional feature available
- on v8.4 and onwards and must be set to 1 alongside ``ENABLE_FEAT_FGT``, to
- access the HAFGRTR_EL2 register. Defaults to ``0``.
+ to EL3 context save/restore operations. This flag can take the values 0 to 2,
+ to align with the ``FEATURE_DETECTION`` mechanism. It is an optional feature
+ available on v8.4 and onwards and must be set to either 1 or 2 alongside
+ ``ENABLE_FEAT_FGT``, to access the HAFGRTR_EL2 register.
+ Default value is ``0``.
-- ``ENABLE_FEAT_ECV``: Boolean option to enable support for the Enhanced Counter
+- ``ENABLE_FEAT_AMUv1p1``: Numeric value to enable the ``FEAT_AMUv1p1``
+ extension. ``FEAT_AMUv1p1`` is an optional feature available on Arm v8.6
+ onwards. This flag can take the values 0 to 2, to align with the
+ ``FEATURE_DETECTION`` mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_CSV2_2``: Numeric value to enable the ``FEAT_CSV2_2``
+ extension. It allows access to the SCXTNUM_EL2 (Software Context Number)
+ register during EL2 context save/restore operations. ``FEAT_CSV2_2`` is an
+ optional feature available on Arm v8.0 onwards. This flag can take values
+ 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
+ Default value is ``0``.
+
+- ``ENABLE_FEAT_DIT``: Numeric value to enable ``FEAT_DIT`` (Data Independent
+ Timing) extension. It allows setting the ``DIT`` bit of PSTATE in EL3.
+ ``FEAT_DIT`` is a mandatory architectural feature and is enabled from v8.4
+ and upwards. This flag can take the values 0 to 2, to align with the
+ ``FEATURE_DETECTION`` mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_ECV``: Numeric value to enable support for the Enhanced Counter
Virtualization feature, allowing for access to the CNTPOFF_EL2 (Counter-timer
Physical Offset register) during EL2 to EL3 context save/restore operations.
- Its a mandatory architectural feature in Armv8.6 and defaults to ``1`` for
- v8.6 or later CPUs.
+ Its a mandatory architectural feature and is enabled from v8.6 and upwards.
+ This flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
-- ``ENABLE_FEAT_FGT``: Boolean option to enable support for FGT (Fine Grain Traps)
+- ``ENABLE_FEAT_FGT``: Numeric value to enable support for FGT (Fine Grain Traps)
feature allowing for access to the HDFGRTR_EL2 (Hypervisor Debug Fine-Grained
- Read Trap Register) during EL2 to EL3 context save/restore operations.
- Its a mandatory architectural feature in Armv8.6 and defaults to ``1`` for
- v8.6 or later CPUs.
+ Read Trap Register) during EL2 to EL3 context save/restore operations.
+ Its a mandatory architectural feature and is enabled from v8.6 and upwards.
+ This flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
-- ``ENABLE_FEAT_HCX``: This option sets the bit SCR_EL3.HXEn in EL3 to allow
- access to HCRX_EL2 (extended hypervisor control register) from EL2 as well as
- adding HCRX_EL2 to the EL2 context save/restore operations.
+- ``ENABLE_FEAT_HCX``: Numeric value to set the bit SCR_EL3.HXEn in EL3 to
+ allow access to HCRX_EL2 (extended hypervisor control register) from EL2 as
+ well as adding HCRX_EL2 to the EL2 context save/restore operations. Its a
+ mandatory architectural feature and is enabled from v8.7 and upwards. This
+ flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_PAN``: Numeric value to enable the ``FEAT_PAN`` (Privileged
+ Access Never) extension. ``FEAT_PAN`` adds a bit to PSTATE, generating a
+ permission fault for any privileged data access from EL1/EL2 to virtual
+ memory address, accessible at EL0, provided (HCR_EL2.E2H=1). It is a
+ mandatory architectural feature and is enabled from v8.1 and upwards. This
+ flag can take values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default value is ``0``.
+
+- ``ENABLE_FEAT_RNG``: Numeric value to enable the ``FEAT_RNG`` extension.
+ ``FEAT_RNG`` is an optional feature available on Arm v8.5 onwards. This
+ flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default is ``0``.
+
+- ``ENABLE_FEAT_SB``: Numeric value to enable the ``FEAT_SB`` (Speculation
+ Barrier) extension allowing access to ``sb`` instruction. ``FEAT_SB`` is an
+ optional feature and defaults to ``0`` for pre-Armv8.5 CPUs but are mandatory
+ for Armv8.5 or later CPUs. This flag can take values 0 to 2, to align with
+ ``FEATURE_DETECTION`` mechanism. It is enabled from v8.5 and upwards and if
+ needed could be overidden from platforms explicitly. Default value is ``0``.
+
+- ``ENABLE_FEAT_SEL2``: Numeric value to enable the ``FEAT_SEL2`` (Secure EL2)
+ extension. ``FEAT_SEL2`` is a mandatory feature available on Arm v8.4.
+ This flag can take values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. Default is ``0``.
+
+- ``ENABLE_FEAT_VHE``: Numeric value to enable the ``FEAT_VHE`` (Virtualization
+ Host Extensions) extension. It allows access to CONTEXTIDR_EL2 register
+ during EL2 context save/restore operations.``FEAT_VHE`` is a mandatory
+ architectural feature and is enabled from v8.1 and upwards. It can take
+ values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism.
+ Default value is ``0``.
- ``ENABLE_LTO``: Boolean option to enable Link Time Optimization (LTO)
support in GCC for TF-A. This option is currently only supported for
AArch64. Default is 0.
-- ``ENABLE_MPAM_FOR_LOWER_ELS``: Boolean option to enable lower ELs to use MPAM
+- ``ENABLE_MPAM_FOR_LOWER_ELS``: Numeric value to enable lower ELs to use MPAM
feature. MPAM is an optional Armv8.4 extension that enables various memory
system components and resources to define partitions; software running at
various ELs can assign themselves to desired partition to control their
performance aspects.
- When this option is set to ``1``, EL3 allows lower ELs to access their own
- MPAM registers without trapping into EL3. This option doesn't make use of
- partitioning in EL3, however. Platform initialisation code should configure
- and use partitions in EL3 as required. This option defaults to ``0``.
+ This flag can take values 0 to 2, to align with the ``FEATURE_DETECTION``
+ mechanism. When this option is set to ``1`` or ``2``, EL3 allows lower ELs to
+ access their own MPAM registers without trapping into EL3. This option
+ doesn't make use of partitioning in EL3, however. Platform initialisation
+ code should configure and use partitions in EL3 as required. This option
+ defaults to ``0``.
- ``ENABLE_MPMM``: Boolean option to enable support for the Maximum Power
Mitigation Mechanism supported by certain Arm cores, which allows the SoC
@@ -307,9 +375,10 @@
be enabled. If ``ENABLE_PMF`` is set, the residency statistics are tracked in
software.
-- ``ENABLE_RME``: Boolean option to enable support for the ARMv9 Realm
- Management Extension. Default value is 0. This is currently an experimental
- feature.
+- ``ENABLE_RME``: Numeric value to enable support for the ARMv9 Realm
+ Management Extension. This flag can take the values 0 to 2, to align with
+ the ``FEATURE_DETECTION`` mechanism. Default value is 0. This is currently
+ an experimental feature.
- ``ENABLE_RUNTIME_INSTRUMENTATION``: Boolean option to enable runtime
instrumentation which injects timestamp collection points into TF-A to
@@ -352,8 +421,8 @@
- ``ENABLE_SVE_FOR_SWD``: Boolean option to enable SVE for the Secure world.
SVE is an optional architectural feature for AArch64. Note that this option
- requires ENABLE_SVE_FOR_NS to be enabled. The default is 0 and it is
- automatically disabled when the target architecture is AArch32.
+ requires ENABLE_SVE_FOR_NS to be enabled. The default is 0 and it
+ is automatically disabled when the target architecture is AArch32.
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
checks in GCC. Allowed values are "all", "strong", "default" and "none". The
@@ -399,6 +468,43 @@
This feature is intended for testing purposes only, and is advisable to keep
disabled for production images.
+- ``FEATURE_DETECTION``: Boolean option to enable the architectural features
+ detection mechanism. It detects whether the Architectural features enabled
+ through feature specific build flags are supported by the PE or not by
+ validating them either at boot phase or at runtime based on the value
+ possessed by the feature flag (0 to 2) and report error messages at an early
+ stage.
+
+ This prevents and benefits us from EL3 runtime exceptions during context save
+ and restore routines guarded by these build flags. Henceforth validating them
+ before their usage provides more control on the actions taken under them.
+
+ The mechanism permits the build flags to take values 0, 1 or 2 and
+ evaluates them accordingly.
+
+ Lets consider ``ENABLE_FEAT_HCX``, build flag for ``FEAT_HCX`` as an example:
+
+ ::
+
+ ENABLE_FEAT_HCX = 0: Feature disabled statically at compile time.
+ ENABLE_FEAT_HCX = 1: Feature Enabled and the flag is validated at boottime.
+ ENABLE_FEAT_HCX = 2: Feature Enabled and the flag is validated at runtime.
+
+ In the above example, if the feature build flag, ``ENABLE_FEAT_HCX`` set to
+ 0, feature is disabled statically during compilation. If it is defined as 1,
+ feature is validated, wherein FEAT_HCX is detected at boot time. In case not
+ implemented by the PE, a hard panic is generated. Finally, if the flag is set
+ to 2, feature is validated at runtime.
+
+ Note that the entire implementation is divided into two phases, wherein as
+ as part of phase-1 we are supporting the values 0,1. Value 2 is currently not
+ supported and is planned to be handled explicilty in phase-2 implementation.
+
+ FEATURE_DETECTION macro is disabled by default, and is currently an
+ experimental procedure. Platforms can explicitly make use of this by
+ mechanism, by enabling it to validate whether they have set their build flags
+ properly at an early phase.
+
- ``FIP_NAME``: This is an optional build option which specifies the FIP
filename for the ``fip`` target. Default is ``fip.bin``.
@@ -588,9 +694,10 @@
enabled on Arm platforms, the option ``ARM_RECOM_STATE_ID_ENC`` needs to be
set to 1 as well.
-- ``RAS_EXTENSION``: When set to ``1``, enable Armv8.2 RAS features. RAS features
+- ``RAS_EXTENSION``: Numeric value to enable Armv8.2 RAS features. RAS features
are an optional extension for pre-Armv8.2 CPUs, but are mandatory for Armv8.2
- or later CPUs.
+ or later CPUs. This flag can take the values 0 to 2, to align with the
+ ``FEATURE_DETECTION`` mechanism.
When ``RAS_EXTENSION`` is set to ``1``, ``HANDLE_EA_EL3_FIRST`` must also be
set to ``1``.
@@ -673,7 +780,7 @@
firmware images have been loaded in memory, and the MMU and caches are
turned off. Refer to the "Debugging options" section for more details.
-- ``SPMD_SPM_AT_SEL2`` : this boolean option is used jointly with the SPM
+- ``SPMD_SPM_AT_SEL2`` : This boolean option is used jointly with the SPM
Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC
component runs at the S-EL2 execution state provided by the Armv8.4-SecEL2
extension. This is the default when enabling the SPM Dispatcher. When
@@ -851,9 +958,10 @@
but unused). This feature is available if trace unit such as ETMv4.x, and
ETE(extending ETM feature) is implemented. This flag is disabled by default.
-- ``ENABLE_TRF_FOR_NS``: Boolean option to enable trace filter control registers
+- ``ENABLE_TRF_FOR_NS``: Numeric value to enable trace filter control registers
access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented but unused),
- if FEAT_TRF is implemented. This flag is disabled by default.
+ if FEAT_TRF is implemented. This flag can take the values 0 to 2, to align
+ with the ``FEATURE_DETECTION`` mechanism. This flag is disabled by default.
GICv3 driver options
--------------------
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst
index 7f10ca6..3d3b2e3 100644
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@@ -2017,6 +2017,58 @@
(that was copied during ``bl31_early_platform_setup()``) if the image exists. It
should return NULL otherwise.
+Function : plat_get_cca_attest_token() [mandatory when ENABLE_RME == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uintptr_t, size_t *, uintptr_t, size_t
+ Return : int
+
+This function returns the Platform attestation token.
+
+The parameters of the function are:
+
+ arg0 - A pointer to the buffer where the Platform token should be copied by
+ this function. The buffer must be big enough to hold the Platform
+ token.
+
+ arg1 - Contains the size (in bytes) of the buffer passed in arg0. The
+ function returns the platform token length in this parameter.
+
+ arg2 - A pointer to the buffer where the challenge object is stored.
+
+ arg3 - The length of the challenge object in bytes. Possible values are 32,
+ 48 and 64.
+
+The function returns 0 on success, -EINVAL on failure.
+
+Function : plat_get_cca_realm_attest_key() [mandatory when ENABLE_RME == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uintptr_t, size_t *, unsigned int
+ Return : int
+
+This function returns the delegated realm attestation key which will be used to
+sign Realm attestation token. The API currently only supports P-384 ECC curve
+key.
+
+The parameters of the function are:
+
+ arg0 - A pointer to the buffer where the attestation key should be copied
+ by this function. The buffer must be big enough to hold the
+ attestation key.
+
+ arg1 - Contains the size (in bytes) of the buffer passed in arg0. The
+ function returns the attestation key length in this parameter.
+
+ arg2 - The type of the elliptic curve to which the requested attestation key
+ belongs.
+
+The function returns 0 on success, -EINVAL on failure.
+
Function : bl31_plat_enable_mmu [optional]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -3154,7 +3206,7 @@
--------------
-*Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.*
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
.. _Arm Generic Interrupt Controller version 2.0 (GICv2): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0048b/index.html
diff --git a/drivers/arm/gic/v3/gic600ae_fmu.c b/drivers/arm/gic/v3/gic600ae_fmu.c
index 13979fa..0262f48 100644
--- a/drivers/arm/gic/v3/gic600ae_fmu.c
+++ b/drivers/arm/gic/v3/gic600ae_fmu.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2021-2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,6 +9,7 @@
*/
#include <assert.h>
+#include <inttypes.h>
#include <arch_helpers.h>
#include <common/debug.h>
@@ -112,6 +113,135 @@
"Wake-GICD AXI4-Stream interface error"
};
+/* Helper function to find detailed information for a specific IERR */
+static char __unused *ras_ierr_to_str(unsigned int blkid, unsigned int ierr)
+{
+ char *str = NULL;
+
+ /* Find the correct record */
+ switch (blkid) {
+ case FMU_BLK_GICD:
+ assert(ierr < ARRAY_SIZE(gicd_sm_info));
+ str = gicd_sm_info[ierr];
+ break;
+
+ case FMU_BLK_SPICOL:
+ assert(ierr < ARRAY_SIZE(spicol_sm_info));
+ str = spicol_sm_info[ierr];
+ break;
+
+ case FMU_BLK_WAKERQ:
+ assert(ierr < ARRAY_SIZE(wkrqst_sm_info));
+ str = wkrqst_sm_info[ierr];
+ break;
+
+ case FMU_BLK_ITS0...FMU_BLK_ITS7:
+ assert(ierr < ARRAY_SIZE(its_sm_info));
+ str = its_sm_info[ierr];
+ break;
+
+ case FMU_BLK_PPI0...FMU_BLK_PPI31:
+ assert(ierr < ARRAY_SIZE(ppi_sm_info));
+ str = ppi_sm_info[ierr];
+ break;
+
+ default:
+ assert(false);
+ break;
+ }
+
+ return str;
+}
+
+/*
+ * Probe for error in memory-mapped registers containing error records.
+ * Upon detecting an error, set probe data to the index of the record
+ * in error, and return 1; otherwise, return 0.
+ */
+int gic600_fmu_probe(uint64_t base, int *probe_data)
+{
+ uint64_t gsr;
+
+ assert(base != 0UL);
+
+ /*
+ * Read ERR_GSR to find the error record 'M'
+ */
+ gsr = gic_fmu_read_errgsr(base);
+ if (gsr == U(0)) {
+ return 0;
+ }
+
+ /* Return the index of the record in error */
+ if (probe_data != NULL) {
+ *probe_data = (int)__builtin_ctzll(gsr);
+ }
+
+ return 1;
+}
+
+/*
+ * The handler function to read RAS records and find the safety
+ * mechanism with the error.
+ */
+int gic600_fmu_ras_handler(uint64_t base, int probe_data)
+{
+ uint64_t errstatus;
+ unsigned int blkid = (unsigned int)probe_data, ierr, serr;
+
+ assert(base != 0UL);
+
+ /*
+ * FMU_ERRGSR indicates the ID of the GIC
+ * block that faulted.
+ */
+ assert(blkid <= FMU_BLK_PPI31);
+
+ /*
+ * Find more information by reading FMU_ERR<M>STATUS
+ * register
+ */
+ errstatus = gic_fmu_read_errstatus(base, blkid);
+
+ /*
+ * If FMU_ERR<M>STATUS.V is set to 0, no RAS records
+ * need to be scanned.
+ */
+ if ((errstatus & FMU_ERRSTATUS_V_BIT) == U(0)) {
+ return 0;
+ }
+
+ /*
+ * FMU_ERR<M>STATUS.IERR indicates which Safety Mechanism
+ * reported the error.
+ */
+ ierr = (errstatus >> FMU_ERRSTATUS_IERR_SHIFT) &
+ FMU_ERRSTATUS_IERR_MASK;
+
+ /*
+ * FMU_ERR<M>STATUS.SERR indicates architecturally
+ * defined primary error code.
+ */
+ serr = errstatus & FMU_ERRSTATUS_SERR_MASK;
+
+ ERROR("**************************************\n");
+ ERROR("RAS %s Error detected by GIC600 AE FMU\n",
+ ((errstatus & FMU_ERRSTATUS_UE_BIT) != 0U) ?
+ "Uncorrectable" : "Corrected");
+ ERROR("\tStatus = 0x%lx \n", errstatus);
+ ERROR("\tBlock ID = 0x%x\n", blkid);
+ ERROR("\tSafety Mechanism ID = 0x%x (%s)\n", ierr,
+ ras_ierr_to_str(blkid, ierr));
+ ERROR("\tArchitecturally defined primary error code = 0x%x\n",
+ serr);
+ ERROR("**************************************\n");
+
+ /* Clear FMU_ERR<M>STATUS */
+ gic_fmu_write_errstatus(base, probe_data, errstatus);
+
+ return 0;
+}
+
/*
* Initialization sequence for the FMU
*
@@ -138,8 +268,12 @@
/* Enable error detection for all error records */
for (unsigned int i = 0U; i < num_blk; i++) {
- /* Skip next steps if the block is not present */
+ /*
+ * Disable all safety mechanisms for blocks that are not
+ * present and skip the next steps.
+ */
if ((blk_present_mask & BIT(i)) == 0U) {
+ gic_fmu_disable_all_sm_blkid(base, i);
continue;
}
@@ -168,22 +302,26 @@
*/
if ((blk_present_mask & BIT(FMU_BLK_GICD)) != 0U) {
smen = (GICD_MBIST_REQ_ERROR << FMU_SMEN_SMID_SHIFT) |
- (FMU_BLK_GICD << FMU_SMEN_BLK_SHIFT);
+ (FMU_BLK_GICD << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
smen = (GICD_FMU_CLKGATE_ERROR << FMU_SMEN_SMID_SHIFT) |
- (FMU_BLK_GICD << FMU_SMEN_BLK_SHIFT);
+ (FMU_BLK_GICD << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
}
for (unsigned int i = FMU_BLK_PPI0; i < FMU_BLK_PPI31; i++) {
if ((blk_present_mask & BIT(i)) != 0U) {
smen = (PPI_MBIST_REQ_ERROR << FMU_SMEN_SMID_SHIFT) |
- (i << FMU_SMEN_BLK_SHIFT);
+ (i << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
smen = (PPI_FMU_CLKGATE_ERROR << FMU_SMEN_SMID_SHIFT) |
- (i << FMU_SMEN_BLK_SHIFT);
+ (i << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
}
}
@@ -191,11 +329,13 @@
for (unsigned int i = FMU_BLK_ITS0; i < FMU_BLK_ITS7; i++) {
if ((blk_present_mask & BIT(i)) != 0U) {
smen = (ITS_MBIST_REQ_ERROR << FMU_SMEN_SMID_SHIFT) |
- (i << FMU_SMEN_BLK_SHIFT);
+ (i << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
smen = (ITS_FMU_CLKGATE_ERROR << FMU_SMEN_SMID_SHIFT) |
- (i << FMU_SMEN_BLK_SHIFT);
+ (i << FMU_SMEN_BLK_SHIFT) |
+ FMU_SMEN_EN_BIT;
gic_fmu_write_smen(base, smen);
}
}
diff --git a/drivers/arm/gic/v3/gic600ae_fmu_helpers.c b/drivers/arm/gic/v3/gic600ae_fmu_helpers.c
index 4aa0efb..09806dc 100644
--- a/drivers/arm/gic/v3/gic600ae_fmu_helpers.c
+++ b/drivers/arm/gic/v3/gic600ae_fmu_helpers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2021-2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -258,3 +258,47 @@
{
GIC_FMU_WRITE_64(base, GICFMU_PINGMASK, 0, val);
}
+
+/*
+ * Helper function to disable all safety mechanisms for a given block
+ */
+void gic_fmu_disable_all_sm_blkid(uintptr_t base, unsigned int blkid)
+{
+ uint32_t smen, max_smid = U(0);
+
+ /* Sanity check block ID */
+ assert((blkid >= FMU_BLK_GICD) && (blkid <= FMU_BLK_PPI31));
+
+ /* Find the max safety mechanism ID for the block */
+ switch (blkid) {
+ case FMU_BLK_GICD:
+ max_smid = FMU_SMID_GICD_MAX;
+ break;
+
+ case FMU_BLK_SPICOL:
+ max_smid = FMU_SMID_SPICOL_MAX;
+ break;
+
+ case FMU_BLK_WAKERQ:
+ max_smid = FMU_SMID_WAKERQ_MAX;
+ break;
+
+ case FMU_BLK_ITS0...FMU_BLK_ITS7:
+ max_smid = FMU_SMID_ITS_MAX;
+ break;
+
+ case FMU_BLK_PPI0...FMU_BLK_PPI31:
+ max_smid = FMU_SMID_PPI_MAX;
+ break;
+
+ default:
+ assert(false);
+ break;
+ }
+
+ /* Disable all Safety Mechanisms for a given block id */
+ for (unsigned int i = 0U; i < max_smid; i++) {
+ smen = (blkid << FMU_SMEN_BLK_SHIFT) | (i << FMU_SMEN_SMID_SHIFT);
+ gic_fmu_write_smen(base, smen);
+ }
+}
diff --git a/drivers/nxp/ddr/phy-gen2/phy.c b/drivers/nxp/ddr/phy-gen2/phy.c
index 7dbe3a3..c8245a8 100644
--- a/drivers/nxp/ddr/phy-gen2/phy.c
+++ b/drivers/nxp/ddr/phy-gen2/phy.c
@@ -2216,10 +2216,14 @@
size = PHY_GEN2_MAX_IMAGE_SIZE;
image_buf = (uintptr_t)phy_gen2_fw_img_buf;
- mmap_add_dynamic_region(phy_gen2_fw_img_buf,
+ ret = mmap_add_dynamic_region(phy_gen2_fw_img_buf,
phy_gen2_fw_img_buf,
PHY_GEN2_MAX_IMAGE_SIZE,
MT_MEMORY | MT_RW | MT_SECURE);
+ if (ret != 0) {
+ ERROR("Failed to add dynamic memory region.\n");
+ return ret;
+ }
ret = img_loadr(imem_id, &image_buf, &size);
if (ret != 0) {
ERROR("Failed to load %d firmware.\n", imem_id);
diff --git a/drivers/scmi-msg/clock.c b/drivers/scmi-msg/clock.c
index e96cede..85bf7d2 100644
--- a/drivers/scmi-msg/clock.c
+++ b/drivers/scmi-msg/clock.c
@@ -361,7 +361,7 @@
[SCMI_CLOCK_CONFIG_SET] = scmi_clock_config_set,
};
-static bool message_id_is_supported(size_t message_id)
+static bool message_id_is_supported(unsigned int message_id)
{
return (message_id < ARRAY_SIZE(scmi_clock_handler_table)) &&
(scmi_clock_handler_table[message_id] != NULL);
diff --git a/drivers/scmi-msg/power_domain.c b/drivers/scmi-msg/power_domain.c
index c4e1289..87c41dd 100644
--- a/drivers/scmi-msg/power_domain.c
+++ b/drivers/scmi-msg/power_domain.c
@@ -19,7 +19,7 @@
#pragma weak plat_scmi_pd_statistics
#pragma weak plat_scmi_pd_get_attributes
-static bool message_id_is_supported(size_t message_id);
+static bool message_id_is_supported(unsigned int message_id);
size_t plat_scmi_pd_count(unsigned int agent_id __unused)
{
@@ -219,7 +219,7 @@
[SCMI_PD_STATE_GET] = scmi_pd_state_get,
};
-static bool message_id_is_supported(size_t message_id)
+static bool message_id_is_supported(unsigned int message_id)
{
return (message_id < ARRAY_SIZE(scmi_pd_handler_table)) &&
(scmi_pd_handler_table[message_id] != NULL);
diff --git a/drivers/ufs/ufs.c b/drivers/ufs/ufs.c
index 3c27aff..5e3575f 100644
--- a/drivers/ufs/ufs.c
+++ b/drivers/ufs/ufs.c
@@ -656,7 +656,6 @@
sense_data_t *sense;
unsigned char data[CACHE_WRITEBACK_GRANULE << 1];
uintptr_t buf;
- int result;
int retry;
assert((ufs_params.reg_base != 0) &&
@@ -693,14 +692,12 @@
/* logical block length in bytes */
*size = be32toh(*(unsigned int *)(buf + 4));
} while (retry);
- (void)result;
}
size_t ufs_read_blocks(int lun, int lba, uintptr_t buf, size_t size)
{
utp_utrd_t utrd;
resp_upiu_t *resp;
- int result;
assert((ufs_params.reg_base != 0) &&
(ufs_params.desc_base != 0) &&
@@ -711,7 +708,6 @@
dump_upiu(&utrd);
#endif
resp = (resp_upiu_t *)utrd.resp_upiu;
- (void)result;
return size - resp->res_trans_cnt;
}
@@ -719,7 +715,6 @@
{
utp_utrd_t utrd;
resp_upiu_t *resp;
- int result;
assert((ufs_params.reg_base != 0) &&
(ufs_params.desc_base != 0) &&
@@ -730,7 +725,6 @@
dump_upiu(&utrd);
#endif
resp = (resp_upiu_t *)utrd.resp_upiu;
- (void)result;
return size - resp->res_trans_cnt;
}
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 29da33c..b4608ae 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -99,7 +99,6 @@
/*******************************************************************************
* Definitions for EL2 system registers for save/restore routine
******************************************************************************/
-
#define CNTPOFF_EL2 S3_4_C14_C0_6
#define HAFGRTR_EL2 S3_4_C3_C1_6
#define HDFGRTR_EL2 S3_4_C3_C1_4
@@ -155,39 +154,55 @@
#endif
/* ID_AA64PFR0_EL1 definitions */
-#define ID_AA64PFR0_EL0_SHIFT U(0)
-#define ID_AA64PFR0_EL1_SHIFT U(4)
-#define ID_AA64PFR0_EL2_SHIFT U(8)
-#define ID_AA64PFR0_EL3_SHIFT U(12)
-#define ID_AA64PFR0_AMU_SHIFT U(44)
-#define ID_AA64PFR0_AMU_MASK ULL(0xf)
-#define ID_AA64PFR0_AMU_NOT_SUPPORTED U(0x0)
-#define ID_AA64PFR0_AMU_V1 U(0x1)
-#define ID_AA64PFR0_AMU_V1P1 U(0x2)
-#define ID_AA64PFR0_ELX_MASK ULL(0xf)
-#define ID_AA64PFR0_GIC_SHIFT U(24)
-#define ID_AA64PFR0_GIC_WIDTH U(4)
-#define ID_AA64PFR0_GIC_MASK ULL(0xf)
-#define ID_AA64PFR0_SVE_SHIFT U(32)
-#define ID_AA64PFR0_SVE_MASK ULL(0xf)
-#define ID_AA64PFR0_SVE_LENGTH U(4)
-#define ID_AA64PFR0_SEL2_SHIFT U(36)
-#define ID_AA64PFR0_SEL2_MASK ULL(0xf)
-#define ID_AA64PFR0_MPAM_SHIFT U(40)
-#define ID_AA64PFR0_MPAM_MASK ULL(0xf)
-#define ID_AA64PFR0_DIT_SHIFT U(48)
-#define ID_AA64PFR0_DIT_MASK ULL(0xf)
-#define ID_AA64PFR0_DIT_LENGTH U(4)
-#define ID_AA64PFR0_DIT_SUPPORTED U(1)
-#define ID_AA64PFR0_CSV2_SHIFT U(56)
-#define ID_AA64PFR0_CSV2_MASK ULL(0xf)
-#define ID_AA64PFR0_CSV2_LENGTH U(4)
+#define ID_AA64PFR0_EL0_SHIFT U(0)
+#define ID_AA64PFR0_EL1_SHIFT U(4)
+#define ID_AA64PFR0_EL2_SHIFT U(8)
+#define ID_AA64PFR0_EL3_SHIFT U(12)
+
+#define ID_AA64PFR0_AMU_SHIFT U(44)
+#define ID_AA64PFR0_AMU_MASK ULL(0xf)
+#define ID_AA64PFR0_AMU_NOT_SUPPORTED U(0x0)
+#define ID_AA64PFR0_AMU_V1 ULL(0x1)
+#define ID_AA64PFR0_AMU_V1P1 U(0x2)
+
+#define ID_AA64PFR0_ELX_MASK ULL(0xf)
+
+#define ID_AA64PFR0_GIC_SHIFT U(24)
+#define ID_AA64PFR0_GIC_WIDTH U(4)
+#define ID_AA64PFR0_GIC_MASK ULL(0xf)
+
+#define ID_AA64PFR0_SVE_SHIFT U(32)
+#define ID_AA64PFR0_SVE_MASK ULL(0xf)
+#define ID_AA64PFR0_SVE_SUPPORTED ULL(0x1)
+#define ID_AA64PFR0_SVE_LENGTH U(4)
+
+#define ID_AA64PFR0_SEL2_SHIFT U(36)
+#define ID_AA64PFR0_SEL2_MASK ULL(0xf)
+
+#define ID_AA64PFR0_MPAM_SHIFT U(40)
+#define ID_AA64PFR0_MPAM_MASK ULL(0xf)
+
+#define ID_AA64PFR0_DIT_SHIFT U(48)
+#define ID_AA64PFR0_DIT_MASK ULL(0xf)
+#define ID_AA64PFR0_DIT_LENGTH U(4)
+#define ID_AA64PFR0_DIT_SUPPORTED U(1)
+
+#define ID_AA64PFR0_CSV2_SHIFT U(56)
+#define ID_AA64PFR0_CSV2_MASK ULL(0xf)
+#define ID_AA64PFR0_CSV2_LENGTH U(4)
+#define ID_AA64PFR0_CSV2_2_SUPPORTED ULL(0x2)
+
#define ID_AA64PFR0_FEAT_RME_SHIFT U(52)
#define ID_AA64PFR0_FEAT_RME_MASK ULL(0xf)
#define ID_AA64PFR0_FEAT_RME_LENGTH U(4)
#define ID_AA64PFR0_FEAT_RME_NOT_SUPPORTED U(0)
#define ID_AA64PFR0_FEAT_RME_V1 U(1)
+#define ID_AA64PFR0_RAS_SHIFT U(28)
+#define ID_AA64PFR0_RAS_MASK ULL(0xf)
+#define ID_AA64PFR0_RAS_NOT_SUPPORTED ULL(0x0)
+#define ID_AA64PFR0_RAS_LENGTH U(4)
+
/* Exception level handling */
#define EL_IMPL_NONE ULL(0)
#define EL_IMPL_A64ONLY ULL(1)
@@ -204,8 +219,10 @@
#define ID_AA64DFR0_TRACEFILT_LENGTH U(4)
/* ID_AA64DFR0_EL1.PMS definitions (for ARMv8.2+) */
-#define ID_AA64DFR0_PMS_SHIFT U(32)
-#define ID_AA64DFR0_PMS_MASK ULL(0xf)
+#define ID_AA64DFR0_PMS_SHIFT U(32)
+#define ID_AA64DFR0_PMS_MASK ULL(0xf)
+#define ID_AA64DFR0_SPE_SUPPORTED ULL(0x1)
+#define ID_AA64DFR0_SPE_NOT_SUPPORTED ULL(0x0)
/* ID_AA64DFR0_EL1.TraceBuffer definitions */
#define ID_AA64DFR0_TRACEBUFFER_SHIFT U(44)
@@ -222,15 +239,22 @@
#define ID_AA64ISAR0_RNDR_MASK ULL(0xf)
/* ID_AA64ISAR1_EL1 definitions */
-#define ID_AA64ISAR1_EL1 S3_0_C0_C6_1
-#define ID_AA64ISAR1_GPI_SHIFT U(28)
-#define ID_AA64ISAR1_GPI_MASK ULL(0xf)
-#define ID_AA64ISAR1_GPA_SHIFT U(24)
-#define ID_AA64ISAR1_GPA_MASK ULL(0xf)
-#define ID_AA64ISAR1_API_SHIFT U(8)
-#define ID_AA64ISAR1_API_MASK ULL(0xf)
-#define ID_AA64ISAR1_APA_SHIFT U(4)
-#define ID_AA64ISAR1_APA_MASK ULL(0xf)
+#define ID_AA64ISAR1_EL1 S3_0_C0_C6_1
+
+#define ID_AA64ISAR1_GPI_SHIFT U(28)
+#define ID_AA64ISAR1_GPI_MASK ULL(0xf)
+#define ID_AA64ISAR1_GPA_SHIFT U(24)
+#define ID_AA64ISAR1_GPA_MASK ULL(0xf)
+
+#define ID_AA64ISAR1_API_SHIFT U(8)
+#define ID_AA64ISAR1_API_MASK ULL(0xf)
+#define ID_AA64ISAR1_APA_SHIFT U(4)
+#define ID_AA64ISAR1_APA_MASK ULL(0xf)
+
+#define ID_AA64ISAR1_SB_SHIFT U(36)
+#define ID_AA64ISAR1_SB_MASK ULL(0xf)
+#define ID_AA64ISAR1_SB_SUPPORTED ULL(0x1)
+#define ID_AA64ISAR1_SB_NOT_SUPPORTED ULL(0x0)
/* ID_AA64MMFR0_EL1 definitions */
#define ID_AA64MMFR0_EL1_PARANGE_SHIFT U(0)
@@ -292,17 +316,23 @@
#define ID_AA64MMFR1_EL1_HCX_NOT_SUPPORTED ULL(0x0)
/* ID_AA64MMFR2_EL1 definitions */
-#define ID_AA64MMFR2_EL1 S3_0_C0_C7_2
+#define ID_AA64MMFR2_EL1 S3_0_C0_C7_2
-#define ID_AA64MMFR2_EL1_ST_SHIFT U(28)
-#define ID_AA64MMFR2_EL1_ST_MASK ULL(0xf)
+#define ID_AA64MMFR2_EL1_ST_SHIFT U(28)
+#define ID_AA64MMFR2_EL1_ST_MASK ULL(0xf)
-#define ID_AA64MMFR2_EL1_CCIDX_SHIFT U(20)
-#define ID_AA64MMFR2_EL1_CCIDX_MASK ULL(0xf)
-#define ID_AA64MMFR2_EL1_CCIDX_LENGTH U(4)
+#define ID_AA64MMFR2_EL1_CCIDX_SHIFT U(20)
+#define ID_AA64MMFR2_EL1_CCIDX_MASK ULL(0xf)
+#define ID_AA64MMFR2_EL1_CCIDX_LENGTH U(4)
-#define ID_AA64MMFR2_EL1_CNP_SHIFT U(0)
-#define ID_AA64MMFR2_EL1_CNP_MASK ULL(0xf)
+#define ID_AA64MMFR2_EL1_CNP_SHIFT U(0)
+#define ID_AA64MMFR2_EL1_CNP_MASK ULL(0xf)
+
+#define ID_AA64MMFR2_EL1_NV_SHIFT U(24)
+#define ID_AA64MMFR2_EL1_NV_MASK ULL(0xf)
+#define ID_AA64MMFR2_EL1_NV_NOT_SUPPORTED ULL(0x0)
+#define ID_AA64MMFR2_EL1_NV_SUPPORTED ULL(0x1)
+#define ID_AA64MMFR2_EL1_NV2_SUPPORTED ULL(0x2)
/* ID_AA64PFR1_EL1 definitions */
#define ID_AA64PFR1_EL1_SSBS_SHIFT U(4)
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index a260f03..29710e7 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -140,4 +140,88 @@
ID_AA64PFR0_FEAT_RME_SHIFT) & ID_AA64PFR0_FEAT_RME_MASK;
}
+/*********************************************************************************
+ * Function to identify the presence of FEAT_SB (Speculation Barrier Instruction)
+ ********************************************************************************/
+static inline bool is_armv8_0_feat_sb_present(void)
+{
+ return (((read_id_aa64isar1_el1() >> ID_AA64ISAR1_SB_SHIFT) &
+ ID_AA64ISAR1_SB_MASK) == ID_AA64ISAR1_SB_SUPPORTED);
+}
+
+/*********************************************************************************
+ * Function to identify the presence of FEAT_CSV2_2 (Cache Speculation Variant 2)
+ ********************************************************************************/
+static inline bool is_armv8_0_feat_csv2_2_present(void)
+{
+ return (((read_id_aa64pfr0_el1() >> ID_AA64PFR0_CSV2_SHIFT) &
+ ID_AA64PFR0_CSV2_MASK) == ID_AA64PFR0_CSV2_2_SUPPORTED);
+}
+
+/**********************************************************************************
+ * Function to identify the presence of FEAT_SPE (Statistical Profiling Extension)
+ *********************************************************************************/
+static inline bool is_armv8_2_feat_spe_present(void)
+{
+ return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_PMS_SHIFT) &
+ ID_AA64DFR0_PMS_MASK) != ID_AA64DFR0_SPE_NOT_SUPPORTED);
+}
+
+/*******************************************************************************
+ * Function to identify the presence of FEAT_SVE (Scalable Vector Extension)
+ ******************************************************************************/
+static inline bool is_armv8_2_feat_sve_present(void)
+{
+ return (((read_id_aa64pfr0_el1() >> ID_AA64PFR0_SVE_SHIFT) &
+ ID_AA64PFR0_SVE_MASK) == ID_AA64PFR0_SVE_SUPPORTED);
+}
+
+/*******************************************************************************
+ * Function to identify the presence of FEAT_RAS (Reliability,Availability,
+ * and Serviceability Extension)
+ ******************************************************************************/
+static inline bool is_armv8_2_feat_ras_present(void)
+{
+ return (((read_id_aa64pfr0_el1() >> ID_AA64PFR0_RAS_SHIFT) &
+ ID_AA64PFR0_RAS_MASK) != ID_AA64PFR0_RAS_NOT_SUPPORTED);
+}
+
+/**************************************************************************
+ * Function to identify the presence of FEAT_DIT (Data Independent Timing)
+ *************************************************************************/
+static inline bool is_armv8_4_feat_dit_present(void)
+{
+ return (((read_id_aa64pfr0_el1() >> ID_AA64PFR0_DIT_SHIFT) &
+ ID_AA64PFR0_DIT_MASK) == ID_AA64PFR0_DIT_SUPPORTED);
+}
+
+/*************************************************************************
+ * Function to identify the presence of FEAT_TRF (TraceLift)
+ ************************************************************************/
+static inline bool is_arm8_4_feat_trf_present(void)
+{
+ return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEFILT_SHIFT) &
+ ID_AA64DFR0_TRACEFILT_MASK) == ID_AA64DFR0_TRACEFILT_SUPPORTED);
+}
+
+/*******************************************************************************
+ * Function to identify the presence of FEAT_AMUv1 (Activity Monitors-
+ * Extension v1)
+ ******************************************************************************/
+static inline bool is_armv8_4_feat_amuv1_present(void)
+{
+ return (((read_id_aa64pfr0_el1() >> ID_AA64PFR0_AMU_SHIFT) &
+ ID_AA64PFR0_AMU_MASK) >= ID_AA64PFR0_AMU_V1);
+}
+
+/********************************************************************************
+ * Function to identify the presence of FEAT_NV2 (Enhanced Nested Virtualization
+ * Support)
+ *******************************************************************************/
+static inline unsigned int get_armv8_4_feat_nv_support(void)
+{
+ return (((read_id_aa64mmfr2_el1() >> ID_AA64MMFR2_EL1_NV_SHIFT) &
+ ID_AA64MMFR2_EL1_NV_MASK));
+}
+
#endif /* ARCH_FEATURES_H */
diff --git a/include/common/bl_common.ld.h b/include/common/bl_common.ld.h
index 5147e37..9888a3c 100644
--- a/include/common/bl_common.ld.h
+++ b/include/common/bl_common.ld.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -70,7 +70,9 @@
*/
#define BASE_XLAT_TABLE \
. = ALIGN(16); \
- *(base_xlat_table)
+ __BASE_XLAT_TABLE_START__ = .; \
+ *(base_xlat_table) \
+ __BASE_XLAT_TABLE_END__ = .;
#if PLAT_RO_XLAT_TABLES
#define BASE_XLAT_TABLE_RO BASE_XLAT_TABLE
@@ -210,7 +212,9 @@
*/
#define XLAT_TABLE_SECTION \
xlat_table (NOLOAD) : { \
+ __XLAT_TABLE_START__ = .; \
*(xlat_table) \
+ __XLAT_TABLE_END__ = .; \
}
#endif /* BL_COMMON_LD_H */
diff --git a/include/common/feat_detect.h b/include/common/feat_detect.h
new file mode 100644
index 0000000..0f0f105
--- /dev/null
+++ b/include/common/feat_detect.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef FEAT_DETECT_H
+#define FEAT_DETECT_H
+
+#include <arch_features.h>
+#include <common/debug.h>
+
+/* Function Prototypes */
+void detect_arch_features(void);
+
+/* Macro Definitions */
+#define FEAT_STATE_1 1
+#define FEAT_STATE_2 2
+#define feat_detect_panic(a, b) ((a) ? (void)0 : feature_panic(b))
+
+/*******************************************************************************
+ * Function : feature_panic
+ * Customised panic module with error logging mechanism to list the feature
+ * not supported by the PE.
+ ******************************************************************************/
+static inline void feature_panic(char *feat_name)
+{
+ ERROR("FEAT_%s not supported by the PE\n", feat_name);
+ panic();
+}
+
+#endif /* FEAT_DETECT_H */
diff --git a/include/drivers/arm/gic600ae_fmu.h b/include/drivers/arm/gic600ae_fmu.h
index 691ffc7..88b87b9 100644
--- a/include/drivers/arm/gic600ae_fmu.h
+++ b/include/drivers/arm/gic600ae_fmu.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2021-2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -37,6 +37,7 @@
/* SMEN constants */
#define FMU_SMEN_BLK_SHIFT U(8)
#define FMU_SMEN_SMID_SHIFT U(24)
+#define FMU_SMEN_EN_BIT BIT(0)
/* Error record IDs */
#define FMU_BLK_GICD U(0)
@@ -86,10 +87,10 @@
/* Safety Mechamism limit */
#define FMU_SMID_GICD_MAX U(33)
+#define FMU_SMID_PPI_MAX U(12)
+#define FMU_SMID_ITS_MAX U(14)
#define FMU_SMID_SPICOL_MAX U(5)
#define FMU_SMID_WAKERQ_MAX U(2)
-#define FMU_SMID_ITS_MAX U(14)
-#define FMU_SMID_PPI_MAX U(12)
/* MBIST Safety Mechanism ID */
#define GICD_MBIST_REQ_ERROR U(23)
@@ -100,12 +101,17 @@
#define ITS_FMU_CLKGATE_ERROR U(14)
/* ERRSTATUS bits */
-#define FMU_ERRSTATUS_V_BIT BIT(30)
-#define FMU_ERRSTATUS_UE_BIT BIT(29)
-#define FMU_ERRSTATUS_OV_BIT BIT(27)
-#define FMU_ERRSTATUS_CE_BITS (BIT(25) | BIT(24))
-#define FMU_ERRSTATUS_CLEAR (FMU_ERRSTATUS_V_BIT | FMU_ERRSTATUS_UE_BIT | \
- FMU_ERRSTATUS_OV_BIT | FMU_ERRSTATUS_CE_BITS)
+#define FMU_ERRSTATUS_BLKID_SHIFT U(32)
+#define FMU_ERRSTATUS_BLKID_MASK U(0xFF)
+#define FMU_ERRSTATUS_V_BIT BIT(30)
+#define FMU_ERRSTATUS_UE_BIT BIT(29)
+#define FMU_ERRSTATUS_OV_BIT BIT(27)
+#define FMU_ERRSTATUS_CE_BITS (BIT(25) | BIT(24))
+#define FMU_ERRSTATUS_CLEAR (FMU_ERRSTATUS_V_BIT | FMU_ERRSTATUS_UE_BIT | \
+ FMU_ERRSTATUS_OV_BIT | FMU_ERRSTATUS_CE_BITS)
+#define FMU_ERRSTATUS_IERR_MASK U(0xFF)
+#define FMU_ERRSTATUS_IERR_SHIFT U(8)
+#define FMU_ERRSTATUS_SERR_MASK U(0xFF)
/* PINGCTLR constants */
#define FMU_PINGCTLR_INTDIFF_SHIFT U(16)
@@ -137,11 +143,14 @@
void gic_fmu_write_smen(uintptr_t base, uint32_t val);
void gic_fmu_write_sminjerr(uintptr_t base, uint32_t val);
void gic_fmu_write_pingmask(uintptr_t base, uint64_t val);
+void gic_fmu_disable_all_sm_blkid(uintptr_t base, unsigned int blkid);
void gic600_fmu_init(uint64_t base, uint64_t blk_present_mask, bool errctlr_ce_en, bool errctlr_ue_en);
void gic600_fmu_enable_ping(uint64_t base, uint64_t blk_present_mask,
unsigned int timeout_val, unsigned int interval_diff);
void gic600_fmu_print_sm_info(uint64_t base, unsigned int blk, unsigned int smid);
+int gic600_fmu_probe(uint64_t base, int *probe_data);
+int gic600_fmu_ras_handler(uint64_t base, int probe_data);
#endif /* __ASSEMBLER__ */
diff --git a/include/lib/cpus/aarch64/cortex_a78.h b/include/lib/cpus/aarch64/cortex_a78.h
index f3cb39f..31da99e 100644
--- a/include/lib/cpus/aarch64/cortex_a78.h
+++ b/include/lib/cpus/aarch64/cortex_a78.h
@@ -35,8 +35,10 @@
#define CORTEX_A78_ACTLR_TAM_BIT (ULL(1) << 30)
#define CORTEX_A78_ACTLR2_EL1 S3_0_C15_C1_1
+#define CORTEX_A78_ACTLR2_EL1_BIT_0 (ULL(1) << 0)
#define CORTEX_A78_ACTLR2_EL1_BIT_1 (ULL(1) << 1)
#define CORTEX_A78_ACTLR2_EL1_BIT_2 (ULL(1) << 2)
+#define CORTEX_A78_ACTLR2_EL1_BIT_40 (ULL(1) << 40)
/*******************************************************************************
* CPU Activity Monitor Unit register specific definitions.
diff --git a/include/lib/cpus/aarch64/cortex_a78_ae.h b/include/lib/cpus/aarch64/cortex_a78_ae.h
index 90b6d6f..b68ec1e 100644
--- a/include/lib/cpus/aarch64/cortex_a78_ae.h
+++ b/include/lib/cpus/aarch64/cortex_a78_ae.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, ARM Limited. All rights reserved.
- * Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2021-2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,4 +21,11 @@
#define CORTEX_A78_AE_CPUECTLR_EL1 CORTEX_A78_CPUECTLR_EL1
#define CORTEX_A78_AE_CPUECTLR_EL1_BIT_8 CORTEX_A78_CPUECTLR_EL1_BIT_8
+/*******************************************************************************
+ * CPU Auxiliary Control register 2 specific definitions.
+ ******************************************************************************/
+#define CORTEX_A78_AE_ACTLR2_EL1 CORTEX_A78_ACTLR2_EL1
+#define CORTEX_A78_AE_ACTLR2_EL1_BIT_0 CORTEX_A78_ACTLR2_EL1_BIT_0
+#define CORTEX_A78_AE_ACTLR2_EL1_BIT_40 CORTEX_A78_ACTLR2_EL1_BIT_40
+
#endif /* CORTEX_A78_AE_H */
diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h
index 512d196..3a09383 100644
--- a/include/lib/el3_runtime/aarch64/context.h
+++ b/include/lib/el3_runtime/aarch64/context.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -217,23 +217,20 @@
// Starting with Armv8.4
#define CTX_CONTEXTIDR_EL2 U(0x198)
-#define CTX_SDER32_EL2 U(0x1a0)
-#define CTX_TTBR1_EL2 U(0x1a8)
-#define CTX_VDISR_EL2 U(0x1b0)
+#define CTX_TTBR1_EL2 U(0x1a0)
+#define CTX_VDISR_EL2 U(0x1a8)
+#define CTX_VSESR_EL2 U(0x1b0)
#define CTX_VNCR_EL2 U(0x1b8)
-#define CTX_VSESR_EL2 U(0x1c0)
-#define CTX_VSTCR_EL2 U(0x1c8)
-#define CTX_VSTTBR_EL2 U(0x1d0)
-#define CTX_TRFCR_EL2 U(0x1d8)
+#define CTX_TRFCR_EL2 U(0x1c0)
// Starting with Armv8.5
-#define CTX_SCXTNUM_EL2 U(0x1e0)
+#define CTX_SCXTNUM_EL2 U(0x1c8)
// Register for FEAT_HCX
-#define CTX_HCRX_EL2 U(0x1e8)
+#define CTX_HCRX_EL2 U(0x1d0)
/* Align to the next 16 byte boundary */
-#define CTX_EL2_SYSREGS_END U(0x1f0)
+#define CTX_EL2_SYSREGS_END U(0x1e0)
#endif /* CTX_INCLUDE_EL2_REGS */
diff --git a/include/lib/el3_runtime/context_mgmt.h b/include/lib/el3_runtime/context_mgmt.h
index 2090687..1a76d8e 100644
--- a/include/lib/el3_runtime/context_mgmt.h
+++ b/include/lib/el3_runtime/context_mgmt.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,7 @@
const struct entry_point_info *ep);
void cm_setup_context(cpu_context_t *ctx, const struct entry_point_info *ep);
void cm_prepare_el3_exit(uint32_t security_state);
+void cm_prepare_el3_exit_ns(void);
#ifdef __aarch64__
#if CTX_INCLUDE_EL2_REGS
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 509fd58..7664509 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -303,6 +303,14 @@
unsigned int ncpu);
/*******************************************************************************
+ * Mandatory BL31 functions when ENABLE_RME=1
+ ******************************************************************************/
+int plat_get_cca_attest_token(uintptr_t buf, size_t *len,
+ uintptr_t hash, size_t hash_size);
+int plat_get_cca_realm_attest_key(uintptr_t buf, size_t *len,
+ unsigned int type);
+
+/*******************************************************************************
* Optional BL31 functions (may be overridden)
******************************************************************************/
void bl31_plat_enable_mmu(uint32_t flags);
diff --git a/include/services/rmmd_svc.h b/include/services/rmmd_svc.h
index 8eb49c8..2fbdddd 100644
--- a/include/services/rmmd_svc.h
+++ b/include/services/rmmd_svc.h
@@ -77,6 +77,45 @@
#define RMMD_ERR_INVAL -5
#define RMMD_ERR_UNK -6
+/*
+ * Retrieve Platform token from EL3.
+ * The arguments to this SMC are :
+ * arg0 - Function ID.
+ * arg1 - Platform attestation token buffer Physical address. (The challenge
+ * object is passed in this buffer.)
+ * arg2 - Platform attestation token buffer size (in bytes).
+ * arg3 - Challenge object size (in bytes). It has be one of the defined SHA hash
+ * sizes.
+ * The return arguments are :
+ * ret0 - Status / error.
+ * ret1 - Size of the platform token if successful.
+ */
+#define RMMD_ATTEST_GET_PLAT_TOKEN RMM_FID(SMC_64, ATTEST_GET_PLAT_TOKEN)
+
+/* Acceptable SHA sizes for Challenge object */
+#define SHA256_DIGEST_SIZE 32U
+#define SHA384_DIGEST_SIZE 48U
+#define SHA512_DIGEST_SIZE 64U
+
+/*
+ * Retrieve Realm attestation key from EL3. Only P-384 ECC curve key is
+ * supported. The arguments to this SMC are :
+ * arg0 - Function ID.
+ * arg1 - Realm attestation key buffer Physical address.
+ * arg2 - Realm attestation key buffer size (in bytes).
+ * arg3 - The type of the elliptic curve to which the requested
+ * attestation key belongs to. The value should be one of the
+ * defined curve types.
+ * The return arguments are :
+ * ret0 - Status / error.
+ * ret1 - Size of the realm attestation key if successful.
+ */
+#define RMMD_ATTEST_GET_REALM_KEY RMM_FID(SMC_64, ATTEST_GET_REALM_KEY)
+
+/* ECC Curve types for attest key generation */
+#define ATTEST_KEY_CURVE_ECC_SECP384R1 0
+
+
#ifndef __ASSEMBLER__
#include <stdint.h>
@@ -100,5 +139,4 @@
uint64_t flags);
#endif /* __ASSEMBLER__ */
-
#endif /* RMMD_SVC_H */
diff --git a/lib/cpus/aarch64/cortex_a78_ae.S b/lib/cpus/aarch64/cortex_a78_ae.S
index bf872df..27adc38 100644
--- a/lib/cpus/aarch64/cortex_a78_ae.S
+++ b/lib/cpus/aarch64/cortex_a78_ae.S
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, ARM Limited. All rights reserved.
- * Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
+ * Copyright (c) 2021-2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -104,6 +104,78 @@
b cpu_rev_var_range
endfunc check_errata_1951502
+/* --------------------------------------------------
+ * Errata Workaround for A78 AE Erratum 2376748.
+ * This applies to revisions r0p0 and r0p1 of A78 AE.
+ * Inputs:
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * --------------------------------------------------
+ */
+func errata_a78_ae_2376748_wa
+ /* Compare x0 against revisions r0p0 - r0p1 */
+ mov x17, x30
+ bl check_errata_2376748
+ cbz x0, 1f
+
+ /* -------------------------------------------------------
+ * Set CPUACTLR2_EL1[0] to 1 to force PLDW/PFRM ST to
+ * behave like PLD/PRFM LD and not cause invalidations to
+ * other PE caches. There might be a small performance
+ * degradation to this workaround for certain workloads
+ * that share data.
+ * -------------------------------------------------------
+ */
+ mrs x0, CORTEX_A78_AE_ACTLR2_EL1
+ orr x0, x0, #CORTEX_A78_AE_ACTLR2_EL1_BIT_0
+ msr CORTEX_A78_AE_ACTLR2_EL1, x0
+ isb
+1:
+ ret x17
+endfunc errata_a78_ae_2376748_wa
+
+func check_errata_2376748
+ /* Applies to revisions r0p0 and r0p1. */
+ mov x1, #CPU_REV(0, 0)
+ mov x2, #CPU_REV(0, 1)
+ b cpu_rev_var_range
+endfunc check_errata_2376748
+
+/* --------------------------------------------------
+ * Errata Workaround for A78 AE Erratum 2395408.
+ * This applies to revisions r0p0 and r0p1 of A78 AE.
+ * Inputs:
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * --------------------------------------------------
+ */
+func errata_a78_ae_2395408_wa
+ /* Compare x0 against revisions r0p0 - r0p1 */
+ mov x17, x30
+ bl check_errata_2395408
+ cbz x0, 1f
+
+ /* --------------------------------------------------------
+ * Disable folding of demand requests into older prefetches
+ * with L2 miss requests outstanding by setting the
+ * CPUACTLR2_EL1[40] to 1.
+ * --------------------------------------------------------
+ */
+ mrs x0, CORTEX_A78_AE_ACTLR2_EL1
+ orr x0, x0, #CORTEX_A78_AE_ACTLR2_EL1_BIT_40
+ msr CORTEX_A78_AE_ACTLR2_EL1, x0
+ isb
+1:
+ ret x17
+endfunc errata_a78_ae_2395408_wa
+
+func check_errata_2395408
+ /* Applies to revisions r0p0 and r0p1. */
+ mov x1, #CPU_REV(0, 0)
+ mov x2, #CPU_REV(0, 1)
+ b cpu_rev_var_range
+endfunc check_errata_2395408
+
func check_errata_cve_2022_23960
#if WORKAROUND_CVE_2022_23960
mov x0, #ERRATA_APPLIES
@@ -132,6 +204,16 @@
bl errata_a78_ae_1951502_wa
#endif
+#if ERRATA_A78_AE_2376748
+ mov x0, x18
+ bl errata_a78_ae_2376748_wa
+#endif
+
+#if ERRATA_A78_AE_2395408
+ mov x0, x18
+ bl errata_a78_ae_2395408_wa
+#endif
+
#if ENABLE_AMU
/* Make sure accesses from EL0/EL1 and EL2 are not trapped to EL3 */
mrs x0, actlr_el3
@@ -197,6 +279,8 @@
*/
report_errata ERRATA_A78_AE_1941500, cortex_a78_ae, 1941500
report_errata ERRATA_A78_AE_1951502, cortex_a78_ae, 1951502
+ report_errata ERRATA_A78_AE_2376748, cortex_a78_ae, 2376748
+ report_errata ERRATA_A78_AE_2395408, cortex_a78_ae, 2395408
report_errata WORKAROUND_CVE_2022_23960, cortex_a78_ae, cve_2022_23960
ldp x8, x30, [sp], #16
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index c7630fb..8840f8e 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -1,6 +1,6 @@
#
# Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
-# Copyright (c) 2020-2021, NVIDIA Corporation. All rights reserved.
+# Copyright (c) 2020-2022, NVIDIA Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -341,6 +341,14 @@
# to revisions r0p0 and r0p1 of the A78 AE cpu. It is still open.
ERRATA_A78_AE_1951502 ?=0
+# Flag to apply erratum 2376748 workaround during reset. This erratum applies
+# to revisions r0p0 and r0p1 of the A78 AE cpu. It is still open.
+ERRATA_A78_AE_2376748 ?=0
+
+# Flag to apply erratum 2395408 workaround during reset. This erratum applies
+# to revisions r0p0 and r0p1 of the A78 AE cpu. It is still open.
+ERRATA_A78_AE_2395408 ?=0
+
# Flag to apply T32 CLREX workaround during reset. This erratum applies
# only to r0p0 and r1p0 of the Neoverse N1 cpu.
ERRATA_N1_1043202 ?=0
@@ -838,6 +846,14 @@
$(eval $(call assert_boolean,ERRATA_A78_AE_1951502))
$(eval $(call add_define,ERRATA_A78_AE_1951502))
+# Process ERRATA_A78_AE_2376748 flag
+$(eval $(call assert_boolean,ERRATA_A78_AE_2376748))
+$(eval $(call add_define,ERRATA_A78_AE_2376748))
+
+# Process ERRATA_A78_AE_2395408 flag
+$(eval $(call assert_boolean,ERRATA_A78_AE_2395408))
+$(eval $(call add_define,ERRATA_A78_AE_2395408))
+
# Process ERRATA_N1_1043202 flag
$(eval $(call assert_boolean,ERRATA_N1_1043202))
$(eval $(call add_define,ERRATA_N1_1043202))
diff --git a/lib/el3_runtime/aarch32/context_mgmt.c b/lib/el3_runtime/aarch32/context_mgmt.c
index 3ef378c..af8edf5 100644
--- a/lib/el3_runtime/aarch32/context_mgmt.c
+++ b/lib/el3_runtime/aarch32/context_mgmt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -332,3 +332,12 @@
enable_extensions_nonsecure(el2_unused);
}
}
+
+/*******************************************************************************
+ * This function is used to exit to Non-secure world. It simply calls the
+ * cm_prepare_el3_exit function for AArch32.
+ ******************************************************************************/
+void cm_prepare_el3_exit_ns(void)
+{
+ cm_prepare_el3_exit(NON_SECURE);
+}
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index c1c0612..69acc2f 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,14 +13,14 @@
#if CTX_INCLUDE_EL2_REGS
.global el2_sysregs_context_save
.global el2_sysregs_context_restore
-#endif
+#endif /* CTX_INCLUDE_EL2_REGS */
.global el1_sysregs_context_save
.global el1_sysregs_context_restore
#if CTX_INCLUDE_FPREGS
.global fpregs_context_save
.global fpregs_context_restore
-#endif
+#endif /* CTX_INCLUDE_FPREGS */
.global prepare_el3_entry
.global restore_gp_pmcr_pauth_regs
.global save_and_update_ptw_el1_sys_regs
@@ -62,7 +62,7 @@
#if CTX_INCLUDE_AARCH32_REGS
mrs x16, dbgvcr32_el2
str x16, [x0, #CTX_DBGVCR32_EL2]
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
mrs x9, elr_el2
mrs x10, esr_el2
@@ -91,7 +91,8 @@
#if ENABLE_SPE_FOR_LOWER_ELS
mrs x13, PMSCR_EL2
str x13, [x0, #CTX_PMSCR_EL2]
-#endif
+#endif /* ENABLE_SPE_FOR_LOWER_ELS */
+
mrs x14, sctlr_el2
str x14, [x0, #CTX_SCTLR_EL2]
@@ -118,7 +119,7 @@
#if CTX_INCLUDE_MTE_REGS
mrs x9, TFSR_EL2
str x9, [x0, #CTX_TFSR_EL2]
-#endif
+#endif /* CTX_INCLUDE_MTE_REGS */
#if ENABLE_MPAM_FOR_LOWER_ELS
mrs x10, MPAM2_EL2
@@ -143,7 +144,7 @@
mrs x11, MPAMVPM7_EL2
mrs x12, MPAMVPMV_EL2
stp x11, x12, [x0, #CTX_MPAMVPM7_EL2]
-#endif
+#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
#if ENABLE_FEAT_FGT
mrs x13, HDFGRTR_EL2
@@ -152,7 +153,7 @@
stp x13, x14, [x0, #CTX_HDFGRTR_EL2]
#else
str x13, [x0, #CTX_HDFGRTR_EL2]
-#endif
+#endif /* ENABLE_FEAT_AMUv1 */
mrs x15, HDFGWTR_EL2
mrs x16, HFGITR_EL2
stp x15, x16, [x0, #CTX_HDFGWTR_EL2]
@@ -160,48 +161,61 @@
mrs x9, HFGRTR_EL2
mrs x10, HFGWTR_EL2
stp x9, x10, [x0, #CTX_HFGRTR_EL2]
-#endif
+#endif /* ENABLE_FEAT_FGT */
#if ENABLE_FEAT_ECV
mrs x11, CNTPOFF_EL2
str x11, [x0, #CTX_CNTPOFF_EL2]
-#endif
+#endif /* ENABLE_FEAT_ECV */
-#if ARM_ARCH_AT_LEAST(8, 4)
- mrs x12, contextidr_el2
- str x12, [x0, #CTX_CONTEXTIDR_EL2]
+#if ENABLE_FEAT_VHE
+ /*
+ * CONTEXTIDR_EL2 register is saved only when FEAT_VHE or
+ * FEAT_Debugv8p2 (currently not in TF-A) is supported.
+ */
+ mrs x9, contextidr_el2
+ mrs x10, ttbr1_el2
+ stp x9, x10, [x0, #CTX_CONTEXTIDR_EL2]
+#endif /* ENABLE_FEAT_VHE */
-#if CTX_INCLUDE_AARCH32_REGS
- mrs x13, sder32_el2
- str x13, [x0, #CTX_SDER32_EL2]
-#endif
- mrs x14, ttbr1_el2
- mrs x15, vdisr_el2
- stp x14, x15, [x0, #CTX_TTBR1_EL2]
+#if RAS_EXTENSION
+ /*
+ * VDISR_EL2 and VSESR_EL2 registers are saved only when
+ * FEAT_RAS is supported.
+ */
+ mrs x11, vdisr_el2
+ mrs x12, vsesr_el2
+ stp x11, x12, [x0, #CTX_VDISR_EL2]
+#endif /* RAS_EXTENSION */
#if CTX_INCLUDE_NEVE_REGS
+ /*
+ * VNCR_EL2 register is saved only when FEAT_NV2 is supported.
+ */
mrs x16, vncr_el2
str x16, [x0, #CTX_VNCR_EL2]
-#endif
+#endif /* CTX_INCLUDE_NEVE_REGS */
- mrs x9, vsesr_el2
- mrs x10, vstcr_el2
- stp x9, x10, [x0, #CTX_VSESR_EL2]
-
- mrs x11, vsttbr_el2
+#if ENABLE_TRF_FOR_NS
+ /*
+ * TRFCR_EL2 register is saved only when FEAT_TRF is supported.
+ */
mrs x12, TRFCR_EL2
- stp x11, x12, [x0, #CTX_VSTTBR_EL2]
-#endif
+ str x12, [x0, #CTX_TRFCR_EL2]
+#endif /* ENABLE_TRF_FOR_NS */
-#if ARM_ARCH_AT_LEAST(8, 5)
+#if ENABLE_FEAT_CSV2_2
+ /*
+ * SCXTNUM_EL2 register is saved only when FEAT_CSV2_2 is supported.
+ */
mrs x13, scxtnum_el2
str x13, [x0, #CTX_SCXTNUM_EL2]
-#endif
+#endif /* ENABLE_FEAT_CSV2_2 */
#if ENABLE_FEAT_HCX
mrs x14, hcrx_el2
str x14, [x0, #CTX_HCRX_EL2]
-#endif
+#endif /* ENABLE_FEAT_HCX */
ret
endfunc el2_sysregs_context_save
@@ -241,7 +255,7 @@
#if CTX_INCLUDE_AARCH32_REGS
ldr x16, [x0, #CTX_DBGVCR32_EL2]
msr dbgvcr32_el2, x16
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
ldp x9, x10, [x0, #CTX_ELR_EL2]
msr elr_el2, x9
@@ -270,7 +284,8 @@
#if ENABLE_SPE_FOR_LOWER_ELS
ldr x13, [x0, #CTX_PMSCR_EL2]
msr PMSCR_EL2, x13
-#endif
+#endif /* ENABLE_SPE_FOR_LOWER_ELS */
+
ldr x14, [x0, #CTX_SCTLR_EL2]
msr sctlr_el2, x14
@@ -297,7 +312,7 @@
#if CTX_INCLUDE_MTE_REGS
ldr x9, [x0, #CTX_TFSR_EL2]
msr TFSR_EL2, x9
-#endif
+#endif /* CTX_INCLUDE_MTE_REGS */
#if ENABLE_MPAM_FOR_LOWER_ELS
ldr x10, [x0, #CTX_MPAM2_EL2]
@@ -322,7 +337,7 @@
ldp x11, x12, [x0, #CTX_MPAMVPM7_EL2]
msr MPAMVPM7_EL2, x11
msr MPAMVPMV_EL2, x12
-#endif
+#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
#if ENABLE_FEAT_FGT
#if ENABLE_FEAT_AMUv1
@@ -330,7 +345,7 @@
msr HAFGRTR_EL2, x14
#else
ldr x13, [x0, #CTX_HDFGRTR_EL2]
-#endif
+#endif /* ENABLE_FEAT_AMUv1 */
msr HDFGRTR_EL2, x13
ldp x15, x16, [x0, #CTX_HDFGWTR_EL2]
@@ -340,48 +355,61 @@
ldp x9, x10, [x0, #CTX_HFGRTR_EL2]
msr HFGRTR_EL2, x9
msr HFGWTR_EL2, x10
-#endif
+#endif /* ENABLE_FEAT_FGT */
#if ENABLE_FEAT_ECV
ldr x11, [x0, #CTX_CNTPOFF_EL2]
msr CNTPOFF_EL2, x11
-#endif
+#endif /* ENABLE_FEAT_ECV */
-#if ARM_ARCH_AT_LEAST(8, 4)
- ldr x12, [x0, #CTX_CONTEXTIDR_EL2]
- msr contextidr_el2, x12
+#if ENABLE_FEAT_VHE
+ /*
+ * CONTEXTIDR_EL2 register is restored only when FEAT_VHE or
+ * FEAT_Debugv8p2 (currently not in TF-A) is supported.
+ */
+ ldp x9, x10, [x0, #CTX_CONTEXTIDR_EL2]
+ msr contextidr_el2, x9
+ msr ttbr1_el2, x10
+#endif /* ENABLE_FEAT_VHE */
-#if CTX_INCLUDE_AARCH32_REGS
- ldr x13, [x0, #CTX_SDER32_EL2]
- msr sder32_el2, x13
-#endif
- ldp x14, x15, [x0, #CTX_TTBR1_EL2]
- msr ttbr1_el2, x14
- msr vdisr_el2, x15
+#if RAS_EXTENSION
+ /*
+ * VDISR_EL2 and VSESR_EL2 registers are restored only when FEAT_RAS
+ * is supported.
+ */
+ ldp x11, x12, [x0, #CTX_VDISR_EL2]
+ msr vdisr_el2, x11
+ msr vsesr_el2, x12
+#endif /* RAS_EXTENSION */
#if CTX_INCLUDE_NEVE_REGS
+ /*
+ * VNCR_EL2 register is restored only when FEAT_NV2 is supported.
+ */
ldr x16, [x0, #CTX_VNCR_EL2]
msr vncr_el2, x16
-#endif
+#endif /* CTX_INCLUDE_NEVE_REGS */
- ldp x9, x10, [x0, #CTX_VSESR_EL2]
- msr vsesr_el2, x9
- msr vstcr_el2, x10
-
- ldp x11, x12, [x0, #CTX_VSTTBR_EL2]
- msr vsttbr_el2, x11
+#if ENABLE_TRF_FOR_NS
+ /*
+ * TRFCR_EL2 register is restored only when FEAT_TRF is supported.
+ */
+ ldr x12, [x0, #CTX_TRFCR_EL2]
msr TRFCR_EL2, x12
-#endif
+#endif /* ENABLE_TRF_FOR_NS */
-#if ARM_ARCH_AT_LEAST(8, 5)
+#if ENABLE_FEAT_CSV2_2
+ /*
+ * SCXTNUM_EL2 register is restored only when FEAT_CSV2_2 is supported.
+ */
ldr x13, [x0, #CTX_SCXTNUM_EL2]
msr scxtnum_el2, x13
-#endif
+#endif /* ENABLE_FEAT_CSV2_2 */
#if ENABLE_FEAT_HCX
ldr x14, [x0, #CTX_HCRX_EL2]
msr hcrx_el2, x14
-#endif
+#endif /* ENABLE_FEAT_HCX */
ret
endfunc el2_sysregs_context_restore
@@ -405,7 +433,7 @@
mrs x15, sctlr_el1
mrs x16, tcr_el1
stp x15, x16, [x0, #CTX_SCTLR_EL1]
-#endif
+#endif /* ERRATA_SPECULATIVE_AT */
mrs x17, cpacr_el1
mrs x9, csselr_el1
@@ -456,7 +484,7 @@
mrs x15, dacr32_el2
mrs x16, ifsr32_el2
stp x15, x16, [x0, #CTX_DACR32_EL2]
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
/* Save NS timer registers if the build has instructed so */
#if NS_TIMER_SWITCH
@@ -470,7 +498,7 @@
mrs x14, cntkctl_el1
str x14, [x0, #CTX_CNTKCTL_EL1]
-#endif
+#endif /* NS_TIMER_SWITCH */
/* Save MTE system registers if the build has instructed so */
#if CTX_INCLUDE_MTE_REGS
@@ -481,7 +509,7 @@
mrs x9, RGSR_EL1
mrs x10, GCR_EL1
stp x9, x10, [x0, #CTX_RGSR_EL1]
-#endif
+#endif /* CTX_INCLUDE_MTE_REGS */
ret
endfunc el1_sysregs_context_save
@@ -504,7 +532,7 @@
ldp x15, x16, [x0, #CTX_SCTLR_EL1]
msr sctlr_el1, x15
msr tcr_el1, x16
-#endif
+#endif /* ERRATA_SPECULATIVE_AT */
ldp x17, x9, [x0, #CTX_CPACR_EL1]
msr cpacr_el1, x17
@@ -555,7 +583,8 @@
ldp x15, x16, [x0, #CTX_DACR32_EL2]
msr dacr32_el2, x15
msr ifsr32_el2, x16
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
+
/* Restore NS timer registers if the build has instructed so */
#if NS_TIMER_SWITCH
ldp x10, x11, [x0, #CTX_CNTP_CTL_EL0]
@@ -568,7 +597,8 @@
ldr x14, [x0, #CTX_CNTKCTL_EL1]
msr cntkctl_el1, x14
-#endif
+#endif /* NS_TIMER_SWITCH */
+
/* Restore MTE system registers if the build has instructed so */
#if CTX_INCLUDE_MTE_REGS
ldp x11, x12, [x0, #CTX_TFSRE0_EL1]
@@ -578,7 +608,7 @@
ldp x13, x14, [x0, #CTX_RGSR_EL1]
msr RGSR_EL1, x13
msr GCR_EL1, x14
-#endif
+#endif /* CTX_INCLUDE_MTE_REGS */
/* No explict ISB required here as ERET covers it */
ret
@@ -626,7 +656,7 @@
#if CTX_INCLUDE_AARCH32_REGS
mrs x11, fpexc32_el2
str x11, [x0, #CTX_FP_FPEXC32_EL2]
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
ret
endfunc fpregs_context_save
@@ -671,7 +701,8 @@
#if CTX_INCLUDE_AARCH32_REGS
ldr x11, [x0, #CTX_FP_FPEXC32_EL2]
msr fpexc32_el2, x11
-#endif
+#endif /* CTX_INCLUDE_AARCH32_REGS */
+
/*
* No explict ISB required here as ERET to
* switch to secure EL1 or non-secure world
@@ -688,13 +719,13 @@
* in ARM DDI 0487F.c page J1-7635 to a default value.
*/
.macro set_unset_pstate_bits
- /*
- * If Data Independent Timing (DIT) functionality is implemented,
- * always enable DIT in EL3
- */
+ /*
+ * If Data Independent Timing (DIT) functionality is implemented,
+ * always enable DIT in EL3
+ */
#if ENABLE_FEAT_DIT
- mov x8, #DIT_BIT
- msr DIT, x8
+ mov x8, #DIT_BIT
+ msr DIT, x8
#endif /* ENABLE_FEAT_DIT */
.endm /* set_unset_pstate_bits */
@@ -933,7 +964,7 @@
mrs x17, spsel
cmp x17, #MODE_SP_EL0
ASM_ASSERT(eq)
-#endif
+#endif /* ENABLE_ASSERTIONS */
/* ----------------------------------------------------------
* Save the current SP_EL0 i.e. the EL3 runtime stack which
@@ -971,7 +1002,7 @@
isb
msr S3_6_C1_C2_0, x20 /* zcr_el3 */
sve_not_enabled:
-#endif
+#endif /* IMAGE_BL31 */
#if IMAGE_BL31 && DYNAMIC_WORKAROUND_CVE_2018_3639
/* ----------------------------------------------------------
@@ -982,7 +1013,8 @@
cbz x17, 1f
blr x17
1:
-#endif
+#endif /* IMAGE_BL31 && DYNAMIC_WORKAROUND_CVE_2018_3639 */
+
restore_ptw_el1_sys_regs
/* ----------------------------------------------------------
@@ -1005,10 +1037,12 @@
esb
#else
dsb sy
-#endif
+#endif /* IMAGE_BL31 && RAS_EXTENSION */
+
#ifdef IMAGE_BL31
str xzr, [sp, #CTX_EL3STATE_OFFSET + CTX_IS_IN_EL3]
-#endif
+#endif /* IMAGE_BL31 */
+
exception_return
endfunc el3_exit
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index c69dc95..459ca2c 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +16,7 @@
#include <bl31/interrupt_mgmt.h>
#include <common/bl_common.h>
#include <context.h>
+#include <drivers/arm/gicv3.h>
#include <lib/el3_runtime/context_mgmt.h>
#include <lib/el3_runtime/pubsub_events.h>
#include <lib/extensions/amu.h>
@@ -31,54 +32,158 @@
static void manage_extensions_secure(cpu_context_t *ctx);
-/*******************************************************************************
- * Context management library initialisation routine. This library is used by
- * runtime services to share pointers to 'cpu_context' structures for the secure
- * and non-secure states. Management of the structures and their associated
- * memory is not done by the context management library e.g. the PSCI service
- * manages the cpu context used for entry from and exit to the non-secure state.
- * The Secure payload dispatcher service manages the context(s) corresponding to
- * the secure state. It also uses this library to get access to the non-secure
- * state cpu context pointers.
- * Lastly, this library provides the api to make SP_EL3 point to the cpu context
- * which will used for programming an entry into a lower EL. The same context
- * will used to save state upon exception entry from that EL.
- ******************************************************************************/
-void __init cm_init(void)
+/******************************************************************************
+ * This function performs initializations that are specific to SECURE state
+ * and updates the cpu context specified by 'ctx'.
+ *****************************************************************************/
+static void setup_secure_context(cpu_context_t *ctx, const struct entry_point_info *ep)
{
+ u_register_t scr_el3;
+ el3_state_t *state;
+
+ state = get_el3state_ctx(ctx);
+ scr_el3 = read_ctx_reg(state, CTX_SCR_EL3);
+
+#if defined(IMAGE_BL31) && !defined(SPD_spmd)
/*
- * The context management library has only global data to intialize, but
- * that will be done when the BSS is zeroed out
+ * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as
+ * indicated by the interrupt routing model for BL31.
*/
+ scr_el3 |= get_scr_el3_from_routing_model(SECURE);
+#endif
+
+#if !CTX_INCLUDE_MTE_REGS || ENABLE_ASSERTIONS
+ /* Get Memory Tagging Extension support level */
+ unsigned int mte = get_armv8_5_mte_support();
+#endif
+ /*
+ * Allow access to Allocation Tags when CTX_INCLUDE_MTE_REGS
+ * is set, or when MTE is only implemented at EL0.
+ */
+#if CTX_INCLUDE_MTE_REGS
+ assert((mte == MTE_IMPLEMENTED_ELX) || (mte == MTE_IMPLEMENTED_ASY));
+ scr_el3 |= SCR_ATA_BIT;
+#else
+ if (mte == MTE_IMPLEMENTED_EL0) {
+ scr_el3 |= SCR_ATA_BIT;
+ }
+#endif /* CTX_INCLUDE_MTE_REGS */
+
+ /* Enable S-EL2 if the next EL is EL2 and S-EL2 is present */
+ if ((GET_EL(ep->spsr) == MODE_EL2) && is_armv8_4_sel2_present()) {
+ if (GET_RW(ep->spsr) != MODE_RW_64) {
+ ERROR("S-EL2 can not be used in AArch32\n.");
+ panic();
+ }
+
+ scr_el3 |= SCR_EEL2_BIT;
+ }
+
+ write_ctx_reg(state, CTX_SCR_EL3, scr_el3);
+
+ manage_extensions_secure(ctx);
+}
+
+#if ENABLE_RME
+/******************************************************************************
+ * This function performs initializations that are specific to REALM state
+ * and updates the cpu context specified by 'ctx'.
+ *****************************************************************************/
+static void setup_realm_context(cpu_context_t *ctx, const struct entry_point_info *ep)
+{
+ u_register_t scr_el3;
+ el3_state_t *state;
+
+ state = get_el3state_ctx(ctx);
+ scr_el3 = read_ctx_reg(state, CTX_SCR_EL3);
+
+ scr_el3 |= SCR_NS_BIT | SCR_NSE_BIT | SCR_EnSCXT_BIT;
+
+ write_ctx_reg(state, CTX_SCR_EL3, scr_el3);
+}
+#endif /* ENABLE_RME */
+
+/******************************************************************************
+ * This function performs initializations that are specific to NON-SECURE state
+ * and updates the cpu context specified by 'ctx'.
+ *****************************************************************************/
+static void setup_ns_context(cpu_context_t *ctx, const struct entry_point_info *ep)
+{
+ u_register_t scr_el3;
+ el3_state_t *state;
+
+ state = get_el3state_ctx(ctx);
+ scr_el3 = read_ctx_reg(state, CTX_SCR_EL3);
+
+ /* SCR_NS: Set the NS bit */
+ scr_el3 |= SCR_NS_BIT;
+
+#if !CTX_INCLUDE_PAUTH_REGS
+ /*
+ * If the pointer authentication registers aren't saved during world
+ * switches the value of the registers can be leaked from the Secure to
+ * the Non-secure world. To prevent this, rather than enabling pointer
+ * authentication everywhere, we only enable it in the Non-secure world.
+ *
+ * If the Secure world wants to use pointer authentication,
+ * CTX_INCLUDE_PAUTH_REGS must be set to 1.
+ */
+ scr_el3 |= SCR_API_BIT | SCR_APK_BIT;
+#endif /* !CTX_INCLUDE_PAUTH_REGS */
+
+ /* Allow access to Allocation Tags when MTE is implemented. */
+ scr_el3 |= SCR_ATA_BIT;
+
+#ifdef IMAGE_BL31
+ /*
+ * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as
+ * indicated by the interrupt routing model for BL31.
+ */
+ scr_el3 |= get_scr_el3_from_routing_model(NON_SECURE);
+#endif
+ write_ctx_reg(state, CTX_SCR_EL3, scr_el3);
+
+ /* Initialize EL2 context registers */
+#if CTX_INCLUDE_EL2_REGS
+
+ /*
+ * Initialize SCTLR_EL2 context register using Endianness value
+ * taken from the entrypoint attribute.
+ */
+ u_register_t sctlr_el2 = (EP_GET_EE(ep->h.attr) != 0U) ? SCTLR_EE_BIT : 0UL;
+ sctlr_el2 |= SCTLR_EL2_RES1;
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_SCTLR_EL2,
+ sctlr_el2);
+
+ /*
+ * The GICv3 driver initializes the ICC_SRE_EL2 register during
+ * platform setup. Use the same setting for the corresponding
+ * context register to make sure the correct bits are set when
+ * restoring NS context.
+ */
+ u_register_t icc_sre_el2 = read_icc_sre_el2();
+ icc_sre_el2 |= (ICC_SRE_DIB_BIT | ICC_SRE_DFB_BIT);
+ icc_sre_el2 |= (ICC_SRE_EN_BIT | ICC_SRE_SRE_BIT);
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_ICC_SRE_EL2,
+ icc_sre_el2);
+#endif /* CTX_INCLUDE_EL2_REGS */
}
/*******************************************************************************
- * The following function initializes the cpu_context 'ctx' for
- * first use, and sets the initial entrypoint state as specified by the
- * entry_point_info structure.
- *
- * The security state to initialize is determined by the SECURE attribute
- * of the entry_point_info.
+ * The following function performs initialization of the cpu_context 'ctx'
+ * for first use that is common to all security states, and sets the
+ * initial entrypoint state as specified by the entry_point_info structure.
*
* The EE and ST attributes are used to configure the endianness and secure
* timer availability for the new execution context.
- *
- * To prepare the register state for entry call cm_prepare_el3_exit() and
- * el3_exit(). For Secure-EL1 cm_prepare_el3_exit() is equivalent to
- * cm_el1_sysregs_context_restore().
******************************************************************************/
-void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep)
+static void setup_context_common(cpu_context_t *ctx, const entry_point_info_t *ep)
{
- unsigned int security_state;
u_register_t scr_el3;
el3_state_t *state;
gp_regs_t *gp_regs;
u_register_t sctlr_elx, actlr_elx;
- assert(ctx != NULL);
-
- security_state = GET_SECURITY_STATE(ep->h.attr);
-
/* Clear any residual register values from the context */
zeromem(ctx, sizeof(*ctx));
@@ -93,26 +198,7 @@
*/
scr_el3 = read_scr();
scr_el3 &= ~(SCR_NS_BIT | SCR_RW_BIT | SCR_FIQ_BIT | SCR_IRQ_BIT |
- SCR_ST_BIT | SCR_HCE_BIT);
-
-#if ENABLE_RME
- /* When RME support is enabled, clear the NSE bit as well. */
- scr_el3 &= ~SCR_NSE_BIT;
-#endif /* ENABLE_RME */
-
- /*
- * SCR_NS: Set the security state of the next EL.
- */
- if (security_state == NON_SECURE) {
- scr_el3 |= SCR_NS_BIT;
- }
-
-#if ENABLE_RME
- /* Check for realm state if RME support enabled. */
- if (security_state == REALM) {
- scr_el3 |= SCR_NS_BIT | SCR_NSE_BIT | SCR_EnSCXT_BIT;
- }
-#endif /* ENABLE_RME */
+ SCR_ST_BIT | SCR_HCE_BIT | SCR_NSE_BIT);
/*
* SCR_EL3.RW: Set the execution state, AArch32 or AArch64, for next
@@ -121,6 +207,7 @@
if (GET_RW(ep->spsr) == MODE_RW_64) {
scr_el3 |= SCR_RW_BIT;
}
+
/*
* SCR_EL3.ST: Traps Secure EL1 accesses to the Counter-timer Physical
* Secure timer registers to EL3, from AArch64 state only, if specified
@@ -149,8 +236,8 @@
#if !HANDLE_EA_EL3_FIRST
/*
* SCR_EL3.EA: Do not route External Abort and SError Interrupt External
- * to EL3 when executing at a lower EL. When executing at EL3, External
- * Aborts are taken to EL3.
+ * to EL3 when executing at a lower EL. When executing at EL3, External
+ * Aborts are taken to EL3.
*/
scr_el3 &= ~SCR_EA_BIT;
#endif
@@ -160,68 +247,11 @@
scr_el3 |= SCR_FIEN_BIT;
#endif
-#if !CTX_INCLUDE_PAUTH_REGS
/*
- * If the pointer authentication registers aren't saved during world
- * switches the value of the registers can be leaked from the Secure to
- * the Non-secure world. To prevent this, rather than enabling pointer
- * authentication everywhere, we only enable it in the Non-secure world.
- *
- * If the Secure world wants to use pointer authentication,
- * CTX_INCLUDE_PAUTH_REGS must be set to 1.
+ * CPTR_EL3 was initialized out of reset, copy that value to the
+ * context register.
*/
- if (security_state == NON_SECURE) {
- scr_el3 |= SCR_API_BIT | SCR_APK_BIT;
- }
-#endif /* !CTX_INCLUDE_PAUTH_REGS */
-
-#if !CTX_INCLUDE_MTE_REGS || ENABLE_ASSERTIONS
- /* Get Memory Tagging Extension support level */
- unsigned int mte = get_armv8_5_mte_support();
-#endif
- /*
- * Enable MTE support. Support is enabled unilaterally for the normal
- * world, and only for the secure world when CTX_INCLUDE_MTE_REGS is
- * set.
- */
-#if CTX_INCLUDE_MTE_REGS
- assert((mte == MTE_IMPLEMENTED_ELX) || (mte == MTE_IMPLEMENTED_ASY));
- scr_el3 |= SCR_ATA_BIT;
-#else
- /*
- * When MTE is only implemented at EL0, it can be enabled
- * across both worlds as no MTE registers are used.
- */
- if ((mte == MTE_IMPLEMENTED_EL0) ||
- /*
- * When MTE is implemented at all ELs, it can be only enabled
- * in Non-Secure world without register saving.
- */
- (((mte == MTE_IMPLEMENTED_ELX) || (mte == MTE_IMPLEMENTED_ASY)) &&
- (security_state == NON_SECURE))) {
- scr_el3 |= SCR_ATA_BIT;
- }
-#endif /* CTX_INCLUDE_MTE_REGS */
-
-#ifdef IMAGE_BL31
- /*
- * SCR_EL3.IRQ, SCR_EL3.FIQ: Enable the physical FIQ and IRQ routing as
- * indicated by the interrupt routing model for BL31.
- *
- * TODO: The interrupt routing model code is not updated for REALM
- * state. Use the default values of IRQ = FIQ = 0 for REALM security
- * state for now.
- */
- if (security_state != REALM) {
- scr_el3 |= get_scr_el3_from_routing_model(security_state);
- }
-#endif
-
- /* Save the initialized value of CPTR_EL3 register */
write_ctx_reg(get_el3state_ctx(ctx), CTX_CPTR_EL3, read_cptr_el3());
- if (security_state == SECURE) {
- manage_extensions_secure(ctx);
- }
/*
* SCR_EL3.HCE: Enable HVC instructions if next execution state is
@@ -249,16 +279,6 @@
}
}
- /* Enable S-EL2 if the next EL is EL2 and security state is secure */
- if ((security_state == SECURE) && (GET_EL(ep->spsr) == MODE_EL2)) {
- if (GET_RW(ep->spsr) != MODE_RW_64) {
- ERROR("S-EL2 can not be used in AArch32.");
- panic();
- }
-
- scr_el3 |= SCR_EEL2_BIT;
- }
-
/*
* FEAT_AMUv1p1 virtual offset registers are only accessible from EL3
* and EL2, when clear, this bit traps accesses from EL2 so we set it
@@ -362,6 +382,66 @@
}
/*******************************************************************************
+ * Context management library initialization routine. This library is used by
+ * runtime services to share pointers to 'cpu_context' structures for secure
+ * non-secure and realm states. Management of the structures and their associated
+ * memory is not done by the context management library e.g. the PSCI service
+ * manages the cpu context used for entry from and exit to the non-secure state.
+ * The Secure payload dispatcher service manages the context(s) corresponding to
+ * the secure state. It also uses this library to get access to the non-secure
+ * state cpu context pointers.
+ * Lastly, this library provides the API to make SP_EL3 point to the cpu context
+ * which will be used for programming an entry into a lower EL. The same context
+ * will be used to save state upon exception entry from that EL.
+ ******************************************************************************/
+void __init cm_init(void)
+{
+ /*
+ * The context management library has only global data to intialize, but
+ * that will be done when the BSS is zeroed out.
+ */
+}
+
+/*******************************************************************************
+ * This is the high-level function used to initialize the cpu_context 'ctx' for
+ * first use. It performs initializations that are common to all security states
+ * and initializations specific to the security state specified in 'ep'
+ ******************************************************************************/
+void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep)
+{
+ unsigned int security_state;
+
+ assert(ctx != NULL);
+
+ /*
+ * Perform initializations that are common
+ * to all security states
+ */
+ setup_context_common(ctx, ep);
+
+ security_state = GET_SECURITY_STATE(ep->h.attr);
+
+ /* Perform security state specific initializations */
+ switch (security_state) {
+ case SECURE:
+ setup_secure_context(ctx, ep);
+ break;
+#if ENABLE_RME
+ case REALM:
+ setup_realm_context(ctx, ep);
+ break;
+#endif
+ case NON_SECURE:
+ setup_ns_context(ctx, ep);
+ break;
+ default:
+ ERROR("Invalid security state\n");
+ panic();
+ break;
+ }
+}
+
+/*******************************************************************************
* Enable architecture extensions on first entry to Non-secure world.
* When EL2 is implemented but unused `el2_unused` is non-zero, otherwise
* it is zero.
@@ -738,6 +818,40 @@
#endif /* CTX_INCLUDE_EL2_REGS */
/*******************************************************************************
+ * This function is used to exit to Non-secure world. If CTX_INCLUDE_EL2_REGS
+ * is enabled, it restores EL1 and EL2 sysreg contexts instead of directly
+ * updating EL1 and EL2 registers. Otherwise, it calls the generic
+ * cm_prepare_el3_exit function.
+ ******************************************************************************/
+void cm_prepare_el3_exit_ns(void)
+{
+#if CTX_INCLUDE_EL2_REGS
+ cpu_context_t *ctx = cm_get_context(NON_SECURE);
+ assert(ctx != NULL);
+
+ /*
+ * Currently some extensions are configured using
+ * direct register updates. Therefore, do this here
+ * instead of when setting up context.
+ */
+ manage_extensions_nonsecure(0, ctx);
+
+ /*
+ * Set the NS bit to be able to access the ICC_SRE_EL2
+ * register when restoring context.
+ */
+ write_scr_el3(read_scr_el3() | SCR_NS_BIT);
+
+ /* Restore EL2 and EL1 sysreg contexts */
+ cm_el2_sysregs_context_restore(NON_SECURE);
+ cm_el1_sysregs_context_restore(NON_SECURE);
+ cm_set_next_eret_context(NON_SECURE);
+#else
+ cm_prepare_el3_exit(NON_SECURE);
+#endif /* CTX_INCLUDE_EL2_REGS */
+}
+
+/*******************************************************************************
* The next four functions are used by runtime services to save and restore
* EL1 context on the 'cpu_context' structure for the specified security
* state.
diff --git a/lib/extensions/mpam/mpam.c b/lib/extensions/mpam/mpam.c
index 65601dd..884d480 100644
--- a/lib/extensions/mpam/mpam.c
+++ b/lib/extensions/mpam/mpam.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,7 +27,6 @@
/*
* If EL2 is implemented but unused, disable trapping to EL2 when lower
* ELs access their own MPAM registers.
- * If EL2 is implemented and used, enable trapping to EL2.
*/
if (el2_unused) {
write_mpam2_el2(0ULL);
@@ -35,12 +34,5 @@
if ((read_mpamidr_el1() & MPAMIDR_HAS_HCR_BIT) != 0U) {
write_mpamhcr_el2(0ULL);
}
- } else {
- write_mpam2_el2(MPAM2_EL2_TRAPMPAM0EL1 |
- MPAM2_EL2_TRAPMPAM1EL1);
-
- if ((read_mpamidr_el1() & MPAMIDR_HAS_HCR_BIT) != 0U) {
- write_mpamhcr_el2(MPAMHCR_EL2_TRAP_MPAMIDR_EL1);
- }
}
}
diff --git a/lib/psci/psci_on.c b/lib/psci/psci_on.c
index dd48e10..c70b377 100644
--- a/lib/psci/psci_on.c
+++ b/lib/psci/psci_on.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -229,5 +229,5 @@
* information that we had stashed away during the cpu_on
* call to set this cpu on its way.
*/
- cm_prepare_el3_exit(NON_SECURE);
+ cm_prepare_el3_exit_ns();
}
diff --git a/lib/psci/psci_suspend.c b/lib/psci/psci_suspend.c
index da9f328..ffe3a91 100644
--- a/lib/psci/psci_suspend.c
+++ b/lib/psci/psci_suspend.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -331,5 +331,5 @@
* information that we had stashed away during the suspend
* call to set this cpu on its way.
*/
- cm_prepare_el3_exit(NON_SECURE);
+ cm_prepare_el3_exit_ns();
}
diff --git a/make_helpers/arch_features.mk b/make_helpers/arch_features.mk
new file mode 100644
index 0000000..01e3e09
--- /dev/null
+++ b/make_helpers/arch_features.mk
@@ -0,0 +1,36 @@
+#
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+# This file lists all the checks related to the Architectural Feature
+# Enablement flags, based on the Architectural version.
+
+# Enable the features which are mandatory from ARCH version 8.1 and upwards.
+ifeq "8.1" "$(word 1, $(sort 8.1 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ENABLE_FEAT_PAN = 1
+ENABLE_FEAT_VHE = 1
+endif
+
+# Enable the features which are mandatory from ARCH version 8.4 and upwards.
+ifeq "8.4" "$(word 1, $(sort 8.4 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ENABLE_FEAT_DIT = 1
+ENABLE_FEAT_SEL2 = 1
+endif
+
+# Enable the features which are mandatory from ARCH version 8.5 and upwards.
+ifeq "8.5" "$(word 1, $(sort 8.5 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ENABLE_FEAT_SB = 1
+endif
+
+# Enable the features which are mandatory from ARCH version 8.6 and upwards.
+ifeq "8.6" "$(word 1, $(sort 8.6 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ENABLE_FEAT_FGT = 1
+ENABLE_FEAT_ECV = 1
+endif
+
+# Enable the features which are mandatory from ARCH version 8.7 and upwards.
+ifeq "8.7" "$(word 1, $(sort 8.7 $(ARM_ARCH_MAJOR).$(ARM_ARCH_MINOR)))"
+ENABLE_FEAT_HCX = 1
+endif
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index 910ffdf..99f44a4 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -133,12 +133,18 @@
# Use BRANCH_PROTECTION to enable PAUTH.
ENABLE_PAUTH := 0
-# Flag to enable access to the HCRX_EL2 register by setting SCR_EL3.HXEn.
-ENABLE_FEAT_HCX := 0
-
# Flag to enable access to the HAFGRTR_EL2 register
ENABLE_FEAT_AMUv1 := 0
+# Flag to enable AMUv1p1 extension.
+ENABLE_FEAT_AMUv1p1 := 0
+
+# Flag to enable CSV2_2 extension.
+ENABLE_FEAT_CSV2_2 := 0
+
+# Flag to enable access to the HCRX_EL2 register by setting SCR_EL3.HXEn.
+ENABLE_FEAT_HCX := 0
+
# Flag to enable access to the HDFGRTR_EL2 register
ENABLE_FEAT_FGT := 0
@@ -148,6 +154,21 @@
# Flag to enable use of the DIT feature.
ENABLE_FEAT_DIT := 0
+# Flag to enable access to Privileged Access Never bit of PSTATE.
+ENABLE_FEAT_PAN := 0
+
+# Flag to enable access to the Random Number Generator registers
+ENABLE_FEAT_RNG := 0
+
+# Flag to enable Speculation Barrier Instruction
+ENABLE_FEAT_SB := 0
+
+# Flag to enable Secure EL-2 feature.
+ENABLE_FEAT_SEL2 := 0
+
+# Flag to enable Virtualization Host Extensions
+ENABLE_FEAT_VHE := 0
+
# By default BL31 encryption disabled
ENCRYPT_BL31 := 0
@@ -166,6 +187,9 @@
# Fault injection support
FAULT_INJECTION_SUPPORT := 0
+# Flag to enable architectural features detection mechanism
+FEATURE_DETECTION := 0
+
# Byte alignment that each component in FIP is aligned to
FIP_ALIGN := 0
diff --git a/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c b/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
index 3ee396c..fe521a9 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c
@@ -57,8 +57,8 @@
{
.image_id = TOS_FW_CONFIG_ID,
.image_info.image_base = CORSTONE1000_TOS_FW_CONFIG_BASE,
- .image_info.image_max_size = CORSTONE1000_TOS_FW_CONFIG_LIMIT - \
- CORSTONE1000_TOS_FW_CONFIG_BASE,
+ .image_info.image_max_size = (CORSTONE1000_TOS_FW_CONFIG_LIMIT -
+ CORSTONE1000_TOS_FW_CONFIG_BASE),
SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
VERSION_2, entry_point_info_t, SECURE | NON_EXECUTABLE),
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
diff --git a/plat/arm/board/corstone1000/common/corstone1000_plat.c b/plat/arm/board/corstone1000/common/corstone1000_plat.c
index a96baae..0235f8b 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_plat.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_plat.c
@@ -34,12 +34,13 @@
{
const struct plat_io_policy *policy;
/*
- * metadata for firmware update is written at 0x0000 offset of the flash.
- * PLAT_ARM_BOOT_BANK_FLAG contains the boot bank that TF-M is booted.
- * As per firmware update spec, at a given point of time, only one bank is active.
- * This means, TF-A should boot from the same bank as TF-M.
- */
+ * metadata for firmware update is written at 0x0000 offset of the flash.
+ * PLAT_ARM_BOOT_BANK_FLAG contains the boot bank that TF-M is booted.
+ * As per firmware update spec, at a given point of time, only one bank
+ * is active. This means, TF-A should boot from the same bank as TF-M.
+ */
volatile uint32_t *boot_bank_flag = (uint32_t *)(PLAT_ARM_BOOT_BANK_FLAG);
+
if (*boot_bank_flag > 1) {
VERBOSE("Boot_bank is set higher than possible values");
}
diff --git a/plat/arm/board/corstone1000/common/corstone1000_pm.c b/plat/arm/board/corstone1000/common/corstone1000_pm.c
index 98dea79..4b0a791 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_pm.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_pm.c
@@ -21,8 +21,8 @@
*(watchdog_val_reg) = SECURE_WATCHDOG_COUNTDOWN_VAL;
*watchdog_ctrl_reg = SECURE_WATCHDOG_MASK_ENABLE;
while (1) {
- wfi();
- }
+ wfi();
+ }
}
plat_psci_ops_t plat_arm_psci_pm_ops = {
diff --git a/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c b/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c
index cec7332..7e8fbb2 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c
@@ -38,8 +38,8 @@
*/
int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
{
- *nv_ctr = CORSTONE1000_FW_NVCTR_VAL;
- return 0;
+ *nv_ctr = CORSTONE1000_FW_NVCTR_VAL;
+ return 0;
}
/*
@@ -49,5 +49,5 @@
*/
int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
{
- return 0;
+ return 0;
}
diff --git a/plat/arm/board/corstone1000/common/include/platform_def.h b/plat/arm/board/corstone1000/common/include/platform_def.h
index 2523d72..584d485 100644
--- a/plat/arm/board/corstone1000/common/include/platform_def.h
+++ b/plat/arm/board/corstone1000/common/include/platform_def.h
@@ -16,11 +16,11 @@
#include <plat/common/common_def.h>
#include <plat/arm/soc/common/soc_css_def.h>
-#define ARM_ROTPK_HEADER_LEN 19
-#define ARM_ROTPK_HASH_LEN 32
+#define ARM_ROTPK_HEADER_LEN 19
+#define ARM_ROTPK_HASH_LEN 32
/* Special value used to verify platform parameters from BL2 to BL31 */
-#define ARM_BL31_PLAT_PARAM_VAL ULL(0x0f1e2d3c4b5a6978)
+#define ARM_BL31_PLAT_PARAM_VAL ULL(0x0f1e2d3c4b5a6978)
/* PL011 UART related constants */
#ifdef V2M_IOFPGA_UART0_CLK_IN_HZ
@@ -31,368 +31,324 @@
#undef V2M_IOFPGA_UART1_CLK_IN_HZ
#endif
-#define V2M_IOFPGA_UART0_CLK_IN_HZ 50000000
-#define V2M_IOFPGA_UART1_CLK_IN_HZ 50000000
+#define V2M_IOFPGA_UART0_CLK_IN_HZ 50000000
+#define V2M_IOFPGA_UART1_CLK_IN_HZ 50000000
/* Core/Cluster/Thread counts for corstone1000 */
-#define CORSTONE1000_CLUSTER_COUNT U(1)
-#define CORSTONE1000_MAX_CPUS_PER_CLUSTER U(4)
-#define CORSTONE1000_MAX_PE_PER_CPU U(1)
-#define CORSTONE1000_PRIMARY_CPU U(0)
+#define CORSTONE1000_CLUSTER_COUNT U(1)
+#define CORSTONE1000_MAX_CPUS_PER_CLUSTER U(4)
+#define CORSTONE1000_MAX_PE_PER_CPU U(1)
+#define CORSTONE1000_PRIMARY_CPU U(0)
-#define PLAT_ARM_CLUSTER_COUNT CORSTONE1000_CLUSTER_COUNT
+#define PLAT_ARM_CLUSTER_COUNT CORSTONE1000_CLUSTER_COUNT
-#define PLATFORM_CORE_COUNT (PLAT_ARM_CLUSTER_COUNT * \
- CORSTONE1000_MAX_CPUS_PER_CLUSTER * \
- CORSTONE1000_MAX_PE_PER_CPU)
+#define PLATFORM_CORE_COUNT (PLAT_ARM_CLUSTER_COUNT * \
+ CORSTONE1000_MAX_CPUS_PER_CLUSTER * \
+ CORSTONE1000_MAX_PE_PER_CPU)
/* UART related constants */
-#define PLAT_ARM_BOOT_UART_BASE 0x1a510000
-#define PLAT_ARM_BOOT_UART_CLK_IN_HZ V2M_IOFPGA_UART0_CLK_IN_HZ
-#define PLAT_ARM_RUN_UART_BASE 0x1a520000
-#define PLAT_ARM_RUN_UART_CLK_IN_HZ V2M_IOFPGA_UART1_CLK_IN_HZ
-#define ARM_CONSOLE_BAUDRATE 115200
-#define PLAT_ARM_CRASH_UART_BASE PLAT_ARM_RUN_UART_BASE
-#define PLAT_ARM_CRASH_UART_CLK_IN_HZ PLAT_ARM_RUN_UART_CLK_IN_HZ
+#define PLAT_ARM_BOOT_UART_BASE 0x1a510000
+#define PLAT_ARM_BOOT_UART_CLK_IN_HZ V2M_IOFPGA_UART0_CLK_IN_HZ
+#define PLAT_ARM_RUN_UART_BASE 0x1a520000
+#define PLAT_ARM_RUN_UART_CLK_IN_HZ V2M_IOFPGA_UART1_CLK_IN_HZ
+#define ARM_CONSOLE_BAUDRATE 115200
+#define PLAT_ARM_CRASH_UART_BASE PLAT_ARM_RUN_UART_BASE
+#define PLAT_ARM_CRASH_UART_CLK_IN_HZ PLAT_ARM_RUN_UART_CLK_IN_HZ
/* Memory related constants */
/* SRAM (CVM) memory layout
*
* <ARM_TRUSTED_SRAM_BASE>
- *
- * partition size: sizeof(meminfo_t) = 16 bytes
- *
- * content: memory info area used by the next BL
+ * partition size: sizeof(meminfo_t) = 16 bytes
+ * content: memory info area used by the next BL
*
* <ARM_FW_CONFIG_BASE>
- *
- * partition size: 4080 bytes
+ * partition size: 4080 bytes
*
* <ARM_BL2_MEM_DESC_BASE>
- *
- * partition size: 4 KB
- *
- * content:
- *
- * Area where BL2 copies the images descriptors
+ * partition size: 4 KB
+ * content: Area where BL2 copies the images descriptors
*
* <ARM_BL_RAM_BASE> = <BL32_BASE>
- *
- * partition size: 688 KB
- *
- * content:
- *
- * BL32 (optee-os)
+ * partition size: 688 KB
+ * content: BL32 (optee-os)
*
* <CORSTONE1000_TOS_FW_CONFIG_BASE> = 0x20ae000
- *
- * partition size: 8 KB
- *
- * content:
- *
- * BL32 config (TOS_FW_CONFIG)
+ * partition size: 8 KB
+ * content: BL32 config (TOS_FW_CONFIG)
*
* <BL31_BASE>
- *
- * partition size: 140 KB
- *
- * content:
- *
- * BL31
+ * partition size: 140 KB
+ * content: BL31
*
* <BL2_SIGNATURE_BASE>
- *
- * partition size: 4 KB
- *
- * content:
- *
- * MCUBOOT data needed to verify TF-A BL2
+ * partition size: 4 KB
+ * content: MCUBOOT data needed to verify TF-A BL2
*
* <BL2_BASE>
- *
- * partition size: 176 KB
- *
- * content:
- *
- * BL2
+ * partition size: 176 KB
+ * content: BL2
*
* <ARM_NS_SHARED_RAM_BASE> = <ARM_TRUSTED_SRAM_BASE> + 1 MB
- *
- * partition size: 512 KB
- *
- * content:
- *
- * BL33 (u-boot)
+ * partition size: 512 KB
+ * content: BL33 (u-boot)
*/
/* DDR memory */
-#define ARM_DRAM1_BASE UL(0x80000000)
-#define ARM_DRAM1_SIZE (SZ_2G) /* 2GB*/
-#define ARM_DRAM1_END (ARM_DRAM1_BASE + \
- ARM_DRAM1_SIZE - 1)
+#define ARM_DRAM1_BASE UL(0x80000000)
+#define ARM_DRAM1_SIZE (SZ_2G) /* 2GB*/
+#define ARM_DRAM1_END (ARM_DRAM1_BASE + ARM_DRAM1_SIZE - 1)
/* DRAM1 and DRAM2 are the same for corstone1000 */
-#define ARM_DRAM2_BASE ARM_DRAM1_BASE
-#define ARM_DRAM2_SIZE ARM_DRAM1_SIZE
-#define ARM_DRAM2_END ARM_DRAM1_END
+#define ARM_DRAM2_BASE ARM_DRAM1_BASE
+#define ARM_DRAM2_SIZE ARM_DRAM1_SIZE
+#define ARM_DRAM2_END ARM_DRAM1_END
-#define ARM_NS_DRAM1_BASE ARM_DRAM1_BASE
-#define ARM_NS_DRAM1_SIZE ARM_DRAM1_SIZE
-#define ARM_NS_DRAM1_END (ARM_NS_DRAM1_BASE +\
- ARM_NS_DRAM1_SIZE - 1)
+#define ARM_NS_DRAM1_BASE ARM_DRAM1_BASE
+#define ARM_NS_DRAM1_SIZE ARM_DRAM1_SIZE
+#define ARM_NS_DRAM1_END (ARM_NS_DRAM1_BASE + ARM_NS_DRAM1_SIZE - 1)
/* The first 8 KB of Trusted SRAM are used as shared memory */
-#define ARM_TRUSTED_SRAM_BASE UL(0x02000000)
-#define ARM_SHARED_RAM_SIZE (SZ_8K) /* 8 KB */
-#define ARM_SHARED_RAM_BASE ARM_TRUSTED_SRAM_BASE
+#define ARM_TRUSTED_SRAM_BASE UL(0x02000000)
+#define ARM_SHARED_RAM_SIZE (SZ_8K) /* 8 KB */
+#define ARM_SHARED_RAM_BASE ARM_TRUSTED_SRAM_BASE
/* The remaining Trusted SRAM is used to load the BL images */
-#define TOTAL_SRAM_SIZE (SZ_4M) /* 4 MB */
+#define TOTAL_SRAM_SIZE (SZ_4M) /* 4 MB */
-/* Last 512KB of CVM is allocated for shared RAM
- * as an example openAMP */
-#define ARM_NS_SHARED_RAM_SIZE (512 * SZ_1K)
+/* Last 512KB of CVM is allocated for shared RAM as an example openAMP */
+#define ARM_NS_SHARED_RAM_SIZE (512 * SZ_1K)
-#define PLAT_ARM_TRUSTED_SRAM_SIZE (TOTAL_SRAM_SIZE - \
- ARM_NS_SHARED_RAM_SIZE - \
- ARM_SHARED_RAM_SIZE)
+#define PLAT_ARM_TRUSTED_SRAM_SIZE (TOTAL_SRAM_SIZE - \
+ ARM_NS_SHARED_RAM_SIZE - \
+ ARM_SHARED_RAM_SIZE)
-#define PLAT_ARM_MAX_BL2_SIZE (180 * SZ_1K) /* 180 KB */
+#define PLAT_ARM_MAX_BL2_SIZE (180 * SZ_1K) /* 180 KB */
-#define PLAT_ARM_MAX_BL31_SIZE (140 * SZ_1K) /* 140 KB */
+#define PLAT_ARM_MAX_BL31_SIZE (140 * SZ_1K) /* 140 KB */
-#define ARM_BL_RAM_BASE (ARM_SHARED_RAM_BASE + \
- ARM_SHARED_RAM_SIZE)
-#define ARM_BL_RAM_SIZE (PLAT_ARM_TRUSTED_SRAM_SIZE - \
- ARM_SHARED_RAM_SIZE)
+#define ARM_BL_RAM_BASE (ARM_SHARED_RAM_BASE + ARM_SHARED_RAM_SIZE)
+#define ARM_BL_RAM_SIZE (PLAT_ARM_TRUSTED_SRAM_SIZE - \
+ ARM_SHARED_RAM_SIZE)
-#define BL2_SIGNATURE_SIZE (SZ_4K) /* 4 KB */
+#define BL2_SIGNATURE_SIZE (SZ_4K) /* 4 KB */
-#define BL2_SIGNATURE_BASE (BL2_LIMIT - \
- PLAT_ARM_MAX_BL2_SIZE)
-#define BL2_BASE (BL2_LIMIT - \
- PLAT_ARM_MAX_BL2_SIZE + \
- BL2_SIGNATURE_SIZE)
-#define BL2_LIMIT (ARM_BL_RAM_BASE + \
- ARM_BL_RAM_SIZE)
+#define BL2_SIGNATURE_BASE (BL2_LIMIT - PLAT_ARM_MAX_BL2_SIZE)
+#define BL2_BASE (BL2_LIMIT - \
+ PLAT_ARM_MAX_BL2_SIZE + \
+ BL2_SIGNATURE_SIZE)
+#define BL2_LIMIT (ARM_BL_RAM_BASE + ARM_BL_RAM_SIZE)
-#define BL31_BASE (BL2_SIGNATURE_BASE - \
- PLAT_ARM_MAX_BL31_SIZE)
-#define BL31_LIMIT BL2_SIGNATURE_BASE
+#define BL31_BASE (BL2_SIGNATURE_BASE - PLAT_ARM_MAX_BL31_SIZE)
+#define BL31_LIMIT BL2_SIGNATURE_BASE
-#define CORSTONE1000_TOS_FW_CONFIG_BASE (BL31_BASE - \
- CORSTONE1000_TOS_FW_CONFIG_SIZE)
-#define CORSTONE1000_TOS_FW_CONFIG_SIZE (SZ_8K) /* 8 KB */
-#define CORSTONE1000_TOS_FW_CONFIG_LIMIT BL31_BASE
+#define CORSTONE1000_TOS_FW_CONFIG_BASE (BL31_BASE - \
+ CORSTONE1000_TOS_FW_CONFIG_SIZE)
+#define CORSTONE1000_TOS_FW_CONFIG_SIZE (SZ_8K) /* 8 KB */
+#define CORSTONE1000_TOS_FW_CONFIG_LIMIT BL31_BASE
-#define BL32_BASE ARM_BL_RAM_BASE
-#define PLAT_ARM_MAX_BL32_SIZE (CORSTONE1000_TOS_FW_CONFIG_BASE - \
- BL32_BASE)
+#define BL32_BASE ARM_BL_RAM_BASE
+#define PLAT_ARM_MAX_BL32_SIZE (CORSTONE1000_TOS_FW_CONFIG_BASE - BL32_BASE)
-#define BL32_LIMIT (BL32_BASE + \
- PLAT_ARM_MAX_BL32_SIZE)
+#define BL32_LIMIT (BL32_BASE + PLAT_ARM_MAX_BL32_SIZE)
/* SPD_spmd settings */
-#define PLAT_ARM_SPMC_BASE BL32_BASE
-#define PLAT_ARM_SPMC_SIZE PLAT_ARM_MAX_BL32_SIZE
+#define PLAT_ARM_SPMC_BASE BL32_BASE
+#define PLAT_ARM_SPMC_SIZE PLAT_ARM_MAX_BL32_SIZE
/* NS memory */
/* The last 512KB of the SRAM is allocated as shared memory */
-#define ARM_NS_SHARED_RAM_BASE (ARM_TRUSTED_SRAM_BASE + TOTAL_SRAM_SIZE - \
- (PLAT_ARM_MAX_BL31_SIZE + \
- PLAT_ARM_MAX_BL32_SIZE))
+#define ARM_NS_SHARED_RAM_BASE (ARM_TRUSTED_SRAM_BASE + TOTAL_SRAM_SIZE - \
+ (PLAT_ARM_MAX_BL31_SIZE + \
+ PLAT_ARM_MAX_BL32_SIZE))
-#define BL33_BASE ARM_DRAM1_BASE
-#define PLAT_ARM_MAX_BL33_SIZE (12 * SZ_1M) /* 12 MB*/
-#define BL33_LIMIT (ARM_DRAM1_BASE + PLAT_ARM_MAX_BL33_SIZE)
+#define BL33_BASE ARM_DRAM1_BASE
+#define PLAT_ARM_MAX_BL33_SIZE (12 * SZ_1M) /* 12 MB*/
+#define BL33_LIMIT (ARM_DRAM1_BASE + PLAT_ARM_MAX_BL33_SIZE)
/* end of the definition of SRAM memory layout */
/* NOR Flash */
-#define PLAT_ARM_BOOT_BANK_FLAG UL(0x08002000)
-#define PLAT_ARM_FIP_BASE_BANK0 UL(0x081EF000)
-#define PLAT_ARM_FIP_BASE_BANK1 UL(0x0916F000)
-#define PLAT_ARM_FIP_MAX_SIZE UL(0x1ff000) /* 1.996 MB */
+#define PLAT_ARM_BOOT_BANK_FLAG UL(0x08002000)
+#define PLAT_ARM_FIP_BASE_BANK0 UL(0x081EF000)
+#define PLAT_ARM_FIP_BASE_BANK1 UL(0x0916F000)
+#define PLAT_ARM_FIP_MAX_SIZE UL(0x1ff000) /* 1.996 MB */
-#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
-#define PLAT_ARM_NVM_SIZE (SZ_32M) /* 32 MB */
+#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
+#define PLAT_ARM_NVM_SIZE (SZ_32M) /* 32 MB */
-#define PLAT_ARM_FLASH_IMAGE_BASE PLAT_ARM_FIP_BASE_BANK0
-#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE PLAT_ARM_FIP_MAX_SIZE
+#define PLAT_ARM_FLASH_IMAGE_BASE PLAT_ARM_FIP_BASE_BANK0
+#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE PLAT_ARM_FIP_MAX_SIZE
/*
* Some data must be aligned on the biggest cache line size in the platform.
* This is known only to the platform as it might have a combination of
* integrated and external caches.
*/
-#define CACHE_WRITEBACK_GRANULE (U(1) << ARM_CACHE_WRITEBACK_SHIFT)
-#define ARM_CACHE_WRITEBACK_SHIFT 6
+#define CACHE_WRITEBACK_GRANULE (U(1) << ARM_CACHE_WRITEBACK_SHIFT)
+#define ARM_CACHE_WRITEBACK_SHIFT 6
/*
* Define FW_CONFIG area base and limit. Leave enough space for BL2 meminfo.
* FW_CONFIG is intended to host the device tree. Currently, This area is not
* used because corstone1000 platform doesn't use a device tree at TF-A level.
*/
-#define ARM_FW_CONFIG_BASE (ARM_SHARED_RAM_BASE \
- + sizeof(meminfo_t))
-#define ARM_FW_CONFIG_LIMIT (ARM_SHARED_RAM_BASE \
- + (ARM_SHARED_RAM_SIZE >> 1))
+#define ARM_FW_CONFIG_BASE (ARM_SHARED_RAM_BASE + sizeof(meminfo_t))
+#define ARM_FW_CONFIG_LIMIT (ARM_SHARED_RAM_BASE + \
+ (ARM_SHARED_RAM_SIZE >> 1))
/*
* Boot parameters passed from BL2 to BL31/BL32 are stored here
*/
-#define ARM_BL2_MEM_DESC_BASE ARM_FW_CONFIG_LIMIT
-#define ARM_BL2_MEM_DESC_LIMIT ARM_BL_RAM_BASE
+#define ARM_BL2_MEM_DESC_BASE ARM_FW_CONFIG_LIMIT
+#define ARM_BL2_MEM_DESC_LIMIT ARM_BL_RAM_BASE
/*
* The max number of regions like RO(code), coherent and data required by
* different BL stages which need to be mapped in the MMU.
*/
-#define ARM_BL_REGIONS 3
-#define PLAT_ARM_MMAP_ENTRIES 8
-#define MAX_XLAT_TABLES 5
-#define MAX_MMAP_REGIONS (PLAT_ARM_MMAP_ENTRIES + \
- ARM_BL_REGIONS)
-#define MAX_IO_DEVICES 2
-#define MAX_IO_HANDLES 3
-#define MAX_IO_BLOCK_DEVICES 1
+#define ARM_BL_REGIONS 3
+#define PLAT_ARM_MMAP_ENTRIES 8
+#define MAX_XLAT_TABLES 5
+#define MAX_MMAP_REGIONS (PLAT_ARM_MMAP_ENTRIES + ARM_BL_REGIONS)
+#define MAX_IO_DEVICES 2
+#define MAX_IO_HANDLES 3
+#define MAX_IO_BLOCK_DEVICES 1
/* GIC related constants */
-#define PLAT_ARM_GICD_BASE 0x1C010000
-#define PLAT_ARM_GICC_BASE 0x1C02F000
+#define PLAT_ARM_GICD_BASE 0x1C010000
+#define PLAT_ARM_GICC_BASE 0x1C02F000
/* MHUv2 Secure Channel receiver and sender */
-#define PLAT_SDK700_MHU0_SEND 0x1B800000
-#define PLAT_SDK700_MHU0_RECV 0x1B810000
+#define PLAT_SDK700_MHU0_SEND 0x1B800000
+#define PLAT_SDK700_MHU0_RECV 0x1B810000
/* Timer/watchdog related constants */
-#define ARM_SYS_CNTCTL_BASE UL(0x1a200000)
-#define ARM_SYS_CNTREAD_BASE UL(0x1a210000)
-#define ARM_SYS_TIMCTL_BASE UL(0x1a220000)
+#define ARM_SYS_CNTCTL_BASE UL(0x1a200000)
+#define ARM_SYS_CNTREAD_BASE UL(0x1a210000)
+#define ARM_SYS_TIMCTL_BASE UL(0x1a220000)
-#define SECURE_WATCHDOG_ADDR_CTRL_REG 0x1A320000
-#define SECURE_WATCHDOG_ADDR_VAL_REG 0x1A320008
-#define SECURE_WATCHDOG_MASK_ENABLE 0x01
-#define SECURE_WATCHDOG_COUNTDOWN_VAL 0x1000
+#define SECURE_WATCHDOG_ADDR_CTRL_REG 0x1A320000
+#define SECURE_WATCHDOG_ADDR_VAL_REG 0x1A320008
+#define SECURE_WATCHDOG_MASK_ENABLE 0x01
+#define SECURE_WATCHDOG_COUNTDOWN_VAL 0x1000
-#define SYS_COUNTER_FREQ_IN_TICKS UL(50000000) /* 50MHz */
+#define SYS_COUNTER_FREQ_IN_TICKS UL(50000000) /* 50MHz */
-#define CORSTONE1000_IRQ_TZ_WDOG 32
-#define CORSTONE1000_IRQ_SEC_SYS_TIMER 34
+#define CORSTONE1000_IRQ_TZ_WDOG 32
+#define CORSTONE1000_IRQ_SEC_SYS_TIMER 34
-#define PLAT_MAX_PWR_LVL 2
+#define PLAT_MAX_PWR_LVL 2
/*
* Macros mapping the MPIDR Affinity levels to ARM Platform Power levels. The
* power levels have a 1:1 mapping with the MPIDR affinity levels.
*/
-#define ARM_PWR_LVL0 MPIDR_AFFLVL0
-#define ARM_PWR_LVL1 MPIDR_AFFLVL1
-#define ARM_PWR_LVL2 MPIDR_AFFLVL2
+#define ARM_PWR_LVL0 MPIDR_AFFLVL0
+#define ARM_PWR_LVL1 MPIDR_AFFLVL1
+#define ARM_PWR_LVL2 MPIDR_AFFLVL2
/*
* Macros for local power states in ARM platforms encoded by State-ID field
* within the power-state parameter.
*/
/* Local power state for power domains in Run state. */
-#define ARM_LOCAL_STATE_RUN U(0)
+#define ARM_LOCAL_STATE_RUN U(0)
/* Local power state for retention. Valid only for CPU power domains */
-#define ARM_LOCAL_STATE_RET U(1)
+#define ARM_LOCAL_STATE_RET U(1)
/* Local power state for OFF/power-down. Valid for CPU and cluster
* power domains
*/
-#define ARM_LOCAL_STATE_OFF U(2)
+#define ARM_LOCAL_STATE_OFF U(2)
-#define PLAT_ARM_TRUSTED_MAILBOX_BASE ARM_TRUSTED_SRAM_BASE
-#define PLAT_ARM_NSTIMER_FRAME_ID U(1)
+#define PLAT_ARM_TRUSTED_MAILBOX_BASE ARM_TRUSTED_SRAM_BASE
+#define PLAT_ARM_NSTIMER_FRAME_ID U(1)
-#define PLAT_ARM_NS_IMAGE_BASE (ARM_NS_SHARED_RAM_BASE)
+#define PLAT_ARM_NS_IMAGE_BASE (ARM_NS_SHARED_RAM_BASE)
-#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
-#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
+#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
+#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
/*
* This macro defines the deepest retention state possible. A higher state
* ID will represent an invalid or a power down state.
*/
-#define PLAT_MAX_RET_STATE 1
+#define PLAT_MAX_RET_STATE 1
/*
* This macro defines the deepest power down states possible. Any state ID
* higher than this is invalid.
*/
-#define PLAT_MAX_OFF_STATE 2
+#define PLAT_MAX_OFF_STATE 2
-#define PLATFORM_STACK_SIZE UL(0x440)
+#define PLATFORM_STACK_SIZE UL(0x440)
-#define CORSTONE1000_EXTERNAL_FLASH MAP_REGION_FLAT( \
- PLAT_ARM_NVM_BASE, \
- PLAT_ARM_NVM_SIZE, \
- MT_DEVICE | MT_RO | MT_SECURE)
+#define CORSTONE1000_EXTERNAL_FLASH MAP_REGION_FLAT( \
+ PLAT_ARM_NVM_BASE, \
+ PLAT_ARM_NVM_SIZE, \
+ MT_DEVICE | MT_RO | MT_SECURE)
-#define ARM_MAP_SHARED_RAM MAP_REGION_FLAT( \
- ARM_SHARED_RAM_BASE, \
- ARM_SHARED_RAM_SIZE, \
- MT_MEMORY | MT_RW | MT_SECURE)
+#define ARM_MAP_SHARED_RAM MAP_REGION_FLAT( \
+ ARM_SHARED_RAM_BASE, \
+ ARM_SHARED_RAM_SIZE, \
+ MT_MEMORY | MT_RW | MT_SECURE)
-#define ARM_MAP_NS_SHARED_RAM MAP_REGION_FLAT( \
- ARM_NS_SHARED_RAM_BASE, \
- ARM_NS_SHARED_RAM_SIZE, \
- MT_MEMORY | MT_RW | MT_NS)
+#define ARM_MAP_NS_SHARED_RAM MAP_REGION_FLAT( \
+ ARM_NS_SHARED_RAM_BASE, \
+ ARM_NS_SHARED_RAM_SIZE, \
+ MT_MEMORY | MT_RW | MT_NS)
-#define ARM_MAP_NS_DRAM1 MAP_REGION_FLAT( \
- ARM_NS_DRAM1_BASE, \
- ARM_NS_DRAM1_SIZE, \
- MT_MEMORY | MT_RW | MT_NS)
+#define ARM_MAP_NS_DRAM1 MAP_REGION_FLAT( \
+ ARM_NS_DRAM1_BASE, \
+ ARM_NS_DRAM1_SIZE, \
+ MT_MEMORY | MT_RW | MT_NS)
-#define ARM_MAP_BL_RO MAP_REGION_FLAT( \
- BL_CODE_BASE, \
- BL_CODE_END \
- - BL_CODE_BASE, \
- MT_CODE | MT_SECURE), \
- MAP_REGION_FLAT( \
- BL_RO_DATA_BASE, \
- BL_RO_DATA_END \
- - BL_RO_DATA_BASE, \
- MT_RO_DATA | MT_SECURE)
+#define ARM_MAP_BL_RO MAP_REGION_FLAT( \
+ BL_CODE_BASE, \
+ (BL_CODE_END - BL_CODE_BASE), \
+ MT_CODE | MT_SECURE), \
+ MAP_REGION_FLAT( \
+ BL_RO_DATA_BASE, \
+ (BL_RO_DATA_END - BL_RO_DATA_BASE), \
+ MT_RO_DATA | MT_SECURE)
#if USE_COHERENT_MEM
-#define ARM_MAP_BL_COHERENT_RAM MAP_REGION_FLAT( \
- BL_COHERENT_RAM_BASE, \
- BL_COHERENT_RAM_END \
- - BL_COHERENT_RAM_BASE, \
- MT_DEVICE | MT_RW | MT_SECURE)
+#define ARM_MAP_BL_COHERENT_RAM MAP_REGION_FLAT( \
+ BL_COHERENT_RAM_BASE, \
+ (BL_COHERENT_RAM_END \
+ - BL_COHERENT_RAM_BASE), \
+ MT_DEVICE | MT_RW | MT_SECURE)
#endif
/*
* Map the region for the optional device tree configuration with read and
* write permissions
*/
-#define ARM_MAP_BL_CONFIG_REGION MAP_REGION_FLAT( \
- ARM_FW_CONFIG_BASE, \
- (ARM_FW_CONFIG_LIMIT- \
- ARM_FW_CONFIG_BASE), \
- MT_MEMORY | MT_RW | MT_SECURE)
+#define ARM_MAP_BL_CONFIG_REGION MAP_REGION_FLAT( \
+ ARM_FW_CONFIG_BASE, \
+ (ARM_FW_CONFIG_LIMIT \
+ - ARM_FW_CONFIG_BASE), \
+ MT_MEMORY | MT_RW | MT_SECURE)
-#define CORSTONE1000_DEVICE_BASE (0x1A000000)
-#define CORSTONE1000_DEVICE_SIZE (0x26000000)
-#define CORSTONE1000_MAP_DEVICE MAP_REGION_FLAT( \
- CORSTONE1000_DEVICE_BASE, \
- CORSTONE1000_DEVICE_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
+#define CORSTONE1000_DEVICE_BASE (0x1A000000)
+#define CORSTONE1000_DEVICE_SIZE (0x26000000)
+#define CORSTONE1000_MAP_DEVICE MAP_REGION_FLAT( \
+ CORSTONE1000_DEVICE_BASE, \
+ CORSTONE1000_DEVICE_SIZE, \
+ MT_DEVICE | MT_RW | MT_SECURE)
-#define ARM_IRQ_SEC_PHY_TIMER 29
+#define ARM_IRQ_SEC_PHY_TIMER 29
-#define ARM_IRQ_SEC_SGI_0 8
-#define ARM_IRQ_SEC_SGI_1 9
-#define ARM_IRQ_SEC_SGI_2 10
-#define ARM_IRQ_SEC_SGI_3 11
-#define ARM_IRQ_SEC_SGI_4 12
-#define ARM_IRQ_SEC_SGI_5 13
-#define ARM_IRQ_SEC_SGI_6 14
-#define ARM_IRQ_SEC_SGI_7 15
+#define ARM_IRQ_SEC_SGI_0 8
+#define ARM_IRQ_SEC_SGI_1 9
+#define ARM_IRQ_SEC_SGI_2 10
+#define ARM_IRQ_SEC_SGI_3 11
+#define ARM_IRQ_SEC_SGI_4 12
+#define ARM_IRQ_SEC_SGI_5 13
+#define ARM_IRQ_SEC_SGI_6 14
+#define ARM_IRQ_SEC_SGI_7 15
/*
* Define a list of Group 1 Secure and Group 0 interrupt properties as per GICv3
@@ -424,12 +380,14 @@
* terminology. On a GICv2 system or mode, the lists will be merged and treated
* as Group 0 interrupts.
*/
-#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
- ARM_G1S_IRQ_PROPS(grp), \
- INTR_PROP_DESC(CORSTONE1000_IRQ_TZ_WDOG, GIC_HIGHEST_SEC_PRIORITY, \
- (grp), GIC_INTR_CFG_LEVEL), \
- INTR_PROP_DESC(CORSTONE1000_IRQ_SEC_SYS_TIMER, \
- GIC_HIGHEST_SEC_PRIORITY, (grp), GIC_INTR_CFG_LEVEL)
+#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
+ ARM_G1S_IRQ_PROPS(grp), \
+ INTR_PROP_DESC(CORSTONE1000_IRQ_TZ_WDOG, \
+ GIC_HIGHEST_SEC_PRIORITY, \
+ (grp), GIC_INTR_CFG_LEVEL), \
+ INTR_PROP_DESC(CORSTONE1000_IRQ_SEC_SYS_TIMER, \
+ GIC_HIGHEST_SEC_PRIORITY, \
+ (grp), GIC_INTR_CFG_LEVEL)
#define PLAT_ARM_G0_IRQ_PROPS(grp) ARM_G0_IRQ_PROPS(grp)
diff --git a/plat/arm/board/corstone700/common/corstone700_plat.c b/plat/arm/board/corstone700/common/corstone700_plat.c
index 629f076..dd7531d 100644
--- a/plat/arm/board/corstone700/common/corstone700_plat.c
+++ b/plat/arm/board/corstone700/common/corstone700_plat.c
@@ -1,12 +1,12 @@
/*
- * Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <common/bl_common.h>
-#include <mhu.h>
+#include <corstone700_mhu.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
#include <platform_def.h>
diff --git a/plat/arm/board/corstone700/common/drivers/mhu/mhu.c b/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.c
similarity index 96%
rename from plat/arm/board/corstone700/common/drivers/mhu/mhu.c
rename to plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.c
index 2231d11..832cfb7 100644
--- a/plat/arm/board/corstone700/common/drivers/mhu/mhu.c
+++ b/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,7 +12,7 @@
#include <lib/bakery_lock.h>
#include <lib/mmio.h>
-#include "mhu.h"
+#include "corstone700_mhu.h"
#include <plat_arm.h>
#include <platform_def.h>
diff --git a/plat/arm/board/corstone700/common/drivers/mhu/mhu.h b/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.h
similarity index 86%
rename from plat/arm/board/corstone700/common/drivers/mhu/mhu.h
rename to plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.h
index 3808746..7f14ca5 100644
--- a/plat/arm/board/corstone700/common/drivers/mhu/mhu.h
+++ b/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.h
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2019-2020, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#ifndef MHU_H
-#define MHU_H
+#ifndef CORSTONE700_MHU_H
+#define CORSTONE700_MHU_H
#define MHU_POLL_INTR_STAT_TIMEOUT 50000 /*timeout value in us*/
@@ -34,4 +34,4 @@
void mhu_secure_message_end(uintptr_t address, unsigned int slot_id);
void mhu_secure_init(void);
-#endif /* MHU_H */
+#endif /* CORSTONE700_MHU_H */
diff --git a/plat/arm/board/corstone700/platform.mk b/plat/arm/board/corstone700/platform.mk
index 9a8d38c..75833f6 100644
--- a/plat/arm/board/corstone700/platform.mk
+++ b/plat/arm/board/corstone700/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2022, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -17,7 +17,7 @@
lib/xlat_tables/aarch32/xlat_tables.c \
lib/xlat_tables/xlat_tables_common.c \
${CORSTONE700_CPU_LIBS} \
- plat/arm/board/corstone700/common/drivers/mhu/mhu.c
+ plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.c
PLAT_INCLUDES := -Iplat/arm/board/corstone700/common/include \
-Iinclude/plat/arm/common \
diff --git a/plat/arm/board/fvp/fvp_plat_attest_token.c b/plat/arm/board/fvp/fvp_plat_attest_token.c
new file mode 100644
index 0000000..5463f33
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_plat_attest_token.c
@@ -0,0 +1,317 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <errno.h>
+#include <stdint.h>
+#include <string.h>
+
+/* Using hardcoded token values for AEM FVP */
+static uint8_t platform_token[] = {
+ 0xD2, 0x84, 0x40, 0xA0, 0x59, 0x08, 0xB1, 0xD9,
+ 0x61, 0xA8, 0xA9, 0x0A, 0x58, 0x40, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0x3A, 0x00,
+ 0x01, 0x24, 0xFA, 0x58, 0x40, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0x3A, 0x00, 0x01,
+ 0x25, 0x00, 0x58, 0x41, 0x01, 0x0B, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0x12, 0x78, 0x1C,
+ 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x61,
+ 0x72, 0x6D, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43,
+ 0x43, 0x41, 0x2D, 0x53, 0x53, 0x44, 0x2F, 0x31,
+ 0x2E, 0x30, 0x2E, 0x30, 0x0B, 0x58, 0x19, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0x3A, 0x00, 0x01, 0x24, 0xF7, 0x78, 0x1C, 0x68,
+ 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x61, 0x72,
+ 0x6D, 0x2E, 0x63, 0x6F, 0x6D, 0x2F, 0x43, 0x43,
+ 0x41, 0x2D, 0x53, 0x53, 0x44, 0x2F, 0x31, 0x2E,
+ 0x30, 0x2E, 0x30, 0x3A, 0x00, 0x01, 0x25, 0x01,
+ 0x78, 0x18, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3A,
+ 0x2F, 0x2F, 0x63, 0x63, 0x61, 0x5F, 0x76, 0x65,
+ 0x72, 0x69, 0x66, 0x69, 0x65, 0x72, 0x2E, 0x6F,
+ 0x72, 0x67, 0x3A, 0x00, 0x01, 0x24, 0xF9, 0x19,
+ 0x30, 0x00, 0x3A, 0x00, 0x01, 0x24, 0xFD, 0x8D,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0xA4, 0x02, 0x58, 0x40, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0x05, 0x58, 0x40, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0x04,
+ 0x65, 0x31, 0x2E, 0x30, 0x2E, 0x30, 0x06, 0x08,
+ 0x58, 0x40, 0xD3, 0x8A, 0x41, 0xA6, 0xC1, 0x29,
+ 0x98, 0x18, 0xB5, 0x16, 0x9C, 0x21, 0x78, 0xB7,
+ 0x92, 0xF8, 0x26, 0x82, 0x76, 0x2F, 0x26, 0x45,
+ 0x21, 0x6D, 0x0C, 0x21, 0x06, 0xF4, 0xB5, 0xE3,
+ 0xA8, 0x07, 0xD1, 0xD6, 0x8C, 0x73, 0xA5, 0xC8,
+ 0x16, 0xD8, 0x30, 0x68, 0xC0, 0xA4, 0x77, 0xE2,
+ 0x1E, 0xD2, 0x17, 0x86, 0xC3, 0x68, 0x82, 0xDD,
+ 0x21, 0x1B, 0xA3, 0xE2, 0xC7, 0xF7, 0x06, 0x33,
+ 0xB0, 0x3A
+};
+
+int plat_get_cca_attest_token(uintptr_t buf, size_t *len,
+ uintptr_t hash, size_t hash_size)
+{
+ (void)hash;
+ (void)hash_size;
+
+ if (*len < sizeof(platform_token)) {
+ return -EINVAL;
+ }
+
+ (void)memcpy((void *)buf, platform_token, sizeof(platform_token));
+ *len = sizeof(platform_token);
+
+ return 0;
+}
diff --git a/plat/arm/board/fvp/fvp_realm_attest_key.c b/plat/arm/board/fvp/fvp_realm_attest_key.c
new file mode 100644
index 0000000..b32f557
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_realm_attest_key.c
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <string.h>
+#include <services/rmmd_svc.h>
+
+static uint8_t sample_attest_priv_key[] = {
+ 0x20, 0x11, 0xC7, 0xF0, 0x3C, 0xEE, 0x43, 0x25, 0x17, 0x6E,
+ 0x52, 0x4F, 0x03, 0x3C, 0x0C, 0xE1, 0xE2, 0x1A, 0x76, 0xE6,
+ 0xC1, 0xA4, 0xF0, 0xB8, 0x39, 0xAA, 0x1D, 0xF6, 0x1E, 0x0E,
+ 0x8A, 0x5C, 0x8A, 0x05, 0x74, 0x0F, 0x9B, 0x69, 0xEF, 0xA7,
+ 0xEB, 0x1A, 0x41, 0x85, 0xBD, 0x11, 0x7F, 0x68
+};
+
+int plat_get_cca_realm_attest_key(uintptr_t buf, size_t *len, unsigned int type)
+{
+ assert(type == ATTEST_KEY_CURVE_ECC_SECP384R1);
+
+ if (*len < sizeof(sample_attest_priv_key)) {
+ return -EINVAL;
+ }
+
+ (void)memcpy((void *)buf, sample_attest_priv_key,
+ sizeof(sample_attest_priv_key));
+ *len = sizeof(sample_attest_priv_key);
+
+ return 0;
+}
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 77df610..5e5ddce 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -103,7 +103,7 @@
# if SPM_MM
# define PLAT_ARM_MMAP_ENTRIES 10
# if ENABLE_RME
-# define MAX_XLAT_TABLES 10
+# define MAX_XLAT_TABLES 11
# else
# define MAX_XLAT_TABLES 9
# endif
@@ -113,13 +113,13 @@
# define PLAT_ARM_MMAP_ENTRIES 9
# if USE_DEBUGFS
# if ENABLE_RME
-# define MAX_XLAT_TABLES 9
+# define MAX_XLAT_TABLES 10
# else
# define MAX_XLAT_TABLES 8
# endif
# else
# if ENABLE_RME
-# define MAX_XLAT_TABLES 8
+# define MAX_XLAT_TABLES 9
# else
# define MAX_XLAT_TABLES 7
# endif
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index acac886..c9f5551 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -193,6 +193,8 @@
ifeq (${ENABLE_RME},1)
BL2_SOURCES += plat/arm/board/fvp/aarch64/fvp_helpers.S
+BL31_SOURCES += plat/arm/board/fvp/fvp_plat_attest_token.c \
+ plat/arm/board/fvp/fvp_realm_attest_key.c
endif
ifeq (${BL2_AT_EL3},1)
@@ -344,6 +346,10 @@
endif
endif
+ifeq (${ENABLE_RME},1)
+ BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
+endif
+
ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
ifeq (${ARCH},aarch32)
BL32_CPPFLAGS += -DPLAT_RO_XLAT_TABLES
diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index d61ba5d..3265b0b 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@@ -9,7 +9,7 @@
#include <drivers/arm/tzc400.h>
#if TRUSTED_BOARD_BOOT
-#include <drivers/auth/mbedtls/mbedtls_config.h>
+#include MBEDTLS_CONFIG_FILE
#endif
#include <plat/arm/board/common/board_css_def.h>
#include <plat/arm/board/common/v2m_def.h>
diff --git a/plat/arm/common/aarch64/execution_state_switch.c b/plat/arm/common/aarch64/execution_state_switch.c
index bed929a..2353e6a 100644
--- a/plat/arm/common/aarch64/execution_state_switch.c
+++ b/plat/arm/common/aarch64/execution_state_switch.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -162,7 +162,7 @@
* calling EL.
*/
cm_init_my_context(&ep);
- cm_prepare_el3_exit(NON_SECURE);
+ cm_prepare_el3_exit_ns();
/*
* State switch success. The caller of SMC wouldn't see the SMC
diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c
index 7abd1cd..83e3f9a 100644
--- a/plat/arm/common/arm_dyn_cfg.c
+++ b/plat/arm/common/arm_dyn_cfg.c
@@ -14,7 +14,7 @@
#include <common/desc_image_load.h>
#include <common/tbbr/tbbr_img_def.h>
#if CRYPTO_SUPPORT
-#include <drivers/auth/mbedtls/mbedtls_config.h>
+#include MBEDTLS_CONFIG_FILE
#endif /* CRYPTO_SUPPORT */
#include <lib/fconf/fconf.h>
#include <lib/fconf/fconf_dyn_cfg_getter.h>
diff --git a/plat/nxp/common/img_loadr/load_img.c b/plat/nxp/common/img_loadr/load_img.c
index c185c36..51011e4 100644
--- a/plat/nxp/common/img_loadr/load_img.c
+++ b/plat/nxp/common/img_loadr/load_img.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2020 NXP
+ * Copyright 2018-2022 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -49,10 +49,14 @@
/* Create MMU entry for the CSF header */
#if PLAT_XLAT_TABLES_DYNAMIC
#ifdef CSF_HEADER_PREPENDED
- mmap_add_dynamic_region(img_info.image_info.image_base,
+ err = mmap_add_dynamic_region(img_info.image_info.image_base,
img_info.image_info.image_base,
CSF_HDR_SZ,
MT_MEMORY | MT_RW | MT_SECURE);
+ if (err != 0) {
+ ERROR("Failed to add dynamic memory region.\n");
+ return err;
+ }
#endif
#endif
diff --git a/plat/nxp/common/setup/ls_common.c b/plat/nxp/common/setup/ls_common.c
index e7ae060..28d6b72 100644
--- a/plat/nxp/common/setup/ls_common.c
+++ b/plat/nxp/common/setup/ls_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2021 NXP
+ * Copyright 2018-2022 NXP
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -113,7 +113,8 @@
#if defined(PLAT_XLAT_TABLES_DYNAMIC)
void mmap_add_ddr_region_dynamically(void)
{
- int i = 0;
+ int ret, i = 0;
+
dram_regions_info_t *info_dram_regions = get_dram_regions_info();
/* MMU map for Non-Secure DRAM Regions */
VERBOSE("DRAM Region %d: %p - %p\n", i,
@@ -121,10 +122,14 @@
(void *) (info_dram_regions->region[i].addr
+ info_dram_regions->region[i].size
- 1));
- mmap_add_dynamic_region(info_dram_regions->region[i].addr,
+ ret = mmap_add_dynamic_region(info_dram_regions->region[i].addr,
info_dram_regions->region[i].addr,
info_dram_regions->region[i].size,
MT_MEMORY | MT_RW | MT_NS);
+ if (ret != 0) {
+ ERROR("Failed to add dynamic memory region\n");
+ panic();
+ }
/* MMU map for Secure DDR Region on DRAM-0 */
if (info_dram_regions->region[i].size >
@@ -137,12 +142,16 @@
+ NXP_SECURE_DRAM_SIZE
+ NXP_SP_SHRD_DRAM_SIZE
- 1));
- mmap_add_dynamic_region((info_dram_regions->region[i].addr
+ ret = mmap_add_dynamic_region((info_dram_regions->region[i].addr
+ info_dram_regions->region[i].size),
(info_dram_regions->region[i].addr
+ info_dram_regions->region[i].size),
(NXP_SECURE_DRAM_SIZE + NXP_SP_SHRD_DRAM_SIZE),
MT_MEMORY | MT_RW | MT_SECURE);
+ if (ret != 0) {
+ ERROR("Failed to add dynamic memory region\n");
+ panic();
+ }
}
#ifdef IMAGE_BL31
@@ -155,10 +164,14 @@
(void *) (info_dram_regions->region[i].addr
+ info_dram_regions->region[i].size
- 1));
- mmap_add_dynamic_region(info_dram_regions->region[i].addr,
+ ret = mmap_add_dynamic_region(info_dram_regions->region[i].addr,
info_dram_regions->region[i].addr,
info_dram_regions->region[i].size,
MT_MEMORY | MT_RW | MT_NS);
+ if (ret != 0) {
+ ERROR("Failed to add dynamic memory region\n");
+ panic();
+ }
}
#endif
}
diff --git a/plat/st/stm32mp1/platform.mk b/plat/st/stm32mp1/platform.mk
index 9e732d6..a890534 100644
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@@ -146,7 +146,7 @@
endif
$(eval DTC_V = $(shell $(DTC) -v | awk '{print $$NF}'))
-$(eval DTC_VERSION = $(shell printf "%d" $(shell echo ${DTC_V} | cut -d- -f1 | sed "s/\./0/g")))
+$(eval DTC_VERSION = $(shell printf "%d" $(shell echo ${DTC_V} | cut -d- -f1 | sed "s/\./0/g" | grep -o [0-9]*)))
DTC_CPPFLAGS += ${INCLUDES}
DTC_FLAGS += -Wno-unit_address_vs_reg
ifeq ($(shell test $(DTC_VERSION) -ge 10601; echo $$?),0)
diff --git a/services/std_svc/rmmd/rmmd.mk b/services/std_svc/rmmd/rmmd.mk
index bac0a9f..bcf54e1 100644
--- a/services/std_svc/rmmd/rmmd.mk
+++ b/services/std_svc/rmmd/rmmd.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,7 +12,8 @@
RMMD_SOURCES += $(addprefix services/std_svc/rmmd/, \
${ARCH}/rmmd_helpers.S \
- rmmd_main.c)
+ rmmd_main.c \
+ rmmd_attest.c)
# Let the top-level Makefile know that we intend to include RMM image
NEED_RMM := yes
diff --git a/services/std_svc/rmmd/rmmd_attest.c b/services/std_svc/rmmd/rmmd_attest.c
new file mode 100644
index 0000000..0432ec3
--- /dev/null
+++ b/services/std_svc/rmmd/rmmd_attest.c
@@ -0,0 +1,166 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <stdint.h>
+#include <string.h>
+#include <common/debug.h>
+#include <lib/spinlock.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <plat/common/platform.h>
+#include "rmmd_private.h"
+#include <services/rmmd_svc.h>
+
+static spinlock_t lock;
+
+/* For printing Realm attestation token hash */
+#define DIGITS_PER_BYTE 2UL
+#define LENGTH_OF_TERMINATING_ZERO_IN_BYTES 1UL
+#define BYTES_PER_LINE_BASE 4UL
+
+static void print_challenge(uint8_t *hash, size_t hash_size)
+{
+ size_t leftover;
+ /*
+ * bytes_per_line is always a power of two, so it can be used to
+ * construct mask with it when it is necessary to count remainder.
+ *
+ */
+ const size_t bytes_per_line = 1 << BYTES_PER_LINE_BASE;
+ char hash_text[(1 << BYTES_PER_LINE_BASE) * DIGITS_PER_BYTE +
+ LENGTH_OF_TERMINATING_ZERO_IN_BYTES];
+ const char hex_chars[] = {'0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
+ unsigned int i;
+
+ for (i = 0U; i < hash_size; ++i) {
+ hash_text[(i & (bytes_per_line - 1)) * DIGITS_PER_BYTE] =
+ hex_chars[hash[i] >> 4];
+ hash_text[(i & (bytes_per_line - 1)) * DIGITS_PER_BYTE + 1] =
+ hex_chars[hash[i] & 0x0f];
+ if (((i + 1) & (bytes_per_line - 1)) == 0U) {
+ hash_text[bytes_per_line * DIGITS_PER_BYTE] = '\0';
+ VERBOSE("hash part %u = %s\n",
+ (i >> BYTES_PER_LINE_BASE) + 1, hash_text);
+ }
+ }
+
+ leftover = (size_t)i & (bytes_per_line - 1);
+
+ if (leftover != 0UL) {
+ hash_text[leftover * DIGITS_PER_BYTE] = '\0';
+ VERBOSE("hash part %u = %s\n", (i >> BYTES_PER_LINE_BASE) + 1,
+ hash_text);
+ }
+}
+
+/*
+ * TODO: Have different error codes for different errors so that the caller can
+ * differentiate various error cases.
+ */
+int rmmd_attest_get_platform_token(uint64_t buf_pa, uint64_t *buf_len, uint64_t challenge_hash_len)
+{
+ int err;
+ uintptr_t va;
+ uint8_t temp_buf[SHA512_DIGEST_SIZE];
+
+ /*
+ * TODO: Currently we don't validate incoming buf_pa. This is a
+ * prototype and we will need to allocate static buffer for EL3-RMM
+ * communication.
+ */
+
+ /* We need a page of buffer to pass data */
+ if (*buf_len != PAGE_SIZE) {
+ ERROR("Invalid buffer length\n");
+ return RMMD_ERR_INVAL;
+ }
+
+ if ((challenge_hash_len != SHA256_DIGEST_SIZE) &&
+ (challenge_hash_len != SHA384_DIGEST_SIZE) &&
+ (challenge_hash_len != SHA512_DIGEST_SIZE)) {
+ ERROR("Invalid hash size: %lu\n", challenge_hash_len);
+ return RMMD_ERR_INVAL;
+ }
+
+ spin_lock(&lock);
+
+ /* Map the buffer that was provided by the RMM. */
+ err = mmap_add_dynamic_region_alloc_va(buf_pa, &va, PAGE_SIZE,
+ MT_RW_DATA | MT_REALM);
+ if (err != 0) {
+ ERROR("mmap_add_dynamic_region_alloc_va failed: %d (%p).\n"
+ , err, (void *)buf_pa);
+ spin_unlock(&lock);
+ return RMMD_ERR_NOMEM;
+ }
+
+ (void)memcpy(temp_buf, (void *)va, challenge_hash_len);
+
+ print_challenge((uint8_t *)temp_buf, challenge_hash_len);
+
+ /* Get the platform token. */
+ err = plat_get_cca_attest_token(va,
+ buf_len, (uintptr_t)temp_buf, challenge_hash_len);
+
+ if (err != 0) {
+ ERROR("Failed to get platform token: %d.\n", err);
+ err = RMMD_ERR_UNK;
+ }
+
+ /* Unmap RMM memory. */
+ (void)mmap_remove_dynamic_region(va, PAGE_SIZE);
+ spin_unlock(&lock);
+
+ return err;
+}
+
+int rmmd_attest_get_signing_key(uint64_t buf_pa, uint64_t *buf_len,
+ uint64_t ecc_curve)
+{
+ int err;
+ uintptr_t va;
+
+ /*
+ * TODO: Currently we don't validate incoming buf_pa. This is a
+ * prototype and we will need to allocate static buffer for EL3-RMM
+ * communication.
+ */
+
+ /* We need a page of buffer to pass data */
+ if (*buf_len != PAGE_SIZE) {
+ ERROR("Invalid buffer length\n");
+ return RMMD_ERR_INVAL;
+ }
+
+ if (ecc_curve != ATTEST_KEY_CURVE_ECC_SECP384R1) {
+ ERROR("Invalid ECC curve specified\n");
+ return RMMD_ERR_INVAL;
+ }
+
+ spin_lock(&lock);
+
+ /* Map the buffer that was provided by the RMM. */
+ err = mmap_add_dynamic_region_alloc_va(buf_pa, &va, PAGE_SIZE,
+ MT_RW_DATA | MT_REALM);
+ if (err != 0) {
+ ERROR("mmap_add_dynamic_region_alloc_va failed: %d (%p).\n"
+ , err, (void *)buf_pa);
+ spin_unlock(&lock);
+ return RMMD_ERR_NOMEM;
+ }
+
+ /* Get the Realm attestation key. */
+ err = plat_get_cca_realm_attest_key(va, buf_len, (unsigned int)ecc_curve);
+ if (err != 0) {
+ ERROR("Failed to get attestation key: %d.\n", err);
+ err = RMMD_ERR_UNK;
+ }
+
+ /* Unmap RMM memory. */
+ (void)mmap_remove_dynamic_region(va, PAGE_SIZE);
+ spin_unlock(&lock);
+
+ return err;
+}
diff --git a/services/std_svc/rmmd/rmmd_main.c b/services/std_svc/rmmd/rmmd_main.c
index 7f4a010..746419e 100644
--- a/services/std_svc/rmmd/rmmd_main.c
+++ b/services/std_svc/rmmd/rmmd_main.c
@@ -60,10 +60,6 @@
cm_set_context(&(rmm_ctx->cpu_ctx), REALM);
- /* Save the current el1/el2 context before loading realm context. */
- cm_el1_sysregs_context_save(NON_SECURE);
- cm_el2_sysregs_context_save(NON_SECURE);
-
/* Restore the realm context assigned above */
cm_el1_sysregs_context_restore(REALM);
cm_el2_sysregs_context_restore(REALM);
@@ -72,14 +68,15 @@
/* Enter RMM */
rc = rmmd_rmm_enter(&rmm_ctx->c_rt_ctx);
- /* Save realm context */
+ /*
+ * Save realm context. EL1 and EL2 Non-secure
+ * contexts will be restored before exiting to
+ * Non-secure world, therefore there is no need
+ * to clear EL1 and EL2 context registers.
+ */
cm_el1_sysregs_context_save(REALM);
cm_el2_sysregs_context_save(REALM);
- /* Restore the el1/el2 context again. */
- cm_el1_sysregs_context_restore(NON_SECURE);
- cm_el2_sysregs_context_restore(NON_SECURE);
-
return rc;
}
@@ -372,6 +369,12 @@
case RMMD_GTSI_UNDELEGATE:
ret = gpt_undelegate_pas(x1, PAGE_SIZE_4KB, SMC_FROM_REALM);
SMC_RET1(handle, gpt_to_gts_error(ret, smc_fid, x1));
+ case RMMD_ATTEST_GET_PLAT_TOKEN:
+ ret = rmmd_attest_get_platform_token(x1, &x2, x3);
+ SMC_RET2(handle, ret, x2);
+ case RMMD_ATTEST_GET_REALM_KEY:
+ ret = rmmd_attest_get_signing_key(x1, &x2, x3);
+ SMC_RET2(handle, ret, x2);
default:
WARN("RMMD: Unsupported RMM-EL3 call 0x%08x\n", smc_fid);
SMC_RET1(handle, SMC_UNK);
diff --git a/services/std_svc/rmmd/rmmd_private.h b/services/std_svc/rmmd/rmmd_private.h
index ca2c37c..73df2b8 100644
--- a/services/std_svc/rmmd/rmmd_private.h
+++ b/services/std_svc/rmmd/rmmd_private.h
@@ -51,6 +51,12 @@
uint64_t rmmd_rmm_sync_entry(rmmd_rmm_context_t *ctx);
__dead2 void rmmd_rmm_sync_exit(uint64_t rc);
+/* Functions implementing attestation utilities for RMM */
+int rmmd_attest_get_platform_token(uint64_t buf_pa, uint64_t *buf_len,
+ uint64_t challenge_hash_len);
+int rmmd_attest_get_signing_key(uint64_t buf_pa, uint64_t *buf_len,
+ uint64_t ecc_curve);
+
/* Assembly helpers */
uint64_t rmmd_rmm_enter(uint64_t *c_rt_ctx);
void __dead2 rmmd_rmm_exit(uint64_t c_rt_ctx, uint64_t ret);
diff --git a/tools/memory/print_memory_map.py b/tools/memory/print_memory_map.py
index 8a84018..ef53f7e 100755
--- a/tools/memory/print_memory_map.py
+++ b/tools/memory/print_memory_map.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (c) 2019-2020, Arm Limited. All rights reserved.
+# Copyright (c) 2019-2022, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -17,12 +17,24 @@
blx_symbols = ['__BL1_RAM_START__', '__BL1_RAM_END__',
'__BL2_END__',
'__BL31_END__',
+ '__RO_START__', '__RO_END_UNALIGNED__', '__RO_END__',
'__TEXT_START__', '__TEXT_END__',
+ '__TEXT_RESIDENT_START__', '__TEXT_RESIDENT_END__',
'__RODATA_START__', '__RODATA_END__',
'__DATA_START__', '__DATA_END__',
'__STACKS_START__', '__STACKS_END__',
- '__BSS_END',
+ '__BSS_START__', '__BSS_END__',
'__COHERENT_RAM_START__', '__COHERENT_RAM_END__',
+ '__CPU_OPS_START__', '__CPU_OPS_END__',
+ '__FCONF_POPULATOR_START__', '__FCONF_POPULATOR_END__',
+ '__GOT_START__', '__GOT_END__',
+ '__PARSER_LIB_DESCS_START__', '__PARSER_LIB_DESCS_END__',
+ '__PMF_TIMESTAMP_START__', '__PMF_TIMESTAMP_END__',
+ '__PMF_SVC_DESCS_START__', '__PMF_SVC_DESCS_END__',
+ '__RELA_START__', '__RELA_END__',
+ '__RT_SVC_DESCS_START__', '__RT_SVC_DESCS_END__',
+ '__BASE_XLAT_TABLE_START__', '__BASE_XLAT_TABLE_END__',
+ '__XLAT_TABLE_START__', '__XLAT_TABLE_END__',
]
# Regex to extract address from map file
@@ -40,6 +52,10 @@
else:
build_dir = 'build/fvp/debug'
+max_len = max(len(word) for word in blx_symbols) + 2
+if (max_len % 2) != 0:
+ max_len += 1
+
# Extract all the required symbols from the map files
for image in bl_images:
file_path = os.path.join(build_dir, image, '{}.map'.format(image))
@@ -47,6 +63,7 @@
with open (file_path, 'rt') as mapfile:
for line in mapfile:
for symbol in blx_symbols:
+ skip_symbol = 0
# Regex to find symbol definition
line_pattern = re.compile(r"\b0x\w*\s*" + symbol + "\s= .")
match = line_pattern.search(line)
@@ -54,7 +71,13 @@
# Extract address from line
match = address_pattern.search(line)
if match:
- address_list.append([match.group(0), symbol, image])
+ if '_END__' in symbol:
+ sym_start = symbol.replace('_END__', '_START__')
+ if [match.group(0), sym_start, image] in address_list:
+ address_list.remove([match.group(0), sym_start, image])
+ skip_symbol = 1
+ if skip_symbol == 0:
+ address_list.append([match.group(0), symbol, image])
# Sort by address
address_list.sort(key=operator.itemgetter(0))
@@ -64,16 +87,16 @@
address_list = reversed(address_list)
# Generate memory view
-print('{:-^93}'.format('Memory Map from: ' + build_dir))
+print(('{:-^%d}' % (max_len * 3 + 20 + 7)).format('Memory Map from: ' + build_dir))
for address in address_list:
if "bl1" in address[2]:
- print(address[0], '+{:-^22}+ |{:^22}| |{:^22}|'.format(address[1], '', ''))
+ print(address[0], ('+{:-^%d}+ |{:^%d}| |{:^%d}|' % (max_len, max_len, max_len)).format(address[1], '', ''))
elif "bl2" in address[2]:
- print(address[0], '|{:^22}| +{:-^22}+ |{:^22}|'.format('', address[1], ''))
+ print(address[0], ('|{:^%d}| +{:-^%d}+ |{:^%d}|' % (max_len, max_len, max_len)).format('', address[1], ''))
elif "bl31" in address[2]:
- print(address[0], '|{:^22}| |{:^22}| +{:-^22}+'.format('', '', address[1]))
+ print(address[0], ('|{:^%d}| |{:^%d}| +{:-^%d}+' % (max_len, max_len, max_len)).format('', '', address[1]))
else:
- print(address[0], '|{:^22}| |{:^22}| +{:-^22}+'.format('', '', address[1]))
+ print(address[0], ('|{:^%d}| |{:^%d}| +{:-^%d}+' % (max_len, max_len, max_len)).format('', '', address[1]))
-print('{:^20}{:_^22} {:_^22} {:_^22}'.format('', '', '', ''))
-print('{:^20}{:^22} {:^22} {:^22}'.format('address', 'bl1', 'bl2', 'bl31'))
+print(('{:^20}{:_^%d} {:_^%d} {:_^%d}' % (max_len, max_len, max_len)).format('', '', '', ''))
+print(('{:^20}{:^%d} {:^%d} {:^%d}' % (max_len, max_len, max_len)).format('address', 'bl1', 'bl2', 'bl31'))