Merge "feat(spmd): avoid spoofing in FF-A direct request" into integration
diff --git a/Makefile b/Makefile
index 3941f86..ee5e2e7 100644
--- a/Makefile
+++ b/Makefile
@@ -1045,8 +1045,6 @@
COT_DESC_IN_DTB \
USE_SP804_TIMER \
PSA_FWU_SUPPORT \
- ENABLE_BRBE_FOR_NS \
- ENABLE_TRBE_FOR_NS \
ENABLE_SYS_REG_TRACE_FOR_NS \
ENABLE_MPMM \
ENABLE_MPMM_FCONF \
@@ -1062,6 +1060,8 @@
CTX_INCLUDE_PAUTH_REGS \
CTX_INCLUDE_MTE_REGS \
CTX_INCLUDE_NEVE_REGS \
+ ENABLE_BRBE_FOR_NS \
+ ENABLE_TRBE_FOR_NS \
ENABLE_BTI \
ENABLE_PAUTH \
ENABLE_FEAT_AMUv1 \
diff --git a/changelog.yaml b/changelog.yaml
index 1a11c9b..37a9c6d 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -89,6 +89,9 @@
- title: Activity Monitors Extension (FEAT_AMU)
scope: amu
+ - title: Confidential Compute Architecture (CCA)
+ scope: cca
+
- title: Support for the `HCRX_EL2` register (FEAT_HCX)
scope: hcx
@@ -485,12 +488,19 @@
- plat/st
subsections:
- - title: ST32MP1
+ - title: STM32MP1
scope: stm32mp1
deprecated:
- plat/st/stm32mp1
+ subsections:
+ - title: STM32MP13
+ scope: stm32mp13
+
+ - title: STM32MP15
+ scope: stm32mp15
+
- title: Texas Instruments
scope: ti
@@ -623,6 +633,9 @@
- title: PSA
scope: psa
+ - title: Context Management
+ scope: context mgmt
+
- title: Drivers
subsections:
diff --git a/common/feat_detect.c b/common/feat_detect.c
index 8f98876..be3e20e 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -234,6 +234,26 @@
#endif
}
+/******************************************************
+ * Feature : FEAT_BRBE (Branch Record Buffer Extension)
+ *****************************************************/
+static void read_feat_brbe(void)
+{
+#if (ENABLE_BRBE_FOR_NS == FEAT_STATE_1)
+ feat_detect_panic(is_feat_brbe_present(), "BRBE");
+#endif
+}
+
+/******************************************************
+ * Feature : FEAT_TRBE (Trace Buffer Extension)
+ *****************************************************/
+static void read_feat_trbe(void)
+{
+#if (ENABLE_TRBE_FOR_NS == FEAT_STATE_1)
+ feat_detect_panic(is_feat_trbe_present(), "TRBE");
+#endif
+}
+
/***********************************************************************************
* TF-A supports many Arm architectural features starting from arch version
* (8.0 till 8.7+). These features are mostly enabled through build flags. This
@@ -294,6 +314,10 @@
/* v8.7 features */
read_feat_hcx();
+ /* v9.0 features */
+ read_feat_brbe();
+ read_feat_trbe();
+
/* v9.2 features */
read_feat_rme();
}
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index 871afe3..52cf93a 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -48,6 +48,8 @@
:|G|: `madhukar-Arm`_
:|M|: Raghu Krishnamurthy <raghu.ncstate@icloud.com>
:|G|: `raghuncstate`_
+:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
+:|G|: `ManishVB-Arm`_
.. _code owners:
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index fbd2cbc..60313d5 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -270,6 +270,9 @@
- ``ERRATA_A77_1791578``: This applies errata 1791578 workaround to Cortex-A77
CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open.
+- ``ERRATA_A77_2356587``: This applies errata 2356587 workaround to Cortex-A77
+ CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open.
+
For Cortex-A78, the following errata build flags are defined :
- ``ERRATA_A78_1688305``: This applies errata 1688305 workaround to Cortex-A78
@@ -414,6 +417,13 @@
issue is present in r0p0 as well but there is no workaround for that
revision. It is still open.
+- ``ERRATA_V1_2294912``: This applies errata 2294912 workaround to Neoverse-V1
+ CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the CPU.
+
+- ``ERRATA_V1_2372203``: This applies errata 2372203 workaround to Neoverse-V1
+ CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU.
+ It is still open.
+
For Cortex-A710, the following errata build flags are defined :
- ``ERRATA_A710_1987031``: This applies errata 1987031 workaround to
@@ -624,9 +634,17 @@
This is used to control how the LL_CACHE* PMU events count.
Default value is 0 (Disabled).
+GIC Errata Workarounds
+----------------------
+- ``GIC600_ERRATA_WA_2384374``: This flag applies part 2 of errata 2384374
+ workaround for the affected GIC600 and GIC600-AE implementations. It applies
+ to implementations of GIC600 and GIC600-AE with revisions less than or equal
+ to r1p6 and r0p2 respectively. If the platform sets GICV3_SUPPORT_GIC600,
+ then this flag is enabled; otherwise, it is 0 (Disabled).
+
--------------
-*Copyright (c) 2014-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.*
.. _CVE-2017-5715: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
.. _CVE-2018-3639: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index cfd7201..26d5458 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -982,16 +982,18 @@
functions that wait for an arbitrary time length (udelay and mdelay). The
default value is 0.
-- ``ENABLE_BRBE_FOR_NS``: This flag enables access to the branch record buffer
- registers from NS ELs when FEAT_BRBE is implemented. BRBE is an optional
- architectural feature for AArch64. The default is 0 and it is automatically
- disabled when the target architecture is AArch32.
+- ``ENABLE_BRBE_FOR_NS``: Numeric value to enable access to the branch record
+ buffer registers from NS ELs when FEAT_BRBE is implemented. BRBE is an
+ optional architectural feature for AArch64. This flag can take the values
+ 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism. The default is 0
+ and it is automatically disabled when the target architecture is AArch32.
-- ``ENABLE_TRBE_FOR_NS``: This flag is used to enable access of trace buffer
+- ``ENABLE_TRBE_FOR_NS``: Numeric value to enable access of trace buffer
control registers from NS ELs, NS-EL2 or NS-EL1(when NS-EL2 is implemented
but unused) when FEAT_TRBE is implemented. TRBE is an optional architectural
- feature for AArch64. The default is 0 and it is automatically disabled when
- the target architecture is AArch32.
+ feature for AArch64. This flag can take the values 0 to 2, to align with the
+ ``FEATURE_DETECTION`` mechanism. The default is 0 and it is automatically
+ disabled when the target architecture is AArch32.
- ``ENABLE_SYS_REG_TRACE_FOR_NS``: Boolean option to enable trace system
registers access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented
diff --git a/docs/security_advisories/security-advisory-tfv-9.rst b/docs/security_advisories/security-advisory-tfv-9.rst
index 74b85dc..a7b5984 100644
--- a/docs/security_advisories/security-advisory-tfv-9.rst
+++ b/docs/security_advisories/security-advisory-tfv-9.rst
@@ -57,20 +57,38 @@
+----------------------+
| Cortex-A76 |
+----------------------+
+| Cortex-A76AE |
++----------------------+
| Cortex-A77 |
+----------------------+
| Cortex-A78 |
+----------------------+
+| Cortex-A78AE |
++----------------------+
+| Cortex-A78C |
++----------------------+
+| Cortex-X1 |
++----------------------+
| Cortex-X2 |
+----------------------+
| Cortex-A710 |
+----------------------+
+| Cortex-Makalu |
++----------------------+
+| Cortex-Makalu-ELP |
++----------------------+
+| Cortex-Hunter |
++----------------------+
| Neoverse-N1 |
+----------------------+
| Neoverse-N2 |
+----------------------+
| Neoverse-V1 |
+----------------------+
+| Neoverse-Demeter |
++----------------------+
+| Neoverse-Poseidon |
++----------------------+
For all other cores impacted by Spectre-BHB, some of which that do not implement
FEAT_CSV2 and some that do e.g. Cortex-A73, the recommended mitigation is to
@@ -90,7 +108,7 @@
implementation also enables the normal world to discover the presence of this
firmware service. This patch also implements ``SMCCC_ARCH_WORKAROUND_3`` for
Cortex-A57, Coxtex-A72, Cortex-A73 and Cortex-A75 using the existing workaround.
-for CVE-2017-5715.
+for CVE-2017-5715. Cortex-A15 patch extends Spectre V2 mitigation to Spectre-BHB.
The above workaround is enabled by default (on vulnerable CPUs only). Platforms
can choose to disable them at compile time if they do not require them.
diff --git a/drivers/arm/gic/v3/gic-x00.c b/drivers/arm/gic/v3/gic-x00.c
index aaef485..75eb69a 100644
--- a/drivers/arm/gic/v3/gic-x00.c
+++ b/drivers/arm/gic/v3/gic-x00.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -42,6 +42,8 @@
#define PWRR_ON (0U << PWRR_RDPD_SHIFT)
#define PWRR_OFF (1U << PWRR_RDPD_SHIFT)
+static bool gic600_errata_wa_2384374 __unused;
+
#if GICV3_SUPPORT_GIC600
/* GIC-600/700 specific accessor functions */
@@ -170,3 +172,60 @@
}
#endif
}
+
+#if GIC600_ERRATA_WA_2384374
+/*******************************************************************************
+ * Apply part 2 of workaround for errata-2384374 as per SDEN:
+ * https://developer.arm.com/documentation/sden892601/latest/
+ ******************************************************************************/
+void gicv3_apply_errata_wa_2384374(uintptr_t gicr_base)
+{
+ if (gic600_errata_wa_2384374) {
+ uint32_t gicr_ctlr_val = gicr_read_ctlr(gicr_base);
+
+ gicr_write_ctlr(gicr_base, gicr_ctlr_val |
+ (GICR_CTLR_DPG0_BIT | GICR_CTLR_DPG1NS_BIT |
+ GICR_CTLR_DPG1S_BIT));
+ gicr_write_ctlr(gicr_base, gicr_ctlr_val &
+ ~(GICR_CTLR_DPG0_BIT | GICR_CTLR_DPG1NS_BIT |
+ GICR_CTLR_DPG1S_BIT));
+ }
+}
+#endif /* GIC600_ERRATA_WA_2384374 */
+
+void gicv3_check_erratas_applies(uintptr_t gicd_base)
+{
+ unsigned int gic_prod_id;
+ uint8_t gic_rev;
+
+ assert(gicd_base != 0UL);
+
+ gicv3_get_component_prodid_rev(gicd_base, &gic_prod_id, &gic_rev);
+
+ /*
+ * This workaround applicable only to GIC600 and GIC600AE products with
+ * revision less than r1p6 and r0p2 respectively.
+ * As per GIC600/GIC600AE specification -
+ * r1p6 = 0x17 => GICD_IIDR[19:12]
+ * r0p2 = 0x04 => GICD_IIDR[19:12]
+ */
+ if ((gic_prod_id == GIC_PRODUCT_ID_GIC600) ||
+ (gic_prod_id == GIC_PRODUCT_ID_GIC600AE)) {
+ if (((gic_prod_id == GIC_PRODUCT_ID_GIC600) &&
+ (gic_rev <= GIC_REV(GIC_VARIANT_R1, GIC_REV_P6))) ||
+ ((gic_prod_id == GIC_PRODUCT_ID_GIC600AE) &&
+ (gic_rev <= GIC_REV(GIC_VARIANT_R0, GIC_REV_P2)))) {
+#if GIC600_ERRATA_WA_2384374
+ gic600_errata_wa_2384374 = true;
+ VERBOSE("%s applies\n",
+ "GIC600/GIC600AE errata workaround 2384374");
+#else
+ WARN("%s missing\n",
+ "GIC600/GIC600AE errata workaround 2384374");
+#endif /* GIC600_ERRATA_WA_2384374 */
+ } else {
+ VERBOSE("%s not applies\n",
+ "GIC600/GIC600AE errata workaround 2384374");
+ }
+ }
+}
diff --git a/drivers/arm/gic/v3/gicv3.mk b/drivers/arm/gic/v3/gicv3.mk
index d7e3536..1d20ff3 100644
--- a/drivers/arm/gic/v3/gicv3.mk
+++ b/drivers/arm/gic/v3/gicv3.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
# Copyright (c) 2021, NVIDIA Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -12,6 +12,7 @@
GICV3_OVERRIDE_DISTIF_PWR_OPS ?= 0
GIC_ENABLE_V4_EXTN ?= 0
GIC_EXT_INTID ?= 0
+GIC600_ERRATA_WA_2384374 ?= ${GICV3_SUPPORT_GIC600}
GICV3_SOURCES += drivers/arm/gic/v3/gicv3_main.c \
drivers/arm/gic/v3/gicv3_helpers.c \
@@ -47,3 +48,7 @@
# Set support for extended PPI and SPI range
$(eval $(call assert_boolean,GIC_EXT_INTID))
$(eval $(call add_define,GIC_EXT_INTID))
+
+# Set errata workaround for GIC600/GIC600AE
+$(eval $(call assert_boolean,GIC600_ERRATA_WA_2384374))
+$(eval $(call add_define,GIC600_ERRATA_WA_2384374))
diff --git a/drivers/arm/gic/v3/gicv3_helpers.c b/drivers/arm/gic/v3/gicv3_helpers.c
index 753d995..f3852d2 100644
--- a/drivers/arm/gic/v3/gicv3_helpers.c
+++ b/drivers/arm/gic/v3/gicv3_helpers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -408,3 +408,34 @@
return part_id;
}
+
+/*******************************************************************************
+ * Helper function to return product ID and revision of GIC
+ * @gicd_base: base address of the GIC distributor
+ * @gic_prod_id: retrieved product id of GIC
+ * @gic_rev: retrieved revision of GIC
+ ******************************************************************************/
+void gicv3_get_component_prodid_rev(const uintptr_t gicd_base,
+ unsigned int *gic_prod_id,
+ uint8_t *gic_rev)
+{
+ unsigned int gicd_iidr;
+ uint8_t gic_variant;
+
+ gicd_iidr = gicd_read_iidr(gicd_base);
+ *gic_prod_id = gicd_iidr >> IIDR_PRODUCT_ID_SHIFT;
+ *gic_prod_id &= IIDR_PRODUCT_ID_MASK;
+
+ gic_variant = gicd_iidr >> IIDR_VARIANT_SHIFT;
+ gic_variant &= IIDR_VARIANT_MASK;
+
+ *gic_rev = gicd_iidr >> IIDR_REV_SHIFT;
+ *gic_rev &= IIDR_REV_MASK;
+
+ /*
+ * pack gic variant and gic_rev in 1 byte
+ * gic_rev = gic_variant[7:4] and gic_rev[0:3]
+ */
+ *gic_rev = *gic_rev | gic_variant << 0x4;
+
+}
diff --git a/drivers/arm/gic/v3/gicv3_main.c b/drivers/arm/gic/v3/gicv3_main.c
index 53a8fae..8ead43b 100644
--- a/drivers/arm/gic/v3/gicv3_main.c
+++ b/drivers/arm/gic/v3/gicv3_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -169,6 +169,8 @@
flush_dcache_range((uintptr_t)gicv3_driver_data,
sizeof(*gicv3_driver_data));
#endif
+ gicv3_check_erratas_applies(plat_driver_data->gicd_base);
+
INFO("GICv%u with%s legacy support detected.\n", gic_version,
(gicv2_compat == 0U) ? "" : "out");
INFO("ARM GICv%u driver initialized in EL3\n", gic_version);
@@ -362,9 +364,17 @@
/* Add DSB to ensure visibility of System register writes */
dsb();
- /* Mark the connected core as asleep */
gicr_base = gicv3_driver_data->rdistif_base_addrs[proc_num];
- assert(gicr_base != 0U);
+ assert(gicr_base != 0UL);
+
+ /*
+ * dsb() already issued previously after clearing the CPU group
+ * enabled, apply below workaround to toggle the "DPG*"
+ * bits of GICR_CTLR register for unblocking event.
+ */
+ gicv3_apply_errata_wa_2384374(gicr_base);
+
+ /* Mark the connected core as asleep */
gicv3_rdistif_mark_core_asleep(gicr_base);
}
diff --git a/drivers/auth/cca/cot.c b/drivers/auth/cca/cot.c
new file mode 100644
index 0000000..d3f3087
--- /dev/null
+++ b/drivers/auth/cca/cot.c
@@ -0,0 +1,675 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+
+#include <drivers/auth/auth_mod.h>
+#include MBEDTLS_CONFIG_FILE
+#include <tools_share/cca_oid.h>
+
+#include <platform_def.h>
+
+/*
+ * Allocate static buffers to store the authentication parameters extracted from
+ * the certificates.
+ */
+static unsigned char fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char tb_fw_hash_buf[HASH_DER_LEN];
+static unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char hw_config_hash_buf[HASH_DER_LEN];
+static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
+static unsigned char soc_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char rmm_hash_buf[HASH_DER_LEN];
+
+#ifdef IMAGE_BL2
+static unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
+static unsigned char tos_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN];
+#if defined(SPD_spmd)
+static unsigned char sp_pkg_hash_buf[MAX_SP_IDS][HASH_DER_LEN];
+#endif /* SPD_spmd */
+
+static unsigned char core_swd_pk_buf[PK_DER_LEN];
+static unsigned char plat_pk_buf[PK_DER_LEN];
+#endif /* IMAGE_BL2 */
+
+/*
+ * Parameter type descriptors.
+ */
+static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID);
+static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, 0);
+static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_SIG, 0);
+static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_SIG_ALG, 0);
+static auth_param_type_desc_t raw_data = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_RAW_DATA, 0);
+
+static auth_param_type_desc_t tb_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_BOOT_FW_HASH_OID);
+static auth_param_type_desc_t tb_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_BOOT_FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, HW_CONFIG_HASH_OID);
+static auth_param_type_desc_t fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID);
+static auth_param_type_desc_t soc_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SOC_FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t rmm_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, RMM_HASH_OID);
+
+#ifdef IMAGE_BL2
+static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID);
+
+static auth_param_type_desc_t prot_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, PROT_PK_OID);
+static auth_param_type_desc_t swd_rot_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, SWD_ROT_PK_OID);
+static auth_param_type_desc_t core_swd_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, CORE_SWD_PK_OID);
+static auth_param_type_desc_t plat_pk = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_PUB_KEY, PLAT_PK_OID);
+
+static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID);
+static auth_param_type_desc_t tos_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, TRUSTED_OS_FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID);
+static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID);
+#if defined(SPD_spmd)
+static auth_param_type_desc_t sp_pkg1_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG1_HASH_OID);
+static auth_param_type_desc_t sp_pkg2_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG2_HASH_OID);
+static auth_param_type_desc_t sp_pkg3_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG3_HASH_OID);
+static auth_param_type_desc_t sp_pkg4_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG4_HASH_OID);
+static auth_param_type_desc_t sp_pkg5_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG5_HASH_OID);
+static auth_param_type_desc_t sp_pkg6_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG6_HASH_OID);
+static auth_param_type_desc_t sp_pkg7_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG7_HASH_OID);
+static auth_param_type_desc_t sp_pkg8_hash = AUTH_PARAM_TYPE_DESC(
+ AUTH_PARAM_HASH, SP_PKG8_HASH_OID);
+#endif /* SPD_spmd */
+#endif /* IMAGE_BL2 */
+
+/* CCA Content Certificate */
+static const auth_img_desc_t cca_content_cert = {
+ .img_id = CCA_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = NULL,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &subject_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &tb_fw_hash,
+ .data = {
+ .ptr = (void *)tb_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &tb_fw_config_hash,
+ .data = {
+ .ptr = (void *)tb_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &fw_config_hash,
+ .data = {
+ .ptr = (void *)fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [3] = {
+ .type_desc = &hw_config_hash,
+ .data = {
+ .ptr = (void *)hw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [4] = {
+ .type_desc = &soc_fw_hash,
+ .data = {
+ .ptr = (void *)soc_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [5] = {
+ .type_desc = &soc_fw_config_hash,
+ .data = {
+ .ptr = (void *)soc_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [6] = {
+ .type_desc = &rmm_hash,
+ .data = {
+ .ptr = (void *)rmm_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+#ifdef IMAGE_BL1
+static const auth_img_desc_t bl2_image = {
+ .img_id = BL2_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tb_fw_hash
+ }
+ }
+ }
+};
+
+static const auth_img_desc_t tb_fw_config = {
+ .img_id = TB_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tb_fw_config_hash
+ }
+ }
+ }
+};
+
+static const auth_img_desc_t fw_config = {
+ .img_id = FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &fw_config_hash
+ }
+ }
+ }
+};
+#endif /* IMAGE_BL1 */
+
+#ifdef IMAGE_BL2
+/* HW Config */
+static const auth_img_desc_t hw_config = {
+ .img_id = HW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &hw_config_hash
+ }
+ }
+ }
+};
+
+/* BL31 */
+static const auth_img_desc_t bl31_image = {
+ .img_id = BL31_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &soc_fw_hash
+ }
+ }
+ }
+};
+
+/* BL31 Config */
+static const auth_img_desc_t soc_fw_config = {
+ .img_id = SOC_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &soc_fw_config_hash
+ }
+ }
+ }
+};
+
+/* RMM */
+static const auth_img_desc_t rmm_image = {
+ .img_id = RMM_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &cca_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &rmm_hash
+ }
+ }
+ }
+};
+
+/* Core SWD Key Certificate */
+static const auth_img_desc_t core_swd_key_cert = {
+ .img_id = CORE_SWD_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = NULL, /* SWD ROOT CERT */
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &swd_rot_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &core_swd_pk,
+ .data = {
+ .ptr = (void *)core_swd_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+
+/* SPMC Content Certificate */
+static const auth_img_desc_t trusted_os_fw_content_cert = {
+ .img_id = TRUSTED_OS_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &core_swd_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &core_swd_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &tos_fw_hash,
+ .data = {
+ .ptr = (void *)tos_fw_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &tos_fw_config_hash,
+ .data = {
+ .ptr = (void *)tos_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+/* SPMC */
+static const auth_img_desc_t bl32_image = {
+ .img_id = BL32_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_hash
+ }
+ }
+ }
+};
+
+/* SPM Config */
+static const auth_img_desc_t tos_fw_config = {
+ .img_id = TOS_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &trusted_os_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &tos_fw_config_hash
+ }
+ }
+ }
+};
+
+/* Platform Key Certificate */
+static const auth_img_desc_t plat_key_cert = {
+ .img_id = PLAT_KEY_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = NULL, /* PLATFORM ROOT CERT */
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &prot_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &plat_pk,
+ .data = {
+ .ptr = (void *)plat_pk_buf,
+ .len = (unsigned int)PK_DER_LEN
+ }
+ }
+ }
+};
+
+/* Non-Trusted Firmware */
+static const auth_img_desc_t non_trusted_fw_content_cert = {
+ .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &plat_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &plat_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &nt_world_bl_hash,
+ .data = {
+ .ptr = (void *)nt_world_bl_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &nt_fw_config_hash,
+ .data = {
+ .ptr = (void *)nt_fw_config_hash_buf,
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+static const auth_img_desc_t bl33_image = {
+ .img_id = BL33_IMAGE_ID,
+ .img_type = IMG_RAW,
+ .parent = &non_trusted_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &nt_world_bl_hash
+ }
+ }
+ }
+};
+
+/* NT FW Config */
+static const auth_img_desc_t nt_fw_config = {
+ .img_id = NT_FW_CONFIG_ID,
+ .img_type = IMG_RAW,
+ .parent = &non_trusted_fw_content_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_HASH,
+ .param.hash = {
+ .data = &raw_data,
+ .hash = &nt_fw_config_hash
+ }
+ }
+ }
+};
+
+/*
+ * Secure Partitions
+ */
+#if defined(SPD_spmd)
+static const auth_img_desc_t sip_sp_content_cert = {
+ .img_id = SIP_SP_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &core_swd_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &core_swd_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &trusted_nv_ctr,
+ .plat_nv_ctr = &trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &sp_pkg1_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[0],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &sp_pkg2_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[1],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &sp_pkg3_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[2],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [3] = {
+ .type_desc = &sp_pkg4_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[3],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+DEFINE_SIP_SP_PKG(1);
+DEFINE_SIP_SP_PKG(2);
+DEFINE_SIP_SP_PKG(3);
+DEFINE_SIP_SP_PKG(4);
+
+static const auth_img_desc_t plat_sp_content_cert = {
+ .img_id = PLAT_SP_CONTENT_CERT_ID,
+ .img_type = IMG_CERT,
+ .parent = &plat_key_cert,
+ .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+ [0] = {
+ .type = AUTH_METHOD_SIG,
+ .param.sig = {
+ .pk = &plat_pk,
+ .sig = &sig,
+ .alg = &sig_alg,
+ .data = &raw_data
+ }
+ },
+ [1] = {
+ .type = AUTH_METHOD_NV_CTR,
+ .param.nv_ctr = {
+ .cert_nv_ctr = &non_trusted_nv_ctr,
+ .plat_nv_ctr = &non_trusted_nv_ctr
+ }
+ }
+ },
+ .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
+ [0] = {
+ .type_desc = &sp_pkg5_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[4],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [1] = {
+ .type_desc = &sp_pkg6_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[5],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [2] = {
+ .type_desc = &sp_pkg7_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[6],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ },
+ [3] = {
+ .type_desc = &sp_pkg8_hash,
+ .data = {
+ .ptr = (void *)sp_pkg_hash_buf[7],
+ .len = (unsigned int)HASH_DER_LEN
+ }
+ }
+ }
+};
+
+DEFINE_PLAT_SP_PKG(5);
+DEFINE_PLAT_SP_PKG(6);
+DEFINE_PLAT_SP_PKG(7);
+DEFINE_PLAT_SP_PKG(8);
+#endif /* SPD_spmd */
+#endif /* IMAGE_BL2 */
+/*
+ * Chain of trust definition
+ */
+#ifdef IMAGE_BL1
+static const auth_img_desc_t * const cot_desc[] = {
+ [CCA_CONTENT_CERT_ID] = &cca_content_cert,
+ [BL2_IMAGE_ID] = &bl2_image,
+ [TB_FW_CONFIG_ID] = &tb_fw_config,
+ [FW_CONFIG_ID] = &fw_config,
+};
+#else /* IMAGE_BL2 */
+static const auth_img_desc_t * const cot_desc[] = {
+ [CCA_CONTENT_CERT_ID] = &cca_content_cert,
+ [HW_CONFIG_ID] = &hw_config,
+ [BL31_IMAGE_ID] = &bl31_image,
+ [SOC_FW_CONFIG_ID] = &soc_fw_config,
+ [RMM_IMAGE_ID] = &rmm_image,
+ [CORE_SWD_KEY_CERT_ID] = &core_swd_key_cert,
+ [TRUSTED_OS_FW_CONTENT_CERT_ID] = &trusted_os_fw_content_cert,
+ [BL32_IMAGE_ID] = &bl32_image,
+ [TOS_FW_CONFIG_ID] = &tos_fw_config,
+ [PLAT_KEY_CERT_ID] = &plat_key_cert,
+ [NON_TRUSTED_FW_CONTENT_CERT_ID] = &non_trusted_fw_content_cert,
+ [BL33_IMAGE_ID] = &bl33_image,
+ [NT_FW_CONFIG_ID] = &nt_fw_config,
+#if defined(SPD_spmd)
+ [SIP_SP_CONTENT_CERT_ID] = &sip_sp_content_cert,
+ [PLAT_SP_CONTENT_CERT_ID] = &plat_sp_content_cert,
+ [SP_PKG1_ID] = &sp_pkg1,
+ [SP_PKG2_ID] = &sp_pkg2,
+ [SP_PKG3_ID] = &sp_pkg3,
+ [SP_PKG4_ID] = &sp_pkg4,
+ [SP_PKG5_ID] = &sp_pkg5,
+ [SP_PKG6_ID] = &sp_pkg6,
+ [SP_PKG7_ID] = &sp_pkg7,
+ [SP_PKG8_ID] = &sp_pkg8,
+#endif
+};
+#endif /* IMAGE_BL1 */
+
+/* Register the CoT in the authentication module */
+REGISTER_COT(cot_desc);
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index 3eb4161..16ce65f 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -97,18 +97,6 @@
TF_MBEDTLS_USE_AES_GCM := 0
endif
-ifeq ($(MEASURED_BOOT),1)
- ifeq (${TPM_HASH_ALG}, sha256)
- TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA256
- else ifeq (${TPM_HASH_ALG}, sha384)
- TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA384
- else ifeq (${TPM_HASH_ALG}, sha512)
- TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA512
- else
- $(error "TPM_HASH_ALG not defined.")
- endif
-endif
-
# Needs to be set to drive mbed TLS configuration correctly
$(eval $(call add_defines,\
$(sort \
@@ -118,10 +106,6 @@
TF_MBEDTLS_USE_AES_GCM \
)))
-ifeq ($(MEASURED_BOOT),1)
- $(eval $(call add_define,TF_MBEDTLS_TPM_HASH_ALG_ID))
-endif
-
$(eval $(call MAKE_LIB,mbedtls))
endif
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c
index 792f235..abe469b 100644
--- a/drivers/measured_boot/event_log/event_log.c
+++ b/drivers/measured_boot/event_log/event_log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -180,6 +180,8 @@
/* event_log_init() must have been called prior to this. */
assert(log_ptr != NULL);
+ assert(((uintptr_t)log_ptr + ID_EVENT_SIZE + LOC_EVENT_SIZE) <
+ log_end);
/*
* Add Specification ID Event first
@@ -219,7 +221,7 @@
((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID;
/* TCG_PCR_EVENT2.Digests[].Digest[] */
- (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID);
+ (void)memset(&((tpmt_ha *)ptr)->digest, 0, TCG_DIGEST_SIZE);
ptr = (uint8_t *)((uintptr_t)ptr +
offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE);
diff --git a/drivers/measured_boot/event_log/event_log.mk b/drivers/measured_boot/event_log/event_log.mk
index 1ff4aa8..5ea4c55 100644
--- a/drivers/measured_boot/event_log/event_log.mk
+++ b/drivers/measured_boot/event_log/event_log.mk
@@ -7,20 +7,25 @@
# Default log level to dump the event log (LOG_LEVEL_INFO)
EVENT_LOG_LEVEL ?= 40
-# TPM hash algorithm.
+# Measured Boot hash algorithm.
# SHA-256 (or stronger) is required for all devices that are TPM 2.0 compliant.
-TPM_HASH_ALG := sha256
+ifdef TPM_HASH_ALG
+ $(warning "TPM_HASH_ALG is deprecated. Please use MBOOT_EL_HASH_ALG instead.")
+ MBOOT_EL_HASH_ALG := ${TPM_HASH_ALG}
+else
+ MBOOT_EL_HASH_ALG := sha256
+endif
-ifeq (${TPM_HASH_ALG}, sha512)
+ifeq (${MBOOT_EL_HASH_ALG}, sha512)
TPM_ALG_ID := TPM_ALG_SHA512
TCG_DIGEST_SIZE := 64U
-else ifeq (${TPM_HASH_ALG}, sha384)
+else ifeq (${MBOOT_EL_HASH_ALG}, sha384)
TPM_ALG_ID := TPM_ALG_SHA384
TCG_DIGEST_SIZE := 48U
else
TPM_ALG_ID := TPM_ALG_SHA256
TCG_DIGEST_SIZE := 32U
-endif #TPM_HASH_ALG
+endif #MBOOT_EL_HASH_ALG
# Set definitions for Measured Boot driver.
$(eval $(call add_defines,\
diff --git a/drivers/measured_boot/rss/rss_measured_boot.mk b/drivers/measured_boot/rss/rss_measured_boot.mk
index 01545af..18ee836 100644
--- a/drivers/measured_boot/rss/rss_measured_boot.mk
+++ b/drivers/measured_boot/rss/rss_measured_boot.mk
@@ -6,21 +6,18 @@
# Hash algorithm for measured boot
# SHA-256 (or stronger) is required.
-# TODO: The measurement algorithm incorrectly suggests that the TPM backend
-# is used which may not be the case. It is currently being worked on and
-# soon TPM_HASH_ALG will be replaced by a more generic name.
-TPM_HASH_ALG := sha256
+MBOOT_RSS_HASH_ALG := sha256
-ifeq (${TPM_HASH_ALG}, sha512)
+ifeq (${MBOOT_RSS_HASH_ALG}, sha512)
MBOOT_ALG_ID := MBOOT_ALG_SHA512
MBOOT_DIGEST_SIZE := 64U
-else ifeq (${TPM_HASH_ALG}, sha384)
+else ifeq (${MBOOT_RSS_HASH_ALG}, sha384)
MBOOT_ALG_ID := MBOOT_ALG_SHA384
MBOOT_DIGEST_SIZE := 48U
else
MBOOT_ALG_ID := MBOOT_ALG_SHA256
MBOOT_DIGEST_SIZE := 32U
-endif #TPM_HASH_ALG
+endif #MBOOT_RSS_HASH_ALG
# Set definitions for Measured Boot driver.
$(eval $(call add_defines,\
diff --git a/drivers/mmc/mmc.c b/drivers/mmc/mmc.c
index c327e71..116afda 100644
--- a/drivers/mmc/mmc.c
+++ b/drivers/mmc/mmc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -694,52 +694,6 @@
return size;
}
-static inline void mmc_rpmb_enable(void)
-{
- mmc_set_ext_csd(CMD_EXTCSD_PARTITION_CONFIG,
- PART_CFG_BOOT_PARTITION1_ENABLE |
- PART_CFG_BOOT_PARTITION1_ACCESS);
-}
-
-static inline void mmc_rpmb_disable(void)
-{
- mmc_set_ext_csd(CMD_EXTCSD_PARTITION_CONFIG,
- PART_CFG_BOOT_PARTITION1_ENABLE);
-}
-
-size_t mmc_rpmb_read_blocks(int lba, uintptr_t buf, size_t size)
-{
- size_t size_read;
-
- mmc_rpmb_enable();
- size_read = mmc_read_blocks(lba, buf, size);
- mmc_rpmb_disable();
-
- return size_read;
-}
-
-size_t mmc_rpmb_write_blocks(int lba, const uintptr_t buf, size_t size)
-{
- size_t size_written;
-
- mmc_rpmb_enable();
- size_written = mmc_write_blocks(lba, buf, size);
- mmc_rpmb_disable();
-
- return size_written;
-}
-
-size_t mmc_rpmb_erase_blocks(int lba, size_t size)
-{
- size_t size_erased;
-
- mmc_rpmb_enable();
- size_erased = mmc_erase_blocks(lba, size);
- mmc_rpmb_disable();
-
- return size_erased;
-}
-
static int mmc_part_switch(unsigned int part_type)
{
uint8_t part_config = mmc_ext_csd[CMD_EXTCSD_PARTITION_CONFIG];
@@ -755,29 +709,51 @@
return PART_CFG_CURRENT_BOOT_PARTITION(mmc_ext_csd[CMD_EXTCSD_PARTITION_CONFIG]);
}
-size_t mmc_boot_part_read_blocks(int lba, uintptr_t buf, size_t size)
+int mmc_part_switch_current_boot(void)
{
- size_t size_read;
- int ret;
unsigned char current_boot_part = mmc_current_boot_part();
+ int ret;
if (current_boot_part != 1U &&
current_boot_part != 2U) {
ERROR("Got unexpected value for active boot partition, %u\n", current_boot_part);
- return 0;
+ return -EIO;
}
ret = mmc_part_switch(current_boot_part);
if (ret < 0) {
ERROR("Failed to switch to boot partition, %d\n", ret);
+ }
+
+ return ret;
+}
+
+int mmc_part_switch_user(void)
+{
+ int ret;
+
+ ret = mmc_part_switch(PART_CFG_BOOT_PARTITION_NO_ACCESS);
+ if (ret < 0) {
+ ERROR("Failed to switch to user partition, %d\n", ret);
+ }
+
+ return ret;
+}
+
+size_t mmc_boot_part_read_blocks(int lba, uintptr_t buf, size_t size)
+{
+ size_t size_read;
+ int ret;
+
+ ret = mmc_part_switch_current_boot();
+ if (ret < 0) {
return 0;
}
size_read = mmc_read_blocks(lba, buf, size);
- ret = mmc_part_switch(0);
+ ret = mmc_part_switch_user();
if (ret < 0) {
- ERROR("Failed to switch back to user partition, %d\n", ret);
return 0;
}
diff --git a/drivers/nxp/ddr/phy-gen2/phy.c b/drivers/nxp/ddr/phy-gen2/phy.c
index c8245a8..9e52145 100644
--- a/drivers/nxp/ddr/phy-gen2/phy.c
+++ b/drivers/nxp/ddr/phy-gen2/phy.c
@@ -2216,14 +2216,6 @@
size = PHY_GEN2_MAX_IMAGE_SIZE;
image_buf = (uintptr_t)phy_gen2_fw_img_buf;
- ret = mmap_add_dynamic_region(phy_gen2_fw_img_buf,
- phy_gen2_fw_img_buf,
- PHY_GEN2_MAX_IMAGE_SIZE,
- MT_MEMORY | MT_RW | MT_SECURE);
- if (ret != 0) {
- ERROR("Failed to add dynamic memory region.\n");
- return ret;
- }
ret = img_loadr(imem_id, &image_buf, &size);
if (ret != 0) {
ERROR("Failed to load %d firmware.\n", imem_id);
@@ -2592,6 +2584,15 @@
}
} else {
#endif
+ /* Mapping IMG buffer firstly */
+ ret = mmap_add_dynamic_region(priv->phy_gen2_fw_img_buf,
+ priv->phy_gen2_fw_img_buf,
+ PHY_GEN2_MAX_IMAGE_SIZE,
+ MT_MEMORY | MT_RW | MT_SECURE);
+ if (ret != 0) {
+ ERROR("Failed to add dynamic memory region.\n");
+ return ret;
+ }
debug("Load 1D firmware\n");
ret = load_fw(priv->phy, &input, 0, &msg_1d,
diff --git a/drivers/st/clk/clk-stm32-core.c b/drivers/st/clk/clk-stm32-core.c
index e1b6940..8584a52 100644
--- a/drivers/st/clk/clk-stm32-core.c
+++ b/drivers/st/clk/clk-stm32-core.c
@@ -143,7 +143,7 @@
{
struct clk_oscillator_data *osc_data = clk_oscillator_get_data(priv, id);
- return _clk_stm32_gate_wait_ready(priv, osc_data->gate_id, ready_on);
+ return _clk_stm32_gate_wait_ready(priv, osc_data->gate_rdy_id, ready_on);
}
int clk_oscillator_wait_ready_on(struct stm32_clk_priv *priv, int id)
@@ -838,8 +838,9 @@
}
}
- if ((mmio_read_32(address) & mask_rdy) != mask_test)
+ if ((mmio_read_32(address) & mask_rdy) != mask_test) {
return -ETIMEDOUT;
+ }
return 0;
}
diff --git a/fdts/stm32mp13-bl2.dtsi b/fdts/stm32mp13-bl2.dtsi
index 41d6e2e..00bf1b5 100644
--- a/fdts/stm32mp13-bl2.dtsi
+++ b/fdts/stm32mp13-bl2.dtsi
@@ -101,7 +101,7 @@
/delete-node/ tamp@5c00a000;
/delete-node/ stgen@5c008000;
- pin-controller@50002000 {
+ pinctrl@50002000 {
#if !STM32MP_EMMC && !STM32MP_SDMMC
/delete-node/ sdmmc1-b4-0;
/delete-node/ sdmmc2-b4-0;
diff --git a/fdts/stm32mp131.dtsi b/fdts/stm32mp131.dtsi
index adf7a91..decd812 100644
--- a/fdts/stm32mp131.dtsi
+++ b/fdts/stm32mp131.dtsi
@@ -480,7 +480,7 @@
* Break node order to solve dependency probe issue between
* pinctrl and exti.
*/
- pinctrl: pin-controller@50002000 {
+ pinctrl: pinctrl@50002000 {
#address-cells = <1>;
#size-cells = <1>;
compatible = "st,stm32mp135-pinctrl";
diff --git a/fdts/stm32mp15-bl2.dtsi b/fdts/stm32mp15-bl2.dtsi
index d00e35b..501b092 100644
--- a/fdts/stm32mp15-bl2.dtsi
+++ b/fdts/stm32mp15-bl2.dtsi
@@ -46,7 +46,7 @@
/delete-node/ i2c@5c009000;
/delete-node/ tamp@5c00a000;
- pin-controller@50002000 {
+ pinctrl@50002000 {
#if !STM32MP_RAW_NAND
/delete-node/ fmc-0;
#endif
diff --git a/fdts/stm32mp15-bl32.dtsi b/fdts/stm32mp15-bl32.dtsi
index ca4bb3e..31b24f6 100644
--- a/fdts/stm32mp15-bl32.dtsi
+++ b/fdts/stm32mp15-bl32.dtsi
@@ -27,7 +27,7 @@
/delete-node/ stgen@5c008000;
/delete-node/ i2c@5c009000;
- pin-controller@50002000 {
+ pinctrl@50002000 {
/delete-node/ fmc-0;
/delete-node/ qspi-clk-0;
/delete-node/ qspi-bk1-0;
diff --git a/fdts/stm32mp15-fw-config.dtsi b/fdts/stm32mp15-fw-config.dtsi
index 8aece28..d583672 100644
--- a/fdts/stm32mp15-fw-config.dtsi
+++ b/fdts/stm32mp15-fw-config.dtsi
@@ -1,6 +1,6 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
- * Copyright (c) 2021, STMicroelectronics - All Rights Reserved
+ * Copyright (c) 2021-2022, STMicroelectronics - All Rights Reserved
*/
#include <common/tbbr/tbbr_img_def.h>
@@ -14,7 +14,7 @@
#define DDR_NS_BASE STM32MP_DDR_BASE
#ifdef AARCH32_SP_OPTEE
-/* OP-TEE reserved shared memory: located at DDR top */
+/* OP-TEE reserved shared memory: located at DDR top or null size */
#define DDR_SHARE_SIZE STM32MP_DDR_SHMEM_SIZE
#define DDR_SHARE_BASE (STM32MP_DDR_BASE + (DDR_SIZE - DDR_SHARE_SIZE))
/* OP-TEE secure memory: located right below OP-TEE reserved shared memory */
@@ -70,8 +70,11 @@
memory-ranges = <
DDR_NS_BASE DDR_NS_SIZE TZC_REGION_S_NONE TZC_REGION_NSEC_ALL_ACCESS_RDWR
DDR_SEC_BASE DDR_SEC_SIZE TZC_REGION_S_RDWR 0
+#if STM32MP15_OPTEE_RSV_SHM
DDR_SHARE_BASE DDR_SHARE_SIZE TZC_REGION_S_NONE
- TZC_REGION_ACCESS_RDWR(STM32MP1_TZC_A7_ID)>;
+ TZC_REGION_ACCESS_RDWR(STM32MP1_TZC_A7_ID)
+#endif
+ >;
#else
memory-ranges = <
DDR_NS_BASE DDR_NS_SIZE TZC_REGION_S_NONE TZC_REGION_NSEC_ALL_ACCESS_RDWR>;
diff --git a/fdts/stm32mp151.dtsi b/fdts/stm32mp151.dtsi
index 63cc917..20071fe 100644
--- a/fdts/stm32mp151.dtsi
+++ b/fdts/stm32mp151.dtsi
@@ -532,7 +532,7 @@
* Break node order to solve dependency probe issue between
* pinctrl and exti.
*/
- pinctrl: pin-controller@50002000 {
+ pinctrl: pinctrl@50002000 {
#address-cells = <1>;
#size-cells = <1>;
compatible = "st,stm32mp157-pinctrl";
@@ -663,7 +663,7 @@
};
};
- pinctrl_z: pin-controller-z@54004000 {
+ pinctrl_z: pinctrl@54004000 {
#address-cells = <1>;
#size-cells = <1>;
compatible = "st,stm32mp157-z-pinctrl";
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 29710e7..79a61b5 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -224,4 +224,23 @@
ID_AA64MMFR2_EL1_NV_MASK));
}
+/*******************************************************************************
+ * Function to identify the presence of FEAT_BRBE (Branch Record Buffer
+ * Extension)
+ ******************************************************************************/
+static inline bool is_feat_brbe_present(void)
+{
+ return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_BRBE_SHIFT) &
+ ID_AA64DFR0_BRBE_MASK) == ID_AA64DFR0_BRBE_SUPPORTED);
+}
+
+/*******************************************************************************
+ * Function to identify the presence of FEAT_TRBE (Trace Buffer Extension)
+ ******************************************************************************/
+static inline bool is_feat_trbe_present(void)
+{
+ return (((read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEBUFFER_SHIFT) &
+ ID_AA64DFR0_TRACEBUFFER_MASK) == ID_AA64DFR0_TRACEBUFFER_SUPPORTED);
+}
+
#endif /* ARCH_FEATURES_H */
diff --git a/include/common/tbbr/cot_def.h b/include/common/tbbr/cot_def.h
index 800ad07..e0c2212 100644
--- a/include/common/tbbr/cot_def.h
+++ b/include/common/tbbr/cot_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,8 @@
/* TBBR CoT definitions */
#if defined(SPD_spmd)
#define COT_MAX_VERIFIED_PARAMS 8
+#elif defined(ARM_COT_cca)
+#define COT_MAX_VERIFIED_PARAMS 8
#else
#define COT_MAX_VERIFIED_PARAMS 4
#endif
diff --git a/include/drivers/arm/gicv3.h b/include/drivers/arm/gicv3.h
index 5efefb6..8371dd5 100644
--- a/include/drivers/arm/gicv3.h
+++ b/include/drivers/arm/gicv3.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -76,6 +76,8 @@
#endif /* GIC_EXT_INTID */
+#define GIC_REV(r, p) ((r << 4) | p)
+
/*******************************************************************************
* GICv3 and 3.1 specific Distributor interface register offsets and constants
******************************************************************************/
@@ -192,6 +194,15 @@
#define GICR_CTLR_UWP_SHIFT 31
#define GICR_CTLR_UWP_MASK U(0x1)
#define GICR_CTLR_UWP_BIT BIT_32(GICR_CTLR_UWP_SHIFT)
+#define GICR_CTLR_DPG1S_SHIFT 26
+#define GICR_CTLR_DPG1S_MASK U(0x1)
+#define GICR_CTLR_DPG1S_BIT BIT_32(GICR_CTLR_DPG1S_SHIFT)
+#define GICR_CTLR_DPG1NS_SHIFT 25
+#define GICR_CTLR_DPG1NS_MASK U(0x1)
+#define GICR_CTLR_DPG1NS_BIT BIT_32(GICR_CTLR_DPG1NS_SHIFT)
+#define GICR_CTLR_DPG0_SHIFT 24
+#define GICR_CTLR_DPG0_MASK U(0x1)
+#define GICR_CTLR_DPG0_BIT BIT_32(GICR_CTLR_DPG0_SHIFT)
#define GICR_CTLR_RWP_SHIFT 3
#define GICR_CTLR_RWP_MASK U(0x1)
#define GICR_CTLR_RWP_BIT BIT_32(GICR_CTLR_RWP_SHIFT)
@@ -224,12 +235,40 @@
#define TYPER_PPI_NUM_MASK U(0x1f)
/* GICR_IIDR bit definitions */
-#define IIDR_PRODUCT_ID_MASK U(0xff000000)
-#define IIDR_VARIANT_MASK U(0x000f0000)
-#define IIDR_REVISION_MASK U(0x0000f000)
-#define IIDR_IMPLEMENTER_MASK U(0x00000fff)
-#define IIDR_MODEL_MASK (IIDR_PRODUCT_ID_MASK | \
- IIDR_IMPLEMENTER_MASK)
+#define IIDR_PRODUCT_ID_MASK U(0xff)
+#define IIDR_VARIANT_MASK U(0xf)
+#define IIDR_REV_MASK U(0xf)
+#define IIDR_IMPLEMENTER_MASK U(0xfff)
+#define IIDR_PRODUCT_ID_SHIFT 24
+#define IIDR_VARIANT_SHIFT 16
+#define IIDR_REV_SHIFT 12
+#define IIDR_IMPLEMENTER_SHIFT 0
+#define IIDR_PRODUCT_ID_BIT BIT_32(IIDR_PRODUCT_ID_SHIFT)
+#define IIDR_VARIANT_BIT BIT_32(IIDR_VARIANT_SHIFT)
+#define IIDR_REV_BIT BIT_32(IIDR_REVISION_SHIFT)
+#define IIDR_IMPLEMENTER_BIT BIT_32(IIDR_IMPLEMENTER_SHIFT)
+
+#define IIDR_MODEL_MASK (IIDR_PRODUCT_ID_MASK << IIDR_PRODUCT_ID_SHIFT | \
+ IIDR_IMPLEMENTER_MASK << IIDR_IMPLEMENTER_SHIFT)
+
+#define GIC_PRODUCT_ID_GIC600 U(0x2)
+#define GIC_PRODUCT_ID_GIC600AE U(0x3)
+#define GIC_PRODUCT_ID_GIC700 U(0x4)
+
+/*
+ * Note that below revisions and variants definations are as per GIC600/GIC600AE
+ * specification.
+ */
+#define GIC_REV_P0 U(0x1)
+#define GIC_REV_P1 U(0x3)
+#define GIC_REV_P2 U(0x4)
+#define GIC_REV_P3 U(0x5)
+#define GIC_REV_P4 U(0x6)
+#define GIC_REV_P6 U(0x7)
+
+#define GIC_VARIANT_R0 U(0x0)
+#define GIC_VARIANT_R1 U(0x1)
+#define GIC_VARIANT_R2 U(0x2)
/*******************************************************************************
* GICv3 and 3.1 CPU interface registers & constants
@@ -543,5 +582,17 @@
void gicv3_clear_interrupt_pending(unsigned int id, unsigned int proc_num);
unsigned int gicv3_set_pmr(unsigned int mask);
+void gicv3_get_component_prodid_rev(const uintptr_t gicd_base,
+ unsigned int *gic_prod_id,
+ uint8_t *gic_rev);
+void gicv3_check_erratas_applies(const uintptr_t gicd_base);
+#if GIC600_ERRATA_WA_2384374
+void gicv3_apply_errata_wa_2384374(const uintptr_t gicr_base);
+#else
+static inline void gicv3_apply_errata_wa_2384374(const uintptr_t gicr_base)
+{
+}
+#endif /* GIC600_ERRATA_WA_2384374 */
+
#endif /* __ASSEMBLER__ */
#endif /* GICV3_H */
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index 8ad6d7a..01e261a 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2015-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -80,8 +80,7 @@
#define MBEDTLS_SHA512_C
#else
/* TBB uses SHA-256, what about measured boot? */
-#if defined(TF_MBEDTLS_TPM_HASH_ALG_ID) && \
- (TF_MBEDTLS_TPM_HASH_ALG_ID != TF_MBEDTLS_SHA256)
+#if defined(TF_MBEDTLS_MBOOT_USE_SHA512)
#define MBEDTLS_SHA512_C
#endif
#endif
@@ -141,4 +140,13 @@
#endif
#endif
+/*
+ * Warn if errors from certain functions are ignored.
+ *
+ * The warnings are always enabled (where supported) for critical functions
+ * where ignoring the return value is almost always a bug. This macro extends
+ * the warnings to more functions.
+ */
+#define MBEDTLS_CHECK_RETURN_WARNING
+
#endif /* MBEDTLS_CONFIG_H */
diff --git a/include/drivers/measured_boot/event_log/event_log.h b/include/drivers/measured_boot/event_log/event_log.h
index 0a19f8a..f4c4fb8 100644
--- a/include/drivers/measured_boot/event_log/event_log.h
+++ b/include/drivers/measured_boot/event_log/event_log.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -78,6 +78,14 @@
#define EVLOG_TB_FW_CONFIG_STRING "TB_FW_CONFIG"
#define EVLOG_TOS_FW_CONFIG_STRING "TOS_FW_CONFIG"
#define EVLOG_RMM_STRING "RMM"
+#define EVLOG_SP1_STRING "SP1"
+#define EVLOG_SP2_STRING "SP2"
+#define EVLOG_SP3_STRING "SP3"
+#define EVLOG_SP4_STRING "SP4"
+#define EVLOG_SP5_STRING "SP5"
+#define EVLOG_SP6_STRING "SP6"
+#define EVLOG_SP7_STRING "SP7"
+#define EVLOG_SP8_STRING "SP8"
typedef struct {
unsigned int id;
diff --git a/include/drivers/mmc.h b/include/drivers/mmc.h
index 834a80f..c154ea5 100644
--- a/include/drivers/mmc.h
+++ b/include/drivers/mmc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -66,6 +66,7 @@
#define EXT_CSD_PART_CONFIG_ACC_MASK GENMASK(2, 0)
#define PART_CFG_BOOT_PARTITION1_ENABLE (U(1) << 3)
#define PART_CFG_BOOT_PARTITION1_ACCESS (U(1) << 0)
+#define PART_CFG_BOOT_PARTITION_NO_ACCESS U(0)
#define PART_CFG_BOOT_PART_EN_MASK GENMASK(5, 3)
#define PART_CFG_BOOT_PART_EN_SHIFT 3
#define PART_CFG_CURRENT_BOOT_PARTITION(x) (((x) & PART_CFG_BOOT_PART_EN_MASK) >> \
@@ -233,9 +234,8 @@
size_t mmc_read_blocks(int lba, uintptr_t buf, size_t size);
size_t mmc_write_blocks(int lba, const uintptr_t buf, size_t size);
size_t mmc_erase_blocks(int lba, size_t size);
-size_t mmc_rpmb_read_blocks(int lba, uintptr_t buf, size_t size);
-size_t mmc_rpmb_write_blocks(int lba, const uintptr_t buf, size_t size);
-size_t mmc_rpmb_erase_blocks(int lba, size_t size);
+int mmc_part_switch_current_boot(void);
+int mmc_part_switch_user(void);
size_t mmc_boot_part_read_blocks(int lba, uintptr_t buf, size_t size);
int mmc_init(const struct mmc_ops *ops_ptr, unsigned int clk,
unsigned int width, unsigned int flags,
diff --git a/include/drivers/nxp/gic/gicv3/plat_gic.h b/include/drivers/nxp/gic/gicv3/plat_gic.h
index 0c0d0fc..794b06b 100644
--- a/include/drivers/nxp/gic/gicv3/plat_gic.h
+++ b/include/drivers/nxp/gic/gicv3/plat_gic.h
@@ -61,7 +61,6 @@
#define GICR_ICENABLER0_SGI15 0x00008000
#define GICR_CTLR_RWP 0x8
-#define GICR_CTLR_DPG0_MASK 0x2000000
#define GICR_IGROUPR0_SGI15 0x00008000
#define GICR_IGRPMODR0_SGI15 0x00008000
#define GICR_ISENABLER0_SGI15 0x00008000
diff --git a/include/export/common/tbbr/tbbr_img_def_exp.h b/include/export/common/tbbr/tbbr_img_def_exp.h
index 98544c0..98a0099 100644
--- a/include/export/common/tbbr/tbbr_img_def_exp.h
+++ b/include/export/common/tbbr/tbbr_img_def_exp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -104,7 +104,16 @@
/* Realm Monitor Manager (RMM) */
#define RMM_IMAGE_ID U(34)
+/* CCA Content Certificate ID */
+#define CCA_CONTENT_CERT_ID U(35)
+
+/* Core SWD Key Certificate ID */
+#define CORE_SWD_KEY_CERT_ID U(36)
+
+/* Platform Key Certificate ID */
+#define PLAT_KEY_CERT_ID U(37)
+
/* Max Images */
-#define MAX_IMAGE_IDS U(35)
+#define MAX_IMAGE_IDS U(38)
#endif /* ARM_TRUSTED_FIRMWARE_EXPORT_COMMON_TBBR_TBBR_IMG_DEF_EXP_H */
diff --git a/include/lib/cpus/aarch64/cortex_a77.h b/include/lib/cpus/aarch64/cortex_a77.h
index 4a87168..63f155f 100644
--- a/include/lib/cpus/aarch64/cortex_a77.h
+++ b/include/lib/cpus/aarch64/cortex_a77.h
@@ -32,6 +32,7 @@
******************************************************************************/
#define CORTEX_A77_ACTLR2_EL1 S3_0_C15_C1_1
#define CORTEX_A77_ACTLR2_EL1_BIT_2 (ULL(1) << 2)
+#define CORTEX_A77_ACTLR2_EL1_BIT_0 ULL(1)
#define CORTEX_A77_CPUPSELR_EL3 S3_6_C15_C8_0
#define CORTEX_A77_CPUPCR_EL3 S3_6_C15_C8_1
diff --git a/include/lib/cpus/aarch64/neoverse_v1.h b/include/lib/cpus/aarch64/neoverse_v1.h
index a904c04..181be1d 100644
--- a/include/lib/cpus/aarch64/neoverse_v1.h
+++ b/include/lib/cpus/aarch64/neoverse_v1.h
@@ -32,7 +32,9 @@
* CPU Auxiliary Control register specific definitions.
******************************************************************************/
#define NEOVERSE_V1_ACTLR2_EL1 S3_0_C15_C1_1
+#define NEOVERSE_V1_ACTLR2_EL1_BIT_0 ULL(1)
#define NEOVERSE_V1_ACTLR2_EL1_BIT_2 (ULL(1) << 2)
#define NEOVERSE_V1_ACTLR2_EL1_BIT_28 (ULL(1) << 28)
+#define NEOVERSE_V1_ACTLR2_EL1_BIT_40 (ULL(1) << 40)
#endif /* NEOVERSE_V1_H */
diff --git a/include/lib/el3_runtime/aarch64/context.h b/include/lib/el3_runtime/aarch64/context.h
index 3a09383..6c13166 100644
--- a/include/lib/el3_runtime/aarch64/context.h
+++ b/include/lib/el3_runtime/aarch64/context.h
@@ -509,9 +509,53 @@
void el1_sysregs_context_restore(el1_sysregs_t *regs);
#if CTX_INCLUDE_EL2_REGS
-void el2_sysregs_context_save(el2_sysregs_t *regs);
-void el2_sysregs_context_restore(el2_sysregs_t *regs);
-#endif
+void el2_sysregs_context_save_common(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_common(el2_sysregs_t *regs);
+#if ENABLE_SPE_FOR_LOWER_ELS
+void el2_sysregs_context_save_spe(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_spe(el2_sysregs_t *regs);
+#endif /* ENABLE_SPE_FOR_LOWER_ELS */
+#if CTX_INCLUDE_MTE_REGS
+void el2_sysregs_context_save_mte(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_mte(el2_sysregs_t *regs);
+#endif /* CTX_INCLUDE_MTE_REGS */
+#if ENABLE_MPAM_FOR_LOWER_ELS
+void el2_sysregs_context_save_mpam(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_mpam(el2_sysregs_t *regs);
+#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
+#if ENABLE_FEAT_FGT
+void el2_sysregs_context_save_fgt(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_fgt(el2_sysregs_t *regs);
+#endif /* ENABLE_FEAT_FGT */
+#if ENABLE_FEAT_ECV
+void el2_sysregs_context_save_ecv(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_ecv(el2_sysregs_t *regs);
+#endif /* ENABLE_FEAT_ECV */
+#if ENABLE_FEAT_VHE
+void el2_sysregs_context_save_vhe(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_vhe(el2_sysregs_t *regs);
+#endif /* ENABLE_FEAT_VHE */
+#if RAS_EXTENSION
+void el2_sysregs_context_save_ras(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_ras(el2_sysregs_t *regs);
+#endif /* RAS_EXTENSION */
+#if CTX_INCLUDE_NEVE_REGS
+void el2_sysregs_context_save_nv2(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_nv2(el2_sysregs_t *regs);
+#endif /* CTX_INCLUDE_NEVE_REGS */
+#if ENABLE_TRF_FOR_NS
+void el2_sysregs_context_save_trf(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_trf(el2_sysregs_t *regs);
+#endif /* ENABLE_TRF_FOR_NS */
+#if ENABLE_FEAT_CSV2_2
+void el2_sysregs_context_save_csv2(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_csv2(el2_sysregs_t *regs);
+#endif /* ENABLE_FEAT_CSV2_2 */
+#if ENABLE_FEAT_HCX
+void el2_sysregs_context_save_hcx(el2_sysregs_t *regs);
+void el2_sysregs_context_restore_hcx(el2_sysregs_t *regs);
+#endif /* ENABLE_FEAT_HCX */
+#endif /* CTX_INCLUDE_EL2_REGS */
#if CTX_INCLUDE_FPREGS
void fpregs_context_save(fp_regs_t *regs);
diff --git a/include/plat/arm/common/arm_def.h b/include/plat/arm/common/arm_def.h
index a8211bd..caab14e 100644
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -520,9 +520,20 @@
* BL2 specific defines.
******************************************************************************/
#if BL2_AT_EL3
+#if ENABLE_PIE
+/*
+ * As the BL31 image size appears to be increased when built with the ENABLE_PIE
+ * option, set BL2 base address to have enough space for BL31 in Trusted SRAM.
+ */
+#define BL2_BASE (ARM_TRUSTED_SRAM_BASE + \
+ (PLAT_ARM_TRUSTED_SRAM_SIZE >> 1) + \
+ 0x3000)
+#else
/* Put BL2 towards the middle of the Trusted SRAM */
#define BL2_BASE (ARM_TRUSTED_SRAM_BASE + \
- (PLAT_ARM_TRUSTED_SRAM_SIZE >> 1) + 0x2000)
+ (PLAT_ARM_TRUSTED_SRAM_SIZE >> 1) + \
+ 0x2000)
+#endif /* ENABLE_PIE */
#define BL2_LIMIT (ARM_BL_RAM_BASE + ARM_BL_RAM_SIZE)
#else
diff --git a/include/services/rmmd_svc.h b/include/services/rmmd_svc.h
index 2fbdddd..156d89c 100644
--- a/include/services/rmmd_svc.h
+++ b/include/services/rmmd_svc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,17 +10,18 @@
#include <lib/smccc.h>
#include <lib/utils_def.h>
-/* Construct RMM fastcall std FID from function number */
-#define RMM_FID(smc_cc, func_num) \
- ((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
- ((smc_cc) << FUNCID_CC_SHIFT) | \
- (OEN_STD_START << FUNCID_OEN_SHIFT) | \
- ((func_num) << FUNCID_NUM_SHIFT))
-
-/* The macros below are used to identify RMI calls from the SMC function ID */
+/* STD calls FNUM Min/Max ranges */
#define RMI_FNUM_MIN_VALUE U(0x150)
#define RMI_FNUM_MAX_VALUE U(0x18F)
+/* Construct RMI fastcall std FID from offset */
+#define SMC64_RMI_FID(_offset) \
+ ((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
+ (SMC_64 << FUNCID_CC_SHIFT) | \
+ (OEN_STD_START << FUNCID_OEN_SHIFT) | \
+ (((RMI_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK) \
+ << FUNCID_NUM_SHIFT))
+
#define is_rmi_fid(fid) __extension__ ({ \
__typeof__(fid) _fid = (fid); \
((GET_SMC_NUM(_fid) >= RMI_FNUM_MIN_VALUE) && \
@@ -31,13 +32,13 @@
((_fid & 0x00FE0000) == 0U)); })
/*
- * RMI_FNUM_REQ_COMPLETE is the only function in the RMI rnage that originates
+ * RMI_FNUM_REQ_COMPLETE is the only function in the RMI range that originates
* from the Realm world and is handled by the RMMD. The RMI functions are
* always invoked by the Normal world, forwarded by RMMD and handled by the
- * RMM
+ * RMM.
*/
-#define RMI_FNUM_REQ_COMPLETE U(0x18F)
-#define RMMD_RMI_REQ_COMPLETE RMM_FID(SMC_64, RMI_FNUM_REQ_COMPLETE)
+ /* 0x18F */
+#define RMMD_RMI_REQ_COMPLETE SMC64_RMI_FID(U(0x3F))
/* The SMC in the range 0x8400 0190 - 0x8400 01AF are reserved for RSIs.*/
@@ -50,6 +51,14 @@
#define RMMD_EL3_FNUM_MIN_VALUE U(0x1B0)
#define RMMD_EL3_FNUM_MAX_VALUE U(0x1CF)
+/* Construct RMM_EL3 fastcall std FID from offset */
+#define SMC64_RMMD_EL3_FID(_offset) \
+ ((SMC_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
+ (SMC_64 << FUNCID_CC_SHIFT) | \
+ (OEN_STD_START << FUNCID_OEN_SHIFT) | \
+ (((RMMD_EL3_FNUM_MIN_VALUE + (_offset)) & FUNCID_NUM_MASK) \
+ << FUNCID_NUM_SHIFT))
+
/* The macros below are used to identify GTSI calls from the SMC function ID */
#define is_rmmd_el3_fid(fid) __extension__ ({ \
__typeof__(fid) _fid = (fid); \
@@ -60,14 +69,9 @@
(GET_SMC_OEN(_fid) == OEN_STD_START) && \
((_fid & 0x00FE0000) == 0U)); })
-/* RMMD Service Function NUmbers */
-#define GTSI_DELEGATE U(0x1B0)
-#define GTSI_UNDELEGATE U(0x1B1)
-#define ATTEST_GET_REALM_KEY U(0x1B2)
-#define ATTEST_GET_PLAT_TOKEN U(0x1B3)
-
-#define RMMD_GTSI_DELEGATE RMM_FID(SMC_64, GTSI_DELEGATE)
-#define RMMD_GTSI_UNDELEGATE RMM_FID(SMC_64, GTSI_UNDELEGATE)
+ /* 0x1B0 - 0x1B1 */
+#define RMMD_GTSI_DELEGATE SMC64_RMMD_EL3_FID(U(0))
+#define RMMD_GTSI_UNDELEGATE SMC64_RMMD_EL3_FID(U(1))
/* Return error codes from RMM-EL3 SMCs */
#define RMMD_OK 0
@@ -77,21 +81,6 @@
#define RMMD_ERR_INVAL -5
#define RMMD_ERR_UNK -6
-/*
- * Retrieve Platform token from EL3.
- * The arguments to this SMC are :
- * arg0 - Function ID.
- * arg1 - Platform attestation token buffer Physical address. (The challenge
- * object is passed in this buffer.)
- * arg2 - Platform attestation token buffer size (in bytes).
- * arg3 - Challenge object size (in bytes). It has be one of the defined SHA hash
- * sizes.
- * The return arguments are :
- * ret0 - Status / error.
- * ret1 - Size of the platform token if successful.
- */
-#define RMMD_ATTEST_GET_PLAT_TOKEN RMM_FID(SMC_64, ATTEST_GET_PLAT_TOKEN)
-
/* Acceptable SHA sizes for Challenge object */
#define SHA256_DIGEST_SIZE 32U
#define SHA384_DIGEST_SIZE 48U
@@ -110,7 +99,24 @@
* ret0 - Status / error.
* ret1 - Size of the realm attestation key if successful.
*/
-#define RMMD_ATTEST_GET_REALM_KEY RMM_FID(SMC_64, ATTEST_GET_REALM_KEY)
+ /* 0x1B2 */
+#define RMMD_ATTEST_GET_REALM_KEY SMC64_RMMD_EL3_FID(U(2))
+
+/*
+ * Retrieve Platform token from EL3.
+ * The arguments to this SMC are :
+ * arg0 - Function ID.
+ * arg1 - Platform attestation token buffer Physical address. (The challenge
+ * object is passed in this buffer.)
+ * arg2 - Platform attestation token buffer size (in bytes).
+ * arg3 - Challenge object size (in bytes). It has to be one of the defined
+ * SHA hash sizes.
+ * The return arguments are :
+ * ret0 - Status / error.
+ * ret1 - Size of the platform token if successful.
+ */
+ /* 0x1B3 */
+#define RMMD_ATTEST_GET_PLAT_TOKEN SMC64_RMMD_EL3_FID(U(3))
/* ECC Curve types for attest key generation */
#define ATTEST_KEY_CURVE_ECC_SECP384R1 0
diff --git a/include/tools_share/cca_oid.h b/include/tools_share/cca_oid.h
new file mode 100644
index 0000000..e586b8c
--- /dev/null
+++ b/include/tools_share/cca_oid.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CCA_OID_H
+#define CCA_OID_H
+
+/* Reuse the Object IDs defined by TBBR for certificate extensions. */
+#include "tbbr_oid.h"
+
+/*
+ * Assign arbitrary Object ID values that do not conflict with any of the
+ * TBBR reserved OIDs.
+ */
+/* Platform root-of-trust public key */
+#define PROT_PK_OID "1.3.6.1.4.1.4128.2100.1102"
+/* Secure World root-of-trust public key */
+#define SWD_ROT_PK_OID "1.3.6.1.4.1.4128.2100.1103"
+/* Core Secure World public key */
+#define CORE_SWD_PK_OID "1.3.6.1.4.1.4128.2100.1104"
+/* Platform public key */
+#define PLAT_PK_OID "1.3.6.1.4.1.4128.2100.1105"
+/* Realm Monitor Manager (RMM) Hash */
+#define RMM_HASH_OID "1.3.6.1.4.1.4128.2100.1106"
+
+#endif /* CCA_OID_H */
diff --git a/include/tools_share/firmware_image_package.h b/include/tools_share/firmware_image_package.h
index bd5b14b..b73eec7 100644
--- a/include/tools_share/firmware_image_package.h
+++ b/include/tools_share/firmware_image_package.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,6 +24,12 @@
{{0x4f, 0x51, 0x1d, 0x11}, {0x2b, 0xe5}, {0x4e, 0x49}, 0xb4, 0xc5, {0x83, 0xc2, 0xf7, 0x15, 0x84, 0x0a} }
#define UUID_TRUSTED_FWU_CERT \
{{0x71, 0x40, 0x8a, 0xb2}, {0x18, 0xd6}, {0x87, 0x4c}, 0x8b, 0x2e, {0xc6, 0xdc, 0xcd, 0x50, 0xf0, 0x96} }
+#define UUID_CCA_CONTENT_CERT \
+ {{0x36, 0xd8, 0x3d, 0x85}, {0x76, 0x1d}, {0x4d, 0xaf}, 0x96, 0xf1, {0xcd, 0x99, 0xd6, 0x56, 0x9b, 0x00} }
+#define UUID_CORE_SWD_KEY_CERT \
+ {{0x52, 0x22, 0x2d, 0x31}, {0x82, 0x0f}, {0x49, 0x4d}, 0x8b, 0xbc, {0xea, 0x68, 0x25, 0xd3, 0xc3, 0x5a} }
+#define UUID_PLAT_KEY_CERT \
+ {{0xd4, 0x3c, 0xd9, 0x02}, {0x5b, 0x9f}, {0x41, 0x2e}, 0x8a, 0xc6, {0x92, 0xb6, 0xd1, 0x8b, 0xe6, 0x0d} }
#define UUID_TRUSTED_BOOT_FIRMWARE_BL2 \
{{0x5f, 0xf9, 0xec, 0x0b}, {0x4d, 0x22}, {0x3e, 0x4d}, 0xa5, 0x44, {0xc3, 0x9d, 0x81, 0xc7, 0x3f, 0x0a} }
#define UUID_SCP_FIRMWARE_SCP_BL2 \
diff --git a/lib/cpus/aarch64/cortex_a77.S b/lib/cpus/aarch64/cortex_a77.S
index e7365e2..aa66e94 100644
--- a/lib/cpus/aarch64/cortex_a77.S
+++ b/lib/cpus/aarch64/cortex_a77.S
@@ -199,6 +199,34 @@
b cpu_rev_var_ls
endfunc check_errata_1791578
+ /* --------------------------------------------------
+ * Errata Workaround for Cortex A77 Errata #2356587.
+ * This applies to revisions r0p0, r1p0, and r1p1 and is still open.
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * --------------------------------------------------
+ */
+func errata_a77_2356587_wa
+ /* Check workaround compatibility. */
+ mov x17, x30
+ bl check_errata_2356587
+ cbz x0, 1f
+
+ /* Set bit 0 in ACTLR2_EL1 */
+ mrs x1, CORTEX_A77_ACTLR2_EL1
+ orr x1, x1, #CORTEX_A77_ACTLR2_EL1_BIT_0
+ msr CORTEX_A77_ACTLR2_EL1, x1
+ isb
+1:
+ ret x17
+endfunc errata_a77_2356587_wa
+
+func check_errata_2356587
+ /* Applies to r0p0, r1p0, and r1p1 right now */
+ mov x1, #0x11
+ b cpu_rev_var_ls
+endfunc check_errata_2356587
+
func check_errata_cve_2022_23960
#if WORKAROUND_CVE_2022_23960
mov x0, #ERRATA_APPLIES
@@ -238,6 +266,11 @@
bl errata_a77_1791578_wa
#endif
+#if ERRATA_A77_2356587
+ mov x0, x18
+ bl errata_a77_2356587_wa
+#endif
+
#if IMAGE_BL31 && WORKAROUND_CVE_2022_23960
/*
* The Cortex-A77 generic vectors are overridden to apply errata
@@ -285,6 +318,7 @@
report_errata ERRATA_A77_1925769, cortex_a77, 1925769
report_errata ERRATA_A77_1946167, cortex_a77, 1946167
report_errata ERRATA_A77_1791578, cortex_a77, 1791578
+ report_errata ERRATA_A77_2356587, cortex_a77, 2356587
report_errata WORKAROUND_CVE_2022_23960, cortex_a77, cve_2022_23960
ldp x8, x30, [sp], #16
diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S
index 6adb3a8..378cb92 100644
--- a/lib/cpus/aarch64/neoverse_v1.S
+++ b/lib/cpus/aarch64/neoverse_v1.S
@@ -330,6 +330,62 @@
b cpu_rev_var_range
endfunc check_errata_2216392
+ /* -----------------------------------------------------------------
+ * Errata Workaround for Neoverse V1 Errata #2294912.
+ * This applies to revisions r0p0, r1p0, and r1p1 and is still open.
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * -----------------------------------------------------------------
+ */
+func errata_neoverse_v1_2294912_wa
+ /* Check workaround compatibility. */
+ mov x17, x30
+ bl check_errata_2294912
+ cbz x0, 1f
+
+ /* Set bit 0 in ACTLR2_EL1 */
+ mrs x1, NEOVERSE_V1_ACTLR2_EL1
+ orr x1, x1, #NEOVERSE_V1_ACTLR2_EL1_BIT_0
+ msr NEOVERSE_V1_ACTLR2_EL1, x1
+ isb
+1:
+ ret x17
+endfunc errata_neoverse_v1_2294912_wa
+
+func check_errata_2294912
+ /* Applies to r0p0, r1p0, and r1p1 right now */
+ mov x1, #0x11
+ b cpu_rev_var_ls
+endfunc check_errata_2294912
+
+ /* ---------------------------------------------------
+ * Errata Workaround for Neoverse V1 Errata #2372203.
+ * This applies to revisions <= r1p1 and is still open.
+ * x0: variant[4:7] and revision[0:3] of current cpu.
+ * Shall clobber: x0-x17
+ * ----------------------------------------------------
+ */
+func errata_neoverse_v1_2372203_wa
+ /* Check workaround compatibility. */
+ mov x17, x30
+ bl check_errata_2372203
+ cbz x0, 1f
+
+ /* Set bit 40 in ACTLR2_EL1 */
+ mrs x1, NEOVERSE_V1_ACTLR2_EL1
+ orr x1, x1, #NEOVERSE_V1_ACTLR2_EL1_BIT_40
+ msr NEOVERSE_V1_ACTLR2_EL1, x1
+ isb
+1:
+ ret x17
+endfunc errata_neoverse_v1_2372203_wa
+
+func check_errata_2372203
+ /* Applies to <= r1p1. */
+ mov x1, #0x11
+ b cpu_rev_var_ls
+endfunc check_errata_2372203
+
func check_errata_cve_2022_23960
#if WORKAROUND_CVE_2022_23960
mov x0, #ERRATA_APPLIES
@@ -378,6 +434,8 @@
report_errata ERRATA_V1_2139242, neoverse_v1, 2139242
report_errata ERRATA_V1_2108267, neoverse_v1, 2108267
report_errata ERRATA_V1_2216392, neoverse_v1, 2216392
+ report_errata ERRATA_V1_2294912, neoverse_v1, 2294912
+ report_errata ERRATA_V1_2372203, neoverse_v1, 2372203
report_errata WORKAROUND_CVE_2022_23960, neoverse_v1, cve_2022_23960
ldp x8, x30, [sp], #16
@@ -437,6 +495,16 @@
bl errata_neoverse_v1_2216392_wa
#endif
+#if ERRATA_V1_2294912
+ mov x0, x18
+ bl errata_neoverse_v1_2294912_wa
+#endif
+
+#if ERRATA_V1_2372203
+ mov x0, x18
+ bl errata_neoverse_v1_2372203_wa
+#endif
+
#if IMAGE_BL31 && WORKAROUND_CVE_2022_23960
/*
* The Neoverse-V1 generic vectors are overridden to apply errata
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index e14bb24..6d49dab 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -303,6 +303,10 @@
# to revisions r0p0, r1p0, and r1p1, it is still open.
ERRATA_A77_1791578 ?=0
+# Flag to apply erratum 2356587 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0, and r1p1, it is still open.
+ERRATA_A77_2356587 ?=0
+
# Flag to apply erratum 1688305 workaround during reset. This erratum applies
# to revisions r0p0 - r1p0 of the A78 cpu.
ERRATA_A78_1688305 ?=0
@@ -468,6 +472,14 @@
# issue exists in r0p0 as well but there is no workaround for that revision.
ERRATA_V1_2216392 ?=0
+# Flag to apply erratum 2294912 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0, and r1p1 of the Neoverse V1 cpu and is still open.
+ERRATA_V1_2294912 ?=0
+
+# Flag to apply erratum 2372203 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0 and r1p1 of the Neoverse V1 cpu and is still open.
+ERRATA_V1_2372203 ?=0
+
# Flag to apply erratum 1987031 workaround during reset. This erratum applies
# to revisions r0p0, r1p0 and r2p0 of the Cortex-A710 cpu and is still open.
ERRATA_A710_1987031 ?=0
@@ -843,6 +855,10 @@
$(eval $(call assert_boolean,ERRATA_A77_1791578))
$(eval $(call add_define,ERRATA_A77_1791578))
+# Process ERRATA_A77_2356587 flag
+$(eval $(call assert_boolean,ERRATA_A77_2356587))
+$(eval $(call add_define,ERRATA_A77_2356587))
+
# Process ERRATA_A78_1688305 flag
$(eval $(call assert_boolean,ERRATA_A78_1688305))
$(eval $(call add_define,ERRATA_A78_1688305))
@@ -1003,6 +1019,14 @@
$(eval $(call assert_boolean,ERRATA_V1_2216392))
$(eval $(call add_define,ERRATA_V1_2216392))
+# Process ERRATA_V1_2294912 flag
+$(eval $(call assert_boolean,ERRATA_V1_2294912))
+$(eval $(call add_define,ERRATA_V1_2294912))
+
+# Process ERRATA_V1_2372203 flag
+$(eval $(call assert_boolean,ERRATA_V1_2372203))
+$(eval $(call add_define,ERRATA_V1_2372203))
+
# Process ERRATA_A710_1987031 flag
$(eval $(call assert_boolean,ERRATA_A710_1987031))
$(eval $(call add_define,ERRATA_A710_1987031))
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index 69acc2f..acfef80 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -11,8 +11,52 @@
#include <el3_common_macros.S>
#if CTX_INCLUDE_EL2_REGS
- .global el2_sysregs_context_save
- .global el2_sysregs_context_restore
+ .global el2_sysregs_context_save_common
+ .global el2_sysregs_context_restore_common
+#if ENABLE_SPE_FOR_LOWER_ELS
+ .global el2_sysregs_context_save_spe
+ .global el2_sysregs_context_restore_spe
+#endif /* ENABLE_SPE_FOR_LOWER_ELS */
+#if CTX_INCLUDE_MTE_REGS
+ .global el2_sysregs_context_save_mte
+ .global el2_sysregs_context_restore_mte
+#endif /* CTX_INCLUDE_MTE_REGS */
+#if ENABLE_MPAM_FOR_LOWER_ELS
+ .global el2_sysregs_context_save_mpam
+ .global el2_sysregs_context_restore_mpam
+#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
+#if ENABLE_FEAT_FGT
+ .global el2_sysregs_context_save_fgt
+ .global el2_sysregs_context_restore_fgt
+#endif /* ENABLE_FEAT_FGT */
+#if ENABLE_FEAT_ECV
+ .global el2_sysregs_context_save_ecv
+ .global el2_sysregs_context_restore_ecv
+#endif /* ENABLE_FEAT_ECV */
+#if ENABLE_FEAT_VHE
+ .global el2_sysregs_context_save_vhe
+ .global el2_sysregs_context_restore_vhe
+#endif /* ENABLE_FEAT_VHE */
+#if RAS_EXTENSION
+ .global el2_sysregs_context_save_ras
+ .global el2_sysregs_context_restore_ras
+#endif /* RAS_EXTENSION */
+#if CTX_INCLUDE_NEVE_REGS
+ .global el2_sysregs_context_save_nv2
+ .global el2_sysregs_context_restore_nv2
+#endif /* CTX_INCLUDE_NEVE_REGS */
+#if ENABLE_TRF_FOR_NS
+ .global el2_sysregs_context_save_trf
+ .global el2_sysregs_context_restore_trf
+#endif /* ENABLE_TRF_FOR_NS */
+#if ENABLE_FEAT_CSV2_2
+ .global el2_sysregs_context_save_csv2
+ .global el2_sysregs_context_restore_csv2
+#endif /* ENABLE_FEAT_CSV2_2 */
+#if ENABLE_FEAT_HCX
+ .global el2_sysregs_context_save_hcx
+ .global el2_sysregs_context_restore_hcx
+#endif /* ENABLE_FEAT_HCX */
#endif /* CTX_INCLUDE_EL2_REGS */
.global el1_sysregs_context_save
@@ -29,11 +73,16 @@
#if CTX_INCLUDE_EL2_REGS
/* -----------------------------------------------------
- * The following function strictly follows the AArch64
+ * The following functions strictly follow the AArch64
* PCS to use x9-x16 (temporary caller-saved registers)
- * to save EL2 system register context. It assumes that
- * 'x0' is pointing to a 'el2_sys_regs' structure where
- * the register context will be saved.
+ * to save/restore EL2 system register context.
+ * el2_sysregs_context_save/restore_common functions
+ * save and restore registers that are common to all
+ * configurations. The rest of the functions save and
+ * restore EL2 system registers that are present when a
+ * particular feature is enabled. All functions assume
+ * that 'x0' is pointing to a 'el2_sys_regs' structure
+ * where the register context will be saved/restored.
*
* The following registers are not added.
* AMEVCNTVOFF0<n>_EL2
@@ -43,7 +92,7 @@
* ICH_LR<n>_EL2
* -----------------------------------------------------
*/
-func el2_sysregs_context_save
+func el2_sysregs_context_save_common
mrs x9, actlr_el2
mrs x10, afsr0_el2
stp x9, x10, [x0, #CTX_ACTLR_EL2]
@@ -88,11 +137,6 @@
mrs x12, mdcr_el2
stp x11, x12, [x0, #CTX_MAIR_EL2]
-#if ENABLE_SPE_FOR_LOWER_ELS
- mrs x13, PMSCR_EL2
- str x13, [x0, #CTX_PMSCR_EL2]
-#endif /* ENABLE_SPE_FOR_LOWER_ELS */
-
mrs x14, sctlr_el2
str x14, [x0, #CTX_SCTLR_EL2]
@@ -115,128 +159,10 @@
mrs x15, vtcr_el2
mrs x16, vttbr_el2
stp x15, x16, [x0, #CTX_VTCR_EL2]
-
-#if CTX_INCLUDE_MTE_REGS
- mrs x9, TFSR_EL2
- str x9, [x0, #CTX_TFSR_EL2]
-#endif /* CTX_INCLUDE_MTE_REGS */
-
-#if ENABLE_MPAM_FOR_LOWER_ELS
- mrs x10, MPAM2_EL2
- str x10, [x0, #CTX_MPAM2_EL2]
-
- mrs x11, MPAMHCR_EL2
- mrs x12, MPAMVPM0_EL2
- stp x11, x12, [x0, #CTX_MPAMHCR_EL2]
-
- mrs x13, MPAMVPM1_EL2
- mrs x14, MPAMVPM2_EL2
- stp x13, x14, [x0, #CTX_MPAMVPM1_EL2]
-
- mrs x15, MPAMVPM3_EL2
- mrs x16, MPAMVPM4_EL2
- stp x15, x16, [x0, #CTX_MPAMVPM3_EL2]
-
- mrs x9, MPAMVPM5_EL2
- mrs x10, MPAMVPM6_EL2
- stp x9, x10, [x0, #CTX_MPAMVPM5_EL2]
-
- mrs x11, MPAMVPM7_EL2
- mrs x12, MPAMVPMV_EL2
- stp x11, x12, [x0, #CTX_MPAMVPM7_EL2]
-#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
-
-#if ENABLE_FEAT_FGT
- mrs x13, HDFGRTR_EL2
-#if ENABLE_FEAT_AMUv1
- mrs x14, HAFGRTR_EL2
- stp x13, x14, [x0, #CTX_HDFGRTR_EL2]
-#else
- str x13, [x0, #CTX_HDFGRTR_EL2]
-#endif /* ENABLE_FEAT_AMUv1 */
- mrs x15, HDFGWTR_EL2
- mrs x16, HFGITR_EL2
- stp x15, x16, [x0, #CTX_HDFGWTR_EL2]
-
- mrs x9, HFGRTR_EL2
- mrs x10, HFGWTR_EL2
- stp x9, x10, [x0, #CTX_HFGRTR_EL2]
-#endif /* ENABLE_FEAT_FGT */
-
-#if ENABLE_FEAT_ECV
- mrs x11, CNTPOFF_EL2
- str x11, [x0, #CTX_CNTPOFF_EL2]
-#endif /* ENABLE_FEAT_ECV */
-
-#if ENABLE_FEAT_VHE
- /*
- * CONTEXTIDR_EL2 register is saved only when FEAT_VHE or
- * FEAT_Debugv8p2 (currently not in TF-A) is supported.
- */
- mrs x9, contextidr_el2
- mrs x10, ttbr1_el2
- stp x9, x10, [x0, #CTX_CONTEXTIDR_EL2]
-#endif /* ENABLE_FEAT_VHE */
-
-#if RAS_EXTENSION
- /*
- * VDISR_EL2 and VSESR_EL2 registers are saved only when
- * FEAT_RAS is supported.
- */
- mrs x11, vdisr_el2
- mrs x12, vsesr_el2
- stp x11, x12, [x0, #CTX_VDISR_EL2]
-#endif /* RAS_EXTENSION */
-
-#if CTX_INCLUDE_NEVE_REGS
- /*
- * VNCR_EL2 register is saved only when FEAT_NV2 is supported.
- */
- mrs x16, vncr_el2
- str x16, [x0, #CTX_VNCR_EL2]
-#endif /* CTX_INCLUDE_NEVE_REGS */
-
-#if ENABLE_TRF_FOR_NS
- /*
- * TRFCR_EL2 register is saved only when FEAT_TRF is supported.
- */
- mrs x12, TRFCR_EL2
- str x12, [x0, #CTX_TRFCR_EL2]
-#endif /* ENABLE_TRF_FOR_NS */
-
-#if ENABLE_FEAT_CSV2_2
- /*
- * SCXTNUM_EL2 register is saved only when FEAT_CSV2_2 is supported.
- */
- mrs x13, scxtnum_el2
- str x13, [x0, #CTX_SCXTNUM_EL2]
-#endif /* ENABLE_FEAT_CSV2_2 */
-
-#if ENABLE_FEAT_HCX
- mrs x14, hcrx_el2
- str x14, [x0, #CTX_HCRX_EL2]
-#endif /* ENABLE_FEAT_HCX */
-
ret
-endfunc el2_sysregs_context_save
+endfunc el2_sysregs_context_save_common
-
-/* -----------------------------------------------------
- * The following function strictly follows the AArch64
- * PCS to use x9-x16 (temporary caller-saved registers)
- * to restore EL2 system register context. It assumes
- * that 'x0' is pointing to a 'el2_sys_regs' structure
- * from where the register context will be restored
-
- * The following registers are not restored
- * AMEVCNTVOFF0<n>_EL2
- * AMEVCNTVOFF1<n>_EL2
- * ICH_AP0R<n>_EL2
- * ICH_AP1R<n>_EL2
- * ICH_LR<n>_EL2
- * -----------------------------------------------------
- */
-func el2_sysregs_context_restore
+func el2_sysregs_context_restore_common
ldp x9, x10, [x0, #CTX_ACTLR_EL2]
msr actlr_el2, x9
msr afsr0_el2, x10
@@ -281,11 +207,6 @@
msr mair_el2, x11
msr mdcr_el2, x12
-#if ENABLE_SPE_FOR_LOWER_ELS
- ldr x13, [x0, #CTX_PMSCR_EL2]
- msr PMSCR_EL2, x13
-#endif /* ENABLE_SPE_FOR_LOWER_ELS */
-
ldr x14, [x0, #CTX_SCTLR_EL2]
msr sctlr_el2, x14
@@ -308,13 +229,65 @@
ldp x15, x16, [x0, #CTX_VTCR_EL2]
msr vtcr_el2, x15
msr vttbr_el2, x16
+ ret
+endfunc el2_sysregs_context_restore_common
+
+#if ENABLE_SPE_FOR_LOWER_ELS
+func el2_sysregs_context_save_spe
+ mrs x13, PMSCR_EL2
+ str x13, [x0, #CTX_PMSCR_EL2]
+ ret
+endfunc el2_sysregs_context_save_spe
+
+func el2_sysregs_context_restore_spe
+ ldr x13, [x0, #CTX_PMSCR_EL2]
+ msr PMSCR_EL2, x13
+ ret
+endfunc el2_sysregs_context_restore_spe
+#endif /* ENABLE_SPE_FOR_LOWER_ELS */
#if CTX_INCLUDE_MTE_REGS
+func el2_sysregs_context_save_mte
+ mrs x9, TFSR_EL2
+ str x9, [x0, #CTX_TFSR_EL2]
+ ret
+endfunc el2_sysregs_context_save_mte
+
+func el2_sysregs_context_restore_mte
ldr x9, [x0, #CTX_TFSR_EL2]
msr TFSR_EL2, x9
+ ret
+endfunc el2_sysregs_context_restore_mte
#endif /* CTX_INCLUDE_MTE_REGS */
#if ENABLE_MPAM_FOR_LOWER_ELS
+func el2_sysregs_context_save_mpam
+ mrs x10, MPAM2_EL2
+ str x10, [x0, #CTX_MPAM2_EL2]
+
+ mrs x11, MPAMHCR_EL2
+ mrs x12, MPAMVPM0_EL2
+ stp x11, x12, [x0, #CTX_MPAMHCR_EL2]
+
+ mrs x13, MPAMVPM1_EL2
+ mrs x14, MPAMVPM2_EL2
+ stp x13, x14, [x0, #CTX_MPAMVPM1_EL2]
+
+ mrs x15, MPAMVPM3_EL2
+ mrs x16, MPAMVPM4_EL2
+ stp x15, x16, [x0, #CTX_MPAMVPM3_EL2]
+
+ mrs x9, MPAMVPM5_EL2
+ mrs x10, MPAMVPM6_EL2
+ stp x9, x10, [x0, #CTX_MPAMVPM5_EL2]
+
+ mrs x11, MPAMVPM7_EL2
+ mrs x12, MPAMVPMV_EL2
+ stp x11, x12, [x0, #CTX_MPAMVPM7_EL2]
+ ret
+endfunc func el2_sysregs_context_save_mpam
+
+func el2_sysregs_context_restore_mpam
ldr x10, [x0, #CTX_MPAM2_EL2]
msr MPAM2_EL2, x10
@@ -337,10 +310,31 @@
ldp x11, x12, [x0, #CTX_MPAMVPM7_EL2]
msr MPAMVPM7_EL2, x11
msr MPAMVPMV_EL2, x12
+ ret
+endfunc el2_sysregs_context_restore_mpam
#endif /* ENABLE_MPAM_FOR_LOWER_ELS */
#if ENABLE_FEAT_FGT
+func el2_sysregs_context_save_fgt
+ mrs x13, HDFGRTR_EL2
#if ENABLE_FEAT_AMUv1
+ mrs x14, HAFGRTR_EL2
+ stp x13, x14, [x0, #CTX_HDFGRTR_EL2]
+#else
+ str x13, [x0, #CTX_HDFGRTR_EL2]
+#endif /* ENABLE_FEAT_AMUv1 */
+ mrs x15, HDFGWTR_EL2
+ mrs x16, HFGITR_EL2
+ stp x15, x16, [x0, #CTX_HDFGWTR_EL2]
+
+ mrs x9, HFGRTR_EL2
+ mrs x10, HFGWTR_EL2
+ stp x9, x10, [x0, #CTX_HFGRTR_EL2]
+ ret
+endfunc el2_sysregs_context_save_fgt
+
+func el2_sysregs_context_restore_fgt
+ #if ENABLE_FEAT_AMUv1
ldp x13, x14, [x0, #CTX_HDFGRTR_EL2]
msr HAFGRTR_EL2, x14
#else
@@ -355,14 +349,37 @@
ldp x9, x10, [x0, #CTX_HFGRTR_EL2]
msr HFGRTR_EL2, x9
msr HFGWTR_EL2, x10
+ ret
+endfunc el2_sysregs_context_restore_fgt
#endif /* ENABLE_FEAT_FGT */
#if ENABLE_FEAT_ECV
+func el2_sysregs_context_save_ecv
+ mrs x11, CNTPOFF_EL2
+ str x11, [x0, #CTX_CNTPOFF_EL2]
+ ret
+endfunc el2_sysregs_context_save_ecv
+
+func el2_sysregs_context_restore_ecv
ldr x11, [x0, #CTX_CNTPOFF_EL2]
msr CNTPOFF_EL2, x11
+ ret
+endfunc el2_sysregs_context_restore_ecv
#endif /* ENABLE_FEAT_ECV */
#if ENABLE_FEAT_VHE
+func el2_sysregs_context_save_vhe
+ /*
+ * CONTEXTIDR_EL2 register is saved only when FEAT_VHE or
+ * FEAT_Debugv8p2 (currently not in TF-A) is supported.
+ */
+ mrs x9, contextidr_el2
+ mrs x10, ttbr1_el2
+ stp x9, x10, [x0, #CTX_CONTEXTIDR_EL2]
+ ret
+endfunc el2_sysregs_context_save_vhe
+
+func el2_sysregs_context_restore_vhe
/*
* CONTEXTIDR_EL2 register is restored only when FEAT_VHE or
* FEAT_Debugv8p2 (currently not in TF-A) is supported.
@@ -370,9 +387,23 @@
ldp x9, x10, [x0, #CTX_CONTEXTIDR_EL2]
msr contextidr_el2, x9
msr ttbr1_el2, x10
+ ret
+endfunc el2_sysregs_context_restore_vhe
#endif /* ENABLE_FEAT_VHE */
#if RAS_EXTENSION
+func el2_sysregs_context_save_ras
+ /*
+ * VDISR_EL2 and VSESR_EL2 registers are saved only when
+ * FEAT_RAS is supported.
+ */
+ mrs x11, vdisr_el2
+ mrs x12, vsesr_el2
+ stp x11, x12, [x0, #CTX_VDISR_EL2]
+ ret
+endfunc el2_sysregs_context_save_ras
+
+func el2_sysregs_context_restore_ras
/*
* VDISR_EL2 and VSESR_EL2 registers are restored only when FEAT_RAS
* is supported.
@@ -380,40 +411,83 @@
ldp x11, x12, [x0, #CTX_VDISR_EL2]
msr vdisr_el2, x11
msr vsesr_el2, x12
+ ret
+endfunc el2_sysregs_context_restore_ras
#endif /* RAS_EXTENSION */
#if CTX_INCLUDE_NEVE_REGS
+func el2_sysregs_context_save_nv2
+ /*
+ * VNCR_EL2 register is saved only when FEAT_NV2 is supported.
+ */
+ mrs x16, vncr_el2
+ str x16, [x0, #CTX_VNCR_EL2]
+ ret
+endfunc el2_sysregs_context_save_nv2
+
+func el2_sysregs_context_restore_nv2
/*
* VNCR_EL2 register is restored only when FEAT_NV2 is supported.
*/
ldr x16, [x0, #CTX_VNCR_EL2]
msr vncr_el2, x16
+ ret
+endfunc el2_sysregs_context_restore_nv2
#endif /* CTX_INCLUDE_NEVE_REGS */
#if ENABLE_TRF_FOR_NS
+func el2_sysregs_context_save_trf
+ /*
+ * TRFCR_EL2 register is saved only when FEAT_TRF is supported.
+ */
+ mrs x12, TRFCR_EL2
+ str x12, [x0, #CTX_TRFCR_EL2]
+ ret
+endfunc el2_sysregs_context_save_trf
+
+func el2_sysregs_context_restore_trf
/*
* TRFCR_EL2 register is restored only when FEAT_TRF is supported.
*/
ldr x12, [x0, #CTX_TRFCR_EL2]
msr TRFCR_EL2, x12
+ ret
+endfunc el2_sysregs_context_restore_trf
#endif /* ENABLE_TRF_FOR_NS */
#if ENABLE_FEAT_CSV2_2
+func el2_sysregs_context_save_csv2
+ /*
+ * SCXTNUM_EL2 register is saved only when FEAT_CSV2_2 is supported.
+ */
+ mrs x13, scxtnum_el2
+ str x13, [x0, #CTX_SCXTNUM_EL2]
+ ret
+endfunc el2_sysregs_context_save_csv2
+
+func el2_sysregs_context_restore_csv2
/*
* SCXTNUM_EL2 register is restored only when FEAT_CSV2_2 is supported.
*/
ldr x13, [x0, #CTX_SCXTNUM_EL2]
msr scxtnum_el2, x13
+ ret
+endfunc el2_sysregs_context_restore_csv2
#endif /* ENABLE_FEAT_CSV2_2 */
#if ENABLE_FEAT_HCX
+func el2_sysregs_context_save_hcx
+ mrs x14, hcrx_el2
+ str x14, [x0, #CTX_HCRX_EL2]
+ ret
+endfunc el2_sysregs_context_save_hcx
+
+func el2_sysregs_context_restore_hcx
ldr x14, [x0, #CTX_HCRX_EL2]
msr hcrx_el2, x14
-#endif /* ENABLE_FEAT_HCX */
-
ret
-endfunc el2_sysregs_context_restore
-
+endfunc el2_sysregs_context_restore_hcx
+#endif /* ENABLE_FEAT_HCX */
#endif /* CTX_INCLUDE_EL2_REGS */
/* ------------------------------------------------------------------
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index e393493..da610d0 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -790,11 +790,47 @@
if ((security_state != SECURE) ||
((security_state == SECURE) && ((scr_el3 & SCR_EEL2_BIT) != 0U))) {
cpu_context_t *ctx;
+ el2_sysregs_t *el2_sysregs_ctx;
ctx = cm_get_context(security_state);
assert(ctx != NULL);
- el2_sysregs_context_save(get_el2_sysregs_ctx(ctx));
+ el2_sysregs_ctx = get_el2_sysregs_ctx(ctx);
+
+ el2_sysregs_context_save_common(el2_sysregs_ctx);
+#if ENABLE_SPE_FOR_LOWER_ELS
+ el2_sysregs_context_save_spe(el2_sysregs_ctx);
+#endif
+#if CTX_INCLUDE_MTE_REGS
+ el2_sysregs_context_save_mte(el2_sysregs_ctx);
+#endif
+#if ENABLE_MPAM_FOR_LOWER_ELS
+ el2_sysregs_context_save_mpam(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_FGT
+ el2_sysregs_context_save_fgt(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_ECV
+ el2_sysregs_context_save_ecv(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_VHE
+ el2_sysregs_context_save_vhe(el2_sysregs_ctx);
+#endif
+#if RAS_EXTENSION
+ el2_sysregs_context_save_ras(el2_sysregs_ctx);
+#endif
+#if CTX_INCLUDE_NEVE_REGS
+ el2_sysregs_context_save_nv2(el2_sysregs_ctx);
+#endif
+#if ENABLE_TRF_FOR_NS
+ el2_sysregs_context_save_trf(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_CSV2_2
+ el2_sysregs_context_save_csv2(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_HCX
+ el2_sysregs_context_save_hcx(el2_sysregs_ctx);
+#endif
}
}
@@ -812,11 +848,47 @@
if ((security_state != SECURE) ||
((security_state == SECURE) && ((scr_el3 & SCR_EEL2_BIT) != 0U))) {
cpu_context_t *ctx;
+ el2_sysregs_t *el2_sysregs_ctx;
ctx = cm_get_context(security_state);
assert(ctx != NULL);
- el2_sysregs_context_restore(get_el2_sysregs_ctx(ctx));
+ el2_sysregs_ctx = get_el2_sysregs_ctx(ctx);
+
+ el2_sysregs_context_restore_common(el2_sysregs_ctx);
+#if ENABLE_SPE_FOR_LOWER_ELS
+ el2_sysregs_context_restore_spe(el2_sysregs_ctx);
+#endif
+#if CTX_INCLUDE_MTE_REGS
+ el2_sysregs_context_restore_mte(el2_sysregs_ctx);
+#endif
+#if ENABLE_MPAM_FOR_LOWER_ELS
+ el2_sysregs_context_restore_mpam(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_FGT
+ el2_sysregs_context_restore_fgt(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_ECV
+ el2_sysregs_context_restore_ecv(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_VHE
+ el2_sysregs_context_restore_vhe(el2_sysregs_ctx);
+#endif
+#if RAS_EXTENSION
+ el2_sysregs_context_restore_ras(el2_sysregs_ctx);
+#endif
+#if CTX_INCLUDE_NEVE_REGS
+ el2_sysregs_context_restore_nv2(el2_sysregs_ctx);
+#endif
+#if ENABLE_TRF_FOR_NS
+ el2_sysregs_context_restore_trf(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_CSV2_2
+ el2_sysregs_context_restore_csv2(el2_sysregs_ctx);
+#endif
+#if ENABLE_FEAT_HCX
+ el2_sysregs_context_restore_hcx(el2_sysregs_ctx);
+#endif
}
}
#endif /* CTX_INCLUDE_EL2_REGS */
diff --git a/lib/extensions/brbe/brbe.c b/lib/extensions/brbe/brbe.c
index 6975b04..1982619 100644
--- a/lib/extensions/brbe/brbe.c
+++ b/lib/extensions/brbe/brbe.c
@@ -5,22 +5,14 @@
*/
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
-static bool brbe_supported(void)
-{
- uint64_t features;
-
- features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_BRBE_SHIFT;
- return ((features & ID_AA64DFR0_BRBE_MASK) ==
- ID_AA64DFR0_BRBE_SUPPORTED);
-}
-
void brbe_enable(void)
{
uint64_t val;
- if (brbe_supported()) {
+ if (is_feat_brbe_present()) {
/*
* MDCR_EL3.SBRBE = 0b01
*
diff --git a/lib/extensions/trbe/trbe.c b/lib/extensions/trbe/trbe.c
index 9f754d5..b346387 100644
--- a/lib/extensions/trbe/trbe.c
+++ b/lib/extensions/trbe/trbe.c
@@ -1,10 +1,11 @@
/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <arch.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <lib/el3_runtime/pubsub.h>
#include <lib/extensions/trbe.h>
@@ -18,20 +19,11 @@
__asm__ volatile("hint #18");
}
-static bool trbe_supported(void)
-{
- uint64_t features;
-
- features = read_id_aa64dfr0_el1() >> ID_AA64DFR0_TRACEBUFFER_SHIFT;
- return ((features & ID_AA64DFR0_TRACEBUFFER_MASK) ==
- ID_AA64DFR0_TRACEBUFFER_SUPPORTED);
-}
-
void trbe_enable(void)
{
uint64_t val;
- if (trbe_supported()) {
+ if (is_feat_trbe_present()) {
/*
* MDCR_EL3.NSTB = 0b11
* Allow access of trace buffer control registers from NS-EL1
@@ -46,7 +38,7 @@
static void *trbe_drain_trace_buffers_hook(const void *arg __unused)
{
- if (trbe_supported()) {
+ if (is_feat_trbe_present()) {
/*
* Before switching from normal world to secure world
* the trace buffers need to be drained out to memory. This is
diff --git a/lib/optee/optee_utils.c b/lib/optee/optee_utils.c
index 72979cd..d30248f 100644
--- a/lib/optee/optee_utils.c
+++ b/lib/optee/optee_utils.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -192,8 +192,17 @@
&header->optee_image_list[num]);
} else if (header->optee_image_list[num].image_id ==
OPTEE_PAGED_IMAGE_ID) {
- ret = parse_optee_image(paged_image_info,
- &header->optee_image_list[num]);
+ if (paged_image_info == NULL) {
+ if (header->optee_image_list[num].size != 0U) {
+ ERROR("Paged image is not supported\n");
+ return -1;
+ }
+
+ continue;
+ } else {
+ ret = parse_optee_image(paged_image_info,
+ &header->optee_image_list[num]);
+ }
} else {
ERROR("Parse optee image failed.\n");
return -1;
@@ -215,8 +224,10 @@
* header image arguments so that can be read by the
* BL32 SPD.
*/
- header_ep->args.arg1 = paged_image_info->image_base;
- header_ep->args.arg2 = paged_image_info->image_size;
+ if (paged_image_info != NULL) {
+ header_ep->args.arg1 = paged_image_info->image_base;
+ header_ep->args.arg2 = paged_image_info->image_size;
+ }
/* Set OPTEE runtime arch - aarch32/aarch64 */
if (header->arch == 0) {
diff --git a/lib/psa/measured_boot.c b/lib/psa/measured_boot.c
index 693e01f..90e4ef3 100644
--- a/lib/psa/measured_boot.c
+++ b/lib/psa/measured_boot.c
@@ -14,8 +14,9 @@
#include "measured_boot_private.h"
-static void print_byte_array(const uint8_t *array, size_t len)
+static void print_byte_array(const uint8_t *array __unused, size_t len __unused)
{
+#if LOG_LEVEL >= LOG_LEVEL_INFO
size_t i;
if (array == NULL || len == 0U) {
@@ -31,6 +32,7 @@
}
}
}
+#endif
}
static void log_measurement(uint8_t index,
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk
index 0a280b4..5ef2d85 100644
--- a/make_helpers/tbbr/tbbr_tools.mk
+++ b/make_helpers/tbbr/tbbr_tools.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -25,6 +25,9 @@
# KEY_SIZE
# ROT_KEY
# PROT_KEY
+# PLAT_KEY
+# SWD_ROT_KEY
+# CORE_SWD_KEY
# TRUSTED_WORLD_KEY
# NON_TRUSTED_WORLD_KEY
# SCP_BL2_KEY
@@ -46,10 +49,18 @@
$(eval $(call CERT_ADD_CMD_OPT,${NTFW_NVCTR_VAL},--ntfw-nvctr))
# Add Trusted Key certificate to the fiptool and cert_create command line options
+ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert))
+else
+$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/cca.crt,--cca-cert))
+$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/core-swd.crt,--core-swd-cert))
+$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/plat-key.crt,--plat-key-cert))
+endif
# Add fwu certificate to the fiptool and cert_create command line options
+ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${FWU_CERT},--fwu-cert,,FWU_))
+endif
# Add the keys to the cert_create command line options (private keys are NOT
# packed in the FIP). Developers can use their own keys by specifying the proper
@@ -63,6 +74,9 @@
$(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key)))
$(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key,FWU_)))
$(if ${PROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${PROT_KEY},--prot-key)))
+$(if ${PLAT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${PLAT_KEY},--plat-key)))
+$(if ${SWD_ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${SWD_ROT_KEY},--swd-rot-key)))
+$(if ${CORE_SWD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${CORE_SWD_KEY},--core-swd-key)))
$(if ${TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${TRUSTED_WORLD_KEY},--trusted-world-key)))
$(if ${NON_TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${NON_TRUSTED_WORLD_KEY},--non-trusted-world-key)))
@@ -70,25 +84,31 @@
# Add the BL2 CoT (image cert)
ifeq (${NEED_BL2},yes)
ifeq (${BL2_AT_EL3}, 0)
+ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/tb_fw.crt,--tb-fw-cert))
endif
endif
+endif
# Add the SCP_BL2 CoT (key cert + img cert)
ifneq (${SCP_BL2},)
+ifneq (${COT},cca)
$(if ${SCP_BL2_KEY},$(eval $(call CERT_ADD_CMD_OPT,${SCP_BL2_KEY},--scp-fw-key)))
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/scp_fw_content.crt,--scp-fw-cert))
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/scp_fw_key.crt,--scp-fw-key-cert))
endif
+endif
ifeq (${ARCH},aarch64)
ifeq (${NEED_BL31},yes)
# Add the BL31 CoT (key cert + img cert)
$(if ${BL31_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL31_KEY},--soc-fw-key)))
+ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/soc_fw_content.crt,--soc-fw-cert))
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/soc_fw_key.crt,--soc-fw-key-cert))
endif
endif
+endif
# Add the BL32 CoT (key cert + img cert)
ifeq (${NEED_BL32},yes)
@@ -102,7 +122,9 @@
$(if ${BL33_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL33_KEY},--nt-fw-key)))
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/nt_fw_content.crt,--nt-fw-cert))
ifneq (${COT},dualroot)
- $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/nt_fw_key.crt,--nt-fw-key-cert))
+ ifneq (${COT},cca)
+ $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/nt_fw_key.crt,--nt-fw-key-cert))
+ endif
endif
endif
@@ -112,4 +134,7 @@
ifeq (${COT},dualroot)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/plat_sp_content.crt,--plat-sp-cert))
endif
+ifeq (${COT},cca)
+ $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/plat_sp_content.crt,--plat-sp-cert))
+endif
endif
diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c
index 66cc3e9..714c444 100644
--- a/plat/arm/board/common/board_arm_trusted_boot.c
+++ b/plat/arm/board/common/board_arm_trusted_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,18 +13,20 @@
#include <drivers/delay_timer.h>
#include <lib/cassert.h>
#include <lib/fconf/fconf.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/arm/common/fconf_nv_cntr_getter.h>
#include <plat/common/common_def.h>
#include <plat/common/platform.h>
-#include <platform_def.h>
-
-#if defined(ARM_COT_tbbr)
-#include <tools_share/tbbr_oid.h>
+#if defined(ARM_COT_cca)
+#include <tools_share/cca_oid.h>
#elif defined(ARM_COT_dualroot)
#include <tools_share/dualroot_oid.h>
+#elif defined(ARM_COT_tbbr)
+#include <tools_share/tbbr_oid.h>
#endif
+#include <plat/arm/common/fconf_nv_cntr_getter.h>
+#include <plat/arm/common/plat_arm.h>
+#include <platform_def.h>
+
#if !ARM_CRYPTOCELL_INTEG
#if !ARM_ROTPK_LOCATION_ID
#error "ARM_ROTPK_LOCATION_ID not defined"
@@ -181,6 +183,40 @@
return 1;
}
}
+
+#elif defined(ARM_COT_cca)
+
+int arm_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
+ unsigned int *flags)
+{
+ /*
+ * Return the right root of trust key hash based on the cookie value:
+ * - NULL means the primary ROTPK.
+ * - Otherwise, interpret cookie as the OID of the certificate
+ * extension containing the key.
+ */
+ if (cookie == NULL) {
+ return get_rotpk_info(key_ptr, key_len, flags);
+ } else if (strcmp(cookie, PROT_PK_OID) == 0) {
+ extern unsigned char arm_protpk_hash[];
+ extern unsigned char arm_protpk_hash_end[];
+ *key_ptr = arm_protpk_hash;
+ *key_len = arm_protpk_hash_end - arm_protpk_hash;
+ *flags = ROTPK_IS_HASH;
+ return 0;
+ } else if (strcmp(cookie, SWD_ROT_PK_OID) == 0) {
+ extern unsigned char arm_swd_rotpk_hash[];
+ extern unsigned char arm_swd_rotpk_hash_end[];
+ *key_ptr = arm_swd_rotpk_hash;
+ *key_len = arm_swd_rotpk_hash_end - arm_swd_rotpk_hash;
+ *flags = ROTPK_IS_HASH;
+ return 0;
+ } else {
+ /* Invalid key ID. */
+ return 1;
+ }
+}
+
#endif
/*
diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk
index 5cdf1bf..b11811c 100644
--- a/plat/arm/board/common/board_common.mk
+++ b/plat/arm/board/common/board_common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -38,6 +38,10 @@
$(eval $(call add_define,ARM_ROTPK_LOCATION_ID))
+ifeq (${ENABLE_RME}, 1)
+COT := cca
+endif
+
# Force generation of the new hash if ROT_KEY is specified
ifdef ROT_KEY
HASH_PREREQUISITES = $(ROT_KEY) FORCE
@@ -88,4 +92,29 @@
$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH)
endif
+ifeq (${COT},cca)
+# Platform and Secure World Root of Trust key files.
+ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem
+ARM_PROTPK_HASH := plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin
+ARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem
+ARM_SWD_ROTPK_HASH := plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin
+
+# Provide the private keys to cert_create tool. It needs them to sign the images.
+PROT_KEY := ${ARM_PROT_KEY}
+SWD_ROT_KEY := ${ARM_SWD_ROT_KEY}
+
+$(eval $(call add_define_val,ARM_PROTPK_HASH,'"$(ARM_PROTPK_HASH)"'))
+$(eval $(call add_define_val,ARM_SWD_ROTPK_HASH,'"$(ARM_SWD_ROTPK_HASH)"'))
+
+BL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \
+ plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
+BL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \
+ plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
+
+$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK_HASH)
+$(BUILD_PLAT)/bl1/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH)
+$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH)
+$(BUILD_PLAT)/bl2/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH)
+endif
+
endif
diff --git a/plat/arm/board/common/swd_rotpk/README b/plat/arm/board/common/swd_rotpk/README
new file mode 100644
index 0000000..b628a5f
--- /dev/null
+++ b/plat/arm/board/common/swd_rotpk/README
@@ -0,0 +1,14 @@
+This directory contains some development keys to be used as the secure world
+root-of-trust key used in the CCA chain of trust.
+
+* swd_rotprivk_rsa.pem is a 2K RSA private key in PEM format. It has been
+ generated using the openssl command line tool:
+
+ openssl genrsa 2048 > arm_swd_rotprivk_rsa.pem
+
+* swd_rotpk_rsa_sha256.bin is the SHA-256 hash of the DER-encoded public key
+ associated with the above private key. It has been generated using the openssl
+ command line tool:
+
+ openssl rsa -in arm_swd_rotprivk_rsa.pem -pubout -outform DER | \
+ openssl dgst -sha256 -binary > arm_swd_rotpk_rsa_sha256.bin
diff --git a/plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S b/plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
new file mode 100644
index 0000000..ae4f9d2
--- /dev/null
+++ b/plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+ .global arm_swd_rotpk_hash
+ .global arm_swd_rotpk_hash_end
+
+ .section .rodata.arm_swd_rotpk_hash, "a"
+
+arm_swd_rotpk_hash:
+ /* DER header. */
+ .byte 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48
+ .byte 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
+ /* Key hash. */
+ .incbin ARM_SWD_ROTPK_HASH
+arm_swd_rotpk_hash_end:
diff --git a/plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin b/plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin
new file mode 100644
index 0000000..b2f3e60
--- /dev/null
+++ b/plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin
@@ -0,0 +1 @@
+�0¾âÃ�æ�ÈË��(ì¨0wIÓÕ�éã¡g�k
\ No newline at end of file
diff --git a/plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem b/plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem
new file mode 100644
index 0000000..0de655d
--- /dev/null
+++ b/plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA8igTd5QdZd181kz9vINr7Au34Rr/pQ1jpesfLlc1ZXCNAI9y
+/rhQlpw00y8rwOfgZsf18gPwGWWGhDJMsXI7OPem7BEUr8xKumuJuCiOdJh1STcR
+/JoFvz8wJPyycj/DOERRGsz+RvFBs6cLjSZHNQdzKDW+DE5vVJpmNWBVkoK7MCRD
+Wh/PMZVSoq9PeJOzayYcsipKvifT1+Wo9y2MG5zTDxi28rLr/FBm0CpTepBcRe8L
+pmgS7XJKhCQYxdDSzxi/0t/qXAwWuME4jv2HbNxsUZjahiBYpA0BafXanSuxVHly
+qpD0BmKAu7PpgKrEnUcPuHpZ2W+a05lNk6zjewIDAQABAoIBAG3twYCcTYgrtvs1
+8k38vyZl33CiKAGOhXkRtpL75fKJ2IizljmKBJOKj/R6ynsFCHrANadLIFj3HMyw
+ZN59A+OFkVJDIsf3jsj3/ooKZzkI6N120YSBizBZiAqSaJOy3HWTldn7y0b7SJ88
+quLFyLeLDTzowMCnbqTSfqmmdNJQAn+Q+7RX5sZGyBQUF2pRAA67cOYzc3a5MZ5E
+zBOs2u8VboC3ulEq876XWQbcXpRh/ap3eplQ1kAdyy64IPp2WbxqyXW0IQAQqaqh
+6oj19ME6mVD5wtELcYscJCDb7pA6WJtPp6nz/og2ifCJE/75T5RJ6fc6eBFMcofQ
+STIClGECgYEA/ZC0GX1HTKEKK3c1TiS3Zy0DS5ZoN5KFK7Sp1ZAjPE63iAr1a3z9
+Kepb+L8TBSw50tVD74MF5ChEid/ghF5BrVC3/YJkiiNpM1F51SMLGFeiDPRzJcx5
+KJkSflX7Q36BAXqj85Yz5AjgTPKcBqQRVZ6pNZN1HY99MloMg22WPRECgYEA9HtU
+FXmnTplXaNnihdq+vL5Z4/KDM+1f1E95y1PB8vkLI+o1szVNFP+BYz+w42lKtHW+
+c+z40AhFBGZQ0QCx83NOyObCReFjEbP8Nz71BsHe6GyMk9tSPIpzu9XB49Rs+9EO
+DAvFM5y2j5bH+lXE0pSyS3oBf51L9ZCPhp/vB8sCgYEAydwB1Gzsbu+hFfs/v2bx
+brzh67HgY6VMSP/5WF/3/RG5gB8hQ6HsNQsyjrMmZC7SFarb+3e2H+2CqrREm3wi
+EuS4pKPCgEoyfL03HVtZgNZ61o9gf83pAk3h8Bto/VFfSBsnHEsOIlKCph9Z4NuK
+RTwa/uDWEmNhyszvO03pldECgYEA2zB7GWnhc1mNgabfLY0JtuSeaPzzXqnyYcID
+eyUT3QglUcTY8lvWSP4ufdILgEfVP2fVIdAS30iawDAPQuLxqEf4Gayx/r7s+GE6
+vjlGqxFEDXPMsX9QApFK49voop/AOiCbDHe9DOHy11ei4TDmbrn8BClVkJlxEa/S
+ziszvfMCgYEA2V0zXziooI0toaOJEWZlAYhEONS5SG2z28HMLNgbdMcueGNhseaR
+NBGgPcu3EQhbL/hD0tBs09u6gjy1WD1i0HYnm1K1YQ1flzfbjUa3BqZETMbNhugd
+CM9yv0GEL/udZyOmO401aYl+QGXZX/WwlLQOe7WqQXOXJvW73oSqy7M=
+-----END RSA PRIVATE KEY-----
diff --git a/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts b/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
index 21a6073..4543671 100644
--- a/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
+++ b/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -82,4 +82,8 @@
device_type = "memory";
reg = <0x0 0x6000000 0x2000000>; /* Trusted DRAM */
};
+
+#if MEASURED_BOOT
+#include "event_log.dtsi"
+#endif
};
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index cf4ef2d..6fd334d 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2020-2022, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -47,6 +47,9 @@
soc_fw_cfg_uuid = "9979814b-0376-fb46-8c8e-8d267f7859e0";
tos_fw_cfg_uuid = "26257c1a-dbc6-7f47-8d96-c4c4b0248021";
nt_fw_cfg_uuid = "28da9815-93e8-7e44-ac66-1aaf801550f9";
+ cca_cert_uuid = "36d83d85-761d-4daf-96f1-cd99d6569b00";
+ core_swd_cert_uuid = "52222d31-820f-494d-8bbc-ea6825d3c35a";
+ plat_cert_uuid = "d43cd902-5b9f-412e-8ac6-92b6d18be60d";
t_key_cert_uuid = "827ee890-f860-e411-a1b4-777a21b4f94c";
scp_fw_key_uuid = "024221a1-f860-e411-8d9b-f33c0e15a014";
soc_fw_key_uuid = "8ab8becc-f960-e411-9ad0-eb4822d8dcf8";
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
index fd15b70..e938e24 100644
--- a/plat/arm/board/fvp/fvp_bl2_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -6,6 +6,7 @@
#include <stdint.h>
+#include <common/tbbr/tbbr_img_def.h>
#include <drivers/measured_boot/event_log/event_log.h>
#include <drivers/measured_boot/rss/rss_measured_boot.h>
#include <tools_share/tbbr_oid.h>
@@ -31,6 +32,17 @@
{ TOS_FW_CONFIG_ID, EVLOG_TOS_FW_CONFIG_STRING, PCR_0 },
{ RMM_IMAGE_ID, EVLOG_RMM_STRING, PCR_0},
+#if defined(SPD_spmd)
+ { SP_PKG1_ID, EVLOG_SP1_STRING, PCR_0 },
+ { SP_PKG2_ID, EVLOG_SP2_STRING, PCR_0 },
+ { SP_PKG3_ID, EVLOG_SP3_STRING, PCR_0 },
+ { SP_PKG4_ID, EVLOG_SP4_STRING, PCR_0 },
+ { SP_PKG5_ID, EVLOG_SP5_STRING, PCR_0 },
+ { SP_PKG6_ID, EVLOG_SP6_STRING, PCR_0 },
+ { SP_PKG7_ID, EVLOG_SP7_STRING, PCR_0 },
+ { SP_PKG8_ID, EVLOG_SP8_STRING, PCR_0 },
+#endif
+
{ CRITICAL_DATA_ID, EVLOG_CRITICAL_DATA_STRING, PCR_1 },
{ EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index 82bd7c8..c75aca7 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -197,6 +197,9 @@
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1E000) - FVP_BL2_ROMLIB_OPTIMIZATION)
#elif CRYPTO_SUPPORT
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1D000) - FVP_BL2_ROMLIB_OPTIMIZATION)
+#elif ARM_BL31_IN_DRAM
+/* When ARM_BL31_IN_DRAM is set, BL2 can use almost all of Trusted SRAM. */
+# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1F000) - FVP_BL2_ROMLIB_OPTIMIZATION)
#else
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x13000) - FVP_BL2_ROMLIB_OPTIMIZATION)
#endif
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index 54c5e75..f9053a8 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -375,6 +375,10 @@
$(info Including ${RSS_MEASURED_BOOT_MK})
include ${RSS_MEASURED_BOOT_MK}
+ ifneq (${MBOOT_RSS_HASH_ALG}, sha256)
+ $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512))
+ endif
+
BL1_SOURCES += ${MEASURED_BOOT_SOURCES}
BL2_SOURCES += ${MEASURED_BOOT_SOURCES}
endif
diff --git a/plat/arm/board/rdn2/fdts/rdn2_nt_fw_config.dts b/plat/arm/board/rdn2/fdts/rdn2_nt_fw_config.dts
index bbc36fc..dd70141 100644
--- a/plat/arm/board/rdn2/fdts/rdn2_nt_fw_config.dts
+++ b/plat/arm/board/rdn2/fdts/rdn2_nt_fw_config.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020 - 2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -18,5 +18,26 @@
platform-id = <0x0>;
config-id = <0x0>;
multi-chip-mode = <0x0>;
+ /*
+ * First cell pair: Count of isolated CPUs in the list.
+ * Rest of the cells: MPID list of the isolated CPUs.
+ */
+ isolated-cpu-list = <0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0
+ 0x0 0x0>;
};
};
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index 6d7aa2d..bd59ec0 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -73,6 +73,14 @@
$(eval $(call assert_boolean,ARM_BL31_IN_DRAM))
$(eval $(call add_define,ARM_BL31_IN_DRAM))
+# As per CCA security model, all root firmware must execute from on-chip secure
+# memory. This means we must not run BL31 from TZC-protected DRAM.
+ifeq (${ARM_BL31_IN_DRAM},1)
+ ifeq (${ENABLE_RME},1)
+ $(error "BL31 must not run from DRAM on RME-systems. Please set ARM_BL31_IN_DRAM to 0")
+ endif
+endif
+
# Process ARM_PLAT_MT flag
ARM_PLAT_MT := 0
$(eval $(call assert_boolean,ARM_PLAT_MT))
@@ -373,6 +381,8 @@
endif
else ifeq (${COT},dualroot)
AUTH_SOURCES += drivers/auth/dualroot/cot.c
+ else ifeq (${COT},cca)
+ AUTH_SOURCES += drivers/auth/cca/cot.c
else
$(error Unknown chain of trust ${COT})
endif
@@ -401,6 +411,10 @@
$(info Including ${MEASURED_BOOT_MK})
include ${MEASURED_BOOT_MK}
+ ifneq (${MBOOT_EL_HASH_ALG}, sha256)
+ $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512))
+ endif
+
BL1_SOURCES += ${EVENT_LOG_SOURCES}
BL2_SOURCES += ${EVENT_LOG_SOURCES}
endif
diff --git a/plat/arm/common/fconf/arm_fconf_io.c b/plat/arm/common/fconf/arm_fconf_io.c
index aea2f38..6c32331 100644
--- a/plat/arm/common/fconf/arm_fconf_io.c
+++ b/plat/arm/common/fconf/arm_fconf_io.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2022, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -72,6 +72,9 @@
#if TRUSTED_BOARD_BOOT
[TRUSTED_BOOT_FW_CERT_ID] = {UUID_TRUSTED_BOOT_FW_CERT},
#if !ARM_IO_IN_DTB
+ [CCA_CONTENT_CERT_ID] = {UUID_CCA_CONTENT_CERT},
+ [CORE_SWD_KEY_CERT_ID] = {UUID_CORE_SWD_KEY_CERT},
+ [PLAT_KEY_CERT_ID] = {UUID_PLAT_KEY_CERT},
[TRUSTED_KEY_CERT_ID] = {UUID_TRUSTED_KEY_CERT},
[SCP_FW_KEY_CERT_ID] = {UUID_SCP_FW_KEY_CERT},
[SOC_FW_KEY_CERT_ID] = {UUID_SOC_FW_KEY_CERT},
@@ -196,6 +199,21 @@
open_fip
},
#if !ARM_IO_IN_DTB
+ [CCA_CONTENT_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[CCA_CONTENT_CERT_ID],
+ open_fip
+ },
+ [CORE_SWD_KEY_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[CORE_SWD_KEY_CERT_ID],
+ open_fip
+ },
+ [PLAT_KEY_CERT_ID] = {
+ &fip_dev_handle,
+ (uintptr_t)&arm_uuid_spec[PLAT_KEY_CERT_ID],
+ open_fip
+ },
[TRUSTED_KEY_CERT_ID] = {
&fip_dev_handle,
(uintptr_t)&arm_uuid_spec[TRUSTED_KEY_CERT_ID],
@@ -260,7 +278,7 @@
#ifdef IMAGE_BL2
#if TRUSTED_BOARD_BOOT
-#define FCONF_ARM_IO_UUID_NUMBER U(21)
+#define FCONF_ARM_IO_UUID_NUMBER U(24)
#else
#define FCONF_ARM_IO_UUID_NUMBER U(10)
#endif
@@ -286,6 +304,9 @@
{TOS_FW_CONFIG_ID, "tos_fw_cfg_uuid"},
{NT_FW_CONFIG_ID, "nt_fw_cfg_uuid"},
#if TRUSTED_BOARD_BOOT
+ {CCA_CONTENT_CERT_ID, "cca_cert_uuid"},
+ {CORE_SWD_KEY_CERT_ID, "core_swd_cert_uuid"},
+ {PLAT_KEY_CERT_ID, "plat_cert_uuid"},
{TRUSTED_KEY_CERT_ID, "t_key_cert_uuid"},
{SCP_FW_KEY_CERT_ID, "scp_fw_key_uuid"},
{SOC_FW_KEY_CERT_ID, "soc_fw_key_uuid"},
diff --git a/plat/arm/css/sgi/include/sgi_base_platform_def.h b/plat/arm/css/sgi/include/sgi_base_platform_def.h
index c9c8c04..58a153a 100644
--- a/plat/arm/css/sgi/include/sgi_base_platform_def.h
+++ b/plat/arm/css/sgi/include/sgi_base_platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -35,8 +35,8 @@
# if SPM_MM
# define PLAT_ARM_MMAP_ENTRIES (9 + ((CSS_SGI_CHIP_COUNT - 1) * 3))
# define MAX_XLAT_TABLES (7 + ((CSS_SGI_CHIP_COUNT - 1) * 3))
-# define PLAT_SP_IMAGE_MMAP_REGIONS 9
-# define PLAT_SP_IMAGE_MAX_XLAT_TABLES 11
+# define PLAT_SP_IMAGE_MMAP_REGIONS 10
+# define PLAT_SP_IMAGE_MAX_XLAT_TABLES 12
# else
# define PLAT_ARM_MMAP_ENTRIES (5 + ((CSS_SGI_CHIP_COUNT - 1) * 3))
# define MAX_XLAT_TABLES (6 + ((CSS_SGI_CHIP_COUNT - 1) * 3))
@@ -101,7 +101,7 @@
* calculated using the current BL31 PROGBITS debug size plus the sizes of
* BL2 and BL1-RW
*/
-#define PLAT_ARM_MAX_BL31_SIZE 0x3B000
+#define PLAT_ARM_MAX_BL31_SIZE 0x48000
/*
* Size of cacheable stacks
@@ -130,6 +130,21 @@
# define PLATFORM_STACK_SIZE 0x440
#endif
+/* PL011 UART related constants */
+#define SOC_CSS_SEC_UART_BASE UL(0x2A410000)
+#define SOC_CSS_NSEC_UART_BASE UL(0x2A400000)
+#define SOC_CSS_UART_SIZE UL(0x10000)
+#define SOC_CSS_UART_CLK_IN_HZ UL(7372800)
+
+/* UART related constants */
+#define PLAT_ARM_BOOT_UART_BASE SOC_CSS_SEC_UART_BASE
+#define PLAT_ARM_BOOT_UART_CLK_IN_HZ SOC_CSS_UART_CLK_IN_HZ
+
+#define PLAT_ARM_RUN_UART_BASE SOC_CSS_SEC_UART_BASE
+#define PLAT_ARM_RUN_UART_CLK_IN_HZ SOC_CSS_UART_CLK_IN_HZ
+
+#define PLAT_ARM_CRASH_UART_BASE SOC_CSS_SEC_UART_BASE
+#define PLAT_ARM_CRASH_UART_CLK_IN_HZ SOC_CSS_UART_CLK_IN_HZ
#define PLAT_ARM_NSTIMER_FRAME_ID 0
@@ -258,4 +273,21 @@
CSS_SGI_REMOTE_CHIP_MEM_OFFSET(n) + ARM_DRAM2_END, \
ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS}
+#if SPM_MM
+
+/*
+ * Stand-alone MM logs would be routed via secure UART. Define page table
+ * entry for secure UART which would be common to all platforms.
+ */
+#define SOC_PLATFORM_SECURE_UART MAP_REGION_FLAT( \
+ SOC_CSS_SEC_UART_BASE, \
+ SOC_CSS_UART_SIZE, \
+ MT_DEVICE | MT_RW | \
+ MT_SECURE | MT_USER)
+
+#endif
+
+/* SDS ID for unusable CPU MPID list structure */
+#define SDS_ISOLATED_CPU_LIST_ID U(128)
+
#endif /* SGI_BASE_PLATFORM_DEF_H */
diff --git a/plat/arm/css/sgi/include/sgi_soc_css_def.h b/plat/arm/css/sgi/include/sgi_soc_css_def.h
new file mode 100644
index 0000000..f78b45a
--- /dev/null
+++ b/plat/arm/css/sgi/include/sgi_soc_css_def.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef SGI_SOC_CSS_DEF_H
+#define SGI_SOC_CSS_DEF_H
+
+#include <lib/utils_def.h>
+#include <plat/arm/board/common/v2m_def.h>
+#include <plat/arm/soc/common/soc_css_def.h>
+#include <plat/common/common_def.h>
+
+/*
+ * Definitions common to all ARM CSSv1-based development platforms
+ */
+
+/* Platform ID address */
+#define BOARD_CSS_PLAT_ID_REG_ADDR UL(0x7ffe00e0)
+
+/* Platform ID related accessors */
+#define BOARD_CSS_PLAT_ID_REG_ID_MASK 0x0f
+#define BOARD_CSS_PLAT_ID_REG_ID_SHIFT 0x0
+#define BOARD_CSS_PLAT_TYPE_EMULATOR 0x02
+
+#ifndef __ASSEMBLER__
+
+#include <lib/mmio.h>
+
+#define BOARD_CSS_GET_PLAT_TYPE(addr) \
+ ((mmio_read_32(addr) & BOARD_CSS_PLAT_ID_REG_ID_MASK) \
+ >> BOARD_CSS_PLAT_ID_REG_ID_SHIFT)
+
+#endif /* __ASSEMBLER__ */
+
+#define MAX_IO_DEVICES 3
+#define MAX_IO_HANDLES 4
+
+/* Reserve the last block of flash for PSCI MEM PROTECT flag */
+#define PLAT_ARM_FLASH_IMAGE_BASE V2M_FLASH0_BASE
+#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
+
+#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
+#define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
+
+#endif /* SGI_SOC_CSS_DEF_H */
diff --git a/plat/arm/css/sgi/include/sgi_soc_css_def_v2.h b/plat/arm/css/sgi/include/sgi_soc_css_def_v2.h
index 639b687..acf31eb 100644
--- a/plat/arm/css/sgi/include/sgi_soc_css_def_v2.h
+++ b/plat/arm/css/sgi/include/sgi_soc_css_def_v2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,17 +24,10 @@
#define SOC_CSS_PCIE_CONTROL_BASE UL(0x0ef20000)
-/* PL011 UART related constants */
-#define SOC_CSS_UART1_BASE UL(0x0ef80000)
-#define SOC_CSS_UART0_BASE UL(0x0ef70000)
-
/* Memory controller */
#define SOC_MEMCNTRL_BASE UL(0x10000000)
#define SOC_MEMCNTRL_SIZE UL(0x10000000)
-#define SOC_CSS_UART0_CLK_IN_HZ UL(7372800)
-#define SOC_CSS_UART1_CLK_IN_HZ UL(7372800)
-
/* SoC NIC-400 Global Programmers View (GPV) */
#define SOC_CSS_NIC400_BASE UL(0x0ED00000)
@@ -206,17 +199,4 @@
#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
#define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
-/* UART related constants */
-#define PLAT_ARM_BOOT_UART_BASE SOC_CSS_UART0_BASE
-#define PLAT_ARM_BOOT_UART_CLK_IN_HZ SOC_CSS_UART0_CLK_IN_HZ
-
-#define PLAT_ARM_RUN_UART_BASE SOC_CSS_UART1_BASE
-#define PLAT_ARM_RUN_UART_CLK_IN_HZ SOC_CSS_UART1_CLK_IN_HZ
-
-#define PLAT_ARM_SP_MIN_RUN_UART_BASE SOC_CSS_UART1_BASE
-#define PLAT_ARM_SP_MIN_RUN_UART_CLK_IN_HZ SOC_CSS_UART1_CLK_IN_HZ
-
-#define PLAT_ARM_CRASH_UART_BASE PLAT_ARM_RUN_UART_BASE
-#define PLAT_ARM_CRASH_UART_CLK_IN_HZ PLAT_ARM_RUN_UART_CLK_IN_HZ
-
#endif /* SGI_SOC_CSS_DEF_V2_H */
diff --git a/plat/arm/css/sgi/include/sgi_soc_platform_def.h b/plat/arm/css/sgi/include/sgi_soc_platform_def.h
index 405d62f..3b8d9c6 100644
--- a/plat/arm/css/sgi/include/sgi_soc_platform_def.h
+++ b/plat/arm/css/sgi/include/sgi_soc_platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,10 +7,10 @@
#ifndef SGI_SOC_PLATFORM_DEF_H
#define SGI_SOC_PLATFORM_DEF_H
-#include <sgi_base_platform_def.h>
-#include <plat/arm/board/common/board_css_def.h>
#include <plat/arm/board/common/v2m_def.h>
#include <plat/arm/soc/common/soc_css_def.h>
+#include <sgi_base_platform_def.h>
+#include <sgi_soc_css_def.h>
/* Map the System registers to access from S-EL0 */
#define CSS_SYSTEMREG_DEVICE_BASE (0x1C010000)
diff --git a/plat/arm/css/sgi/sgi-common.mk b/plat/arm/css/sgi/sgi-common.mk
index 76c8025..4af579e 100644
--- a/plat/arm/css/sgi/sgi-common.mk
+++ b/plat/arm/css/sgi/sgi-common.mk
@@ -44,7 +44,8 @@
BL1_SOURCES += ${INTERCONNECT_SOURCES} \
drivers/arm/sbsa/sbsa.c
-BL2_SOURCES += ${CSS_ENT_BASE}/sgi_image_load.c
+BL2_SOURCES += ${CSS_ENT_BASE}/sgi_image_load.c \
+ drivers/arm/css/sds/sds.c
BL31_SOURCES += ${INTERCONNECT_SOURCES} \
${ENT_GIC_SOURCES} \
diff --git a/plat/arm/css/sgi/sgi_image_load.c b/plat/arm/css/sgi/sgi_image_load.c
index 09f3b72..ac4bfd2 100644
--- a/plat/arm/css/sgi/sgi_image_load.c
+++ b/plat/arm/css/sgi/sgi_image_load.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,16 +9,68 @@
#include <arch_helpers.h>
#include <common/debug.h>
#include <common/desc_image_load.h>
+#include <drivers/arm/css/sds.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
+#include <platform_def.h>
+#include <sgi_base_platform_def.h>
#include <sgi_variant.h>
+/*
+ * Information about the isolated CPUs obtained from SDS.
+ */
+struct isolated_cpu_mpid_list {
+ uint64_t num_entries; /* Number of entries in the list */
+ uint64_t mpid_list[PLATFORM_CORE_COUNT]; /* List of isolated CPU MPIDs */
+};
+
+/* Function to read isolated CPU MPID list from SDS. */
+void plat_arm_sgi_get_isolated_cpu_list(struct isolated_cpu_mpid_list *list)
+{
+ int ret;
+
+ ret = sds_init();
+ if (ret != SDS_OK) {
+ ERROR("SDS initialization failed, error: %d\n", ret);
+ panic();
+ }
+
+ ret = sds_struct_read(SDS_ISOLATED_CPU_LIST_ID, 0, &list->num_entries,
+ sizeof(list->num_entries), SDS_ACCESS_MODE_CACHED);
+ if (ret != SDS_OK) {
+ INFO("SDS CPU num elements read failed, error: %d\n", ret);
+ list->num_entries = 0;
+ return;
+ }
+
+ if (list->num_entries > PLATFORM_CORE_COUNT) {
+ ERROR("Isolated CPU list count %ld greater than max"
+ " number supported %d\n",
+ list->num_entries, PLATFORM_CORE_COUNT);
+ panic();
+ } else if (list->num_entries == 0) {
+ INFO("SDS isolated CPU list is empty\n");
+ return;
+ }
+
+ ret = sds_struct_read(SDS_ISOLATED_CPU_LIST_ID,
+ sizeof(list->num_entries),
+ &list->mpid_list,
+ sizeof(list->mpid_list[0]) * list->num_entries,
+ SDS_ACCESS_MODE_CACHED);
+ if (ret != SDS_OK) {
+ ERROR("SDS CPU list read failed. error: %d\n", ret);
+ panic();
+ }
+}
+
/*******************************************************************************
* This function inserts Platform information via device tree nodes as,
* system-id {
* platform-id = <0>;
* config-id = <0>;
+ * isolated-cpu-list = <0>
* }
******************************************************************************/
static int plat_sgi_append_config_node(void)
@@ -27,6 +79,7 @@
void *fdt;
int nodeoffset, err;
unsigned int platid = 0, platcfg = 0;
+ struct isolated_cpu_mpid_list cpu_mpid_list = {0};
mem_params = get_bl_mem_params_node(NT_FW_CONFIG_ID);
if (mem_params == NULL) {
@@ -69,6 +122,18 @@
return -1;
}
+ plat_arm_sgi_get_isolated_cpu_list(&cpu_mpid_list);
+ if (cpu_mpid_list.num_entries > 0) {
+ err = fdt_setprop(fdt, nodeoffset, "isolated-cpu-list",
+ &cpu_mpid_list,
+ (sizeof(cpu_mpid_list.num_entries) *
+ (cpu_mpid_list.num_entries + 1)));
+ if (err < 0) {
+ ERROR("Failed to set isolated-cpu-list, error: %d\n",
+ err);
+ }
+ }
+
flush_dcache_range((uintptr_t)fdt, mem_params->image_info.image_size);
return 0;
diff --git a/plat/arm/css/sgi/sgi_plat.c b/plat/arm/css/sgi/sgi_plat.c
index 20c52e9..a0199c3 100644
--- a/plat/arm/css/sgi/sgi_plat.c
+++ b/plat/arm/css/sgi/sgi_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -89,6 +89,7 @@
const mmap_region_t plat_arm_secure_partition_mmap[] = {
PLAT_ARM_SECURE_MAP_SYSTEMREG,
PLAT_ARM_SECURE_MAP_NOR2,
+ SOC_PLATFORM_SECURE_UART,
PLAT_ARM_SECURE_MAP_DEVICE,
ARM_SP_IMAGE_MMAP,
ARM_SP_IMAGE_NS_BUF_MMAP,
diff --git a/plat/arm/css/sgi/sgi_plat_v2.c b/plat/arm/css/sgi/sgi_plat_v2.c
index 1a2a966..cef5345 100644
--- a/plat/arm/css/sgi/sgi_plat_v2.c
+++ b/plat/arm/css/sgi/sgi_plat_v2.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -83,6 +83,7 @@
const mmap_region_t plat_arm_secure_partition_mmap[] = {
PLAT_ARM_SECURE_MAP_SYSTEMREG,
PLAT_ARM_SECURE_MAP_NOR2,
+ SOC_PLATFORM_SECURE_UART,
SOC_PLATFORM_PERIPH_MAP_DEVICE_USER,
ARM_SP_IMAGE_MMAP,
ARM_SP_IMAGE_NS_BUF_MMAP,
diff --git a/plat/imx/imx8m/imx8mm/platform.mk b/plat/imx/imx8m/imx8mm/platform.mk
index 0cce7ca..60fa325 100644
--- a/plat/imx/imx8m/imx8mm/platform.mk
+++ b/plat/imx/imx8m/imx8mm/platform.mk
@@ -162,6 +162,10 @@
$(info Including ${MEASURED_BOOT_MK})
include ${MEASURED_BOOT_MK}
+ifneq (${MBOOT_EL_HASH_ALG}, sha256)
+ $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512))
+endif
+
BL2_SOURCES += plat/imx/imx8m/imx8m_measured_boot.c \
plat/imx/imx8m/imx8m_dyn_cfg_helpers.c \
${EVENT_LOG_SOURCES}
diff --git a/plat/qemu/qemu/platform.mk b/plat/qemu/qemu/platform.mk
index 6a877c3..8e7f7c8 100644
--- a/plat/qemu/qemu/platform.mk
+++ b/plat/qemu/qemu/platform.mk
@@ -104,6 +104,10 @@
$(info Including ${MEASURED_BOOT_MK})
include ${MEASURED_BOOT_MK}
+ ifneq (${MBOOT_EL_HASH_ALG}, sha256)
+ $(eval $(call add_define,TF_MBEDTLS_MBOOT_USE_SHA512))
+ endif
+
BL2_SOURCES += plat/qemu/qemu/qemu_measured_boot.c \
plat/qemu/qemu/qemu_common_measured_boot.c \
plat/qemu/qemu/qemu_helpers.c \
diff --git a/plat/socionext/synquacer/include/platform_def.h b/plat/socionext/synquacer/include/platform_def.h
index 49ffbf9..a84660b 100644
--- a/plat/socionext/synquacer/include/platform_def.h
+++ b/plat/socionext/synquacer/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -42,16 +42,52 @@
#define MAX_XLAT_TABLES 8
#define MAX_MMAP_REGIONS 8
+#if TRUSTED_BOARD_BOOT
+#define PLATFORM_STACK_SIZE 0x1000
+#else
#define PLATFORM_STACK_SIZE 0x400
+#endif
+
+#if !RESET_TO_BL31
+
+/* A mailbox page will be mapped from BL2 and BL31 */
+#define BL2_MAILBOX_BASE 0x0403f000
+#define BL2_MAILBOX_SIZE 0x1000
+
+#define PLAT_SQ_BOOTIDX_BASE 0x08510000
+#define PLAT_SQ_MAX_BOOT_INDEX 2
+
+#define MAX_IO_HANDLES 2
+#define MAX_IO_DEVICES 2
+#define MAX_IO_BLOCK_DEVICES U(1)
+
+#define BL2_BASE 0x04000000
+#define BL2_SIZE (256 * 1024)
+#define BL2_LIMIT (BL2_BASE + BL2_SIZE)
+
+/* If BL2 is enabled, the BL31 is loaded on secure DRAM */
+#define BL31_BASE 0xfbe00000
+#define BL31_SIZE 0x00100000
+#else
#define BL31_BASE 0x04000000
#define BL31_SIZE 0x00080000
+#endif
+
#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
#define BL32_BASE 0xfc000000
#define BL32_SIZE 0x03c00000
#define BL32_LIMIT (BL32_BASE + BL32_SIZE)
+/* Alternative BL33 */
+#define PLAT_SQ_BL33_BASE 0xe0000000
+#define PLAT_SQ_BL33_SIZE 0x00100000
+
+/* FWU FIP IO base */
+#define PLAT_SQ_FIP_IOBASE 0x08600000
+#define PLAT_SQ_FIP_MAXSIZE 0x00400000
+
#define PLAT_SQ_CCN_BASE 0x32000000
#define PLAT_SQ_CLUSTER_TO_CCN_ID_MAP \
0, /* Cluster 0 */ \
diff --git a/plat/socionext/synquacer/include/sq_common.h b/plat/socionext/synquacer/include/sq_common.h
index b09d22a..eef0e1f 100644
--- a/plat/socionext/synquacer/include/sq_common.h
+++ b/plat/socionext/synquacer/include/sq_common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -39,6 +39,8 @@
void sq_gic_cpuif_disable(void);
void sq_gic_pcpu_init(void);
+int sq_io_setup(void);
+struct image_info *sq_get_image_info(unsigned int image_id);
void sq_mmap_setup(uintptr_t total_base, size_t total_size,
const struct mmap_region *mmap);
diff --git a/plat/socionext/synquacer/platform.mk b/plat/socionext/synquacer/platform.mk
index dcd5d31..3eab3d6 100644
--- a/plat/socionext/synquacer/platform.mk
+++ b/plat/socionext/synquacer/platform.mk
@@ -1,18 +1,26 @@
#
-# Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
-override RESET_TO_BL31 := 1
override PROGRAMMABLE_RESET_ADDRESS := 1
override USE_COHERENT_MEM := 1
override SEPARATE_CODE_AND_RODATA := 1
override ENABLE_SVE_FOR_NS := 0
# Enable workarounds for selected Cortex-A53 erratas.
ERRATA_A53_855873 := 1
-# Enable SCMI support
-SQ_USE_SCMI_DRIVER ?= 0
+
+ifeq (${RESET_TO_BL31}, 1)
+override RESET_TO_BL31 := 1
+override TRUSTED_BOARD_BOOT := 0
+SQ_USE_SCMI_DRIVER ?= 0
+else
+override RESET_TO_BL31 := 0
+override BL2_AT_EL3 := 1
+SQ_USE_SCMI_DRIVER := 1
+BL2_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
+endif
# Libraries
include lib/xlat_tables_v2/xlat_tables.mk
@@ -28,14 +36,55 @@
drivers/arm/pl011/aarch64/pl011_console.S \
drivers/delay_timer/delay_timer.c \
drivers/delay_timer/generic_delay_timer.c \
+ lib/cpus/aarch64/cortex_a53.S \
+ $(PLAT_PATH)/sq_xlat_setup.c \
${XLAT_TABLES_LIB_SRCS}
# Include GICv3 driver files
include drivers/arm/gic/v3/gicv3.mk
+ifneq (${RESET_TO_BL31}, 1)
+BL2_SOURCES += common/desc_image_load.c \
+ drivers/io/io_fip.c \
+ drivers/io/io_memmap.c \
+ drivers/io/io_storage.c \
+ $(PLAT_PATH)/sq_bl2_setup.c \
+ $(PLAT_PATH)/sq_image_desc.c \
+ $(PLAT_PATH)/sq_io_storage.c
+
+ifeq (${TRUSTED_BOARD_BOOT},1)
+include drivers/auth/mbedtls/mbedtls_crypto.mk
+include drivers/auth/mbedtls/mbedtls_x509.mk
+BL2_SOURCES += drivers/auth/auth_mod.c \
+ drivers/auth/crypto_mod.c \
+ drivers/auth/img_parser_mod.c \
+ drivers/auth/tbbr/tbbr_cot_common.c \
+ drivers/auth/tbbr/tbbr_cot_bl2.c \
+ plat/common/tbbr/plat_tbbr.c \
+ $(PLAT_PATH)/sq_rotpk.S \
+ $(PLAT_PATH)/sq_tbbr.c
+
+ROT_KEY = $(BUILD_PLAT)/rot_key.pem
+ROTPK_HASH = $(BUILD_PLAT)/rotpk_sha256.bin
+
+$(eval $(call add_define_val,ROTPK_HASH,'"$(ROTPK_HASH)"'))
+$(BUILD_PLAT)/bl2/sq_rotpk.o: $(ROTPK_HASH)
+
+certificates: $(ROT_KEY)
+$(ROT_KEY): | $(BUILD_PLAT)
+ @echo " OPENSSL $@"
+ $(Q)openssl genrsa 2048 > $@ 2>/dev/null
+
+$(ROTPK_HASH): $(ROT_KEY)
+ @echo " OPENSSL $@"
+ $(Q)openssl rsa -in $< -pubout -outform DER 2>/dev/null |\
+ openssl dgst -sha256 -binary > $@ 2>/dev/null
+
+endif # TRUSTED_BOARD_BOOT
+endif
+
BL31_SOURCES += drivers/arm/ccn/ccn.c \
${GICV3_SOURCES} \
- lib/cpus/aarch64/cortex_a53.S \
plat/common/plat_gicv3.c \
plat/common/plat_psci_common.c \
$(PLAT_PATH)/sq_bl31_setup.c \
@@ -43,7 +92,6 @@
$(PLAT_PATH)/sq_topology.c \
$(PLAT_PATH)/sq_psci.c \
$(PLAT_PATH)/sq_gicv3.c \
- $(PLAT_PATH)/sq_xlat_setup.c \
$(PLAT_PATH)/drivers/scp/sq_scp.c
ifeq (${SQ_USE_SCMI_DRIVER},0)
diff --git a/plat/socionext/synquacer/sq_bl2_setup.c b/plat/socionext/synquacer/sq_bl2_setup.c
new file mode 100644
index 0000000..a98d912
--- /dev/null
+++ b/plat/socionext/synquacer/sq_bl2_setup.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2022, Socionext Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <errno.h>
+
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <common/desc_image_load.h>
+#include <common/image_decompress.h>
+#include <drivers/arm/pl011.h>
+#include <drivers/io/io_storage.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <plat/common/platform.h>
+
+#include <platform_def.h>
+#include <sq_common.h>
+
+static console_t console;
+
+void bl2_el3_early_platform_setup(u_register_t x0, u_register_t x1,
+ u_register_t x2, u_register_t x3)
+{
+ /* Initialize the console to provide early debug support */
+ (void)console_pl011_register(PLAT_SQ_BOOT_UART_BASE,
+ PLAT_SQ_BOOT_UART_CLK_IN_HZ,
+ SQ_CONSOLE_BAUDRATE, &console);
+ console_set_scope(&console, CONSOLE_FLAG_BOOT);
+}
+
+void bl2_el3_plat_arch_setup(void)
+{
+ int ret;
+
+ sq_mmap_setup(BL2_BASE, BL2_SIZE, NULL);
+
+ ret = sq_io_setup();
+ if (ret) {
+ ERROR("failed to setup io devices\n");
+ plat_error_handler(ret);
+ }
+}
+
+void bl2_platform_setup(void)
+{
+}
+
+void plat_flush_next_bl_params(void)
+{
+ flush_bl_params_desc();
+}
+
+bl_load_info_t *plat_get_bl_image_load_info(void)
+{
+ return get_bl_load_info_from_mem_params_desc();
+}
+
+bl_params_t *plat_get_next_bl_params(void)
+{
+ return get_next_bl_params_from_mem_params_desc();
+}
+
+void bl2_plat_preload_setup(void)
+{
+}
+
+int bl2_plat_handle_pre_image_load(unsigned int image_id)
+{
+ struct image_info *image_info;
+
+ image_info = sq_get_image_info(image_id);
+
+ return mmap_add_dynamic_region(image_info->image_base,
+ image_info->image_base,
+ image_info->image_max_size,
+ MT_MEMORY | MT_RW | MT_NS);
+}
+
+int bl2_plat_handle_post_image_load(unsigned int image_id)
+{
+ return 0;
+}
diff --git a/plat/socionext/synquacer/sq_bl31_setup.c b/plat/socionext/synquacer/sq_bl31_setup.c
index a7a0ce0..967437b 100644
--- a/plat/socionext/synquacer/sq_bl31_setup.c
+++ b/plat/socionext/synquacer/sq_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -44,6 +44,35 @@
return type == NON_SECURE ? &bl33_image_ep_info : &bl32_image_ep_info;
}
+#if !RESET_TO_BL31
+void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
+{
+ void *from_bl2 = (void *) arg0;
+ bl_params_node_t *bl_params = ((bl_params_t *) from_bl2)->head;
+
+ /* Initialize the console to provide early debug support */
+ (void)console_pl011_register(PLAT_SQ_BOOT_UART_BASE,
+ PLAT_SQ_BOOT_UART_CLK_IN_HZ,
+ SQ_CONSOLE_BAUDRATE, &console);
+
+ console_set_scope(&console, CONSOLE_FLAG_BOOT | CONSOLE_FLAG_RUNTIME);
+
+ /* Initialize power controller before setting up topology */
+ plat_sq_pwrc_setup();
+
+ while (bl_params) {
+ if (bl_params->image_id == BL32_IMAGE_ID)
+ bl32_image_ep_info = *bl_params->ep_info;
+
+ if (bl_params->image_id == BL33_IMAGE_ID)
+ bl33_image_ep_info = *bl_params->ep_info;
+
+ bl_params = bl_params->next_params_info;
+ }
+}
+
+#else
/*******************************************************************************
* Gets SPSR for BL32 entry
******************************************************************************/
@@ -129,6 +158,7 @@
bl33_image_ep_info.spsr = sq_get_spsr_for_bl33_entry();
SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
}
+#endif
static void sq_configure_sys_timer(void)
{
@@ -192,6 +222,11 @@
PLAT_SQ_SP_PRIV_SIZE,
MT_RW_DATA | MT_SECURE),
#endif
+#if !RESET_TO_BL31
+ MAP_REGION_FLAT(BL2_MAILBOX_BASE,
+ BL2_MAILBOX_SIZE,
+ MT_RW | MT_SECURE),
+#endif
{0},
};
diff --git a/plat/socionext/synquacer/sq_helpers.S b/plat/socionext/synquacer/sq_helpers.S
index 7a2d97b..5f9eab4 100644
--- a/plat/socionext/synquacer/sq_helpers.S
+++ b/plat/socionext/synquacer/sq_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -46,7 +46,12 @@
* code that secondary CPUs jump to.
*/
func plat_secondary_cold_boot_setup
+#if !RESET_TO_BL31
+ mov_imm x0, BL2_MAILBOX_BASE
+ ldr x0, [x0]
+#else
ldr x0, sq_sec_entrypoint
+#endif
/* Wait until the mailbox gets populated */
poll_mailbox:
diff --git a/plat/socionext/synquacer/sq_image_desc.c b/plat/socionext/synquacer/sq_image_desc.c
new file mode 100644
index 0000000..5fe125b
--- /dev/null
+++ b/plat/socionext/synquacer/sq_image_desc.c
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2022, Socionext Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+
+#include <arch.h>
+#include <common/desc_image_load.h>
+
+#include <platform_def.h>
+
+static struct bl_mem_params_node sq_image_descs[] = {
+ {
+ .image_id = BL31_IMAGE_ID,
+
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
+ VERSION_2, image_info_t, 0),
+ .image_info.image_base = BL31_BASE,
+ .image_info.image_max_size = BL31_SIZE,
+
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
+ VERSION_2, entry_point_info_t,
+ SECURE | EXECUTABLE | EP_FIRST_EXE),
+ .ep_info.pc = BL31_BASE,
+ .ep_info.spsr = SPSR_64(MODE_EL3, MODE_SP_ELX,
+ DISABLE_ALL_EXCEPTIONS),
+
+ .next_handoff_image_id = BL32_IMAGE_ID,
+ },
+ {
+ .image_id = BL32_IMAGE_ID,
+
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
+ VERSION_2, image_info_t, 0),
+ .image_info.image_base = BL32_BASE,
+ .image_info.image_max_size = BL32_SIZE,
+
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
+ VERSION_2, entry_point_info_t,
+ SECURE | EXECUTABLE),
+ .ep_info.pc = BL32_BASE,
+ .ep_info.spsr = SPSR_64(MODE_EL3, MODE_SP_ELX,
+ DISABLE_ALL_EXCEPTIONS),
+
+ .next_handoff_image_id = BL33_IMAGE_ID,
+ },
+ {
+ .image_id = BL33_IMAGE_ID,
+
+ SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
+ VERSION_2, image_info_t, 0),
+ .image_info.image_base = PLAT_SQ_BL33_BASE,
+ .image_info.image_max_size = PLAT_SQ_BL33_SIZE,
+
+ SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
+ VERSION_2, entry_point_info_t,
+ NON_SECURE | EXECUTABLE),
+ .ep_info.pc = PLAT_SQ_BL33_BASE,
+ .ep_info.spsr = SPSR_64(MODE_EL2, MODE_SP_ELX,
+ DISABLE_ALL_EXCEPTIONS),
+
+ .next_handoff_image_id = INVALID_IMAGE_ID,
+ },
+};
+REGISTER_BL_IMAGE_DESCS(sq_image_descs)
+
+struct image_info *sq_get_image_info(unsigned int image_id)
+{
+ struct bl_mem_params_node *desc;
+
+ desc = get_bl_mem_params_node(image_id);
+ assert(desc);
+ return &desc->image_info;
+}
diff --git a/plat/socionext/synquacer/sq_io_storage.c b/plat/socionext/synquacer/sq_io_storage.c
new file mode 100644
index 0000000..ea83dad
--- /dev/null
+++ b/plat/socionext/synquacer/sq_io_storage.c
@@ -0,0 +1,246 @@
+/*
+ * Copyright (c) 2022, Socionext Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <stdint.h>
+
+#include <drivers/io/io_block.h>
+#include <drivers/io/io_driver.h>
+#include <drivers/io/io_fip.h>
+#include <drivers/io/io_memmap.h>
+#include <lib/mmio.h>
+#include <lib/utils_def.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <tools_share/firmware_image_package.h>
+
+#include <platform_def.h>
+#include <sq_common.h>
+
+static const io_dev_connector_t *sq_fip_dev_con;
+static uintptr_t sq_fip_dev_handle;
+
+static const io_dev_connector_t *sq_backend_dev_con;
+static uintptr_t sq_backend_dev_handle;
+
+static io_block_spec_t sq_fip_spec = {
+ .offset = PLAT_SQ_FIP_IOBASE, /* FIP Image is at 5MB offset on memory-mapped NOR flash */
+ .length = PLAT_SQ_FIP_MAXSIZE, /* Expected maximum FIP image size */
+};
+
+static const io_uuid_spec_t sq_bl2_spec = {
+ .uuid = UUID_TRUSTED_BOOT_FIRMWARE_BL2,
+};
+
+static const io_uuid_spec_t sq_bl31_spec = {
+ .uuid = UUID_EL3_RUNTIME_FIRMWARE_BL31,
+};
+
+static const io_uuid_spec_t sq_bl32_spec = {
+ .uuid = UUID_SECURE_PAYLOAD_BL32,
+};
+
+static const io_uuid_spec_t sq_bl33_spec = {
+ .uuid = UUID_NON_TRUSTED_FIRMWARE_BL33,
+};
+
+#if TRUSTED_BOARD_BOOT
+static const io_uuid_spec_t sq_tb_fw_cert_spec = {
+ .uuid = UUID_TRUSTED_BOOT_FW_CERT,
+};
+
+static const io_uuid_spec_t sq_trusted_key_cert_spec = {
+ .uuid = UUID_TRUSTED_KEY_CERT,
+};
+
+static const io_uuid_spec_t sq_soc_fw_key_cert_spec = {
+ .uuid = UUID_SOC_FW_KEY_CERT,
+};
+
+static const io_uuid_spec_t sq_tos_fw_key_cert_spec = {
+ .uuid = UUID_TRUSTED_OS_FW_KEY_CERT,
+};
+
+static const io_uuid_spec_t sq_nt_fw_key_cert_spec = {
+ .uuid = UUID_NON_TRUSTED_FW_KEY_CERT,
+};
+
+static const io_uuid_spec_t sq_soc_fw_cert_spec = {
+ .uuid = UUID_SOC_FW_CONTENT_CERT,
+};
+
+static const io_uuid_spec_t sq_tos_fw_cert_spec = {
+ .uuid = UUID_TRUSTED_OS_FW_CONTENT_CERT,
+};
+
+static const io_uuid_spec_t sq_nt_fw_cert_spec = {
+ .uuid = UUID_NON_TRUSTED_FW_CONTENT_CERT,
+};
+#endif /* TRUSTED_BOARD_BOOT */
+
+struct sq_io_policy {
+ uintptr_t *dev_handle;
+ uintptr_t image_spec;
+ uintptr_t init_params;
+};
+
+static const struct sq_io_policy sq_io_policies[] = {
+ [FIP_IMAGE_ID] = {
+ .dev_handle = &sq_backend_dev_handle,
+ .image_spec = (uintptr_t)&sq_fip_spec,
+ },
+ [BL2_IMAGE_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_bl2_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [BL31_IMAGE_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_bl31_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [BL32_IMAGE_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_bl32_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [BL33_IMAGE_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_bl33_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+#if TRUSTED_BOARD_BOOT
+ [TRUSTED_BOOT_FW_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_tb_fw_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [TRUSTED_KEY_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_trusted_key_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [SOC_FW_KEY_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_soc_fw_key_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [TRUSTED_OS_FW_KEY_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_tos_fw_key_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [NON_TRUSTED_FW_KEY_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_nt_fw_key_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [SOC_FW_CONTENT_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_soc_fw_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [TRUSTED_OS_FW_CONTENT_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_tos_fw_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+ [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
+ .dev_handle = &sq_fip_dev_handle,
+ .image_spec = (uintptr_t)&sq_nt_fw_cert_spec,
+ .init_params = FIP_IMAGE_ID,
+ },
+#endif
+};
+
+static int sq_update_fip_spec(void)
+{
+ uint32_t boot_index;
+ int ret;
+
+ ret = mmap_add_dynamic_region(PLAT_SQ_BOOTIDX_BASE, PLAT_SQ_BOOTIDX_BASE,
+ PAGE_SIZE, MT_RO_DATA | MT_SECURE);
+ if (ret) {
+ return ret;
+ }
+
+ boot_index = mmio_read_32(PLAT_SQ_BOOTIDX_BASE);
+ if (boot_index < PLAT_SQ_MAX_BOOT_INDEX) {
+ sq_fip_spec.offset += PLAT_SQ_FIP_MAXSIZE * boot_index;
+ INFO("FWU Enabled: boot_index %d\n", boot_index);
+ } else {
+ WARN("FWU Disabled: wrong boot_index value. Fallback to index 0.\n");
+ }
+
+ mmap_remove_dynamic_region(PLAT_SQ_BOOTIDX_BASE, PAGE_SIZE);
+ return 0;
+}
+
+static int sq_io_memmap_setup(void)
+{
+ int ret;
+
+ ret = sq_update_fip_spec();
+ if (ret) {
+ return ret;
+ }
+
+ ret = mmap_add_dynamic_region(sq_fip_spec.offset, sq_fip_spec.offset,
+ sq_fip_spec.length, MT_RO_DATA | MT_SECURE);
+ if (ret) {
+ return ret;
+ }
+
+ ret = register_io_dev_memmap(&sq_backend_dev_con);
+ if (ret) {
+ return ret;
+ }
+
+ return io_dev_open(sq_backend_dev_con, 0, &sq_backend_dev_handle);
+}
+
+static int sq_io_fip_setup(void)
+{
+ int ret;
+
+ ret = register_io_dev_fip(&sq_fip_dev_con);
+ if (ret) {
+ return ret;
+ }
+
+ return io_dev_open(sq_fip_dev_con, 0, &sq_fip_dev_handle);
+}
+
+int sq_io_setup(void)
+{
+ int ret;
+
+ ret = sq_io_memmap_setup();
+ if (ret) {
+ return ret;
+ }
+
+ ret = sq_io_fip_setup();
+ if (ret) {
+ return ret;
+ }
+
+ return 0;
+}
+
+int plat_get_image_source(unsigned int image_id, uintptr_t *dev_handle,
+ uintptr_t *image_spec)
+{
+ uintptr_t init_params;
+
+ assert(image_id < ARRAY_SIZE(sq_io_policies));
+
+ *dev_handle = *sq_io_policies[image_id].dev_handle;
+ *image_spec = sq_io_policies[image_id].image_spec;
+ init_params = sq_io_policies[image_id].init_params;
+
+ return io_dev_init(*dev_handle, init_params);
+}
diff --git a/plat/socionext/synquacer/sq_psci.c b/plat/socionext/synquacer/sq_psci.c
index 3062f63..017516f 100644
--- a/plat/socionext/synquacer/sq_psci.c
+++ b/plat/socionext/synquacer/sq_psci.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -197,9 +197,17 @@
int plat_setup_psci_ops(uintptr_t sec_entrypoint,
const struct plat_psci_ops **psci_ops)
{
+#if !RESET_TO_BL31
+ uintptr_t *sq_sec_ep = (uintptr_t *)BL2_MAILBOX_BASE;
+
+ *sq_sec_ep = sec_entrypoint;
+ flush_dcache_range((uint64_t)sq_sec_ep,
+ sizeof(*sq_sec_ep));
+#else
sq_sec_entrypoint = sec_entrypoint;
flush_dcache_range((uint64_t)&sq_sec_entrypoint,
sizeof(sq_sec_entrypoint));
+#endif
*psci_ops = &sq_psci_ops;
diff --git a/plat/socionext/synquacer/sq_rotpk.S b/plat/socionext/synquacer/sq_rotpk.S
new file mode 100644
index 0000000..61227ed
--- /dev/null
+++ b/plat/socionext/synquacer/sq_rotpk.S
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2022, Socionext Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+ .global sq_rotpk_hash
+ .global sq_rotpk_hash_end
+ .section .rodata.sq_rotpk_hash, "a"
+sq_rotpk_hash:
+ /* DER header */
+ .byte 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48
+ .byte 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
+ /* SHA256 */
+ .incbin ROTPK_HASH
+sq_rotpk_hash_end:
diff --git a/plat/socionext/synquacer/sq_tbbr.c b/plat/socionext/synquacer/sq_tbbr.c
new file mode 100644
index 0000000..e9fa18c
--- /dev/null
+++ b/plat/socionext/synquacer/sq_tbbr.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2022, Socionext Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <plat/common/platform.h>
+
+extern char sq_rotpk_hash[], sq_rotpk_hash_end[];
+
+int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
+ unsigned int *flags)
+{
+ *key_ptr = sq_rotpk_hash;
+ *key_len = sq_rotpk_hash_end - sq_rotpk_hash;
+ *flags = ROTPK_IS_HASH;
+
+ return 0;
+}
+
+int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
+{
+ /*
+ * No support for non-volatile counter. Update the ROT key to protect
+ * the system against rollback.
+ */
+ *nv_ctr = 0;
+
+ return 0;
+}
+
+int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
+{
+ return 0;
+}
+
+int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
+{
+ return get_mbedtls_heap_helper(heap_addr, heap_size);
+}
diff --git a/plat/st/common/bl2_io_storage.c b/plat/st/common/bl2_io_storage.c
index b2038bc..94c36d9 100644
--- a/plat/st/common/bl2_io_storage.c
+++ b/plat/st/common/bl2_io_storage.c
@@ -122,6 +122,37 @@
return io_dev_init(storage_dev_handle, 0);
}
+#if STM32MP_EMMC_BOOT
+static uint32_t get_boot_part_fip_header(void)
+{
+ io_block_spec_t emmc_boot_fip_block_spec = {
+ .offset = STM32MP_EMMC_BOOT_FIP_OFFSET,
+ .length = MMC_BLOCK_SIZE, /* We are interested only in first 4 bytes */
+ };
+ uint32_t magic = 0U;
+ int io_result;
+ size_t bytes_read;
+ uintptr_t fip_hdr_handle;
+
+ io_result = io_open(storage_dev_handle, (uintptr_t)&emmc_boot_fip_block_spec,
+ &fip_hdr_handle);
+ assert(io_result == 0);
+
+ io_result = io_read(fip_hdr_handle, (uintptr_t)&magic, sizeof(magic),
+ &bytes_read);
+ if ((io_result != 0) || (bytes_read != sizeof(magic))) {
+ panic();
+ }
+
+ io_close(fip_hdr_handle);
+
+ VERBOSE("%s: eMMC boot magic at offset 256K: %08x\n",
+ __func__, magic);
+
+ return magic;
+}
+#endif
+
static void print_boot_device(boot_api_context_t *boot_context)
{
switch (boot_context->boot_interface_selected) {
@@ -195,7 +226,7 @@
panic();
}
- /* Open MMC as a block device to read GPT table */
+ /* Open MMC as a block device to read FIP */
io_result = register_io_dev_block(&mmc_dev_con);
if (io_result != 0) {
panic();
@@ -204,6 +235,25 @@
io_result = io_dev_open(mmc_dev_con, (uintptr_t)&mmc_block_dev_spec,
&storage_dev_handle);
assert(io_result == 0);
+
+#if STM32MP_EMMC_BOOT
+ if (mmc_dev_type == MMC_IS_EMMC) {
+ io_result = mmc_part_switch_current_boot();
+ assert(io_result == 0);
+
+ if (get_boot_part_fip_header() != TOC_HEADER_NAME) {
+ WARN("%s: Can't find FIP header on eMMC boot partition. Trying GPT\n",
+ __func__);
+ io_result = mmc_part_switch_user();
+ assert(io_result == 0);
+ return;
+ }
+
+ VERBOSE("%s: FIP header found on eMMC boot partition\n",
+ __func__);
+ image_block_spec.offset = STM32MP_EMMC_BOOT_FIP_OFFSET;
+ }
+#endif
}
#endif /* STM32MP_SDMMC || STM32MP_EMMC */
@@ -385,8 +435,14 @@
switch (boot_itf) {
#if STM32MP_SDMMC || STM32MP_EMMC
- case BOOT_API_CTX_BOOT_INTERFACE_SEL_FLASH_SD:
case BOOT_API_CTX_BOOT_INTERFACE_SEL_FLASH_EMMC:
+#if STM32MP_EMMC_BOOT
+ if (image_block_spec.offset == STM32MP_EMMC_BOOT_FIP_OFFSET) {
+ break;
+ }
+#endif
+ /* fallthrough */
+ case BOOT_API_CTX_BOOT_INTERFACE_SEL_FLASH_SD:
if (!gpt_init_done) {
/*
* With FWU Multi Bank feature enabled, the selection of
diff --git a/plat/st/common/include/stm32mp_common.h b/plat/st/common/include/stm32mp_common.h
index 0010cd8..79f81db 100644
--- a/plat/st/common/include/stm32mp_common.h
+++ b/plat/st/common/include/stm32mp_common.h
@@ -127,6 +127,9 @@
void stm32_save_boot_interface(uint32_t interface, uint32_t instance);
void stm32_get_boot_interface(uint32_t *interface, uint32_t *instance);
+/* Functions to save and get boot authentication status and partition used */
+void stm32_save_boot_auth(uint32_t auth_status, uint32_t boot_partition);
+
#if !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT
void stm32mp1_fwu_set_boot_idx(void);
uint32_t stm32_get_and_dec_fwu_trial_boot_cnt(void);
diff --git a/plat/st/stm32mp1/bl2_plat_setup.c b/plat/st/stm32mp1/bl2_plat_setup.c
index 6f5fcc7..5015f7d 100644
--- a/plat/st/stm32mp1/bl2_plat_setup.c
+++ b/plat/st/stm32mp1/bl2_plat_setup.c
@@ -316,6 +316,8 @@
stm32_save_boot_interface(boot_context->boot_interface_selected,
boot_context->boot_interface_instance);
+ stm32_save_boot_auth(boot_context->auth_status,
+ boot_context->boot_partition_used_toboot);
#if STM32MP_USB_PROGRAMMER && STM32MP15
/* Deconfigure all UART RX pins configured by ROM code */
@@ -470,11 +472,13 @@
/* Init base and size for pager if exist */
paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
- assert(paged_mem_params != NULL);
- paged_mem_params->image_info.image_base = STM32MP_DDR_BASE +
- (dt_get_ddr_size() - STM32MP_DDR_S_SIZE -
- STM32MP_DDR_SHMEM_SIZE);
- paged_mem_params->image_info.image_max_size = STM32MP_DDR_S_SIZE;
+ if (paged_mem_params != NULL) {
+ paged_mem_params->image_info.image_base = STM32MP_DDR_BASE +
+ (dt_get_ddr_size() - STM32MP_DDR_S_SIZE -
+ STM32MP_DDR_SHMEM_SIZE);
+ paged_mem_params->image_info.image_max_size =
+ STM32MP_DDR_S_SIZE;
+ }
break;
case BL33_IMAGE_ID:
@@ -494,11 +498,17 @@
case BL32_IMAGE_ID:
if (optee_header_is_valid(bl_mem_params->image_info.image_base)) {
+ image_info_t *paged_image_info = NULL;
+
/* BL32 is OP-TEE header */
bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base;
pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
+ assert(pager_mem_params != NULL);
+
paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
- assert((pager_mem_params != NULL) && (paged_mem_params != NULL));
+ if (paged_mem_params != NULL) {
+ paged_image_info = &paged_mem_params->image_info;
+ }
#if STM32MP_USE_STM32IMAGE && defined(AARCH32_SP_OPTEE)
/* Set OP-TEE extra image load areas at run-time */
@@ -514,16 +524,22 @@
err = parse_optee_header(&bl_mem_params->ep_info,
&pager_mem_params->image_info,
- &paged_mem_params->image_info);
- if (err) {
+ paged_image_info);
+ if (err != 0) {
ERROR("OPTEE header parse error.\n");
panic();
}
/* Set optee boot info from parsed header data */
- bl_mem_params->ep_info.args.arg0 = paged_mem_params->image_info.image_base;
- bl_mem_params->ep_info.args.arg1 = 0; /* Unused */
- bl_mem_params->ep_info.args.arg2 = 0; /* No DT supported */
+ if (paged_mem_params != NULL) {
+ bl_mem_params->ep_info.args.arg0 =
+ paged_mem_params->image_info.image_base;
+ } else {
+ bl_mem_params->ep_info.args.arg0 = 0U;
+ }
+
+ bl_mem_params->ep_info.args.arg1 = 0U; /* Unused */
+ bl_mem_params->ep_info.args.arg2 = 0U; /* No DT supported */
} else {
#if !STM32MP_USE_STM32IMAGE
bl_mem_params->ep_info.pc = bl_mem_params->image_info.image_base;
diff --git a/plat/st/stm32mp1/plat_bl2_mem_params_desc.c b/plat/st/stm32mp1/plat_bl2_mem_params_desc.c
index 7963c4a..9ca0930 100644
--- a/plat/st/stm32mp1/plat_bl2_mem_params_desc.c
+++ b/plat/st/stm32mp1/plat_bl2_mem_params_desc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -68,6 +68,7 @@
.next_handoff_image_id = INVALID_IMAGE_ID,
},
+#if STM32MP15
/* Fill BL32 external 2 image related information */
{
.image_id = BL32_EXTRA2_IMAGE_ID,
@@ -82,6 +83,7 @@
.next_handoff_image_id = INVALID_IMAGE_ID,
},
+#endif
/* Fill HW_CONFIG related information if it exists */
{
diff --git a/plat/st/stm32mp1/platform.mk b/plat/st/stm32mp1/platform.mk
index 127e318..a903a16 100644
--- a/plat/st/stm32mp1/platform.mk
+++ b/plat/st/stm32mp1/platform.mk
@@ -65,6 +65,10 @@
# STM32 image header version v1.0
STM32_HEADER_VERSION_MAJOR:= 1
STM32_HEADER_VERSION_MINOR:= 0
+
+# Add OP-TEE reserved shared memory area in mapping
+STM32MP15_OPTEE_RSV_SHM := 1
+$(eval $(call add_defines,STM32MP15_OPTEE_RSV_SHM))
endif
# STM32 image header binary type for BL2
diff --git a/plat/st/stm32mp1/stm32mp1_fip_def.h b/plat/st/stm32mp1/stm32mp1_fip_def.h
index 7a277fd..82e53db 100644
--- a/plat/st/stm32mp1/stm32mp1_fip_def.h
+++ b/plat/st/stm32mp1/stm32mp1_fip_def.h
@@ -7,8 +7,13 @@
#ifndef STM32MP1_FIP_DEF_H
#define STM32MP1_FIP_DEF_H
+#if STM32MP15_OPTEE_RSV_SHM
#define STM32MP_DDR_S_SIZE U(0x01E00000) /* 30 MB */
#define STM32MP_DDR_SHMEM_SIZE U(0x00200000) /* 2 MB */
+#else
+#define STM32MP_DDR_S_SIZE U(0x02000000) /* 32 MB */
+#define STM32MP_DDR_SHMEM_SIZE U(0) /* empty */
+#endif
#if STM32MP13
#define STM32MP_BL2_RO_SIZE U(0x00015000) /* 84 KB */
@@ -98,8 +103,9 @@
#endif
/*******************************************************************************
- * STM32MP1 RAW partition offset for MTD devices
+ * STM32MP1 RAW partition offset for devices without GPT
******************************************************************************/
+#define STM32MP_EMMC_BOOT_FIP_OFFSET U(0x00040000)
#define STM32MP_NOR_FIP_OFFSET U(0x00080000)
#define STM32MP_NAND_FIP_OFFSET U(0x00200000)
diff --git a/plat/st/stm32mp1/stm32mp1_private.c b/plat/st/stm32mp1/stm32mp1_private.c
index 1617afd..86b9f23 100644
--- a/plat/st/stm32mp1/stm32mp1_private.c
+++ b/plat/st/stm32mp1/stm32mp1_private.c
@@ -43,8 +43,10 @@
#if STM32MP15
#define TAMP_BOOT_MODE_BACKUP_REG_ID U(20)
#endif
-#define TAMP_BOOT_MODE_ITF_MASK U(0x0000FF00)
+#define TAMP_BOOT_MODE_ITF_MASK GENMASK(15, 8)
#define TAMP_BOOT_MODE_ITF_SHIFT 8
+#define TAMP_BOOT_MODE_AUTH_MASK GENMASK(23, 16)
+#define TAMP_BOOT_MODE_AUTH_SHIFT 16
/*
* Backup register to store fwu update information.
@@ -52,9 +54,9 @@
* (so it should be in Zone 2).
*/
#define TAMP_BOOT_FWU_INFO_REG_ID U(10)
-#define TAMP_BOOT_FWU_INFO_IDX_MSK U(0xF)
+#define TAMP_BOOT_FWU_INFO_IDX_MSK GENMASK(3, 0)
#define TAMP_BOOT_FWU_INFO_IDX_OFF U(0)
-#define TAMP_BOOT_FWU_INFO_CNT_MSK U(0xF0)
+#define TAMP_BOOT_FWU_INFO_CNT_MSK GENMASK(7, 4)
#define TAMP_BOOT_FWU_INFO_CNT_OFF U(4)
#if defined(IMAGE_BL2)
@@ -199,6 +201,8 @@
int stm32_get_gpio_bank_pinctrl_node(void *fdt, unsigned int bank)
{
+ const char *node_compatible = NULL;
+
switch (bank) {
case GPIO_BANK_A:
case GPIO_BANK_B:
@@ -209,18 +213,24 @@
case GPIO_BANK_G:
case GPIO_BANK_H:
case GPIO_BANK_I:
+#if STM32MP13
+ node_compatible = "st,stm32mp135-pinctrl";
+ break;
+#endif
#if STM32MP15
case GPIO_BANK_J:
case GPIO_BANK_K:
-#endif
- return fdt_path_offset(fdt, "/soc/pin-controller");
-#if STM32MP15
+ node_compatible = "st,stm32mp157-pinctrl";
+ break;
case GPIO_BANK_Z:
- return fdt_path_offset(fdt, "/soc/pin-controller-z");
+ node_compatible = "st,stm32mp157-z-pinctrl";
+ break;
#endif
default:
panic();
}
+
+ return fdt_node_offset_by_compatible(fdt, -1, node_compatible);
}
#if STM32MP_UART_PROGRAMMER || !defined(IMAGE_BL2)
@@ -738,6 +748,20 @@
*instance = itf & 0xFU;
}
+void stm32_save_boot_auth(uint32_t auth_status, uint32_t boot_partition)
+{
+ uint32_t boot_status = tamp_bkpr(TAMP_BOOT_MODE_BACKUP_REG_ID);
+
+ clk_enable(RTCAPB);
+
+ mmio_clrsetbits_32(boot_status,
+ TAMP_BOOT_MODE_AUTH_MASK,
+ ((auth_status << 4) | (boot_partition & 0xFU)) <<
+ TAMP_BOOT_MODE_AUTH_SHIFT);
+
+ clk_disable(RTCAPB);
+}
+
#if !STM32MP_USE_STM32IMAGE && PSA_FWU_SUPPORT
void stm32mp1_fwu_set_boot_idx(void)
{
diff --git a/plat/st/stm32mp1/stm32mp1_stm32image_def.h b/plat/st/stm32mp1/stm32mp1_stm32image_def.h
index 8efa342..6260cb9 100644
--- a/plat/st/stm32mp1/stm32mp1_stm32image_def.h
+++ b/plat/st/stm32mp1/stm32mp1_stm32image_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2021, STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2021-2022, STMicroelectronics - All Rights Reserved
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,9 +8,14 @@
#define STM32MP1_STM32IMAGE_DEF_H
#ifdef AARCH32_SP_OPTEE
+#if STM32MP15_OPTEE_RSV_SHM
#define STM32MP_DDR_S_SIZE U(0x01E00000) /* 30 MB */
#define STM32MP_DDR_SHMEM_SIZE U(0x00200000) /* 2 MB */
#else
+#define STM32MP_DDR_S_SIZE U(0x02000000) /* 32 MB */
+#define STM32MP_DDR_SHMEM_SIZE U(0) /* empty */
+#endif
+#else
#define STM32MP_DDR_S_SIZE U(0)
#define STM32MP_DDR_SHMEM_SIZE U(0)
#endif
diff --git a/plat/xilinx/common/include/pm_client.h b/plat/xilinx/common/include/pm_client.h
index e91bb8f..dc012b7 100644
--- a/plat/xilinx/common/include/pm_client.h
+++ b/plat/xilinx/common/include/pm_client.h
@@ -16,7 +16,7 @@
#include "pm_defs.h"
/* Functions to be implemented by each PU */
-void pm_client_suspend(const struct pm_proc *proc, unsigned int state);
+void pm_client_suspend(const struct pm_proc *proc, uint32_t state);
void pm_client_abort_suspend(void);
void pm_client_wakeup(const struct pm_proc *proc);
@@ -24,7 +24,6 @@
extern const struct pm_proc *primary_proc;
#ifndef VERSAL_PLATFORM
-enum pm_ret_status set_ocm_retention(void);
enum pm_ret_status pm_set_suspend_mode(uint32_t mode);
const struct pm_proc *pm_get_proc_by_node(enum pm_node_id nid);
#endif
diff --git a/plat/xilinx/common/include/pm_common.h b/plat/xilinx/common/include/pm_common.h
index 0c24a36..06efa4b 100644
--- a/plat/xilinx/common/include/pm_common.h
+++ b/plat/xilinx/common/include/pm_common.h
@@ -48,10 +48,10 @@
*/
struct pm_proc {
const uint32_t node_id;
- const unsigned int pwrdn_mask;
+ const uint32_t pwrdn_mask;
const struct pm_ipi *ipi;
};
-const struct pm_proc *pm_get_proc(unsigned int cpuid);
+const struct pm_proc *pm_get_proc(uint32_t cpuid);
#endif /* PM_COMMON_H */
diff --git a/plat/xilinx/common/include/pm_ipi.h b/plat/xilinx/common/include/pm_ipi.h
index 8c7738d..2d20b9f 100644
--- a/plat/xilinx/common/include/pm_ipi.h
+++ b/plat/xilinx/common/include/pm_ipi.h
@@ -13,7 +13,7 @@
#define IPI_BLOCKING 1
#define IPI_NON_BLOCKING 0
-int pm_ipi_init(const struct pm_proc *proc);
+int32_t pm_ipi_init(const struct pm_proc *proc);
enum pm_ret_status pm_ipi_send(const struct pm_proc *proc,
uint32_t payload[PAYLOAD_ARG_CNT]);
@@ -21,8 +21,8 @@
uint32_t payload[PAYLOAD_ARG_CNT]);
enum pm_ret_status pm_ipi_send_sync(const struct pm_proc *proc,
uint32_t payload[PAYLOAD_ARG_CNT],
- unsigned int *value, size_t count);
-void pm_ipi_buff_read_callb(unsigned int *value, size_t count);
+ uint32_t *value, size_t count);
+void pm_ipi_buff_read_callb(uint32_t *value, size_t count);
void pm_ipi_irq_enable(const struct pm_proc *proc);
void pm_ipi_irq_clear(const struct pm_proc *proc);
uint32_t pm_ipi_irq_status(const struct pm_proc *proc);
diff --git a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
index f531158..cb6aaa5 100644
--- a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
+++ b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
@@ -64,13 +64,13 @@
* function with rt_svc_handle signature
*/
uint64_t ipi_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
- uint64_t x3, uint64_t x4, void *cookie,
+ uint64_t x3, uint64_t x4, const void *cookie,
void *handle, uint64_t flags)
{
- int ret;
+ int32_t ret;
uint32_t ipi_local_id;
uint32_t ipi_remote_id;
- unsigned int is_secure;
+ uint32_t is_secure;
ipi_local_id = x1 & UNSIGNED32_MASK;
ipi_remote_id = x2 & UNSIGNED32_MASK;
@@ -94,7 +94,7 @@
SMC_RET1(handle, 0);
case IPI_MAILBOX_STATUS_ENQUIRY:
{
- int disable_irq;
+ int32_t disable_irq;
disable_irq = (x3 & IPI_SMC_ENQUIRY_DIRQ_MASK) ? 1 : 0;
ret = ipi_mb_enquire_status(ipi_local_id, ipi_remote_id);
@@ -112,7 +112,7 @@
}
case IPI_MAILBOX_ACK:
{
- int enable_irq;
+ int32_t enable_irq;
enable_irq = (x3 & IPI_SMC_ACK_EIRQ_MASK) ? 1 : 0;
ipi_mb_ack(ipi_local_id, ipi_remote_id);
diff --git a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h
index 10682d8..af13db9 100644
--- a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h
+++ b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h
@@ -33,7 +33,7 @@
/* IPI SMC handler */
uint64_t ipi_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2,
- uint64_t x3, uint64_t x4, void *cookie, void *handle,
+ uint64_t x3, uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
#endif /* IPI_MAILBOX_SVC_H */
diff --git a/plat/xilinx/common/plat_startup.c b/plat/xilinx/common/plat_startup.c
index b8f88c4..bf262c4 100644
--- a/plat/xilinx/common/plat_startup.c
+++ b/plat/xilinx/common/plat_startup.c
@@ -75,7 +75,7 @@
*
* Return: FSBL_FLAGS_A53_0, FSBL_FLAGS_A53_1, FSBL_FLAGS_A53_2 or FSBL_FLAGS_A53_3
*/
-static int get_fsbl_cpu(const struct xfsbl_partition *partition)
+static int32_t get_fsbl_cpu(const struct xfsbl_partition *partition)
{
uint64_t flags = partition->flags & FSBL_FLAGS_CPU_MASK;
@@ -89,7 +89,7 @@
*
* Return: FSBL_FLAGS_EL0, FSBL_FLAGS_EL1, FSBL_FLAGS_EL2 or FSBL_FLAGS_EL3
*/
-static int get_fsbl_el(const struct xfsbl_partition *partition)
+static int32_t get_fsbl_el(const struct xfsbl_partition *partition)
{
uint64_t flags = partition->flags & FSBL_FLAGS_EL_MASK;
@@ -103,7 +103,7 @@
*
* Return: FSBL_FLAGS_NON_SECURE or FSBL_FLAGS_SECURE
*/
-static int get_fsbl_ss(const struct xfsbl_partition *partition)
+static int32_t get_fsbl_ss(const struct xfsbl_partition *partition)
{
uint64_t flags = partition->flags & FSBL_FLAGS_TZ_MASK;
@@ -117,7 +117,7 @@
*
* Return: SPSR_E_LITTLE or SPSR_E_BIG
*/
-static int get_fsbl_endian(const struct xfsbl_partition *partition)
+static int32_t get_fsbl_endian(const struct xfsbl_partition *partition)
{
uint64_t flags = partition->flags & FSBL_FLAGS_ENDIAN_MASK;
@@ -137,7 +137,7 @@
*
* Return: FSBL_FLAGS_ESTATE_A32 or FSBL_FLAGS_ESTATE_A64
*/
-static int get_fsbl_estate(const struct xfsbl_partition *partition)
+static int32_t get_fsbl_estate(const struct xfsbl_partition *partition)
{
uint64_t flags = partition->flags & FSBL_FLAGS_ESTATE_MASK;
@@ -193,8 +193,8 @@
*/
for (size_t i = 0; i < ATFHandoffParams->num_entries; i++) {
entry_point_info_t *image;
- int target_estate, target_secure;
- int target_cpu, target_endianness, target_el;
+ int32_t target_estate, target_secure;
+ int32_t target_cpu, target_endianness, target_el;
VERBOSE("BL31: %zd: entry:0x%" PRIx64 ", flags:0x%" PRIx64 "\n", i,
ATFHandoffParams->partition[i].entry_point,
diff --git a/plat/xilinx/common/pm_service/pm_ipi.c b/plat/xilinx/common/pm_service/pm_ipi.c
index 1d1ba85..12313f2 100644
--- a/plat/xilinx/common/pm_service/pm_ipi.c
+++ b/plat/xilinx/common/pm_service/pm_ipi.c
@@ -30,7 +30,7 @@
*
* Called from pm_setup initialization function
*/
-int pm_ipi_init(const struct pm_proc *proc)
+int32_t pm_ipi_init(const struct pm_proc *proc)
{
bakery_lock_init(&pm_secure_lock);
ipi_mb_open(proc->ipi->local_ipi_id, proc->ipi->remote_ipi_id);
@@ -131,12 +131,12 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ipi_buff_read(const struct pm_proc *proc,
- unsigned int *value, size_t count)
+ uint32_t *value, size_t count)
{
size_t i;
#if IPI_CRC_CHECK
size_t j;
- unsigned int response_payload[PAYLOAD_ARG_CNT];
+ uint32_t response_payload[PAYLOAD_ARG_CNT];
#endif
uintptr_t buffer_base = proc->ipi->buffer_base +
IPI_BUFFER_TARGET_REMOTE_OFFSET +
@@ -177,7 +177,7 @@
*
* @return Returns status, either success or error+reason
*/
-void pm_ipi_buff_read_callb(unsigned int *value, size_t count)
+void pm_ipi_buff_read_callb(uint32_t *value, size_t count)
{
size_t i;
#if IPI_CRC_CHECK
@@ -224,7 +224,7 @@
*/
enum pm_ret_status pm_ipi_send_sync(const struct pm_proc *proc,
uint32_t payload[PAYLOAD_ARG_CNT],
- unsigned int *value, size_t count)
+ uint32_t *value, size_t count)
{
enum pm_ret_status ret;
@@ -255,7 +255,7 @@
uint32_t pm_ipi_irq_status(const struct pm_proc *proc)
{
- int ret;
+ int32_t ret;
ret = ipi_mb_enquire_status(proc->ipi->local_ipi_id,
proc->ipi->remote_ipi_id);
diff --git a/plat/xilinx/versal/aarch64/versal_common.c b/plat/xilinx/versal/aarch64/versal_common.c
index 897ed59..f55cde9 100644
--- a/plat/xilinx/versal/aarch64/versal_common.c
+++ b/plat/xilinx/versal/aarch64/versal_common.c
@@ -47,7 +47,7 @@
generic_delay_timer_init();
}
-unsigned int plat_get_syscnt_freq2(void)
+uint32_t plat_get_syscnt_freq2(void)
{
return VERSAL_CPU_CLOCK;
}
diff --git a/plat/xilinx/versal/bl31_versal_setup.c b/plat/xilinx/versal/bl31_versal_setup.c
index 78bfc29..0d0d598 100644
--- a/plat/xilinx/versal/bl31_versal_setup.c
+++ b/plat/xilinx/versal/bl31_versal_setup.c
@@ -67,19 +67,19 @@
if (VERSAL_CONSOLE_IS(pl011) || (VERSAL_CONSOLE_IS(pl011_1))) {
static console_t versal_runtime_console;
/* Initialize the console to provide early debug support */
- int rc = console_pl011_register((unsigned long)VERSAL_UART_BASE,
- (unsigned int)VERSAL_UART_CLOCK,
- (unsigned int)VERSAL_UART_BAUDRATE,
+ int32_t rc = console_pl011_register((unsigned long)VERSAL_UART_BASE,
+ (uint32_t)VERSAL_UART_CLOCK,
+ (uint32_t)VERSAL_UART_BAUDRATE,
&versal_runtime_console);
if (rc == 0) {
panic();
}
- console_set_scope(&versal_runtime_console, (unsigned int)(CONSOLE_FLAG_BOOT |
+ console_set_scope(&versal_runtime_console, (uint32_t)(CONSOLE_FLAG_BOOT |
CONSOLE_FLAG_RUNTIME));
} else if (VERSAL_CONSOLE_IS(dcc)) {
/* Initialize the dcc console for debug */
- int rc = console_dcc_register();
+ int32_t rc = console_dcc_register();
if (rc == 0) {
panic();
}
@@ -126,7 +126,7 @@
static interrupt_type_handler_t type_el3_interrupt_handler;
-int request_intr_type_el3(uint32_t id, interrupt_type_handler_t handler)
+int32_t request_intr_type_el3(uint32_t id, interrupt_type_handler_t handler)
{
/* Validate 'handler'*/
if (handler == NULL) {
diff --git a/plat/xilinx/versal/include/plat_private.h b/plat/xilinx/versal/include/plat_private.h
index d12d13a..109c95e 100644
--- a/plat/xilinx/versal/include/plat_private.h
+++ b/plat/xilinx/versal/include/plat_private.h
@@ -22,11 +22,11 @@
void plat_versal_gic_save(void);
void plat_versal_gic_resume(void);
-unsigned int versal_calc_core_pos(u_register_t mpidr);
+uint32_t versal_calc_core_pos(u_register_t mpidr);
/*
* Register handler to specific GIC entrance
* for INTR_TYPE_EL3 type of interrupt
*/
-int request_intr_type_el3(uint32_t irq, interrupt_type_handler_t fiq_handler);
+int32_t request_intr_type_el3(uint32_t irq, interrupt_type_handler_t fiq_handler);
#endif /* PLAT_PRIVATE_H */
diff --git a/plat/xilinx/versal/plat_psci.c b/plat/xilinx/versal/plat_psci.c
index eb05e58..acecbb1 100644
--- a/plat/xilinx/versal/plat_psci.c
+++ b/plat/xilinx/versal/plat_psci.c
@@ -19,9 +19,9 @@
static uintptr_t versal_sec_entry;
-static int versal_pwr_domain_on(u_register_t mpidr)
+static int32_t versal_pwr_domain_on(u_register_t mpidr)
{
- int cpu_id = plat_core_pos_by_mpidr(mpidr);
+ int32_t cpu_id = plat_core_pos_by_mpidr(mpidr);
const struct pm_proc *proc;
VERBOSE("%s: mpidr: 0x%lx\n", __func__, mpidr);
@@ -30,7 +30,7 @@
return PSCI_E_INTERN_FAIL;
}
- proc = pm_get_proc((unsigned int)cpu_id);
+ proc = pm_get_proc((uint32_t)cpu_id);
/* Send request to PMC to wake up selected ACPU core */
(void)pm_req_wakeup(proc->node_id, (versal_sec_entry & 0xFFFFFFFFU) | 0x1U,
@@ -50,8 +50,8 @@
*/
static void versal_pwr_domain_suspend(const psci_power_state_t *target_state)
{
- unsigned int state;
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t state;
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0U; i <= PLAT_MAX_PWR_LVL; i++) {
@@ -88,7 +88,7 @@
static void versal_pwr_domain_suspend_finish(
const psci_power_state_t *target_state)
{
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0U; i <= PLAT_MAX_PWR_LVL; i++) {
@@ -156,7 +156,7 @@
*/
static void versal_pwr_domain_off(const psci_power_state_t *target_state)
{
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0U; i <= PLAT_MAX_PWR_LVL; i++) {
@@ -188,12 +188,12 @@
*
* @return Returns status, either success or reason
*/
-static int versal_validate_power_state(unsigned int power_state,
+static int32_t versal_validate_power_state(uint32_t power_state,
psci_power_state_t *req_state)
{
VERBOSE("%s: power_state: 0x%x\n", __func__, power_state);
- unsigned int pstate = psci_get_pstate_type(power_state);
+ uint32_t pstate = psci_get_pstate_type(power_state);
assert(req_state);
diff --git a/plat/xilinx/versal/plat_topology.c b/plat/xilinx/versal/plat_topology.c
index 66d4fae..6a94544 100644
--- a/plat/xilinx/versal/plat_topology.c
+++ b/plat/xilinx/versal/plat_topology.c
@@ -6,9 +6,9 @@
#include <platform_def.h>
-static const unsigned char plat_power_domain_tree_desc[] = {1, PLATFORM_CORE_COUNT};
+static const uint8_t plat_power_domain_tree_desc[] = {1, PLATFORM_CORE_COUNT};
-const unsigned char *plat_get_power_domain_tree_desc(void)
+const uint8_t *plat_get_power_domain_tree_desc(void)
{
return plat_power_domain_tree_desc;
}
diff --git a/plat/xilinx/versal/plat_versal.c b/plat/xilinx/versal/plat_versal.c
index 54c35b6..132c7b7 100644
--- a/plat/xilinx/versal/plat_versal.c
+++ b/plat/xilinx/versal/plat_versal.c
@@ -7,7 +7,7 @@
#include <plat_private.h>
#include <plat/common/platform.h>
-int plat_core_pos_by_mpidr(u_register_t mpidr)
+int32_t plat_core_pos_by_mpidr(u_register_t mpidr)
{
if ((mpidr & MPIDR_CLUSTER_MASK) != 0U) {
return -1;
@@ -17,5 +17,5 @@
return -1;
}
- return (int)versal_calc_core_pos(mpidr);
+ return (int32_t)versal_calc_core_pos(mpidr);
}
diff --git a/plat/xilinx/versal/pm_service/pm_api_sys.c b/plat/xilinx/versal/pm_service/pm_api_sys.c
index 04258cc..db78049 100644
--- a/plat/xilinx/versal/pm_service/pm_api_sys.c
+++ b/plat/xilinx/versal/pm_service/pm_api_sys.c
@@ -28,14 +28,14 @@
#define MODULE_ID_MASK 0x0000ff00
/* default shutdown/reboot scope is system(2) */
-static unsigned int pm_shutdown_scope = XPM_SHUTDOWN_SUBTYPE_RST_SYSTEM;
+static uint32_t pm_shutdown_scope = XPM_SHUTDOWN_SUBTYPE_RST_SYSTEM;
/**
* pm_get_shutdown_scope() - Get the currently set shutdown scope
*
* @return Shutdown scope value
*/
-unsigned int pm_get_shutdown_scope(void)
+uint32_t pm_get_shutdown_scope(void)
{
return pm_shutdown_scope;
}
@@ -93,8 +93,9 @@
module_id = (x0 & MODULE_ID_MASK) >> 8;
//default module id is for LIBPM
- if (module_id == 0)
+ if (module_id == 0) {
module_id = LIBPM_MODULE_ID;
+ }
PM_PACK_PAYLOAD6(payload, module_id, flag, x0, x1, x2, x3, x4, x5);
return pm_ipi_send_sync(primary_proc, payload, (uint32_t *)result, PAYLOAD_ARG_CNT);
@@ -115,12 +116,12 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_self_suspend(uint32_t nid,
- unsigned int latency,
- unsigned int state,
+ uint32_t latency,
+ uint32_t state,
uintptr_t address, uint32_t flag)
{
uint32_t payload[PAYLOAD_ARG_CNT];
- unsigned int cpuid = plat_my_core_pos();
+ uint32_t cpuid = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpuid);
if (proc == NULL) {
@@ -182,7 +183,7 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_req_suspend(uint32_t target, uint8_t ack,
- unsigned int latency, unsigned int state,
+ uint32_t latency, uint32_t state,
uint32_t flag)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -501,7 +502,7 @@
return PM_RET_ERROR_ARGS;
}
gicd_write_irouter(gicv3_driver_data->gicd_base,
- (unsigned int)PLAT_VERSAL_IPI_IRQ, MODE);
+ (uint32_t)PLAT_VERSAL_IPI_IRQ, MODE);
ret = PM_RET_SUCCESS;
break;
default:
diff --git a/plat/xilinx/versal/pm_service/pm_api_sys.h b/plat/xilinx/versal/pm_service/pm_api_sys.h
index 86a46d0..8343533 100644
--- a/plat/xilinx/versal/pm_service/pm_api_sys.h
+++ b/plat/xilinx/versal/pm_service/pm_api_sys.h
@@ -18,14 +18,14 @@
uint32_t x2, uint32_t x3, uint32_t x4,
uint32_t x5, uint64_t *result);
enum pm_ret_status pm_self_suspend(uint32_t nid,
- unsigned int latency,
- unsigned int state,
+ uint32_t latency,
+ uint32_t state,
uintptr_t address, uint32_t flag);
enum pm_ret_status pm_abort_suspend(enum pm_abort_reason reason, uint32_t flag);
enum pm_ret_status pm_req_suspend(uint32_t target,
uint8_t ack,
- unsigned int latency,
- unsigned int state, uint32_t flag);
+ uint32_t latency,
+ uint32_t state, uint32_t flag);
enum pm_ret_status pm_req_wakeup(uint32_t target, uint32_t set_address,
uintptr_t address, uint8_t ack, uint32_t flag);
enum pm_ret_status pm_set_wakeup_source(uint32_t target, uint32_t device_id,
@@ -48,7 +48,7 @@
uint32_t *value, uint32_t flag);
enum pm_ret_status pm_query_data(uint32_t qid, uint32_t arg1, uint32_t arg2,
uint32_t arg3, uint32_t *data, uint32_t flag);
-unsigned int pm_get_shutdown_scope(void);
+uint32_t pm_get_shutdown_scope(void);
enum pm_ret_status pm_feature_check(uint32_t api_id, uint32_t *ret_payload,
uint32_t flag);
enum pm_ret_status pm_load_pdi(uint32_t src, uint32_t address_low,
diff --git a/plat/xilinx/versal/pm_service/pm_client.c b/plat/xilinx/versal/pm_service/pm_client.c
index 4012f32..ce5e533 100644
--- a/plat/xilinx/versal/pm_service/pm_client.c
+++ b/plat/xilinx/versal/pm_service/pm_client.c
@@ -105,7 +105,7 @@
*
* Return: PM node index corresponding to the specified interrupt
*/
-static enum pm_device_node_idx irq_to_pm_node_idx(unsigned int irq)
+static enum pm_device_node_idx irq_to_pm_node_idx(uint32_t irq)
{
assert(irq <= IRQ_MAX);
return irq_node_map[irq];
@@ -170,7 +170,7 @@
* required prior to sending suspend request to PMU
* Actions taken depend on the state system is suspending to.
*/
-void pm_client_suspend(const struct pm_proc *proc, unsigned int state)
+void pm_client_suspend(const struct pm_proc *proc, uint32_t state)
{
bakery_lock_get(&pm_client_secure_lock);
@@ -211,7 +211,7 @@
*
* Return: the cpu ID (starting from 0) for the subsystem
*/
-static unsigned int pm_get_cpuid(uint32_t nid)
+static uint32_t pm_get_cpuid(uint32_t nid)
{
for (size_t i = 0U; i < ARRAY_SIZE(pm_procs_all); i++) {
if (pm_procs_all[i].node_id == nid) {
@@ -229,7 +229,7 @@
*/
void pm_client_wakeup(const struct pm_proc *proc)
{
- unsigned int cpuid = pm_get_cpuid(proc->node_id);
+ uint32_t cpuid = pm_get_cpuid(proc->node_id);
if (cpuid == UNDEFINED_CPUID) {
return;
@@ -251,7 +251,7 @@
*
* Return: pointer to a proc structure if proc is found, otherwise NULL
*/
-const struct pm_proc *pm_get_proc(unsigned int cpuid)
+const struct pm_proc *pm_get_proc(uint32_t cpuid)
{
if (cpuid < ARRAY_SIZE(pm_procs_all)) {
return &pm_procs_all[cpuid];
diff --git a/plat/xilinx/versal/pm_service/pm_svc_main.c b/plat/xilinx/versal/pm_service/pm_svc_main.c
index 24b68e7..f4d04b8 100644
--- a/plat/xilinx/versal/pm_service/pm_svc_main.c
+++ b/plat/xilinx/versal/pm_service/pm_svc_main.c
@@ -25,19 +25,19 @@
/* pm_up = true - UP, pm_up = false - DOWN */
static bool pm_up;
-static unsigned int sgi = (unsigned int)INVALID_SGI;
+static uint32_t sgi = (uint32_t)INVALID_SGI;
static uint64_t ipi_fiq_handler(uint32_t id, uint32_t flags, void *handle,
void *cookie)
{
- unsigned int cpu;
- unsigned int reg;
+ uint32_t cpu;
+ uint32_t reg;
(void)plat_ic_acknowledge_interrupt();
cpu = plat_my_core_pos() + 1U;
- if ((unsigned int)sgi != (unsigned int)INVALID_SGI) {
- reg = (cpu | ((unsigned int)sgi << (unsigned int)XSCUGIC_SGIR_EL1_INITID_SHIFT));
+ if ((uint32_t)sgi != (uint32_t)INVALID_SGI) {
+ reg = (cpu | ((uint32_t)sgi << (uint32_t)XSCUGIC_SGIR_EL1_INITID_SHIFT));
write_icc_asgi1r_el1(reg);
}
@@ -59,7 +59,7 @@
* Update the SGI number to be used.
*
*/
-int pm_register_sgi(unsigned int sgi_num, unsigned int reset)
+int pm_register_sgi(uint32_t sgi_num, uint32_t reset)
{
if (reset == 1U) {
sgi = INVALID_SGI;
@@ -74,7 +74,7 @@
return -EINVAL;
}
- sgi = (unsigned int)sgi_num;
+ sgi = (uint32_t)sgi_num;
return 0;
}
@@ -93,7 +93,7 @@
*/
int pm_setup(void)
{
- int status, ret = 0;
+ int32_t status, ret = 0;
status = pm_ipi_init(primary_proc);
@@ -239,7 +239,7 @@
case TF_A_PM_REGISTER_SGI:
{
- int ret;
+ int32_t ret;
ret = pm_register_sgi(pm_arg[0], pm_arg[1]);
if (ret != 0) {
@@ -324,7 +324,7 @@
* function with rt_svc_handle signature
*/
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle, uint64_t flags)
+ uint64_t x4, const void *cookie, void *handle, uint64_t flags)
{
uintptr_t ret;
uint32_t pm_arg[PAYLOAD_ARG_CNT] = {0};
@@ -332,8 +332,9 @@
uint32_t api_id;
/* Handle case where PM wasn't initialized properly */
- if (!pm_up)
+ if (!pm_up) {
SMC_RET1(handle, SMC_UNK);
+ }
/*
* Mark BIT24 payload (i.e 1st bit of pm_arg[3] ) as non-secure (1)
@@ -352,16 +353,19 @@
api_id = smc_fid & FUNCID_NUM_MASK;
ret = eemi_for_compatibility(api_id, pm_arg, handle, security_flag);
- if (ret != (uintptr_t)0)
+ if (ret != (uintptr_t)0) {
return ret;
+ }
ret = eemi_psci_debugfs_handler(api_id, pm_arg, handle, flags);
- if (ret != (uintptr_t)0)
+ if (ret != (uintptr_t)0) {
return ret;
+ }
ret = TF_A_specific_handler(api_id, pm_arg, handle, security_flag);
- if (ret != (uintptr_t)0)
+ if (ret != (uintptr_t)0) {
return ret;
+ }
ret = eemi_handler(api_id, pm_arg, handle, security_flag);
diff --git a/plat/xilinx/versal/pm_service/pm_svc_main.h b/plat/xilinx/versal/pm_service/pm_svc_main.h
index 2dff5b2..b6e764f 100644
--- a/plat/xilinx/versal/pm_service/pm_svc_main.h
+++ b/plat/xilinx/versal/pm_service/pm_svc_main.h
@@ -9,10 +9,10 @@
#include <pm_common.h>
-int pm_setup(void);
+int32_t pm_setup(void);
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle,
+ uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
-int pm_register_sgi(unsigned int sgi_num, unsigned int reset);
+int32_t pm_register_sgi(uint32_t sgi_num, uint32_t reset);
#endif /* PM_SVC_MAIN_H */
diff --git a/plat/xilinx/versal/versal_gicv3.c b/plat/xilinx/versal/versal_gicv3.c
index 08e7cf9..d410906 100644
--- a/plat/xilinx/versal/versal_gicv3.c
+++ b/plat/xilinx/versal/versal_gicv3.c
@@ -53,7 +53,7 @@
* - All CPUs implemented in the system have MPIDR_EL1.MT bit set;
* - No CPUs implemented in the system use affinity level 3.
*/
-static unsigned int versal_gicv3_mpidr_hash(u_register_t mpidr)
+static uint32_t versal_gicv3_mpidr_hash(u_register_t mpidr)
{
mpidr |= (read_mpidr_el1() & MPIDR_MT_MASK);
return versal_calc_core_pos(mpidr);
diff --git a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
index 32b0123..5890311 100644
--- a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
+++ b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
@@ -29,7 +29,7 @@
{0}
};
-static unsigned int zynqmp_get_silicon_ver(void)
+static uint32_t zynqmp_get_silicon_ver(void)
{
static unsigned int ver;
@@ -43,7 +43,7 @@
return ver;
}
-unsigned int zynqmp_get_uart_clk(void)
+uint32_t zynqmp_get_uart_clk(void)
{
unsigned int ver = zynqmp_get_silicon_ver();
@@ -56,8 +56,8 @@
#if LOG_LEVEL >= LOG_LEVEL_NOTICE
static const struct {
- unsigned int id;
- unsigned int ver;
+ uint32_t id;
+ uint32_t ver;
char *name;
bool evexists;
} zynqmp_devices[] = {
@@ -215,7 +215,8 @@
#define ZYNQMP_PL_STATUS_MASK BIT(ZYNQMP_PL_STATUS_BIT)
#define ZYNQMP_CSU_VERSION_MASK ~(ZYNQMP_PL_STATUS_MASK)
-#define SILICON_ID_XCK26 0x4724093
+#define SILICON_ID_XCK24 0x4714093
+#define SILICON_ID_XCK26 0x4724093
static char *zynqmp_get_silicon_idcode_name(void)
{
@@ -251,9 +252,12 @@
}
if (i >= ARRAY_SIZE(zynqmp_devices)) {
- if (chipid[0] == SILICON_ID_XCK26) {
+ switch (chipid[0]) {
+ case SILICON_ID_XCK24:
+ return "XCK24";
+ case SILICON_ID_XCK26:
return "XCK26";
- } else {
+ default:
return "XCZUUNKN";
}
}
@@ -306,7 +310,7 @@
return zynqmp_get_silicon_idcode_name();
}
-static unsigned int zynqmp_get_ps_ver(void)
+static uint32_t zynqmp_get_ps_ver(void)
{
uint32_t ver = mmio_read_32(ZYNQMP_CSU_BASEADDR + ZYNQMP_CSU_VERSION_OFFSET);
@@ -318,8 +322,8 @@
static void zynqmp_print_platform_name(void)
{
- unsigned int ver = zynqmp_get_silicon_ver();
- unsigned int rtl = zynqmp_get_rtl_ver();
+ uint32_t ver = zynqmp_get_silicon_ver();
+ uint32_t rtl = zynqmp_get_rtl_ver();
char *label = "Unknown";
switch (ver) {
@@ -343,7 +347,7 @@
static inline void zynqmp_print_platform_name(void) { }
#endif
-unsigned int zynqmp_get_bootmode(void)
+uint32_t zynqmp_get_bootmode(void)
{
uint32_t r;
unsigned int ret;
@@ -375,9 +379,9 @@
generic_delay_timer_init();
}
-unsigned int plat_get_syscnt_freq2(void)
+uint32_t plat_get_syscnt_freq2(void)
{
- unsigned int ver = zynqmp_get_silicon_ver();
+ uint32_t ver = zynqmp_get_silicon_ver();
if (ver == ZYNQMP_CSU_VERSION_QEMU) {
return 65000000;
diff --git a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
index 6ded2e2..38ad32b 100644
--- a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
+++ b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
@@ -82,7 +82,7 @@
CONSOLE_FLAG_RUNTIME | CONSOLE_FLAG_BOOT);
} else if (ZYNQMP_CONSOLE_IS(dcc)) {
/* Initialize the dcc console for debug */
- int rc = console_dcc_register();
+ int32_t rc = console_dcc_register();
if (rc == 0) {
panic();
}
diff --git a/plat/xilinx/zynqmp/include/plat_private.h b/plat/xilinx/zynqmp/include/plat_private.h
index 288cc53..534777b 100644
--- a/plat/xilinx/zynqmp/include/plat_private.h
+++ b/plat/xilinx/zynqmp/include/plat_private.h
@@ -15,11 +15,11 @@
void zynqmp_config_setup(void);
-unsigned int zynqmp_calc_core_pos(u_register_t mpidr);
+uint32_t zynqmp_calc_core_pos(u_register_t mpidr);
/* ZynqMP specific functions */
-unsigned int zynqmp_get_uart_clk(void);
-unsigned int zynqmp_get_bootmode(void);
+uint32_t zynqmp_get_uart_clk(void);
+uint32_t zynqmp_get_bootmode(void);
#if ZYNQMP_WDT_RESTART
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index 9c1600a..66bbf30 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -40,8 +40,8 @@
# define BL31_BASE U(0xfffea000)
# define BL31_LIMIT U(0x100000000)
#else
-# define BL31_BASE U(0x1000)
-# define BL31_LIMIT U(0x7ffff)
+# define BL31_BASE U(0xfff5a000)
+# define BL31_LIMIT U(0x100000000)
#endif
#else
# define BL31_BASE (ZYNQMP_ATF_MEM_BASE)
diff --git a/plat/xilinx/zynqmp/plat_psci.c b/plat/xilinx/zynqmp/plat_psci.c
index f337cf5..655a776 100644
--- a/plat/xilinx/zynqmp/plat_psci.c
+++ b/plat/xilinx/zynqmp/plat_psci.c
@@ -29,9 +29,9 @@
wfi();
}
-static int zynqmp_pwr_domain_on(u_register_t mpidr)
+static int32_t zynqmp_pwr_domain_on(u_register_t mpidr)
{
- unsigned int cpu_id = plat_core_pos_by_mpidr(mpidr);
+ uint32_t cpu_id = plat_core_pos_by_mpidr(mpidr);
const struct pm_proc *proc;
uint32_t buff[3];
enum pm_ret_status ret;
@@ -60,7 +60,7 @@
static void zynqmp_pwr_domain_off(const psci_power_state_t *target_state)
{
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0; i <= PLAT_MAX_PWR_LVL; i++) {
@@ -84,8 +84,8 @@
static void zynqmp_pwr_domain_suspend(const psci_power_state_t *target_state)
{
- unsigned int state;
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t state;
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0; i <= PLAT_MAX_PWR_LVL; i++)
@@ -117,7 +117,7 @@
static void zynqmp_pwr_domain_suspend_finish(const psci_power_state_t *target_state)
{
- unsigned int cpu_id = plat_my_core_pos();
+ uint32_t cpu_id = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpu_id);
for (size_t i = 0; i <= PLAT_MAX_PWR_LVL; i++) {
@@ -171,12 +171,12 @@
}
}
-static int zynqmp_validate_power_state(unsigned int power_state,
+static int32_t zynqmp_validate_power_state(uint32_t power_state,
psci_power_state_t *req_state)
{
VERBOSE("%s: power_state: 0x%x\n", __func__, power_state);
- int pstate = psci_get_pstate_type(power_state);
+ int32_t pstate = psci_get_pstate_type(power_state);
assert(req_state);
diff --git a/plat/xilinx/zynqmp/plat_topology.c b/plat/xilinx/zynqmp/plat_topology.c
index aab24aa..41add9f 100644
--- a/plat/xilinx/zynqmp/plat_topology.c
+++ b/plat/xilinx/zynqmp/plat_topology.c
@@ -3,10 +3,11 @@
*
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <stdint.h>
-static const unsigned char plat_power_domain_tree_desc[] = {1, 4};
+static const uint8_t plat_power_domain_tree_desc[] = {1, 4};
-const unsigned char *plat_get_power_domain_tree_desc(void)
+const uint8_t *plat_get_power_domain_tree_desc(void)
{
return plat_power_domain_tree_desc;
}
diff --git a/plat/xilinx/zynqmp/plat_zynqmp.c b/plat/xilinx/zynqmp/plat_zynqmp.c
index 58a52a3..25ebac6 100644
--- a/plat/xilinx/zynqmp/plat_zynqmp.c
+++ b/plat/xilinx/zynqmp/plat_zynqmp.c
@@ -7,7 +7,7 @@
#include <plat_private.h>
#include <plat/common/platform.h>
-int plat_core_pos_by_mpidr(u_register_t mpidr)
+int32_t plat_core_pos_by_mpidr(u_register_t mpidr)
{
if (mpidr & MPIDR_CLUSTER_MASK) {
return -1;
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_clock.c b/plat/xilinx/zynqmp/pm_service/pm_api_clock.c
index 1ea741c..bfc6e44 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_clock.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_clock.c
@@ -228,8 +228,8 @@
struct pm_clock {
char name[CLK_NAME_LEN];
uint8_t num_nodes;
- unsigned int control_reg;
- unsigned int status_reg;
+ uint32_t control_reg;
+ uint32_t status_reg;
int32_t (*parents)[];
struct pm_clock_node(*nodes)[];
};
@@ -2396,7 +2396,7 @@
*
* Return: Returns 1 if clock is valid else 0.
*/
-static bool pm_clock_valid(unsigned int clock_id)
+static bool pm_clock_valid(uint32_t clock_id)
{
unsigned int i;
@@ -2415,7 +2415,7 @@
*
* Return: Returns type of clock (OUTPUT/EXTERNAL).
*/
-static unsigned int pm_clock_type(unsigned int clock_id)
+static uint32_t pm_clock_type(uint32_t clock_id)
{
return (clock_id < CLK_MAX_OUTPUT_CLK) ?
CLK_TYPE_OUTPUT : CLK_TYPE_EXTERNAL;
@@ -2429,7 +2429,7 @@
*
* @return Returns success.
*/
-enum pm_ret_status pm_api_clock_get_num_clocks(unsigned int *nclocks)
+enum pm_ret_status pm_api_clock_get_num_clocks(uint32_t *nclocks)
{
*nclocks = CLK_MAX;
@@ -2444,7 +2444,7 @@
* This function is used by master to get nmae of clock specified
* by given clock ID.
*/
-void pm_api_clock_get_name(unsigned int clock_id, char *name)
+void pm_api_clock_get_name(uint32_t clock_id, char *name)
{
if (clock_id == CLK_MAX) {
memcpy(name, END_OF_CLK, sizeof(END_OF_CLK) > CLK_NAME_LEN ?
@@ -2472,13 +2472,13 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_api_clock_get_topology(unsigned int clock_id,
- unsigned int index,
+enum pm_ret_status pm_api_clock_get_topology(uint32_t clock_id,
+ uint32_t index,
uint32_t *topology)
{
struct pm_clock_node *clock_nodes;
uint8_t num_nodes;
- unsigned int i;
+ uint32_t i;
uint16_t typeflags;
if (!pm_clock_valid(clock_id)) {
@@ -2528,13 +2528,13 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_api_clock_get_fixedfactor_params(unsigned int clock_id,
+enum pm_ret_status pm_api_clock_get_fixedfactor_params(uint32_t clock_id,
uint32_t *mul,
uint32_t *div)
{
struct pm_clock_node *clock_nodes;
uint8_t num_nodes;
- unsigned int type, i;
+ uint32_t type, i;
if (!pm_clock_valid(clock_id)) {
return PM_RET_ERROR_ARGS;
@@ -2581,11 +2581,11 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_api_clock_get_parents(unsigned int clock_id,
- unsigned int index,
+enum pm_ret_status pm_api_clock_get_parents(uint32_t clock_id,
+ uint32_t index,
uint32_t *parents)
{
- unsigned int i;
+ uint32_t i;
int32_t *clk_parents;
if (!pm_clock_valid(clock_id)) {
@@ -2630,7 +2630,7 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_api_clock_get_attributes(unsigned int clock_id,
+enum pm_ret_status pm_api_clock_get_attributes(uint32_t clock_id,
uint32_t *attr)
{
if (clock_id >= CLK_MAX) {
@@ -2857,7 +2857,7 @@
* returned state value is valid or an error if returned by PMU
*/
enum pm_ret_status pm_clock_pll_get_state(struct pm_pll *pll,
- unsigned int *state)
+ uint32_t *state)
{
enum pm_ret_status status;
enum pm_pll_mode mode;
@@ -2894,7 +2894,7 @@
*/
enum pm_ret_status pm_clock_pll_set_parent(struct pm_pll *pll,
enum clock_id clock_id,
- unsigned int parent_index)
+ uint32_t parent_index)
{
if (!pll) {
return PM_RET_ERROR_ARGS;
@@ -2927,7 +2927,7 @@
*/
enum pm_ret_status pm_clock_pll_get_parent(struct pm_pll *pll,
enum clock_id clock_id,
- unsigned int *parent_index)
+ uint32_t *parent_index)
{
if (!pll) {
return PM_RET_ERROR_ARGS;
@@ -2962,7 +2962,7 @@
* @return Success if mode is buffered or error if an argument is invalid
*/
enum pm_ret_status pm_clock_set_pll_mode(enum clock_id clock_id,
- unsigned int mode)
+ uint32_t mode)
{
struct pm_pll *pll = pm_clock_get_pll(clock_id);
@@ -2984,7 +2984,7 @@
* @return Success if mode is stored or error if an argument is invalid
*/
enum pm_ret_status pm_clock_get_pll_mode(enum clock_id clock_id,
- unsigned int *mode)
+ uint32_t *mode)
{
struct pm_pll *pll = pm_clock_get_pll(clock_id);
@@ -3002,7 +3002,7 @@
*
* @return Returns success if clock_id is valid, otherwise an error
*/
-enum pm_ret_status pm_clock_id_is_valid(unsigned int clock_id)
+enum pm_ret_status pm_clock_id_is_valid(uint32_t clock_id)
{
if (!pm_clock_valid(clock_id)) {
return PM_RET_ERROR_ARGS;
@@ -3022,7 +3022,7 @@
*
* @return True(1)=clock has the divider, false(0)=otherwise
*/
-uint8_t pm_clock_has_div(unsigned int clock_id, enum pm_clock_div_id div_id)
+uint8_t pm_clock_has_div(uint32_t clock_id, enum pm_clock_div_id div_id)
{
uint32_t i;
struct pm_clock_node *nodes;
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_clock.h b/plat/xilinx/zynqmp/pm_service/pm_api_clock.h
index 5efd63f..bc15592 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_clock.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_clock.h
@@ -292,20 +292,20 @@
struct pm_pll;
struct pm_pll *pm_clock_get_pll(enum clock_id clock_id);
struct pm_pll *pm_clock_get_pll_by_related_clk(enum clock_id clock_id);
-uint8_t pm_clock_has_div(unsigned int clock_id, enum pm_clock_div_id div_id);
+uint8_t pm_clock_has_div(uint32_t clock_id, enum pm_clock_div_id div_id);
-void pm_api_clock_get_name(unsigned int clock_id, char *name);
-enum pm_ret_status pm_api_clock_get_num_clocks(unsigned int *nclocks);
-enum pm_ret_status pm_api_clock_get_topology(unsigned int clock_id,
- unsigned int index,
+void pm_api_clock_get_name(uint32_t clock_id, char *name);
+enum pm_ret_status pm_api_clock_get_num_clocks(uint32_t *nclocks);
+enum pm_ret_status pm_api_clock_get_topology(uint32_t clock_id,
+ uint32_t index,
uint32_t *topology);
-enum pm_ret_status pm_api_clock_get_fixedfactor_params(unsigned int clock_id,
+enum pm_ret_status pm_api_clock_get_fixedfactor_params(uint32_t clock_id,
uint32_t *mul,
uint32_t *div);
-enum pm_ret_status pm_api_clock_get_parents(unsigned int clock_id,
- unsigned int index,
+enum pm_ret_status pm_api_clock_get_parents(uint32_t clock_id,
+ uint32_t index,
uint32_t *parents);
-enum pm_ret_status pm_api_clock_get_attributes(unsigned int clock_id,
+enum pm_ret_status pm_api_clock_get_attributes(uint32_t clock_id,
uint32_t *attr);
enum pm_ret_status pm_api_clock_get_max_divisor(enum clock_id clock_id,
uint8_t div_type,
@@ -313,21 +313,21 @@
enum pm_ret_status pm_clock_get_pll_node_id(enum clock_id clock_id,
enum pm_node_id *node_id);
-enum pm_ret_status pm_clock_id_is_valid(unsigned int clock_id);
+enum pm_ret_status pm_clock_id_is_valid(uint32_t clock_id);
enum pm_ret_status pm_clock_pll_enable(struct pm_pll *pll);
enum pm_ret_status pm_clock_pll_disable(struct pm_pll *pll);
enum pm_ret_status pm_clock_pll_get_state(struct pm_pll *pll,
- unsigned int *state);
+ uint32_t *state);
enum pm_ret_status pm_clock_pll_set_parent(struct pm_pll *pll,
enum clock_id clock_id,
- unsigned int parent_index);
+ uint32_t parent_index);
enum pm_ret_status pm_clock_pll_get_parent(struct pm_pll *pll,
enum clock_id clock_id,
- unsigned int *parent_index);
+ uint32_t *parent_index);
enum pm_ret_status pm_clock_set_pll_mode(enum clock_id clock_id,
- unsigned int mode);
+ uint32_t mode);
enum pm_ret_status pm_clock_get_pll_mode(enum clock_id clock_id,
- unsigned int *mode);
+ uint32_t *mode);
#endif /* PM_API_CLOCK_H */
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c b/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c
index f12143a..1380895 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c
@@ -29,9 +29,9 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_get_rpu_oper_mode(unsigned int *mode)
+static enum pm_ret_status pm_ioctl_get_rpu_oper_mode(uint32_t *mode)
{
- unsigned int val;
+ uint32_t val;
val = mmio_read_32(ZYNQMP_RPU_GLBL_CNTL);
val &= ZYNQMP_SLSPLIT_MASK;
@@ -55,9 +55,9 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_set_rpu_oper_mode(unsigned int mode)
+static enum pm_ret_status pm_ioctl_set_rpu_oper_mode(uint32_t mode)
{
- unsigned int val;
+ uint32_t val;
if (mmio_read_32(CRL_APB_RST_LPD_TOP) & CRL_APB_RPU_AMBA_RESET) {
return PM_RET_ERROR_ACCESS;
@@ -92,9 +92,9 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_config_boot_addr(enum pm_node_id nid,
- unsigned int value)
+ uint32_t value)
{
- unsigned int rpu_cfg_addr, val;
+ uint32_t rpu_cfg_addr, val;
if (nid == NODE_RPU_0) {
rpu_cfg_addr = ZYNQMP_RPU0_CFG;
@@ -128,9 +128,9 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_config_tcm_comb(unsigned int value)
+static enum pm_ret_status pm_ioctl_config_tcm_comb(uint32_t value)
{
- unsigned int val;
+ uint32_t val;
val = mmio_read_32(ZYNQMP_RPU_GLBL_CNTL);
@@ -156,8 +156,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_set_tapdelay_bypass(unsigned int type,
- unsigned int value)
+static enum pm_ret_status pm_ioctl_set_tapdelay_bypass(uint32_t type,
+ uint32_t value)
{
if ((value != PM_TAPDELAY_BYPASS_ENABLE &&
value != PM_TAPDELAY_BYPASS_DISABLE) || type >= PM_TAPDELAY_MAX) {
@@ -179,9 +179,9 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_set_sgmii_mode(enum pm_node_id nid,
- unsigned int value)
+ uint32_t value)
{
- unsigned int val, mask, shift;
+ uint32_t val, mask, shift;
enum pm_ret_status ret;
if (value != PM_SGMII_DISABLE && value != PM_SGMII_ENABLE) {
@@ -237,9 +237,9 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_sd_dll_reset(enum pm_node_id nid,
- unsigned int type)
+ uint32_t type)
{
- unsigned int mask, val;
+ uint32_t mask, val;
enum pm_ret_status ret;
if (nid == NODE_SD_0) {
@@ -288,11 +288,11 @@
*/
static enum pm_ret_status pm_ioctl_sd_set_tapdelay(enum pm_node_id nid,
enum tap_delay_type type,
- unsigned int value)
+ uint32_t value)
{
- unsigned int shift;
+ uint32_t shift;
enum pm_ret_status ret;
- unsigned int val, mask;
+ uint32_t val, mask;
if (nid == NODE_SD_0) {
shift = 0;
@@ -384,7 +384,7 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_set_pll_frac_mode
- (unsigned int pll, unsigned int mode)
+ (uint32_t pll, uint32_t mode)
{
return pm_clock_set_pll_mode(pll, mode);
}
@@ -400,7 +400,7 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_get_pll_frac_mode
- (unsigned int pll, unsigned int *mode)
+ (uint32_t pll, uint32_t *mode)
{
return pm_clock_get_pll_mode(pll, mode);
}
@@ -417,7 +417,7 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_set_pll_frac_data
- (unsigned int pll, unsigned int data)
+ (uint32_t pll, uint32_t data)
{
enum pm_node_id pll_nid;
enum pm_ret_status status;
@@ -442,7 +442,7 @@
* @return Returns status, either success or error+reason
*/
static enum pm_ret_status pm_ioctl_get_pll_frac_data
- (unsigned int pll, unsigned int *data)
+ (uint32_t pll, uint32_t *data)
{
enum pm_node_id pll_nid;
enum pm_ret_status status;
@@ -466,8 +466,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_write_ggs(unsigned int index,
- unsigned int value)
+static enum pm_ret_status pm_ioctl_write_ggs(uint32_t index,
+ uint32_t value)
{
if (index >= GGS_NUM_REGS) {
return PM_RET_ERROR_ARGS;
@@ -487,8 +487,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_read_ggs(unsigned int index,
- unsigned int *value)
+static enum pm_ret_status pm_ioctl_read_ggs(uint32_t index,
+ uint32_t *value)
{
if (index >= GGS_NUM_REGS) {
return PM_RET_ERROR_ARGS;
@@ -507,8 +507,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_write_pggs(unsigned int index,
- unsigned int value)
+static enum pm_ret_status pm_ioctl_write_pggs(uint32_t index,
+ uint32_t value)
{
if (index >= PGGS_NUM_REGS) {
return PM_RET_ERROR_ARGS;
@@ -527,11 +527,11 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_afi(unsigned int index,
- unsigned int value)
+static enum pm_ret_status pm_ioctl_afi(uint32_t index,
+ uint32_t value)
{
- unsigned int mask;
- unsigned int regarr[] = {0xFD360000U,
+ uint32_t mask;
+ uint32_t regarr[] = {0xFD360000U,
0xFD360014U,
0xFD370000U,
0xFD370014U,
@@ -572,8 +572,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_read_pggs(unsigned int index,
- unsigned int *value)
+static enum pm_ret_status pm_ioctl_read_pggs(uint32_t index,
+ uint32_t *value)
{
if (index >= PGGS_NUM_REGS) {
return PM_RET_ERROR_ARGS;
@@ -626,7 +626,7 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_ioctl_set_boot_health_status(unsigned int value)
+static enum pm_ret_status pm_ioctl_set_boot_health_status(uint32_t value)
{
return pm_mmio_write(PMU_GLOBAL_GEN_STORAGE4,
PM_BOOT_HEALTH_STATUS_MASK, value);
@@ -645,10 +645,10 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_api_ioctl(enum pm_node_id nid,
- unsigned int ioctl_id,
- unsigned int arg1,
- unsigned int arg2,
- unsigned int *value)
+ uint32_t ioctl_id,
+ uint32_t arg1,
+ uint32_t arg2,
+ uint32_t *value)
{
enum pm_ret_status ret;
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -750,7 +750,7 @@
IOCTL_AFI,
};
uint8_t i, ioctl_id;
- int ret;
+ int32_t ret;
for (i = 0U; i < ARRAY_SIZE(supported_ids); i++) {
ioctl_id = supported_ids[i];
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h b/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h
index 0c5f33f..3b0d6ee 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h
@@ -88,9 +88,9 @@
#define PM_DLL_RESET_PULSE 2U
enum pm_ret_status pm_api_ioctl(enum pm_node_id nid,
- unsigned int ioctl_id,
- unsigned int arg1,
- unsigned int arg2,
- unsigned int *value);
+ uint32_t ioctl_id,
+ uint32_t arg1,
+ uint32_t arg2,
+ uint32_t *value);
enum pm_ret_status atf_ioctl_bitmask(uint32_t *bit_mask);
#endif /* PM_API_IOCTL_H */
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c b/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c
index 86cbb7e..0192f81 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c
@@ -1952,7 +1952,7 @@
*
* @return Returns success.
*/
-enum pm_ret_status pm_api_pinctrl_get_num_pins(unsigned int *npins)
+enum pm_ret_status pm_api_pinctrl_get_num_pins(uint32_t *npins)
{
*npins = MAX_PIN;
@@ -1967,7 +1967,7 @@
*
* @return Returns success.
*/
-enum pm_ret_status pm_api_pinctrl_get_num_functions(unsigned int *nfuncs)
+enum pm_ret_status pm_api_pinctrl_get_num_functions(uint32_t *nfuncs)
{
*nfuncs = MAX_FUNCTION;
@@ -1984,8 +1984,8 @@
*
* @return Returns success.
*/
-enum pm_ret_status pm_api_pinctrl_get_num_func_groups(unsigned int fid,
- unsigned int *ngroups)
+enum pm_ret_status pm_api_pinctrl_get_num_func_groups(uint32_t fid,
+ uint32_t *ngroups)
{
if (fid >= MAX_FUNCTION) {
return PM_RET_ERROR_ARGS;
@@ -2004,7 +2004,7 @@
* This function is used by master to get name of function specified
* by given function ID.
*/
-void pm_api_pinctrl_get_function_name(unsigned int fid, char *name)
+void pm_api_pinctrl_get_function_name(uint32_t fid, char *name)
{
if (fid >= MAX_FUNCTION) {
memcpy(name, END_OF_FUNCTION, FUNCTION_NAME_LEN);
@@ -2031,8 +2031,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_api_pinctrl_get_function_groups(unsigned int fid,
- unsigned int index,
+enum pm_ret_status pm_api_pinctrl_get_function_groups(uint32_t fid,
+ uint32_t index,
uint16_t *groups)
{
uint16_t grps;
@@ -2076,11 +2076,11 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_api_pinctrl_get_pin_groups(unsigned int pin,
- unsigned int index,
+enum pm_ret_status pm_api_pinctrl_get_pin_groups(uint32_t pin,
+ uint32_t index,
uint16_t *groups)
{
- unsigned int i;
+ uint32_t i;
uint16_t *grps;
if (pin >= MAX_PIN) {
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h b/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h
index 755c19a..b3159c2 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h
@@ -709,15 +709,15 @@
#define PINCTRL_DRIVE_STRENGTH_8MA 2U
#define PINCTRL_DRIVE_STRENGTH_12MA 3U
-void pm_api_pinctrl_get_function_name(unsigned int fid, char *name);
-enum pm_ret_status pm_api_pinctrl_get_function_groups(unsigned int fid,
- unsigned int index,
+void pm_api_pinctrl_get_function_name(uint32_t fid, char *name);
+enum pm_ret_status pm_api_pinctrl_get_function_groups(uint32_t fid,
+ uint32_t index,
uint16_t *groups);
-enum pm_ret_status pm_api_pinctrl_get_pin_groups(unsigned int pin,
- unsigned int index,
+enum pm_ret_status pm_api_pinctrl_get_pin_groups(uint32_t pin,
+ uint32_t index,
uint16_t *groups);
-enum pm_ret_status pm_api_pinctrl_get_num_pins(unsigned int *npins);
-enum pm_ret_status pm_api_pinctrl_get_num_functions(unsigned int *nfuncs);
-enum pm_ret_status pm_api_pinctrl_get_num_func_groups(unsigned int fid,
- unsigned int *ngroups);
+enum pm_ret_status pm_api_pinctrl_get_num_pins(uint32_t *npins);
+enum pm_ret_status pm_api_pinctrl_get_num_functions(uint32_t *nfuncs);
+enum pm_ret_status pm_api_pinctrl_get_num_func_groups(uint32_t fid,
+ uint32_t *ngroups);
#endif /* PM_API_PINCTRL_H */
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
index e524ba5..a17b6c5 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.c
@@ -240,14 +240,14 @@
};
/* default shutdown/reboot scope is system(2) */
-static unsigned int pm_shutdown_scope = PMF_SHUTDOWN_SUBTYPE_SYSTEM;
+static uint32_t pm_shutdown_scope = PMF_SHUTDOWN_SUBTYPE_SYSTEM;
/**
* pm_get_shutdown_scope() - Get the currently set shutdown scope
*
* @return Shutdown scope value
*/
-unsigned int pm_get_shutdown_scope(void)
+uint32_t pm_get_shutdown_scope(void)
{
return pm_shutdown_scope;
}
@@ -269,12 +269,12 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_self_suspend(enum pm_node_id nid,
- unsigned int latency,
- unsigned int state,
+ uint32_t latency,
+ uint32_t state,
uintptr_t address)
{
uint32_t payload[PAYLOAD_ARG_CNT];
- unsigned int cpuid = plat_my_core_pos();
+ uint32_t cpuid = plat_my_core_pos();
const struct pm_proc *proc = pm_get_proc(cpuid);
/*
@@ -300,7 +300,7 @@
*/
enum pm_ret_status pm_req_suspend(enum pm_node_id target,
enum pm_request_ack ack,
- unsigned int latency, unsigned int state)
+ uint32_t latency, uint32_t state)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -330,7 +330,7 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_req_wakeup(enum pm_node_id target,
- unsigned int set_address,
+ uint32_t set_address,
uintptr_t address,
enum pm_request_ack ack)
{
@@ -412,7 +412,7 @@
*/
enum pm_ret_status pm_set_wakeup_source(enum pm_node_id target,
enum pm_node_id wkup_node,
- unsigned int enable)
+ uint32_t enable)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -428,7 +428,7 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_system_shutdown(unsigned int type, unsigned int subtype)
+enum pm_ret_status pm_system_shutdown(uint32_t type, uint32_t subtype)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -454,8 +454,8 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_req_node(enum pm_node_id nid,
- unsigned int capabilities,
- unsigned int qos,
+ uint32_t capabilities,
+ uint32_t qos,
enum pm_request_ack ack)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -481,8 +481,8 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_set_requirement(enum pm_node_id nid,
- unsigned int capabilities,
- unsigned int qos,
+ uint32_t capabilities,
+ uint32_t qos,
enum pm_request_ack ack)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -505,7 +505,7 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_get_api_version(unsigned int *version)
+enum pm_ret_status pm_get_api_version(uint32_t *version)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -545,8 +545,8 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_mmio_write(uintptr_t address,
- unsigned int mask,
- unsigned int value)
+ uint32_t mask,
+ uint32_t value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -565,7 +565,7 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_mmio_read(uintptr_t address, unsigned int *value)
+enum pm_ret_status pm_mmio_read(uintptr_t address, uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -609,7 +609,7 @@
* the fpga status
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_fpga_get_status(unsigned int *value)
+enum pm_ret_status pm_fpga_get_status(uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -715,10 +715,10 @@
* @return Returns status, either success or error+reason
*/
enum pm_ret_status pm_ioctl(enum pm_node_id nid,
- unsigned int ioctl_id,
- unsigned int arg1,
- unsigned int arg2,
- unsigned int *value)
+ uint32_t ioctl_id,
+ uint32_t arg1,
+ uint32_t arg2,
+ uint32_t *value)
{
return pm_api_ioctl(nid, ioctl_id, arg1, arg2, value);
}
@@ -947,7 +947,7 @@
*
* Return: Returns status, either success or error+reason.
*/
-static enum pm_ret_status pm_clock_get_max_divisor(unsigned int clock_id,
+static enum pm_ret_status pm_clock_get_max_divisor(uint32_t clock_id,
uint8_t div_type,
uint32_t *max_div)
{
@@ -975,7 +975,7 @@
* This function is used by master to get nmae of clock specified
* by given clock ID.
*/
-static void pm_clock_get_name(unsigned int clock_id, char *name)
+static void pm_clock_get_name(uint32_t clock_id, char *name)
{
pm_api_clock_get_name(clock_id, name);
}
@@ -993,8 +993,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_clock_get_topology(unsigned int clock_id,
- unsigned int index,
+static enum pm_ret_status pm_clock_get_topology(uint32_t clock_id,
+ uint32_t index,
uint32_t *topology)
{
return pm_api_clock_get_topology(clock_id, index, topology);
@@ -1012,7 +1012,7 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_clock_get_fixedfactor_params(unsigned int clock_id,
+static enum pm_ret_status pm_clock_get_fixedfactor_params(uint32_t clock_id,
uint32_t *mul,
uint32_t *div)
{
@@ -1036,8 +1036,8 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_clock_get_parents(unsigned int clock_id,
- unsigned int index,
+static enum pm_ret_status pm_clock_get_parents(uint32_t clock_id,
+ uint32_t index,
uint32_t *parents)
{
return pm_api_clock_get_parents(clock_id, index, parents);
@@ -1053,7 +1053,7 @@
*
* @return Returns status, either success or error+reason
*/
-static enum pm_ret_status pm_clock_get_attributes(unsigned int clock_id,
+static enum pm_ret_status pm_clock_get_attributes(uint32_t clock_id,
uint32_t *attr)
{
return pm_api_clock_get_attributes(clock_id, attr);
@@ -1067,8 +1067,8 @@
* @return Error if an argument is not valid or status as returned by the
* PM controller (PMU)
*/
-static enum pm_ret_status pm_clock_gate(unsigned int clock_id,
- unsigned char enable)
+static enum pm_ret_status pm_clock_gate(uint32_t clock_id,
+ uint8_t enable)
{
uint32_t payload[PAYLOAD_ARG_CNT];
enum pm_ret_status status;
@@ -1108,7 +1108,7 @@
* @return: Error if an argument is not valid or status as returned by the
* pm_clock_gate
*/
-enum pm_ret_status pm_clock_enable(unsigned int clock_id)
+enum pm_ret_status pm_clock_enable(uint32_t clock_id)
{
struct pm_pll *pll;
@@ -1132,7 +1132,7 @@
* @return: Error if an argument is not valid or status as returned by the
* pm_clock_gate
*/
-enum pm_ret_status pm_clock_disable(unsigned int clock_id)
+enum pm_ret_status pm_clock_disable(uint32_t clock_id)
{
struct pm_pll *pll;
@@ -1156,8 +1156,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_getstate(unsigned int clock_id,
- unsigned int *state)
+enum pm_ret_status pm_clock_getstate(uint32_t clock_id,
+ uint32_t *state)
{
struct pm_pll *pll;
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1189,8 +1189,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_setdivider(unsigned int clock_id,
- unsigned int divider)
+enum pm_ret_status pm_clock_setdivider(uint32_t clock_id,
+ uint32_t divider)
{
enum pm_ret_status status;
enum pm_node_id nid;
@@ -1237,8 +1237,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_getdivider(unsigned int clock_id,
- unsigned int *divider)
+enum pm_ret_status pm_clock_getdivider(uint32_t clock_id,
+ uint32_t *divider)
{
enum pm_ret_status status;
enum pm_node_id nid;
@@ -1291,7 +1291,7 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_setrate(unsigned int clock_id,
+enum pm_ret_status pm_clock_setrate(uint32_t clock_id,
uint64_t rate)
{
return PM_RET_ERROR_NOTSUPPORTED;
@@ -1307,7 +1307,7 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_getrate(unsigned int clock_id,
+enum pm_ret_status pm_clock_getrate(uint32_t clock_id,
uint64_t *rate)
{
return PM_RET_ERROR_NOTSUPPORTED;
@@ -1322,8 +1322,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_setparent(unsigned int clock_id,
- unsigned int parent_index)
+enum pm_ret_status pm_clock_setparent(uint32_t clock_id,
+ uint32_t parent_index)
{
struct pm_pll *pll;
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1356,8 +1356,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-enum pm_ret_status pm_clock_getparent(unsigned int clock_id,
- unsigned int *parent_index)
+enum pm_ret_status pm_clock_getparent(uint32_t clock_id,
+ uint32_t *parent_index)
{
struct pm_pll *pll;
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1417,7 +1417,7 @@
*
* Return: Returns status, either success or error+reason.
*/
-static enum pm_ret_status pm_pinctrl_get_num_function_groups(unsigned int fid,
+static enum pm_ret_status pm_pinctrl_get_num_function_groups(uint32_t fid,
uint32_t *ngroups)
{
return pm_api_pinctrl_get_num_func_groups(fid, ngroups);
@@ -1431,7 +1431,7 @@
* This function is used by master to get name of function specified
* by given function Id
*/
-static void pm_pinctrl_get_function_name(unsigned int fid, char *name)
+static void pm_pinctrl_get_function_name(uint32_t fid, char *name)
{
pm_api_pinctrl_get_function_name(fid, name);
}
@@ -1453,8 +1453,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-static enum pm_ret_status pm_pinctrl_get_function_groups(unsigned int fid,
- unsigned int index,
+static enum pm_ret_status pm_pinctrl_get_function_groups(uint32_t fid,
+ uint32_t index,
uint16_t *groups)
{
return pm_api_pinctrl_get_function_groups(fid, index, groups);
@@ -1477,8 +1477,8 @@
*
* Return: Returns status, either success or error+reason.
*/
-static enum pm_ret_status pm_pinctrl_get_pin_groups(unsigned int pin_id,
- unsigned int index,
+static enum pm_ret_status pm_pinctrl_get_pin_groups(uint32_t pin_id,
+ uint32_t index,
uint16_t *groups)
{
return pm_api_pinctrl_get_pin_groups(pin_id, index, groups);
@@ -1494,8 +1494,8 @@
*
* This function returns requested data.
*/
-void pm_query_data(enum pm_query_id qid, unsigned int arg1, unsigned int arg2,
- unsigned int arg3, unsigned int *data)
+void pm_query_data(enum pm_query_id qid, uint32_t arg1, uint32_t arg2,
+ uint32_t arg3, uint32_t *data)
{
switch (qid) {
case PM_QID_CLOCK_GET_NAME:
@@ -1632,7 +1632,7 @@
*/
enum pm_ret_status pm_pll_set_parameter(enum pm_node_id nid,
enum pm_pll_param param_id,
- unsigned int value)
+ uint32_t value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1662,7 +1662,7 @@
*/
enum pm_ret_status pm_pll_get_parameter(enum pm_node_id nid,
enum pm_pll_param param_id,
- unsigned int *value)
+ uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1752,11 +1752,11 @@
*
* @return Returns status, either success or error+reason
*/
-enum pm_ret_status pm_register_access(unsigned int register_access_id,
- unsigned int address,
- unsigned int mask,
- unsigned int value,
- unsigned int *out)
+enum pm_ret_status pm_register_access(uint32_t register_access_id,
+ uint32_t address,
+ uint32_t mask,
+ uint32_t value,
+ uint32_t *out)
{
enum pm_ret_status ret;
@@ -1808,7 +1808,7 @@
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
-enum pm_ret_status em_set_action(unsigned int *value)
+enum pm_ret_status em_set_action(uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1817,7 +1817,7 @@
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
-enum pm_ret_status em_remove_action(unsigned int *value)
+enum pm_ret_status em_remove_action(uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -1826,7 +1826,7 @@
return pm_ipi_send_sync(primary_proc, payload, value, 1);
}
-enum pm_ret_status em_send_errors(unsigned int *value)
+enum pm_ret_status em_send_errors(uint32_t *value)
{
uint32_t payload[PAYLOAD_ARG_CNT];
diff --git a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
index 84b239c..d3e9a34 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_api_sys.h
@@ -70,12 +70,12 @@
**********************************************************/
enum pm_ret_status pm_req_suspend(enum pm_node_id target,
enum pm_request_ack ack,
- unsigned int latency,
- unsigned int state);
+ uint32_t latency,
+ uint32_t state);
enum pm_ret_status pm_self_suspend(enum pm_node_id nid,
- unsigned int latency,
- unsigned int state,
+ uint32_t latency,
+ uint32_t state,
uintptr_t address);
enum pm_ret_status pm_force_powerdown(enum pm_node_id target,
@@ -84,53 +84,42 @@
enum pm_ret_status pm_abort_suspend(enum pm_abort_reason reason);
enum pm_ret_status pm_req_wakeup(enum pm_node_id target,
- unsigned int set_address,
+ uint32_t set_address,
uintptr_t address,
enum pm_request_ack ack);
enum pm_ret_status pm_set_wakeup_source(enum pm_node_id target,
enum pm_node_id wkup_node,
- unsigned int enable);
+ uint32_t enable);
-enum pm_ret_status pm_system_shutdown(unsigned int type, unsigned int subtype);
-
-enum pm_ret_status pm_init_suspend_cb(enum pm_suspend_reason reason,
- unsigned int latency,
- unsigned int state,
- unsigned int timeout);
+enum pm_ret_status pm_system_shutdown(uint32_t type, uint32_t subtype);
/* API functions for managing PM Slaves */
enum pm_ret_status pm_req_node(enum pm_node_id nid,
- unsigned int capabilities,
- unsigned int qos,
+ uint32_t capabilities,
+ uint32_t qos,
enum pm_request_ack ack);
enum pm_ret_status pm_set_requirement(enum pm_node_id nid,
- unsigned int capabilities,
- unsigned int qos,
+ uint32_t capabilities,
+ uint32_t qos,
enum pm_request_ack ack);
/* Miscellaneous API functions */
-enum pm_ret_status pm_get_api_version(unsigned int *version);
+enum pm_ret_status pm_get_api_version(uint32_t *version);
enum pm_ret_status pm_get_node_status(enum pm_node_id nid,
uint32_t *ret_buff);
-enum pm_ret_status pm_acknowledge_cb(enum pm_node_id nid,
- enum pm_ret_status status,
- unsigned int oppoint);
-enum pm_ret_status pm_notify_cb(enum pm_node_id nid,
- unsigned int event,
- unsigned int oppoint);
/* Direct-Control API functions */
enum pm_ret_status pm_mmio_write(uintptr_t address,
- unsigned int mask,
- unsigned int value);
-enum pm_ret_status pm_mmio_read(uintptr_t address, unsigned int *value);
+ uint32_t mask,
+ uint32_t value);
+enum pm_ret_status pm_mmio_read(uintptr_t address, uint32_t *value);
enum pm_ret_status pm_fpga_load(uint32_t address_low,
uint32_t address_high,
uint32_t size,
uint32_t flags);
-enum pm_ret_status pm_fpga_get_status(unsigned int *value);
+enum pm_ret_status pm_fpga_get_status(uint32_t *value);
enum pm_ret_status pm_get_chipid(uint32_t *value);
enum pm_ret_status pm_secure_rsaaes(uint32_t address_low,
@@ -140,28 +129,28 @@
unsigned int pm_get_shutdown_scope(void);
void pm_get_callbackdata(uint32_t *data, size_t count);
enum pm_ret_status pm_ioctl(enum pm_node_id nid,
- unsigned int ioctl_id,
- unsigned int arg1,
- unsigned int arg2,
- unsigned int *value);
-enum pm_ret_status pm_clock_enable(unsigned int clock_id);
-enum pm_ret_status pm_clock_disable(unsigned int clock_id);
-enum pm_ret_status pm_clock_getstate(unsigned int clock_id,
- unsigned int *state);
-enum pm_ret_status pm_clock_setdivider(unsigned int clock_id,
- unsigned int divider);
-enum pm_ret_status pm_clock_getdivider(unsigned int clock_id,
- unsigned int *divider);
-enum pm_ret_status pm_clock_setrate(unsigned int clock_id,
+ uint32_t ioctl_id,
+ uint32_t arg1,
+ uint32_t arg2,
+ uint32_t *value);
+enum pm_ret_status pm_clock_enable(uint32_t clock_id);
+enum pm_ret_status pm_clock_disable(uint32_t clock_id);
+enum pm_ret_status pm_clock_getstate(uint32_t clock_id,
+ uint32_t *state);
+enum pm_ret_status pm_clock_setdivider(uint32_t clock_id,
+ uint32_t divider);
+enum pm_ret_status pm_clock_getdivider(uint32_t clock_id,
+ uint32_t *divider);
+enum pm_ret_status pm_clock_setrate(uint32_t clock_id,
uint64_t rate);
-enum pm_ret_status pm_clock_getrate(unsigned int clock_id,
+enum pm_ret_status pm_clock_getrate(uint32_t clock_id,
uint64_t *rate);
-enum pm_ret_status pm_clock_setparent(unsigned int clock_id,
- unsigned int parent_index);
-enum pm_ret_status pm_clock_getparent(unsigned int clock_id,
- unsigned int *parent_index);
-void pm_query_data(enum pm_query_id qid, unsigned int arg1, unsigned int arg2,
- unsigned int arg3, unsigned int *data);
+enum pm_ret_status pm_clock_setparent(uint32_t clock_id,
+ uint32_t parent_index);
+enum pm_ret_status pm_clock_getparent(uint32_t clock_id,
+ uint32_t *parent_index);
+void pm_query_data(enum pm_query_id qid, uint32_t arg1, uint32_t arg2,
+ uint32_t arg3, uint32_t *data);
enum pm_ret_status pm_sha_hash(uint32_t address_high,
uint32_t address_low,
uint32_t size,
@@ -183,28 +172,24 @@
enum pm_ret_status pm_aes_engine(uint32_t address_high,
uint32_t address_low,
uint32_t *value);
-enum pm_ret_status pm_register_access(unsigned int register_access_id,
- unsigned int address,
- unsigned int mask,
- unsigned int value,
- unsigned int *out);
+enum pm_ret_status pm_register_access(uint32_t register_access_id,
+ uint32_t address,
+ uint32_t mask,
+ uint32_t value,
+ uint32_t *out);
enum pm_ret_status pm_pll_set_parameter(enum pm_node_id nid,
enum pm_pll_param param_id,
- unsigned int value);
+ uint32_t value);
enum pm_ret_status pm_pll_get_parameter(enum pm_node_id nid,
enum pm_pll_param param_id,
- unsigned int *value);
+ uint32_t *value);
enum pm_ret_status pm_pll_set_mode(enum pm_node_id nid, enum pm_pll_mode mode);
enum pm_ret_status pm_pll_get_mode(enum pm_node_id nid, enum pm_pll_mode *mode);
enum pm_ret_status pm_efuse_access(uint32_t address_high,
uint32_t address_low, uint32_t *value);
-enum pm_ret_status em_set_action(unsigned int *value);
-enum pm_ret_status em_remove_action(unsigned int *value);
-enum pm_ret_status em_send_errors(unsigned int *value);
-enum pm_ret_status pm_feature_config(unsigned int ioctl_id,
- unsigned int config_id,
- unsigned int value,
- unsigned int *response);
+enum pm_ret_status em_set_action(uint32_t *value);
+enum pm_ret_status em_remove_action(uint32_t *value);
+enum pm_ret_status em_send_errors(uint32_t *value);
enum pm_ret_status pm_feature_check(uint32_t api_id, uint32_t *version,
uint32_t *bit_mask, uint8_t len);
enum pm_ret_status check_api_dependency(uint8_t id);
diff --git a/plat/xilinx/zynqmp/pm_service/pm_client.c b/plat/xilinx/zynqmp/pm_service/pm_client.c
index 3cd48a7..34b931e 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_client.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_client.c
@@ -163,7 +163,7 @@
*
* Return: PM node ID corresponding to the specified interrupt
*/
-static enum pm_node_id irq_to_pm_node(unsigned int irq)
+static enum pm_node_id irq_to_pm_node(uint32_t irq)
{
assert(irq <= IRQ_MAX);
return irq_node_map[irq];
@@ -233,7 +233,7 @@
*
* Return: pointer to a proc structure if proc is found, otherwise NULL
*/
-const struct pm_proc *pm_get_proc(unsigned int cpuid)
+const struct pm_proc *pm_get_proc(uint32_t cpuid)
{
if (cpuid < ARRAY_SIZE(pm_procs_all)) {
return &pm_procs_all[cpuid];
@@ -264,7 +264,7 @@
*
* Return: the cpu ID (starting from 0) for the subsystem
*/
-static unsigned int pm_get_cpuid(enum pm_node_id nid)
+static uint32_t pm_get_cpuid(enum pm_node_id nid)
{
for (size_t i = 0; i < ARRAY_SIZE(pm_procs_all); i++) {
if (pm_procs_all[i].node_id == nid) {
@@ -283,7 +283,7 @@
* required prior to sending suspend request to PMU
* Actions taken depend on the state system is suspending to.
*/
-void pm_client_suspend(const struct pm_proc *proc, unsigned int state)
+void pm_client_suspend(const struct pm_proc *proc, uint32_t state)
{
bakery_lock_get(&pm_client_secure_lock);
@@ -326,7 +326,7 @@
*/
void pm_client_wakeup(const struct pm_proc *proc)
{
- unsigned int cpuid = pm_get_cpuid(proc->node_id);
+ uint32_t cpuid = pm_get_cpuid(proc->node_id);
if (cpuid == UNDEFINED_CPUID) {
return;
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
index 953bb4a..0b366d7 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.c
@@ -203,9 +203,9 @@
* Called from sip_svc_setup initialization function with the
* rt_svc_init signature.
*/
-int pm_setup(void)
+int32_t pm_setup(void)
{
- int status, ret;
+ int32_t status, ret;
status = pm_ipi_init(primary_proc);
@@ -255,7 +255,7 @@
* function with rt_svc_handle signature
*/
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle, uint64_t flags)
+ uint64_t x4, const void *cookie, void *handle, uint64_t flags)
{
enum pm_ret_status ret;
uint32_t payload[PAYLOAD_ARG_CNT];
@@ -291,7 +291,7 @@
case PM_REQ_WAKEUP:
{
/* Use address flag is encoded in the 1st bit of the low-word */
- unsigned int set_addr = pm_arg[1] & 0x1;
+ uint32_t set_addr = pm_arg[1] & 0x1;
uint64_t address = (uint64_t)pm_arg[2] << 32;
address |= pm_arg[1] & (~0x1);
@@ -575,7 +575,7 @@
* function with rt_svc_handle signature
*/
uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle, uint64_t flags)
+ uint64_t x4, const void *cookie, void *handle, uint64_t flags)
{
enum pm_ret_status ret;
diff --git a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
index abadd40..c1781f3 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
+++ b/plat/xilinx/zynqmp/pm_service/pm_svc_main.h
@@ -9,12 +9,12 @@
#include "pm_common.h"
-int pm_setup(void);
+int32_t pm_setup(void);
uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle,
+ uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
uint64_t em_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
- uint64_t x4, void *cookie, void *handle,
+ uint64_t x4, const void *cookie, void *handle,
uint64_t flags);
#endif /* PM_SVC_MAIN_H */
diff --git a/services/std_svc/rmmd/trp/trp_private.h b/services/std_svc/rmmd/trp/trp_private.h
index 43a4a4b..4c5222e 100644
--- a/services/std_svc/rmmd/trp/trp_private.h
+++ b/services/std_svc/rmmd/trp/trp_private.h
@@ -30,19 +30,10 @@
#define write_trp_arg(args, offset, val) (((args)->regs[offset >> 3]) \
= val)
-
-/* RMI handled by TRP */
-#define RMI_FNUM_VERSION_REQ U(0x150)
-
-#define RMI_FNUM_GRANULE_DELEGATE U(0x151)
-#define RMI_FNUM_GRANULE_UNDELEGATE U(0x152)
-
-#define RMI_RMM_REQ_VERSION RMM_FID(SMC_64, RMI_FNUM_VERSION_REQ)
-
-#define RMI_RMM_GRANULE_DELEGATE RMM_FID(SMC_64, \
- RMI_FNUM_GRANULE_DELEGATE)
-#define RMI_RMM_GRANULE_UNDELEGATE RMM_FID(SMC_64, \
- RMI_FNUM_GRANULE_UNDELEGATE)
+/* RMI SMC64 FIDs handled by the TRP */
+#define RMI_RMM_REQ_VERSION SMC64_RMI_FID(U(0))
+#define RMI_RMM_GRANULE_DELEGATE SMC64_RMI_FID(U(1))
+#define RMI_RMM_GRANULE_UNDELEGATE SMC64_RMI_FID(U(2))
/* Definitions for RMI VERSION */
#define RMI_ABI_VERSION_MAJOR U(0x0)
diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile
index ca548b8..d951286 100644
--- a/tools/cert_create/Makefile
+++ b/tools/cert_create/Makefile
@@ -35,6 +35,8 @@
include src/tbbr/tbbr.mk
else ifeq (${COT},dualroot)
include src/dualroot/cot.mk
+else ifeq (${COT},cca)
+ include src/cca/cot.mk
else
$(error Unknown chain of trust ${COT})
endif
diff --git a/tools/cert_create/include/cca/cca_cot.h b/tools/cert_create/include/cca/cca_cot.h
new file mode 100644
index 0000000..56585fb
--- /dev/null
+++ b/tools/cert_create/include/cca/cca_cot.h
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CCA_COT_H
+#define CCA_COT_H
+
+/* Certificates. */
+enum {
+ /* Certificates owned by the silicon provider. */
+ CCA_CONTENT_CERT,
+ CORE_SWD_KEY_CERT,
+ SPMC_CONTENT_CERT,
+ SIP_SECURE_PARTITION_CONTENT_CERT,
+
+ /* Certificates owned by the platform owner. */
+ PLAT_KEY_CERT,
+ PLAT_SECURE_PARTITION_CONTENT_CERT,
+ NON_TRUSTED_FW_CONTENT_CERT,
+};
+
+/* Certificate extensions. */
+enum {
+ /* Extensions used in certificates owned by the silicon provider. */
+ TRUSTED_FW_NVCOUNTER_EXT,
+ TRUSTED_BOOT_FW_HASH_EXT,
+ TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
+ HW_CONFIG_HASH_EXT,
+ FW_CONFIG_HASH_EXT,
+ SWD_ROT_PK_EXT,
+ CORE_SWD_PK_EXT,
+ SOC_AP_FW_HASH_EXT,
+ SOC_FW_CONFIG_HASH_EXT,
+ RMM_HASH_EXT,
+ TRUSTED_OS_FW_HASH_EXT,
+ TRUSTED_OS_FW_CONFIG_HASH_EXT,
+ SP_PKG1_HASH_EXT,
+ SP_PKG2_HASH_EXT,
+ SP_PKG3_HASH_EXT,
+ SP_PKG4_HASH_EXT,
+
+ /* Extensions used in certificates owned by the platform owner. */
+ PROT_PK_EXT,
+ PLAT_PK_EXT,
+ SP_PKG5_HASH_EXT,
+ SP_PKG6_HASH_EXT,
+ SP_PKG7_HASH_EXT,
+ SP_PKG8_HASH_EXT,
+ NON_TRUSTED_FW_NVCOUNTER_EXT,
+ NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
+ NON_TRUSTED_FW_CONFIG_HASH_EXT,
+};
+
+/* Keys. */
+enum {
+ /* Keys owned by the silicon provider. */
+ ROT_KEY,
+ SWD_ROT_KEY,
+ CORE_SWD_KEY,
+
+ /* Keys owned by the platform owner. */
+ PROT_KEY,
+ PLAT_KEY,
+};
+
+#endif /* CCA_COT_H */
diff --git a/tools/cert_create/src/cca/cot.c b/tools/cert_create/src/cca/cot.c
new file mode 100644
index 0000000..5a35ff6
--- /dev/null
+++ b/tools/cert_create/src/cca/cot.c
@@ -0,0 +1,439 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "cca/cca_cot.h"
+
+#include <cca_oid.h>
+
+#include "cert.h"
+#include "ext.h"
+#include "key.h"
+
+/*
+ * Certificates used in the chain of trust.
+ *
+ * All certificates are self-signed so the issuer certificate field points to
+ * itself.
+ */
+static cert_t cot_certs[] = {
+ [CCA_CONTENT_CERT] = {
+ .id = CCA_CONTENT_CERT,
+ .opt = "cca-cert",
+ .help_msg = "CCA Content Certificate (output file)",
+ .cn = "CCA Content Certificate",
+ .key = ROT_KEY,
+ .issuer = CCA_CONTENT_CERT,
+ .ext = {
+ TRUSTED_FW_NVCOUNTER_EXT,
+ SOC_AP_FW_HASH_EXT,
+ SOC_FW_CONFIG_HASH_EXT,
+ RMM_HASH_EXT,
+ TRUSTED_BOOT_FW_HASH_EXT,
+ TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
+ HW_CONFIG_HASH_EXT,
+ FW_CONFIG_HASH_EXT,
+ },
+ .num_ext = 8
+ },
+
+ [CORE_SWD_KEY_CERT] = {
+ .id = CORE_SWD_KEY_CERT,
+ .opt = "core-swd-cert",
+ .help_msg = "Core Secure World Key Certificate (output file)",
+ .cn = "Core Secure World Key Certificate",
+ .key = SWD_ROT_KEY,
+ .issuer = CORE_SWD_KEY_CERT,
+ .ext = {
+ TRUSTED_FW_NVCOUNTER_EXT,
+ SWD_ROT_PK_EXT,
+ CORE_SWD_PK_EXT,
+ },
+ .num_ext = 3
+ },
+
+ [SPMC_CONTENT_CERT] = {
+ .id = SPMC_CONTENT_CERT,
+ .opt = "tos-fw-cert",
+ .help_msg = "SPMC Content Certificate (output file)",
+ .cn = "SPMC Content Certificate",
+ .key = CORE_SWD_KEY,
+ .issuer = SPMC_CONTENT_CERT,
+ .ext = {
+ TRUSTED_FW_NVCOUNTER_EXT,
+ TRUSTED_OS_FW_HASH_EXT,
+ TRUSTED_OS_FW_CONFIG_HASH_EXT,
+ },
+ .num_ext = 3
+ },
+
+ [SIP_SECURE_PARTITION_CONTENT_CERT] = {
+ .id = SIP_SECURE_PARTITION_CONTENT_CERT,
+ .opt = "sip-sp-cert",
+ .help_msg = "SiP owned Secure Partition Content Certificate (output file)",
+ .cn = "SiP owned Secure Partition Content Certificate",
+ .key = CORE_SWD_KEY,
+ .issuer = SIP_SECURE_PARTITION_CONTENT_CERT,
+ .ext = {
+ TRUSTED_FW_NVCOUNTER_EXT,
+ SP_PKG1_HASH_EXT,
+ SP_PKG2_HASH_EXT,
+ SP_PKG3_HASH_EXT,
+ SP_PKG4_HASH_EXT,
+ },
+ .num_ext = 5
+ },
+
+ [PLAT_KEY_CERT] = {
+ .id = PLAT_KEY_CERT,
+ .opt = "plat-key-cert",
+ .help_msg = "Platform Key Certificate (output file)",
+ .cn = "Platform Key Certificate",
+ .key = PROT_KEY,
+ .issuer = PLAT_KEY_CERT,
+ .ext = {
+ NON_TRUSTED_FW_NVCOUNTER_EXT,
+ PROT_PK_EXT,
+ PLAT_PK_EXT,
+ },
+ .num_ext = 3
+ },
+
+ [PLAT_SECURE_PARTITION_CONTENT_CERT] = {
+ .id = PLAT_SECURE_PARTITION_CONTENT_CERT,
+ .opt = "plat-sp-cert",
+ .help_msg = "Platform owned Secure Partition Content Certificate (output file)",
+ .cn = "Platform owned Secure Partition Content Certificate",
+ .key = PLAT_KEY,
+ .issuer = PLAT_SECURE_PARTITION_CONTENT_CERT,
+ .ext = {
+ NON_TRUSTED_FW_NVCOUNTER_EXT,
+ SP_PKG5_HASH_EXT,
+ SP_PKG6_HASH_EXT,
+ SP_PKG7_HASH_EXT,
+ SP_PKG8_HASH_EXT,
+ },
+ .num_ext = 5
+ },
+
+ [NON_TRUSTED_FW_CONTENT_CERT] = {
+ .id = NON_TRUSTED_FW_CONTENT_CERT,
+ .opt = "nt-fw-cert",
+ .help_msg = "Non-Trusted Firmware Content Certificate (output file)",
+ .cn = "Non-Trusted Firmware Content Certificate",
+ .key = PLAT_KEY,
+ .issuer = NON_TRUSTED_FW_CONTENT_CERT,
+ .ext = {
+ NON_TRUSTED_FW_NVCOUNTER_EXT,
+ NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
+ NON_TRUSTED_FW_CONFIG_HASH_EXT,
+ },
+ .num_ext = 3
+ },
+};
+
+REGISTER_COT(cot_certs);
+
+
+/* Certificate extensions. */
+static ext_t cot_ext[] = {
+ [TRUSTED_FW_NVCOUNTER_EXT] = {
+ .oid = TRUSTED_FW_NVCOUNTER_OID,
+ .opt = "tfw-nvctr",
+ .help_msg = "Trusted Firmware Non-Volatile counter value",
+ .sn = "TrustedWorldNVCounter",
+ .ln = "Trusted World Non-Volatile counter",
+ .asn1_type = V_ASN1_INTEGER,
+ .type = EXT_TYPE_NVCOUNTER,
+ .attr.nvctr_type = NVCTR_TYPE_TFW
+ },
+
+ [TRUSTED_BOOT_FW_HASH_EXT] = {
+ .oid = TRUSTED_BOOT_FW_HASH_OID,
+ .opt = "tb-fw",
+ .help_msg = "Trusted Boot Firmware image file",
+ .sn = "TrustedBootFirmwareHash",
+ .ln = "Trusted Boot Firmware hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH
+ },
+
+ [TRUSTED_BOOT_FW_CONFIG_HASH_EXT] = {
+ .oid = TRUSTED_BOOT_FW_CONFIG_HASH_OID,
+ .opt = "tb-fw-config",
+ .help_msg = "Trusted Boot Firmware Config file",
+ .sn = "TrustedBootFirmwareConfigHash",
+ .ln = "Trusted Boot Firmware Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [HW_CONFIG_HASH_EXT] = {
+ .oid = HW_CONFIG_HASH_OID,
+ .opt = "hw-config",
+ .help_msg = "HW Config file",
+ .sn = "HWConfigHash",
+ .ln = "HW Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [FW_CONFIG_HASH_EXT] = {
+ .oid = FW_CONFIG_HASH_OID,
+ .opt = "fw-config",
+ .help_msg = "Firmware Config file",
+ .sn = "FirmwareConfigHash",
+ .ln = "Firmware Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [SWD_ROT_PK_EXT] = {
+ .oid = SWD_ROT_PK_OID,
+ .sn = "SWDRoTKey",
+ .ln = "Secure World Root of Trust Public Key",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_PKEY,
+ .attr.key = SWD_ROT_KEY
+ },
+
+ [CORE_SWD_PK_EXT] = {
+ .oid = CORE_SWD_PK_OID,
+ .sn = "CORESWDKey",
+ .ln = "Core Secure World Public Key",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_PKEY,
+ .attr.key = CORE_SWD_KEY
+ },
+
+ [SOC_AP_FW_HASH_EXT] = {
+ .oid = SOC_AP_FW_HASH_OID,
+ .opt = "soc-fw",
+ .help_msg = "SoC AP Firmware image file",
+ .sn = "SoCAPFirmwareHash",
+ .ln = "SoC AP Firmware hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH
+ },
+
+ [SOC_FW_CONFIG_HASH_EXT] = {
+ .oid = SOC_FW_CONFIG_HASH_OID,
+ .opt = "soc-fw-config",
+ .help_msg = "SoC Firmware Config file",
+ .sn = "SocFirmwareConfigHash",
+ .ln = "SoC Firmware Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [RMM_HASH_EXT] = {
+ .oid = RMM_HASH_OID,
+ .opt = "rmm-fw",
+ .help_msg = "RMM Firmware image file",
+ .sn = "RMMFirmwareHash",
+ .ln = "RMM Firmware hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH
+ },
+
+ [TRUSTED_OS_FW_HASH_EXT] = {
+ .oid = TRUSTED_OS_FW_HASH_OID,
+ .opt = "tos-fw",
+ .help_msg = "Trusted OS image file",
+ .sn = "TrustedOSHash",
+ .ln = "Trusted OS hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH
+ },
+
+ [TRUSTED_OS_FW_CONFIG_HASH_EXT] = {
+ .oid = TRUSTED_OS_FW_CONFIG_HASH_OID,
+ .opt = "tos-fw-config",
+ .help_msg = "Trusted OS Firmware Config file",
+ .sn = "TrustedOSFirmwareConfigHash",
+ .ln = "Trusted OS Firmware Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [SP_PKG1_HASH_EXT] = {
+ .oid = SP_PKG1_HASH_OID,
+ .opt = "sp-pkg1",
+ .help_msg = "Secure Partition Package1 file",
+ .sn = "SPPkg1Hash",
+ .ln = "SP Pkg1 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG2_HASH_EXT] = {
+ .oid = SP_PKG2_HASH_OID,
+ .opt = "sp-pkg2",
+ .help_msg = "Secure Partition Package2 file",
+ .sn = "SPPkg2Hash",
+ .ln = "SP Pkg2 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG3_HASH_EXT] = {
+ .oid = SP_PKG3_HASH_OID,
+ .opt = "sp-pkg3",
+ .help_msg = "Secure Partition Package3 file",
+ .sn = "SPPkg3Hash",
+ .ln = "SP Pkg3 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG4_HASH_EXT] = {
+ .oid = SP_PKG4_HASH_OID,
+ .opt = "sp-pkg4",
+ .help_msg = "Secure Partition Package4 file",
+ .sn = "SPPkg4Hash",
+ .ln = "SP Pkg4 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [PROT_PK_EXT] = {
+ .oid = PROT_PK_OID,
+ .sn = "PlatformRoTKey",
+ .ln = "Platform Root of Trust Public Key",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_PKEY,
+ .attr.key = PROT_KEY
+ },
+
+ [PLAT_PK_EXT] = {
+ .oid = PLAT_PK_OID,
+ .sn = "PLATKey",
+ .ln = "Platform Public Key",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_PKEY,
+ .attr.key = PLAT_KEY
+ },
+
+ [SP_PKG5_HASH_EXT] = {
+ .oid = SP_PKG5_HASH_OID,
+ .opt = "sp-pkg5",
+ .help_msg = "Secure Partition Package5 file",
+ .sn = "SPPkg5Hash",
+ .ln = "SP Pkg5 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG6_HASH_EXT] = {
+ .oid = SP_PKG6_HASH_OID,
+ .opt = "sp-pkg6",
+ .help_msg = "Secure Partition Package6 file",
+ .sn = "SPPkg6Hash",
+ .ln = "SP Pkg6 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG7_HASH_EXT] = {
+ .oid = SP_PKG7_HASH_OID,
+ .opt = "sp-pkg7",
+ .help_msg = "Secure Partition Package7 file",
+ .sn = "SPPkg7Hash",
+ .ln = "SP Pkg7 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+ [SP_PKG8_HASH_EXT] = {
+ .oid = SP_PKG8_HASH_OID,
+ .opt = "sp-pkg8",
+ .help_msg = "Secure Partition Package8 file",
+ .sn = "SPPkg8Hash",
+ .ln = "SP Pkg8 hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+
+ [NON_TRUSTED_FW_NVCOUNTER_EXT] = {
+ .oid = NON_TRUSTED_FW_NVCOUNTER_OID,
+ .opt = "ntfw-nvctr",
+ .help_msg = "Non-Trusted Firmware Non-Volatile counter value",
+ .sn = "NormalWorldNVCounter",
+ .ln = "Non-Trusted Firmware Non-Volatile counter",
+ .asn1_type = V_ASN1_INTEGER,
+ .type = EXT_TYPE_NVCOUNTER,
+ .attr.nvctr_type = NVCTR_TYPE_NTFW
+ },
+
+ [NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
+ .oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
+ .opt = "nt-fw",
+ .help_msg = "Non-Trusted World Bootloader image file",
+ .sn = "NonTrustedWorldBootloaderHash",
+ .ln = "Non-Trusted World hash (SHA256)",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH
+ },
+
+ [NON_TRUSTED_FW_CONFIG_HASH_EXT] = {
+ .oid = NON_TRUSTED_FW_CONFIG_HASH_OID,
+ .opt = "nt-fw-config",
+ .help_msg = "Non Trusted OS Firmware Config file",
+ .sn = "NonTrustedOSFirmwareConfigHash",
+ .ln = "Non-Trusted OS Firmware Config hash",
+ .asn1_type = V_ASN1_OCTET_STRING,
+ .type = EXT_TYPE_HASH,
+ .optional = 1
+ },
+};
+
+REGISTER_EXTENSIONS(cot_ext);
+
+/* Keys used to establish the chain of trust. */
+static key_t cot_keys[] = {
+ [ROT_KEY] = {
+ .id = ROT_KEY,
+ .opt = "rot-key",
+ .help_msg = "Root Of Trust key (input/output file)",
+ .desc = "Root Of Trust key"
+ },
+
+ [SWD_ROT_KEY] = {
+ .id = SWD_ROT_KEY,
+ .opt = "swd-rot-key",
+ .help_msg = "Secure World Root of Trust key",
+ .desc = "Secure World Root of Trust key"
+ },
+
+ [CORE_SWD_KEY] = {
+ .id = CORE_SWD_KEY,
+ .opt = "core-swd-key",
+ .help_msg = "Core Secure World key",
+ .desc = "Core Secure World key"
+ },
+
+ [PROT_KEY] = {
+ .id = PROT_KEY,
+ .opt = "prot-key",
+ .help_msg = "Platform Root of Trust key",
+ .desc = "Platform Root of Trust key"
+ },
+
+ [PLAT_KEY] = {
+ .id = PLAT_KEY,
+ .opt = "plat-key",
+ .help_msg = "Platform key",
+ .desc = "Platform key"
+ },
+};
+
+REGISTER_KEYS(cot_keys);
diff --git a/tools/cert_create/src/cca/cot.mk b/tools/cert_create/src/cca/cot.mk
new file mode 100644
index 0000000..d0c80bb
--- /dev/null
+++ b/tools/cert_create/src/cca/cot.mk
@@ -0,0 +1,10 @@
+#
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+PLAT_MSG := Confidential Compute Architecture root of trust
+PLAT_INCLUDE := ../../include/tools_share
+
+OBJECTS += src/cca/cot.o
diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c
index 4998bb2..cdbf389 100644
--- a/tools/fiptool/tbbr_config.c
+++ b/tools/fiptool/tbbr_config.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -172,6 +172,21 @@
.cmdline_name = "plat-sp-cert"
},
{
+ .name = "CCA Content Certificate",
+ .uuid = UUID_CCA_CONTENT_CERT,
+ .cmdline_name = "cca-cert"
+ },
+ {
+ .name = "Core Secure World Key Certificate",
+ .uuid = UUID_CORE_SWD_KEY_CERT,
+ .cmdline_name = "core-swd-cert"
+ },
+ {
+ .name = "Platform Key Certificate",
+ .uuid = UUID_PLAT_KEY_CERT,
+ .cmdline_name = "plat-key-cert"
+ },
+ {
.name = NULL,
.uuid = { {0} },
.cmdline_name = NULL,
diff --git a/tools/sptool/sp_mk_generator.py b/tools/sptool/sp_mk_generator.py
index f4045d3..814d051 100644
--- a/tools/sptool/sp_mk_generator.py
+++ b/tools/sptool/sp_mk_generator.py
@@ -145,7 +145,7 @@
sptool_args += f" --img-offset {image_offset}" if image_offset is not None else ""
sptool_args += f" -o {sp_pkg}"
sppkg_rule = f'''
-{sp_pkg}:
+{sp_pkg}: {sp_dtb}
\t$(Q)echo Generating {sp_pkg}
\t$(Q)$(PYTHON) $(SPTOOL) {sptool_args}
'''