Merge "fix(qemu): ignore TPM error" into integration
diff --git a/.clang-format b/.clang-format
new file mode 100644
index 0000000..6a89eeb
--- /dev/null
+++ b/.clang-format
@@ -0,0 +1,199 @@
+---
+AccessModifierOffset: -4
+AlignAfterOpenBracket: Align
+AlignArrayOfStructures: None
+AlignConsecutiveMacros: None
+AlignConsecutiveAssignments: None
+AlignConsecutiveBitFields: None
+AlignConsecutiveDeclarations: None
+AlignEscapedNewlines: Left
+AlignOperands: Align
+AlignTrailingComments: false
+AllowAllArgumentsOnNextLine: true
+AllowAllParametersOfDeclarationOnNextLine: false
+AllowShortEnumsOnASingleLine: true
+AllowShortBlocksOnASingleLine: Never
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: None
+AllowShortLambdasOnASingleLine: All
+AllowShortIfStatementsOnASingleLine: Never
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterDefinitionReturnType: None
+AlwaysBreakAfterReturnType: None
+AlwaysBreakBeforeMultilineStrings: false
+AlwaysBreakTemplateDeclarations: MultiLine
+AttributeMacros:
+ - __capability
+BinPackArguments: true
+BinPackParameters: true
+BraceWrapping:
+ AfterCaseLabel: false
+ AfterClass: false
+ AfterControlStatement: Never
+ AfterEnum: false
+ AfterFunction: true
+ AfterNamespace: true
+ AfterObjCDeclaration: false
+ AfterStruct: false
+ AfterUnion: false
+ AfterExternBlock: false
+ BeforeCatch: false
+ BeforeElse: false
+ BeforeLambdaBody: false
+ BeforeWhile: false
+ IndentBraces: false
+ SplitEmptyFunction: true
+ SplitEmptyRecord: true
+ SplitEmptyNamespace: true
+BreakBeforeBinaryOperators: None
+BreakBeforeConceptDeclarations: true
+BreakBeforeBraces: Custom
+BreakBeforeInheritanceComma: false
+BreakInheritanceList: BeforeColon
+BreakBeforeTernaryOperators: false
+BreakConstructorInitializersBeforeComma: false
+BreakConstructorInitializers: BeforeComma
+BreakAfterJavaFieldAnnotations: false
+BreakStringLiterals: false
+ColumnLimit: 80
+CommentPragmas: '^ IWYU pragma:'
+QualifierAlignment: Leave
+CompactNamespaces: false
+ConstructorInitializerIndentWidth: 8
+ContinuationIndentWidth: 8
+Cpp11BracedListStyle: false
+DeriveLineEnding: true
+DerivePointerAlignment: false
+DisableFormat: false
+EmptyLineAfterAccessModifier: Never
+EmptyLineBeforeAccessModifier: LogicalBlock
+ExperimentalAutoDetectBinPacking: false
+PackConstructorInitializers: BinPack
+BasedOnStyle: ''
+ConstructorInitializerAllOnOneLineOrOnePerLine: false
+AllowAllConstructorInitializersOnNextLine: true
+FixNamespaceComments: false
+ForEachMacros:
+ - fdt_for_each_compatible_node
+ - fdt_for_each_property_offset
+ - fdt_for_each_subnode
+ - for_each_err_record_info
+ - for_each_subscriber
+IfMacros:
+ - KJ_IF_MAYBE
+IncludeBlocks: Regroup
+IncludeCategories:
+ - Regex: '^<(assert|complex|ctype|errno|fenv|float|inttypes|iso646|limits|locale|math|setjmp|signal|stdalign|stdarg|stdatomic|stdbool|stdckdint|stddef|stdint|stdio|stdlib|stdnoreturn|string|tgmath|threads|time|uchar|wchar|wctype)\.h>$'
+ Priority: 0
+ SortPriority: 0
+ CaseSensitive: false
+ - Regex: '^<lib/(compiler-rt|libfdt|mbedtls|zlib)/.+>$'
+ Priority: 1
+ SortPriority: 0
+ CaseSensitive: false
+ - Regex: '^<(platform(_def)?\.h)|(plat[_/].+)>$'
+ Priority: 2
+ SortPriority: 0
+ CaseSensitive: false
+ - Regex: '^<.+>$'
+ Priority: 3
+ SortPriority: 0
+ CaseSensitive: false
+ - Regex: '^".+"$'
+ Priority: 4
+ SortPriority: 0
+ CaseSensitive: false
+IncludeIsMainRegex: '(Test)?$'
+IncludeIsMainSourceRegex: ''
+IndentAccessModifiers: false
+IndentCaseLabels: false
+IndentCaseBlocks: false
+IndentGotoLabels: false
+IndentPPDirectives: None
+IndentExternBlock: AfterExternBlock
+IndentRequires: false
+IndentWidth: 8
+IndentWrappedFunctionNames: false
+InsertTrailingCommas: None
+JavaScriptQuotes: Leave
+JavaScriptWrapImports: true
+KeepEmptyLinesAtTheStartOfBlocks: false
+LambdaBodyIndentation: Signature
+MacroBlockBegin: ''
+MacroBlockEnd: ''
+MaxEmptyLinesToKeep: 1
+NamespaceIndentation: None
+ObjCBinPackProtocolList: Auto
+ObjCBlockIndentWidth: 8
+ObjCBreakBeforeNestedBlockParam: true
+ObjCSpaceAfterProperty: true
+ObjCSpaceBeforeProtocolList: true
+PenaltyBreakAssignment: 10
+PenaltyBreakBeforeFirstCallParameter: 30
+PenaltyBreakComment: 10
+PenaltyBreakFirstLessLess: 0
+PenaltyBreakOpenParenthesis: 0
+PenaltyBreakString: 10
+PenaltyBreakTemplateDeclaration: 10
+PenaltyExcessCharacter: 100
+PenaltyReturnTypeOnItsOwnLine: 60
+PenaltyIndentedWhitespace: 0
+PointerAlignment: Right
+PPIndentWidth: -1
+ReferenceAlignment: Pointer
+ReflowComments: false
+RemoveBracesLLVM: false
+SeparateDefinitionBlocks: Leave
+ShortNamespaceLines: 1
+SortIncludes: CaseInsensitive
+SortJavaStaticImport: Before
+SortUsingDeclarations: false
+SpaceAfterCStyleCast: false
+SpaceAfterLogicalNot: false
+SpaceAfterTemplateKeyword: true
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeCaseColon: false
+SpaceBeforeCpp11BracedList: false
+SpaceBeforeCtorInitializerColon: true
+SpaceBeforeInheritanceColon: true
+SpaceBeforeParens: ControlStatementsExceptControlMacros
+SpaceBeforeParensOptions:
+ AfterControlStatements: true
+ AfterForeachMacros: false
+ AfterFunctionDefinitionName: false
+ AfterFunctionDeclarationName: false
+ AfterIfMacros: false
+ AfterOverloadedOperator: false
+ BeforeNonEmptyParentheses: false
+SpaceAroundPointerQualifiers: Default
+SpaceBeforeRangeBasedForLoopColon: true
+SpaceInEmptyBlock: false
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 1
+SpacesInAngles: Never
+SpacesInConditionalStatement: false
+SpacesInContainerLiterals: false
+SpacesInCStyleCastParentheses: false
+SpacesInLineCommentPrefix:
+ Minimum: 1
+ Maximum: -1
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+SpaceBeforeSquareBrackets: false
+BitFieldColonSpacing: Both
+Standard: c++03
+StatementAttributeLikeMacros:
+ - Q_EMIT
+StatementMacros:
+ - Q_UNUSED
+ - QT_REQUIRE_VERSION
+TabWidth: 8
+UseCRLF: false
+UseTab: Always
+WhitespaceSensitiveMacros:
+ - STRINGIZE
+ - PP_STRINGIZE
+ - BOOST_PP_STRINGIZE
+ - NS_SWIFT_NAME
+ - CF_SWIFT_NAME
+...
diff --git a/Makefile b/Makefile
index eca70bd..150aa30 100644
--- a/Makefile
+++ b/Makefile
@@ -148,7 +148,7 @@
TF_CFLAGS_aarch64 := -target aarch64-arm-none-eabi
else
TF_CFLAGS_aarch32 = $(target32-directive)
- TF_CFLAGS_aarch64 := -target aarch64-elf
+ TF_CFLAGS_aarch64 := -target aarch64-unknown-none-elf
endif
else ifeq ($($(ARCH)-cc-id),gnu-gcc)
@@ -492,6 +492,12 @@
include ${PLAT_MAKEFILE_FULL}
################################################################################
+# Setup arch_features based on ARM_ARCH_MAJOR, ARM_ARCH_MINOR provided from
+# platform.
+################################################################################
+
+include ${MAKE_HELPERS_DIRECTORY}arch_features.mk
+################################################################################
# Process BRANCH_PROTECTION value and set
# Pointer Authentication and Branch Target Identification flags
################################################################################
@@ -517,30 +523,29 @@
# Turn on branch target identification mechanism
BP_OPTION := bti
ENABLE_BTI := 1
+else ifeq (${BRANCH_PROTECTION},5)
+ # Turn on branch target identification mechanism
+ BP_OPTION := standard
+ ENABLE_BTI := 2
+ ENABLE_PAUTH := 2
else
$(error Unknown BRANCH_PROTECTION value ${BRANCH_PROTECTION})
endif #(BRANCH_PROTECTION)
-ifeq ($(ENABLE_PAUTH),1)
- CTX_INCLUDE_PAUTH_REGS := 1
+ifneq ($(ENABLE_PAUTH),0)
+ CTX_INCLUDE_PAUTH_REGS := ${ENABLE_PAUTH}
endif
ifneq (${BP_OPTION},none)
TF_CFLAGS_aarch64 += -mbranch-protection=${BP_OPTION}
endif #(BP_OPTION)
# Pointer Authentication sources
-ifeq (${ENABLE_PAUTH}, 1)
+ifneq (${ENABLE_PAUTH},0)
# arm/common/aarch64/arm_pauth.c contains a sample platform hook to complete the
# Pauth support. As it's not secure, it must be reimplemented for real platforms
- BL_COMMON_SOURCES += lib/extensions/pauth/pauth_helpers.S
+ BL_COMMON_SOURCES += lib/extensions/pauth/pauth.c
endif
-################################################################################
-# Setup arch_features based on ARM_ARCH_MAJOR, ARM_ARCH_MINOR provided from
-# platform.
-################################################################################
-include ${MAKE_HELPERS_DIRECTORY}arch_features.mk
-
####################################################
# Enable required options for Memory Stack Tagging.
####################################################
@@ -581,6 +586,10 @@
CTX_INCLUDE_AARCH32_REGS := 0
CTX_INCLUDE_PAUTH_REGS := 1
+ ifneq ($(ENABLE_FEAT_MPAM), 0)
+ CTX_INCLUDE_MPAM_REGS := 1
+ endif
+
# RME enables CSV2_2 extension by default.
ENABLE_FEAT_CSV2_2 = 1
endif #(FEAT_RME)
@@ -643,7 +652,7 @@
################################################################################
include ${MAKE_HELPERS_DIRECTORY}march.mk
-TF_CFLAGS += $(march-directive)
+TF_CFLAGS += $(march-directive)
ASFLAGS += $(march-directive)
# This internal flag is common option which is set to 1 for scenarios
@@ -755,6 +764,10 @@
include lib/libc/libc.mk
endif
+ifneq (${USE_GIC_DRIVER},0)
+include drivers/arm/gic/gic.mk
+endif
+
################################################################################
# Check incompatible options and dependencies
################################################################################
@@ -913,18 +926,46 @@
# If pointer authentication is used in the firmware, make sure that all the
# registers associated to it are also saved and restored.
# Not doing it would leak the value of the keys used by EL3 to EL1 and S-EL1.
-ifeq ($(ENABLE_PAUTH),1)
+ifneq ($(ENABLE_PAUTH),0)
ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
- $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS=1)
+ $(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS to be enabled)
endif
endif #(ENABLE_PAUTH)
-ifeq ($(CTX_INCLUDE_PAUTH_REGS),1)
+ifneq ($(CTX_INCLUDE_PAUTH_REGS),0)
ifneq (${ARCH},aarch64)
$(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
endif
endif #(CTX_INCLUDE_PAUTH_REGS)
+# Check ENABLE_FEAT_PAUTH_LR
+ifneq (${ENABLE_FEAT_PAUTH_LR},0)
+
+# Make sure PAUTH is enabled
+ifeq (${ENABLE_PAUTH},0)
+ $(error Error: PAUTH_LR cannot be used without PAUTH (see BRANCH_PROTECTION))
+endif
+
+# Make sure SCTLR2 is enabled
+ifeq (${ENABLE_FEAT_SCTLR2},0)
+ $(error Error: PAUTH_LR cannot be used without ENABLE_FEAT_SCTLR2)
+endif
+
+# FEAT_PAUTH_LR is only supported in aarch64 state
+ifneq (${ARCH},aarch64)
+ $(error ENABLE_FEAT_PAUTH_LR requires AArch64)
+endif
+
+# Currently, FEAT_PAUTH_LR is only supported by arm/clang compilers
+# TODO implement for GCC when support is added
+ifeq ($($(ARCH)-cc-id),arm-clang)
+ arch-features := $(arch-features)+pauth-lr
+else
+ $(error Error: ENABLE_FEAT_PAUTH_LR not supported for GCC compiler)
+endif
+
+endif # ${ENABLE_FEAT_PAUTH_LR}
+
ifeq ($(FEATURE_DETECTION),1)
$(info FEATURE_DETECTION is an experimental feature)
endif #(FEATURE_DETECTION)
@@ -971,7 +1012,7 @@
endif
# FEAT_RNG_TRAP is not supported in AArch32
- ifeq (${ENABLE_FEAT_RNG_TRAP},1)
+ ifneq (${ENABLE_FEAT_RNG_TRAP},0)
$(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
endif
@@ -1235,6 +1276,7 @@
DISCRETE_TPM \
DICE_PROTECTION_ENVIRONMENT \
RMMD_ENABLE_EL3_TOKEN_SIGN \
+ RMMD_ENABLE_IDE_KEY_PROG \
DRTM_SUPPORT \
NS_TIMER_SWITCH \
OVERRIDE_LIBC \
@@ -1310,6 +1352,7 @@
ENABLE_TRBE_FOR_NS \
ENABLE_BTI \
ENABLE_PAUTH \
+ ENABLE_FEAT_PAUTH_LR \
ENABLE_FEAT_AMU \
ENABLE_FEAT_AMUv1p1 \
ENABLE_FEAT_CSV2_2 \
@@ -1396,11 +1439,13 @@
ENABLE_FEAT_DEBUGV8P9 \
ENABLE_FEAT_MPAM \
ENABLE_PAUTH \
+ ENABLE_FEAT_PAUTH_LR \
ENABLE_PIE \
ENABLE_PMF \
ENABLE_PSCI_STAT \
ENABLE_RME \
RMMD_ENABLE_EL3_TOKEN_SIGN \
+ RMMD_ENABLE_IDE_KEY_PROG \
ENABLE_RUNTIME_INSTRUMENTATION \
ENABLE_SME_FOR_NS \
ENABLE_SME2_FOR_NS \
diff --git a/bl1/aarch64/bl1_exceptions.S b/bl1/aarch64/bl1_exceptions.S
index eaaf59a..3e3e002 100644
--- a/bl1/aarch64/bl1_exceptions.S
+++ b/bl1/aarch64/bl1_exceptions.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -224,15 +224,6 @@
*/
bl prepare_el3_entry
-#if ENABLE_PAUTH
- /* -----------------------------------------------------
- * Load and program stored APIAKey firmware key.
- * Re-enable pointer authentication in EL3, as it was
- * disabled before jumping to the next boot image.
- * -----------------------------------------------------
- */
- bl pauth_load_bl1_apiakey_enable
-#endif
/* -----------------------------------------------------
* Populate the parameters for the SMC handler. We
* already have x0-x4 in place. x5 will point to a
diff --git a/bl1/bl1_fwu.c b/bl1/bl1_fwu.c
index 6d4dc7e..167a22e 100644
--- a/bl1/bl1_fwu.c
+++ b/bl1/bl1_fwu.c
@@ -170,6 +170,9 @@
uintptr_t checked_image_base, checked_image_end;
checked_desc = bl1_plat_get_image_desc(image_id);
+
+ assert(checked_desc != NULL);
+
checked_info = &checked_desc->image_info;
/* Image being checked mustn't be empty. */
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index 2b3a827..db14ec6 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -52,14 +52,6 @@
/* Perform late platform-specific setup */
bl1_plat_arch_setup();
-
-#if CTX_INCLUDE_PAUTH_REGS
- /*
- * Assert that the ARMv8.3-PAuth registers are present or an access
- * fault will be triggered when they are being saved or restored.
- */
- assert(is_armv8_3_pauth_present());
-#endif /* CTX_INCLUDE_PAUTH_REGS */
}
/*******************************************************************************
@@ -127,12 +119,6 @@
/* Perform platform setup in BL1. */
bl1_platform_setup();
-#if ENABLE_PAUTH
- /* Store APIAKey_EL1 key */
- bl1_apiakey[0] = read_apiakeylo_el1();
- bl1_apiakey[1] = read_apiakeyhi_el1();
-#endif /* ENABLE_PAUTH */
-
/* Get the image id of next image to load and run. */
image_id = bl1_plat_get_next_image_id();
diff --git a/bl2/aarch32/bl2_entrypoint.S b/bl2/aarch32/bl2_entrypoint.S
index 678d9c2..91fc682 100644
--- a/bl2/aarch32/bl2_entrypoint.S
+++ b/bl2/aarch32/bl2_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2024, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -29,10 +29,10 @@
* use.
* ---------------------------------------------
*/
- mov r9, r0
- mov r10, r1
- mov r11, r2
- mov r12, r3
+ mov r8, r0
+ mov r9, r1
+ mov r10, r2
+ mov r11, r3
/* ---------------------------------------------
* Set the exception vector to something sane.
@@ -114,10 +114,10 @@
* Perform BL2 setup
* ---------------------------------------------
*/
- mov r0, r9
- mov r1, r10
- mov r2, r11
- mov r3, r12
+ mov r0, r8
+ mov r1, r9
+ mov r2, r10
+ mov r3, r11
bl bl2_setup
diff --git a/bl2/aarch64/bl2_entrypoint.S b/bl2/aarch64/bl2_entrypoint.S
index a021e42..756c16d 100644
--- a/bl2/aarch64/bl2_entrypoint.S
+++ b/bl2/aarch64/bl2_entrypoint.S
@@ -48,6 +48,10 @@
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+#if ENABLE_BTI
+ /* Enable PAC branch type compatibility */
+ bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT)
+#endif
bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index f12c1a5..dbe9453 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -50,14 +50,6 @@
/* Perform late platform-specific setup */
bl2_el3_plat_arch_setup();
-
-#if CTX_INCLUDE_PAUTH_REGS
- /*
- * Assert that the ARMv8.3-PAuth registers are present or an access
- * fault will be triggered when they are being saved or restored.
- */
- assert(is_armv8_3_pauth_present());
-#endif /* CTX_INCLUDE_PAUTH_REGS */
}
#else /* RESET_TO_BL2 */
@@ -75,14 +67,6 @@
/* Perform late platform-specific setup */
bl2_plat_arch_setup();
-
-#if CTX_INCLUDE_PAUTH_REGS
- /*
- * Assert that the ARMv8.3-PAuth registers are present or an access
- * fault will be triggered when they are being saved or restored.
- */
- assert(is_armv8_3_pauth_present());
-#endif /* CTX_INCLUDE_PAUTH_REGS */
}
#endif /* RESET_TO_BL2 */
@@ -136,12 +120,12 @@
disable_mmu_icache_secure();
#endif /* !__aarch64__ */
-#if ENABLE_PAUTH
/*
* Disable pointer authentication before running next boot image
*/
- pauth_disable_el1();
-#endif /* ENABLE_PAUTH */
+ if (is_feat_pauth_supported()) {
+ pauth_disable_el1();
+ }
#if ENABLE_RUNTIME_INSTRUMENTATION
PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_EXIT, PMF_CACHE_MAINT);
@@ -164,12 +148,12 @@
#endif
console_flush();
-#if ENABLE_PAUTH
/*
* Disable pointer authentication before running next boot image
*/
- pauth_disable_el3();
-#endif /* ENABLE_PAUTH */
+ if (is_feat_pauth_supported()) {
+ pauth_disable_el3();
+ }
bl2_run_next_image(next_bl_ep_info);
#endif /* BL2_RUNS_AT_EL3 */
diff --git a/bl2u/aarch64/bl2u_entrypoint.S b/bl2u/aarch64/bl2u_entrypoint.S
index 15978b6..8fc34b3 100644
--- a/bl2u/aarch64/bl2u_entrypoint.S
+++ b/bl2u/aarch64/bl2u_entrypoint.S
@@ -45,6 +45,10 @@
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+#if ENABLE_BTI
+ /* Enable PAC branch type compatibility */
+ bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT)
+#endif
bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb
diff --git a/bl31/aarch64/crash_reporting.S b/bl31/aarch64/crash_reporting.S
index b5bf575..7b61692 100644
--- a/bl31/aarch64/crash_reporting.S
+++ b/bl31/aarch64/crash_reporting.S
@@ -397,8 +397,26 @@
ldr x4, [x0, #REGSZ * 7]
#if ENABLE_PAUTH
+#if ENABLE_PAUTH == 2
+ /* Skip if not present in hardware */
+ is_feat_pauth_present_asm x0, x1
+ beq 1f
+#endif
+ /*
+ * The assembler must see support for xpaci. So turn the compiler
+ * extension on. GCC prior to 10 doesn't understand the PAuth extension
+ * but it does understand armv8.3-a in general. Avoid using 8.3 if
+ * the compiler understands "pauth" so we don't downgrade a higher
+ * -march that was specified on the commandline.
+ */
+#if __GNUC__ < 10
+ .arch armv8.3-a
+#else
+ .arch_extension pauth
+#endif
/* Demangle address */
xpaci x4
+1:
#endif
bl asm_print_hex
bl asm_print_newline
diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S
index fce17e1..3f1b3ea 100644
--- a/bl31/aarch64/ea_delegate.S
+++ b/bl31/aarch64/ea_delegate.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2022, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -46,11 +46,6 @@
*/
bl prepare_el3_entry
-#if ENABLE_PAUTH
- /* Load and program APIAKey firmware key */
- bl pauth_load_bl31_apiakey
-#endif
-
/* Setup exception class and syndrome arguments for platform handler */
mov x0, #ERROR_EA_SYNC
mrs x1, esr_el3
@@ -78,11 +73,6 @@
*/
bl prepare_el3_entry
-#if ENABLE_PAUTH
- /* Load and program APIAKey firmware key */
- bl pauth_load_bl31_apiakey
-#endif
-
/* Setup exception class and syndrome arguments for platform handler */
mov x0, #ERROR_EA_ASYNC
mrs x1, esr_el3
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S
index 7423805..6537aa7 100644
--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -340,11 +340,6 @@
*/
bl prepare_el3_entry
-#if ENABLE_PAUTH
- /* Load and program APIAKey firmware key */
- bl pauth_load_bl31_apiakey
-#endif
-
/*
* Populate the parameters for the SMC handler.
* We already have x0-x4 in place. x5 will point to a cookie (not used
@@ -536,11 +531,6 @@
*/
bl prepare_el3_entry
-#if ENABLE_PAUTH
- /* Load and program APIAKey firmware key */
- bl pauth_load_bl31_apiakey
-#endif
-
/* Save the EL3 system registers needed to return from this exception */
mrs x0, spsr_el3
mrs x1, elr_el3
diff --git a/bl31/bl31_main.c b/bl31/bl31_main.c
index db0ea6c..a9f89fc 100644
--- a/bl31/bl31_main.c
+++ b/bl31/bl31_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,6 +17,7 @@
#include <common/debug.h>
#include <common/feat_detect.h>
#include <common/runtime_svc.h>
+#include <drivers/arm/gic.h>
#include <drivers/console.h>
#include <lib/bootmarker_capture.h>
#include <lib/el3_runtime/context_debug.h>
@@ -104,14 +105,6 @@
/* Perform late platform-specific setup */
bl31_plat_arch_setup();
-#if CTX_INCLUDE_PAUTH_REGS
- /*
- * Assert that the ARMv8.3-PAuth registers are present or an access
- * fault will be triggered when they are being saved or restored.
- */
- assert(is_armv8_3_pauth_present());
-#endif /* CTX_INCLUDE_PAUTH_REGS */
-
/* Prints context_memory allocated for all the security states */
report_ctx_memory_usage();
}
@@ -153,6 +146,18 @@
/* Perform platform setup in BL31 */
bl31_platform_setup();
+#if USE_GIC_DRIVER
+ /*
+ * Initialize the GIC driver as well as per-cpu and global interfaces.
+ * Platform has had an opportunity to initialise specifics.
+ */
+ unsigned int core_pos = plat_my_core_pos();
+
+ gic_init(core_pos);
+ gic_pcpu_init(core_pos);
+ gic_cpuif_enable(core_pos);
+#endif /* USE_GIC_DRIVER */
+
/* Initialise helper libraries */
bl31_lib_init();
@@ -255,7 +260,7 @@
******************************************************************************/
void __init bl31_prepare_next_image_entry(void)
{
- entry_point_info_t *next_image_info;
+ const entry_point_info_t *next_image_info;
uint32_t image_type;
#if CTX_INCLUDE_AARCH32_REGS
diff --git a/bl31/bl31_traps.c b/bl31/bl31_traps.c
index 984fdaa..114a57d 100644
--- a/bl31/bl31_traps.c
+++ b/bl31/bl31_traps.c
@@ -90,19 +90,17 @@
* Explicitly create all bits of SPSR to get PSTATE at exception return.
*
* The code is based on "Aarch64.exceptions.takeexception" described in
- * DDI0602 revision 2023-06.
- * "https://developer.arm.com/documentation/ddi0602/2023-06/Shared-Pseudocode/
+ * DDI0602 revision 2025-03.
+ * "https://developer.arm.com/documentation/ddi0597/2025-03/Shared-Pseudocode/
* aarch64-exceptions-takeexception"
*
- * NOTE: This piece of code must be reviewed every release to ensure that
- * we keep up with new ARCH features which introduces a new SPSR bit.
+ * NOTE: This piece of code must be reviewed every release against the latest
+ * takeexception sequence to ensure that we keep up with new arch features that
+ * affect the PSTATE.
*
- * TF-A 2.12 release review
- * The latest version available is 2024-09, which has two extra features which
- * impacts generation of SPSR, since these features are not implemented in TF-A
- * at the time of release, just log the feature names here to be taken up when
- * feature support is introduced.
- * - FEAT_PAuth_LR (2023 extension)
+ * TF-A 2.13 release review
+ *
+ * Review of version 2025-03 indicates we are missing support for one feature.
* - FEAT_UINJ (2024 extension)
*/
u_register_t create_spsr(u_register_t old_spsr, unsigned int target_el)
@@ -204,6 +202,12 @@
new_spsr |= (gcscr & GCSCR_EXLOCK_EN_BIT) ? SPSR_EXLOCK_BIT_AARCH64 : 0;
}
+ /* If FEAT_PAUTH_LR present then zero the PACM bit. */
+ new_spsr |= old_spsr & SPSR_PACM_BIT_AARCH64;
+ if (is_feat_pauth_lr_present()) {
+ new_spsr &= ~SPSR_PACM_BIT_AARCH64;
+ }
+
return new_spsr;
}
diff --git a/bl32/sp_min/sp_min.mk b/bl32/sp_min/sp_min.mk
index b1f4343..44d1e66 100644
--- a/bl32/sp_min/sp_min.mk
+++ b/bl32/sp_min/sp_min.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -83,3 +83,7 @@
SP_MIN_WITH_SECURE_FIQ ?= 0
$(eval $(call add_define,SP_MIN_WITH_SECURE_FIQ))
$(eval $(call assert_boolean,SP_MIN_WITH_SECURE_FIQ))
+
+ifeq (${TRANSFER_LIST},1)
+BL32_SOURCES += $(TRANSFER_LIST_SOURCES)
+endif
diff --git a/bl32/sp_min/sp_min_main.c b/bl32/sp_min/sp_min_main.c
index a85b355..9add239 100644
--- a/bl32/sp_min/sp_min_main.c
+++ b/bl32/sp_min/sp_min_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -113,6 +113,7 @@
next_smc_ctx->r0 = read_ctx_reg(cpu_reg_ctx, CTX_GPREG_R0);
next_smc_ctx->r1 = read_ctx_reg(cpu_reg_ctx, CTX_GPREG_R1);
next_smc_ctx->r2 = read_ctx_reg(cpu_reg_ctx, CTX_GPREG_R2);
+ next_smc_ctx->r3 = read_ctx_reg(cpu_reg_ctx, CTX_GPREG_R3);
next_smc_ctx->lr_mon = read_ctx_reg(cpu_reg_ctx, CTX_LR);
next_smc_ctx->spsr_mon = read_ctx_reg(cpu_reg_ctx, CTX_SPSR);
next_smc_ctx->scr = read_ctx_reg(cpu_reg_ctx, CTX_SCR);
diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S
index e5ea88c..4ea2f5b 100644
--- a/bl32/tsp/aarch64/tsp_entrypoint.S
+++ b/bl32/tsp/aarch64/tsp_entrypoint.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -51,6 +51,15 @@
.endm
func tsp_entrypoint _align=3
+ /*---------------------------------------------
+ * Save arguments x0 - x3 from BL1 for future
+ * use.
+ * ---------------------------------------------
+ */
+ mov x20, x0
+ mov x21, x1
+ mov x22, x2
+ mov x23, x3
#if ENABLE_PIE
/*
@@ -94,6 +103,10 @@
mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el1
orr x0, x0, x1
+#if ENABLE_BTI
+ /* Enable PAC branch type compatibility */
+ bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT)
+#endif
bic x0, x0, #SCTLR_DSSBS_BIT
msr sctlr_el1, x0
isb
@@ -169,6 +182,16 @@
bl update_stack_protector_canary
#endif
+ /*---------------------------------------------
+ * Save arguments x0 - x3 from prio stage for
+ * future use.
+ * ---------------------------------------------
+ */
+ mov x0, x20
+ mov x1, x21
+ mov x2, x22
+ mov x3, x23
+
/* ---------------------------------------------
* Perform TSP setup
* ---------------------------------------------
diff --git a/bl32/tsp/tsp_common.c b/bl32/tsp/tsp_common.c
index 3a6c9d9..144349a 100644
--- a/bl32/tsp/tsp_common.c
+++ b/bl32/tsp/tsp_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -64,24 +64,17 @@
/*******************************************************************************
* Setup function for TSP.
******************************************************************************/
-void tsp_setup(void)
+void tsp_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
+ u_register_t arg3)
{
/* Enable early console if EARLY_CONSOLE flag is enabled */
plat_setup_early_console();
/* Perform early platform-specific setup. */
- tsp_early_platform_setup();
+ tsp_early_platform_setup(arg0, arg1, arg2, arg3);
/* Perform late platform-specific setup. */
tsp_plat_arch_setup();
-
-#if ENABLE_PAUTH
- /*
- * Assert that the ARMv8.3-PAuth registers are present or an access
- * fault will be triggered when they are being saved or restored.
- */
- assert(is_armv8_3_pauth_present());
-#endif /* ENABLE_PAUTH */
}
/*******************************************************************************
@@ -104,7 +97,7 @@
tsp_stats[linear_id].eret_count++;
INFO("TSP: cpu 0x%lx SYSTEM_OFF request\n", read_mpidr());
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(),
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets requests\n", read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count);
@@ -132,7 +125,7 @@
tsp_stats[linear_id].eret_count++;
INFO("TSP: cpu 0x%lx SYSTEM_RESET request\n", read_mpidr());
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(),
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets requests\n", read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count);
diff --git a/bl32/tsp/tsp_interrupt.c b/bl32/tsp/tsp_interrupt.c
index a847b6c..9d86e3e 100644
--- a/bl32/tsp/tsp_interrupt.c
+++ b/bl32/tsp/tsp_interrupt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -37,8 +37,8 @@
VERBOSE("TSP: cpu 0x%lx sync s-el1 interrupt request from 0x%" PRIx64 "\n",
read_mpidr(), elr_el3);
- VERBOSE("TSP: cpu 0x%lx: %d sync s-el1 interrupt requests,"
- " %d sync s-el1 interrupt returns\n",
+ VERBOSE("TSP: cpu 0x%lx: %u sync s-el1 interrupt requests,"
+ " %u sync s-el1 interrupt returns\n",
read_mpidr(),
tsp_stats[linear_id].sync_sel1_intr_count,
tsp_stats[linear_id].sync_sel1_intr_ret_count);
@@ -54,7 +54,7 @@
uint32_t linear_id = plat_my_core_pos();
tsp_stats[linear_id].preempt_intr_count++;
- VERBOSE("TSP: cpu 0x%lx: %d preempt interrupt requests\n",
+ VERBOSE("TSP: cpu 0x%lx: %u preempt interrupt requests\n",
read_mpidr(), tsp_stats[linear_id].preempt_intr_count);
return TSP_PREEMPTED;
}
@@ -107,9 +107,9 @@
/* Update the statistics and print some messages */
tsp_stats[linear_id].sel1_intr_count++;
- VERBOSE("TSP: cpu 0x%lx handled S-EL1 interrupt %d\n",
+ VERBOSE("TSP: cpu 0x%lx handled S-EL1 interrupt %u\n",
read_mpidr(), id);
- VERBOSE("TSP: cpu 0x%lx: %d S-EL1 requests\n",
+ VERBOSE("TSP: cpu 0x%lx: %u S-EL1 requests\n",
read_mpidr(), tsp_stats[linear_id].sel1_intr_count);
return 0;
}
diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c
index 8c6b2ed..1b7116a 100644
--- a/bl32/tsp/tsp_main.c
+++ b/bl32/tsp/tsp_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -47,7 +47,7 @@
tsp_stats[linear_id].eret_count++;
tsp_stats[linear_id].cpu_on_count++;
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n",
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets %u cpu on requests\n",
read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
@@ -75,7 +75,7 @@
tsp_stats[linear_id].cpu_on_count++;
INFO("TSP: cpu 0x%lx turned on\n", read_mpidr());
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n",
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets %u cpu on requests\n",
read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
@@ -112,7 +112,7 @@
tsp_stats[linear_id].cpu_off_count++;
INFO("TSP: cpu 0x%lx off request\n", read_mpidr());
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu off requests\n",
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets %u cpu off requests\n",
read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
@@ -150,7 +150,7 @@
tsp_stats[linear_id].eret_count++;
tsp_stats[linear_id].cpu_suspend_count++;
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu suspend requests\n",
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets %u cpu suspend requests\n",
read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
@@ -184,9 +184,9 @@
tsp_stats[linear_id].eret_count++;
tsp_stats[linear_id].cpu_resume_count++;
- INFO("TSP: cpu 0x%lx resumed. maximum off power level %" PRId64 "\n",
+ INFO("TSP: cpu 0x%lx resumed. maximum off power level %" PRIu64 "\n",
read_mpidr(), max_off_pwrlvl);
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu resume requests\n",
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets %u cpu resume requests\n",
read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
@@ -224,7 +224,7 @@
INFO("TSP: cpu 0x%lx received %s smc 0x%" PRIx64 "\n", read_mpidr(),
((func >> 31) & 1) == 1 ? "fast" : "yielding",
func);
- INFO("TSP: cpu 0x%lx: %d smcs, %d erets\n", read_mpidr(),
+ INFO("TSP: cpu 0x%lx: %u smcs, %u erets\n", read_mpidr(),
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count);
diff --git a/changelog.yaml b/changelog.yaml
index 3f06369..93eeb73 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -170,12 +170,6 @@
- plat/fvp
- fvp/tsp_manifest
- - title: FVP-R
- scope: fvp-r
-
- deprecated:
- - fvp_r
-
- title: FVP Versatile Express
scope: fvp_ve
@@ -192,21 +186,6 @@
scope: neoverse-rd
subsections:
- - title: SGI-575
- scope: sgi575
-
- - title: RD-E1-Edge
- scope: rde1edge
-
- - title: RD-N1-Edge
- scope: rdn1edge
-
- - title: RD-V1
- scope: rdv1
-
- - title: RD-V1-MC
- scope: rdv1mc
-
- title: RD-N2
scope: rdn2
@@ -226,13 +205,6 @@
deprecated:
- plat/tc
- subsections:
- - title: TC0
- scope: tc0
-
- deprecated:
- - plat/tc0
-
- title: Corstone-1000
scope: corstone-1000
@@ -1276,6 +1248,9 @@
- title: AArch64
scope: aarch64
+ - title: AArch32
+ scope: aarch32
+
- title: Debug
scope: debug
@@ -1421,6 +1396,9 @@
scope: tools
subsections:
+ - title: Clang-Format
+ scope: clang-format
+
- title: Dependabot
scope: dependabot
diff --git a/common/backtrace/backtrace.c b/common/backtrace/backtrace.c
index f994ae5..479c4fd 100644
--- a/common/backtrace/backtrace.c
+++ b/common/backtrace/backtrace.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,6 +8,7 @@
#include <stdbool.h>
#include <stdint.h>
+#include <arch_features.h>
#include <arch_helpers.h>
#include <common/debug.h>
#include <drivers/console.h>
@@ -41,15 +42,14 @@
{
uintptr_t ret = address;
-#if ENABLE_PAUTH
/*
* When pointer authentication is enabled, the LR value saved on the
* stack contains a PAC. It must be stripped to retrieve the return
* address.
*/
-
- xpaci(ret);
-#endif
+ if (is_feat_pauth_supported()) {
+ ret = xpaci(address);
+ }
return ret;
}
diff --git a/common/feat_detect.c b/common/feat_detect.c
index 821ccb8..2d80b42 100644
--- a/common/feat_detect.c
+++ b/common/feat_detect.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -66,7 +66,7 @@
static void read_feat_pauth(void)
{
#if (ENABLE_PAUTH == FEAT_STATE_ALWAYS) || (CTX_INCLUDE_PAUTH_REGS == FEAT_STATE_ALWAYS)
- feat_detect_panic(is_armv8_3_pauth_present(), "PAUTH");
+ feat_detect_panic(is_feat_pauth_present(), "PAUTH");
#endif
}
@@ -330,7 +330,7 @@
* revisions so that we catch them as they come along
*/
check_feature(FEAT_STATE_ALWAYS, read_feat_pmuv3_id_field(),
- "PMUv3", 1, ID_AA64DFR0_PMUVER_PMUV3P8);
+ "PMUv3", 1, ID_AA64DFR0_PMUVER_PMUV3P9);
/* v8.1 features */
check_feature(ENABLE_FEAT_PAN, read_feat_pan_id_field(), "PAN", 1, 3);
@@ -429,6 +429,7 @@
/* v9.4 features */
check_feature(ENABLE_FEAT_GCS, read_feat_gcs_id_field(), "GCS", 1, 1);
check_feature(ENABLE_RME, read_feat_rme_id_field(), "RME", 1, 1);
+ check_feature(ENABLE_FEAT_PAUTH_LR, is_feat_pauth_lr_present(), "PAUTH_LR", 1, 1);
if (tainted) {
panic();
diff --git a/common/tf_log.c b/common/tf_log.c
index 2d976f6..bef1739 100644
--- a/common/tf_log.c
+++ b/common/tf_log.c
@@ -61,7 +61,7 @@
return;
}
- putchar('\n');
+ (void)putchar((int32_t)'\n');
}
/*
diff --git a/docs/about/features.rst b/docs/about/features.rst
index 9b7bdf9..f15144a 100644
--- a/docs/about/features.rst
+++ b/docs/about/features.rst
@@ -127,7 +127,6 @@
Additionally the following libraries are marked experimental when included
in a platform:
-- MPU translation library ``lib/xlat_mpu``
- RSE comms driver ``drivers/arm/rse``
Still to come
@@ -151,4 +150,4 @@
--------------
-*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2025, Arm Limited. All rights reserved.*
diff --git a/docs/about/lts.rst b/docs/about/lts.rst
index f5e5f8e..593f9dc 100644
--- a/docs/about/lts.rst
+++ b/docs/about/lts.rst
@@ -27,6 +27,8 @@
+-------------+--------------------+-------------------------------------------------------+
| 2025-01-07 | Govindraj Raja | Updates based on learnings and suggestions. |
+-------------+--------------------+-------------------------------------------------------+
+ | 2025-03-27 | Chris Palmer | Playbook for making a new release. |
+ +-------------+--------------------+-------------------------------------------------------+
This document proposes a plan for long-term support (LTS) of the |TF-A| project.
@@ -263,6 +265,48 @@
#. Monitor the mailing list for any LTS related issues
#. Propose or solicit patches to the main branch and tag them as candidates for LTS
+Playbook for new releases
+-------------------------
+To make a new minor release (e.g. 2.x.y → 2.x.y+1), follow these steps.
+
+#. Every Friday, LTS maintainers receive a triage report email (subject: “TF-A
+ LTS Triage report”) that contains attached CSV files, 1 per
+ currently-supported LTS major release branch (e.g. lts-2.8, lts-2.10,
+ lts-2.12, etc.). It contains a list of patches to be cherry-picked into a new
+ minor release of each supported LTS branch.
+#. Run ``git fetch origin``.
+#. Run ``git checkout -b lts-v2.x.y+1 --track origin/lts-v2.x``.
+#. Run ``git log`` and verify that the most recent commit is the changelog for
+ the v2.x.y release, and that it has the origin/lts-v2.x tag.
+#. For the version 2.x for which you want to create a new release, open its CSV
+ file. For each patch listed, **from the bottom to the top**, run ``git
+ cherry-pick -x sha1-hash``.
+#. Some of the patches of this list may not be taken, mainly due to false
+ positive. If in doubt, that can be discussed either in the “tf-a-lts” channel
+ on Discord or during the LTS weekly meeting.
+#. Some dependency patches, not listed in the CSV file, may have to be taken, to ease the
+ application of the LTS patches. This can also be discussed with the other LTS maintainers.
+#. Push the stack of changes: ``git push origin
+ HEAD:refs/for/lts-v2.x%topic=for-lts-v2.x.y+1``. You might need the
+ ``--no-verify`` option: ``git push origin --no-verify
+ HEAD:refs/for/lts-v2.x%topic=for-lts-v2.x.y+1``.
+#. The AllowCI+2 job runs automatically on each LTS branch once a new
+ cherry-picked patch/patch-stack is pushed to the corresponding branch. If
+ this CI run passes, it automatically applies the Verified+1 (V+1) label to
+ the patch/all patches in the stack. The other LTS maintainers will provide
+ MR+1 and COR+1 votes. If the CI is OK and votes V+1, and if the
+ Maintainer-Review+1 (MR+1), Code-Owner-Review+1 (COR+1), and V+1 votes are
+ present, Gerrit will automatically merge the patch. LTS maintainers will then
+ trigger a Jenkins job that will take care of the release (tag, mail, and
+ readthedocs update).
+#. Some features may also require updates in other repositories (tf-a-ci-scripts,
+ tf-a-job-configs or tf-a-tests...). For tf-a-job-configs, there are no LTS branches, but
+ dedicated scripts for each LTS version which have to be updated manually. This is the case
+ for e.g. MbedTLS updates. For tf-a-ci-scripts and tf-a-tests, there are LTS branches and patches
+ will be cherry-picked from master branch to the LTS branch the same way it is done for TF-A.
+ There is no automation for those repositories. So the patches will have to be merged manually,
+ and for tf-a-ci-scripts and tf-a-tests, tags will also have to be set manually.
+
Execution Plan
**************
This section lists the steps needed to put the LTS system in place. However,
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index 3e33824..f1ce15a 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -226,10 +226,10 @@
^^^^^^^^^^^^^^^^^^^^^^^
:|M|: Michal Simek <michal.simek@amd.com>
:|G|: `michalsimek`_
-:|M|: Amit Nagal <amit.nagal@amd.com>
-:|G|: `amit-nagal`_
:|M|: Akshay Belsare <akshay.belsare@amd.com>
:|G|: `Akshay-Belsare`_
+:|M|: Maheedhar Sai Bollapalli <maheedharsai.bollapalli@amd.com>
+:|G|: `maheedhar-bollapalli`_
:|F|: drivers/arm/dcc/
:|F|: include/drivers/arm/dcc.h
@@ -587,18 +587,15 @@
:|M|: Rohit Mathew <Rohit.Mathew@arm.com>
:|G|: `rohit-arm`_
:|F|: plat/arm/board/neoverse_rd/common
-:|F|: plat/arm/board/neoverse_rd/platform/rdn1edge/
:|F|: plat/arm/board/neoverse_rd/platform/rdn2/
-:|F|: plat/arm/board/neoverse_rd/platform/rdv1/
-:|F|: plat/arm/board/neoverse_rd/platform/rdv1mc/
-:|F|: plat/arm/board/neoverse_rd/platform/sgi575/
+:|F|: plat/arm/board/neoverse_rd/platform/rdv3/
Arm Total Compute platform port
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-:|M|: Vishnu Banavath <vishnu.banavath@arm.com>
-:|G|: `vishnu-banavath`_
-:|M|: Rupinderjit Singh <rupinderjit.singh@arm.com>
-:|G|: `rupsin01`_
+:|M|: Artem Kopotev <artem.kopotev@arm.com>
+:|G|: `artkopotev`_
+:|M|: Oleksandr Tarhunakov <Oleksandr.Tarhunakov@arm.com>
+:|G|: `o-tarhunakov`_
:|F|: plat/arm/board/tc
Arm Automotive RD platform port
@@ -915,15 +912,17 @@
:|F|: docs/plat/socionext-uniphier.rst
:|F|: plat/socionext/uniphier/
-Xilinx platform port
-^^^^^^^^^^^^^^^^^^^^
+AMD-Xilinx platform port
+^^^^^^^^^^^^^^^^^^^^^^^^
:|M|: Michal Simek <michal.simek@amd.com>
:|G|: `michalsimek`_
-:|M|: Amit Nagal <amit.nagal@amd.com>
-:|G|: `amit-nagal`_
:|M|: Akshay Belsare <akshay.belsare@amd.com>
:|G|: `Akshay-Belsare`_
+:|M|: Maheedhar Sai Bollapalli <maheedharsai.bollapalli@amd.com>
+:|G|: `maheedhar-bollapalli`_
+:|F|: docs/plat/amd\*
:|F|: docs/plat/xilinx\*
+:|F|: plat/amd/
:|F|: plat/xilinx/
@@ -1038,7 +1037,6 @@
.. _abdellatif-elkhlifi: https://github.com/abdellatif-elkhlifi
.. _Akshay-Belsare: https://github.com/Akshay-Belsare
.. _AlexeiFedorov: https://github.com/AlexeiFedorov
-.. _amit-nagal: https://github.com/amit-nagal
.. _andersdellien-arm: https://github.com/andersdellien-arm
.. _Andre-ARM: https://github.com/Andre-ARM
.. _Anson-Huang: https://github.com/Anson-Huang
@@ -1088,6 +1086,7 @@
.. _leon-chen-mtk: https://github.com/leon-chen-mtk
.. _linyidi: https://github.com/linyidi
.. _madhukar-Arm: https://github.com/madhukar-Arm
+.. _maheedhar-bollapalli: https://github.com/maheedhar-bollapalli
.. _manish-pandey-arm: https://github.com/manish-pandey-arm
.. _ManishVB-Arm: https://github.com/ManishVB-Arm
.. _marcbonnici: https://github.com/marcbonnici
@@ -1116,7 +1115,7 @@
.. _remi-triplefault: https://github.com/repk
.. _rockchip-linux: https://github.com/rockchip-linux
.. _rohit-arm: https://github.com/rohit-arm
-.. _rupsin01: https://github.com/rupsin01
+.. _o-tarhunakov: https://github.com/o-tarhunakov
.. _rutigl: https://github.com/rutigl
.. _sandrine-bailleux-arm: https://github.com/sandrine-bailleux-arm
.. _shawnguo2: https://github.com/shawnguo2
@@ -1131,11 +1130,11 @@
.. _TravMurav: https://github.com/TravMurav
.. _uarif1: https://github.com/uarif1
.. _vijayenthiran-arm: https://github.com/vijayenthiran-arm
-.. _vishnu-banavath: https://github.com/vishnu-banavath
+.. _artkopotev: https://github.com/artkopotev
.. _vwadekar: https://github.com/vwadekar
.. _Yann-lms: https://github.com/Yann-lms
.. _sjaypee208: https://github.com/sjaypee208
--------------
-*Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/about/release-information.rst b/docs/about/release-information.rst
index dc2b2fd..0edd314 100644
--- a/docs/about/release-information.rst
+++ b/docs/about/release-information.rst
@@ -74,6 +74,8 @@
+-----------------+---------------------------+------------------------------+
| v2.13 | 4th week of May '25 | 2nd week of May '25 |
+-----------------+---------------------------+------------------------------+
+| v2.14 | 4th week of Nov '25 | 2nd week of Nov '25 |
++-----------------+---------------------------+------------------------------+
Removal of Deprecated Interfaces
--------------------------------
diff --git a/docs/components/context-management-library.rst b/docs/components/context-management-library.rst
index 8cb1ace..cef6fba 100644
--- a/docs/components/context-management-library.rst
+++ b/docs/components/context-management-library.rst
@@ -106,7 +106,6 @@
#define FEAT_STATE_DISABLED 0
#define FEAT_STATE_ENABLED 1
#define FEAT_STATE_CHECK 2
- #define FEAT_STATE_CHECK_ASYMMETRIC 3
A pattern is established for feature enablement behavior.
Each feature must support the 3 possible values with rigid semantics.
@@ -120,15 +119,15 @@
- **FEAT_STATE_CHECK** - same as ``FEAT_STATE_ALWAYS`` except that the feature's
existence will be checked at runtime. Default on dynamic platforms (example: FVP).
-- **FEAT_STATE_CHECK_ASYMMETRIC** - same as ``FEAT_STATE_CHECK`` except that the feature's
- existence is asymmetric across cores, which requires the feature existence is checked
- during warmboot path also. Note that only limited number of features can be asymmetric.
-
.. note::
- Only limited number of features can be ``FEAT_STATE_CHECK_ASYMMETRIC`` this is due to
- the fact that Operating systems are designed for SMP systems.
- There are no clear guidelines what kind of mismatch is allowed but following pointers
- can help making a decision
+
+ In general, it is assumed that all cores will support the same set of
+ architectural features (features will be symmetrical). However, there are
+ cases where this is impractical to achieve. Only some features can be
+ mismatched among cores and this is the exception rather than the rule. This
+ is due to the fact that Operating systems are designed for SMP systems. There
+ are no clear guidelines what kind of mismatch is allowed but following
+ pointers can help in making a decision:
- All mandatory features must be symmetric.
- Any feature that impacts the generation of page tables must be symmetric.
@@ -136,8 +135,9 @@
- Features related with profiling, debug and trace could be asymmetric
- Migration of vCPU/tasks between CPUs should not cause an error
- Whenever there is asymmetric feature support is added for a feature TF-A need to add
- feature specific code in context management code.
+ TF-A caters for mismatched features, however, this is not regularly tested
+ for all features and may not work as expected, even without considering OS
+ support.
.. note::
``FEAT_RAS`` is an exception here, as it impacts the execution of EL3 and
@@ -345,9 +345,9 @@
|Context Init WarmBoot|
-The primary CPU initializes the Non-Secure context for the secondary CPU while
-restoring re-entry information for the Non-Secure world.
-It initialises via ``cm_init_context_by_index(target_idx, ep )``.
+The primary CPU writes the entrypoint for the secondary CPU. When the secondary
+wakes up it initialises its own context via ``cm_init_my_context( ep )`` using
+the provided entrypoint.
``psci_warmboot_entrypoint()`` is the warm boot entrypoint procedure.
During the warm bootup process, secondary CPUs have their secure context
diff --git a/docs/components/ffa-manifest-binding.rst b/docs/components/ffa-manifest-binding.rst
index 2b6382b..34290f8 100644
--- a/docs/components/ffa-manifest-binding.rst
+++ b/docs/components/ffa-manifest-binding.rst
@@ -29,8 +29,13 @@
- uuid [mandatory]
- value type: <prop-encoded-array>
- - An array consisting of 4 <u32> values, identifying the UUID of the service
- implemented by this partition. The UUID format is described in RFC 4122.
+ - An array of comma separated tuples each consisting of 4 <u32> values,
+ identifying the UUID of the services implemented by this partition.
+ The UUID format is described in RFC 4122.
+ - These 4 <u32> values are packed similar to the UUID register mapping
+ specified in section '5.3 Unique Identification format', SMC Calling
+ Convention, DEN0028, v1.6 G BET0
+ (https://developer.arm.com/documentation/den0028/latest/).
- id
- value type: <u32>
diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst
index dfdabc6..6a07271 100644
--- a/docs/components/rmm-el3-comms-spec.rst
+++ b/docs/components/rmm-el3-comms-spec.rst
@@ -52,7 +52,7 @@
- ``RES0``: Bit 31 of the version number is reserved 0 as to maintain
consistency with the versioning schemes used in other parts of RMM.
-This document specifies the 0.5 version of Boot Interface ABI and RMM-EL3
+This document specifies the 0.6 version of Boot Interface ABI and RMM-EL3
services specification and the 0.5 version of the Boot Manifest.
.. _rmm_el3_boot_interface:
@@ -719,6 +719,263 @@
``E_RMM_OK``,No errors detected
+RMM_IDE_KEY_PROG command
+=========================
+
+Set the key/IV info at Root port for an IDE stream as part of Device Assignment flow. This
+command is available from v0.6 of the RMM-EL3 interface.
+
+Please refer to `IDE-KM RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_
+for description of the IDE setup sequence and how this will be invoked by RMM.
+
+The key is 256 bits and IV is 96 bits. The caller needs
+to call this SMC to program this key to the Rx, Tx ports and for each sub-stream
+corresponding to a single keyset.
+
+FID
+---
+
+``0xC40001B7``
+
+Input values
+------------
+
+.. csv-table:: Input values for RMM_IDE_KEY_PROG
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ fid,x0,[63:0],UInt64,Command FID
+ ecam_address,x1,[63:0],UInt64,Used to identify the root complex(RC)
+ rp_id,x2,[63:0],UInt64,Used to identify the root port within the root complex(RC)
+ "Keyset[12]:
+ Dir[11]:
+ Substream[10:8]:
+ StreamID[7:0]",x3,[63:0],UInt64,IDE selective stream informationKey set: can be 0 or 1unused bits MBZ.
+ KeqQW0,x4,[63:0],UInt64,Quad word of key [63:0]
+ KeqQW1,x5,[63:0],UInt64,Quad word of key [127:64]
+ KeqQW2,x6,[63:0],UInt64,Quad word of key [191:128]
+ KeqQW3,x7,[63:0],UInt64,Quad word of key [255:192]
+ IFVQW0,x8,[63:0],UInt64,Quad word of IV [63:0]
+ IFVQW1,x9,[63:0],UInt64,Quad word of IV [95:64]
+ request_id,x10,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+ cookie,x11,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+
+
+Output values
+-------------
+
+.. csv-table:: Output values for RMM_IDE_KEY_PROG
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ Result,x0,[63:0],Error Code,Command return status
+
+Failure conditions
+------------------
+
+The table below shows all the possible error codes returned in ``Result`` upon
+a failure. The errors are ordered by condition check.
+
+.. csv-table:: Failure conditions for RMM_IDE_KEY_PROG
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_OK``,The Key programming is successful.
+ ``E_RMM_FAULT``,The Key programming is not successful.
+ ``E_RMM_INVAL``,The Key programming arguments are incorrect.
+ ``E_RMM_UNK``,Unknown error or the SMC is not present if the version is < 0.6.
+ ``E_RMM_AGAIN``,Returned only for non-blocking mode. IDE-KM interface is busy or request is full. Retry required.
+ ``E_RMM_INPROGRESS``,Returned only for non-blocking mode. The caller must issue RMM_IDE_KM_PULL_RESPONSE SMC to pull the response.
+
+
+RMM_IDE_KEY_SET_GO command
+==========================
+
+Activate the IDE stream at Root Port once the keys have been programmed as part of
+Device Assignment flow. This command is available from v0.6 of the RMM-EL3 interface.
+
+Please refer to `IDE-KM RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_
+for description of the IDE setup sequence and info on how this will be invoked by RMM.
+
+The caller(RMM) needs to ensure the EL3_IDE_KEY_PROG() call had succeeded prior to this call.
+
+FID
+---
+
+``0xC40001B8``
+
+Input values
+------------
+
+.. csv-table:: Input values for RMM_IDE_KEY_SET_GO
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ fid,x0,[63:0],UInt64,Command FID
+ ecam_address,x1,[63:0],UInt64,Used to identify the root complex(RC)
+ rp_id,x2,[63:0],UInt64,Used to identify the root port within the root complex(RC)
+ "Keyset[12]:
+ Dir[11]:
+ Substream[10:8]:
+ StreamID[7:0]",x3,[63:0],UInt64,IDE selective stream information. Key set can be 0 or 1. Unused bits MBZ.
+ request_id,x4,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+ cookie,x5,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+
+
+Output values
+-------------
+
+.. csv-table:: Output values for RMM_IDE_KEY_SET_GO
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ Result,x0,[63:0],Error Code,Command return status
+
+Failure conditions
+------------------
+
+The table below shows all the possible error codes returned in ``Result`` upon
+a failure. The errors are ordered by condition check.
+
+.. csv-table:: Failure conditions for RMM_IDE_KEY_SET_GO
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_OK``,The Key set go is successful.
+ ``E_RMM_FAULT``,The Key set go is not successful.
+ ``E_RMM_INVAL``,Incorrect arguments.
+ ``E_RMM_UNK``,Unknown error or the SMC is not present if the version is < 0.6.
+ ``E_RMM_AGAIN``,Returned only for non-blocking mode. IDE-KM interface is busy or request is full. Retry required.
+ ``E_RMM_INPROGRESS``,Returned only for non-blocking mode. The caller must issue RMM_IDE_KM_PULL_RESPONSE SMC to pull the response.
+
+
+RMM_IDE_KEY_SET_STOP command
+============================
+
+Deactivate the IDE stream at Root Port as part of Device Assignment flow. This command is
+available from v0.6 of the RMM-EL3 interface.
+
+Please refer to `IDE-KM RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_
+for description of the IDE setup sequence and info on how this will be invoked by RMM.
+
+This SMC is used to tear down an IDE Stream.
+
+FID
+---
+
+``0xC40001B9``
+
+Input values
+------------
+
+.. csv-table:: Input values for RMM_IDE_KEY_SET_STOP
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ fid,x0,[63:0],UInt64,Command FID
+ ecam_address,x1,[63:0],UInt64,Used to identify the root complex(RC)
+ rp_id,x2,[63:0],UInt64,Used to identify the root port within the root complex(RC)
+ "Keyset[12]:
+ Dir[11]:
+ Substream[10:8]:
+ StreamID[7:0]",x3,[63:0],UInt64,IDE selective stream information. Key set can be 0 or 1. Unused bits MBZ.
+ request_id,x4,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+ cookie,x5,[63:0],UInt64,Used only in non-blocking mode. Ignored in blocking mode.
+
+
+Output values
+-------------
+
+.. csv-table:: Output values for RMM_IDE_KEY_SET_STOP
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ Result,x0,[63:0],Error Code,Command return status
+
+Failure conditions
+------------------
+
+The table below shows all the possible error codes returned in ``Result`` upon
+a failure. The errors are ordered by condition check.
+
+.. csv-table:: Failure conditions for RMM_IDE_KEY_SET_STOP
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_OK``,The Key set stop is successful.
+ ``E_RMM_FAULT``,The Key set stop is not successful.
+ ``E_RMM_INVAL``,Incorrect arguments.
+ ``E_RMM_UNK``,Unknown error or the SMC is not present if the version is < 0.6.
+ ``E_RMM_AGAIN``,Returned only for non-blocking mode. IDE-KM interface is busy or request is full. Retry required.
+ ``E_RMM_INPROGRESS``,Returned only for non-blocking mode. The caller must issue RMM_IDE_KM_PULL_RESPONSE SMC to pull the response.
+
+
+RMM_IDE_KM_PULL_RESPONSE command
+================================
+
+Retrieve the response from Root Port to a previous non-blocking IDE-KM SMC request as part of
+Device Assignment flow. This command is available from v0.6 of the RMM-EL3 interface.
+
+Please refer to `IDE-KM RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_
+for description of the IDE setup sequence and info on how this will be invoked by RMM.
+
+The response from this call could correspond to any of the last pending requests and the
+RMM needs to identify the request and populate the response. For blocking calls, this SMC
+always returns E_RMM_UNK.
+
+FID
+---
+
+``0xC40001BA``
+
+Input values
+------------
+
+.. csv-table:: Input values for RMM_IDE_KM_PULL_RESPONSE
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ fid,x0,[63:0],UInt64,Command FID
+ ecam_address,x1,[63:0],UInt64,Used to identify the root complex(RC)
+ rp_id,x2,[63:0],UInt64,Used to identify the root port within the root complex(RC)
+
+
+Output values
+-------------
+
+.. csv-table:: Output values for RMM_IDE_KM_PULL_RESPONSE
+ :header: "Name", "Register", "Field", "Type", "Description"
+ :widths: 1 1 1 1 5
+
+ Result,x0,[63:0],Error Code,Command return status
+ Result,x1,[63:0],Error Code,Retrieved response corresponding to previous IDE_KM requests.
+ Result,x2,[63:0],value,passthrough from requested SMC
+ Result,x3,[63:0],value,passthrough from requested SMC
+
+Failure conditions
+------------------
+
+The table below shows all the possible error codes returned in ``Result`` upon
+a failure. The errors are ordered by condition check.
+
+.. csv-table:: Failure conditions for RMM_IDE_KM_PULL_RESPONSE(x0)
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_OK``,Response is retrieved successfully.
+ ``E_RMM_INVAL``,Arguments to pull response SMC is not correct.
+ ``E_RMM_UNK``,Unknown error or the SMC is not present if the version is < 0.6.
+ ``E_RMM_AGAIN``,IDE-KM response queue is empty and no response is available.
+
+.. csv-table:: Failure conditions for RMM_IDE_KM_PULL_RESPONSE(x1)
+ :header: "ID", "Condition"
+ :widths: 1 5
+
+ ``E_RMM_OK``,The previous request was successful.
+ ``E_RMM_FAULT``,The previous request was not successful.
+ ``E_RMM_INVAL``,Arguments to previous request were incorrect.
+ ``E_RMM_UNK``,Previous request returned unknown error.
+
RMM-EL3 world switch register save restore convention
_____________________________________________________
@@ -768,47 +1025,53 @@
RMM-EL3 Boot Manifest structure
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The RMM-EL3 Boot Manifest v0.4 structure contains platform boot information passed
-from EL3 to RMM. The size of the Boot Manifest is 112 bytes.
+The RMM-EL3 Boot Manifest v0.5 structure contains platform boot information passed
+from EL3 to RMM. The size of the Boot Manifest is 160 bytes.
The members of the RMM-EL3 Boot Manifest structure are shown in the following
table:
-+--------------------+--------+-------------------+----------------------------------------------+
-| Name | Offset | Type | Description |
-+====================+========+===================+==============================================+
-| version | 0 | uint32_t | Boot Manifest version |
-+--------------------+--------+-------------------+----------------------------------------------+
-| padding | 4 | uint32_t | Reserved, set to 0 |
-+--------------------+--------+-------------------+----------------------------------------------+
-| plat_data | 8 | uintptr_t | Pointer to Platform Data section |
-+--------------------+--------+-------------------+----------------------------------------------+
-| plat_dram | 16 | memory_info | NS DRAM Layout Info structure |
-+--------------------+--------+-------------------+----------------------------------------------+
-| plat_console | 40 | console_list | List of consoles available to RMM |
-+--------------------+--------+-------------------+----------------------------------------------+
-| plat_ncoh_region | 64 | memory_info | Device non-coherent ranges Info structure |
-+--------------------+--------+-------------------+----------------------------------------------+
-| plat_coh_region | 88 | memory_info | Device coherent ranges Info structure |
-+--------------------+--------+-------------------+----------------------------------------------+
++-------------------+--------+-------------------+----------------------------------------------+
+| Name | Offset | Type | Description |
++===================+========+===================+==============================================+
+| version | 0 | uint32_t | Boot Manifest version |
++-------------------+--------+-------------------+----------------------------------------------+
+| padding | 4 | uint32_t | Reserved, set to 0 |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_data | 8 | uint64_t | Pointer to Platform Data section |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_dram | 16 | memory_info | NS DRAM Layout Info structure |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_console | 40 | console_list | List of consoles available to RMM |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_ncoh_region | 64 | memory_info | Device non-coherent ranges Info structure |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_coh_region | 88 | memory_info | Device coherent ranges Info structure |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_smmu | 112 | smmu_list | List of SMMUs available to RMM |
+| | | | (from Boot Manifest v0.5) |
++-------------------+--------+-------------------+----------------------------------------------+
+| plat_root_complex | 136 | root_complex_list | List of PCIe root complexes available to RMM |
+| | | | (from Boot Manifest v0.5) |
++-------------------+--------+-------------------+----------------------------------------------+
.. _memory_info_struct:
Memory Info structure
-~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~
Memory Info structure contains information about platform memory layout.
The members of this structure are shown in the table below:
-+-----------+--------+----------------+----------------------------------------+
-| Name | Offset | Type | Description |
-+===========+========+================+========================================+
-| num_banks | 0 | uint64_t | Number of memory banks/device regions |
-+-----------+--------+----------------+----------------------------------------+
-| banks | 8 | memory_bank * | Pointer to 'memory_bank'[] array |
-+-----------+--------+----------------+----------------------------------------+
-| checksum | 16 | uint64_t | Checksum |
-+-----------+--------+----------------+----------------------------------------+
++-----------+--------+---------------+----------------------------------------+
+| Name | Offset | Type | Description |
++===========+========+===============+========================================+
+| num_banks | 0 | uint64_t | Number of memory banks/device regions |
++-----------+--------+---------------+----------------------------------------+
+| banks | 8 | memory_bank * | Pointer to 'memory_bank'[] array |
++-----------+--------+---------------+----------------------------------------+
+| checksum | 16 | uint64_t | Checksum |
++-----------+--------+---------------+----------------------------------------+
Checksum is calculated as two's complement sum of 'num_banks', 'banks' pointer
and memory banks data array pointed by it.
@@ -820,13 +1083,13 @@
Memory Bank structure contains information about each memory bank/device region:
-+-----------+--------+----------------+--------------------------------------------+
-| Name | Offset | Type | Description |
-+===========+========+================+============================================+
-| base | 0 | uintptr_t | Base address |
-+-----------+--------+----------------+--------------------------------------------+
-| size | 8 | uint64_t | Size of memory bank/device region in bytes |
-+-----------+--------+----------------+--------------------------------------------+
++------+--------+----------+--------------------------------------------+
+| Name | Offset | Type | Description |
++======+========+==========+============================================+
+| base | 0 | uint64_t | Base address |
++------+--------+----------+--------------------------------------------+
+| size | 8 | uint64_t | Size of memory bank/device region in bytes |
++------+--------+----------+--------------------------------------------+
.. _console_list_struct:
@@ -836,15 +1099,15 @@
Console List structure contains information about the available consoles for RMM.
The members of this structure are shown in the table below:
-+--------------+--------+----------------+-------------------------------------+
-| Name | Offset | Type | Description |
-+==============+========+================+=====================================+
-| num_consoles | 0 | uint64_t | Number of consoles |
-+--------------+--------+----------------+-------------------------------------+
-| consoles | 8 | console_info * | Pointer to 'console_info'[] array |
-+--------------+--------+----------------+-------------------------------------+
-| checksum | 16 | uint64_t | Checksum |
-+--------------+--------+----------------+-------------------------------------+
++--------------+--------+----------------+-----------------------------------+
+| Name | Offset | Type | Description |
++==============+========+================+===================================+
+| num_consoles | 0 | uint64_t | Number of consoles |
++--------------+--------+----------------+-----------------------------------+
+| consoles | 8 | console_info * | Pointer to 'console_info'[] array |
++--------------+--------+----------------+-----------------------------------+
+| checksum | 16 | uint64_t | Checksum |
++--------------+--------+----------------+-----------------------------------+
Checksum is calculated as two's complement sum of 'num_consoles', 'consoles'
pointer and the consoles array pointed by it.
@@ -856,21 +1119,144 @@
Console Info structure contains information about each Console available to RMM.
-+-----------+--------+---------------+-----------------------------------------+
-| Name | Offset | Type | Description |
-+===========+========+===============+=========================================+
-| base | 0 | uintptr_t | Console Base address |
-+-----------+--------+---------------+-----------------------------------------+
-| map_pages | 8 | uint64_t | Num of pages to map for console MMIO |
-+-----------+--------+---------------+-----------------------------------------+
-| name | 16 | char[8] | Name of console |
-+-----------+--------+---------------+-----------------------------------------+
-| clk_in_hz | 24 | uint64_t | UART clock (in Hz) for console |
-+-----------+--------+---------------+-----------------------------------------+
-| baud_rate | 32 | uint64_t | Baud rate |
-+-----------+--------+---------------+-----------------------------------------+
-| flags | 40 | uint64_t | Additional flags (RES0) |
-+-----------+--------+---------------+-----------------------------------------+
++-----------+--------+----------+--------------------------------------+
+| Name | Offset | Type | Description |
++===========+========+==========+======================================+
+| base | 0 | uint64_t | Console Base address |
++-----------+--------+----------+--------------------------------------+
+| map_pages | 8 | uint64_t | Num of pages to map for console MMIO |
++-----------+--------+----------+--------------------------------------+
+| name | 16 | char[8] | Name of console |
++-----------+--------+----------+--------------------------------------+
+| clk_in_hz | 24 | uint64_t | UART clock (in Hz) for console |
++-----------+--------+----------+--------------------------------------+
+| baud_rate | 32 | uint64_t | Baud rate |
++-----------+--------+----------+--------------------------------------+
+| flags | 40 | uint64_t | Additional flags (RES0) |
++-----------+--------+----------+--------------------------------------+
+
+.. _smmu_list_struct:
+
+SMMU List structure
+~~~~~~~~~~~~~~~~~~~
+
+SMMU List structure contains information about SMMUs available for RMM.
+The members of this structure are shown in the table below:
+
++-----------+--------+-------------+--------------------------------+
+| Name | Offset | Type | Description |
++===========+========+=============+================================+
+| num_smmus | 0 | uint64_t | Number of SMMUs |
++-----------+--------+-------------+--------------------------------+
+| smmus | 8 | smmu_info * | Pointer to 'smmu_info'[] array |
++-----------+--------+-------------+--------------------------------+
+| checksum | 16 | uint64_t | Checksum |
++-----------+--------+-------------+--------------------------------+
+
+.. _smmu_info_struct:
+
+SMMU Info structure
+~~~~~~~~~~~~~~~~~~~
+
+SMMU Info structure contains information about each SMMU available to RMM.
+
++-------------+--------+----------+-------------------------------+
+| Name | Offset | Type | Description |
++=============+========+==========+===============================+
+| smmu_base | 0 | uint64_t | SMMU Base address |
++-------------+--------+----------+-------------------------------+
+| smmu_r_base | 8 | uint64_t | SMMU Realm Pages base address |
++-------------+--------+----------+-------------------------------+
+
+.. _root_complex_list_struct:
+
+Root Complex List structure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Root Complex List structure contains information about PCIe root complexes available for RMM.
+The members of this structure are shown in the table below.
+
++------------------+--------+---------------------+-------------------------------------+
+| Name | Offset | Type | Description |
++==================+========+=====================+=====================================+
+| num_root_complex | 0 | uint64_t | Number of root complexes |
++------------------+--------+---------------------+-------------------------------------+
+| rc_info_version | 8 | uint32_t | Root Complex Info structure version |
++------------------+--------+---------------------+-------------------------------------+
+| padding | 12 | uint32_t | Reserved, set to 0 |
++------------------+--------+---------------------+-------------------------------------+
+| root_complex | 16 | root_complex_info * | Pointer to 'root_complex'[] array |
++------------------+--------+---------------------+-------------------------------------+
+| checksum | 24 | uint64_t | Checksum |
++------------------+--------+---------------------+-------------------------------------+
+
+The checksum calculation of Root Complex List structure includes all data structures
+referenced by 'root_complex_info' pointer.
+
+.. _root_complex_info_struct:
+
+Root Complex Info structure
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Root Complex Info structure contains information about each PCIe root complex available to RMM.
+The table below describes the members of this structure as per v0.1.
+
++-----------------+--------+------------------+-------------------------------------+
+| Name | Offset | Type | Description |
++=================+========+==================+=====================================+
+| ecam_base | 0 | uint64_t | PCIe ECAM Base address |
++-----------------+--------+------------------+-------------------------------------+
+| segment | 8 | uint8_t | PCIe segment identifier |
++-----------------+--------+------------------+-------------------------------------+
+| padding[3] | 9 | uint8_t | Reserved, set to 0 |
++-----------------+--------+------------------+-------------------------------------+
+| num_root_ports | 12 | uint32_t | Number of root ports |
++-----------------+--------+------------------+-------------------------------------+
+| root_ports | 16 | root_port_info * | Pointer to 'root_port_info'[] array |
++-----------------+--------+------------------+-------------------------------------+
+
+The Root Complex Info structure version uses the same numbering scheme as described in
+:ref:`rmm_el3_ifc_versioning`.
+
+.. _root_port_info_struct:
+
+Root Port Info structure
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+Root Complex Info structure contains information about each root port in PCIe root complex.
+
++------------------+--------+--------------------+---------------------------------------+
+| Name | Offset | Type | Description |
++==================+========+====================+=======================================+
+| root_port_id | 0 | uint16_t | Root Port identifier |
++------------------+--------+--------------------+---------------------------------------+
+| padding | 2 | uint16_t | Reserved, set to 0 |
++------------------+--------+--------------------+---------------------------------------+
+| num_bdf_mappings | 4 | uint32_t | Number of BDF mappings |
++------------------+--------+--------------------+---------------------------------------+
+| bdf_mappings | 8 | bdf_mapping_info * | Pointer to 'bdf_mapping_info'[] array |
++------------------+--------+--------------------+---------------------------------------+
+
+.. _bdf_mapping_info_struct:
+
+BDF Mapping Info structure
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+BDF Mapping Info structure contains information about each Device-Bus-Function (BDF) mapping
+for PCIe root port.
+
++--------------+--------+----------+------------------------------------------------------+
+| Name | Offset | Type | Description |
++==============+========+==========+======================================================+
+| mapping_base | 0 | uint16_t | Base of BDF mapping (inclusive) |
++--------------+--------+----------+------------------------------------------------------+
+| mapping_top | 2 | uint16_t | Top of BDF mapping (exclusive) |
++--------------+--------+----------+------------------------------------------------------+
+| mapping_off | 4 | uint16_t | Mapping offset, as per Arm Base System Architecture: |
+| | | | StreamID = RequesterID[N-1:0] + (1<<N)*Constant_B |
++--------------+--------+----------+------------------------------------------------------+
+| smmu_idx | 6 | uint16_t | SMMU index in 'smmu_info'[] array |
++--------------+--------+----------+------------------------------------------------------+
.. _el3_token_sign_request_struct:
diff --git a/docs/components/xlat-tables-lib-v2-design.rst b/docs/components/xlat-tables-lib-v2-design.rst
index cac32f5..c7fd5a2 100644
--- a/docs/components/xlat-tables-lib-v2-design.rst
+++ b/docs/components/xlat-tables-lib-v2-design.rst
@@ -10,7 +10,7 @@
More specifically, some use cases that this library aims to support are:
#. Statically allocate translation tables and populate them (at run-time) based
- upon a description of the memory layout. The memory layout is typically
+ on a description of the memory layout. The memory layout is typically
provided by the platform port as a list of memory regions;
#. Support for generating translation tables pertaining to a different
@@ -26,28 +26,22 @@
#. Support for changing memory attributes of memory regions at run-time.
-About version 1, version 2 and MPU libraries
---------------------------------------------
+About version 1 and version 2
+-----------------------------
This document focuses on version 2 of the library, whose sources are available
in the ``lib/xlat_tables_v2`` directory. Version 1 of the library can still be
found in ``lib/xlat_tables`` directory but it is less flexible and doesn't
-support dynamic mapping. ``lib/xlat_mpu``, which configures Arm's MPU
-equivalently, is also addressed here. The ``lib/xlat_mpu`` is experimental,
-meaning that its API may change. It currently strives for consistency and
-code-reuse with xlat_tables_v2. Future versions may be more MPU-specific (e.g.,
-removing all mentions of virtual addresses). Although potential bug fixes will
-be applied to all versions of the xlat_* libs, future feature enhancements will
-focus on version 2 and might not be back-ported to version 1 and MPU versions.
-Therefore, it is recommended to use version 2, especially for new platform
-ports (unless the platform uses an MPU).
+support dynamic mapping. Although potential bug fixes will be applied to both
+versions, future features enhancements will focus on version 2 and might not be
+back-ported to version 1. Therefore, it is recommended to use version 2,
+especially for new platform ports.
-However, please note that version 2 and the MPU version are still in active
-development and is not considered stable yet. Hence, compatibility breaks might
-be introduced.
+However, please note that version 2 is still in active development and is not
+considered stable yet. Hence, compatibility breaks might be introduced.
From this point onwards, this document will implicitly refer to version 2 of the
-library, unless stated otherwise.
+library.
Design concepts and interfaces
@@ -108,16 +102,6 @@
library will choose the mapping granularity for this region as it sees fit (more
details can be found in `The memory mapping algorithm`_ section below).
-The MPU library also uses ``struct mmap_region`` to specify translations, but
-the MPU's translations are limited to specification of valid addresses and
-access permissions. If the requested virtual and physical addresses mismatch
-the system will panic. Being register-based for deterministic memory-reference
-timing, the MPU hardware does not involve memory-resident translation tables.
-
-Currently, the MPU library is also limited to MPU translation at EL2 with no
-MMU translation at other ELs. These limitations, however, are expected to be
-overcome in future library versions.
-
Translation Context
~~~~~~~~~~~~~~~~~~~
@@ -231,8 +215,7 @@
The ``MAP_REGION()`` and ``MAP_REGION_FLAT()`` macros do not allow specifying a
mapping granularity, which leaves the library implementation free to choose
it. However, in cases where a specific granularity is required, the
-``MAP_REGION2()`` macro might be used instead. Using ``MAP_REGION_FLAT()`` only
-to define regions for the MPU library is strongly recommended.
+``MAP_REGION2()`` macro might be used instead.
As explained earlier in this document, when the dynamic mapping feature is
disabled, there is no notion of dynamic regions. Conceptually, there are only
@@ -391,9 +374,6 @@
refer to the comments in the source code of the core module for more details
about the sorting algorithm in use.
-This mapping algorithm does not apply to the MPU library, since the MPU hardware
-directly maps regions by "base" and "limit" (bottom and top) addresses.
-
TLB maintenance operations
~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -410,11 +390,6 @@
is deferred to the ``enable_mmu*()`` family of functions, just before the MMU is
turned on.
-Regarding enabling and disabling memory management, for the MPU library, to
-reduce confusion, calls to enable or disable the MPU use ``mpu`` in their names
-in place of ``mmu``. For example, the ``enable_mmu_el2()`` call is changed to
-``enable_mpu_el2()``.
-
TLB invalidation is not required when adding dynamic regions either. Dynamic
regions are not allowed to overlap existing memory region. Therefore, if the
dynamic mapping request is deemed legitimate, it automatically concerns memory
@@ -437,6 +412,6 @@
--------------
-*Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.*
.. |Alignment Example| image:: ../resources/diagrams/xlat_align.png
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index 6562139..117372f 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -311,10 +311,6 @@
- ``ERRATA_A78_1952683``: This applies errata 1952683 workaround to Cortex-A78
CPU. This needs to be enabled for revision r0p0, it is fixed in r1p0.
-- ``ERRATA_A78_2132060``: This applies errata 2132060 workaround to Cortex-A78
- CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, and r1p2. It
- is still open.
-
- ``ERRATA_A78_2242635``: This applies errata 2242635 workaround to Cortex-A78
CPU. This needs to be enabled for revisions r1p0, r1p1, and r1p2. The issue
is present in r0p0 but there is no workaround. It is still open.
@@ -377,10 +373,6 @@
Cortex-A78C CPU. This needs to be enabled for revision r0p0. The erratum is
fixed in r0p1.
-- ``ERRATA_A78C_2132064`` : This applies errata 2132064 workaround to
- Cortex-A78C CPU. This needs to be enabled for revisions r0p1, r0p2 and
- it is still open.
-
- ``ERRATA_A78C_2242638`` : This applies errata 2242638 workaround to
Cortex-A78C CPU. This needs to be enabled for revisions r0p1, r0p2 and
it is still open.
@@ -505,10 +497,6 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the
CPU. It is still open.
-- ``ERRATA_V1_2108267``: This applies errata 2108267 workaround to Neoverse-V1
- CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the CPU.
- It is still open.
-
- ``ERRATA_V1_2216392``: This applies errata 2216392 workaround to Neoverse-V1
CPU. This needs to be enabled for revisions r1p0 and r1p1 of the CPU, the
issue is present in r0p0 as well but there is no workaround for that
@@ -545,10 +533,6 @@
For Neoverse V2, the following errata build flags are defined :
-- ``ERRATA_V2_2331132``: This applies errata 2331132 workaround to Neoverse-V2
- CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2. It is still
- open.
-
- ``ERRATA_V2_2618597``: This applies errata 2618597 workaround to Neoverse-V2
CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in
r0p2.
@@ -609,10 +593,6 @@
Cortex-A710 CPU. This needs to be enabled for revision r2p0 of the CPU and
is still open.
-- ``ERRATA_A710_2058056``: This applies errata 2058056 workaround to
- Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
- and r2p1 of the CPU and is still open.
-
- ``ERRATA_A710_2267065``: This applies errata 2267065 workaround to
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
of the CPU and is fixed in r2p1.
@@ -686,9 +666,6 @@
- ``ERRATA_N2_2138956``: This applies errata 2138956 workaround to Neoverse-N2
CPU. This needs to be enabled for revision r0p0 of the CPU and is fixed in r0p1.
-- ``ERRATA_N2_2138953``: This applies errata 2138953 workaround to Neoverse-N2
- CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2, r0p3 and is still open.
-
- ``ERRATA_N2_2242415``: This applies errata 2242415 workaround to Neoverse-N2
CPU. This needs to be enabled for revision r0p0 of the CPU and is fixed in r0p1.
@@ -752,10 +729,6 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, and r2p0 of the CPU,
it is still open.
-- ``ERRATA_X2_2058056``: This applies errata 2058056 workaround to Cortex-X2
- CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the CPU,
- it is still open.
-
- ``ERRATA_X2_2083908``: This applies errata 2083908 workaround to Cortex-X2
CPU. This needs to be enabled for revision r2p0 of the CPU, it is still open.
@@ -806,10 +779,6 @@
For Cortex-X3, the following errata build flags are defined :
-- ``ERRATA_X3_2070301``: This applies errata 2070301 workaround to the Cortex-X3
- CPU. This needs to be enabled only for revisions r0p0, r1p0, r1p1 and r1p2 of
- the CPU and is still open.
-
- ``ERRATA_X3_2266875``: This applies errata 2266875 workaround to the Cortex-X3
CPU. This needs to be enabled only for revisions r0p0 and r1p0 of the CPU, it
is fixed in r1p1.
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index cf8cbc7..1306ecb 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -2599,6 +2599,9 @@
section section can be reclaimed for any data which is accessed after cold
boot initialization and it is upto the platform to make the decision.
+Please note that this will disable inlining for any functions with the __init
+attribute.
+
.. _firmware_design_pmf:
Performance Measurement Framework
diff --git a/docs/design_documents/measured_boot.rst b/docs/design_documents/measured_boot.rst
index 1f76770..a9d2fa9 100644
--- a/docs/design_documents/measured_boot.rst
+++ b/docs/design_documents/measured_boot.rst
@@ -231,9 +231,9 @@
- Public key data size is passed as the third argument to this function.
- This function must return 0 on success, a signed integer error code
otherwise.
- - In TC2 platform, this function is used to calculate the hash of the given
- key and forward this hash to |RSE| alongside the measurement of the image
- which the key signs.
+ - In Total Compute platform, this function is used to calculate the hash
+ of the given key and forward this hash to |RSE| alongside the measurement
+ of the image which the key signs.
--------------
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index b5814bb..32daf1e 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -113,12 +113,16 @@
- ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication
and ARMv8.5 Branch Target Identification support for TF-A BL images themselves.
If enabled, it is needed to use a compiler that supports the option
- ``-mbranch-protection``. Selects the branch protection features to use:
-- 0: Default value turns off all types of branch protection
+ ``-mbranch-protection``. The value of the ``-march`` (via ``ARM_ARCH_MINOR``
+ and ``ARM_ARCH_MAJOR``) option will control which instructions will be
+ emitted (HINT space or not). Selects the branch protection features to use:
+- 0: Default value turns off all types of branch protection (FEAT_STATE_DISABLED)
- 1: Enables all types of branch protection features
- 2: Return address signing to its standard level
- 3: Extend the signing to include leaf functions
- 4: Turn on branch target identification mechanism
+- 5: Enables all types of branch protection features, only if present in
+ hardware (FEAT_STATE_CHECK).
The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options
and resulting PAuth/BTI features.
@@ -136,6 +140,8 @@
+-------+--------------+-------+-----+
| 4 | bti | N | Y |
+-------+--------------+-------+-----+
+ | 5 | dynamic | Y | Y |
+ +-------+--------------+-------+-----+
This option defaults to 0.
Note that Pointer Authentication is enabled for Non-secure world
@@ -198,11 +204,13 @@
- ``CTX_INCLUDE_PAUTH_REGS``: Numeric value to enable the Pointer
Authentication for Secure world. This will cause the ARMv8.3-PAuth registers
to be included when saving and restoring the CPU context as part of world
- switch. This flag can take values 0 to 2, to align with ``ENABLE_FEAT``
- mechanism. Default value is 0.
+ switch. Automatically enabled when ``BRANCH_PROTECTION`` is enabled. This flag
+ can take values 0 to 2, to align with ``ENABLE_FEAT`` mechanism. Default value
+ is 0.
Note that Pointer Authentication is enabled for Non-secure world irrespective
- of the value of this flag if the CPU supports it.
+ of the value of this flag if the CPU supports it. Alternatively, when
+ ``BRANCH_PROTECTION`` is enabled, this flag is superseded.
- ``CTX_INCLUDE_SVE_REGS``: Boolean option that, when set to 1, will cause the
SVE registers to be included when saving and restoring the CPU context. Note
@@ -397,6 +405,12 @@
flag can take values 0 to 2, to align with the ``ENABLE_FEAT``
mechanism. Default value is ``0``.
+- ``ENABLE_FEAT_PAUTH_LR``: Numeric value to enable the ``FEAT_PAUTH_LR``
+ extension. ``FEAT_PAUTH_LR`` is an optional feature available from Arm v9.4
+ onwards. This feature requires PAUTH to be enabled via the
+ ``BRANCH_PROTECTION`` flag. This flag can take the values 0 to 2, to align
+ with the ``ENABLE_FEAT`` mechanism. Default value is ``0``.
+
- ``ENABLE_FEAT_RNG``: Numeric value to enable the ``FEAT_RNG`` extension.
``FEAT_RNG`` is an optional feature available on Arm v8.5 onwards. This
flag can take the values 0 to 2, to align with the ``ENABLE_FEAT``
@@ -1280,11 +1294,37 @@
This option should only be enabled on a need basis if there is a use case for
reading characters from the console.
-GICv3 driver options
+GIC driver options
--------------------
-GICv3 driver files are included using directive:
+The generic GIC driver can be included with the ``USE_GIC_DRIVER`` option. It is
+a numeric option that can take the following values:
+ - ``0``: generic GIC driver not enabled. Any support is entirely in platform
+ code. Strongly discouraged for GIC based interrupt controllers.
+
+ - ``1``: enable the use of the generic GIC driver but do not include any files
+ or function definitions. It is then the platform's responsibility to provide
+ these. This is useful if the platform either has a custom GIC implementation
+ or an alternative interrupt controller design. Use of this option is strongly
+ discouraged for standard GIC implementations.
+
+ - ``2``: use the GICv2 driver
+
+ - ``3``: use the GICv3 driver. See the next section on how to further configure
+ it. Use this option for GICv4 implementations.
+
+ For GIC driver versions other than ``1``, deciding when to save and restore GIC
+ context on a power domain state transition, as well as any GIC actions outside
+ of the PSCI library's visibility are the platform's responsibility. The driver
+ provides implementations of all necessary subroutines, they only need to be
+ called as appropriate.
+
+GICv3 driver options
+~~~~~~~~~~~~~~~~~~~~
+
+``USE_GIC_DRIVER=3`` is the preferred way of including GICv3 driver files. The
+old (deprecated) way of included them is using the directive:
``include drivers/arm/gic/v3/gicv3.mk``
The driver can be configured with the following options set in the platform
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index 768e4fe..da7a2c3 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -27,11 +27,11 @@
Program Min supported version
======================== =====================
Arm Compiler 6.23
-Arm GNU Compiler 13.3
+Arm GNU Compiler 14.2
Clang/LLVM 18.1.8
Device Tree Compiler 1.6.1
GNU make 3.81
-mbed TLS\ [#f1]_ 3.6.2
+mbed TLS\ [#f1]_ 3.6.3
Node.js [#f2]_ 16
OpenSSL 1.0.0
Poetry 1.3.2
@@ -51,7 +51,7 @@
AArch64 builds, the respective targets required are ``arm-none-eabi`` and
``aarch64-none-elf``.
-Testing has been performed with version 13.3.Rel1 (gcc 13.3) of the Arm
+Testing has been performed with version 14.2.Rel1 (GCC 14.2) of the Arm
GNU compiler, which can be installed from the `Arm Developer website`_.
In addition, a native compiler is required to build supporting tools.
diff --git a/docs/plat/arm/fvp/fvp-support.rst b/docs/plat/arm/fvp/fvp-support.rst
index 0ce1905..9535005 100644
--- a/docs/plat/arm/fvp/fvp-support.rst
+++ b/docs/plat/arm/fvp/fvp-support.rst
@@ -1,8 +1,16 @@
Fixed Virtual Platform (FVP) Support
------------------------------------
-This section lists the supported Arm |FVP| platforms. Please refer to the FVP
-documentation for a detailed description of the model parameter options.
+An |FVP| provides a complete simulation of an Arm system. This is a generic term
+used for all kinds of vastly different and incompatible systems. One category of
+these systems are the ``FVP_Base`` family of FVPs. These are entirely virtual
+platforms, largely used for early feature development. They offer a large
+degrees of customisation but share a lot of similarities. The ``fvp`` platform
+in TF-A supports these platforms only. Despite the generic name, other FVPs (eg
+FVP_TC4) have their own dedicated TF-A platforms and will not work with this one.
+
+Please refer to each FVP's documentation for a detailed description of the model
+parameter options.
The latest version of the AArch64 build of TF-A has been tested on the following
Arm FVPs without shifted affinities, and that do not support threaded CPU cores
@@ -41,9 +49,6 @@
- ``FVP_Base_Neoverse-N1``
- ``FVP_Base_Neoverse-N2``
- ``FVP_Base_Neoverse-V1``
-- ``FVP_BaseR_AEMv8R``
-- ``FVP_RD_1_AE``
-- ``FVP_TC4``
The latest version of the AArch32 build of TF-A has been tested on the
following Arm FVPs without shifted affinities, and that do not support threaded
@@ -58,9 +63,8 @@
is not compatible with legacy GIC configurations. Therefore this FVP does not
support these legacy GIC configurations.
-The *Foundation* and *Base* FVPs can be downloaded free of charge. See the `Arm
-FVP website`_. The Cortex-A models listed above are also available to download
-from `Arm's website`_.
+The *Foundation* and *Base* FVPs can be downloaded free of charge. See the
+`Arm's website`_ for download options of all FVPs.
.. note::
The build numbers quoted above are those reported by launching the FVP
@@ -94,7 +98,5 @@
*Copyright (c) 2019-2025, Arm Limited. All rights reserved.*
-.. _Arm's website: `FVP models`_
-.. _FVP models: https://developer.arm.com/products/system-design/fixed-virtual-platforms
+.. _Arm's website: https://developer.arm.com/products/system-design/fixed-virtual-platforms
.. _Linaro Release 20.01: http://releases.linaro.org/members/arm/platforms/20.01
-.. _Arm FVP website: https://developer.arm.com/products/system-design/fixed-virtual-platforms
diff --git a/docs/plat/arm/fvp_r/index.rst b/docs/plat/arm/fvp_r/index.rst
deleted file mode 100644
index 8af16ba..0000000
--- a/docs/plat/arm/fvp_r/index.rst
+++ /dev/null
@@ -1,46 +0,0 @@
-ARM V8-R64 Fixed Virtual Platform (FVP)
-=======================================
-
-Some of the features of Armv8-R AArch64 FVP platform referenced in Trusted
-Boot R-class include:
-
-- Secure World Support Only
-- EL2 as Maximum EL support (No EL3)
-- MPU Support only at EL2
-- MPU or MMU Support at EL0/EL1
-- AArch64 Support Only
-- Trusted Board Boot
-
-Further information on v8-R64 FVP is available at `info <https://developer.arm.com/documentation/ddi0600/latest/>`_
-
-Boot Sequence
--------------
-
-BL1 –> BL33
-
-The execution begins from BL1 which loads the BL33 image, a boot-wrapped (bootloader + Operating System)
-Operating System, from FIP to DRAM.
-
-Build Procedure
-~~~~~~~~~~~~~~~
-
-- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
- Set the CROSS_COMPILE environment variable to point to the toolchain folder.
-
-- Build TF-A:
-
- .. code:: shell
-
- make PLAT=fvp_r BL33=<path_to_os.bin> all fip
-
- Enable TBBR by adding the following options to the make command:
-
- .. code:: shell
-
- MBEDTLS_DIR=<path_to_mbedtls_directory> \
- TRUSTED_BOARD_BOOT=1 \
- GENERATE_COT=1 \
- ARM_ROTPK_LOCATION=devel_rsa \
- ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
-
-*Copyright (c) 2021, Arm Limited. All rights reserved.*
diff --git a/docs/plat/arm/index.rst b/docs/plat/arm/index.rst
index 35c0c59..652337e 100644
--- a/docs/plat/arm/index.rst
+++ b/docs/plat/arm/index.rst
@@ -7,7 +7,6 @@
juno/index
fvp/index
- fvp_r/index
fvp-ve/index
tc/index
arm_fpga/index
@@ -22,4 +21,4 @@
--------------
-*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2025, Arm Limited. All rights reserved.*
diff --git a/docs/plat/arm/tc/index.rst b/docs/plat/arm/tc/index.rst
index 467738c..d57b48e 100644
--- a/docs/plat/arm/tc/index.rst
+++ b/docs/plat/arm/tc/index.rst
@@ -17,12 +17,8 @@
the Total Compute platform number. The platforms support the CPU variants
listed as below:
-- TC0 has support for Cortex A510, Cortex A710 and Cortex X2. (Note TC0 is now deprecated)
-- TC1 has support for Cortex A510, Cortex A715 and Cortex X3. (Note TC1 is now deprecated)
-- TC2 has support for Cortex A520, Cortex A720 and Cortex x4. (Note TC2 is now deprecated)
- TC3 has support for Cortex A520, Cortex A725 and Cortex x925.
-
Boot Sequence
-------------
@@ -59,6 +55,6 @@
--------------
-*Copyright (c) 2020-2023, Arm Limited. All rights reserved.*
+*Copyright (c) 2020-2025, Arm Limited. All rights reserved.*
.. _Arm Toolchain: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads
diff --git a/docs/plat/index.rst b/docs/plat/index.rst
index 0b53d1d..a30f55d 100644
--- a/docs/plat/index.rst
+++ b/docs/plat/index.rst
@@ -22,6 +22,7 @@
mt8183
mt8186
mt8188
+ mt8189
mt8192
mt8195
mt8196
@@ -63,8 +64,6 @@
currently have associated documentation:
- Arm Neoverse N1 System Development Platform (N1SDP)
- - Arm Neoverse Reference Design N1 Edge (RD-N1-Edge) FVP
- - Arm SGI-575
- MediaTek MT8173 SoCs
Deprecated platforms
@@ -73,10 +72,25 @@
+----------------+----------------+--------------------+--------------------+
| Platform | Vendor | Deprecated version | Deleted version |
+================+================+====================+====================+
-| TC2 | Arm | 2.12 | TBD |
+| TC2 | Arm | 2.12 | 2.13 |
+| | | | |
++----------------+----------------+--------------------+--------------------+
+| fvp_r | Arm | 2.13 | 2.13 |
+| | | | |
++----------------+----------------+--------------------+--------------------+
+| SGI-575 | Arm | 2.13 | 2.13 |
+| | | | |
++----------------+----------------+--------------------+--------------------+
+| RD-N1-Edge | Arm | 2.13 | 2.13 |
+| | | | |
++----------------+----------------+--------------------+--------------------+
+| RD-V1 | Arm | 2.13 | 2.13 |
+| | | | |
++----------------+----------------+--------------------+--------------------+
+| RD-V1-MC | Arm | 2.13 | 2.13 |
| | | | |
+----------------+----------------+--------------------+--------------------+
--------------
-*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2025, Arm Limited. All rights reserved.*
diff --git a/docs/plat/mt8189.rst b/docs/plat/mt8189.rst
new file mode 100644
index 0000000..81aa129
--- /dev/null
+++ b/docs/plat/mt8189.rst
@@ -0,0 +1,22 @@
+MediaTek 8189
+=============
+
+MediaTek 8189 (MT8189) is a 64-bit ARM SoC introduced by MediaTek in 2024.
+The chip incorporates eight cores - six Cortex-A55 cores, two Cortex-A78
+cores.
+Cortex-A55 can operate at up to 2.0 GHz.
+Cortex-A78 can operate at up to 3.0 GHz.
+
+Boot Sequence
+-------------
+
+::
+
+ Boot Rom --> Coreboot --> TF-A BL31 --> Depthcharge --> Linux Kernel
+
+How to Build
+------------
+
+.. code:: shell
+
+ make CROSS_COMPILE=aarch64-linux-gnu- PLAT=mt8189 DEBUG=1 COREBOOT=1
diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst
index 327c67b..7e40e47 100644
--- a/docs/porting-guide.rst
+++ b/docs/porting-guide.rst
@@ -2460,6 +2460,163 @@
The function returns E_RMM_OK on success, RMM_E_INVAL if arguments are invalid and
E_RMM_UNK if the SMC is not implemented or if interface version is < 0.4.
+Function : plat_rmmd_el3_ide_key_program() [mandatory when RMMD_ENABLE_IDE_KEY_PROG == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uint64_t, uint64_t, uint64_t, struct rp_ide_key_info_t *, uint64_t, uint64_t
+ Return : int
+
+This function sets the key/IV info for an IDE stream at the Root port. The key is 256 bits
+and IV is 96 bits. The caller calls this SMC to program this key to the Rx and Tx ports
+and for each substream corresponding to a single keyset. The platform should validate
+the arguments `Ecam address` and `Rootport ID` before acting on it. The arguments `request ID`
+and `cookie` are to be ignored for blocking mode and are pass-through to the response for
+non-blocking mode.
+
+The platform needs to ensure proper exclusives are in place when accessed from multiple CPUs.
+Depending on the expected latency for IDE-KM interface, the platform should choose blocking
+or non-blocking semantics. More details about IDE Setup flow can be found
+in this `RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_.
+
+The parameters of the function are:
+
+ arg0 - The ecam address, to access and configure PCI devices in a system.
+
+ arg1 - The rootport ID used to identify the PCIe rootport of a connected device.
+
+ arg2 - The IDE stream info associated with a physical device, this parameter packs the
+ the keyset, direction, substream and stream ID info.
+
+ arg3 - Structure with key and IV info.
+
+ arg4 - The request ID, is used in non-blocking mode only and can be ignored in blocking mode.
+
+ arg5 - The cookie variable, is used in non-blocking mode only and can be ignored in blocking
+ mode.
+
+The function returns E_RMM_OK on success, E_RMM_INVAL if arguments are invalid, E_RMM_FAULT
+if the key programming is unsuccesful, E_RMM_UNK for an unknown error, E_RMM_AGAIN returned
+only for non-blocking mode if the IDE-KM interface is busy or the request queue is full.
+E_RMM_INPROGRESS returned if the request is queued successfully and used only in non-blocking
+mode.
+
+Function : plat_rmmd_el3_ide_key_set_go() [mandatory when RMMD_ENABLE_IDE_KEY_PROG == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uint64_t, uint64_t, uint64_t, uint64_t, uint64_t
+ Return : int
+
+This function activates the IDE stream at the Root Port once all the keys have been
+programmed. The platform should validate the arguments `Ecam address` and `Rootport ID`
+before acting on it. The arguments `request ID` and `cookie` are to be ignored for blocking
+mode and are pass-through to the response for non-blocking mode.
+
+The platform needs to ensure proper exclusives are in place when accessed from multiple CPUs.
+Depending on the expected latency for IDE-KM interface, the platform should choose blocking
+or non-blocking semantics. More details about IDE Setup flow can be found
+in this `RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_.
+
+The parameters of the function are:
+
+ arg0 - The ecam address, to access and configure PCI devices in a system.
+
+ arg1 - The rootport ID used to identify the PCIe rootport of a connected device.
+
+ arg2 - The IDE stream info associated with a physical device, this parameter packs the
+ the keyset, direction, substream and stream ID info.
+
+ arg3 - The request ID, is used in non-blocking mode only and can be ignored in blocking mode.
+
+ arg4 - The cookie variable, is used in non-blocking mode only and can be ignored in blocking
+ mode.
+
+The function returns E_RMM_OK on success, E_RMM_INVAL if arguments are invalid, E_RMM_FAULT
+if the key programming is unsuccesful, E_RMM_UNK for an unknown error, E_RMM_AGAIN returned
+only for non-blocking mode if the IDE-KM interface is busy or the request queue is full.
+E_RMM_INPROGRESS returned if the request is queued successfully and used only in non-blocking
+mode.
+
+Function : plat_rmmd_el3_ide_key_set_stop() [mandatory when RMMD_ENABLE_IDE_KEY_PROG == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uint64_t, uint64_t, uint64_t, uint64_t, uint64_t
+ Return : int
+
+This function stops the IDE stream and is used to tear down the IDE stream at Root Port.
+The platform should validate the arguments `Ecam address` and `Rootport ID` before acting
+on it. The arguments `request ID` and `cookie` are to be ignored for blocking
+mode and are pass-through to the response for non-blocking mode.
+
+The platform needs to ensure proper exclusives are in place when accessed from multiple CPUs.
+Depending on the expected latency for IDE-KM interface, the platform should choose blocking
+or non-blocking semantics. More details about IDE Setup flow can be found
+in this `RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_.
+
+The parameters of the function are:
+
+ arg0 - The ecam address, to access and configure PCI devices in a system.
+
+ arg1 - The rootport ID used to identify the PCIe rootport of a connected device.
+
+ arg2 - The IDE stream info associated with a physical device, this parameter packs the
+ the keyset, direction, substream and stream ID info.
+
+ arg3 - The request ID, is used in non-blocking mode only and can be ignored in blocking mode.
+
+ arg4 - The cookie variable, is used in non-blocking mode only and can be ignored in blocking
+ mode.
+
+The function returns E_RMM_OK on success, E_RMM_INVAL if arguments are invalid, E_RMM_FAULT
+if the key programming is unsuccesful, E_RMM_UNK for an unknown error, E_RMM_AGAIN returned
+only for non-blocking mode if the IDE-KM interface is busy or the request queue is full.
+E_RMM_INPROGRESS returned if the request is queued successfully and used only in non-blocking
+mode.
+
+Function : plat_rmmd_el3_ide_km_pull_response() [mandatory when RMMD_ENABLE_IDE_KEY_PROG == 1]
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ Argument : uint64_t, uint64_t, uint64_t *, uint64_t *, uint64_t *
+ Return : int
+
+This function retrieves a reponse for any of the prior non-blocking IDE-KM requests. The
+caller has to identify the request and populate the accurate response. For blocking calls,
+this function always returns E_RMM_UNK.
+
+The platform needs to ensure proper exclusives are in place when accessed from multiple CPUs.
+Depending on the expected latency for IDE-KM interface, the platform should choose blocking
+or non-blocking semantics. More details about IDE Setup flow can be found
+in this `RFC <https://github.com/TF-RMM/tf-rmm/wiki/RFC:-EL3-RMM-IDE-KM-Interface>`_.
+
+The parameters of the function are:
+
+ arg0 - The ecam address, to access and configure PCI devices in a system.
+
+ arg1 - The rootport ID used to identify the PCIe rootport of a connected device.
+
+ arg2 - Retrieved response corresponding to the previous IDE_KM request.
+
+ arg3 - returns the passthrough request ID of the retrieved response.
+
+ arg4 - returns the passthrough cookie of the retrieved response.
+
+The function returns E_RMM_OK if response is retrieved successfully, E_RMM_INVAL if arguments
+to this function are invalid, E_RMM_UNK if response retrieval failed for an unknown error or
+IDE-KM interface is having blocking semantics, E_RMM_AGAIN if the response queue is empty.
+
+The `arg2` return parameter can return the following values:
+E_RMM_OK - The previous request was successful.
+E_RMM_FAULT - The previous request was not successful.
+E_RMM_INVAL - Arguments to previous request were incorrect.
+E_RMM_UNK - Previous request returned Unknown error.
+
Function : bl31_plat_enable_mmu [optional]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/threat_model/firmware_threat_model/index.rst b/docs/threat_model/firmware_threat_model/index.rst
index ce1752f..89205de 100644
--- a/docs/threat_model/firmware_threat_model/index.rst
+++ b/docs/threat_model/firmware_threat_model/index.rst
@@ -29,13 +29,12 @@
threat_model
threat_model_el3_spm
- threat_model_fvp_r
threat_model_rse_interface
threat_model_arm_cca
threat_model_fw_update_and_recovery
--------------
-*Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.*
.. _STRIDE threat modeling technique: https://docs.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats#stride-model
diff --git a/docs/threat_model/firmware_threat_model/threat_model_fvp_r.rst b/docs/threat_model/firmware_threat_model/threat_model_fvp_r.rst
deleted file mode 100644
index 0b71bf0..0000000
--- a/docs/threat_model/firmware_threat_model/threat_model_fvp_r.rst
+++ /dev/null
@@ -1,99 +0,0 @@
-fvp_r-Platform Threat Model
-***************************
-
-************************
-Introduction
-************************
-This document provides a threat model for TF-A fvp_r platform.
-
-************************
-Target of Evaluation
-************************
-In this threat model, the target of evaluation is the fvp_r platform of Trusted
-Firmware for A-class Processors (TF-A). The fvp_r platform provides limited
-support of AArch64 R-class Processors (v8-R64).
-
-This is a delta document, only pointing out differences from the general TF-A
-threat-model document, :ref:`Generic Threat Model`
-
-BL1 Only
-========
-The most fundamental difference between the threat model for the current fvp_r
-implementation compared to the general TF-A threat model, is that fvp_r is
-currently limited to BL1 only. Any threats from the general TF-A threat model
-unrelated to BL1 are therefore not relevant to the fvp_r implementation.
-
-The fvp_r BL1 implementation directly loads a customer/partner-defined runtime
-system. The threat model for that runtime system, being partner-defined, is
-out-of-scope for this threat-model.
-
-Relatedly, all exceptions, synchronous and asynchronous, are disabled during BL1
-execution. So, any references to exceptions are not relevant.
-
-EL3 is Unsupported and All Secure
-=================================
-v8-R64 cores do not support EL3, and (essentially) all operation is defined as
-Secure-mode. Therefore:
-
- - Any threats regarding NS operation are not relevant.
-
- - Any mentions of SMCs are also not relevant.
-
- - Anything otherwise-relevant code running in EL3 is instead run in EL2.
-
-MPU instead of MMU
-==================
-v8-R64 cores, running in EL2, use an MPU for memory management, rather than an
-MMU. The MPU in the fvp_r implementation is configured to function effectively
-identically with the MMU for the usual BL1 implementation. There are
-memory-map differences, but the MPU configuration is functionally equivalent.
-
-No AArch32 Support
-==================
-Another substantial difference between v8-A and v8-R64 cores is that v8-R64 does
-not support AArch32. However, this is not believed to have any threat-modeling
-ramifications.
-
-
-Threat Assessment
-=================
-For this section, please reference the Threat Assessment under the general TF-A
-threat-model document, :ref:`Generic Threat Model`
-
-The following threats from that document are still relevant to the fvp_r
-implementation:
-
- - ID 01: An attacker can mangle firmware images to execute arbitrary code.
-
- - ID 03: An attacker can use Time-of-Check-Time-of-Use (TOCTOU) attack to
- bypass image authentication during the boot process.
-
- - ID 04: An attacker with physical access can execute arbitrary image by
- bypassing the signature verification stage using clock- or power-glitching
- techniques.
-
- - ID 05: Information leak via UART logs such as crashes
-
- - ID 06: An attacker can read sensitive data and execute arbitrary code
- through the external debug and trace interface.
-
- - ID 08: Memory corruption due to memory overflows and lack of boundary
- checking when accessing resources could allow an attacker to execute
- arbitrary code, modify some state variable to change the normal flow of
- the program, or leak sensitive.
-
- - ID 11: Misconfiguration of the Memory Protection Unit (MPU) may allow
- normal world software to access sensitive data or execute arbitrary code.
- Arguably, MPUs having fewer memory regions, there may be a temptation to
- share memory regions, making this a greater threat. However, since the
- fvp_r implementation is limited to BL1, since BL1's regions are fixed,
- and since the MPU configuration is equivalent with that for the fvp
- platform and others, this is not expected to be a concern.
-
- - ID 15: Improper handling of input data received over a UART interface may
- allow an attacker to tamper with TF-A execution environment.
-
-
---------------
-
-*Copyright (c) 2021-2024, Arm Limited. All rights reserved.*
diff --git a/drivers/arm/cci/cci.c b/drivers/arm/cci/cci.c
index 40d2efd..ae2b9bb 100644
--- a/drivers/arm/cci/cci.c
+++ b/drivers/arm/cci/cci.c
@@ -143,7 +143,7 @@
* rest of bits are write ignore
*/
mmio_write_32(cci_base +
- SLAVE_IFACE_OFFSET(slave_if_id) + SNOOP_CTRL_REG,
+ SLAVE_IFACE_OFFSET((u_register_t)slave_if_id) + SNOOP_CTRL_REG,
DVM_EN_BIT | SNOOP_EN_BIT);
/*
@@ -171,7 +171,7 @@
* rest of bits are write ignore.
*/
mmio_write_32(cci_base +
- SLAVE_IFACE_OFFSET(slave_if_id) + SNOOP_CTRL_REG,
+ SLAVE_IFACE_OFFSET((u_register_t)slave_if_id) + SNOOP_CTRL_REG,
~(DVM_EN_BIT | SNOOP_EN_BIT));
/*
diff --git a/drivers/arm/css/scp/css_pm_scmi.c b/drivers/arm/css/scp/css_pm_scmi.c
index b310ff4..74d9fad 100644
--- a/drivers/arm/css/scp/css_pm_scmi.c
+++ b/drivers/arm/css/scp/css_pm_scmi.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -309,10 +309,11 @@
*/
mmio_write_64(PLAT_ARM_TRUSTED_MAILBOX_BASE, 0U);
+ unsigned int core_pos = plat_my_core_pos();
/*
* Send powerdown request to online secondary core(s)
*/
- ret = psci_stop_other_cores(plat_my_core_pos(), 0, css_raise_pwr_down_interrupt);
+ ret = psci_stop_other_cores(core_pos, 0, css_raise_pwr_down_interrupt);
if (ret != PSCI_E_SUCCESS) {
ERROR("Failed to powerdown secondary core(s)\n");
}
@@ -321,8 +322,8 @@
* Disable GIC CPU interface to prevent pending interrupt from waking
* up the AP from WFI.
*/
- plat_arm_gic_cpuif_disable();
- plat_arm_gic_redistif_off();
+ gic_cpuif_disable(core_pos);
+ gic_pcpu_off(core_pos);
/*
* Issue SCMI command. First issue a graceful
diff --git a/drivers/arm/css/scp/css_pm_scpi.c b/drivers/arm/css/scp/css_pm_scpi.c
index 02be070..781b216 100644
--- a/drivers/arm/css/scp/css_pm_scpi.c
+++ b/drivers/arm/css/scp/css_pm_scpi.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -121,12 +121,6 @@
{
uint32_t response;
- /*
- * Disable GIC CPU interface to prevent pending interrupt
- * from waking up the AP from WFI.
- */
- plat_arm_gic_cpuif_disable();
-
/* Send the power down request to the SCP */
response = scpi_sys_power_state(scpi_system_shutdown);
@@ -143,12 +137,6 @@
{
uint32_t response;
- /*
- * Disable GIC CPU interface to prevent pending interrupt
- * from waking up the AP from WFI.
- */
- plat_arm_gic_cpuif_disable();
-
/* Send the system reset request to the SCP */
response = scpi_sys_power_state(scpi_system_reboot);
diff --git a/drivers/arm/gic/gic.mk b/drivers/arm/gic/gic.mk
new file mode 100644
index 0000000..ad30984
--- /dev/null
+++ b/drivers/arm/gic/gic.mk
@@ -0,0 +1,32 @@
+#
+# Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+GIC_REVISIONS_ := 1 2 3
+ifeq ($(filter $(USE_GIC_DRIVER),$(GIC_REVISIONS_)),)
+$(error USE_GIC_DRIVER can only be one of $(GIC_REVISIONS_))
+endif
+
+ifeq (${USE_GIC_DRIVER},2)
+include drivers/arm/gic/v2/gicv2.mk
+GIC_SOURCES := ${GICV2_SOURCES} \
+ drivers/arm/gic/v2/gicv2_base.c \
+ plat/common/plat_gicv2.c
+else ifeq (${USE_GIC_DRIVER},3)
+include drivers/arm/gic/v3/gicv3.mk
+GIC_SOURCES := ${GICV3_SOURCES} \
+ drivers/arm/gic/v3/gicv3_base.c \
+ plat/common/plat_gicv3.c
+endif
+
+ifeq ($(ARCH),aarch64)
+BL31_SOURCES += ${GIC_SOURCES}
+else
+BL32_SOURCES += ${GIC_SOURCES}
+endif
+
+$(eval $(call add_defines,\
+ USE_GIC_DRIVER \
+))
diff --git a/drivers/arm/gic/v2/gicdv2_helpers.c b/drivers/arm/gic/v2/gicdv2_helpers.c
index db9ba87..2f3f7f8 100644
--- a/drivers/arm/gic/v2/gicdv2_helpers.c
+++ b/drivers/arm/gic/v2/gicdv2_helpers.c
@@ -8,6 +8,7 @@
#include <drivers/arm/gic_common.h>
#include <lib/mmio.h>
+#include <lib/utils_def.h>
#include "../common/gic_common_private.h"
@@ -256,7 +257,7 @@
unsigned int bit_num = id & ((1U << IGROUPR_SHIFT) - 1U);
unsigned int reg_val = gicd_read_igroupr(base, id);
- gicd_write_igroupr(base, id, reg_val | (1U << bit_num));
+ gicd_write_igroupr(base, id, reg_val | BIT_32(bit_num));
}
void gicd_clr_igroupr(uintptr_t base, unsigned int id)
@@ -264,35 +265,35 @@
unsigned int bit_num = id & ((1U << IGROUPR_SHIFT) - 1U);
unsigned int reg_val = gicd_read_igroupr(base, id);
- gicd_write_igroupr(base, id, reg_val & ~(1U << bit_num));
+ gicd_write_igroupr(base, id, reg_val & ~BIT_32(bit_num));
}
void gicd_set_isenabler(uintptr_t base, unsigned int id)
{
unsigned int bit_num = id & ((1U << ISENABLER_SHIFT) - 1U);
- gicd_write_isenabler(base, id, (1U << bit_num));
+ gicd_write_isenabler(base, id, BIT_32(bit_num));
}
void gicd_set_icenabler(uintptr_t base, unsigned int id)
{
unsigned int bit_num = id & ((1U << ICENABLER_SHIFT) - 1U);
- gicd_write_icenabler(base, id, (1U << bit_num));
+ gicd_write_icenabler(base, id, BIT_32(bit_num));
}
void gicd_set_ispendr(uintptr_t base, unsigned int id)
{
unsigned int bit_num = id & ((1U << ISPENDR_SHIFT) - 1U);
- gicd_write_ispendr(base, id, (1U << bit_num));
+ gicd_write_ispendr(base, id, BIT_32(bit_num));
}
void gicd_set_icpendr(uintptr_t base, unsigned int id)
{
unsigned int bit_num = id & ((1U << ICPENDR_SHIFT) - 1U);
- gicd_write_icpendr(base, id, (1U << bit_num));
+ gicd_write_icpendr(base, id, BIT_32(bit_num));
}
unsigned int gicd_get_isactiver(uintptr_t base, unsigned int id)
@@ -307,14 +308,14 @@
{
unsigned int bit_num = id & ((1U << ISACTIVER_SHIFT) - 1U);
- gicd_write_isactiver(base, id, (1U << bit_num));
+ gicd_write_isactiver(base, id, BIT_32(bit_num));
}
void gicd_set_icactiver(uintptr_t base, unsigned int id)
{
unsigned int bit_num = id & ((1U << ICACTIVER_SHIFT) - 1U);
- gicd_write_icactiver(base, id, (1U << bit_num));
+ gicd_write_icactiver(base, id, BIT_32(bit_num));
}
void gicd_set_ipriorityr(uintptr_t base, unsigned int id, unsigned int pri)
diff --git a/plat/arm/common/arm_gicv2.c b/drivers/arm/gic/v2/gicv2_base.c
similarity index 74%
copy from plat/arm/common/arm_gicv2.c
copy to drivers/arm/gic/v2/gicv2_base.c
index 80a845f..c51c195 100644
--- a/plat/arm/common/arm_gicv2.c
+++ b/drivers/arm/gic/v2/gicv2_base.c
@@ -1,24 +1,19 @@
/*
- * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <platform_def.h>
+#include <drivers/arm/gic.h>
#include <drivers/arm/gicv2.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
-/******************************************************************************
- * The following functions are defined as weak to allow a platform to override
- * the way the GICv2 driver is initialised and used.
- *****************************************************************************/
-#pragma weak plat_arm_gic_driver_init
-#pragma weak plat_arm_gic_init
-#pragma weak plat_arm_gic_cpuif_enable
-#pragma weak plat_arm_gic_cpuif_disable
-#pragma weak plat_arm_gic_pcpu_init
+#if USE_GIC_DRIVER != 2
+#error "This file should only be used with USE_GIC_DRIVER=2"
+#endif
/******************************************************************************
* On a GICv2 system, the Group 1 secure interrupts are treated as Group 0
@@ -43,23 +38,16 @@
/******************************************************************************
* ARM common helper to initialize the GICv2 only driver.
*****************************************************************************/
-void plat_arm_gic_driver_init(void)
+void __init gic_init(unsigned int cpu_idx)
{
gicv2_driver_init(&arm_gic_data);
-}
-
-void plat_arm_gic_init(void)
-{
gicv2_distif_init();
- gicv2_pcpu_distif_init();
- gicv2_set_pe_target_mask(plat_my_core_pos());
- gicv2_cpuif_enable();
}
/******************************************************************************
* ARM common helper to enable the GICv2 CPU interface
*****************************************************************************/
-void plat_arm_gic_cpuif_enable(void)
+void gic_cpuif_enable(unsigned int cpu_idx)
{
gicv2_cpuif_enable();
}
@@ -67,7 +55,7 @@
/******************************************************************************
* ARM common helper to disable the GICv2 CPU interface
*****************************************************************************/
-void plat_arm_gic_cpuif_disable(void)
+void gic_cpuif_disable(unsigned int cpu_idx)
{
gicv2_cpuif_disable();
}
@@ -75,7 +63,7 @@
/******************************************************************************
* ARM common helper to initialize the per cpu distributor interface in GICv2
*****************************************************************************/
-void plat_arm_gic_pcpu_init(void)
+void gic_pcpu_init(unsigned int cpu_idx)
{
gicv2_pcpu_distif_init();
gicv2_set_pe_target_mask(plat_my_core_pos());
@@ -85,29 +73,23 @@
* Stubs for Redistributor power management. Although GICv2 doesn't have
* Redistributor interface, these are provided for the sake of uniform GIC API
*****************************************************************************/
-void plat_arm_gic_redistif_on(void)
+void gic_pcpu_off(unsigned int cpu_idx)
{
return;
}
-void plat_arm_gic_redistif_off(void)
-{
- return;
-}
-
-
/******************************************************************************
* ARM common helper to save & restore the GICv3 on resume from system suspend.
* The normal world currently takes care of saving and restoring the GICv2
* registers due to legacy reasons. Hence we just initialize the Distributor
* on resume from system suspend.
*****************************************************************************/
-void plat_arm_gic_save(void)
+void gic_save(void)
{
return;
}
-void plat_arm_gic_resume(void)
+void gic_resume(void)
{
gicv2_distif_init();
gicv2_pcpu_distif_init();
diff --git a/drivers/arm/gic/v2/gicv2_helpers.c b/drivers/arm/gic/v2/gicv2_helpers.c
index a9ae0b5..3415499 100644
--- a/drivers/arm/gic/v2/gicv2_helpers.c
+++ b/drivers/arm/gic/v2/gicv2_helpers.c
@@ -11,6 +11,7 @@
#include <common/interrupt_props.h>
#include <drivers/arm/gic_common.h>
#include <drivers/arm/gicv2.h>
+#include <lib/utils_def.h>
#include "../common/gic_common_private.h"
#include "gicv2_private.h"
@@ -203,7 +204,7 @@
}
/* We have an SGI or a PPI. They are Group0 at reset */
- sec_ppi_sgi_mask |= (1u << prop_desc->intr_num);
+ sec_ppi_sgi_mask |= BIT_32((uint32_t)prop_desc->intr_num);
/* Set the priority of this interrupt */
gicd_set_ipriorityr(gicd_base, prop_desc->intr_num,
diff --git a/plat/arm/common/arm_gicv3.c b/drivers/arm/gic/v3/gicv3_base.c
similarity index 76%
copy from plat/arm/common/arm_gicv3.c
copy to drivers/arm/gic/v3/gicv3_base.c
index 5becbcd..57f2314 100644
--- a/plat/arm/common/arm_gicv3.c
+++ b/drivers/arm/gic/v3/gicv3_base.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,25 +9,18 @@
#include <common/debug.h>
#include <common/interrupt_props.h>
+#include <drivers/arm/gic.h>
#include <drivers/arm/gicv3.h>
#include <lib/utils.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
-/******************************************************************************
- * The following functions are defined as weak to allow a platform to override
- * the way the GICv3 driver is initialised and used.
- *****************************************************************************/
-#pragma weak plat_arm_gic_driver_init
-#pragma weak plat_arm_gic_init
-#pragma weak plat_arm_gic_cpuif_enable
-#pragma weak plat_arm_gic_cpuif_disable
-#pragma weak plat_arm_gic_pcpu_init
-#pragma weak plat_arm_gic_redistif_on
-#pragma weak plat_arm_gic_redistif_off
+#if USE_GIC_DRIVER != 3
+#error "This file should only be used with USE_GIC_DRIVER=3"
+#endif
/* The GICv3 driver only needs to be initialized in EL3 */
-static uintptr_t rdistif_base_addrs[PLATFORM_CORE_COUNT];
+uintptr_t rdistif_base_addrs[PLATFORM_CORE_COUNT];
/* Default GICR base address to be used for GICR probe. */
static const uintptr_t gicr_base_addrs[2] = {
@@ -79,7 +72,7 @@
return plat_arm_calc_core_pos(mpidr);
}
-static const gicv3_driver_data_t arm_gic_data __unused = {
+gicv3_driver_data_t gic_data __unused = {
.gicd_base = PLAT_ARM_GICD_BASE,
.gicr_base = 0U,
.interrupt_props = arm_interrupt_props,
@@ -101,49 +94,29 @@
gicr_frames = plat_gicr_frames;
}
-void __init plat_arm_gic_driver_init(void)
-{
- /*
- * The GICv3 driver is initialized in EL3 and does not need
- * to be initialized again in SEL1. This is because the S-EL1
- * can use GIC system registers to manage interrupts and does
- * not need GIC interface base addresses to be configured.
- */
-#if (!defined(__aarch64__) && defined(IMAGE_BL32)) || \
- (defined(__aarch64__) && defined(IMAGE_BL31))
- gicv3_driver_init(&arm_gic_data);
-
- if (gicv3_rdistif_probe(gicr_base_addrs[0]) == -1) {
- ERROR("No GICR base frame found for Primary CPU\n");
- panic();
- }
-#endif
-}
-
/******************************************************************************
* ARM common helper to initialize the GIC. Only invoked by BL31
*****************************************************************************/
-void __init plat_arm_gic_init(void)
+void __init gic_init(unsigned int cpu_idx)
{
+ gicv3_driver_init(&gic_data);
gicv3_distif_init();
- gicv3_rdistif_init(plat_my_core_pos());
- gicv3_cpuif_enable(plat_my_core_pos());
}
/******************************************************************************
* ARM common helper to enable the GIC CPU interface
*****************************************************************************/
-void plat_arm_gic_cpuif_enable(void)
+void gic_cpuif_enable(unsigned int cpu_idx)
{
- gicv3_cpuif_enable(plat_my_core_pos());
+ gicv3_cpuif_enable(cpu_idx);
}
/******************************************************************************
* ARM common helper to disable the GIC CPU interface
*****************************************************************************/
-void plat_arm_gic_cpuif_disable(void)
+void gic_cpuif_disable(unsigned int cpu_idx)
{
- gicv3_cpuif_disable(plat_my_core_pos());
+ gicv3_cpuif_disable(cpu_idx);
}
/******************************************************************************
@@ -151,7 +124,7 @@
* corresponding per-cpu redistributor frame as well as initialize the
* corresponding interface in GICv3.
*****************************************************************************/
-void plat_arm_gic_pcpu_init(void)
+void gic_pcpu_init(unsigned int cpu_idx)
{
int result;
const uintptr_t *plat_gicr_frames = gicr_frames;
@@ -170,26 +143,22 @@
ERROR("No GICR base frame found for CPU 0x%lx\n", read_mpidr());
panic();
}
- gicv3_rdistif_init(plat_my_core_pos());
+ gicv3_rdistif_init(cpu_idx);
}
/******************************************************************************
* ARM common helpers to power GIC redistributor interface
*****************************************************************************/
-void plat_arm_gic_redistif_on(void)
+void gic_pcpu_off(unsigned int cpu_idx)
{
- gicv3_rdistif_on(plat_my_core_pos());
-}
-
-void plat_arm_gic_redistif_off(void)
-{
- gicv3_rdistif_off(plat_my_core_pos());
+ gicv3_rdistif_off(cpu_idx);
}
/******************************************************************************
- * ARM common helper to save & restore the GICv3 on resume from system suspend
+ * Common helper to save & restore the GICv3 on resume from system suspend. It
+ * is the platform's responsibility to call these.
*****************************************************************************/
-void plat_arm_gic_save(void)
+void gic_save(void)
{
gicv3_redist_ctx_t * const rdist_context =
(gicv3_redist_ctx_t *)LOAD_ADDR_OF(rdist_ctx);
@@ -222,7 +191,7 @@
*/
}
-void plat_arm_gic_resume(void)
+void gic_resume(void)
{
const gicv3_redist_ctx_t *rdist_context =
(gicv3_redist_ctx_t *)LOAD_ADDR_OF(rdist_ctx);
diff --git a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c b/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
deleted file mode 100644
index 236823a..0000000
--- a/drivers/auth/tbbr/tbbr_cot_bl1_r64.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Copyright (c) 2021-2023, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <stddef.h>
-
-#include <mbedtls/version.h>
-
-#include <drivers/auth/auth_mod.h>
-#include <drivers/auth/tbbr_cot_common.h>
-
-#if USE_TBBR_DEFS
-#include <tools_share/tbbr_oid.h>
-#else
-#include <platform_oid.h>
-#endif
-
-#include <platform_def.h>
-
-static unsigned char trusted_world_pk_buf[PK_DER_LEN];
-static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
-static unsigned char content_pk_buf[PK_DER_LEN];
-static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN];
-
-static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID);
-static auth_param_type_desc_t trusted_world_pk = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_PUB_KEY, TRUSTED_WORLD_PK_OID);
-static auth_param_type_desc_t non_trusted_world_pk = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_PUB_KEY, NON_TRUSTED_WORLD_PK_OID);
-static auth_param_type_desc_t nt_fw_content_pk = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_PUB_KEY, NON_TRUSTED_FW_CONTENT_CERT_PK_OID);
-static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID);
-static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC(
- AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID);
-/*
- * Trusted key certificate
- */
-static const auth_img_desc_t trusted_key_cert = {
- .img_id = TRUSTED_KEY_CERT_ID,
- .img_type = IMG_CERT,
- .parent = NULL,
- .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
- [0] = {
- .type = AUTH_METHOD_SIG,
- .param.sig = {
- .pk = &subject_pk,
- .sig = &sig,
- .alg = &sig_alg,
- .data = &raw_data
- }
- },
- [1] = {
- .type = AUTH_METHOD_NV_CTR,
- .param.nv_ctr = {
- .cert_nv_ctr = &trusted_nv_ctr,
- .plat_nv_ctr = &trusted_nv_ctr
- }
- }
- },
- .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
- [0] = {
- .type_desc = &trusted_world_pk,
- .data = {
- .ptr = (void *)trusted_world_pk_buf,
- .len = (unsigned int)PK_DER_LEN
- }
- },
- [1] = {
- .type_desc = &non_trusted_world_pk,
- .data = {
- .ptr = (void *)non_trusted_world_pk_buf,
- .len = (unsigned int)PK_DER_LEN
- }
- }
- }
-};
-/*
- * Non-Trusted Firmware
- */
-static const auth_img_desc_t non_trusted_fw_key_cert = {
- .img_id = NON_TRUSTED_FW_KEY_CERT_ID,
- .img_type = IMG_CERT,
- .parent = &trusted_key_cert,
- .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
- [0] = {
- .type = AUTH_METHOD_SIG,
- .param.sig = {
- .pk = &non_trusted_world_pk,
- .sig = &sig,
- .alg = &sig_alg,
- .data = &raw_data
- }
- },
- [1] = {
- .type = AUTH_METHOD_NV_CTR,
- .param.nv_ctr = {
- .cert_nv_ctr = &non_trusted_nv_ctr,
- .plat_nv_ctr = &non_trusted_nv_ctr
- }
- }
- },
- .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
- [0] = {
- .type_desc = &nt_fw_content_pk,
- .data = {
- .ptr = (void *)content_pk_buf,
- .len = (unsigned int)PK_DER_LEN
- }
- }
- }
-};
-static const auth_img_desc_t non_trusted_fw_content_cert = {
- .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID,
- .img_type = IMG_CERT,
- .parent = &non_trusted_fw_key_cert,
- .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
- [0] = {
- .type = AUTH_METHOD_SIG,
- .param.sig = {
- .pk = &nt_fw_content_pk,
- .sig = &sig,
- .alg = &sig_alg,
- .data = &raw_data
- }
- },
- [1] = {
- .type = AUTH_METHOD_NV_CTR,
- .param.nv_ctr = {
- .cert_nv_ctr = &non_trusted_nv_ctr,
- .plat_nv_ctr = &non_trusted_nv_ctr
- }
- }
- },
- .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
- [0] = {
- .type_desc = &nt_world_bl_hash,
- .data = {
- .ptr = (void *)nt_world_bl_hash_buf,
- .len = (unsigned int)HASH_DER_LEN
- }
- },
- [1] = {
- .type_desc = &nt_fw_config_hash,
- .data = {
- .ptr = (void *)nt_fw_config_hash_buf,
- .len = (unsigned int)HASH_DER_LEN
- }
- }
- }
-};
-static const auth_img_desc_t bl33_image = {
- .img_id = BL33_IMAGE_ID,
- .img_type = IMG_RAW,
- .parent = &non_trusted_fw_content_cert,
- .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
- [0] = {
- .type = AUTH_METHOD_HASH,
- .param.hash = {
- .data = &raw_data,
- .hash = &nt_world_bl_hash
- }
- }
- }
-};
-
-static const auth_img_desc_t * const cot_desc[] = {
- [TRUSTED_KEY_CERT_ID] = &trusted_key_cert,
- [NON_TRUSTED_FW_KEY_CERT_ID] = &non_trusted_fw_key_cert,
- [NON_TRUSTED_FW_CONTENT_CERT_ID] = &non_trusted_fw_content_cert,
- [BL33_IMAGE_ID] = &bl33_image,
-};
-
-/* Register the CoT in the authentication module */
-REGISTER_COT(cot_desc);
diff --git a/drivers/console/multi_console.c b/drivers/console/multi_console.c
index 5ecbaed..59a4a86 100644
--- a/drivers/console/multi_console.c
+++ b/drivers/console/multi_console.c
@@ -79,8 +79,8 @@
{
int ret;
- if ((c == '\n') &&
- ((console->flags & CONSOLE_FLAG_TRANSLATE_CRLF) != 0)) {
+ if ((c == (int)'\n') &&
+ ((console->flags & CONSOLE_FLAG_TRANSLATE_CRLF) != 0U)) {
ret = console->putc('\r', console);
if (ret < 0)
return ret;
diff --git a/drivers/measured_boot/event_log/event_handoff.c b/drivers/measured_boot/event_log/event_handoff.c
new file mode 100644
index 0000000..238ea27
--- /dev/null
+++ b/drivers/measured_boot/event_log/event_handoff.c
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stddef.h>
+
+#include <common/debug.h>
+#include <drivers/measured_boot/event_log/event_handoff.h>
+
+#include <platform_def.h>
+
+static uint8_t *get_log_ptr(struct transfer_list_entry *te, size_t offset)
+{
+ uint8_t *base_ptr = transfer_list_entry_data(te);
+
+ if (base_ptr == NULL) {
+ return NULL;
+ }
+
+ return base_ptr + offset;
+}
+
+uint8_t *transfer_list_event_log_extend(struct transfer_list_header *tl,
+ size_t req_size, size_t *free)
+{
+ struct transfer_list_entry *existing_entry;
+ struct transfer_list_entry *new_entry;
+ uint8_t *old_data;
+ size_t existing_offset;
+ size_t old_size;
+
+ if (tl == NULL || free == NULL || req_size == 0) {
+ ERROR("Invalid arguments to event log extend.\n");
+ return NULL;
+ }
+
+ existing_entry = transfer_list_find(tl, TL_TAG_TPM_EVLOG);
+ existing_offset = EVENT_LOG_RESERVED_BYTES;
+
+ if (existing_entry != NULL) {
+ existing_offset = existing_entry->data_size;
+
+ if (transfer_list_set_data_size(tl, existing_entry,
+ req_size + existing_offset)) {
+ VERBOSE("TPM event log entry resized: new space %zu bytes at offset %zu\n",
+ req_size, existing_offset);
+
+ *free = existing_entry->data_size - existing_offset;
+
+ return get_log_ptr(existing_entry, existing_offset);
+ }
+ }
+
+ /* Add new entry (resize failed or no existing entry) */
+ new_entry = transfer_list_add(tl, TL_TAG_TPM_EVLOG,
+ req_size + existing_offset, NULL);
+
+ if (new_entry == NULL) {
+ ERROR("Failed to add TPM event log entry to transfer list.\n");
+ return NULL;
+ }
+
+ VERBOSE("New TPM event log entry added at %p\n",
+ transfer_list_entry_data(new_entry));
+
+ if (existing_entry != NULL) {
+ old_data = transfer_list_entry_data(existing_entry);
+ old_size = existing_offset;
+
+ VERBOSE("Copying existing event log (%zu bytes) to new entry at %p\n",
+ old_size, transfer_list_entry_data(new_entry));
+
+ memmove(transfer_list_entry_data(new_entry), old_data,
+ old_size);
+
+ transfer_list_rem(tl, existing_entry);
+ }
+
+ *free = new_entry->data_size - existing_offset;
+
+ return get_log_ptr(new_entry, existing_offset);
+}
+
+uint8_t *transfer_list_event_log_finish(struct transfer_list_header *tl,
+ uintptr_t cursor)
+{
+ uintptr_t entry_data_base;
+ size_t final_log_size;
+ struct transfer_list_entry *entry;
+
+ entry = transfer_list_find(tl, TL_TAG_TPM_EVLOG);
+ entry_data_base = (uintptr_t)transfer_list_entry_data(entry);
+
+ if (cursor < entry_data_base ||
+ cursor >= entry_data_base + entry->data_size) {
+ ERROR("Invalid cursor: outside event log bounds.\n");
+ return NULL;
+ }
+
+ final_log_size = cursor - entry_data_base;
+
+ if (!transfer_list_set_data_size(tl, entry, final_log_size)) {
+ ERROR("Unable to resize event log TE.\n");
+ return NULL;
+ }
+
+ transfer_list_update_checksum(tl);
+
+ VERBOSE("TPM event log finalized: trimmed to %zu bytes",
+ final_log_size - EVENT_LOG_RESERVED_BYTES);
+
+ /* Ensure changes are visible to the next stage. */
+ flush_dcache_range((uintptr_t)tl, tl->size);
+
+ return get_log_ptr(entry, EVENT_LOG_RESERVED_BYTES);
+}
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c
index 6f2898d..761ff29 100644
--- a/drivers/measured_boot/event_log/event_log.c
+++ b/drivers/measured_boot/event_log/event_log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,12 +7,9 @@
#include <assert.h>
#include <errno.h>
#include <string.h>
-#include <arch_helpers.h>
-#include <common/bl_common.h>
-#include <common/debug.h>
-#include <drivers/auth/crypto_mod.h>
-#include <drivers/measured_boot/event_log/event_log.h>
+#include "crypto_mod.h"
+#include "event_log.h"
#if TPM_ALG_ID == TPM_ALG_SHA512
#define CRYPTO_MD_ID CRYPTO_MD_SHA512
@@ -75,34 +72,25 @@
}
};
-/*
- * Record a measurement as a TCG_PCR_EVENT2 event
- *
- * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes
- * @param[in] event_type Type of Event, Various Event Types are
- * mentioned in tcg.h header
- * @param[in] metadata_ptr Pointer to event_log_metadata_t structure
- *
- * There must be room for storing this new event into the event log buffer.
- */
-void event_log_record(const uint8_t *hash, uint32_t event_type,
+int event_log_record(const uint8_t *hash, uint32_t event_type,
const event_log_metadata_t *metadata_ptr)
{
void *ptr = log_ptr;
uint32_t name_len = 0U;
- assert(hash != NULL);
- assert(metadata_ptr != NULL);
/* event_log_buf_init() must have been called prior to this. */
- assert(log_ptr != NULL);
+ if (hash == NULL || metadata_ptr == NULL || log_ptr == NULL) {
+ return -EINVAL;
+ }
if (metadata_ptr->name != NULL) {
name_len = (uint32_t)strlen(metadata_ptr->name) + 1U;
}
/* Check for space in Event Log buffer */
- assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <
- log_end);
+ if (((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) > log_end) {
+ return -ENOMEM;
+ }
/*
* As per TCG specifications, firmware components that are measured
@@ -145,38 +133,42 @@
/* End of event data */
log_ptr = (uint8_t *)((uintptr_t)ptr +
offsetof(event2_data_t, event) + name_len);
+
+ return 0;
}
-void event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+int event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish)
{
- assert(event_log_start != NULL);
- assert(event_log_finish > event_log_start);
+ if (event_log_start == NULL || event_log_finish == NULL ||
+ event_log_start > event_log_finish) {
+ return -EINVAL;
+ }
log_ptr = event_log_start;
log_end = (uintptr_t)event_log_finish;
+
+ return 0;
}
-/*
- * Initialise Event Log global variables, used during the recording
- * of various payload measurements into the Event Log buffer
- *
- * @param[in] event_log_start Base address of Event Log buffer
- * @param[in] event_log_finish End address of Event Log buffer,
- * it is a first byte past end of the
- * buffer
- */
-void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+int event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
{
- event_log_buf_init(event_log_start, event_log_finish);
+ return event_log_buf_init(event_log_start, event_log_finish);
}
-void event_log_write_specid_event(void)
+int event_log_write_specid_event(void)
{
- void *ptr = log_ptr;
+ void *ptr;
/* event_log_buf_init() must have been called prior to this. */
- assert(log_ptr != NULL);
- assert(((uintptr_t)log_ptr + ID_EVENT_SIZE) < log_end);
+ if (log_ptr == NULL) {
+ return -EFAULT;
+ }
+
+ if (((uintptr_t)log_ptr + ID_EVENT_SIZE) > log_end) {
+ return -ENOMEM;
+ }
+
+ ptr = log_ptr;
/*
* Add Specification ID Event first
@@ -199,21 +191,26 @@
((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
log_ptr = (uint8_t *)((uintptr_t)ptr +
offsetof(id_event_struct_data_t, vendor_info));
+
+ return 0;
}
-/*
- * Initialises Event Log by writing Specification ID and
- * Startup Locality events
- */
-void event_log_write_header(void)
+int event_log_write_header(void)
{
const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
void *ptr;
+ int rc;
- event_log_write_specid_event();
+ rc = event_log_write_specid_event();
+ if (rc < 0) {
+ return rc;
+ }
+
+ if (((uintptr_t)log_ptr + LOC_EVENT_SIZE) > log_end) {
+ return -ENOMEM;
+ }
ptr = log_ptr;
- assert(((uintptr_t)log_ptr + LOC_EVENT_SIZE) < log_end);
/*
* The Startup Locality event should be placed in the log before
@@ -250,6 +247,8 @@
*/
((startup_locality_event_t *)ptr)->startup_locality = 0U;
log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
+
+ return 0;
}
int event_log_measure(uintptr_t data_base, uint32_t data_size,
@@ -260,18 +259,6 @@
(void *)data_base, data_size, hash_data);
}
-/*
- * Calculate and write hash of image, configuration data, etc.
- * to Event Log.
- *
- * @param[in] data_base Address of data
- * @param[in] data_size Size of data
- * @param[in] data_id Data ID
- * @param[in] metadata_ptr Event Log metadata
- * @return:
- * 0 = success
- * < 0 = error
- */
int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
uint32_t data_id,
const event_log_metadata_t *metadata_ptr)
@@ -279,14 +266,18 @@
unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
int rc;
- assert(metadata_ptr != NULL);
+ if (metadata_ptr == NULL) {
+ return -EINVAL;
+ }
/* Get the metadata associated with this image. */
- while ((metadata_ptr->id != EVLOG_INVALID_ID) &&
- (metadata_ptr->id != data_id)) {
+ while (metadata_ptr->id != data_id) {
+ if (metadata_ptr->id == EVLOG_INVALID_ID) {
+ return -EINVAL;
+ }
+
metadata_ptr++;
}
- assert(metadata_ptr->id != EVLOG_INVALID_ID);
/* Measure the payload with algorithm selected by EventLog driver */
rc = event_log_measure(data_base, data_size, hash_data);
@@ -294,18 +285,14 @@
return rc;
}
- event_log_record(hash_data, EV_POST_CODE, metadata_ptr);
+ rc = event_log_record(hash_data, EV_POST_CODE, metadata_ptr);
+ if (rc != 0) {
+ return rc;
+ }
return 0;
}
-/*
- * Get current Event Log buffer size i.e. used space of Event Log buffer
- *
- * @param[in] event_log_start Base Pointer to Event Log buffer
- *
- * @return: current Size of Event Log buffer
- */
size_t event_log_get_cur_size(uint8_t *event_log_start)
{
assert(event_log_start != NULL);
diff --git a/drivers/measured_boot/event_log/event_log.mk b/drivers/measured_boot/event_log/event_log.mk
index 9e0d6c4..09c15da 100644
--- a/drivers/measured_boot/event_log/event_log.mk
+++ b/drivers/measured_boot/event_log/event_log.mk
@@ -4,6 +4,8 @@
# SPDX-License-Identifier: BSD-3-Clause
#
+EVENT_LOG_SRC_DIR := drivers/measured_boot/event_log/
+
# Default log level to dump the event log (LOG_LEVEL_INFO)
EVENT_LOG_LEVEL ?= 40
@@ -40,7 +42,13 @@
EVENT_LOG_LEVEL \
)))
-EVENT_LOG_SRC_DIR := drivers/measured_boot/event_log/
+INCLUDES += -Iinclude/drivers/measured_boot/event_log \
+ -Iinclude/drivers/auth
EVENT_LOG_SOURCES := ${EVENT_LOG_SRC_DIR}event_log.c \
${EVENT_LOG_SRC_DIR}event_print.c
+
+
+ifeq (${TRANSFER_LIST}, 1)
+EVENT_LOG_SOURCES += ${EVENT_LOG_SRC_DIR}/event_handoff.c
+endif
diff --git a/drivers/measured_boot/event_log/event_print.c b/drivers/measured_boot/event_log/event_print.c
index e2ba174..234a694 100644
--- a/drivers/measured_boot/event_log/event_print.c
+++ b/drivers/measured_boot/event_log/event_print.c
@@ -1,24 +1,31 @@
/*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <assert.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdio.h>
#include <string.h>
#include <common/debug.h>
-#include <drivers/measured_boot/event_log/event_log.h>
+#include "event_log.h"
-#if LOG_LEVEL >= EVENT_LOG_LEVEL
-
-/*
- * Print TCG_EfiSpecIDEventStruct
+/**
+ * Print a TCG_EfiSpecIDEventStruct entry from the event log.
*
- * @param[in/out] log_addr Pointer to Event Log
- * @param[in/out] log_size Pointer to Event Log size
+ * This function extracts and prints a TCG_EfiSpecIDEventStruct
+ * entry from the event log for debugging or auditing purposes.
+ *
+ * @param[in,out] log_addr Pointer to the current position in the Event Log.
+ * Updated to the next entry after processing.
+ * @param[in,out] log_size Pointer to the remaining Event Log size.
+ * Updated to reflect the remaining bytes.
+ *
+ * @return 0 on success, or a negative error code on failure.
*/
-static void id_event_print(uint8_t **log_addr, size_t *log_size)
+static int event_log_print_id_event(uint8_t **log_addr, size_t *log_size)
{
unsigned int i;
uint8_t info_size, *info_size_ptr;
@@ -27,12 +34,11 @@
id_event_algorithm_size_t *alg_ptr;
uint32_t event_size, number_of_algorithms;
size_t digest_len;
-#if ENABLE_ASSERTIONS
const uint8_t *end_ptr = (uint8_t *)((uintptr_t)*log_addr + *log_size);
- bool valid = true;
-#endif
- assert(*log_size >= sizeof(id_event_headers_t));
+ if (*log_size < sizeof(id_event_headers_t)) {
+ return -EINVAL;
+ }
/* The fields of the event log header are defined to be PCRIndex of 0,
* EventType of EV_NO_ACTION, Digest of 20 bytes of 0, and
@@ -40,10 +46,14 @@
*/
LOG_EVENT("TCG_EfiSpecIDEvent:\n");
LOG_EVENT(" PCRIndex : %u\n", event->header.pcr_index);
- assert(event->header.pcr_index == (uint32_t)PCR_0);
+ if (event->header.pcr_index != (uint32_t)PCR_0) {
+ return -EINVAL;
+ }
LOG_EVENT(" EventType : %u\n", event->header.event_type);
- assert(event->header.event_type == EV_NO_ACTION);
+ if (event->header.event_type != EV_NO_ACTION) {
+ return -EINVAL;
+ }
LOG_EVENT(" Digest :");
for (i = 0U; i < sizeof(event->header.digest); ++i) {
@@ -54,18 +64,12 @@
(void)printf("\n");
LOG_EVENT("\t\t :");
}
-#if ENABLE_ASSERTIONS
- if (val != 0U) {
- valid = false;
- }
-#endif
}
+
if ((i & U(0xF)) != 0U) {
(void)printf("\n");
}
- assert(valid);
-
/* EventSize */
event_size = event->header.event_size;
LOG_EVENT(" EventSize : %u\n", event_size);
@@ -90,7 +94,9 @@
/* Size of DigestSizes[] */
digest_len = number_of_algorithms * sizeof(id_event_algorithm_size_t);
- assert(((uintptr_t)alg_ptr + digest_len) <= (uintptr_t)end_ptr);
+ if (digest_len > (uintptr_t)end_ptr - (uintptr_t)alg_ptr) {
+ return -EFAULT;
+ }
LOG_EVENT(" DigestSizes :\n");
for (i = 0U; i < number_of_algorithms; ++i) {
@@ -110,7 +116,7 @@
default:
(void)printf("?\n");
ERROR("Algorithm 0x%x not found\n", algorithm_id);
- assert(false);
+ return -ENOENT;
}
LOG_EVENT(" DigestSize : %u\n",
@@ -119,17 +125,24 @@
/* Address of VendorInfoSize */
info_size_ptr = (uint8_t *)((uintptr_t)alg_ptr + digest_len);
- assert((uintptr_t)info_size_ptr <= (uintptr_t)end_ptr);
+ if ((uintptr_t)info_size_ptr > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
info_size = *info_size_ptr++;
LOG_EVENT(" VendorInfoSize : %u\n", info_size);
/* Check VendorInfo end address */
- assert(((uintptr_t)info_size_ptr + info_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)info_size_ptr + info_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
/* Check EventSize */
- assert(event_size == (sizeof(id_event_struct_t) +
- digest_len + info_size));
+ if (event_size !=
+ (sizeof(id_event_struct_t) + digest_len + info_size)) {
+ return -EFAULT;
+ }
+
if (info_size != 0U) {
LOG_EVENT(" VendorInfo :");
for (i = 0U; i < info_size; ++i) {
@@ -140,24 +153,33 @@
*log_size -= (uintptr_t)info_size_ptr - (uintptr_t)*log_addr;
*log_addr = info_size_ptr;
+
+ return 0;
}
-/*
- * Print TCG_PCR_EVENT2
+/**
+ * Print a TCG_PCR_EVENT2 entry from the event log.
*
- * @param[in/out] log_addr Pointer to Event Log
- * @param[in/out] log_size Pointer to Event Log size
+ * This function extracts and prints a TCG_PCR_EVENT2 structure
+ * from the event log for debugging or auditing purposes.
+ *
+ * @param[in,out] log_addr Pointer to the current position in the Event Log.
+ * Updated to the next entry after processing.
+ * @param[in,out] log_size Pointer to the remaining Event Log size.
+ * Updated to reflect the remaining bytes.
+ *
+ * @return 0 on success, or a negative error code on failure.
*/
-static void event2_print(uint8_t **log_addr, size_t *log_size)
+static int event_log_print_pcr_event2(uint8_t **log_addr, size_t *log_size)
{
uint32_t event_size, count;
size_t sha_size, digests_size = 0U;
void *ptr = *log_addr;
-#if ENABLE_ASSERTIONS
const uint8_t *end_ptr = (uint8_t *)((uintptr_t)*log_addr + *log_size);
-#endif
- assert(*log_size >= sizeof(event2_header_t));
+ if (*log_size < sizeof(event2_header_t)) {
+ return -EINVAL;
+ }
LOG_EVENT("PCR_Event2:\n");
LOG_EVENT(" PCRIndex : %u\n",
@@ -166,16 +188,25 @@
((event2_header_t *)ptr)->event_type);
count = ((event2_header_t *)ptr)->digests.count;
+ if (count < 1U) {
+ LOG_EVENT("Invalid Digests Count : %u\n", count);
+ return -EINVAL;
+ }
+
LOG_EVENT(" Digests Count : %u\n", count);
/* Address of TCG_PCR_EVENT2.Digests[] */
ptr = (uint8_t *)ptr + sizeof(event2_header_t);
- assert(((uintptr_t)ptr <= (uintptr_t)end_ptr) && (count != 0U));
+ if ((uintptr_t)ptr > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
for (unsigned int i = 0U; i < count; ++i) {
/* Check AlgorithmId address */
- assert(((uintptr_t)ptr +
- offsetof(tpmt_ha, digest)) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + offsetof(tpmt_ha, digest)) >
+ (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
LOG_EVENT(" #%u AlgorithmId : SHA", i);
switch (((tpmt_ha *)ptr)->algorithm_id) {
@@ -193,14 +224,16 @@
break;
default:
(void)printf("?\n");
- ERROR("Algorithm 0x%x not found\n",
+ printf("Algorithm 0x%x not found\n",
((tpmt_ha *)ptr)->algorithm_id);
- panic();
+ return -ENOENT;
}
/* End of Digest[] */
ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
- assert(((uintptr_t)ptr + sha_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + sha_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
/* Total size of all digests */
digests_size += sha_size;
@@ -218,7 +251,10 @@
}
/* TCG_PCR_EVENT2.EventSize */
- assert(((uintptr_t)ptr + offsetof(event2_data_t, event)) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + offsetof(event2_data_t, event)) >
+ (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
event_size = ((event2_data_t *)ptr)->event_size;
LOG_EVENT(" EventSize : %u\n", event_size);
@@ -227,7 +263,9 @@
ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
/* End of TCG_PCR_EVENT2.Event[EventSize] */
- assert(((uintptr_t)ptr + event_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + event_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
if ((event_size == sizeof(startup_locality_event_t)) &&
(strcmp((const char *)ptr, TCG_STARTUP_LOCALITY_SIGNATURE) == 0)) {
@@ -241,25 +279,30 @@
*log_size -= (uintptr_t)ptr + event_size - (uintptr_t)*log_addr;
*log_addr = (uint8_t *)ptr + event_size;
-}
-#endif /* LOG_LEVEL >= EVENT_LOG_LEVEL */
-/*
- * Print Event Log
- *
- * @param[in] log_addr Pointer to Event Log
- * @param[in] log_size Event Log size
- */
-void dump_event_log(uint8_t *log_addr, size_t log_size)
+ return 0;
+}
+
+int event_log_dump(uint8_t *log_addr, size_t log_size)
{
-#if LOG_LEVEL >= EVENT_LOG_LEVEL
- assert(log_addr != NULL);
+ int rc;
+
+ if (log_addr == NULL) {
+ return -EINVAL;
+ }
/* Print TCG_EfiSpecIDEvent */
- id_event_print(&log_addr, &log_size);
+ rc = event_log_print_id_event(&log_addr, &log_size);
+
+ if (rc < 0) {
+ return rc;
+ }
while (log_size != 0U) {
- event2_print(&log_addr, &log_size);
+ rc = event_log_print_pcr_event2(&log_addr, &log_size);
+ if (rc < 0) {
+ return rc;
+ }
}
-#endif
+ return 0;
}
diff --git a/drivers/nxp/clk/s32cc/s32cc_early_clks.c b/drivers/nxp/clk/s32cc/s32cc_early_clks.c
index 92182a0..ac9d99a 100644
--- a/drivers/nxp/clk/s32cc/s32cc_early_clks.c
+++ b/drivers/nxp/clk/s32cc/s32cc_early_clks.c
@@ -19,7 +19,7 @@
#define S32CC_DDR_PLL_VCO_FREQ (1600U * MHZ)
#define S32CC_DDR_PLL_PHI0_FREQ (800U * MHZ)
#define S32CC_PERIPH_DFS_PHI3_FREQ (800U * MHZ)
-#define S32CC_USDHC_FREQ (400U * MHZ)
+#define S32CC_USDHC_FREQ (200U * MHZ)
static int setup_fxosc(void)
{
diff --git a/drivers/partition/partition.c b/drivers/partition/partition.c
index c4f7493..564d29d 100644
--- a/drivers/partition/partition.c
+++ b/drivers/partition/partition.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -75,11 +75,6 @@
memcpy(&tmp, mbr_sector + MBR_PRIMARY_ENTRY_OFFSET, sizeof(tmp));
- if (tmp.first_lba != 1) {
- VERBOSE("MBR header may have an invalid first LBA\n");
- return -EINVAL;
- }
-
if ((tmp.sector_nums == 0) || (tmp.sector_nums == UINT32_MAX)) {
VERBOSE("MBR header entry has an invalid number of sectors\n");
return -EINVAL;
@@ -399,7 +394,7 @@
int load_partition_table(unsigned int image_id)
{
uintptr_t dev_handle, image_handle, image_spec = 0;
- mbr_entry_t mbr_entry;
+ mbr_entry_t mbr_entry = {0};
int result;
result = plat_get_image_source(image_id, &dev_handle, &image_spec);
@@ -421,6 +416,11 @@
goto out;
}
if (mbr_entry.type == PARTITION_TYPE_GPT) {
+ if (mbr_entry.first_lba != 1U) {
+ VERBOSE("MBR header may have an invalid first LBA\n");
+ return -EINVAL;
+ }
+
result = load_primary_gpt(image_handle, mbr_entry.first_lba);
if (result != 0) {
io_close(image_handle);
diff --git a/drivers/st/pmic/stm32mp_pmic2.c b/drivers/st/pmic/stm32mp_pmic2.c
index c19d36a..fcf3fd9 100644
--- a/drivers/st/pmic/stm32mp_pmic2.c
+++ b/drivers/st/pmic/stm32mp_pmic2.c
@@ -493,7 +493,5 @@
panic();
}
-#if EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
stpmic2_dump_regulators(pmic2);
-#endif
}
diff --git a/drivers/st/pmic/stpmic2.c b/drivers/st/pmic/stpmic2.c
index 7f233db..b3af3e0 100644
--- a/drivers/st/pmic/stpmic2.c
+++ b/drivers/st/pmic/stpmic2.c
@@ -434,9 +434,9 @@
return -EPERM;
}
-#if EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
void stpmic2_dump_regulators(struct pmic_handle_s *pmic)
{
+#if LOG_LEVEL >= LOG_LEVEL_VERBOSE
size_t i;
char const *name;
@@ -456,8 +456,8 @@
VERBOSE("PMIC regul %s: %s, %dmV\n",
name, state ? "EN" : "DIS", val);
}
-}
#endif
+}
int stpmic2_get_version(struct pmic_handle_s *pmic, uint8_t *val)
{
diff --git a/drivers/ti/ipc/mailbox.c b/drivers/ti/ipc/mailbox.c
new file mode 100644
index 0000000..65458a5
--- /dev/null
+++ b/drivers/ti/ipc/mailbox.c
@@ -0,0 +1,145 @@
+/*
+ * Texas Instruments Mailbox Driver
+ *
+ * Copyright (C) 2024-2025 Texas Instruments Incorporated - https://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <errno.h>
+#include <stdlib.h>
+
+#include <arch_helpers.h>
+#include <common/debug.h>
+#include <drivers/delay_timer.h>
+#include <lib/mmio.h>
+#include <lib/utils.h>
+#include <lib/utils_def.h>
+#include <ti_sci_transport.h>
+
+#include <platform_def.h>
+
+/*
+ * TI_MAILBOX_RX/TX_BASE and the MAILBOX_MAX_MESSAGE_SIZE values are expected
+ * to come from platform specific header file ie. platform_def.h
+ */
+
+#define TI_MAILBOX_SYSC UL(0x10)
+#define TI_MAILBOX_MSG UL(0x40)
+#define TI_MAILBOX_FIFO_STATUS UL(0x80)
+#define TI_MAILBOX_MSG_STATUS UL(0xc0)
+
+/*
+ * Function to poll for mailbox rx messages
+ * IRQ model is currently not in scope of this driver
+ */
+static int8_t ti_mailbox_poll_rx_status(void)
+{
+ uint32_t num_messages_pending = 0U;
+ uint32_t retry_count = 100U;
+
+ /*
+ * Keep polling till we get a message for 100 times
+ * with intervals of 10 milliseconds.
+ */
+ while (num_messages_pending == 0U) {
+ num_messages_pending = mmio_read_32(TI_MAILBOX_RX_BASE + TI_MAILBOX_MSG_STATUS);
+ if (retry_count-- == 0U) {
+ return -ETIMEDOUT;
+ }
+ mdelay(10);
+ }
+ return 0;
+}
+
+int ti_sci_transport_clear_rx_thread(enum ti_sci_transport_chan_id id)
+{
+ /* MSG_STATUS tells us how many pending messages */
+ uint32_t try_count = mmio_read_32(TI_MAILBOX_RX_BASE + TI_MAILBOX_MSG_STATUS);
+
+ /* Run the loop till the status register is cleared */
+ while (mmio_read_32(TI_MAILBOX_RX_BASE + TI_MAILBOX_MSG_STATUS) != 0U) {
+ WARN("Clearing message from mailbox FIFO\n");
+ /* The act of reading the mailbox msg itself clears it */
+ mmio_read_32(TI_MAILBOX_RX_BASE + TI_MAILBOX_MSG);
+ /*
+ * The try_count is kept independent of the value of the status register
+ * because if at any point a new mailbox message arrives while this loop
+ * is in progress, we would want to know that message arrived and not clear
+ * it. We would rather print the error than clear the message thus indicating
+ * that the system is probably in a bad/async state.
+ */
+ if (!(try_count--)) {
+ ERROR("Could not clear all messages from mailbox FIFO\n");
+ return -ETIMEDOUT;
+ }
+ }
+
+ return 0;
+}
+
+int ti_sci_transport_send(enum ti_sci_transport_chan_id id, const struct ti_sci_msg *msg)
+{
+ uint32_t num_bytes;
+ void *dst_ptr = (void *)MAILBOX_TX_START_REGION;
+
+ assert(msg != NULL);
+
+ num_bytes = msg->len;
+
+ /*
+ * Only a simple check because even if there's 1 pending message
+ * we will be in a bad state if we try to send another message
+ * due to the absence of any interrupt or buffer mgmt model.
+ */
+ if (mmio_read_32(TI_MAILBOX_TX_BASE + TI_MAILBOX_FIFO_STATUS)) {
+ ERROR("Mailbox FIFO has pending messages!\n");
+ return -EINVAL;
+ }
+
+ if (num_bytes > MAILBOX_MAX_MESSAGE_SIZE) {
+ ERROR("message length %lu > max msg size\n", msg->len);
+ return -EINVAL;
+ }
+
+ /*
+ * Move the buffer contents into the SRAM to be accessed by TIFS
+ */
+ memmove(dst_ptr, msg->buf, num_bytes);
+
+ mmio_write_32(TI_MAILBOX_TX_BASE + TI_MAILBOX_MSG, (uint64_t)(void *)dst_ptr);
+
+ return 0;
+}
+
+int ti_sci_transport_recv(enum ti_sci_transport_chan_id id, struct ti_sci_msg *msg)
+{
+ uint32_t num_bytes;
+ uint64_t rcv_addr;
+
+ assert(msg != NULL);
+
+ num_bytes = msg->len;
+
+ if (ti_mailbox_poll_rx_status() == -ETIMEDOUT) {
+ ERROR("Timeout waiting for receive\n");
+ return -ETIMEDOUT;
+ }
+
+ rcv_addr = mmio_read_32(TI_MAILBOX_RX_BASE + TI_MAILBOX_MSG);
+
+ if (rcv_addr != MAILBOX_RX_START_REGION) {
+ ERROR("message address %lu is not valid\n", rcv_addr);
+ return -EINVAL;
+ }
+
+ if (num_bytes > MAILBOX_MAX_MESSAGE_SIZE) {
+ ERROR("message length %lu > max msg size\n", msg->len);
+ return -EINVAL;
+ }
+
+ memmove(msg->buf, (uint8_t *)(rcv_addr), num_bytes);
+
+ return 0;
+}
diff --git a/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.c b/drivers/ti/ipc/sec_proxy.c
similarity index 83%
rename from plat/ti/k3/common/drivers/sec_proxy/sec_proxy.c
rename to drivers/ti/ipc/sec_proxy.c
index fb27336..55396f6 100644
--- a/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.c
+++ b/drivers/ti/ipc/sec_proxy.c
@@ -2,7 +2,7 @@
* Texas Instruments K3 Secure Proxy Driver
* Based on Linux and U-Boot implementation
*
- * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com/
+ * Copyright (C) 2018-2025 Texas Instruments Incorporated - http://www.ti.com/
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -18,7 +18,7 @@
#include <lib/utils.h>
#include <lib/utils_def.h>
-#include "sec_proxy.h"
+#include <ti_sci_transport.h>
/* SEC PROXY RT THREAD STATUS */
#define RT_THREAD_STATUS (0x0)
@@ -97,32 +97,12 @@
.data_end_offset = 0x3C,
},
.threads = {
-#if !K3_SEC_PROXY_LITE
- SP_THREAD(SP_NOTIFY),
- SP_THREAD(SP_RESPONSE),
- SP_THREAD(SP_HIGH_PRIORITY),
- SP_THREAD(SP_LOW_PRIORITY),
- SP_THREAD(SP_NOTIFY_RESP),
-#else
- SP_THREAD(SP_RESPONSE),
- SP_THREAD(SP_HIGH_PRIORITY),
-#endif /* K3_SEC_PROXY_LITE */
+ SP_THREAD(RX_SECURE_TRANSPORT_CHANNEL_ID),
+ SP_THREAD(TX_SECURE_TRANSPORT_CHANNEL_ID),
},
};
/**
- * struct sec_msg_hdr - Message header for secure messages and responses
- * @checksum: CRC of message for integrity checking
- */
-union sec_msg_hdr {
- struct {
- uint16_t checksum;
- uint16_t reserved;
- } __packed;
- uint32_t data;
-};
-
-/**
* k3_sec_proxy_verify_thread() - Verify thread status before
* sending/receiving data
* @spt: Pointer to Secure Proxy thread description
@@ -170,13 +150,13 @@
}
/**
- * k3_sec_proxy_clear_rx_thread() - Clear Secure Proxy thread
+ * ti_sci_transport_clear_rx_thread() - Clear Secure Proxy thread
*
* @id: Channel Identifier
*
* Return: 0 if all goes well, else appropriate error message
*/
-int k3_sec_proxy_clear_rx_thread(enum k3_sec_proxy_chan_id id)
+int ti_sci_transport_clear_rx_thread(enum ti_sci_transport_chan_id id)
{
struct k3_sec_proxy_thread *spt = &spm.threads[id];
@@ -208,16 +188,15 @@
}
/**
- * k3_sec_proxy_send() - Send data over a Secure Proxy thread
+ * ti_sci_transport_send() - Send data over a Secure Proxy thread
* @id: Channel Identifier
- * @msg: Pointer to k3_sec_proxy_msg
+ * @msg: Pointer to ti_sci_msg
*
* Return: 0 if all goes well, else appropriate error message
*/
-int k3_sec_proxy_send(enum k3_sec_proxy_chan_id id, const struct k3_sec_proxy_msg *msg)
+int ti_sci_transport_send(enum ti_sci_transport_chan_id id, const struct ti_sci_msg *msg)
{
struct k3_sec_proxy_thread *spt = &spm.threads[id];
- union sec_msg_hdr secure_header;
int num_words, trail_bytes, i, ret;
uintptr_t data_reg;
@@ -228,19 +207,13 @@
}
/* Check the message size */
- if (msg->len + sizeof(secure_header) > spm.desc.max_msg_size) {
+ if (msg->len > spm.desc.max_msg_size) {
ERROR("Thread %s message length %lu > max msg size\n",
spt->name, msg->len);
return -EINVAL;
}
- /* TODO: Calculate checksum */
- secure_header.checksum = 0;
-
- /* Send the secure header */
data_reg = spm.desc.data_start_offset;
- mmio_write_32(spt->data + data_reg, secure_header.data);
- data_reg += sizeof(uint32_t);
/* Send whole words */
num_words = msg->len / sizeof(uint32_t);
@@ -281,16 +254,15 @@
}
/**
- * k3_sec_proxy_recv() - Receive data from a Secure Proxy thread
+ * ti_sci_transport_recv() - Receive data from a Secure Proxy thread
* @id: Channel Identifier
- * @msg: Pointer to k3_sec_proxy_msg
+ * @msg: Pointer to ti_sci_msg
*
* Return: 0 if all goes well, else appropriate error message
*/
-int k3_sec_proxy_recv(enum k3_sec_proxy_chan_id id, struct k3_sec_proxy_msg *msg)
+int ti_sci_transport_recv(enum ti_sci_transport_chan_id id, struct ti_sci_msg *msg)
{
struct k3_sec_proxy_thread *spt = &spm.threads[id];
- union sec_msg_hdr secure_header;
uintptr_t data_reg;
int num_words, trail_bytes, i, ret;
@@ -300,10 +272,7 @@
return ret;
}
- /* Read secure header */
data_reg = spm.desc.data_start_offset;
- secure_header.data = mmio_read_32(spt->data + data_reg);
- data_reg += sizeof(uint32_t);
/* Read whole words */
num_words = msg->len / sizeof(uint32_t);
@@ -332,9 +301,6 @@
if (data_reg <= spm.desc.data_end_offset)
mmio_read_32(spt->data + spm.desc.data_end_offset);
- /* TODO: Verify checksum */
- (void)secure_header.checksum;
-
VERBOSE("Message successfully received from thread %s\n", spt->name);
return 0;
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c b/drivers/ti/ti_sci/ti_sci.c
similarity index 98%
rename from plat/ti/k3/common/drivers/ti_sci/ti_sci.c
rename to drivers/ti/ti_sci/ti_sci.c
index 5c6ba6b..f0813e5 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
+++ b/drivers/ti/ti_sci/ti_sci.c
@@ -2,7 +2,7 @@
* Texas Instruments System Control Interface Driver
* Based on Linux and U-Boot implementation
*
- * Copyright (C) 2018-2024 Texas Instruments Incorporated - https://www.ti.com/
+ * Copyright (C) 2018-2025 Texas Instruments Incorporated - https://www.ti.com/
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,7 +16,7 @@
#include <lib/bakery_lock.h>
#include <common/debug.h>
-#include <sec_proxy.h>
+#include <ti_sci_transport.h>
#include "ti_sci_protocol.h"
#include "ti_sci.h"
@@ -34,8 +34,8 @@
* @rx_message: Receive message
*/
struct ti_sci_xfer {
- struct k3_sec_proxy_msg tx_message;
- struct k3_sec_proxy_msg rx_message;
+ struct ti_sci_msg tx_message;
+ struct ti_sci_msg rx_message;
};
/**
@@ -69,6 +69,9 @@
return -ERANGE;
hdr = (struct ti_sci_msg_hdr *)tx_buf;
+
+ /* TODO: Calculate checksum */
+ hdr->sec_hdr.checksum = 0;
hdr->seq = ++message_sequence;
hdr->type = msg_type;
hdr->host = TI_SCI_HOST_ID;
@@ -95,8 +98,8 @@
*
* Return: 0 if all goes well, else appropriate error message
*/
-static int ti_sci_get_response(struct k3_sec_proxy_msg *msg,
- enum k3_sec_proxy_chan_id chan)
+static int ti_sci_get_response(struct ti_sci_msg *msg,
+ enum ti_sci_transport_chan_id chan)
{
struct ti_sci_msg_hdr *hdr;
unsigned int retry = 5;
@@ -104,7 +107,7 @@
for (; retry > 0; retry--) {
/* Receive the response */
- ret = k3_sec_proxy_recv(chan, msg);
+ ret = ti_sci_transport_recv(chan, msg);
if (ret) {
ERROR("Message receive failed (%d)\n", ret);
return ret;
@@ -133,6 +136,9 @@
if (!(hdr->flags & TI_SCI_FLAG_RESP_GENERIC_ACK))
return -ENODEV;
+ /* TODO: Verify checksum */
+ (void)hdr->sec_hdr.checksum;
+
return 0;
}
@@ -145,21 +151,21 @@
*/
static int ti_sci_do_xfer(struct ti_sci_xfer *xfer)
{
- struct k3_sec_proxy_msg *tx_msg = &xfer->tx_message;
- struct k3_sec_proxy_msg *rx_msg = &xfer->rx_message;
+ struct ti_sci_msg *tx_msg = &xfer->tx_message;
+ struct ti_sci_msg *rx_msg = &xfer->rx_message;
int ret;
bakery_lock_get(&ti_sci_xfer_lock);
/* Clear any spurious messages in receive queue */
- ret = k3_sec_proxy_clear_rx_thread(SP_RESPONSE);
+ ret = ti_sci_transport_clear_rx_thread(RX_SECURE_TRANSPORT_CHANNEL_ID);
if (ret) {
ERROR("Could not clear response queue (%d)\n", ret);
goto unlock;
}
/* Send the message */
- ret = k3_sec_proxy_send(SP_HIGH_PRIORITY, tx_msg);
+ ret = ti_sci_transport_send(TX_SECURE_TRANSPORT_CHANNEL_ID, tx_msg);
if (ret) {
ERROR("Message sending failed (%d)\n", ret);
goto unlock;
@@ -167,7 +173,7 @@
/* Get the response if requested */
if (rx_msg->len != 0U) {
- ret = ti_sci_get_response(rx_msg, SP_RESPONSE);
+ ret = ti_sci_get_response(rx_msg, RX_SECURE_TRANSPORT_CHANNEL_ID);
if (ret != 0U) {
ERROR("Failed to get response (%d)\n", ret);
goto unlock;
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci.h b/drivers/ti/ti_sci/ti_sci.h
similarity index 99%
rename from plat/ti/k3/common/drivers/ti_sci/ti_sci.h
rename to drivers/ti/ti_sci/ti_sci.h
index 06d1f8d..1f19632 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci.h
+++ b/drivers/ti/ti_sci/ti_sci.h
@@ -2,7 +2,7 @@
* Texas Instruments System Control Interface API
* Based on Linux and U-Boot implementation
*
- * Copyright (C) 2018-2024 Texas Instruments Incorporated - https://www.ti.com/
+ * Copyright (C) 2018-2025 Texas Instruments Incorporated - https://www.ti.com/
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci_protocol.h b/drivers/ti/ti_sci/ti_sci_protocol.h
similarity index 98%
rename from plat/ti/k3/common/drivers/ti_sci/ti_sci_protocol.h
rename to drivers/ti/ti_sci/ti_sci_protocol.h
index cc71eac..bdd2462 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci_protocol.h
+++ b/drivers/ti/ti_sci/ti_sci_protocol.h
@@ -5,7 +5,7 @@
* The system works in a message response protocol
* See: http://processors.wiki.ti.com/index.php/TISCI for details
*
- * Copyright (C) 2018-2022 Texas Instruments Incorporated - https://www.ti.com/
+ * Copyright (C) 2018-2025 Texas Instruments Incorporated - https://www.ti.com/
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -54,6 +54,17 @@
#define TISCI_MSG_WAIT_PROC_BOOT_STATUS 0xc401
/**
+ * struct ti_sci_secure_msg_hdr - Header that prefixes all TISCI messages sent
+ * via secure transport.
+ * @checksum: crc16 checksum for the entire message
+ * @reserved: Reserved for future use.
+ */
+struct ti_sci_secure_msg_hdr {
+ uint16_t checksum;
+ uint16_t reserved;
+} __packed;
+
+/**
* struct ti_sci_msg_hdr - Generic Message Header for All messages and responses
* @type: Type of messages: One of TI_SCI_MSG* values
* @host: Host of the message
@@ -61,6 +72,7 @@
* @flags: Flag for the message
*/
struct ti_sci_msg_hdr {
+ struct ti_sci_secure_msg_hdr sec_hdr;
uint16_t type;
uint8_t host;
uint8_t seq;
diff --git a/drivers/ti/ti_sci/ti_sci_transport.h b/drivers/ti/ti_sci/ti_sci_transport.h
new file mode 100644
index 0000000..13d0fb5
--- /dev/null
+++ b/drivers/ti/ti_sci/ti_sci_transport.h
@@ -0,0 +1,74 @@
+/*
+ * Texas Instruments SCI Transport Protocol Header
+ *
+ * Copyright (C) 2018-2025 Texas Instruments Incorporated - http://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TI_SCI_TRANSPORT_H
+#define TI_SCI_TRANSPORT_H
+
+#include <stdint.h>
+
+/**
+ * enum ti_sci_transport_chan_id - Secure Proxy thread IDs
+ *
+ * These are the available IDs used in ti_sci_transport_{send,recv}()
+ */
+enum ti_sci_transport_chan_id {
+#if !K3_SEC_PROXY_LITE
+ RX_SECURE_TRANSPORT_CHANNEL_ID = 1,
+ TX_SECURE_TRANSPORT_CHANNEL_ID,
+#else
+ RX_SECURE_TRANSPORT_CHANNEL_ID = 8,
+ /*
+ * Note: TISCI documentation indicates "low priority", but in reality
+ * with a single thread, there is no low or high priority.. This usage
+ * is more appropriate for TF-A since we can reduce the churn as a
+ * result.
+ */
+ TX_SECURE_TRANSPORT_CHANNEL_ID,
+#endif /* K3_SEC_PROXY_LITE */
+};
+
+/**
+ * struct ti_sci_msg - Secure proxy message structure
+ * @len: Length of data in the Buffer
+ * @buf: Buffer pointer
+ *
+ * This is the structure for data used in ti_sci_transport_{send,recv}()
+ */
+struct ti_sci_msg {
+ size_t len;
+ uint8_t *buf;
+};
+
+/**
+ * ti_sci_transport_clear_rx_thread() - Clear a receive Secure Proxy thread
+ * @id: Channel Identifier
+ * @msg: Pointer to ti_sci_msg
+ *
+ * Return: 0 if all goes well, else appropriate error message
+ */
+int ti_sci_transport_clear_rx_thread(enum ti_sci_transport_chan_id id);
+
+/**
+ * ti_sci_transport_send() - Send data over mailbox/ Secure Proxy thread
+ * @id: Channel Identifier
+ * @msg: Pointer to ti_sci_msg
+ *
+ * Return: 0 if all goes well, else appropriate error message
+ */
+int ti_sci_transport_send(enum ti_sci_transport_chan_id id, const struct ti_sci_msg *msg);
+
+/**
+ * ti_sci_transport_recv() - Receive data from a Secure Proxy thread/ mailbox
+ * @id: Channel Identifier
+ * @msg: Pointer to ti_sci_msg
+ *
+ * Return: 0 if all goes well, else appropriate error message
+ */
+int ti_sci_transport_recv(enum ti_sci_transport_chan_id id, struct ti_sci_msg *msg);
+
+#endif /* TI_SCI_TRANSPORT_H */
diff --git a/fdts/fvp-base-psci-common.dtsi b/fdts/fvp-base-psci-common.dtsi
index 95ea2a1..bdb0229 100644
--- a/fdts/fvp-base-psci-common.dtsi
+++ b/fdts/fvp-base-psci-common.dtsi
@@ -29,7 +29,8 @@
chosen {
stdout-path = "serial0:115200n8";
-#if (ENABLE_RME == 1)
+/* SPM_MM doesn't like this */
+#if SPM_MM == 0
bootargs = "console=ttyAMA0 earlycon=pl011,0x1c090000 root=/dev/vda ip=on";
#endif
};
diff --git a/fdts/stm32mp151a-prtt1a.dts b/fdts/stm32mp151a-prtt1a.dts
index 9742dcb..d1a8268 100644
--- a/fdts/stm32mp151a-prtt1a.dts
+++ b/fdts/stm32mp151a-prtt1a.dts
@@ -1,7 +1,7 @@
// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
/*
* Copyright (C) 2023, Protonic Holland - All Rights Reserved
- * Copyright (C) 2024, STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2024-2025, STMicroelectronics - All Rights Reserved
* Author: David Jander <david@protonic.nl>
*/
/dts-v1/;
@@ -71,29 +71,9 @@
CLK_MPU_PLL1P
CLK_AXI_PLL2P
CLK_MCU_PLL3P
- CLK_PLL12_HSE
- CLK_PLL3_HSE
- CLK_PLL4_HSE
CLK_RTC_LSI
CLK_MCO1_DISABLED
CLK_MCO2_DISABLED
- >;
-
- st,clkdiv = <
- 1 /*MPU*/
- 0 /*AXI*/
- 0 /*MCU*/
- 1 /*APB1*/
- 1 /*APB2*/
- 1 /*APB3*/
- 1 /*APB4*/
- 2 /*APB5*/
- 23 /*RTC*/
- 0 /*MCO1*/
- 0 /*MCO2*/
- >;
-
- st,pkcs = <
CLK_CKPER_HSE
CLK_FMC_ACLK
CLK_QSPI_ACLK
@@ -131,35 +111,76 @@
CLK_LPTIM45_LSI
>;
- /* VCO = 1300.0 MHz => P = 650 (CPU) */
- pll1: st,pll@0 {
- compatible = "st,stm32mp1-pll";
- reg = <0>;
- cfg = <2 80 0 0 0 PQR(1,0,0)>;
- frac = <0x800>;
+ st,clkdiv = <
+ DIV(DIV_MPU, 1)
+ DIV(DIV_AXI, 0)
+ DIV(DIV_MCU, 0)
+ DIV(DIV_APB1, 1)
+ DIV(DIV_APB2, 1)
+ DIV(DIV_APB3, 1)
+ DIV(DIV_APB4, 1)
+ DIV(DIV_APB5, 2)
+ DIV(DIV_RTC, 23)
+ DIV(DIV_MCO1, 0)
+ DIV(DIV_MCO2, 0)
+ >;
+
+ st,pll_vco {
+ pll2_vco_1066Mhz: pll2-vco-1066Mhz {
+ src = <CLK_PLL12_HSE>;
+ divmn = <2 65>;
+ frac = <0x1400>;
+ };
+
+ pll3_vco_417Mhz: pll3-vco-417Mhz {
+ src = <CLK_PLL3_HSE>;
+ divmn = <1 33>;
+ frac = <0x1a04>;
+ };
+
+ pll4_vco_480Mhz: pll4-vco-480Mhz {
+ src = <CLK_PLL4_HSE>;
+ divmn = <1 39>;
+ };
};
/* VCO = 1066.0 MHz => P = 266 (AXI), Q = 533 (GPU), R = 533 (DDR) */
pll2: st,pll@1 {
compatible = "st,stm32mp1-pll";
reg = <1>;
- cfg = <2 65 1 0 0 PQR(1,1,1)>;
- frac = <0x1400>;
+
+ st,pll = <&pll2_cfg1>;
+
+ pll2_cfg1: pll2_cfg1 {
+ st,pll_vco = <&pll2_vco_1066Mhz>;
+ st,pll_div_pqr = <1 0 0>;
+ };
};
/* VCO = 417.8 MHz => P = 209, Q = 24, R = 11 */
pll3: st,pll@2 {
compatible = "st,stm32mp1-pll";
reg = <2>;
- cfg = <1 33 1 16 36 PQR(1,1,1)>;
- frac = <0x1a04>;
+
+ st,pll = <&pll3_cfg1>;
+
+ pll3_cfg1: pll3_cfg1 {
+ st,pll_vco = <&pll3_vco_417Mhz>;
+ st,pll_div_pqr = <1 16 36>;
+ };
};
/* VCO = 480.0 MHz => P = 120, Q = 40, R = 96 */
pll4: st,pll@3 {
compatible = "st,stm32mp1-pll";
reg = <3>;
- cfg = <1 39 3 11 4 PQR(1,1,1)>;
+
+ st,pll = <&pll4_cfg1>;
+
+ pll4_cfg1: pll4_cfg1 {
+ st,pll_vco = <&pll4_vco_480Mhz>;
+ st,pll_div_pqr = <3 11 4>;
+ };
};
};
diff --git a/fdts/stm32mp153c-lxa-fairytux2-fw-config.dts b/fdts/stm32mp153c-lxa-fairytux2-fw-config.dts
new file mode 100644
index 0000000..9ee09e9
--- /dev/null
+++ b/fdts/stm32mp153c-lxa-fairytux2-fw-config.dts
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
+/*
+ * Copyright (c) 2021, STMicroelectronics - All Rights Reserved
+ */
+
+#define DDR_SIZE 0x20000000 /* 512MB */
+#include "stm32mp15-fw-config.dtsi"
diff --git a/fdts/stm32mp153c-lxa-fairytux2.dts b/fdts/stm32mp153c-lxa-fairytux2.dts
new file mode 100644
index 0000000..0729ae3
--- /dev/null
+++ b/fdts/stm32mp153c-lxa-fairytux2.dts
@@ -0,0 +1,160 @@
+/* SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause) */
+/*
+ * Copyright (C) 2020 STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2021 Rouven Czerwinski, Pengutronix
+ * Copyright (C) 2024 Leonard Goehrs, Pengutronix
+ */
+
+/dts-v1/;
+
+#include "stm32mp153.dtsi"
+#include "stm32mp15xc.dtsi"
+#include "stm32mp15-ddr3-1x4Gb-1066-binG.dtsi"
+#include "stm32mp15xx-osd32.dtsi"
+#include "stm32mp15xxac-pinctrl.dtsi"
+
+/ {
+ model = "Linux Automation GmbH FairyTux 2";
+ compatible = "lxa,stm32mp153c-fairytux-2", "oct,stm32mp15xx-osd32", "st,stm32mp153";
+
+ aliases {
+ mmc1 = &sdmmc2;
+ serial0 = &uart4;
+ };
+
+ chosen {
+ stdout-path = &uart4;
+ };
+
+ led-controller-0 {
+ compatible = "gpio-leds";
+
+ led-0 {
+ label = "fairytux:green:status";
+ gpios = <&gpioa 13 1>;
+ linux,default-trigger = "heartbeat";
+ };
+ };
+
+ reg_3v3: regulator_3v3 {
+ compatible = "regulator-fixed";
+ regulator-name = "3V3";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ vin-supply = <&v3v3>;
+ };
+};
+
+&pinctrl {
+ fairytux_sdmmc2_d47_pins_b: fairytux-sdmmc2-d47-1 {
+ pins {
+ pinmux = <STM32_PINMUX('A', 8, AF9)>, /* SDMMC2_D4 */
+ <STM32_PINMUX('A', 9, AF10)>, /* SDMMC2_D5 */
+ <STM32_PINMUX('C', 6, AF10)>, /* SDMMC2_D6 */
+ <STM32_PINMUX('C', 7, AF10)>; /* SDMMC2_D7 */
+ slew-rate = <1>;
+ drive-push-pull;
+ bias-disable;
+ };
+ };
+};
+
+/* VCO = 624 MHz => P = 208, Q = 48, R = 104 */
+&pll3 {
+ st,pll = <&pll3_cfg2>;
+
+ pll3_cfg2: pll3-cfg2 {
+ st,pll_vco = <&pll3_vco_624Mhz>;
+ st,pll_div_pqr = <2 12 5>;
+ };
+};
+
+/* VCO = 750.0 MHz => P = 125, Q = 75, R = 62.5 */
+&pll4 {
+ st,pll = <&pll4_cfg2>;
+
+ pll4_cfg2: pll4-cfg2 {
+ st,pll_vco = <&pll4_vco_750Mhz>;
+ st,pll_div_pqr = <5 9 11>;
+ };
+};
+
+&rcc {
+ /* change parent clocks */
+ st,clksrc = <
+ CLK_MPU_PLL1P
+ CLK_AXI_PLL2P
+ CLK_MCU_PLL3P
+ CLK_RTC_LSE
+ CLK_MCO1_DISABLED
+ CLK_MCO2_DISABLED
+ CLK_CKPER_HSE
+ CLK_FMC_ACLK
+ CLK_QSPI_ACLK
+ CLK_ETH_PLL4P
+ CLK_SDMMC12_PLL3R
+ CLK_DSI_DSIPLL
+ CLK_STGEN_HSE
+ CLK_USBPHY_HSE
+ CLK_SPI2S1_PLL3Q
+ CLK_SPI2S23_PLL3Q
+ CLK_SPI45_HSI
+ CLK_SPI6_HSI
+ CLK_I2C46_HSI
+ CLK_SDMMC3_DISABLED
+ CLK_USBO_USBPHY
+ CLK_ADC_CKPER
+ CLK_CEC_DISABLED
+ CLK_I2C12_HSI
+ CLK_I2C35_HSI
+ CLK_UART1_HSI
+ CLK_UART24_HSI
+ CLK_UART35_HSI
+ CLK_UART6_HSI
+ CLK_UART78_HSI
+ CLK_SPDIF_DISABLED
+ CLK_FDCAN_PLL3Q
+ CLK_SAI1_DISABLED
+ CLK_SAI2_DISABLED
+ CLK_SAI3_DISABLED
+ CLK_SAI4_DISABLED
+ CLK_RNG1_LSI
+ CLK_RNG2_LSI
+ CLK_LPTIM1_PCLK1
+ CLK_LPTIM23_PCLK3
+ CLK_LPTIM45_LSE
+ >;
+
+ st,pll_vco {
+ pll3_vco_624Mhz: pll3-vco-624Mhz {
+ src = <CLK_PLL3_HSE>;
+ divmn = <1 51>;
+ };
+
+ pll4_vco_750Mhz: pll4-vco-750Mhz {
+ src = <CLK_PLL4_HSE>;
+ divmn = <3 124>;
+ };
+ };
+};
+
+&sdmmc2 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&sdmmc2_b4_pins_a &fairytux_sdmmc2_d47_pins_b>;
+ bus-width = <8>;
+ mmc-ddr-3_3v;
+ no-1-8-v;
+ no-sd;
+ no-sdio;
+ non-removable;
+ st,neg-edge;
+ vmmc-supply = <®_3v3>;
+ status = "okay";
+};
+
+&uart4 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&uart4_pins_a>;
+ status = "okay";
+};
diff --git a/fdts/stm32mp157c-lxa-tac-fw-config.dts b/fdts/stm32mp157c-lxa-tac-fw-config.dts
new file mode 100644
index 0000000..9ee09e9
--- /dev/null
+++ b/fdts/stm32mp157c-lxa-tac-fw-config.dts
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: (GPL-2.0+ OR BSD-3-Clause)
+/*
+ * Copyright (c) 2021, STMicroelectronics - All Rights Reserved
+ */
+
+#define DDR_SIZE 0x20000000 /* 512MB */
+#include "stm32mp15-fw-config.dtsi"
diff --git a/fdts/stm32mp157c-lxa-tac.dts b/fdts/stm32mp157c-lxa-tac.dts
new file mode 100644
index 0000000..a9e894c
--- /dev/null
+++ b/fdts/stm32mp157c-lxa-tac.dts
@@ -0,0 +1,160 @@
+/* SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause) */
+/*
+ * Copyright (C) 2020 STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2021 Rouven Czerwinski, Pengutronix
+ */
+
+/dts-v1/;
+
+#include "stm32mp157.dtsi"
+#include "stm32mp15xc.dtsi"
+#include "stm32mp15-ddr3-1x4Gb-1066-binG.dtsi"
+#include "stm32mp15xx-osd32.dtsi"
+#include "stm32mp15xxac-pinctrl.dtsi"
+
+/ {
+ model = "Linux Automation Test Automation Controller (TAC)";
+ compatible = "lxa,stm32mp157c-tac", "oct,stm32mp15xx-osd32", "st,stm32mp157";
+
+ aliases {
+ mmc1 = &sdmmc2;
+ serial0 = &uart4;
+ };
+
+
+ chosen {
+ stdout-path = &uart4;
+ };
+
+ led-controller-0 {
+ compatible = "gpio-leds";
+
+ led-0 {
+ label = "tac:green:user1";
+ gpios = <&gpiof 10 1>;
+ linux,default-trigger = "heartbeat";
+ };
+ };
+
+ reg_3v3: regulator_3v3 {
+ compatible = "regulator-fixed";
+ regulator-name = "3V3";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ vin-supply = <&v3v3>;
+ };
+};
+
+&pinctrl {
+ tac_sdmmc2_d47_pins_b: tac-sdmmc2-d47-1 {
+ pins {
+ pinmux = <STM32_PINMUX('A', 8, AF9)>, /* SDMMC2_D4 */
+ <STM32_PINMUX('A', 9, AF10)>, /* SDMMC2_D5 */
+ <STM32_PINMUX('C', 6, AF10)>, /* SDMMC2_D6 */
+ <STM32_PINMUX('C', 7, AF10)>; /* SDMMC2_D7 */
+ slew-rate = <1>;
+ drive-push-pull;
+ bias-disable;
+ };
+ };
+};
+
+/* VCO = 624 MHz => P = 208, Q = 48, R = 104 */
+&pll3 {
+ st,pll = <&pll3_cfg2>;
+
+ pll3_cfg2: pll3-cfg2 {
+ st,pll_vco = <&pll3_vco_624Mhz>;
+ st,pll_div_pqr = <2 12 5>;
+ };
+};
+
+/* VCO = 750.0 MHz => P = 125, Q = 75, R = 62.5 */
+&pll4 {
+ st,pll = <&pll4_cfg2>;
+
+ pll4_cfg2: pll4-cfg2 {
+ st,pll_vco = <&pll4_vco_750Mhz>;
+ st,pll_div_pqr = <5 9 11>;
+ };
+};
+
+&rcc {
+ /* change parent clocks */
+ st,clksrc = <
+ CLK_MPU_PLL1P
+ CLK_AXI_PLL2P
+ CLK_MCU_PLL3P
+ CLK_RTC_LSE
+ CLK_MCO1_DISABLED
+ CLK_MCO2_DISABLED
+ CLK_CKPER_HSE
+ CLK_FMC_ACLK
+ CLK_QSPI_ACLK
+ CLK_ETH_PLL4P
+ CLK_SDMMC12_PLL3R
+ CLK_DSI_DSIPLL
+ CLK_STGEN_HSE
+ CLK_USBPHY_HSE
+ CLK_SPI2S1_PLL3Q
+ CLK_SPI2S23_PLL3Q
+ CLK_SPI45_HSI
+ CLK_SPI6_HSI
+ CLK_I2C46_HSI
+ CLK_SDMMC3_DISABLED
+ CLK_USBO_USBPHY
+ CLK_ADC_CKPER
+ CLK_CEC_DISABLED
+ CLK_I2C12_HSI
+ CLK_I2C35_HSI
+ CLK_UART1_HSI
+ CLK_UART24_HSI
+ CLK_UART35_HSI
+ CLK_UART6_HSI
+ CLK_UART78_HSI
+ CLK_SPDIF_DISABLED
+ CLK_FDCAN_PLL3Q
+ CLK_SAI1_DISABLED
+ CLK_SAI2_DISABLED
+ CLK_SAI3_DISABLED
+ CLK_SAI4_DISABLED
+ CLK_RNG1_LSI
+ CLK_RNG2_LSI
+ CLK_LPTIM1_PCLK1
+ CLK_LPTIM23_PCLK3
+ CLK_LPTIM45_LSE
+ >;
+
+ st,pll_vco {
+ pll3_vco_624Mhz: pll3-vco-624Mhz {
+ src = <CLK_PLL3_HSE>;
+ divmn = <1 51>;
+ };
+
+ pll4_vco_750Mhz: pll4-vco-750Mhz {
+ src = <CLK_PLL4_HSE>;
+ divmn = <3 124>;
+ };
+ };
+};
+
+&sdmmc2 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&sdmmc2_b4_pins_a &tac_sdmmc2_d47_pins_b>;
+ bus-width = <8>;
+ mmc-ddr-3_3v;
+ no-1-8-v;
+ no-sd;
+ no-sdio;
+ non-removable;
+ st,neg-edge;
+ vmmc-supply = <®_3v3>;
+ status = "okay";
+};
+
+&uart4 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&uart4_pins_a>;
+ status = "okay";
+};
diff --git a/fdts/stm32mp25-ddr4-2x8Gbits-2x16bits-1200MHz.dtsi b/fdts/stm32mp25-ddr4-2x8Gbits-2x16bits-1200MHz.dtsi
index 674cb3d..223761f 100644
--- a/fdts/stm32mp25-ddr4-2x8Gbits-2x16bits-1200MHz.dtsi
+++ b/fdts/stm32mp25-ddr4-2x8Gbits-2x16bits-1200MHz.dtsi
@@ -1,21 +1,21 @@
// SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
/*
- * Copyright (C) 2022-2024, STMicroelectronics - All Rights Reserved
+ * Copyright (C) 2022-2025, STMicroelectronics - All Rights Reserved
*/
/*
* STM32MP25 DDR4 board configuration
* DDR4 2x8Gbits 2x16bits 1200MHz
*
- * version 1
- * package 1 Package selection (14x14 and 18x18)
- * memclk 1200MHz (2x DFI clock) + range check
- * Speed_Bin Worse from JEDEC
- * width 32 32: full width / 16: half width
- * ranks 1 Single or Dual rank
- * density 8Gbits (per 16bit device)
- * Addressing RBC row/bank interleaving
- * RDBI No Read DBI
+ * version 2
+ * package 1 Package selection (14x14 and 18x18)
+ * memclk 1200MHz (2x DFI clock) + range check
+ * Speed_Bin Worse from JEDEC
+ * device_width 16 x16 by default
+ * width 32 32: full width / 16: half width
+ * density 8Gbits (per device)
+ * Addressing RBC row/bank interleaving
+ * RDBI No Read DBI
*/
#define DDR_MEM_NAME "DDR4 2x8Gbits 2x16bits 1200MHz"
@@ -49,6 +49,7 @@
#define DDR_INIT7 0x00000C16
#define DDR_DIMMCTL 0x00000000
#define DDR_RANKCTL 0x0000066F
+#define DDR_RANKCTL1 0x0000000D
#define DDR_DRAMTMG0 0x11152815
#define DDR_DRAMTMG1 0x0004051E
#define DDR_DRAMTMG2 0x0609060D
@@ -94,31 +95,34 @@
#define DDR_ADDRMAP11 0x00000007
#define DDR_ODTCFG 0x06000618
#define DDR_ODTMAP 0x00000001
-#define DDR_SCHED 0x00000F00
+#define DDR_SCHED 0x80001B00
#define DDR_SCHED1 0x00000000
-#define DDR_PERFHPR1 0x0F000001
-#define DDR_PERFLPR1 0x0F000080
-#define DDR_PERFWR1 0x01000200
+#define DDR_PERFHPR1 0x04000200
+#define DDR_PERFLPR1 0x08000080
+#define DDR_PERFWR1 0x08000400
+#define DDR_SCHED3 0x04040208
+#define DDR_SCHED4 0x08400810
#define DDR_DBG0 0x00000000
#define DDR_DBG1 0x00000000
#define DDR_DBGCMD 0x00000000
#define DDR_SWCTL 0x00000000
+#define DDR_SWCTLSTATIC 0x00000000
#define DDR_POISONCFG 0x00000000
#define DDR_PCCFG 0x00000000
-#define DDR_PCFGR_0 0x00004100
+#define DDR_PCFGR_0 0x00704100
#define DDR_PCFGW_0 0x00004100
#define DDR_PCTRL_0 0x00000000
-#define DDR_PCFGQOS0_0 0x00200007
-#define DDR_PCFGQOS1_0 0x01000100
-#define DDR_PCFGWQOS0_0 0x00000C07
-#define DDR_PCFGWQOS1_0 0x02000200
-#define DDR_PCFGR_1 0x00004100
+#define DDR_PCFGQOS0_0 0x0021000C
+#define DDR_PCFGQOS1_0 0x01000080
+#define DDR_PCFGWQOS0_0 0x01100C07
+#define DDR_PCFGWQOS1_0 0x04000200
+#define DDR_PCFGR_1 0x00704100
#define DDR_PCFGW_1 0x00004100
#define DDR_PCTRL_1 0x00000000
-#define DDR_PCFGQOS0_1 0x00200007
-#define DDR_PCFGQOS1_1 0x01000180
-#define DDR_PCFGWQOS0_1 0x00000C07
-#define DDR_PCFGWQOS1_1 0x04000400
+#define DDR_PCFGQOS0_1 0x00100007
+#define DDR_PCFGQOS1_1 0x01000080
+#define DDR_PCFGWQOS0_1 0x01100C07
+#define DDR_PCFGWQOS1_1 0x04000200
#define DDR_UIB_DRAMTYPE 0x00000000
#define DDR_UIB_DIMMTYPE 0x00000004
diff --git a/fdts/stm32mp25-lpddr4-1x16Gbits-1x32bits-1200MHz.dtsi b/fdts/stm32mp25-lpddr4-1x16Gbits-1x32bits-1200MHz.dtsi
index 3917dc6..32424d0 100644
--- a/fdts/stm32mp25-lpddr4-1x16Gbits-1x32bits-1200MHz.dtsi
+++ b/fdts/stm32mp25-lpddr4-1x16Gbits-1x32bits-1200MHz.dtsi
@@ -7,7 +7,7 @@
* STM32MP25 LPDDR4 board configuration
* LPDDR4 1x16Gbits 1x32bits 1200MHz
*
- * version 1
+ * version 2
* memclk 1200MHz (2x DFI clock)
* width 32 32: full width / 16: half width
* ranks 1 Single or Dual rank
@@ -46,10 +46,11 @@
#define DDR_INIT3 0x00C40024
#define DDR_INIT4 0x00310008
#define DDR_INIT5 0x00100004
-#define DDR_INIT6 0x00660050
-#define DDR_INIT7 0x00050019
+#define DDR_INIT6 0x00660047
+#define DDR_INIT7 0x00050047
#define DDR_DIMMCTL 0x00000000
#define DDR_RANKCTL 0x0000066F
+#define DDR_RANKCTL1 0x00000011
#define DDR_DRAMTMG0 0x1718141A
#define DDR_DRAMTMG1 0x00050524
#define DDR_DRAMTMG2 0x060C1111
@@ -95,25 +96,28 @@
#define DDR_ADDRMAP11 0x00000007
#define DDR_ODTCFG 0x04000400
#define DDR_ODTMAP 0x00000000
-#define DDR_SCHED 0x00001B00
+#define DDR_SCHED 0x80001B00
#define DDR_SCHED1 0x00000000
#define DDR_PERFHPR1 0x04000200
#define DDR_PERFLPR1 0x08000080
#define DDR_PERFWR1 0x08000400
+#define DDR_SCHED3 0x04040208
+#define DDR_SCHED4 0x08400810
#define DDR_DBG0 0x00000000
#define DDR_DBG1 0x00000000
#define DDR_DBGCMD 0x00000000
#define DDR_SWCTL 0x00000000
+#define DDR_SWCTLSTATIC 0x00000000
#define DDR_POISONCFG 0x00000000
#define DDR_PCCFG 0x00000000
-#define DDR_PCFGR_0 0x00004100
+#define DDR_PCFGR_0 0x00704100
#define DDR_PCFGW_0 0x00004100
#define DDR_PCTRL_0 0x00000000
#define DDR_PCFGQOS0_0 0x0021000C
#define DDR_PCFGQOS1_0 0x01000080
#define DDR_PCFGWQOS0_0 0x01100C07
#define DDR_PCFGWQOS1_0 0x04000200
-#define DDR_PCFGR_1 0x00004100
+#define DDR_PCFGR_1 0x00704100
#define DDR_PCFGW_1 0x00004100
#define DDR_PCTRL_1 0x00000000
#define DDR_PCFGQOS0_1 0x00100007
@@ -148,8 +152,8 @@
#define DDR_UIA_EXTCALRESVAL 0x00000000
#define DDR_UIA_IS2TTIMING_0 0x00000000
#define DDR_UIA_ODTIMPEDANCE_0 0x00000035
-#define DDR_UIA_TXIMPEDANCE_0 0x0000003C
-#define DDR_UIA_ATXIMPEDANCE 0x0000001E
+#define DDR_UIA_TXIMPEDANCE_0 0x00000028
+#define DDR_UIA_ATXIMPEDANCE 0x00000028
#define DDR_UIA_MEMALERTEN 0x00000000
#define DDR_UIA_MEMALERTPUIMP 0x00000000
#define DDR_UIA_MEMALERTVREFLEVEL 0x00000000
@@ -157,7 +161,7 @@
#define DDR_UIA_DISDYNADRTRI_0 0x00000001
#define DDR_UIA_PHYMSTRTRAININTERVAL_0 0x0000000A
#define DDR_UIA_PHYMSTRMAXREQTOACK_0 0x00000005
-#define DDR_UIA_WDQSEXT 0x00000000
+#define DDR_UIA_WDQSEXT 0x00000001
#define DDR_UIA_CALINTERVAL 0x00000009
#define DDR_UIA_CALONCE 0x00000000
#define DDR_UIA_LP4RL_0 0x00000004
@@ -193,9 +197,9 @@
#define DDR_UIM_MR5_0 0x00000000
#define DDR_UIM_MR6_0 0x00000000
#define DDR_UIM_MR11_0 0x00000066
-#define DDR_UIM_MR12_0 0x00000050
+#define DDR_UIM_MR12_0 0x00000047
#define DDR_UIM_MR13_0 0x00000008
-#define DDR_UIM_MR14_0 0x00000019
+#define DDR_UIM_MR14_0 0x00000047
#define DDR_UIM_MR22_0 0x00000005
#define DDR_UIS_SWIZZLE_0 0x00000003
diff --git a/fdts/stm32mp25-lpddr4-1x32Gbits-1x32bits-1200MHz.dtsi b/fdts/stm32mp25-lpddr4-1x32Gbits-1x32bits-1200MHz.dtsi
index 53d6b7d..0df2a4d 100644
--- a/fdts/stm32mp25-lpddr4-1x32Gbits-1x32bits-1200MHz.dtsi
+++ b/fdts/stm32mp25-lpddr4-1x32Gbits-1x32bits-1200MHz.dtsi
@@ -161,7 +161,7 @@
#define DDR_UIA_DISDYNADRTRI_0 0x00000001
#define DDR_UIA_PHYMSTRTRAININTERVAL_0 0x0000000A
#define DDR_UIA_PHYMSTRMAXREQTOACK_0 0x00000005
-#define DDR_UIA_WDQSEXT 0x00000000
+#define DDR_UIA_WDQSEXT 0x00000001
#define DDR_UIA_CALINTERVAL 0x00000009
#define DDR_UIA_CALONCE 0x00000000
#define DDR_UIA_LP4RL_0 0x00000004
diff --git a/fdts/stm32mp25-lpddr4-2x16Gbits-32bits-1200MHz.dtsi b/fdts/stm32mp25-lpddr4-2x16Gbits-32bits-1200MHz.dtsi
new file mode 100644
index 0000000..4fafcd1
--- /dev/null
+++ b/fdts/stm32mp25-lpddr4-2x16Gbits-32bits-1200MHz.dtsi
@@ -0,0 +1,247 @@
+// SPDX-License-Identifier: GPL-2.0+ OR BSD-3-Clause
+/*
+ * Copyright (C) 2025, STMicroelectronics - All Rights Reserved
+ */
+
+/*
+ * STM32MP25 LPDDR4 board configuration
+ * LPDDR4 2x16Gbits 1x32bits 1200MHz
+ *
+ * version 2
+ * memclk 1200MHz (2x DFI clock)
+ * width 32 32: full width / 16: half width
+ * ranks 2 Single or Dual rank
+ * density 16Gbits (per 16bit channel)
+ * Addressing RBC row/bank interleaving
+ * DBI-RD No Read DBI
+ * DBI-WR No Write DBI
+ * RPST 1.5 Read postamble (ck)
+ * Per_bank_ref Yes
+ */
+
+#define DDR_MEM_NAME "LPDDR4 2x16Gbits 1x32bits 1200MHz"
+#define DDR_MEM_SPEED 1200000
+#define DDR_MEM_SIZE 0x100000000
+
+#define DDR_MSTR 0x03080020
+#define DDR_MRCTRL0 0x00000030
+#define DDR_MRCTRL1 0x00000000
+#define DDR_MRCTRL2 0x00000000
+#define DDR_DERATEEN 0x00000203
+#define DDR_DERATEINT 0x0124f800
+#define DDR_DERATECTL 0x00000000
+#define DDR_PWRCTL 0x00000100
+#define DDR_PWRTMG 0x00130001
+#define DDR_HWLPCTL 0x00000002
+#define DDR_RFSHCTL0 0x00210014
+#define DDR_RFSHCTL1 0x00000000
+#define DDR_RFSHCTL3 0x00000000
+#define DDR_RFSHTMG 0x81240072
+#define DDR_RFSHTMG1 0x00360000
+#define DDR_CRCPARCTL0 0x00000000
+#define DDR_CRCPARCTL1 0x00001000
+#define DDR_INIT0 0xc0020002
+#define DDR_INIT1 0x00010002
+#define DDR_INIT2 0x00000d00
+#define DDR_INIT3 0x00c40024
+#define DDR_INIT4 0x00310008
+#define DDR_INIT5 0x00100004
+#define DDR_INIT6 0x00660047
+#define DDR_INIT7 0x001d0047
+#define DDR_DIMMCTL 0x00000000
+#define DDR_RANKCTL 0x0000066f
+#define DDR_RANKCTL1 0x00000011
+#define DDR_DRAMTMG0 0x1718141a
+#define DDR_DRAMTMG1 0x00050524
+#define DDR_DRAMTMG2 0x060c1111
+#define DDR_DRAMTMG3 0x0090900c
+#define DDR_DRAMTMG4 0x0b04060b
+#define DDR_DRAMTMG5 0x02030909
+#define DDR_DRAMTMG6 0x02020007
+#define DDR_DRAMTMG7 0x00000302
+#define DDR_DRAMTMG8 0x03034405
+#define DDR_DRAMTMG9 0x0004040d
+#define DDR_DRAMTMG10 0x001c180a
+#define DDR_DRAMTMG11 0x440c021c
+#define DDR_DRAMTMG12 0x1a020010
+#define DDR_DRAMTMG13 0x0b100002
+#define DDR_DRAMTMG14 0x000000e9
+#define DDR_DRAMTMG15 0x00000000
+#define DDR_ZQCTL0 0x22580012
+#define DDR_ZQCTL1 0x01e0493e
+#define DDR_ZQCTL2 0x00000000
+#define DDR_DFITMG0 0x0395820a
+#define DDR_DFITMG1 0x000a0303
+#define DDR_DFILPCFG0 0x07f04111
+#define DDR_DFILPCFG1 0x000000f0
+#define DDR_DFIUPD0 0x4040000c
+#define DDR_DFIUPD1 0x0040007f
+#define DDR_DFIUPD2 0x00000000
+#define DDR_DFIMISC 0x00000041
+#define DDR_DFITMG2 0x0000150a
+#define DDR_DFITMG3 0x00000000
+#define DDR_DBICTL 0x00000001
+#define DDR_DFIPHYMSTR 0x80000001
+#define DDR_ADDRMAP0 0x00000004
+#define DDR_ADDRMAP1 0x00090909
+#define DDR_ADDRMAP2 0x00000000
+#define DDR_ADDRMAP3 0x00000000
+#define DDR_ADDRMAP4 0x00001f1f
+#define DDR_ADDRMAP5 0x080f0808
+#define DDR_ADDRMAP6 0x08080808
+#define DDR_ADDRMAP7 0x00000f08
+#define DDR_ADDRMAP8 0x00003f3f
+#define DDR_ADDRMAP9 0x08080808
+#define DDR_ADDRMAP10 0x08080808
+#define DDR_ADDRMAP11 0x00000008
+#define DDR_ODTCFG 0x04000400
+#define DDR_ODTMAP 0x00000000
+#define DDR_SCHED 0x80001b00
+#define DDR_SCHED1 0x00000000
+#define DDR_PERFHPR1 0x04000200
+#define DDR_PERFLPR1 0x08000080
+#define DDR_PERFWR1 0x08000400
+#define DDR_SCHED3 0x04040208
+#define DDR_SCHED4 0x08400810
+#define DDR_DBG0 0x00000000
+#define DDR_DBG1 0x00000000
+#define DDR_DBGCMD 0x00000000
+#define DDR_SWCTL 0x00000000
+#define DDR_SWCTLSTATIC 0x00000000
+#define DDR_POISONCFG 0x00000000
+#define DDR_PCCFG 0x00000000
+#define DDR_PCFGR_0 0x00704100
+#define DDR_PCFGW_0 0x00004100
+#define DDR_PCTRL_0 0x00000000
+#define DDR_PCFGQOS0_0 0x0021000c
+#define DDR_PCFGQOS1_0 0x01000080
+#define DDR_PCFGWQOS0_0 0x01100c07
+#define DDR_PCFGWQOS1_0 0x04000200
+#define DDR_PCFGR_1 0x00704100
+#define DDR_PCFGW_1 0x00004100
+#define DDR_PCTRL_1 0x00000000
+#define DDR_PCFGQOS0_1 0x00100007
+#define DDR_PCFGQOS1_1 0x01000080
+#define DDR_PCFGWQOS0_1 0x01100c07
+#define DDR_PCFGWQOS1_1 0x04000200
+#define DDR_UIB_DRAMTYPE 0x00000002
+#define DDR_UIB_DIMMTYPE 0x00000004
+#define DDR_UIB_LP4XMODE 0x00000000
+#define DDR_UIB_NUMDBYTE 0x00000004
+#define DDR_UIB_NUMACTIVEDBYTEDFI0 0x00000002
+#define DDR_UIB_NUMACTIVEDBYTEDFI1 0x00000002
+#define DDR_UIB_NUMANIB 0x00000008
+#define DDR_UIB_NUMRANK_DFI0 0x00000002
+#define DDR_UIB_NUMRANK_DFI1 0x00000002
+#define DDR_UIB_DRAMDATAWIDTH 0x00000010
+#define DDR_UIB_NUMPSTATES 0x00000001
+#define DDR_UIB_FREQUENCY_0 0x000004b0
+#define DDR_UIB_PLLBYPASS_0 0x00000000
+#define DDR_UIB_DFIFREQRATIO_0 0x00000001
+#define DDR_UIB_DFI1EXISTS 0x00000001
+#define DDR_UIB_TRAIN2D 0x00000000
+#define DDR_UIB_HARDMACROVER 0x00000003
+#define DDR_UIB_READDBIENABLE_0 0x00000000
+#define DDR_UIB_DFIMODE 0x00000000
+#define DDR_UIA_LP4RXPREAMBLEMODE_0 0x00000000
+#define DDR_UIA_LP4POSTAMBLEEXT_0 0x00000001
+#define DDR_UIA_D4RXPREAMBLELENGTH_0 0x00000001
+#define DDR_UIA_D4TXPREAMBLELENGTH_0 0x00000000
+#define DDR_UIA_EXTCALRESVAL 0x00000000
+#define DDR_UIA_IS2TTIMING_0 0x00000000
+#define DDR_UIA_ODTIMPEDANCE_0 0x00000035
+#define DDR_UIA_TXIMPEDANCE_0 0x00000028
+#define DDR_UIA_ATXIMPEDANCE 0x00000028
+#define DDR_UIA_MEMALERTEN 0x00000000
+#define DDR_UIA_MEMALERTPUIMP 0x00000000
+#define DDR_UIA_MEMALERTVREFLEVEL 0x00000000
+#define DDR_UIA_MEMALERTSYNCBYPASS 0x00000000
+#define DDR_UIA_DISDYNADRTRI_0 0x00000001
+#define DDR_UIA_PHYMSTRTRAININTERVAL_0 0x0000000a
+#define DDR_UIA_PHYMSTRMAXREQTOACK_0 0x00000005
+#define DDR_UIA_WDQSEXT 0x00000001
+#define DDR_UIA_CALINTERVAL 0x00000009
+#define DDR_UIA_CALONCE 0x00000000
+#define DDR_UIA_LP4RL_0 0x00000004
+#define DDR_UIA_LP4WL_0 0x00000004
+#define DDR_UIA_LP4WLS_0 0x00000000
+#define DDR_UIA_LP4DBIRD_0 0x00000000
+#define DDR_UIA_LP4DBIWR_0 0x00000000
+#define DDR_UIA_LP4NWR_0 0x00000004
+#define DDR_UIA_LP4LOWPOWERDRV 0x00000000
+#define DDR_UIA_DRAMBYTESWAP 0x00000000
+#define DDR_UIA_RXENBACKOFF 0x00000000
+#define DDR_UIA_TRAINSEQUENCECTRL 0x00000000
+#define DDR_UIA_SNPSUMCTLOPT 0x00000000
+#define DDR_UIA_SNPSUMCTLF0RC5X_0 0x00000000
+#define DDR_UIA_TXSLEWRISEDQ_0 0x0000000f
+#define DDR_UIA_TXSLEWFALLDQ_0 0x0000000f
+#define DDR_UIA_TXSLEWRISEAC 0x0000000f
+#define DDR_UIA_TXSLEWFALLAC 0x0000000f
+#define DDR_UIA_DISABLERETRAINING 0x00000000
+#define DDR_UIA_DISABLEPHYUPDATE 0x00000001
+#define DDR_UIA_ENABLEHIGHCLKSKEWFIX 0x00000000
+#define DDR_UIA_DISABLEUNUSEDADDRLNS 0x00000001
+#define DDR_UIA_PHYINITSEQUENCENUM 0x00000000
+#define DDR_UIA_ENABLEDFICSPOLARITYFIX 0x00000000
+#define DDR_UIA_PHYVREF 0x00000014
+#define DDR_UIA_SEQUENCECTRL_0 0x0000131f
+#define DDR_UIM_MR0_0 0x00000000
+#define DDR_UIM_MR1_0 0x000000c4
+#define DDR_UIM_MR2_0 0x00000024
+#define DDR_UIM_MR3_0 0x00000031
+#define DDR_UIM_MR4_0 0x00000000
+#define DDR_UIM_MR5_0 0x00000000
+#define DDR_UIM_MR6_0 0x00000000
+#define DDR_UIM_MR11_0 0x00000066
+#define DDR_UIM_MR12_0 0x00000047
+#define DDR_UIM_MR13_0 0x00000008
+#define DDR_UIM_MR14_0 0x00000047
+#define DDR_UIM_MR22_0 0x0000001d
+#define DDR_UIS_SWIZZLE_0 0x00000003
+#define DDR_UIS_SWIZZLE_1 0x00000002
+#define DDR_UIS_SWIZZLE_2 0x00000000
+#define DDR_UIS_SWIZZLE_3 0x00000001
+#define DDR_UIS_SWIZZLE_4 0x00000006
+#define DDR_UIS_SWIZZLE_5 0x00000007
+#define DDR_UIS_SWIZZLE_6 0x00000005
+#define DDR_UIS_SWIZZLE_7 0x00000004
+#define DDR_UIS_SWIZZLE_8 0x00000005
+#define DDR_UIS_SWIZZLE_9 0x00000004
+#define DDR_UIS_SWIZZLE_10 0x00000007
+#define DDR_UIS_SWIZZLE_11 0x00000006
+#define DDR_UIS_SWIZZLE_12 0x00000000
+#define DDR_UIS_SWIZZLE_13 0x00000003
+#define DDR_UIS_SWIZZLE_14 0x00000002
+#define DDR_UIS_SWIZZLE_15 0x00000001
+#define DDR_UIS_SWIZZLE_16 0x00000005
+#define DDR_UIS_SWIZZLE_17 0x00000007
+#define DDR_UIS_SWIZZLE_18 0x00000006
+#define DDR_UIS_SWIZZLE_19 0x00000004
+#define DDR_UIS_SWIZZLE_20 0x00000000
+#define DDR_UIS_SWIZZLE_21 0x00000001
+#define DDR_UIS_SWIZZLE_22 0x00000003
+#define DDR_UIS_SWIZZLE_23 0x00000002
+#define DDR_UIS_SWIZZLE_24 0x00000007
+#define DDR_UIS_SWIZZLE_25 0x00000004
+#define DDR_UIS_SWIZZLE_26 0x00000005
+#define DDR_UIS_SWIZZLE_27 0x00000006
+#define DDR_UIS_SWIZZLE_28 0x00000002
+#define DDR_UIS_SWIZZLE_29 0x00000003
+#define DDR_UIS_SWIZZLE_30 0x00000001
+#define DDR_UIS_SWIZZLE_31 0x00000000
+#define DDR_UIS_SWIZZLE_32 0x00000000
+#define DDR_UIS_SWIZZLE_33 0x00000001
+#define DDR_UIS_SWIZZLE_34 0x00000002
+#define DDR_UIS_SWIZZLE_35 0x00000003
+#define DDR_UIS_SWIZZLE_36 0x00000004
+#define DDR_UIS_SWIZZLE_37 0x00000005
+#define DDR_UIS_SWIZZLE_38 0x00000000
+#define DDR_UIS_SWIZZLE_39 0x00000001
+#define DDR_UIS_SWIZZLE_40 0x00000002
+#define DDR_UIS_SWIZZLE_41 0x00000003
+#define DDR_UIS_SWIZZLE_42 0x00000004
+#define DDR_UIS_SWIZZLE_43 0x00000005
+
+
+#include "stm32mp25-ddr.dtsi"
diff --git a/fdts/stm32mp257d-ultra-fly-sbc-ca35tdcid-rcc.dtsi b/fdts/stm32mp257d-ultra-fly-sbc-ca35tdcid-rcc.dtsi
new file mode 100644
index 0000000..7dc3b54
--- /dev/null
+++ b/fdts/stm32mp257d-ultra-fly-sbc-ca35tdcid-rcc.dtsi
@@ -0,0 +1,92 @@
+// SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
+/*
+ * Copyright (C) 2025, Ultratronik GmbH
+ * Copyright (C) STMicroelectronics 2025 - All Rights Reserved
+ * Author: Boerge Struempfel <boerge.struempfel@gmail.com> for Ultratronik GmbH.
+ */
+
+&clk_hse {
+ clock-frequency = <40000000>;
+};
+
+&clk_hsi {
+ clock-frequency = <64000000>;
+};
+
+&clk_lse {
+ clock-frequency = <32768>;
+};
+
+&clk_lsi {
+ clock-frequency = <32000>;
+};
+
+&clk_msi {
+ clock-frequency = <16000000>;
+};
+
+&rcc {
+ st,busclk = <
+ DIV_CFG(DIV_LSMCU, 1)
+ DIV_CFG(DIV_APB1, 0)
+ DIV_CFG(DIV_APB2, 0)
+ DIV_CFG(DIV_APB3, 0)
+ DIV_CFG(DIV_APB4, 0)
+ DIV_CFG(DIV_APBDBG, 0)
+ >;
+
+ st,flexgen = <
+ FLEXGEN_CFG(0, XBAR_SRC_PLL4, 0, 2)
+ FLEXGEN_CFG(1, XBAR_SRC_PLL4, 0, 5)
+ FLEXGEN_CFG(2, XBAR_SRC_PLL4, 0, 1)
+ FLEXGEN_CFG(4, XBAR_SRC_PLL4, 0, 3)
+ FLEXGEN_CFG(5, XBAR_SRC_PLL4, 0, 2)
+ FLEXGEN_CFG(19, XBAR_SRC_HSI_KER, 0, 0)
+ FLEXGEN_CFG(48, XBAR_SRC_PLL5, 0, 3)
+ FLEXGEN_CFG(51, XBAR_SRC_PLL4, 0, 5)
+ FLEXGEN_CFG(52, XBAR_SRC_PLL4, 0, 5)
+ FLEXGEN_CFG(58, XBAR_SRC_HSE_KER, 0, 1)
+ FLEXGEN_CFG(63, XBAR_SRC_PLL4, 0, 2)
+ >;
+
+ st,kerclk = <
+ MUX_CFG(MUX_USB2PHY1, MUX_USB2PHY1_FLEX57)
+ MUX_CFG(MUX_USB2PHY2, MUX_USB2PHY2_FLEX58)
+ >;
+
+ pll1: st,pll-1 {
+ st,pll = <&pll1_cfg_1200Mhz>;
+
+ pll1_cfg_1200Mhz: pll1-cfg-1200Mhz {
+ cfg = <30 1 1 1>;
+ src = <MUX_CFG(MUX_MUXSEL5, MUXSEL_HSE)>;
+ };
+ };
+
+ pll2: st,pll-2 {
+ st,pll = <&pll2_cfg_600Mhz>;
+
+ pll2_cfg_600Mhz: pll2-cfg-600Mhz {
+ cfg = <30 1 1 2>;
+ src = <MUX_CFG(MUX_MUXSEL6, MUXSEL_HSE)>;
+ };
+ };
+
+ pll4: st,pll-4 {
+ st,pll = <&pll4_cfg_1200Mhz>;
+
+ pll4_cfg_1200Mhz: pll4-cfg-1200Mhz {
+ cfg = <30 1 1 1>;
+ src = <MUX_CFG(MUX_MUXSEL0, MUXSEL_HSE)>;
+ };
+ };
+
+ pll5: st,pll-5 {
+ st,pll = <&pll5_cfg_532Mhz>;
+
+ pll5_cfg_532Mhz: pll5-cfg-532Mhz {
+ cfg = <133 5 1 2>;
+ src = <MUX_CFG(MUX_MUXSEL1, MUXSEL_HSE)>;
+ };
+ };
+};
diff --git a/fdts/stm32mp257d-ultra-fly-sbc-fw-config.dts b/fdts/stm32mp257d-ultra-fly-sbc-fw-config.dts
new file mode 100644
index 0000000..0bcf0f0
--- /dev/null
+++ b/fdts/stm32mp257d-ultra-fly-sbc-fw-config.dts
@@ -0,0 +1,7 @@
+// SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
+/*
+ * Copyright (C) 2025, Ultratronik GmbH
+ */
+
+#include "stm32mp25-fw-config.dtsi"
+#include "stm32mp257f-dk-ca35tdcid-fw-config.dtsi"
diff --git a/fdts/stm32mp257d-ultra-fly-sbc.dts b/fdts/stm32mp257d-ultra-fly-sbc.dts
new file mode 100644
index 0000000..2aaa38b
--- /dev/null
+++ b/fdts/stm32mp257d-ultra-fly-sbc.dts
@@ -0,0 +1,201 @@
+// SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-3-Clause)
+/*
+ * Copyright (C) 2025, Ultratronik GmbH
+ * Copyright (C) STMicroelectronics 2025 - All Rights Reserved
+ * Author: Boerge Struempfel <boerge.struempfel@gmail.com> for Ultratronik GmbH.
+ */
+
+/dts-v1/;
+
+#include <dt-bindings/clock/stm32mp25-clksrc.h>
+#include "stm32mp257.dtsi"
+#include "stm32mp257d-ultra-fly-sbc-ca35tdcid-rcc.dtsi"
+#include "stm32mp25-lpddr4-2x16Gbits-32bits-1200MHz.dtsi"
+#include "stm32mp25-pinctrl.dtsi"
+#include "stm32mp25xxak-pinctrl.dtsi"
+
+/ {
+ model = "Ultratronik Ultra Fly SBC based on STM32MP257D";
+ compatible = "st,stm32mp257d-ultra-fly-sbc", "st,stm32mp257";
+
+ aliases {
+ serial0 = &usart1;
+ };
+
+ chosen {
+ stdout-path = "serial0:115200n8";
+ };
+
+ memory@80000000 {
+ device_type = "memory";
+ reg = <0x0 0x80000000 0x1 0x00000000>;
+ };
+};
+
+&ddr {
+ vdd1-supply = <&vdd1_ddr>;
+ vdd2-supply = <&vdd2_ddr>;
+ vddq-supply = <&vdd2_ddr>;
+};
+
+&i2c7 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&i2c7_pins_a>;
+ i2c-scl-rising-time-ns = <185>;
+ i2c-scl-falling-time-ns = <20>;
+ clock-frequency = <400000>;
+ status = "okay";
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ pmic2: stpmic@33 {
+ compatible = "st,stpmic2";
+ reg = <0x33>;
+ status = "okay";
+
+ regulators {
+ compatible = "st,stpmic2-regulators";
+
+ vddcpu: buck1 {
+ regulator-name = "vddcpu";
+ regulator-min-microvolt = <800000>;
+ regulator-max-microvolt = <910000>;
+ regulator-always-on;
+ };
+ vddcore: buck2 {
+ regulator-name = "vddcore";
+ regulator-min-microvolt = <820000>;
+ regulator-max-microvolt = <820000>;
+ regulator-always-on;
+ };
+ vddgpu: buck3 {
+ regulator-name = "vddgpu";
+ regulator-min-microvolt = <800000>;
+ regulator-max-microvolt = <900000>;
+ regulator-always-on;
+ };
+ vddio_pmic: buck4 {
+ regulator-name = "vddio_pmic";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ v1v8: buck5 {
+ regulator-name = "v1v8";
+ regulator-min-microvolt = <1800000>;
+ regulator-max-microvolt = <1800000>;
+ regulator-always-on;
+ };
+ vdd2_ddr: buck6 {
+ regulator-name = "vdd2_ddr";
+ regulator-min-microvolt = <1100000>;
+ regulator-max-microvolt = <1100000>;
+ };
+ v3v3: buck7 {
+ regulator-name = "v3v3";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ vdda1v8_aon: ldo1 {
+ regulator-name = "vdda1v8_aon";
+ regulator-min-microvolt = <1800000>;
+ regulator-max-microvolt = <1800000>;
+ regulator-always-on;
+ };
+ vdd_emmc: ldo2 {
+ regulator-name = "vdd_emmc";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ vdd1_ddr: ldo3 {
+ regulator-name = "vdd1_ddr";
+ regulator-min-microvolt = <1800000>;
+ regulator-max-microvolt = <1800000>;
+ regulator-enable-ramp-delay = <1000>;
+ };
+ vdd3v3_usb: ldo4 {
+ regulator-name = "vdd3v3_usb";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ vdd_sdcard: ldo7 {
+ regulator-name = "vdd_sdcard";
+ regulator-min-microvolt = <3300000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ vddio_sdcard: ldo8 {
+ regulator-name = "vddio_sdcard";
+ st,regulator-bypass-microvolt = <3300000>;
+ regulator-min-microvolt = <1800000>;
+ regulator-max-microvolt = <3300000>;
+ regulator-always-on;
+ };
+ };
+ };
+};
+
+&pwr {
+ vddio1: vddio1 {
+ vddio1-supply = <&vddio_sdcard>;
+ };
+ vddio2: vddio2 {
+ vddio2-supply = <&v1v8>;
+ };
+ vddio3: vddio3 {
+ vddio3-supply = <&vddio_pmic>;
+ };
+ vddio4: vddio4 {
+ vddio4-supply = <&vddio_pmic>;
+ };
+ vddio: vddio {
+ vdd-supply = <&vddio_pmic>;
+ };
+};
+
+&sdmmc1 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&sdmmc1_b4_pins_a>;
+ st,neg-edge;
+ bus-width = <4>;
+ vmmc-supply = <&vdd_sdcard>;
+ vqmmc-supply = <&vddio1>;
+ status = "okay";
+};
+
+&sdmmc2 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&sdmmc2_b4_pins_a &sdmmc2_d47_pins_a>;
+ non-removable;
+ no-sd;
+ no-sdio;
+ st,neg-edge;
+ bus-width = <8>;
+ vmmc-supply = <&vdd_emmc>;
+ vqmmc-supply = <&vddio2>;
+ status = "okay";
+};
+
+&usart1 {
+ pinctrl-names = "default";
+ pinctrl-0 = <&usart1_pins_a>;
+ status = "okay";
+};
+
+&pinctrl {
+ usart1_pins_a: usart1-0 {
+ pins1 {
+ pinmux = <STM32_PINMUX('A', 3, AF6)>; /* USART1_TX */
+ bias-disable;
+ drive-push-pull;
+ slew-rate = <0>;
+ };
+ pins2 {
+ pinmux = <STM32_PINMUX('G', 15, AF6)>; /* USART1_RX */
+ bias-disable;
+ };
+ };
+};
diff --git a/fdts/tc2.dts b/fdts/tc2.dts
deleted file mode 100644
index fa16dcd..0000000
--- a/fdts/tc2.dts
+++ /dev/null
@@ -1,287 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-/dts-v1/;
-
-#include <dt-bindings/interrupt-controller/arm-gic.h>
-#include <dt-bindings/interrupt-controller/irq.h>
-#include <platform_def.h>
-
-#if TARGET_FLAVOUR_FVP
-#define LIT_CAPACITY 406
-#define MID_CAPACITY 912
-#else /* TARGET_FLAVOUR_FPGA */
-#define LIT_CAPACITY 280
-#define MID_CAPACITY 775
-/* this is an area optimized configuration of the big core */
-#define BIG2_CAPACITY 930
-#endif /* TARGET_FLAVOUR_FPGA */
-#define BIG_CAPACITY 1024
-
-#define MHU_TX_ADDR 45000000 /* hex */
-#define MHU_TX_COMPAT "arm,mhuv2-tx","arm,primecell"
-#define MHU_TX_INT_NAME "mhu_tx"
-
-#define MHU_RX_ADDR 45010000 /* hex */
-#define MHU_RX_COMPAT "arm,mhuv2-rx","arm,primecell"
-#define MHU_OFFSET 0x1000
-#define MHU_MBOX_CELLS 2
-#define MHU_RX_INT_NUM 317
-#define MHU_RX_INT_NAME "mhu_rx"
-
-#define LIT_CPU_PMU_COMPATIBLE "arm,cortex-a520-pmu"
-#define MID_CPU_PMU_COMPATIBLE "arm,cortex-a720-pmu"
-#define BIG_CPU_PMU_COMPATIBLE "arm,cortex-x4-pmu"
-
-#define DSU_MPAM_ADDR 0x1 0x00010000 /* 0x1_0001_0000 */
-
-#define DPU_ADDR 2cc00000
-#define DPU_IRQ 69
-
-#define ETHERNET_ADDR 18000000
-#define ETHERNET_INT 109
-
-#define SYS_REGS_ADDR 1c010000
-
-#define MMC_ADDR 1c050000
-#define MMC_INT_0 107
-#define MMC_INT_1 108
-
-#define RTC_ADDR 1c170000
-#define RTC_INT 100
-
-#define KMI_0_ADDR 1c060000
-#define KMI_0_INT 197
-#define KMI_1_ADDR 1c070000
-#define KMI_1_INT 103
-
-#define VIRTIO_BLOCK_ADDR 1c130000
-#define VIRTIO_BLOCK_INT 204
-
-#include "tc-common.dtsi"
-#if TARGET_FLAVOUR_FVP
-#include "tc-fvp.dtsi"
-#else
-#include "tc-fpga.dtsi"
-#endif /* TARGET_FLAVOUR_FVP */
-#include "tc-base.dtsi"
-
-/ {
- cpus {
-#if TARGET_FLAVOUR_FPGA
- cpu-map {
- cluster0 {
- core8 {
- cpu = <&CPU8>;
- };
- core9 {
- cpu = <&CPU9>;
- };
- core10 {
- cpu = <&CPU10>;
- };
- core11 {
- cpu = <&CPU11>;
- };
- core12 {
- cpu = <&CPU12>;
- };
- core13 {
- cpu = <&CPU13>;
- };
- };
- };
-#endif
-
- CPU2:cpu@200 {
- clocks = <&scmi_dvfs 0>;
- capacity-dmips-mhz = <LIT_CAPACITY>;
- };
-
- CPU3:cpu@300 {
- clocks = <&scmi_dvfs 0>;
- capacity-dmips-mhz = <LIT_CAPACITY>;
- };
-
- CPU6:cpu@600 {
- clocks = <&scmi_dvfs 1>;
- capacity-dmips-mhz = <MID_CAPACITY>;
- };
-
- CPU7:cpu@700 {
- clocks = <&scmi_dvfs 1>;
- capacity-dmips-mhz = <MID_CAPACITY>;
- };
-
-#if TARGET_FLAVOUR_FPGA
- CPU8:cpu@800 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0x800>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 1>;
- capacity-dmips-mhz = <MID_CAPACITY>;
- };
-
- CPU9:cpu@900 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0x900>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 2>;
- capacity-dmips-mhz = <BIG2_CAPACITY>;
- };
-
- CPU10:cpu@A00 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0xA00>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 2>;
- capacity-dmips-mhz = <BIG2_CAPACITY>;
- };
-
- CPU11:cpu@B00 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0xB00>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 2>;
- capacity-dmips-mhz = <BIG2_CAPACITY>;
- };
-
- CPU12:cpu@C00 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0xC00>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 3>;
- capacity-dmips-mhz = <BIG_CAPACITY>;
- };
-
- CPU13:cpu@D00 {
- device_type = "cpu";
- compatible = "arm,armv8";
- reg = <0xD00>;
- enable-method = "psci";
- clocks = <&scmi_dvfs 3>;
- capacity-dmips-mhz = <BIG_CAPACITY>;
- };
-#endif
- };
-
-#if TARGET_FLAVOUR_FPGA
- ete8 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU8>;
- };
-
- ete9 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU9>;
- };
-
- ete10 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU10>;
- };
-
- ete11 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU11>;
- };
-
- ete12 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU12>;
- };
-
- ete13 {
- compatible = "arm,embedded-trace-extension";
- cpu = <&CPU13>;
- };
-#endif /* TARGET_FLAVOUR_FPGA */
-
- cmn-pmu {
- compatible = "arm,ci-700";
- reg = <0x0 0x50000000 0x0 0x10000000>;
- interrupts = <GIC_SPI 460 IRQ_TYPE_LEVEL_HIGH 0>;
- };
-
- mbox_db_rx: mhu@MHU_RX_ADDR {
- arm,mhuv2-protocols = <0 1>;
- };
-
- mbox_db_tx: mhu@MHU_TX_ADDR {
- arm,mhuv2-protocols = <0 1>;
- };
-
- firmware {
- /*
- * TC2 does not have a P2A channel, but wiring one was needed to make Linux work
- * (by chance). At the time the SCMI driver did not support bidirectional
- * mailboxes so as a workaround, the A2P channel was wired for TX communication
- * and the synchronous replies would be read asyncrhonously as if coming from
- * the P2A channel, while being the actual A2P channel.
- *
- * This will not work with kernels > 5.15, but keep it around to keep TC2
- * working with its target kernel. Newer kernels will still work, but SCMI
- * won't as they check that the two regions are distinct.
- */
- scmi {
- mboxes = <&mbox_db_tx 0 0 &mbox_db_rx 0 0>;
- shmem = <&cpu_scp_scmi_a2p &cpu_scp_scmi_a2p>;
- };
- };
-
- gic: interrupt-controller@GIC_CTRL_ADDR {
- ppi-partitions {
- ppi_partition_little: interrupt-partition-0 {
- affinity = <&CPU0>, <&CPU1>, <&CPU2>, <&CPU3>;
- };
-
-#if TARGET_FLAVOUR_FVP
- ppi_partition_mid: interrupt-partition-1 {
- affinity = <&CPU4>, <&CPU5>, <&CPU6>;
- };
-
- ppi_partition_big: interrupt-partition-2 {
- affinity = <&CPU7>;
- };
-#elif TARGET_FLAVOUR_FPGA
- ppi_partition_mid: interrupt-partition-1 {
- affinity = <&CPU4>, <&CPU5>, <&CPU6>, <&CPU7>, <&CPU8>;
- };
-
- ppi_partition_big: interrupt-partition-2 {
- affinity = <&CPU9>, <&CPU10>, <&CPU11>, <&CPU12>, <&CPU13>;
- };
-#endif
- };
- };
-
- spe-pmu-big {
- status = "okay";
- };
-
- smmu_700: iommu@3f000000 {
- status = "okay";
- };
-
- dp0: display@DPU_ADDR {
-#if TC_SCMI_PD_CTRL_EN
- power-domains = <&scmi_devpd (PLAT_MAX_CPUS_PER_CLUSTER + 2)>;
-#endif
- iommus = <&smmu_700 0x100>;
- };
-
- gpu: gpu@2d000000 {
- interrupts = <GIC_SPI 66 IRQ_TYPE_LEVEL_HIGH 0>,
- <GIC_SPI 67 IRQ_TYPE_LEVEL_HIGH 0>,
- <GIC_SPI 65 IRQ_TYPE_LEVEL_HIGH 0>;
- interrupt-names = "JOB", "MMU", "GPU";
- iommus = <&smmu_700 0x200>;
- };
-};
diff --git a/include/arch/aarch32/arch_features.h b/include/arch/aarch32/arch_features.h
index 243ac15..47a2659 100644
--- a/include/arch/aarch32/arch_features.h
+++ b/include/arch/aarch32/arch_features.h
@@ -204,5 +204,9 @@
static inline bool is_feat_ls64_accdata_present(void) { return false; }
__attribute__((always_inline))
static inline bool is_feat_mops_supported(void) { return false; }
+__attribute__((always_inline))
+static inline bool is_feat_bti_supported(void) { return false; }
+__attribute__((always_inline))
+static inline bool is_feat_pauth_supported(void) { return false; }
#endif /* ARCH_FEATURES_H */
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 3707520..e8c4054 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -251,7 +251,7 @@
#define ID_AA64DFR0_PMUVER_SHIFT U(8)
#define ID_AA64DFR0_PMUVER_MASK U(0xf)
#define ID_AA64DFR0_PMUVER_PMUV3 U(1)
-#define ID_AA64DFR0_PMUVER_PMUV3P8 U(8)
+#define ID_AA64DFR0_PMUVER_PMUV3P9 U(9)
#define ID_AA64DFR0_PMUVER_IMP_DEF U(0xf)
/* ID_AA64DFR0_EL1.SEBEP definitions */
@@ -606,6 +606,11 @@
#define SCTLR_EPAN_BIT (ULL(1) << 57)
#define SCTLR_RESET_VAL SCTLR_EL3_RES1
+#define SCTLR2_EnPACM_BIT (ULL(1) << 7)
+
+/* SCTLR2 currently has no RES1 fields so reset to 0 */
+#define SCTLR2_RESET_VAL ULL(0)
+
/* CPACR_EL1 definitions */
#define CPACR_EL1_FPEN(x) ((x) << 20)
#define CPACR_EL1_FP_TRAP_EL0 UL(0x1)
@@ -664,6 +669,7 @@
/* MDCR_EL3 definitions */
#define MDCR_EBWE_BIT (ULL(1) << 43)
+#define MDCR_EnPMS3_BIT (ULL(1) << 42)
#define MDCR_E3BREC_BIT (ULL(1) << 38)
#define MDCR_E3BREW_BIT (ULL(1) << 37)
#define MDCR_EnPMSN_BIT (ULL(1) << 36)
@@ -696,6 +702,7 @@
#define MDCR_NSPBE_BIT (ULL(1) << 11)
#define MDCR_TDOSA_BIT (ULL(1) << 10)
#define MDCR_TDA_BIT (ULL(1) << 9)
+#define MDCR_EnPM2_BIT (ULL(1) << 7)
#define MDCR_TPM_BIT (ULL(1) << 6)
#define MDCR_RLTE_BIT (ULL(1) << 0)
#define MDCR_EL3_RESET_VAL MDCR_MTPME_BIT
@@ -855,6 +862,7 @@
#define SPSR_PPEND_BIT BIT(33)
#define SPSR_EXLOCK_BIT_AARCH64 BIT_64(34)
#define SPSR_NZCV (SPSR_V_BIT | SPSR_C_BIT | SPSR_Z_BIT | SPSR_N_BIT)
+#define SPSR_PACM_BIT_AARCH64 BIT_64(35)
#define DISABLE_ALL_EXCEPTIONS \
(DAIF_FIQ_BIT | DAIF_IRQ_BIT | DAIF_ABT_BIT | DAIF_DBG_BIT)
@@ -1531,6 +1539,7 @@
/*******************************************************************************
* FEAT_SCTLR2 - Extension to SCTLR_ELx Registers
******************************************************************************/
+#define SCTLR2_EL3 S3_6_C1_C0_3
#define SCTLR2_EL2 S3_4_C1_C0_3
#define SCTLR2_EL1 S3_0_C1_C0_3
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index 43ff2cc..757ce06 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -146,6 +146,8 @@
* +----------------------------+
* | FEAT_MOPS |
* +----------------------------+
+ * | FEAT_PAUTH_LR |
+ * +----------------------------+
*/
__attribute__((always_inline))
@@ -176,9 +178,9 @@
((ID_AA64ISAR2_GPA3_MASK << ID_AA64ISAR2_GPA3_SHIFT) |
(ID_AA64ISAR2_APA3_MASK << ID_AA64ISAR2_APA3_SHIFT)), 1U)
-/* PAUTH */
+/* FEAT_PAUTH: Pointer Authentication */
__attribute__((always_inline))
-static inline bool is_armv8_3_pauth_present(void)
+static inline bool is_feat_pauth_present(void)
{
uint64_t mask_id_aa64isar1 =
(ID_AA64ISAR1_GPI_MASK << ID_AA64ISAR1_GPI_SHIFT) |
@@ -193,14 +195,45 @@
return ((read_id_aa64isar1_el1() & mask_id_aa64isar1) != 0U ||
is_feat_pacqarma3_present());
}
+CREATE_FEATURE_SUPPORTED(feat_pauth, is_feat_pauth_present, ENABLE_PAUTH)
+CREATE_FEATURE_SUPPORTED(ctx_pauth, is_feat_pauth_present, CTX_INCLUDE_PAUTH_REGS)
+
+/*
+ * FEAT_PAUTH_LR
+ * This feature has a non-standard discovery method so define this function
+ * manually then call use the CREATE_FEATURE_SUPPORTED macro with it. This
+ * feature is enabled with ENABLE_PAUTH when present.
+ */
+__attribute__((always_inline))
+static inline bool is_feat_pauth_lr_present(void)
+{
+ /*
+ * FEAT_PAUTH_LR support is indicated by up to 3 fields, if one or more
+ * of these is 0b0110 then the feature is present.
+ * 1) id_aa64isr1_el1.api
+ * 2) id_aa64isr1_el1.apa
+ * 3) id_aa64isr2_el1.apa3
+ */
+ if (ISOLATE_FIELD(read_id_aa64isar1_el1(), ID_AA64ISAR1_API_SHIFT, ID_AA64ISAR1_API_MASK) == 0b0110) {
+ return true;
+ }
+ if (ISOLATE_FIELD(read_id_aa64isar1_el1(), ID_AA64ISAR1_APA_SHIFT, ID_AA64ISAR1_APA_MASK) == 0b0110) {
+ return true;
+ }
+ if (ISOLATE_FIELD(read_id_aa64isar2_el1(), ID_AA64ISAR2_APA3_SHIFT, ID_AA64ISAR2_APA3_MASK) == 0b0110) {
+ return true;
+ }
+ return false;
+}
+CREATE_FEATURE_SUPPORTED(feat_pauth_lr, is_feat_pauth_lr_present, ENABLE_FEAT_PAUTH_LR)
/* FEAT_TTST: Small translation tables */
CREATE_FEATURE_PRESENT(feat_ttst, id_aa64mmfr2_el1, ID_AA64MMFR2_EL1_ST_SHIFT,
ID_AA64MMFR2_EL1_ST_MASK, 1U)
/* FEAT_BTI: Branch target identification */
-CREATE_FEATURE_PRESENT(feat_bti, id_aa64pfr1_el1, ID_AA64PFR1_EL1_BT_SHIFT,
- ID_AA64PFR1_EL1_BT_MASK, BTI_IMPLEMENTED)
+CREATE_FEATURE_FUNCS(feat_bti, id_aa64pfr1_el1, ID_AA64PFR1_EL1_BT_SHIFT,
+ ID_AA64PFR1_EL1_BT_MASK, BTI_IMPLEMENTED, ENABLE_BTI)
/* FEAT_MTE2: Memory tagging extension */
CREATE_FEATURE_FUNCS(feat_mte2, id_aa64pfr1_el1, ID_AA64PFR1_EL1_MTE_SHIFT,
diff --git a/include/arch/aarch64/arch_helpers.h b/include/arch/aarch64/arch_helpers.h
index 569182a..c885424 100644
--- a/include/arch/aarch64/arch_helpers.h
+++ b/include/arch/aarch64/arch_helpers.h
@@ -238,7 +238,14 @@
/*******************************************************************************
* Strip Pointer Authentication Code
******************************************************************************/
-DEFINE_SYSOP_PARAM_FUNC(xpaci)
+static inline u_register_t xpaci(u_register_t arg)
+{
+ __asm__ (".arch armv8.3-a\n"
+ "xpaci %0\n"
+ : "+r" (arg));
+
+ return arg;
+}
void flush_dcache_range(uintptr_t addr, size_t size);
void flush_dcache_to_popa_range(uintptr_t addr, size_t size);
@@ -725,6 +732,7 @@
/* FEAT_SCTLR2 Registers */
DEFINE_RENAME_SYSREG_RW_FUNCS(sctlr2_el1, SCTLR2_EL1)
DEFINE_RENAME_SYSREG_RW_FUNCS(sctlr2_el2, SCTLR2_EL2)
+DEFINE_RENAME_SYSREG_RW_FUNCS(sctlr2_el3, SCTLR2_EL3)
/* FEAT_LS64_ACCDATA Registers */
DEFINE_RENAME_SYSREG_RW_FUNCS(accdata_el1, ACCDATA_EL1)
diff --git a/include/arch/aarch64/asm_macros.S b/include/arch/aarch64/asm_macros.S
index dce07d9..8f1651d 100644
--- a/include/arch/aarch64/asm_macros.S
+++ b/include/arch/aarch64/asm_macros.S
@@ -230,7 +230,7 @@
*/
.macro read reg:req
#if ENABLE_BTI
- bti j
+ BTI j
#endif
mrs x0, \reg
ret
@@ -241,7 +241,7 @@
*/
.macro write reg:req
#if ENABLE_BTI
- bti j
+ BTI j
#endif
msr \reg, x1
ret
@@ -329,7 +329,7 @@
.endm
/*
- * is_feat_sysreg128_present_asm - Set flags and reg if FEAT_SYSREG128
+ * is_feat_XYZ_present_asm - Set flags and reg if FEAT_XYZ
* is enabled at runtime.
*
* Arguments:
@@ -342,6 +342,20 @@
ands \reg, \reg, #(ID_AA64ISAR2_SYSREG128_MASK << ID_AA64ISAR2_SYSREG128_SHIFT)
.endm
+ .macro is_feat_pauth_present_asm reg:req, clobber:req
+ mrs \reg, ID_AA64ISAR1_EL1
+ mov_imm \clobber, ((ID_AA64ISAR1_GPI_MASK << ID_AA64ISAR1_GPI_SHIFT) \
+ | (ID_AA64ISAR1_GPA_MASK << ID_AA64ISAR1_GPA_SHIFT) \
+ | (ID_AA64ISAR1_API_MASK << ID_AA64ISAR1_API_SHIFT) \
+ | (ID_AA64ISAR1_APA_MASK << ID_AA64ISAR1_APA_SHIFT))
+ tst \reg, \clobber
+ .endm
+
+ .macro is_feat_sctlr2_present_asm reg:req
+ mrs \reg, ID_AA64MMFR3_EL1
+ ands \reg, \reg, #(ID_AA64MMFR3_EL1_SCTLR2_MASK << ID_AA64MMFR3_EL1_SCTLR2_SHIFT)
+ .endm
+
.macro call_reset_handler
#if !(defined(IMAGE_BL2) && ENABLE_RME)
/* ---------------------------------------------------------------------
diff --git a/include/arch/aarch64/el2_common_macros.S b/include/arch/aarch64/el2_common_macros.S
deleted file mode 100644
index 5db6831..0000000
--- a/include/arch/aarch64/el2_common_macros.S
+++ /dev/null
@@ -1,418 +0,0 @@
-/*
- * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef EL2_COMMON_MACROS_S
-#define EL2_COMMON_MACROS_S
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <context.h>
-#include <lib/xlat_tables/xlat_tables_defs.h>
-
-#include <platform_def.h>
-
- /*
- * Helper macro to initialise system registers at EL2.
- */
- .macro el2_arch_init_common
-
- /* ---------------------------------------------------------------------
- * SCTLR_EL2 has already been initialised - read current value before
- * modifying.
- *
- * SCTLR_EL2.I: Enable the instruction cache.
- *
- * SCTLR_EL2.SA: Enable Stack Alignment check. A SP alignment fault
- * exception is generated if a load or store instruction executed at
- * EL2 uses the SP as the base address and the SP is not aligned to a
- * 16-byte boundary.
- *
- * SCTLR_EL2.A: Enable Alignment fault checking. All instructions that
- * load or store one or more registers have an alignment check that the
- * address being accessed is aligned to the size of the data element(s)
- * being accessed.
- * ---------------------------------------------------------------------
- */
- mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
- mrs x0, sctlr_el2
- orr x0, x0, x1
- msr sctlr_el2, x0
- isb
-
- /* ---------------------------------------------------------------------
- * Initialise HCR_EL2, setting all fields rather than relying on HW.
- * All fields are architecturally UNKNOWN on reset. The following fields
- * do not change during the TF lifetime. The remaining fields are set to
- * zero here but are updated ahead of transitioning to a lower EL in the
- * function cm_init_context_common().
- *
- * HCR_EL2.TWE: Set to zero so that execution of WFE instructions at
- * EL2, EL1 and EL0 are not trapped to EL2.
- *
- * HCR_EL2.TWI: Set to zero so that execution of WFI instructions at
- * EL2, EL1 and EL0 are not trapped to EL2.
- *
- * HCR_EL2.HCD: Set to zero to enable HVC calls at EL1 and above,
- * from both Security states and both Execution states.
- *
- * HCR_EL2.TEA: Set to one to route External Aborts and SError
- * Interrupts to EL2 when executing at any EL.
- *
- * HCR_EL2.{API,APK}: For Armv8.3 pointer authentication feature,
- * disable traps to EL2 when accessing key registers or using
- * pointer authentication instructions from lower ELs.
- * ---------------------------------------------------------------------
- */
- mov_imm x0, ((HCR_RESET_VAL | HCR_TEA_BIT) \
- & ~(HCR_TWE_BIT | HCR_TWI_BIT | HCR_HCD_BIT))
-#if CTX_INCLUDE_PAUTH_REGS
- /*
- * If the pointer authentication registers are saved during world
- * switches, enable pointer authentication everywhere, as it is safe to
- * do so.
- */
- orr x0, x0, #(HCR_API_BIT | HCR_APK_BIT)
-#endif /* CTX_INCLUDE_PAUTH_REGS */
- msr hcr_el2, x0
-
- /* ---------------------------------------------------------------------
- * Initialise MDCR_EL2, setting all fields rather than relying on
- * hw. Some fields are architecturally UNKNOWN on reset.
- *
- * MDCR_EL2.TDOSA: Set to zero so that EL2 and EL2 System register
- * access to the powerdown debug registers do not trap to EL2.
- *
- * MDCR_EL2.TDA: Set to zero to allow EL0, EL1 and EL2 access to the
- * debug registers, other than those registers that are controlled by
- * MDCR_EL2.TDOSA.
- *
- * MDCR_EL2.TPM: Set to zero so that EL0, EL1, and EL2 System
- * register accesses to all Performance Monitors registers do not trap
- * to EL2.
- *
- * MDCR_EL2.HPMD: Set to zero so that event counting by the program-
- * mable counters PMEVCNTR<n>_EL0 is prohibited in Secure state. If
- * ARMv8.2 Debug is not implemented this bit does not have any effect
- * on the counters unless there is support for the implementation
- * defined authentication interface
- * ExternalSecureNoninvasiveDebugEnabled().
- * ---------------------------------------------------------------------
- */
- mov_imm x0, ((MDCR_EL2_RESET_VAL | \
- MDCR_SPD32(MDCR_SPD32_DISABLE)) \
- & ~(MDCR_EL2_HPMD_BIT | MDCR_TDOSA_BIT | \
- MDCR_TDA_BIT | MDCR_TPM_BIT))
-
- msr mdcr_el2, x0
-
- /* ---------------------------------------------------------------------
- * Initialise PMCR_EL0 setting all fields rather than relying
- * on hw. Some fields are architecturally UNKNOWN on reset.
- *
- * PMCR_EL0.DP: Set to one so that the cycle counter,
- * PMCCNTR_EL0 does not count when event counting is prohibited.
- *
- * PMCR_EL0.X: Set to zero to disable export of events.
- *
- * PMCR_EL0.D: Set to zero so that, when enabled, PMCCNTR_EL0
- * counts on every clock cycle.
- * ---------------------------------------------------------------------
- */
- mov_imm x0, ((PMCR_EL0_RESET_VAL | PMCR_EL0_DP_BIT) & \
- ~(PMCR_EL0_X_BIT | PMCR_EL0_D_BIT))
-
- msr pmcr_el0, x0
-
- /* ---------------------------------------------------------------------
- * Enable External Aborts and SError Interrupts now that the exception
- * vectors have been setup.
- * ---------------------------------------------------------------------
- */
- msr daifclr, #DAIF_ABT_BIT
-
- /* ---------------------------------------------------------------------
- * Initialise CPTR_EL2, setting all fields rather than relying on hw.
- * All fields are architecturally UNKNOWN on reset.
- *
- * CPTR_EL2.TCPAC: Set to zero so that any accesses to CPACR_EL1 do
- * not trap to EL2.
- *
- * CPTR_EL2.TTA: Set to zero so that System register accesses to the
- * trace registers do not trap to EL2.
- *
- * CPTR_EL2.TFP: Set to zero so that accesses to the V- or Z- registers
- * by Advanced SIMD, floating-point or SVE instructions (if implemented)
- * do not trap to EL2.
- */
-
- mov_imm x0, (CPTR_EL2_RESET_VAL & ~(TCPAC_BIT | TTA_BIT | TFP_BIT))
- msr cptr_el2, x0
-
- /*
- * If Data Independent Timing (DIT) functionality is implemented,
- * always enable DIT in EL2
- */
- mrs x0, id_aa64pfr0_el1
- ubfx x0, x0, #ID_AA64PFR0_DIT_SHIFT, #ID_AA64PFR0_DIT_LENGTH
- cmp x0, #DIT_IMPLEMENTED
- bne 1f
- mov x0, #DIT_BIT
- msr DIT, x0
-1:
- .endm
-
-/* -----------------------------------------------------------------------------
- * This is the super set of actions that need to be performed during a cold boot
- * or a warm boot in EL2. This code is shared by BL1 and BL31.
- *
- * This macro will always perform reset handling, architectural initialisations
- * and stack setup. The rest of the actions are optional because they might not
- * be needed, depending on the context in which this macro is called. This is
- * why this macro is parameterised ; each parameter allows to enable/disable
- * some actions.
- *
- * _init_sctlr:
- * Whether the macro needs to initialise SCTLR_EL2, including configuring
- * the endianness of data accesses.
- *
- * _warm_boot_mailbox:
- * Whether the macro needs to detect the type of boot (cold/warm). The
- * detection is based on the platform entrypoint address : if it is zero
- * then it is a cold boot, otherwise it is a warm boot. In the latter case,
- * this macro jumps on the platform entrypoint address.
- *
- * _secondary_cold_boot:
- * Whether the macro needs to identify the CPU that is calling it: primary
- * CPU or secondary CPU. The primary CPU will be allowed to carry on with
- * the platform initialisations, while the secondaries will be put in a
- * platform-specific state in the meantime.
- *
- * If the caller knows this macro will only be called by the primary CPU
- * then this parameter can be defined to 0 to skip this step.
- *
- * _init_memory:
- * Whether the macro needs to initialise the memory.
- *
- * _init_c_runtime:
- * Whether the macro needs to initialise the C runtime environment.
- *
- * _exception_vectors:
- * Address of the exception vectors to program in the VBAR_EL2 register.
- *
- * _pie_fixup_size:
- * Size of memory region to fixup Global Descriptor Table (GDT).
- *
- * A non-zero value is expected when firmware needs GDT to be fixed-up.
- *
- * -----------------------------------------------------------------------------
- */
- .macro el2_entrypoint_common \
- _init_sctlr, _warm_boot_mailbox, _secondary_cold_boot, \
- _init_memory, _init_c_runtime, _exception_vectors, \
- _pie_fixup_size
-
- .if \_init_sctlr
- /* -------------------------------------------------------------
- * This is the initialisation of SCTLR_EL2 and so must ensure
- * that all fields are explicitly set rather than relying on hw.
- * Some fields reset to an IMPLEMENTATION DEFINED value and
- * others are architecturally UNKNOWN on reset.
- *
- * SCTLR.EE: Set the CPU endianness before doing anything that
- * might involve memory reads or writes. Set to zero to select
- * Little Endian.
- *
- * SCTLR_EL2.WXN: For the EL2 translation regime, this field can
- * force all memory regions that are writeable to be treated as
- * XN (Execute-never). Set to zero so that this control has no
- * effect on memory access permissions.
- *
- * SCTLR_EL2.SA: Set to zero to disable Stack Alignment check.
- *
- * SCTLR_EL2.A: Set to zero to disable Alignment fault checking.
- *
- * SCTLR.DSSBS: Set to zero to disable speculation store bypass
- * safe behaviour upon exception entry to EL2.
- * -------------------------------------------------------------
- */
- mov_imm x0, (SCTLR_RESET_VAL & ~(SCTLR_EE_BIT | SCTLR_WXN_BIT \
- | SCTLR_SA_BIT | SCTLR_A_BIT | SCTLR_DSSBS_BIT))
- msr sctlr_el2, x0
- isb
- .endif /* _init_sctlr */
-
- .if \_warm_boot_mailbox
- /* -------------------------------------------------------------
- * This code will be executed for both warm and cold resets.
- * Now is the time to distinguish between the two.
- * Query the platform entrypoint address and if it is not zero
- * then it means it is a warm boot so jump to this address.
- * -------------------------------------------------------------
- */
- bl plat_get_my_entrypoint
- cbz x0, do_cold_boot
- br x0
-
- do_cold_boot:
- .endif /* _warm_boot_mailbox */
-
- .if \_pie_fixup_size
-#if ENABLE_PIE
- /*
- * ------------------------------------------------------------
- * If PIE is enabled fixup the Global descriptor Table only
- * once during primary core cold boot path.
- *
- * Compile time base address, required for fixup, is calculated
- * using "pie_fixup" label present within first page.
- * ------------------------------------------------------------
- */
- pie_fixup:
- ldr x0, =pie_fixup
- and x0, x0, #~(PAGE_SIZE_MASK)
- mov_imm x1, \_pie_fixup_size
- add x1, x1, x0
- bl fixup_gdt_reloc
-#endif /* ENABLE_PIE */
- .endif /* _pie_fixup_size */
-
- /* ---------------------------------------------------------------------
- * Set the exception vectors.
- * ---------------------------------------------------------------------
- */
- adr x0, \_exception_vectors
- msr vbar_el2, x0
- isb
-
- /* ---------------------------------------------------------------------
- * It is a cold boot.
- * Perform any processor specific actions upon reset e.g. cache, TLB
- * invalidations etc.
- * ---------------------------------------------------------------------
- */
- call_reset_handler
-
- el2_arch_init_common
-
- .if \_secondary_cold_boot
- /* -------------------------------------------------------------
- * Check if this is a primary or secondary CPU cold boot.
- * The primary CPU will set up the platform while the
- * secondaries are placed in a platform-specific state until the
- * primary CPU performs the necessary actions to bring them out
- * of that state and allows entry into the OS.
- * -------------------------------------------------------------
- */
- bl plat_is_my_cpu_primary
- cbnz w0, do_primary_cold_boot
-
- /* This is a cold boot on a secondary CPU */
- bl plat_secondary_cold_boot_setup
- /* plat_secondary_cold_boot_setup() is not supposed to return */
- bl el2_panic
- do_primary_cold_boot:
- .endif /* _secondary_cold_boot */
-
- /* ---------------------------------------------------------------------
- * Initialize memory now. Secondary CPU initialization won't get to this
- * point.
- * ---------------------------------------------------------------------
- */
-
- .if \_init_memory
- bl platform_mem_init
- .endif /* _init_memory */
-
- /* ---------------------------------------------------------------------
- * Init C runtime environment:
- * - Zero-initialise the NOBITS sections. There are 2 of them:
- * - the .bss section;
- * - the coherent memory section (if any).
- * - Relocate the data section from ROM to RAM, if required.
- * ---------------------------------------------------------------------
- */
- .if \_init_c_runtime
- adrp x0, __BSS_START__
- add x0, x0, :lo12:__BSS_START__
-
- adrp x1, __BSS_END__
- add x1, x1, :lo12:__BSS_END__
- sub x1, x1, x0
- bl zeromem
-
-#if defined(IMAGE_BL1) || (defined(IMAGE_BL2) && \
- RESET_TO_BL2 && BL2_IN_XIP_MEM)
- adrp x0, __DATA_RAM_START__
- add x0, x0, :lo12:__DATA_RAM_START__
- adrp x1, __DATA_ROM_START__
- add x1, x1, :lo12:__DATA_ROM_START__
- adrp x2, __DATA_RAM_END__
- add x2, x2, :lo12:__DATA_RAM_END__
- sub x2, x2, x0
- bl memcpy16
-#endif
- .endif /* _init_c_runtime */
-
- /* ---------------------------------------------------------------------
- * Use SP_EL0 for the C runtime stack.
- * ---------------------------------------------------------------------
- */
- msr spsel, #0
-
- /* ---------------------------------------------------------------------
- * Allocate a stack whose memory will be marked as Normal-IS-WBWA when
- * the MMU is enabled. There is no risk of reading stale stack memory
- * after enabling the MMU as only the primary CPU is running at the
- * moment.
- * ---------------------------------------------------------------------
- */
- bl plat_set_my_stack
-
-#if STACK_PROTECTOR_ENABLED
- .if \_init_c_runtime
- bl update_stack_protector_canary
- .endif /* _init_c_runtime */
-#endif
- .endm
-
- .macro apply_at_speculative_wa
-#if ERRATA_SPECULATIVE_AT
- /*
- * This function expects x30 has been saved.
- * Also, save x29 which will be used in the called function.
- */
- str x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
- bl save_and_update_ptw_el1_sys_regs
- ldr x29, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X29]
-#endif
- .endm
-
- .macro restore_ptw_el1_sys_regs
-#if ERRATA_SPECULATIVE_AT
- /* -----------------------------------------------------------
- * In case of ERRATA_SPECULATIVE_AT, must follow below order
- * to ensure that page table walk is not enabled until
- * restoration of all EL1 system registers. TCR_EL1 register
- * should be updated at the end which restores previous page
- * table walk setting of stage1 i.e.(TCR_EL1.EPDx) bits. ISB
- * ensures that CPU does below steps in order.
- *
- * 1. Ensure all other system registers are written before
- * updating SCTLR_EL1 using ISB.
- * 2. Restore SCTLR_EL1 register.
- * 3. Ensure SCTLR_EL1 written successfully using ISB.
- * 4. Restore TCR_EL1 register.
- * -----------------------------------------------------------
- */
- isb
- ldp x28, x29, [sp, #CTX_ERRATA_SPEC_AT_OFFSET + CTX_ERRATA_SPEC_AT_SCTLR_EL1]
- msr sctlr_el1, x28
- isb
- msr tcr_el1, x29
-#endif
- .endm
-
-#endif /* EL2_COMMON_MACROS_S */
diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S
index 2f2aeaf..fce0f2c 100644
--- a/include/arch/aarch64/el3_common_macros.S
+++ b/include/arch/aarch64/el3_common_macros.S
@@ -32,14 +32,29 @@
* load or store one or more registers have an alignment check that the
* address being accessed is aligned to the size of the data element(s)
* being accessed.
+ *
+ * SCTLR_EL3.BT: PAuth instructions are compatible with bti jc
* ---------------------------------------------------------------------
*/
- mov x1, #(SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
+ mov_imm x1, (SCTLR_I_BIT | SCTLR_A_BIT | SCTLR_SA_BIT)
mrs x0, sctlr_el3
+#if ENABLE_BTI
+ bic x0, x0, #SCTLR_BT_BIT
+#endif
orr x0, x0, x1
msr sctlr_el3, x0
isb
+#if ENABLE_FEAT_SCTLR2
+#if ENABLE_FEAT_SCTLR2 > 1
+ is_feat_sctlr2_present_asm x1
+ beq feat_sctlr2_not_supported\@
+#endif
+ mov x1, #SCTLR2_RESET_VAL
+ msr SCTLR2_EL3, x1
+feat_sctlr2_not_supported\@:
+#endif
+
#ifdef IMAGE_BL31
/* ---------------------------------------------------------------------
* Initialise the per-cpu cache pointer to the CPU.
diff --git a/include/bl32/tsp/platform_tsp.h b/include/bl32/tsp/platform_tsp.h
index fe8a2c9..81a1a40 100644
--- a/include/bl32/tsp/platform_tsp.h
+++ b/include/bl32/tsp/platform_tsp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,7 +10,8 @@
/*******************************************************************************
* Mandatory TSP functions (only if platform contains a TSP)
******************************************************************************/
-void tsp_early_platform_setup(void);
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3);
void tsp_plat_arch_setup(void);
void tsp_platform_setup(void);
diff --git a/include/bl32/tsp/tsp.h b/include/bl32/tsp/tsp.h
index a63abf1..bc152e5 100644
--- a/include/bl32/tsp/tsp.h
+++ b/include/bl32/tsp/tsp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -106,7 +106,8 @@
tsp_vector_isn_t abort_yield_smc_entry;
} tsp_vectors_t;
-void tsp_setup(void);
+void tsp_setup(u_register_t arg0, u_register_t arg1, u_register_t arg2,
+ u_register_t arg3);
#endif /* __ASSEMBLER__ */
diff --git a/include/common/asm_macros_common.S b/include/common/asm_macros_common.S
index fd0ea81..9172b55 100644
--- a/include/common/asm_macros_common.S
+++ b/include/common/asm_macros_common.S
@@ -7,6 +7,20 @@
#define ASM_MACROS_COMMON_S
/*
+ * Provide a wrapper for the "bti" instructions using the more
+ * compatible "hint" encoding, otherwise older toolchains would reject
+ * this when not compiled for a BTI capable machine (-march=armv8.5-a).
+ */
+ .macro BTI _targets
+ .ifc \_targets, j
+ hint #36
+ .endif
+ .ifc \_targets, jc
+ hint #38
+ .endif
+ .endm
+
+ /*
* This macro is used to create a function label and place the
* code into a separate text section based on the function name
* to enable elimination of unused code during linking. It also adds
@@ -42,7 +56,7 @@
/* When Branch Target Identification is enabled, insert "bti jc"
* instruction to enable indirect calls and branches
*/
- bti jc
+ BTI jc
#endif
.endm
diff --git a/include/common/bl_common.h b/include/common/bl_common.h
index 2f065ec..db4bb9a 100644
--- a/include/common/bl_common.h
+++ b/include/common/bl_common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -199,8 +199,6 @@
void setup_page_tables(const struct mmap_region *bl_regions,
const struct mmap_region *plat_regions);
-void bl_handle_pauth(void);
-
#endif /*__ASSEMBLER__*/
#endif /* BL_COMMON_H */
diff --git a/include/common/feat_detect.h b/include/common/feat_detect.h
index b85e1ce..18e6c42 100644
--- a/include/common/feat_detect.h
+++ b/include/common/feat_detect.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,5 @@
#define FEAT_STATE_DISABLED 0
#define FEAT_STATE_ALWAYS 1
#define FEAT_STATE_CHECK 2
-#define FEAT_STATE_CHECK_ASYMMETRIC 3
#endif /* FEAT_DETECT_H */
diff --git a/include/drivers/arm/css/css_scp.h b/include/drivers/arm/css/css_scp.h
index 5395546..c3ce1d6 100644
--- a/include/drivers/arm/css/css_scp.h
+++ b/include/drivers/arm/css/css_scp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -45,8 +45,11 @@
CASSERT(SCP_BL2_LIMIT <= BL2_BASE, assert_scp_bl2_overwrite_bl2);
CASSERT(SCP_BL2U_LIMIT <= BL2_BASE, assert_scp_bl2u_overwrite_bl2);
+#if !TRANSFER_LIST
CASSERT(SCP_BL2_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2_overflow);
CASSERT(SCP_BL2U_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2u_overflow);
+#endif /* !TRANSFER_LIST */
+
#endif
#endif /* CSS_SCP_H */
diff --git a/include/drivers/arm/gic.h b/include/drivers/arm/gic.h
new file mode 100644
index 0000000..e98737a
--- /dev/null
+++ b/include/drivers/arm/gic.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2024-2025, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef GIC_H
+#define GIC_H
+/* the function names conflict with some platform implementations. */
+#if USE_GIC_DRIVER
+void gic_init(unsigned int cpu_idx);
+void gic_cpuif_enable(unsigned int cpu_idx);
+void gic_cpuif_disable(unsigned int cpu_idx);
+void gic_pcpu_off(unsigned int cpu_idx);
+void gic_pcpu_init(unsigned int cpu_idx);
+void gic_save(void);
+void gic_resume(void);
+#endif
+#endif /* GIC_H */
diff --git a/include/drivers/arm/smmu_v3.h b/include/drivers/arm/smmu_v3.h
index 37da56f..5a36e26 100644
--- a/include/drivers/arm/smmu_v3.h
+++ b/include/drivers/arm/smmu_v3.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -58,6 +58,8 @@
/* SMMU_ROOT_IDR0 register fields */
#define SMMU_ROOT_IDR0_ROOT_IMPL (1UL << 0)
+#define SMMU_ROOT_IDR0_BA_REALM_SHIFT 22U
+#define SMMU_ROOT_IDR0_BA_REALM_MASK GENMASK_32(31U, SMMU_ROOT_IDR0_BA_REALM_SHIFT)
/* SMMU_ROOT_CR0 register fields */
#define SMMU_ROOT_CR0_GPCEN (1UL << 1)
diff --git a/include/drivers/auth/mbedtls/default_mbedtls_config.h b/include/drivers/auth/mbedtls/default_mbedtls_config.h
index 23daf24..e097eb9 100644
--- a/include/drivers/auth/mbedtls/default_mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/default_mbedtls_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,9 +11,9 @@
*/
/*
- * This file is compatible with versions >= 3.6.2
+ * This file is compatible with versions >= 3.6.3
*/
-#define MBEDTLS_CONFIG_VERSION 0x03060200
+#define MBEDTLS_CONFIG_VERSION 0x03060300
/*
* Key algorithms currently supported on mbed TLS libraries
diff --git a/include/drivers/console.h b/include/drivers/console.h
index fa4eb94..0de2c99 100644
--- a/include/drivers/console.h
+++ b/include/drivers/console.h
@@ -27,7 +27,7 @@
#define CONSOLE_FLAG_RUNTIME (U(1) << 1)
#define CONSOLE_FLAG_CRASH (U(1) << 2)
/* Bits 3 to 7 reserved for additional scopes in future expansion. */
-#define CONSOLE_FLAG_SCOPE_MASK ((U(1) << 8) - 1)
+#define CONSOLE_FLAG_SCOPE_MASK GENMASK(7, 0)
/* Bits 8 to 31 for non-scope use. */
#define CONSOLE_FLAG_TRANSLATE_CRLF (U(1) << 8)
diff --git a/include/drivers/delay_timer.h b/include/drivers/delay_timer.h
index e9fdfb7..0ef6831 100644
--- a/include/drivers/delay_timer.h
+++ b/include/drivers/delay_timer.h
@@ -21,7 +21,7 @@
* the clock period in microseconds.
********************************************************************/
-typedef struct timer_ops {
+typedef struct timer_operation {
uint32_t (*get_timer_value)(void);
uint32_t clk_mult;
uint32_t clk_div;
diff --git a/include/drivers/measured_boot/event_log/event_handoff.h b/include/drivers/measured_boot/event_log/event_handoff.h
new file mode 100644
index 0000000..e969d1f
--- /dev/null
+++ b/include/drivers/measured_boot/event_log/event_handoff.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+
+#ifndef HANDOFF_H
+#define HANDOFF_H
+
+#include <stdint.h>
+
+#include <lib/transfer_list.h>
+
+/**
+ * Initializes or extends the TPM event log in the transfer list.
+ *
+ * If an event log entry exists, attempts to resize it. Otherwise, adds a new entry.
+ * Copies old data if needed. Updates free to reflect available space.
+ *
+ * @param tl Pointer to the transfer list header.
+ * @param req_size Requested size (bytes)
+ * @param free Available size (bytes)
+ * @return Pointer to writable space in the log, or NULL on failure.
+ */
+uint8_t *transfer_list_event_log_extend(struct transfer_list_header *tl,
+ size_t req_size, size_t *free);
+
+/**
+ * Finalizes the event log after writing is complete.
+ *
+ * Resizes the event log to match actual data written, updates checksum,
+ * and flushes cache for the next stage.
+ *
+ * @param tl Pointer to the transfer list header.
+ * @param cursor End offset of written log data.
+ * @return Pointer to finalized log data (past reserved bytes), or NULL.
+ */
+uint8_t *transfer_list_event_log_finish(struct transfer_list_header *tl,
+ uintptr_t cursor);
+
+#define EVENT_LOG_RESERVED_BYTES U(4)
+
+#endif /* HANDOFF_H */
diff --git a/include/drivers/measured_boot/event_log/event_log.h b/include/drivers/measured_boot/event_log/event_log.h
index b44526a..b5adfdc 100644
--- a/include/drivers/measured_boot/event_log/event_log.h
+++ b/include/drivers/measured_boot/event_log/event_log.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,12 +7,12 @@
#ifndef EVENT_LOG_H
#define EVENT_LOG_H
+#include <stddef.h>
#include <stdint.h>
-#include <common/debug.h>
-#include <common/tbbr/tbbr_img_def.h>
#include <drivers/auth/crypto_mod.h>
-#include <drivers/measured_boot/event_log/tcg.h>
+#include "event_handoff.h"
+#include "tcg.h"
/*
* Set Event Log debug level to one of:
@@ -33,7 +33,7 @@
#elif EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
#define LOG_EVENT VERBOSE
#else
-#error "Not supported EVENT_LOG_LEVEL"
+#define LOG_EVENT printf
#endif
/* Number of hashing algorithms supported */
@@ -65,18 +65,130 @@
sizeof(event2_data_t))
/* Functions' declarations */
-void event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish);
-void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish);
-void event_log_write_specid_event(void);
-void event_log_write_header(void);
-void dump_event_log(uint8_t *log_addr, size_t log_size);
-int event_log_measure(uintptr_t data_base, uint32_t data_size,
- unsigned char hash_data[CRYPTO_MD_MAX_SIZE]);
-void event_log_record(const uint8_t *hash, uint32_t event_type,
- const event_log_metadata_t *metadata_ptr);
+
+/**
+ * Initialize the Event Log buffer.
+ *
+ * Sets global pointers to manage the Event Log memory region,
+ * allowing subsequent log operations to write into the buffer.
+ *
+ * @param[in] event_log_start Pointer to the start of the Event Log buffer.
+ * @param[in] event_log_finish Pointer to the end of the buffer
+ * (i.e., one byte past the last valid address).
+ *
+ * @return 0 on success, or -EINVAL if the input range is invalid.
+ */
+int event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish);
+
+/**
+ * Dump the contents of the Event Log.
+ *
+ * Outputs the raw contents of the Event Log buffer, typically
+ * for debugging or audit purposes.
+ *
+ * @param[in] log_addr Pointer to the start of the Event Log buffer.
+ * @param[in] log_size Size of the Event Log buffer in bytes.
+ *
+ * @return 0 on success, or a negative error code on failure.
+ */
+int event_log_dump(uint8_t *log_addr, size_t log_size);
+
+/**
+ * Initialize the Event Log subsystem.
+ *
+ * Wrapper around `event_log_buf_init()` to configure the memory range
+ * for the Event Log buffer.
+ *
+ * @param[in] event_log_start Pointer to the start of the Event Log buffer.
+ * @param[in] event_log_finish Pointer to the end of the buffer
+ * (i.e., one byte past the last valid address).
+ *
+ * @return 0 on success, or a negative error code on failure.
+ */
+int event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish);
+
+/**
+ * Measure input data and log its hash to the Event Log.
+ *
+ * Computes the cryptographic hash of the specified data and records it
+ * in the Event Log as a TCG_PCR_EVENT2 structure using event type EV_POST_CODE.
+ * Useful for firmware or image attestation.
+ *
+ * @param[in] data_base Pointer to the base of the data to be measured.
+ * @param[in] data_size Size of the data in bytes.
+ * @param[in] data_id Identifier used to match against metadata.
+ * @param[in] metadata_ptr Pointer to an array of event_log_metadata_t.
+ *
+ * @return 0 on success, or a negative error code on failure.
+ */
int event_log_measure_and_record(uintptr_t data_base, uint32_t data_size,
uint32_t data_id,
const event_log_metadata_t *metadata_ptr);
+
+/**
+ * Measure the input data and return its hash.
+ *
+ * Computes the cryptographic hash of the specified memory region using
+ * the default hashing algorithm configured in the Event Log subsystem.
+ *
+ * @param[in] data_base Pointer to the base of the data to be measured.
+ * @param[in] data_size Size of the data in bytes.
+ * @param[out] hash_data Buffer to hold the resulting hash output
+ * (must be at least CRYPTO_MD_MAX_SIZE bytes).
+ *
+ * @return 0 on success, or an error code on failure.
+ */
+int event_log_measure(uintptr_t data_base, uint32_t data_size,
+ unsigned char hash_data[CRYPTO_MD_MAX_SIZE]);
+
+/**
+ * Record a measurement event in the Event Log.
+ *
+ * Writes a TCG_PCR_EVENT2 structure to the Event Log using the
+ * provided hash and metadata. This function assumes the buffer
+ * has enough space and that `event_log_buf_init()` has been called.
+ *
+ * @param[in] hash Pointer to the digest (TCG_DIGEST_SIZE bytes).
+ * @param[in] event_type Type of the event, as defined in tcg.h.
+ * @param[in] metadata_ptr Pointer to an event_log_metadata_t structure
+ * providing event-specific context (e.g., PCR index, name).
+ *
+ * @return 0 on success, or -ENOMEM if the buffer has insufficient space.
+ */
+int event_log_record(const uint8_t *hash, uint32_t event_type,
+ const event_log_metadata_t *metadata_ptr);
+
+/**
+ * Initialize the Event Log with mandatory header events.
+ *
+ * Writes the Specification ID (SpecID) and Startup Locality events
+ * as required by the TCG PC Client Platform Firmware Profile.
+ * These must be the first entries in the Event Log.
+ *
+ * @return 0 on success, or a negative error code on failure.
+ */
+int event_log_write_header(void);
+
+/**
+ * Write the SpecID event to the Event Log.
+ *
+ * Records the TCG_EfiSpecIDEventStruct to declare the structure
+ * and supported algorithms of the Event Log format.
+ *
+ * @return 0 on success, or a negative error code on failure.
+ */
+int event_log_write_specid_event(void);
+
+/**
+ * Get the current size of the Event Log.
+ *
+ * Calculates how many bytes of the Event Log buffer have been used,
+ * based on the current log pointer and the start of the buffer.
+ *
+ * @param[in] event_log_start Pointer to the start of the Event Log buffer.
+ *
+ * @return The number of bytes currently used in the Event Log.
+ */
size_t event_log_get_cur_size(uint8_t *event_log_start);
#endif /* EVENT_LOG_H */
diff --git a/include/drivers/mmc.h b/include/drivers/mmc.h
index e94693d..454a85a 100644
--- a/include/drivers/mmc.h
+++ b/include/drivers/mmc.h
@@ -19,29 +19,29 @@
#define MMC_ACMD(_x) U(_x)
-#define OCR_POWERUP BIT(31)
-#define OCR_HCS BIT(30)
-#define OCR_BYTE_MODE (U(0) << 29)
-#define OCR_SECTOR_MODE (U(2) << 29)
-#define OCR_ACCESS_MODE_MASK (U(3) << 29)
-#define OCR_3_5_3_6 BIT(23)
-#define OCR_3_4_3_5 BIT(22)
-#define OCR_3_3_3_4 BIT(21)
-#define OCR_3_2_3_3 BIT(20)
-#define OCR_3_1_3_2 BIT(19)
-#define OCR_3_0_3_1 BIT(18)
-#define OCR_2_9_3_0 BIT(17)
-#define OCR_2_8_2_9 BIT(16)
-#define OCR_2_7_2_8 BIT(15)
-#define OCR_VDD_MIN_2V7 GENMASK(23, 15)
-#define OCR_VDD_MIN_2V0 GENMASK(14, 8)
-#define OCR_VDD_MIN_1V7 BIT(7)
+#define OCR_POWERUP BIT_32(31U)
+#define OCR_HCS BIT_32(30U)
+#define OCR_BYTE_MODE (U(0) << 29U)
+#define OCR_SECTOR_MODE (U(2) << 29U)
+#define OCR_ACCESS_MODE_MASK (U(3) << 29U)
+#define OCR_3_5_3_6 BIT_32(23U)
+#define OCR_3_4_3_5 BIT_32(22U)
+#define OCR_3_3_3_4 BIT_32(21U)
+#define OCR_3_2_3_3 BIT_32(20U)
+#define OCR_3_1_3_2 BIT_32(19U)
+#define OCR_3_0_3_1 BIT_32(18U)
+#define OCR_2_9_3_0 BIT_32(17U)
+#define OCR_2_8_2_9 BIT_32(16U)
+#define OCR_2_7_2_8 BIT_32(15U)
+#define OCR_VDD_MIN_2V7 GENMASK_32(23U, 15U)
+#define OCR_VDD_MIN_2V0 GENMASK_32(14U, 8U)
+#define OCR_VDD_MIN_1V7 BIT_32(7U)
-#define MMC_RSP_48 BIT(0)
-#define MMC_RSP_136 BIT(1) /* 136 bit response */
-#define MMC_RSP_CRC BIT(2) /* expect valid crc */
-#define MMC_RSP_CMD_IDX BIT(3) /* response contains cmd idx */
-#define MMC_RSP_BUSY BIT(4) /* device may be busy */
+#define MMC_RSP_48 BIT_32(0U)
+#define MMC_RSP_136 BIT_32(1U) /* 136 bit response */
+#define MMC_RSP_CRC BIT_32(2U) /* expect valid crc */
+#define MMC_RSP_CMD_IDX BIT_32(3U) /* response contains cmd idx */
+#define MMC_RSP_BUSY BIT_32(4U) /* device may be busy */
/* JEDEC 4.51 chapter 6.12 */
#define MMC_RESPONSE_R1 (MMC_RSP_48 | MMC_RSP_CMD_IDX | MMC_RSP_CRC)
diff --git a/include/drivers/st/stpmic2.h b/include/drivers/st/stpmic2.h
index 58ba64a..b2aadfb 100644
--- a/include/drivers/st/stpmic2.h
+++ b/include/drivers/st/stpmic2.h
@@ -146,6 +146,51 @@
#define INT_DBG_LATCH_R3 0x82
#define INT_DBG_LATCH_R4 0x83
+/* NVM user control registers */
+#define NVM_SR 0x8E
+#define NVM_CR 0x8F
+
+/* NVM user shadow registers */
+#define NVM_MAIN_CTRL_SHR1 0x90
+#define NVM_MAIN_CTRL_SHR2 0x91
+#define NVM_RANK_SHR1 0x92
+#define NVM_RANK_SHR2 0x93
+#define NVM_RANK_SHR3 0x94
+#define NVM_RANK_SHR4 0x95
+#define NVM_RANK_SHR5 0x96
+#define NVM_RANK_SHR6 0x97
+#define NVM_RANK_SHR7 0x98
+#define NVM_RANK_SHR8 0x99
+#define NVM_BUCK_MODE_SHR1 0x9A
+#define NVM_BUCK_MODE_SHR2 0x9B
+#define NVM_BUCK1_VOUT_SHR 0x9C
+#define NVM_BUCK2_VOUT_SHR 0x9D
+#define NVM_BUCK3_VOUT_SHR 0x9E
+#define NVM_BUCK4_VOUT_SHR 0x9F
+#define NVM_BUCK5_VOUT_SHR 0xA0
+#define NVM_BUCK6_VOUT_SHR 0xA1
+#define NVM_BUCK7_VOUT_SHR 0xA2
+#define NVM_LDO2_SHR 0xA3
+#define NVM_LDO3_SHR 0xA4
+#define NVM_LDO5_SHR 0xA5
+#define NVM_LDO6_SHR 0xA6
+#define NVM_LDO7_SHR 0xA7
+#define NVM_LDO8_SHR 0xA8
+#define NVM_PD_SHR1 0xA9
+#define NVM_PD_SHR2 0xAA
+#define NVM_PD_SHR3 0xAB
+#define NVM_BUCKS_IOUT_SHR1 0xAC
+#define NVM_BUCKS_IOUT_SHR2 0xAD
+#define NVM_LDOS_IOUT_SHR 0xAE
+#define NVM_FS_OCP_SHR1 0xAF
+#define NVM_FS_OCP_SHR2 0xB0
+#define NVM_FS_SHR1 0xB1
+#define NVM_FS_SHR2 0xB2
+#define NVM_FS_SHR3 0xB3
+#define NVM_I2C_ADDR_SHR 0xB5
+#define NVM_USER_SHR1 0xB6
+#define NVM_USER_SHR2 0xB7
+
/* BUCKS_MRST_CR bits definition */
#define BUCK1_MRST BIT(0)
#define BUCK2_MRST BIT(1)
@@ -237,6 +282,16 @@
#define FS_OCP_LDO7 BIT(6)
#define FS_OCP_LDO8 BIT(7)
+/* NVM_CR */
+#define NVM_CMD_MASK GENMASK_32(1, 0)
+
+#define NVM_CMD_PROGRAM 1
+#define NVM_CMD_READ 2
+
+/* NVM_SR */
+#define NVM_BUSY BIT(0)
+#define NVM_WRITE_FAIL BIT(1)
+
/* IRQ definitions */
#define IT_PONKEY_F 0
#define IT_PONKEY_R 1
@@ -291,9 +346,7 @@
int stpmic2_regulator_set_voltage(struct pmic_handle_s *pmic,
uint8_t id, uint16_t millivolts);
-#if EVENT_LOG_LEVEL == LOG_LEVEL_VERBOSE
void stpmic2_dump_regulators(struct pmic_handle_s *pmic);
-#endif
int stpmic2_get_version(struct pmic_handle_s *pmic, uint8_t *val);
int stpmic2_get_product_id(struct pmic_handle_s *pmic, uint8_t *val);
diff --git a/include/lib/cpus/aarch64/cortex_a710.h b/include/lib/cpus/aarch64/cortex_a710.h
index 650193c..a47a47e 100644
--- a/include/lib/cpus/aarch64/cortex_a710.h
+++ b/include/lib/cpus/aarch64/cortex_a710.h
@@ -52,14 +52,6 @@
#define CORTEX_A710_CPUACTLR5_EL1_BIT_44 (ULL(1) << 44)
/*******************************************************************************
- * CPU Auxiliary Control register specific definitions.
- ******************************************************************************/
-#define CORTEX_A710_CPUECTLR2_EL1 S3_0_C15_C1_5
-#define CORTEX_A710_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(9)
-#define CPUECTLR2_EL1_PF_MODE_LSB U(11)
-#define CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
-
-/*******************************************************************************
* CPU Selected Instruction Private register specific definitions.
******************************************************************************/
#define CORTEX_A710_CPUPSELR_EL3 S3_6_C15_C8_0
diff --git a/include/lib/cpus/aarch64/cortex_a78.h b/include/lib/cpus/aarch64/cortex_a78.h
index 2984f82..203bdfd 100644
--- a/include/lib/cpus/aarch64/cortex_a78.h
+++ b/include/lib/cpus/aarch64/cortex_a78.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,9 +19,6 @@
******************************************************************************/
#define CORTEX_A78_CPUECTLR_EL1 S3_0_C15_C1_4
#define CORTEX_A78_CPUECTLR_EL1_BIT_8 (ULL(1) << 8)
-#define CORTEX_A78_CPUECTLR_EL1_PF_MODE_CNSRV ULL(3)
-#define CPUECTLR_EL1_PF_MODE_LSB U(6)
-#define CPUECTLR_EL1_PF_MODE_WIDTH U(2)
/*******************************************************************************
* CPU Power Control register specific definitions
diff --git a/include/lib/cpus/aarch64/cortex_a78c.h b/include/lib/cpus/aarch64/cortex_a78c.h
index d600eca..2033120 100644
--- a/include/lib/cpus/aarch64/cortex_a78c.h
+++ b/include/lib/cpus/aarch64/cortex_a78c.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -24,8 +24,6 @@
* CPU Extended Control register specific definitions.
******************************************************************************/
#define CORTEX_A78C_CPUECTLR_EL1 S3_0_C15_C1_4
-#define CORTEX_A78C_CPUECTLR_EL1_BIT_6 (ULL(1) << 6)
-#define CORTEX_A78C_CPUECTLR_EL1_BIT_7 (ULL(1) << 7)
#define CORTEX_A78C_CPUECTLR_EL1_MM_ASP_EN (ULL(1) << 53)
/*******************************************************************************
diff --git a/include/lib/cpus/aarch64/cortex_x2.h b/include/lib/cpus/aarch64/cortex_x2.h
index 9ec5177..4516339 100644
--- a/include/lib/cpus/aarch64/cortex_x2.h
+++ b/include/lib/cpus/aarch64/cortex_x2.h
@@ -19,15 +19,6 @@
#define CORTEX_X2_CPUECTLR_EL1_PFSTIDIS_BIT (ULL(1) << 8)
/*******************************************************************************
- * CPU Extended Control register 2 specific definitions
- ******************************************************************************/
-#define CORTEX_X2_CPUECTLR2_EL1 S3_0_C15_C1_5
-
-#define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_SHIFT U(11)
-#define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
-#define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9)
-
-/*******************************************************************************
* CPU Auxiliary Control register 3 specific definitions.
******************************************************************************/
#define CORTEX_X2_CPUACTLR3_EL1 S3_0_C15_C1_2
diff --git a/include/lib/cpus/aarch64/cortex_x3.h b/include/lib/cpus/aarch64/cortex_x3.h
index 8834db1..2869ec8 100644
--- a/include/lib/cpus/aarch64/cortex_x3.h
+++ b/include/lib/cpus/aarch64/cortex_x3.h
@@ -49,15 +49,6 @@
#define CORTEX_X3_CPUACTLR6_EL1 S3_0_C15_C8_1
/*******************************************************************************
- * CPU Extended Control register 2 specific definitions.
- ******************************************************************************/
-#define CORTEX_X3_CPUECTLR2_EL1 S3_0_C15_C1_5
-
-#define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_LSB U(11)
-#define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
-#define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9)
-
-/*******************************************************************************
* CPU Auxiliary Control register 3 specific definitions.
******************************************************************************/
#define CORTEX_X3_CPUACTLR3_EL1 S3_0_C15_C1_2
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index c35503a..402e07f 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -50,22 +50,6 @@
* Numeric value expected to read from CPU's MIDR
* _resetfunc:
* Reset function for the CPU.
- * _extra1:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2017-5715 needs to be applied or not.
- * _extra2:
- * This is a placeholder for future per CPU operations. Currently
- * some CPUs use this entry to set a function to disable the
- * workaround for CVE-2018-3639.
- * _extra3:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2022-23960 needs to be applied or not.
- * _extra4:
- * This is a placeholder for future per CPU operations. Currently,
- * some CPUs use this entry to set a test function to determine if
- * the workaround for CVE-2024-7881 needs to be applied or not.
* _e_handler:
* This is a placeholder for future per CPU exception handlers.
* _power_down_ops:
@@ -78,7 +62,6 @@
* used to handle power down at subsequent levels
*/
.macro declare_cpu_ops_base _name:req, _midr:req, _resetfunc:req, \
- _extra1:req, _extra2:req, _extra3:req, _extra4:req, \
_e_handler:req, _power_down_ops:vararg
.section .cpu_ops, "a"
.align 3
@@ -87,10 +70,6 @@
#if defined(IMAGE_AT_EL3)
.quad \_resetfunc
#endif
- .quad \_extra1
- .quad \_extra2
- .quad \_extra3
- .quad \_extra4
.quad \_e_handler
#ifdef IMAGE_BL31
/* Insert list of functions */
@@ -153,28 +132,13 @@
.macro declare_cpu_ops _name:req, _midr:req, _resetfunc:req, \
_power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, 0, 0, 0, 0, 0, \
- \_power_down_ops
+ declare_cpu_ops_base \_name, \_midr, \_resetfunc, 0, \_power_down_ops
.endm
.macro declare_cpu_ops_eh _name:req, _midr:req, _resetfunc:req, \
_e_handler:req, _power_down_ops:vararg
declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- 0, 0, 0, 0, \_e_handler, \_power_down_ops
- .endm
-
- .macro declare_cpu_ops_wa _name:req, _midr:req, \
- _resetfunc:req, _extra1:req, _extra2:req, \
- _extra3:req, _power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- \_extra1, \_extra2, \_extra3, 0, 0, \_power_down_ops
- .endm
-
- .macro declare_cpu_ops_wa_4 _name:req, _midr:req, \
- _resetfunc:req, _extra1:req, _extra2:req, \
- _extra3:req, _extra4:req, _power_down_ops:vararg
- declare_cpu_ops_base \_name, \_midr, \_resetfunc, \
- \_extra1, \_extra2, \_extra3, \_extra4, 0, \_power_down_ops
+ \_e_handler, \_power_down_ops
.endm
/*
@@ -240,7 +204,7 @@
* Default value is 0.
*/
.macro add_erratum_entry _cpu:req, _cve:req, _id:req, _chosen:req, _split_wa=0
-#if REPORT_ERRATA || ERRATA_ABI_SUPPORT
+#if INCLUDE_ERRATA_LIST
.pushsection .rodata.errata_entries
.align 3
.ifndef \_cpu\()_errata_list_start
@@ -534,6 +498,40 @@
cset x0, ls
.endm
+
+#if __clang_major__ < 17
+/*
+ * A problem with clang version < 17 can cause resolving nested
+ * 'cfi_startproc' to fail compilation.
+ * So add a compatibility variant for start and endfunc expansions
+ * to ignore `cfi_startproc` and `cfi_endproc`, this to be used only with
+ * check_errata/reset macros if we build TF-A with clang version < 17
+ */
+
+.macro func_compat _name, _align=2
+ .section .text.asm.\_name, "ax"
+ .type \_name, %function
+ .align \_align
+ \_name:
+#if ENABLE_BTI
+ BTI jc
+#endif
+.endm
+
+/*
+ * This macro is used to mark the end of a function.
+ */
+.macro endfunc_compat _name
+ .size \_name, . - \_name
+.endm
+
+#else
+
+#define func_compat func
+#define endfunc_compat endfunc
+
+#endif /* __clang_version__ < 17 */
+
/*
* Helpers to select which revisions errata apply to.
*
@@ -555,35 +553,35 @@
* argument: x0 - cpu_rev_var
*/
.macro check_erratum_ls _cpu:req, _cve:req, _id:req, _rev_num:req
- func check_erratum_\_cpu\()_\_id
+ func_compat check_erratum_\_cpu\()_\_id
cpu_rev_var_ls \_rev_num
ret
- endfunc check_erratum_\_cpu\()_\_id
+ endfunc_compat check_erratum_\_cpu\()_\_id
.endm
.macro check_erratum_hs _cpu:req, _cve:req, _id:req, _rev_num:req
- func check_erratum_\_cpu\()_\_id
+ func_compat check_erratum_\_cpu\()_\_id
cpu_rev_var_hs \_rev_num
ret
- endfunc check_erratum_\_cpu\()_\_id
+ endfunc_compat check_erratum_\_cpu\()_\_id
.endm
.macro check_erratum_range _cpu:req, _cve:req, _id:req, _rev_num_lo:req, _rev_num_hi:req
- func check_erratum_\_cpu\()_\_id
+ func_compat check_erratum_\_cpu\()_\_id
cpu_rev_var_range \_rev_num_lo, \_rev_num_hi
ret
- endfunc check_erratum_\_cpu\()_\_id
+ endfunc_compat check_erratum_\_cpu\()_\_id
.endm
.macro check_erratum_chosen _cpu:req, _cve:req, _id:req, _chosen:req
- func check_erratum_\_cpu\()_\_id
+ func_compat check_erratum_\_cpu\()_\_id
.if \_chosen
mov x0, #ERRATA_APPLIES
.else
mov x0, #ERRATA_MISSING
.endif
ret
- endfunc check_erratum_\_cpu\()_\_id
+ endfunc_compat check_erratum_\_cpu\()_\_id
.endm
/*
@@ -591,14 +589,13 @@
* body: clobber x0 to x4
*/
.macro check_erratum_custom_start _cpu:req, _cve:req, _id:req
- func check_erratum_\_cpu\()_\_id
+ func_compat check_erratum_\_cpu\()_\_id
.endm
.macro check_erratum_custom_end _cpu:req, _cve:req, _id:req
- endfunc check_erratum_\_cpu\()_\_id
+ endfunc_compat check_erratum_\_cpu\()_\_id
.endm
-
/*******************************************************************************
* CPU reset function wrapper
******************************************************************************/
@@ -611,7 +608,7 @@
* Name of cpu as given to declare_cpu_ops
*/
.macro cpu_reset_prologue _cpu:req
- func \_cpu\()_reset_func
+ func_compat \_cpu\()_reset_func
mov x15, x30
get_rev_var x14, x0
.endm
@@ -636,7 +633,7 @@
.macro cpu_reset_func_end _cpu:req
isb
ret x15
- endfunc \_cpu\()_reset_func
+ endfunc_compat \_cpu\()_reset_func
.endm
/*
diff --git a/include/lib/cpus/aarch64/neoverse_n2.h b/include/lib/cpus/aarch64/neoverse_n2.h
index f5837d4..e4487c4 100644
--- a/include/lib/cpus/aarch64/neoverse_n2.h
+++ b/include/lib/cpus/aarch64/neoverse_n2.h
@@ -62,9 +62,6 @@
* CPU Auxiliary Control register specific definitions.
******************************************************************************/
#define NEOVERSE_N2_CPUECTLR2_EL1 S3_0_C15_C1_5
-#define NEOVERSE_N2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(9)
-#define CPUECTLR2_EL1_PF_MODE_LSB U(11)
-#define CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
#define CPUECTLR2_EL1_TXREQ_STATIC_FULL ULL(0)
#define CPUECTLR2_EL1_TXREQ_LSB U(0)
#define CPUECTLR2_EL1_TXREQ_WIDTH U(3)
diff --git a/include/lib/cpus/aarch64/neoverse_v1.h b/include/lib/cpus/aarch64/neoverse_v1.h
index 1e2d7ea..bbba2a7 100644
--- a/include/lib/cpus/aarch64/neoverse_v1.h
+++ b/include/lib/cpus/aarch64/neoverse_v1.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -22,9 +22,6 @@
#define NEOVERSE_V1_CPUPCR_EL3 S3_6_C15_C8_1
#define NEOVERSE_V1_CPUECTLR_EL1_BIT_8 (ULL(1) << 8)
#define NEOVERSE_V1_CPUECTLR_EL1_BIT_53 (ULL(1) << 53)
-#define NEOVERSE_V1_CPUECTLR_EL1_PF_MODE_CNSRV ULL(3)
-#define CPUECTLR_EL1_PF_MODE_LSB U(6)
-#define CPUECTLR_EL1_PF_MODE_WIDTH U(2)
/*******************************************************************************
* CPU Power Control register specific definitions
diff --git a/include/lib/cpus/aarch64/neoverse_v2.h b/include/lib/cpus/aarch64/neoverse_v2.h
index 427cafa..cdbe2bb 100644
--- a/include/lib/cpus/aarch64/neoverse_v2.h
+++ b/include/lib/cpus/aarch64/neoverse_v2.h
@@ -32,9 +32,6 @@
* CPU Extended Control register 2 specific definitions.
******************************************************************************/
#define NEOVERSE_V2_CPUECTLR2_EL1 S3_0_C15_C1_5
-#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(9)
-#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_LSB U(11)
-#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_STATIC_FULL ULL(0)
#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_LSB U(0)
#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_WIDTH U(3)
diff --git a/include/lib/cpus/cpu_ops.h b/include/lib/cpus/cpu_ops.h
index 0b08919..5ba78cf 100644
--- a/include/lib/cpus/cpu_ops.h
+++ b/include/lib/cpus/cpu_ops.h
@@ -22,14 +22,6 @@
/* The number of CPU operations allowed */
#define CPU_MAX_PWR_DWN_OPS 2
-#if __aarch64__
-#define CPU_NO_EXTRA1_FUNC 0
-#define CPU_NO_EXTRA2_FUNC 0
-#define CPU_NO_EXTRA3_FUNC 0
-#define CPU_NO_EXTRA4_FUNC 0
-#endif /* __aarch64__ */
-
-
/*
* Define the sizes of the fields in the cpu_ops structure. Word size is set per
* Aarch so keep these definitions the same and each can include whatever it
@@ -41,10 +33,6 @@
#else
#define CPU_RESET_FUNC_SIZE 0
#endif /* IMAGE_AT_EL3 */
-#define CPU_EXTRA1_FUNC_SIZE CPU_WORD_SIZE
-#define CPU_EXTRA2_FUNC_SIZE CPU_WORD_SIZE
-#define CPU_EXTRA3_FUNC_SIZE CPU_WORD_SIZE
-#define CPU_EXTRA4_FUNC_SIZE CPU_WORD_SIZE
#define CPU_E_HANDLER_FUNC_SIZE CPU_WORD_SIZE
/* The power down core and cluster is needed only in BL31 and BL32 */
#if defined(IMAGE_BL31) || defined(IMAGE_BL32)
@@ -86,11 +74,7 @@
#define CPU_MIDR 0
#define CPU_RESET_FUNC CPU_MIDR + CPU_MIDR_SIZE
#if __aarch64__
-#define CPU_EXTRA1_FUNC CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
-#define CPU_EXTRA2_FUNC CPU_EXTRA1_FUNC + CPU_EXTRA1_FUNC_SIZE
-#define CPU_EXTRA3_FUNC CPU_EXTRA2_FUNC + CPU_EXTRA2_FUNC_SIZE
-#define CPU_EXTRA4_FUNC CPU_EXTRA3_FUNC + CPU_EXTRA3_FUNC_SIZE
-#define CPU_E_HANDLER_FUNC CPU_EXTRA4_FUNC + CPU_EXTRA4_FUNC_SIZE
+#define CPU_E_HANDLER_FUNC CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
#define CPU_PWR_DWN_OPS CPU_E_HANDLER_FUNC + CPU_E_HANDLER_FUNC_SIZE
#else
#define CPU_PWR_DWN_OPS CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
@@ -117,10 +101,6 @@
void (*reset_func)(void);
#endif /* IMAGE_AT_EL3 */
#if __aarch64__
- void (*extra1_func)(void);
- void (*extra2_func)(void);
- void (*extra3_func)(void);
- void (*extra4_func)(void);
void (*e_handler_func)(long es);
#endif /* __aarch64__ */
#if (defined(IMAGE_BL31) || defined(IMAGE_BL32)) && CPU_MAX_PWR_DWN_OPS
diff --git a/include/lib/cpus/errata.h b/include/lib/cpus/errata.h
index 8e28d46..235e2b9 100644
--- a/include/lib/cpus/errata.h
+++ b/include/lib/cpus/errata.h
@@ -27,6 +27,18 @@
#define ERRATA_APPLIES 1
#define ERRATA_MISSING 2
+/* Errata ID for smc workarounds */
+#define ARCH_WORKAROUND_2 2
+#define ARCH_WORKAROUND_3 3
+
+#define INCLUDE_ERRATA_LIST ( \
+ REPORT_ERRATA | \
+ ERRATA_ABI_SUPPORT | \
+ WORKAROUND_CVE_2017_5715 | \
+ WORKAROUND_CVE_2018_3639 | \
+ WORKAROUND_CVE_2022_23960 | \
+ WORKAROUND_CVE_2024_7881)
+
#ifndef __ASSEMBLER__
#include <lib/cassert.h>
@@ -67,10 +79,11 @@
}
#endif
-
bool check_if_trbe_disable_affected_core(void);
int check_wa_cve_2024_7881(void);
bool errata_ich_vmcr_el2_applies(void);
+struct erratum_entry *find_erratum_entry(uint32_t errata_id);
+int check_erratum_applies(uint32_t cve, int errata_id);
#else
@@ -83,8 +96,6 @@
* unlikely event that this does happen, prepending the CVE id with a 0 should
* resolve the conflict
*/
-#define ERRATUM(id) 0, id
-#define CVE(year, id) year, id
#define NO_ISB 1
#define NO_ASSERT 0
#define NO_APPLY_AT_RESET 0
@@ -97,6 +108,9 @@
#endif /* __ASSEMBLER__ */
+#define ERRATUM(id) 0, id
+#define CVE(year, id) year, id
+
/* Macro to get CPU revision code for checking errata version compatibility. */
#define CPU_REV(r, p) ((r << 4) | p)
diff --git a/include/lib/cpus/wa_cve_2017_5715.h b/include/lib/cpus/wa_cve_2017_5715.h
deleted file mode 100644
index 2ad56e1..0000000
--- a/include/lib/cpus/wa_cve_2017_5715.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef WA_CVE_2017_5715_H
-#define WA_CVE_2017_5715_H
-
-int check_wa_cve_2017_5715(void);
-
-#endif /* WA_CVE_2017_5715_H */
diff --git a/include/lib/cpus/wa_cve_2018_3639.h b/include/lib/cpus/wa_cve_2018_3639.h
deleted file mode 100644
index 5a7c9bf..0000000
--- a/include/lib/cpus/wa_cve_2018_3639.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef WA_CVE_2018_3639_H
-#define WA_CVE_2018_3639_H
-
-void *wa_cve_2018_3639_get_disable_ptr(void);
-
-#endif /* WA_CVE_2018_3639_H */
diff --git a/include/lib/cpus/wa_cve_2022_23960.h b/include/lib/cpus/wa_cve_2022_23960.h
deleted file mode 100644
index 50c0f76..0000000
--- a/include/lib/cpus/wa_cve_2022_23960.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/*
- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef WA_CVE_2022_23960_H
-#define WA_CVE_2022_23960_H
-
-int check_smccc_arch_wa3_applies(void);
-
-#endif /* WA_CVE_2022_23960_H */
diff --git a/include/lib/el3_runtime/context_mgmt.h b/include/lib/el3_runtime/context_mgmt.h
index a48ed96..72a8ea2 100644
--- a/include/lib/el3_runtime/context_mgmt.h
+++ b/include/lib/el3_runtime/context_mgmt.h
@@ -34,17 +34,11 @@
void cm_prepare_el3_exit(uint32_t security_state);
void cm_prepare_el3_exit_ns(void);
-#if !IMAGE_BL1
-void cm_init_context_by_index(unsigned int cpu_idx,
- const struct entry_point_info *ep);
-#endif /* !IMAGE_BL1 */
-
#ifdef __aarch64__
#if IMAGE_BL31
void cm_manage_extensions_el3(unsigned int my_idx);
void manage_extensions_nonsecure_per_world(void);
void cm_el3_arch_init_per_world(per_world_context_t *per_world_ctx);
-void cm_handle_asymmetric_features(void);
#endif
#if (CTX_INCLUDE_EL2_REGS && IMAGE_BL31)
@@ -97,7 +91,6 @@
void cm_set_next_context(void *context);
static inline void cm_manage_extensions_el3(unsigned int cpu_idx) {}
static inline void manage_extensions_nonsecure_per_world(void) {}
-static inline void cm_handle_asymmetric_features(void) {}
#endif /* __aarch64__ */
#endif /* CONTEXT_MGMT_H */
diff --git a/include/lib/el3_runtime/cpu_data.h b/include/lib/el3_runtime/cpu_data.h
index e417f45..3dc156a 100644
--- a/include/lib/el3_runtime/cpu_data.h
+++ b/include/lib/el3_runtime/cpu_data.h
@@ -23,10 +23,10 @@
/* Size of cpu_context array */
#define CPU_DATA_CONTEXT_NUM 3
/* Offset of cpu_ops_ptr, size 8 bytes */
-#define CPU_DATA_CPU_OPS_PTR 0x18
+#define CPU_DATA_CPU_OPS_PTR 0x20
#else /* ENABLE_RME */
#define CPU_DATA_CONTEXT_NUM 2
-#define CPU_DATA_CPU_OPS_PTR 0x10
+#define CPU_DATA_CPU_OPS_PTR 0x18
#endif /* ENABLE_RME */
#if ENABLE_PAUTH
@@ -47,8 +47,9 @@
#if CRASH_REPORTING
#error "Crash reporting is not supported in AArch32"
#endif
-#define CPU_DATA_CPU_OPS_PTR 0x0
-#define CPU_DATA_CRASH_BUF_OFFSET (0x4 + PSCI_CPU_DATA_SIZE)
+#define WARMBOOT_EP_INFO 0x0
+#define CPU_DATA_CPU_OPS_PTR 0x4
+#define CPU_DATA_CRASH_BUF_OFFSET (CPU_DATA_CPU_OPS_PTR + PSCI_CPU_DATA_SIZE)
#endif /* __aarch64__ */
@@ -79,7 +80,12 @@
#if ENABLE_RUNTIME_INSTRUMENTATION
/* Temporary space to store PMF timestamps from assembly code */
#define CPU_DATA_PMF_TS_COUNT 1
+#if __aarch64__
#define CPU_DATA_PMF_TS0_OFFSET CPU_DATA_EHF_DATA_BUF_END
+#else
+/* alignment */
+#define CPU_DATA_PMF_TS0_OFFSET (CPU_DATA_EHF_DATA_BUF_END + 8)
+#endif
#define CPU_DATA_PMF_TS0_IDX 0
#endif
@@ -131,6 +137,7 @@
#ifdef __aarch64__
void *cpu_context[CPU_DATA_CONTEXT_NUM];
#endif /* __aarch64__ */
+ entry_point_info_t *warmboot_ep_info;
uintptr_t cpu_ops_ptr;
struct psci_cpu_data psci_svc_cpu_data;
#if ENABLE_PAUTH
diff --git a/include/lib/extensions/pauth.h b/include/lib/extensions/pauth.h
index dbc2226..db47b80 100644
--- a/include/lib/extensions/pauth.h
+++ b/include/lib/extensions/pauth.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,12 +7,34 @@
#ifndef PAUTH_H
#define PAUTH_H
-/*******************************************************************************
- * ARMv8.3-PAuth support functions
- ******************************************************************************/
+#if ENABLE_PAUTH
+/* Platform hook to generate the APIAKey */
+uint128_t plat_init_apkey(void);
-/* Disable ARMv8.3 pointer authentication in EL1/EL3 */
+void pauth_init(void);
+void pauth_enable_el1(void);
+void pauth_enable_el3(void);
+void pauth_enable_el2(void);
void pauth_disable_el1(void);
void pauth_disable_el3(void);
-
+#else
+static inline void pauth_init(void)
+{
+}
+static inline void pauth_enable_el1(void)
+{
+}
+static inline void pauth_enable_el3(void)
+{
+}
+static inline void pauth_enable_el2(void)
+{
+}
+static inline void pauth_disable_el1(void)
+{
+}
+static inline void pauth_disable_el3(void)
+{
+}
+#endif
#endif /* PAUTH_H */
diff --git a/include/lib/libc/cdefs.h b/include/lib/libc/cdefs.h
index 97b7824..3bd4a70 100644
--- a/include/lib/libc/cdefs.h
+++ b/include/lib/libc/cdefs.h
@@ -16,12 +16,20 @@
#define __aligned(x) __attribute__((__aligned__(x)))
#define __section(x) __attribute__((__section__(x)))
#define __fallthrough __attribute__((__fallthrough__))
+#define __noinline __attribute__((__noinline__))
+#define __no_pauth __attribute__((target("branch-protection=none")))
#if RECLAIM_INIT_CODE
/*
* Add each function to a section that is unique so the functions can still
- * be garbage collected
+ * be garbage collected.
+ *
+ * NOTICE: for this to work, these functions will NOT be inlined.
+ * TODO: the noinline attribute can be removed if RECLAIM_INIT_CODE is made
+ * platform agnostic and called after bl31_main(). Then, top-level functions
+ * (those that can't be inlined like bl31_main()) can be annotated with __init
+ * and noinline can be removed.
*/
-#define __init __section(".text.init." __FILE__ "." __XSTRING(__LINE__))
+#define __init __section(".text.init." __FILE__ "." __XSTRING(__LINE__)) __noinline
#else
#define __init
#endif
diff --git a/include/lib/libc/string.h b/include/lib/libc/string.h
index bba9816..098fded 100644
--- a/include/lib/libc/string.h
+++ b/include/lib/libc/string.h
@@ -4,7 +4,7 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
/*
- * Portions copyright (c) 2018-2020, Arm Limited and Contributors.
+ * Portions copyright (c) 2018-2025, Arm Limited and Contributors.
* Portions copyright (c) 2023, Intel Corporation. All rights reserved.
* All rights reserved.
*/
@@ -14,19 +14,26 @@
#include <stddef.h>
-void *memcpy(void *dst, const void *src, size_t len);
+/*
+ * When conditions are right, the compiler may have a baked-in call that can be
+ * inlined and that will be much more optimal than our generic implementation.
+ * When it doesn't, it will emit a call to the original function for which we
+ * provide an implementation.
+ */
+#define memcpy __builtin_memcpy
+#define memset __builtin_memset
+#define memcmp __builtin_memcmp
+#define memchr __builtin_memchr
+#define strcmp __builtin_strcmp
+#define strncmp __builtin_strncmp
+#define strchr __builtin_strchr
+#define strlen __builtin_strlen
+#define strrchr __builtin_strrchr
+
int memcpy_s(void *dst, size_t dsize, void *src, size_t ssize);
void *memmove(void *dst, const void *src, size_t len);
-int memcmp(const void *s1, const void *s2, size_t len);
-int strcmp(const char *s1, const char *s2);
-int strncmp(const char *s1, const char *s2, size_t n);
-void *memchr(const void *src, int c, size_t len);
void *memrchr(const void *src, int c, size_t len);
-char *strchr(const char *s, int c);
-void *memset(void *dst, int val, size_t count);
-size_t strlen(const char *s);
size_t strnlen(const char *s, size_t maxlen);
-char *strrchr(const char *p, int ch);
size_t strlcpy(char * dst, const char * src, size_t dsize);
size_t strlcat(char * dst, const char * src, size_t dsize);
char *strtok_r(char *s, const char *delim, char **last);
diff --git a/include/lib/libc/string_private.h b/include/lib/libc/string_private.h
new file mode 100644
index 0000000..da85fae
--- /dev/null
+++ b/include/lib/libc/string_private.h
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef STRING_PRIVATE_H
+#define STRING_PRIVATE_H
+
+/* Do not include outside of the libc. Use string.h instead. */
+
+#include <stddef.h>
+
+int memcmp(const void *s1, const void *s2, size_t len);
+int strcmp(const char *s1, const char *s2);
+int strncmp(const char *s1, const char *s2, size_t n);
+void *memchr(const void *src, int c, size_t len);
+char *strchr(const char *s, int c);
+void *memset(void *dst, int val, size_t count);
+size_t strlen(const char *s);
+char *strrchr(const char *p, int ch);
+
+#endif /* STRING_PRIVATE_H */
diff --git a/include/lib/transfer_list.h b/include/lib/transfer_list.h
index c403031..bdc6349 100644
--- a/include/lib/transfer_list.h
+++ b/include/lib/transfer_list.h
@@ -62,6 +62,8 @@
TL_TAG_EXEC_EP_INFO64 = 0x102,
TL_TAG_SRAM_LAYOUT64 = 0x104,
TL_TAG_MBEDTLS_HEAP_INFO = 0x105,
+ TL_TAG_EXEC_EP_INFO32 = 0x106,
+ TL_TAG_SRAM_LAYOUT32 = 0x107,
};
enum transfer_list_ops {
diff --git a/include/lib/utils_def.h b/include/lib/utils_def.h
index 6d8a06a..68e464a 100644
--- a/include/lib/utils_def.h
+++ b/include/lib/utils_def.h
@@ -58,9 +58,34 @@
#define GENMASK GENMASK_32
#endif
+/*
+ * Similar to GENMASK_64 but uses a named register field to compute the mask.
+ * For a register field REG_FIELD, the macros REG_FIELD_WIDTH and
+ * REG_FIELD_SHIFT must be defined.
+ */
+#define MASK(regfield) \
+ ((~0ULL >> (64ULL - (regfield##_WIDTH))) << (regfield##_SHIFT))
+
#define HI(addr) (addr >> 32)
#define LO(addr) (addr & 0xffffffff)
+#define HI_64(addr) (addr >> 64)
+#define LO_64(addr) (addr & 0xffffffffffffffff)
+
+/**
+ * EXTRACT_FIELD - Extracts a specific bit field from a value.
+ *
+ * @reg: The input value containing the field.
+
+ * @regfield: A bitmask representing the field. For a register field REG_FIELD,
+ * the macros REG_FIELD_WIDTH and REG_FIELD_SHIFT must be defined.
+
+ * The result of this macro is the contents of the field right shifted to the
+ * least significant bit positions, with the rest being zero.
+ */
+#define EXTRACT(regfield, reg) \
+ (((reg) & MASK(regfield)) >> (regfield##_SHIFT))
+
/*
* This variant of div_round_up can be used in macro definition but should not
* be used in C code as the `div` parameter is evaluated twice.
@@ -218,17 +243,4 @@
*/
#define KHZ_TICKS_PER_SEC U(1000)
-/**
- * EXTRACT_FIELD - Extracts a specific bit field from a value.
- *
- * @val: The input value containing the field.
- * @mask: A bitmask representing the maximum value of the field
- * @shift: The starting bit position of the field.
- *
- * This macro shifts the input value (@val) to the right by @shift bits,
- * aligning the target field to the least significant bits (LSB).
- * It then applies @mask to extract only the relevant bits.
- */
-#define EXTRACT_FIELD(val, mask, shift) (((val) >> (shift)) & (mask))
-
#endif /* UTILS_DEF_H */
diff --git a/include/lib/xlat_mpu/xlat_mpu.h b/include/lib/xlat_mpu/xlat_mpu.h
deleted file mode 100644
index 3a470ad..0000000
--- a/include/lib/xlat_mpu/xlat_mpu.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef XLAT_MPU_H
-#define XLAT_MPU_H
-
-#ifndef __ASSEMBLER__
-
-#include <lib/cassert.h>
-
-#define XLAT_TABLES_LIB_V2 1
-
-void enable_mpu_el2(unsigned int flags);
-void enable_mpu_direct_el2(unsigned int flags);
-
-/*
- * Function to wipe clean and disable all MPU regions. This function expects
- * that the MPU has already been turned off, and caching concerns addressed,
- * but it nevertheless also explicitly turns off the MPU.
- */
-void clear_all_mpu_regions(void);
-
-#endif /* __ASSEMBLER__ */
-#endif /* XLAT_MPU_H */
diff --git a/include/lib/xlat_tables/xlat_tables_defs.h b/include/lib/xlat_tables/xlat_tables_defs.h
index 5434a9a..f540fa5 100644
--- a/include/lib/xlat_tables/xlat_tables_defs.h
+++ b/include/lib/xlat_tables/xlat_tables_defs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -62,10 +62,8 @@
#define OSH (U(0x2) << 6)
#define ISH (U(0x3) << 6)
-#ifdef __aarch64__
/* Guarded Page bit */
#define GP (ULL(1) << 50)
-#endif
#define TABLE_ADDR_MASK ULL(0x0000FFFFFFFFF000)
diff --git a/include/plat/arm/board/fvp_r/fvp_r_bl1.h b/include/plat/arm/board/fvp_r/fvp_r_bl1.h
deleted file mode 100644
index 0b41e67..0000000
--- a/include/plat/arm/board/fvp_r/fvp_r_bl1.h
+++ /dev/null
@@ -1,13 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef FVP_R_BL1_H
-#define FVP_R_BL1_H
-
-void bl1_load_bl33(void);
-void bl1_transfer_bl33(void);
-
-#endif /* FVP_R_BL1_H */
diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h
index 1d7a59d..aed85f5 100644
--- a/include/plat/arm/common/plat_arm.h
+++ b/include/plat/arm/common/plat_arm.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,6 +10,7 @@
#include <stdint.h>
#include <common/desc_image_load.h>
+#include <drivers/arm/gic.h>
#include <drivers/arm/tzc_common.h>
#include <lib/bakery_lock.h>
#include <lib/cassert.h>
@@ -147,6 +148,14 @@
#endif /* defined(IMAGE_BL31) || (!defined(__aarch64__) && defined(IMAGE_BL32)) */
+#ifdef __aarch64__
+#define TL_TAG_EXEC_EP_INFO TL_TAG_EXEC_EP_INFO64
+#define TL_TAG_SRAM_LAYOUT TL_TAG_SRAM_LAYOUT64
+#else
+#define TL_TAG_EXEC_EP_INFO TL_TAG_EXEC_EP_INFO32
+#define TL_TAG_SRAM_LAYOUT TL_TAG_SRAM_LAYOUT32
+#endif
+
#if ARM_RECOM_STATE_ID_ENC
/*
* Macros used to parse state information from State-ID if it is using the
@@ -249,7 +258,8 @@
void arm_bl1_plat_arch_setup(void);
/* BL2 utility functions */
-void arm_bl2_early_platform_setup(uintptr_t fw_config, struct meminfo *mem_layout);
+void arm_bl2_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3);
void arm_bl2_platform_setup(void);
void arm_bl2_plat_arch_setup(void);
uint32_t arm_get_spsr_for_bl32_entry(void);
@@ -273,13 +283,8 @@
void arm_bl2u_plat_arch_setup(void);
/* BL31 utility functions */
-#if TRANSFER_LIST
void arm_bl31_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3);
-#else
-void arm_bl31_early_platform_setup(void *from_bl2, uintptr_t soc_fw_config,
- uintptr_t hw_config, void *plat_params_from_bl2);
-#endif
void arm_bl31_platform_setup(void);
void arm_bl31_plat_runtime_setup(void);
void arm_bl31_plat_arch_setup(void);
@@ -295,11 +300,12 @@
void arm_transfer_list_get_heap_info(void **heap_addr, size_t *heap_size);
/* TSP utility functions */
-void arm_tsp_early_platform_setup(void);
+void arm_tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3);
/* SP_MIN utility functions */
-void arm_sp_min_early_platform_setup(void *from_bl2, uintptr_t tos_fw_config,
- uintptr_t hw_config, void *plat_params_from_bl2);
+void arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3);
void arm_sp_min_plat_runtime_setup(void);
void arm_sp_min_plat_arch_setup(void);
@@ -354,6 +360,9 @@
* Mandatory functions required in ARM standard platforms
*/
unsigned int plat_arm_get_cluster_core_count(u_register_t mpidr);
+
+/* should not be used, but keep for compatibility */
+#if USE_GIC_DRIVER == 0
void plat_arm_gic_driver_init(void);
void plat_arm_gic_init(void);
void plat_arm_gic_cpuif_enable(void);
@@ -363,6 +372,7 @@
void plat_arm_gic_pcpu_init(void);
void plat_arm_gic_save(void);
void plat_arm_gic_resume(void);
+#endif
void plat_arm_security_setup(void);
void plat_arm_pwrc_setup(void);
void plat_arm_interconnect_init(void);
diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index 708cbcd..b9985a3 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -399,7 +399,25 @@
size_t plat_rmmd_get_el3_rmm_shared_mem(uintptr_t *shared);
int plat_rmmd_load_manifest(struct rmm_manifest *manifest);
int plat_rmmd_mecid_key_update(uint16_t mecid);
-#endif
+
+/* The following 4 functions are to be implemented if
+ * RMMD_ENABLE_IDE_KEY_PROG=1.
+ * The following functions are expected to return E_RMM_* error codes.
+ */
+int plat_rmmd_el3_ide_key_program(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info,
+ rp_ide_key_info_t *ide_key_info_ptr,
+ uint64_t request_id, uint64_t cookie);
+int plat_rmmd_el3_ide_key_set_go(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie);
+int plat_rmmd_el3_ide_key_set_stop(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie);
+int plat_rmmd_el3_ide_km_pull_response(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t *req_resp, uint64_t *request_id,
+ uint64_t *cookie);
+#endif /* ENABLE_RME */
/*******************************************************************************
* Optional BL31 functions (may be overridden)
@@ -465,13 +483,6 @@
void plat_flush_next_bl_params(void);
/*
- * The below function enable Trusted Firmware components like SPDs which
- * haven't migrated to the new platform API to compile on platforms which
- * have the compatibility layer disabled.
- */
-unsigned int platform_core_pos_helper(unsigned long mpidr);
-
-/*
* Optional function to get SOC version
*/
int32_t plat_get_soc_version(void);
diff --git a/include/services/arm_arch_svc.h b/include/services/arm_arch_svc.h
index 699a8d7..ea7de0e 100644
--- a/include/services/arm_arch_svc.h
+++ b/include/services/arm_arch_svc.h
@@ -95,6 +95,12 @@
#define SCR_FEAT_AMUv1p1 (0)
#endif
+#if ENABLE_FEAT_TWED
+#define SCR_FEAT_TWED SCR_TWEDEn_BIT
+#else
+#define SCR_FEAT_TWED (0)
+#endif
+
#if ENABLE_FEAT_ECV
#define SCR_FEAT_ECV SCR_ECVEN_BIT
#else
@@ -119,7 +125,7 @@
#define SCR_FEAT_CSV2_2 (0)
#endif
-#if ENABLE_FEAT_RAS
+#if !RAS_TRAP_NS_ERR_REC_ACCESS
#define SCR_FEAT_RAS SCR_TERR_BIT
#else
#define SCR_FEAT_RAS (0)
@@ -182,6 +188,7 @@
SCR_FEAT_HCX | \
SCR_FEAT_LS64_ACCDATA | \
SCR_FEAT_AMUv1p1 | \
+ SCR_FEAT_TWED | \
SCR_FEAT_ECV | \
SCR_FEAT_FGT | \
SCR_FEAT_MTE2 | \
@@ -289,6 +296,7 @@
MDCR_FEAT_SPE | \
MDCR_TDOSA_BIT | \
MDCR_TDA_BIT | \
+ MDCR_EnPM2_BIT | \
MDCR_TPM_BIT | /* FEAT_PMUv3 */ \
MDCR_PLAT_FEATS)
#define MDCR_EL3_FLIPPED ( \
@@ -300,6 +308,7 @@
MDCR_PLAT_FLIPPED)
#define MDCR_EL3_IGNORED ( \
MDCR_EBWE_BIT | \
+ MDCR_EnPMS3_BIT | \
MDCR_EnPMSN_BIT | \
MDCR_SBRBE(2UL) | \
MDCR_MTPME_BIT | \
diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h
index 86110db..56ae129 100644
--- a/include/services/drtm_svc.h
+++ b/include/services/drtm_svc.h
@@ -246,10 +246,10 @@
#define DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_SHIFT U(1)
#define DRTM_LAUNCH_FEAT_HASHING_TYPE_SHIFT U(0)
-#define DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_MASK U(0x1)
-#define DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_MASK U(0x7)
-#define DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_MASK U(0x3)
-#define DRTM_LAUNCH_FEAT_HASHING_TYPE_MASK U(0x1)
+#define DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_WIDTH U(1)
+#define DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_WIDTH U(3)
+#define DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_WIDTH U(2)
+#define DRTM_LAUNCH_FEAT_HASHING_TYPE_WIDTH U(1)
#define DLME_IMG_AUTH U(0x1)
#define REG_MEM_PROTECTION_TYPE U(0x1)
diff --git a/include/services/ffa_svc.h b/include/services/ffa_svc.h
index f5a9a2d..0010d2b 100644
--- a/include/services/ffa_svc.h
+++ b/include/services/ffa_svc.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -57,8 +57,8 @@
<< FFA_MSG_SEND_ATTRS_BLK_SHIFT)
/* Defines for FF-A framework messages exchanged using direct messages. */
-#define FFA_FWK_MSG_BIT BIT(31)
-#define FFA_FWK_MSG_MASK 0xFF
+#define FFA_FWK_MSG_BIT BIT_32(31)
+#define FFA_FWK_MSG_MASK U(0xFF)
#define FFA_FWK_MSG_PSCI U(0x0)
/* Defines for FF-A power management messages framework messages. */
diff --git a/include/services/rmm_core_manifest.h b/include/services/rmm_core_manifest.h
index 2d6e71f..c094f6a 100644
--- a/include/services/rmm_core_manifest.h
+++ b/include/services/rmm_core_manifest.h
@@ -14,20 +14,21 @@
#include <lib/cassert.h>
#define RMMD_MANIFEST_VERSION_MAJOR U(0)
-#define RMMD_MANIFEST_VERSION_MINOR U(4)
+#define RMMD_MANIFEST_VERSION_MINOR U(5)
#define RMM_CONSOLE_MAX_NAME_LEN U(8)
/*
- * Manifest version encoding:
+ * Version encoding:
* - Bit[31] RES0
* - Bits [30:16] Major version
* - Bits [15:0] Minor version
*/
-#define SET_RMMD_MANIFEST_VERSION(_major, _minor) \
+#define SET_VERSION(_major, _minor) \
((((_major) & 0x7FFF) << 16) | ((_minor) & 0xFFFF))
-#define RMMD_MANIFEST_VERSION SET_RMMD_MANIFEST_VERSION( \
+/* Boot Manifest version */
+#define RMMD_MANIFEST_VERSION SET_VERSION( \
RMMD_MANIFEST_VERSION_MAJOR, \
RMMD_MANIFEST_VERSION_MINOR)
@@ -37,9 +38,17 @@
#define RMMD_GET_MANIFEST_VERSION_MINOR(_version) \
(_version & 0xFFFF)
+#define PCIE_RC_INFO_VERSION_MAJOR U(0)
+#define PCIE_RC_INFO_VERSION_MINOR U(1)
+
+/* PCIe Root Complex info structure version */
+#define PCIE_RC_INFO_VERSION SET_VERSION( \
+ PCIE_RC_INFO_VERSION_MAJOR, \
+ PCIE_RC_INFO_VERSION_MINOR)
+
/* Memory bank/device region structure */
struct memory_bank {
- uintptr_t base; /* Base address */
+ uint64_t base; /* Base address */
uint64_t size; /* Size of memory bank/device region */
};
@@ -64,7 +73,7 @@
/* Console info structure */
struct console_info {
- uintptr_t base; /* Console base address */
+ uint64_t base; /* Console base address */
uint64_t map_pages; /* Num of pages to be mapped in RMM for the console MMIO */
char name[RMM_CONSOLE_MAX_NAME_LEN]; /* Name of console */
uint64_t clk_in_hz; /* UART clock (in Hz) for the console */
@@ -98,11 +107,105 @@
CASSERT(offsetof(struct console_list, checksum) == 16UL,
rmm_manifest_console_list_checksum);
-/* Boot manifest core structure as per v0.4 */
+/* SMMUv3 Info structure */
+struct smmu_info {
+ uint64_t smmu_base; /* SMMUv3 base address */
+ uint64_t smmu_r_base; /* SMMUv3 Realm Pages base address */
+};
+
+CASSERT(offsetof(struct smmu_info, smmu_base) == 0UL,
+ rmm_manifest_smmu_base);
+CASSERT(offsetof(struct smmu_info, smmu_r_base) == 8UL,
+ rmm_manifest_smmu_r_base);
+
+/* SMMUv3 Info List structure */
+struct smmu_list {
+ uint64_t num_smmus; /* Number of smmu_info entries */
+ struct smmu_info *smmus; /* Pointer to smmu_info[] array */
+ uint64_t checksum; /* Checksum of smmu_list data */
+};
+
+CASSERT(offsetof(struct smmu_list, num_smmus) == 0UL,
+ rmm_manifest_num_smmus);
+CASSERT(offsetof(struct smmu_list, smmus) == 8UL,
+ rmm_manifest_smmus);
+CASSERT(offsetof(struct smmu_list, checksum) == 16UL,
+ rmm_manifest_smmu_list_checksum);
+
+/* PCIe BDF Mapping Info structure */
+struct bdf_mapping_info {
+ uint16_t mapping_base; /* Base of BDF mapping (inclusive) */
+ uint16_t mapping_top; /* Top of BDF mapping (exclusive) */
+ uint16_t mapping_off; /* Mapping offset, as per Arm Base System Architecture: */
+ /* StreamID = zero_extend(RequesterID[N-1:0]) + (1<<N)*Constant_B */
+ uint16_t smmu_idx; /* SMMU index in smmu_info[] array */
+};
+
+CASSERT(offsetof(struct bdf_mapping_info, mapping_base) == 0UL,
+ rmm_manifest_mapping_base);
+CASSERT(offsetof(struct bdf_mapping_info, mapping_top) == 2UL,
+ rmm_manifest_mapping_top);
+CASSERT(offsetof(struct bdf_mapping_info, mapping_off) == 4UL,
+ rmm_manifest_mapping_off);
+CASSERT(offsetof(struct bdf_mapping_info, smmu_idx) == 6UL,
+ rmm_manifest_smmu_ptr);
+
+/* PCIe Root Port Info structure */
+struct root_port_info {
+ uint16_t root_port_id; /* Root Port identifier */
+ uint16_t padding; /* RES0 */
+ uint32_t num_bdf_mappings; /* Number of BDF mappings */
+ struct bdf_mapping_info *bdf_mappings; /* Pointer to bdf_mapping_info[] array */
+};
+
+CASSERT(offsetof(struct root_port_info, root_port_id) == 0UL,
+ rmm_manifest_root_port_id);
+CASSERT(offsetof(struct root_port_info, num_bdf_mappings) == 4UL,
+ rmm_manifest_num_bdf_mappingss);
+CASSERT(offsetof(struct root_port_info, bdf_mappings) == 8UL,
+ rmm_manifest_bdf_mappings);
+
+/* PCIe Root Complex info structure v0.1 */
+struct root_complex_info {
+ uint64_t ecam_base; /* ECAM base address. Size is implicitly 256MB */
+ uint8_t segment; /* PCIe segment identifier */
+ uint8_t padding[3]; /* RES0 */
+ uint32_t num_root_ports; /* Number of root ports */
+ struct root_port_info *root_ports; /* Pointer to root_port_info[] array */
+};
+
+CASSERT(offsetof(struct root_complex_info, ecam_base) == 0UL,
+ rmm_manifest_ecam_base);
+CASSERT(offsetof(struct root_complex_info, segment) == 8UL,
+ rmm_manifest_segment);
+CASSERT(offsetof(struct root_complex_info, num_root_ports) == 12UL,
+ rmm_manifest_num_root_ports);
+CASSERT(offsetof(struct root_complex_info, root_ports) == 16UL,
+ rmm_manifest_root_ports);
+
+/* PCIe Root Complex List structure */
+struct root_complex_list {
+ uint64_t num_root_complex; /* Number of pci_rc_info entries */
+ uint32_t rc_info_version; /* PCIe Root Complex info structure version */
+ uint32_t padding; /* RES0 */
+ struct root_complex_info *root_complex; /* Pointer to pci_rc_info[] array */
+ uint64_t checksum; /* Checksum of pci_rc_list data */
+};
+
+CASSERT(offsetof(struct root_complex_list, num_root_complex) == 0UL,
+ rmm_manifest_num_root_complex);
+CASSERT(offsetof(struct root_complex_list, rc_info_version) == 8UL,
+ rmm_manifest_rc_info_version);
+CASSERT(offsetof(struct root_complex_list, root_complex) == 16UL,
+ rmm_manifest_root_complex);
+CASSERT(offsetof(struct root_complex_list, checksum) == 24UL,
+ rmm_manifest_root_complex_list_checksum);
+
+/* Boot manifest core structure as per v0.5 */
struct rmm_manifest {
uint32_t version; /* Manifest version */
uint32_t padding; /* RES0 */
- uintptr_t plat_data; /* Manifest platform data */
+ uint64_t plat_data; /* Manifest platform data */
/* Platform NS DRAM data (v0.2) */
struct memory_info plat_dram;
/* Platform console list (v0.3) */
@@ -110,6 +213,10 @@
/* Platform device address ranges (v0.4) */
struct memory_info plat_ncoh_region;
struct memory_info plat_coh_region;
+ /* Platform SMMUv3 list (v0.5) */
+ struct smmu_list plat_smmu;
+ /* Platform PCIe Root Complex list (v0.5) */
+ struct root_complex_list plat_root_complex;
};
CASSERT(offsetof(struct rmm_manifest, version) == 0UL,
@@ -124,5 +231,9 @@
rmm_manifest_plat_ncoh_region_unaligned);
CASSERT(offsetof(struct rmm_manifest, plat_coh_region) == 88UL,
rmm_manifest_plat_coh_region_unaligned);
+CASSERT(offsetof(struct rmm_manifest, plat_smmu) == 112UL,
+ rmm_manifest_plat_smmu_unaligned);
+CASSERT(offsetof(struct rmm_manifest, plat_root_complex) == 136UL,
+ rmm_manifest_plat_root_complex);
#endif /* RMM_CORE_MANIFEST_H */
diff --git a/include/services/rmmd_svc.h b/include/services/rmmd_svc.h
index 8bf9319..9b99e92 100644
--- a/include/services/rmmd_svc.h
+++ b/include/services/rmmd_svc.h
@@ -92,6 +92,8 @@
#define E_RMM_NOMEM -4
#define E_RMM_INVAL -5
#define E_RMM_AGAIN -6
+#define E_RMM_FAULT -7
+#define E_RMM_IN_PROGRESS -8
/* Return error codes from RMI SMCs */
#define RMI_SUCCESS 0
@@ -179,6 +181,83 @@
/* Identifier for the hash algorithm used for attestation signing */
#define EL3_TOKEN_SIGN_HASH_ALG_SHA384 U(1)
+/* Starting RMM-EL3 interface version 0.6 */
+/*
+ * Function codes to support RMM IDE Key management Interface.
+ * The arguments to this SMC are:
+ * arg0 - Function ID.
+ * arg1 - Enhanced Configuration Access Mechanism address
+ * arg2 - Root Port ID
+ * arg3 - IDE selective stream info
+ * arg4 - Quad word of key[63:0]
+ * arg5 - Quad word of key[127:64]
+ * arg6 - Quad word of key[191:128]
+ * arg7 - Quad word of key[255:192]
+ * arg8 - Quad word of IV [63:0]
+ * arg9 - Quad word of IV [95:64]
+ * arg10 - request_id
+ * arg11 - cookie
+ * The return arguments are:
+ * ret0 - Status/Error
+ */
+#define RMM_IDE_KEY_PROG SMC64_RMMD_EL3_FID(U(7))
+
+/*******************************************************************************
+ * Structure to hold el3_ide_key info
+ ******************************************************************************/
+#ifndef __ASSEMBLER__
+typedef struct rp_ide_key_info {
+ uint64_t keyqw0;
+ uint64_t keyqw1;
+ uint64_t keyqw2;
+ uint64_t keyqw3;
+ uint64_t ifvqw0;
+ uint64_t ifvqw1;
+} rp_ide_key_info_t;
+#endif /* __ASSEMBLER__ */
+
+/*
+ * Function codes to support RMM IDE Key management Interface.
+ * The arguments to this SMC are:
+ * arg0 - Function ID.
+ * arg1 - Enhanced Configuration Access Mechanism address
+ * arg2 - Root Port ID
+ * arg3 - IDE selective stream info
+ * arg4 - request_id
+ * arg5 - cookie
+ * The return arguments are:
+ * ret0 - Status/Error
+ */
+#define RMM_IDE_KEY_SET_GO SMC64_RMMD_EL3_FID(U(8))
+
+/*
+ * Function codes to support RMM IDE Key management Interface.
+ * The arguments to this SMC are:
+ * arg0 - Function ID.
+ * arg1 - Enhanced Configuration Access Mechanism address
+ * arg2 - Root Port ID
+ * arg3 - IDE selective stream info
+ * arg4 - request_id
+ * arg5 - cookie
+ * The return arguments are:
+ * ret0 - Status/Error
+ */
+#define RMM_IDE_KEY_SET_STOP SMC64_RMMD_EL3_FID(U(9))
+
+/*
+ * Function codes to support RMM IDE Key management Interface.
+ * The arguments to this SMC are:
+ * arg0 - Function ID.
+ * arg1 - Enhanced Configuration Access Mechanism address
+ * arg2 - Root Port ID
+ * The return arguments are:
+ * ret0 - Status/Error
+ * ret1 - Retrieved response corresponding to the previous request.
+ * ret2 - request_id
+ * ret3 - cookie
+ */
+#define RMM_IDE_KM_PULL_RESPONSE SMC64_RMMD_EL3_FID(U(10))
+
/*
* RMM_BOOT_COMPLETE originates on RMM when the boot finishes (either cold
* or warm boot). This is handled by the RMM-EL3 interface SMC handler.
@@ -200,7 +279,7 @@
* Increase this when a bug is fixed, or a feature is added without
* breaking compatibility.
*/
-#define RMM_EL3_IFC_VERSION_MINOR (U(5))
+#define RMM_EL3_IFC_VERSION_MINOR (U(6))
#define RMM_EL3_INTERFACE_VERSION \
(((RMM_EL3_IFC_VERSION_MAJOR << 16) & 0x7FFFF) | \
diff --git a/include/services/trp/platform_trp.h b/include/services/trp/platform_trp.h
index 756e9db..67dfff1 100644
--- a/include/services/trp/platform_trp.h
+++ b/include/services/trp/platform_trp.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,4 +16,8 @@
******************************************************************************/
void trp_early_platform_setup(struct rmm_manifest *manifest);
+#if RMMD_ENABLE_IDE_KEY_PROG
+uint64_t trp_get_test_rootport(uint64_t *ecam, uint64_t *rootport);
+#endif /* RMMD_ENABLE_IDE_KEY_PROG */
+
#endif /* PLATFORM_TRP_H */
diff --git a/include/services/trp/trp_helpers.h b/include/services/trp/trp_helpers.h
index 83ec740..2f36720 100644
--- a/include/services/trp/trp_helpers.h
+++ b/include/services/trp/trp_helpers.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,7 +17,11 @@
#define TRP_ARG5 0x28
#define TRP_ARG6 0x30
#define TRP_ARG7 0x38
-#define TRP_ARGS_END 0x40
+#define TRP_ARG8 0x40
+#define TRP_ARG9 0x48
+#define TRP_ARG10 0x50
+#define TRP_ARG11 0x58
+#define TRP_ARGS_END 0x60
#ifndef __ASSEMBLER__
@@ -35,7 +39,11 @@
uint64_t arg4,
uint64_t arg5,
uint64_t arg6,
- uint64_t arg7);
+ uint64_t arg7,
+ uint64_t arg8,
+ uint64_t arg9,
+ uint64_t arg10,
+ uint64_t arg11);
__dead2 void trp_boot_abort(uint64_t err);
diff --git a/lib/aarch64/cache_helpers.S b/lib/aarch64/cache_helpers.S
index ff9a4e6..cc46c53 100644
--- a/lib/aarch64/cache_helpers.S
+++ b/lib/aarch64/cache_helpers.S
@@ -215,7 +215,7 @@
.macro dcsw_loop _op
#if ENABLE_BTI
- bti j
+ BTI j
#endif
loop2_\_op:
lsl w7, w6, w2 // w7 = aligned max set number
diff --git a/lib/cpus/aarch64/cortex_a510.S b/lib/cpus/aarch64/cortex_a510.S
index 6ec6742..258817f 100644
--- a/lib/cpus/aarch64/cortex_a510.S
+++ b/lib/cpus/aarch64/cortex_a510.S
@@ -128,6 +128,15 @@
check_erratum_ls cortex_a510, ERRATUM(2288014), CPU_REV(1, 0)
+workaround_reset_start cortex_a510, ERRATUM(2313941), ERRATA_DSU_2313941
+ errata_dsu_2313941_wa_impl
+workaround_reset_end cortex_a510, ERRATUM(2313941)
+
+check_erratum_custom_start cortex_a510, ERRATUM(2313941)
+ check_errata_dsu_2313941_impl
+ ret
+check_erratum_custom_end cortex_a510, ERRATUM(2313941)
+
workaround_reset_start cortex_a510, ERRATUM(2347730), ERRATA_A510_2347730
/*
* Set CPUACTLR_EL1[17] to 1'b1, which disables
@@ -169,15 +178,6 @@
check_erratum_ls cortex_a510, ERRATUM(2684597), CPU_REV(1, 2)
-workaround_reset_start cortex_a510, ERRATUM(2313941), ERRATA_DSU_2313941
- errata_dsu_2313941_wa_impl
-workaround_reset_end cortex_a510, ERRATUM(2313941)
-
-check_erratum_custom_start cortex_a510, ERRATUM(2313941)
- check_errata_dsu_2313941_impl
- ret
-check_erratum_custom_end cortex_a510, ERRATUM(2313941)
-
.global check_erratum_cortex_a510_2971420
add_erratum_entry cortex_a510, ERRATUM(2971420), ERRATA_A510_2971420
check_erratum_range cortex_a510, ERRATUM(2971420), CPU_REV(0, 1), CPU_REV(1, 3)
diff --git a/lib/cpus/aarch64/cortex_a55.S b/lib/cpus/aarch64/cortex_a55.S
index cf91431..f5921a2 100644
--- a/lib/cpus/aarch64/cortex_a55.S
+++ b/lib/cpus/aarch64/cortex_a55.S
@@ -22,24 +22,6 @@
cpu_reset_prologue cortex_a55
-workaround_reset_start cortex_a55, ERRATUM(798953), ERRATA_DSU_798953
- errata_dsu_798953_wa_impl
-workaround_reset_end cortex_a55, ERRATUM(798953)
-
-check_erratum_custom_start cortex_a55, ERRATUM(798953)
- check_errata_dsu_798953_impl
- ret
-check_erratum_custom_end cortex_a55, ERRATUM(798953)
-
-workaround_reset_start cortex_a55, ERRATUM(936184), ERRATA_DSU_936184
- errata_dsu_936184_wa_impl
-workaround_reset_end cortex_a55, ERRATUM(936184)
-
-check_erratum_custom_start cortex_a55, ERRATUM(936184)
- check_errata_dsu_936184_impl
- ret
-check_erratum_custom_end cortex_a55, ERRATUM(936184)
-
workaround_reset_start cortex_a55, ERRATUM(768277), ERRATA_A55_768277
sysreg_bit_set CORTEX_A55_CPUACTLR_EL1, CORTEX_A55_CPUACTLR_EL1_DISABLE_DUAL_ISSUE
workaround_reset_end cortex_a55, ERRATUM(768277)
@@ -71,6 +53,15 @@
check_erratum_ls cortex_a55, ERRATUM(798797), CPU_REV(0, 0)
+workaround_reset_start cortex_a55, ERRATUM(798953), ERRATA_DSU_798953
+ errata_dsu_798953_wa_impl
+workaround_reset_end cortex_a55, ERRATUM(798953)
+
+check_erratum_custom_start cortex_a55, ERRATUM(798953)
+ check_errata_dsu_798953_impl
+ ret
+check_erratum_custom_end cortex_a55, ERRATUM(798953)
+
workaround_reset_start cortex_a55, ERRATUM(846532), ERRATA_A55_846532
sysreg_bit_set CORTEX_A55_CPUACTLR_EL1, CORTEX_A55_CPUACTLR_EL1_DISABLE_DUAL_ISSUE
workaround_reset_end cortex_a55, ERRATUM(846532)
@@ -83,6 +74,15 @@
check_erratum_ls cortex_a55, ERRATUM(903758), CPU_REV(0, 1)
+workaround_reset_start cortex_a55, ERRATUM(936184), ERRATA_DSU_936184
+ errata_dsu_936184_wa_impl
+workaround_reset_end cortex_a55, ERRATUM(936184)
+
+check_erratum_custom_start cortex_a55, ERRATUM(936184)
+ check_errata_dsu_936184_impl
+ ret
+check_erratum_custom_end cortex_a55, ERRATUM(936184)
+
workaround_reset_start cortex_a55, ERRATUM(1221012), ERRATA_A55_1221012
mov x0, #0x0020
movk x0, #0x0850, lsl #16
diff --git a/lib/cpus/aarch64/cortex_a57.S b/lib/cpus/aarch64/cortex_a57.S
index adacc5c..553f6f9 100644
--- a/lib/cpus/aarch64/cortex_a57.S
+++ b/lib/cpus/aarch64/cortex_a57.S
@@ -65,15 +65,20 @@
ret
endfunc cortex_a57_disable_ext_debug
+/* Erratum entry and check function for SMCCC_ARCH_WORKAROUND_3 */
+add_erratum_entry cortex_a57, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
+
+check_erratum_chosen cortex_a57, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
+
/*
* Disable the over-read from the LDNP/STNP instruction. The SDEN doesn't
- * provide and erratum number, so assign it an obvious 1
+ * provide and erratum number, so assign it an obvious 99999
*/
-workaround_reset_start cortex_a57, ERRATUM(1), A57_DISABLE_NON_TEMPORAL_HINT
+workaround_reset_start cortex_a57, ERRATUM(99999), A57_DISABLE_NON_TEMPORAL_HINT
sysreg_bit_set CORTEX_A57_CPUACTLR_EL1, CORTEX_A57_CPUACTLR_EL1_DIS_OVERREAD
-workaround_reset_end cortex_a57, ERRATUM(1)
+workaround_reset_end cortex_a57, ERRATUM(99999)
-check_erratum_ls cortex_a57, ERRATUM(1), CPU_REV(1, 2)
+check_erratum_ls cortex_a57, ERRATUM(99999), CPU_REV(1, 2)
workaround_reset_start cortex_a57, ERRATUM(806969), ERRATA_A57_806969
sysreg_bit_set CORTEX_A57_CPUACTLR_EL1, CORTEX_A57_CPUACTLR_EL1_NO_ALLOC_WBWA
@@ -187,11 +192,6 @@
sysreg_bit_set CORTEX_A57_ECTLR_EL1, CORTEX_A57_ECTLR_SMP_BIT
cpu_reset_func_end cortex_a57
-func check_smccc_arch_workaround_3
- mov x0, #ERRATA_APPLIES
- ret
-endfunc check_smccc_arch_workaround_3
-
/* ----------------------------------------------------
* The CPU Ops core power down function for Cortex-A57.
* ----------------------------------------------------
@@ -307,10 +307,7 @@
ret
endfunc cortex_a57_cpu_reg_dump
-declare_cpu_ops_wa cortex_a57, CORTEX_A57_MIDR, \
+declare_cpu_ops cortex_a57, CORTEX_A57_MIDR, \
cortex_a57_reset_func, \
- check_erratum_cortex_a57_5715, \
- CPU_NO_EXTRA2_FUNC, \
- check_smccc_arch_workaround_3, \
cortex_a57_core_pwr_dwn, \
cortex_a57_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S
index 23f7850..54bb453 100644
--- a/lib/cpus/aarch64/cortex_a710.S
+++ b/lib/cpus/aarch64/cortex_a710.S
@@ -87,13 +87,6 @@
check_erratum_range cortex_a710, ERRATUM(2055002), CPU_REV(1, 0), CPU_REV(2, 0)
-workaround_reset_start cortex_a710, ERRATUM(2058056), ERRATA_A710_2058056
- sysreg_bitfield_insert CORTEX_A710_CPUECTLR2_EL1, CORTEX_A710_CPUECTLR2_EL1_PF_MODE_CNSRV, \
- CPUECTLR2_EL1_PF_MODE_LSB, CPUECTLR2_EL1_PF_MODE_WIDTH
-workaround_reset_end cortex_a710, ERRATUM(2058056)
-
-check_erratum_ls cortex_a710, ERRATUM(2058056), CPU_REV(2, 1)
-
workaround_reset_start cortex_a710, ERRATUM(2081180), ERRATA_A710_2081180
ldr x0,=0x3
msr S3_6_c15_c8_0,x0
diff --git a/lib/cpus/aarch64/cortex_a72.S b/lib/cpus/aarch64/cortex_a72.S
index fee28ee..23b27ab 100644
--- a/lib/cpus/aarch64/cortex_a72.S
+++ b/lib/cpus/aarch64/cortex_a72.S
@@ -76,14 +76,17 @@
ret
endfunc cortex_a72_disable_ext_debug
-func check_smccc_arch_workaround_3
+check_erratum_custom_start cortex_a72, ERRATUM(ARCH_WORKAROUND_3)
cpu_check_csv2 x0, 1f
mov x0, #ERRATA_APPLIES
ret
1:
mov x0, #ERRATA_NOT_APPLIES
ret
-endfunc check_smccc_arch_workaround_3
+check_erratum_custom_end cortex_a72, ERRATUM(ARCH_WORKAROUND_3)
+
+/* Erratum entry and check function for SMCCC_ARCH_WORKAROUND_3 */
+add_erratum_entry cortex_a72, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
workaround_reset_start cortex_a72, ERRATUM(859971), ERRATA_A72_859971
sysreg_bit_set CORTEX_A72_CPUACTLR_EL1, CORTEX_A72_CPUACTLR_EL1_DIS_INSTR_PREFETCH
@@ -294,10 +297,7 @@
ret
endfunc cortex_a72_cpu_reg_dump
-declare_cpu_ops_wa cortex_a72, CORTEX_A72_MIDR, \
+declare_cpu_ops cortex_a72, CORTEX_A72_MIDR, \
cortex_a72_reset_func, \
- check_erratum_cortex_a72_5715, \
- CPU_NO_EXTRA2_FUNC, \
- check_smccc_arch_workaround_3, \
cortex_a72_core_pwr_dwn, \
cortex_a72_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a73.S b/lib/cpus/aarch64/cortex_a73.S
index d1fc6d4..9cc6fdb 100644
--- a/lib/cpus/aarch64/cortex_a73.S
+++ b/lib/cpus/aarch64/cortex_a73.S
@@ -33,10 +33,10 @@
ret
endfunc cortex_a73_disable_smp
-func check_smccc_arch_workaround_3
- mov x0, #ERRATA_APPLIES
- ret
-endfunc check_smccc_arch_workaround_3
+/* Erratum entry and check function for SMCCC_ARCH_WORKAROUND_3 */
+add_erratum_entry cortex_a73, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
+
+check_erratum_chosen cortex_a73, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
workaround_reset_start cortex_a73, ERRATUM(852427), ERRATA_A73_852427
sysreg_bit_set CORTEX_A73_DIAGNOSTIC_REGISTER, BIT(12)
@@ -200,10 +200,7 @@
ret
endfunc cortex_a73_cpu_reg_dump
-declare_cpu_ops_wa cortex_a73, CORTEX_A73_MIDR, \
+declare_cpu_ops cortex_a73, CORTEX_A73_MIDR, \
cortex_a73_reset_func, \
- check_erratum_cortex_a73_5715, \
- CPU_NO_EXTRA2_FUNC, \
- check_smccc_arch_workaround_3, \
cortex_a73_core_pwr_dwn, \
cortex_a73_cluster_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a75.S b/lib/cpus/aarch64/cortex_a75.S
index 13599ca..ef9c067 100644
--- a/lib/cpus/aarch64/cortex_a75.S
+++ b/lib/cpus/aarch64/cortex_a75.S
@@ -20,6 +20,11 @@
cpu_reset_prologue cortex_a75
+/* Erratum entry and check function for SMCCC_ARCH_WORKAROUND_3 */
+add_erratum_entry cortex_a75, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
+
+check_erratum_chosen cortex_a75, ERRATUM(ARCH_WORKAROUND_3), WORKAROUND_CVE_2022_23960
+
workaround_reset_start cortex_a75, ERRATUM(764081), ERRATA_A75_764081
sysreg_bit_set sctlr_el3, SCTLR_IESB_BIT
workaround_reset_end cortex_a75, ERRATUM(764081)
@@ -131,11 +136,6 @@
#endif
cpu_reset_func_end cortex_a75
-func check_smccc_arch_workaround_3
- mov x0, #ERRATA_APPLIES
- ret
-endfunc check_smccc_arch_workaround_3
-
/* ---------------------------------------------
* HW will do the cache maintenance while powering down
* ---------------------------------------------
@@ -170,9 +170,6 @@
ret
endfunc cortex_a75_cpu_reg_dump
-declare_cpu_ops_wa cortex_a75, CORTEX_A75_MIDR, \
+declare_cpu_ops cortex_a75, CORTEX_A75_MIDR, \
cortex_a75_reset_func, \
- check_erratum_cortex_a75_5715, \
- CPU_NO_EXTRA2_FUNC, \
- check_smccc_arch_workaround_3, \
cortex_a75_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a76.S b/lib/cpus/aarch64/cortex_a76.S
index 822ef05..ca5ccf7 100644
--- a/lib/cpus/aarch64/cortex_a76.S
+++ b/lib/cpus/aarch64/cortex_a76.S
@@ -301,6 +301,29 @@
endfunc apply_cve_2018_3639_sync_wa
#endif /* DYNAMIC_WORKAROUND_CVE_2018_3639 */
+/* Erratum entry and check function for SMCCC_ARCH_WORKAROUND_2*/
+add_erratum_entry cortex_a76, ERRATUM(ARCH_WORKAROUND_2), WORKAROUND_CVE_2018_3639
+
+check_erratum_chosen cortex_a76, ERRATUM(ARCH_WORKAROUND_2), WORKAROUND_CVE_2018_3639
+
+workaround_reset_start cortex_a76, ERRATUM(798953), ERRATA_DSU_798953
+ errata_dsu_798953_wa_impl
+workaround_reset_end cortex_a76, ERRATUM(798953)
+
+check_erratum_custom_start cortex_a76, ERRATUM(798953)
+ check_errata_dsu_798953_impl
+ ret
+check_erratum_custom_end cortex_a76, ERRATUM(798953)
+
+workaround_reset_start cortex_a76, ERRATUM(936184), ERRATA_DSU_936184
+ errata_dsu_936184_wa_impl
+workaround_reset_end cortex_a76, ERRATUM(936184)
+
+check_erratum_custom_start cortex_a76, ERRATUM(936184)
+ check_errata_dsu_936184_impl
+ ret
+check_erratum_custom_end cortex_a76, ERRATUM(936184)
+
workaround_reset_start cortex_a76, ERRATUM(1073348), ERRATA_A76_1073348
sysreg_bit_set CORTEX_A76_CPUACTLR_EL1 ,CORTEX_A76_CPUACTLR_EL1_DISABLE_STATIC_PREDICTION
workaround_reset_end cortex_a76, ERRATUM(1073348)
@@ -314,6 +337,24 @@
check_erratum_ls cortex_a76, ERRATUM(1130799), CPU_REV(2, 0)
+/* --------------------------------------------------------------
+ * Errata Workaround for Cortex A76 Errata #1165522.
+ * This applies only to revisions <= r3p0 of Cortex A76.
+ * Due to the nature of the errata it is applied unconditionally
+ * when built in, report it as applicable in this case
+ * --------------------------------------------------------------
+ */
+check_erratum_custom_start cortex_a76, ERRATUM(1165522)
+#if ERRATA_A76_1165522
+ mov x0, #ERRATA_APPLIES
+#else
+ cpu_rev_var_ls CPU_REV(3, 0)
+#endif
+ ret
+check_erratum_custom_end cortex_a76, ERRATUM(1165522)
+
+add_erratum_entry cortex_a76, ERRATUM(1165522), ERRATA_A76_1165522
+
workaround_reset_start cortex_a76, ERRATUM(1220197), ERRATA_A76_1220197
sysreg_bit_set CORTEX_A76_CPUECTLR_EL1, CORTEX_A76_CPUECTLR_EL1_WS_THR_L2
workaround_reset_end cortex_a76, ERRATUM(1220197)
@@ -353,6 +394,8 @@
ret
check_erratum_custom_end cortex_a76, ERRATUM(1286807)
+add_erratum_entry cortex_a76, ERRATUM(1286807), ERRATA_A76_1286807
+
workaround_reset_start cortex_a76, ERRATUM(1791580), ERRATA_A76_1791580
sysreg_bit_set CORTEX_A76_CPUACTLR2_EL1, CORTEX_A76_CPUACTLR2_EL1_BIT_2
workaround_reset_end cortex_a76, ERRATUM(1791580)
@@ -411,45 +454,11 @@
ret
endfunc cortex_a76_disable_wa_cve_2018_3639
-/* --------------------------------------------------------------
- * Errata Workaround for Cortex A76 Errata #1165522.
- * This applies only to revisions <= r3p0 of Cortex A76.
- * Due to the nature of the errata it is applied unconditionally
- * when built in, report it as applicable in this case
- * --------------------------------------------------------------
- */
-check_erratum_custom_start cortex_a76, ERRATUM(1165522)
-#if ERRATA_A76_1165522
- mov x0, #ERRATA_APPLIES
-#else
- cpu_rev_var_ls CPU_REV(3, 0)
-#endif
- ret
-check_erratum_custom_end cortex_a76, ERRATUM(1165522)
-
check_erratum_chosen cortex_a76, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
/* erratum has no workaround in the cpu. Generic code must take care */
add_erratum_entry cortex_a76, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
-workaround_reset_start cortex_a76, ERRATUM(798953), ERRATA_DSU_798953
- errata_dsu_798953_wa_impl
-workaround_reset_end cortex_a76, ERRATUM(798953)
-
-check_erratum_custom_start cortex_a76, ERRATUM(798953)
- check_errata_dsu_798953_impl
- ret
-check_erratum_custom_end cortex_a76, ERRATUM(798953)
-
-workaround_reset_start cortex_a76, ERRATUM(936184), ERRATA_DSU_936184
- errata_dsu_936184_wa_impl
-workaround_reset_end cortex_a76, ERRATUM(936184)
-
-check_erratum_custom_start cortex_a76, ERRATUM(936184)
- check_errata_dsu_936184_impl
- ret
-check_erratum_custom_end cortex_a76, ERRATUM(936184)
-
cpu_reset_func_start cortex_a76
#if WORKAROUND_CVE_2018_3639
@@ -531,9 +540,6 @@
ret
endfunc cortex_a76_cpu_reg_dump
-declare_cpu_ops_wa cortex_a76, CORTEX_A76_MIDR, \
+declare_cpu_ops cortex_a76, CORTEX_A76_MIDR, \
cortex_a76_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- cortex_a76_disable_wa_cve_2018_3639, \
- CPU_NO_EXTRA3_FUNC, \
cortex_a76_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_a78.S b/lib/cpus/aarch64/cortex_a78.S
index 36b0a04..b166823 100644
--- a/lib/cpus/aarch64/cortex_a78.S
+++ b/lib/cpus/aarch64/cortex_a78.S
@@ -99,16 +99,6 @@
check_erratum_ls cortex_a78, ERRATUM(1952683), CPU_REV(0, 0)
-workaround_reset_start cortex_a78, ERRATUM(2132060), ERRATA_A78_2132060
- /* Apply the workaround. */
- mrs x1, CORTEX_A78_CPUECTLR_EL1
- mov x0, #CORTEX_A78_CPUECTLR_EL1_PF_MODE_CNSRV
- bfi x1, x0, #CPUECTLR_EL1_PF_MODE_LSB, #CPUECTLR_EL1_PF_MODE_WIDTH
- msr CORTEX_A78_CPUECTLR_EL1, x1
-workaround_reset_end cortex_a78, ERRATUM(2132060)
-
-check_erratum_ls cortex_a78, ERRATUM(2132060), CPU_REV(1, 2)
-
workaround_reset_start cortex_a78, ERRATUM(2242635), ERRATA_A78_2242635
ldr x0, =0x5
msr S3_6_c15_c8_0, x0 /* CPUPSELR_EL3 */
diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S
index 8f2dea8..19d988e 100644
--- a/lib/cpus/aarch64/cortex_a78c.S
+++ b/lib/cpus/aarch64/cortex_a78c.S
@@ -37,18 +37,6 @@
check_erratum_ls cortex_a78c, ERRATUM(1827440), CPU_REV(0, 0)
-workaround_reset_start cortex_a78c, ERRATUM(2132064), ERRATA_A78C_2132064
- /* --------------------------------------------------------
- * Place the data prefetcher in the most conservative mode
- * to reduce prefetches by writing the following bits to
- * the value indicated: ecltr[7:6], PF_MODE = 2'b11
- * --------------------------------------------------------
- */
- sysreg_bit_set CORTEX_A78C_CPUECTLR_EL1, (CORTEX_A78C_CPUECTLR_EL1_BIT_6 | CORTEX_A78C_CPUECTLR_EL1_BIT_7)
-workaround_reset_end cortex_a78c, ERRATUM(2132064)
-
-check_erratum_range cortex_a78c, ERRATUM(2132064), CPU_REV(0, 1), CPU_REV(0, 2)
-
workaround_reset_start cortex_a78c, ERRATUM(2242638), ERRATA_A78C_2242638
ldr x0, =0x5
msr CORTEX_A78C_IMP_CPUPSELR_EL3, x0
diff --git a/lib/cpus/aarch64/cortex_x2.S b/lib/cpus/aarch64/cortex_x2.S
index ccdd3b8..910a6a9 100644
--- a/lib/cpus/aarch64/cortex_x2.S
+++ b/lib/cpus/aarch64/cortex_x2.S
@@ -50,13 +50,6 @@
check_erratum_ls cortex_x2, ERRATUM(2017096), CPU_REV(2, 0)
-workaround_reset_start cortex_x2, ERRATUM(2058056), ERRATA_X2_2058056
- sysreg_bitfield_insert CORTEX_X2_CPUECTLR2_EL1, CORTEX_X2_CPUECTLR2_EL1_PF_MODE_CNSRV, \
- CORTEX_X2_CPUECTLR2_EL1_PF_MODE_SHIFT, CORTEX_X2_CPUECTLR2_EL1_PF_MODE_WIDTH
-workaround_reset_end cortex_x2, ERRATUM(2058056)
-
-check_erratum_ls cortex_x2, ERRATUM(2058056), CPU_REV(2, 1)
-
workaround_reset_start cortex_x2, ERRATUM(2081180), ERRATA_X2_2081180
/* Apply instruction patching sequence */
ldr x0, =0x3
diff --git a/lib/cpus/aarch64/cortex_x3.S b/lib/cpus/aarch64/cortex_x3.S
index 628642b..158ee0e 100644
--- a/lib/cpus/aarch64/cortex_x3.S
+++ b/lib/cpus/aarch64/cortex_x3.S
@@ -30,13 +30,6 @@
cpu_reset_prologue cortex_x3
-workaround_reset_start cortex_x3, ERRATUM(2070301), ERRATA_X3_2070301
- sysreg_bitfield_insert CORTEX_X3_CPUECTLR2_EL1, CORTEX_X3_CPUECTLR2_EL1_PF_MODE_CNSRV, \
- CORTEX_X3_CPUECTLR2_EL1_PF_MODE_LSB, CORTEX_X3_CPUECTLR2_EL1_PF_MODE_WIDTH
-workaround_reset_end cortex_x3, ERRATUM(2070301)
-
-check_erratum_ls cortex_x3, ERRATUM(2070301), CPU_REV(1, 2)
-
workaround_reset_start cortex_x3, ERRATUM(2266875), ERRATA_X3_2266875
sysreg_bit_set CORTEX_X3_CPUACTLR_EL1, BIT(22)
workaround_reset_end cortex_x3, ERRATUM(2266875)
@@ -174,10 +167,6 @@
ret
endfunc cortex_x3_cpu_reg_dump
-declare_cpu_ops_wa_4 cortex_x3, CORTEX_X3_MIDR, \
+declare_cpu_ops cortex_x3, CORTEX_X3_MIDR, \
cortex_x3_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
- check_erratum_cortex_x3_7881, \
cortex_x3_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_x4.S b/lib/cpus/aarch64/cortex_x4.S
index fbbe925..1d0c377 100644
--- a/lib/cpus/aarch64/cortex_x4.S
+++ b/lib/cpus/aarch64/cortex_x4.S
@@ -169,10 +169,6 @@
ret
endfunc cortex_x4_cpu_reg_dump
-declare_cpu_ops_wa_4 cortex_x4, CORTEX_X4_MIDR, \
+declare_cpu_ops cortex_x4, CORTEX_X4_MIDR, \
cortex_x4_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
- check_erratum_cortex_x4_7881, \
cortex_x4_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cortex_x925.S b/lib/cpus/aarch64/cortex_x925.S
index 093d91d..0663b21 100644
--- a/lib/cpus/aarch64/cortex_x925.S
+++ b/lib/cpus/aarch64/cortex_x925.S
@@ -99,10 +99,6 @@
ret
endfunc cortex_x925_cpu_reg_dump
-declare_cpu_ops_wa_4 cortex_x925, CORTEX_X925_MIDR, \
+declare_cpu_ops cortex_x925, CORTEX_X925_MIDR, \
cortex_x925_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
- check_erratum_cortex_x925_7881, \
cortex_x925_core_pwr_dwn
diff --git a/lib/cpus/aarch64/cpu_helpers.S b/lib/cpus/aarch64/cpu_helpers.S
index e608422..105da5c 100644
--- a/lib/cpus/aarch64/cpu_helpers.S
+++ b/lib/cpus/aarch64/cpu_helpers.S
@@ -188,143 +188,3 @@
get_rev_var x0, x1
ret
endfunc cpu_get_rev_var
-
-/*
- * int check_wa_cve_2017_5715(void);
- *
- * This function returns:
- * - ERRATA_APPLIES when firmware mitigation is required.
- * - ERRATA_NOT_APPLIES when firmware mitigation is _not_ required.
- * - ERRATA_MISSING when firmware mitigation would be required but
- * is not compiled in.
- *
- * NOTE: Must be called only after cpu_ops have been initialized
- * in per-CPU data.
- */
- .globl check_wa_cve_2017_5715
-func check_wa_cve_2017_5715
- mrs x0, tpidr_el3
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_EXTRA1_FUNC]
- /*
- * If the reserved function pointer is NULL, this CPU
- * is unaffected by CVE-2017-5715 so bail out.
- */
- cmp x0, #CPU_NO_EXTRA1_FUNC
- beq 1f
- br x0
-1:
- mov x0, #ERRATA_NOT_APPLIES
- ret
-endfunc check_wa_cve_2017_5715
-
-/*
- * int check_wa_cve_2024_7881(void);
- *
- * This function returns:
- * - ERRATA_APPLIES when firmware mitigation is required.
- * - ERRATA_NOT_APPLIES when firmware mitigation is _not_ required.
- * - ERRATA_MISSING when firmware mitigation would be required but
- * is not compiled in.
- *
- * NOTE: Must be called only after cpu_ops have been initialized
- * in per-CPU data.
- */
-.globl check_wa_cve_2024_7881
-func check_wa_cve_2024_7881
- mrs x0, tpidr_el3
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_EXTRA4_FUNC]
- /*
- * If the reserved function pointer is NULL, this CPU
- * is unaffected by CVE-2024-7881 so bail out.
- */
- cmp x0, #CPU_NO_EXTRA4_FUNC
- beq 1f
- br x0
-1:
- mov x0, #ERRATA_NOT_APPLIES
- ret
-endfunc check_wa_cve_2024_7881
-
-/*
- * void *wa_cve_2018_3639_get_disable_ptr(void);
- *
- * Returns a function pointer which is used to disable mitigation
- * for CVE-2018-3639.
- * The function pointer is only returned on cores that employ
- * dynamic mitigation. If the core uses static mitigation or is
- * unaffected by CVE-2018-3639 this function returns NULL.
- *
- * NOTE: Must be called only after cpu_ops have been initialized
- * in per-CPU data.
- */
- .globl wa_cve_2018_3639_get_disable_ptr
-func wa_cve_2018_3639_get_disable_ptr
- mrs x0, tpidr_el3
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_EXTRA2_FUNC]
- ret
-endfunc wa_cve_2018_3639_get_disable_ptr
-
-/*
- * int check_smccc_arch_wa3_applies(void);
- *
- * This function checks whether SMCCC_ARCH_WORKAROUND_3 is enabled to mitigate
- * CVE-2022-23960 for this CPU. It returns:
- * - ERRATA_APPLIES when SMCCC_ARCH_WORKAROUND_3 can be invoked to mitigate
- * the CVE.
- * - ERRATA_NOT_APPLIES when SMCCC_ARCH_WORKAROUND_3 should not be invoked to
- * mitigate the CVE.
- *
- * NOTE: Must be called only after cpu_ops have been initialized
- * in per-CPU data.
- */
- .globl check_smccc_arch_wa3_applies
-func check_smccc_arch_wa3_applies
- mrs x0, tpidr_el3
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x0, #CPU_EXTRA3_FUNC]
- /*
- * If the reserved function pointer is NULL, this CPU
- * is unaffected by CVE-2022-23960 so bail out.
- */
- cmp x0, #CPU_NO_EXTRA3_FUNC
- beq 1f
- br x0
-1:
- mov x0, #ERRATA_NOT_APPLIES
- ret
-endfunc check_smccc_arch_wa3_applies
diff --git a/lib/cpus/aarch64/denver.S b/lib/cpus/aarch64/denver.S
index 64158e7..22cd3ba 100644
--- a/lib/cpus/aarch64/denver.S
+++ b/lib/cpus/aarch64/denver.S
@@ -319,11 +319,8 @@
/* macro to declare cpu_ops for Denver SKUs */
.macro denver_cpu_ops_wa midr
- declare_cpu_ops_wa denver, \midr, \
+ declare_cpu_ops denver, \midr, \
denver_reset_func, \
- check_erratum_denver_5715, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
denver_core_pwr_dwn, \
denver_cluster_pwr_dwn
.endm
diff --git a/lib/cpus/aarch64/neoverse_n2.S b/lib/cpus/aarch64/neoverse_n2.S
index 4f1d53d..7d9d7f1 100644
--- a/lib/cpus/aarch64/neoverse_n2.S
+++ b/lib/cpus/aarch64/neoverse_n2.S
@@ -79,16 +79,6 @@
check_erratum_ls neoverse_n2, ERRATUM(2067956), CPU_REV(0, 0)
-workaround_reset_start neoverse_n2, ERRATUM(2138953), ERRATA_N2_2138953
- /* Apply instruction patching sequence */
- mrs x1, NEOVERSE_N2_CPUECTLR2_EL1
- mov x0, #NEOVERSE_N2_CPUECTLR2_EL1_PF_MODE_CNSRV
- bfi x1, x0, #CPUECTLR2_EL1_PF_MODE_LSB, #CPUECTLR2_EL1_PF_MODE_WIDTH
- msr NEOVERSE_N2_CPUECTLR2_EL1, x1
-workaround_reset_end neoverse_n2, ERRATUM(2138953)
-
-check_erratum_ls neoverse_n2, ERRATUM(2138953), CPU_REV(0, 3)
-
workaround_reset_start neoverse_n2, ERRATUM(2138956), ERRATA_N2_2138956
/* Apply instruction patching sequence */
ldr x0,=0x3
diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S
index a3b05e1..f975be0 100644
--- a/lib/cpus/aarch64/neoverse_v1.S
+++ b/lib/cpus/aarch64/neoverse_v1.S
@@ -156,15 +156,6 @@
check_erratum_range neoverse_v1, ERRATUM(1966096), CPU_REV(1, 0), CPU_REV(1, 1)
-workaround_reset_start neoverse_v1, ERRATUM(2108267), ERRATA_V1_2108267
- mrs x1, NEOVERSE_V1_CPUECTLR_EL1
- mov x0, #NEOVERSE_V1_CPUECTLR_EL1_PF_MODE_CNSRV
- bfi x1, x0, #CPUECTLR_EL1_PF_MODE_LSB, #CPUECTLR_EL1_PF_MODE_WIDTH
- msr NEOVERSE_V1_CPUECTLR_EL1, x1
-workaround_reset_end neoverse_v1, ERRATUM(2108267)
-
-check_erratum_ls neoverse_v1, ERRATUM(2108267), CPU_REV(1, 2)
-
workaround_reset_start neoverse_v1, ERRATUM(2139242), ERRATA_V1_2139242
mov x0, #0x3
msr S3_6_C15_C8_0, x0
diff --git a/lib/cpus/aarch64/neoverse_v2.S b/lib/cpus/aarch64/neoverse_v2.S
index a320d44..9526b80 100644
--- a/lib/cpus/aarch64/neoverse_v2.S
+++ b/lib/cpus/aarch64/neoverse_v2.S
@@ -24,13 +24,6 @@
cpu_reset_prologue neoverse_v2
-workaround_reset_start neoverse_v2, ERRATUM(2331132), ERRATA_V2_2331132
- sysreg_bitfield_insert NEOVERSE_V2_CPUECTLR2_EL1, NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_CNSRV, \
- NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_LSB, NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_WIDTH
-workaround_reset_end neoverse_v2, ERRATUM(2331132)
-
-check_erratum_ls neoverse_v2, ERRATUM(2331132), CPU_REV(0, 2)
-
workaround_reset_start neoverse_v2, ERRATUM(2618597), ERRATA_V2_2618597
/* Disable retention control for WFI and WFE. */
mrs x0, NEOVERSE_V2_CPUPWRCTLR_EL1
@@ -155,10 +148,6 @@
ret
endfunc neoverse_v2_cpu_reg_dump
-declare_cpu_ops_wa_4 neoverse_v2, NEOVERSE_V2_MIDR, \
+declare_cpu_ops neoverse_v2, NEOVERSE_V2_MIDR, \
neoverse_v2_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
- check_erratum_neoverse_v2_7881, \
neoverse_v2_core_pwr_dwn
diff --git a/lib/cpus/aarch64/neoverse_v3.S b/lib/cpus/aarch64/neoverse_v3.S
index 2ead062..ca108e7 100644
--- a/lib/cpus/aarch64/neoverse_v3.S
+++ b/lib/cpus/aarch64/neoverse_v3.S
@@ -124,10 +124,6 @@
neoverse_v3_reset_func, \
neoverse_v3_core_pwr_dwn
-declare_cpu_ops_wa_4 neoverse_v3, NEOVERSE_V3_MIDR, \
+declare_cpu_ops neoverse_v3, NEOVERSE_V3_MIDR, \
neoverse_v3_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- CPU_NO_EXTRA2_FUNC, \
- CPU_NO_EXTRA3_FUNC, \
- check_erratum_neoverse_v3_7881, \
neoverse_v3_core_pwr_dwn
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index 4cfa765..4b8de00 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -315,10 +315,6 @@
# to revision r0p0 of the A78 cpu and was fixed in the revision r1p0.
CPU_FLAG_LIST += ERRATA_A78_1952683
-# Flag to apply erratum 2132060 workaround during reset. This erratum applies
-# to revisions r0p0, r1p0, r1p1, and r1p2 of the A78 cpu. It is still open.
-CPU_FLAG_LIST += ERRATA_A78_2132060
-
# Flag to apply erratum 2242635 workaround during reset. This erratum applies
# to revisions r1p0, r1p1, and r1p2 of the A78 cpu and is open. The issue is
# present in r0p0 as well but there is no workaround for that revision.
@@ -380,10 +376,6 @@
# It is still open.
CPU_FLAG_LIST += ERRATA_A78_AE_2712574
-# Flag to apply erratum 2132064 workaround during reset. This erratum applies
-# to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
-CPU_FLAG_LIST += ERRATA_A78C_2132064
-
# Flag to apply erratum 2242638 workaround during reset. This erratum applies
# to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
CPU_FLAG_LIST += ERRATA_A78C_2242638
@@ -523,10 +515,6 @@
# to revisions r0p0, r1p0, and r1p1 of the Neoverse V1 cpu and is still open.
CPU_FLAG_LIST += ERRATA_V1_2139242
-# Flag to apply erratum 2108267 workaround during reset. This erratum applies
-# to revisions r0p0, r1p0, and r1p1 of the Neoverse V1 cpu and is still open.
-CPU_FLAG_LIST += ERRATA_V1_2108267
-
# Flag to apply erratum 2216392 workaround during reset. This erratum applies
# to revisions r1p0 and r1p1 of the Neoverse V1 cpu and is still open. This
# issue exists in r0p0 as well but there is no workaround for that revision.
@@ -585,11 +573,6 @@
# to revision r2p0 of the Cortex-A710 cpu and is still open.
CPU_FLAG_LIST += ERRATA_A710_2083908
-# Flag to apply erratum 2058056 workaround during reset. This erratum applies
-# to revisions r0p0, r1p0, r2p0 and r2p1 of the Cortex-A710 cpu and is still
-# open.
-CPU_FLAG_LIST += ERRATA_A710_2058056
-
# Flag to apply erratum 2055002 workaround during reset. This erratum applies
# to revision r1p0, r2p0 of the Cortex-A710 cpu and is still open.
CPU_FLAG_LIST += ERRATA_A710_2055002
@@ -680,10 +663,6 @@
# to revision r0p0 of the Neoverse N2 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_N2_2138956
-# Flag to apply erratum 2138953 workaround during reset. This erratum applies
-# to revision r0p0, r0p1, r0p2, r0p3 of the Neoverse N2 cpu and is still open.
-CPU_FLAG_LIST += ERRATA_N2_2138953
-
# Flag to apply erratum 2242415 workaround during reset. This erratum applies
# to revision r0p0 of the Neoverse N2 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_N2_2242415
@@ -751,10 +730,6 @@
# to revisions r0p0, r1p0, and r2p0 of the Cortex-X2 cpu and is still open.
CPU_FLAG_LIST += ERRATA_X2_2002765
-# Flag to apply erratum 2058056 workaround during reset. This erratum applies
-# to revisions r0p0, r1p0, r2p0 and r2p1 of the Cortex-X2 cpu and is still open.
-CPU_FLAG_LIST += ERRATA_X2_2058056
-
# Flag to apply erratum 2083908 workaround during reset. This erratum applies
# to revision r2p0 of the Cortex-X2 cpu and is still open.
CPU_FLAG_LIST += ERRATA_X2_2083908
@@ -810,11 +785,6 @@
# of the Cortex-X2 cpu and is still open.
CPU_FLAG_LIST += ERRATA_X2_3701772
-# Flag to apply erratum 2070301 workaround on reset. This erratum applies
-# to revisions r0p0, r1p0, r1p1 and r1p2 of the Cortex-X3 cpu and is
-# still open.
-CPU_FLAG_LIST += ERRATA_X3_2070301
-
# Flag to apply erratum 2266875 workaround during reset. This erratum applies
# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1.
CPU_FLAG_LIST += ERRATA_X3_2266875
@@ -983,10 +953,6 @@
# applies to revision r0p0 and r0p1 of the Cortex-A520 cpu and is fixed in r0p2.
CPU_FLAG_LIST += ERRATA_A520_2938996
-# Flag to apply erratum 2331132 workaround during reset. This erratum applies
-# to revisions r0p0, r0p1 and r0p2. It is still open.
-CPU_FLAG_LIST += ERRATA_V2_2331132
-
# Flag to apply erratum 2618597 workaround during reset. This erratum applies
# to revisions r0p0 and r0p1. It is fixed in r0p2.
CPU_FLAG_LIST += ERRATA_V2_2618597
diff --git a/lib/cpus/errata_common.c b/lib/cpus/errata_common.c
index 0530647..a1e6d60 100644
--- a/lib/cpus/errata_common.c
+++ b/lib/cpus/errata_common.c
@@ -6,6 +6,8 @@
/* Runtime C routines for errata workarounds and common routines */
+#include <assert.h>
+
#include <arch.h>
#include <arch_helpers.h>
#include <cortex_a75.h>
@@ -26,6 +28,31 @@
#include <neoverse_n3.h>
#include <neoverse_v3.h>
+struct erratum_entry *find_erratum_entry(uint32_t errata_id)
+{
+ struct cpu_ops *cpu_ops;
+ struct erratum_entry *entry, *end;
+
+ cpu_ops = get_cpu_ops_ptr();
+ assert(cpu_ops != NULL);
+
+ entry = cpu_ops->errata_list_start;
+ assert(entry != NULL);
+
+ end = cpu_ops->errata_list_end;
+ assert(end != NULL);
+
+ end--; /* point to the last erratum entry of the queried cpu */
+
+ while ((entry <= end)) {
+ if (entry->id == errata_id) {
+ return entry;
+ }
+ entry += 1;
+ }
+ return NULL;
+}
+
bool check_if_trbe_disable_affected_core(void)
{
switch (EXTRACT_PARTNUM(read_midr())) {
@@ -151,3 +178,21 @@
return false;
}
+
+int check_erratum_applies(uint32_t cve, int errata_id)
+{
+ struct erratum_entry *entry;
+ long rev_var;
+
+ rev_var = cpu_get_rev_var();
+
+ entry = find_erratum_entry(errata_id);
+
+ if (entry == NULL) {
+ return ERRATA_NOT_APPLIES;
+ }
+
+ assert(entry->cve == cve);
+
+ return entry->check_func(rev_var);
+}
diff --git a/lib/cpus/errata_report.c b/lib/cpus/errata_report.c
index 03d18ec..ab68467 100644
--- a/lib/cpus/errata_report.c
+++ b/lib/cpus/errata_report.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -63,9 +63,6 @@
#else /* !REPORT_ERRATA */
/*
* New errata status message printer
- * The order checking function is hidden behind the FEATURE_DETECTION flag to
- * save space. This functionality is only useful on development and platform
- * bringup builds, when FEATURE_DETECTION should be used anyway
*/
void generic_errata_report(void)
{
@@ -73,11 +70,6 @@
struct erratum_entry *entry = cpu_ops->errata_list_start;
struct erratum_entry *end = cpu_ops->errata_list_end;
long rev_var = cpu_get_rev_var();
-#if FEATURE_DETECTION
- uint32_t last_erratum_id = 0;
- uint16_t last_cve_yr = 0;
- bool check_cve = false;
-#endif /* FEATURE_DETECTION */
for (; entry != end; entry += 1) {
uint64_t status = entry->check_func(rev_var);
@@ -94,24 +86,6 @@
}
print_status(status, cpu_ops->cpu_str, entry->cve, entry->id);
-
-#if FEATURE_DETECTION
- if (entry->cve) {
- if (last_cve_yr > entry->cve ||
- (last_cve_yr == entry->cve && last_erratum_id >= entry->id)) {
- WARN("CVE %u_%u was out of order!\n",
- entry->cve, entry->id);
- }
- check_cve = true;
- last_cve_yr = entry->cve;
- } else {
- if (last_erratum_id >= entry->id || check_cve) {
- WARN("Erratum %u was out of order!\n",
- entry->id);
- }
- }
- last_erratum_id = entry->id;
-#endif /* FEATURE_DETECTION */
}
}
diff --git a/lib/el3_runtime/aarch32/context_mgmt.c b/lib/el3_runtime/aarch32/context_mgmt.c
index 132888c..00d9c01 100644
--- a/lib/el3_runtime/aarch32/context_mgmt.c
+++ b/lib/el3_runtime/aarch32/context_mgmt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -155,21 +155,6 @@
#endif /* IMAGE_BL32 */
}
-#if !IMAGE_BL1
-/*******************************************************************************
- * The following function initializes the cpu_context for a CPU specified by
- * its `cpu_idx` for first use, and sets the initial entrypoint state as
- * specified by the entry_point_info structure.
- ******************************************************************************/
-void cm_init_context_by_index(unsigned int cpu_idx,
- const entry_point_info_t *ep)
-{
- cpu_context_t *ctx;
- ctx = cm_get_context_by_index(cpu_idx, GET_SECURITY_STATE(ep->h.attr));
- cm_setup_context(ctx, ep);
-}
-#endif /* !IMAGE_BL1 */
-
/*******************************************************************************
* The following function initializes the cpu_context for the current CPU
* for first use, and sets the initial entrypoint state as specified by the
diff --git a/lib/el3_runtime/aarch64/context.S b/lib/el3_runtime/aarch64/context.S
index 1e6a42e..7929901 100644
--- a/lib/el3_runtime/aarch64/context.S
+++ b/lib/el3_runtime/aarch64/context.S
@@ -75,6 +75,9 @@
*/
#if CTX_INCLUDE_FPREGS
func fpregs_context_save
+.arch_extension fp
+ /* Temporarily enable floating point */
+
/* Save x0 and pass its original value to fpregs_state_save */
mov x1, x0
@@ -97,6 +100,7 @@
fpregs_state_save x1, x9
+.arch_extension nofp
ret
endfunc fpregs_context_save
@@ -115,6 +119,9 @@
* ------------------------------------------------------------------
*/
func fpregs_context_restore
+.arch_extension fp
+ /* Temporarily enable floating point */
+
/* Save x0 and pass its original value to fpregs_state_restore */
mov x1, x0
@@ -137,6 +144,7 @@
fpregs_state_restore x1, x9
+.arch_extension nofp
ret
endfunc fpregs_context_restore
#endif /* CTX_INCLUDE_FPREGS */
@@ -335,11 +343,11 @@
.endm /* restore_mpam3_el3 */
/* ------------------------------------------------------------------
- * The following macro is used to save and restore all the general
- * purpose and ARMv8.3-PAuth (if enabled) registers.
- * It also checks if the Secure Cycle Counter (PMCCNTR_EL0)
- * is disabled in EL3/Secure (ARMv8.5-PMU), wherein PMCCNTR_EL0
- * needs not to be saved/restored during world switch.
+ * The following macro is used to save all the general purpose
+ * registers and swap the FEAT_PAUTH keys with BL31's keys in
+ * cpu_data. It also checks if the Secure Cycle Counter (PMCCNTR_EL0)
+ * is disabled in EL3/Secure (ARMv8.5-PMU), wherein PMCCNTR_EL0 needs
+ * not to be saved/restored during world switch.
*
* Ideally we would only save and restore the callee saved registers
* when a world switch occurs but that type of implementation is more
@@ -371,6 +379,11 @@
mrs x9, pmcr_el0
str x9, [sp, #CTX_EL3STATE_OFFSET + CTX_PMCR_EL0]
#if CTX_INCLUDE_PAUTH_REGS
+#if CTX_INCLUDE_PAUTH_REGS == 2
+ /* Skip if not present in hardware */
+ is_feat_pauth_present_asm x9, x10
+ beq no_pauth_\@
+#endif
/* ----------------------------------------------------------
* Save the ARMv8.3-PAuth keys as they are not banked
* by exception level
@@ -394,6 +407,25 @@
stp x24, x25, [x19, #CTX_PACDAKEY_LO]
stp x26, x27, [x19, #CTX_PACDBKEY_LO]
stp x28, x29, [x19, #CTX_PACGAKEY_LO]
+#if ENABLE_PAUTH
+#if IMAGE_BL31
+ /* tpidr_el3 contains the address of the cpu_data structure */
+ mrs x9, tpidr_el3
+ /* Load APIAKey from cpu_data */
+ ldp x10, x11, [x9, #CPU_DATA_APIAKEY_OFFSET]
+#endif /* IMAGE_BL31 */
+
+#if IMAGE_BL1
+ /* BL1 does not use cpu_data and has dedicated storage */
+ adr_l x9, bl1_apiakey
+ ldp x10, x11, [x9]
+#endif /* IMAGE_BL1 */
+
+ /* Program instruction key A */
+ msr APIAKeyLo_EL1, x10
+ msr APIAKeyHi_EL1, x11
+no_pauth_\@:
+#endif /* ENABLE_PAUTH */
#endif /* CTX_INCLUDE_PAUTH_REGS */
.endm /* save_gp_pmcr_pauth_regs */
@@ -434,6 +466,11 @@
*/
func restore_gp_pmcr_pauth_regs
#if CTX_INCLUDE_PAUTH_REGS
+#if CTX_INCLUDE_PAUTH_REGS == 2
+ /* Skip if not present in hardware */
+ is_feat_pauth_present_asm x0, x1
+ beq no_pauth
+#endif
/* Restore the ARMv8.3 PAuth keys */
add x10, sp, #CTX_PAUTH_REGS_OFFSET
@@ -453,6 +490,7 @@
msr APDBKeyHi_EL1, x7
msr APGAKeyLo_EL1, x8
msr APGAKeyHi_EL1, x9
+no_pauth:
#endif /* CTX_INCLUDE_PAUTH_REGS */
/* PMUv3 is presumed to be always present */
diff --git a/lib/el3_runtime/aarch64/context_debug.c b/lib/el3_runtime/aarch64/context_debug.c
index b37bcb7..1addb45 100644
--- a/lib/el3_runtime/aarch64/context_debug.c
+++ b/lib/el3_runtime/aarch64/context_debug.c
@@ -1,11 +1,12 @@
/*
- * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <string.h>
+#include <arch_features.h>
#include <common/debug.h>
#include <context.h>
#include <lib/el3_runtime/context_mgmt.h>
@@ -65,11 +66,11 @@
#else
size_t el1_total = 0U;
#endif /* CTX_INCLUDE_EL2_REGS */
-
-#if CTX_INCLUDE_PAUTH_REGS
size_t pauth_total = 0U;
- PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
-#endif
+
+ if (is_ctx_pauth_supported()) {
+ PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
+ }
PRINT_MEM_USAGE_SEPARATOR();
@@ -80,9 +81,9 @@
printf("| EL1 ");
#endif /* CTX_INCLUDE_EL2_REGS */
-#if CTX_INCLUDE_PAUTH_REGS
- printf("| PAUTH ");
-#endif
+ if (is_ctx_pauth_supported()) {
+ printf("| PAUTH ");
+ }
printf("| Other | Total |\n");
@@ -97,10 +98,9 @@
size_t el1_size = 0U;
#endif /* CTX_INCLUDE_EL2_REGS */
-#if CTX_INCLUDE_PAUTH_REGS
- size_t pauth_size = 0U;
- PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
-#endif
+ if (is_ctx_pauth_supported()) {
+ PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
+ }
PRINT_MEM_USAGE_SEPARATOR();
@@ -125,10 +125,12 @@
#endif /* CTX_INCLUDE_EL2_REGS */
#if CTX_INCLUDE_PAUTH_REGS
- pauth_size = sizeof(ctx->pauth_ctx);
- size_other -= pauth_size;
- pauth_total += pauth_size;
- printf("| %8luB ", pauth_size);
+ if (is_ctx_pauth_supported()) {
+ size_t pauth_size = sizeof(ctx->pauth_ctx);
+ size_other -= pauth_size;
+ pauth_total += pauth_size;
+ printf("| %8luB ", pauth_size);
+ }
#endif
printf("| %8luB | %8luB |\n", size_other, core_total);
@@ -138,15 +140,15 @@
total += core_total;
}
-#if CTX_INCLUDE_PAUTH_REGS
- PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
-#endif
+ if (is_ctx_pauth_supported()) {
+ PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
+ }
PRINT_MEM_USAGE_SEPARATOR();
-#if CTX_INCLUDE_PAUTH_REGS
- PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
-#endif
+ if (is_ctx_pauth_supported()) {
+ PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
+ }
PRINT_MEM_USAGE_SEPARATOR();
@@ -158,15 +160,15 @@
printf("| %8luB ", el1_total);
#endif /* CTX_INCLUDE_EL2_REGS */
-#if CTX_INCLUDE_PAUTH_REGS
- printf("| %8luB ", pauth_total);
-#endif
+ if (is_ctx_pauth_supported()) {
+ printf("| %8luB ", pauth_total);
+ }
printf("| %8luB | %8luB |\n", other_total, total);
-#if CTX_INCLUDE_PAUTH_REGS
- PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
-#endif
+ if (is_ctx_pauth_supported()) {
+ PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
+ }
PRINT_MEM_USAGE_SEPARATOR();
printf("\n");
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index f4fec42..d04e02f 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -30,6 +30,7 @@
#include <lib/extensions/fgt2.h>
#include <lib/extensions/fpmr.h>
#include <lib/extensions/mpam.h>
+#include <lib/extensions/pauth.h>
#include <lib/extensions/pmuv3.h>
#include <lib/extensions/sme.h>
#include <lib/extensions/spe.h>
@@ -227,17 +228,15 @@
scr_el3 |= SCR_ATA_BIT;
}
-#if !CTX_INCLUDE_PAUTH_REGS
/*
- * Pointer Authentication feature, if present, is always enabled by default
- * for Non secure lower exception levels. We do not have an explicit
- * flag to set it.
+ * Pointer Authentication feature, if present, is always enabled by
+ * default for Non secure lower exception levels. We do not have an
+ * explicit flag to set it. To prevent the leakage between the worlds
+ * during world switch, we enable it only for the non-secure world.
+ *
* CTX_INCLUDE_PAUTH_REGS flag, is explicitly used to enable for lower
* exception levels of secure and realm worlds.
*
- * To prevent the leakage between the worlds during world switch,
- * we enable it only for the non-secure world.
- *
* If the Secure/realm world wants to use pointer authentication,
* CTX_INCLUDE_PAUTH_REGS must be explicitly set to 1, in which case
* it will be enabled globally for all the contexts.
@@ -248,10 +247,9 @@
* SCR_EL3.APK: Set to one to not trap any PAuth key values at ELs other
* than EL3
*/
- if (is_armv8_3_pauth_present()) {
+ if (!is_ctx_pauth_supported()) {
scr_el3 |= SCR_API_BIT | SCR_APK_BIT;
}
-#endif /* CTX_INCLUDE_PAUTH_REGS */
#if HANDLE_EA_EL3_FIRST_NS
/* SCR_EL3.EA: Route External Abort and SError Interrupt to EL3. */
@@ -468,7 +466,6 @@
scr_el3 |= SCR_FIEN_BIT;
#endif
-#if CTX_INCLUDE_PAUTH_REGS
/*
* Enable Pointer Authentication globally for all the worlds.
*
@@ -478,17 +475,9 @@
* SCR_EL3.APK: Set to one to not trap any PAuth key values at ELs other
* than EL3
*/
- if (is_armv8_3_pauth_present()) {
+ if (is_ctx_pauth_supported()) {
scr_el3 |= SCR_API_BIT | SCR_APK_BIT;
}
-#endif /* CTX_INCLUDE_PAUTH_REGS */
-
- /*
- * SCR_EL3.TCR2EN: Enable access to TCR2_ELx for AArch64 if present.
- */
- if (is_feat_tcr2_supported() && (GET_RW(ep->spsr) == MODE_RW_64)) {
- scr_el3 |= SCR_TCR2EN_BIT;
- }
/*
* SCR_EL3.PIEN: Enable permission indirection and overlay
@@ -591,6 +580,10 @@
trf_enable(ctx);
}
+ if (is_feat_tcr2_supported()) {
+ tcr2_enable(ctx);
+ }
+
pmuv3_enable(ctx);
#endif /* IMAGE_BL31 */
@@ -839,8 +832,10 @@
spe_enable(ctx);
}
- if (is_feat_trbe_supported()) {
- trbe_enable(ctx);
+ if (!check_if_trbe_disable_affected_core()) {
+ if (is_feat_trbe_supported()) {
+ trbe_enable(ctx);
+ }
}
if (is_feat_brbe_supported()) {
@@ -849,20 +844,6 @@
#endif /* IMAGE_BL31 */
}
-/* TODO: move to lib/extensions/pauth when it has been ported to FEAT_STATE */
-static __unused void enable_pauth_el2(void)
-{
- u_register_t hcr_el2 = read_hcr_el2();
- /*
- * For Armv8.3 pointer authentication feature, disable traps to EL2 when
- * accessing key registers or using pointer authentication instructions
- * from lower ELs.
- */
- hcr_el2 |= (HCR_API_BIT | HCR_APK_BIT);
-
- write_hcr_el2(hcr_el2);
-}
-
#if INIT_UNUSED_NS_EL2
/*******************************************************************************
* Enable architecture extensions in-place at EL2 on first entry to Non-secure
@@ -909,9 +890,9 @@
write_hcrx_el2(read_hcrx_el2() | HCRX_EL2_MSCEn_BIT);
}
-#if ENABLE_PAUTH
- enable_pauth_el2();
-#endif /* ENABLE_PAUTH */
+ if (is_feat_pauth_supported()) {
+ pauth_enable_el2();
+ }
#endif /* IMAGE_BL31 */
}
#endif /* INIT_UNUSED_NS_EL2 */
@@ -955,21 +936,6 @@
#endif /* IMAGE_BL31 */
}
-#if !IMAGE_BL1
-/*******************************************************************************
- * The following function initializes the cpu_context for a CPU specified by
- * its `cpu_idx` for first use, and sets the initial entrypoint state as
- * specified by the entry_point_info structure.
- ******************************************************************************/
-void cm_init_context_by_index(unsigned int cpu_idx,
- const entry_point_info_t *ep)
-{
- cpu_context_t *ctx;
- ctx = cm_get_context_by_index(cpu_idx, GET_SECURITY_STATE(ep->h.attr));
- cm_setup_context(ctx, ep);
-}
-#endif /* !IMAGE_BL1 */
-
/*******************************************************************************
* The following function initializes the cpu_context for the current CPU
* for first use, and sets the initial entrypoint state as specified by the
@@ -1647,52 +1613,6 @@
}
#endif /* (CTX_INCLUDE_EL2_REGS && IMAGE_BL31) */
-#if IMAGE_BL31
-/*********************************************************************************
-* This function allows Architecture features asymmetry among cores.
-* TF-A assumes that all the cores in the platform has architecture feature parity
-* and hence the context is setup on different core (e.g. primary sets up the
-* context for secondary cores).This assumption may not be true for systems where
-* cores are not conforming to same Arch version or there is CPU Erratum which
-* requires certain feature to be be disabled only on a given core.
-*
-* This function is called on secondary cores to override any disparity in context
-* setup by primary, this would be called during warmboot path.
-*********************************************************************************/
-void cm_handle_asymmetric_features(void)
-{
- cpu_context_t *ctx __maybe_unused = cm_get_context(NON_SECURE);
-
- assert(ctx != NULL);
-
-#if ENABLE_SPE_FOR_NS == FEAT_STATE_CHECK_ASYMMETRIC
- if (is_feat_spe_supported()) {
- spe_enable(ctx);
- } else {
- spe_disable(ctx);
- }
-#endif
-
- if (check_if_trbe_disable_affected_core()) {
- if (is_feat_trbe_supported()) {
- trbe_disable(ctx);
- }
- }
-
-#if ENABLE_FEAT_TCR2 == FEAT_STATE_CHECK_ASYMMETRIC
- el3_state_t *el3_state = get_el3state_ctx(ctx);
- u_register_t spsr = read_ctx_reg(el3_state, CTX_SPSR_EL3);
-
- if (is_feat_tcr2_supported() && (GET_RW(spsr) == MODE_RW_64)) {
- tcr2_enable(ctx);
- } else {
- tcr2_disable(ctx);
- }
-#endif
-
-}
-#endif
-
/*******************************************************************************
* This function is used to exit to Non-secure world. If CTX_INCLUDE_EL2_REGS
* is enabled, it restores EL1 and EL2 sysreg contexts instead of directly
@@ -1701,18 +1621,6 @@
******************************************************************************/
void cm_prepare_el3_exit_ns(void)
{
-#if IMAGE_BL31
- /*
- * Check and handle Architecture feature asymmetry among cores.
- *
- * In warmboot path secondary cores context is initialized on core which
- * did CPU_ON SMC call, if there is feature asymmetry in these cores handle
- * it in this function call.
- * For Symmetric cores this is an empty function.
- */
- cm_handle_asymmetric_features();
-#endif
-
#if (CTX_INCLUDE_EL2_REGS && IMAGE_BL31)
#if ENABLE_ASSERTIONS
cpu_context_t *ctx = cm_get_context(NON_SECURE);
@@ -2071,8 +1979,8 @@
******************************************************************************/
u_register_t cm_get_scr_el3(uint32_t security_state)
{
- cpu_context_t *ctx;
- el3_state_t *state;
+ const cpu_context_t *ctx;
+ const el3_state_t *state;
ctx = cm_get_context(security_state);
assert(ctx != NULL);
diff --git a/lib/extensions/pauth/pauth.c b/lib/extensions/pauth/pauth.c
new file mode 100644
index 0000000..fbbcaa2
--- /dev/null
+++ b/lib/extensions/pauth/pauth.c
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <arch.h>
+#include <arch_features.h>
+#include <arch_helpers.h>
+#include <lib/el3_runtime/cpu_data.h>
+#include <lib/extensions/pauth.h>
+
+extern uint64_t bl1_apiakey[2];
+
+void __no_pauth pauth_init_enable_el3(void)
+{
+ if (is_feat_pauth_supported()) {
+ pauth_init();
+ pauth_enable_el3();
+ }
+}
+
+void __no_pauth pauth_init_enable_el1(void)
+{
+ if (is_feat_pauth_supported()) {
+ pauth_init();
+ pauth_enable_el1();
+ }
+}
+
+void pauth_init(void)
+{
+ uint128_t keys = plat_init_apkey();
+ uint64_t key_lo = LO_64(keys);
+ uint64_t key_hi = HI_64(keys);
+
+ /* Program instruction key A used by the Trusted Firmware */
+ write_apiakeylo_el1(key_lo);
+ write_apiakeyhi_el1(key_hi);
+
+#if IMAGE_BL31
+ set_cpu_data(apiakey[0], key_lo);
+ set_cpu_data(apiakey[1], key_hi);
+
+ /*
+ * In the warmboot entrypoint, cpu_data may have been written before
+ * data caching was enabled. Flush the caches so nothing stale is read.
+ */
+#if !(HW_ASSISTED_COHERENCY || WARMBOOT_ENABLE_DCACHE_EARLY)
+ flush_cpu_data(apiakey);
+#endif
+#elif IMAGE_BL1
+ bl1_apiakey[0] = key_lo;
+ bl1_apiakey[1] = key_hi;
+#endif
+}
+
+/*
+ * Begin checking function calls at the current EL. This function must not have
+ * PAuth guards because the signing will be a NOP and attempting to authenticate
+ * will fail. Includes an ISB to avoid accidental failures.
+ */
+void __no_pauth pauth_enable_el3(void)
+{
+ write_sctlr_el3(read_sctlr_el3() | SCTLR_EnIA_BIT);
+
+ if (is_feat_pauth_lr_supported()) {
+ write_sctlr2_el3(read_sctlr2_el3() | SCTLR2_EnPACM_BIT);
+ }
+
+ isb();
+}
+
+void __no_pauth pauth_enable_el1(void)
+{
+ write_sctlr_el1(read_sctlr_el1() | SCTLR_EnIA_BIT);
+
+ if (is_feat_pauth_lr_supported()) {
+ write_sctlr2_el1(read_sctlr2_el1() | SCTLR2_EnPACM_BIT);
+ }
+
+ isb();
+}
+
+void pauth_enable_el2(void)
+{
+ u_register_t hcr_el2 = read_hcr_el2();
+ /*
+ * For Armv8.3 pointer authentication feature, disable traps to EL2 when
+ * accessing key registers or using pointer authentication instructions
+ * from lower ELs.
+ */
+ hcr_el2 |= (HCR_API_BIT | HCR_APK_BIT);
+
+ write_hcr_el2(hcr_el2);
+}
+
+void __no_pauth pauth_disable_el1(void)
+{
+ write_sctlr_el1(read_sctlr_el1() & ~SCTLR_EnIA_BIT);
+ isb(); /* usually called by caller, here it's for compatibility */
+}
+
+void __no_pauth pauth_disable_el3(void)
+{
+ write_sctlr_el3(read_sctlr_el3() & ~SCTLR_EnIA_BIT);
+ isb(); /* usually called by caller, here it's for compatibility */
+}
diff --git a/lib/extensions/pauth/pauth_helpers.S b/lib/extensions/pauth/pauth_helpers.S
deleted file mode 100644
index fb5fa97..0000000
--- a/lib/extensions/pauth/pauth_helpers.S
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <lib/el3_runtime/cpu_data.h>
-
- .global pauth_init_enable_el1
- .global pauth_disable_el1
- .global pauth_init_enable_el3
- .global pauth_disable_el3
- .globl pauth_load_bl31_apiakey
- .globl pauth_load_bl1_apiakey_enable
-
-/* -------------------------------------------------------------
- * Program APIAKey_EL1 and enable pointer authentication in EL1
- * -------------------------------------------------------------
- */
-func pauth_init_enable_el1
- stp x29, x30, [sp, #-16]!
-
- /* Initialize platform key */
- bl plat_init_apkey
-
- /* Program instruction key A used by the Trusted Firmware */
- msr APIAKeyLo_EL1, x0
- msr APIAKeyHi_EL1, x1
-
- /* Enable pointer authentication */
- mrs x0, sctlr_el1
- orr x0, x0, #SCTLR_EnIA_BIT
-
-#if ENABLE_BTI
- /* Enable PAC branch type compatibility */
- bic x0, x0, #(SCTLR_BT0_BIT | SCTLR_BT1_BIT)
-#endif
- msr sctlr_el1, x0
- isb
-
- ldp x29, x30, [sp], #16
- ret
-endfunc pauth_init_enable_el1
-
-/* -------------------------------------------------------------
- * Disable pointer authentication in EL1
- * -------------------------------------------------------------
- */
-func pauth_disable_el1
- mrs x0, sctlr_el1
- bic x0, x0, #SCTLR_EnIA_BIT
- msr sctlr_el1, x0
- isb
- ret
-endfunc pauth_disable_el1
-
-/* -------------------------------------------------------------
- * Program APIAKey_EL1 and enable pointer authentication in EL3
- * -------------------------------------------------------------
- */
-func pauth_init_enable_el3
- stp x29, x30, [sp, #-16]!
-
- /* Initialize platform key */
- bl plat_init_apkey
-
- /* Program instruction key A used by the Trusted Firmware */
- msr APIAKeyLo_EL1, x0
- msr APIAKeyHi_EL1, x1
-
- /* Enable pointer authentication */
- mrs x0, sctlr_el3
- orr x0, x0, #SCTLR_EnIA_BIT
-
-#if ENABLE_BTI
- /* Enable PAC branch type compatibility */
- bic x0, x0, #SCTLR_BT_BIT
-#endif
- msr sctlr_el3, x0
- isb
-
- ldp x29, x30, [sp], #16
- ret
-endfunc pauth_init_enable_el3
-
-/* -------------------------------------------------------------
- * Disable pointer authentication in EL3
- * -------------------------------------------------------------
- */
-func pauth_disable_el3
- mrs x0, sctlr_el3
- bic x0, x0, #SCTLR_EnIA_BIT
- msr sctlr_el3, x0
- isb
- ret
-endfunc pauth_disable_el3
-
-/* -------------------------------------------------------------
- * The following functions strictly follow the AArch64 PCS
- * to use x9-x17 (temporary caller-saved registers) to load
- * the APIAKey_EL1 and enable pointer authentication.
- * -------------------------------------------------------------
- */
-func pauth_load_bl31_apiakey
- /* tpidr_el3 contains the address of cpu_data structure */
- mrs x9, tpidr_el3
-
- /* Load apiakey from cpu_data */
- ldp x10, x11, [x9, #CPU_DATA_APIAKEY_OFFSET]
-
- /* Program instruction key A */
- msr APIAKeyLo_EL1, x10
- msr APIAKeyHi_EL1, x11
- isb
- ret
-endfunc pauth_load_bl31_apiakey
-
-func pauth_load_bl1_apiakey_enable
- /* Load instruction key A used by the Trusted Firmware */
- adrp x9, bl1_apiakey
- add x9, x9, :lo12:bl1_apiakey
- ldp x10, x11, [x9]
-
- /* Program instruction key A */
- msr APIAKeyLo_EL1, x10
- msr APIAKeyHi_EL1, x11
-
- /* Enable pointer authentication */
- mrs x9, sctlr_el3
- orr x9, x9, #SCTLR_EnIA_BIT
-
-#if ENABLE_BTI
- /* Enable PAC branch type compatibility */
- bic x9, x9, #SCTLR_BT_BIT
-#endif
- msr sctlr_el3, x9
- isb
- ret
-endfunc pauth_load_bl1_apiakey_enable
diff --git a/lib/extensions/pmuv3/aarch64/pmuv3.c b/lib/extensions/pmuv3/aarch64/pmuv3.c
index 61d1258..b47b664 100644
--- a/lib/extensions/pmuv3/aarch64/pmuv3.c
+++ b/lib/extensions/pmuv3/aarch64/pmuv3.c
@@ -78,11 +78,14 @@
* 1 | 1 | enabled | disabled only for counters 0 to
* MDCR_EL2.HPMN - 1. Enabled for the rest
*
+ * MDCR_EL3.EnPM2: Set to one so that various PMUv3p9 related system
+ * register accesses do not trap to EL3.
+ *
* MDCR_EL3.TPM: Set to zero so that EL0, EL1, and EL2 System register
* accesses to all Performance Monitors registers do not trap to EL3.
*/
- mdcr_el3_val = (mdcr_el3_val | MDCR_SCCD_BIT | MDCR_MCCD_BIT) &
- ~(MDCR_MPMX_BIT | MDCR_SPME_BIT | MDCR_TPM_BIT);
+ mdcr_el3_val |= MDCR_SCCD_BIT | MDCR_MCCD_BIT | MDCR_EnPM2_BIT;
+ mdcr_el3_val &= ~(MDCR_MPMX_BIT | MDCR_SPME_BIT | MDCR_TPM_BIT);
mdcr_el3_val = mtpmu_disable_el3(mdcr_el3_val);
write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
diff --git a/lib/extensions/spe/spe.c b/lib/extensions/spe/spe.c
index d7df267..e499486 100644
--- a/lib/extensions/spe/spe.c
+++ b/lib/extensions/spe/spe.c
@@ -26,12 +26,12 @@
* MDCR_EL3.NSPBE: Profiling Buffer uses Non-secure Virtual Addresses.
* When FEAT_RME is not implemented, this field is RES0.
*
- * MDCR_EL3.EnPMSN (ARM v8.7): Do not trap access to PMSNEVFR_EL1
- * register at NS-EL1 or NS-EL2 to EL3 if FEAT_SPEv1p2 is implemented.
- * Setting this bit to 1 doesn't have any effect on it when
- * FEAT_SPEv1p2 not implemented.
+ * MDCR_EL3.EnPMSN (ARM v8.7) and MDCR_EL3.EnPMS3: Do not trap access to
+ * PMSNEVFR_EL1 or PMSDSFR_EL1 register at NS-EL1 or NS-EL2 to EL3 if FEAT_SPEv1p2
+ * or FEAT_SPE_FDS are implemented. Setting these bits to 1 doesn't have any
+ * effect on it when the features aren't implemented.
*/
- mdcr_el3_val |= MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_EnPMSN_BIT;
+ mdcr_el3_val |= MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_EnPMSN_BIT | MDCR_EnPMS3_BIT;
mdcr_el3_val &= ~(MDCR_NSPBE_BIT);
write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
}
@@ -46,10 +46,11 @@
* Disable access of profiling buffer control registers from lower ELs
* in any security state. Secure state owns the buffer.
*
- * MDCR_EL3.EnPMSN (ARM v8.7): Clear the bit to trap access of PMSNEVFR_EL1
- * from EL2/EL1 to EL3.
+ * MDCR_EL3.EnPMSN (ARM v8.7) and MDCR_EL3.EnPMS3: Clear the bits to trap access
+ * of PMSNEVFR_EL1 and PMSDSFR_EL1 from EL2/EL1 to EL3.
*/
- mdcr_el3_val &= ~(MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_NSPBE_BIT | MDCR_EnPMSN_BIT);
+ mdcr_el3_val &= ~(MDCR_NSPB(MDCR_NSPB_EL1) | MDCR_NSPBE_BIT | MDCR_EnPMSN_BIT |
+ MDCR_EnPMS3_BIT);
write_ctx_reg(state, CTX_MDCR_EL3, mdcr_el3_val);
}
diff --git a/lib/libc/memchr.c b/lib/libc/memchr.c
index 66d7ba1..e009a5f 100644
--- a/lib/libc/memchr.c
+++ b/lib/libc/memchr.c
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
void *memchr(const void *src, int c, size_t len)
{
diff --git a/lib/libc/memcmp.c b/lib/libc/memcmp.c
index db2701b..1458208 100644
--- a/lib/libc/memcmp.c
+++ b/lib/libc/memcmp.c
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
int memcmp(const void *s1, const void *s2, size_t len)
{
diff --git a/lib/libc/memcpy.c b/lib/libc/memcpy.c
index af9ed45..ca31de5 100644
--- a/lib/libc/memcpy.c
+++ b/lib/libc/memcpy.c
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
void *memcpy(void *dst, const void *src, size_t len)
{
diff --git a/lib/libc/memcpy_s.c b/lib/libc/memcpy_s.c
index 26953bf..ee87637 100644
--- a/lib/libc/memcpy_s.c
+++ b/lib/libc/memcpy_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -53,12 +53,7 @@
}
}
- /*
- * Start copy process when there is no error
- */
- while (ssize--) {
- d[ssize] = s[ssize];
- }
+ (void)memcpy(dst, src, ssize);
return 0;
}
diff --git a/lib/libc/memmove.c b/lib/libc/memmove.c
index 5c2b661..6451e4e 100644
--- a/lib/libc/memmove.c
+++ b/lib/libc/memmove.c
@@ -16,7 +16,7 @@
* that issue is probably moot as such usage is probably undefined
* behaviour and a bug anyway.
*/
- if ((size_t)dst - (size_t)src >= len) {
+ if (((size_t)dst - (size_t)src) >= len) {
/* destination not in source data, so can safely use memcpy */
return memcpy(dst, src, len);
} else {
diff --git a/lib/libc/memset.c b/lib/libc/memset.c
index c5bac8d..2513221 100644
--- a/lib/libc/memset.c
+++ b/lib/libc/memset.c
@@ -1,11 +1,11 @@
/*
- * Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
#include <stdint.h>
void *memset(void *dst, int val, size_t count)
diff --git a/lib/libc/printf.c b/lib/libc/printf.c
index a856345..2a4b9db 100644
--- a/lib/libc/printf.c
+++ b/lib/libc/printf.c
@@ -44,19 +44,19 @@
unsigned int rem;
/* num_buf is only large enough for radix >= 10 */
- if (radix < 10) {
+ if (radix < 10U) {
assert(0);
return 0;
}
do {
- rem = unum % radix;
- if (rem < 0xa) {
+ rem = (uint32_t)(unum % radix);
+ if (rem < 0xaU) {
num_buf[i] = '0' + rem;
} else if (uppercase) {
- num_buf[i] = 'A' + (rem - 0xa);
+ num_buf[i] = 'A' + (rem - 0xaU);
} else {
- num_buf[i] = 'a' + (rem - 0xa);
+ num_buf[i] = 'a' + (rem - 0xaU);
}
i++;
unum /= radix;
@@ -64,14 +64,14 @@
if (padn > 0) {
while (i < padn) {
- (void)putchar(padc);
+ (void)putchar((int32_t)padc);
count++;
padn--;
}
}
while (--i >= 0) {
- (void)putchar(num_buf[i]);
+ (void)putchar((int32_t)num_buf[i]);
count++;
}
@@ -122,13 +122,13 @@
loop:
switch (*fmt) {
case '%':
- (void)putchar('%');
+ (void)putchar((int32_t)'%');
break;
case 'i': /* Fall through to next one */
case 'd':
num = get_num_va_args(args, l_count);
if (num < 0) {
- (void)putchar('-');
+ (void)putchar((int32_t)'-');
unum = (unsigned long long int)-num;
padn--;
} else
diff --git a/lib/libc/strchr.c b/lib/libc/strchr.c
index 1cd03ca..b3bebe4 100644
--- a/lib/libc/strchr.c
+++ b/lib/libc/strchr.c
@@ -30,12 +30,12 @@
*/
/*
- * Portions copyright (c) 2018, Arm Limited and Contributors.
+ * Portions copyright (c) 2018-2025, Arm Limited and Contributors.
* All rights reserved.
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
char *
strchr(const char *p, int ch)
diff --git a/lib/libc/strcmp.c b/lib/libc/strcmp.c
index 290db4c..5afd0e9 100644
--- a/lib/libc/strcmp.c
+++ b/lib/libc/strcmp.c
@@ -33,11 +33,11 @@
*/
/*
- * Portions copyright (c) 2018, Arm Limited and Contributors.
+ * Portions copyright (c) 2018-2025, Arm Limited and Contributors.
* All rights reserved.
*/
-#include <string.h>
+#include <string_private.h>
/*
* Compare strings.
diff --git a/lib/libc/strlen.c b/lib/libc/strlen.c
index e4b79d9..cc1d1df 100644
--- a/lib/libc/strlen.c
+++ b/lib/libc/strlen.c
@@ -1,10 +1,10 @@
/*
- * Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <string.h>
+#include <string_private.h>
size_t strlen(const char *s)
{
diff --git a/lib/libc/strncmp.c b/lib/libc/strncmp.c
index f0bbadc..828e0c5 100644
--- a/lib/libc/strncmp.c
+++ b/lib/libc/strncmp.c
@@ -30,11 +30,11 @@
*/
/*
- * Portions copyright (c) 2018, Arm Limited and Contributors.
+ * Portions copyright (c) 2018-2025, Arm Limited and Contributors.
* All rights reserved.
*/
-#include <string.h>
+#include <string_private.h>
int
strncmp(const char *s1, const char *s2, size_t n)
diff --git a/lib/libc/strrchr.c b/lib/libc/strrchr.c
index cd435ff..98f76c6 100644
--- a/lib/libc/strrchr.c
+++ b/lib/libc/strrchr.c
@@ -30,7 +30,7 @@
*/
#include <stddef.h>
-#include <string.h>
+#include <string_private.h>
char *
strrchr(const char *p, int ch)
diff --git a/lib/psci/psci_common.c b/lib/psci/psci_common.c
index 234a195..1c634e3 100644
--- a/lib/psci/psci_common.c
+++ b/lib/psci/psci_common.c
@@ -546,7 +546,7 @@
unsigned int lvl, parent_idx;
unsigned int start_idx;
unsigned int ncpus;
- plat_local_state_t target_state, *req_states;
+ plat_local_state_t target_state;
assert(end_pwrlvl <= PLAT_MAX_PWR_LVL);
parent_idx = psci_cpu_pd_nodes[cpu_idx].parent_node;
@@ -561,7 +561,8 @@
/* Get the requested power states for this power level */
start_idx = psci_non_cpu_pd_nodes[parent_idx].cpu_start_idx;
- req_states = psci_get_req_local_pwr_states(lvl, start_idx);
+ plat_local_state_t const *req_states = psci_get_req_local_pwr_states(lvl,
+ start_idx);
/*
* Let the platform coordinate amongst the requested states at
@@ -1031,6 +1032,13 @@
}
/*
+ * Caches and (importantly) coherency are on so we can rely on seeing
+ * whatever the primary gave us without explicit cache maintenance
+ */
+ entry_point_info_t *ep = get_cpu_data(warmboot_ep_info);
+ cm_init_my_context(ep);
+
+ /*
* Generic management: Now we just need to retrieve the
* information that we had stashed away during the cpu_on
* call to set this cpu on its way.
@@ -1298,7 +1306,8 @@
/* Need to wait for other cores to shutdown */
if (wait_ms != 0U) {
- while ((wait_ms-- != 0U) && (!psci_is_last_on_cpu(this_cpu_idx))) {
+ for (uint32_t delay_ms = wait_ms; ((delay_ms != 0U) &&
+ (!psci_is_last_on_cpu(this_cpu_idx))); delay_ms--) {
mdelay(1U);
}
diff --git a/lib/psci/psci_main.c b/lib/psci/psci_main.c
index 34de10f..f126f49 100644
--- a/lib/psci/psci_main.c
+++ b/lib/psci/psci_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -28,15 +28,17 @@
{
int rc;
- entry_point_info_t ep;
+ entry_point_info_t *ep;
+ unsigned int target_idx = (unsigned int)plat_core_pos_by_mpidr(target_cpu);
/* Validate the target CPU */
if (!is_valid_mpidr(target_cpu)) {
return PSCI_E_INVALID_PARAMS;
}
- /* Validate the entry point and get the entry_point_info */
- rc = psci_validate_entry_point(&ep, entrypoint, context_id);
+ ep = get_cpu_data_by_index(target_idx, warmboot_ep_info);
+ /* Validate the lower EL entry point and put it in the entry_point_info */
+ rc = psci_validate_entry_point(ep, entrypoint, context_id);
if (rc != PSCI_E_SUCCESS) {
return rc;
}
@@ -45,7 +47,7 @@
* To turn this cpu on, specify which power
* levels need to be turned on
*/
- return psci_cpu_on_start(target_cpu, &ep);
+ return psci_cpu_on_start(target_cpu, ep);
}
unsigned int psci_version(void)
@@ -59,7 +61,6 @@
{
int rc;
unsigned int target_pwrlvl, is_power_down_state;
- entry_point_info_t ep;
psci_power_state_t state_info = { {PSCI_LOCAL_STATE_RUN} };
plat_local_state_t cpu_pd_state;
unsigned int cpu_idx = plat_my_core_pos();
@@ -173,7 +174,9 @@
* point and program entry information.
*/
if (is_power_down_state != 0U) {
- rc = psci_validate_entry_point(&ep, entrypoint, context_id);
+ entry_point_info_t *ep = get_cpu_data_by_index(cpu_idx, warmboot_ep_info);
+
+ rc = psci_validate_entry_point(ep, entrypoint, context_id);
if (rc != PSCI_E_SUCCESS) {
return rc;
}
@@ -186,7 +189,6 @@
* arrival of an interrupt
*/
rc = psci_cpu_suspend_start(cpu_idx,
- &ep,
target_pwrlvl,
&state_info,
is_power_down_state);
@@ -199,8 +201,8 @@
{
int rc;
psci_power_state_t state_info;
- entry_point_info_t ep;
unsigned int cpu_idx = plat_my_core_pos();
+ entry_point_info_t *ep = get_cpu_data_by_index(cpu_idx, warmboot_ep_info);
/* Check if the current CPU is the last ON CPU in the system */
if (!psci_is_last_on_cpu(cpu_idx)) {
@@ -208,7 +210,7 @@
}
/* Validate the entry point and get the entry_point_info */
- rc = psci_validate_entry_point(&ep, entrypoint, context_id);
+ rc = psci_validate_entry_point(ep, entrypoint, context_id);
if (rc != PSCI_E_SUCCESS) {
return rc;
}
@@ -235,7 +237,6 @@
* arrival of an interrupt
*/
rc = psci_cpu_suspend_start(cpu_idx,
- &ep,
PLAT_MAX_PWR_LVL,
&state_info,
PSTATE_TYPE_POWERDOWN);
@@ -305,7 +306,7 @@
int psci_migrate(u_register_t target_cpu)
{
int rc;
- u_register_t resident_cpu_mpidr;
+ u_register_t resident_cpu_mpidr = 0;
/* Validate the target cpu */
if (!is_valid_mpidr(target_cpu))
@@ -347,7 +348,7 @@
u_register_t psci_migrate_info_up_cpu(void)
{
- u_register_t resident_cpu_mpidr;
+ u_register_t resident_cpu_mpidr = 0;
int rc;
/*
diff --git a/lib/psci/psci_off.c b/lib/psci/psci_off.c
index 577fdd7..2485601 100644
--- a/lib/psci/psci_off.c
+++ b/lib/psci/psci_off.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2023, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -11,6 +11,7 @@
#include <arch.h>
#include <arch_helpers.h>
#include <common/debug.h>
+#include <drivers/arm/gic.h>
#include <lib/pmf/pmf.h>
#include <lib/runtime_instr.h>
#include <plat/common/platform.h>
@@ -94,7 +95,7 @@
if ((psci_spd_pm != NULL) && (psci_spd_pm->svc_off != NULL)) {
rc = psci_spd_pm->svc_off(0);
if (rc != PSCI_E_SUCCESS)
- goto exit;
+ goto off_exit;
}
/*
@@ -117,6 +118,13 @@
*/
psci_pwrdown_cpu_start(psci_find_max_off_lvl(&state_info));
+#if USE_GIC_DRIVER
+ /* turn the GIC off before we hand off to the platform */
+ gic_cpuif_disable(idx);
+ /* we don't want any wakeups until explicitly turned on */
+ gic_pcpu_off(idx);
+#endif /* USE_GIC_DRIVER */
+
/*
* Plat. management: Perform platform specific actions to turn this
* cpu off e.g. exit cpu coherency, program the power controller etc.
@@ -127,7 +135,7 @@
plat_psci_stat_accounting_start(&state_info);
#endif
-exit:
+off_exit:
/*
* Release the locks corresponding to each power level in the
* reverse order to which they were acquired.
diff --git a/lib/psci/psci_on.c b/lib/psci/psci_on.c
index 7e161dd..4ae07e1 100644
--- a/lib/psci/psci_on.c
+++ b/lib/psci/psci_on.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,6 +11,7 @@
#include <arch_helpers.h>
#include <common/bl_common.h>
#include <common/debug.h>
+#include <drivers/arm/gic.h>
#include <lib/el3_runtime/context_mgmt.h>
#include <lib/el3_runtime/pubsub_events.h>
#include <plat/common/platform.h>
@@ -93,7 +94,7 @@
psci_svc_cpu_data.aff_info_state);
rc = cpu_on_validate_state(psci_get_aff_info_state_by_idx(target_idx));
if (rc != PSCI_E_SUCCESS)
- goto exit;
+ goto on_exit;
/*
* Call the cpu on handler registered by the Secure Payload Dispatcher
@@ -141,17 +142,14 @@
rc = psci_plat_pm_ops->pwr_domain_on(target_cpu);
assert((rc == PSCI_E_SUCCESS) || (rc == PSCI_E_INTERN_FAIL));
- if (rc == PSCI_E_SUCCESS) {
- /* Store the re-entry information for the non-secure world. */
- cm_init_context_by_index(target_idx, ep);
- } else {
+ if (rc != PSCI_E_SUCCESS) {
/* Restore the state on error. */
psci_set_aff_info_state_by_idx(target_idx, AFF_STATE_OFF);
flush_cpu_data_by_index(target_idx,
psci_svc_cpu_data.aff_info_state);
}
-exit:
+on_exit:
psci_spin_unlock_cpu(target_idx);
return rc;
}
@@ -186,6 +184,13 @@
if (psci_plat_pm_ops->pwr_domain_on_finish_late != NULL) {
psci_plat_pm_ops->pwr_domain_on_finish_late(state_info);
}
+
+#if USE_GIC_DRIVER
+ /* GIC init after platform has had a say with MMU on */
+ gic_pcpu_init(cpu_idx);
+ gic_cpuif_enable(cpu_idx);
+#endif /* USE_GIC_DRIVER */
+
/*
* All the platform specific actions for turning this cpu
* on have completed. Perform enough arch.initialization
diff --git a/lib/psci/psci_private.h b/lib/psci/psci_private.h
index 49b19c9..f3f5a5c 100644
--- a/lib/psci/psci_private.h
+++ b/lib/psci/psci_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -344,7 +344,6 @@
/* Private exported functions from psci_suspend.c */
int psci_cpu_suspend_start(unsigned int idx,
- const entry_point_info_t *ep,
unsigned int end_pwrlvl,
psci_power_state_t *state_info,
unsigned int is_power_down_state);
diff --git a/lib/psci/psci_setup.c b/lib/psci/psci_setup.c
index 3604549..0863a82 100644
--- a/lib/psci/psci_setup.c
+++ b/lib/psci/psci_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -30,6 +30,7 @@
* of relying on platform defined constants.
******************************************************************************/
static cpu_context_t psci_ns_context[PLATFORM_CORE_COUNT];
+static entry_point_info_t warmboot_ep_info[PLATFORM_CORE_COUNT];
/******************************************************************************
* Define the psci capability variable.
@@ -114,6 +115,13 @@
}
}
+static void __init populate_cpu_data(void)
+{
+ for (unsigned int idx = 0; idx < psci_plat_core_count; idx++) {
+ set_cpu_data_by_index(idx, warmboot_ep_info, &warmboot_ep_info[idx]);
+ }
+}
+
/*******************************************************************************
* Core routine to populate the power domain tree. The tree descriptor passed by
* the platform is populated breadth-first and the first entry in the map
@@ -218,6 +226,9 @@
/* Update the CPU limits for each node in psci_non_cpu_pd_nodes */
psci_update_pwrlvl_limits();
+ /* Initialise the warmboot entrypoints */
+ populate_cpu_data();
+
/* Populate the mpidr field of cpu node for this CPU */
psci_cpu_pd_nodes[cpu_idx].mpidr =
read_mpidr() & MPIDR_AFFINITY_MASK;
@@ -308,11 +319,6 @@
/* Having initialized cpu_ops, we can now print errata status */
print_errata_status();
-#if ENABLE_PAUTH
- /* Store APIAKey_EL1 key */
- set_cpu_data(apiakey[0], read_apiakeylo_el1());
- set_cpu_data(apiakey[1], read_apiakeyhi_el1());
-#endif /* ENABLE_PAUTH */
}
/******************************************************************************
diff --git a/lib/psci/psci_suspend.c b/lib/psci/psci_suspend.c
index 0fb1ed3..73b9a67 100644
--- a/lib/psci/psci_suspend.c
+++ b/lib/psci/psci_suspend.c
@@ -12,6 +12,7 @@
#include <common/bl_common.h>
#include <common/debug.h>
#include <context.h>
+#include <drivers/arm/gic.h>
#include <lib/el3_runtime/context_mgmt.h>
#include <lib/el3_runtime/cpu_data.h>
#include <lib/el3_runtime/pubsub_events.h>
@@ -45,7 +46,6 @@
static void psci_suspend_to_pwrdown_start(unsigned int idx,
unsigned int end_pwrlvl,
unsigned int max_off_lvl,
- const entry_point_info_t *ep,
const psci_power_state_t *state_info)
{
PUBLISH_EVENT_ARG(psci_suspend_pwrdown_start, &idx);
@@ -85,12 +85,6 @@
if (psci_plat_pm_ops->pwr_domain_suspend_pwrdown_early != NULL)
psci_plat_pm_ops->pwr_domain_suspend_pwrdown_early(state_info);
#endif
-
- /*
- * Store the re-entry information for the non-secure world.
- */
- cm_init_my_context(ep);
-
/*
* Arch. management. Initiate power down sequence.
*/
@@ -116,7 +110,6 @@
* not possible to undo any of the actions taken beyond that point.
******************************************************************************/
int psci_cpu_suspend_start(unsigned int idx,
- const entry_point_info_t *ep,
unsigned int end_pwrlvl,
psci_power_state_t *state_info,
unsigned int is_power_down_state)
@@ -124,10 +117,6 @@
int rc = PSCI_E_SUCCESS;
unsigned int parent_nodes[PLAT_MAX_PWR_LVL] = {0};
unsigned int max_off_lvl = 0;
-#if FEAT_PABANDON
- cpu_context_t *ctx = cm_get_context(NON_SECURE);
- cpu_context_t old_ctx;
-#endif
/*
* This function must only be called on platforms where the
@@ -152,7 +141,7 @@
* detection that a wake-up interrupt has fired.
*/
if (read_isr_el1() != 0U) {
- goto exit;
+ goto suspend_exit;
}
#if PSCI_OS_INIT_MODE
@@ -163,7 +152,7 @@
*/
rc = psci_validate_state_coordination(idx, end_pwrlvl, state_info);
if (rc != PSCI_E_SUCCESS) {
- goto exit;
+ goto suspend_exit;
}
} else {
#endif
@@ -181,7 +170,7 @@
if (psci_plat_pm_ops->pwr_domain_validate_suspend != NULL) {
rc = psci_plat_pm_ops->pwr_domain_validate_suspend(state_info);
if (rc != PSCI_E_SUCCESS) {
- goto exit;
+ goto suspend_exit;
}
}
#endif
@@ -205,35 +194,22 @@
#if !CTX_INCLUDE_EL2_REGS
cm_el1_sysregs_context_save(NON_SECURE);
#endif
- /*
- * when the core wakes it expects its context to already be in
- * place so we must overwrite it before powerdown. But if
- * powerdown never happens we want the old context. Save it in
- * case we wake up. EL2/El1 will not be touched by PSCI so don't
- * copy */
- memcpy(&ctx->gpregs_ctx, &old_ctx.gpregs_ctx, sizeof(gp_regs_t));
- memcpy(&ctx->el3state_ctx, &old_ctx.el3state_ctx, sizeof(el3_state_t));
-#if DYNAMIC_WORKAROUND_CVE_2018_3639
- memcpy(&ctx->cve_2018_3639_ctx, &old_ctx.cve_2018_3639_ctx, sizeof(cve_2018_3639_t));
-#endif
-#if ERRATA_SPECULATIVE_AT
- memcpy(&ctx->errata_speculative_at_ctx, &old_ctx.errata_speculative_at_ctx, sizeof(errata_speculative_at_t));
-#endif
-#if CTX_INCLUDE_PAUTH_REGS
- memcpy(&ctx->pauth_ctx, &old_ctx.pauth_ctx, sizeof(pauth_t));
-#endif
#endif
max_off_lvl = psci_find_max_off_lvl(state_info);
- psci_suspend_to_pwrdown_start(idx, end_pwrlvl, end_pwrlvl, ep, state_info);
+ psci_suspend_to_pwrdown_start(idx, end_pwrlvl, end_pwrlvl, state_info);
}
+#if USE_GIC_DRIVER
+ /* turn the GIC off before we hand off to the platform */
+ gic_cpuif_disable(idx);
+#endif /* USE_GIC_DRIVER */
+
/*
* Plat. management: Allow the platform to perform the
* necessary actions to turn off this cpu e.g. set the
* platform defined mailbox with the psci entrypoint,
* program the power controller etc.
*/
-
psci_plat_pm_ops->pwr_domain_suspend(state_info);
#if ENABLE_PSCI_STAT
@@ -301,18 +277,6 @@
#if FEAT_PABANDON
psci_cpu_suspend_to_powerdown_finish(idx, max_off_lvl, state_info);
- /* we overwrote context ourselves, put it back */
- memcpy(&ctx->gpregs_ctx, &old_ctx.gpregs_ctx, sizeof(gp_regs_t));
- memcpy(&ctx->el3state_ctx, &old_ctx.el3state_ctx, sizeof(el3_state_t));
-#if DYNAMIC_WORKAROUND_CVE_2018_3639
- memcpy(&ctx->cve_2018_3639_ctx, &old_ctx.cve_2018_3639_ctx, sizeof(cve_2018_3639_t));
-#endif
-#if ERRATA_SPECULATIVE_AT
- memcpy(&ctx->errata_speculative_at_ctx, &old_ctx.errata_speculative_at_ctx, sizeof(errata_speculative_at_t));
-#endif
-#if CTX_INCLUDE_PAUTH_REGS
- memcpy(&ctx->pauth_ctx, &old_ctx.pauth_ctx, sizeof(pauth_t));
-#endif
#if !CTX_INCLUDE_EL2_REGS
cm_el1_sysregs_context_restore(NON_SECURE);
#endif
@@ -321,13 +285,18 @@
psci_cpu_suspend_to_standby_finish(end_pwrlvl, state_info);
}
+#if USE_GIC_DRIVER
+ /* Turn GIC on after platform has had a chance to do state management */
+ gic_cpuif_enable(idx);
+#endif /* USE_GIC_DRIVER */
+
/*
* Set the requested and target state of this CPU and all the higher
* power domain levels for this CPU to run.
*/
psci_set_pwr_domains_to_run(idx, end_pwrlvl);
-exit:
+suspend_exit:
psci_release_pwr_domain_locks(end_pwrlvl, parent_nodes);
return rc;
@@ -361,16 +330,15 @@
psci_do_pwrup_cache_maintenance();
#endif
+#if USE_GIC_DRIVER
+ /* GIC on after platform has had its say and MMU is on */
+ gic_cpuif_enable(cpu_idx);
+#endif /* USE_GIC_DRIVER */
+
/* Re-init the cntfrq_el0 register */
counter_freq = plat_get_syscnt_freq2();
write_cntfrq_el0(counter_freq);
-#if ENABLE_PAUTH
- /* Store APIAKey_EL1 key */
- set_cpu_data(apiakey[0], read_apiakeylo_el1());
- set_cpu_data(apiakey[1], read_apiakeyhi_el1());
-#endif /* ENABLE_PAUTH */
-
/*
* Call the cpu suspend finish handler registered by the Secure Payload
* Dispatcher to let it do any bookeeping. If the handler encounters an
diff --git a/lib/psci/psci_system_off.c b/lib/psci/psci_system_off.c
index 1dcaa23..19f2476 100644
--- a/lib/psci/psci_system_off.c
+++ b/lib/psci/psci_system_off.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,6 +9,7 @@
#include <arch_helpers.h>
#include <common/debug.h>
+#include <drivers/arm/gic.h>
#include <drivers/console.h>
#include <plat/common/platform.h>
@@ -27,6 +28,11 @@
console_flush();
+#if USE_GIC_DRIVER
+ /* turn the GIC off before we hand off to the platform */
+ gic_cpuif_disable(plat_my_core_pos());
+#endif /* USE_GIC_DRIVER */
+
/* Call the platform specific hook */
psci_plat_pm_ops->system_off();
@@ -46,6 +52,11 @@
console_flush();
+#if USE_GIC_DRIVER
+ /* turn the GIC off before we hand off to the platform */
+ gic_cpuif_disable(plat_my_core_pos());
+#endif /* USE_GIC_DRIVER */
+
/* Call the platform specific hook */
psci_plat_pm_ops->system_reset();
@@ -80,6 +91,11 @@
}
console_flush();
+#if USE_GIC_DRIVER
+ /* turn the GIC off before we hand off to the platform */
+ gic_cpuif_disable(plat_my_core_pos());
+#endif /* USE_GIC_DRIVER */
+
u_register_t ret =
(u_register_t) psci_plat_pm_ops->system_reset2((int) is_vendor, reset_type, cookie);
if (ret != PSCI_E_SUCCESS)
diff --git a/lib/transfer_list/transfer_list.c b/lib/transfer_list/transfer_list.c
index 3817861..4d4a167 100644
--- a/lib/transfer_list/transfer_list.c
+++ b/lib/transfer_list/transfer_list.c
@@ -176,35 +176,32 @@
}
if (tl->signature != TRANSFER_LIST_SIGNATURE) {
- ERROR("Bad transfer list signature 0x%x\n", tl->signature);
+ VERBOSE("Bad transfer list signature 0x%x\n", tl->signature);
return TL_OPS_NON;
}
if (!tl->max_size) {
- ERROR("Bad transfer list max size 0x%x\n",
- tl->max_size);
+ VERBOSE("Bad transfer list max size 0x%x\n", tl->max_size);
return TL_OPS_NON;
}
if (tl->size > tl->max_size) {
- ERROR("Bad transfer list size 0x%x\n", tl->size);
+ VERBOSE("Bad transfer list size 0x%x\n", tl->size);
return TL_OPS_NON;
}
if (tl->hdr_size != sizeof(struct transfer_list_header)) {
- ERROR("Bad transfer list header size 0x%x\n",
- tl->hdr_size);
+ VERBOSE("Bad transfer list header size 0x%x\n", tl->hdr_size);
return TL_OPS_NON;
}
if (!transfer_list_verify_checksum(tl)) {
- ERROR("Bad transfer list checksum 0x%x\n",
- tl->checksum);
+ VERBOSE("Bad transfer list checksum 0x%x\n", tl->checksum);
return TL_OPS_NON;
}
if (tl->version == 0) {
- ERROR("Transfer list version is invalid\n");
+ VERBOSE("Transfer list version is invalid\n");
return TL_OPS_NON;
} else if (tl->version == TRANSFER_LIST_VERSION) {
INFO("Transfer list version is valid for all operations\n");
diff --git a/lib/xlat_mpu/aarch64/enable_mpu.S b/lib/xlat_mpu/aarch64/enable_mpu.S
deleted file mode 100644
index 0dda979..0000000
--- a/lib/xlat_mpu/aarch64/enable_mpu.S
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <asm_macros.S>
-#include <assert_macros.S>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-#include <platform_def.h>
-
- .global enable_mpu_direct_el2
-
- /* void enable_mmu_direct_el2(unsigned int flags) */
-func enable_mpu_direct_el2
-#if ENABLE_ASSERTIONS
- mrs x1, sctlr_el2
- tst x1, #SCTLR_M_BIT
- ASM_ASSERT(eq)
-#endif
- mov x7, x0
- adrp x0, mmu_cfg_params
- add x0, x0, :lo12:mmu_cfg_params
-
- /* (MAIRs are already set up) */
-
- /* TCR */
- ldr x2, [x0, #(MMU_CFG_TCR << 3)]
- msr tcr_el2, x2
-
- /*
- * Ensure all translation table writes have drained into memory, the TLB
- * invalidation is complete, and translation register writes are
- * committed before enabling the MMU
- */
- dsb ish
- isb
-
- /* Set and clear required fields of SCTLR */
- mrs x4, sctlr_el2
- mov_imm x5, SCTLR_WXN_BIT | SCTLR_C_BIT | SCTLR_M_BIT
- orr x4, x4, x5
-
- /* Additionally, amend SCTLR fields based on flags */
- bic x5, x4, #SCTLR_C_BIT
- tst x7, #DISABLE_DCACHE
- csel x4, x5, x4, ne
-
- msr sctlr_el2, x4
- isb
-
- ret
-endfunc enable_mpu_direct_el2
diff --git a/lib/xlat_mpu/aarch64/xlat_mpu_arch.c b/lib/xlat_mpu/aarch64/xlat_mpu_arch.c
deleted file mode 100644
index b462de0..0000000
--- a/lib/xlat_mpu/aarch64/xlat_mpu_arch.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <stdbool.h>
-#include <stdint.h>
-
-#include "../xlat_mpu_private.h"
-#include <arch.h>
-#include <arch_features.h>
-#include <lib/cassert.h>
-#include <lib/utils_def.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-
-#include <fvp_r_arch_helpers.h>
-
-#warning "xlat_mpu library is currently experimental and its API may change in future."
-
-#if ENABLE_ASSERTIONS
-/*
- * Return minimum virtual address space size supported by the architecture
- */
-uintptr_t xlat_get_min_virt_addr_space_size(void)
-{
- uintptr_t ret;
-
- if (is_feat_ttst_present()) {
- ret = MIN_VIRT_ADDR_SPACE_SIZE_TTST;
- } else {
- ret = MIN_VIRT_ADDR_SPACE_SIZE;
- }
- return ret;
-}
-#endif /* ENABLE_ASSERTIONS*/
-
-bool is_mpu_enabled_ctx(const xlat_ctx_t *ctx)
-{
- if (ctx->xlat_regime == EL1_EL0_REGIME) {
- assert(xlat_arch_current_el() >= 1U);
- return (read_sctlr_el1() & SCTLR_M_BIT) != 0U;
- } else {
- assert(xlat_arch_current_el() >= 2U);
- return (read_sctlr_el2() & SCTLR_M_BIT) != 0U;
- }
-}
-
-bool is_dcache_enabled(void)
-{
- unsigned int el = get_current_el();
-
- if (el == 1U) {
- return (read_sctlr_el1() & SCTLR_C_BIT) != 0U;
- } else { /* must be EL2 */
- return (read_sctlr_el2() & SCTLR_C_BIT) != 0U;
- }
-}
-
-unsigned int xlat_arch_current_el(void)
-{
- unsigned int el = (unsigned int)GET_EL(read_CurrentEl());
-
- assert(el > 0U);
-
- return el;
-}
-
diff --git a/lib/xlat_mpu/ro_xlat_mpu.mk b/lib/xlat_mpu/ro_xlat_mpu.mk
deleted file mode 100644
index d3af3bd..0000000
--- a/lib/xlat_mpu/ro_xlat_mpu.mk
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# Copyright (c) 2021, Arm Limited. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-ifeq (${USE_DEBUGFS}, 1)
- $(error "Debugfs requires functionality from the dynamic translation \
- library and is incompatible with ALLOW_RO_XLAT_TABLES.")
-endif
-
-ifeq (${ARCH},aarch32)
- $(error "The xlat_mpu library does not currently support AArch32.")
-endif
diff --git a/lib/xlat_mpu/xlat_mpu.mk b/lib/xlat_mpu/xlat_mpu.mk
deleted file mode 100644
index 31bef04..0000000
--- a/lib/xlat_mpu/xlat_mpu.mk
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-XLAT_MPU_LIB_V1_SRCS := $(addprefix lib/xlat_mpu/, \
- ${ARCH}/enable_mpu.S \
- ${ARCH}/xlat_mpu_arch.c \
- xlat_mpu_context.c \
- xlat_mpu_core.c \
- xlat_mpu_utils.c)
-
-XLAT_MPU_LIB_V1 := 1
-$(eval $(call add_define,XLAT_MPU_LIB_V1))
-
-ifeq (${ALLOW_XLAT_MPU}, 1)
- include lib/xlat_mpu_v2/ro_xlat_mpu.mk
-endif
diff --git a/lib/xlat_mpu/xlat_mpu_context.c b/lib/xlat_mpu/xlat_mpu_context.c
deleted file mode 100644
index 783f21d..0000000
--- a/lib/xlat_mpu/xlat_mpu_context.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <common/debug.h>
-
-#include "lib/xlat_mpu/xlat_mpu.h"
-#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-#include "xlat_mpu_private.h"
-
-#include <fvp_r_arch_helpers.h>
-#include <platform_def.h>
-
-#warning "xlat_mpu library is currently experimental and its API may change in future."
-
-
-/*
- * MMU configuration register values for the active translation context. Used
- * from the MMU assembly helpers.
- */
-uint64_t mmu_cfg_params[MMU_CFG_PARAM_MAX];
-
-/*
- * Allocate and initialise the default translation context for the BL image
- * currently executing.
- */
-REGISTER_XLAT_CONTEXT(tf, MAX_MMAP_REGIONS, MAX_XLAT_TABLES,
- PLAT_VIRT_ADDR_SPACE_SIZE, PLAT_PHY_ADDR_SPACE_SIZE);
-
-void mmap_add(const mmap_region_t *mm)
-{
- mmap_add_ctx(&tf_xlat_ctx, mm);
-}
-
-void __init init_xlat_tables(void)
-{
- assert(tf_xlat_ctx.xlat_regime == EL_REGIME_INVALID);
-
- unsigned int current_el = xlat_arch_current_el();
-
- if (current_el == 1U) {
- tf_xlat_ctx.xlat_regime = EL1_EL0_REGIME;
- } else {
- assert(current_el == 2U);
- tf_xlat_ctx.xlat_regime = EL2_REGIME;
- }
- /* Note: If EL3 is supported in future v8-R64, add EL3 assignment */
- init_xlat_tables_ctx(&tf_xlat_ctx);
-}
-
-int xlat_get_mem_attributes(uintptr_t base_va, uint32_t *attr)
-{
- return xlat_get_mem_attributes_ctx(&tf_xlat_ctx, base_va, attr);
-}
-
-void enable_mpu_el2(unsigned int flags)
-{
- /* EL2 is strictly MPU on v8-R64, so no need for setup_mpu_cfg() */
- enable_mpu_direct_el2(flags);
-}
diff --git a/lib/xlat_mpu/xlat_mpu_core.c b/lib/xlat_mpu/xlat_mpu_core.c
deleted file mode 100644
index 33f381d..0000000
--- a/lib/xlat_mpu/xlat_mpu_core.c
+++ /dev/null
@@ -1,408 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <errno.h>
-#include <stdbool.h>
-#include <stdint.h>
-#include <string.h>
-
-#include <arch_features.h>
-#include <common/debug.h>
-#include <lib/utils_def.h>
-#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-#include "xlat_mpu_private.h"
-
-#include <fvp_r_arch_helpers.h>
-#include <platform_def.h>
-
-#warning "xlat_mpu library is currently experimental and its API may change in future."
-
-
-/* Helper function that cleans the data cache only if it is enabled. */
-static inline __attribute__((unused))
- void xlat_clean_dcache_range(uintptr_t addr, size_t size)
-{
- if (is_dcache_enabled()) {
- clean_dcache_range(addr, size);
- }
-}
-
-
-
-/* Calculate region-attributes byte for PRBAR part of MPU-region descriptor: */
-uint64_t prbar_attr_value(uint32_t attr)
-{
- uint64_t retValue = UL(0);
- uint64_t extract; /* temp var holding bit extracted from attr */
-
- /* Extract and stuff SH: */
- extract = (uint64_t) ((attr >> MT_SHAREABILITY_SHIFT)
- & MT_SHAREABILITY_MASK);
- retValue |= (extract << PRBAR_SH_SHIFT);
-
- /* Extract and stuff AP: */
- extract = (uint64_t) ((attr >> MT_PERM_SHIFT) & MT_PERM_MASK);
- if (extract == 0U) {
- retValue |= (UL(2) << PRBAR_AP_SHIFT);
- } else /* extract == 1 */ {
- retValue |= (UL(0) << PRBAR_AP_SHIFT);
- }
-
- /* Extract and stuff XN: */
- extract = (uint64_t) ((attr >> MT_EXECUTE_SHIFT) & MT_EXECUTE_MASK);
- retValue |= (extract << PRBAR_XN_SHIFT);
- /* However, also don't execute in peripheral space: */
- extract = (uint64_t) ((attr >> MT_TYPE_SHIFT) & MT_TYPE_MASK);
- if (extract == 0U) {
- retValue |= (UL(1) << PRBAR_XN_SHIFT);
- }
- return retValue;
-}
-
-/* Calculate region-attributes byte for PRLAR part of MPU-region descriptor: */
-uint64_t prlar_attr_value(uint32_t attr)
-{
- uint64_t retValue = UL(0);
- uint64_t extract; /* temp var holding bit extracted from attr */
-
- /* Extract and stuff AttrIndx: */
- extract = (uint64_t) ((attr >> MT_TYPE_SHIFT)
- & MT_TYPE_MASK);
- switch (extract) {
- case UL(0):
- retValue |= (UL(1) << PRLAR_ATTR_SHIFT);
- break;
- case UL(2):
- /* 0, so OR in nothing */
- break;
- case UL(3):
- retValue |= (UL(2) << PRLAR_ATTR_SHIFT);
- break;
- default:
- retValue |= (extract << PRLAR_ATTR_SHIFT);
- break;
- }
-
- /* Stuff EN: */
- retValue |= (UL(1) << PRLAR_EN_SHIFT);
-
- /* Force NS to 0 (Secure); v8-R64 only supports Secure: */
- extract = ~(1U << PRLAR_NS_SHIFT);
- retValue &= extract;
-
- return retValue;
-}
-
-/*
- * Function that writes an MPU "translation" into the MPU registers. If not
- * possible (e.g., if no more MPU regions available) boot is aborted.
- */
-static void mpu_map_region(mmap_region_t *mm)
-{
- uint64_t prenr_el2_value = 0UL;
- uint64_t prbar_attrs = 0UL;
- uint64_t prlar_attrs = 0UL;
- int region_to_use = 0;
-
- /* If all MPU regions in use, then abort boot: */
- prenr_el2_value = read_prenr_el2();
- assert(prenr_el2_value != 0xffffffff);
-
- /* Find and select first-available MPU region (PRENR has an enable bit
- * for each MPU region, 1 for in-use or 0 for unused):
- */
- for (region_to_use = 0; region_to_use < N_MPU_REGIONS;
- region_to_use++) {
- if (((prenr_el2_value >> region_to_use) & 1) == 0) {
- break;
- }
- }
- write_prselr_el2((uint64_t) (region_to_use));
- isb();
-
- /* Set base and limit addresses: */
- write_prbar_el2(mm->base_pa & PRBAR_PRLAR_ADDR_MASK);
- write_prlar_el2((mm->base_pa + mm->size - 1UL)
- & PRBAR_PRLAR_ADDR_MASK);
- dsbsy();
- isb();
-
- /* Set attributes: */
- prbar_attrs = prbar_attr_value(mm->attr);
- write_prbar_el2(read_prbar_el2() | prbar_attrs);
- prlar_attrs = prlar_attr_value(mm->attr);
- write_prlar_el2(read_prlar_el2() | prlar_attrs);
- dsbsy();
- isb();
-
- /* Mark this MPU region as used: */
- prenr_el2_value |= (1 << region_to_use);
- write_prenr_el2(prenr_el2_value);
- isb();
-}
-
-/*
- * Function that verifies that a region can be mapped.
- * Returns:
- * 0: Success, the mapping is allowed.
- * EINVAL: Invalid values were used as arguments.
- * ERANGE: The memory limits were surpassed.
- * ENOMEM: There is not enough memory in the mmap array.
- * EPERM: Region overlaps another one in an invalid way.
- */
-static int mmap_add_region_check(const xlat_ctx_t *ctx, const mmap_region_t *mm)
-{
- unsigned long long base_pa = mm->base_pa;
- uintptr_t base_va = mm->base_va;
- size_t size = mm->size;
-
- unsigned long long end_pa = base_pa + size - 1U;
- uintptr_t end_va = base_va + size - 1U;
-
- if (base_pa != base_va) {
- return -EINVAL; /* MPU does not perform address translation */
- }
- if ((base_pa % 64ULL) != 0ULL) {
- return -EINVAL; /* MPU requires 64-byte alignment */
- }
- /* Check for overflows */
- if ((base_pa > end_pa) || (base_va > end_va)) {
- return -ERANGE;
- }
- if (end_pa > ctx->pa_max_address) {
- return -ERANGE;
- }
- /* Check that there is space in the ctx->mmap array */
- if (ctx->mmap[ctx->mmap_num - 1].size != 0U) {
- return -ENOMEM;
- }
- /* Check for PAs and VAs overlaps with all other regions */
- for (const mmap_region_t *mm_cursor = ctx->mmap;
- mm_cursor->size != 0U; ++mm_cursor) {
-
- uintptr_t mm_cursor_end_va =
- mm_cursor->base_va + mm_cursor->size - 1U;
-
- /*
- * Check if one of the regions is completely inside the other
- * one.
- */
- bool fully_overlapped_va =
- ((base_va >= mm_cursor->base_va) &&
- (end_va <= mm_cursor_end_va)) ||
- ((mm_cursor->base_va >= base_va) &&
- (mm_cursor_end_va <= end_va));
-
- /*
- * Full VA overlaps are only allowed if both regions are
- * identity mapped (zero offset) or have the same VA to PA
- * offset. Also, make sure that it's not the exact same area.
- * This can only be done with static regions.
- */
- if (fully_overlapped_va) {
-
-#if PLAT_XLAT_TABLES_DYNAMIC
- if (((mm->attr & MT_DYNAMIC) != 0U) ||
- ((mm_cursor->attr & MT_DYNAMIC) != 0U)) {
- return -EPERM;
- }
-#endif /* PLAT_XLAT_TABLES_DYNAMIC */
- if ((mm_cursor->base_va - mm_cursor->base_pa)
- != (base_va - base_pa)) {
- return -EPERM;
- }
- if ((base_va == mm_cursor->base_va) &&
- (size == mm_cursor->size)) {
- return -EPERM;
- }
- } else {
- /*
- * If the regions do not have fully overlapping VAs,
- * then they must have fully separated VAs and PAs.
- * Partial overlaps are not allowed
- */
-
- unsigned long long mm_cursor_end_pa =
- mm_cursor->base_pa + mm_cursor->size - 1U;
-
- bool separated_pa = (end_pa < mm_cursor->base_pa) ||
- (base_pa > mm_cursor_end_pa);
- bool separated_va = (end_va < mm_cursor->base_va) ||
- (base_va > mm_cursor_end_va);
-
- if (!separated_va || !separated_pa) {
- return -EPERM;
- }
- }
- }
-
- return 0;
-}
-
-void mmap_add_region_ctx(xlat_ctx_t *ctx, const mmap_region_t *mm)
-{
- mmap_region_t *mm_cursor = ctx->mmap, *mm_destination;
- const mmap_region_t *mm_end = ctx->mmap + ctx->mmap_num;
- const mmap_region_t *mm_last;
- unsigned long long end_pa = mm->base_pa + mm->size - 1U;
- uintptr_t end_va = mm->base_va + mm->size - 1U;
- int ret;
-
- /* Ignore empty regions */
- if (mm->size == 0U) {
- return;
- }
-
- /* Static regions must be added before initializing the xlat tables. */
- assert(!ctx->initialized);
-
- ret = mmap_add_region_check(ctx, mm);
- if (ret != 0) {
- ERROR("mmap_add_region_check() failed. error %d\n", ret);
- assert(false);
- return;
- }
-
- /*
- * Find the last entry marker in the mmap
- */
- mm_last = ctx->mmap;
- while ((mm_last->size != 0U) && (mm_last < mm_end)) {
- ++mm_last;
- }
-
- /*
- * Check if we have enough space in the memory mapping table.
- * This shouldn't happen as we have checked in mmap_add_region_check
- * that there is free space.
- */
- assert(mm_last->size == 0U);
-
- /* Make room for new region by moving other regions up by one place */
- mm_destination = mm_cursor + 1;
- (void)memmove(mm_destination, mm_cursor,
- (uintptr_t)mm_last - (uintptr_t)mm_cursor);
-
- /*
- * Check we haven't lost the empty sentinel from the end of the array.
- * This shouldn't happen as we have checked in mmap_add_region_check
- * that there is free space.
- */
- assert(mm_end->size == 0U);
-
- *mm_cursor = *mm;
-
- if (end_pa > ctx->max_pa) {
- ctx->max_pa = end_pa;
- }
- if (end_va > ctx->max_va) {
- ctx->max_va = end_va;
- }
-}
-
-void mmap_add_ctx(xlat_ctx_t *ctx, const mmap_region_t *mm)
-{
- const mmap_region_t *mm_cursor = mm;
-
- while (mm_cursor->granularity != 0U) {
- mmap_add_region_ctx(ctx, mm_cursor);
- mm_cursor++;
- }
-}
-
-void __init init_xlat_tables_ctx(xlat_ctx_t *ctx)
-{
- uint64_t mair = UL(0);
-
- assert(ctx != NULL);
- assert(!ctx->initialized);
- assert((ctx->xlat_regime == EL2_REGIME) ||
- (ctx->xlat_regime == EL1_EL0_REGIME));
- /* Note: Add EL3_REGIME if EL3 is supported in future v8-R64 cores. */
- assert(!is_mpu_enabled_ctx(ctx));
-
- mmap_region_t *mm = ctx->mmap;
-
- assert(ctx->va_max_address >=
- (xlat_get_min_virt_addr_space_size() - 1U));
- assert(ctx->va_max_address <= (MAX_VIRT_ADDR_SPACE_SIZE - 1U));
- assert(IS_POWER_OF_TWO(ctx->va_max_address + 1U));
-
- xlat_mmap_print(mm);
-
- /* All tables must be zeroed before mapping any region. */
-
- for (unsigned int i = 0U; i < ctx->base_table_entries; i++)
- ctx->base_table[i] = INVALID_DESC;
-
- /* Also mark all MPU regions as invalid in the MPU hardware itself: */
- write_prenr_el2(0);
- /* Sufficient for current, max-32-region implementations. */
- dsbsy();
- isb();
- while (mm->size != 0U) {
- if (read_prenr_el2() == ALL_MPU_EL2_REGIONS_USED) {
- ERROR("Not enough MPU regions to map region:\n"
- " VA:0x%lx PA:0x%llx size:0x%zx attr:0x%x\n",
- mm->base_va, mm->base_pa, mm->size, mm->attr);
- panic();
- } else {
-#if !(HW_ASSISTED_COHERENCY || WARMBOOT_ENABLE_DCACHE_EARLY)
- xlat_clean_dcache_range((uintptr_t)mm->base_va,
- mm->size);
-#endif
- mpu_map_region(mm);
- }
- mm++;
- }
-
- ctx->initialized = true;
-
- xlat_tables_print(ctx);
-
- /* Set attributes in the right indices of the MAIR */
- mair = MAIR_ATTR_SET(ATTR_DEVICE, ATTR_DEVICE_INDEX);
- mair |= MAIR_ATTR_SET(ATTR_IWBWA_OWBWA_NTR,
- ATTR_IWBWA_OWBWA_NTR_INDEX);
- mair |= MAIR_ATTR_SET(ATTR_NON_CACHEABLE,
- ATTR_NON_CACHEABLE_INDEX);
- write_mair_el2(mair);
- dsbsy();
- isb();
-}
-
-/*
- * Function to wipe clean and disable all MPU regions. This function expects
- * that the MPU has already been turned off, and caching concerns addressed,
- * but it nevertheless also explicitly turns off the MPU.
- */
-void clear_all_mpu_regions(void)
-{
- uint64_t sctlr_el2_value = 0UL;
- uint64_t region_n = 0UL;
-
- /*
- * MPU should already be disabled, but explicitly disable it
- * nevertheless:
- */
- sctlr_el2_value = read_sctlr_el2() & ~(1UL);
- write_sctlr_el2(sctlr_el2_value);
-
- /* Disable all regions: */
- write_prenr_el2(0UL);
-
- /* Sequence through all regions, zeroing them out and turning off: */
- for (region_n = 0UL; region_n < N_MPU_REGIONS; region_n++) {
- write_prselr_el2(region_n);
- isb();
- write_prbar_el2((uint64_t) 0);
- write_prlar_el2((uint64_t) 0);
- dsbsy();
- isb();
- }
-}
diff --git a/lib/xlat_mpu/xlat_mpu_private.h b/lib/xlat_mpu/xlat_mpu_private.h
deleted file mode 100644
index 14800e9..0000000
--- a/lib/xlat_mpu/xlat_mpu_private.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef XLAT_MPU_PRIVATE_H
-#define XLAT_MPU_PRIVATE_H
-
-#include <stdbool.h>
-
-#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-
-#include <platform_def.h>
-
-#if PLAT_XLAT_TABLES_DYNAMIC
-/*
- * Private shifts and masks to access fields of an mmap attribute
- */
-/* Dynamic or static */
-#define MT_DYN_SHIFT U(31)
-
-/*
- * Memory mapping private attributes
- *
- * Private attributes not exposed in the public header.
- */
-
-#endif /* PLAT_XLAT_TABLES_DYNAMIC */
-
-/* Calculate region-attributes byte for PRBAR part of MPU-region descriptor: */
-uint64_t prbar_attr_value(uint32_t attr);
-/* Calculate region-attributes byte for PRLAR part of MPU-region descriptor: */
-uint64_t prlar_attr_value(uint32_t attr);
-/* Calculates the attr value for a given PRBAR and PRLAR entry value: */
-uint32_t region_attr(uint64_t prbar_attr, uint64_t prlar_attr);
-
-#define PRBAR_PRLAR_ADDR_MASK UL(0xffffffffffc0)
- /* mask for PRBAR & PRLAR MPU-region field */
-/* MPU region attribute bit fields: */
-#define PRBAR_SH_SHIFT UL(4)
-#define PRBAR_SH_MASK UL(0x3)
-#define PRBAR_AP_SHIFT UL(2)
-#define PRBAR_AP_MASK UL(0x3)
-#define PRBAR_XN_SHIFT UL(1)
-#define PRBAR_XN_MASK UL(0x3)
-#define PRLAR_NS_SHIFT UL(4)
-#define PRLAR_NS_MASK UL(0x3)
-#define PRBAR_ATTR_SHIFT UL(0)
-#define PRBAR_ATTR_MASK UL(0x3f)
-#define PRLAR_ATTR_SHIFT UL(1)
-#define PRLAR_ATTR_MASK UL(0x7)
-#define PRLAR_EN_SHIFT UL(0)
-#define PRLAR_EN_MASK UL(0x1)
-/* Aspects of the source attributes not defined elsewhere: */
-#define MT_PERM_MASK UL(0x1)
-#define MT_SEC_MASK UL(0x1)
-#define MT_EXECUTE_MASK UL(0x3)
-#define MT_TYPE_SHIFT UL(0)
-
-extern uint64_t mmu_cfg_params[MMU_CFG_PARAM_MAX];
-
-/*
- * Return the execute-never mask that will prevent instruction fetch at the
- * given translation regime.
- */
-uint64_t xlat_arch_regime_get_xn_desc(int xlat_regime);
-
-/* Print VA, PA, size and attributes of all regions in the mmap array. */
-void xlat_mmap_print(const mmap_region_t *mmap);
-
-/*
- * Print the current state of the translation tables by reading them from
- * memory.
- */
-void xlat_tables_print(xlat_ctx_t *ctx);
-
-/*
- * Returns a block/page table descriptor for the given level and attributes.
- */
-uint64_t xlat_desc(const xlat_ctx_t *ctx, uint32_t attr,
- unsigned long long addr_pa, unsigned int level);
-
-/*
- * Architecture-specific initialization code.
- */
-
-/* Returns the current Exception Level. The returned EL must be 1 or higher. */
-unsigned int xlat_arch_current_el(void);
-
-/*
- * Returns true if the MMU of the translation regime managed by the given
- * xlat_ctx_t is enabled, false otherwise.
- */
-bool is_mpu_enabled_ctx(const xlat_ctx_t *ctx);
-
-/*
- * Returns minimum virtual address space size supported by the architecture
- */
-uintptr_t xlat_get_min_virt_addr_space_size(void);
-
-#endif /* XLAT_MPU_PRIVATE_H */
diff --git a/lib/xlat_mpu/xlat_mpu_utils.c b/lib/xlat_mpu/xlat_mpu_utils.c
deleted file mode 100644
index dc5f956..0000000
--- a/lib/xlat_mpu/xlat_mpu_utils.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <errno.h>
-#include <stdbool.h>
-#include <stdint.h>
-#include <stdio.h>
-
-#include <common/debug.h>
-#include <lib/utils_def.h>
-#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-#include "xlat_mpu_private.h"
-
-#include <fvp_r_arch_helpers.h>
-#include <platform_def.h>
-
-#warning "xlat_mpu library is currently experimental and its API may change in future."
-
-
-void xlat_mmap_print(__unused const mmap_region_t *mmap)
-{
- /* Empty */
-}
-
-#if LOG_LEVEL < LOG_LEVEL_VERBOSE
-
-void xlat_tables_print(__unused xlat_ctx_t *ctx)
-{
- /* Empty */
-}
-
-#else /* if LOG_LEVEL >= LOG_LEVEL_VERBOSE */
-
-static void xlat_tables_print_internal(__unused xlat_ctx_t *ctx)
-{
- int region_to_use = 0;
- uintptr_t region_base;
- size_t region_size;
- uint64_t prenr_el2_value = 0U;
-
- /*
- * Keep track of how many invalid descriptors are counted in a row.
- * Whenever multiple invalid descriptors are found, only the first one
- * is printed, and a line is added to inform about how many descriptors
- * have been omitted.
- */
-
- /*
- * TODO: Remove this WARN() and comment when these API calls are more
- * completely implemented and tested!
- */
- WARN("%s in this early version of xlat_mpu library may not produce reliable results!",
- __func__);
-
- /*
- * Sequence through all regions and print those in-use (PRENR has an
- * enable bit for each MPU region, 1 for in-use or 0 for unused):
- */
- prenr_el2_value = read_prenr_el2();
- for (region_to_use = 0; region_to_use < N_MPU_REGIONS;
- region_to_use++) {
- if (((prenr_el2_value >> region_to_use) & 1U) == 0U) {
- continue;
- }
- region_base = read_prbar_el2() & PRBAR_PRLAR_ADDR_MASK;
- region_size = read_prlar_el2() & PRBAR_PRLAR_ADDR_MASK;
- printf("Address: 0x%llx, size: 0x%llx ",
- (long long) region_base,
- (long long) region_size);
- }
-}
-
-void xlat_tables_print(__unused xlat_ctx_t *ctx)
-{
- xlat_tables_print_internal(ctx);
-}
-
-#endif /* LOG_LEVEL >= LOG_LEVEL_VERBOSE */
diff --git a/lib/xlat_tables_v2/xlat_tables_core.c b/lib/xlat_tables_v2/xlat_tables_core.c
index bd7f017..76aba50 100644
--- a/lib/xlat_tables_v2/xlat_tables_core.c
+++ b/lib/xlat_tables_v2/xlat_tables_core.c
@@ -210,17 +210,14 @@
desc |= LOWER_ATTRS(ISH);
}
- /* Check if Branch Target Identification is enabled */
-#if ENABLE_BTI
/* Set GP bit for block and page code entries
* if BTI mechanism is implemented.
*/
- if (is_feat_bti_present() &&
+ if (is_feat_bti_supported() &&
((attr & (MT_TYPE_MASK | MT_RW |
MT_EXECUTE_NEVER)) == MT_CODE)) {
desc |= GP;
}
-#endif
} else {
assert(mem_type == MT_NON_CACHEABLE);
desc |= LOWER_ATTRS(ATTR_NON_CACHEABLE_INDEX | OSH);
diff --git a/make_helpers/arch_features.mk b/make_helpers/arch_features.mk
index 56bfb64..1561a59 100644
--- a/make_helpers/arch_features.mk
+++ b/make_helpers/arch_features.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2022-2024, Arm Limited. All rights reserved.
+# Copyright (c) 2022-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -160,6 +160,11 @@
# direct setting. Use BRANCH_PROTECTION to enable PAUTH.
ENABLE_PAUTH ?= 0
+# FEAT_PAUTH_LR is an optional architectural feature, so this flag must be set
+# manually in addition to the BRANCH_PROTECTION flag which is used for other
+# branch protection and pointer authentication features.
+ENABLE_FEAT_PAUTH_LR ?= 0
+
# Include pointer authentication (ARMv8.3-PAuth) registers in cpu context. This
# must be set to 1 if the platform wants to use this feature in the Secure
# world. It is not necessary for use in the Non-secure world.
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index 906e5d7..f438a9d 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -156,6 +156,9 @@
# default, they are for Secure EL1.
GICV2_G0_FOR_EL3 := 0
+# Generic implementation of a GICvX driver
+USE_GIC_DRIVER := 0
+
# Route NS External Aborts to EL3. Disabled by default; External Aborts are handled
# by lower ELs.
HANDLE_EA_EL3_FIRST_NS := 0
@@ -432,3 +435,8 @@
# Enable RMMD to forward attestation requests from RMM to EL3.
RMMD_ENABLE_EL3_TOKEN_SIGN := 0
+
+# Enable RMMD to program and manage IDE Keys at the PCIe Root Port(RP).
+# This flag is temporary and it is expected once the interface is
+# finalized, this flag will be removed.
+RMMD_ENABLE_IDE_KEY_PROG := 0
diff --git a/plat/amd/common/plat_xfer_list.c b/plat/amd/common/plat_xfer_list.c
index 7af6726..19c882b 100644
--- a/plat/amd/common/plat_xfer_list.c
+++ b/plat/amd/common/plat_xfer_list.c
@@ -45,9 +45,18 @@
continue;
case SECURE:
*bl32 = *ep;
- if (!transfer_list_set_handoff_args(tl_hdr, ep)) {
+#if defined(SPD_opteed)
+ /*
+ * Populate the args expected by opteed,
+ * arg0 - dt address,
+ * arg1 - Xfer List Convention Version,
+ * arg3 - Xfer List address
+ * remaining args are set to 0.
+ */
+ if (transfer_list_set_handoff_args(tl_hdr, bl32) == NULL) {
ERROR("Invalid transfer list\n");
}
+#endif /* SPD_opteed */
continue;
default:
ERROR("Unrecognized Image Security State %lu\n",
diff --git a/plat/amd/versal2/bl31_setup.c b/plat/amd/versal2/bl31_setup.c
index 3a856cb..94ace7d 100644
--- a/plat/amd/versal2/bl31_setup.c
+++ b/plat/amd/versal2/bl31_setup.c
@@ -31,6 +31,8 @@
#include <pm_api_sys.h>
#include <pm_client.h>
+#include <plat_ocm_coherency.h>
+
static entry_point_info_t bl32_image_ep_info;
static entry_point_info_t bl33_image_ep_info;
@@ -120,9 +122,6 @@
cpu_clock = 112203;
break;
case QEMU:
- /* Random values now */
- cpu_clock = 3333333;
- break;
case SILICON:
cpu_clock = 100000000;
break;
@@ -143,6 +142,10 @@
setup_console();
+ if (IS_TFA_IN_OCM(BL31_BASE) && (check_ocm_coherency() < 0)) {
+ NOTICE("OCM coherency check not supported\n");
+ }
+
NOTICE("TF-A running on %s v%d.%d, RTL v%d.%d, PS v%d.%d, PMC v%d.%d\n",
board_name_decode(),
(platform_version >> 1), platform_version % 10U,
@@ -178,7 +181,9 @@
INFO("CPU Revision = 0x%lx\n", rev_var);
INFO("cpu_clock = %dHz, uart_clock = %dHz\n", cpu_clock, uart_clock);
NOTICE("BL31: Executing from 0x%x\n", BL31_BASE);
+#if (defined(SPD_tspd) || defined(SPD_opteed))
NOTICE("BL31: Secure code at 0x%lx\n", bl32_image_ep_info.pc);
+#endif /* SPD_tspd || SPD_opteed */
NOTICE("BL31: Non secure code at 0x%lx\n", bl33_image_ep_info.pc);
}
diff --git a/plat/amd/versal2/include/plat_ipi.h b/plat/amd/versal2/include/plat_ipi.h
index 503ec1f..c110fb8 100644
--- a/plat/amd/versal2/include/plat_ipi.h
+++ b/plat/amd/versal2/include/plat_ipi.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,6 +11,7 @@
#define PLAT_IPI_H
#include <stdint.h>
+#include <lib/utils_def.h>
#include <ipi.h>
@@ -24,7 +25,15 @@
#define IPI_ID_3 5U
#define IPI_ID_4 6U
#define IPI_ID_5 7U
-#define IPI_ID_MAX 8U
+#define IPI_ID_PMC_NOBUF 8U
+#define IPI_ID_6_NOBUF_95 9U
+#define IPI_ID_1_NOBUF 10U
+#define IPI_ID_2_NOBUF 11U
+#define IPI_ID_3_NOBUF 12U
+#define IPI_ID_4_NOBUF 13U
+#define IPI_ID_5_NOBUF 14U
+#define IPI_ID_6_NOBUF_101 15U
+#define IPI_ID_MAX 16U
/*********************************************************************
* IPI message buffers
@@ -56,17 +65,34 @@
* IPI registers and bitfields
******************************************************************************/
#define IPI0_REG_BASE (0xEB330000U)
-#define IPI0_TRIG_BIT (1 << 2)
-#define PMC_IPI_TRIG_BIT (1 << 1)
+#define IPI0_TRIG_BIT BIT_32(2)
+#define PMC_IPI_TRIG_BIT BIT_32(1)
#define IPI1_REG_BASE (0xEB340000U)
-#define IPI1_TRIG_BIT (1 << 3)
+#define IPI1_TRIG_BIT BIT_32(3)
#define IPI2_REG_BASE (0xEB350000U)
-#define IPI2_TRIG_BIT (1 << 4)
+#define IPI2_TRIG_BIT BIT_32(4)
#define IPI3_REG_BASE (0xEB360000U)
-#define IPI3_TRIG_BIT (1 << 5)
+#define IPI3_TRIG_BIT BIT_32(5)
#define IPI4_REG_BASE (0xEB370000U)
-#define IPI4_TRIG_BIT (1 << 6)
+#define IPI4_TRIG_BIT BIT_32(6)
#define IPI5_REG_BASE (0xEB380000U)
-#define IPI5_TRIG_BIT (1 << 7)
+#define IPI5_TRIG_BIT BIT_32(7)
+
+#define PMC_NOBUF_REG_BASE (0xEB390000U)
+#define PMC_NOBUF_TRIG_BIT BIT_32(8)
+#define IPI6_NOBUF_95_REG_BASE (0xEB3A0000U)
+#define IPI6_NOBUF_95_TRIG_BIT BIT_32(9)
+#define IPI1_NOBUF_REG_BASE (0xEB3B0000U)
+#define IPI1_NOBUF_TRIG_BIT BIT_32(10)
+#define IPI2_NOBUF_REG_BASE (0xEB3B1000U)
+#define IPI2_NOBUF_TRIG_BIT BIT_32(11)
+#define IPI3_NOBUF_REG_BASE (0xEB3B2000U)
+#define IPI3_NOBUF_TRIG_BIT BIT_32(12)
+#define IPI4_NOBUF_REG_BASE (0xEB3B3000U)
+#define IPI4_NOBUF_TRIG_BIT BIT_32(13)
+#define IPI5_NOBUF_REG_BASE (0xEB3B4000U)
+#define IPI5_NOBUF_TRIG_BIT BIT_32(14)
+#define IPI6_NOBUF_101_REG_BASE (0xEB3B5000U)
+#define IPI6_NOBUF_101_TRIG_BIT BIT_32(15)
#endif /* PLAT_IPI_H */
diff --git a/plat/amd/versal2/include/plat_ocm_coherency.h b/plat/amd/versal2/include/plat_ocm_coherency.h
new file mode 100644
index 0000000..b88c2eb
--- /dev/null
+++ b/plat/amd/versal2/include/plat_ocm_coherency.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) 2025, Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef PLAT_OCM_COHERENCY_H
+#define PLAT_OCM_COHERENCY_H
+
+#define COHERENCY_CHECK_NOT_SUPPORTED -1
+
+#if (DEBUG == 1)
+int32_t check_ocm_coherency(void);
+#else
+static inline int32_t check_ocm_coherency(void)
+{
+ return COHERENCY_CHECK_NOT_SUPPORTED;
+}
+#endif
+
+#endif/*PLAT_OCM_COHERENCY_H*/
diff --git a/plat/amd/versal2/plat_ocm_coherency.c b/plat/amd/versal2/plat_ocm_coherency.c
new file mode 100644
index 0000000..872ee23
--- /dev/null
+++ b/plat/amd/versal2/plat_ocm_coherency.c
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2025, Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <common/debug.h>
+#include <lib/mmio.h>
+
+#include <plat_ocm_coherency.h>
+#include <platform_def.h>
+
+/*
+ * Register non hash mem regions addresses
+ */
+#define POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 U(0xF8168000)
+#define NON_HASH_MEM_REGION_REG0 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC08)
+#define NON_HASH_MEM_REGION_REG1 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC0C)
+#define NON_HASH_MEM_REGION_REG2 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC10)
+#define NON_HASH_MEM_REGION_REG3 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC14)
+#define NON_HASH_MEM_REGION_REG4 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC18)
+#define NON_HASH_MEM_REGION_REG5 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC1C)
+#define NON_HASH_MEM_REGION_REG6 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC20)
+#define NON_HASH_MEM_REGION_REG7 U(POR_RNSAM_NODE_INFO_U_RNFBESAM_NID12 + 0xC24)
+
+#define REGION_BASE_ADDR_VALUE U(0x2E)
+#define REGION_BASE_ADDR_SHIFT 9
+
+#define REGION_BASE_ADDRESS_MASK GENMASK(30, REGION_BASE_ADDR_SHIFT)
+#define REGION_VALID_BIT BIT(0)
+
+/*
+ * verify the register configured as non-hashed
+ */
+#define IS_NON_HASHED_REGION(reg) \
+((FIELD_GET(REGION_BASE_ADDRESS_MASK, mmio_read_32(reg)) == REGION_BASE_ADDR_VALUE) && \
+ (mmio_read_32(reg) & REGION_VALID_BIT))
+
+/*
+ * Splitter registers
+ */
+#define FPX_SPLITTER_0 U(0xECC20000)
+#define FPX_SPLITTER_1 U(0xECD20000)
+#define FPX_SPLITTER_2 U(0xECE20000)
+#define FPX_SPLITTER_3 U(0xECF20000)
+#define OCM_ADDR_DIST_MODE BIT(16)
+
+#define OCM_COHERENT 0
+#define OCM_NOT_COHERENT 1
+#define TFA_NOT_IN_OCM 2
+
+/*
+ * Function that verifies the OCM is coherent or not with the following checks:
+ * verify that OCM is in non hashed region or not if not then verify
+ * OCM_ADDR_DIST_MODE bit in splitter registers is set.
+ */
+int32_t check_ocm_coherency(void)
+{
+ int32_t status = OCM_COHERENT;
+ /* isolation should be disabled in order to read these registers */
+ if ((IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG0) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG1) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG2) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG3) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG4) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG5) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG6) ||
+ IS_NON_HASHED_REGION(NON_HASH_MEM_REGION_REG7))) {
+ WARN("OCM is not configured as coherent\n");
+ status = OCM_NOT_COHERENT;
+ } else {
+ /* verify OCM_ADDR_DIST_MODE bit in splitter registers is set */
+ if (!((mmio_read_32(FPX_SPLITTER_0) & OCM_ADDR_DIST_MODE) &&
+ (mmio_read_32(FPX_SPLITTER_1) & OCM_ADDR_DIST_MODE) &&
+ (mmio_read_32(FPX_SPLITTER_2) & OCM_ADDR_DIST_MODE) &&
+ (mmio_read_32(FPX_SPLITTER_3) & OCM_ADDR_DIST_MODE))) {
+ WARN("OCM is not configured as coherent\n");
+ status = OCM_NOT_COHERENT;
+ }
+ }
+ return status;
+}
+
diff --git a/plat/amd/versal2/plat_psci_pm.c b/plat/amd/versal2/plat_psci_pm.c
index 50614d5..3cc6b95 100644
--- a/plat/amd/versal2/plat_psci_pm.c
+++ b/plat/amd/versal2/plat_psci_pm.c
@@ -110,7 +110,7 @@
* Send the system reset request to the firmware if power down request
* is not received from firmware.
*/
- if (pwrdwn_req_received == true) {
+ if (pwrdwn_req_received == false) {
/*
* TODO: shutdown scope for this reset needs be revised once
* we have a clearer understanding of the overall reset scoping
diff --git a/plat/amd/versal2/platform.mk b/plat/amd/versal2/platform.mk
index 7cd864e..283ad42 100644
--- a/plat/amd/versal2/platform.mk
+++ b/plat/amd/versal2/platform.mk
@@ -160,6 +160,11 @@
${PLAT_PATH}/sip_svc_setup.c \
${PLAT_PATH}/gicv3.c
+
+ifeq ($(DEBUG),1)
+BL31_SOURCES += ${PLAT_PATH}/plat_ocm_coherency.c
+endif
+
ifeq (${ERRATA_ABI_SUPPORT}, 1)
# enable the cpu macros for errata abi interface
CORTEX_A78_AE_H_INC := 1
diff --git a/plat/amd/versal2/pm_service/pm_svc_main.c b/plat/amd/versal2/pm_service/pm_svc_main.c
index 88848e2..10d2ed2 100644
--- a/plat/amd/versal2/pm_service/pm_svc_main.c
+++ b/plat/amd/versal2/pm_service/pm_svc_main.c
@@ -133,7 +133,7 @@
/* Check status register for each IPI except PMC */
for (i = IPI_ID_APU; i <= IPI_ID_5; i++) {
- ipi_status = (uint32_t)ipi_mb_enquire_status(IPI_ID_APU, i);
+ ipi_status = ipi_mb_enquire_status(IPI_ID_APU, i);
/* If any agent other than PMC has generated IPI FIQ then send SGI to mbox driver */
if ((ipi_status & (uint32_t)IPI_MB_STATUS_RECV_PENDING) > (uint32_t) 0) {
@@ -143,8 +143,8 @@
}
/* If PMC has not generated interrupt then end ISR */
- ipi_status = (uint32_t)ipi_mb_enquire_status(IPI_ID_APU, IPI_ID_PMC);
- if ((ipi_status & (uint32_t) IPI_MB_STATUS_RECV_PENDING) == (uint32_t) 0) {
+ ipi_status = ipi_mb_enquire_status(IPI_ID_APU, IPI_ID_PMC);
+ if ((ipi_status & IPI_MB_STATUS_RECV_PENDING) == (uint32_t)0) {
plat_ic_end_of_interrupt(id);
goto end;
}
diff --git a/plat/amd/versal2/soc_ipi.c b/plat/amd/versal2/soc_ipi.c
index 85d1bcd..24ff969 100644
--- a/plat/amd/versal2/soc_ipi.c
+++ b/plat/amd/versal2/soc_ipi.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,7 +9,6 @@
* SoC IPI agent registers access management
*/
-#include <lib/utils_def.h>
#include <plat_ipi.h>
/* versal2 ipi configuration table */
@@ -62,6 +61,62 @@
.ipi_reg_base = IPI5_REG_BASE,
.secure_only = 0,
},
+
+ /* PMC_NOBUF IPI */
+ [IPI_ID_PMC_NOBUF] = {
+ .ipi_bit_mask = PMC_NOBUF_TRIG_BIT,
+ .ipi_reg_base = PMC_NOBUF_REG_BASE,
+ .secure_only = IPI_SECURE_MASK,
+ },
+
+ /* IPI6 IPI */
+ [IPI_ID_6_NOBUF_95] = {
+ .ipi_bit_mask = IPI6_NOBUF_95_TRIG_BIT,
+ .ipi_reg_base = IPI6_NOBUF_95_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI1 NO BUF IPI */
+ [IPI_ID_1_NOBUF] = {
+ .ipi_bit_mask = IPI1_NOBUF_TRIG_BIT,
+ .ipi_reg_base = IPI1_NOBUF_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI2 NO BUF IPI */
+ [IPI_ID_2_NOBUF] = {
+ .ipi_bit_mask = IPI2_NOBUF_TRIG_BIT,
+ .ipi_reg_base = IPI2_NOBUF_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI3 NO BUF IPI */
+ [IPI_ID_3_NOBUF] = {
+ .ipi_bit_mask = IPI3_NOBUF_TRIG_BIT,
+ .ipi_reg_base = IPI3_NOBUF_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI4 NO BUF IPI */
+ [IPI_ID_4_NOBUF] = {
+ .ipi_bit_mask = IPI4_NOBUF_TRIG_BIT,
+ .ipi_reg_base = IPI4_NOBUF_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI5 NO BUF IPI */
+ [IPI_ID_5_NOBUF] = {
+ .ipi_bit_mask = IPI5_NOBUF_TRIG_BIT,
+ .ipi_reg_base = IPI5_NOBUF_REG_BASE,
+ .secure_only = 0,
+ },
+
+ /* IPI6 NO BUF IPI */
+ [IPI_ID_6_NOBUF_101] = {
+ .ipi_bit_mask = IPI6_NOBUF_101_TRIG_BIT,
+ .ipi_reg_base = IPI6_NOBUF_101_REG_BASE,
+ .secure_only = 0,
+ },
};
/**
diff --git a/plat/arm/board/a5ds/a5ds_bl2_setup.c b/plat/arm/board/a5ds/a5ds_bl2_setup.c
index a0aa639..3e26188 100644
--- a/plat/arm/board/a5ds/a5ds_bl2_setup.c
+++ b/plat/arm/board/a5ds/a5ds_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,7 +9,7 @@
void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ arm_bl2_early_platform_setup(arg0, arg1, arg2, arg3);
}
void bl2_platform_setup(void)
diff --git a/plat/arm/board/a5ds/platform.mk b/plat/arm/board/a5ds/platform.mk
index 6d60cbe..32e089d 100644
--- a/plat/arm/board/a5ds/platform.mk
+++ b/plat/arm/board/a5ds/platform.mk
@@ -19,12 +19,7 @@
DYN_CFG_SOURCES += ${FDT_WRAPPERS_SOURCES}
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-A5DS_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
+USE_GIC_DRIVER := 2
A5DS_SECURITY_SOURCES := plat/arm/board/a5ds/a5ds_security.c
diff --git a/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c b/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c
index a951dc7..1b8699a 100644
--- a/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c
+++ b/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, ARM Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,7 @@
void plat_arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_sp_min_early_platform_setup(arg0, arg1, arg2, arg3);
/* enable snoop control unit */
enable_snoop_ctrl_unit(A5DS_SCU_BASE);
diff --git a/plat/arm/board/a5ds/sp_min/sp_min-a5ds.mk b/plat/arm/board/a5ds/sp_min/sp_min-a5ds.mk
index 4b0c97d..c3ce916 100644
--- a/plat/arm/board/a5ds/sp_min/sp_min-a5ds.mk
+++ b/plat/arm/board/a5ds/sp_min/sp_min-a5ds.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019, ARM Limited. All rights reserved.
+# Copyright (c) 2019-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -18,5 +18,4 @@
plat/common/aarch32/platform_mp_stack.S \
plat/common/plat_psci_common.c \
${A5DS_CPU_LIBS} \
- ${A5DS_GIC_SOURCES} \
${A5DS_SECURITY_SOURCES}
diff --git a/plat/arm/board/automotive_rd/platform/rd1ae/platform.mk b/plat/arm/board/automotive_rd/platform/rd1ae/platform.mk
index 12b1e8c..98242e6 100644
--- a/plat/arm/board/automotive_rd/platform/rd1ae/platform.mk
+++ b/plat/arm/board/automotive_rd/platform/rd1ae/platform.mk
@@ -28,7 +28,8 @@
ENABLE_FEAT_ECV := 1
ENABLE_FEAT_FGT := 1
ENABLE_FEAT_MTE2 := 1
-ENABLE_MPAM_FOR_LOWER_ELS := 1
+ENABLE_FEAT_MPAM := 1
+USE_GIC_DRIVER := 3
GIC_ENABLE_V4_EXTN := 1
GICV3_SUPPORT_GIC600 := 1
HW_ASSISTED_COHERENCY := 1
@@ -40,11 +41,6 @@
RD1AE_CPU_SOURCES := lib/cpus/aarch64/neoverse_v3.S
-include drivers/arm/gic/v3/gicv3.mk
-RD1AE_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c
-
PLAT_BL_COMMON_SOURCES += ${RD1AE_BASE}/rd1ae_plat.c \
${RD1AE_BASE}/include/rd1ae_helpers.S
@@ -56,7 +52,6 @@
drivers/arm/sbsa/sbsa.c
BL31_SOURCES += ${RD1AE_CPU_SOURCES} \
- ${RD1AE_GIC_SOURCES} \
${RD1AE_BASE}/rd1ae_bl31_setup.c \
${RD1AE_BASE}/rd1ae_topology.c \
drivers/cfi/v2m/v2m_flash.c \
diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk
index 3a6637f..f350957 100644
--- a/plat/arm/board/common/board_common.mk
+++ b/plat/arm/board/common/board_common.mk
@@ -13,14 +13,14 @@
ifneq (${TRUSTED_BOARD_BOOT},0)
ARM_ROTPK_S = plat/arm/board/common/rotpk/arm_dev_rotpk.S
-ARM_ROTPK = $(BUILD_PLAT)/arm_rotpk.bin
ARM_ROTPK_IS_HASH := 1
-$(eval $(call add_define_val,ARM_ROTPK,'"$(ARM_ROTPK)"'))
# ROTPK hash location
ifeq (${ARM_ROTPK_LOCATION}, regs)
ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID
else
+ARM_ROTPK = $(BUILD_PLAT)/arm_rotpk.bin
+$(eval $(call add_define_val,ARM_ROTPK,'"$(ARM_ROTPK)"'))
# The ROTPK is a development key
ifeq (${ARM_ROTPK_LOCATION}, devel_rsa)
CRYPTO_ALG=rsa
diff --git a/plat/arm/board/corstone1000/common/corstone1000_pm.c b/plat/arm/board/corstone1000/common/corstone1000_pm.c
index 5264187..ac80887 100644
--- a/plat/arm/board/corstone1000/common/corstone1000_pm.c
+++ b/plat/arm/board/corstone1000/common/corstone1000_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -65,7 +65,6 @@
void corstone1000_pwr_domain_on_finish(const psci_power_state_t *target_state)
{
(void)target_state;
- plat_arm_gic_init();
}
#endif
diff --git a/plat/arm/board/corstone1000/platform.mk b/plat/arm/board/corstone1000/platform.mk
index dfde5aa..65be9c1 100644
--- a/plat/arm/board/corstone1000/platform.mk
+++ b/plat/arm/board/corstone1000/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2024 Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2021-2025 Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -43,13 +43,7 @@
endif
endif
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-CORSTONE1000_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
-
+USE_GIC_DRIVER := 2
BL2_SOURCES += plat/arm/board/corstone1000/common/corstone1000_security.c \
plat/arm/board/corstone1000/common/corstone1000_err.c \
@@ -70,8 +64,7 @@
plat/arm/board/corstone1000/common/corstone1000_plat.c \
plat/arm/board/corstone1000/common/corstone1000_pm.c \
plat/arm/board/corstone1000/common/corstone1000_bl31_setup.c \
- ${CORSTONE1000_CPU_LIBS} \
- ${CORSTONE1000_GIC_SOURCES}
+ ${CORSTONE1000_CPU_LIBS}
ifneq (${ENABLE_STACK_PROTECTOR},0)
ifneq (${ENABLE_STACK_PROTECTOR},none)
diff --git a/plat/arm/board/corstone700/platform.mk b/plat/arm/board/corstone700/platform.mk
index d6d3bef..b76ef20 100644
--- a/plat/arm/board/corstone700/platform.mk
+++ b/plat/arm/board/corstone700/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2023, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -29,12 +29,7 @@
$(error Variable AARCH32_SP has to be set for AArch32)
endif
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-CORSTONE700_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
+USE_GIC_DRIVER := 2
# BL1/BL2 Image not a part of the capsule Image for Corstone700
override NEED_BL1 := no
diff --git a/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c b/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c
index 2fc0e0d..221e132 100644
--- a/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c
+++ b/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,5 +9,5 @@
void plat_arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_sp_min_early_platform_setup(arg0, arg1, arg2, arg3);
}
diff --git a/plat/arm/board/corstone700/sp_min/sp_min-corstone700.mk b/plat/arm/board/corstone700/sp_min/sp_min-corstone700.mk
index 75dc0f1..3e282cd 100644
--- a/plat/arm/board/corstone700/sp_min/sp_min-corstone700.mk
+++ b/plat/arm/board/corstone700/sp_min/sp_min-corstone700.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,8 +12,7 @@
plat/arm/board/corstone700/common/corstone700_security.c \
plat/arm/board/corstone700/common/corstone700_plat.c \
plat/arm/board/corstone700/common/corstone700_pm.c \
- plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c \
- ${CORSTONE700_GIC_SOURCES}
+ plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c
ifneq (${ENABLE_STACK_PROTECTOR},0)
ifneq (${ENABLE_STACK_PROTECTOR},none)
diff --git a/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c b/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
index 662b8a4..fb7f48e 100644
--- a/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
+++ b/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c
@@ -84,8 +84,12 @@
/* Find the offset of the node containing "arm,psci-1.0" compatible property */
node = fdt_node_offset_by_compatible(hw_config_dtb, -1, "arm,psci-1.0");
if (node < 0) {
- ERROR("FCONF: Unable to locate node with arm,psci-1.0 compatible property\n");
- return node;
+ /* Fall back to 0.2 */
+ node = fdt_node_offset_by_compatible(hw_config_dtb, -1, "arm,psci-0.2");
+ if (node < 0) {
+ ERROR("FCONF: Unable to locate node with arm,psci compatible property\n");
+ return node;
+ }
}
err = fdt_read_uint32(hw_config_dtb, node, "max-pwr-lvl", &max_pwr_lvl);
@@ -343,7 +347,7 @@
for (unsigned long i = 0UL; i < dram_layout.num_banks; i++) {
int err = fdt_get_reg_props_by_index(
hw_config_dtb, node, (int)i,
- &dram_layout.dram_bank[i].base,
+ (uintptr_t *)&dram_layout.dram_bank[i].base,
(size_t *)&dram_layout.dram_bank[i].size);
if (err < 0) {
ERROR("FCONF: Failed to read 'reg' property #%lu of 'memory' node\n", i);
diff --git a/plat/arm/board/fvp/fvp_bl1_measured_boot.c b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
index f14dbff..d6b6863 100644
--- a/plat/arm/board/fvp/fvp_bl1_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl1_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,11 +8,16 @@
#include <drivers/measured_boot/event_log/event_log.h>
#include <drivers/measured_boot/metadata.h>
-#include <plat/arm/common/plat_arm.h>
#include <tools_share/zero_oid.h>
+#include <plat/arm/common/plat_arm.h>
+
/* Event Log data */
+#if TRANSFER_LIST
+static uint8_t *event_log;
+#else
static uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
+#endif
/* FVP table with platform specific image IDs, names and PCRs */
const event_log_metadata_t fvp_event_log_metadata[] = {
@@ -20,29 +25,60 @@
{ TB_FW_CONFIG_ID, MBOOT_TB_FW_CONFIG_STRING, PCR_0 },
{ BL2_IMAGE_ID, MBOOT_BL2_IMAGE_STRING, PCR_0 },
- { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
+ { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
};
void bl1_plat_mboot_init(void)
{
- event_log_init(event_log, event_log + sizeof(event_log));
- event_log_write_header();
+ size_t event_log_max_size;
+ int rc;
+
+#if TRANSFER_LIST
+ event_log = transfer_list_event_log_extend(
+ secure_tl, PLAT_ARM_EVENT_LOG_MAX_SIZE,
+ &event_log_max_size);
+ assert(event_log != NULL);
+#else
+ event_log_max_size = sizeof(event_log);
+#endif
+
+ rc = event_log_init(event_log, event_log + event_log_max_size);
+ if (rc < 0) {
+ ERROR("Failed to initialize event log (%d).\n", rc);
+ panic();
+ }
+
+ rc = event_log_write_header();
+ if (rc < 0) {
+ ERROR("Failed to write event log header (%d).\n", rc);
+ panic();
+ }
}
void bl1_plat_mboot_finish(void)
{
- size_t event_log_cur_size;
+ size_t event_log_cur_size = event_log_get_cur_size(event_log);
- event_log_cur_size = event_log_get_cur_size(event_log);
- int rc = arm_set_tb_fw_info((uintptr_t)event_log,
- event_log_cur_size,
- PLAT_ARM_EVENT_LOG_MAX_SIZE);
- if (rc != 0) {
- /*
- * It is a fatal error because on FVP platform, BL2 software
- * assumes that a valid Event Log buffer exist and it will use
- * same Event Log buffer to append image measurements.
- */
- panic();
+#if TRANSFER_LIST
+ uint8_t *rc = transfer_list_event_log_finish(
+ secure_tl, (uintptr_t)event_log + event_log_cur_size);
+
+ if (rc != NULL) {
+ return;
}
+#else
+ int rc = arm_set_tb_fw_info((uintptr_t)event_log, event_log_cur_size,
+ PLAT_ARM_EVENT_LOG_MAX_SIZE);
+ if (rc == 0) {
+ return;
+ }
+#endif
+
+ /*
+ * Panic if we fail to set up the event log for the next stage. This is a fatal
+ * error because, on the FVP platform, BL2 software assumes that a valid
+ * Event Log buffer exists and will use the same Event Log buffer to append image
+ * measurements.
+ */
+ panic();
}
diff --git a/plat/arm/board/fvp/fvp_bl2_measured_boot.c b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
index 8bf7dad..1fae0cf 100644
--- a/plat/arm/board/fvp/fvp_bl2_measured_boot.c
+++ b/plat/arm/board/fvp/fvp_bl2_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,7 +19,7 @@
#include <plat/arm/common/plat_arm.h>
#include <plat/common/common_def.h>
-#if defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)
+#if !TRANSFER_LIST && (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd))
CASSERT(ARM_EVENT_LOG_DRAM1_SIZE >= PLAT_ARM_EVENT_LOG_MAX_SIZE, \
assert_res_eventlog_mem_insufficient);
#endif /* defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd) */
@@ -61,10 +61,17 @@
{
uint8_t *event_log_start;
uint8_t *event_log_finish;
- size_t bl1_event_log_size;
- size_t event_log_max_size;
- int rc;
+ size_t bl1_event_log_size __unused;
+ size_t event_log_max_size __unused;
+ int rc __unused;
+#if TRANSFER_LIST
+ event_log_start = transfer_list_event_log_extend(
+ secure_tl, PLAT_ARM_EVENT_LOG_MAX_SIZE, &event_log_max_size);
+ event_log_finish = event_log_start + event_log_max_size;
+
+ event_log_base = (uintptr_t)event_log_start;
+#else
rc = arm_get_tb_fw_info(&event_log_base, &bl1_event_log_size,
&event_log_max_size);
if (rc != 0) {
@@ -82,10 +89,11 @@
* BL1 and BL2 share the same Event Log buffer and that BL2 will
* append its measurements after BL1's
*/
- event_log_start = (uint8_t *)((uintptr_t)event_log_base +
- bl1_event_log_size);
- event_log_finish = (uint8_t *)((uintptr_t)event_log_base +
- event_log_max_size);
+ event_log_start =
+ (uint8_t *)((uintptr_t)event_log_base + bl1_event_log_size);
+ event_log_finish =
+ (uint8_t *)((uintptr_t)event_log_base + event_log_max_size);
+#endif
event_log_init((uint8_t *)event_log_start, event_log_finish);
}
@@ -160,7 +168,7 @@
int rc;
/* Event Log address in Non-Secure memory */
- uintptr_t ns_log_addr;
+ uintptr_t ns_log_addr __unused;
/* Event Log filled size */
size_t event_log_cur_size;
@@ -172,6 +180,15 @@
event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
+#if TRANSFER_LIST
+ /*
+ * Re-size the event log for the next stage and update the size to include
+ * the entire event log (i.e., not just what this stage has added.)
+ */
+ event_log_base = (uintptr_t)transfer_list_event_log_finish(
+ secure_tl, (uintptr_t)event_log_base + event_log_cur_size);
+ event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
+#else
#if defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)
/* Copy Event Log to TZC secured DRAM memory */
(void)memcpy((void *)ARM_EVENT_LOG_DRAM1_BASE,
@@ -217,6 +234,7 @@
panic();
}
#endif /* defined(SPD_tspd) || defined(SPD_spmd) */
+#endif /* TRANSFER_LIST */
- dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
+ event_log_dump((uint8_t *)event_log_base, event_log_cur_size);
}
diff --git a/plat/arm/board/fvp/fvp_bl2_setup.c b/plat/arm/board/fvp/fvp_bl2_setup.c
index 90d9608..989f058 100644
--- a/plat/arm/board/fvp/fvp_bl2_setup.c
+++ b/plat/arm/board/fvp/fvp_bl2_setup.c
@@ -52,10 +52,7 @@
void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3)
{
-#if TRANSFER_LIST
- arg0 = arg3;
-#endif
- arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ arm_bl2_early_platform_setup(arg0, arg1, arg2, arg3);
/* Initialize the platform config for future decision making */
fvp_config_setup();
diff --git a/plat/arm/board/fvp/fvp_bl31_setup.c b/plat/arm/board/fvp/fvp_bl31_setup.c
index e087565..d75abb4 100644
--- a/plat/arm/board/fvp/fvp_bl31_setup.c
+++ b/plat/arm/board/fvp/fvp_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -28,10 +28,7 @@
/* Initialize the console to provide early debug support */
arm_console_boot_init();
-#if TRANSFER_LIST
- arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
-#else
-#if !RESET_TO_BL31 && !RESET_TO_BL2
+#if !(TRANSFER_LIST || RESET_TO_BL31 || RESET_TO_BL2)
const struct dyn_cfg_dtb_info_t *soc_fw_config_info;
INFO("BL31 FCONF: FW_CONFIG address = %lx\n", (uintptr_t)arg1);
@@ -53,9 +50,9 @@
assert(hw_config_info != NULL);
assert(hw_config_info->secondary_config_addr != 0UL);
arg2 = hw_config_info->secondary_config_addr;
-#endif /* !RESET_TO_BL31 && !RESET_TO_BL2 */
- arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
-#endif /* TRANSFER_LIST */
+#endif /* !(TRANSFER_LIST || RESET_TO_BL31 || RESET_TO_BL2)*/
+
+ arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
/* Initialize the platform config for future decision making */
fvp_config_setup();
@@ -94,6 +91,16 @@
}
}
+void __init bl31_platform_setup(void)
+{
+ arm_bl31_platform_setup();
+
+#if USE_GIC_DRIVER == 3
+ fvp_pcpu_init();
+ fvp_gic_driver_pre_init();
+#endif
+}
+
#if !TRANSFER_LIST
void __init bl31_plat_arch_setup(void)
{
diff --git a/plat/arm/board/fvp/fvp_common.c b/plat/arm/board/fvp/fvp_common.c
index 98d4bbc..9d0463d 100644
--- a/plat/arm/board/fvp/fvp_common.c
+++ b/plat/arm/board/fvp/fvp_common.c
@@ -14,6 +14,7 @@
#include <drivers/arm/ccn.h>
#include <drivers/arm/gicv2.h>
#include <drivers/arm/sp804_delay_timer.h>
+#include <drivers/arm/smmu_v3.h>
#include <drivers/generic_delay_timer.h>
#include <fconf_hw_config_getter.h>
#include <lib/mmio.h>
@@ -43,6 +44,15 @@
#define FVP_RMM_CONSOLE_NAME "pl011"
#define FVP_RMM_CONSOLE_COUNT UL(1)
+/* Defines for RMM PCIe ECAM */
+#define FVP_RMM_ECAM_BASE PCIE_EXP_BASE
+#define FVP_RMM_ECAM_SEGMENT UL(0x0)
+#define FVP_RMM_ECAM_BDF UL(0x0)
+
+/* Defines for RMM SMMUv3 */
+#define FVP_RMM_SMMU_BASE PLAT_FVP_SMMUV3_BASE
+#define FVP_RMM_SMMU_COUNT UL(1)
+
/*******************************************************************************
* arm_config holds the characteristics of the differences between the three FVP
* platforms (Base, A53_A57 & Foundation). It will be populated during cold boot
@@ -563,6 +573,41 @@
}
#if ENABLE_RME
+
+/* BDF mappings for RP0 RC0 */
+const struct bdf_mapping_info rc0rp0_bdf_data[] = {
+ /* BDF0 */
+ {0U, /* mapping_base */
+ 0x8000U, /* mapping_top */
+ 0U, /* mapping_off */
+ 0U /* smmu_idx */
+ }
+};
+
+/* Root ports for RC0 */
+const struct root_port_info rc0rp_data[] = {
+ /* RP0 */
+ {0U, /* root_port_id */
+ 0U, /* padding */
+ ARRAY_SIZE(rc0rp0_bdf_data), /* num_bdf_mappings */
+ (struct bdf_mapping_info *)rc0rp0_bdf_data /* bdf_mappings */
+ }
+};
+
+/* Root complexes */
+const struct root_complex_info rc_data[] = {
+ /* RC0 */
+ {PCIE_EXP_BASE, /* ecam_base */
+ 0U, /* segment */
+ {0U, 0U, 0U}, /* padding */
+ ARRAY_SIZE(rc0rp_data), /* num_root_ports */
+ (struct root_port_info *)rc0rp_data /* root_ports */
+ }
+};
+
+/* Number of PCIe Root Complexes */
+#define FVP_RMM_RC_COUNT ARRAY_SIZE(rc_data)
+
/*
* Get a pointer to the RMM-EL3 Shared buffer and return it
* through the pointer passed as parameter.
@@ -593,14 +638,14 @@
return sum;
}
/*
- * Boot Manifest structure illustration, with two DRAM banks,
+ * Boot Manifest v0.5 structure illustration, with two DRAM banks,
* a single console and one device memory with two PCIe device
* non-coherent address ranges.
*
* +--------------------------------------------------+
* | offset | field | comment |
* +--------+--------------------+--------------------+
- * | 0 | version | 0x00000004 |
+ * | 0 | version | 0x00000005 |
* +--------+--------------------+--------------------+
* | 4 | padding | 0x00000000 |
* +--------+--------------------+--------------------+
@@ -629,42 +674,95 @@
* | 96 | banks | plat_coh_region | | | |
* +--------+--------------------+ | | | |
* | 104 | checksum | | | | |
- * +--------+--------------------+--------------------+<-+ | |
- * | 112 | base 0 | | | |
- * +--------+--------------------+ mem_bank[0] | | |
- * | 120 | size 0 | | | |
- * +--------+--------------------+--------------------+ | |
- * | 128 | base 1 | | | |
- * +--------+--------------------+ mem_bank[1] | | |
- * | 136 | size 1 | | | |
- * +--------+--------------------+--------------------+<----+ |
- * | 144 | base | | |
- * +--------+--------------------+ | |
- * | 152 | map_pages | | |
- * +--------+--------------------+ | |
- * | 160 | name | | |
- * +--------+--------------------+ consoles[0] | |
- * | 168 | clk_in_hz | | |
- * +--------+--------------------+ | |
- * | 176 | baud_rate | | |
- * +--------+--------------------+ | |
- * | 184 | flags | | |
- * +--------+--------------------+--------------------+<-------+
- * | 192 | base 0 | |
- * +--------+--------------------+ ncoh_region[0] |
- * | 200 | size 0 | |
- * +--------+--------------------+--------------------+
- * | 208 | base 1 | |
- * +--------+--------------------+ ncoh_region[1] |
- * | 216 | size 1 | |
+ * +--------+--------------------+--------------------+ | | |
+ * | 112 | num_smmus | | | | |
+ * +--------+--------------------+ | | | |
+ * | 120 | smmus | plat_smmu +--|--|--|--+
+ * +--------+--------------------+ | | | | |
+ * | 128 | checksum | | | | | |
+ * +--------+--------------------+--------------------+ | | | |
+ * | 136 | num_root_complex | | | | | |
+ * +--------+--------------------+ | | | | |
+ * | 144 | rc_info_version | | | | | |
+ * +--------+--------------------+ | | | | |
+ * | 148 | padding | plat_root_complex +--|--|--|--|--+
+ * +--------+--------------------+ | | | | | |
+ * | 152 | root_complex | | | | | | |
+ * +--------+--------------------+ | | | | | |
+ * | 160 | checksum | | | | | | |
+ * +--------+--------------------+--------------------+<-+ | | | |
+ * | 168 | base 0 | | | | | |
+ * +--------+--------------------+ mem_bank[0] | | | | |
+ * | 176 | size 0 | | | | | |
+ * +--------+--------------------+--------------------+ | | | |
+ * | 184 | base 1 | | | | | |
+ * +--------+--------------------+ mem_bank[1] | | | | |
+ * | 192 | size 1 | | | | | |
+ * +--------+--------------------+--------------------+<----+ | | |
+ * | 200 | base | | | | |
+ * +--------+--------------------+ | | | |
+ * | 208 | map_pages | | | | |
+ * +--------+--------------------+ | | | |
+ * | 216 | name | | | | |
+ * +--------+--------------------+ consoles[0] | | | |
+ * | 224 | clk_in_hz | | | | |
+ * +--------+--------------------+ | | | |
+ * | 232 | baud_rate | | | | |
+ * +--------+--------------------+ | | | |
+ * | 240 | flags | | | | |
+ * +--------+--------------------+--------------------+<-------+ | |
+ * | 248 | base 0 | | | |
+ * +--------+--------------------+ ncoh_region[0] | | |
+ * | 256 | size 0 | | | |
+ * +--------+--------------------+--------------------+ | |
+ * | 264 | base 1 | | | |
+ * +--------+--------------------+ ncoh_region[1] | | |
+ * | 272 | size 1 | | | |
+ * +--------+--------------------+--------------------+<----------+ |
+ * | 280 | smmu_base | | |
+ * +--------+--------------------+ smmus[0] | |
+ * | 288 | smmu_r_base | | |
+ * +--------+--------------------+--------------------+<-------------+
+ * | 296 | ecam_base | |
+ * +--------+--------------------+ |
+ * | 304 | segment | |
+ * +--------+--------------------+ |
+ * | 305 | padding | root_complex[0] +--+
+ * +--------+--------------------+ | |
+ * | 308 | num_root_ports | | |
+ * +--------+--------------------+ | |
+ * | 312 | root_ports | | |
+ * +--------+--------------------+--------------------+<-+
+ * | 320 | root_port_id | |
+ * +--------+--------------------+ |
+ * | 322 | padding | |
+ * +--------+--------------------+ root_ports[0] +--+
+ * | 324 | num_bdf_mappings | | |
+ * +--------+--------------------+ | |
+ * | 328 | bdf_mappings | | |
+ * +--------+--------------------+--------------------+<-+
+ * | 336 | mapping_base | |
+ * +--------+--------------------+ |
+ * | 338 | mapping_top | |
+ * +--------+--------------------+ bdf_mappings[0] |
+ * | 340 | mapping_off | |
+ * +--------+--------------------+ |
+ * | 342 | smmu_idx | |
* +--------+--------------------+--------------------+
*/
int plat_rmmd_load_manifest(struct rmm_manifest *manifest)
{
uint64_t checksum, num_banks, num_consoles;
uint64_t num_ncoh_regions, num_coh_regions;
- struct memory_bank *bank_ptr, *ncoh_region_ptr;
+ uint64_t num_smmus, num_root_complex;
+ unsigned int num_root_ports, num_bdf_mappings;
+ uint32_t o_realm;
+ struct memory_bank *bank_ptr, *ncoh_region_ptr, *coh_region_ptr;
struct console_info *console_ptr;
+ struct smmu_info *smmu_ptr;
+ struct root_complex_info *root_complex_ptr, *rc_ptr;
+ struct root_port_info *root_port_ptr, *rp_ptr;
+ struct bdf_mapping_info *bdf_mapping_ptr, *bdf_ptr;
assert(manifest != NULL);
@@ -678,12 +776,36 @@
/* Set number of device non-coherent address ranges based on DT */
num_ncoh_regions = FCONF_GET_PROPERTY(hw_config, pci_props, num_ncoh_regions);
+ /* Set number of SMMUs */
+ num_smmus = FVP_RMM_SMMU_COUNT;
+
+ /* Set number of PCIe root complexes */
+ num_root_complex = FVP_RMM_RC_COUNT;
+
+ /* Calculate and set number of all PCIe root ports and BDF mappings */
+ num_root_ports = 0U;
+ num_bdf_mappings = 0U;
+
+ /* Scan all root complex entries */
+ for (unsigned long i = 0UL; i < num_root_complex; i++) {
+ num_root_ports += rc_data[i].num_root_ports;
+
+ /* Scan all root ports entries in root complex */
+ for (unsigned int j = 0U; j < rc_data[i].num_root_ports; j++) {
+ num_bdf_mappings += rc_data[i].root_ports[j].num_bdf_mappings;
+ }
+ }
+
manifest->version = RMMD_MANIFEST_VERSION;
manifest->padding = 0U; /* RES0 */
manifest->plat_data = 0UL;
manifest->plat_dram.num_banks = num_banks;
manifest->plat_console.num_consoles = num_consoles;
manifest->plat_ncoh_region.num_banks = num_ncoh_regions;
+ manifest->plat_smmu.num_smmus = num_smmus;
+ manifest->plat_root_complex.num_root_complex = num_root_complex;
+ manifest->plat_root_complex.rc_info_version = PCIE_RC_INFO_VERSION;
+ manifest->plat_root_complex.padding = 0U; /* RES0 */
/* FVP does not support device coherent address ranges */
num_coh_regions = 0UL;
@@ -699,9 +821,27 @@
ncoh_region_ptr = (struct memory_bank *)
((uintptr_t)console_ptr + (num_consoles *
sizeof(struct console_info)));
+ coh_region_ptr = (struct memory_bank *)
+ ((uintptr_t)ncoh_region_ptr + (num_ncoh_regions *
+ sizeof(struct memory_bank)));
+ smmu_ptr = (struct smmu_info *)
+ ((uintptr_t)coh_region_ptr + (num_coh_regions *
+ sizeof(struct memory_bank)));
+ root_complex_ptr = (struct root_complex_info *)
+ ((uintptr_t)smmu_ptr + (num_smmus *
+ sizeof(struct smmu_info)));
+ root_port_ptr = (struct root_port_info *)
+ ((uintptr_t)root_complex_ptr + (num_root_complex *
+ sizeof(struct root_complex_info)));
+ bdf_mapping_ptr = (struct bdf_mapping_info *)
+ ((uintptr_t)root_port_ptr + (num_root_ports *
+ sizeof(struct root_port_info)));
+
manifest->plat_dram.banks = bank_ptr;
manifest->plat_console.consoles = console_ptr;
manifest->plat_ncoh_region.banks = ncoh_region_ptr;
+ manifest->plat_smmu.smmus = smmu_ptr;
+ manifest->plat_root_complex.root_complex = root_complex_ptr;
/* Ensure the manifest is not larger than the shared buffer */
assert((sizeof(struct rmm_manifest) +
@@ -712,7 +852,13 @@
(sizeof(struct memory_bank) *
manifest->plat_ncoh_region.num_banks) +
(sizeof(struct memory_bank) *
- manifest->plat_coh_region.num_banks))
+ manifest->plat_coh_region.num_banks) +
+ (sizeof(struct smmu_info) *
+ manifest->plat_smmu.num_smmus) +
+ (sizeof(struct root_complex_info) *
+ manifest->plat_root_complex.num_root_complex) +
+ (sizeof(struct root_port_info) * num_root_ports) +
+ (sizeof(struct bdf_mapping_info) * num_bdf_mappings))
<= ARM_EL3_RMM_SHARED_SIZE);
/* Calculate checksum of plat_dram structure */
@@ -775,6 +921,87 @@
/* Checksum must be 0 */
manifest->plat_ncoh_region.checksum = ~checksum + 1UL;
+ /* Calculate the checksum of the plat_smmu structure */
+ checksum = num_smmus + (uint64_t)smmu_ptr;
+
+ smmu_ptr[0].smmu_base = FVP_RMM_SMMU_BASE;
+
+ /* Read SMMU_ROOT_IDR0.BA_REALM[31:22] register field */
+ o_realm = mmio_read_32(FVP_RMM_SMMU_BASE + SMMU_ROOT_IDR0) &
+ SMMU_ROOT_IDR0_BA_REALM_MASK;
+ /*
+ * Calculate the base address offset of Realm Register Page 0.
+ * O_REALM = 0x20000 + (BA_REALM * 0x10000)
+ * SMMU_REALM_BASE = SMMU_PAGE_0_BASE + O_REALM
+ */
+ o_realm = 0x20000 + (o_realm >> (SMMU_ROOT_IDR0_BA_REALM_SHIFT - 16U));
+
+ smmu_ptr[0].smmu_r_base = FVP_RMM_SMMU_BASE + o_realm;
+
+ /* Update checksum */
+ checksum += checksum_calc((uint64_t *)smmu_ptr,
+ sizeof(struct smmu_info) * num_smmus);
+ /* Checksum must be 0 */
+ manifest->plat_smmu.checksum = ~checksum + 1UL;
+
+ /* Calculate the checksum of the plat_root_complex structure */
+ checksum = num_root_complex + (uint64_t)root_complex_ptr;
+
+ /* Zero out PCIe root complex info structures */
+ (void)memset((void *)root_complex_ptr, 0,
+ sizeof(struct root_complex_info) * num_root_complex);
+
+ /* Set pointers for data in manifest */
+ rc_ptr = root_complex_ptr;
+ rp_ptr = root_port_ptr;
+ bdf_ptr = bdf_mapping_ptr;
+
+ /* Fill PCIe root complex info structures */
+ for (unsigned long i = 0U; i < num_root_complex; i++) {
+ const struct root_complex_info *rc_info = &rc_data[i];
+ const struct root_port_info *rp_info = rc_info->root_ports;
+
+ /* Copy root complex data, except root_ports pointer */
+ (void)memcpy((void *)rc_ptr, (void *)rc_info,
+ sizeof(struct root_complex_info) - sizeof(struct root_port_info *));
+
+ /* Set root_ports for root complex */
+ rc_ptr->root_ports = rp_ptr;
+
+ /* Scan root ports */
+ for (unsigned int j = 0U; j < rc_ptr->num_root_ports; j++) {
+ const struct bdf_mapping_info *bdf_info = rp_info->bdf_mappings;
+
+ /* Copy root port data, except bdf_mappings pointer */
+ (void)memcpy((void *)rp_ptr, (void *)rp_info,
+ sizeof(struct root_port_info) - sizeof(struct bdf_mapping_info *));
+
+ /* Set bdf_mappings for root port */
+ rp_ptr->bdf_mappings = bdf_ptr;
+
+ /* Copy all BDF mappings for root port */
+ (void)memcpy((void *)bdf_ptr, (void *)bdf_info,
+ sizeof(struct bdf_mapping_info) * rp_ptr->num_bdf_mappings);
+
+ bdf_ptr += rp_ptr->num_bdf_mappings;
+ rp_ptr++;
+ rp_info++;
+ }
+ rc_ptr++;
+ }
+
+ /* Check that all data are written in manifest */
+ assert(rc_ptr == (root_complex_ptr + num_root_complex));
+ assert(rp_ptr == (root_port_ptr + num_root_ports));
+ assert(bdf_ptr == (bdf_mapping_ptr + num_bdf_mappings));
+
+ /* Update checksum for all PCIe data */
+ checksum += checksum_calc((uint64_t *)root_complex_ptr,
+ (uintptr_t)bdf_ptr - (uintptr_t)root_complex_ptr);
+
+ /* Checksum must be 0 */
+ manifest->plat_root_complex.checksum = ~checksum + 1UL;
+
return 0;
}
@@ -789,4 +1016,4 @@
*/
return 0;
}
-#endif /* ENABLE_RME */
+#endif /* ENABLE_RME */
diff --git a/plat/arm/board/fvp/fvp_gicv3.c b/plat/arm/board/fvp/fvp_gicv3.c
index e780f21..4167229 100644
--- a/plat/arm/board/fvp/fvp_gicv3.c
+++ b/plat/arm/board/fvp/fvp_gicv3.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,51 +21,15 @@
static bool fvp_gicr_rw_region_init[PLATFORM_CORE_COUNT] = {false};
#endif /* FVP_GICR_REGION_PROTECTION */
-/* The GICv3 driver only needs to be initialized in EL3 */
-static uintptr_t fvp_rdistif_base_addrs[PLATFORM_CORE_COUNT];
-
/* Default GICR base address to be used for GICR probe. */
-static uint64_t fvp_gicr_base_addrs[2] = { 0U };
+static uintptr_t __unused fvp_gicr_base_addrs[2] = { 0U };
-/* List of zero terminated GICR frame addresses which CPUs will probe */
-static uint64_t *fvp_gicr_frames = fvp_gicr_base_addrs;
-
-#if !(SEC_INT_DESC_IN_FCONF && ((!defined(__aarch64__) && defined(IMAGE_BL32)) || \
- (defined(__aarch64__) && defined(IMAGE_BL31))))
-static const interrupt_prop_t fvp_interrupt_props[] = {
+static const interrupt_prop_t __unused fvp_interrupt_props[] = {
PLAT_ARM_G1S_IRQ_PROPS(INTR_GROUP1S),
PLAT_ARM_G0_IRQ_PROPS(INTR_GROUP0)
};
-#endif
-/*
- * MPIDR hashing function for translating MPIDRs read from GICR_TYPER register
- * to core position.
- *
- * Calculating core position is dependent on MPIDR_EL1.MT bit. However, affinity
- * values read from GICR_TYPER don't have an MT field. To reuse the same
- * translation used for CPUs, we insert MT bit read from the PE's MPIDR into
- * that read from GICR_TYPER.
- *
- * Assumptions:
- *
- * - All CPUs implemented in the system have MPIDR_EL1.MT bit set;
- * - No CPUs implemented in the system use affinity level 3.
- */
-static unsigned int fvp_gicv3_mpidr_hash(u_register_t mpidr)
-{
- u_register_t temp_mpidr = mpidr;
-
- temp_mpidr |= (read_mpidr_el1() & MPIDR_MT_MASK);
- return plat_arm_calc_core_pos(temp_mpidr);
-}
-
-
-static gicv3_driver_data_t fvp_gic_data = {
- .rdistif_num = PLATFORM_CORE_COUNT,
- .rdistif_base_addrs = fvp_rdistif_base_addrs,
- .mpidr_to_core_pos = fvp_gicv3_mpidr_hash
-};
+extern gicv3_driver_data_t gic_data;
/******************************************************************************
* This function gets called per core to make its redistributor frame rw
@@ -97,78 +61,41 @@
#endif /* FVP_GICR_REGION_PROTECTION */
}
-void plat_arm_gic_driver_init(void)
+void fvp_pcpu_init(void)
{
fvp_gicv3_make_rdistrif_rw();
+}
+
+void fvp_gic_driver_pre_init(void)
+{
+/* FCONF won't be used in these cases, so we couldn't do this */
+#if !(BL2_AT_EL3 || RESET_TO_BL31 || RESET_TO_SP_MIN || RESET_TO_BL2)
/*
* Get GICD and GICR base addressed through FCONF APIs.
* FCONF is not supported in BL32 for FVP.
*/
#if (!defined(__aarch64__) && defined(IMAGE_BL32)) || \
(defined(__aarch64__) && defined(IMAGE_BL31))
- fvp_gic_data.gicd_base = (uintptr_t)FCONF_GET_PROPERTY(hw_config,
+ gic_data.gicd_base = (uintptr_t)FCONF_GET_PROPERTY(hw_config,
gicv3_config,
gicd_base);
fvp_gicr_base_addrs[0] = FCONF_GET_PROPERTY(hw_config, gicv3_config,
gicr_base);
#if SEC_INT_DESC_IN_FCONF
- fvp_gic_data.interrupt_props = FCONF_GET_PROPERTY(hw_config,
+ gic_data.interrupt_props = FCONF_GET_PROPERTY(hw_config,
sec_intr_prop, descriptor);
- fvp_gic_data.interrupt_props_num = FCONF_GET_PROPERTY(hw_config,
+ gic_data.interrupt_props_num = FCONF_GET_PROPERTY(hw_config,
sec_intr_prop, count);
#else
- fvp_gic_data.interrupt_props = fvp_interrupt_props;
- fvp_gic_data.interrupt_props_num = ARRAY_SIZE(fvp_interrupt_props);
+ gic_data.interrupt_props = fvp_interrupt_props;
+ gic_data.interrupt_props_num = ARRAY_SIZE(fvp_interrupt_props);
#endif
#else
- fvp_gic_data.gicd_base = PLAT_ARM_GICD_BASE;
+ gic_data.gicd_base = PLAT_ARM_GICD_BASE;
fvp_gicr_base_addrs[0] = PLAT_ARM_GICR_BASE;
- fvp_gic_data.interrupt_props = fvp_interrupt_props;
- fvp_gic_data.interrupt_props_num = ARRAY_SIZE(fvp_interrupt_props);
+ gic_data.interrupt_props = fvp_interrupt_props;
+ gic_data.interrupt_props_num = ARRAY_SIZE(fvp_interrupt_props);
#endif
-
- /*
- * The GICv3 driver is initialized in EL3 and does not need
- * to be initialized again in SEL1. This is because the S-EL1
- * can use GIC system registers to manage interrupts and does
- * not need GIC interface base addresses to be configured.
- */
-
-#if (!defined(__aarch64__) && defined(IMAGE_BL32)) || \
- (defined(__aarch64__) && defined(IMAGE_BL31))
- gicv3_driver_init(&fvp_gic_data);
- if (gicv3_rdistif_probe((uintptr_t)fvp_gicr_base_addrs[0]) == -1) {
- ERROR("No GICR base frame found for Primary CPU\n");
- panic();
- }
-#endif
-}
-
-/******************************************************************************
- * Function to iterate over all GICR frames and discover the corresponding
- * per-cpu redistributor frame as well as initialize the corresponding
- * interface in GICv3.
- *****************************************************************************/
-void plat_arm_gic_pcpu_init(void)
-{
- int result;
- const uint64_t *plat_gicr_frames = fvp_gicr_frames;
-
- fvp_gicv3_make_rdistrif_rw();
-
- do {
- result = gicv3_rdistif_probe(*plat_gicr_frames);
-
- /* If the probe is successful, no need to proceed further */
- if (result == 0)
- break;
-
- plat_gicr_frames++;
- } while (*plat_gicr_frames != 0U);
-
- if (result == -1) {
- ERROR("No GICR base frame found for CPU 0x%lx\n", read_mpidr());
- panic();
- }
- gicv3_rdistif_init(plat_my_core_pos());
+ plat_arm_override_gicr_frames(fvp_gicr_base_addrs);
+#endif /* !(BL2_AT_EL3 || RESET_TO_BL31 || RESET_TO_SP_MIN || RESET_TO_BL2) */
}
diff --git a/plat/arm/board/fvp/fvp_ide_keymgmt.c b/plat/arm/board/fvp/fvp_ide_keymgmt.c
new file mode 100644
index 0000000..ff05351
--- /dev/null
+++ b/plat/arm/board/fvp/fvp_ide_keymgmt.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <errno.h>
+#include <string.h>
+
+#include <plat/common/platform.h>
+
+int plat_rmmd_el3_ide_key_program(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info,
+ rp_ide_key_info_t *ide_key_info_ptr, uint64_t request_id,
+ uint64_t cookie)
+{
+ /* placeholder to add further implementation */
+
+ return 0;
+
+}
+
+int plat_rmmd_el3_ide_key_set_go(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie)
+{
+ /* placeholder to add further implementation */
+
+ return 0;
+
+}
+
+int plat_rmmd_el3_ide_key_set_stop(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie)
+{
+ /* placeholder to add further implementation */
+
+ return 0;
+}
+
+int plat_rmmd_el3_ide_km_pull_response(uint64_t ecam_address, uint64_t root_port_id,
+ uint64_t *req_resp, uint64_t *request,
+ uint64_t *cookie)
+{
+ /* placeholder to add further implementation */
+ return E_RMM_UNK;
+}
diff --git a/plat/arm/board/fvp/fvp_pm.c b/plat/arm/board/fvp/fvp_pm.c
index 2a0bb93..fb72105 100644
--- a/plat/arm/board/fvp/fvp_pm.c
+++ b/plat/arm/board/fvp/fvp_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -180,12 +180,6 @@
* by the cluster specific operations if applicable.
*/
- /* Prevent interrupts from spuriously waking up this cpu */
- plat_arm_gic_cpuif_disable();
-
- /* Turn redistributor off */
- plat_arm_gic_redistif_off();
-
/* Program the power controller to power off this cpu. */
fvp_pwrc_write_ppoffr(read_mpidr_el1());
@@ -220,9 +214,6 @@
/* Program the power controller to enable wakeup interrupts. */
fvp_pwrc_set_wen(mpidr);
- /* Prevent interrupts from spuriously waking up this cpu */
- plat_arm_gic_cpuif_disable();
-
/*
* The Redistributor is not powered off as it can potentially prevent
* wake up events reaching the CPUIF and/or might lead to losing
@@ -253,7 +244,6 @@
static void fvp_pwr_domain_on_finish(const psci_power_state_t *target_state)
{
fvp_power_domain_on_finish_common(target_state);
-
}
/*******************************************************************************
@@ -263,11 +253,9 @@
******************************************************************************/
static void fvp_pwr_domain_on_finish_late(const psci_power_state_t *target_state)
{
- /* Program GIC per-cpu distributor or re-distributor interface */
- plat_arm_gic_pcpu_init();
-
- /* Enable GIC CPU interface */
- plat_arm_gic_cpuif_enable();
+#if USE_GIC_DRIVER == 3
+ fvp_pcpu_init();
+#endif
}
/*******************************************************************************
@@ -287,9 +275,6 @@
return;
fvp_power_domain_on_finish_common(target_state);
-
- /* Enable GIC CPU interface */
- plat_arm_gic_cpuif_enable();
}
/*******************************************************************************
diff --git a/plat/arm/board/fvp/fvp_private.h b/plat/arm/board/fvp/fvp_private.h
index 3590370..7e53a65 100644
--- a/plat/arm/board/fvp/fvp_private.h
+++ b/plat/arm/board/fvp/fvp_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,6 +19,7 @@
void fvp_interconnect_enable(void);
void fvp_interconnect_disable(void);
void fvp_timer_init(void);
-void tsp_early_platform_setup(void);
+void fvp_pcpu_init(void);
+void fvp_gic_driver_pre_init(void);
#endif /* FVP_PRIVATE_H */
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index f5be8f2..68ff0fe 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -206,7 +206,7 @@
# define PLAT_ARM_MMAP_ENTRIES 12
# define MAX_XLAT_TABLES 6
# else
-# define PLAT_ARM_MMAP_ENTRIES 11
+# define PLAT_ARM_MMAP_ENTRIES 12
# define MAX_XLAT_TABLES 5
# endif /* (IMAGE_BL2 && ENABLE_RME) */
#else
@@ -307,9 +307,15 @@
* calculated using the current SP_MIN PROGBITS debug size plus the sizes of
* BL2 and BL1-RW
*/
+#if TRANSFER_LIST
+# define PLAT_ARM_MAX_BL32_SIZE (PLAT_ARM_TRUSTED_SRAM_SIZE - \
+ ARM_SHARED_RAM_SIZE - \
+ PLAT_ARM_FW_HANDOFF_SIZE)
+#else
# define PLAT_ARM_MAX_BL32_SIZE (PLAT_ARM_TRUSTED_SRAM_SIZE - \
ARM_SHARED_RAM_SIZE - \
ARM_FW_CONFIGS_SIZE)
+#endif /* TRANSFER_LIST */
#endif /* RESET_TO_SP_MIN */
#endif
@@ -508,8 +514,12 @@
/* Account for additional measurements of secure partitions and SPM. */
#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x800)
#else
+#if defined(IMAGE_BL1) && TRANSFER_LIST
+#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x200)
+#else
#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x400)
#endif
+#endif
/*
* Maximum size of Event Log buffer used for DRTM
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index e43d025..8e8870c 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -95,6 +95,7 @@
ifeq (${ENABLE_RME},1)
ENABLE_FEAT_MEC := 2
+ RMMD_ENABLE_IDE_KEY_PROG := 1
endif
# The FVP platform depends on this macro to build with correct GIC driver.
@@ -129,36 +130,21 @@
# Choose the GIC sources depending upon the how the FVP will be invoked
ifeq (${FVP_USE_GIC_DRIVER}, FVP_GICV3)
+USE_GIC_DRIVER := 3
# The GIC model (GIC-600 or GIC-500) will be detected at runtime
GICV3_SUPPORT_GIC600 := 1
GICV3_OVERRIDE_DISTIF_PWR_OPS := 1
-# Include GICv3 driver files
-include drivers/arm/gic/v3/gicv3.mk
-
-FVP_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c
-
- ifeq ($(filter 1,${RESET_TO_BL2} \
- ${RESET_TO_BL31} ${RESET_TO_SP_MIN}),)
- FVP_GIC_SOURCES += plat/arm/board/fvp/fvp_gicv3.c
- endif
+FVP_SECURITY_SOURCES += plat/arm/board/fvp/fvp_gicv3.c
else ifeq (${FVP_USE_GIC_DRIVER}, FVP_GICV2)
+USE_GIC_DRIVER := 2
# No GICv4 extension
GIC_ENABLE_V4_EXTN := 0
$(eval $(call add_define,GIC_ENABLE_V4_EXTN))
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-FVP_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
-
FVP_DT_PREFIX := fvp-base-gicv2-psci
else
$(error "Incorrect GIC driver chosen on FVP port")
@@ -173,7 +159,7 @@
$(error "Incorrect CCN driver chosen on FVP port")
endif
-FVP_SECURITY_SOURCES := drivers/arm/tzc/tzc400.c \
+FVP_SECURITY_SOURCES += drivers/arm/tzc/tzc400.c \
plat/arm/board/fvp/fvp_security.c \
plat/arm/common/arm_tzc400.c
@@ -302,10 +288,11 @@
BL31_SOURCES += plat/arm/board/fvp/fvp_plat_attest_token.c \
plat/arm/board/fvp/fvp_realm_attest_key.c \
- plat/arm/board/fvp/fvp_el3_token_sign.c
+ plat/arm/board/fvp/fvp_el3_token_sign.c \
+ plat/arm/board/fvp/fvp_ide_keymgmt.c
endif
-ifeq (${ENABLE_FEAT_RNG_TRAP},1)
+ifneq (${ENABLE_FEAT_RNG_TRAP},0)
BL31_SOURCES += plat/arm/board/fvp/fvp_sync_traps.c
endif
@@ -341,7 +328,6 @@
plat/arm/board/fvp/fvp_cpu_pwr.c \
plat/arm/common/arm_nor_psci_mem_protect.c \
${FVP_CPU_LIBS} \
- ${FVP_GIC_SOURCES} \
${FVP_INTERCONNECT_SOURCES} \
${FVP_SECURITY_SOURCES}
@@ -433,7 +419,6 @@
$(eval $(call TOOL_ADD_PAYLOAD,${FVP_HW_CONFIG},--hw-config,${FVP_HW_CONFIG}))
ifeq (${TRANSFER_LIST}, 1)
-include lib/transfer_list/transfer_list.mk
ifeq ($(RESET_TO_BL31), 1)
FW_HANDOFF_SIZE := 20000
diff --git a/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c b/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
index 705ec38..8c193fa 100644
--- a/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
+++ b/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,16 +14,34 @@
#include "../fvp_private.h"
+static uintptr_t hw_config __unused;
+
void plat_arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
const struct dyn_cfg_dtb_info_t *tos_fw_config_info __unused;
+ struct transfer_list_header *tl __unused;
/* Initialize the console to provide early debug support */
arm_console_boot_init();
-#if !RESET_TO_SP_MIN && !RESET_TO_BL2
+#if TRANSFER_LIST
+ /*
+ * Register usage at function entry:
+ * r0 - Reserved (must be zero)
+ * r1 - Register convention and TL signature
+ * r2 - Pointer to the FDT located within the TL
+ * r3 - Base address of the TL
+ *
+ * Initialize TL pointer from r3 and validate that the FDT pointer (arg2)
+ * lies within the bounds of the Transfer List memory region.
+ */
+ tl = (struct transfer_list_header *)arg3;
+ assert(arg2 > (uintptr_t)tl && arg2 < (uintptr_t)tl + tl->size);
+ hw_config = (uintptr_t)arg2;
+#else
+#if !RESET_TO_SP_MIN && !RESET_TO_BL2
INFO("SP_MIN FCONF: FW_CONFIG address = %lx\n", (uintptr_t)arg1);
/* Fill the properties struct with the info from the config dtb */
fconf_populate("FW_CONFIG", arg1);
@@ -33,8 +51,9 @@
arg1 = tos_fw_config_info->config_addr;
}
#endif /* !RESET_TO_SP_MIN && !RESET_TO_BL2 */
+#endif /* TRANSFER_LIST */
- arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_sp_min_early_platform_setup(arg0, arg1, arg2, arg3);
/* Initialize the platform config for future decision making */
fvp_config_setup();
@@ -75,7 +94,10 @@
* TODO: remove the ARM_XLAT_TABLES_LIB_V1 check when its support
* gets deprecated.
*/
-#if !RESET_TO_SP_MIN && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1
+#if TRANSFER_LIST
+ INFO("SP_MIN FCONF: HW_CONFIG address = %p\n", (void *)hw_config);
+ fconf_populate("HW_CONFIG", hw_config);
+#elif !RESET_TO_SP_MIN && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1
hw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, HW_CONFIG_ID);
assert(hw_config_info != NULL);
assert(hw_config_info->config_addr != 0UL);
@@ -118,5 +140,6 @@
rc);
panic();
}
-#endif /*!RESET_TO_SP_MIN && !RESET_TO_BL2 && !ARM_XLAT_TABLES_LIB_V1*/
+
+#endif /* TRANSFER_LIST */
}
diff --git a/plat/arm/board/fvp/sp_min/sp_min-fvp.mk b/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
index 4ddba6f..0328864 100644
--- a/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
+++ b/plat/arm/board/fvp/sp_min/sp_min-fvp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -17,7 +17,7 @@
plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c \
plat/arm/common/arm_nor_psci_mem_protect.c \
${FVP_CPU_LIBS} \
- ${FVP_GIC_SOURCES} \
+ ${GIC_SOURCES} \
${FVP_INTERCONNECT_SOURCES} \
${FVP_SECURITY_SOURCES}
diff --git a/plat/arm/board/fvp/trp/test_ide_km_interface.c b/plat/arm/board/fvp/trp/test_ide_km_interface.c
new file mode 100644
index 0000000..2a1f0e2
--- /dev/null
+++ b/plat/arm/board/fvp/trp/test_ide_km_interface.c
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2025, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <plat/common/platform.h>
+#include <services/trp/platform_trp.h>
+
+#include <platform_def.h>
+
+/*
+ * Helper function for ecam address and root port ID
+ *
+ */
+uint64_t trp_get_test_rootport(uint64_t *ecam_address, uint64_t *rp_id)
+{
+
+ *ecam_address = 0xE001C000;
+ *rp_id = 0x001C0001;
+
+ return 0;
+}
+
diff --git a/plat/arm/board/fvp/trp/trp-fvp.mk b/plat/arm/board/fvp/trp/trp-fvp.mk
index a450541..3c1b96b 100644
--- a/plat/arm/board/fvp/trp/trp-fvp.mk
+++ b/plat/arm/board/fvp/trp/trp-fvp.mk
@@ -6,7 +6,8 @@
# TRP source files specific to FVP platform
-RMM_SOURCES += plat/arm/board/fvp/aarch64/fvp_helpers.S
+RMM_SOURCES += plat/arm/board/fvp/aarch64/fvp_helpers.S \
+ plat/arm/board/fvp/trp/test_ide_km_interface.c
include plat/arm/common/trp/arm_trp.mk
diff --git a/plat/arm/board/fvp/tsp/fvp_tsp_setup.c b/plat/arm/board/fvp/tsp/fvp_tsp_setup.c
index 3c8a963..53a84c6 100644
--- a/plat/arm/board/fvp/tsp/fvp_tsp_setup.c
+++ b/plat/arm/board/fvp/tsp/fvp_tsp_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,9 +8,10 @@
#include "../fvp_private.h"
-void tsp_early_platform_setup(void)
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
- arm_tsp_early_platform_setup();
+ arm_tsp_early_platform_setup(arg0, arg1, arg2, arg3);
/* Initialize the platform config for future decision making */
fvp_config_setup();
diff --git a/plat/arm/board/fvp/tsp/tsp-fvp.mk b/plat/arm/board/fvp/tsp/tsp-fvp.mk
index ab3f225..8557ec1 100644
--- a/plat/arm/board/fvp/tsp/tsp-fvp.mk
+++ b/plat/arm/board/fvp/tsp/tsp-fvp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -9,6 +9,6 @@
plat/arm/board/fvp/aarch64/fvp_helpers.S \
plat/arm/board/fvp/fvp_topology.c \
plat/arm/board/fvp/tsp/fvp_tsp_setup.c \
- ${FVP_GIC_SOURCES}
+ ${GIC_SOURCES}
include plat/arm/common/tsp/arm_tsp.mk
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c
deleted file mode 100644
index 820470b..0000000
--- a/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include "../../../../bl1/bl1_private.h"
-#include <arch.h>
-
-#include <fvp_r_arch_helpers.h>
-
-/*******************************************************************************
- * Function that does the first bit of architectural setup that affects
- * execution in the non-secure address space.
- ******************************************************************************/
-void bl1_arch_setup(void)
-{
- /* v8-R64 does not include SCRs. */
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S b/plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S
deleted file mode 100644
index 15f4c43..0000000
--- a/plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <common/bl_common.h>
-#include <el2_common_macros.S>
-#include <lib/xlat_mpu/xlat_mpu.h>
-
- .globl bl1_entrypoint
- .globl bl1_run_next_image
-
-
- /* -----------------------------------------------------
- * bl1_entrypoint() is the entry point into the trusted
- * firmware code when a cpu is released from warm or
- * cold reset.
- * -----------------------------------------------------
- */
-
-func bl1_entrypoint
- /* ---------------------------------------------------------------------
- * If the reset address is programmable then bl1_entrypoint() is
- * executed only on the cold boot path. Therefore, we can skip the warm
- * boot mailbox mechanism.
- * ---------------------------------------------------------------------
- */
- el2_entrypoint_common \
- _init_sctlr=1 \
- _warm_boot_mailbox=!PROGRAMMABLE_RESET_ADDRESS \
- _secondary_cold_boot=!COLD_BOOT_SINGLE_CPU \
- _init_memory=1 \
- _init_c_runtime=1 \
- _exception_vectors=bl1_exceptions \
- _pie_fixup_size=0
-
- /* --------------------------------------------------------------------
- * Perform BL1 setup
- * --------------------------------------------------------------------
- */
- bl bl1_setup
-
- /* --------------------------------------------------------------------
- * Initialize platform and jump to our c-entry point
- * for this type of reset.
- * --------------------------------------------------------------------
- */
- bl bl1_main
-
- /* ---------------------------------------------
- * Should never reach this point.
- * ---------------------------------------------
- */
- no_ret plat_panic_handler
-endfunc bl1_entrypoint
-
-func bl1_run_next_image
- mov x20,x0
-
- /* ---------------------------------------------
- * MPU needs to be disabled because both BL1 and BL33 execute
- * in EL2, and therefore share the same address space.
- * BL33 will initialize the address space according to its
- * own requirement.
- * ---------------------------------------------
- */
- bl disable_mpu_icache_el2
-
- /* ---------------------------------------------
- * Wipe clean and disable all MPU regions. This function expects
- * that the MPU has already been turned off, and caching concerns
- * addressed, but it also explicitly turns off the MPU.
- * ---------------------------------------------
- */
- bl clear_all_mpu_regions
-
- /* --------------------------------------------------
- * Do the transition to next boot image.
- * --------------------------------------------------
- */
- ldp x0, x1, [x20, #ENTRY_POINT_INFO_PC_OFFSET]
- msr elr_el2, x0
- msr spsr_el2, x1
-
- ldp x6, x7, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x30)]
- ldp x4, x5, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x20)]
- ldp x2, x3, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x10)]
- ldp x0, x1, [x20, #(ENTRY_POINT_INFO_ARGS_OFFSET + 0x0)]
- exception_return
-endfunc bl1_run_next_image
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S b/plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S
deleted file mode 100644
index 43c2e01..0000000
--- a/plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <bl1/bl1.h>
-#include <common/bl_common.h>
-#include <context.h>
-
-/* -----------------------------------------------------------------------------
- * File contains an EL2 equivalent of the EL3 vector table from:
- * .../bl1/aarch64/bl1_exceptions.S
- * -----------------------------------------------------------------------------
- */
-
-/* -----------------------------------------------------------------------------
- * Very simple stackless exception handlers used by BL1.
- * -----------------------------------------------------------------------------
- */
- .globl bl1_exceptions
-
-vector_base bl1_exceptions
-
- /* -----------------------------------------------------
- * Current EL with SP0 : 0x0 - 0x200
- * -----------------------------------------------------
- */
-vector_entry SynchronousExceptionSP0
- mov x0, #SYNC_EXCEPTION_SP_EL0
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry SynchronousExceptionSP0
-
-vector_entry IrqSP0
- mov x0, #IRQ_SP_EL0
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry IrqSP0
-
-vector_entry FiqSP0
- mov x0, #FIQ_SP_EL0
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry FiqSP0
-
-vector_entry SErrorSP0
- mov x0, #SERROR_SP_EL0
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry SErrorSP0
-
- /* -----------------------------------------------------
- * Current EL with SPx: 0x200 - 0x400
- * -----------------------------------------------------
- */
-vector_entry SynchronousExceptionSPx
- mov x0, #SYNC_EXCEPTION_SP_ELX
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry SynchronousExceptionSPx
-
-vector_entry IrqSPx
- mov x0, #IRQ_SP_ELX
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry IrqSPx
-
-vector_entry FiqSPx
- mov x0, #FIQ_SP_ELX
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry FiqSPx
-
-vector_entry SErrorSPx
- mov x0, #SERROR_SP_ELX
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry SErrorSPx
-
- /* -----------------------------------------------------
- * Lower EL using AArch64 : 0x400 - 0x600
- * -----------------------------------------------------
- */
-vector_entry SynchronousExceptionA64
- /* The current v8-R64 implementation does not support conduit calls */
- b el2_panic
-end_vector_entry SynchronousExceptionA64
-
-vector_entry IrqA64
- mov x0, #IRQ_AARCH64
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry IrqA64
-
-vector_entry FiqA64
- mov x0, #FIQ_AARCH64
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry FiqA64
-
-vector_entry SErrorA64
- mov x0, #SERROR_AARCH64
- bl plat_report_exception
- no_ret plat_panic_handler
-end_vector_entry SErrorA64
-
-
-unexpected_sync_exception:
- mov x0, #SYNC_EXCEPTION_AARCH64
- bl plat_report_exception
- no_ret plat_panic_handler
-
- /* -----------------------------------------------------
- * Save Secure/Normal world context and jump to
- * BL1 SMC handler.
- * -----------------------------------------------------
- */
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_main.c b/plat/arm/board/fvp_r/fvp_r_bl1_main.c
deleted file mode 100644
index 6fe2b5b..0000000
--- a/plat/arm/board/fvp_r/fvp_r_bl1_main.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include "../../../../bl1/bl1_private.h"
-#include <arch.h>
-#include <arch_features.h>
-#include <arch_helpers.h>
-#include <bl1/bl1.h>
-#include <common/bl_common.h>
-#include <common/build_message.h>
-#include <common/debug.h>
-#include <drivers/auth/auth_mod.h>
-#include <drivers/console.h>
-#include <lib/cpus/errata.h>
-#include <lib/utils.h>
-#include <smccc_helpers.h>
-#include <tools_share/uuid.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-
-#include <platform_def.h>
-
-
-void cm_prepare_el2_exit(void);
-
-void bl1_run_next_image(const struct entry_point_info *bl_ep_info);
-
-/*******************************************************************************
- * Function to perform late architectural and platform specific initialization.
- * It also queries the platform to load and run next BL image. Only called
- * by the primary cpu after a cold boot.
- ******************************************************************************/
-void bl1_transfer_bl33(void)
-{
- unsigned int image_id;
-
- /* Get the image id of next image to load and run. */
- image_id = bl1_plat_get_next_image_id();
-
-#if !ARM_DISABLE_TRUSTED_WDOG
- /* Disable watchdog before leaving BL1 */
- plat_arm_secure_wdt_stop();
-#endif
-
- bl1_run_next_image(&bl1_plat_get_image_desc(image_id)->ep_info);
-}
-
-/*******************************************************************************
- * This function locates and loads the BL33 raw binary image in the trusted SRAM.
- * Called by the primary cpu after a cold boot.
- * TODO: Add support for alternative image load mechanism e.g using virtio/elf
- * loader etc.
- ******************************************************************************/
-void bl1_load_bl33(void)
-{
- image_desc_t *desc;
- image_info_t *info;
- int err;
-
- /* Get the image descriptor */
- desc = bl1_plat_get_image_desc(BL33_IMAGE_ID);
- assert(desc != NULL);
-
- /* Get the image info */
- info = &desc->image_info;
- INFO("BL1: Loading BL33\n");
-
- err = bl1_plat_handle_pre_image_load(BL33_IMAGE_ID);
- if (err != 0) {
- ERROR("Failure in pre image load handling of BL33 (%d)\n", err);
- plat_error_handler(err);
- }
-
- err = load_auth_image(BL33_IMAGE_ID, info);
- if (err != 0) {
- ERROR("Failed to load BL33 firmware.\n");
- plat_error_handler(err);
- }
-
- /* Allow platform to handle image information. */
- err = bl1_plat_handle_post_image_load(BL33_IMAGE_ID);
- if (err != 0) {
- ERROR("Failure in post image load handling of BL33 (%d)\n", err);
- plat_error_handler(err);
- }
-
- NOTICE("BL1: Booting BL33\n");
-}
-
-/*******************************************************************************
- * This function prepares for entry to BL33
- ******************************************************************************/
-void bl1_prepare_next_image(unsigned int image_id)
-{
- unsigned int mode = MODE_EL1;
- image_desc_t *desc;
- entry_point_info_t *next_bl_ep;
-
-#if CTX_INCLUDE_AARCH32_REGS
- /*
- * Ensure that the build flag to save AArch32 system registers in CPU
- * context is not set for AArch64-only platforms.
- */
- if (el_implemented(1) == EL_IMPL_A64ONLY) {
- ERROR("EL1 supports AArch64-only. Please set build flag %s",
- "CTX_INCLUDE_AARCH32_REGS = 0\n");
- panic();
- }
-#endif
-
- /* Get the image descriptor. */
- desc = bl1_plat_get_image_desc(image_id);
- assert(desc != NULL);
-
- /* Get the entry point info. */
- next_bl_ep = &desc->ep_info;
-
- /* FVP-R is only secure */
- assert(GET_SECURITY_STATE(next_bl_ep->h.attr) == SECURE);
-
- /* Prepare the SPSR for the next BL image. */
- next_bl_ep->spsr = (uint32_t)SPSR_64((uint64_t) mode,
- (uint64_t)MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS);
-
- /* Allow platform to make change */
- bl1_plat_set_ep_info(image_id, next_bl_ep);
-
- /* Prepare context for the next EL */
- cm_prepare_el2_exit();
-
- /* Indicate that image is in execution state. */
- desc->state = IMAGE_STATE_EXECUTED;
-
- print_entry_point_info(next_bl_ep);
-}
-
-/*******************************************************************************
- * Setup function for BL1.
- ******************************************************************************/
-void bl1_setup(void)
-{
- /* Perform early platform-specific setup */
- bl1_early_platform_setup();
-
- /* Perform late platform-specific setup */
- bl1_plat_arch_setup();
-}
-
-/*******************************************************************************
- * Function to perform late architectural and platform specific initialization.
- * It also queries the platform to load and run next BL image. Only called
- * by the primary cpu after a cold boot.
- ******************************************************************************/
-void bl1_main(void)
-{
- unsigned int image_id;
-
- /* Announce our arrival */
- NOTICE(FIRMWARE_WELCOME_STR);
- NOTICE("BL1: %s\n", build_version_string);
- NOTICE("BL1: %s\n", build_message);
-
- INFO("BL1: RAM %p - %p\n", (void *)BL1_RAM_BASE, (void *)BL1_RAM_LIMIT);
-
- print_errata_status();
-
-#if ENABLE_ASSERTIONS
- u_register_t val;
- /*
- * Ensure that MMU/Caches and coherency are turned on
- */
- val = read_sctlr_el2();
-
- assert((val & SCTLR_M_BIT) != 0U);
- assert((val & SCTLR_C_BIT) != 0U);
- assert((val & SCTLR_I_BIT) != 0U);
- /*
- * Check that Cache Writeback Granule (CWG) in CTR_EL0 matches the
- * provided platform value
- */
- val = (read_ctr_el0() >> CTR_CWG_SHIFT) & CTR_CWG_MASK;
- /*
- * If CWG is zero, then no CWG information is available but we can
- * at least check the platform value is less than the architectural
- * maximum.
- */
- if (val != 0) {
- assert(SIZE_FROM_LOG2_WORDS(val) == CACHE_WRITEBACK_GRANULE);
- } else {
- assert(MAX_CACHE_LINE_SIZE >= CACHE_WRITEBACK_GRANULE);
- }
-#endif /* ENABLE_ASSERTIONS */
-
- /* Perform remaining generic architectural setup from ELmax */
- bl1_arch_setup();
-
-#if TRUSTED_BOARD_BOOT
- /* Initialize authentication module */
- auth_mod_init();
-#endif /* TRUSTED_BOARD_BOOT */
-
- /* Perform platform setup in BL1. */
- bl1_platform_setup();
-
- /* Get the image id of next image to load and run. */
- image_id = bl1_plat_get_next_image_id();
-
- /*
- * We currently interpret any image id other than
- * BL2_IMAGE_ID as the start of firmware update.
- */
- if (image_id == BL33_IMAGE_ID) {
- bl1_load_bl33();
- } else {
- NOTICE("BL1-FWU: *******FWU Process Started*******\n");
- }
-
- bl1_prepare_next_image(image_id);
-
- console_flush();
-
- bl1_transfer_bl33();
-}
-
-/*******************************************************************************
- * Function called just before handing over to the next BL to inform the user
- * about the boot progress. In debug mode, also print details about the BL
- * image's execution context.
- ******************************************************************************/
-void bl1_print_next_bl_ep_info(const entry_point_info_t *bl_ep_info)
-{
- NOTICE("BL1: Booting BL31\n");
- print_entry_point_info(bl_ep_info);
-}
-
-#if SPIN_ON_BL1_EXIT
-void print_debug_loop_message(void)
-{
- NOTICE("BL1: Debug loop, spinning forever\n");
- NOTICE("BL1: Please connect the debugger to continue\n");
-}
-#endif
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
deleted file mode 100644
index dcf5e04..0000000
--- a/plat/arm/board/fvp_r/fvp_r_bl1_setup.c
+++ /dev/null
@@ -1,245 +0,0 @@
-/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/* Use the xlat_tables_v2 data structures: */
-#define XLAT_TABLES_LIB_V2 1
-
-#include <assert.h>
-
-#include <bl1/bl1.h>
-#include <common/tbbr/tbbr_img_def.h>
-#include <drivers/arm/sp805.h>
-#include <lib/fconf/fconf.h>
-#include <lib/fconf/fconf_dyn_cfg_getter.h>
-#include <lib/xlat_mpu/xlat_mpu.h>
-
-#include "fvp_r_private.h"
-#include <plat/arm/common/arm_config.h>
-#include <plat/arm/common/arm_def.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-#include <platform_def.h>
-
-#define MAP_BL1_TOTAL MAP_REGION_FLAT( \
- bl1_tzram_layout.total_base, \
- bl1_tzram_layout.total_size, \
- MT_MEMORY | MT_RW | MT_SECURE)
-/*
- * If SEPARATE_CODE_AND_RODATA=1 we define a region for each section
- * otherwise one region is defined containing both
- */
-#if SEPARATE_CODE_AND_RODATA
-#define MAP_BL1_RO MAP_REGION_FLAT( \
- BL_CODE_BASE, \
- BL1_CODE_END - BL_CODE_BASE, \
- MT_CODE | MT_SECURE), \
- MAP_REGION_FLAT( \
- BL1_RO_DATA_BASE, \
- BL1_RO_DATA_END \
- - BL_RO_DATA_BASE, \
- MT_RO_DATA | MT_SECURE)
-#else
-#define MAP_BL1_RO MAP_REGION_FLAT( \
- BL_CODE_BASE, \
- BL1_CODE_END - BL_CODE_BASE, \
- MT_CODE | MT_SECURE)
-#endif
-
-/* Data structure which holds the extents of the trusted SRAM for BL1*/
-static meminfo_t bl1_tzram_layout;
-
-struct meminfo *bl1_plat_sec_mem_layout(void)
-{
- return &bl1_tzram_layout;
-}
-
-void arm_bl1_early_platform_setup(void)
-{
-
-#if !ARM_DISABLE_TRUSTED_WDOG
- /* Enable watchdog */
- plat_arm_secure_wdt_start();
-#endif
-
- /* Initialize the console to provide early debug support */
- arm_console_boot_init();
-
- /* Allow BL1 to see the whole Trusted RAM */
- bl1_tzram_layout.total_base = ARM_BL_RAM_BASE;
- bl1_tzram_layout.total_size = ARM_BL_RAM_SIZE;
-}
-
-/* Boolean variable to hold condition whether firmware update needed or not */
-static bool is_fwu_needed;
-
-/*******************************************************************************
- * Perform any BL1 specific platform actions.
- ******************************************************************************/
-void bl1_early_platform_setup(void)
-{
- arm_bl1_early_platform_setup();
-
- /* Initialize the platform config for future decision making */
- fvp_config_setup();
-
- /*
- * Initialize Interconnect for this cluster during cold boot.
- * No need for locks as no other CPU is active.
- */
- fvp_interconnect_init();
- /*
- * Enable coherency in Interconnect for the primary CPU's cluster.
- */
- fvp_interconnect_enable();
-}
-
-void arm_bl1_plat_arch_setup(void)
-{
- const mmap_region_t bl_regions[] = {
- MAP_BL1_TOTAL,
- MAP_BL1_RO,
-#if USE_ROMLIB
- ARM_MAP_ROMLIB_CODE,
- ARM_MAP_ROMLIB_DATA,
-#endif
- /* DRAM1_region: */
- MAP_REGION_FLAT(
- PLAT_ARM_DRAM1_BASE,
- PLAT_ARM_DRAM1_SIZE,
- MT_MEMORY | MT_SECURE | MT_EXECUTE
- | MT_RW | MT_NON_CACHEABLE),
- /* NULL terminator: */
- {0}
- };
-
- setup_page_tables(bl_regions, plat_arm_get_mmap());
- enable_mpu_el2(0);
-
- arm_setup_romlib();
-}
-
-void plat_arm_secure_wdt_start(void)
-{
- sp805_start(ARM_SP805_TWDG_BASE, ARM_TWDG_LOAD_VAL);
-}
-
-void plat_arm_secure_wdt_stop(void)
-{
- sp805_stop(ARM_SP805_TWDG_BASE);
-}
-
-/*
- * Perform the platform specific architecture setup shared between
- * ARM standard platforms.
- */
-void arm_bl1_platform_setup(void)
-{
- uint32_t fw_config_max_size;
-
- /* Initialise the IO layer and register platform IO devices */
- plat_arm_io_setup();
-
- /* Check if we need FWU before further processing */
- is_fwu_needed = plat_arm_bl1_fwu_needed();
- if (is_fwu_needed) {
- ERROR("Skip platform setup as FWU detected\n");
- return;
- }
-
- /* Set global DTB info for fixed fw_config information */
- fw_config_max_size = ARM_FW_CONFIG_LIMIT - ARM_FW_CONFIG_BASE;
- set_config_info(ARM_FW_CONFIG_BASE, ~0UL, fw_config_max_size,
- FW_CONFIG_ID);
-
- assert(bl1_plat_get_image_desc(BL33_IMAGE_ID) != NULL);
-
- /*
- * Allow access to the System counter timer module and program
- * counter frequency for non secure images during FWU
- */
-#ifdef ARM_SYS_TIMCTL_BASE
- arm_configure_sys_timer();
-#endif
-#if (ARM_ARCH_MAJOR > 7) || defined(ARMV7_SUPPORTS_GENERIC_TIMER)
- write_cntfrq_el0(plat_get_syscnt_freq2());
-#endif
-}
-
-void bl1_platform_setup(void)
-{
- arm_bl1_platform_setup();
-
- /* Initialize System level generic or SP804 timer */
- fvp_timer_init();
-}
-
-__dead2 void bl1_plat_fwu_done(void *client_cookie, void *reserved)
-{
- /* Setup the watchdog to reset the system as soon as possible */
- sp805_refresh(ARM_SP805_TWDG_BASE, 1U);
-
- while (true) {
- wfi();
- }
-}
-
-unsigned int bl1_plat_get_next_image_id(void)
-{
- return is_fwu_needed ? NS_BL1U_IMAGE_ID : BL33_IMAGE_ID;
-}
-
-/*
- * Returns BL33 image details.
- */
-struct image_desc *bl1_plat_get_image_desc(unsigned int image_id)
-{
- static image_desc_t bl33_img_desc = BL33_IMAGE_DESC;
-
- return &bl33_img_desc;
-}
-
-/*
- * This function populates the default arguments to BL33.
- * The BL33 memory layout structure is allocated and the
- * calculated layout is populated in arg1 to BL33.
- */
-int bl1_plat_handle_post_image_load(unsigned int image_id)
-{
- meminfo_t *bl33_secram_layout;
- meminfo_t *bl1_secram_layout;
- image_desc_t *image_desc;
- entry_point_info_t *ep_info;
-
- if (image_id != BL33_IMAGE_ID) {
- return 0;
- }
- /* Get the image descriptor */
- image_desc = bl1_plat_get_image_desc(BL33_IMAGE_ID);
- assert(image_desc != NULL);
-
- /* Get the entry point info */
- ep_info = &image_desc->ep_info;
-
- /* Find out how much free trusted ram remains after BL1 load */
- bl1_secram_layout = bl1_plat_sec_mem_layout();
-
- /*
- * Create a new layout of memory for BL33 as seen by BL1 i.e.
- * tell it the amount of total and free memory available.
- * This layout is created at the first free address visible
- * to BL33. BL33 will read the memory layout before using its
- * memory for other purposes.
- */
- bl33_secram_layout = (meminfo_t *) bl1_secram_layout->total_base;
-
- bl1_plat_calc_bl2_layout(bl1_secram_layout, bl33_secram_layout);
-
- ep_info->args.arg1 = (uintptr_t)bl33_secram_layout;
-
- VERBOSE("BL1: BL3 memory layout address = %p\n",
- (void *) bl33_secram_layout);
- return 0;
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_common.c b/plat/arm/board/fvp_r/fvp_r_common.c
deleted file mode 100644
index edcf658..0000000
--- a/plat/arm/board/fvp_r/fvp_r_common.c
+++ /dev/null
@@ -1,289 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/* This uses xlat_mpu, but tables are set up using V2 mmap_region_t */
-#define XLAT_TABLES_LIB_V2 1
-
-#include <assert.h>
-#include <common/debug.h>
-
-#include <drivers/arm/cci.h>
-#include <drivers/arm/gicv2.h>
-#include <drivers/arm/sp804_delay_timer.h>
-#include <drivers/generic_delay_timer.h>
-#include <lib/mmio.h>
-#include <lib/smccc.h>
-#include <lib/xlat_tables/xlat_tables_compat.h>
-#include <services/arm_arch_svc.h>
-
-#include "fvp_r_private.h"
-#include <plat/arm/common/arm_config.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-#include <platform_def.h>
-
-
-/* Defines for GIC Driver build time selection */
-#define FVP_R_GICV3 2
-
-/*******************************************************************************
- * arm_config holds the characteristics of the differences between the FVP_R
- * platforms. It will be populated during cold boot at each boot stage by the
- * primary before enabling the MPU (to allow interconnect configuration) &
- * used thereafter. Each BL will have its own copy to allow independent
- * operation.
- ******************************************************************************/
-arm_config_t arm_config;
-
-#define MAP_DEVICE0 MAP_REGION_FLAT(DEVICE0_BASE, \
- DEVICE0_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
-
-#define MAP_DEVICE1 MAP_REGION_FLAT(DEVICE1_BASE, \
- DEVICE1_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
-
-/*
- * Need to be mapped with write permissions in order to set a new non-volatile
- * counter value.
- */
-#define MAP_DEVICE2 MAP_REGION_FLAT(DEVICE2_BASE, \
- DEVICE2_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
-
-/*
- * Table of memory regions for various BL stages to map using the MPU.
- * This doesn't include Trusted SRAM as setup_page_tables() already takes care
- * of mapping it.
- *
- * The flash needs to be mapped as writable in order to erase the FIP's Table of
- * Contents in case of unrecoverable error (see plat_error_handler()).
- */
-#ifdef IMAGE_BL1
-const mmap_region_t plat_arm_mmap[] = {
- ARM_MAP_SHARED_RAM,
- V2M_MAP_FLASH0_RW,
- V2M_MAP_IOFPGA,
- MAP_DEVICE0,
- MAP_DEVICE1,
-#if TRUSTED_BOARD_BOOT
- /* To access the Root of Trust Public Key registers. */
- MAP_DEVICE2,
-#endif
- {0}
-};
-#endif
-
-ARM_CASSERT_MMAP
-
-static const int fvp_cci400_map[] = {
- PLAT_FVP_R_CCI400_CLUS0_SL_PORT,
- PLAT_FVP_R_CCI400_CLUS1_SL_PORT,
-};
-
-static const int fvp_cci5xx_map[] = {
- PLAT_FVP_R_CCI5XX_CLUS0_SL_PORT,
- PLAT_FVP_R_CCI5XX_CLUS1_SL_PORT,
-};
-
-static unsigned int get_interconnect_master(void)
-{
- unsigned int master;
- u_register_t mpidr;
-
- mpidr = read_mpidr_el1();
- master = ((arm_config.flags & ARM_CONFIG_FVP_SHIFTED_AFF) != 0U) ?
- MPIDR_AFFLVL2_VAL(mpidr) : MPIDR_AFFLVL1_VAL(mpidr);
-
- assert(master < FVP_R_CLUSTER_COUNT);
- return master;
-}
-
-/*******************************************************************************
- * Initialize the platform config for future decision making
- ******************************************************************************/
-void __init fvp_config_setup(void)
-{
- unsigned int rev, hbi, bld, arch, sys_id;
-
- arm_config.flags |= ARM_CONFIG_BASE_MMAP;
- sys_id = mmio_read_32(V2M_FVP_R_SYSREGS_BASE + V2M_SYS_ID);
- rev = (sys_id >> V2M_SYS_ID_REV_SHIFT) & V2M_SYS_ID_REV_MASK;
- hbi = (sys_id >> V2M_SYS_ID_HBI_SHIFT) & V2M_SYS_ID_HBI_MASK;
- bld = (sys_id >> V2M_SYS_ID_BLD_SHIFT) & V2M_SYS_ID_BLD_MASK;
- arch = (sys_id >> V2M_SYS_ID_ARCH_SHIFT) & V2M_SYS_ID_ARCH_MASK;
-
- if (arch != ARCH_MODEL) {
- ERROR("This firmware is for FVP_R models\n");
- panic();
- }
-
- /*
- * The build field in the SYS_ID tells which variant of the GIC
- * memory is implemented by the model.
- */
- switch (bld) {
- case BLD_GIC_VE_MMAP:
- ERROR("Legacy Versatile Express memory map for GIC %s",
- "peripheral is not supported\n");
- panic();
- break;
- case BLD_GIC_A53A57_MMAP:
- break;
- default:
- ERROR("Unsupported board build %x\n", bld);
- panic();
- }
-
- /*
- * The hbi field in the SYS_ID is 0x020 for the Base FVP_R & 0x010
- * for the Foundation FVP_R.
- */
- switch (hbi) {
- case HBI_FOUNDATION_FVP_R:
- arm_config.flags = 0;
-
- /*
- * Check for supported revisions of Foundation FVP_R
- * Allow future revisions to run but emit warning diagnostic
- */
- switch (rev) {
- case REV_FOUNDATION_FVP_R_V2_0:
- case REV_FOUNDATION_FVP_R_V2_1:
- case REV_FOUNDATION_FVP_R_v9_1:
- case REV_FOUNDATION_FVP_R_v9_6:
- break;
- default:
- WARN("Unrecognized Foundation FVP_R revision %x\n", rev);
- break;
- }
- break;
- case HBI_BASE_FVP_R:
- arm_config.flags |= (ARM_CONFIG_BASE_MMAP | ARM_CONFIG_HAS_TZC);
-
- /*
- * Check for supported revisions
- * Allow future revisions to run but emit warning diagnostic
- */
- switch (rev) {
- case REV_BASE_FVP_R_V0:
- arm_config.flags |= ARM_CONFIG_FVP_HAS_CCI400;
- break;
- default:
- WARN("Unrecognized Base FVP_R revision %x\n", rev);
- break;
- }
- break;
- default:
- ERROR("Unsupported board HBI number 0x%x\n", hbi);
- panic();
- }
-
- /*
- * We assume that the presence of MT bit, and therefore shifted
- * affinities, is uniform across the platform: either all CPUs, or no
- * CPUs implement it.
- */
- if ((read_mpidr_el1() & MPIDR_MT_MASK) != 0U) {
- arm_config.flags |= ARM_CONFIG_FVP_SHIFTED_AFF;
- }
-}
-
-
-void __init fvp_interconnect_init(void)
-{
- uintptr_t cci_base = 0U;
- const int *cci_map = NULL;
- unsigned int map_size = 0U;
-
- /* Initialize the right interconnect */
- if ((arm_config.flags & ARM_CONFIG_FVP_HAS_CCI5XX) != 0U) {
- cci_base = PLAT_FVP_R_CCI5XX_BASE;
- cci_map = fvp_cci5xx_map;
- map_size = ARRAY_SIZE(fvp_cci5xx_map);
- } else if ((arm_config.flags & ARM_CONFIG_FVP_HAS_CCI400) != 0U) {
- cci_base = PLAT_FVP_R_CCI400_BASE;
- cci_map = fvp_cci400_map;
- map_size = ARRAY_SIZE(fvp_cci400_map);
- } else {
- return;
- }
-
- assert(cci_base != 0U);
- assert(cci_map != NULL);
- cci_init(cci_base, cci_map, map_size);
-}
-
-void fvp_interconnect_enable(void)
-{
- unsigned int master;
-
- if ((arm_config.flags & (ARM_CONFIG_FVP_HAS_CCI400 |
- ARM_CONFIG_FVP_HAS_CCI5XX)) != 0U) {
- master = get_interconnect_master();
- cci_enable_snoop_dvm_reqs(master);
- }
-}
-
-void fvp_interconnect_disable(void)
-{
- unsigned int master;
-
- if ((arm_config.flags & (ARM_CONFIG_FVP_HAS_CCI400 |
- ARM_CONFIG_FVP_HAS_CCI5XX)) != 0U) {
- master = get_interconnect_master();
- cci_disable_snoop_dvm_reqs(master);
- }
-}
-
-#if TRUSTED_BOARD_BOOT
-int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
-{
- assert(heap_addr != NULL);
- assert(heap_size != NULL);
-
- return arm_get_mbedtls_heap(heap_addr, heap_size);
-}
-#endif
-
-void fvp_timer_init(void)
-{
-#if USE_SP804_TIMER
- /* Enable the clock override for SP804 timer 0, which means that no
- * clock dividers are applied and the raw (35MHz) clock will be used.
- */
- mmio_write_32(V2M_SP810_BASE, FVP_R_SP810_CTRL_TIM0_OV);
-
- /* Initialize delay timer driver using SP804 dual timer 0 */
- sp804_timer_init(V2M_SP804_TIMER0_BASE,
- SP804_TIMER_CLKMULT, SP804_TIMER_CLKDIV);
-#else
- generic_delay_timer_init();
-
- /* Enable System level generic timer */
- mmio_write_32(ARM_SYS_CNTCTL_BASE + CNTCR_OFF,
- CNTCR_FCREQ(0U) | CNTCR_EN);
-#endif /* USE_SP804_TIMER */
-}
-
-/* Get SOC version */
-int32_t plat_get_soc_version(void)
-{
- return (int32_t)
- ((ARM_SOC_IDENTIFICATION_CODE << ARM_SOC_IDENTIFICATION_SHIFT)
- | (ARM_SOC_CONTINUATION_CODE << ARM_SOC_CONTINUATION_SHIFT)
- | FVP_R_SOC_ID);
-}
-
-/* Get SOC revision */
-int32_t plat_get_soc_revision(void)
-{
- unsigned int sys_id;
-
- sys_id = mmio_read_32(V2M_SYSREGS_BASE + V2M_SYS_ID);
- return (int32_t)((sys_id >> V2M_SYS_ID_REV_SHIFT) &
- V2M_SYS_ID_REV_MASK);
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_context_mgmt.c b/plat/arm/board/fvp_r/fvp_r_context_mgmt.c
deleted file mode 100644
index d172d2d..0000000
--- a/plat/arm/board/fvp_r/fvp_r_context_mgmt.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch_helpers.h>
-
-/************************************************************
- * For R-class everything is in secure world.
- * Prepare the CPU system registers for first entry into EL1
- ************************************************************/
-void cm_prepare_el2_exit(void)
-{
- uint64_t hcr_el2 = 0U;
-
- /*
- * The use of ARMv8.3 pointer authentication (PAuth) is governed
- * by fields in HCR_EL2, which trigger a 'trap to EL2' if not
- * enabled. This register initialized at boot up, update PAuth
- * bits.
- *
- * HCR_API_BIT: Set to one to disable traps to EL2 if lower ELs
- * access PAuth registers
- *
- * HCR_APK_BIT: Set to one to disable traps to EL2 if lower ELs
- * access PAuth instructions
- */
- hcr_el2 = read_hcr_el2();
- write_hcr_el2(hcr_el2 | HCR_API_BIT | HCR_APK_BIT);
-
- /*
- * Initialise CNTHCTL_EL2. All fields are architecturally UNKNOWN
- * on reset and are set to zero except for field(s) listed below.
- *
- * CNTHCTL_EL2.EL1PCEN: Set to one to disable traps to EL2
- * if lower ELs accesses to the physical timer registers.
- *
- * CNTHCTL_EL2.EL1PCTEN: Set to one to disable traps to EL2
- * if lower ELs access to the physical counter registers.
- */
- write_cnthctl_el2(CNTHCTL_RESET_VAL | EL1PCEN_BIT | EL1PCTEN_BIT);
-
- /*
- * On Armv8-R, the EL1&0 memory system architecture is configurable
- * as a VMSA or PMSA. All the fields architecturally UNKNOWN on reset
- * and are set to zero except for field listed below.
- *
- * VCTR_EL2.MSA: Set to one to ensure the VMSA is enabled so that
- * rich OS can boot.
- */
- write_vtcr_el2(VTCR_RESET_VAL | VTCR_EL2_MSA);
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_debug.S b/plat/arm/board/fvp_r/fvp_r_debug.S
deleted file mode 100644
index cc5ffc0..0000000
--- a/plat/arm/board/fvp_r/fvp_r_debug.S
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <common/debug.h>
-
- .globl el2_panic
-
- /***********************************************************
- * The common implementation of el3_panic for all BL stages
- ***********************************************************/
-
-.section .rodata.panic_str, "aS"
- panic_msg: .asciz "PANIC at PC : 0x"
-
-/*
- * el2_panic will be redefined by the
- * crash reporting mechanism (if enabled)
- */
-el2_panic:
- mov x6, x30
- bl plat_crash_console_init
-
- /* Check if the console is initialized */
- cbz x0, _panic_handler
-
- /* The console is initialized */
- adr x4, panic_msg
- bl asm_print_str
- mov x4, x6
-
- /* The panic location is lr -4 */
- sub x4, x4, #4
- bl asm_print_hex
-
- bl plat_crash_console_flush
-
-_panic_handler:
- /* Pass to plat_panic_handler the address from where el2_panic was
- * called, not the address of the call from el2_panic.
- */
- mov x30, x6
- b plat_panic_handler
diff --git a/plat/arm/board/fvp_r/fvp_r_def.h b/plat/arm/board/fvp_r/fvp_r_def.h
deleted file mode 100644
index eda39cf..0000000
--- a/plat/arm/board/fvp_r/fvp_r_def.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef FVP_R_DEF_H
-#define FVP_R_DEF_H
-
-#include <lib/utils_def.h>
-
-/******************************************************************************
- * FVP-R topology constants
- *****************************************************************************/
-#define FVP_R_CLUSTER_COUNT 2
-#define FVP_R_MAX_CPUS_PER_CLUSTER 4
-#define FVP_R_MAX_PE_PER_CPU 1
-#define FVP_R_PRIMARY_CPU 0x0
-
-/******************************************************************************
- * Definition of platform soc id
- *****************************************************************************/
-#define FVP_R_SOC_ID 0
-
-/*******************************************************************************
- * FVP_R memory map related constants
- ******************************************************************************/
-
-#define FLASH1_BASE UL(0x8c000000)
-#define FLASH1_SIZE UL(0x04000000)
-
-#define PSRAM_BASE UL(0x94000000)
-#define PSRAM_SIZE UL(0x04000000)
-
-#define VRAM_BASE UL(0x98000000)
-#define VRAM_SIZE UL(0x02000000)
-
-/* Aggregate of all devices in the first GB */
-#define DEVICE0_BASE UL(0xa0000000)
-#define DEVICE0_SIZE UL(0x0c200000)
-
-/*
- * In case of FVP_R models with CCN, the CCN register space overlaps into
- * the NSRAM area.
- */
-#define DEVICE1_BASE UL(0xae000000)
-#define DEVICE1_SIZE UL(0x1A00000)
-
-#define NSRAM_BASE UL(0xae000000)
-#define NSRAM_SIZE UL(0x10000)
-/* Devices in the second GB */
-#define DEVICE2_BASE UL(0xffe00000)
-#define DEVICE2_SIZE UL(0x00200000)
-
-#define PCIE_EXP_BASE UL(0xc0000000)
-#define TZRNG_BASE UL(0x7fe60000)
-
-/* Non-volatile counters */
-#define TRUSTED_NVCTR_BASE UL(0xffe70000)
-#define TFW_NVCTR_BASE (TRUSTED_NVCTR_BASE + UL(0x0000))
-#define TFW_NVCTR_SIZE UL(4)
-#define NTFW_CTR_BASE (TRUSTED_NVCTR_BASE + UL(0x0004))
-#define NTFW_CTR_SIZE UL(4)
-
-/* Keys */
-#define SOC_KEYS_BASE UL(0xffe80000)
-#define TZ_PUB_KEY_HASH_BASE (SOC_KEYS_BASE + UL(0x0000))
-#define TZ_PUB_KEY_HASH_SIZE UL(32)
-#define HU_KEY_BASE (SOC_KEYS_BASE + UL(0x0020))
-#define HU_KEY_SIZE UL(16)
-#define END_KEY_BASE (SOC_KEYS_BASE + UL(0x0044))
-#define END_KEY_SIZE UL(32)
-
-/* Constants to distinguish FVP_R type */
-#define HBI_BASE_FVP_R U(0x020)
-#define REV_BASE_FVP_R_V0 U(0x0)
-#define REV_BASE_FVP_R_REVC U(0x2)
-
-#define HBI_FOUNDATION_FVP_R U(0x010)
-#define REV_FOUNDATION_FVP_R_V2_0 U(0x0)
-#define REV_FOUNDATION_FVP_R_V2_1 U(0x1)
-#define REV_FOUNDATION_FVP_R_v9_1 U(0x2)
-#define REV_FOUNDATION_FVP_R_v9_6 U(0x3)
-
-#define BLD_GIC_VE_MMAP U(0x0)
-#define BLD_GIC_A53A57_MMAP U(0x1)
-
-#define ARCH_MODEL U(0x1)
-
-/* FVP_R Power controller base address*/
-#define PWRC_BASE UL(0x1c100000)
-
-/* FVP_R SP804 timer frequency is 35 MHz*/
-#define SP804_TIMER_CLKMULT 1
-#define SP804_TIMER_CLKDIV 35
-
-/* SP810 controller. FVP_R specific flags */
-#define FVP_R_SP810_CTRL_TIM0_OV BIT_32(16)
-#define FVP_R_SP810_CTRL_TIM1_OV BIT_32(18)
-#define FVP_R_SP810_CTRL_TIM2_OV BIT_32(20)
-#define FVP_R_SP810_CTRL_TIM3_OV BIT_32(22)
-
-#endif /* FVP_R_DEF_H */
diff --git a/plat/arm/board/fvp_r/fvp_r_err.c b/plat/arm/board/fvp_r/fvp_r_err.c
deleted file mode 100644
index 7ee752b..0000000
--- a/plat/arm/board/fvp_r/fvp_r_err.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright (c) 2021, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <errno.h>
-
-#include <common/debug.h>
-#include <drivers/arm/sp805.h>
-#include <drivers/cfi/v2m_flash.h>
-#include <plat/arm/common/plat_arm.h>
-#include <platform_def.h>
-
-/*
- * FVP_R error handler
- */
-__dead2 void plat_arm_error_handler(int err)
-{
- int ret;
-
- switch (err) {
- case -ENOENT:
- case -EAUTH:
- /* Image load or authentication error. Erase the ToC */
- INFO("Erasing FIP ToC from flash...\n");
- (void)nor_unlock(PLAT_ARM_FLASH_IMAGE_BASE);
- ret = nor_word_program(PLAT_ARM_FLASH_IMAGE_BASE, 0);
- if (ret != 0) {
- ERROR("Cannot erase ToC\n");
- } else {
- INFO("Done\n");
- }
- break;
- default:
- /* Unexpected error */
- break;
- }
-
- (void)console_flush();
-
- /* Setup the watchdog to reset the system as soon as possible */
- sp805_refresh(ARM_SP805_TWDG_BASE, 1U);
-
- while (true) {
- wfi();
- }
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_helpers.S b/plat/arm/board/fvp_r/fvp_r_helpers.S
deleted file mode 100644
index ba85777..0000000
--- a/plat/arm/board/fvp_r/fvp_r_helpers.S
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <asm_macros.S>
-#include <drivers/arm/fvp/fvp_pwrc.h>
-#include <drivers/arm/gicv2.h>
-#include <drivers/arm/gicv3.h>
-
-#include <platform_def.h>
-
-
- .globl plat_secondary_cold_boot_setup
- .globl plat_get_my_entrypoint
- .globl plat_is_my_cpu_primary
-
- /* -----------------------------------------------------
- * void plat_secondary_cold_boot_setup (void);
- *
- * This function performs any platform specific actions
- * needed for a secondary cpu after a cold reset e.g
- * mark the cpu's presence, mechanism to place it in a
- * holding pen etc.
- * TODO: Should we read the PSYS register to make sure
- * that the request has gone through.
- * -----------------------------------------------------
- */
-func plat_secondary_cold_boot_setup
- /* ---------------------------------------------
- * Power down this cpu.
- * TODO: Do we need to worry about powering the
- * cluster down as well here? That will need
- * locks which we won't have unless an elf-
- * loader zeroes out the zi section.
- * ---------------------------------------------
- */
- mrs x0, mpidr_el1
- mov_imm x1, PWRC_BASE
- str w0, [x1, #PPOFFR_OFF]
-
- /* ---------------------------------------------
- * There is no sane reason to come out of this
- * wfi so panic if we do. This cpu will be pow-
- * ered on and reset by the cpu_on pm api
- * ---------------------------------------------
- */
- dsb sy
- wfi
- no_ret plat_panic_handler
-endfunc plat_secondary_cold_boot_setup
-
- /* ---------------------------------------------------------------------
- * uintptr_t plat_get_my_entrypoint (void);
- *
- * Main job of this routine is to distinguish between a cold and warm
- * boot. On FVP_R, this information can be queried from the power
- * controller. The Power Control SYS Status Register (PSYSR) indicates
- * the wake-up reason for the CPU.
- *
- * For a cold boot, return 0.
- * For a warm boot, read the mailbox and return the address it contains.
- *
- * TODO: PSYSR is a common register and should be
- * accessed using locks. Since it is not possible
- * to use locks immediately after a cold reset
- * we are relying on the fact that after a cold
- * reset all cpus will read the same WK field
- * ---------------------------------------------------------------------
- */
-func plat_get_my_entrypoint
- /* ---------------------------------------------------------------------
- * When bit PSYSR.WK indicates either "Wake by PPONR" or "Wake by GIC
- * WakeRequest signal" then it is a warm boot.
- * ---------------------------------------------------------------------
- */
- mrs x2, mpidr_el1
- mov_imm x1, PWRC_BASE
- str w2, [x1, #PSYSR_OFF]
- ldr w2, [x1, #PSYSR_OFF]
- ubfx w2, w2, #PSYSR_WK_SHIFT, #PSYSR_WK_WIDTH
- cmp w2, #WKUP_PPONR
- beq warm_reset
- cmp w2, #WKUP_GICREQ
- beq warm_reset
-
- /* Cold reset */
- mov x0, #0
- ret
-
-warm_reset:
- /* ---------------------------------------------------------------------
- * A mailbox is maintained in the trusted SRAM. It is flushed out of the
- * caches after every update using normal memory so it is safe to read
- * it here with SO attributes.
- * ---------------------------------------------------------------------
- */
- mov_imm x0, PLAT_ARM_TRUSTED_MAILBOX_BASE
- ldr x0, [x0]
- cbz x0, _panic_handler
- ret
-
- /* ---------------------------------------------------------------------
- * The power controller indicates this is a warm reset but the mailbox
- * is empty. This should never happen!
- * ---------------------------------------------------------------------
- */
-_panic_handler:
- no_ret plat_panic_handler
-endfunc plat_get_my_entrypoint
-
- /* -----------------------------------------------------
- * unsigned int plat_is_my_cpu_primary (void);
- *
- * Find out whether the current cpu is the primary
- * cpu.
- * -----------------------------------------------------
- */
-func plat_is_my_cpu_primary
- mrs x0, mpidr_el1
- mov_imm x1, MPIDR_AFFINITY_MASK
- and x0, x0, x1
- cmp x0, #FVP_R_PRIMARY_CPU
- cset w0, eq
- ret
-endfunc plat_is_my_cpu_primary
diff --git a/plat/arm/board/fvp_r/fvp_r_io_storage.c b/plat/arm/board/fvp_r/fvp_r_io_storage.c
deleted file mode 100644
index 3b44828..0000000
--- a/plat/arm/board/fvp_r/fvp_r_io_storage.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <common/debug.h>
-#include <drivers/io/io_driver.h>
-#include <drivers/io/io_semihosting.h>
-#include <drivers/io/io_storage.h>
-#include <lib/semihosting.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/common_def.h>
-
-/* Semihosting filenames */
-#define BL33_IMAGE_NAME "bl33.bin"
-
-#if TRUSTED_BOARD_BOOT
-#define TRUSTED_KEY_CERT_NAME "trusted_key.crt"
-#define NT_FW_KEY_CERT_NAME "nt_fw_key.crt"
-#define NT_FW_CONTENT_CERT_NAME "nt_fw_content.crt"
-#endif /* TRUSTED_BOARD_BOOT */
-
-/* IO devices */
-static const io_dev_connector_t *sh_dev_con;
-static uintptr_t sh_dev_handle;
-
-static const io_file_spec_t sh_file_spec[] = {
- [BL33_IMAGE_ID] = {
- .path = BL33_IMAGE_NAME,
- .mode = FOPEN_MODE_RB
- },
-#if TRUSTED_BOARD_BOOT
- [TRUSTED_KEY_CERT_ID] = {
- .path = TRUSTED_KEY_CERT_NAME,
- .mode = FOPEN_MODE_RB
- },
- [NON_TRUSTED_FW_KEY_CERT_ID] = {
- .path = NT_FW_KEY_CERT_NAME,
- .mode = FOPEN_MODE_RB
- },
- [NON_TRUSTED_FW_CONTENT_CERT_ID] = {
- .path = NT_FW_CONTENT_CERT_NAME,
- .mode = FOPEN_MODE_RB
- },
-#endif /* TRUSTED_BOARD_BOOT */
-};
-
-
-static int open_semihosting(const uintptr_t spec)
-{
- int result;
- uintptr_t local_image_handle;
-
- /* See if the file exists on semi-hosting.*/
- result = io_dev_init(sh_dev_handle, (uintptr_t)NULL);
- if (result == 0) {
- result = io_open(sh_dev_handle, spec, &local_image_handle);
- if (result == 0) {
- VERBOSE("Using Semi-hosting IO\n");
- io_close(local_image_handle);
- }
- }
- return result;
-}
-
-void plat_arm_io_setup(void)
-{
- int io_result;
-
- io_result = arm_io_setup();
- if (io_result < 0) {
- panic();
- }
-
- /* Register the additional IO devices on this platform */
- io_result = register_io_dev_sh(&sh_dev_con);
- if (io_result < 0) {
- panic();
- }
-
- /* Open connections to devices and cache the handles */
- io_result = io_dev_open(sh_dev_con, (uintptr_t)NULL, &sh_dev_handle);
- if (io_result < 0) {
- panic();
- }
-}
-
-/*
- * FVP_R provides semihosting as an alternative to load images
- */
-int plat_arm_get_alt_image_source(unsigned int image_id, uintptr_t *dev_handle,
- uintptr_t *image_spec)
-{
- int result = open_semihosting((const uintptr_t)&sh_file_spec[image_id]);
-
- if (result == 0) {
- *dev_handle = sh_dev_handle;
- *image_spec = (uintptr_t)&sh_file_spec[image_id];
- }
-
- return result;
-}
diff --git a/plat/arm/board/fvp_r/fvp_r_misc_helpers.S b/plat/arm/board/fvp_r/fvp_r_misc_helpers.S
deleted file mode 100644
index 67ad164..0000000
--- a/plat/arm/board/fvp_r/fvp_r_misc_helpers.S
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <asm_macros.S>
-
- .globl disable_mpu_el2
- .globl disable_mpu_icache_el2
-
-/* ---------------------------------------------------------------------------
- * Disable the MPU at EL2.
- * ---------------------------------------------------------------------------
- */
-
-func disable_mpu_el2
- mov x1, #(SCTLR_M_BIT | SCTLR_C_BIT)
-do_disable_mpu_el2:
- mrs x0, sctlr_el2
- bic x0, x0, x1
- msr sctlr_el2, x0
- isb /* ensure MMU is off */
- dsb sy
- ret
-endfunc disable_mpu_el2
-
-
-func disable_mpu_icache_el2
- mov x1, #(SCTLR_M_BIT | SCTLR_C_BIT | SCTLR_I_BIT)
- b do_disable_mpu_el2
-endfunc disable_mpu_icache_el2
diff --git a/plat/arm/board/fvp_r/fvp_r_private.h b/plat/arm/board/fvp_r/fvp_r_private.h
deleted file mode 100644
index 48f6e89..0000000
--- a/plat/arm/board/fvp_r/fvp_r_private.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef FVP_R_PRIVATE_H
-#define FVP_R_PRIVATE_H
-
-#include <plat/arm/common/plat_arm.h>
-
-/*******************************************************************************
- * Function and variable prototypes
- ******************************************************************************/
-
-void fvp_config_setup(void);
-
-void fvp_interconnect_init(void);
-void fvp_interconnect_enable(void);
-void fvp_interconnect_disable(void);
-void fvp_timer_init(void);
-
-#endif /* FVP_R_PRIVATE_H */
diff --git a/plat/arm/board/fvp_r/fvp_r_stack_protector.c b/plat/arm/board/fvp_r/fvp_r_stack_protector.c
deleted file mode 100644
index 69b6312..0000000
--- a/plat/arm/board/fvp_r/fvp_r_stack_protector.c
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <stdint.h>
-
-#include <fvp_r_arch_helpers.h>
-#include <plat/common/platform.h>
-
-#define RANDOM_CANARY_VALUE ((u_register_t) 8092347823957523895ULL)
-
-u_register_t plat_get_stack_protector_canary(void)
-{
- /*
- * Ideally, a random number should be returned instead of the
- * combination of a timer's value and a compile-time constant. As the
- * FVP_R does not have any random number generator, this is better than
- * nothing but not necessarily really secure.
- */
- return RANDOM_CANARY_VALUE ^ read_cntpct_el0();
-}
-
diff --git a/plat/arm/board/fvp_r/fvp_r_trusted_boot.c b/plat/arm/board/fvp_r/fvp_r_trusted_boot.c
deleted file mode 100644
index de0b28f..0000000
--- a/plat/arm/board/fvp_r/fvp_r_trusted_boot.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-#include <stdint.h>
-#include <string.h>
-
-#include <lib/fconf/fconf.h>
-#include <lib/mmio.h>
-#include <tools_share/tbbr_oid.h>
-
-#include <plat/arm/common/fconf_nv_cntr_getter.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-#include <platform_def.h>
-
-
-/*
- * Return the ROTPK hash in the following ASN.1 structure in DER format:
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL
- * }
- *
- * DigestInfo ::= SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING
- * }
- */
-int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
-{
- return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
-}
-
-/*
- * Store a new non-volatile counter value.
- *
- * On some FVP_R versions, the non-volatile counters are read-only so this
- * function will always fail.
- *
- * Return: 0 = success, Otherwise = error
- */
-int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
-{
- const char *oid;
- uintptr_t nv_ctr_addr;
-
- assert(cookie != NULL);
-
- oid = (const char *)cookie;
- if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
- nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
- TRUSTED_NV_CTR_ID);
- } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
- nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
- NON_TRUSTED_NV_CTR_ID);
- } else {
- return 1;
- }
-
- mmio_write_32(nv_ctr_addr, nv_ctr);
-
- /*
- * If the FVP_R models a locked counter then its value cannot be updated
- * and the above write operation has been silently ignored.
- */
- return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1;
-}
diff --git a/plat/arm/board/fvp_r/include/fvp_r_arch_helpers.h b/plat/arm/board/fvp_r/include/fvp_r_arch_helpers.h
deleted file mode 100644
index 92bf484..0000000
--- a/plat/arm/board/fvp_r/include/fvp_r_arch_helpers.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef FVP_R_ARCH_HELPERS_H
-#define FVP_R_ARCH_HELPERS_H
-
-#include <arch_helpers.h>
-
-/*******************************************************************************
- * MPU register definitions
- ******************************************************************************/
-#define MPUIR_EL2 S3_4_C0_C0_4
-#define PRBAR_EL2 S3_4_C6_C8_0
-#define PRLAR_EL2 S3_4_C6_C8_1
-#define PRSELR_EL2 S3_4_C6_C2_1
-#define PRENR_EL2 S3_4_C6_C1_1
-
-/* v8-R64 MPU registers */
-DEFINE_RENAME_SYSREG_RW_FUNCS(mpuir_el2, MPUIR_EL2)
-DEFINE_RENAME_SYSREG_RW_FUNCS(prenr_el2, PRENR_EL2)
-DEFINE_RENAME_SYSREG_RW_FUNCS(prselr_el2, PRSELR_EL2)
-DEFINE_RENAME_SYSREG_RW_FUNCS(prbar_el2, PRBAR_EL2)
-DEFINE_RENAME_SYSREG_RW_FUNCS(prlar_el2, PRLAR_EL2)
-
-#endif /* FVP_R_ARCH_HELPERS_H */
diff --git a/plat/arm/board/fvp_r/include/platform_def.h b/plat/arm/board/fvp_r/include/platform_def.h
deleted file mode 100644
index 1fdec15..0000000
--- a/plat/arm/board/fvp_r/include/platform_def.h
+++ /dev/null
@@ -1,261 +0,0 @@
-/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef FVP_R_PLATFORM_DEF_H
-#define FVP_R_PLATFORM_DEF_H
-
-#define PLAT_V2M_OFFSET 0x80000000
-
-#define BL33_IMAGE_DESC { \
- .image_id = BL33_IMAGE_ID, \
- SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, \
- VERSION_2, image_info_t, 0), \
- .image_info.image_base = PLAT_ARM_DRAM1_BASE + 0x1000, \
- .image_info.image_max_size = UL(0x3ffff000), \
- SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP, \
- VERSION_2, entry_point_info_t, SECURE | EXECUTABLE),\
- .ep_info.pc = PLAT_ARM_DRAM1_BASE + 0x1000, \
- .ep_info.spsr = SPSR_64(MODE_EL2, MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS), \
-}
-
-#include "../fvp_r_def.h"
-#include <drivers/arm/tzc400.h>
-#include <lib/utils_def.h>
-#include <plat/arm/board/common/v2m_def.h>
-
-/* These are referenced by arm_def.h #included next, so #define first. */
-#define PLAT_ARM_TRUSTED_ROM_BASE UL(0x80000000)
-#define PLAT_ARM_TRUSTED_SRAM_BASE UL(0x84000000)
-#define PLAT_ARM_TRUSTED_DRAM_BASE UL(0x86000000)
-#define PLAT_ARM_DRAM1_BASE ULL(0x0)
-#define PLAT_ARM_DRAM2_BASE ULL(0x080000000)
-
-#define PLAT_HW_CONFIG_DTB_BASE ULL(0x12000000)
-#define PLAT_ARM_SYS_CNTCTL_BASE UL(0xaa430000)
-#define PLAT_ARM_SYS_CNTREAD_BASE UL(0xaa800000)
-#define PLAT_ARM_SYS_TIMCTL_BASE UL(0xaa810000)
-#define PLAT_ARM_SYS_CNT_BASE_S UL(0xaa820000)
-#define PLAT_ARM_SYS_CNT_BASE_NS UL(0xaa830000)
-#define PLAT_ARM_SP805_TWDG_BASE UL(0xaa490000)
-
-#include <plat/arm/common/arm_def.h>
-#include <plat/common/common_def.h>
-
-
-/* Required to create plat_regions: */
-#define MIN_LVL_BLOCK_DESC U(1)
-
-/* Required platform porting definitions */
-#define PLATFORM_CORE_COUNT (U(FVP_R_CLUSTER_COUNT) * \
- U(FVP_R_MAX_CPUS_PER_CLUSTER) * \
- U(FVP_R_MAX_PE_PER_CPU))
-
-#define PLAT_NUM_PWR_DOMAINS (U(FVP_R_CLUSTER_COUNT) + \
- PLATFORM_CORE_COUNT + U(1))
-
-#define PLAT_MAX_PWR_LVL ARM_PWR_LVL2
-
-/*
- * Other platform porting definitions are provided by included headers
- */
-
-/*
- * Required ARM standard platform porting definitions
- */
-#define PLAT_ARM_CLUSTER_COUNT U(FVP_R_CLUSTER_COUNT)
-#define PLAT_ARM_DRAM1_SIZE ULL(0x7fffffff)
-#define PLAT_ARM_TRUSTED_SRAM_SIZE UL(0x00040000) /* 256 KB */
-#define PLAT_ARM_TRUSTED_ROM_SIZE UL(0x04000000) /* 64 MB */
-#define PLAT_ARM_TRUSTED_DRAM_SIZE UL(0x02000000) /* 32 MB */
-
-/* These two are defined thus in arm_def.h, but doesn't seem to see it... */
-#define PLAT_BL1_RO_LIMIT (BL1_RO_BASE \
- + PLAT_ARM_TRUSTED_ROM_SIZE)
-
-/* virtual address used by dynamic mem_protect for chunk_base */
-#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
-
-/* No SCP in FVP_R */
-#define PLAT_ARM_SCP_TZC_DRAM1_SIZE UL(0x0)
-
-#define PLAT_ARM_DRAM2_SIZE UL(0x80000000)
-
-#define PLAT_ARM_HW_CONFIG_SIZE ULL(0x8000)
-
-#define ARM_DTB_DRAM_NS MAP_REGION_FLAT( \
- PLAT_HW_CONFIG_DTB_BASE, \
- PLAT_ARM_HW_CONFIG_SIZE, \
- MT_MEMORY | MT_RO | MT_NS)
-
-#define V2M_FVP_R_SYSREGS_BASE UL(0x9c010000)
-
-/*
- * Load address of BL33 for this platform port,
- * U-Boot specifically must be loaded at a 4K aligned address.
- */
-#define PLAT_ARM_NS_IMAGE_BASE (PLAT_ARM_DRAM1_BASE + 0x1000)
-
-/*
- * PLAT_ARM_MMAP_ENTRIES depends on the number of entries in the
- * plat_arm_mmap array defined for each BL stage.
- */
-#if !USE_ROMLIB
-# define PLAT_ARM_MMAP_ENTRIES 11
-# define MAX_XLAT_TABLES 5
-#else
-# define PLAT_ARM_MMAP_ENTRIES 12
-# define MAX_XLAT_TABLES 6
-#endif
-# define N_MPU_REGIONS 16 /* number of MPU regions */
-# define ALL_MPU_EL2_REGIONS_USED 0xffffffff
- /* this is the PRENR_EL2 value if all MPU regions are in use */
-
-/*
- * PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
- * plus a little space for growth.
- */
-#define PLAT_ARM_MAX_BL1_RW_SIZE UL(0xB000)
-
-/*
- * PLAT_ARM_MAX_ROMLIB_RW_SIZE is define to use a full page
- */
-
-#if USE_ROMLIB
-#define PLAT_ARM_MAX_ROMLIB_RW_SIZE UL(0x1000)
-#define PLAT_ARM_MAX_ROMLIB_RO_SIZE UL(0xe000)
-#define FVP_R_BL2_ROMLIB_OPTIMIZATION UL(0x6000)
-#else
-#define PLAT_ARM_MAX_ROMLIB_RW_SIZE UL(0)
-#define PLAT_ARM_MAX_ROMLIB_RO_SIZE UL(0)
-#define FVP_R_BL2_ROMLIB_OPTIMIZATION UL(0)
-#endif
-
-/*
- * PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
- * little space for growth.
- */
-#if TRUSTED_BOARD_BOOT
-#if COT_DESC_IN_DTB
-# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1E000) - FVP_R_BL2_ROMLIB_OPTIMIZATION)
-#else
-# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1D000) - FVP_R_BL2_ROMLIB_OPTIMIZATION)
-#endif
-#else
-# define PLAT_ARM_MAX_BL2_SIZE (UL(0x13000) - FVP_R_BL2_ROMLIB_OPTIMIZATION)
-#endif
-
-/*
- * Since BL31 NOBITS overlays BL2 and BL1-RW, PLAT_ARM_MAX_BL31_SIZE is
- * calculated using the current BL31 PROGBITS debug size plus the sizes of
- * BL2 and BL1-RW
- */
-#define PLAT_ARM_MAX_BL31_SIZE UL(0x3D000)
-
-/*
- * Size of cacheable stacks
- */
-#if defined(IMAGE_BL1)
-# if TRUSTED_BOARD_BOOT
-# define PLATFORM_STACK_SIZE UL(0x1000)
-# else
-# define PLATFORM_STACK_SIZE UL(0x500)
-# endif
-#endif
-
-#define MAX_IO_DEVICES 3
-#define MAX_IO_HANDLES 4
-
-/*
- * These nominally reserve the last block of flash for PSCI MEM PROTECT flag,
- * but no PSCI in FVP_R platform, so reserve nothing:
- */
-#define PLAT_ARM_FLASH_IMAGE_BASE (PLAT_ARM_DRAM1_BASE + UL(0x40000000))
-#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE (PLAT_ARM_DRAM1_SIZE - UL(0x40000000))
-
-#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
-#define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
-
-/*
- * PL011 related constants
- */
-#define PLAT_ARM_BOOT_UART_BASE V2M_IOFPGA_UART0_BASE
-#define PLAT_ARM_BOOT_UART_CLK_IN_HZ V2M_IOFPGA_UART0_CLK_IN_HZ
-
-#define PLAT_ARM_RUN_UART_BASE V2M_IOFPGA_UART1_BASE
-#define PLAT_ARM_RUN_UART_CLK_IN_HZ V2M_IOFPGA_UART1_CLK_IN_HZ
-
-#define PLAT_ARM_CRASH_UART_BASE PLAT_ARM_RUN_UART_BASE
-#define PLAT_ARM_CRASH_UART_CLK_IN_HZ PLAT_ARM_RUN_UART_CLK_IN_HZ
-
-#define PLAT_ARM_TSP_UART_BASE V2M_IOFPGA_UART2_BASE
-#define PLAT_ARM_TSP_UART_CLK_IN_HZ V2M_IOFPGA_UART2_CLK_IN_HZ
-
-/* CCI related constants */
-#define PLAT_FVP_R_CCI400_BASE UL(0xac090000)
-#define PLAT_FVP_R_CCI400_CLUS0_SL_PORT 3
-#define PLAT_FVP_R_CCI400_CLUS1_SL_PORT 4
-
-/* CCI-500/CCI-550 on Base platform */
-#define PLAT_FVP_R_CCI5XX_BASE UL(0xaa000000)
-#define PLAT_FVP_R_CCI5XX_CLUS0_SL_PORT 5
-#define PLAT_FVP_R_CCI5XX_CLUS1_SL_PORT 6
-
-/* System timer related constants */
-#define PLAT_ARM_NSTIMER_FRAME_ID U(1)
-
-/* Mailbox base address */
-#define PLAT_ARM_TRUSTED_MAILBOX_BASE ARM_TRUSTED_SRAM_BASE
-
-
-/* TrustZone controller related constants
- *
- * Currently only filters 0 and 2 are connected on Base FVP_R.
- * Filter 0 : CPU clusters (no access to DRAM by default)
- * Filter 1 : not connected
- * Filter 2 : LCDs (access to VRAM allowed by default)
- * Filter 3 : not connected
- * Programming unconnected filters will have no effect at the
- * moment. These filter could, however, be connected in future.
- * So care should be taken not to configure the unused filters.
- *
- * Allow only non-secure access to all DRAM to supported devices.
- * Give access to the CPUs and Virtio. Some devices
- * would normally use the default ID so allow that too.
- */
-#define PLAT_ARM_TZC_BASE UL(0xaa4a0000)
-#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0)
-
-#define PLAT_ARM_TZC_NS_DEV_ACCESS ( \
- TZC_REGION_ACCESS_RDWR(FVP_R_NSAID_DEFAULT) | \
- TZC_REGION_ACCESS_RDWR(FVP_R_NSAID_PCI) | \
- TZC_REGION_ACCESS_RDWR(FVP_R_NSAID_AP) | \
- TZC_REGION_ACCESS_RDWR(FVP_R_NSAID_VIRTIO) | \
- TZC_REGION_ACCESS_RDWR(FVP_R_NSAID_VIRTIO_OLD))
-
-/*
- * GIC related constants to cater for both GICv2 and GICv3 instances of an
- * FVP_R. They could be overridden at runtime in case the FVP_R implements the
- * legacy VE memory map.
- */
-#define PLAT_ARM_GICD_BASE BASE_GICD_BASE
-#define PLAT_ARM_GICR_BASE BASE_GICR_BASE
-#define PLAT_ARM_GICC_BASE BASE_GICC_BASE
-
-#define PLAT_ARM_SP_IMAGE_STACK_BASE (PLAT_SP_IMAGE_NS_BUF_BASE + \
- PLAT_SP_IMAGE_NS_BUF_SIZE)
-
-#define PLAT_SP_PRI PLAT_RAS_PRI
-
-/*
- * Physical and virtual address space limits for MPU in AARCH64 & AARCH32 modes
- */
-#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 36)
-#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 36)
-
-#define ARM_SOC_CONTINUATION_SHIFT U(24)
-#define ARM_SOC_IDENTIFICATION_SHIFT U(16)
-
-#endif /* FVP_R_PLATFORM_DEF_H */
diff --git a/plat/arm/board/fvp_r/platform.mk b/plat/arm/board/fvp_r/platform.mk
deleted file mode 100644
index 71cb9e2..0000000
--- a/plat/arm/board/fvp_r/platform.mk
+++ /dev/null
@@ -1,100 +0,0 @@
-#
-# Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-# Only aarch64 ARCH supported for FVP_R
-ARCH := aarch64
-
-# Override to exclude BL2, BL2U, BL31, and BL33 for FVP_R
-override NEED_BL2 := no
-override NEED_BL2U := no
-override NEED_BL31 := no
-NEED_BL32 := no
-
-override CTX_INCLUDE_AARCH32_REGS := 0
-
-# Use MPU-based memory management:
-XLAT_MPU_LIB_V1 := 1
-
-# FVP R will not have more than 2 clusters so just use CCI interconnect
-FVP_R_INTERCONNECT_SOURCES := drivers/arm/cci/cci.c
-
-
-include plat/arm/board/common/board_common.mk
-include plat/arm/common/arm_common.mk
-
-PLAT_INCLUDES += -Iplat/arm/board/fvp_r/include
-
-FVP_R_BL_COMMON_SOURCES := plat/arm/board/fvp_r/fvp_r_common.c \
- plat/arm/board/fvp_r/fvp_r_context_mgmt.c \
- plat/arm/board/fvp_r/fvp_r_debug.S \
- plat/arm/board/fvp_r/fvp_r_err.c \
- plat/arm/board/fvp_r/fvp_r_helpers.S \
- plat/arm/board/fvp_r/fvp_r_misc_helpers.S
-
-FVP_R_BL1_SOURCES := plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c \
- plat/arm/board/fvp_r/fvp_r_bl1_setup.c \
- plat/arm/board/fvp_r/fvp_r_io_storage.c \
- plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S \
- plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S \
- plat/arm/board/fvp_r/fvp_r_bl1_main.c
-
-FVP_R_CPU_LIBS := lib/cpus/${ARCH}/aem_generic.S
-
-FVP_R_DYNC_CFG_SOURCES := common/fdt_wrappers.c \
- plat/arm/common/arm_dyn_cfg.c
-
-ifeq (${TRUSTED_BOARD_BOOT},1)
-FVP_R_AUTH_SOURCES := drivers/auth/auth_mod.c \
- drivers/auth/crypto_mod.c \
- drivers/auth/img_parser_mod.c \
- lib/fconf/fconf_tbbr_getter.c \
- plat/common/tbbr/plat_tbbr.c \
- drivers/auth/tbbr/tbbr_cot_bl1_r64.c \
- drivers/auth/tbbr/tbbr_cot_common.c \
- plat/arm/board/common/board_arm_trusted_boot.c \
- plat/arm/board/common/rotpk/arm_dev_rotpk.S \
- plat/arm/board/fvp_r/fvp_r_trusted_boot.c
-
-FVP_R_BL1_SOURCES += ${MBEDTLS_SOURCES} \
- ${FVP_R_AUTH_SOURCES}
-endif
-
-ifeq (${USE_SP804_TIMER},1)
-FVP_R_BL_COMMON_SOURCES += drivers/arm/sp804/sp804_delay_timer.c
-else
-FVP_R_BL_COMMON_SOURCES += drivers/delay_timer/generic_delay_timer.c
-endif
-
-# Enable Activity Monitor Unit extensions by default
-ENABLE_FEAT_AMU := 2
-
-ifneq (${ENABLE_STACK_PROTECTOR},0)
-FVP_R_BL_COMMON_SOURCES += plat/arm/board/fvp_r/fvp_r_stack_protector.c
-endif
-
-override BL1_SOURCES := drivers/arm/sp805/sp805.c \
- drivers/cfi/v2m/v2m_flash.c \
- drivers/delay_timer/delay_timer.c \
- drivers/io/io_fip.c \
- drivers/io/io_memmap.c \
- drivers/io/io_storage.c \
- drivers/io/io_semihosting.c \
- lib/cpus/aarch64/cpu_helpers.S \
- lib/cpus/errata_report.c \
- lib/fconf/fconf_dyn_cfg_getter.c \
- lib/semihosting/semihosting.c \
- lib/semihosting/${ARCH}/semihosting_call.S \
- plat/arm/common/arm_bl1_setup.c \
- plat/arm/common/arm_err.c \
- plat/arm/common/arm_io_storage.c \
- plat/arm/common/fconf/arm_fconf_io.c \
- plat/common/plat_bl1_common.c \
- plat/common/aarch64/platform_up_stack.S \
- ${FVP_R_BL1_SOURCES} \
- ${FVP_R_BL_COMMON_SOURCES} \
- ${FVP_R_CPU_LIBS} \
- ${FVP_R_DYNC_CFG_SOURCES} \
- ${FVP_R_INTERCONNECT_SOURCES}
diff --git a/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c b/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c
index cc29f36..3209a1c 100644
--- a/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c
+++ b/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,7 +15,7 @@
void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3)
{
- arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ arm_bl2_early_platform_setup(arg0, arg1, arg2, arg3);
/* Initialize the platform config for future decision making */
fvp_ve_config_setup();
diff --git a/plat/arm/board/fvp_ve/platform.mk b/plat/arm/board/fvp_ve/platform.mk
index 79cf356..b1fcd52 100644
--- a/plat/arm/board/fvp_ve/platform.mk
+++ b/plat/arm/board/fvp_ve/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019-2023, Arm Limited. All rights reserved.
+# Copyright (c) 2019-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -12,12 +12,7 @@
BL2_SOURCES += drivers/arm/sp804/sp804_delay_timer.c
endif
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-FVP_VE_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
+USE_GIC_DRIVER := 2
FVP_VE_SECURITY_SOURCES := plat/arm/board/fvp_ve/fvp_ve_security.c
diff --git a/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c b/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c
index e6a1bbe..eba122f 100644
--- a/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c
+++ b/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,5 +11,5 @@
void plat_arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_sp_min_early_platform_setup(arg0, arg1, arg2, arg3);
}
diff --git a/plat/arm/board/fvp_ve/sp_min/sp_min-fvp_ve.mk b/plat/arm/board/fvp_ve/sp_min/sp_min-fvp_ve.mk
index 4ca810d..db1a616 100644
--- a/plat/arm/board/fvp_ve/sp_min/sp_min-fvp_ve.mk
+++ b/plat/arm/board/fvp_ve/sp_min/sp_min-fvp_ve.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2019, Arm Limited. All rights reserved.
+# Copyright (c) 2019-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -18,5 +18,4 @@
plat/common/aarch32/platform_mp_stack.S \
plat/common/plat_psci_common.c \
${FVP_VE_CPU_LIBS} \
- ${FVP_VE_GIC_SOURCES} \
${FVP_VE_SECURITY_SOURCES}
diff --git a/plat/arm/board/juno/include/platform_def.h b/plat/arm/board/juno/include/platform_def.h
index 777729e..c8439e9 100644
--- a/plat/arm/board/juno/include/platform_def.h
+++ b/plat/arm/board/juno/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -156,7 +156,7 @@
*/
#if TRUSTED_BOARD_BOOT
#if TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA
-# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1F000) - JUNO_BL2_ROMLIB_OPTIMIZATION)
+# define PLAT_ARM_MAX_BL2_SIZE (UL(0x20000) - JUNO_BL2_ROMLIB_OPTIMIZATION)
#elif TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA
# define PLAT_ARM_MAX_BL2_SIZE (UL(0x1D000) - JUNO_BL2_ROMLIB_OPTIMIZATION)
#else
diff --git a/plat/arm/board/juno/juno_bl31_setup.c b/plat/arm/board/juno/juno_bl31_setup.c
index 7a0a6d9..2eec105 100644
--- a/plat/arm/board/juno/juno_bl31_setup.c
+++ b/plat/arm/board/juno/juno_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,7 +27,7 @@
arg1 = soc_fw_config_info->config_addr;
}
- arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
/*
* Initialize Interconnect for this cluster during cold boot.
diff --git a/plat/arm/board/juno/platform.mk b/plat/arm/board/juno/platform.mk
index 9530498..38ba0ed 100644
--- a/plat/arm/board/juno/platform.mk
+++ b/plat/arm/board/juno/platform.mk
@@ -1,17 +1,12 @@
#
-# Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2013-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
include common/fdt_wrappers.mk
-# Include GICv2 driver files
-include drivers/arm/gic/v2/gicv2.mk
-
-JUNO_GIC_SOURCES := ${GICV2_SOURCES} \
- plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c
+USE_GIC_DRIVER := 2
JUNO_INTERCONNECT_SOURCES := drivers/arm/cci/cci.c \
plat/arm/common/arm_cci.c
@@ -99,7 +94,6 @@
plat/arm/board/juno/juno_pm.c \
plat/arm/board/juno/juno_topology.c \
plat/arm/common/arm_nor_psci_mem_protect.c \
- ${JUNO_GIC_SOURCES} \
${JUNO_INTERCONNECT_SOURCES} \
${JUNO_SECURITY_SOURCES}
diff --git a/plat/arm/board/juno/sp_min/sp_min-juno.mk b/plat/arm/board/juno/sp_min/sp_min-juno.mk
index b3471c1..45a93c8 100644
--- a/plat/arm/board/juno/sp_min/sp_min-juno.mk
+++ b/plat/arm/board/juno/sp_min/sp_min-juno.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -14,7 +14,7 @@
plat/arm/board/juno/juno_topology.c \
plat/arm/common/arm_nor_psci_mem_protect.c \
plat/arm/soc/common/soc_css_security.c \
- ${JUNO_GIC_SOURCES} \
+ ${GIC_SOURCES} \
${JUNO_INTERCONNECT_SOURCES} \
${JUNO_SECURITY_SOURCES}
diff --git a/plat/arm/board/juno/tsp/tsp-juno.mk b/plat/arm/board/juno/tsp/tsp-juno.mk
index be75c4d..c7debf1 100644
--- a/plat/arm/board/juno/tsp/tsp-juno.mk
+++ b/plat/arm/board/juno/tsp/tsp-juno.mk
@@ -1,12 +1,12 @@
#
-# Copyright (c) 2014-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
BL32_SOURCES += plat/arm/board/juno/juno_topology.c \
plat/arm/css/common/css_topology.c \
- ${JUNO_GIC_SOURCES} \
+ ${GIC_SOURCES} \
${JUNO_SECURITY_SOURCES}
include plat/arm/common/tsp/arm_tsp.mk
diff --git a/plat/arm/board/morello/morello_pm.c b/plat/arm/board/morello/morello_pm.c
index fa7bd1d..30791cc 100644
--- a/plat/arm/board/morello/morello_pm.c
+++ b/plat/arm/board/morello/morello_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,5 +19,4 @@
void morello_pwr_domain_off(const psci_power_state_t *target_state)
{
css_pwr_domain_off(target_state);
- plat_arm_gic_redistif_off();
}
diff --git a/plat/arm/board/morello/platform.mk b/plat/arm/board/morello/platform.mk
index 8211c26..7653583 100644
--- a/plat/arm/board/morello/platform.mk
+++ b/plat/arm/board/morello/platform.mk
@@ -18,15 +18,9 @@
MORELLO_CPU_SOURCES := lib/cpus/aarch64/rainier.S
# GIC-600 configuration
+USE_GIC_DRIVER := 3
GICV3_SUPPORT_GIC600 := 1
-# Include GICv3 driver files
-include drivers/arm/gic/v3/gicv3.mk
-
-MORELLO_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c \
-
PLAT_BL_COMMON_SOURCES := ${MORELLO_BASE}/morello_plat.c \
${MORELLO_BASE}/aarch64/morello_helper.S
@@ -47,7 +41,6 @@
BL31_SOURCES := ${MORELLO_CPU_SOURCES} \
${INTERCONNECT_SOURCES} \
- ${MORELLO_GIC_SOURCES} \
${MORELLO_BASE}/morello_bl31_setup.c \
${MORELLO_BASE}/morello_pm.c \
${MORELLO_BASE}/morello_topology.c \
diff --git a/plat/arm/board/n1sdp/n1sdp_pm.c b/plat/arm/board/n1sdp/n1sdp_pm.c
index 8d45354..d89fb05 100644
--- a/plat/arm/board/n1sdp/n1sdp_pm.c
+++ b/plat/arm/board/n1sdp/n1sdp_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,5 +19,4 @@
void n1sdp_pwr_domain_off(const psci_power_state_t *target_state)
{
css_pwr_domain_off(target_state);
- plat_arm_gic_redistif_off();
}
diff --git a/plat/arm/board/n1sdp/platform.mk b/plat/arm/board/n1sdp/platform.mk
index f937ee7..218081c 100644
--- a/plat/arm/board/n1sdp/platform.mk
+++ b/plat/arm/board/n1sdp/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2023, Arm Limited. All rights reserved.
+# Copyright (c) 2018-2025, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -19,16 +19,10 @@
ARM_ARCH_MINOR := 2
# GIC-600 configuration
+USE_GIC_DRIVER := 3
GICV3_SUPPORT_GIC600 := 1
GICV3_IMPL_GIC600_MULTICHIP := 1
-# Include GICv3 driver files
-include drivers/arm/gic/v3/gicv3.mk
-
-N1SDP_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c \
-
PLAT_BL_COMMON_SOURCES := ${N1SDP_BASE}/n1sdp_plat.c \
${N1SDP_BASE}/aarch64/n1sdp_helper.S
@@ -49,7 +43,6 @@
BL31_SOURCES := ${N1SDP_CPU_SOURCES} \
${INTERCONNECT_SOURCES} \
- ${N1SDP_GIC_SOURCES} \
${N1SDP_BASE}/n1sdp_bl31_setup.c \
${N1SDP_BASE}/n1sdp_pm.c \
${N1SDP_BASE}/n1sdp_topology.c \
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_def1.h b/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_def1.h
deleted file mode 100644
index 74835f6..0000000
--- a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_def1.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- * This file is limited to include the CSS specific memory and interrupt map
- * definitions for the first generation platforms based on the A75, N1 and V1
- * CPUs. There are minor differences in the memory map of these platforms and
- * those differences are not in the scope of this file.
- */
-
-#ifndef NRD_CSS_DEF1_H
-#define NRD_CSS_DEF1_H
-
-/*******************************************************************************
- * CSS memory map related defines
- ******************************************************************************/
-
-/* On-Chip ROM */
-#define NRD_CSS_TRUSTED_ROM_BASE UL(0x00000000)
-#define NRD_CSS_TRUSTED_ROM_SIZE UL(0x00080000) /* 512KB */
-
-/* On-Chip RAM */
-#define NRD_CSS_TRUSTED_SRAM_SIZE UL(0x00080000) /* 512KB */
-#define NRD_CSS_NONTRUSTED_SRAM_BASE UL(0x06000000)
-#define NRD_CSS_NONTRUSTED_SRAM_SIZE UL(0x00080000) /* 512KB */
-
-/* PL011 UART */
-#define NRD_CSS_SEC_UART_BASE UL(0x2A410000)
-#define NRD_CSS_UART_SIZE UL(0x10000)
-
-/* CSS peripherals */
-#define NRD_CSS_PERIPH_BASE UL(0x20000000)
-#define NRD_CSS_PERIPH_SIZE UL(0x40000000)
-
-/* Secure Watchdog */
-#define NRD_CSS_WDOG_BASE UL(0x2A480000)
-
-/* DRAM2 */
-#define NRD_CSS_DRAM2_BASE ULL(0x8080000000)
-#define NRD_CSS_DRAM2_SIZE ULL(0x180000000)
-
-#endif /* NRD_CSS_DEF1_H */
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_fw_def1.h b/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_fw_def1.h
deleted file mode 100644
index 70a7d49..0000000
--- a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_fw_def1.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- * This file is limited to include the CSS firmware specific definitions for
- * the first generation platforms based on the A75, N1 and V1 CPUs.
- */
-
-#ifndef NRD1_CSS_FW_DEF1_H
-#define NRD1_CSS_FW_DEF1_H
-
-#include <nrd_css_def1.h>
-
-/*******************************************************************************
- * BL sizes
- ******************************************************************************/
-
-#define NRD_CSS_BL1_RW_SIZE UL(64 * 1024) /* 64KB */
-
-#if TRUSTED_BOARD_BOOT
-# define NRD_CSS_BL2_SIZE UL(0x28000)
-#else
-# define NRD_CSS_BL2_SIZE UL(0x14000)
-#endif
-
-/*
- * Since BL31 NOBITS overlays BL2 and BL1-RW, PLAT_ARM_MAX_BL31_SIZE is
- * calculated using the current BL31 PROGBITS debug size plus the sizes of BL2
- * and BL1-RW.
- */
-#define NRD_CSS_BL31_SIZE UL(116 * 1024) /* 116 KB */
-
-/*******************************************************************************
- * Console config
- ******************************************************************************/
-
-#define NRD_CSS_UART_CLK_IN_HZ UL(7372800)
-
-/*******************************************************************************
- * Watchdog config
- ******************************************************************************/
-
-#define NRD_CSS_WDOG_TIMEOUT UL(100)
-
-/*******************************************************************************
- * Platform ID
- ******************************************************************************/
-
-/* Platform ID address */
-#define SSC_VERSION (SSC_REG_BASE + SSC_VERSION_OFFSET)
-#ifndef __ASSEMBLER__
-/* SSC_VERSION related accessors */
-/* Returns the part number of the platform */
-#define GET_NRD_PART_NUM \
- GET_SSC_VERSION_PART_NUM(mmio_read_32(SSC_VERSION))
-/* Returns the configuration number of the platform */
-#define GET_NRD_CONFIG_NUM \
- GET_SSC_VERSION_CONFIG(mmio_read_32(SSC_VERSION))
-#endif /* __ASSEMBLER__ */
-
-/*******************************************************************************
- * MMU mappings
- ******************************************************************************/
-
-#define NRD_CSS_PERIPH_MMAP(n) \
- MAP_REGION_FLAT( \
- NRD_REMOTE_CHIP_MEM_OFFSET(n) + \
- NRD_CSS_PERIPH_BASE, \
- NRD_CSS_PERIPH_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
-
-#define NRD_CSS_SHARED_RAM_MMAP(n) \
- MAP_REGION_FLAT( \
- NRD_REMOTE_CHIP_MEM_OFFSET(n) + \
- ARM_SHARED_RAM_BASE, \
- ARM_SHARED_RAM_SIZE, \
- MT_NON_CACHEABLE | MT_RW | MT_SECURE)
-
-#if SPM_MM
-/*
- * Stand-alone MM logs would be routed via secure UART. Define page table
- * entry for secure UART which would be common to all platforms.
- */
-#define NRD_CSS_SECURE_UART_MMAP \
- MAP_REGION_FLAT( \
- NRD_CSS_SEC_UART_BASE, \
- NRD_CSS_UART_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE | MT_USER)
-#endif
-
-#endif /* NRD_CSS_FW_DEF1_H */
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_plat_arm_def1.h b/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_plat_arm_def1.h
deleted file mode 100644
index bca095c..0000000
--- a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_plat_arm_def1.h
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- * This file is limited to include the platform port definitions for the
- * first generation platforms based on the A75, N1 and V1 CPUs.
- */
-
-#ifndef NRD_PLAT_ARM_DEF1_H
-#define NRD_PLAT_ARM_DEF1_H
-
-#ifndef __ASSEMBLER__
-#include <lib/mmio.h>
-#endif /* __ASSEMBLER__ */
-
-#include <lib/utils_def.h>
-#include <lib/xlat_tables/xlat_tables_defs.h>
-#include <plat/arm/board/common/v2m_def.h>
-#include <plat/arm/common/arm_def.h>
-#include <plat/arm/common/arm_spm_def.h>
-#include <plat/arm/css/common/css_def.h>
-#include <plat/arm/soc/common/soc_css_def.h>
-#include <plat/common/common_def.h>
-#include <nrd_css_fw_def1.h>
-#include <nrd_ros_fw_def1.h>
-
-/*******************************************************************************
- * Core count
- ******************************************************************************/
-
-#define PLATFORM_CORE_COUNT (NRD_CHIP_COUNT * \
- PLAT_ARM_CLUSTER_COUNT * \
- NRD_MAX_CPUS_PER_CLUSTER * \
- NRD_MAX_PE_PER_CPU)
-
-/*******************************************************************************
- * PA/VA config
- ******************************************************************************/
-
-#ifdef __aarch64__
-#define PLAT_PHY_ADDR_SPACE_SIZE NRD_REMOTE_CHIP_MEM_OFFSET( \
- NRD_CHIP_COUNT)
-#define PLAT_VIRT_ADDR_SPACE_SIZE NRD_REMOTE_CHIP_MEM_OFFSET( \
- NRD_CHIP_COUNT)
-#else
-#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
-#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
-#endif
-
-/*******************************************************************************
- * XLAT definitions
- ******************************************************************************/
-
-#if defined(IMAGE_BL31)
-# if SPM_MM || (SPMC_AT_EL3 && SPMC_AT_EL3_SEL0_SP)
-# define PLAT_ARM_MMAP_ENTRIES (10 + ((NRD_CHIP_COUNT - 1) * 3))
-# define MAX_XLAT_TABLES (11 + ((NRD_CHIP_COUNT - 1) * 3))
-# define PLAT_SP_IMAGE_MMAP_REGIONS U(12)
-# define PLAT_SP_IMAGE_MAX_XLAT_TABLES U(14)
-# else
-# define PLAT_ARM_MMAP_ENTRIES (5 + ((NRD_CHIP_COUNT - 1) * 3))
-# define MAX_XLAT_TABLES (6 + ((NRD_CHIP_COUNT - 1) * 3))
-# endif
-#elif defined(IMAGE_BL32)
-# define PLAT_ARM_MMAP_ENTRIES U(8)
-# define MAX_XLAT_TABLES U(5)
-#elif defined(IMAGE_BL2)
-# define PLAT_ARM_MMAP_ENTRIES (11 + (NRD_CHIP_COUNT - 1))
-
-/*
- * MAX_XLAT_TABLES entries need to be doubled because when the address width
- * exceeds 40 bits an additional level of translation is required. In case of
- * multichip platforms peripherals also fall into address space with width
- * > 40 bits.
- */
-# define MAX_XLAT_TABLES (11 + ((NRD_CHIP_COUNT - 1) * 2))
-#elif !USE_ROMLIB
-# define PLAT_ARM_MMAP_ENTRIES U(11)
-# define MAX_XLAT_TABLES U(7)
-#else
-# define PLAT_ARM_MMAP_ENTRIES U(12)
-# define MAX_XLAT_TABLES U(6)
-#endif
-
-/*******************************************************************************
- * Stack size
- ******************************************************************************/
-
-#if defined(IMAGE_BL1)
-# if TRUSTED_BOARD_BOOT
-# define PLATFORM_STACK_SIZE U(0x1000)
-# else
-# define PLATFORM_STACK_SIZE U(0x440)
-# endif
-#elif defined(IMAGE_BL2)
-# if TRUSTED_BOARD_BOOT
-# define PLATFORM_STACK_SIZE U(0x1000)
-# else
-# define PLATFORM_STACK_SIZE U(0x400)
-# endif
-#elif defined(IMAGE_BL2U)
-# define PLATFORM_STACK_SIZE U(0x400)
-#elif defined(IMAGE_BL31)
-# if SPM_MM
-# define PLATFORM_STACK_SIZE U(0x500)
-# else
-# define PLATFORM_STACK_SIZE U(0x400)
-# endif
-#elif defined(IMAGE_BL32)
-# define PLATFORM_STACK_SIZE U(0x440)
-#endif
-
-#if (SPM_MM || (SPMC_AT_EL3 && SPMC_AT_EL3_SEL0_SP))
-/*
- * Secure partition stack follows right after the memory region that is shared
- * between EL3 and S-EL0.
- */
-#define PLAT_ARM_SP_IMAGE_STACK_BASE (PLAT_SP_IMAGE_NS_BUF_BASE + \
- PLAT_SP_IMAGE_NS_BUF_SIZE)
-#endif /* SPM_MM || (SPMC_AT_EL3 && SPMC_AT_EL3_SEL0_SP) */
-
-/*******************************************************************************
- * BL sizes
- ******************************************************************************/
-
-#if USE_ROMLIB
-#define PLAT_ARM_MAX_ROMLIB_RW_SIZE U(0x1000)
-#define PLAT_ARM_MAX_ROMLIB_RO_SIZE U(0xe000)
-#else
-#define PLAT_ARM_MAX_ROMLIB_RW_SIZE U(0)
-#define PLAT_ARM_MAX_ROMLIB_RO_SIZE U(0)
-#endif
-
-#define PLAT_ARM_MAX_BL1_RW_SIZE NRD_CSS_BL1_RW_SIZE
-
-/*
- * PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
- * little space for growth. Additional 8KiB space is added per chip in
- * order to accommodate the additional level of translation required for "TZC"
- * peripheral access which lies in >4TB address space.
- *
- */
-#define PLAT_ARM_MAX_BL2_SIZE (NRD_CSS_BL2_SIZE + \
- ((NRD_CHIP_COUNT - 1) * 0x2000))
-
-#define PLAT_ARM_MAX_BL31_SIZE (NRD_CSS_BL31_SIZE + \
- PLAT_ARM_MAX_BL2_SIZE + \
- PLAT_ARM_MAX_BL1_RW_SIZE)
-
-/*******************************************************************************
- * ROM, SRAM and DRAM config
- ******************************************************************************/
-
-#define PLAT_ARM_TRUSTED_SRAM_SIZE NRD_CSS_TRUSTED_SRAM_SIZE
-
-#define PLAT_ARM_TRUSTED_ROM_BASE NRD_CSS_TRUSTED_ROM_BASE
-#define PLAT_ARM_TRUSTED_ROM_SIZE NRD_CSS_TRUSTED_ROM_SIZE
-
-#define PLAT_ARM_NSRAM_BASE NRD_CSS_NONTRUSTED_SRAM_BASE
-#define PLAT_ARM_NSRAM_SIZE NRD_CSS_NONTRUSTED_SRAM_SIZE
-
-#define PLAT_ARM_DRAM2_BASE NRD_CSS_DRAM2_BASE
-#define PLAT_ARM_DRAM2_SIZE NRD_CSS_DRAM2_SIZE
-
-/*******************************************************************************
- * Console config
- ******************************************************************************/
-
-#define PLAT_ARM_BOOT_UART_BASE NRD_CSS_SEC_UART_BASE
-#define PLAT_ARM_BOOT_UART_CLK_IN_HZ NRD_CSS_UART_CLK_IN_HZ
-
-#define PLAT_ARM_RUN_UART_BASE NRD_CSS_SEC_UART_BASE
-#define PLAT_ARM_RUN_UART_CLK_IN_HZ NRD_CSS_UART_CLK_IN_HZ
-
-#define PLAT_ARM_CRASH_UART_BASE NRD_CSS_SEC_UART_BASE
-#define PLAT_ARM_CRASH_UART_CLK_IN_HZ NRD_CSS_UART_CLK_IN_HZ
-
-/*******************************************************************************
- * Timer config
- ******************************************************************************/
-
-#define PLAT_ARM_NSTIMER_FRAME_ID (0)
-
-/*******************************************************************************
- * Power config
- ******************************************************************************/
-
-#define CSS_SYSTEM_PWR_DMN_LVL ARM_PWR_LVL2
-#define PLAT_MAX_PWR_LVL ARM_PWR_LVL1
-
-/*******************************************************************************
- * Flash config
- ******************************************************************************/
-
-#define PLAT_ARM_FLASH_IMAGE_BASE V2M_FLASH0_BASE
-#define PLAT_ARM_FLASH_IMAGE_MAX_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
-#define PLAT_ARM_NVM_BASE V2M_FLASH0_BASE
-#define PLAT_ARM_NVM_SIZE (V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
-#define PLAT_ARM_MEM_PROT_ADDR (V2M_FLASH0_BASE + \
- V2M_FLASH0_SIZE - V2M_FLASH_BLOCK_SIZE)
-/* IO storage framework */
-#define MAX_IO_DEVICES U(3)
-#define MAX_IO_HANDLES U(4)
-
-/*******************************************************************************
- * SCMI config
- ******************************************************************************/
-
-/* Number of SCMI channels on the platform */
-#define PLAT_ARM_SCMI_CHANNEL_COUNT NRD_CHIP_COUNT
-
-/*******************************************************************************
- * SDS config
- ******************************************************************************/
-
-/* Index of SDS region used in the communication with SCP */
-#define SDS_SCP_AP_REGION_ID U(0)
-/* SDS ID for unusable CPU MPID list structure */
-#define SDS_ISOLATED_CPU_LIST_ID U(128)
-
-/*******************************************************************************
- * GIC/EHF config
- ******************************************************************************/
-
-#define PLAT_ARM_G1S_IRQ_PROPS(grp) CSS_G1S_IRQ_PROPS(grp)
-#define PLAT_ARM_G0_IRQ_PROPS(grp) ARM_G0_IRQ_PROPS(grp)
-#define PLAT_SP_PRI U(0x10)
-
-/*******************************************************************************
- * Platform type identification macro
- ******************************************************************************/
-
-/* Platform ID related accessors */
-#define BOARD_CSS_PLAT_ID_REG_ID_MASK U(0x0f)
-#define BOARD_CSS_PLAT_ID_REG_ID_SHIFT U(0x0)
-#define BOARD_CSS_PLAT_TYPE_EMULATOR U(0x02)
-
-#ifndef __ASSEMBLER__
-#define BOARD_CSS_GET_PLAT_TYPE(addr) \
- ((mmio_read_32(addr) & BOARD_CSS_PLAT_ID_REG_ID_MASK) \
- >> BOARD_CSS_PLAT_ID_REG_ID_SHIFT)
-#endif /* __ASSEMBLER__ */
-
-/* Platform ID address */
-#define BOARD_CSS_PLAT_ID_REG_ADDR NRD_ROS_PLATFORM_BASE + \
- UL(0x00fe00e0)
-
-#endif /* NRD_PLAT_ARM_DEF1_H */
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_def1.h b/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_def1.h
deleted file mode 100644
index b86ab21..0000000
--- a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_def1.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- * This file is limited to include the RoS specific definitions for the first
- * generation platforms based on the A75, N1 and V1 CPUs. RoS (Rest Of System)
- * is used to refer to the part of the reference design platform that excludes
- * CSS.
- */
-
-#ifndef NRD_ROS_DEF1_H
-#define NRD_ROS_DEF1_H
-
-/*******************************************************************************
- * ROS configs
- ******************************************************************************/
-
-/* RoS Peripherals */
-#define NRD_ROS_PERIPH_BASE UL(0x60000000)
-#define NRD_ROS_PERIPH_SIZE UL(0x20000000)
-
-/* System Reg */
-#define NRD_ROS_SYSTEMREG_BASE UL(0x1C010000)
-#define NRD_ROS_SYSTEMREG_SIZE UL(0x00010000)
-
-/* NOR Flash 2 */
-#define NRD_ROS_NOR2_FLASH_BASE UL(0x10000000)
-#define NRD_ROS_NOR2_FLASH_SIZE UL(0x04000000)
-
-/* RoS Platform */
-#define NRD_ROS_PLATFORM_BASE UL(0x7F000000)
-#define NRD_ROS_PLATFORM_SIZE UL(0x20000000)
-
-#endif /* NRD_ROS_DEF1_H */
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_fw_def1.h b/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_fw_def1.h
deleted file mode 100644
index c521043..0000000
--- a/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_fw_def1.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- * This file is limited to include the RoS firmware specific definitions for the
- * first generation platforms based on the A75, N1 and V1 CPUs. RoS (Rest Of
- * System) is used to refer to the part of the reference design platform that
- * excludes CSS.
- */
-
-#ifndef NRD_ROS_FW_DEF1_H
-#define NRD_ROS_FW_DEF1_H
-
-#include <nrd_ros_def1.h>
-
-/*******************************************************************************
- * MMU mapping
- ******************************************************************************/
-
-#define NRD_ROS_PERIPH_MMAP(n) \
- MAP_REGION_FLAT( \
- NRD_REMOTE_CHIP_MEM_OFFSET(n) + \
- NRD_ROS_PERIPH_BASE, \
- NRD_ROS_PERIPH_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE)
-
-#define NRD_ROS_SECURE_SYSTEMREG_USER_MMAP \
- MAP_REGION_FLAT( \
- NRD_ROS_SYSTEMREG_BASE, \
- NRD_ROS_SYSTEMREG_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE | MT_USER)
-
-#define NRD_ROS_SECURE_NOR2_USER_MMAP \
- MAP_REGION_FLAT( \
- NRD_ROS_NOR2_FLASH_BASE, \
- NRD_ROS_NOR2_FLASH_SIZE, \
- MT_DEVICE | MT_RW | MT_SECURE | MT_USER)
-
-#define NRD_MAP_FLASH0_RO \
- MAP_REGION_FLAT( \
- V2M_FLASH0_BASE, \
- V2M_FLASH0_SIZE, \
- MT_DEVICE | MT_RO | MT_SECURE)
-
-/*******************************************************************************
- * TZ config
- ******************************************************************************/
-
-/*
- * Mapping definition of the TrustZone Controller for Arm Neoverse RD platforms
- * where both the DRAM regions are marked for non-secure access. This applies
- * to multi-chip platforms.
- */
-#define NRD_ROS_TZC_NS_REMOTE_REGIONS_DEF(n) \
- {NRD_REMOTE_CHIP_MEM_OFFSET(n) + ARM_DRAM1_BASE, \
- NRD_REMOTE_CHIP_MEM_OFFSET(n) + ARM_DRAM1_END, \
- ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- {NRD_REMOTE_CHIP_MEM_OFFSET(n) + ARM_DRAM2_BASE, \
- NRD_REMOTE_CHIP_MEM_OFFSET(n) + ARM_DRAM2_END, \
- ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS}
-
-#endif /* NRD_ROS_FW_DEF1_H */
diff --git a/plat/arm/board/neoverse_rd/common/include/nrd_variant.h b/plat/arm/board/neoverse_rd/common/include/nrd_variant.h
index 86d82e2..901cbf1 100644
--- a/plat/arm/board/neoverse_rd/common/include/nrd_variant.h
+++ b/plat/arm/board/neoverse_rd/common/include/nrd_variant.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,16 +7,6 @@
#ifndef NRD_VARIANT_H
#define NRD_VARIANT_H
-/* SSC_VERSION values for SGI575 */
-#define SGI575_SSC_VER_PART_NUM 0x0783
-
-/* SID Version values for RD-N1E1-Edge */
-#define RD_N1E1_EDGE_SID_VER_PART_NUM 0x0786
-#define RD_E1_EDGE_CONFIG_ID 0x2
-
-/* SID Version values for RD-V1 */
-#define RD_V1_SID_VER_PART_NUM 0x078a
-
/* SID Version values for RD-N2 */
#define RD_N2_SID_VER_PART_NUM 0x07B7
diff --git a/plat/arm/board/neoverse_rd/common/nrd-common.mk b/plat/arm/board/neoverse_rd/common/nrd-common.mk
index a09f369..acc5a47 100644
--- a/plat/arm/board/neoverse_rd/common/nrd-common.mk
+++ b/plat/arm/board/neoverse_rd/common/nrd-common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -30,15 +30,9 @@
PLAT_INCLUDES += -I${NRD_COMMON_BASE}/include
# GIC-600 configuration
+USE_GIC_DRIVER := 3
GICV3_SUPPORT_GIC600 := 1
-# Include GICv3 driver files
-include drivers/arm/gic/v3/gicv3.mk
-
-ENT_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c
-
PLAT_BL_COMMON_SOURCES += ${NRD_COMMON_BASE}/arch/aarch64/nrd_helper.S
BL1_SOURCES += ${INTERCONNECT_SOURCES} \
@@ -49,7 +43,6 @@
drivers/arm/css/sds/sds.c
BL31_SOURCES += ${INTERCONNECT_SOURCES} \
- ${ENT_GIC_SOURCES} \
${NRD_COMMON_BASE}/nrd_bl31_setup.c \
${NRD_COMMON_BASE}/nrd_topology.c \
drivers/delay_timer/generic_delay_timer.c
diff --git a/plat/arm/board/neoverse_rd/common/nrd_bl31_setup.c b/plat/arm/board/neoverse_rd/common/nrd_bl31_setup.c
index 2dd8b45..3ad586b 100644
--- a/plat/arm/board/neoverse_rd/common/nrd_bl31_setup.c
+++ b/plat/arm/board/neoverse_rd/common/nrd_bl31_setup.c
@@ -24,14 +24,6 @@
nrd_platform_info_t nrd_plat_info;
-static scmi_channel_plat_info_t sgi575_scmi_plat_info = {
- .scmi_mbx_mem = CSS_SCMI_PAYLOAD_BASE,
- .db_reg_addr = PLAT_CSS_MHU_BASE + CSS_SCMI_MHU_DB_REG_OFF,
- .db_preserve_mask = 0xfffffffe,
- .db_modify_mask = 0x1,
- .ring_doorbell = &mhu_ring_doorbell,
-};
-
static scmi_channel_plat_info_t plat_rd_scmi_info[] = {
{
.scmi_mbx_mem = CSS_SCMI_PAYLOAD_BASE,
@@ -123,9 +115,7 @@
scmi_channel_plat_info_t *plat_css_get_scmi_info(unsigned int channel_id)
{
- if (nrd_plat_info.platform_id == RD_N1E1_EDGE_SID_VER_PART_NUM ||
- nrd_plat_info.platform_id == RD_V1_SID_VER_PART_NUM ||
- nrd_plat_info.platform_id == RD_N2_SID_VER_PART_NUM ||
+ if (nrd_plat_info.platform_id == RD_N2_SID_VER_PART_NUM ||
nrd_plat_info.platform_id == RD_V2_SID_VER_PART_NUM ||
nrd_plat_info.platform_id == RD_N2_CFG1_SID_VER_PART_NUM ||
nrd_plat_info.platform_id == RD_N2_CFG3_SID_VER_PART_NUM) {
@@ -140,8 +130,6 @@
panic();
}
return &plat3_rd_scmi_info[channel_id];
- } else if (nrd_plat_info.platform_id == SGI575_SSC_VER_PART_NUM) {
- return &sgi575_scmi_plat_info;
} else {
panic();
}
@@ -179,7 +167,7 @@
arg1 = soc_fw_config_info->config_addr;
}
#endif /* SPMD_SPM_AT_SEL2 && !RESET_TO_BL31 */
- arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
}
/*******************************************************************************
@@ -267,19 +255,5 @@
const plat_psci_ops_t *plat_arm_psci_override_pm_ops(plat_psci_ops_t *ops)
{
- /*
- * For RD-E1-Edge, only CPU power ON/OFF, PSCI platform callbacks are
- * supported.
- */
- if (((nrd_plat_info.platform_id == RD_N1E1_EDGE_SID_VER_PART_NUM) &&
- (nrd_plat_info.config_id == RD_E1_EDGE_CONFIG_ID))) {
- ops->cpu_standby = NULL;
- ops->system_off = NULL;
- ops->system_reset = NULL;
- ops->get_sys_suspend_power_state = NULL;
- ops->pwr_domain_suspend = NULL;
- ops->pwr_domain_suspend_finish = NULL;
- }
-
return css_scmi_override_pm_ops(ops);
}
diff --git a/plat/arm/board/neoverse_rd/common/nrd_interconnect.c b/plat/arm/board/neoverse_rd/common/nrd_interconnect.c
index 4f9cc85..af8980d 100644
--- a/plat/arm/board/neoverse_rd/common/nrd_interconnect.c
+++ b/plat/arm/board/neoverse_rd/common/nrd_interconnect.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2018-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,12 +8,6 @@
#include <common/debug.h>
#include <plat/arm/common/plat_arm.h>
-/*
- * For SGI575 which support FCM (with automatic interconnect enter/exit),
- * we should not do anything in these interface functions.
- * They are used to override the weak functions in cci drivers.
- */
-
/******************************************************************************
* Helper function to initialize ARM interconnect driver.
*****************************************************************************/
diff --git a/plat/arm/board/neoverse_rd/common/nrd_plat1.c b/plat/arm/board/neoverse_rd/common/nrd_plat1.c
deleted file mode 100644
index 32444f4..0000000
--- a/plat/arm/board/neoverse_rd/common/nrd_plat1.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <assert.h>
-
-#include <platform_def.h>
-
-#include <common/bl_common.h>
-#include <common/debug.h>
-#include <drivers/arm/ccn.h>
-#include <drivers/arm/css/sds.h>
-#include <lib/utils_def.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-#include <drivers/arm/sbsa.h>
-
-#if SPM_MM
-#include <services/spm_mm_partition.h>
-#endif
-
-/*
- * Table of regions for different BL stages to map using the MMU.
- * This doesn't include Trusted RAM as the 'mem_layout' argument passed to
- * arm_configure_mmu_elx() will give the available subset of that.
- *
- * Replace or extend the below regions as required
- */
-#if IMAGE_BL1
-const mmap_region_t plat_arm_mmap[] = {
- ARM_MAP_SHARED_RAM,
- NRD_MAP_FLASH0_RO,
- NRD_CSS_PERIPH_MMAP(0),
- NRD_ROS_PERIPH_MMAP(0),
- {0}
-};
-#endif
-#if IMAGE_BL2
-const mmap_region_t plat_arm_mmap[] = {
- ARM_MAP_SHARED_RAM,
- NRD_MAP_FLASH0_RO,
-#ifdef PLAT_ARM_MEM_PROT_ADDR
- ARM_V2M_MAP_MEM_PROTECT,
-#endif
- NRD_CSS_PERIPH_MMAP(0),
- NRD_ROS_PERIPH_MMAP(0),
- ARM_MAP_NS_DRAM1,
-#if NRD_CHIP_COUNT > 1
- NRD_CSS_PERIPH_MMAP(1),
-#endif
-#if NRD_CHIP_COUNT > 2
- NRD_CSS_PERIPH_MMAP(2),
-#endif
-#if NRD_CHIP_COUNT > 3
- NRD_CSS_PERIPH_MMAP(3),
-#endif
-#if ARM_BL31_IN_DRAM
- ARM_MAP_BL31_SEC_DRAM,
-#endif
-#if SPM_MM
- ARM_SP_IMAGE_MMAP,
-#endif
-#if TRUSTED_BOARD_BOOT && !RESET_TO_BL2
- ARM_MAP_BL1_RW,
-#endif
- {0}
-};
-#endif
-#if IMAGE_BL31
-const mmap_region_t plat_arm_mmap[] = {
- ARM_MAP_SHARED_RAM,
- V2M_MAP_IOFPGA,
- NRD_CSS_PERIPH_MMAP(0),
-#ifdef PLAT_ARM_MEM_PROT_ADDR
- ARM_V2M_MAP_MEM_PROTECT,
-#endif
- NRD_ROS_PERIPH_MMAP(0),
-#if SPM_MM
- ARM_SPM_BUF_EL3_MMAP,
-#endif
- {0}
-};
-
-#if SPM_MM && defined(IMAGE_BL31)
-const mmap_region_t plat_arm_secure_partition_mmap[] = {
- NRD_ROS_SECURE_SYSTEMREG_USER_MMAP,
- NRD_ROS_SECURE_NOR2_USER_MMAP,
- NRD_CSS_SECURE_UART_MMAP,
- ARM_SP_IMAGE_MMAP,
- ARM_SP_IMAGE_NS_BUF_MMAP,
- ARM_SP_IMAGE_RW_MMAP,
- ARM_SPM_BUF_EL0_MMAP,
- {0}
-};
-#endif /* SPM_MM && defined(IMAGE_BL31) */
-#endif
-
-ARM_CASSERT_MMAP
-
-#if SPM_MM && defined(IMAGE_BL31)
-/*
- * Boot information passed to a secure partition during initialisation. Linear
- * indices in MP information will be filled at runtime.
- */
-static spm_mm_mp_info_t sp_mp_info[] = {
- [0] = {0x81000000, 0},
- [1] = {0x81000100, 0},
- [2] = {0x81000200, 0},
- [3] = {0x81000300, 0},
- [4] = {0x81010000, 0},
- [5] = {0x81010100, 0},
- [6] = {0x81010200, 0},
- [7] = {0x81010300, 0},
-};
-
-const spm_mm_boot_info_t plat_arm_secure_partition_boot_info = {
- .h.type = PARAM_SP_IMAGE_BOOT_INFO,
- .h.version = VERSION_1,
- .h.size = sizeof(spm_mm_boot_info_t),
- .h.attr = 0,
- .sp_mem_base = ARM_SP_IMAGE_BASE,
- .sp_mem_limit = ARM_SP_IMAGE_LIMIT,
- .sp_image_base = ARM_SP_IMAGE_BASE,
- .sp_stack_base = PLAT_SP_IMAGE_STACK_BASE,
- .sp_heap_base = ARM_SP_IMAGE_HEAP_BASE,
- .sp_ns_comm_buf_base = PLAT_SP_IMAGE_NS_BUF_BASE,
- .sp_shared_buf_base = PLAT_SPM_BUF_BASE,
- .sp_image_size = ARM_SP_IMAGE_SIZE,
- .sp_pcpu_stack_size = PLAT_SP_IMAGE_STACK_PCPU_SIZE,
- .sp_heap_size = ARM_SP_IMAGE_HEAP_SIZE,
- .sp_ns_comm_buf_size = PLAT_SP_IMAGE_NS_BUF_SIZE,
- .sp_shared_buf_size = PLAT_SPM_BUF_SIZE,
- .num_sp_mem_regions = ARM_SP_IMAGE_NUM_MEM_REGIONS,
- .num_cpus = PLATFORM_CORE_COUNT,
- .mp_info = &sp_mp_info[0],
-};
-
-const struct mmap_region *plat_get_secure_partition_mmap(void *cookie)
-{
- return plat_arm_secure_partition_mmap;
-}
-
-const struct spm_mm_boot_info *plat_get_secure_partition_boot_info(
- void *cookie)
-{
- return &plat_arm_secure_partition_boot_info;
-}
-#endif /* SPM_MM && defined(IMAGE_BL31) */
-
-#if TRUSTED_BOARD_BOOT
-int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
-{
- assert(heap_addr != NULL);
- assert(heap_size != NULL);
-
- return arm_get_mbedtls_heap(heap_addr, heap_size);
-}
-#endif
-
-void plat_arm_secure_wdt_start(void)
-{
- sbsa_wdog_start(NRD_CSS_WDOG_BASE, NRD_CSS_WDOG_TIMEOUT);
-}
-
-void plat_arm_secure_wdt_stop(void)
-{
- sbsa_wdog_stop(NRD_CSS_WDOG_BASE);
-}
-
-static sds_region_desc_t nrd_sds_regions[] = {
- { .base = PLAT_ARM_SDS_MEM_BASE },
-};
-
-sds_region_desc_t *plat_sds_get_regions(unsigned int *region_count)
-{
- *region_count = ARRAY_SIZE(nrd_sds_regions);
-
- return nrd_sds_regions;
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_fw_config.dts
deleted file mode 100644
index 085a42a..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_fw_config.dts
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/tbbr/tbbr_img_def.h>
-
-/dts-v1/;
-/ {
- dtb-registry {
- compatible = "fconf,dyn_cfg-dtb_registry";
-
- tb_fw-config {
- load-address = <0x0 0x4001300>;
- max-size = <0x200>;
- id = <TB_FW_CONFIG_ID>;
- };
-
- nt_fw-config {
- load-address = <0x0 0xFEF00000>;
- max-size = <0x0100000>;
- id = <NT_FW_CONFIG_ID>;
- };
- };
-};
-
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_nt_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_nt_fw_config.dts
deleted file mode 100644
index 3cef0d1..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_nt_fw_config.dts
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-/ {
- /* compatible string */
- compatible = "arm,rd-n1edge";
-
- /*
- * Place holder for system-id node with default values. The
- * value of platform-id and config-id will be set to the
- * correct values during the BL2 stage of boot.
- */
- system-id {
- platform-id = <0x0>;
- config-id = <0x0>;
- multi-chip-mode = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_tb_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_tb_fw_config.dts
deleted file mode 100644
index 78cd5a8..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_tb_fw_config.dts
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-/ {
- tb_fw-config {
- compatible = "arm,tb_fw";
-
- /* Disable authentication for development */
- disable_auth = <0x0>;
-
- /*
- * The following two entries are placeholders for Mbed TLS
- * heap information. The default values don't matter since
- * they will be overwritten by BL1.
- * In case of having shared Mbed TLS heap between BL1 and BL2,
- * BL1 will populate these two properties with the respective
- * info about the shared heap. This info will be available for
- * BL2 in order to locate and re-use the heap.
- */
- mbedtls_heap_addr = <0x0 0x0>;
- mbedtls_heap_size = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/include/platform_def.h b/plat/arm/board/neoverse_rd/platform/rdn1edge/include/platform_def.h
deleted file mode 100644
index 5357c31..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/include/platform_def.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLATFORM_DEF_H
-#define PLATFORM_DEF_H
-
-#include <lib/utils_def.h>
-#include <nrd_css_fw_def1.h>
-#include <nrd_plat_arm_def1.h>
-#include <nrd_ros_fw_def1.h>
-#include <nrd_sdei.h>
-
-/* Remote chip address offset */
-#define NRD_REMOTE_CHIP_MEM_OFFSET(n) \
- ((ULL(1) << NRD_ADDR_BITS_PER_CHIP) * (n))
-
-#define PLAT_ARM_CLUSTER_COUNT U(2)
-#define NRD_MAX_CPUS_PER_CLUSTER U(4)
-#define NRD_MAX_PE_PER_CPU U(1)
-
-#define PLAT_CSS_MHU_BASE UL(0x45400000)
-
-/* Base address of DMC-620 instances */
-#define RDN1EDGE_DMC620_BASE0 UL(0x4e000000)
-#define RDN1EDGE_DMC620_BASE1 UL(0x4e100000)
-
-/* Virtual address used by dynamic mem_protect for chunk_base */
-#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
-
-/* Maximum number of address bits used per chip */
-#define NRD_ADDR_BITS_PER_CHIP U(42)
-
-/* GIC related constants */
-#define PLAT_ARM_GICD_BASE UL(0x30000000)
-#define PLAT_ARM_GICR_BASE UL(0x300C0000)
-
-/* GIC SPI range for multichip */
-#define NRD_CHIP0_SPI_MIN U(32)
-#define NRD_CHIP0_SPI_MAX U(991)
-
-#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/platform.mk b/plat/arm/board/neoverse_rd/platform/rdn1edge/platform.mk
deleted file mode 100644
index 4892804..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/platform.mk
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-# GIC-600 configuration
-GICV3_IMPL_GIC600_MULTICHIP := 1
-
-include plat/arm/board/neoverse_rd/common/nrd-common.mk
-
-RDN1EDGE_BASE = plat/arm/board/neoverse_rd/platform/rdn1edge
-
-PLAT_INCLUDES += -I${NRD_COMMON_BASE}/include/nrd1/ \
- -I${RDN1EDGE_BASE}/include/
-
-NRD_CPU_SOURCES := lib/cpus/aarch64/neoverse_n1.S
-
-PLAT_BL_COMMON_SOURCES += ${NRD_COMMON_BASE}/nrd_plat1.c
-
-BL1_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDN1EDGE_BASE}/rdn1edge_err.c
-
-BL2_SOURCES += ${RDN1EDGE_BASE}/rdn1edge_plat.c \
- ${RDN1EDGE_BASE}/rdn1edge_security.c \
- ${RDN1EDGE_BASE}/rdn1edge_err.c \
- drivers/arm/tzc/tzc_dmc620.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-BL31_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDN1EDGE_BASE}/rdn1edge_plat.c \
- ${RDN1EDGE_BASE}/rdn1edge_topology.c \
- drivers/cfi/v2m/v2m_flash.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-ifeq (${TRUSTED_BOARD_BOOT}, 1)
-BL1_SOURCES += ${RDN1EDGE_BASE}/rdn1edge_trusted_boot.c
-BL2_SOURCES += ${RDN1EDGE_BASE}/rdn1edge_trusted_boot.c
-endif
-
-# Enable dynamic addition of MMAP regions in BL31
-BL31_CPPFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
-
-# Add the FDT_SOURCES and options for Dynamic Config
-FDT_SOURCES += ${RDN1EDGE_BASE}/fdts/${PLAT}_fw_config.dts \
- ${RDN1EDGE_BASE}/fdts/${PLAT}_tb_fw_config.dts
-FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_fw_config.dtb
-TB_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_tb_fw_config.dtb
-
-# Add the FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${FW_CONFIG},--fw-config,${FW_CONFIG}))
-# Add the TB_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${TB_FW_CONFIG},--tb-fw-config,${TB_FW_CONFIG}))
-
-FDT_SOURCES += ${RDN1EDGE_BASE}/fdts/${PLAT}_nt_fw_config.dts
-NT_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_nt_fw_config.dtb
-
-# Add the NT_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${NT_FW_CONFIG},--nt-fw-config,${NT_FW_CONFIG}))
-
-$(eval $(call CREATE_SEQ,SEQ,2))
-ifneq ($(NRD_CHIP_COUNT),$(filter $(NRD_CHIP_COUNT),$(SEQ)))
- $(error "Chip count for RDN1Edge platform should be one of $(SEQ), currently \
- set to ${NRD_CHIP_COUNT}.")
-endif
-
-ifneq ($(NRD_PLATFORM_VARIANT),0)
- $(error "NRD_PLATFORM_VARIANT for RD-N1-Edge should always be 0, \
- currently set to ${NRD_PLATFORM_VARIANT}.")
-endif
-
-ifneq (${RESET_TO_BL31},0)
- $(error "Using BL31 as the reset vector is not supported on ${PLAT} platform. \
- Please set RESET_TO_BL31 to 0.")
-endif
-
-override CTX_INCLUDE_AARCH32_REGS := 0
-override SPMD_SPM_AT_SEL2 := 0
-
-# Enable the flag since RD-N1-EDGE has a system level cache
-NEOVERSE_Nx_EXTERNAL_LLC := 1
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_err.c b/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_err.c
deleted file mode 100644
index 273e1f4..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_err.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * rdn1edge error handler
- */
-void __dead2 plat_arm_error_handler(int err)
-{
- while (true) {
- wfi();
- }
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_plat.c b/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_plat.c
deleted file mode 100644
index 5cbdd5f..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_plat.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/debug.h>
-#include <drivers/arm/gic600_multichip.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-
-#include <nrd_plat.h>
-
-#define RT_OWNER 0
-
-#if defined(IMAGE_BL31)
-static const mmap_region_t rdn1edge_dynamic_mmap[] = {
- NRD_CSS_SHARED_RAM_MMAP(1),
- NRD_CSS_PERIPH_MMAP(1),
- NRD_ROS_PERIPH_MMAP(1)
-};
-
-static struct gic600_multichip_data rdn1e1_multichip_data __init = {
- .base_addrs = {
- PLAT_ARM_GICD_BASE
- },
- .rt_owner = RT_OWNER,
- .chip_count = NRD_CHIP_COUNT,
- .chip_addrs = {
- [RT_OWNER] = {
- PLAT_ARM_GICD_BASE >> 16,
- (PLAT_ARM_GICD_BASE
- + NRD_REMOTE_CHIP_MEM_OFFSET(1)) >> 16
- }
- },
- .spi_ids = {
- {PLAT_ARM_GICD_BASE,
- NRD_CHIP0_SPI_MIN,
- NRD_CHIP0_SPI_MAX},
- {0, 0, 0}
- }
-};
-
-static uintptr_t rdn1e1_multichip_gicr_frames[] = {
- PLAT_ARM_GICR_BASE, /* Chip 0's GICR Base */
- PLAT_ARM_GICR_BASE +
- NRD_REMOTE_CHIP_MEM_OFFSET(1), /* Chip 1's GICR BASE */
- UL(0) /* Zero Termination */
-};
-#endif /* IMAGE_BL31 */
-
-unsigned int plat_arm_nrd_get_platform_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_ID_OFFSET)
- & SID_SYSTEM_ID_PART_NUM_MASK;
-}
-
-unsigned int plat_arm_nrd_get_config_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_CFG_OFFSET);
-}
-
-unsigned int plat_arm_nrd_get_multi_chip_mode(void)
-{
- return (mmio_read_32(SID_REG_BASE + SID_NODE_ID_OFFSET) &
- SID_MULTI_CHIP_MODE_MASK) >> SID_MULTI_CHIP_MODE_SHIFT;
-}
-
-/*
- * IMAGE_BL31 macro is added to build bl31_platform_setup function only for BL31
- * because PLAT_XLAT_TABLES_DYNAMIC macro is set to build only for BL31 and not
- * for other stages.
- */
-#if defined(IMAGE_BL31)
-void bl31_platform_setup(void)
-{
- unsigned int i;
- int ret;
-
- if (plat_arm_nrd_get_multi_chip_mode() == 0 && NRD_CHIP_COUNT > 1) {
- ERROR("Chip Count is set to %d but multi-chip mode not enabled\n",
- NRD_CHIP_COUNT);
- panic();
- } else if (plat_arm_nrd_get_multi_chip_mode() == 1 &&
- NRD_CHIP_COUNT > 1) {
- INFO("Enabling support for multi-chip in RD-N1-Edge\n");
-
- for (i = 0; i < ARRAY_SIZE(rdn1edge_dynamic_mmap); i++) {
- ret = mmap_add_dynamic_region(
- rdn1edge_dynamic_mmap[i].base_pa,
- rdn1edge_dynamic_mmap[i].base_va,
- rdn1edge_dynamic_mmap[i].size,
- rdn1edge_dynamic_mmap[i].attr
- );
- if (ret != 0) {
- ERROR("Failed to add dynamic mmap entry\n");
- panic();
- }
- }
-
- plat_arm_override_gicr_frames(rdn1e1_multichip_gicr_frames);
- gic600_multichip_init(&rdn1e1_multichip_data);
- }
-
- nrd_bl31_common_platform_setup();
-}
-#endif /* IMAGE_BL31 */
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_security.c b/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_security.c
deleted file mode 100644
index f3f6238..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_security.c
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <platform_def.h>
-
-#include <common/debug.h>
-#include <nrd_dmc620_tzc_regions.h>
-
-uintptr_t rdn1edge_dmc_base[] = {
- RDN1EDGE_DMC620_BASE0,
- RDN1EDGE_DMC620_BASE1
-};
-
-static const tzc_dmc620_driver_data_t rdn1edge_plat_driver_data = {
- .dmc_base = rdn1edge_dmc_base,
- .dmc_count = ARRAY_SIZE(rdn1edge_dmc_base)
-};
-
-static const tzc_dmc620_acc_addr_data_t rdn1edge_acc_addr_data[] = {
- NRD_DMC620_TZC_REGIONS_DEF
-};
-
-static const tzc_dmc620_config_data_t rdn1edge_plat_config_data = {
- .plat_drv_data = &rdn1edge_plat_driver_data,
- .plat_acc_addr_data = rdn1edge_acc_addr_data,
- .acc_addr_count = ARRAY_SIZE(rdn1edge_acc_addr_data)
-};
-
-/* Initialize the secure environment */
-void plat_arm_security_setup(void)
-{
- arm_tzc_dmc620_setup(&rdn1edge_plat_config_data);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_topology.c b/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_topology.c
deleted file mode 100644
index 133eb16..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_topology.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-#include <plat/arm/css/common/css_pm.h>
-
-/******************************************************************************
- * The power domain tree descriptor.
- ******************************************************************************/
-static const unsigned char rdn1edge_pd_tree_desc[] = {
- (PLAT_ARM_CLUSTER_COUNT) * (NRD_CHIP_COUNT),
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
-#if (NRD_CHIP_COUNT > 1)
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER
-#endif
-};
-
-/*******************************************************************************
- * This function returns the topology tree information.
- ******************************************************************************/
-const unsigned char *plat_get_power_domain_tree_desc(void)
-{
- return rdn1edge_pd_tree_desc;
-}
-
-/*******************************************************************************
- * The array mapping platform core position (implemented by plat_my_core_pos())
- * to the SCMI power domain ID implemented by SCP.
- ******************************************************************************/
-const uint32_t plat_css_core_pos_to_scmi_dmn_id_map[] = {
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x3)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x4)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x5)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x6)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x7)),
-#if (NRD_CHIP_COUNT > 1)
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x3)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x4)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x5)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x6)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x7)),
-#endif
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_trusted_boot.c b/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_trusted_boot.c
deleted file mode 100644
index 84622d0..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_trusted_boot.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * Return the ROTPK hash in the following ASN.1 structure in DER format:
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL
- * }
- *
- * DigestInfo ::= SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING
- * }
- */
-int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
-{
- return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdn2/platform.mk b/plat/arm/board/neoverse_rd/platform/rdn2/platform.mk
index 5776948..421c14e 100644
--- a/plat/arm/board/neoverse_rd/platform/rdn2/platform.mk
+++ b/plat/arm/board/neoverse_rd/platform/rdn2/platform.mk
@@ -125,7 +125,6 @@
ERRATA_N2_2025414 := 1
ERRATA_N2_2189731 := 1
ERRATA_N2_2138956 := 1
-ERRATA_N2_2138953 := 1
ERRATA_N2_2242415 := 1
ERRATA_N2_2138958 := 1
ERRATA_N2_2242400 := 1
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_fw_config.dts
deleted file mode 100644
index d443443..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_fw_config.dts
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/tbbr/tbbr_img_def.h>
-
-/dts-v1/;
-
-/ {
- dtb-registry {
- compatible = "fconf,dyn_cfg-dtb_registry";
-
- tb_fw-config {
- load-address = <0x0 0x4001300>;
- max-size = <0x200>;
- id = <TB_FW_CONFIG_ID>;
- };
-
- nt_fw-config {
- load-address = <0x0 0xFEF00000>;
- max-size = <0x0100000>;
- id = <NT_FW_CONFIG_ID>;
- };
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_nt_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_nt_fw_config.dts
deleted file mode 100644
index fb08885..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_nt_fw_config.dts
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-/ {
- /* compatible string */
- compatible = "arm,rd-v1";
-
- /*
- * Place holder for system-id node with default values. The
- * value of platform-id and config-id will be set to the
- * correct values during the BL2 stage of boot.
- */
- system-id {
- platform-id = <0x0>;
- config-id = <0x0>;
- multi-chip-mode = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_tb_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_tb_fw_config.dts
deleted file mode 100644
index c370623..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_tb_fw_config.dts
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-
-/ {
- tb_fw-config {
- compatible = "arm,tb_fw";
-
- /* Disable authentication for development */
- disable_auth = <0x0>;
-
- /*
- * The following two entries are placeholders for Mbed TLS
- * heap information. The default values don't matter since
- * they will be overwritten by BL1.
- * In case of having shared Mbed TLS heap between BL1 and BL2,
- * BL1 will populate these two properties with the respective
- * info about the shared heap. This info will be available for
- * BL2 in order to locate and re-use the heap.
- */
- mbedtls_heap_addr = <0x0 0x0>;
- mbedtls_heap_size = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/include/platform_def.h b/plat/arm/board/neoverse_rd/platform/rdv1/include/platform_def.h
deleted file mode 100644
index cd40117..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/include/platform_def.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLATFORM_DEF_H
-#define PLATFORM_DEF_H
-
-#include <lib/utils_def.h>
-#include <nrd_css_fw_def1.h>
-#include <nrd_plat_arm_def1.h>
-#include <nrd_ros_fw_def1.h>
-
-/* Remote chip address offset */
-#define NRD_REMOTE_CHIP_MEM_OFFSET(n) \
- ((ULL(1) << NRD_ADDR_BITS_PER_CHIP) * (n))
-
-#define PLAT_ARM_CLUSTER_COUNT U(16)
-#define NRD_MAX_CPUS_PER_CLUSTER U(1)
-#define NRD_MAX_PE_PER_CPU U(1)
-
-#define PLAT_CSS_MHU_BASE UL(0x45400000)
-#define PLAT_MHUV2_BASE PLAT_CSS_MHU_BASE
-
-/* TZC Related Constants */
-#define PLAT_ARM_TZC_BASE UL(0x21830000)
-#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0)
-
-#define TZC400_OFFSET UL(0x1000000)
-#define TZC400_COUNT 4
-
-#define TZC400_BASE(n) (PLAT_ARM_TZC_BASE + \
- (n * TZC400_OFFSET))
-
-#define TZC_NSAID_ALL_AP U(0)
-#define TZC_NSAID_PCI U(1)
-#define TZC_NSAID_HDLCD0 U(2)
-#define TZC_NSAID_CLCD U(7)
-#define TZC_NSAID_AP U(9)
-#define TZC_NSAID_VIRTIO U(15)
-
-#define PLAT_ARM_TZC_NS_DEV_ACCESS \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_ALL_AP)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_HDLCD0)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_PCI)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_AP)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_CLCD)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_VIRTIO))
-
-/* Maximum number of address bits used per chip */
-#define NRD_ADDR_BITS_PER_CHIP U(42)
-
-/* GIC related constants */
-#define PLAT_ARM_GICD_BASE UL(0x30000000)
-#define PLAT_ARM_GICR_BASE UL(0x30140000)
-
-#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/platform.mk b/plat/arm/board/neoverse_rd/platform/rdv1/platform.mk
deleted file mode 100644
index 241133f..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/platform.mk
+++ /dev/null
@@ -1,78 +0,0 @@
-# Copyright (c) 2020-2025, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-# RD-V1 platform uses GIC-700 which is based on GICv4.1
-GIC_ENABLE_V4_EXTN := 1
-
-include plat/arm/board/neoverse_rd/common/nrd-common.mk
-
-RDV1_BASE = plat/arm/board/neoverse_rd/platform/rdv1
-
-PLAT_INCLUDES += -I${NRD_COMMON_BASE}/include/nrd1/ \
- -I${RDV1_BASE}/include/
-
-NRD_CPU_SOURCES := lib/cpus/aarch64/neoverse_v1.S
-
-PLAT_BL_COMMON_SOURCES += ${NRD_COMMON_BASE}/nrd_plat1.c
-
-BL1_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDV1_BASE}/rdv1_err.c
-
-BL2_SOURCES += ${RDV1_BASE}/rdv1_plat.c \
- ${RDV1_BASE}/rdv1_security.c \
- ${RDV1_BASE}/rdv1_err.c \
- lib/utils/mem_region.c \
- drivers/arm/tzc/tzc400.c \
- plat/arm/common/arm_tzc400.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-BL31_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDV1_BASE}/rdv1_plat.c \
- ${RDV1_BASE}/rdv1_topology.c \
- drivers/cfi/v2m/v2m_flash.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-ifeq (${TRUSTED_BOARD_BOOT}, 1)
-BL1_SOURCES += ${RDV1_BASE}/rdv1_trusted_boot.c
-BL2_SOURCES += ${RDV1_BASE}/rdv1_trusted_boot.c
-endif
-
-# Add the FDT_SOURCES and options for Dynamic Config
-FDT_SOURCES += ${RDV1_BASE}/fdts/${PLAT}_fw_config.dts \
- ${RDV1_BASE}/fdts/${PLAT}_tb_fw_config.dts
-FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_fw_config.dtb
-TB_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_tb_fw_config.dtb
-
-# Add the FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${FW_CONFIG},--fw-config,${FW_CONFIG}))
-# Add the TB_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${TB_FW_CONFIG},--tb-fw-config,${TB_FW_CONFIG}))
-
-FDT_SOURCES += ${RDV1_BASE}/fdts/${PLAT}_nt_fw_config.dts
-NT_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_nt_fw_config.dtb
-
-# Add the NT_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${NT_FW_CONFIG},--nt-fw-config,${NT_FW_CONFIG}))
-
-override CTX_INCLUDE_AARCH32_REGS := 0
-override ENABLE_FEAT_AMU := 2
-override SPMD_SPM_AT_SEL2 := 0
-
-# FEAT_SVE related flags
-override SVE_VECTOR_LEN := 256
-
-ifneq ($(NRD_PLATFORM_VARIANT),0)
- $(error "NRD_PLATFORM_VARIANT for RD-V1 should always be 0, \
- currently set to ${NRD_PLATFORM_VARIANT}.")
-endif
-
-ifneq (${RESET_TO_BL31},0)
- $(error "Using BL31 as the reset vector is not supported on ${PLAT} platform. \
- Please set RESET_TO_BL31 to 0.")
-endif
-
-# Enable the flag since RD-V1 has a system level cache
-NEOVERSE_Nx_EXTERNAL_LLC := 1
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_err.c b/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_err.c
deleted file mode 100644
index d75f525..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_err.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * rdv1 error handler
- */
-void __dead2 plat_arm_error_handler(int err)
-{
- while (1) {
- wfi();
- }
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_plat.c b/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_plat.c
deleted file mode 100644
index 7cdc19a..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_plat.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/common/platform.h>
-
-#include <nrd_plat.h>
-
-unsigned int plat_arm_nrd_get_platform_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_ID_OFFSET)
- & SID_SYSTEM_ID_PART_NUM_MASK;
-}
-
-unsigned int plat_arm_nrd_get_config_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_CFG_OFFSET);
-}
-
-unsigned int plat_arm_nrd_get_multi_chip_mode(void)
-{
- return (mmio_read_32(SID_REG_BASE + SID_NODE_ID_OFFSET) &
- SID_MULTI_CHIP_MODE_MASK) >> SID_MULTI_CHIP_MODE_SHIFT;
-}
-
-void bl31_platform_setup(void)
-{
- nrd_bl31_common_platform_setup();
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_security.c b/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_security.c
deleted file mode 100644
index a936a71..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_security.c
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-#include <platform_def.h>
-
-static const arm_tzc_regions_info_t tzc_regions[] = {
- ARM_TZC_REGIONS_DEF,
- {}
-};
-
-/* Initialize the secure environment */
-void plat_arm_security_setup(void)
-{
- int i;
-
- for (i = 0; i < TZC400_COUNT; i++)
- arm_tzc400_setup(TZC400_BASE(i), tzc_regions);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_topology.c b/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_topology.c
deleted file mode 100644
index 20e4266..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_topology.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-#include <plat/arm/css/common/css_pm.h>
-
-/******************************************************************************
- * The power domain tree descriptor.
- ******************************************************************************/
-const unsigned char rd_v1_pd_tree_desc[] = {
- PLAT_ARM_CLUSTER_COUNT,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER
-};
-
-/*******************************************************************************
- * This function returns the topology tree information.
- ******************************************************************************/
-const unsigned char *plat_get_power_domain_tree_desc(void)
-{
- return rd_v1_pd_tree_desc;
-}
-
-/*******************************************************************************
- * The array mapping platform core position (implemented by plat_my_core_pos())
- * to the SCMI power domain ID implemented by SCP.
- ******************************************************************************/
-const uint32_t plat_css_core_pos_to_scmi_dmn_id_map[] = {
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x3)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x4)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x5)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x6)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x7)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x8)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x9)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xA)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xB)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xC)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xD)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xE)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0xF))
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_trusted_boot.c b/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_trusted_boot.c
deleted file mode 100644
index 84622d0..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_trusted_boot.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * Return the ROTPK hash in the following ASN.1 structure in DER format:
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL
- * }
- *
- * DigestInfo ::= SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING
- * }
- */
-int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
-{
- return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_fw_config.dts
deleted file mode 100644
index d443443..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_fw_config.dts
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/tbbr/tbbr_img_def.h>
-
-/dts-v1/;
-
-/ {
- dtb-registry {
- compatible = "fconf,dyn_cfg-dtb_registry";
-
- tb_fw-config {
- load-address = <0x0 0x4001300>;
- max-size = <0x200>;
- id = <TB_FW_CONFIG_ID>;
- };
-
- nt_fw-config {
- load-address = <0x0 0xFEF00000>;
- max-size = <0x0100000>;
- id = <NT_FW_CONFIG_ID>;
- };
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_nt_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_nt_fw_config.dts
deleted file mode 100644
index 78fa31e..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_nt_fw_config.dts
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-/ {
- /* compatible string */
- compatible = "arm,rd-v1-mc";
-
- /*
- * Place holder for system-id node with default values. The
- * value of platform-id and config-id will be set to the
- * correct values during the BL2 stage of boot.
- */
- system-id {
- platform-id = <0x0>;
- config-id = <0x0>;
- multi-chip-mode = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_tb_fw_config.dts b/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_tb_fw_config.dts
deleted file mode 100644
index c370623..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_tb_fw_config.dts
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-
-/ {
- tb_fw-config {
- compatible = "arm,tb_fw";
-
- /* Disable authentication for development */
- disable_auth = <0x0>;
-
- /*
- * The following two entries are placeholders for Mbed TLS
- * heap information. The default values don't matter since
- * they will be overwritten by BL1.
- * In case of having shared Mbed TLS heap between BL1 and BL2,
- * BL1 will populate these two properties with the respective
- * info about the shared heap. This info will be available for
- * BL2 in order to locate and re-use the heap.
- */
- mbedtls_heap_addr = <0x0 0x0>;
- mbedtls_heap_size = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/include/platform_def.h b/plat/arm/board/neoverse_rd/platform/rdv1mc/include/platform_def.h
deleted file mode 100644
index b4c5c0a..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/include/platform_def.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLATFORM_DEF_H
-#define PLATFORM_DEF_H
-
-#include <lib/utils_def.h>
-#include <nrd_css_fw_def1.h>
-#include <nrd_plat_arm_def1.h>
-#include <nrd_ros_fw_def1.h>
-
-/* Remote chip address offset */
-#define NRD_REMOTE_CHIP_MEM_OFFSET(n) \
- ((ULL(1) << NRD_ADDR_BITS_PER_CHIP) * (n))
-
-#define PLAT_ARM_CLUSTER_COUNT U(4)
-#define NRD_MAX_CPUS_PER_CLUSTER U(1)
-#define NRD_MAX_PE_PER_CPU U(1)
-
-#define PLAT_CSS_MHU_BASE UL(0x45400000)
-#define PLAT_MHUV2_BASE PLAT_CSS_MHU_BASE
-
-/* TZC Related Constants */
-#define PLAT_ARM_TZC_BASE UL(0x21830000)
-#define TZC400_BASE(n) (PLAT_ARM_TZC_BASE + \
- (n * TZC400_OFFSET))
-#define TZC400_OFFSET UL(0x1000000)
-#define TZC400_COUNT U(8)
-#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0)
-
-#define TZC_NSAID_ALL_AP U(0)
-#define TZC_NSAID_PCI U(1)
-#define TZC_NSAID_HDLCD0 U(2)
-#define TZC_NSAID_CLCD U(7)
-#define TZC_NSAID_AP U(9)
-#define TZC_NSAID_VIRTIO U(15)
-
-#define PLAT_ARM_TZC_NS_DEV_ACCESS \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_ALL_AP)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_HDLCD0)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_PCI)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_AP)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_CLCD)) | \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_VIRTIO))
-
-/* Virtual address used by dynamic mem_protect for chunk_base */
-#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xC0000000)
-
-/* Remote chip address offset (4TB per chip) */
-#define NRD_ADDR_BITS_PER_CHIP U(42)
-
-/* GIC related constants */
-#define PLAT_ARM_GICD_BASE UL(0x30000000)
-#define PLAT_ARM_GICR_BASE UL(0x30140000)
-
-/* GIC SPI range for multichip */
-#define NRD_CHIP0_SPI_MIN U(32)
-#define NRD_CHIP0_SPI_MAX U(991)
-
-#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/platform.mk b/plat/arm/board/neoverse_rd/platform/rdv1mc/platform.mk
deleted file mode 100644
index 7af0bd8..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/platform.mk
+++ /dev/null
@@ -1,89 +0,0 @@
-# Copyright (c) 2020-2025, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-# Enable GICv4 extension with multichip driver
-GIC_ENABLE_V4_EXTN := 1
-GICV3_IMPL_GIC600_MULTICHIP := 1
-
-include plat/arm/board/neoverse_rd/common/nrd-common.mk
-
-RDV1MC_BASE = plat/arm/board/neoverse_rd/platform/rdv1mc
-
-PLAT_INCLUDES += -I${NRD_COMMON_BASE}/include/nrd1/ \
- -I${RDV1MC_BASE}/include/
-
-NRD_CPU_SOURCES := lib/cpus/aarch64/neoverse_v1.S
-
-PLAT_BL_COMMON_SOURCES += ${NRD_COMMON_BASE}/nrd_plat1.c
-
-BL1_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDV1MC_BASE}/rdv1mc_err.c
-
-BL2_SOURCES += ${RDV1MC_BASE}/rdv1mc_plat.c \
- ${RDV1MC_BASE}/rdv1mc_security.c \
- ${RDV1MC_BASE}/rdv1mc_err.c \
- drivers/arm/tzc/tzc400.c \
- plat/arm/common/arm_tzc400.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-BL31_SOURCES += ${NRD_CPU_SOURCES} \
- ${RDV1MC_BASE}/rdv1mc_plat.c \
- ${RDV1MC_BASE}/rdv1mc_topology.c \
- drivers/cfi/v2m/v2m_flash.c \
- drivers/arm/gic/v3/gic600_multichip.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-ifeq (${TRUSTED_BOARD_BOOT}, 1)
-BL1_SOURCES += ${RDV1MC_BASE}/rdv1mc_trusted_boot.c
-BL2_SOURCES += ${RDV1MC_BASE}/rdv1mc_trusted_boot.c
-endif
-
-# Enable dynamic addition of MMAP regions in BL31
-BL31_CFLAGS += -DPLAT_XLAT_TABLES_DYNAMIC
-
-# Add the FDT_SOURCES and options for Dynamic Config
-FDT_SOURCES += ${RDV1MC_BASE}/fdts/${PLAT}_fw_config.dts \
- ${RDV1MC_BASE}/fdts/${PLAT}_tb_fw_config.dts
-FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_fw_config.dtb
-TB_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_tb_fw_config.dtb
-
-# Add the FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${FW_CONFIG},--fw-config,${FW_CONFIG}))
-# Add the TB_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${TB_FW_CONFIG},--tb-fw-config,${TB_FW_CONFIG}))
-
-$(eval $(call CREATE_SEQ,SEQ,4))
-ifneq ($(NRD_CHIP_COUNT),$(filter $(NRD_CHIP_COUNT),$(SEQ)))
- $(error "Chip count for RD-V1-MC should be either $(SEQ) \
- currently it is set to ${NRD_CHIP_COUNT}.")
-endif
-
-FDT_SOURCES += ${RDV1MC_BASE}/fdts/${PLAT}_nt_fw_config.dts
-NT_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_nt_fw_config.dtb
-
-# Add the NT_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${NT_FW_CONFIG},--nt-fw-config,${NT_FW_CONFIG}))
-
-override CTX_INCLUDE_AARCH32_REGS := 0
-override ENABLE_FEAT_AMU := 2
-override SPMD_SPM_AT_SEL2 := 0
-
-# FEAT_SVE related flags
-override SVE_VECTOR_LEN := 256
-
-ifneq ($(NRD_PLATFORM_VARIANT),0)
- $(error "NRD_PLATFORM_VARIANT for RD-V1-MC should always be 0, \
- currently set to ${NRD_PLATFORM_VARIANT}.")
-endif
-
-ifneq (${RESET_TO_BL31},0)
- $(error "Using BL31 as the reset vector is not supported on ${PLAT} platform. \
- Please set RESET_TO_BL31 to 0.")
-endif
-
-# Enable the flag since RD-V1-MC has a system level cache
-NEOVERSE_Nx_EXTERNAL_LLC := 1
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_err.c b/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_err.c
deleted file mode 100644
index b855edd..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_err.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * rdv1mc error handler
- */
-void __dead2 plat_arm_error_handler(int err)
-{
- while (true) {
- wfi();
- }
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_plat.c b/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_plat.c
deleted file mode 100644
index 0a40762..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_plat.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/debug.h>
-#include <drivers/arm/gic600_multichip.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/common/platform.h>
-
-#include <nrd_plat.h>
-
-#define RT_OWNER 0
-
-#if defined(IMAGE_BL31)
-static const mmap_region_t rdv1mc_dynamic_mmap[] = {
- NRD_CSS_SHARED_RAM_MMAP(1),
- NRD_CSS_PERIPH_MMAP(1),
- NRD_ROS_PERIPH_MMAP(1),
-#if (NRD_CHIP_COUNT > 2)
- NRD_CSS_SHARED_RAM_MMAP(2),
- NRD_CSS_PERIPH_MMAP(2),
- NRD_ROS_PERIPH_MMAP(2),
-#endif
-#if (NRD_CHIP_COUNT > 3)
- NRD_CSS_SHARED_RAM_MMAP(3),
- NRD_CSS_PERIPH_MMAP(3),
- NRD_ROS_PERIPH_MMAP(3)
-#endif
-};
-
-static struct gic600_multichip_data rdv1mc_multichip_data __init = {
- .base_addrs = {
- PLAT_ARM_GICD_BASE
- },
- .rt_owner = RT_OWNER,
- .chip_count = NRD_CHIP_COUNT,
- .chip_addrs = {
- [RT_OWNER] = {
- PLAT_ARM_GICD_BASE >> 16,
- (PLAT_ARM_GICD_BASE
- + NRD_REMOTE_CHIP_MEM_OFFSET(1)) >> 16,
-#if (NRD_CHIP_COUNT > 2)
- (PLAT_ARM_GICD_BASE
- + NRD_REMOTE_CHIP_MEM_OFFSET(2)) >> 16,
-#endif
-#if (NRD_CHIP_COUNT > 3)
- (PLAT_ARM_GICD_BASE
- + NRD_REMOTE_CHIP_MEM_OFFSET(3)) >> 16,
-#endif
- }
- },
- .spi_ids = {
- {PLAT_ARM_GICD_BASE,
- NRD_CHIP0_SPI_MIN,
- NRD_CHIP0_SPI_MAX},
- {0, 0, 0},
-#if (NRD_CHIP_COUNT > 2)
- {0, 0, 0},
-#endif
-#if (NRD_CHIP_COUNT > 3)
- {0, 0, 0},
-#endif
- }
-};
-
-static uintptr_t rdv1mc_multichip_gicr_frames[] = {
- /* Chip 0's GICR Base */
- PLAT_ARM_GICR_BASE,
- /* Chip 1's GICR BASE */
- PLAT_ARM_GICR_BASE + NRD_REMOTE_CHIP_MEM_OFFSET(1),
-#if (NRD_CHIP_COUNT > 2)
- /* Chip 2's GICR BASE */
- PLAT_ARM_GICR_BASE + NRD_REMOTE_CHIP_MEM_OFFSET(2),
-#endif
-#if (NRD_CHIP_COUNT > 3)
- /* Chip 3's GICR BASE */
- PLAT_ARM_GICR_BASE + NRD_REMOTE_CHIP_MEM_OFFSET(3),
-#endif
- UL(0) /* Zero Termination */
-};
-#endif /* IMAGE_BL31 */
-
-unsigned int plat_arm_nrd_get_platform_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_ID_OFFSET)
- & SID_SYSTEM_ID_PART_NUM_MASK;
-}
-
-unsigned int plat_arm_nrd_get_config_id(void)
-{
- return mmio_read_32(SID_REG_BASE + SID_SYSTEM_CFG_OFFSET);
-}
-
-unsigned int plat_arm_nrd_get_multi_chip_mode(void)
-{
- return (mmio_read_32(SID_REG_BASE + SID_NODE_ID_OFFSET) &
- SID_MULTI_CHIP_MODE_MASK) >> SID_MULTI_CHIP_MODE_SHIFT;
-}
-
-/*
- * bl31_platform_setup_function is guarded by IMAGE_BL31 macro because
- * PLAT_XLAT_TABLES_DYNAMIC macro is set to build only for BL31 and not
- * for other stages.
- */
-#if defined(IMAGE_BL31)
-void bl31_platform_setup(void)
-{
- int ret;
- unsigned int i;
-
- if ((plat_arm_nrd_get_multi_chip_mode() == 0) &&
- (NRD_CHIP_COUNT > 1)) {
- ERROR("Chip Count is %u but multi-chip mode is not enabled\n",
- NRD_CHIP_COUNT);
- panic();
- } else if ((plat_arm_nrd_get_multi_chip_mode() == 1) &&
- (NRD_CHIP_COUNT > 1)) {
- INFO("Enabling support for multi-chip in RD-V1-MC\n");
-
- for (i = 0; i < ARRAY_SIZE(rdv1mc_dynamic_mmap); i++) {
- ret = mmap_add_dynamic_region(
- rdv1mc_dynamic_mmap[i].base_pa,
- rdv1mc_dynamic_mmap[i].base_va,
- rdv1mc_dynamic_mmap[i].size,
- rdv1mc_dynamic_mmap[i].attr);
- if (ret != 0) {
- ERROR("Failed to add dynamic mmap entry "
- "(ret=%d)\n", ret);
- panic();
- }
- }
-
- plat_arm_override_gicr_frames(
- rdv1mc_multichip_gicr_frames);
- gic600_multichip_init(&rdv1mc_multichip_data);
- }
-
- nrd_bl31_common_platform_setup();
-}
-#endif /* IMAGE_BL31 */
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_security.c b/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_security.c
deleted file mode 100644
index 1e59831..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_security.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/debug.h>
-#include <plat/arm/common/plat_arm.h>
-#include <platform_def.h>
-
-/* TZC memory regions for the first chip */
-static const arm_tzc_regions_info_t tzc_regions[] = {
- ARM_TZC_REGIONS_DEF,
- {}
-};
-
-#if NRD_CHIP_COUNT > 1
-static const arm_tzc_regions_info_t tzc_regions_mc[][NRD_CHIP_COUNT - 1] = {
- {
- /* TZC memory regions for second chip */
- NRD_ROS_TZC_NS_REMOTE_REGIONS_DEF(1),
- {}
- },
-#if NRD_CHIP_COUNT > 2
- {
- /* TZC memory regions for third chip */
- NRD_ROS_TZC_NS_REMOTE_REGIONS_DEF(2),
- {}
- },
-#endif
-#if NRD_CHIP_COUNT > 3
- {
- /* TZC memory regions for fourth chip */
- NRD_ROS_TZC_NS_REMOTE_REGIONS_DEF(3),
- {}
- },
-#endif
-};
-#endif /* NRD_CHIP_COUNT */
-
-/* Initialize the secure environment */
-void plat_arm_security_setup(void)
-{
- unsigned int i;
-
- INFO("Configuring TrustZone Controller for Chip 0\n");
-
- for (i = 0; i < TZC400_COUNT; i++) {
- arm_tzc400_setup(TZC400_BASE(i), tzc_regions);
- }
-
-#if NRD_CHIP_COUNT > 1
- unsigned int j;
-
- for (i = 1; i < NRD_CHIP_COUNT; i++) {
- INFO("Configuring TrustZone Controller for Chip %u\n", i);
-
- for (j = 0; j < TZC400_COUNT; j++) {
- arm_tzc400_setup(NRD_REMOTE_CHIP_MEM_OFFSET(i)
- + TZC400_BASE(j), tzc_regions_mc[i-1]);
- }
- }
-#endif
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_topology.c b/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_topology.c
deleted file mode 100644
index 52514ca..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_topology.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/debug.h>
-#include <plat/arm/common/plat_arm.h>
-#include <plat/arm/css/common/css_pm.h>
-
-#include <nrd_variant.h>
-
-/******************************************************************************
- * The power domain tree descriptor.
- ******************************************************************************/
-const unsigned char rd_v1_mc_pd_tree_desc_multi_chip[] = {
- ((PLAT_ARM_CLUSTER_COUNT) * (NRD_CHIP_COUNT)),
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
-#if (NRD_CHIP_COUNT > 1)
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
-#endif
-#if (NRD_CHIP_COUNT > 2)
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
-#endif
-#if (NRD_CHIP_COUNT > 3)
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER
-#endif
-};
-
-/*******************************************************************************
- * This function returns the topology tree information.
- ******************************************************************************/
-const unsigned char *plat_get_power_domain_tree_desc(void)
-{
- if (plat_arm_nrd_get_multi_chip_mode() == 1)
- return rd_v1_mc_pd_tree_desc_multi_chip;
- panic();
-}
-
-/*******************************************************************************
- * The array mapping platform core position (implemented by plat_my_core_pos())
- * to the SCMI power domain ID implemented by SCP.
- ******************************************************************************/
-const uint32_t plat_css_core_pos_to_scmi_dmn_id_map[] = {
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x0) | SET_SCMI_DOMAIN_ID(0x3)),
-#if (NRD_CHIP_COUNT > 1)
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x1) | SET_SCMI_DOMAIN_ID(0x3)),
-#endif
-#if (NRD_CHIP_COUNT > 2)
- (SET_SCMI_CHANNEL_ID(0x2) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x2) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x2) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x2) | SET_SCMI_DOMAIN_ID(0x3)),
-#endif
-#if (NRD_CHIP_COUNT > 3)
- (SET_SCMI_CHANNEL_ID(0x3) | SET_SCMI_DOMAIN_ID(0x0)),
- (SET_SCMI_CHANNEL_ID(0x3) | SET_SCMI_DOMAIN_ID(0x1)),
- (SET_SCMI_CHANNEL_ID(0x3) | SET_SCMI_DOMAIN_ID(0x2)),
- (SET_SCMI_CHANNEL_ID(0x3) | SET_SCMI_DOMAIN_ID(0x3))
-#endif
-};
diff --git a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_trusted_boot.c b/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_trusted_boot.c
deleted file mode 100644
index 84622d0..0000000
--- a/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_trusted_boot.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * Return the ROTPK hash in the following ASN.1 structure in DER format:
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL
- * }
- *
- * DigestInfo ::= SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING
- * }
- */
-int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
-{
- return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common.c b/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common.c
index b1ee5e6..ac1f893 100644
--- a/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common.c
+++ b/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common.c
@@ -193,7 +193,8 @@
int plat_rmmd_mecid_key_update(uint16_t mecid)
{
/*
- * TODO
+ * RDV3 does not support FEAT_MEC.
+ * This empty hook is for compilation to succeed.
*/
return 0;
}
diff --git a/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common_measured_boot.c b/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common_measured_boot.c
index f5160ce..c3abc4f 100644
--- a/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common_measured_boot.c
+++ b/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2024-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,7 +34,7 @@
return err;
}
-int plat_mboot_measure_key(void *pk_oid, void *pk_ptr, unsigned int pk_len)
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr, unsigned int pk_len)
{
return rse_mboot_set_signer_id(rdv3_rse_mboot_metadata, pk_oid,
pk_ptr, pk_len);
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_fw_config.dts b/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_fw_config.dts
deleted file mode 100644
index fe62b6d..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_fw_config.dts
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <common/tbbr/tbbr_img_def.h>
-
-/dts-v1/;
-
-/ {
- dtb-registry {
- compatible = "fconf,dyn_cfg-dtb_registry";
-
- tb_fw-config {
- load-address = <0x0 0x4001300>;
- max-size = <0x200>;
- id = <TB_FW_CONFIG_ID>;
- };
-
- nt_fw-config {
- load-address = <0x0 0xFEF00000>;
- max-size = <0x0100000>;
- id = <NT_FW_CONFIG_ID>;
- };
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_nt_fw_config.dts b/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_nt_fw_config.dts
deleted file mode 100644
index 0573488..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_nt_fw_config.dts
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-/ {
- /* compatible string */
- compatible = "arm,sgi575";
-
- /*
- * Place holder for system-id node with default values. The
- * value of platform-id and config-id will be set to the
- * correct values during the BL2 stage of boot.
- */
- system-id {
- platform-id = <0x0>;
- config-id = <0x0>;
- multi-chip-mode = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_tb_fw_config.dts b/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_tb_fw_config.dts
deleted file mode 100644
index c370623..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_tb_fw_config.dts
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-
-/ {
- tb_fw-config {
- compatible = "arm,tb_fw";
-
- /* Disable authentication for development */
- disable_auth = <0x0>;
-
- /*
- * The following two entries are placeholders for Mbed TLS
- * heap information. The default values don't matter since
- * they will be overwritten by BL1.
- * In case of having shared Mbed TLS heap between BL1 and BL2,
- * BL1 will populate these two properties with the respective
- * info about the shared heap. This info will be available for
- * BL2 in order to locate and re-use the heap.
- */
- mbedtls_heap_addr = <0x0 0x0>;
- mbedtls_heap_size = <0x0>;
- };
-};
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/include/platform_def.h b/plat/arm/board/neoverse_rd/platform/sgi575/include/platform_def.h
deleted file mode 100644
index 0797017..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/include/platform_def.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLATFORM_DEF_H
-#define PLATFORM_DEF_H
-
-#include <lib/utils_def.h>
-#include <nrd_css_fw_def1.h>
-#include <nrd_plat_arm_def1.h>
-#include <nrd_ros_fw_def1.h>
-#include <nrd_sdei.h>
-
-/* Remote chip address offset */
-#define NRD_REMOTE_CHIP_MEM_OFFSET(n) \
- ((ULL(1) << NRD_ADDR_BITS_PER_CHIP) * (n))
-
-#define PLAT_ARM_CLUSTER_COUNT U(2)
-#define NRD_MAX_CPUS_PER_CLUSTER U(4)
-#define NRD_MAX_PE_PER_CPU U(1)
-
-#define PLAT_CSS_MHU_BASE UL(0x45000000)
-
-/* Base address of DMC-620 instances */
-#define SGI575_DMC620_BASE0 UL(0x4e000000)
-#define SGI575_DMC620_BASE1 UL(0x4e100000)
-
-/* Maximum number of address bits used per chip */
-#define NRD_ADDR_BITS_PER_CHIP U(36)
-
-/* GIC related constants */
-#define PLAT_ARM_GICD_BASE UL(0x30000000)
-#define PLAT_ARM_GICR_BASE UL(0x300C0000)
-
-#endif /* PLATFORM_DEF_H */
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/platform.mk b/plat/arm/board/neoverse_rd/platform/sgi575/platform.mk
deleted file mode 100644
index 1f40107..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/platform.mk
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
-#
-# SPDX-License-Identifier: BSD-3-Clause
-#
-
-include plat/arm/board/neoverse_rd/common/nrd-common.mk
-
-SGI575_BASE = plat/arm/board/neoverse_rd/platform/sgi575
-
-PLAT_INCLUDES += -I${NRD_COMMON_BASE}/include/nrd1/ \
- -I${SGI575_BASE}/include/
-
-NRD_CPU_SOURCES := lib/cpus/aarch64/cortex_a75.S
-
-PLAT_BL_COMMON_SOURCES += ${NRD_COMMON_BASE}/nrd_plat1.c
-
-BL1_SOURCES += ${NRD_CPU_SOURCES} \
- ${SGI575_BASE}/sgi575_err.c
-
-BL2_SOURCES += ${SGI575_BASE}/sgi575_plat.c \
- ${SGI575_BASE}/sgi575_security.c \
- ${SGI575_BASE}/sgi575_err.c \
- drivers/arm/tzc/tzc_dmc620.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-BL31_SOURCES += ${NRD_CPU_SOURCES} \
- ${SGI575_BASE}/sgi575_plat.c \
- ${SGI575_BASE}/sgi575_topology.c \
- drivers/cfi/v2m/v2m_flash.c \
- lib/utils/mem_region.c \
- plat/arm/common/arm_nor_psci_mem_protect.c
-
-ifeq (${TRUSTED_BOARD_BOOT}, 1)
-BL1_SOURCES += ${SGI575_BASE}/sgi575_trusted_boot.c
-BL2_SOURCES += ${SGI575_BASE}/sgi575_trusted_boot.c
-endif
-
-# Add the FDT_SOURCES and options for Dynamic Config
-FDT_SOURCES += ${SGI575_BASE}/fdts/${PLAT}_fw_config.dts \
- ${SGI575_BASE}/fdts/${PLAT}_tb_fw_config.dts
-
-FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_fw_config.dtb
-TB_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_tb_fw_config.dtb
-
-# Add the FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${FW_CONFIG},--fw-config,${FW_CONFIG}))
-# Add the TB_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${TB_FW_CONFIG},--tb-fw-config,${TB_FW_CONFIG}))
-
-FDT_SOURCES += ${SGI575_BASE}/fdts/${PLAT}_nt_fw_config.dts
-NT_FW_CONFIG := ${BUILD_PLAT}/fdts/${PLAT}_nt_fw_config.dtb
-
-# Add the NT_FW_CONFIG to FIP and specify the same to certtool
-$(eval $(call TOOL_ADD_PAYLOAD,${NT_FW_CONFIG},--nt-fw-config,${NT_FW_CONFIG}))
-
-ifneq ($(NRD_CHIP_COUNT),1)
- $(error "Chip count for SGI575 should be 1, currently set to \
- ${NRD_CHIP_COUNT}.")
-endif
-
-ifneq ($(NRD_PLATFORM_VARIANT),0)
- $(error "NRD_PLATFORM_VARIANT for SGI575 should always be 0,\
- currently set to ${NRD_PLATFORM_VARIANT}.")
-endif
-
-ifneq (${RESET_TO_BL31},0)
- $(error "Using BL31 as the reset vector is not supported on ${PLAT} platform. \
- Please set RESET_TO_BL31 to 0.")
-endif
-
-override SPMD_SPM_AT_SEL2 := 0
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_err.c b/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_err.c
deleted file mode 100644
index 7e656ab..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_err.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * sgi575 error handler
- */
-void __dead2 plat_arm_error_handler(int err)
-{
- while (true) {
- wfi();
- }
-}
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_plat.c b/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_plat.c
deleted file mode 100644
index 8b74616..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_plat.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/common/platform.h>
-
-#include <nrd_plat.h>
-#include <nrd_variant.h>
-
-unsigned int plat_arm_nrd_get_platform_id(void)
-{
- return mmio_read_32(SSC_VERSION) & SSC_VERSION_PART_NUM_MASK;
-}
-
-unsigned int plat_arm_nrd_get_config_id(void)
-{
- return (mmio_read_32(SSC_VERSION) >> SSC_VERSION_CONFIG_SHIFT)
- & SSC_VERSION_CONFIG_MASK;
-}
-
-unsigned int plat_arm_nrd_get_multi_chip_mode(void)
-{
- return 0;
-}
-
-void bl31_platform_setup(void)
-{
- nrd_bl31_common_platform_setup();
-}
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_security.c b/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_security.c
deleted file mode 100644
index 8b8a382..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_security.c
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <platform_def.h>
-
-#include <common/debug.h>
-#include <nrd_dmc620_tzc_regions.h>
-
-uintptr_t sgi575_dmc_base[] = {
- SGI575_DMC620_BASE0,
- SGI575_DMC620_BASE1
-};
-
-static const tzc_dmc620_driver_data_t sgi575_plat_driver_data = {
- .dmc_base = sgi575_dmc_base,
- .dmc_count = ARRAY_SIZE(sgi575_dmc_base)
-};
-
-static const tzc_dmc620_acc_addr_data_t sgi575_acc_addr_data[] = {
- NRD_DMC620_TZC_REGIONS_DEF
-};
-
-static const tzc_dmc620_config_data_t sgi575_plat_config_data = {
- .plat_drv_data = &sgi575_plat_driver_data,
- .plat_acc_addr_data = sgi575_acc_addr_data,
- .acc_addr_count = ARRAY_SIZE(sgi575_acc_addr_data)
-};
-
-/* Initialize the secure environment */
-void plat_arm_security_setup(void)
-{
- arm_tzc_dmc620_setup(&sgi575_plat_config_data);
-}
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_topology.c b/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_topology.c
deleted file mode 100644
index 15ffc65..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_topology.c
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/******************************************************************************
- * The power domain tree descriptor.
- ******************************************************************************/
-static const unsigned char sgi575_pd_tree_desc[] = {
- PLAT_ARM_CLUSTER_COUNT,
- NRD_MAX_CPUS_PER_CLUSTER,
- NRD_MAX_CPUS_PER_CLUSTER
-};
-
-/*******************************************************************************
- * This function returns the topology tree information.
- ******************************************************************************/
-const unsigned char *plat_get_power_domain_tree_desc(void)
-{
- return sgi575_pd_tree_desc;
-}
-
-/*******************************************************************************
- * The array mapping platform core position (implemented by plat_my_core_pos())
- * to the SCMI power domain ID implemented by SCP.
- ******************************************************************************/
-const uint32_t plat_css_core_pos_to_scmi_dmn_id_map[] = {
- 0, 1, 2, 3, 4, 5, 6, 7
-};
diff --git a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_trusted_boot.c b/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_trusted_boot.c
deleted file mode 100644
index 84622d0..0000000
--- a/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_trusted_boot.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <plat/arm/common/plat_arm.h>
-
-/*
- * Return the ROTPK hash in the following ASN.1 structure in DER format:
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL
- * }
- *
- * DigestInfo ::= SEQUENCE {
- * digestAlgorithm AlgorithmIdentifier,
- * digest OCTET STRING
- * }
- */
-int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
- unsigned int *flags)
-{
- return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
-}
diff --git a/plat/arm/board/tc/include/platform_def.h b/plat/arm/board/tc/include/platform_def.h
index 71f7bb3..76bae38 100644
--- a/plat/arm/board/tc/include/platform_def.h
+++ b/plat/arm/board/tc/include/platform_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,6 +34,28 @@
#define PLAT_ARM_TRUSTED_SRAM_SIZE 0x00080000 /* 512 KB */
+#if TRANSFER_LIST
+/*
+ * Summation of data size of all Transfer Entries included in the Transfer list.
+ * Note: Update this field whenever new Transfer Entries are added in future.
+ */
+#define PLAT_ARM_FW_HANDOFF_SIZE U(0x9000)
+#define PLAT_ARM_EL3_FW_HANDOFF_BASE ARM_BL_RAM_BASE
+#define PLAT_ARM_EL3_FW_HANDOFF_LIMIT PLAT_ARM_EL3_FW_HANDOFF_BASE + PLAT_ARM_FW_HANDOFF_SIZE
+#define FW_NS_HANDOFF_BASE (PLAT_ARM_NS_IMAGE_BASE - PLAT_ARM_FW_HANDOFF_SIZE)
+
+/* Mappings for Secure and Non-secure Transfer_list */
+#define TC_MAP_EL3_FW_HANDOFF MAP_REGION_FLAT( \
+ PLAT_ARM_EL3_FW_HANDOFF_BASE, \
+ PLAT_ARM_FW_HANDOFF_SIZE, \
+ MT_MEMORY | MT_RW | EL3_PAS)
+
+#define TC_MAP_FW_NS_HANDOFF MAP_REGION_FLAT( \
+ FW_NS_HANDOFF_BASE, \
+ PLAT_ARM_FW_HANDOFF_SIZE, \
+ MT_MEMORY | MT_RW | MT_NS)
+#endif /* TRANSFER_LIST */
+
/*
* The top 16MB of ARM_DRAM1 is configured as secure access only using the TZC,
* its base is ARM_AP_TZC_DRAM1_BASE.
@@ -236,11 +258,7 @@
#define TC_FLASH0_RO MAP_REGION_FLAT(V2M_FLASH0_BASE,\
V2M_FLASH0_SIZE, \
MT_DEVICE | MT_RO | MT_SECURE)
-#if TARGET_PLATFORM == 2
-#define PLAT_ARM_NSTIMER_FRAME_ID U(0)
-#else
#define PLAT_ARM_NSTIMER_FRAME_ID U(1)
-#endif
#define PLAT_ARM_TRUSTED_ROM_BASE 0x0
@@ -254,10 +272,7 @@
#define PLAT_ARM_NSRAM_SIZE 0x00008000 /* 64KB */
#endif /* TARGET_FLAVOUR_FPGA */
-#if TARGET_PLATFORM <= 2
-#define PLAT_ARM_DRAM2_BASE ULL(0x8080000000)
-#define PLAT_ARM_DRAM2_SIZE ULL(0x180000000)
-#elif TARGET_PLATFORM >= 3
+#if TARGET_PLATFORM >= 3
#if TC_FPGA_FS_IMG_IN_RAM
/* 10GB reserved for system+userdata+vendor images */
@@ -326,28 +341,19 @@
CSS_SCMI_PAYLOAD_SIZE_MAX)
#define PLAT_ARM_CLUSTER_COUNT U(1)
-#if TARGET_FLAVOUR_FPGA && TARGET_PLATFORM == 2
-#define PLAT_MAX_CPUS_PER_CLUSTER U(14)
-#else /* TARGET_FLAVOUR_FPGA && TARGET_PLATFORM == 2 */
#define PLAT_MAX_CPUS_PER_CLUSTER U(8)
-#endif /* TARGET_FLAVOUR_FPGA && TARGET_PLATFORM == 2 */
#define PLAT_MAX_PE_PER_CPU U(1)
#define PLATFORM_CORE_COUNT (PLAT_MAX_CPUS_PER_CLUSTER * PLAT_ARM_CLUSTER_COUNT)
/* Message Handling Unit (MHU) base addresses */
-#if TARGET_PLATFORM <= 2
- #define PLAT_CSS_MHU_BASE UL(0x45400000)
-#elif TARGET_PLATFORM >= 3
+#if TARGET_PLATFORM >= 3
#define PLAT_CSS_MHU_BASE UL(0x46000000)
#endif /* TARGET_PLATFORM >= 3 */
#define PLAT_MHUV2_BASE PLAT_CSS_MHU_BASE
/* AP<->RSS MHUs */
-#if TARGET_PLATFORM <= 2
-#define PLAT_RSE_AP_SND_MHU_BASE UL(0x2A840000)
-#define PLAT_RSE_AP_RCV_MHU_BASE UL(0x2A850000)
-#elif TARGET_PLATFORM == 3
+#if TARGET_PLATFORM == 3
#define PLAT_RSE_AP_SND_MHU_BASE UL(0x49000000)
#define PLAT_RSE_AP_RCV_MHU_BASE UL(0x49100000)
#elif TARGET_PLATFORM == 4
@@ -381,36 +387,6 @@
*/
#define PLAT_CSS_MAX_SCP_BL2U_SIZE 0x30000
-#if TARGET_PLATFORM <= 2
-/* TZC Related Constants */
-#define PLAT_ARM_TZC_BASE UL(0x25000000)
-#define PLAT_ARM_TZC_FILTERS TZC_400_REGION_ATTR_FILTER_BIT(0)
-
-#define TZC400_OFFSET UL(0x1000000)
-#define TZC400_COUNT 4
-
-#define TZC400_BASE(n) (PLAT_ARM_TZC_BASE + \
- (n * TZC400_OFFSET))
-
-#define TZC_NSAID_DEFAULT U(0)
-
-#define PLAT_ARM_TZC_NS_DEV_ACCESS \
- (TZC_REGION_ACCESS_RDWR(TZC_NSAID_DEFAULT))
-
-/*
- * The first region below, TC_TZC_DRAM1_BASE (0xf9000000) to
- * ARM_SCP_TZC_DRAM1_END (0xffffffff) will mark the last 112 MB of DRAM as
- * secure. The second and third regions gives non secure access to rest of DRAM.
- */
-#define TC_TZC_REGIONS_DEF \
- {TC_TZC_DRAM1_BASE, ARM_SCP_TZC_DRAM1_END, \
- TZC_REGION_S_RDWR, PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- {TC_NS_DRAM1_BASE, TC_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
- PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- {PLAT_ARM_DRAM2_BASE, PLAT_ARM_DRAM2_END, \
- ARM_TZC_NS_DRAM_S_ACCESS, PLAT_ARM_TZC_NS_DEV_ACCESS}
-#endif
-
/* virtual address used by dynamic mem_protect for chunk_base */
#define PLAT_ARM_MEM_PROTEC_VA_FRAME UL(0xc0000000)
@@ -446,13 +422,11 @@
#undef ARM_CONSOLE_BAUDRATE
#define ARM_CONSOLE_BAUDRATE 38400
-#if TARGET_PLATFORM <= 2
-#define TC_UARTCLK 5000000
-#elif TARGET_PLATFORM == 3
+#if TARGET_PLATFORM == 3
#define TC_UARTCLK 3750000
#elif TARGET_PLATFORM == 4
#define TC_UARTCLK 4000000
-#endif /* TARGET_PLATFORM <=2 */
+#endif /* TARGET_PLATFORM == 3 */
#if TARGET_FLAVOUR_FVP
diff --git a/plat/arm/board/tc/include/tc_helpers.S b/plat/arm/board/tc/include/tc_helpers.S
index cc2f760..9a8172a 100644
--- a/plat/arm/board/tc/include/tc_helpers.S
+++ b/plat/arm/board/tc/include/tc_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2024, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2024-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -74,10 +74,6 @@
ret
endfunc enable_dsu_pmu_el1_access
-func TC_HANDLER(2)
- ret
-endfunc TC_HANDLER(2)
-
func TC_HANDLER(3)
mov x9, lr
bl mark_extllc_presence
diff --git a/plat/arm/board/tc/platform.mk b/plat/arm/board/tc/platform.mk
index a056bc2..b29f0d6 100644
--- a/plat/arm/board/tc/platform.mk
+++ b/plat/arm/board/tc/platform.mk
@@ -15,6 +15,7 @@
CSS_USE_SCMI_SDS_DRIVER := 1
HW_ASSISTED_COHERENCY := 1
USE_COHERENT_MEM := 0
+USE_GIC_DRIVER := 3
GIC_ENABLE_V4_EXTN := 1
GICV3_SUPPORT_GIC600 := 1
override NEED_BL2U := no
@@ -35,8 +36,8 @@
ENABLE_AMU_AUXILIARY_COUNTERS := 1
ENABLE_MPMM := 1
ENABLE_FEAT_MTE2 := 2
-ENABLE_SPE_FOR_NS := 3
-ENABLE_FEAT_TCR2 := 3
+ENABLE_SPE_FOR_NS := 2
+ENABLE_FEAT_TCR2 := 2
ifneq ($(filter ${TARGET_PLATFORM}, 3),)
ENABLE_FEAT_RNG_TRAP := 0
@@ -66,15 +67,10 @@
endif
endif
-ifneq ($(shell expr $(TARGET_PLATFORM) \<= 1), 0)
+ifneq ($(shell expr $(TARGET_PLATFORM) \<= 2), 0)
$(error Platform ${PLAT}$(TARGET_PLATFORM) is no longer available.)
endif
-ifneq ($(shell expr $(TARGET_PLATFORM) = 2), 0)
- $(warning Platform ${PLAT}$(TARGET_PLATFORM) is deprecated. \
- Some of the features might not work as expected)
-endif
-
ifeq ($(shell expr $(TARGET_PLATFORM) \<= 4), 0)
$(error TARGET_PLATFORM must be less than or equal to 4)
endif
@@ -108,42 +104,13 @@
# Save DSU PMU registers on cluster off and restore them on cluster on
PRESERVE_DSU_PMU_REGS := 1
-# Specify MHU type based on platform
-ifneq ($(filter ${TARGET_PLATFORM}, 2),)
- PLAT_MHU := MHUv2
-else
- PLAT_MHU := MHUv3
-endif
-
-# Include GICv3 driver files
-include drivers/arm/gic/v3/gicv3.mk
-
-ENT_GIC_SOURCES := ${GICV3_SOURCES} \
- plat/common/plat_gicv3.c \
- plat/arm/common/arm_gicv3.c
+PLAT_MHU := MHUv3
TC_BASE = plat/arm/board/tc
PLAT_INCLUDES += -I${TC_BASE}/include/ \
-I${TC_BASE}/fdts/
-# CPU libraries for TARGET_PLATFORM=1
-ifeq (${TARGET_PLATFORM}, 1)
-TC_CPU_SOURCES += lib/cpus/aarch64/cortex_a510.S \
- lib/cpus/aarch64/cortex_a715.S \
- lib/cpus/aarch64/cortex_x3.S
-endif
-
-# CPU libraries for TARGET_PLATFORM=2
-ifeq (${TARGET_PLATFORM}, 2)
-ERRATA_A520_2938996 := 1
-ERRATA_X4_2726228 := 1
-
-TC_CPU_SOURCES += lib/cpus/aarch64/cortex_a520.S \
- lib/cpus/aarch64/cortex_a720.S \
- lib/cpus/aarch64/cortex_x4.S
-endif
-
# CPU libraries for TARGET_PLATFORM=3
ifeq (${TARGET_PLATFORM}, 3)
ERRATA_A520_2938996 := 1
@@ -189,13 +156,8 @@
drivers/arm/tzc/tzc400.c \
plat/arm/common/arm_nor_psci_mem_protect.c
-ifeq ($(shell test $(TARGET_PLATFORM) -le 2; echo $$?),0)
-BL2_SOURCES += plat/arm/common/arm_tzc400.c
-endif
-
BL31_SOURCES += ${INTERCONNECT_SOURCES} \
${TC_CPU_SOURCES} \
- ${ENT_GIC_SOURCES} \
${TC_BASE}/tc_bl31_setup.c \
${TC_BASE}/tc_topology.c \
lib/fconf/fconf.c \
diff --git a/plat/arm/board/tc/tc_bl2_setup.c b/plat/arm/board/tc/tc_bl2_setup.c
index 74ef569..b5d3a1a 100644
--- a/plat/arm/board/tc/tc_bl2_setup.c
+++ b/plat/arm/board/tc/tc_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021, ARM Limited. All rights reserved.
+ * Copyright (c) 2021-2025, ARM Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -18,17 +18,26 @@
******************************************************************************/
struct bl_params *plat_get_next_bl_params(void)
{
- struct bl_params *arm_bl_params = arm_get_next_bl_params();
-
- const struct dyn_cfg_dtb_info_t *fw_config_info;
+ struct bl_params *arm_bl_params;
bl_mem_params_node_t *param_node;
- uintptr_t fw_config_base = 0U;
- entry_point_info_t *ep_info;
+ const struct dyn_cfg_dtb_info_t *fw_config_info __maybe_unused;
+ uintptr_t fw_config_base __maybe_unused;
+ entry_point_info_t *ep_info __maybe_unused;
+
+ arm_bl_params = arm_get_next_bl_params();
/* Get BL31 image node */
param_node = get_bl_mem_params_node(BL31_IMAGE_ID);
assert(param_node != NULL);
+#if TRANSFER_LIST
+ assert(arm_bl_params != NULL);
+ arm_bl_params->head = ¶m_node->params_node_mem;
+ arm_bl_params->head->ep_info = ¶m_node->ep_info;
+ arm_bl_params->head->image_id = param_node->image_id;
+
+ arm_bl2_setup_next_ep_info(param_node);
+#else
/* Get fw_config load address */
fw_config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, FW_CONFIG_ID);
assert(fw_config_info != NULL);
@@ -42,6 +51,7 @@
*/
ep_info = ¶m_node->ep_info;
ep_info->args.arg1 = (uint32_t)fw_config_base;
+#endif /* TRANSFER_LIST */
return arm_bl_params;
}
diff --git a/plat/arm/board/tc/tc_bl31_setup.c b/plat/arm/board/tc/tc_bl31_setup.c
index 5d19aeb..7f2014b 100644
--- a/plat/arm/board/tc/tc_bl31_setup.c
+++ b/plat/arm/board/tc/tc_bl31_setup.c
@@ -54,15 +54,6 @@
}
#endif /* PLATFORM_TEST_TFM_TESTSUITE */
-#if TARGET_PLATFORM <= 2
-static scmi_channel_plat_info_t tc_scmi_plat_info = {
- .scmi_mbx_mem = CSS_SCMI_PAYLOAD_BASE,
- .db_reg_addr = PLAT_CSS_MHU_BASE + SENDER_REG_SET(0),
- .db_preserve_mask = 0xfffffffe,
- .db_modify_mask = 0x1,
- .ring_doorbell = &mhuv2_ring_doorbell,
-};
-#elif TARGET_PLATFORM >= 3
static scmi_channel_plat_info_t tc_scmi_plat_info = {
.scmi_mbx_mem = CSS_SCMI_PAYLOAD_BASE,
.db_reg_addr = PLAT_CSS_MHU_BASE + MHU_V3_SENDER_REG_SET(0),
@@ -70,7 +61,6 @@
.db_modify_mask = 0x1,
.ring_doorbell = &mhu_ring_doorbell,
};
-#endif
/* the bottom 3 AMU group 1 counters */
#define MPMM_GEARS ((1 << 0) | (1 << 1) | (1 << 2))
@@ -154,10 +144,15 @@
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ /* Initialize the console to provide early debug support */
+ arm_console_boot_init();
+ arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
+
+#if !TRANSFER_LIST
/* Fill the properties struct with the info from the config dtb */
fconf_populate("FW_CONFIG", arg1);
+#endif
}
#ifdef PLATFORM_TESTS
@@ -202,6 +197,13 @@
{
arm_bl31_plat_arch_setup();
+ /*
+ * When TRANSFER_LIST is enabled, HW_CONFIG is included in Transfer List
+ * as an entry with the tag TL_TAG_FDT. In this case, the configuration
+ * is already available, so the fconf_populate mechanism is not needed.
+ * The code block below is only required when TRANSFER_LIST is not used.
+ */
+#if !TRANSFER_LIST
/* HW_CONFIG was also loaded by BL2 */
const struct dyn_cfg_dtb_info_t *hw_config_info;
@@ -209,6 +211,7 @@
assert(hw_config_info != NULL);
fconf_populate("HW_CONFIG", hw_config_info->config_addr);
+#endif
}
#if defined(SPD_spmd) && (SPMC_AT_EL3 == 0)
diff --git a/plat/arm/board/tc/tc_plat.c b/plat/arm/board/tc/tc_plat.c
index 1ecfdb9..fcee784 100644
--- a/plat/arm/board/tc/tc_plat.c
+++ b/plat/arm/board/tc/tc_plat.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,6 +33,9 @@
TC_MAP_NS_DRAM1,
TC_FLASH0_RO,
TC_MAP_DEVICE,
+#if TRANSFER_LIST
+ TC_MAP_EL3_FW_HANDOFF,
+#endif
{0}
};
#endif
@@ -59,6 +62,9 @@
ARM_MAP_OPTEE_CORE_MEM,
ARM_OPTEE_PAGEABLE_LOAD_MEM,
#endif
+#if TRANSFER_LIST
+ TC_MAP_EL3_FW_HANDOFF,
+#endif
{0}
};
#endif
@@ -72,6 +78,10 @@
#if SPM_MM
ARM_SPM_BUF_EL3_MMAP,
#endif
+#if TRANSFER_LIST
+ TC_MAP_FW_NS_HANDOFF,
+ TC_MAP_EL3_FW_HANDOFF,
+#endif
{0}
};
diff --git a/plat/arm/board/tc/tc_security.c b/plat/arm/board/tc/tc_security.c
index 7c7a1a1..804a35b 100644
--- a/plat/arm/board/tc/tc_security.c
+++ b/plat/arm/board/tc/tc_security.c
@@ -7,21 +7,8 @@
#include <plat/arm/common/plat_arm.h>
#include <platform_def.h>
-#if (TARGET_PLATFORM <= 2)
-static const arm_tzc_regions_info_t tzc_regions[] = {
- TC_TZC_REGIONS_DEF,
- {}
-};
-#endif
-
/* Initialize the secure environment */
void plat_arm_security_setup(void)
{
-#if (TARGET_PLATFORM <= 2)
- unsigned int i;
- for (i = 0U; i < TZC400_COUNT; i++) {
- arm_tzc400_setup(TZC400_BASE(i), tzc_regions);
- }
-#endif
}
diff --git a/plat/arm/common/arm_bl1_setup.c b/plat/arm/common/arm_bl1_setup.c
index b8e5027..06a919c 100644
--- a/plat/arm/common/arm_bl1_setup.c
+++ b/plat/arm/common/arm_bl1_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -90,7 +90,7 @@
bl1_tzram_layout.total_size = ARM_BL_RAM_SIZE;
#if TRANSFER_LIST
- secure_tl = transfer_list_ensure((void *)PLAT_ARM_EL3_FW_HANDOFF_BASE,
+ secure_tl = transfer_list_init((void *)PLAT_ARM_EL3_FW_HANDOFF_BASE,
PLAT_ARM_FW_HANDOFF_SIZE);
assert(secure_tl != NULL);
#endif
@@ -289,18 +289,17 @@
return is_fwu_needed ? NS_BL1U_IMAGE_ID : BL2_IMAGE_ID;
}
-// Use the default implementation of this function when Firmware Handoff is
-// disabled to avoid duplicating its logic.
#if TRANSFER_LIST
int bl1_plat_handle_post_image_load(unsigned int image_id)
{
- image_desc_t *image_desc __unused;
-
- assert(image_id == BL2_IMAGE_ID);
struct transfer_list_entry *te;
+ if (image_id != BL2_IMAGE_ID) {
+ return 0;
+ }
+
/* Convey this information to BL2 via its TL. */
- te = transfer_list_add(secure_tl, TL_TAG_SRAM_LAYOUT64,
+ te = transfer_list_add(secure_tl, TL_TAG_SRAM_LAYOUT,
sizeof(meminfo_t), NULL);
assert(te != NULL);
diff --git a/plat/arm/common/arm_bl2_setup.c b/plat/arm/common/arm_bl2_setup.c
index 17dc0ed..522017f 100644
--- a/plat/arm/common/arm_bl2_setup.c
+++ b/plat/arm/common/arm_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -66,8 +66,8 @@
* in x0. This memory layout is sitting at the base of the free trusted SRAM.
* Copy it to a safe location before its reclaimed by later BL2 functionality.
******************************************************************************/
-void arm_bl2_early_platform_setup(uintptr_t fw_config,
- struct meminfo *mem_layout)
+void arm_bl2_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
struct transfer_list_entry *te __unused;
int __maybe_unused ret;
@@ -76,20 +76,19 @@
arm_console_boot_init();
#if TRANSFER_LIST
- // TODO: modify the prototype of this function fw_config != bl2_tl
- secure_tl = (struct transfer_list_header *)fw_config;
+ secure_tl = (struct transfer_list_header *)arg3;
- te = transfer_list_find(secure_tl, TL_TAG_SRAM_LAYOUT64);
+ te = transfer_list_find(secure_tl, TL_TAG_SRAM_LAYOUT);
assert(te != NULL);
bl2_tzram_layout = *(meminfo_t *)transfer_list_entry_data(te);
transfer_list_rem(secure_tl, te);
#else
- config_base = fw_config;
+ config_base = (uintptr_t)arg0;
/* Setup the BL2 memory layout */
- bl2_tzram_layout = *mem_layout;
-#endif
+ bl2_tzram_layout = *(meminfo_t *)arg1;
+#endif /* TRANSFER_LIST */
/* Initialise the IO layer and register platform IO devices */
plat_arm_io_setup();
@@ -105,9 +104,10 @@
#endif /* ARM_GPT_SUPPORT */
}
-void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1, u_register_t arg2, u_register_t arg3)
+void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
- arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ arm_bl2_early_platform_setup(arg0, arg1, arg2, arg3);
generic_delay_timer_init();
}
@@ -320,6 +320,13 @@
void arm_bl2_setup_next_ep_info(bl_mem_params_node_t *next_param_node)
{
entry_point_info_t *ep __unused;
+
+ /*
+ * Information might have been added to the TL before this (i.e. event log)
+ * make sure the checksum is up to date.
+ */
+ transfer_list_update_checksum(secure_tl);
+
ep = transfer_list_set_handoff_args(secure_tl,
&next_param_node->ep_info);
assert(ep != NULL);
diff --git a/plat/arm/common/arm_bl31_setup.c b/plat/arm/common/arm_bl31_setup.c
index 0503acf..f196269 100644
--- a/plat/arm/common/arm_bl31_setup.c
+++ b/plat/arm/common/arm_bl31_setup.c
@@ -133,7 +133,12 @@
}
#endif
else {
+#if TRANSFER_LIST && !RESET_TO_BL31
+ next_image_info = transfer_list_set_handoff_args(
+ secure_tl, &bl32_image_ep_info);
+#else
next_image_info = &bl32_image_ep_info;
+#endif
}
/*
@@ -154,10 +159,10 @@
* while creating page tables. BL2 has flushed this information to memory, so
* we are guaranteed to pick up good data.
******************************************************************************/
-#if TRANSFER_LIST
void __init arm_bl31_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
+#if TRANSFER_LIST
#if RESET_TO_BL31
/* Populate entry point information for BL33 */
SET_PARAM_HEAD(&bl33_image_ep_info, PARAM_EP, VERSION_1, 0);
@@ -208,18 +213,11 @@
}
}
#endif /* RESET_TO_BL31 */
-}
-#else
-void __init arm_bl31_early_platform_setup(void *from_bl2, uintptr_t soc_fw_config,
- uintptr_t hw_config, void *plat_params_from_bl2)
-{
- /* Initialize the console to provide early debug support */
- arm_console_boot_init();
-
+#else /* (!TRANSFER_LIST) */
#if RESET_TO_BL31
/* There are no parameters from BL2 if BL31 is a reset vector */
- assert(from_bl2 == NULL);
- assert(plat_params_from_bl2 == NULL);
+ assert((uintptr_t)arg0 == 0U);
+ assert((uintptr_t)arg3 == 0U);
# ifdef BL32_BASE
/* Populate entry point information for BL32 */
@@ -258,21 +256,20 @@
*/
rmm_image_ep_info.pc = RMM_BASE;
#endif /* ENABLE_RME */
-
#else /* RESET_TO_BL31 */
-
/*
- * In debug builds, we pass a special value in 'plat_params_from_bl2'
+ * In debug builds, we pass a special value in 'arg3'
* to verify platform parameters from BL2 to BL31.
* In release builds, it's not used.
*/
- assert(((unsigned long long)plat_params_from_bl2) ==
- ARM_BL31_PLAT_PARAM_VAL);
+#if DEBUG
+ assert(((uintptr_t)arg3) == ARM_BL31_PLAT_PARAM_VAL);
+#endif
/*
* Check params passed from BL2 should not be NULL,
*/
- bl_params_t *params_from_bl2 = (bl_params_t *)from_bl2;
+ bl_params_t *params_from_bl2 = (bl_params_t *)(uintptr_t)arg0;
assert(params_from_bl2 != NULL);
assert(params_from_bl2->h.type == PARAM_BL_PARAMS);
assert(params_from_bl2->h.version >= VERSION_2);
@@ -325,7 +322,7 @@
#endif
#endif /* RESET_TO_BL31 */
-# if ARM_LINUX_KERNEL_AS_BL33
+#if ARM_LINUX_KERNEL_AS_BL33
/*
* According to the file ``Documentation/arm64/booting.txt`` of the
* Linux kernel tree, Linux expects the physical address of the device
@@ -339,23 +336,19 @@
#if RESET_TO_BL31
bl33_image_ep_info.args.arg0 = (u_register_t)ARM_PRELOADED_DTB_BASE;
#else
- bl33_image_ep_info.args.arg0 = (u_register_t)hw_config;
-#endif
+ bl33_image_ep_info.args.arg0 = arg2;
+#endif /* RESET_TO_BL31 */
bl33_image_ep_info.args.arg1 = 0U;
bl33_image_ep_info.args.arg2 = 0U;
bl33_image_ep_info.args.arg3 = 0U;
-# endif
+#endif /* ARM_LINUX_KERNEL_AS_BL33 */
+#endif /* TRANSFER_LIST */
}
-#endif
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
-#if TRANSFER_LIST
arm_bl31_early_platform_setup(arg0, arg1, arg2, arg3);
-#else
- arm_bl31_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
-#endif
/*
* Initialize Interconnect for this cluster during cold boot.
@@ -382,8 +375,8 @@
struct transfer_list_entry *te __unused;
#if TRANSFER_LIST && !RESET_TO_BL31
- ns_tl = transfer_list_ensure((void *)FW_NS_HANDOFF_BASE,
- PLAT_ARM_FW_HANDOFF_SIZE);
+ ns_tl = transfer_list_init((void *)FW_NS_HANDOFF_BASE,
+ PLAT_ARM_FW_HANDOFF_SIZE);
if (ns_tl == NULL) {
ERROR("Non-secure transfer list initialisation failed!\n");
panic();
@@ -406,11 +399,17 @@
te = transfer_list_add(ns_tl, TL_TAG_FDT, te->data_size,
transfer_list_entry_data(te));
assert(te != NULL);
-#endif /* TRANSFER_LIST && !RESET_TO_BL31 */
- /* Initialize the GIC driver, cpu and distributor interfaces */
- plat_arm_gic_driver_init();
- plat_arm_gic_init();
+ te = transfer_list_find(secure_tl, TL_TAG_TPM_EVLOG);
+ if (te != NULL) {
+ te = transfer_list_add(ns_tl, TL_TAG_TPM_EVLOG, te->data_size,
+ transfer_list_entry_data(te));
+ if (te == NULL) {
+ ERROR("Failed to load event log in Non-Secure transfer list\n");
+ panic();
+ }
+ }
+#endif /* TRANSFER_LIST && !RESET_TO_BL31 */
#if RESET_TO_BL31
/*
diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk
index c8f6b41..418a9d8 100644
--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@@ -224,14 +224,9 @@
PLAT_BL_COMMON_SOURCES += lib/xlat_tables/xlat_tables_common.c \
lib/xlat_tables/${ARCH}/xlat_tables.c
else
-ifeq (${XLAT_MPU_LIB_V1}, 1)
-include lib/xlat_mpu/xlat_mpu.mk
-PLAT_BL_COMMON_SOURCES += ${XLAT_MPU_LIB_V1_SRCS}
-else
include lib/xlat_tables_v2/xlat_tables.mk
PLAT_BL_COMMON_SOURCES += ${XLAT_TABLES_LIB_SRCS}
endif
-endif
ARM_IO_SOURCES += plat/arm/common/arm_io_storage.c \
plat/arm/common/fconf/arm_fconf_io.c
@@ -311,6 +306,7 @@
plat/common/plat_psci_common.c
ifeq (${TRANSFER_LIST}, 1)
+ include lib/transfer_list/transfer_list.mk
TRANSFER_LIST_SOURCES += plat/arm/common/arm_transfer_list.c
endif
@@ -360,7 +356,7 @@
endif
# Pointer Authentication sources
-ifeq ($(BRANCH_PROTECTION),$(filter $(BRANCH_PROTECTION),1 2 3))
+ifeq ($(BRANCH_PROTECTION),$(filter $(BRANCH_PROTECTION),1 2 3 5))
PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c
endif
@@ -460,6 +456,9 @@
ifeq (${MEASURED_BOOT},1)
BL1_SOURCES += ${EVENT_LOG_SOURCES}
BL2_SOURCES += ${EVENT_LOG_SOURCES}
+ ifeq (${SPD_tspd},1)
+ BL32_SOURCES += ${EVENT_LOG_SOURCES}
+ endif
endif
ifeq (${DRTM_SUPPORT},1)
diff --git a/plat/arm/common/arm_pm.c b/plat/arm/common/arm_pm.c
index 3e6c9f2..e8d15f7 100644
--- a/plat/arm/common/arm_pm.c
+++ b/plat/arm/common/arm_pm.c
@@ -148,7 +148,7 @@
/* Assert system power domain is available on the platform */
assert(PLAT_MAX_PWR_LVL >= ARM_PWR_LVL2);
- plat_arm_gic_save();
+ gic_save();
/*
* Unregister console now so that it is not registered for a second
@@ -177,7 +177,7 @@
/* Assert system power domain is available on the platform */
assert(PLAT_MAX_PWR_LVL >= ARM_PWR_LVL2);
- plat_arm_gic_resume();
+ gic_resume();
plat_arm_security_setup();
arm_configure_sys_timer();
diff --git a/plat/arm/common/arm_transfer_list.c b/plat/arm/common/arm_transfer_list.c
index 6847591..5a480b6 100644
--- a/plat/arm/common/arm_transfer_list.c
+++ b/plat/arm/common/arm_transfer_list.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2024-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -71,9 +71,8 @@
struct transfer_list_header *tl)
{
uint32_t next_exe_img_id;
- entry_point_info_t *ep;
+ entry_point_info_t *ep __unused;
struct transfer_list_entry *te;
-
assert(next_param_node != NULL);
while ((next_exe_img_id = next_param_node->next_handoff_image_id) !=
@@ -83,14 +82,16 @@
next_exe_img_id)];
assert(next_param_node != NULL);
- te = transfer_list_add(tl, TL_TAG_EXEC_EP_INFO64,
+ te = transfer_list_add(tl, TL_TAG_EXEC_EP_INFO,
sizeof(entry_point_info_t),
&next_param_node->ep_info);
assert(te != NULL);
ep = transfer_list_entry_data(te);
+ assert(ep != NULL);
- if ((next_exe_img_id == BL32_IMAGE_ID) && SPMC_AT_EL3) {
+#if SPMC_AT_EL3
+ if (next_exe_img_id == BL32_IMAGE_ID) {
/*
* Populate the BL32 image base, size and max limit in
* the entry point information, since there is no
@@ -106,6 +107,7 @@
next_param_node->image_info.image_base +
next_param_node->image_info.image_max_size;
}
+#endif /* SPMC_AT_EL3 */
next_exe_img_id = next_param_node->next_handoff_image_id;
}
diff --git a/plat/arm/common/sp_min/arm_sp_min_setup.c b/plat/arm/common/sp_min/arm_sp_min_setup.c
index 4cd514b..6b15b73 100644
--- a/plat/arm/common/sp_min/arm_sp_min_setup.c
+++ b/plat/arm/common/sp_min/arm_sp_min_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2024, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -16,6 +16,9 @@
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
+struct transfer_list_header *secure_tl;
+struct transfer_list_header *ns_tl __unused;
+
static entry_point_info_t bl33_image_ep_info;
/* Weak definitions may be overridden in specific ARM standard platform */
@@ -28,13 +31,25 @@
BL32_END - BL32_BASE, \
MT_MEMORY | MT_RW | MT_SECURE)
+#define MAP_EL3_FW_HANDOFF \
+ MAP_REGION_FLAT(PLAT_ARM_EL3_FW_HANDOFF_BASE, \
+ PLAT_ARM_FW_HANDOFF_SIZE, MT_MEMORY | MT_RW | EL3_PAS)
+
+#define MAP_FW_NS_HANDOFF \
+ MAP_REGION_FLAT(FW_NS_HANDOFF_BASE, PLAT_ARM_FW_HANDOFF_SIZE, \
+ MT_MEMORY | MT_RW | MT_NS)
+
/*
* Check that BL32_BASE is above ARM_FW_CONFIG_LIMIT. The reserved page
* is required for SOC_FW_CONFIG/TOS_FW_CONFIG passed from BL2.
*/
#if !RESET_TO_SP_MIN
+#if TRANSFER_LIST
+CASSERT(BL32_BASE >= PLAT_ARM_EL3_FW_HANDOFF_LIMIT, assert_bl32_base_overflows);
+#else
CASSERT(BL32_BASE >= ARM_FW_CONFIG_LIMIT, assert_bl32_base_overflows);
#endif
+#endif
/*******************************************************************************
* Return a pointer to the 'entry_point_info' structure of the next image for the
@@ -61,12 +76,25 @@
/*******************************************************************************
* Utility function to perform early platform setup.
******************************************************************************/
-void arm_sp_min_early_platform_setup(void *from_bl2, uintptr_t tos_fw_config,
- uintptr_t hw_config, void *plat_params_from_bl2)
+void arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
+ struct transfer_list_entry *te __unused;
+
/* Initialize the console to provide early debug support */
arm_console_boot_init();
+#if TRANSFER_LIST
+ secure_tl = (struct transfer_list_header *)arg3;
+
+ te = transfer_list_find(secure_tl, TL_TAG_EXEC_EP_INFO32);
+ assert(te != NULL);
+
+ bl33_image_ep_info =
+ *(struct entry_point_info *)transfer_list_entry_data(te);
+ return;
+#endif /* TRANSFER_LIST */
+
#if RESET_TO_SP_MIN
/* Populate entry point information for BL33 */
SET_PARAM_HEAD(&bl33_image_ep_info,
@@ -81,7 +109,7 @@
bl33_image_ep_info.spsr = arm_get_spsr_for_bl33_entry();
SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
-# if ARM_LINUX_KERNEL_AS_BL33
+#if ARM_LINUX_KERNEL_AS_BL33
/*
* According to the file ``Documentation/arm/Booting`` of the Linux
* kernel tree, Linux expects:
@@ -99,7 +127,7 @@
/*
* Check params passed from BL2 should not be NULL,
*/
- bl_params_t *params_from_bl2 = (bl_params_t *)from_bl2;
+ bl_params_t *params_from_bl2 = (bl_params_t *)arg0;
assert(params_from_bl2 != NULL);
assert(params_from_bl2->h.type == PARAM_BL_PARAMS);
assert(params_from_bl2->h.version >= VERSION_2);
@@ -132,7 +160,7 @@
void plat_arm_sp_min_early_platform_setup(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_sp_min_early_platform_setup((void *)arg0, arg1, arg2, (void *)arg3);
+ arm_sp_min_early_platform_setup(arg0, arg1, arg2, arg3);
/*
* Initialize Interconnect for this cluster during cold boot.
@@ -176,9 +204,35 @@
******************************************************************************/
void sp_min_platform_setup(void)
{
+ struct transfer_list_entry *te __unused;
+
/* Initialize the GIC driver, cpu and distributor interfaces */
- plat_arm_gic_driver_init();
- plat_arm_gic_init();
+ unsigned int core_pos = plat_my_core_pos();
+
+ gic_init(core_pos);
+ gic_pcpu_init(core_pos);
+ gic_cpuif_enable(core_pos);
+
+#if TRANSFER_LIST
+ ns_tl = transfer_list_ensure((void *)FW_NS_HANDOFF_BASE,
+ PLAT_ARM_FW_HANDOFF_SIZE);
+ if (ns_tl == NULL) {
+ ERROR("Non-secure transfer list initialisation failed!\n");
+ panic();
+ }
+
+ te = transfer_list_find(secure_tl, TL_TAG_FDT);
+ if (te != NULL) {
+ te = transfer_list_add(ns_tl, TL_TAG_FDT, te->data_size,
+ (void *)transfer_list_entry_data(te));
+ if (te == NULL) {
+ ERROR("Failed to relocate device tree into non-secure memory.\n");
+ panic();
+ }
+ }
+
+ transfer_list_set_handoff_args(ns_tl, &bl33_image_ep_info);
+#endif
/*
* Do initial security configuration to allow DRAM/device access
@@ -223,6 +277,10 @@
#if USE_COHERENT_MEM
ARM_MAP_BL_COHERENT_RAM,
#endif
+#if TRANSFER_LIST
+ MAP_EL3_FW_HANDOFF,
+ MAP_FW_NS_HANDOFF,
+#endif
{0}
};
diff --git a/plat/arm/common/tsp/arm_tsp.mk b/plat/arm/common/tsp/arm_tsp.mk
index 4ad77c6..d7592df 100644
--- a/plat/arm/common/tsp/arm_tsp.mk
+++ b/plat/arm/common/tsp/arm_tsp.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -8,3 +8,10 @@
BL32_SOURCES += plat/arm/common/arm_topology.c \
plat/arm/common/tsp/arm_tsp_setup.c \
plat/common/aarch64/platform_mp_stack.S
+
+ifeq (${TRANSFER_LIST},1)
+BL32_SOURCES += $(TRANSFER_LIST_SOURCES)
+ifeq (${MEASURED_BOOT},1)
+BL32_SOURCES += $(EVENT_LOG_SOURCES)
+endif
+endif
diff --git a/plat/arm/common/tsp/arm_tsp_setup.c b/plat/arm/common/tsp/arm_tsp_setup.c
index df3488b..d018dee 100644
--- a/plat/arm/common/tsp/arm_tsp_setup.c
+++ b/plat/arm/common/tsp/arm_tsp_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -13,7 +13,11 @@
#include <common/debug.h>
#include <drivers/arm/pl011.h>
#include <drivers/console.h>
+#if TRANSFER_LIST && MEASURED_BOOT
+#include <drivers/measured_boot/event_log/event_log.h>
+#endif
#include <plat/arm/common/plat_arm.h>
+#include <plat/common/platform.h>
/* Weak definitions may be overridden in specific ARM standard platform */
#pragma weak tsp_early_platform_setup
@@ -25,13 +29,32 @@
BL32_END - BL32_BASE, \
MT_MEMORY | MT_RW | MT_SECURE)
+#define MAP_FW_HANDOFF MAP_REGION_FLAT( \
+ PLAT_ARM_EL3_FW_HANDOFF_BASE, \
+ PLAT_ARM_FW_HANDOFF_SIZE, \
+ MT_MEMORY | MT_RO | MT_SECURE)
+
+struct transfer_list_header *secure_tl __unused;
+
/*******************************************************************************
* Initialize the UART
******************************************************************************/
static console_t arm_tsp_runtime_console;
-void arm_tsp_early_platform_setup(void)
+void arm_tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
+#if TRANSFER_LIST
+ secure_tl = (struct transfer_list_header *)arg3;
+ assert(secure_tl != NULL);
+
+ if (transfer_list_check_header(secure_tl) == TL_OPS_NON) {
+ ERROR("Invalid transfer list received");
+ transfer_list_dump(secure_tl);
+ panic();
+ }
+#endif
+
/*
* Initialize a different console than already in use to display
* messages from TSP
@@ -40,16 +63,18 @@
PLAT_ARM_TSP_UART_CLK_IN_HZ,
ARM_CONSOLE_BAUDRATE,
&arm_tsp_runtime_console);
- if (rc == 0)
+ if (rc == 0) {
panic();
+ }
console_set_scope(&arm_tsp_runtime_console,
CONSOLE_FLAG_BOOT | CONSOLE_FLAG_RUNTIME);
}
-void tsp_early_platform_setup(void)
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
- arm_tsp_early_platform_setup();
+ arm_tsp_early_platform_setup(arg0, arg1, arg2, arg3);
}
/*******************************************************************************
@@ -57,7 +82,26 @@
******************************************************************************/
void tsp_platform_setup(void)
{
- plat_arm_gic_driver_init();
+ struct transfer_list_entry *te __unused;
+
+ /*
+ * On GICv2 the driver must be initialised before calling the plat_ic_*
+ * functions as they need the data structures. Higher versions don't.
+ */
+#if USE_GIC_DRIVER == 2
+ gic_init(plat_my_core_pos());
+#endif
+
+#if TRANSFER_LIST && MEASURED_BOOT
+ te = transfer_list_find(secure_tl, TL_TAG_TPM_EVLOG);
+ assert(te != NULL);
+
+ /*
+ * Note the actual log is offset 4-bytes from the start of entry data, the
+ * first bytes are reserved.
+ */
+ event_log_dump(transfer_list_entry_data(te) + U(4), te->data_size - U(4));
+#endif
}
/*******************************************************************************
@@ -74,6 +118,9 @@
const mmap_region_t bl_regions[] = {
MAP_BL_TSP_TOTAL,
ARM_MAP_BL_RO,
+#if TRANSFER_LIST
+ MAP_FW_HANDOFF,
+#endif
{0}
};
diff --git a/plat/arm/css/common/css_bl2_setup.c b/plat/arm/css/common/css_bl2_setup.c
index 1e055c5..995ef78 100644
--- a/plat/arm/css/common/css_bl2_setup.c
+++ b/plat/arm/css/common/css_bl2_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -56,7 +56,7 @@
void bl2_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- arm_bl2_early_platform_setup((uintptr_t)arg0, (meminfo_t *)arg1);
+ arm_bl2_early_platform_setup(arg0, arg1, arg2, arg3);
/* Save SCP Boot config before it gets overwritten by SCP_BL2 loading */
scp_boot_config = mmio_read_32(SCP_BOOT_CFG_ADDR);
diff --git a/plat/arm/css/common/css_pm.c b/plat/arm/css/common/css_pm.c
index f8bc542..18882d3 100644
--- a/plat/arm/css/common/css_pm.c
+++ b/plat/arm/css/common/css_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -114,12 +114,6 @@
******************************************************************************/
void css_pwr_domain_on_finish_late(const psci_power_state_t *target_state)
{
- /* Program the gic per-cpu distributor or re-distributor interface */
- plat_arm_gic_pcpu_init();
-
- /* Enable the gic cpu interface */
- plat_arm_gic_cpuif_enable();
-
/* Setup the CPU power down request interrupt for secondary core(s) */
css_setup_cpu_pwr_down_intr();
}
@@ -132,9 +126,6 @@
******************************************************************************/
static void css_power_down_common(const psci_power_state_t *target_state)
{
- /* Prevent interrupts from spuriously waking up this cpu */
- plat_arm_gic_cpuif_disable();
-
/* Cluster is to be turned off, so disable coherency */
if (CSS_CLUSTER_PWR_STATE(target_state) == ARM_LOCAL_STATE_OFF) {
#if PRESERVE_DSU_PMU_REGS
@@ -152,8 +143,6 @@
{
assert(CSS_CORE_PWR_STATE(target_state) == ARM_LOCAL_STATE_OFF);
css_power_down_common(target_state);
- /* ask the GIC not to wake us up */
- plat_arm_gic_redistif_off();
css_scp_off(target_state);
}
@@ -179,7 +168,7 @@
arm_system_pwr_domain_save();
/* Power off the Redistributor after having saved its context */
- plat_arm_gic_redistif_off();
+ gic_pcpu_off(plat_my_core_pos());
}
css_scp_suspend(target_state);
@@ -209,9 +198,6 @@
arm_system_pwr_domain_resume();
css_pwr_domain_on_finisher_common(target_state);
-
- /* Enable the gic cpu interface */
- plat_arm_gic_cpuif_enable();
}
/*******************************************************************************
@@ -352,6 +338,8 @@
int css_reboot_interrupt_handler(uint32_t intr_raw, uint32_t flags,
void *handle, void *cookie)
{
+ unsigned int core_pos = plat_my_core_pos();
+
assert(intr_raw == CSS_CPU_PWR_DOWN_REQ_INTR);
/* Deactivate warm reboot SGI */
@@ -361,8 +349,8 @@
* Disable GIC CPU interface to prevent pending interrupt from waking
* up the AP from WFI.
*/
- plat_arm_gic_cpuif_disable();
- plat_arm_gic_redistif_off();
+ gic_cpuif_disable(core_pos);
+ gic_pcpu_off(core_pos);
psci_pwrdown_cpu_start(PLAT_MAX_PWR_LVL);
diff --git a/plat/common/aarch64/plat_common.c b/plat/common/aarch64/plat_common.c
index ba47b30..4423863 100644
--- a/plat/common/aarch64/plat_common.c
+++ b/plat/common/aarch64/plat_common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -45,18 +45,6 @@
{
}
-/*
- * Helper function for platform_get_pos() when platform compatibility is
- * disabled. This is to enable SPDs using the older platform API to continue
- * to work.
- */
-unsigned int platform_core_pos_helper(unsigned long mpidr)
-{
- int idx = plat_core_pos_by_mpidr(mpidr);
- assert(idx >= 0);
- return idx;
-}
-
#if SDEI_SUPPORT
/*
* Function that handles spurious SDEI interrupts while events are masked.
diff --git a/plat/arm/common/arm_gicv2.c b/plat/common/plat_gicv2_base.c
similarity index 97%
rename from plat/arm/common/arm_gicv2.c
rename to plat/common/plat_gicv2_base.c
index 80a845f..7fe41c2 100644
--- a/plat/arm/common/arm_gicv2.c
+++ b/plat/common/plat_gicv2_base.c
@@ -1,14 +1,13 @@
/*
- * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <platform_def.h>
-
#include <drivers/arm/gicv2.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
+#include <platform_def.h>
/******************************************************************************
* The following functions are defined as weak to allow a platform to override
diff --git a/plat/arm/common/arm_gicv3.c b/plat/common/plat_gicv3_base.c
similarity index 97%
rename from plat/arm/common/arm_gicv3.c
rename to plat/common/plat_gicv3_base.c
index 5becbcd..df05b89 100644
--- a/plat/arm/common/arm_gicv3.c
+++ b/plat/common/plat_gicv3_base.c
@@ -1,11 +1,10 @@
/*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <assert.h>
-#include <platform_def.h>
#include <common/debug.h>
#include <common/interrupt_props.h>
@@ -13,6 +12,7 @@
#include <lib/utils.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
+#include <platform_def.h>
/******************************************************************************
* The following functions are defined as weak to allow a platform to override
@@ -79,7 +79,7 @@
return plat_arm_calc_core_pos(mpidr);
}
-static const gicv3_driver_data_t arm_gic_data __unused = {
+gicv3_driver_data_t arm_gic_data __unused = {
.gicd_base = PLAT_ARM_GICD_BASE,
.gicr_base = 0U,
.interrupt_props = arm_interrupt_props,
diff --git a/plat/imx/imx8m/imx8m_measured_boot.c b/plat/imx/imx8m/imx8m_measured_boot.c
index 159be00..7566403 100644
--- a/plat/imx/imx8m/imx8m_measured_boot.c
+++ b/plat/imx/imx8m/imx8m_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
* Copyright (c) 2022, Linaro.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -78,7 +78,7 @@
/* Ensure that the Event Log is visible in Non-secure memory */
flush_dcache_range(ns_log_addr, event_log_cur_size);
- dump_event_log((uint8_t *)event_log, event_log_cur_size);
+ event_log_dump((uint8_t *)event_log, event_log_cur_size);
}
int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
diff --git a/plat/imx/imx8m/imx8mp/platform.mk b/plat/imx/imx8m/imx8mp/platform.mk
index 98b99d1..c848cae 100644
--- a/plat/imx/imx8m/imx8mp/platform.mk
+++ b/plat/imx/imx8m/imx8mp/platform.mk
@@ -149,6 +149,7 @@
ERRATA_A53_835769 := 1
ERRATA_A53_843419 := 1
ERRATA_A53_855873 := 1
+ERRATA_A53_1530924 := 1
IMX_DRAM_RETENTION ?= 1
$(eval $(call assert_boolean,IMX_DRAM_RETENTION))
diff --git a/plat/intel/soc/agilex/bl31_plat_setup.c b/plat/intel/soc/agilex/bl31_plat_setup.c
index 4c10e7b..a3c3545 100644
--- a/plat/intel/soc/agilex/bl31_plat_setup.c
+++ b/plat/intel/soc/agilex/bl31_plat_setup.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2019-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -175,6 +175,16 @@
mmio_write_64(PLAT_CPU_RELEASE_ADDR,
(uint64_t)plat_secondary_cpus_bl31_entry);
+#if SIP_SVC_V3
+ /*
+ * Re-initialize the mailbox to include V3 specific routines.
+ * In V3, this re-initialize is required because prior to BL31, U-Boot
+ * SPL has its own mailbox settings and this initialization will
+ * override to those settings as required by the V3 framework.
+ */
+ mailbox_init();
+#endif
+
mailbox_hps_stage_notify(HPS_EXECUTION_STATE_SSBL);
}
diff --git a/plat/intel/soc/agilex5/bl31_plat_setup.c b/plat/intel/soc/agilex5/bl31_plat_setup.c
index 20701a4..9cf1e11 100644
--- a/plat/intel/soc/agilex5/bl31_plat_setup.c
+++ b/plat/intel/soc/agilex5/bl31_plat_setup.c
@@ -177,6 +177,17 @@
gicv3_distif_init();
gicv3_rdistif_init(plat_my_core_pos());
gicv3_cpuif_enable(plat_my_core_pos());
+
+#if SIP_SVC_V3
+ /*
+ * Re-initialize the mailbox to include V3 specific routines.
+ * In V3, this re-initialize is required because prior to BL31, U-Boot
+ * SPL has its own mailbox settings and this initialization will
+ * override to those settings as required by the V3 framework.
+ */
+ mailbox_init();
+#endif
+
mailbox_hps_stage_notify(HPS_EXECUTION_STATE_SSBL);
}
diff --git a/plat/intel/soc/common/include/platform_def.h b/plat/intel/soc/common/include/platform_def.h
index e2efeb1..6325d35 100644
--- a/plat/intel/soc/common/include/platform_def.h
+++ b/plat/intel/soc/common/include/platform_def.h
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -207,6 +207,9 @@
#define MAX_IO_DEVICES 4
#define MAX_IO_BLOCK_DEVICES 2
+/* Define this, to support the SiPSVC V3 implementation. */
+#define SIP_SVC_V3 1
+
#ifndef __ASSEMBLER__
struct socfpga_bl31_params {
param_header_t h;
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index 6bb70e0..f92678f 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2020-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -88,12 +89,22 @@
#define FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE 52U
#define FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE 29U
-#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U
-#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U
-#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07
-#define FCS_CRYPTO_ECB_MODE 0x00
-#define FCS_CRYPTO_CBC_MODE 0x01
-#define FCS_CRYPTO_CTR_MODE 0x02
+#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U
+#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U
+#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07
+#define FCS_CRYPTO_ECB_MODE 0x00
+#define FCS_CRYPTO_CBC_MODE 0x01
+#define FCS_CRYPTO_CTR_MODE 0x02
+#define FCS_CRYPTO_GCM_MODE 0x03
+#define FCS_CRYPTO_GCM_GHASH_MODE 0x04
+
+#define FCS_HKDF_REQUEST_DATA_SIZE 512U
+#define FCS_HKDF_KEY_OBJ_MAX_SIZE 352U
+#define FCS_HKDF_KEY_DATA_SIZE 168U
+#define FCS_HKDF_STEP0_1_KEY_OBJ_SIZE_BITS 384U
+#define FCS_HKDF_STEP2_KEY_OBJ_SIZE_BITS 256U
+#define FCS_HKDF_INPUT_BLOCK_SIZE 80U
+#define FCS_HKDF_SHA2_384_KEY_DATA_SIZE 48U
/* FCS Payload Structure */
typedef struct fcs_rng_payload_t {
@@ -183,10 +194,12 @@
uint32_t *mbox_error);
int intel_fcs_random_number_gen_ext(uint32_t session_id, uint32_t context_id,
uint32_t size, uint32_t *send_id);
-uint32_t intel_fcs_send_cert(uint64_t addr, uint64_t size,
+uint32_t intel_fcs_send_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint64_t addr, uint64_t size,
uint32_t *send_id);
uint32_t intel_fcs_get_provision_data(uint32_t *send_id);
-uint32_t intel_fcs_cntr_set_preauth(uint8_t counter_type,
+uint32_t intel_fcs_cntr_set_preauth(uint32_t smc_fid, uint32_t trans_id,
+ uint8_t counter_type,
int32_t counter_value,
uint32_t test_bit,
uint32_t *mbox_error);
@@ -198,14 +211,18 @@
uint32_t dst_addr, uint32_t dst_size,
uint32_t *send_id);
-int intel_fcs_encryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_encryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint32_t dst_addr, uint32_t *dst_size,
- uint32_t *mbox_error);
-int intel_fcs_decryption_ext(uint32_t sesion_id, uint32_t context_id,
+ uint32_t *mbox_error, uint32_t smmu_src_addr,
+ uint32_t smmu_dst_addr);
+int intel_fcs_decryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t sesion_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint32_t dst_addr, uint32_t *dst_size,
- uint32_t *mbox_error);
+ uint32_t *mbox_error, uint64_t owner_id,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr);
int intel_fcs_sigma_teardown(uint32_t session_id, uint32_t *mbox_error);
int intel_fcs_chip_id(uint32_t *id_low, uint32_t *id_high, uint32_t *mbox_error);
@@ -218,9 +235,10 @@
uint32_t intel_fcs_get_rom_patch_sha384(uint64_t addr, uint64_t *ret_size,
uint32_t *mbox_error);
-int intel_fcs_create_cert_on_reload(uint32_t cert_request,
- uint32_t *mbox_error);
-int intel_fcs_get_attestation_cert(uint32_t cert_request, uint64_t dst_addr,
+int intel_fcs_create_cert_on_reload(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint32_t *mbox_error);
+int intel_fcs_get_attestation_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint64_t dst_addr,
uint32_t *dst_size, uint32_t *mbox_error);
int intel_fcs_open_crypto_service_session(uint32_t *session_id,
@@ -242,10 +260,12 @@
int intel_fcs_get_digest_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_get_digest_update_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_get_digest_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
- uint8_t is_finalised, uint32_t *mbox_error);
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t smmu_src_addr);
int intel_fcs_get_digest_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
@@ -255,11 +275,12 @@
int intel_fcs_mac_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_mac_verify_update_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_mac_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t data_size, uint8_t is_finalised,
- uint32_t *mbox_error);
+ uint32_t *mbox_error, uint64_t smmu_src_addr);
int intel_fcs_mac_verify_smmu_update_finalize(uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
@@ -269,7 +290,8 @@
int intel_fcs_ecdsa_hash_sign_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_hash_sign_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sign_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -277,7 +299,8 @@
int intel_fcs_ecdsa_hash_sig_verify_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -286,11 +309,12 @@
uint32_t context_id, uint32_t key_id,
uint32_t param_size, uint64_t param_data,
uint32_t *mbox_error);
-int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint64_t smmu_src_addr);
int intel_fcs_ecdsa_sha2_data_sign_smmu_update_finalize(uint32_t session_id,
uint32_t context_id, uint32_t src_addr,
uint32_t src_size, uint64_t dst_addr,
@@ -301,11 +325,12 @@
uint32_t context_id, uint32_t key_id,
uint32_t param_size, uint64_t param_data,
uint32_t *mbox_error);
-int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error);
+int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr);
int intel_fcs_ecdsa_sha2_data_sig_verify_smmu_update_finalize(uint32_t session_id,
uint32_t context_id, uint32_t src_addr,
uint32_t src_size, uint64_t dst_addr,
@@ -316,14 +341,16 @@
int intel_fcs_ecdsa_get_pubkey_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
int intel_fcs_ecdh_request_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint32_t param_size,
uint64_t param_data, uint32_t *mbox_error);
-int intel_fcs_ecdh_request_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdh_request_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error);
@@ -331,10 +358,16 @@
int intel_fcs_aes_crypt_init(uint32_t session_id, uint32_t context_id,
uint32_t key_id, uint64_t param_addr,
uint32_t param_size, uint32_t *mbox_error);
-int intel_fcs_aes_crypt_update_finalize(uint32_t session_id,
- uint32_t context_id, uint64_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t dst_size, uint8_t is_finalised,
- uint32_t *send_id);
+int intel_fcs_aes_crypt_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint64_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t dst_size,
+ uint32_t aad_size, uint8_t is_finalised,
+ uint32_t *send_id, uint64_t smmu_src_addr,
+ uint64_t smmu_dst_addr);
+int intel_fcs_hkdf_request(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t step_type,
+ uint32_t mac_mode, uint32_t src_addr,
+ uint32_t key_uid, uint32_t op_key_size);
#endif /* SOCFPGA_FCS_H */
diff --git a/plat/intel/soc/common/include/socfpga_mailbox.h b/plat/intel/soc/common/include/socfpga_mailbox.h
index e27af21..f965b7d 100644
--- a/plat/intel/soc/common/include/socfpga_mailbox.h
+++ b/plat/intel/soc/common/include/socfpga_mailbox.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -23,20 +23,22 @@
#define MBOX_TEST_BIT BIT(31)
/* Mailbox Shared Memory Register Map */
-#define MBOX_CIN 0x00
-#define MBOX_ROUT 0x04
-#define MBOX_URG 0x08
-#define MBOX_INT 0x0C
-#define MBOX_COUT 0x20
-#define MBOX_RIN 0x24
-#define MBOX_STATUS 0x2C
-#define MBOX_CMD_BUFFER 0x40
-#define MBOX_RESP_BUFFER 0xC0
+#define MBOX_CIN 0x00 /* Command valid offset, to SDM */
+#define MBOX_ROUT 0x04 /* Response output offset, to SDM */
+#define MBOX_URG 0x08 /* Urgent command, to SDM */
+#define MBOX_INT 0x0C /* Interrupt enables, to SDM */
+/* 0x10 - 0x1F, Reserved */
-/* Mailbox SDM doorbell */
-#define MBOX_DOORBELL_TO_SDM 0x400
-#define MBOX_DOORBELL_FROM_SDM 0x480
+#define MBOX_COUT 0x20 /* Command free offset, from SDM */
+#define MBOX_RIN 0x24 /* Response valid offset, from SDM */
+#define MBOX_STATUS 0x2C /* Mailbox status from SDM to client */
+/* 0x30 - 0x3F, Reserved */
+#define MBOX_CMD_BUFFER 0x40 /* Circular buffer, cmds to SDM */
+#define MBOX_RESP_BUFFER 0xC0 /* Circular buffer, resp from SDM */
+
+#define MBOX_DOORBELL_TO_SDM 0x400 /* Doorbell from HPS to SDM */
+#define MBOX_DOORBELL_FROM_SDM 0x480 /* Doorbell from SDM to HPS */
/* Mailbox commands */
@@ -61,12 +63,15 @@
#define MBOX_HWMON_READVOLT 0x18
#define MBOX_HWMON_READTEMP 0x19
-
/* QSPI Commands */
#define MBOX_CMD_QSPI_OPEN 0x32
#define MBOX_CMD_QSPI_CLOSE 0x33
#define MBOX_CMD_QSPI_SET_CS 0x34
+#define MBOX_CMD_QSPI_ERASE 0x38
+#define MBOX_CMD_QSPI_WRITE 0x39
+#define MBOX_CMD_QSPI_READ 0x3A
#define MBOX_CMD_QSPI_DIRECT 0x3B
+#define MBOX_CMD_QSPI_GET_DEV_INFO 0x74
/* SEU Commands */
#define MBOX_CMD_SEU_ERR_READ 0x3C
@@ -94,12 +99,14 @@
#define MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY 0x87
#define MBOX_FCS_ECDSA_GET_PUBKEY 0x88
#define MBOX_FCS_ECDH_REQUEST 0x89
+#define MBOX_FCS_HKDF_REQUEST 0x8B
#define MBOX_FCS_OPEN_CS_SESSION 0xA0
#define MBOX_FCS_CLOSE_CS_SESSION 0xA1
#define MBOX_FCS_IMPORT_CS_KEY 0xA5
#define MBOX_FCS_EXPORT_CS_KEY 0xA6
#define MBOX_FCS_REMOVE_CS_KEY 0xA7
#define MBOX_FCS_GET_CS_KEY_INFO 0xA8
+#define MBOX_FCS_CREATE_CS_KEY 0xA9
/* PSG SIGMA Commands */
#define MBOX_PSG_SIGMA_TEARDOWN 0xD5
@@ -111,7 +118,9 @@
#define MBOX_GET_MEASUREMENT 0x183
/* Miscellaneous commands */
+#define MBOX_CMD_MCTP_MSG 0x194
#define MBOX_GET_ROM_PATCH_SHA384 0x1B0
+#define MBOX_CMD_GET_DEVICEID 0x500
/* Mailbox Definitions */
@@ -120,6 +129,18 @@
#define CMD_CASUAL 0
#define CMD_URGENT 1
+/* Mailbox command flags and related macros */
+#define MBOX_CMD_FLAG_DIRECT BIT(0)
+#define MBOX_CMD_FLAG_INDIRECT BIT(1)
+#define MBOX_CMD_FLAG_CASUAL BIT(2)
+#define MBOX_CMD_FLAG_URGENT BIT(3)
+
+#define MBOX_CMD_FLAG_CASUAL_INDIRECT (MBOX_CMD_FLAG_CASUAL | \
+ MBOX_CMD_FLAG_INDIRECT)
+
+#define IS_CMD_SET(cmd, _type) ((((cmd) & MBOX_CMD_FLAG_##_type) != 0) ? \
+ 1 : 0)
+
#define MBOX_WORD_BYTE 4U
#define MBOX_RESP_BUFFER_SIZE 16
#define MBOX_CMD_BUFFER_SIZE 32
@@ -171,22 +192,25 @@
+ MBOX_WORD_BYTE * (ptr))
/* Mailbox interrupt flags and masks */
-#define MBOX_INT_FLAG_COE 0x1
-#define MBOX_INT_FLAG_RIE 0x2
-#define MBOX_INT_FLAG_UAE 0x100
-#define MBOX_COE_BIT(INTERRUPT) ((INTERRUPT) & 0x3)
-#define MBOX_UAE_BIT(INTERRUPT) (((INTERRUPT) & (1<<8)))
+#define MBOX_INT_FLAG_COE BIT(0) /* COUT update interrupt enable */
+#define MBOX_INT_FLAG_RIE BIT(1) /* RIN update interrupt enable */
+#define MBOX_INT_FLAG_UAE BIT(8) /* Urgent ACK interrupt enable */
+
+#define MBOX_COE_BIT(INTERRUPT) ((INTERRUPT) & MBOX_INT_FLAG_COE)
+#define MBOX_RIE_BIT(INTERRUPT) ((INTERRUPT) & MBOX_INT_FLAG_RIE)
+#define MBOX_UAE_BIT(INTERRUPT) ((INTERRUPT) & MBOX_INT_FLAG_UAE)
/* Mailbox response and status */
#define MBOX_RESP_ERR(BUFFER) ((BUFFER) & 0x000007ff)
#define MBOX_RESP_LEN(BUFFER) (((BUFFER) & 0x007ff000) >> 12)
#define MBOX_RESP_CLIENT_ID(BUFFER) (((BUFFER) & 0xf0000000) >> 28)
#define MBOX_RESP_JOB_ID(BUFFER) (((BUFFER) & 0x0f000000) >> 24)
+#define MBOX_RESP_TRANSACTION_ID(BUFFER) (((BUFFER) & 0xff000000) >> 24)
#define MBOX_STATUS_UA_MASK (1<<8)
/* Mailbox command and response */
#define MBOX_CLIENT_ID_CMD(CLIENT_ID) ((CLIENT_ID) << 28)
-#define MBOX_JOB_ID_CMD(JOB_ID) (JOB_ID<<24)
+#define MBOX_JOB_ID_CMD(JOB_ID) (JOB_ID << 24)
#define MBOX_CMD_LEN_CMD(CMD_LEN) ((CMD_LEN) << 12)
#define MBOX_INDIRECT(val) ((val) << 11)
#define MBOX_CMD_MASK(header) ((header) & 0x7ff)
@@ -204,6 +228,17 @@
#define CONFIG_STATUS_FW_VER_OFFSET 1
#define CONFIG_STATUS_FW_VER_MASK 0x00FFFFFF
+/* QSPI mailbox command macros */
+#define MBOX_QSPI_SET_CS_OFFSET (28)
+#define MBOX_QSPI_SET_CS_MODE_OFFSET (27)
+#define MBOX_QSPI_SET_CS_CA_OFFSET (26)
+#define MBOX_QSPI_ERASE_SIZE_GRAN (0x400)
+
+#define MBOX_4K_ALIGNED_MASK (0xFFF)
+#define MBOX_IS_4K_ALIGNED(x) ((x) & MBOX_4K_ALIGNED_MASK)
+#define MBOX_IS_WORD_ALIGNED(x) (!((x) & 0x3))
+#define MBOX_QSPI_RW_MAX_WORDS (0x1000)
+
/* Data structure */
typedef struct mailbox_payload {
@@ -264,4 +299,107 @@
int mailbox_send_fpga_config_comp(void);
+#if SIP_SVC_V3
+#define MBOX_CLIENT_ID_SHIFT (28)
+#define MBOX_JOB_ID_SHIFT (24)
+#define MBOX_CMD_LEN_SHIFT (12)
+#define MBOX_INDIRECT_SHIFT (11)
+
+#define MBOX_FRAME_CMD_HEADER(client_id, job_id, args_len, indirect, cmd)\
+ ((client_id << MBOX_CLIENT_ID_SHIFT) | \
+ (job_id << MBOX_JOB_ID_SHIFT) | \
+ (args_len << MBOX_CMD_LEN_SHIFT) | \
+ (indirect << MBOX_CMD_LEN_SHIFT) | \
+ cmd)
+
+#define FLAG_SDM_RESPONSE_IS_VALID BIT(0)
+#define FLAG_SDM_RESPONSE_IS_USED BIT(1)
+#define FLAG_SDM_RESPONSE_IS_IN_PROGRESS BIT(2)
+#define FLAG_SDM_RESPONSE_IS_POLL_ON_INTR BIT(3)
+
+/*
+ * TODO: Re-visit this queue size based on the system load.
+ * 4 bits for client ID and 4 bits for job ID, total 8 bits and we can have up to
+ * 256 transactions. We can tune this based on our system load at any given time
+ */
+#define MBOX_SVC_CMD_QUEUE_SIZE (32)
+#define MBOX_SVC_RESP_QUEUE_SIZE (32)
+#define MBOX_SVC_MAX_JOB_ID (16)
+#define MBOX_SVC_CMD_ARG_SIZE (2)
+#define MBOX_SVC_CMD_IS_USED BIT(0)
+#define MBOX_SVC_CMD_CB_ARGS_SIZE (4)
+#define MBOX_SVC_MAX_CLIENTS (16)
+#define MBOX_SVC_MAX_RESP_DATA_SIZE (32)
+#define MBOX_SVC_SMC_RET_MAX_SIZE (8)
+
+/* Client ID(4bits) + Job ID(4bits) = Transcation ID(TID - 8bits, 256 combinations) */
+#define MBOX_MAX_TIDS (256)
+/* Each transcation ID bitmap holds 64bits */
+#define MBOX_TID_BITMAP_SIZE (sizeof(uint64_t) * 8)
+/* Number of transcation ID bitmaps required to hold 256 combinations */
+#define MBOX_MAX_TIDS_BITMAP (MBOX_MAX_TIDS / MBOX_TID_BITMAP_SIZE)
+
+/* SDM Response State (SRS) enums */
+typedef enum sdm_resp_state {
+ SRS_WAIT_FOR_RESP = 0x00U,
+ SRS_WAIT_FOR_HEADER,
+ SRS_WAIT_FOR_ARGUMENTS,
+ SRS_SYNC_ERROR
+} sdm_resp_state_t;
+
+/* SDM response data structure */
+typedef struct sdm_response {
+ bool is_poll_intr;
+ uint8_t client_id;
+ uint8_t job_id;
+ uint16_t resp_len;
+ uint16_t err_code;
+ uint32_t flags;
+ uint32_t header;
+ uint16_t rcvd_resp_len;
+ uint32_t resp_data[MBOX_SVC_MAX_RESP_DATA_SIZE];
+} sdm_response_t;
+
+/* SDM client callback template */
+typedef uint8_t (*sdm_command_callback)(void *resp, void *cmd,
+ uint32_t *ret_args);
+
+/* SDM command data structure */
+typedef struct sdm_command {
+ uint8_t client_id;
+ uint8_t job_id;
+ uint32_t flags;
+ sdm_command_callback cb;
+ uint32_t *cb_args;
+ uint8_t cb_args_len;
+} sdm_command_t;
+
+/* Get the transcation ID from client ID and job ID. */
+#define MBOX_GET_TRANS_ID(cid, jib) (((cid) << 4) | (jib))
+
+/* Mailbox service data structure */
+typedef struct mailbox_service {
+ sdm_resp_state_t resp_state;
+ sdm_resp_state_t next_resp_state;
+ uint32_t flags;
+ int curr_di;
+ uint64_t received_bitmap[MBOX_MAX_TIDS_BITMAP];
+ uint64_t interrupt_bitmap[MBOX_MAX_TIDS_BITMAP];
+ sdm_command_t cmd_queue[MBOX_SVC_CMD_QUEUE_SIZE];
+ sdm_response_t resp_queue[MBOX_SVC_RESP_QUEUE_SIZE];
+} mailbox_service_t;
+
+int mailbox_send_cmd_async_v3(uint8_t client_id, uint8_t job_id, uint32_t cmd,
+ uint32_t *args, uint32_t args_len, uint8_t cmd_flag,
+ sdm_command_callback cb, uint32_t *cb_args,
+ uint32_t cb_args_len);
+
+int mailbox_response_poll_v3(uint8_t client_id, uint8_t job_id, uint32_t *ret_args,
+ uint32_t *ret_args_size);
+
+int mailbox_response_poll_on_intr_v3(uint8_t *client_id, uint8_t *job_id,
+ uint64_t *bitmap);
+
+#endif /* #if SIP_SVC_V3 */
+
#endif /* SOCFPGA_MBOX_H */
diff --git a/plat/intel/soc/common/include/socfpga_ros.h b/plat/intel/soc/common/include/socfpga_ros.h
index 10cabd3..62a9fe8 100644
--- a/plat/intel/soc/common/include/socfpga_ros.h
+++ b/plat/intel/soc/common/include/socfpga_ros.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2024, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -40,8 +41,8 @@
#define SPT_MIN_PARTITIONS (9U)
#define FACTORY_IMAGE "FACTORY_IMAGE"
-#define FACTORY_SSBL "FACTORY_IM.SSBL"
-#define SSBL_SUFFIX ".SSBL"
+#define FACTORY_SSBL "SSBL.FACTORY_IM"
+#define SSBL_PREFIX "SSBL."
typedef struct {
const uint32_t magic_number;
@@ -55,7 +56,7 @@
const uint32_t length;
const uint32_t flags;
} partition[SPT_MAX_PARTITIONS];
-} __packed spt_table_t;
+} __packed __aligned(4) spt_table_t;
uint32_t ros_qspi_get_ssbl_offset(unsigned long *offset);
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index fc667cc..7f96adb 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -26,6 +26,10 @@
#define INTEL_SIP_SMC_CMD_V2_RANGE_BEGIN 0x400
#define INTEL_SIP_SMC_CMD_V2_RANGE_END 0x4FF
+/* SiP V3 command code range */
+#define INTEL_SIP_SMC_CMD_V3_RANGE_BEGIN 0x00C8
+#define INTEL_SIP_SMC_CMD_V3_RANGE_END 0x01F4
+
/* SiP V2 protocol header */
#define INTEL_SIP_SMC_HEADER_JOB_ID_MASK 0xF
#define INTEL_SIP_SMC_HEADER_JOB_ID_OFFSET 0U
@@ -189,11 +193,11 @@
/*
* Increase if there is any backward compatibility impact
*/
-#define SIP_SVC_VERSION_MAJOR 2
+#define SIP_SVC_VERSION_MAJOR 3
/*
* Increase if there is new SMC function ID being added
*/
-#define SIP_SVC_VERSION_MINOR 2
+#define SIP_SVC_VERSION_MINOR 1
/* Structure Definitions */
@@ -243,4 +247,103 @@
void *handle,
u_register_t flags);
+
+#if SIP_SVC_V3
+#define SMC_RET_ARGS_ONE (1)
+#define SMC_RET_ARGS_TWO (2)
+#define SMC_RET_ARGS_THREE (3)
+#define SMC_RET_ARGS_FOUR (4)
+#define SMC_RET_ARGS_FIVE (5)
+#define SMC_RET_ARGS_SIX (6)
+
+/*
+ * SiP SVC Version3 SMC Functions IDs
+ */
+
+/* Generic response POLL commands */
+#define ALTERA_SIP_SMC_ASYNC_RESP_POLL (0x420000C8)
+#define ALTERA_SIP_SMC_ASYNC_RESP_POLL_ON_INTR (0x420000C9)
+
+/* QSPI related commands */
+#define ALTERA_SIP_SMC_ASYNC_QSPI_OPEN (0x420000CC)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_CLOSE (0x420000CD)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_SET_CS (0x420000CE)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_ERASE (0x420000CF)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_WRITE (0x420000D0)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_READ (0x420000D1)
+#define ALTERA_SIP_SMC_ASYNC_GET_DEVICE_IDENTITY (0x420000D2)
+#define ALTERA_SIP_SMC_ASYNC_GET_IDCODE (0x420000D3)
+#define ALTERA_SIP_SMC_ASYNC_QSPI_GET_DEV_INFO (0x420000D4)
+
+#define ALTERA_SIP_SMC_ASYNC_HWMON_READTEMP (0x420000E8)
+#define ALTERA_SIP_SMC_ASYNC_HWMON_READVOLT (0x420000E9)
+
+/* FCS crypto service VAB/SDOS commands */
+#define ALTERA_SIP_SMC_ASYNC_FCS_RANDOM_NUMBER (0x4200012C)
+#define ALTERA_SIP_SMC_ASYNC_FCS_RANDOM_NUMBER_EXT (0x4200012D)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION (0x4200012E)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT (0x4200012F)
+#define ALTERA_SIP_SMC_ASYNC_FCS_SERVICE_REQUEST (0x42000130)
+#define ALTERA_SIP_SMC_ASYNC_FCS_SEND_CERTIFICATE (0x42000131)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_PROVISION_DATA (0x42000132)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CNTR_SET_PREAUTH (0x42000133)
+#define ALTERA_SIP_SMC_ASYNC_FCS_PSGSIGMA_TEARDOWN (0x42000134)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CHIP_ID (0x42000135)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ATTESTATION_SUBKEY (0x42000136)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ATTESTATION_MEASUREMENTS (0x42000137)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_ATTESTATION_CERT (0x42000138)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CERT_ON_RELOAD (0x42000139)
+
+/* FCS crypto service session management commands */
+#define ALTERA_SIP_SMC_ASYNC_FCS_OPEN_CS_SESSION (0x4200013A)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CLOSE_CS_SESSION (0x4200013B)
+
+/* FCS crypto service key management commands */
+#define ALTERA_SIP_SMC_ASYNC_FCS_IMPORT_CS_KEY (0x4200013C)
+#define ALTERA_SIP_SMC_ASYNC_FCS_EXPORT_CS_KEY (0x4200013D)
+#define ALTERA_SIP_SMC_ASYNC_FCS_REMOVE_CS_KEY (0x4200013E)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_CS_KEY_INFO (0x4200013F)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CS_KEY (0x42000167)
+
+/* FCS crypto service primitive commands */
+#define ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_INIT (0x42000140)
+#define ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_UPDATE (0x42000141)
+#define ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE (0x42000142)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_INIT (0x42000143)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_UPDATE (0x42000144)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE (0x42000145)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_SMMU_UPDATE (0x42000146)
+#define ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_SMMU_FINALIZE (0x42000147)
+#define ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_INIT (0x42000148)
+#define ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_UPDATE (0x42000149)
+#define ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE (0x4200014A)
+#define ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_SMMU_UPDATE (0x4200014B)
+#define ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_SMMU_FINALIZE (0x4200014C)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_INIT (0x4200014D)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_FINALIZE (0x4200014E)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_INIT (0x4200014F)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE (0x42000150)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE (0x42000151)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_UPDATE (0x42000152)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_FINALIZE (0x42000153)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_INIT (0x42000154)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE (0x42000155)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT (0x42000156)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE (0x42000157)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE (0x42000158)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_UPDATE (0x42000159)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_FINALIZE (0x4200015A)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_INIT (0x42000160)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_FINALIZE (0x42000161)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_INIT (0x42000162)
+#define ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE (0x42000163)
+#define ALTERA_SIP_SMC_ASYNC_FCS_SDM_REMAPPER_CONFIG (0x42000164)
+#define ALTERA_SIP_SMC_ASYNC_MCTP_MSG (0x42000165)
+#define ALTERA_SIP_SMC_ASYNC_FCS_HKDF_REQUEST (0x42000166)
+#define ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CS_KEY (0x42000167)
+
+#define GET_CLIENT_ID(x) (((x) & 0xF0) >> 4)
+#define GET_JOB_ID(x) ((x) & 0x0F)
+#endif /* SIP_SVC_V3 */
+
#endif /* SOCFPGA_SIP_SVC_H */
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index 91df934..b9c7b59 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -1,13 +1,15 @@
/*
* Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <arch_helpers.h>
+#include <common/debug.h>
#include <lib/mmio.h>
+#include "socfpga_plat_def.h"
#include "socfpga_fcs.h"
#include "socfpga_mailbox.h"
#include "socfpga_sip_svc.h"
@@ -23,6 +25,267 @@
static fcs_crypto_service_data fcs_ecdsa_get_pubkey_param;
static fcs_crypto_service_data fcs_ecdh_request_param;
+uint8_t fcs_send_cert_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, status_word %d\n",
+ __func__, resp->err_code, resp->resp_data[0]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cntr_set_preauth_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x\n", __func__, resp->err_code);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_get_attest_cert_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_hkdf_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+
+ INFO("MBOX: %s: mbox_err 0x%x, hkdf_status 0x%x\n", __func__,
+ resp->err_code, resp->resp_data[0]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_create_cert_reload_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x\n", __func__, resp->err_code);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_get_digest_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_mac_verify_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d, verify_result 0x%x\n",
+ __func__, resp->err_code,
+ resp->rcvd_resp_len * MBOX_WORD_BYTE,
+ resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_hash_sign_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, len_words %d\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_hash_sig_verify_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, [3] 0x%x\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_aes_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_data_sign_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %d\n", __func__,
+ resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_sdos_crypto_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0x%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->resp_data[3]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ /* Encrypted/Decrypted data size written to the destination buffer */
+ ret_args[ret_args_len++] = resp->resp_data[3];
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_get_public_key_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret %u\n",
+ __func__, resp->err_code,
+ resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_data_sig_verify_req_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mbox_err 0x%x, nbytes_ret 0x%x\n",
+ __func__, resp->err_code, resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t fcs_cs_ecdh_request_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: [0] 0%x, [1] 0x%x, [2] 0x%x, len_words %d\n",
+ __func__, resp->resp_data[0], resp->resp_data[1],
+ resp->resp_data[2], resp->rcvd_resp_len);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
bool is_size_4_bytes_aligned(uint32_t size)
{
if ((size % MBOX_WORD_BYTE) != 0U) {
@@ -155,7 +418,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-uint32_t intel_fcs_send_cert(uint64_t addr, uint64_t size,
+uint32_t intel_fcs_send_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint64_t addr, uint64_t size,
uint32_t *send_id)
{
int status;
@@ -168,7 +432,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd_async(send_id, MBOX_CMD_VAB_SRC_CERT,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_SEND_CERTIFICATE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_CMD_VAB_SRC_CERT,
+ (uint32_t *) addr,
+ size / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_send_cert_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd_async(send_id, MBOX_CMD_VAB_SRC_CERT,
(uint32_t *)addr, size / MBOX_WORD_BYTE,
CMD_DIRECT);
@@ -195,7 +469,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-uint32_t intel_fcs_cntr_set_preauth(uint8_t counter_type, int32_t counter_value,
+uint32_t intel_fcs_cntr_set_preauth(uint32_t smc_fid, uint32_t trans_id,
+ uint8_t counter_type, int32_t counter_value,
uint32_t test_bit, uint32_t *mbox_error)
{
int status;
@@ -230,7 +505,18 @@
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_CNTR_SET_PREAUTH,
+
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CNTR_SET_PREAUTH) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_CNTR_SET_PREAUTH,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cntr_set_preauth_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_CNTR_SET_PREAUTH,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, NULL, NULL);
@@ -317,14 +603,18 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_encryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_encryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
- uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error)
+ uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr)
{
int status;
uint32_t payload_size;
uint32_t resp_len = FCS_CRYPTION_RESP_WORD_SIZE;
uint32_t resp_data[FCS_CRYPTION_RESP_WORD_SIZE] = {0U};
+ uint32_t src_addr_sdm = src_addr;
+ uint32_t dst_addr_sdm = dst_addr;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -339,19 +629,35 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = smmu_src_addr;
+ dst_addr_sdm = smmu_dst_addr;
+#endif
+
fcs_encrypt_ext_payload payload = {
session_id,
context_id,
FCS_CRYPTION_CRYPTO_HEADER,
- src_addr,
+ src_addr_sdm,
src_size,
- dst_addr,
+ dst_addr_sdm,
*dst_size
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ENCRYPT_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ENCRYPT_REQ,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_sdos_crypto_request_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ENCRYPT_REQ,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, resp_data, &resp_len);
@@ -371,15 +677,20 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_decryption_ext(uint32_t session_id, uint32_t context_id,
+int intel_fcs_decryption_ext(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
- uint32_t dst_addr, uint32_t *dst_size, uint32_t *mbox_error)
+ uint32_t dst_addr, uint32_t *dst_size,
+ uint32_t *mbox_error, uint64_t owner_id,
+ uint32_t smmu_src_addr, uint32_t smmu_dst_addr)
{
int status;
uintptr_t id_offset;
uint32_t payload_size;
uint32_t resp_len = FCS_CRYPTION_RESP_WORD_SIZE;
uint32_t resp_data[FCS_CRYPTION_RESP_WORD_SIZE] = {0U};
+ uint32_t src_addr_sdm = src_addr;
+ uint32_t dst_addr_sdm = dst_addr;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -394,6 +705,12 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = smmu_src_addr;
+ dst_addr_sdm = smmu_dst_addr;
+#endif
+
inv_dcache_range(src_addr, src_size); /* flush cache before mmio read to avoid reading old values */
id_offset = src_addr + FCS_OWNER_ID_OFFSET;
fcs_decrypt_ext_payload payload = {
@@ -402,15 +719,25 @@
FCS_CRYPTION_CRYPTO_HEADER,
{mmio_read_32(id_offset),
mmio_read_32(id_offset + MBOX_WORD_BYTE)},
- src_addr,
+ src_addr_sdm,
src_size,
- dst_addr,
+ dst_addr_sdm,
*dst_size
};
payload_size = sizeof(payload) / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_DECRYPT_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_DECRYPT_REQ,
+ (uint32_t *) &payload,
+ payload_size,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_sdos_crypto_request_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_DECRYPT_REQ,
(uint32_t *) &payload, payload_size,
CMD_CASUAL, resp_data, &resp_len);
@@ -567,7 +894,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_get_attestation_cert(uint32_t cert_request, uint64_t dst_addr,
+int intel_fcs_get_attestation_cert(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint64_t dst_addr,
uint32_t *dst_size, uint32_t *mbox_error)
{
int status;
@@ -586,7 +914,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_GET_ATTESTATION_CERT,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_ATTESTATION_CERT) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_GET_ATTESTATION_CERT,
+ (uint32_t *) &cert_request,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_get_attest_cert_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_GET_ATTESTATION_CERT,
(uint32_t *) &cert_request, 1U, CMD_CASUAL,
(uint32_t *) dst_addr, &ret_size);
@@ -601,8 +939,8 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_create_cert_on_reload(uint32_t cert_request,
- uint32_t *mbox_error)
+int intel_fcs_create_cert_on_reload(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t cert_request, uint32_t *mbox_error)
{
int status;
@@ -615,7 +953,17 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_CREATE_CERT_ON_RELOAD,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CERT_ON_RELOAD) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_CREATE_CERT_ON_RELOAD,
+ (uint32_t *) &cert_request,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_create_cert_reload_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_CREATE_CERT_ON_RELOAD,
(uint32_t *) &cert_request, 1U, CMD_CASUAL,
NULL, NULL);
@@ -851,11 +1199,12 @@
mbox_error);
}
-int intel_fcs_get_digest_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error)
+int intel_fcs_get_digest_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint32_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -928,12 +1277,29 @@
i++;
}
/* Data source address and size */
+
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = src_size;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_GET_DIGEST_REQ,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_GET_DIGEST_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_get_digest_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_GET_DIGEST_REQ,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &resp_len);
@@ -1061,11 +1427,12 @@
mbox_error);
}
-int intel_fcs_mac_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error)
+int intel_fcs_mac_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -1149,8 +1516,13 @@
<< FCS_SHA_HMAC_CRYPTO_PARAM_SIZE_OFFSET;
i++;
}
+
/* Data source address and size */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = (uint32_t)smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = data_size;
i++;
@@ -1171,7 +1543,18 @@
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_MAC_VERIFY_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_mac_verify_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_MAC_VERIFY_REQ,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &resp_len);
@@ -1336,7 +1719,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_hash_sign_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sign_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -1407,7 +1791,17 @@
i += src_size / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIGN_REQ,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_HASH_SIGN_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_hash_sign_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIGN_REQ,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1435,7 +1829,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_hash_sig_verify_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -1451,8 +1846,8 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
- if (fcs_ecdsa_hash_sig_verify_param.session_id != session_id ||
- fcs_ecdsa_hash_sig_verify_param.context_id != context_id) {
+ if ((fcs_ecdsa_hash_sig_verify_param.session_id != session_id) ||
+ (fcs_ecdsa_hash_sig_verify_param.context_id != context_id)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -1508,7 +1903,18 @@
i += (src_size / MBOX_WORD_BYTE);
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_hash_sig_verify_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_HASH_SIG_VERIFY,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1537,11 +1943,12 @@
mbox_error);
}
-int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint8_t is_finalised,
- uint32_t *mbox_error)
+int intel_fcs_ecdsa_sha2_data_sign_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint8_t is_finalised, uint32_t *mbox_error,
+ uint64_t smmu_src_addr)
{
int status;
int i;
@@ -1608,11 +2015,27 @@
}
/* Data source address and size */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = (uint32_t)smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = src_size;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID,
+
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_data_sign_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
MBOX_FCS_ECDSA_SHA2_DATA_SIGN_REQ, payload,
i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -1737,11 +2160,12 @@
mbox_error);
}
-int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t session_id,
- uint32_t context_id, uint32_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t *dst_size, uint32_t data_size,
- uint8_t is_finalised, uint32_t *mbox_error)
+int intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint32_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t *dst_size,
+ uint32_t data_size, uint8_t is_finalised,
+ uint32_t *mbox_error, uint64_t smmu_src_addr)
{
int status;
uint32_t i;
@@ -1825,7 +2249,12 @@
}
/* Data source address and size */
+ /* On the Agilex5 platform, the SMMU remapped address is used */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ payload[i] = smmu_src_addr;
+#else
payload[i] = src_addr;
+#endif
i++;
payload[i] = data_size;
i++;
@@ -1846,7 +2275,18 @@
i += (src_size - data_size) / MBOX_WORD_BYTE;
}
- status = mailbox_send_cmd(MBOX_JOB_ID,
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_data_sig_verify_req_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
MBOX_FCS_ECDSA_SHA2_DATA_SIGN_VERIFY, payload, i,
CMD_CASUAL, (uint32_t *) dst_addr, &resp_len);
@@ -2010,7 +2450,8 @@
mbox_error);
}
-int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
{
@@ -2054,7 +2495,18 @@
INTEL_SIP_SMC_FCS_ECC_ALGO_MASK;
i++;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDSA_GET_PUBKEY,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDSA_GET_PUBKEY,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_get_public_key_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID,
+ MBOX_FCS_ECDSA_GET_PUBKEY,
payload, i, CMD_CASUAL,
(uint32_t *) dst_addr, &ret_size);
@@ -2082,7 +2534,8 @@
mbox_error);
}
-int intel_fcs_ecdh_request_finalize(uint32_t session_id, uint32_t context_id,
+int intel_fcs_ecdh_request_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
uint32_t src_addr, uint32_t src_size,
uint64_t dst_addr, uint32_t *dst_size,
uint32_t *mbox_error)
@@ -2098,7 +2551,6 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
-
if (fcs_ecdh_request_param.session_id != session_id ||
fcs_ecdh_request_param.context_id != context_id) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -2110,10 +2562,9 @@
}
dst_size_check = *dst_size;
- if ((dst_size_check > FCS_MAX_DATA_SIZE ||
- dst_size_check < FCS_MIN_DATA_SIZE) ||
- (src_size > FCS_MAX_DATA_SIZE ||
- src_size < FCS_MIN_DATA_SIZE)) {
+
+ if ((dst_size_check > FCS_MAX_DATA_SIZE || dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE || src_size < FCS_MIN_DATA_SIZE)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2150,7 +2601,17 @@
(void *) pubkey, src_size / MBOX_WORD_BYTE);
i += src_size / MBOX_WORD_BYTE;
- status = mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDH_REQUEST,
+ status = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_ECDH_REQUEST,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_cs_ecdh_request_cb,
+ (uint32_t *)dst_addr,
+ 2U) :
+ mailbox_send_cmd(MBOX_JOB_ID, MBOX_FCS_ECDH_REQUEST,
payload, i, CMD_CASUAL, (uint32_t *) dst_addr,
&resp_len);
@@ -2189,13 +2650,19 @@
}
/*
- * Check if not ECB, CBC and CTR mode, addr ptr is NULL.
- * Return "Reject" status
+ * Check if not ECB, CBC and CTR, GCM and GCM-GHASH mode (only for Agilex5),
+ * addr ptr is NULL. Return "Reject" status
*/
if ((param_addr_ptr == NULL) ||
- (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_ECB_MODE) &&
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CBC_MODE) &&
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CTR_MODE))) {
+ (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_ECB_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CBC_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_CTR_MODE)
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_GCM_MODE) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) != FCS_CRYPTO_GCM_GHASH_MODE)
+#endif
+ )){
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2204,7 +2671,9 @@
* Check CBC/CTR here and limit to size 28 bytes
*/
if ((((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CBC_MODE) ||
- ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE)) &&
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE) ||
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_GCM_MODE) ||
+ ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_GCM_GHASH_MODE)) &&
(param_size > FCS_CRYPTO_CBC_CTR_BUFFER_SIZE)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -2235,17 +2704,21 @@
return INTEL_SIP_SMC_STATUS_OK;
}
-int intel_fcs_aes_crypt_update_finalize(uint32_t session_id,
- uint32_t context_id, uint64_t src_addr,
- uint32_t src_size, uint64_t dst_addr,
- uint32_t dst_size, uint8_t is_finalised,
- uint32_t *send_id)
+int intel_fcs_aes_crypt_update_finalize(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t context_id,
+ uint64_t src_addr, uint32_t src_size,
+ uint64_t dst_addr, uint32_t dst_size,
+ uint32_t aad_size, uint8_t is_finalised,
+ uint32_t *send_id, uint64_t smmu_src_addr,
+ uint64_t smmu_dst_addr)
{
int status;
int i;
uint32_t flag;
uint32_t crypto_header;
uint32_t fcs_aes_crypt_payload[FCS_AES_CMD_MAX_WORD_SIZE];
+ uint32_t src_addr_sdm = (uint32_t)src_addr;
+ uint32_t dst_addr_sdm = (uint32_t)dst_addr;
if (fcs_aes_init_payload.session_id != session_id ||
fcs_aes_init_payload.context_id != context_id) {
@@ -2297,7 +2770,7 @@
i++;
if ((crypto_header >> FCS_CS_FIELD_FLAG_OFFSET) &
- FCS_CS_FIELD_FLAG_INIT) {
+ (FCS_CS_FIELD_FLAG_INIT)) {
fcs_aes_crypt_payload[i] = fcs_aes_init_payload.key_id;
i++;
@@ -2314,18 +2787,41 @@
i += fcs_aes_init_payload.param_size / MBOX_WORD_BYTE;
}
- fcs_aes_crypt_payload[i] = (uint32_t) src_addr;
+ /* On the Agilex5 platform, we will use the SMMU payload address */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+ src_addr_sdm = (uint32_t)smmu_src_addr;
+ dst_addr_sdm = (uint32_t)smmu_dst_addr;
+#endif
+
+ fcs_aes_crypt_payload[i] = src_addr_sdm;
i++;
fcs_aes_crypt_payload[i] = src_size;
i++;
- fcs_aes_crypt_payload[i] = (uint32_t) dst_addr;
+ fcs_aes_crypt_payload[i] = dst_addr_sdm;
i++;
fcs_aes_crypt_payload[i] = dst_size;
i++;
- status = mailbox_send_cmd_async(send_id, MBOX_FCS_AES_CRYPT_REQ,
- fcs_aes_crypt_payload, i,
- CMD_INDIRECT);
+ /* Additional Authenticated Data size */
+ if (aad_size > 0) {
+ fcs_aes_crypt_payload[i] = aad_size;
+ i++;
+ }
+
+ status = ((smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_UPDATE) ||
+ (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE)) ?
+ mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_AES_CRYPT_REQ,
+ fcs_aes_crypt_payload,
+ i,
+ MBOX_CMD_FLAG_INDIRECT,
+ fcs_cs_aes_cb,
+ NULL,
+ 0U) :
+ mailbox_send_cmd_async(send_id, MBOX_FCS_AES_CRYPT_REQ,
+ fcs_aes_crypt_payload, i, CMD_INDIRECT);
+
if (is_finalised != 0U) {
memset((void *)&fcs_aes_init_payload, 0,
@@ -2338,3 +2834,77 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+
+int intel_fcs_hkdf_request(uint32_t smc_fid, uint32_t trans_id,
+ uint32_t session_id, uint32_t step_type,
+ uint32_t mac_mode, uint32_t src_addr,
+ uint32_t key_uid, uint32_t op_key_size)
+{
+ int status;
+ uint32_t i = 0;
+ uintptr_t inputdata;
+ uint32_t payload[FCS_HKDF_REQUEST_DATA_SIZE] = {0U};
+
+ if (!is_address_in_ddr_range(src_addr, FCS_HKDF_REQUEST_DATA_SIZE)) {
+ ERROR("MBOX: %s: source addr not in the DDR range\n", __func__);
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ /* Prepare command payload */
+
+ /* Session ID */
+ payload[i] = session_id;
+ i++;
+
+ /* Reserved, 8 bytes */
+ payload[i] = 0;
+ i++;
+
+ payload[i] = 0;
+ i++;
+
+ /* HKDF step type */
+ payload[i] = step_type;
+ i++;
+
+ /* MAC mode/PRF */
+ payload[i] = mac_mode;
+ i++;
+
+ /* Complete input data, 1st input data len + its data + 2nd input data len + its data. */
+ inputdata = src_addr;
+ memcpy_s((uint8_t *)&payload[i], FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t),
+ (uint8_t *)inputdata, FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t));
+
+ i += FCS_HKDF_KEY_DATA_SIZE / sizeof(uint32_t);
+
+ /* Key UID */
+ payload[i] = key_uid;
+ i++;
+
+ /* Pointer to size of output key object */
+ inputdata = inputdata + FCS_HKDF_KEY_DATA_SIZE;
+
+ /* Output Key object */
+ memcpy_s(&payload[i], op_key_size / sizeof(uint32_t), (void *)inputdata,
+ op_key_size / sizeof(uint32_t));
+
+ i += op_key_size / sizeof(uint32_t);
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(trans_id),
+ GET_JOB_ID(trans_id),
+ MBOX_FCS_HKDF_REQUEST,
+ payload,
+ i,
+ MBOX_CMD_FLAG_CASUAL,
+ fcs_hkdf_request_cb,
+ NULL,
+ 0U);
+
+ if (status < 0) {
+ ERROR("MBOX: %s: status %d\n", __func__, status);
+ return INTEL_SIP_SMC_STATUS_ERROR;
+ }
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
diff --git a/plat/intel/soc/common/soc/socfpga_mailbox.c b/plat/intel/soc/common/soc/socfpga_mailbox.c
index 69f0008..3b3b479 100644
--- a/plat/intel/soc/common/soc/socfpga_mailbox.c
+++ b/plat/intel/soc/common/soc/socfpga_mailbox.c
@@ -1,11 +1,12 @@
/*
* Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
- * Copyright (c) 2024, Altera Corporation. All rights reserved.
+ * Copyright (c) 2024-2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <lib/mmio.h>
+#include <lib/spinlock.h>
#include <common/debug.h>
#include <drivers/delay_timer.h>
#include <platform_def.h>
@@ -15,6 +16,34 @@
#include "socfpga_sip_svc.h"
#include "socfpga_system_manager.h"
+#if SIP_SVC_V3
+/* Function prototypes */
+void mailbox_init_v3(void);
+static int mailbox_response_handler_fsm(void);
+static inline void mailbox_free_cmd_desc(sdm_command_t *cmd_desc);
+static sdm_response_t *mailbox_get_resp_desc(uint8_t client_id, uint8_t job_id,
+ uint8_t *index);
+static sdm_command_t *mailbox_get_cmd_desc(uint8_t client_id, uint8_t job_id);
+static inline void mailbox_free_resp_desc(uint8_t index);
+static sdm_command_t *mailbox_get_free_cmd_desc(void);
+static sdm_response_t *mailbox_get_resp_desc_cid(uint8_t client_id,
+ uint8_t *index);
+static int mailbox_read_response_v3(uint8_t client_id, uint8_t *job_id,
+ uint32_t *header, uint32_t *resp,
+ uint32_t *resp_len,
+ uint8_t ignore_client_id);
+static int mailbox_poll_response_v3(uint8_t client_id, uint8_t job_id,
+ uint32_t *resp, unsigned int *resp_len,
+ uint32_t urgent);
+
+static spinlock_t mbox_db_lock; /* Mailbox service data base lock */
+static spinlock_t mbox_write_lock; /* Hardware mailbox FIFO write lock */
+static spinlock_t mbox_read_lock; /* Hardware mailbox FIFO read lock */
+
+static mailbox_service_t mbox_svc; /* Mailbox service data base */
+static uint8_t async_v1_job_id;
+#endif /* #if SIP_SVC_V3 */
+
static mailbox_payload_t mailbox_resp_payload;
static mailbox_container_t mailbox_resp_ctr = {0, 0, &mailbox_resp_payload};
@@ -34,13 +63,13 @@
static int wait_for_mailbox_cmdbuf_empty(uint32_t cin)
{
- unsigned int timeout = 200U;
+ unsigned int timeout = 20000U;
do {
if (is_mailbox_cmdbuf_empty(cin)) {
break;
}
- mdelay(10U);
+ udelay(50U);
} while (--timeout != 0U);
if (timeout == 0U) {
@@ -54,7 +83,9 @@
uint32_t data,
bool *is_doorbell_triggered)
{
- unsigned int timeout = 100U;
+ unsigned int timeout = 20000U;
+
+ VERBOSE("MBOX: 0x%x\n", data);
do {
if (is_mailbox_cmdbuf_full(*cin)) {
@@ -63,7 +94,7 @@
MBOX_DOORBELL_TO_SDM, 1U);
*is_doorbell_triggered = true;
}
- mdelay(10U);
+ udelay(50U);
} else {
mmio_write_32(MBOX_ENTRY_TO_ADDR(CMD, (*cin)++), data);
*cin %= MBOX_CMD_BUFFER_SIZE;
@@ -84,6 +115,11 @@
return MBOX_RET_OK;
}
+/*
+ * Function description: Write the command header, and its payload one by one
+ * into the mailbox command buffer. Along with this, check for mailbox buffer
+ * full condition and trigger doorbell to SDM if the command buffer is full.
+ */
static int fill_mailbox_circular_buffer(uint32_t header_cmd, uint32_t *args,
unsigned int len)
{
@@ -92,15 +128,21 @@
int ret;
bool is_doorbell_triggered = false;
+#if SIP_SVC_V3
+ spin_lock(&mbox_write_lock);
+#endif
+
cmd_free_offset = mmio_read_32(MBOX_OFFSET + MBOX_CIN);
sdm_read_offset = mmio_read_32(MBOX_OFFSET + MBOX_COUT);
+ /* Write the command header here */
ret = write_mailbox_cmd_buffer(&cmd_free_offset, sdm_read_offset,
header_cmd, &is_doorbell_triggered);
if (ret != 0) {
goto restart_mailbox;
}
+ /* Write the payload here w.r.to args and its len - one by one. */
for (i = 0U; i < len; i++) {
is_doorbell_triggered = false;
ret = write_mailbox_cmd_buffer(&cmd_free_offset,
@@ -113,6 +155,9 @@
mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_TO_SDM, 1U);
+#if SIP_SVC_V3
+ spin_unlock(&mbox_write_lock);
+#endif
return MBOX_RET_OK;
restart_mailbox:
@@ -129,12 +174,21 @@
}
}
+#if SIP_SVC_V3
+ spin_unlock(&mbox_write_lock);
+#endif
return MBOX_TIMEOUT;
}
int mailbox_read_response(unsigned int *job_id, uint32_t *response,
unsigned int *resp_len)
{
+#if SIP_SVC_V3
+ return mailbox_read_response_v3(MBOX_ATF_CLIENT_ID,
+ (uint8_t *)job_id, NULL,
+ response, resp_len,
+ 0);
+#else
uint32_t rin;
uint32_t rout;
uint32_t resp_data;
@@ -174,13 +228,23 @@
return MBOX_RET_OK;
}
+
return MBOX_NO_RESPONSE;
+#endif
}
int mailbox_read_response_async(unsigned int *job_id, uint32_t *header,
uint32_t *response, unsigned int *resp_len,
uint8_t ignore_client_id)
{
+#if SIP_SVC_V3
+ /* Just to avoid the build warning */
+ (void)mailbox_resp_ctr;
+ return mailbox_read_response_v3(MBOX_ATF_CLIENT_ID,
+ (uint8_t *)job_id, header,
+ response, resp_len,
+ ignore_client_id);
+#else
uint32_t rin;
uint32_t rout;
uint32_t resp_data;
@@ -220,7 +284,6 @@
return MBOX_WRONG_ID;
}
}
-
*job_id = MBOX_RESP_JOB_ID(resp_data);
ret_resp_len = MBOX_RESP_LEN(resp_data);
mailbox_resp_ctr.payload->header = resp_data;
@@ -272,11 +335,16 @@
*resp_len = 0;
return (mailbox_resp_ctr.flag & MBOX_PAYLOAD_FLAG_BUSY) ? MBOX_BUSY : MBOX_NO_RESPONSE;
+#endif
}
int mailbox_poll_response(uint32_t job_id, uint32_t urgent, uint32_t *response,
- unsigned int *resp_len)
+ unsigned int *resp_len)
{
+#if SIP_SVC_V3
+ return mailbox_poll_response_v3(MBOX_ATF_CLIENT_ID, (uint8_t)job_id,
+ response, resp_len, urgent);
+#else
unsigned int timeout = 40U;
unsigned int sdm_loop = 255U;
unsigned int ret_resp_len;
@@ -285,7 +353,6 @@
uint32_t resp_data;
while (sdm_loop != 0U) {
-
do {
if (mmio_read_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM)
== 1U) {
@@ -310,7 +377,7 @@
}
mmio_write_32(MBOX_OFFSET + MBOX_URG, 0U);
- INFO("Error: Mailbox did not get UA");
+ ERROR("MBOX: Mailbox did not get UA");
return MBOX_RET_ERROR;
}
@@ -324,13 +391,21 @@
rout %= MBOX_RESP_BUFFER_SIZE;
mmio_write_32(MBOX_OFFSET + MBOX_ROUT, rout);
- if (MBOX_RESP_CLIENT_ID(resp_data) != MBOX_ATF_CLIENT_ID
- || MBOX_RESP_JOB_ID(resp_data) != job_id) {
+ if ((MBOX_RESP_CLIENT_ID(resp_data) != MBOX_ATF_CLIENT_ID) ||
+ (MBOX_RESP_JOB_ID(resp_data) != job_id)) {
continue;
}
+ /* Get the return response len from the response header. */
ret_resp_len = MBOX_RESP_LEN(resp_data);
+ /* Print the response header. */
+ VERBOSE("MBOX: RespHdr: cid %d, jid %d, len %d, err_code 0x%x\n",
+ MBOX_RESP_CLIENT_ID(resp_data),
+ MBOX_RESP_JOB_ID(resp_data),
+ MBOX_RESP_LEN(resp_data),
+ MBOX_RESP_ERR(resp_data));
+
if (iterate_resp(ret_resp_len, response, resp_len)
!= MBOX_RET_OK) {
return MBOX_TIMEOUT;
@@ -349,6 +424,7 @@
INFO("Timed out waiting for SDM\n");
return MBOX_TIMEOUT;
+#endif
}
int iterate_resp(uint32_t mbox_resp_len, uint32_t *resp_buf,
@@ -366,8 +442,7 @@
if ((resp_buf != NULL) && (resp_len != NULL)
&& (*resp_len != 0U)) {
- *(resp_buf + total_resp_len)
- = resp_data;
+ *(resp_buf + total_resp_len) = resp_data;
*resp_len = *resp_len - 1;
total_resp_len++;
}
@@ -417,6 +492,9 @@
return status;
}
+#if SIP_SVC_V3
+ async_v1_job_id = (uint8_t)*job_id;
+#endif
*job_id = (*job_id + 1U) % MBOX_MAX_IND_JOB_ID;
return MBOX_RET_OK;
@@ -433,9 +511,7 @@
MBOX_STATUS_UA_MASK;
mmio_write_32(MBOX_OFFSET + MBOX_URG, cmd);
mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_TO_SDM, 1U);
- }
-
- else {
+ } else {
status = fill_mailbox_circular_buffer(
MBOX_CLIENT_ID_CMD(MBOX_ATF_CLIENT_ID) |
MBOX_JOB_ID_CMD(job_id) |
@@ -460,12 +536,12 @@
void mailbox_set_int(uint32_t interrupt)
{
-
- mmio_write_32(MBOX_OFFSET+MBOX_INT, MBOX_COE_BIT(interrupt) |
+ mmio_write_32(MBOX_OFFSET+MBOX_INT,
+ MBOX_COE_BIT(interrupt) |
+ MBOX_RIE_BIT(interrupt) |
MBOX_UAE_BIT(interrupt));
}
-
void mailbox_set_qspi_open(void)
{
mailbox_set_int(MBOX_INT_FLAG_COE | MBOX_INT_FLAG_RIE);
@@ -606,6 +682,7 @@
mailbox_set_int(MBOX_INT_FLAG_COE | MBOX_INT_FLAG_RIE |
MBOX_INT_FLAG_UAE);
+
mmio_write_32(MBOX_OFFSET + MBOX_URG, 0U);
mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM, 0U);
@@ -616,8 +693,16 @@
return status;
}
+#if SIP_SVC_V3
+ /* Initialize the mailbox version3 implementation, and in V3 we
+ * are interested in only RIE interrupt
+ */
+ mailbox_init_v3();
+ mailbox_set_int(MBOX_INT_FLAG_RIE);
+#else
mailbox_set_int(MBOX_INT_FLAG_COE | MBOX_INT_FLAG_RIE |
MBOX_INT_FLAG_UAE);
+#endif
return MBOX_RET_OK;
}
@@ -730,3 +815,693 @@
return mailbox_send_cmd(MBOX_JOB_ID, MBOX_CMD_SAFE_INJECT_SEU_ERR, arg, len,
CMD_CASUAL, NULL, NULL);
}
+
+#if SIP_SVC_V3
+static int mailbox_fill_cmd_desc(uint8_t client_id, uint8_t job_id,
+ uint32_t *resp_buff)
+{
+ sdm_command_t *cmd_desc = NULL;
+
+ /* Get a free command descriptor */
+ cmd_desc = mailbox_get_free_cmd_desc();
+ if (cmd_desc == NULL) {
+ return MBOX_BUFFER_FULL;
+ }
+
+ /* Record all the given values for the command. */
+ cmd_desc->client_id = client_id;
+ cmd_desc->job_id = job_id;
+ cmd_desc->cb = NULL;
+ cmd_desc->cb_args = resp_buff;
+ cmd_desc->cb_args_len = 0U;
+
+ return MBOX_RET_OK;
+}
+
+/* Returns the command descriptor based on the client and job ID. */
+static sdm_command_t *mailbox_get_cmd_desc(uint8_t client_id, uint8_t job_id)
+{
+ spin_lock(&mbox_db_lock);
+ for (uint32_t count = 0; count < MBOX_SVC_CMD_QUEUE_SIZE; count++) {
+ if ((mbox_svc.cmd_queue[count].client_id == client_id) &&
+ (mbox_svc.cmd_queue[count].job_id == job_id) &&
+ (mbox_svc.cmd_queue[count].flags & MBOX_SVC_CMD_IS_USED)) {
+ spin_unlock(&mbox_db_lock);
+ return &(mbox_svc.cmd_queue[count]);
+ }
+ }
+
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: Command descriptor not found for cid %d, jid %d\n",
+ client_id, job_id);
+
+ return NULL;
+}
+
+/* Returns the response descriptor based on only client ID. */
+static sdm_response_t *mailbox_get_resp_desc_cid(uint8_t client_id, uint8_t *index)
+{
+ spin_lock(&mbox_db_lock);
+
+ for (uint32_t count = 0; count < MBOX_SVC_RESP_QUEUE_SIZE; count++) {
+ if ((mbox_svc.resp_queue[count].client_id == client_id) &&
+ (mbox_svc.resp_queue[count].flags & FLAG_SDM_RESPONSE_IS_VALID)) {
+ *index = count;
+ /*
+ * Once we get the valid response descriptor, get the
+ * job ID and mark up the bitmaps.
+ */
+ uint8_t job_id = mbox_svc.resp_queue[count].job_id;
+ uint8_t transaction_id = MBOX_GET_TRANS_ID(client_id, job_id);
+
+ mbox_svc.received_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] &=
+ ~(1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE));
+ mbox_svc.interrupt_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] &=
+ ~(1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE));
+ spin_unlock(&mbox_db_lock);
+ return &(mbox_svc.resp_queue[count]);
+ }
+ }
+
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: Response descriptor not found for cid %d\n", client_id);
+
+ return NULL;
+}
+
+/* Returns the response descriptor based on the client and job ID. */
+static sdm_response_t *mailbox_get_resp_desc(uint8_t client_id, uint8_t job_id, uint8_t *index)
+{
+ spin_lock(&mbox_db_lock);
+ /*
+ * Let's first check whether we have a response bitmap set for the given
+ * client ID and job ID.
+ */
+ uint8_t transaction_id = MBOX_GET_TRANS_ID(client_id, job_id);
+
+ if ((mbox_svc.received_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] &
+ (1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE))) == 0) {
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: Response bitmap not set for cid %d, jid %d, bitmap 0x%16lx\n",
+ client_id, job_id, mbox_svc.received_bitmap[transaction_id / 64]);
+ return NULL;
+ }
+
+ for (uint32_t count = 0; count < MBOX_SVC_RESP_QUEUE_SIZE; count++) {
+ if (mbox_svc.resp_queue[count].flags & FLAG_SDM_RESPONSE_IS_VALID) {
+ if ((mbox_svc.resp_queue[count].client_id == client_id) &&
+ (mbox_svc.resp_queue[count].job_id == job_id)) {
+ *index = count;
+ mbox_svc.received_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] &=
+ ~(1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE));
+ mbox_svc.interrupt_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] &=
+ ~(1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE));
+ spin_unlock(&mbox_db_lock);
+ return &(mbox_svc.resp_queue[count]);
+ }
+ }
+ }
+
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: Response descriptor not found for cid %d, jid %d\n",
+ client_id, job_id);
+
+ return NULL;
+}
+
+static int32_t mailbox_get_free_resp_desc(void)
+{
+ spin_lock(&mbox_db_lock);
+ static uint32_t free_index = MBOX_SVC_RESP_QUEUE_SIZE - 1;
+ uint32_t count = 0U, try = 0U;
+
+ for (try = 0; try < MBOX_SVC_RESP_QUEUE_SIZE; try++) {
+ free_index = (free_index + 1) % MBOX_SVC_RESP_QUEUE_SIZE;
+ if ((mbox_svc.resp_queue[free_index].flags &
+ FLAG_SDM_RESPONSE_IS_USED) != 0U) {
+ count = free_index;
+ spin_unlock(&mbox_db_lock);
+ return count;
+ }
+ }
+
+ /* No free descriptors are available */
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: No free response descriptors are available\n");
+
+ return MBOX_BUFFER_FULL;
+}
+
+static sdm_command_t *mailbox_get_free_cmd_desc(void)
+{
+ spin_lock(&mbox_db_lock);
+ static uint32_t free_index;
+
+ /* Rollover the command queue free index */
+ if (free_index == (MBOX_SVC_CMD_QUEUE_SIZE - 1)) {
+ free_index = 0U;
+ }
+
+ for (; free_index < MBOX_SVC_CMD_QUEUE_SIZE; free_index++) {
+ if ((mbox_svc.cmd_queue[free_index].flags &
+ MBOX_SVC_CMD_IS_USED) != 0U) {
+ mbox_svc.cmd_queue[free_index].flags |= MBOX_SVC_CMD_IS_USED;
+ spin_unlock(&mbox_db_lock);
+ return &(mbox_svc.cmd_queue[free_index]);
+ }
+ }
+
+ /* No free command descriptors are available */
+ spin_unlock(&mbox_db_lock);
+ VERBOSE("MBOX: No free command descriptors available\n");
+
+ return NULL;
+}
+
+static inline void mailbox_free_cmd_desc(sdm_command_t *cmd_desc)
+{
+ if (cmd_desc == NULL) {
+ return;
+ }
+
+ spin_lock(&mbox_db_lock);
+ memset((void *)cmd_desc, 0, sizeof(sdm_command_t));
+ spin_unlock(&mbox_db_lock);
+}
+
+static inline void mailbox_free_resp_desc(uint8_t index)
+{
+ if (index >= MBOX_SVC_RESP_QUEUE_SIZE) {
+ return;
+ }
+
+ spin_lock(&mbox_db_lock);
+ memset((void *)&mbox_svc.resp_queue[index], 0, sizeof(sdm_response_t));
+ spin_unlock(&mbox_db_lock);
+}
+
+/*
+ * This function serves the V1 _sync_read and _async_read functionality, and it
+ * is introduced as part of V3 framework to keep backward compatible with V1
+ * clients.
+ */
+static int mailbox_read_response_v3(uint8_t client_id, uint8_t *job_id,
+ uint32_t *header, uint32_t *resp,
+ uint32_t *resp_len,
+ uint8_t ignore_client_id)
+{
+ uint8_t di = 0U;
+ int status = MBOX_RET_OK;
+ sdm_response_t *resp_desc = NULL;
+ sdm_command_t *cmd_desc = NULL;
+
+ /*
+ * In the V1, the client ID is always MBOX_ATF_CLIENT_ID and in this
+ * routine we will collect the response which only belongs to this
+ * client ID. So safe to ignore this input.
+ */
+ (void)ignore_client_id;
+
+ /* Clear the SDM doorbell interrupt */
+ if (mmio_read_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM) == 1U)
+ mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM, 0U);
+
+ /* Fill the command descriptor index and get the same */
+ status = mailbox_fill_cmd_desc(client_id, async_v1_job_id, resp);
+ if (status != MBOX_RET_OK) {
+ return status;
+ }
+
+ cmd_desc = mailbox_get_cmd_desc(client_id, async_v1_job_id);
+
+ /* Get the response from SDM, just go through one cycle */
+ status = mailbox_response_handler_fsm();
+ if (status != MBOX_RET_OK) {
+ mailbox_free_cmd_desc(cmd_desc);
+ *resp_len = 0U;
+ return status;
+ }
+
+ /* Check the local response queue with the given client ID */
+ resp_desc = mailbox_get_resp_desc_cid(client_id, &di);
+ if (resp_desc == NULL) {
+ mailbox_free_cmd_desc(cmd_desc);
+ *resp_len = 0U;
+ return MBOX_NO_RESPONSE;
+ }
+
+ /* Update the received mailbox response length, job ID and header */
+ *job_id = resp_desc->job_id;
+ *resp_len = resp_desc->rcvd_resp_len;
+ if (header != NULL) {
+ *header = resp_desc->header;
+ }
+
+ /* Check the mailbox response error code */
+ if (MBOX_RESP_ERR(resp_desc->header) > 0U) {
+ INFO("MBOX: Error in async response: %x\n", resp_desc->header);
+ status = -MBOX_RESP_ERR(resp_desc->header);
+ }
+
+ /* Free up the response and command descriptors */
+ mailbox_free_resp_desc(di);
+ mailbox_free_cmd_desc(cmd_desc);
+
+ return status;
+}
+
+int mailbox_send_cmd_async_v3(uint8_t client_id, uint8_t job_id, uint32_t cmd,
+ uint32_t *args, uint32_t args_len, uint8_t cmd_flag,
+ sdm_command_callback cb, uint32_t *cb_args,
+ uint32_t cb_args_len)
+{
+ int status = 0;
+ sdm_command_t *cmd_desc = NULL;
+
+ VERBOSE("MBOX: cid: %d, jid: %d, cmd: %d, cmd_flag: %d\n",
+ client_id, job_id, cmd, cmd_flag);
+
+ if (IS_CMD_SET(cmd_flag, URGENT)) {
+ mmio_write_32(MBOX_OFFSET + MBOX_URG, cmd);
+ mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_TO_SDM, 1U);
+ } else {
+ /* Get a free command descriptor */
+ cmd_desc = mailbox_get_free_cmd_desc();
+ if (cmd_desc == NULL) {
+ return MBOX_BUFFER_FULL;
+ }
+
+ /* Record all the given values for the command. */
+ cmd_desc->client_id = client_id;
+ cmd_desc->job_id = job_id;
+ cmd_desc->cb = cb;
+ cmd_desc->cb_args = cb_args;
+ cmd_desc->cb_args_len = cb_args_len;
+
+ /* Push the command to mailbox FIFO */
+ status = fill_mailbox_circular_buffer(
+ MBOX_FRAME_CMD_HEADER(client_id, job_id,
+ args_len, IS_CMD_SET(cmd_flag, INDIRECT), cmd),
+ args,
+ args_len);
+
+ if (status != MBOX_RET_OK) {
+ INFO("MBOX: Failed to push the command to mailbox FIFO\n");
+ /* Free the command descriptor. */
+ mailbox_free_cmd_desc(cmd_desc);
+ }
+ }
+
+ INFO("MBOX: %s: status: %d\n", __func__, status);
+
+ return status;
+}
+
+static int mailbox_poll_response_v3(uint8_t client_id, uint8_t job_id,
+ uint32_t *resp, unsigned int *resp_len,
+ uint32_t urgent)
+{
+ unsigned int timeout = 40U;
+ unsigned int sdm_loop = 255U;
+ bool is_cmd_desc_fill = false;
+ uint8_t di = 0U;
+ sdm_response_t *resp_desc = NULL;
+ sdm_command_t *cmd_desc = NULL;
+
+ while (sdm_loop != 0U) {
+ do {
+ if (mmio_read_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM)
+ == 1U) {
+ break;
+ }
+ mdelay(10U);
+ } while (--timeout != 0U);
+
+ if (timeout == 0U) {
+ INFO("%s: Timed out waiting for SDM intr\n", __func__);
+ break;
+ }
+
+ mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM, 0U);
+
+ if ((urgent & 1U) != 0U) {
+ mdelay(5U);
+ if ((mmio_read_32(MBOX_OFFSET + MBOX_STATUS) &
+ MBOX_STATUS_UA_MASK) ^
+ (urgent & MBOX_STATUS_UA_MASK)) {
+ mmio_write_32(MBOX_OFFSET + MBOX_URG, 0U);
+ return MBOX_RET_OK;
+ }
+
+ mmio_write_32(MBOX_OFFSET + MBOX_URG, 0U);
+ ERROR("MBOX: Mailbox did not get UA");
+ return MBOX_RET_ERROR;
+ }
+
+ /* Fill the command descriptor index and get the same. */
+ if (!is_cmd_desc_fill) {
+ if (mailbox_fill_cmd_desc(client_id, job_id, resp) !=
+ MBOX_RET_OK) {
+ return MBOX_BUFFER_FULL;
+ }
+
+ cmd_desc = mailbox_get_cmd_desc(client_id, job_id);
+ is_cmd_desc_fill = true;
+ }
+
+ /* Since it is sync call, will try to read till it time out */
+ (void)mailbox_response_handler_fsm();
+
+ /* Check the response queue with the given client ID and job ID */
+ resp_desc = mailbox_get_resp_desc(client_id, job_id, &di);
+ if (resp_desc != NULL) {
+ VERBOSE("%s: Resp received for cid %d, jid %d\n",
+ __func__, resp_desc->client_id, resp_desc->job_id);
+
+ uint16_t header = resp_desc->header;
+
+ /* Update the return response length */
+ if (resp_len != NULL) {
+ *resp_len = resp_desc->rcvd_resp_len;
+ }
+
+ /* Free the response and command descriptor */
+ mailbox_free_resp_desc(di);
+ mailbox_free_cmd_desc(cmd_desc);
+
+ if (MBOX_RESP_ERR(header) > 0U) {
+ INFO("%s: SDM err code: 0x%x\n", __func__,
+ MBOX_RESP_ERR(header));
+ return -MBOX_RESP_ERR(header);
+ }
+
+ VERBOSE("%s: MBOX_RET_OK\n", __func__);
+ return MBOX_RET_OK;
+ }
+ sdm_loop--;
+ }
+
+ INFO("%s: Timed out waiting for SDM\n", __func__);
+ return MBOX_TIMEOUT;
+}
+
+/* SDM response parser handler state machine. */
+static void mailbox_response_parser(void)
+{
+ int di = -1; /* Descriptor index */
+ uint32_t rin;
+ uint32_t rout;
+
+ switch (mbox_svc.next_resp_state) {
+ case SRS_WAIT_FOR_RESP:
+ {
+ mbox_svc.resp_state = SRS_WAIT_FOR_RESP;
+
+ rin = mmio_read_32(MBOX_OFFSET + MBOX_RIN);
+ rout = mmio_read_32(MBOX_OFFSET + MBOX_ROUT);
+ if (rin != rout) {
+ mbox_svc.next_resp_state = SRS_WAIT_FOR_HEADER;
+ }
+
+ break;
+ }
+
+ case SRS_WAIT_FOR_HEADER:
+ {
+ mbox_svc.resp_state = SRS_WAIT_FOR_HEADER;
+ uint32_t resp_hdr;
+ uint8_t trans_id = 0U;
+
+ rin = mmio_read_32(MBOX_OFFSET + MBOX_RIN);
+ rout = mmio_read_32(MBOX_OFFSET + MBOX_ROUT);
+ if (rin != rout) {
+ /* Read the header and dequeue from the queue. */
+ resp_hdr = mmio_read_32(MBOX_ENTRY_TO_ADDR(RESP, (rout)++));
+ rout %= MBOX_RESP_BUFFER_SIZE;
+ mmio_write_32(MBOX_OFFSET + MBOX_ROUT, rout);
+
+ /* Allocate a new response descriptor */
+ di = mailbox_get_free_resp_desc();
+ if (di != -1) {
+ mbox_svc.curr_di = di;
+ mbox_svc.resp_queue[di].header = resp_hdr;
+ mbox_svc.resp_queue[di].client_id = MBOX_RESP_CLIENT_ID(resp_hdr);
+ mbox_svc.resp_queue[di].job_id = MBOX_RESP_JOB_ID(resp_hdr);
+ mbox_svc.resp_queue[di].resp_len = MBOX_RESP_LEN(resp_hdr);
+ mbox_svc.resp_queue[di].flags |= (FLAG_SDM_RESPONSE_IS_USED |
+ FLAG_SDM_RESPONSE_IS_IN_PROGRESS);
+ mbox_svc.resp_queue[di].err_code = MBOX_RESP_ERR(resp_hdr);
+ trans_id = MBOX_RESP_TRANSACTION_ID(resp_hdr);
+
+ VERBOSE("MBOX: Resp Hdr: cid %d, jid %d, len %d, err_code 0x%x\n",
+ mbox_svc.resp_queue[di].client_id,
+ mbox_svc.resp_queue[di].job_id,
+ mbox_svc.resp_queue[di].resp_len,
+ mbox_svc.resp_queue[di].err_code);
+
+ /* Check if the response is an argument response */
+ if (mbox_svc.resp_queue[di].resp_len > 0) {
+ mbox_svc.next_resp_state = SRS_WAIT_FOR_ARGUMENTS;
+ } else {
+ VERBOSE("MBOX: Received complete response with no args\n");
+ /* Non argument response, done */
+ mbox_svc.resp_queue[mbox_svc.curr_di].flags |=
+ FLAG_SDM_RESPONSE_IS_VALID;
+
+ /* Go back to waiting for new response */
+ mbox_svc.next_resp_state = SRS_WAIT_FOR_RESP;
+ mbox_svc.curr_di = -1;
+
+ /* Mark the transaction ID as received */
+ spin_lock(&mbox_db_lock);
+ mbox_svc.received_bitmap[trans_id / MBOX_TID_BITMAP_SIZE] |=
+ (1ULL << (trans_id % MBOX_TID_BITMAP_SIZE));
+ spin_unlock(&mbox_db_lock);
+ }
+ } else {
+ mbox_svc.next_resp_state = SRS_SYNC_ERROR;
+ }
+ }
+ break;
+ }
+
+ case SRS_WAIT_FOR_ARGUMENTS:
+ {
+ mbox_svc.resp_state = SRS_WAIT_FOR_ARGUMENTS;
+ uint16_t mbox_resp_len = mbox_svc.resp_queue[mbox_svc.curr_di].resp_len;
+ uint32_t *read_buff = NULL;
+ uint16_t read_len = 0U;
+ uint16_t read_max_len = 0U;
+ uint32_t timeout = 0U;
+
+ /* Determine where to copy the buffer. */
+ sdm_command_t *cmd_desc = mailbox_get_cmd_desc(
+ mbox_svc.resp_queue[mbox_svc.curr_di].client_id,
+ mbox_svc.resp_queue[mbox_svc.curr_di].job_id);
+ if (cmd_desc != NULL && cmd_desc->cb_args != NULL) {
+ read_buff = cmd_desc->cb_args;
+ read_max_len = mbox_resp_len;
+ } else {
+ read_buff = (uint32_t *)mbox_svc.resp_queue[mbox_svc.curr_di].resp_data;
+ read_max_len = MBOX_SVC_MAX_RESP_DATA_SIZE;
+ }
+
+ rin = mmio_read_32(MBOX_OFFSET + MBOX_RIN);
+ rout = mmio_read_32(MBOX_OFFSET + MBOX_ROUT);
+
+ while ((read_len < mbox_resp_len) && (rin != rout) && (read_len < read_max_len)) {
+ timeout = 10000U;
+
+ /* Copy the response data to the buffer */
+ read_buff[read_len++] = mmio_read_32(MBOX_ENTRY_TO_ADDR(RESP, (rout)++));
+
+ VERBOSE("MBOX: 0x%x\n", read_buff[read_len - 1]);
+
+ /* Update the read out buffer index */
+ rout %= MBOX_RESP_BUFFER_SIZE;
+ mmio_write_32(MBOX_OFFSET + MBOX_ROUT, rout);
+
+ /*
+ * The response buffer is of 16 words size, this loop checks
+ * if the response buffer is empty and if empty trigger an
+ * interrupt to SDM and wait for the response buffer to fill
+ */
+ do {
+ if (read_len == mbox_resp_len)
+ break;
+
+ rin = mmio_read_32(MBOX_OFFSET + MBOX_RIN);
+ if (rout == rin) {
+ mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_TO_SDM, 1U);
+ udelay(100);
+ } else {
+ break;
+ }
+ timeout--;
+ } while ((read_len < mbox_resp_len) && (timeout != 0U));
+
+ if (timeout == 0U) {
+ INFO("MBOX: Timeout waiting for response data\n");
+ mbox_svc.next_resp_state = SRS_SYNC_ERROR;
+ break;
+ }
+ }
+
+ /* Check if we have received all the arguments */
+ mbox_svc.resp_queue[mbox_svc.curr_di].rcvd_resp_len = read_len;
+ if (mbox_resp_len == read_len) {
+ uint8_t transaction_id =
+ ((mbox_svc.resp_queue[mbox_svc.curr_di].client_id << 4) |
+ (mbox_svc.resp_queue[mbox_svc.curr_di].job_id));
+ VERBOSE("MBOX: Received all the response data len %d, transaction_id %d\n",
+ read_len, transaction_id);
+
+ spin_lock(&mbox_db_lock);
+ mbox_svc.received_bitmap[transaction_id / MBOX_TID_BITMAP_SIZE] |=
+ (1ULL << (transaction_id % MBOX_TID_BITMAP_SIZE));
+ spin_unlock(&mbox_db_lock);
+
+ mbox_svc.resp_queue[mbox_svc.curr_di].flags |= FLAG_SDM_RESPONSE_IS_VALID;
+ mbox_svc.next_resp_state = SRS_WAIT_FOR_RESP;
+ mbox_svc.curr_di = -1;
+ } else {
+ mbox_svc.next_resp_state = SRS_SYNC_ERROR;
+ VERBOSE("MBOX: Received partial response data len %d, max len %d\n",
+ read_len, read_max_len);
+ }
+ break;
+ }
+
+ case SRS_SYNC_ERROR:
+ {
+ mbox_svc.resp_state = SRS_SYNC_ERROR;
+ INFO("MBOX: Error in response handling\n");
+ break;
+ }
+
+ default:
+ break;
+ } /* switch */
+}
+
+static int mailbox_response_handler_fsm(void)
+{
+ int status = MBOX_RET_OK;
+
+ spin_lock(&mbox_read_lock);
+ /* Mailbox peripheral response parser */
+ do {
+ /* Iterate till the state machine transition ends */
+ mailbox_response_parser();
+
+ /* Note down if there is any error in the response parsing */
+ if (mbox_svc.next_resp_state == SRS_SYNC_ERROR) {
+ status = MBOX_RET_ERROR;
+ }
+
+ } while (mbox_svc.resp_state != mbox_svc.next_resp_state);
+ spin_unlock(&mbox_read_lock);
+
+ return status;
+}
+
+int mailbox_response_poll_on_intr_v3(uint8_t *client_id, uint8_t *job_id,
+ uint64_t *bitmap)
+{
+ uint32_t i = 0U;
+ int status = MBOX_RET_OK;
+
+ /* Clear the SDM doorbell interrupt immediately */
+ if (mmio_read_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM) == 1U) {
+ mmio_write_32(MBOX_OFFSET + MBOX_DOORBELL_FROM_SDM, 0U);
+ }
+
+ /* Check mailbox FIFO for any pending responses available to read. */
+ status = mailbox_response_handler_fsm();
+ if (status != MBOX_RET_OK) {
+ return status;
+ }
+
+ /*
+ * Once we read the complete mailbox FIFO, let's mark up the bitmap for
+ * available responses with respect to each transcation IDs.
+ */
+ status = MBOX_NO_RESPONSE;
+ spin_lock(&mbox_db_lock);
+ for (i = 0; i < MBOX_MAX_TIDS_BITMAP; i++) {
+ bitmap[i] = mbox_svc.interrupt_bitmap[i] ^ mbox_svc.received_bitmap[i];
+ if (bitmap[i] != 0 && status == MBOX_NO_RESPONSE) {
+ status = MBOX_RET_OK;
+ }
+
+ mbox_svc.interrupt_bitmap[i] = mbox_svc.received_bitmap[i];
+ }
+ spin_unlock(&mbox_db_lock);
+
+ return status;
+}
+
+int mailbox_response_poll_v3(uint8_t client_id, uint8_t job_id,
+ uint32_t *ret_args, uint32_t *ret_args_len)
+{
+ sdm_command_t *cmd_desc = NULL;
+ sdm_response_t *resp_desc = NULL;
+ uint8_t di = 0U;
+ int status = MBOX_RET_OK;
+
+ /*
+ * Let's first check the local response queue with the given
+ * client ID and job ID
+ */
+ resp_desc = mailbox_get_resp_desc(client_id, job_id, &di);
+ if (resp_desc == NULL) {
+ /* Not available in the local queue, let's read mailbox FIFO */
+ status = mailbox_response_handler_fsm();
+ if (status != MBOX_RET_OK) {
+ return status;
+ }
+
+ resp_desc = mailbox_get_resp_desc(client_id, job_id, &di);
+ }
+ cmd_desc = mailbox_get_cmd_desc(client_id, job_id);
+
+ if (cmd_desc != NULL && resp_desc != NULL) {
+ VERBOSE("MBOX: Resp found for cid %d, jid %d\n", client_id, job_id);
+
+ /* Command callback function */
+ *ret_args_len = cmd_desc->cb(resp_desc, cmd_desc, ret_args);
+
+ /* Free the command and response descriptors. */
+ mailbox_free_cmd_desc(cmd_desc);
+ mailbox_free_resp_desc(di);
+
+ return MBOX_RET_OK;
+ }
+
+ INFO("MBOX: No resp found for cid: %d, jid: %d\n", client_id, job_id);
+
+ return MBOX_NO_RESPONSE;
+}
+
+void mailbox_init_v3(void)
+{
+ uint32_t count;
+
+ memset((void *)&mbox_svc, 0, sizeof(mbox_svc));
+
+ mbox_svc.next_resp_state = SRS_WAIT_FOR_RESP;
+ mbox_svc.resp_state = SRS_WAIT_FOR_RESP;
+
+ /* Free all entries from the response queue. */
+ for (count = 0; count < MBOX_SVC_RESP_QUEUE_SIZE; count++) {
+ mbox_svc.resp_queue[count].flags = 0;
+ }
+
+ /* Free all entries from the command queue. */
+ for (count = 0; count < MBOX_SVC_CMD_QUEUE_SIZE; count++) {
+ mbox_svc.cmd_queue[count].flags = 0;
+ }
+
+ mbox_svc.curr_di = -1;
+}
+#endif /* #if SIP_SVC_V3 */
diff --git a/plat/intel/soc/common/socfpga_ros.c b/plat/intel/soc/common/socfpga_ros.c
index ea37384..62e689c 100644
--- a/plat/intel/soc/common/socfpga_ros.c
+++ b/plat/intel/soc/common/socfpga_ros.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2024, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +21,8 @@
#include <socfpga_ros.h>
+#define WORD_SIZE (sizeof(uint32_t))
+
static void swap_bits(char *const data, uint32_t len)
{
uint32_t x, y;
@@ -99,7 +102,8 @@
return ROS_IMAGE_PARTNUM_OVFL;
}
- memcpy_s(&spt_data, SPT_SIZE, spt_ptr, SPT_SIZE);
+ memcpy_s(&spt_data, (sizeof(spt_table_t) / WORD_SIZE),
+ spt_ptr, (SPT_SIZE / WORD_SIZE));
spt_data.checksum = 0U;
swap_bits((char *)&spt_data, SPT_SIZE);
@@ -153,6 +157,7 @@
}
uint32_t ret, img_index;
+ size_t len;
char ssbl_name[SPT_PARTITION_NAME_LENGTH];
static spt_table_t spt;
@@ -168,11 +173,12 @@
if (strncmp(spt.partition[img_index].name, FACTORY_IMAGE,
SPT_PARTITION_NAME_LENGTH) == 0U) {
- strlcpy(ssbl_name, FACTORY_SSBL, SPT_PARTITION_NAME_LENGTH);
+ strcpy_secure(ssbl_name, SPT_PARTITION_NAME_LENGTH, FACTORY_SSBL);
} else {
- strlcpy(ssbl_name, spt.partition[img_index].name,
- SPT_PARTITION_NAME_LENGTH);
- strlcat(ssbl_name, SSBL_SUFFIX, SPT_PARTITION_NAME_LENGTH);
+ strcpy_secure(ssbl_name, SPT_PARTITION_NAME_LENGTH, SSBL_PREFIX);
+ len = strnlen_secure(ssbl_name, SPT_PARTITION_NAME_LENGTH);
+ strcpy_secure(ssbl_name + len, SPT_PARTITION_NAME_LENGTH - len,
+ spt.partition[img_index].name);
}
for (uint32_t index = 0U; index < spt.partitions; index++) {
diff --git a/plat/intel/soc/common/socfpga_sip_svc.c b/plat/intel/soc/common/socfpga_sip_svc.c
index f7b41fa..f4a3ea0 100644
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@@ -801,6 +801,837 @@
}
#endif
+#if SIP_SVC_V3
+uint8_t sip_smc_cmd_cb_ret2(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ /* Returns 3 SMC arguments for SMC_RET3 */
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+
+ return ret_args_len;
+}
+
+uint8_t sip_smc_cmd_cb_ret3(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ /* Returns 3 SMC arguments for SMC_RET3 */
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+
+ return ret_args_len;
+}
+
+uint8_t sip_smc_ret_nbytes_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0%x, nbytes_ret %d\n",
+ __func__, resp->err_code, resp->rcvd_resp_len * MBOX_WORD_BYTE);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->rcvd_resp_len * MBOX_WORD_BYTE;
+
+ return ret_args_len;
+}
+
+uint8_t sip_smc_get_chipid_cb(void *resp_desc, void *cmd_desc, uint32_t *ret_args)
+{
+ uint8_t ret_args_len = 0U;
+ sdm_response_t *resp = (sdm_response_t *)resp_desc;
+ sdm_command_t *cmd = (sdm_command_t *)cmd_desc;
+
+ (void)cmd;
+ INFO("MBOX: %s: mailbox_err 0%x, data[0] 0x%x, data[1] 0x%x\n",
+ __func__, resp->err_code, resp->resp_data[0], resp->resp_data[1]);
+
+ ret_args[ret_args_len++] = INTEL_SIP_SMC_STATUS_OK;
+ ret_args[ret_args_len++] = resp->err_code;
+ ret_args[ret_args_len++] = resp->resp_data[0];
+ ret_args[ret_args_len++] = resp->resp_data[1];
+
+ return ret_args_len;
+}
+
+static uintptr_t smc_ret(void *handle, uint32_t *ret_args, uint32_t ret_args_len)
+{
+ switch (ret_args_len) {
+ case SMC_RET_ARGS_ONE:
+ SMC_RET1(handle, ret_args[0]);
+ break;
+
+ case SMC_RET_ARGS_TWO:
+ SMC_RET2(handle, ret_args[0], ret_args[1]);
+ break;
+
+ case SMC_RET_ARGS_THREE:
+ SMC_RET3(handle, ret_args[0], ret_args[1], ret_args[2]);
+ break;
+
+ case SMC_RET_ARGS_FOUR:
+ SMC_RET4(handle, ret_args[0], ret_args[1], ret_args[2], ret_args[3]);
+ break;
+
+ case SMC_RET_ARGS_FIVE:
+ SMC_RET5(handle, ret_args[0], ret_args[1], ret_args[2], ret_args[3], ret_args[4]);
+ break;
+
+ default:
+ SMC_RET1(handle, INTEL_SIP_SMC_STATUS_ERROR);
+ break;
+ }
+}
+
+/*
+ * This function is responsible for handling all SiP SVC V3 calls from the
+ * non-secure world.
+ */
+static uintptr_t sip_smc_handler_v3(uint32_t smc_fid,
+ u_register_t x1,
+ u_register_t x2,
+ u_register_t x3,
+ u_register_t x4,
+ void *cookie,
+ void *handle,
+ u_register_t flags)
+{
+ int status = 0;
+ uint32_t mbox_error = 0U;
+ u_register_t x5, x6, x7, x8, x9, x10, x11;
+
+ /* Get all the SMC call arguments */
+ x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ x8 = SMC_GET_GP(handle, CTX_GPREG_X8);
+ x9 = SMC_GET_GP(handle, CTX_GPREG_X9);
+ x10 = SMC_GET_GP(handle, CTX_GPREG_X10);
+ x11 = SMC_GET_GP(handle, CTX_GPREG_X11);
+
+ INFO("MBOX: SVC_V3: x0 0x%x, x1 0x%lx, x2 0x%lx, x3 0x%lx, x4 0x%lx, x5 0x%lx\n",
+ smc_fid, x1, x2, x3, x4, x5);
+ INFO("MBOX: SVC_V3: x6 0x%lx, x7 0x%lx, x8 0x%lx, x9 0x%lx, x10 0x%lx x11 0x%lx\n",
+ x6, x7, x8, x9, x10, x11);
+
+ switch (smc_fid) {
+ case ALTERA_SIP_SMC_ASYNC_RESP_POLL:
+ {
+ uint32_t ret_args[8] = {0};
+ uint32_t ret_args_len;
+
+ status = mailbox_response_poll_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ ret_args,
+ &ret_args_len);
+ /* Always reserve [0] index for command status. */
+ ret_args[0] = status;
+
+ /* Return SMC call based on the number of return arguments */
+ return smc_ret(handle, ret_args, ret_args_len);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_RESP_POLL_ON_INTR:
+ {
+ /* TBD: Here now we don't need these CID and JID?? */
+ uint8_t client_id = 0U;
+ uint8_t job_id = 0U;
+ uint64_t trans_id_bitmap[4] = {0U};
+
+ status = mailbox_response_poll_on_intr_v3(&client_id,
+ &job_id,
+ trans_id_bitmap);
+
+ SMC_RET5(handle, status, trans_id_bitmap[0], trans_id_bitmap[1],
+ trans_id_bitmap[2], trans_id_bitmap[3]);
+ break;
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_GET_DEVICE_IDENTITY:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_DEVICEID,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x2,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_GET_IDCODE:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_IDCODE,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_OPEN:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_OPEN,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_CLOSE:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_CLOSE,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_SET_CS:
+ {
+ uint32_t cmd_data = 0U;
+ uint32_t chip_sel = (uint32_t)x2;
+ uint32_t comb_addr_mode = (uint32_t)x3;
+ uint32_t ext_dec_mode = (uint32_t)x4;
+
+ cmd_data = (chip_sel << MBOX_QSPI_SET_CS_OFFSET) |
+ (comb_addr_mode << MBOX_QSPI_SET_CS_CA_OFFSET) |
+ (ext_dec_mode << MBOX_QSPI_SET_CS_MODE_OFFSET);
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_SET_CS,
+ &cmd_data,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_ERASE:
+ {
+ uint32_t qspi_addr = (uint32_t)x2;
+ uint32_t qspi_nwords = (uint32_t)x3;
+
+ /* QSPI address offset to start erase, must be 4K aligned */
+ if (MBOX_IS_4K_ALIGNED(qspi_addr)) {
+ ERROR("MBOX: 0x%x: QSPI address not 4K aligned\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ /* Number of words to erase, multiples of 0x400 or 4K */
+ if (qspi_nwords % MBOX_QSPI_ERASE_SIZE_GRAN) {
+ ERROR("MBOX: 0x%x: Given words not in multiples of 4K\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ uint32_t cmd_data[2] = {qspi_addr, qspi_nwords};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_ERASE,
+ cmd_data,
+ sizeof(cmd_data) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_WRITE:
+ {
+ uint32_t *qspi_payload = (uint32_t *)x2;
+ uint32_t qspi_total_nwords = (((uint32_t)x3) / MBOX_WORD_BYTE);
+ uint32_t qspi_addr = qspi_payload[0];
+ uint32_t qspi_nwords = qspi_payload[1];
+
+ if (!MBOX_IS_WORD_ALIGNED(qspi_addr)) {
+ ERROR("MBOX: 0x%x: Given address is not WORD aligned\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ if (qspi_nwords > MBOX_QSPI_RW_MAX_WORDS) {
+ ERROR("MBOX: 0x%x: Number of words exceeds max limit\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_WRITE,
+ qspi_payload,
+ qspi_total_nwords,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0U);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_READ:
+ {
+ uint32_t qspi_addr = (uint32_t)x2;
+ uint32_t qspi_nwords = (((uint32_t)x4) / MBOX_WORD_BYTE);
+
+ if (qspi_nwords > MBOX_QSPI_RW_MAX_WORDS) {
+ ERROR("MBOX: 0x%x: Number of words exceeds max limit\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ uint32_t cmd_data[2] = {qspi_addr, qspi_nwords};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_READ,
+ cmd_data,
+ sizeof(cmd_data) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x3,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_QSPI_GET_DEV_INFO:
+ {
+ uint32_t *dst_addr = (uint32_t *)x2;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_QSPI_GET_DEV_INFO,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)dst_addr,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_HWMON_READVOLT:
+ case ALTERA_SIP_SMC_ASYNC_HWMON_READTEMP:
+ {
+ uint32_t channel = (uint32_t)x2;
+ uint32_t mbox_cmd = ((smc_fid == ALTERA_SIP_SMC_ASYNC_HWMON_READVOLT) ?
+ MBOX_HWMON_READVOLT : MBOX_HWMON_READTEMP);
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ mbox_cmd,
+ &channel,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_RANDOM_NUMBER_EXT:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t context_id = (uint32_t)x3;
+ uint64_t ret_random_addr = (uint64_t)x4;
+ uint32_t random_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+ uint32_t crypto_header = 0U;
+
+ if ((random_len > (FCS_RANDOM_EXT_MAX_WORD_SIZE * MBOX_WORD_BYTE)) ||
+ (random_len == 0U) ||
+ (!is_size_4_bytes_aligned(random_len))) {
+ ERROR("MBOX: 0x%x is rejected\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ crypto_header = ((FCS_CS_FIELD_FLAG_INIT | FCS_CS_FIELD_FLAG_FINALIZE) <<
+ FCS_CS_FIELD_FLAG_OFFSET);
+ fcs_rng_payload payload = {session_id, context_id,
+ crypto_header, random_len};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_RANDOM_GEN,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_random_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_PROVISION_DATA:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_GET_PROVISION,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)x2,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CNTR_SET_PREAUTH:
+ {
+ status = intel_fcs_cntr_set_preauth(smc_fid, x1, x2, x3,
+ x4, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CHIP_ID:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_GET_CHIPID,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_get_chipid_cb,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_ATTESTATION_CERT:
+ {
+ status = intel_fcs_get_attestation_cert(smc_fid, x1, x2, x3,
+ (uint32_t *) &x4, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CERT_ON_RELOAD:
+ {
+ status = intel_fcs_create_cert_on_reload(smc_fid, x1,
+ x2, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CRYPTION_EXT:
+ {
+ if (x4 == FCS_MODE_ENCRYPT) {
+ status = intel_fcs_encryption_ext(smc_fid, x1, x2, x3,
+ x5, x6, x7, (uint32_t *) &x8,
+ &mbox_error, x10, x11);
+ } else if (x4 == FCS_MODE_DECRYPT) {
+ status = intel_fcs_decryption_ext(smc_fid, x1, x2, x3,
+ x5, x6, x7, (uint32_t *) &x8,
+ &mbox_error, x9, x10, x11);
+ } else {
+ ERROR("MBOX: 0x%x: Wrong crypto mode\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_SEND_CERTIFICATE:
+ {
+ status = intel_fcs_send_cert(smc_fid, x1, x2, x3, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_OPEN_CS_SESSION:
+ {
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_OPEN_CS_SESSION,
+ NULL,
+ 0U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CLOSE_CS_SESSION:
+ {
+ uint32_t session_id = (uint32_t)x2;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_CLOSE_CS_SESSION,
+ &session_id,
+ 1U,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret2,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_IMPORT_CS_KEY:
+ {
+ uint64_t key_addr = x2;
+ uint32_t key_len_words = (uint32_t)x3 / MBOX_WORD_BYTE;
+
+ if ((key_len_words > FCS_CS_KEY_OBJ_MAX_WORD_SIZE) ||
+ (!is_address_in_ddr_range(key_addr, key_len_words * 4))) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range or key len exceeds\n",
+ smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_IMPORT_CS_KEY,
+ (uint32_t *)key_addr,
+ key_len_words,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_CREATE_CS_KEY:
+ {
+ uint64_t key_addr = x2;
+ uint32_t key_len_words = (uint32_t)x3 / MBOX_WORD_BYTE;
+
+ if (!is_address_in_ddr_range(key_addr, key_len_words * 4)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_CREATE_CS_KEY,
+ (uint32_t *)key_addr,
+ key_len_words,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_EXPORT_CS_KEY:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+ uint64_t ret_key_addr = (uint64_t)x4;
+ uint32_t key_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+
+ if (!is_address_in_ddr_range(ret_key_addr, key_len)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_EXPORT_CS_KEY,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_key_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_REMOVE_CS_KEY:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_REMOVE_CS_KEY,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_cmd_cb_ret3,
+ NULL,
+ 0);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_CS_KEY_INFO:
+ {
+ uint32_t session_id = (uint32_t)x2;
+ uint32_t key_uid = (uint32_t)x3;
+ uint64_t ret_key_addr = (uint64_t)x4;
+ uint32_t key_len = (uint32_t)SMC_GET_GP(handle, CTX_GPREG_X5);
+
+ if (!is_address_in_ddr_range(ret_key_addr, key_len)) {
+ ERROR("MBOX: 0x%x: Addr not in DDR range\n", smc_fid);
+ status = INTEL_SIP_SMC_STATUS_REJECTED;
+ SMC_RET1(handle, status);
+ }
+
+ fcs_cs_key_payload payload = {session_id, RESERVED_AS_ZERO,
+ RESERVED_AS_ZERO, key_uid};
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_FCS_GET_CS_KEY_INFO,
+ (uint32_t *)&payload,
+ sizeof(payload) / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ (uint32_t *)ret_key_addr,
+ 2);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_INIT:
+ {
+ status = intel_fcs_aes_crypt_init(x2, x3, x4, x5,
+ x6, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE:
+ {
+ uint32_t job_id = 0U;
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_AES_CRYPT_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, x7, x8, is_final,
+ &job_id, x9, x10);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_INIT:
+ {
+ status = intel_fcs_get_digest_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_GET_DIGEST_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_get_digest_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, (uint32_t *) &x7,
+ is_final, &mbox_error, x8);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_INIT:
+ {
+ status = intel_fcs_mac_verify_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_MAC_VERIFY_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, x1, x2,
+ x3, x4, x5, x6, (uint32_t *) &x7, x8,
+ is_final, &mbox_error, x9);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_INIT:
+ {
+ status = intel_fcs_ecdsa_hash_sign_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIGN_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_hash_sign_finalize(smc_fid, x1, x2, x3,
+ x4, x5, x6, (uint32_t *) &x7,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_INIT:
+ {
+ status = intel_fcs_ecdsa_sha2_data_sign_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE:
+ {
+ bool is_final = (smc_fid == ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE)
+ ? true : false;
+
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ x1, x2, x3, x4, x5, x6, (uint32_t *) &x7,
+ is_final, &mbox_error, x8);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_INIT:
+ {
+ status = intel_fcs_ecdsa_hash_sig_verify_init(x2, x3, x4, x5,
+ x6, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_hash_sig_verify_finalize(smc_fid, x1,
+ x2, x3, x4, x5, x6, (uint32_t *) &x7,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT:
+ {
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_init(x2, x3, x4,
+ x5, x6, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_UPDATE:
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE:
+ {
+ bool is_final = (smc_fid ==
+ ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_FINALIZE) ?
+ true : false;
+
+ status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
+ smc_fid, x1, x2, x3, x4, x5, x6,
+ (uint32_t *) &x7, x8, is_final,
+ &mbox_error, x9);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_INIT:
+ {
+ status = intel_fcs_ecdsa_get_pubkey_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDSA_GET_PUBKEY_FINALIZE:
+ {
+ status = intel_fcs_ecdsa_get_pubkey_finalize(smc_fid, x1, x2, x3,
+ x4, (uint32_t *) &x5, &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_INIT:
+ {
+ status = intel_fcs_ecdh_request_init(x2, x3, x4, x5, x6,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_ECDH_REQUEST_FINALIZE:
+ {
+ uint32_t dest_size = (uint32_t)x7;
+
+ NOTICE("MBOX: %s, %d: x7 0x%x, dest_size 0x%x\n",
+ __func__, __LINE__, (uint32_t)x7, dest_size);
+
+ status = intel_fcs_ecdh_request_finalize(smc_fid, x1, x2, x3,
+ x4, x5, x6, (uint32_t *) &dest_size,
+ &mbox_error);
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_MCTP_MSG:
+ {
+ uint32_t *src_addr = (uint32_t *)x2;
+ uint32_t src_size = (uint32_t)x3;
+ uint32_t *dst_addr = (uint32_t *)x4;
+
+ status = mailbox_send_cmd_async_v3(GET_CLIENT_ID(x1),
+ GET_JOB_ID(x1),
+ MBOX_CMD_MCTP_MSG,
+ src_addr,
+ src_size / MBOX_WORD_BYTE,
+ MBOX_CMD_FLAG_CASUAL,
+ sip_smc_ret_nbytes_cb,
+ dst_addr,
+ 2);
+
+ SMC_RET1(handle, status);
+ }
+
+ case ALTERA_SIP_SMC_ASYNC_FCS_HKDF_REQUEST:
+ {
+ status = intel_fcs_hkdf_request(smc_fid, x1, x2, x3, x4, x5, x6,
+ x7);
+ SMC_RET1(handle, status);
+ }
+
+ default:
+ return socfpga_sip_handler(smc_fid, x1, x2, x3, x4,
+ cookie, handle, flags);
+ } /* switch (smc_fid) */
+}
+#endif
+
/*
* This function is responsible for handling all SiP calls from the NS world
*/
@@ -995,11 +1826,11 @@
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
if (x3 == FCS_MODE_DECRYPT) {
- status = intel_fcs_decryption_ext(x1, x2, x4, x5, x6,
- (uint32_t *) &x7, &mbox_error);
+ status = intel_fcs_decryption_ext(smc_fid, 0, x1, x2, x4, x5, x6,
+ (uint32_t *) &x7, &mbox_error, 0, 0, 0);
} else if (x3 == FCS_MODE_ENCRYPT) {
- status = intel_fcs_encryption_ext(x1, x2, x4, x5, x6,
- (uint32_t *) &x7, &mbox_error);
+ status = intel_fcs_encryption_ext(smc_fid, 0, x1, x2, x4, x5, x6,
+ (uint32_t *) &x7, &mbox_error, 0, 0);
} else {
status = INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -1017,7 +1848,7 @@
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_SEND_CERTIFICATE:
- status = intel_fcs_send_cert(x1, x2, &send_id);
+ status = intel_fcs_send_cert(smc_fid, 0, x1, x2, &send_id);
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_GET_PROVISION_DATA:
@@ -1025,7 +1856,7 @@
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_CNTR_SET_PREAUTH:
- status = intel_fcs_cntr_set_preauth(x1, x2, x3,
+ status = intel_fcs_cntr_set_preauth(smc_fid, 0, x1, x2, x3,
&mbox_error);
SMC_RET2(handle, status, mbox_error);
@@ -1060,12 +1891,12 @@
SMC_RET4(handle, status, mbox_error, x3, x4);
case INTEL_SIP_SMC_FCS_GET_ATTESTATION_CERT:
- status = intel_fcs_get_attestation_cert(x1, x2,
+ status = intel_fcs_get_attestation_cert(smc_fid, 0, x1, x2,
(uint32_t *) &x3, &mbox_error);
SMC_RET4(handle, status, mbox_error, x2, x3);
case INTEL_SIP_SMC_FCS_CREATE_CERT_ON_RELOAD:
- status = intel_fcs_create_cert_on_reload(x1, &mbox_error);
+ status = intel_fcs_create_cert_on_reload(smc_fid, 0, x1, &mbox_error);
SMC_RET2(handle, status, mbox_error);
case INTEL_SIP_SMC_FCS_OPEN_CS_SESSION:
@@ -1104,17 +1935,17 @@
case INTEL_SIP_SMC_FCS_GET_DIGEST_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, false,
- &mbox_error);
+ status = intel_fcs_get_digest_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_GET_DIGEST_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_get_digest_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, true,
- &mbox_error);
+ status = intel_fcs_get_digest_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_GET_DIGEST_SMMU_UPDATE:
@@ -1143,18 +1974,18 @@
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
- status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, x7,
- false, &mbox_error);
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, x7, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_MAC_VERIFY_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
- status = intel_fcs_mac_verify_update_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, x7,
- true, &mbox_error);
+ status = intel_fcs_mac_verify_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6, x7, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_MAC_VERIFY_SMMU_UPDATE:
@@ -1184,17 +2015,17 @@
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(x1, x2,
- x3, x4, x5, (uint32_t *) &x6, false,
- &mbox_error);
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ 0, x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ false, &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(x1, x2,
- x3, x4, x5, (uint32_t *) &x6, true,
- &mbox_error);
+ status = intel_fcs_ecdsa_sha2_data_sign_update_finalize(smc_fid,
+ 0, x1, x2, x3, x4, x5, (uint32_t *) &x6,
+ true, &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIGN_SMMU_UPDATE:
@@ -1222,8 +2053,9 @@
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIGN_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_hash_sign_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, &mbox_error);
+ status = intel_fcs_ecdsa_hash_sign_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, (uint32_t *) &x6,
+ &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_INIT:
@@ -1235,8 +2067,9 @@
case INTEL_SIP_SMC_FCS_ECDSA_HASH_SIG_VERIFY_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdsa_hash_sig_verify_finalize(x1, x2, x3,
- x4, x5, (uint32_t *) &x6, &mbox_error);
+ status = intel_fcs_ecdsa_hash_sig_verify_finalize(smc_fid, 0, x1,
+ x2, x3, x4, x5, (uint32_t *) &x6,
+ &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_INIT:
@@ -1250,8 +2083,9 @@
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
- x1, x2, x3, x4, x5, (uint32_t *) &x6,
- x7, false, &mbox_error);
+ smc_fid, 0, x1, x2, x3, x4, x5,
+ (uint32_t *) &x6, x7, false,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_SHA2_DATA_SIG_VERIFY_SMMU_UPDATE:
@@ -1277,8 +2111,9 @@
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
x7 = SMC_GET_GP(handle, CTX_GPREG_X7);
status = intel_fcs_ecdsa_sha2_data_sig_verify_update_finalize(
- x1, x2, x3, x4, x5, (uint32_t *) &x6,
- x7, true, &mbox_error);
+ smc_fid, 0, x1, x2, x3, x4, x5,
+ (uint32_t *) &x6, x7, true,
+ &mbox_error, 0);
SMC_RET4(handle, status, mbox_error, x5, x6);
case INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_INIT:
@@ -1288,8 +2123,9 @@
SMC_RET2(handle, status, mbox_error);
case INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE:
- status = intel_fcs_ecdsa_get_pubkey_finalize(x1, x2, x3,
- (uint32_t *) &x4, &mbox_error);
+ status = intel_fcs_ecdsa_get_pubkey_finalize(
+ INTEL_SIP_SMC_FCS_ECDSA_GET_PUBKEY_FINALIZE, 0,
+ x1, x2, x3, (uint32_t *) &x4, &mbox_error);
SMC_RET4(handle, status, mbox_error, x3, x4);
case INTEL_SIP_SMC_FCS_ECDH_REQUEST_INIT:
@@ -1301,7 +2137,7 @@
case INTEL_SIP_SMC_FCS_ECDH_REQUEST_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_ecdh_request_finalize(x1, x2, x3,
+ status = intel_fcs_ecdh_request_finalize(smc_fid, 0, x1, x2, x3,
x4, x5, (uint32_t *) &x6, &mbox_error);
SMC_RET4(handle, status, mbox_error, x5, x6);
@@ -1314,15 +2150,15 @@
case INTEL_SIP_SMC_FCS_AES_CRYPT_UPDATE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_aes_crypt_update_finalize(x1, x2, x3, x4,
- x5, x6, false, &send_id);
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, x6, 0, false, &send_id, 0, 0);
SMC_RET1(handle, status);
case INTEL_SIP_SMC_FCS_AES_CRYPT_FINALIZE:
x5 = SMC_GET_GP(handle, CTX_GPREG_X5);
x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
- status = intel_fcs_aes_crypt_update_finalize(x1, x2, x3, x4,
- x5, x6, true, &send_id);
+ status = intel_fcs_aes_crypt_update_finalize(smc_fid, 0, x1, x2,
+ x3, x4, x5, x6, 0, true, &send_id, 0, 0);
SMC_RET1(handle, status);
#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
@@ -1379,7 +2215,16 @@
cmd <= INTEL_SIP_SMC_CMD_V2_RANGE_END) {
return sip_smc_handler_v2(smc_fid, x1, x2, x3, x4,
cookie, handle, flags);
- } else {
+ }
+#if SIP_SVC_V3
+ else if ((cmd >= INTEL_SIP_SMC_CMD_V3_RANGE_BEGIN) &&
+ (cmd <= INTEL_SIP_SMC_CMD_V3_RANGE_END)) {
+ uintptr_t ret = sip_smc_handler_v3(smc_fid, x1, x2, x3, x4,
+ cookie, handle, flags);
+ return ret;
+ }
+#endif
+ else {
return sip_smc_handler_v1(smc_fid, x1, x2, x3, x4,
cookie, handle, flags);
}
diff --git a/plat/intel/soc/n5x/bl31_plat_setup.c b/plat/intel/soc/n5x/bl31_plat_setup.c
index cb5ced6..65de036 100644
--- a/plat/intel/soc/n5x/bl31_plat_setup.c
+++ b/plat/intel/soc/n5x/bl31_plat_setup.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2020-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -115,6 +116,16 @@
mmio_write_64(PLAT_CPU_RELEASE_ADDR,
(uint64_t)plat_secondary_cpus_bl31_entry);
+#if SIP_SVC_V3
+ /*
+ * Re-initialize the mailbox to include V3 specific routines.
+ * In V3, this re-initialize is required because prior to BL31, U-Boot
+ * SPL has its own mailbox settings and this initialization will
+ * override to those settings as required by the V3 framework.
+ */
+ mailbox_init();
+#endif
+
mailbox_hps_stage_notify(HPS_EXECUTION_STATE_SSBL);
}
diff --git a/plat/intel/soc/stratix10/bl31_plat_setup.c b/plat/intel/soc/stratix10/bl31_plat_setup.c
index d0aa972..5c25e43 100644
--- a/plat/intel/soc/stratix10/bl31_plat_setup.c
+++ b/plat/intel/soc/stratix10/bl31_plat_setup.c
@@ -1,6 +1,7 @@
/*
* Copyright (c) 2019-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2025, Altera Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -122,6 +123,16 @@
mmio_write_64(PLAT_CPU_RELEASE_ADDR,
(uint64_t)plat_secondary_cpus_bl31_entry);
+#if SIP_SVC_V3
+ /*
+ * Re-initialize the mailbox to include V3 specific routines.
+ * In V3, this re-initialize is required because prior to BL31, U-Boot
+ * SPL has its own mailbox settings and this initialization will
+ * override to those settings as required by the V3 framework.
+ */
+ mailbox_init();
+#endif
+
mailbox_hps_stage_notify(HPS_EXECUTION_STATE_SSBL);
}
diff --git a/plat/mediatek/build_helpers/options.mk b/plat/mediatek/build_helpers/options.mk
index 75cc80a..080e735 100644
--- a/plat/mediatek/build_helpers/options.mk
+++ b/plat/mediatek/build_helpers/options.mk
@@ -1,27 +1,31 @@
#
-# Copyright (c) 2022-2023, MediaTek Inc. All rights reserved.
+# Copyright (c) 2022-2025, MediaTek Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
# call add_defined_option to evaluate MTK defined value
-$(eval $(call add_defined_option,MTK_SIP_KERNEL_BOOT_ENABLE))
-$(eval $(call add_defined_option,PLAT_EXTRA_RODATA_INCLUDES))
-$(eval $(call add_defined_option,MTK_EXTRA_LINKERFILE))
-$(eval $(call add_defined_option,MTK_BL31_AS_BL2))
-$(eval $(call add_defined_option,MTK_BL33_IS_64BIT))
-$(eval $(call add_defined_option,PLAT_XLAT_TABLES_DYNAMIC))
-$(eval $(call add_defined_option,MTK_ADAPTED))
-$(eval $(call add_defined_option,MTK_PUBEVENT_ENABLE))
-$(eval $(call add_defined_option,MTK_SOC))
-$(eval $(call add_defined_option,UART_CLOCK))
-$(eval $(call add_defined_option,UART_BAUDRATE))
-$(eval $(call add_defined_option,CONFIG_MTK_MCUSYS))
-$(eval $(call add_defined_option,CONFIG_MTK_PM_SUPPORT))
-$(eval $(call add_defined_option,CONFIG_MTK_CPU_PM_SUPPORT))
-$(eval $(call add_defined_option,CONFIG_MTK_SMP_EN))
-$(eval $(call add_defined_option,CONFIG_MTK_CPU_SUSPEND_EN))
-$(eval $(call add_defined_option,CONFIG_MTK_PM_ARCH))
-$(eval $(call add_defined_option,CONFIG_MTK_CPU_PM_ARCH))
-$(eval $(call add_defined_option,CONFIG_MTK_SUPPORT_SYSTEM_SUSPEND))
-$(eval $(call add_defined_option,CONFIG_MTK_MTCMOS))
+DEFINED_OPTIONS := \
+ CONFIG_MTK_CPU_PM_ARCH \
+ CONFIG_MTK_CPU_PM_SUPPORT \
+ CONFIG_MTK_CPU_SUSPEND_EN \
+ CONFIG_MTK_DISABLE_CACHE_AS_RAM \
+ CONFIG_MTK_MCUSYS \
+ CONFIG_MTK_MTCMOS \
+ CONFIG_MTK_PM_ARCH \
+ CONFIG_MTK_PM_SUPPORT \
+ CONFIG_MTK_SMP_EN \
+ CONFIG_MTK_SUPPORT_SYSTEM_SUSPEND \
+ MTK_ADAPTED \
+ MTK_BL31_AS_BL2 \
+ MTK_BL33_IS_64BIT \
+ MTK_EXTRA_LINKERFILE \
+ MTK_PUBEVENT_ENABLE \
+ MTK_SIP_KERNEL_BOOT_ENABLE \
+ MTK_SOC \
+ PLAT_EXTRA_RODATA_INCLUDES \
+ PLAT_XLAT_TABLES_DYNAMIC \
+ UART_BAUDRATE \
+ UART_CLOCK
+
+$(foreach opt, $(DEFINED_OPTIONS),$(eval $(call add_defined_option,$(opt))))
diff --git a/plat/mediatek/common/cache_ops.c b/plat/mediatek/common/cache_ops.c
new file mode 100644
index 0000000..df43667
--- /dev/null
+++ b/plat/mediatek/common/cache_ops.c
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <arch_helpers.h>
+#include <lib/mmio.h>
+
+#include <cache_ops.h>
+#include <mcucfg.h>
+
+#define L3_SHARE_EN 9
+#define L3_SHARE_PRE_EN 8
+
+void disable_cache_as_ram(void)
+{
+ unsigned long v;
+
+ mmio_clrbits_32(MP0_CLUSTER_CFG0, 1 << L3_SHARE_EN);
+ dsb();
+
+ __asm__ volatile ("mrs %0, S3_0_C15_C3_5" : "=r" (v));
+ v |= (0xf << 4);
+ __asm__ volatile ("msr S3_0_C15_C3_5, %0" : : "r" (v));
+ dsb();
+
+ do {
+ __asm__ volatile ("mrs %0, S3_0_C15_C3_7" : "=r" (v));
+ } while (((v >> 0x4) & 0xf) != 0xf);
+
+ mmio_clrbits_32(MP0_CLUSTER_CFG0, 1 << L3_SHARE_PRE_EN);
+ dsb();
+}
diff --git a/plat/mediatek/common/cache_ops.h b/plat/mediatek/common/cache_ops.h
new file mode 100644
index 0000000..aeec6be
--- /dev/null
+++ b/plat/mediatek/common/cache_ops.h
@@ -0,0 +1,11 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef _CACHES_OPS_H_
+#define _CACHES_OPS_H_
+
+void disable_cache_as_ram(void);
+
+#endif /* _CACHES_OPS_H_ */
diff --git a/plat/mediatek/mt8196/include/plat_macros.S b/plat/mediatek/common/include/plat_macros.S
similarity index 93%
rename from plat/mediatek/mt8196/include/plat_macros.S
rename to plat/mediatek/common/include/plat_macros.S
index c646edd..b26be39 100644
--- a/plat/mediatek/mt8196/include/plat_macros.S
+++ b/plat/mediatek/common/include/plat_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2024, Mediatek Inc. All rights reserved.
+ * Copyright (c) 2025, Mediatek Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/plat/mediatek/mt8196/include/plat_private.h b/plat/mediatek/common/include/plat_private.h
similarity index 88%
rename from plat/mediatek/mt8196/include/plat_private.h
rename to plat/mediatek/common/include/plat_private.h
index 1ed1973..9a0a6ae 100644
--- a/plat/mediatek/mt8196/include/plat_private.h
+++ b/plat/mediatek/common/include/plat_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2024, Mediatek Inc. All rights reserved.
+ * Copyright (c) 2025, Mediatek Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/plat/mediatek/common/mtk_bl31_setup.c b/plat/mediatek/common/mtk_bl31_setup.c
index 0d264b9..a6d1e73 100644
--- a/plat/mediatek/common/mtk_bl31_setup.c
+++ b/plat/mediatek/common/mtk_bl31_setup.c
@@ -24,6 +24,9 @@
#endif
/* MTK headers */
+#if CONFIG_MTK_DISABLE_CACHE_AS_RAM
+#include <cache_ops.h>
+#endif
#if MTK_SIP_KERNEL_BOOT_ENABLE
#include <cold_boot.h>
#endif
@@ -101,6 +104,9 @@
u_register_t hw_config, u_register_t plat_params_from_bl2)
{
+#if CONFIG_MTK_DISABLE_CACHE_AS_RAM
+ disable_cache_as_ram();
+#endif
#if COREBOOT
static console_t console;
diff --git a/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.c b/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.c
index 632af52..70168d1 100644
--- a/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.c
+++ b/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.c
@@ -22,7 +22,15 @@
uint32_t count = 0;
while ((mmio_read_32(reg) & mask) != expect) {
- if (count > retry_times) {
+ /*
+ * If retry_times == HW_SEM_NO_WAIT, it is just for checking if the hardware
+ * semaphore can be locked or not. The purpose is for SMMU to check NPU power
+ * status. Hence, just returning -EBUSY is okay. There is no need to show any
+ * ERROR message here.
+ */
+ if (retry_times == HW_SEM_NO_WAIT) {
+ return -EBUSY;
+ } else if (count > retry_times) {
ERROR("%s: timed out, reg = %x, mask = %x, expect = %x\n",
__func__, reg, mask, expect);
return -EBUSY;
@@ -116,14 +124,14 @@
{
return apu_hw_sema_ctl_per_mbox(APU_MBOX(APU_HW_SEM_SYS_APMCU) + APU_MBOX_SEMA1_CTRL,
APU_MBOX(APU_HW_SEM_SYS_APMCU) + APU_MBOX_SEMA1_STA,
- APU_HW_SEM_SYS_APMCU, HW_SEM_GET, 0, 0);
+ APU_HW_SEM_SYS_APMCU, HW_SEM_GET, HW_SEM_NO_WAIT, 0);
}
int rv_iommu_hw_sem_unlock(void)
{
return apu_hw_sema_ctl_per_mbox(APU_MBOX(APU_HW_SEM_SYS_APMCU) + APU_MBOX_SEMA1_CTRL,
APU_MBOX(APU_HW_SEM_SYS_APMCU) + APU_MBOX_SEMA1_STA,
- APU_HW_SEM_SYS_APMCU, HW_SEM_PUT, 0, 0);
+ APU_HW_SEM_SYS_APMCU, HW_SEM_PUT, HW_SEM_NO_WAIT, 0);
}
int apu_hw_sema_ctl(uint32_t sem_addr, uint8_t usr_bit, uint8_t ctl, uint32_t timeout,
diff --git a/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.h b/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.h
index b5a48e2..17f5500 100644
--- a/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.h
+++ b/plat/mediatek/drivers/apusys/mt8196/apusys_rv_pwr_ctrl.h
@@ -27,6 +27,7 @@
uint8_t bypass);
#define HW_SEM_TIMEOUT (300) /* 300 us */
+#define HW_SEM_NO_WAIT (0) /* no wait */
/* APU MBOX */
#define MBOX_WKUP_CFG (0x80)
diff --git a/plat/mediatek/drivers/cpu_pm/cpcv5_4/mt_lp_irqremain.c b/plat/mediatek/drivers/cpu_pm/cpcv5_4/mt_lp_irqremain.c
index 563e6b5..a1c903e 100644
--- a/plat/mediatek/drivers/cpu_pm/cpcv5_4/mt_lp_irqremain.c
+++ b/plat/mediatek/drivers/cpu_pm/cpcv5_4/mt_lp_irqremain.c
@@ -7,12 +7,11 @@
#include <stdint.h>
#include <stdio.h>
-#include <drivers/cirq.h>
-
#include <platform_def.h>
#include <lib/pm/mtk_pm.h>
#include <lpm_v2/mt_lp_rm.h>
+#include <mt_cirq.h>
#include "mt_cpu_pm.h"
#include "mt_lp_irqremain.h"
diff --git a/plat/mediatek/drivers/gicv3/mt_gic_v3.c b/plat/mediatek/drivers/gicv3/mt_gic_v3.c
index 659ca9c..e9bbbe1 100644
--- a/plat/mediatek/drivers/gicv3/mt_gic_v3.c
+++ b/plat/mediatek/drivers/gicv3/mt_gic_v3.c
@@ -23,7 +23,7 @@
uintptr_t rdistif_base_addrs[PLATFORM_CORE_COUNT];
-static gicv3_redist_ctx_t rdist_ctx;
+static gicv3_redist_ctx_t rdist_ctx[PLATFORM_CORE_COUNT];
static gicv3_dist_ctx_t dist_ctx;
/* Configure Secure IRQs */
@@ -112,7 +112,7 @@
* before the Distributor context.
*/
for (cpu = 0; cpu < PLATFORM_CORE_COUNT; cpu++)
- gicv3_rdistif_save(cpu, &rdist_ctx);
+ gicv3_rdistif_save(cpu, &rdist_ctx[cpu]);
}
void mt_gic_rdistif_restore(void)
@@ -126,7 +126,7 @@
* the SYSTEM SUSPEND call.
*/
for (cpu = 0; cpu < PLATFORM_CORE_COUNT; cpu++)
- gicv3_rdistif_init_restore(cpu, &rdist_ctx);
+ gicv3_rdistif_init_restore(cpu, &rdist_ctx[cpu]);
}
void mt_gic_redistif_on(void)
diff --git a/plat/mediatek/drivers/smmu/smmu.c b/plat/mediatek/drivers/smmu/smmu.c
index 4d31071..a3d83ec 100644
--- a/plat/mediatek/drivers/smmu/smmu.c
+++ b/plat/mediatek/drivers/smmu/smmu.c
@@ -255,9 +255,6 @@
break;
}
- if (ret)
- ERROR(TAG "%s, smmu_%u cmd:%u fail:%u\n", __func__, smmu_id, cmd_id, ret);
-
return ret;
}
/* Register MTK SMMU service */
diff --git a/plat/mediatek/drivers/ufs/rules.mk b/plat/mediatek/drivers/ufs/rules.mk
new file mode 100644
index 0000000..877cbc7
--- /dev/null
+++ b/plat/mediatek/drivers/ufs/rules.mk
@@ -0,0 +1,19 @@
+#
+# Copyright (c) 2025, MediaTek Inc. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+LOCAL_DIR := $(call GET_LOCAL_DIR)
+
+MODULE := ufs
+
+PLAT_INCLUDES += -I$(LOCAL_DIR)
+PLAT_INCLUDES += -I$(MTK_PLAT)/include/drivers/
+
+LOCAL_SRCS-y := $(LOCAL_DIR)/ufs_ctrl.c
+ifeq ($(MTKLIB_PATH),)
+LOCAL_SRCS-y += $(LOCAL_DIR)/ufs_stub.c
+endif
+
+$(eval $(call MAKE_MODULE,$(MODULE),$(LOCAL_SRCS-y),$(MTK_BL)))
diff --git a/plat/mediatek/drivers/ufs/ufs_ctrl.c b/plat/mediatek/drivers/ufs/ufs_ctrl.c
new file mode 100644
index 0000000..af27e67
--- /dev/null
+++ b/plat/mediatek/drivers/ufs/ufs_ctrl.c
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+
+/* MTK header */
+#include <drivers/pmic/pmic_swap_api.h>
+#include <mtk_bl31_interface.h>
+#include <mtk_sip_svc.h>
+
+/* UFS generic control flags */
+#define UFS_MTK_SIP_VA09_PWR_CTRL BIT(0)
+#define UFS_MTK_SIP_DEVICE_RESET BIT(1)
+#define UFS_MTK_SIP_CRYPTO_CTRL BIT(2)
+#define UFS_MTK_SIP_REF_CLK_NOTIFICATION BIT(3)
+#define UFS_MTK_SIP_SRAM_PWR_CTRL BIT(5)
+#define UFS_MTK_SIP_GET_VCC_INFO BIT(6)
+#define UFS_MTK_SIP_DEVICE_PWR_CTRL BIT(7)
+#define UFS_MTK_SIP_MPHY_CTRL BIT(8)
+#define UFS_MTK_SIP_MTCMOS_CTRL BIT(9)
+
+enum {
+ VCC_NONE = 0,
+ VCC_1,
+ VCC_2,
+};
+
+static void ufs_get_vcc_info(struct smccc_res *smccc_ret)
+{
+ if (smccc_ret == NULL)
+ return;
+
+ if (is_second_pmic_pp_swap())
+ smccc_ret->a1 = VCC_2;
+ else
+ smccc_ret->a1 = VCC_1;
+}
+
+static u_register_t ufs_knl_ctrl(u_register_t x1,
+ u_register_t x2,
+ u_register_t x3,
+ u_register_t x4,
+ void *handle,
+ struct smccc_res *smccc_ret)
+{
+ uint64_t ret = 0;
+
+ switch (x1) {
+ case UFS_MTK_SIP_VA09_PWR_CTRL:
+ ufs_mphy_va09_cg_ctrl((bool)!!x2);
+ break;
+ case UFS_MTK_SIP_DEVICE_RESET:
+ ufs_device_reset_ctrl((bool)!!x2);
+ break;
+ case UFS_MTK_SIP_CRYPTO_CTRL:
+ ufs_crypto_hie_init();
+ break;
+ case UFS_MTK_SIP_REF_CLK_NOTIFICATION:
+ ufs_ref_clk_status(x2, x3);
+ break;
+ case UFS_MTK_SIP_SRAM_PWR_CTRL:
+ ufs_sram_pwr_ctrl(x2);
+ break;
+ case UFS_MTK_SIP_GET_VCC_INFO:
+ ufs_get_vcc_info(smccc_ret);
+ break;
+ case UFS_MTK_SIP_DEVICE_PWR_CTRL:
+ ufs_device_pwr_ctrl(x2, x3);
+ break;
+ case UFS_MTK_SIP_MPHY_CTRL:
+ ufs_mphy_ctrl(x2);
+ break;
+ case UFS_MTK_SIP_MTCMOS_CTRL:
+ ufs_mtcmos_ctrl(x2);
+ break;
+ default:
+ ret = -1;
+ WARN("[UFS] invalid argument 0x%lx from kernel\n", x1);
+ break;
+ }
+
+ return ret;
+}
+
+static u_register_t ufs_bl_ctrl(u_register_t x1,
+ u_register_t x2,
+ u_register_t x3,
+ u_register_t x4,
+ void *handle,
+ struct smccc_res *smccc_ret)
+{
+ uint64_t ret = 0;
+
+ switch (x1) {
+ case UFS_MTK_SIP_DEVICE_RESET:
+ ufs_device_reset_ctrl(x2);
+ break;
+ default:
+ ret = -1;
+ WARN("[UFS] invalid argument 0x%lx from bootloader\n", x1);
+ break;
+ }
+
+ return ret;
+}
+
+DECLARE_SMC_HANDLER(MTK_SIP_KERNEL_UFS_CONTROL, ufs_knl_ctrl);
+DECLARE_SMC_HANDLER(MTK_SIP_BL_UFS_CONTROL, ufs_bl_ctrl);
diff --git a/plat/mediatek/drivers/ufs/ufs_stub.c b/plat/mediatek/drivers/ufs/ufs_stub.c
new file mode 100644
index 0000000..c03f27e
--- /dev/null
+++ b/plat/mediatek/drivers/ufs/ufs_stub.c
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <mtk_bl31_interface.h>
+
+void ufs_mphy_va09_cg_ctrl(bool enable) {}
+void ufs_device_reset_ctrl(bool rst_n) {}
+void ufs_crypto_hie_init(void) {}
+void ufs_ref_clk_status(uint32_t on, enum ufs_notify_change_status stage) {}
+void ufs_sram_pwr_ctrl(bool on) {}
+void ufs_device_pwr_ctrl(bool vcc_on, uint64_t ufs_version) {}
+void ufs_mphy_ctrl(enum ufs_mtk_mphy_op op) {}
+void ufs_mtcmos_ctrl(bool on) {}
diff --git a/plat/mediatek/include/mtk_bl31_interface.h b/plat/mediatek/include/mtk_bl31_interface.h
new file mode 100644
index 0000000..9650f71
--- /dev/null
+++ b/plat/mediatek/include/mtk_bl31_interface.h
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef __MTK_BL31_INTERFACE_H__
+#define __MTK_BL31_INTERFACE_H__
+
+#include <stdbool.h>
+#include <stdint.h>
+
+/* UFS definitions */
+enum ufs_mtk_mphy_op {
+ UFS_MPHY_BACKUP = 0,
+ UFS_MPHY_RESTORE,
+};
+
+enum ufs_notify_change_status {
+ PRE_CHANGE,
+ POST_CHANGE,
+};
+
+/* UFS interfaces */
+void ufs_mphy_va09_cg_ctrl(bool enable);
+void ufs_device_reset_ctrl(bool rst_n);
+void ufs_crypto_hie_init(void);
+void ufs_ref_clk_status(uint32_t on, enum ufs_notify_change_status stage);
+void ufs_sram_pwr_ctrl(bool on);
+void ufs_device_pwr_ctrl(bool vcc_on, uint64_t ufs_version);
+void ufs_mphy_ctrl(enum ufs_mtk_mphy_op op);
+void ufs_mtcmos_ctrl(bool on);
+
+#endif /* __MTK_BL31_INTERFACE_H__ */
diff --git a/plat/mediatek/mt8173/platform.mk b/plat/mediatek/mt8173/platform.mk
index 4d5a100..a41c205 100644
--- a/plat/mediatek/mt8173/platform.mk
+++ b/plat/mediatek/mt8173/platform.mk
@@ -21,7 +21,7 @@
PLAT_BL_COMMON_SOURCES := lib/xlat_tables/xlat_tables_common.c \
lib/xlat_tables/aarch64/xlat_tables.c \
- plat/arm/common/arm_gicv2.c \
+ plat/common/plat_gicv2_base.c \
plat/common/plat_gicv2.c \
plat/common/aarch64/crash_console_helpers.S
diff --git a/plat/mediatek/mt8186/include/plat_macros.S b/plat/mediatek/mt8186/include/plat_macros.S
deleted file mode 100644
index 39727ea..0000000
--- a/plat/mediatek/mt8186/include/plat_macros.S
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-#ifndef PLAT_MACROS_S
-#define PLAT_MACROS_S
-
-#include <platform_def.h>
-
-.section .rodata.gic_reg_name, "aS"
-gicc_regs:
- .asciz "gicc_hppir", "gicc_ahppir", "gicc_ctlr", ""
-gicd_pend_reg:
- .asciz "gicd_ispendr regs (Offsets 0x200 - 0x278)\n" \
- " Offset:\t\t\tvalue\n"
-newline:
- .asciz "\n"
-spacer:
- .asciz ":\t\t0x"
-
-.section .rodata.cci_reg_name, "aS"
-cci_iface_regs:
- .asciz "cci_snoop_ctrl_cluster0", "cci_snoop_ctrl_cluster1" , ""
-
- /* ---------------------------------------------
- * The below macro prints out relevant GIC
- * registers whenever an unhandled exception
- * is taken in BL31.
- * Clobbers: x0 - x10, x26, x27, sp
- * ---------------------------------------------
- */
- .macro plat_crash_print_regs
- /* TODO: leave implementation to GIC owner */
- .endm
-
-#endif /* PLAT_MACROS_S */
diff --git a/plat/mediatek/mt8186/include/plat_private.h b/plat/mediatek/mt8186/include/plat_private.h
deleted file mode 100644
index 7ef2b85..0000000
--- a/plat/mediatek/mt8186/include/plat_private.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLAT_PRIVATE_H
-#define PLAT_PRIVATE_H
-
-/*******************************************************************************
- * Function and variable prototypes
- ******************************************************************************/
-void plat_configure_mmu_el3(uintptr_t total_base,
- uintptr_t total_size,
- uintptr_t ro_start,
- uintptr_t ro_limit);
-
-#endif /* PLAT_PRIVATE_H */
diff --git a/plat/mediatek/mt8186/platform.mk b/plat/mediatek/mt8186/platform.mk
index 9c03340..3ac4b29 100644
--- a/plat/mediatek/mt8186/platform.mk
+++ b/plat/mediatek/mt8186/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2024, MediaTek Inc. All rights reserved.
+# Copyright (c) 2021-2025, MediaTek Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -11,6 +11,7 @@
TRNG_SUPPORT := 1
PLAT_INCLUDES := -I${MTK_PLAT}/common/ \
+ -I${MTK_PLAT}/common/include \
-I${MTK_PLAT}/drivers/cirq/ \
-I${MTK_PLAT}/drivers/gic600/ \
-I${MTK_PLAT}/drivers/gpio/ \
diff --git a/plat/mediatek/mt8188/include/plat_macros.S b/plat/mediatek/mt8188/include/plat_macros.S
deleted file mode 100644
index a6e05a9..0000000
--- a/plat/mediatek/mt8188/include/plat_macros.S
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLAT_MACROS_S
-#define PLAT_MACROS_S
-
-#include <platform_def.h>
-
-.section .rodata.gic_reg_name, "aS"
-gicc_regs:
- .asciz "gicc_hppir", "gicc_ahppir", "gicc_ctlr", ""
-gicd_pend_reg:
- .asciz "gicd_ispendr regs (Offsets 0x200 - 0x278)\n" \
- " Offset:\t\t\tvalue\n"
-newline:
- .asciz "\n"
-spacer:
- .asciz ":\t\t0x"
-
-.section .rodata.cci_reg_name, "aS"
-cci_iface_regs:
- .asciz "cci_snoop_ctrl_cluster0", "cci_snoop_ctrl_cluster1" , ""
-
- /* ---------------------------------------------
- * The below macro prints out relevant GIC
- * registers whenever an unhandled exception
- * is taken in BL31.
- * Clobbers: x0 - x10, x26, x27, sp
- * ---------------------------------------------
- */
- .macro plat_crash_print_regs
- /* TODO: leave implementation to GIC owner */
- .endm
-
-#endif /* PLAT_MACROS_S */
diff --git a/plat/mediatek/mt8188/include/plat_private.h b/plat/mediatek/mt8188/include/plat_private.h
deleted file mode 100644
index 4d4ac85..0000000
--- a/plat/mediatek/mt8188/include/plat_private.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLAT_PRIVATE_H
-#define PLAT_PRIVATE_H
-
-/*******************************************************************************
- * Function and variable prototypes
- ******************************************************************************/
-void plat_configure_mmu_el3(uintptr_t total_base,
- uintptr_t total_size,
- uintptr_t ro_start,
- uintptr_t ro_limit);
-
-#endif /* PLAT_PRIVATE_H */
diff --git a/plat/mediatek/mt8188/plat_config.mk b/plat/mediatek/mt8188/plat_config.mk
index 82ef7e8..3f7d187 100644
--- a/plat/mediatek/mt8188/plat_config.mk
+++ b/plat/mediatek/mt8188/plat_config.mk
@@ -27,7 +27,6 @@
ERRATA_A78_1941498 := 1
ERRATA_A78_1951500 := 1
ERRATA_A78_1821534 := 1
-ERRATA_A78_2132060 := 1
ERRATA_A78_2242635 := 1
ERRATA_A78_2376745 := 1
ERRATA_A78_2395406 := 1
diff --git a/plat/mediatek/mt8188/platform.mk b/plat/mediatek/mt8188/platform.mk
index b776447..c57a6f5 100644
--- a/plat/mediatek/mt8188/platform.mk
+++ b/plat/mediatek/mt8188/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2022-2024, MediaTek Inc. All rights reserved.
+# Copyright (c) 2022-2025, MediaTek Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -13,6 +13,7 @@
include lib/xlat_tables_v2/xlat_tables.mk
PLAT_INCLUDES := -I${MTK_PLAT}/common \
+ -I${MTK_PLAT}/common/include \
-I${MTK_PLAT}/include \
-I${MTK_PLAT}/include/${ARCH_VERSION} \
-I${MTK_PLAT} \
diff --git a/plat/mediatek/mt8189/drivers/gpio/mtgpio.c b/plat/mediatek/mt8189/drivers/gpio/mtgpio.c
new file mode 100644
index 0000000..e81d132
--- /dev/null
+++ b/plat/mediatek/mt8189/drivers/gpio/mtgpio.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+
+#include <mtgpio.h>
+#include <platform_def.h>
+
+typedef enum {
+ REG_0 = 0,
+ REG_1,
+ REG_2,
+ REG_3,
+ REG_4,
+ REG_5,
+ REG_6,
+ REG_7,
+ REG_8
+} RegEnum;
+
+uintptr_t mt_gpio_find_reg_addr(uint32_t pin)
+{
+ uintptr_t reg_addr = 0U;
+ struct mt_pin_info gpio_info;
+
+ assert(pin < MAX_GPIO_PIN);
+
+ gpio_info = mt_pin_infos[pin];
+
+ switch (gpio_info.base & 0xF) {
+ case REG_0:
+ reg_addr = IOCFG_LM_BASE;
+ break;
+ case REG_1:
+ reg_addr = IOCFG_RB0_BASE;
+ break;
+ case REG_2:
+ reg_addr = IOCFG_RB1_BASE;
+ break;
+ case REG_3:
+ reg_addr = IOCFG_BM0_BASE;
+ break;
+ case REG_4:
+ reg_addr = IOCFG_BM1_BASE;
+ break;
+ case REG_5:
+ reg_addr = IOCFG_BM2_BASE;
+ break;
+ case REG_6:
+ reg_addr = IOCFG_LT0_BASE;
+ break;
+ case REG_7:
+ reg_addr = IOCFG_LT1_BASE;
+ break;
+ case REG_8:
+ reg_addr = IOCFG_RT_BASE;
+ break;
+ default:
+ break;
+ }
+
+ return reg_addr;
+}
diff --git a/plat/mediatek/mt8189/drivers/gpio/mtgpio.h b/plat/mediatek/mt8189/drivers/gpio/mtgpio.h
new file mode 100644
index 0000000..cf461e1
--- /dev/null
+++ b/plat/mediatek/mt8189/drivers/gpio/mtgpio.h
@@ -0,0 +1,227 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef MT_GPIO_H
+#define MT_GPIO_H
+
+#include <mtgpio_common.h>
+
+/* Enumeration for GPIO pin */
+typedef enum GPIO_PIN {
+ GPIO_UNSUPPORTED = -1,
+ GPIO0, GPIO1, GPIO2, GPIO3, GPIO4, GPIO5, GPIO6,
+ GPIO7, GPIO8, GPIO9, GPIO10, GPIO11, GPIO12, GPIO13, GPIO14,
+ GPIO15, GPIO16, GPIO17, GPIO18, GPIO19, GPIO20, GPIO21, GPIO22,
+ GPIO23, GPIO24, GPIO25, GPIO26, GPIO27, GPIO28, GPIO29, GPIO30,
+ GPIO31, GPIO32, GPIO33, GPIO34, GPIO35, GPIO36, GPIO37, GPIO38,
+ GPIO39, GPIO40, GPIO41, GPIO42, GPIO43, GPIO44, GPIO45, GPIO46,
+ GPIO47, GPIO48, GPIO49, GPIO50, GPIO51, GPIO52, GPIO53, GPIO54,
+ GPIO55, GPIO56, GPIO57, GPIO58, GPIO59, GPIO60, GPIO61, GPIO62,
+ GPIO63, GPIO64, GPIO65, GPIO66, GPIO67, GPIO68, GPIO69, GPIO70,
+ GPIO71, GPIO72, GPIO73, GPIO74, GPIO75, GPIO76, GPIO77, GPIO78,
+ GPIO79, GPIO80, GPIO81, GPIO82, GPIO83, GPIO84, GPIO85, GPIO86,
+ GPIO87, GPIO88, GPIO89, GPIO90, GPIO91, GPIO92, GPIO93, GPIO94,
+ GPIO95, GPIO96, GPIO97, GPIO98, GPIO99, GPIO100, GPIO101, GPIO102,
+ GPIO103, GPIO104, GPIO105, GPIO106, GPIO107, GPIO108, GPIO109, GPIO110,
+ GPIO111, GPIO112, GPIO113, GPIO114, GPIO115, GPIO116, GPIO117, GPIO118,
+ GPIO119, GPIO120, GPIO121, GPIO122, GPIO123, GPIO124, GPIO125, GPIO126,
+ GPIO127, GPIO128, GPIO129, GPIO130, GPIO131, GPIO132, GPIO133, GPIO134,
+ GPIO135, GPIO136, GPIO137, GPIO138, GPIO139, GPIO140, GPIO141, GPIO142,
+ GPIO143, GPIO144, GPIO145, GPIO146, GPIO147, GPIO148, GPIO149, GPIO150,
+ GPIO151, GPIO152, GPIO153, GPIO154, GPIO155, GPIO156, GPIO157, GPIO158,
+ GPIO159, GPIO160, GPIO161, GPIO162, GPIO163, GPIO164, GPIO165, GPIO166,
+ GPIO167, GPIO168, GPIO169, GPIO170, GPIO171, GPIO172, GPIO173, GPIO174,
+ GPIO175, GPIO176, GPIO177, GPIO178, GPIO179, GPIO180, GPIO181, GPIO182,
+ MT_GPIO_BASE_MAX
+} GPIO_PIN;
+
+static const struct mt_pin_info mt_pin_infos[] = {
+ PIN(0, 0, 5, 0x21, 0xa0),
+ PIN(1, 0, 3, 0x12, 0x90),
+ PIN(2, 0, 4, 0x12, 0x90),
+ PIN(3, 0, 5, 0x12, 0x90),
+ PIN(4, 0, 6, 0x12, 0x90),
+ PIN(5, 0, 7, 0x12, 0x90),
+ PIN(6, 0, 6, 0x21, 0xa0),
+ PIN(7, 0, 7, 0x21, 0xa0),
+ PIN(8, 0, 8, 0x21, 0xa0),
+ PIN(9, 0, 9, 0x21, 0xa0),
+ PIN(10, 0, 10, 0x21, 0xa0),
+ PIN(11, 0, 11, 0x21, 0xa0),
+ PIN(12, 0, 5, 0x14, 0xb0),
+ PIN(13, 0, 6, 0x14, 0xb0),
+ PIN(14, 0, 0, 0x25, 0xa0),
+ PIN(15, 0, 1, 0x25, 0xa0),
+ PIN(16, 0, 7, 0x14, 0xb0),
+ PIN(17, 0, 8, 0x14, 0xb0),
+ PIN(18, 0, 0, 0x21, 0xa0),
+ PIN(19, 0, 2, 0x21, 0xa0),
+ PIN(20, 0, 1, 0x21, 0xa0),
+ PIN(21, 0, 3, 0x21, 0xa0),
+ PIN(22, 0, 0, 0x28, 0x90),
+ PIN(23, 0, 1, 0x28, 0x90),
+ PIN(24, 0, 2, 0x28, 0x90),
+ PIN(25, 0, 2, 0x10, 0x90),
+ PIN(26, 0, 1, 0x10, 0x90),
+ PIN(27, 0, 1, 0x14, 0xb0),
+ PIN(28, 0, 2, 0x14, 0xb0),
+ PIN(29, 0, 0, 0x10, 0x90),
+ PIN(30, 0, 0, 0x14, 0xb0),
+ PIN(31, 0, 13, 0x25, 0xa0),
+ PIN(32, 0, 30, 0x13, 0x90),
+ PIN(33, 0, 15, 0x25, 0xa0),
+ PIN(34, 0, 14, 0x25, 0xa0),
+ PIN(35, 0, 17, 0x25, 0xa0),
+ PIN(36, 0, 16, 0x25, 0xa0),
+ PIN(37, 0, 19, 0x25, 0xa0),
+ PIN(38, 0, 18, 0x25, 0xa0),
+ PIN(39, 0, 5, 0x25, 0xa0),
+ PIN(40, 0, 2, 0x25, 0xa0),
+ PIN(41, 0, 3, 0x25, 0xa0),
+ PIN(42, 0, 4, 0x25, 0xa0),
+ PIN(43, 0, 6, 0x25, 0xa0),
+ PIN(44, 1, 0, 0x21, 0x90),
+ PIN(45, 1, 1, 0x21, 0x90),
+ PIN(46, 1, 2, 0x21, 0x90),
+ PIN(47, 1, 3, 0x21, 0x90),
+ PIN(48, 0, 5, 0x10, 0x90),
+ PIN(49, 0, 4, 0x10, 0x90),
+ PIN(50, 0, 3, 0x10, 0x90),
+ PIN(51, 0, 8, 0x12, 0x90),
+ PIN(52, 0, 10, 0x12, 0x90),
+ PIN(53, 0, 9, 0x12, 0x90),
+ PIN(54, 0, 11, 0x12, 0x90),
+ PIN(55, 0, 6, 0x10, 0x90),
+ PIN(56, 0, 7, 0x10, 0x90),
+ PIN(57, 0, 13, 0x14, 0xb0),
+ PIN(58, 0, 17, 0x14, 0xb0),
+ PIN(59, 0, 14, 0x14, 0xb0),
+ PIN(60, 0, 18, 0x14, 0xb0),
+ PIN(61, 0, 15, 0x14, 0xb0),
+ PIN(62, 0, 19, 0x14, 0xb0),
+ PIN(63, 0, 16, 0x14, 0xb0),
+ PIN(64, 0, 20, 0x14, 0xb0),
+ PIN(65, 0, 4, 0x28, 0x90),
+ PIN(66, 0, 6, 0x28, 0x90),
+ PIN(67, 0, 5, 0x28, 0x90),
+ PIN(68, 0, 7, 0x28, 0x90),
+ PIN(69, 0, 22, 0x14, 0xb0),
+ PIN(70, 0, 21, 0x14, 0xb0),
+ PIN(71, 0, 24, 0x14, 0xb0),
+ PIN(72, 0, 23, 0x14, 0xb0),
+ PIN(73, 0, 26, 0x14, 0xb0),
+ PIN(74, 0, 25, 0x14, 0xb0),
+ PIN(75, 0, 7, 0x25, 0xa0),
+ PIN(76, 0, 27, 0x14, 0xb0),
+ PIN(77, 0, 13, 0x12, 0x90),
+ PIN(78, 0, 12, 0x12, 0x90),
+ PIN(79, 0, 15, 0x12, 0x90),
+ PIN(80, 0, 14, 0x12, 0x90),
+ PIN(81, 0, 29, 0x14, 0xb0),
+ PIN(82, 0, 28, 0x14, 0xb0),
+ PIN(83, 0, 30, 0x14, 0xb0),
+ PIN(84, 0, 22, 0x21, 0xa0),
+ PIN(85, 0, 23, 0x21, 0xa0),
+ PIN(86, 0, 24, 0x21, 0xa0),
+ PIN(87, 0, 25, 0x21, 0xa0),
+ PIN(88, 0, 11, 0x26, 0xb0),
+ PIN(89, 0, 10, 0x26, 0xb0),
+ PIN(90, 0, 13, 0x26, 0xb0),
+ PIN(91, 0, 12, 0x26, 0xb0),
+ PIN(92, 0, 7, 0x26, 0xb0),
+ PIN(93, 0, 8, 0x26, 0xb0),
+ PIN(94, 0, 14, 0x26, 0xb0),
+ PIN(95, 0, 6, 0x26, 0xb0),
+ PIN(96, 0, 9, 0x26, 0xb0),
+ PIN(97, 0, 0, 0x26, 0xb0),
+ PIN(98, 0, 5, 0x26, 0xb0),
+ PIN(99, 0, 3, 0x26, 0xb0),
+ PIN(100, 0, 4, 0x26, 0xb0),
+ PIN(101, 0, 1, 0x26, 0xb0),
+ PIN(102, 0, 2, 0x26, 0xb0),
+ PIN(103, 0, 15, 0x21, 0xa0),
+ PIN(104, 0, 12, 0x21, 0xa0),
+ PIN(105, 0, 14, 0x21, 0xa0),
+ PIN(106, 0, 13, 0x21, 0xa0),
+ PIN(107, 0, 19, 0x21, 0xa0),
+ PIN(108, 0, 16, 0x21, 0xa0),
+ PIN(109, 0, 18, 0x21, 0xa0),
+ PIN(110, 0, 17, 0x21, 0xa0),
+ PIN(111, 0, 4, 0x21, 0xa0),
+ PIN(112, 0, 0, 0x12, 0x90),
+ PIN(113, 0, 1, 0x12, 0x90),
+ PIN(114, 0, 2, 0x12, 0x90),
+ PIN(115, 0, 9, 0x14, 0xb0),
+ PIN(116, 0, 12, 0x14, 0xb0),
+ PIN(117, 0, 10, 0x14, 0xb0),
+ PIN(118, 0, 11, 0x14, 0xb0),
+ PIN(119, 0, 26, 0x13, 0x90),
+ PIN(120, 0, 25, 0x13, 0x90),
+ PIN(121, 0, 24, 0x13, 0x90),
+ PIN(122, 0, 23, 0x13, 0x90),
+ PIN(123, 0, 19, 0x13, 0x90),
+ PIN(124, 0, 18, 0x13, 0x90),
+ PIN(125, 0, 17, 0x13, 0x90),
+ PIN(126, 0, 16, 0x13, 0x90),
+ PIN(127, 0, 22, 0x13, 0x90),
+ PIN(128, 0, 15, 0x13, 0x90),
+ PIN(129, 0, 20, 0x13, 0x90),
+ PIN(130, 0, 27, 0x13, 0x90),
+ PIN(131, 0, 13, 0x13, 0x90),
+ PIN(132, 0, 14, 0x13, 0x90),
+ PIN(133, 0, 28, 0x13, 0x90),
+ PIN(134, 0, 21, 0x13, 0x90),
+ PIN(135, 0, 11, 0x13, 0x90),
+ PIN(136, 0, 12, 0x13, 0x90),
+ PIN(137, 0, 3, 0x14, 0xb0),
+ PIN(138, 0, 4, 0x14, 0xb0),
+ PIN(139, 0, 3, 0x13, 0x90),
+ PIN(140, 0, 4, 0x13, 0x90),
+ PIN(141, 0, 0, 0x13, 0x90),
+ PIN(142, 0, 1, 0x13, 0x90),
+ PIN(143, 0, 2, 0x13, 0x90),
+ PIN(144, 0, 5, 0x13, 0x90),
+ PIN(145, 0, 6, 0x13, 0x90),
+ PIN(146, 0, 7, 0x13, 0x90),
+ PIN(147, 0, 8, 0x13, 0x90),
+ PIN(148, 0, 9, 0x13, 0x90),
+ PIN(149, 0, 10, 0x13, 0x90),
+ PIN(150, 0, 8, 0x25, 0xa0),
+ PIN(151, 0, 29, 0x13, 0x90),
+ PIN(152, 0, 9, 0x25, 0xa0),
+ PIN(153, 0, 10, 0x25, 0xa0),
+ PIN(154, 0, 11, 0x25, 0xa0),
+ PIN(155, 0, 12, 0x25, 0xa0),
+ PIN(156, 1, 6, 0x26, 0xa0),
+ PIN(157, 1, 5, 0x26, 0xa0),
+ PIN(158, 1, 4, 0x26, 0xa0),
+ PIN(159, 1, 2, 0x17, 0x50),
+ PIN(160, 1, 8, 0x26, 0xa0),
+ PIN(161, 1, 1, 0x26, 0xa0),
+ PIN(162, 1, 0, 0x26, 0xa0),
+ PIN(163, 1, 1, 0x17, 0x50),
+ PIN(164, 1, 3, 0x26, 0xa0),
+ PIN(165, 1, 2, 0x26, 0xa0),
+ PIN(166, 1, 0, 0x17, 0x50),
+ PIN(167, 1, 7, 0x26, 0xa0),
+ PIN(168, 1, 1, 0x25, 0x90),
+ PIN(169, 1, 0, 0x25, 0x90),
+ PIN(170, 1, 2, 0x25, 0x90),
+ PIN(171, 1, 3, 0x25, 0x90),
+ PIN(172, 1, 4, 0x25, 0x90),
+ PIN(173, 1, 5, 0x25, 0x90),
+ PIN(174, 1, 1, 0x28, 0x80),
+ PIN(175, 1, 0, 0x28, 0x80),
+ PIN(176, 1, 2, 0x28, 0x80),
+ PIN(177, 1, 3, 0x28, 0x80),
+ PIN(178, 1, 4, 0x28, 0x80),
+ PIN(179, 1, 5, 0x28, 0x80),
+ PIN(180, 0, 15, 0x26, 0xb0),
+ PIN(181, 0, 16, 0x26, 0xb0),
+ PIN(182, 0, 3, 0x28, 0x90),
+};
+
+#endif /* MT_GPIO_H */
diff --git a/plat/mediatek/mt8189/include/platform_def.h b/plat/mediatek/mt8189/include/platform_def.h
new file mode 100644
index 0000000..e61aaa2
--- /dev/null
+++ b/plat/mediatek/mt8189/include/platform_def.h
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2025, Mediatek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLATFORM_DEF_H
+#define PLATFORM_DEF_H
+
+#include <arch_def.h>
+
+#define PLAT_PRIMARY_CPU (0x0)
+
+#define MT_GIC_BASE (0x0C000000)
+#define MCUCFG_BASE (0x0C530000)
+#define MCUCFG_REG_SIZE (0x10000)
+#define IO_PHYS (0x10000000)
+
+/* Aggregate of all devices for MMU mapping */
+#define MTK_DEV_RNG0_BASE (MT_GIC_BASE)
+#define MTK_DEV_RNG0_SIZE (0x600000)
+#define MTK_DEV_RNG1_BASE (IO_PHYS)
+#define MTK_DEV_RNG1_SIZE (0x10000000)
+
+#define TOPCKGEN_BASE (IO_PHYS)
+
+/*******************************************************************************
+ * GPIO related constants
+ ******************************************************************************/
+#define GPIO_BASE (IO_PHYS + 0x00005000)
+#define IOCFG_LM_BASE (IO_PHYS + 0x01B50000)
+#define IOCFG_RB0_BASE (IO_PHYS + 0x01C50000)
+#define IOCFG_RB1_BASE (IO_PHYS + 0x01C60000)
+#define IOCFG_BM0_BASE (IO_PHYS + 0x01D20000)
+#define IOCFG_BM1_BASE (IO_PHYS + 0x01D30000)
+#define IOCFG_BM2_BASE (IO_PHYS + 0x01D40000)
+#define IOCFG_LT0_BASE (IO_PHYS + 0x01E20000)
+#define IOCFG_LT1_BASE (IO_PHYS + 0x01E30000)
+#define IOCFG_RT_BASE (IO_PHYS + 0x01F20000)
+
+/*******************************************************************************
+ * UART related constants
+ ******************************************************************************/
+#define UART0_BASE (IO_PHYS + 0x01002000)
+#define UART_BAUDRATE (115200)
+
+/*******************************************************************************
+ * CIRQ related constants
+ ******************************************************************************/
+#define SYS_CIRQ_BASE (IO_PHYS + 204000)
+#define MD_WDT_IRQ_BIT_ID (519)
+#define CIRQ_REG_NUM (19)
+#define CIRQ_SPI_START (128)
+#define CIRQ_IRQ_NUM (598)
+
+/*******************************************************************************
+ * System counter frequency related constants
+ ******************************************************************************/
+#define SYS_COUNTER_FREQ_IN_HZ (13000000)
+#define SYS_COUNTER_FREQ_IN_MHZ (13)
+
+/*******************************************************************************
+ * Platform binary types for linking
+ ******************************************************************************/
+#define PLATFORM_LINKER_FORMAT "elf64-littleaarch64"
+#define PLATFORM_LINKER_ARCH aarch64
+
+/*******************************************************************************
+ * Generic platform constants
+ ******************************************************************************/
+#define PLATFORM_STACK_SIZE (0x800)
+#define FIRMWARE_WELCOME_STR "Booting Trusted Firmware\n"
+#define SOC_CHIP_ID U(0x8189)
+
+/*******************************************************************************
+ * Platform memory map related constants
+ ******************************************************************************/
+#define TZRAM_BASE (0x54600000)
+#define TZRAM_SIZE (0x00200000)
+
+/*******************************************************************************
+ * BL31 specific defines.
+ ******************************************************************************/
+/*
+ * Put BL3-1 at the top of the Trusted SRAM (just below the shared memory, if
+ * present). BL31_BASE is calculated using the current BL3-1 debug size plus a
+ * little space for growth.
+ */
+#define BL31_BASE (TZRAM_BASE + 0x1000)
+#define BL31_LIMIT (TZRAM_BASE + TZRAM_SIZE)
+
+/*******************************************************************************
+ * GIC-600 & interrupt handling related constants
+ ******************************************************************************/
+/* Base MTK_platform compatible GIC memory map */
+#define BASE_GICD_BASE (MT_GIC_BASE)
+#define MT_GIC_RDIST_BASE (MT_GIC_BASE + 0x40000)
+#define DEV_IRQ_ID 300
+
+#define PLAT_MTK_G1S_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(DEV_IRQ_ID, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_LEVEL)
+
+/*******************************************************************************
+ * Platform specific page table and MMU setup constants
+ ******************************************************************************/
+#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32)
+#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32)
+#define MAX_XLAT_TABLES (16)
+#define MAX_MMAP_REGIONS (16)
+
+/*******************************************************************************
+ * SYSTIMER related definitions
+ ******************************************************************************/
+#define SYSTIMER_BASE (IO_PHYS + 0x0CC10000)
+
+#endif /* PLATFORM_DEF_H */
diff --git a/plat/mediatek/mt8189/plat_config.mk b/plat/mediatek/mt8189/plat_config.mk
new file mode 100644
index 0000000..f06555b
--- /dev/null
+++ b/plat/mediatek/mt8189/plat_config.mk
@@ -0,0 +1,39 @@
+#
+# Copyright (c) 2025, MediaTek Inc. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+# Separate text code and read only data
+SEPARATE_CODE_AND_RODATA := 1
+
+# ARMv8.2 and above need enable HW assist coherence
+HW_ASSISTED_COHERENCY := 1
+
+# No need coherency memory because of HW assistency
+USE_COHERENT_MEM := 0
+
+# GIC600
+GICV3_SUPPORT_GIC600 := 1
+
+#
+# MTK options
+#
+MCUSYS_VERSION := v1
+PLAT_EXTRA_RODATA_INCLUDES := 1
+CONFIG_MTK_DISABLE_CACHE_AS_RAM := $(COREBOOT)
+
+# Configs for A78 and A55
+CTX_INCLUDE_AARCH32_REGS := 0
+ERRATA_A55_1530923 := 1
+ERRATA_A55_1221012 := 1
+ERRATA_A78_1688305 := 1
+ERRATA_A78_1941498 := 1
+ERRATA_A78_1951500 := 1
+ERRATA_A78_1821534 := 1
+ERRATA_A78_2132060 := 1
+ERRATA_A78_2242635 := 1
+ERRATA_A78_2376745 := 1
+ERRATA_A78_2395406 := 1
+
+CONFIG_ARCH_ARM_V8_2 := y
diff --git a/plat/mediatek/mt8189/plat_mmap.c b/plat/mediatek/mt8189/plat_mmap.c
new file mode 100644
index 0000000..199abf7
--- /dev/null
+++ b/plat/mediatek/mt8189/plat_mmap.c
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2025, MediaTek Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <mtk_mmap_pool.h>
+#include <platform_def.h>
+
+static const mmap_region_t plat_mmap[] = {
+ MAP_REGION_FLAT(MTK_DEV_RNG0_BASE, MTK_DEV_RNG0_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ MAP_REGION_FLAT(MTK_DEV_RNG1_BASE, MTK_DEV_RNG1_SIZE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+ { 0 }
+};
+DECLARE_MTK_MMAP_REGIONS(plat_mmap);
diff --git a/plat/mediatek/mt8189/platform.mk b/plat/mediatek/mt8189/platform.mk
new file mode 100644
index 0000000..238c76d
--- /dev/null
+++ b/plat/mediatek/mt8189/platform.mk
@@ -0,0 +1,61 @@
+#
+# Copyright (c) 2025, MediaTek Inc. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+MTK_PLAT := plat/mediatek
+MTK_PLAT_SOC := ${MTK_PLAT}/${PLAT}
+MTK_SOC := ${PLAT}
+
+include plat/mediatek/build_helpers/mtk_build_helpers.mk
+include drivers/arm/gic/v3/gicv3.mk
+include lib/xlat_tables_v2/xlat_tables.mk
+
+PLAT_INCLUDES := -I${MTK_PLAT}/common \
+ -I${MTK_PLAT}/common/include \
+ -I${MTK_PLAT}/drivers/gpio/ \
+ -I${MTK_PLAT}/include \
+ -I${MTK_PLAT}/include/${ARCH_VERSION} \
+ -I${MTK_PLAT} \
+ -I${MTK_PLAT_SOC}/drivers/gpio/ \
+ -I${MTK_PLAT_SOC}/include \
+ -Idrivers/arm/gic \
+
+MODULES-y += $(MTK_PLAT)/common
+MODULES-y += $(MTK_PLAT)/helpers
+MODULES-y += $(MTK_PLAT)/lib/mtk_init
+MODULES-y += $(MTK_PLAT)/lib/pm
+MODULES-y += $(MTK_PLAT)/topology
+MODULES-y += $(MTK_PLAT)/drivers/cirq
+MODULES-y += $(MTK_PLAT)/drivers/gic600
+MODULES-y += $(MTK_PLAT)/drivers/mcusys
+MODULES-y += $(MTK_PLAT)/drivers/timer
+
+PLAT_BL_COMMON_SOURCES := common/desc_image_load.c \
+ drivers/ti/uart/aarch64/16550_console.S \
+ lib/bl_aux_params/bl_aux_params.c
+
+BL31_SOURCES += drivers/delay_timer/delay_timer.c \
+ drivers/delay_timer/generic_delay_timer.c \
+ drivers/gpio/gpio.c \
+ lib/cpus/aarch64/cortex_a55.S \
+ lib/cpus/aarch64/cortex_a78.S \
+ ${GICV3_SOURCES} \
+ ${XLAT_TABLES_LIB_SRCS} \
+ plat/common/plat_gicv3.c \
+ plat/common/plat_psci_common.c \
+ plat/common/aarch64/crash_console_helpers.S \
+ ${MTK_PLAT}/common/mtk_plat_common.c \
+ ${MTK_PLAT}/common/params_setup.c \
+ ${MTK_PLAT}/drivers/gpio/mtgpio_common.c \
+ $(MTK_PLAT)/$(MTK_SOC)/drivers/gpio/mtgpio.c \
+ $(MTK_PLAT)/$(MTK_SOC)/plat_mmap.c
+
+ifeq (${CONFIG_MTK_DISABLE_CACHE_AS_RAM}, 1)
+BL31_SOURCES += ${MTK_PLAT}/common/cache_ops.c
+endif
+
+include plat/mediatek/build_helpers/mtk_build_helpers_epilogue.mk
+
+include lib/coreboot/coreboot.mk
diff --git a/plat/mediatek/mt8192/include/plat_macros.S b/plat/mediatek/mt8192/include/plat_macros.S
deleted file mode 100644
index 7d17e36..0000000
--- a/plat/mediatek/mt8192/include/plat_macros.S
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-#ifndef PLAT_MACROS_S
-#define PLAT_MACROS_S
-
-#include <platform_def.h>
-
-.section .rodata.gic_reg_name, "aS"
-gicc_regs:
- .asciz "gicc_hppir", "gicc_ahppir", "gicc_ctlr", ""
-gicd_pend_reg:
- .asciz "gicd_ispendr regs (Offsets 0x200 - 0x278)\n" \
- " Offset:\t\t\tvalue\n"
-newline:
- .asciz "\n"
-spacer:
- .asciz ":\t\t0x"
-
-.section .rodata.cci_reg_name, "aS"
-cci_iface_regs:
- .asciz "cci_snoop_ctrl_cluster0", "cci_snoop_ctrl_cluster1" , ""
-
- /* ---------------------------------------------
- * The below macro prints out relevant GIC
- * registers whenever an unhandled exception
- * is taken in BL31.
- * Clobbers: x0 - x10, x26, x27, sp
- * ---------------------------------------------
- */
- .macro plat_crash_print_regs
- /* To-do: GIC owner */
- /* To-do: CCI owner */
- .endm
-
-#endif /* PLAT_MACROS_S */
diff --git a/plat/mediatek/mt8192/include/plat_private.h b/plat/mediatek/mt8192/include/plat_private.h
deleted file mode 100644
index 42ca415..0000000
--- a/plat/mediatek/mt8192/include/plat_private.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLAT_PRIVATE_H
-#define PLAT_PRIVATE_H
-
-/*******************************************************************************
- * Function and variable prototypes
- ******************************************************************************/
-void plat_configure_mmu_el3(uintptr_t total_base,
- uintptr_t total_size,
- uintptr_t ro_start,
- uintptr_t ro_limit);
-
-#endif /* PLAT_PRIVATE_H */
diff --git a/plat/mediatek/mt8192/platform.mk b/plat/mediatek/mt8192/platform.mk
index 4afd157..45ffd39 100644
--- a/plat/mediatek/mt8192/platform.mk
+++ b/plat/mediatek/mt8192/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2020-2023, MediaTek Inc. All rights reserved.
+# Copyright (c) 2020-2025, MediaTek Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -8,6 +8,7 @@
MTK_PLAT_SOC := ${MTK_PLAT}/${PLAT}
PLAT_INCLUDES := -I${MTK_PLAT}/common/ \
+ -I${MTK_PLAT}/common/include \
-I${MTK_PLAT}/drivers/cirq/ \
-I${MTK_PLAT}/drivers/gic600/ \
-I${MTK_PLAT}/drivers/gpio/ \
diff --git a/plat/mediatek/mt8195/include/plat_macros.S b/plat/mediatek/mt8195/include/plat_macros.S
deleted file mode 100644
index 39727ea..0000000
--- a/plat/mediatek/mt8195/include/plat_macros.S
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-#ifndef PLAT_MACROS_S
-#define PLAT_MACROS_S
-
-#include <platform_def.h>
-
-.section .rodata.gic_reg_name, "aS"
-gicc_regs:
- .asciz "gicc_hppir", "gicc_ahppir", "gicc_ctlr", ""
-gicd_pend_reg:
- .asciz "gicd_ispendr regs (Offsets 0x200 - 0x278)\n" \
- " Offset:\t\t\tvalue\n"
-newline:
- .asciz "\n"
-spacer:
- .asciz ":\t\t0x"
-
-.section .rodata.cci_reg_name, "aS"
-cci_iface_regs:
- .asciz "cci_snoop_ctrl_cluster0", "cci_snoop_ctrl_cluster1" , ""
-
- /* ---------------------------------------------
- * The below macro prints out relevant GIC
- * registers whenever an unhandled exception
- * is taken in BL31.
- * Clobbers: x0 - x10, x26, x27, sp
- * ---------------------------------------------
- */
- .macro plat_crash_print_regs
- /* TODO: leave implementation to GIC owner */
- .endm
-
-#endif /* PLAT_MACROS_S */
diff --git a/plat/mediatek/mt8195/include/plat_private.h b/plat/mediatek/mt8195/include/plat_private.h
deleted file mode 100644
index 7ef2b85..0000000
--- a/plat/mediatek/mt8195/include/plat_private.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2021, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef PLAT_PRIVATE_H
-#define PLAT_PRIVATE_H
-
-/*******************************************************************************
- * Function and variable prototypes
- ******************************************************************************/
-void plat_configure_mmu_el3(uintptr_t total_base,
- uintptr_t total_size,
- uintptr_t ro_start,
- uintptr_t ro_limit);
-
-#endif /* PLAT_PRIVATE_H */
diff --git a/plat/mediatek/mt8195/platform.mk b/plat/mediatek/mt8195/platform.mk
index 48dafa3..e7a5a1a 100644
--- a/plat/mediatek/mt8195/platform.mk
+++ b/plat/mediatek/mt8195/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2023, MediaTek Inc. All rights reserved.
+# Copyright (c) 2021-2025, MediaTek Inc. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -8,6 +8,7 @@
MTK_PLAT_SOC := ${MTK_PLAT}/${PLAT}
PLAT_INCLUDES := -I${MTK_PLAT}/common/ \
+ -I${MTK_PLAT}/common/include \
-I${MTK_PLAT}/drivers/cirq/ \
-I${MTK_PLAT}/drivers/dp/ \
-I${MTK_PLAT}/drivers/gic600/ \
@@ -99,7 +100,6 @@
ERRATA_A78_1941498 := 1
ERRATA_A78_1951500 := 1
ERRATA_A78_1821534 := 1
-ERRATA_A78_2132060 := 1
ERRATA_A78_2242635 := 1
# indicate the reset vector address can be programmed
diff --git a/plat/mediatek/mt8196/plat_config.mk b/plat/mediatek/mt8196/plat_config.mk
index 84a25e9..7412756 100644
--- a/plat/mediatek/mt8196/plat_config.mk
+++ b/plat/mediatek/mt8196/plat_config.mk
@@ -50,6 +50,7 @@
CPU_PWR_TOPOLOGY := group_4_3_1
CPU_PM_CORE_ARCH64_ONLY := y
CPU_PM_DOMAIN_CORE_ONLY := n
+CPU_PM_IRQ_REMAIN_ENABLE := y
CPU_PM_SUSPEND_NOTIFY := y
CONFIG_MTK_SPM_SUPPORT := y
CONFIG_MTK_SPM_COMMON_SUPPORT := y
diff --git a/plat/mediatek/mt8196/platform.mk b/plat/mediatek/mt8196/platform.mk
index 36048fe..14cd5a0 100644
--- a/plat/mediatek/mt8196/platform.mk
+++ b/plat/mediatek/mt8196/platform.mk
@@ -27,6 +27,7 @@
include lib/xlat_tables_v2/xlat_tables.mk
PLAT_INCLUDES := -I${MTK_PLAT}/common \
+ -I${MTK_PLAT}/common/include \
-I${MTK_PLAT}/drivers/cpu_pm/topology/inc \
-I${MTK_PLAT}/drivers/gpio/ \
-I${MTK_PLAT}/include \
@@ -52,6 +53,7 @@
MODULES-y += $(MTK_PLAT)/drivers/smmu
MODULES-y += $(MTK_PLAT)/drivers/spm
MODULES-y += $(MTK_PLAT)/drivers/timer
+MODULES-y += $(MTK_PLAT)/drivers/ufs
MODULES-y += $(MTK_PLAT)/drivers/vcp
MODULES-y += $(MTK_PLAT)/helpers
MODULES-y += $(MTK_PLAT)/topology
diff --git a/plat/mediatek/topology/armv9/topology.c b/plat/mediatek/topology/armv9/topology.c
deleted file mode 100644
index d6ecc83..0000000
--- a/plat/mediatek/topology/armv9/topology.c
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright (c) 2024, Mediatek Inc. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <arch.h>
-#include <lib/psci/psci.h>
-#include <platform_def.h>
-
-#pragma weak plat_get_power_domain_tree_desc
-
-static const unsigned char mtk_power_domain_tree_desc[] = {
- /* Number of root nodes */
- PLATFORM_SYSTEM_COUNT,
- /* Number of children for the root node */
- PLATFORM_CLUSTER_COUNT,
- /* Number of children for the first cluster node */
- PLATFORM_CLUSTER0_CORE_COUNT
-};
-
-/*******************************************************************************
- * This function returns the default topology tree information.
- ******************************************************************************/
-const unsigned char *plat_get_power_domain_tree_desc(void)
-{
- return mtk_power_domain_tree_desc;
-}
diff --git a/plat/nuvoton/npcm845x/platform.mk b/plat/nuvoton/npcm845x/platform.mk
index d73756c..a69336a 100644
--- a/plat/nuvoton/npcm845x/platform.mk
+++ b/plat/nuvoton/npcm845x/platform.mk
@@ -201,7 +201,7 @@
PLAT_BL_COMMON_SOURCES := drivers/delay_timer/delay_timer.c \
drivers/delay_timer/generic_delay_timer.c \
plat/common/plat_gicv2.c \
- plat/arm/common/arm_gicv2.c \
+ plat/common/plat_gicv2_base.c \
plat/nuvoton/common/plat_nuvoton_gic.c \
${NPCM850_GIC_SOURCES} \
plat/nuvoton/npcm845x/npcm845x_common.c \
diff --git a/plat/nxp/s32/s32g274ardb2/plat_helpers.S b/plat/nxp/s32/s32g274ardb2/plat_helpers.S
index 7121900..a7dda0d 100644
--- a/plat/nxp/s32/s32g274ardb2/plat_helpers.S
+++ b/plat/nxp/s32/s32g274ardb2/plat_helpers.S
@@ -113,14 +113,12 @@
/* void platform_mem_init(void); */
func platform_mem_init
mov x10, x30
- mov x0, #BL31_BASE
- mov x1, #(BL31_LIMIT & 0xFFFFU)
- movk x1, #(BL31_LIMIT >> 16), lsl #16
+ mov_imm x0, BL31_BASE
+ mov_imm x1, BL31_LIMIT
sub x1, x1, x0
bl zeromem
- mov x0, #BL33_BASE
- mov x1, #(BL33_LIMIT & 0xFFFFU)
- movk x1, #(BL33_LIMIT >> 16), lsl #16
+ mov_imm x0, BL33_BASE
+ mov_imm x1, BL33_LIMIT
sub x1, x1, x0
bl zeromem
mov x30, x10
diff --git a/plat/qemu/common/common.mk b/plat/qemu/common/common.mk
index da981e5..751511c 100644
--- a/plat/qemu/common/common.mk
+++ b/plat/qemu/common/common.mk
@@ -148,7 +148,7 @@
endif
# Pointer Authentication sources
-ifeq ($(BRANCH_PROTECTION),$(filter $(BRANCH_PROTECTION),1 2 3))
+ifeq ($(BRANCH_PROTECTION),$(filter $(BRANCH_PROTECTION),1 2 3 5))
PLAT_BL_COMMON_SOURCES += plat/arm/common/aarch64/arm_pauth.c
endif
diff --git a/plat/qemu/qemu/qemu_measured_boot.c b/plat/qemu/qemu/qemu_measured_boot.c
index 2759ad6..8f88984 100644
--- a/plat/qemu/qemu/qemu_measured_boot.c
+++ b/plat/qemu/qemu/qemu_measured_boot.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
* Copyright (c) 2022-2023, Linaro.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -7,6 +7,7 @@
#include <stdint.h>
+#include <common/debug.h>
#include <drivers/measured_boot/event_log/event_log.h>
#include <drivers/measured_boot/metadata.h>
#include <plat/common/common_def.h>
@@ -65,7 +66,7 @@
event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_base);
- dump_event_log((uint8_t *)event_log_base, event_log_cur_size);
+ event_log_dump((uint8_t *)event_log_base, event_log_cur_size);
#if TRANSFER_LIST
if (!plat_handoff_mboot((void *)event_log_base, event_log_cur_size,
diff --git a/plat/qti/common/src/aarch64/qti_kryo4_gold.S b/plat/qti/common/src/aarch64/qti_kryo4_gold.S
index 49b7cf0..61eb755 100644
--- a/plat/qti/common/src/aarch64/qti_kryo4_gold.S
+++ b/plat/qti/common/src/aarch64/qti_kryo4_gold.S
@@ -59,9 +59,7 @@
ret
endfunc qti_kryo4_gold_cpu_reg_dump
-declare_cpu_ops_wa qti_kryo4_gold, QTI_KRYO4_GOLD_MIDR, \
+declare_cpu_ops qti_kryo4_gold, QTI_KRYO4_GOLD_MIDR, \
qti_kryo4_gold_reset_func, \
- CPU_NO_EXTRA1_FUNC, \
- cortex_a76_disable_wa_cve_2018_3639, \
cortex_a76_core_pwr_dwn, \
qti_kryo4_gold_cluster_pwr_dwn
diff --git a/plat/qti/msm8916/tsp/msm8916_tsp_setup.c b/plat/qti/msm8916/tsp/msm8916_tsp_setup.c
index 218af57..88d3c93 100644
--- a/plat/qti/msm8916/tsp/msm8916_tsp_setup.c
+++ b/plat/qti/msm8916/tsp/msm8916_tsp_setup.c
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2023, Stephan Gerhold <stephan@gerhold.net>
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,7 +11,8 @@
#include "../msm8916_setup.h"
#include <platform_def.h>
-void tsp_early_platform_setup(void)
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
msm8916_early_platform_setup();
}
diff --git a/plat/qti/sc7280/platform.mk b/plat/qti/sc7280/platform.mk
index 3d7d728..0b5ae52 100644
--- a/plat/qti/sc7280/platform.mk
+++ b/plat/qti/sc7280/platform.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2017-2018, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
# Copyright (c) 2018-2021, The Linux Foundation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -20,7 +20,6 @@
ERRATA_A55_1530923 := 1
ERRATA_A78_1941498 := 1
ERRATA_A78_1951500 := 1
-ERRATA_A78_2132060 := 1
# Disable the PSCI platform compatibility layer
ENABLE_PLAT_COMPAT := 0
diff --git a/plat/rpi/rpi3/rpi3_bl1_mboot.c b/plat/rpi/rpi3/rpi3_bl1_mboot.c
index 4294365..2057962 100644
--- a/plat/rpi/rpi3/rpi3_bl1_mboot.c
+++ b/plat/rpi/rpi3/rpi3_bl1_mboot.c
@@ -131,7 +131,7 @@
event_log_record(hash_data, EV_POST_CODE, metadata_ptr);
/* Dump Event Log for user view */
- dump_event_log((uint8_t *)event_log, event_log_get_cur_size(event_log));
+ event_log_dump((uint8_t *)event_log, event_log_get_cur_size(event_log));
return rc;
}
diff --git a/plat/rpi/rpi3/rpi3_bl2_mboot.c b/plat/rpi/rpi3/rpi3_bl2_mboot.c
index 55c6923..684e697 100644
--- a/plat/rpi/rpi3/rpi3_bl2_mboot.c
+++ b/plat/rpi/rpi3/rpi3_bl2_mboot.c
@@ -106,7 +106,7 @@
flush_dcache_range(ns_log_addr, event_log_cur_size);
/* Dump Event Log for user view */
- dump_event_log((uint8_t *)event_log_start, event_log_cur_size);
+ event_log_dump((uint8_t *)event_log_start, event_log_cur_size);
#if DISCRETE_TPM
/* relinquish control of TPM locality 0 and close interface */
diff --git a/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c b/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
index 4bbb259..31583b5 100644
--- a/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
+++ b/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,7 +15,8 @@
static unsigned int uniphier_soc = UNIPHIER_SOC_UNKNOWN;
-void tsp_early_platform_setup(void)
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
uniphier_soc = uniphier_get_soc_id();
if (uniphier_soc == UNIPHIER_SOC_UNKNOWN)
diff --git a/plat/st/stm32mp2/platform.mk b/plat/st/stm32mp2/platform.mk
index d5e2785..06298a4 100644
--- a/plat/st/stm32mp2/platform.mk
+++ b/plat/st/stm32mp2/platform.mk
@@ -89,6 +89,19 @@
$(eval $(call TOOL_ADD_IMG,STM32MP_DDR_FW,--ddr-fw))
endif
+# Ultratronik Specific Boards
+ifeq ($(findstring ultra-fly,$(DTB_FILE_NAME)),ultra-fly)
+ULTRA_FLY := 1
+$(eval $(call assert_booleans,\
+ $(sort \
+ ULTRA_FLY \
+ )))
+$(eval $(call add_defines,\
+ $(sort \
+ ULTRA_FLY \
+ )))
+endif
+
# Enable flags for C files
$(eval $(call assert_booleans,\
$(sort \
diff --git a/plat/st/stm32mp2/stm32mp2_def.h b/plat/st/stm32mp2/stm32mp2_def.h
index 3e60cad..1b8c4f5 100644
--- a/plat/st/stm32mp2/stm32mp2_def.h
+++ b/plat/st/stm32mp2/stm32mp2_def.h
@@ -221,6 +221,22 @@
/* For UART crash console */
#define STM32MP_DEBUG_USART_CLK_FRQ 64000000
/* USART2 on HSI@64MHz, TX on GPIOA4 Alternate 6 */
+#ifdef ULTRA_FLY
+#define STM32MP_DEBUG_USART_BASE USART1_BASE
+#define DEBUG_UART_TX_GPIO_BANK_ADDRESS GPIOA_BASE
+#define DEBUG_UART_TX_GPIO_BANK_CLK_REG RCC_GPIOACFGR
+#define DEBUG_UART_TX_GPIO_BANK_CLK_EN RCC_GPIOxCFGR_GPIOxEN
+#define DEBUG_UART_TX_GPIO_PORT 3
+#define DEBUG_UART_TX_GPIO_ALTERNATE 6
+#define DEBUG_UART_TX_CLKSRC_REG RCC_XBAR8CFGR
+#define DEBUG_UART_TX_CLKSRC XBAR_SRC_HSI
+#define DEBUG_UART_TX_EN_REG RCC_USART1CFGR
+#define DEBUG_UART_TX_EN RCC_UARTxCFGR_UARTxEN
+#define DEBUG_UART_RST_REG RCC_USART1CFGR
+#define DEBUG_UART_RST_BIT RCC_UARTxCFGR_UARTxRST
+#define DEBUG_UART_PREDIV_CFGR RCC_PREDIV19CFGR
+#define DEBUG_UART_FINDIV_CFGR RCC_FINDIV19CFGR
+#else
#define STM32MP_DEBUG_USART_BASE USART2_BASE
#define DEBUG_UART_TX_GPIO_BANK_ADDRESS GPIOA_BASE
#define DEBUG_UART_TX_GPIO_BANK_CLK_REG RCC_GPIOACFGR
@@ -235,6 +251,7 @@
#define DEBUG_UART_RST_BIT RCC_UARTxCFGR_UARTxRST
#define DEBUG_UART_PREDIV_CFGR RCC_PREDIV8CFGR
#define DEBUG_UART_FINDIV_CFGR RCC_FINDIV8CFGR
+#endif
/*******************************************************************************
* STM32MP2 SDMMC
diff --git a/plat/ti/k3/include/k3_console.h b/plat/ti/common/include/k3_console.h
similarity index 100%
rename from plat/ti/k3/include/k3_console.h
rename to plat/ti/common/include/k3_console.h
diff --git a/plat/ti/k3/include/k3_gicv3.h b/plat/ti/common/include/k3_gicv3.h
similarity index 100%
rename from plat/ti/k3/include/k3_gicv3.h
rename to plat/ti/common/include/k3_gicv3.h
diff --git a/plat/ti/k3/include/plat_macros.S b/plat/ti/common/include/plat_macros.S
similarity index 100%
rename from plat/ti/k3/include/plat_macros.S
rename to plat/ti/common/include/plat_macros.S
diff --git a/plat/ti/common/include/plat_private.h b/plat/ti/common/include/plat_private.h
new file mode 100644
index 0000000..697cc5c
--- /dev/null
+++ b/plat/ti/common/include/plat_private.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) 2025 Texas Instruments Incorporated - https://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef PLATFORM_PRIVATE_H
+#define PLATFORM_PRIVATE_H
+
+#include <drivers/generic_delay_timer.h>
+#include <lib/mmio.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+
+#include <board_def.h>
+
+#define ADDR_DOWN(_adr) (_adr & XLAT_ADDR_MASK(2U))
+#define SIZE_UP(_adr, _sz) (round_up((_adr + _sz), XLAT_BLOCK_SIZE(2U)) - ADDR_DOWN(_adr))
+
+#define K3_MAP_REGION_FLAT(_adr, _sz, _attr) \
+ MAP_REGION_FLAT(ADDR_DOWN(_adr), SIZE_UP(_adr, _sz), _attr)
+
+extern const mmap_region_t plat_k3_mmap[];
+
+/* Any kind of SOC specific init can be done here */
+int ti_soc_init(void);
+
+#endif /* PLATFORM_PRIVATE_H */
diff --git a/plat/ti/common/include/ti_platform_defs.h b/plat/ti/common/include/ti_platform_defs.h
new file mode 100644
index 0000000..44c2f94
--- /dev/null
+++ b/plat/ti/common/include/ti_platform_defs.h
@@ -0,0 +1,182 @@
+/*
+ * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TI_PLATFORM_DEF_H
+#define TI_PLATFORM_DEF_H
+
+#include <arch.h>
+#include <plat/common/common_def.h>
+
+#include <board_def.h>
+
+/*******************************************************************************
+ * Generic platform constants
+ ******************************************************************************/
+
+/* Size of cacheable stack */
+#if IMAGE_BL31
+#define PLATFORM_STACK_SIZE 0x800
+#else
+#define PLATFORM_STACK_SIZE 0x1000
+#endif
+
+#define PLATFORM_SYSTEM_COUNT 1
+#define PLATFORM_CORE_COUNT (K3_CLUSTER0_CORE_COUNT + \
+ K3_CLUSTER1_CORE_COUNT + \
+ K3_CLUSTER2_CORE_COUNT + \
+ K3_CLUSTER3_CORE_COUNT)
+
+#define PLATFORM_CLUSTER_COUNT ((K3_CLUSTER0_CORE_COUNT != 0) + \
+ (K3_CLUSTER1_CORE_COUNT != 0) + \
+ (K3_CLUSTER2_CORE_COUNT != 0) + \
+ (K3_CLUSTER3_CORE_COUNT != 0))
+
+#define PLAT_NUM_PWR_DOMAINS (PLATFORM_SYSTEM_COUNT + \
+ PLATFORM_CLUSTER_COUNT + \
+ PLATFORM_CORE_COUNT)
+#define PLAT_MAX_PWR_LVL MPIDR_AFFLVL2
+#define PLAT_MAX_OFF_STATE U(2)
+#define PLAT_MAX_RET_STATE U(1)
+
+/*******************************************************************************
+ * Memory layout constants
+ ******************************************************************************/
+
+/*
+ * This RAM will be used for the bootloader including code, bss, and stacks.
+ * It may need to be increased if BL31 grows in size.
+ *
+ * The link addresses are determined by BL31_BASE + offset.
+ * When ENABLE_PIE is set, the TF images can be loaded anywhere, so
+ * BL31_BASE is really arbitrary.
+ *
+ * When ENABLE_PIE is unset, BL31_BASE should be chosen so that
+ * it matches to the physical address where BL31 is loaded, that is,
+ * BL31_BASE should be the base address of the RAM region.
+ *
+ * Lets make things explicit by mapping BL31_BASE to 0x0 since ENABLE_PIE is
+ * defined as default for our platform.
+ */
+#define BL31_BASE UL(0x00000000) /* PIE remapped on fly */
+#define BL31_SIZE UL(0x00020000) /* 128k */
+#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
+
+/*
+ * Defines the maximum number of translation tables that are allocated by the
+ * translation table library code. To minimize the amount of runtime memory
+ * used, choose the smallest value needed to map the required virtual addresses
+ * for each BL stage.
+ */
+#define MAX_XLAT_TABLES 4
+
+/*
+ * Defines the maximum number of regions that are allocated by the translation
+ * table library code. A region consists of physical base address, virtual base
+ * address, size and attributes (Device/Memory, RO/RW, Secure/Non-Secure), as
+ * defined in the `mmap_region_t` structure. The platform defines the regions
+ * that should be mapped. Then, the translation table library will create the
+ * corresponding tables and descriptors at runtime. To minimize the amount of
+ * runtime memory used, choose the smallest value needed to register the
+ * required regions for each BL stage.
+ */
+#if USE_COHERENT_MEM
+#define MAX_MMAP_REGIONS 11
+#else
+#define MAX_MMAP_REGIONS 10
+#endif
+
+/*
+ * Defines the total size of the address space in bytes. For example, for a 32
+ * bit address space, this value should be `(1ull << 32)`.
+ */
+#define PLAT_PHY_ADDR_SPACE_SIZE (1ull << 32)
+#define PLAT_VIRT_ADDR_SPACE_SIZE (1ull << 32)
+
+/*
+ * Some data must be aligned on the biggest cache line size in the platform.
+ * This is known only to the platform as it might have a combination of
+ * integrated and external caches.
+ */
+#define CACHE_WRITEBACK_SHIFT 6
+#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
+
+/* Platform default console definitions */
+#ifndef K3_USART_BASE
+#define K3_USART_BASE (0x02800000 + 0x10000 * K3_USART)
+#endif
+
+/* USART has a default size for address space */
+#define K3_USART_SIZE 0x1000
+
+#ifndef K3_USART_CLK_SPEED
+#define K3_USART_CLK_SPEED 48000000
+#endif
+
+/* Crash console defaults */
+#define CRASH_CONSOLE_BASE K3_USART_BASE
+#define CRASH_CONSOLE_CLK K3_USART_CLK_SPEED
+#define CRASH_CONSOLE_BAUD_RATE K3_USART_BAUD
+
+/* Timer frequency */
+#ifndef SYS_COUNTER_FREQ_IN_TICKS
+#define SYS_COUNTER_FREQ_IN_TICKS 200000000
+#endif
+
+/* Interrupt numbers */
+#define ARM_IRQ_SEC_PHY_TIMER 29
+
+#define ARM_IRQ_SEC_SGI_0 8
+#define ARM_IRQ_SEC_SGI_1 9
+#define ARM_IRQ_SEC_SGI_2 10
+#define ARM_IRQ_SEC_SGI_3 11
+#define ARM_IRQ_SEC_SGI_4 12
+#define ARM_IRQ_SEC_SGI_5 13
+#define ARM_IRQ_SEC_SGI_6 14
+#define ARM_IRQ_SEC_SGI_7 15
+
+/*
+ * Define properties of Group 1 Secure and Group 0 interrupts as per GICv3
+ * terminology. On a GICv2 system or mode, the lists will be merged and treated
+ * as Group 0 interrupts.
+ */
+#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(ARM_IRQ_SEC_PHY_TIMER, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_LEVEL), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_1, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_2, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_3, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_4, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_5, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_7, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE)
+
+#define PLAT_ARM_G0_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_0, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(ARM_IRQ_SEC_SGI_6, GIC_HIGHEST_SEC_PRIORITY, grp, \
+ GIC_INTR_CFG_EDGE)
+
+
+#define K3_GTC_BASE 0x00A90000
+/* We just need 20 byte offset, but simpler to just remap the 64K page in */
+#define K3_GTC_SIZE 0x10000
+#define K3_GTC_CNTCR_OFFSET 0x00
+#define K3_GTC_CNTCR_EN_MASK 0x01
+#define K3_GTC_CNTCR_HDBG_MASK 0x02
+#define K3_GTC_CNTFID0_OFFSET 0x20
+
+#define K3_GIC_BASE 0x01800000
+#define K3_GIC_SIZE 0x200000
+
+#define TI_SCI_HOST_ID 10
+#define TI_SCI_MAX_MESSAGE_SIZE 52
+
+#endif /* TI_PLATFORM_DEF_H */
diff --git a/plat/ti/k3/common/k3_console.c b/plat/ti/common/k3_console.c
similarity index 100%
rename from plat/ti/k3/common/k3_console.c
rename to plat/ti/common/k3_console.c
diff --git a/plat/ti/k3/common/k3_gicv3.c b/plat/ti/common/k3_gicv3.c
similarity index 100%
rename from plat/ti/k3/common/k3_gicv3.c
rename to plat/ti/common/k3_gicv3.c
diff --git a/plat/ti/k3/common/k3_helpers.S b/plat/ti/common/k3_helpers.S
similarity index 100%
rename from plat/ti/k3/common/k3_helpers.S
rename to plat/ti/common/k3_helpers.S
diff --git a/plat/ti/k3/common/plat_common.mk b/plat/ti/common/plat_common.mk
similarity index 77%
rename from plat/ti/k3/common/plat_common.mk
rename to plat/ti/common/plat_common.mk
index 8db732c..1f1b618 100644
--- a/plat/ti/k3/common/plat_common.mk
+++ b/plat/ti/common/plat_common.mk
@@ -51,12 +51,11 @@
PLAT_INCLUDES += \
-I${PLAT_PATH}/include \
- -I${PLAT_PATH}/common/drivers/sec_proxy \
- -I${PLAT_PATH}/common/drivers/ti_sci \
+ -Idrivers/ti/ti_sci \
K3_CONSOLE_SOURCES += \
drivers/ti/uart/aarch64/16550_console.S \
- ${PLAT_PATH}/common/k3_console.c \
+ plat/ti/common/k3_console.c \
# Include GICv3 driver files
include drivers/arm/gic/v3/gicv3.mk
@@ -64,17 +63,14 @@
K3_GIC_SOURCES += \
${GICV3_SOURCES} \
plat/common/plat_gicv3.c \
- ${PLAT_PATH}/common/k3_gicv3.c \
+ plat/ti/common/k3_gicv3.c \
K3_PSCI_SOURCES += \
plat/common/plat_psci_common.c \
- ${PLAT_PATH}/common/k3_psci.c \
-K3_SEC_PROXY_SOURCES += \
- ${PLAT_PATH}/common/drivers/sec_proxy/sec_proxy.c \
K3_TI_SCI_SOURCES += \
- ${PLAT_PATH}/common/drivers/ti_sci/ti_sci.c \
+ drivers/ti/ti_sci/ti_sci.c \
PLAT_BL_COMMON_SOURCES += \
lib/cpus/aarch64/cortex_a53.S \
@@ -83,10 +79,7 @@
${K3_CONSOLE_SOURCES} \
BL31_SOURCES += \
- ${PLAT_PATH}/common/k3_bl31_setup.c \
- ${PLAT_PATH}/common/k3_helpers.S \
- ${PLAT_PATH}/common/k3_topology.c \
+ plat/ti/common/ti_bl31_setup.c \
+ plat/ti/common/k3_helpers.S \
${K3_GIC_SOURCES} \
- ${K3_PSCI_SOURCES} \
- ${K3_SEC_PROXY_SOURCES} \
${K3_TI_SCI_SOURCES} \
diff --git a/plat/ti/common/ti_bl31_setup.c b/plat/ti/common/ti_bl31_setup.c
new file mode 100644
index 0000000..8038452
--- /dev/null
+++ b/plat/ti/common/ti_bl31_setup.c
@@ -0,0 +1,177 @@
+/*
+ * Copyright (c) 2017-2025, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <string.h>
+
+#include <arch.h>
+#include <arch_helpers.h>
+#include <common/bl_common.h>
+#include <common/debug.h>
+#include <lib/mmio.h>
+#include <lib/xlat_tables/xlat_tables_v2.h>
+#include <ti_sci.h>
+
+#include <k3_console.h>
+#include <k3_gicv3.h>
+#include <plat_private.h>
+#include <platform_def.h>
+
+/*
+ * Placeholder variables for maintaining information about the next image(s)
+ */
+static entry_point_info_t bl32_image_ep_info;
+static entry_point_info_t bl33_image_ep_info;
+
+/*******************************************************************************
+ * Gets SPSR for BL33 entry
+ ******************************************************************************/
+static uint32_t k3_get_spsr_for_bl33_entry(void)
+{
+ unsigned long el_status;
+ unsigned int mode;
+ uint32_t spsr;
+
+ /* Figure out what mode we enter the non-secure world in */
+ el_status = read_id_aa64pfr0_el1() >> ID_AA64PFR0_EL2_SHIFT;
+ el_status &= ID_AA64PFR0_ELX_MASK;
+
+ mode = (el_status) ? MODE_EL2 : MODE_EL1;
+
+ spsr = SPSR_64(mode, MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS);
+ return spsr;
+}
+
+/*******************************************************************************
+ * Perform any BL3-1 early platform setup, such as console init and deciding on
+ * memory layout.
+ ******************************************************************************/
+void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
+{
+ /* Initialize the console to provide early debug support */
+ k3_console_setup();
+
+#ifdef BL32_BASE
+ /* Populate entry point information for BL32 */
+ SET_PARAM_HEAD(&bl32_image_ep_info, PARAM_EP, VERSION_1, 0);
+ bl32_image_ep_info.pc = BL32_BASE;
+ bl32_image_ep_info.spsr = SPSR_64(MODE_EL1, MODE_SP_ELX,
+ DISABLE_ALL_EXCEPTIONS);
+ SET_SECURITY_STATE(bl32_image_ep_info.h.attr, SECURE);
+#endif
+
+ /* Populate entry point information for BL33 */
+ SET_PARAM_HEAD(&bl33_image_ep_info, PARAM_EP, VERSION_1, 0);
+ bl33_image_ep_info.pc = PRELOADED_BL33_BASE;
+ bl33_image_ep_info.spsr = k3_get_spsr_for_bl33_entry();
+ SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
+
+#ifdef K3_HW_CONFIG_BASE
+ /*
+ * According to the file ``Documentation/arch/arm64/booting.rst`` of the
+ * Linux kernel tree, Linux expects the physical address of the device
+ * tree blob (DTB) in x0, while x1-x3 are reserved for future use and
+ * must be 0.
+ */
+ bl33_image_ep_info.args.arg0 = (u_register_t)K3_HW_CONFIG_BASE;
+ bl33_image_ep_info.args.arg1 = 0U;
+ bl33_image_ep_info.args.arg2 = 0U;
+ bl33_image_ep_info.args.arg3 = 0U;
+#endif
+}
+
+void bl31_plat_arch_setup(void)
+{
+ const mmap_region_t bl_regions[] = {
+ MAP_REGION_FLAT(BL31_START, BL31_SIZE, MT_MEMORY | MT_RW | MT_SECURE),
+ MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE,
+ MT_CODE | MT_RO | MT_SECURE),
+ MAP_REGION_FLAT(BL_RO_DATA_BASE, BL_RO_DATA_END - BL_RO_DATA_BASE,
+ MT_RO_DATA | MT_RO | MT_SECURE),
+#if USE_COHERENT_MEM
+ MAP_REGION_FLAT(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE,
+ MT_DEVICE | MT_RW | MT_SECURE),
+#endif
+ { /* sentinel */ }
+ };
+
+ setup_page_tables(bl_regions, plat_k3_mmap);
+ enable_mmu_el3(0);
+}
+
+void bl31_platform_setup(void)
+{
+ k3_gic_driver_init(K3_GIC_BASE);
+ k3_gic_init();
+ ti_soc_init();
+}
+
+void platform_mem_init(void)
+{
+ /* Do nothing for now... */
+}
+
+unsigned int plat_get_syscnt_freq2(void)
+{
+ uint32_t gtc_freq;
+ uint32_t gtc_ctrl;
+
+ /* Lets try and provide basic diagnostics - cost is low */
+ gtc_ctrl = mmio_read_32(K3_GTC_BASE + K3_GTC_CNTCR_OFFSET);
+ /* Did the bootloader fail to enable timer and OS guys are confused? */
+ if ((gtc_ctrl & K3_GTC_CNTCR_EN_MASK) == 0U) {
+ ERROR("GTC is disabled! Timekeeping broken. Fix Bootloader\n");
+ }
+ /*
+ * If debug will not pause time, we will have issues like
+ * drivers timing out while debugging, in cases of OS like Linux,
+ * RCU stall errors, which can be hard to differentiate vs real issues.
+ */
+ if ((gtc_ctrl & K3_GTC_CNTCR_HDBG_MASK) == 0U) {
+ WARN("GTC: Debug access doesn't stop time. Fix Bootloader\n");
+ }
+
+ gtc_freq = mmio_read_32(K3_GTC_BASE + K3_GTC_CNTFID0_OFFSET);
+ /* Many older bootloaders may have missed programming FID0 register */
+ if (gtc_freq != 0U) {
+ return gtc_freq;
+ }
+
+ /*
+ * We could have just warned about this, but this can have serious
+ * hard to debug side effects if we are NOT sure what the actual
+ * frequency is. Lets make sure people don't miss this.
+ */
+ ERROR("GTC_CNTFID0 is 0! Assuming %d Hz. Fix Bootloader\n",
+ SYS_COUNTER_FREQ_IN_TICKS);
+
+ return SYS_COUNTER_FREQ_IN_TICKS;
+}
+
+/*******************************************************************************
+ * Return a pointer to the 'entry_point_info' structure of the next image
+ * for the security state specified. BL3-3 corresponds to the non-secure
+ * image type while BL3-2 corresponds to the secure image type. A NULL
+ * pointer is returned if the image does not exist.
+ ******************************************************************************/
+entry_point_info_t *bl31_plat_get_next_image_ep_info(uint32_t type)
+{
+ entry_point_info_t *next_image_info;
+
+ assert(sec_state_is_valid(type));
+ next_image_info = (type == NON_SECURE) ? &bl33_image_ep_info :
+ &bl32_image_ep_info;
+ /*
+ * None of the images on the ARM development platforms can have 0x0
+ * as the entrypoint
+ */
+ if (next_image_info->pc)
+ return next_image_info;
+
+ NOTICE("Requested nonexistent image\n");
+ return NULL;
+}
diff --git a/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.h b/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.h
deleted file mode 100644
index 4005102..0000000
--- a/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Texas Instruments K3 Secure Proxy Driver
- * Based on Linux and U-Boot implementation
- *
- * Copyright (C) 2018 Texas Instruments Incorporated - http://www.ti.com/
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef SEC_PROXY_H
-#define SEC_PROXY_H
-
-#include <stdint.h>
-
-/**
- * enum k3_sec_proxy_chan_id - Secure Proxy thread IDs
- *
- * These the available IDs used in k3_sec_proxy_{send,recv}()
- * There are two schemes we use:
- * * if K3_SEC_PROXY_LITE = 1, we just have two threads to talk
- * * if K3_SEC_PROXY_LITE = 0, we have the full fledged
- * communication scheme available.
- */
-enum k3_sec_proxy_chan_id {
-#if !K3_SEC_PROXY_LITE
- SP_NOTIFY = 0,
- SP_RESPONSE,
- SP_HIGH_PRIORITY,
- SP_LOW_PRIORITY,
- SP_NOTIFY_RESP,
-#else
- SP_RESPONSE = 8,
- /*
- * Note: TISCI documentation indicates "low priority", but in reality
- * with a single thread, there is no low or high priority.. This usage
- * is more appropriate for TF-A since we can reduce the churn as a
- * result.
- */
- SP_HIGH_PRIORITY,
-#endif /* K3_SEC_PROXY_LITE */
-};
-
-/**
- * struct k3_sec_proxy_msg - Secure proxy message structure
- * @len: Length of data in the Buffer
- * @buf: Buffer pointer
- *
- * This is the structure for data used in k3_sec_proxy_{send,recv}()
- */
-struct k3_sec_proxy_msg {
- size_t len;
- uint8_t *buf;
-};
-
-/**
- * k3_sec_proxy_clear_rx_thread() - Clear a receive Secure Proxy thread
- * @id: Channel Identifier
- * @msg: Pointer to k3_sec_proxy_msg
- *
- * Return: 0 if all goes well, else appropriate error message
- */
-int k3_sec_proxy_clear_rx_thread(enum k3_sec_proxy_chan_id id);
-
-/**
- * k3_sec_proxy_send() - Send data over a Secure Proxy thread
- * @id: Channel Identifier
- * @msg: Pointer to k3_sec_proxy_msg
- *
- * Return: 0 if all goes well, else appropriate error message
- */
-int k3_sec_proxy_send(enum k3_sec_proxy_chan_id id, const struct k3_sec_proxy_msg *msg);
-
-/**
- * k3_sec_proxy_recv() - Receive data from a Secure Proxy thread
- * @id: Channel Identifier
- * @msg: Pointer to k3_sec_proxy_msg
- *
- * Return: 0 if all goes well, else appropriate error message
- */
-int k3_sec_proxy_recv(enum k3_sec_proxy_chan_id id, struct k3_sec_proxy_msg *msg);
-
-#endif /* SEC_PROXY_H */
diff --git a/plat/ti/k3/common/k3_bl31_setup.c b/plat/ti/k3/common/k3_bl31_setup.c
index 63fe020..1b93dc8 100644
--- a/plat/ti/k3/common/k3_bl31_setup.c
+++ b/plat/ti/k3/common/k3_bl31_setup.c
@@ -1,30 +1,16 @@
/*
* Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (C) 2025 Texas Instruments Incorporated - https://www.ti.com/
+ * K3 SOC specific bl31_setup
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <assert.h>
-#include <string.h>
-
-#include <platform_def.h>
-
-#include <arch.h>
-#include <arch_helpers.h>
-#include <common/bl_common.h>
#include <common/debug.h>
-#include <lib/mmio.h>
-#include <lib/xlat_tables/xlat_tables_v2.h>
-
-#include <k3_console.h>
-#include <k3_gicv3.h>
#include <ti_sci.h>
+#include <ti_sci_transport.h>
-#define ADDR_DOWN(_adr) (_adr & XLAT_ADDR_MASK(2U))
-#define SIZE_UP(_adr, _sz) (round_up((_adr + _sz), XLAT_BLOCK_SIZE(2U)) - ADDR_DOWN(_adr))
-
-#define K3_MAP_REGION_FLAT(_adr, _sz, _attr) \
- MAP_REGION_FLAT(ADDR_DOWN(_adr), SIZE_UP(_adr, _sz), _attr)
+#include <plat_private.h>
/* Table of regions to map using the MMU */
const mmap_region_t plat_k3_mmap[] = {
@@ -37,98 +23,15 @@
{ /* sentinel */ }
};
-/*
- * Placeholder variables for maintaining information about the next image(s)
- */
-static entry_point_info_t bl32_image_ep_info;
-static entry_point_info_t bl33_image_ep_info;
-
-/*******************************************************************************
- * Gets SPSR for BL33 entry
- ******************************************************************************/
-static uint32_t k3_get_spsr_for_bl33_entry(void)
-{
- unsigned long el_status;
- unsigned int mode;
- uint32_t spsr;
-
- /* Figure out what mode we enter the non-secure world in */
- el_status = read_id_aa64pfr0_el1() >> ID_AA64PFR0_EL2_SHIFT;
- el_status &= ID_AA64PFR0_ELX_MASK;
-
- mode = (el_status) ? MODE_EL2 : MODE_EL1;
-
- spsr = SPSR_64(mode, MODE_SP_ELX, DISABLE_ALL_EXCEPTIONS);
- return spsr;
-}
-
-/*******************************************************************************
- * Perform any BL3-1 early platform setup, such as console init and deciding on
- * memory layout.
- ******************************************************************************/
-void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
- u_register_t arg2, u_register_t arg3)
-{
- /* Initialize the console to provide early debug support */
- k3_console_setup();
-
-#ifdef BL32_BASE
- /* Populate entry point information for BL32 */
- SET_PARAM_HEAD(&bl32_image_ep_info, PARAM_EP, VERSION_1, 0);
- bl32_image_ep_info.pc = BL32_BASE;
- bl32_image_ep_info.spsr = SPSR_64(MODE_EL1, MODE_SP_ELX,
- DISABLE_ALL_EXCEPTIONS);
- SET_SECURITY_STATE(bl32_image_ep_info.h.attr, SECURE);
-#endif
-
- /* Populate entry point information for BL33 */
- SET_PARAM_HEAD(&bl33_image_ep_info, PARAM_EP, VERSION_1, 0);
- bl33_image_ep_info.pc = PRELOADED_BL33_BASE;
- bl33_image_ep_info.spsr = k3_get_spsr_for_bl33_entry();
- SET_SECURITY_STATE(bl33_image_ep_info.h.attr, NON_SECURE);
-
-#ifdef K3_HW_CONFIG_BASE
- /*
- * According to the file ``Documentation/arm64/booting.txt`` of the
- * Linux kernel tree, Linux expects the physical address of the device
- * tree blob (DTB) in x0, while x1-x3 are reserved for future use and
- * must be 0.
- */
- bl33_image_ep_info.args.arg0 = (u_register_t)K3_HW_CONFIG_BASE;
- bl33_image_ep_info.args.arg1 = 0U;
- bl33_image_ep_info.args.arg2 = 0U;
- bl33_image_ep_info.args.arg3 = 0U;
-#endif
-}
-
-void bl31_plat_arch_setup(void)
-{
- const mmap_region_t bl_regions[] = {
- MAP_REGION_FLAT(BL31_START, BL31_SIZE, MT_MEMORY | MT_RW | MT_SECURE),
- MAP_REGION_FLAT(BL_CODE_BASE, BL_CODE_END - BL_CODE_BASE, MT_CODE | MT_RO | MT_SECURE),
- MAP_REGION_FLAT(BL_RO_DATA_BASE, BL_RO_DATA_END - BL_RO_DATA_BASE, MT_RO_DATA | MT_RO | MT_SECURE),
-#if USE_COHERENT_MEM
- MAP_REGION_FLAT(BL_COHERENT_RAM_BASE, BL_COHERENT_RAM_END - BL_COHERENT_RAM_BASE, MT_DEVICE | MT_RW | MT_SECURE),
-#endif
- { /* sentinel */ }
- };
-
- setup_page_tables(bl_regions, plat_k3_mmap);
- enable_mmu_el3(0);
-}
-
-void bl31_platform_setup(void)
+int ti_soc_init(void)
{
struct ti_sci_msg_version version;
int ret;
- k3_gic_driver_init(K3_GIC_BASE);
- k3_gic_init();
-
ret = ti_sci_get_revision(&version);
if (ret) {
ERROR("Unable to communicate with the control firmware (%d)\n", ret);
- return;
+ return ret;
}
INFO("SYSFW ABI: %d.%d (firmware rev 0x%04x '%s')\n",
@@ -157,70 +60,5 @@
} else {
NOTICE("Upgrade Firmwares for Power off functionality\n");
}
-}
-
-void platform_mem_init(void)
-{
- /* Do nothing for now... */
-}
-
-unsigned int plat_get_syscnt_freq2(void)
-{
- uint32_t gtc_freq;
- uint32_t gtc_ctrl;
-
- /* Lets try and provide basic diagnostics - cost is low */
- gtc_ctrl = mmio_read_32(K3_GTC_BASE + K3_GTC_CNTCR_OFFSET);
- /* Did the bootloader fail to enable timer and OS guys are confused? */
- if ((gtc_ctrl & K3_GTC_CNTCR_EN_MASK) == 0U) {
- ERROR("GTC is disabled! Timekeeping broken. Fix Bootloader\n");
- }
- /*
- * If debug will not pause time, we will have issues like
- * drivers timing out while debugging, in cases of OS like Linux,
- * RCU stall errors, which can be hard to differentiate vs real issues.
- */
- if ((gtc_ctrl & K3_GTC_CNTCR_HDBG_MASK) == 0U) {
- WARN("GTC: Debug access doesn't stop time. Fix Bootloader\n");
- }
-
- gtc_freq = mmio_read_32(K3_GTC_BASE + K3_GTC_CNTFID0_OFFSET);
- /* Many older bootloaders may have missed programming FID0 register */
- if (gtc_freq != 0U) {
- return gtc_freq;
- }
-
- /*
- * We could have just warned about this, but this can have serious
- * hard to debug side effects if we are NOT sure what the actual
- * frequency is. Lets make sure people don't miss this.
- */
- ERROR("GTC_CNTFID0 is 0! Assuming %d Hz. Fix Bootloader\n",
- SYS_COUNTER_FREQ_IN_TICKS);
-
- return SYS_COUNTER_FREQ_IN_TICKS;
-}
-
-/*******************************************************************************
- * Return a pointer to the 'entry_point_info' structure of the next image
- * for the security state specified. BL3-3 corresponds to the non-secure
- * image type while BL3-2 corresponds to the secure image type. A NULL
- * pointer is returned if the image does not exist.
- ******************************************************************************/
-entry_point_info_t *bl31_plat_get_next_image_ep_info(uint32_t type)
-{
- entry_point_info_t *next_image_info;
-
- assert(sec_state_is_valid(type));
- next_image_info = (type == NON_SECURE) ? &bl33_image_ep_info :
- &bl32_image_ep_info;
- /*
- * None of the images on the ARM development platforms can have 0x0
- * as the entrypoint
- */
- if (next_image_info->pc)
- return next_image_info;
-
- NOTICE("Requested nonexistent image\n");
- return NULL;
+ return 0;
}
diff --git a/plat/ti/k3/include/platform_def.h b/plat/ti/k3/include/platform_def.h
index a2cc62d..db5e31d 100644
--- a/plat/ti/k3/include/platform_def.h
+++ b/plat/ti/k3/include/platform_def.h
@@ -7,174 +7,7 @@
#ifndef PLATFORM_DEF_H
#define PLATFORM_DEF_H
-#include <arch.h>
-#include <plat/common/common_def.h>
-
-#include <board_def.h>
-
-/*******************************************************************************
- * Generic platform constants
- ******************************************************************************/
-
-/* Size of cacheable stack */
-#if IMAGE_BL31
-#define PLATFORM_STACK_SIZE 0x800
-#else
-#define PLATFORM_STACK_SIZE 0x1000
-#endif
-
-#define PLATFORM_SYSTEM_COUNT 1
-#define PLATFORM_CORE_COUNT (K3_CLUSTER0_CORE_COUNT + \
- K3_CLUSTER1_CORE_COUNT + \
- K3_CLUSTER2_CORE_COUNT + \
- K3_CLUSTER3_CORE_COUNT)
-
-#define PLATFORM_CLUSTER_COUNT ((K3_CLUSTER0_CORE_COUNT != 0) + \
- (K3_CLUSTER1_CORE_COUNT != 0) + \
- (K3_CLUSTER2_CORE_COUNT != 0) + \
- (K3_CLUSTER3_CORE_COUNT != 0))
-
-#define PLAT_NUM_PWR_DOMAINS (PLATFORM_SYSTEM_COUNT + \
- PLATFORM_CLUSTER_COUNT + \
- PLATFORM_CORE_COUNT)
-#define PLAT_MAX_PWR_LVL MPIDR_AFFLVL2
-#define PLAT_MAX_OFF_STATE U(2)
-#define PLAT_MAX_RET_STATE U(1)
-
-/*******************************************************************************
- * Memory layout constants
- ******************************************************************************/
-
-/*
- * This RAM will be used for the bootloader including code, bss, and stacks.
- * It may need to be increased if BL31 grows in size.
- *
- * The link addresses are determined by BL31_BASE + offset.
- * When ENABLE_PIE is set, the TF images can be loaded anywhere, so
- * BL31_BASE is really arbitrary.
- *
- * When ENABLE_PIE is unset, BL31_BASE should be chosen so that
- * it matches to the physical address where BL31 is loaded, that is,
- * BL31_BASE should be the base address of the RAM region.
- *
- * Lets make things explicit by mapping BL31_BASE to 0x0 since ENABLE_PIE is
- * defined as default for our platform.
- */
-#define BL31_BASE UL(0x00000000) /* PIE remapped on fly */
-#define BL31_SIZE UL(0x00020000) /* 128k */
-#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
-
-/*
- * Defines the maximum number of translation tables that are allocated by the
- * translation table library code. To minimize the amount of runtime memory
- * used, choose the smallest value needed to map the required virtual addresses
- * for each BL stage.
- */
-#define MAX_XLAT_TABLES 4
-
-/*
- * Defines the maximum number of regions that are allocated by the translation
- * table library code. A region consists of physical base address, virtual base
- * address, size and attributes (Device/Memory, RO/RW, Secure/Non-Secure), as
- * defined in the `mmap_region_t` structure. The platform defines the regions
- * that should be mapped. Then, the translation table library will create the
- * corresponding tables and descriptors at runtime. To minimize the amount of
- * runtime memory used, choose the smallest value needed to register the
- * required regions for each BL stage.
- */
-#if USE_COHERENT_MEM
-#define MAX_MMAP_REGIONS 11
-#else
-#define MAX_MMAP_REGIONS 10
-#endif
-
-/*
- * Defines the total size of the address space in bytes. For example, for a 32
- * bit address space, this value should be `(1ull << 32)`.
- */
-#define PLAT_PHY_ADDR_SPACE_SIZE (1ull << 32)
-#define PLAT_VIRT_ADDR_SPACE_SIZE (1ull << 32)
-
-/*
- * Some data must be aligned on the biggest cache line size in the platform.
- * This is known only to the platform as it might have a combination of
- * integrated and external caches.
- */
-#define CACHE_WRITEBACK_SHIFT 6
-#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
-
-/* Platform default console definitions */
-#ifndef K3_USART_BASE
-#define K3_USART_BASE (0x02800000 + 0x10000 * K3_USART)
-#endif
-
-/* USART has a default size for address space */
-#define K3_USART_SIZE 0x1000
-
-#ifndef K3_USART_CLK_SPEED
-#define K3_USART_CLK_SPEED 48000000
-#endif
-
-/* Crash console defaults */
-#define CRASH_CONSOLE_BASE K3_USART_BASE
-#define CRASH_CONSOLE_CLK K3_USART_CLK_SPEED
-#define CRASH_CONSOLE_BAUD_RATE K3_USART_BAUD
-
-/* Timer frequency */
-#ifndef SYS_COUNTER_FREQ_IN_TICKS
-#define SYS_COUNTER_FREQ_IN_TICKS 200000000
-#endif
-
-/* Interrupt numbers */
-#define ARM_IRQ_SEC_PHY_TIMER 29
-
-#define ARM_IRQ_SEC_SGI_0 8
-#define ARM_IRQ_SEC_SGI_1 9
-#define ARM_IRQ_SEC_SGI_2 10
-#define ARM_IRQ_SEC_SGI_3 11
-#define ARM_IRQ_SEC_SGI_4 12
-#define ARM_IRQ_SEC_SGI_5 13
-#define ARM_IRQ_SEC_SGI_6 14
-#define ARM_IRQ_SEC_SGI_7 15
-
-/*
- * Define properties of Group 1 Secure and Group 0 interrupts as per GICv3
- * terminology. On a GICv2 system or mode, the lists will be merged and treated
- * as Group 0 interrupts.
- */
-#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
- INTR_PROP_DESC(ARM_IRQ_SEC_PHY_TIMER, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_LEVEL), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_1, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_2, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_3, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_4, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_5, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_7, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE)
-
-#define PLAT_ARM_G0_IRQ_PROPS(grp) \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_0, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE), \
- INTR_PROP_DESC(ARM_IRQ_SEC_SGI_6, GIC_HIGHEST_SEC_PRIORITY, grp, \
- GIC_INTR_CFG_EDGE)
-
-
-#define K3_GTC_BASE 0x00A90000
-/* We just need 20 byte offset, but simpler to just remap the 64K page in */
-#define K3_GTC_SIZE 0x10000
-#define K3_GTC_CNTCR_OFFSET 0x00
-#define K3_GTC_CNTCR_EN_MASK 0x01
-#define K3_GTC_CNTCR_HDBG_MASK 0x02
-#define K3_GTC_CNTFID0_OFFSET 0x20
-
-#define K3_GIC_BASE 0x01800000
-#define K3_GIC_SIZE 0x200000
+#include <ti_platform_defs.h>
#if !K3_SEC_PROXY_LITE
#define SEC_PROXY_DATA_BASE 0x32C00000
@@ -195,7 +28,4 @@
#define SEC_PROXY_TIMEOUT_US 1000000
#define SEC_PROXY_MAX_MESSAGE_SIZE 56
-#define TI_SCI_HOST_ID 10
-#define TI_SCI_MAX_MESSAGE_SIZE 52
-
#endif /* PLATFORM_DEF_H */
diff --git a/plat/ti/k3/platform.mk b/plat/ti/k3/platform.mk
index bce9ef1..347a088 100644
--- a/plat/ti/k3/platform.mk
+++ b/plat/ti/k3/platform.mk
@@ -7,7 +7,7 @@
PLAT_PATH := plat/ti/k3
TARGET_BOARD ?= generic
-include ${PLAT_PATH}/common/plat_common.mk
+include plat/ti/common/plat_common.mk
include ${PLAT_PATH}/board/${TARGET_BOARD}/board.mk
BL32_BASE ?= 0x9e800000
@@ -19,7 +19,20 @@
K3_HW_CONFIG_BASE ?= 0x82000000
$(eval $(call add_define,K3_HW_CONFIG_BASE))
-PLAT_INCLUDES += -Iplat/ti/k3/board/${TARGET_BOARD}/include
+PLAT_INCLUDES += -Iplat/ti/k3/board/${TARGET_BOARD}/include \
+ -Iplat/ti/common/include \
# modify BUILD_PLAT to point to board specific build directory
BUILD_PLAT := $(abspath ${BUILD_BASE})/${PLAT}/${TARGET_BOARD}/${BUILD_TYPE}
+
+K3_PSCI_SOURCES += \
+ ${PLAT_PATH}/common/k3_psci.c \
+
+K3_TI_SCI_TRANSPORT := \
+ drivers/ti/ipc/sec_proxy.c \
+
+BL31_SOURCES += \
+ ${PLAT_PATH}/common/k3_bl31_setup.c \
+ ${PLAT_PATH}/common/k3_topology.c \
+ ${K3_TI_SCI_TRANSPORT} \
+ ${K3_PSCI_SOURCES} \
diff --git a/plat/ti/k3low/board/am62lx/board.mk b/plat/ti/k3low/board/am62lx/board.mk
new file mode 100644
index 0000000..26e58c6
--- /dev/null
+++ b/plat/ti/k3low/board/am62lx/board.mk
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2024-2025, Texas Instruments Inc. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+# We dont have system level coherency capability
+USE_COHERENT_MEM := 0
+
+BL32_BASE ?= 0x80200000
+$(eval $(call add_define,BL32_BASE))
+
+PRELOADED_BL33_BASE ?= 0x82000000
+$(eval $(call add_define,PRELOADED_BL33_BASE))
+
+K3_HW_CONFIG_BASE ?= 0x88000000
+$(eval $(call add_define,K3_HW_CONFIG_BASE))
diff --git a/plat/ti/k3low/board/am62lx/include/board_def.h b/plat/ti/k3low/board/am62lx/include/board_def.h
new file mode 100644
index 0000000..ea46423
--- /dev/null
+++ b/plat/ti/k3low/board/am62lx/include/board_def.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2024-2025 Texas Instruments Incorporated - https://www.ti.com
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef BOARD_DEF_H
+#define BOARD_DEF_H
+
+#include <lib/utils_def.h>
+
+/* The ports must be in order and contiguous */
+#define K3_CLUSTER0_CORE_COUNT U(2)
+#define K3_CLUSTER1_CORE_COUNT U(0)
+#define K3_CLUSTER2_CORE_COUNT U(0)
+#define K3_CLUSTER3_CORE_COUNT U(0)
+
+#define PLAT_PROC_START_ID U(32)
+#define PLAT_PROC_DEVICE_START_ID U(135)
+#define PLAT_CLUSTER_DEVICE_START_ID U(134)
+#define PLAT_BOARD_DEVICE_ID U(157)
+
+/* Pre-decided SRAM Addresses for sending and receiving messages */
+#define MAILBOX_TX_START_REGION UL(0x70814000)
+#define MAILBOX_RX_START_REGION UL(0x70815000)
+/*
+ * Pre-calculated MAX size of a message
+ * sec_hdr + (type/host/seq + flags) + payload
+ * 4 + 16 + 36
+ */
+#define MAILBOX_MAX_MESSAGE_SIZE U(56)
+
+#endif /* BOARD_DEF_H */
diff --git a/plat/ti/k3low/common/am62l_bl31_setup.c b/plat/ti/k3low/common/am62l_bl31_setup.c
new file mode 100644
index 0000000..22255f4
--- /dev/null
+++ b/plat/ti/k3low/common/am62l_bl31_setup.c
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2025 Texas Instruments Incorporated - http://www.ti.com/
+ * K3 SOC specific bl31_setup
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <ti_sci.h>
+#include <ti_sci_transport.h>
+
+#include <plat_private.h>
+
+/* Table of regions to map using the MMU */
+const mmap_region_t plat_k3_mmap[] = {
+ { /* sentinel */ }
+};
+
+int ti_soc_init(void)
+{
+ /* nothing to do right now */
+ return 0;
+}
diff --git a/plat/ti/k3low/common/am62l_psci.c b/plat/ti/k3low/common/am62l_psci.c
new file mode 100644
index 0000000..b14f0f5
--- /dev/null
+++ b/plat/ti/k3low/common/am62l_psci.c
@@ -0,0 +1,136 @@
+/*
+ * Copyright (c) 2025, Texas Instruments Incorporated - https://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdbool.h>
+
+#include <arch_helpers.h>
+#include <common/debug.h>
+#include <drivers/delay_timer.h>
+#include <lib/el3_runtime/cpu_data.h>
+#include <lib/mmio.h>
+#include <lib/psci/psci.h>
+#include <plat/common/platform.h>
+#include <ti_sci.h>
+#include <ti_sci_protocol.h>
+
+#include <k3_gicv3.h>
+#include <platform_def.h>
+
+uintptr_t am62l_sec_entrypoint;
+uintptr_t am62l_sec_entrypoint_glob;
+void __aligned(16) jump_to_atf_func(void *unused);
+
+static int am62l_pwr_domain_on(u_register_t mpidr)
+{
+ int32_t core, ret;
+ uint8_t proc_id;
+
+ core = plat_core_pos_by_mpidr(mpidr);
+ if (core < 0) {
+ ERROR("Could not get target core id: %d\n", core);
+ return PSCI_E_INTERN_FAIL;
+ }
+
+ proc_id = (uint8_t)(PLAT_PROC_START_ID + (uint32_t)core);
+
+ ret = ti_sci_proc_request(proc_id);
+ if (ret != 0) {
+ ERROR("Request for processor ID 0x%x failed: %d\n",
+ proc_id, ret);
+ return PSCI_E_INTERN_FAIL;
+ }
+
+ ret = ti_sci_proc_set_boot_cfg(proc_id, am62l_sec_entrypoint, 0, 0);
+ if (ret != 0) {
+ ERROR("Request to set core boot address failed: %d\n", ret);
+ return PSCI_E_INTERN_FAIL;
+ }
+
+ /* sanity check these are off before starting a core */
+ ret = ti_sci_proc_set_boot_ctrl(proc_id,
+ 0, PROC_BOOT_CTRL_FLAG_ARMV8_L2FLUSHREQ |
+ PROC_BOOT_CTRL_FLAG_ARMV8_AINACTS |
+ PROC_BOOT_CTRL_FLAG_ARMV8_ACINACTM);
+ if (ret != 0) {
+ ERROR("Request to clear boot config failed: %d\n", ret);
+ return PSCI_E_INTERN_FAIL;
+ }
+
+ /*
+ * TODO: Add the actual PM operation call
+ * to turn on the core here
+ */
+ return PSCI_E_SUCCESS;
+}
+
+static void am62l_pwr_domain_off(const psci_power_state_t *target_state)
+{
+ /* At very least the local core should be powering down */
+ assert(((target_state)->pwr_domain_state[MPIDR_AFFLVL0]) == PLAT_MAX_OFF_STATE);
+
+ /* Prevent interrupts from spuriously waking up this cpu */
+ k3_gic_cpuif_disable();
+
+}
+
+static void am62l_pwr_down_domain(const psci_power_state_t *target_state)
+{
+ /* TODO: Add the actual pm operation call to turn off the core */
+}
+
+void am62l_pwr_domain_on_finish(const psci_power_state_t *target_state)
+{
+ k3_gic_pcpu_init();
+ k3_gic_cpuif_enable();
+}
+
+static void am62l_system_reset(void)
+{
+ mmio_write_32(WKUP_CTRL_MMR0_DEVICE_MANAGEMENT_BASE + WKUP_CTRL_MMR0_DEVICE_RESET_OFFSET,
+ 0x6);
+
+ /* Wait for reset to complete for 500ms before printing error */
+ mdelay(500);
+
+ /* Ideally we should not reach here */
+ ERROR("%s: Failed to reset device\n", __func__);
+}
+
+static plat_psci_ops_t am62l_plat_psci_ops = {
+ .pwr_domain_on = am62l_pwr_domain_on,
+ .pwr_domain_off = am62l_pwr_domain_off,
+ .pwr_domain_pwr_down = am62l_pwr_down_domain,
+ .pwr_domain_on_finish = am62l_pwr_domain_on_finish,
+ .system_reset = am62l_system_reset,
+};
+
+void __aligned(16) jump_to_atf_func(void *unused)
+{
+ /*
+ * MISRA Deviation observed:
+ * Rule 11.1 (MISRA C:2012) Prohibits conversion performed between a
+ * pointer to a function and another incompatible type.
+ * This conversion is required for handling secure boot entry points.
+ * The conversion is safe as the address is verified before execution.
+ */
+ void (*bl31_loc_warm_entry)(void) = (void *)am62l_sec_entrypoint_glob;
+
+ bl31_loc_warm_entry();
+}
+
+int plat_setup_psci_ops(uintptr_t sec_entrypoint,
+ const plat_psci_ops_t **psci_ops)
+{
+ am62l_sec_entrypoint_glob = sec_entrypoint;
+ /* Note that boot vector reg in sec mmr requires 16B aligned start address */
+ am62l_sec_entrypoint = (uint64_t)(void *)&jump_to_atf_func;
+ VERBOSE("am62l_sec_entrypoint = 0x%lx\n", am62l_sec_entrypoint);
+
+ *psci_ops = &am62l_plat_psci_ops;
+
+ return 0;
+}
diff --git a/plat/ti/k3low/common/am62l_topology.c b/plat/ti/k3low/common/am62l_topology.c
new file mode 100644
index 0000000..15f5118
--- /dev/null
+++ b/plat/ti/k3low/common/am62l_topology.c
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2025, Texas Instruments Incorporated - https://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <lib/psci/psci.h>
+
+#include <platform_def.h>
+
+/* The power domain tree descriptor */
+static unsigned char power_domain_tree_desc[] = {
+ PLATFORM_SYSTEM_COUNT,
+ PLATFORM_CLUSTER_COUNT,
+ K3_CLUSTER0_CORE_COUNT,
+};
+
+const unsigned char *plat_get_power_domain_tree_desc(void)
+{
+ return power_domain_tree_desc;
+}
+
+int plat_core_pos_by_mpidr(u_register_t mpidr)
+{
+ unsigned int core = MPIDR_AFFLVL0_VAL(mpidr);
+
+ if (MPIDR_AFFLVL3_VAL(mpidr) > 0 ||
+ MPIDR_AFFLVL2_VAL(mpidr) > 0) {
+ return -1;
+ }
+
+ return core;
+}
diff --git a/plat/ti/k3low/include/platform_def.h b/plat/ti/k3low/include/platform_def.h
new file mode 100644
index 0000000..37f984c
--- /dev/null
+++ b/plat/ti/k3low/include/platform_def.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2025, Texas Instruments Incorporated - https://www.ti.com/
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLATFORM_DEF_H
+#define PLATFORM_DEF_H
+
+#include <ti_platform_defs.h>
+
+#define TI_MAILBOX_TX_BASE UL(0x44240000) /* TFA sending IPC messages to TIFS */
+#define TI_MAILBOX_RX_BASE UL(0x44250000) /* TIFS sending IPC messages to A53 */
+
+#define WKUP_CTRL_MMR0_DEVICE_MANAGEMENT_BASE (0x43050000UL)
+#define WKUP_CTRL_MMR0_DEVICE_RESET_OFFSET (0x4000UL)
+
+#endif /* PLATFORM_DEF_H */
diff --git a/plat/ti/k3low/platform.mk b/plat/ti/k3low/platform.mk
new file mode 100644
index 0000000..5bc47ff
--- /dev/null
+++ b/plat/ti/k3low/platform.mk
@@ -0,0 +1,29 @@
+#
+# Copyright (c) 2025, Texas Instruments Incorporated - https://www.ti.com/
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+PLAT_PATH := plat/ti/k3low
+TARGET_BOARD ?= am62lx
+
+include plat/ti/common/plat_common.mk
+include ${PLAT_PATH}/board/${TARGET_BOARD}/board.mk
+
+PLAT_INCLUDES += \
+ -I${PLAT_PATH}/board/${TARGET_BOARD}/include \
+ -I${PLAT_PATH} \
+ -Iplat/ti/common/include \
+
+K3_PSCI_SOURCES += \
+ ${PLAT_PATH}/common/am62l_psci.c \
+
+K3_TI_SCI_TRANSPORT := \
+ drivers/ti/ipc/mailbox.c \
+
+BL31_SOURCES += \
+ drivers/delay_timer/delay_timer.c \
+ ${K3_PSCI_SOURCES} \
+ ${K3_TI_SCI_TRANSPORT} \
+ ${PLAT_PATH}/common/am62l_bl31_setup.c \
+ ${PLAT_PATH}/common/am62l_topology.c \
diff --git a/plat/xilinx/common/include/ipi.h b/plat/xilinx/common/include/ipi.h
index d792710..71c06c3 100644
--- a/plat/xilinx/common/include/ipi.h
+++ b/plat/xilinx/common/include/ipi.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2018, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -60,7 +61,7 @@
void ipi_mb_release(uint32_t local, uint32_t remote);
/* Enquire IPI mailbox status */
-int ipi_mb_enquire_status(uint32_t local, uint32_t remote);
+uint32_t ipi_mb_enquire_status(uint32_t local, uint32_t remote);
/* Trigger notification on the IPI mailbox */
void ipi_mb_notify(uint32_t local, uint32_t remote, uint32_t is_blocking);
diff --git a/plat/xilinx/common/include/pm_api_sys.h b/plat/xilinx/common/include/pm_api_sys.h
index 029bb43..2e4b342 100644
--- a/plat/xilinx/common/include/pm_api_sys.h
+++ b/plat/xilinx/common/include/pm_api_sys.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -36,7 +36,7 @@
uint32_t state, uint32_t flag);
enum pm_ret_status pm_req_wakeup(uint32_t target, uint32_t set_address,
uintptr_t address, uint8_t ack, uint32_t flag);
-enum pm_ret_status pm_set_wakeup_source(uint32_t target, uint32_t device_id,
+enum pm_ret_status pm_set_wakeup_source(uint32_t target, uint32_t wkup_device,
uint8_t enable, uint32_t flag);
enum pm_ret_status pm_get_callbackdata(uint32_t *data, size_t count, uint32_t flag,
uint32_t ack);
diff --git a/plat/xilinx/common/ipi.c b/plat/xilinx/common/ipi.c
index cc4b04d..18ae096 100644
--- a/plat/xilinx/common/ipi.c
+++ b/plat/xilinx/common/ipi.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2017-2020, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2020-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -20,6 +20,7 @@
#include <ipi.h>
#include <plat_private.h>
+#include "pm_defs.h"
/*********************************************************************
* Macros definitions
@@ -139,13 +140,12 @@
* @local: local IPI ID.
* @remote: remote IPI ID.
*
- * Return: 0 idle, positive value for pending sending or receiving,
- * negative value for errors.
+ * Return: 0 idle and positive value for pending sending or receiving.
*
*/
-int ipi_mb_enquire_status(uint32_t local, uint32_t remote)
+uint32_t ipi_mb_enquire_status(uint32_t local, uint32_t remote)
{
- int ret = 0U;
+ uint32_t ret = (uint32_t)PM_RET_SUCCESS;
uint32_t status;
uint64_t obr_offset = (uint64_t)(IPI_REG_BASE(local) + IPI_OBR_OFFSET);
uint64_t isr_offset = (uint64_t)(IPI_REG_BASE(local) + IPI_ISR_OFFSET);
diff --git a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
index 1882669..a2541a3 100644
--- a/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
+++ b/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2017-2019, Arm Limited and Contributors. All rights reserved.
- * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -109,7 +109,7 @@
bool disable_interrupt;
disable_interrupt = ((x3 & IPI_SMC_ENQUIRY_DIRQ_MASK) != 0U);
- ret = ipi_mb_enquire_status(ipi_local_id, ipi_remote_id);
+ ret = (int32_t)ipi_mb_enquire_status(ipi_local_id, ipi_remote_id);
if ((((uint32_t)ret & IPI_MB_STATUS_RECV_PENDING) > 0U) && disable_interrupt) {
ipi_mb_disable_irq(ipi_local_id, ipi_remote_id);
}
diff --git a/plat/xilinx/common/pm_service/pm_ipi.c b/plat/xilinx/common/pm_service/pm_ipi.c
index bf1fd55..7a3e72f 100644
--- a/plat/xilinx/common/pm_service/pm_ipi.c
+++ b/plat/xilinx/common/pm_service/pm_ipi.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -27,7 +27,7 @@
* power down. Therefore, there is no doubt to use the spin_lock here.
*/
#if !HW_ASSISTED_COHERENCY
-DEFINE_BAKERY_LOCK(pm_secure_lock);
+static DEFINE_BAKERY_LOCK(pm_secure_lock);
static inline void pm_ipi_lock_get(void)
{
bakery_lock_get(&pm_secure_lock);
@@ -186,7 +186,12 @@
value[i] = mmio_read_32(buffer_base + ((i + 1U) * PAYLOAD_ARG_SIZE));
}
- ret = mmio_read_32(buffer_base);
+ /*
+ * Here mmio_read_32() reads return status stored in IPI payload that
+ * is received from firmware and it's value will be one the values
+ * listed in enum pm_ret_status.
+ */
+ ret = (enum pm_ret_status)mmio_read_32(buffer_base);
#if IPI_CRC_CHECK
crc = mmio_read_32(buffer_base + (PAYLOAD_CRC_POS * PAYLOAD_ARG_SIZE));
if (crc != calculate_crc((uint32_t *)buffer_base, IPI_W0_TO_W6_SIZE)) {
@@ -273,7 +278,8 @@
goto unlock;
}
- ret = ERROR_CODE_MASK & (uint32_t)(pm_ipi_buff_read(proc, value, count));
+ ret = (enum pm_ret_status)(ERROR_CODE_MASK &
+ (uint32_t)(pm_ipi_buff_read(proc, value, count)));
unlock:
pm_ipi_lock_release();
@@ -293,15 +299,13 @@
uint32_t pm_ipi_irq_status(const struct pm_proc *proc)
{
- int32_t ret;
- int32_t result = 0;
+ uint32_t ret;
+ uint32_t result = (uint32_t)PM_RET_SUCCESS;
ret = ipi_mb_enquire_status(proc->ipi->local_ipi_id,
proc->ipi->remote_ipi_id);
- if (((uint32_t)ret & IPI_MB_STATUS_RECV_PENDING) != 0U) {
- result = 1;
- } else {
- result = 0;
+ if ((ret & IPI_MB_STATUS_RECV_PENDING) != 0U) {
+ result = IPI_MB_STATUS_RECV_PENDING;
}
return result;
diff --git a/plat/xilinx/common/pm_service/pm_svc_main.c b/plat/xilinx/common/pm_service/pm_svc_main.c
index f586ac3..bc8e251 100644
--- a/plat/xilinx/common/pm_service/pm_svc_main.c
+++ b/plat/xilinx/common/pm_service/pm_svc_main.c
@@ -72,7 +72,7 @@
static void notify_os(void)
{
- plat_ic_raise_ns_sgi(sgi, read_mpidr_el1());
+ plat_ic_raise_ns_sgi((int)sgi, read_mpidr_el1());
}
static uint64_t cpu_pwrdwn_req_handler(uint32_t id, uint32_t flags,
@@ -89,7 +89,7 @@
/* Deactivate CPU power down SGI */
plat_ic_end_of_interrupt(CPU_PWR_DOWN_REQ_INTR);
- return psci_cpu_off();
+ return (uint64_t)psci_cpu_off();
}
/**
@@ -101,19 +101,19 @@
*/
static void raise_pwr_down_interrupt(u_register_t mpidr)
{
- plat_ic_raise_el3_sgi(CPU_PWR_DOWN_REQ_INTR, mpidr);
+ plat_ic_raise_el3_sgi((int)CPU_PWR_DOWN_REQ_INTR, mpidr);
}
void request_cpu_pwrdwn(void)
{
- enum pm_ret_status ret;
+ int ret;
VERBOSE("CPU power down request received\n");
/* Send powerdown request to online secondary core(s) */
ret = psci_stop_other_cores(plat_my_core_pos(), PWRDWN_WAIT_TIMEOUT,
raise_pwr_down_interrupt);
- if (ret != (uint32_t)PSCI_E_SUCCESS) {
+ if (ret != PSCI_E_SUCCESS) {
ERROR("Failed to powerdown secondary core(s)\n");
}
@@ -132,7 +132,7 @@
(void)cookie;
uint32_t payload[4] = {0};
enum pm_ret_status ret;
- int ipi_status, i;
+ uint32_t ipi_status, i;
VERBOSE("Received IPI FIQ from firmware\n");
@@ -140,19 +140,19 @@
(void)plat_ic_acknowledge_interrupt();
/* Check status register for each IPI except PMC */
- for (i = (int32_t)IPI_ID_APU; i <= IPI_ID_5; i++) {
+ for (i = IPI_ID_APU; i <= IPI_ID_5; i++) {
ipi_status = ipi_mb_enquire_status(IPI_ID_APU, i);
/* If any agent other than PMC has generated IPI FIQ then send SGI to mbox driver */
- if ((uint32_t)ipi_status & IPI_MB_STATUS_RECV_PENDING) {
- plat_ic_raise_ns_sgi(MBOX_SGI_SHARED_IPI, read_mpidr_el1());
+ if ((ipi_status & IPI_MB_STATUS_RECV_PENDING) != 0U) {
+ plat_ic_raise_ns_sgi((int)MBOX_SGI_SHARED_IPI, read_mpidr_el1());
break;
}
}
/* If PMC has not generated interrupt then end ISR */
ipi_status = ipi_mb_enquire_status(IPI_ID_APU, IPI_ID_PMC);
- if (((uint32_t)ipi_status & IPI_MB_STATUS_RECV_PENDING) == 0U) {
+ if ((ipi_status & IPI_MB_STATUS_RECV_PENDING) == 0U) {
plat_ic_end_of_interrupt(id);
goto exit_label;
}
@@ -187,7 +187,7 @@
(void)psci_cpu_off();
}
break;
- case PM_RET_ERROR_INVALID_CRC:
+ case (uint32_t)PM_RET_ERROR_INVALID_CRC:
pm_ipi_irq_clear(primary_proc);
WARN("Invalid CRC in the payload\n");
break;
@@ -359,16 +359,16 @@
SMC_RET1(handle, (u_register_t)ret);
case (uint32_t)PM_FORCE_POWERDOWN:
- ret = pm_force_powerdown(pm_arg[0], pm_arg[1], security_flag);
+ ret = pm_force_powerdown(pm_arg[0], (uint8_t)pm_arg[1], security_flag);
SMC_RET1(handle, (u_register_t)ret);
case (uint32_t)PM_REQ_SUSPEND:
- ret = pm_req_suspend(pm_arg[0], pm_arg[1], pm_arg[2],
+ ret = pm_req_suspend(pm_arg[0], (uint8_t)pm_arg[1], pm_arg[2],
pm_arg[3], security_flag);
SMC_RET1(handle, (u_register_t)ret);
case (uint32_t)PM_ABORT_SUSPEND:
- ret = pm_abort_suspend(pm_arg[0], security_flag);
+ ret = pm_abort_suspend((enum pm_abort_reason)pm_arg[0], security_flag);
SMC_RET1(handle, (u_register_t)ret);
case (uint32_t)PM_SYSTEM_SHUTDOWN:
@@ -426,7 +426,7 @@
enum pm_ret_status ret;
ret = pm_get_callbackdata(result, ARRAY_SIZE(result), security_flag, 1U);
- if (ret != 0) {
+ if (ret != PM_RET_SUCCESS) {
result[0] = (uint32_t)ret;
}
@@ -597,7 +597,8 @@
return ret;
}
- ret = eemi_psci_debugfs_handler(api_id, pm_arg, handle, flags);
+ ret = eemi_psci_debugfs_handler(api_id, pm_arg, handle,
+ (uint32_t)flags);
if (ret != (uintptr_t)0) {
return ret;
}
diff --git a/plat/xilinx/common/tsp/tsp_plat_setup.c b/plat/xilinx/common/tsp/tsp_plat_setup.c
index 21c29c3..5df4b6e 100644
--- a/plat/xilinx/common/tsp/tsp_plat_setup.c
+++ b/plat/xilinx/common/tsp/tsp_plat_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014-2019, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2025, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2023, Advanced Micro Devices. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -17,7 +17,8 @@
/*******************************************************************************
* Initialize the UART
******************************************************************************/
-void tsp_early_platform_setup(void)
+void tsp_early_platform_setup(u_register_t arg0, u_register_t arg1,
+ u_register_t arg2, u_register_t arg3)
{
/*
* Register a different console than already in use to display
diff --git a/plat/xilinx/versal/include/platform_def.h b/plat/xilinx/versal/include/platform_def.h
index 8cf8de0..a3886a4 100644
--- a/plat/xilinx/versal/include/platform_def.h
+++ b/plat/xilinx/versal/include/platform_def.h
@@ -64,6 +64,12 @@
#endif
/*******************************************************************************
+ * HIGH and LOW DDR MAX definitions
+ ******************************************************************************/
+#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
+#define PLAT_DDR_HIGHMEM_MAX U(0x100000000)
+
+/*******************************************************************************
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
diff --git a/plat/xilinx/versal/plat_psci.c b/plat/xilinx/versal/plat_psci.c
index b976267..032339f 100644
--- a/plat/xilinx/versal/plat_psci.c
+++ b/plat/xilinx/versal/plat_psci.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -22,6 +22,9 @@
#include "pm_ipi.h"
#include "pm_svc_main.h"
+#define SEC_ENTRY_ADDRESS_MASK 0xFFFFFFFFUL
+#define RESUME_ADDR_SET 0x1UL
+
static uintptr_t versal_sec_entry;
static int32_t versal_pwr_domain_on(u_register_t mpidr)
@@ -42,8 +45,9 @@
}
/* Send request to PMC to wake up selected ACPU core */
- (void)pm_req_wakeup(proc->node_id, (versal_sec_entry & 0xFFFFFFFFU) | 0x1U,
- versal_sec_entry >> 32, 0, SECURE_FLAG);
+ (void)pm_req_wakeup(proc->node_id,
+ (uint32_t)((versal_sec_entry & SEC_ENTRY_ADDRESS_MASK) |
+ RESUME_ADDR_SET), versal_sec_entry >> 32, 0, SECURE_FLAG);
/* Clear power down request */
pm_client_wakeup(proc);
@@ -194,6 +198,18 @@
}
}
+static int32_t versal_validate_ns_entrypoint(uint64_t ns_entrypoint)
+{
+ int32_t ret = PSCI_E_SUCCESS;
+
+ if (((ns_entrypoint >= PLAT_DDR_LOWMEM_MAX) && (ns_entrypoint <= PLAT_DDR_HIGHMEM_MAX)) ||
+ ((ns_entrypoint >= BL31_BASE) && (ns_entrypoint <= BL31_LIMIT))) {
+ ret = PSCI_E_INVALID_ADDRESS;
+ }
+
+ return ret;
+}
+
/**
* versal_pwr_domain_off() - This function performs actions to turn off core.
* @target_state: Targated state.
@@ -225,7 +241,8 @@
* invoking CPU_on function, during which resume address will
* be set.
*/
- ret = pm_feature_check((uint32_t)PM_SELF_SUSPEND, &version_type[0], SECURE_FLAG);
+ ret = (uint32_t)pm_feature_check((uint32_t)PM_SELF_SUSPEND,
+ &version_type[0], SECURE_FLAG);
if (ret == (uint32_t)PM_RET_SUCCESS) {
fw_api_version = version_type[0] & 0xFFFFU;
if (fw_api_version >= 3U) {
@@ -291,6 +308,7 @@
.pwr_domain_suspend_finish = versal_pwr_domain_suspend_finish,
.system_off = versal_system_off,
.system_reset = versal_system_reset,
+ .validate_ns_entrypoint = versal_validate_ns_entrypoint,
.validate_power_state = versal_validate_power_state,
.get_sys_suspend_power_state = versal_get_sys_suspend_power_state,
};
@@ -298,7 +316,7 @@
/*******************************************************************************
* Export the platform specific power ops.
******************************************************************************/
-int32_t plat_setup_psci_ops(uintptr_t sec_entrypoint,
+int plat_setup_psci_ops(uintptr_t sec_entrypoint,
const struct plat_psci_ops **psci_ops)
{
versal_sec_entry = sec_entrypoint;
diff --git a/plat/xilinx/versal/pm_service/pm_client.c b/plat/xilinx/versal/pm_service/pm_client.c
index de2cac8..77e3fb0 100644
--- a/plat/xilinx/versal/pm_service/pm_client.c
+++ b/plat/xilinx/versal/pm_service/pm_client.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -28,7 +28,7 @@
#define UNDEFINED_CPUID (~0U)
-DEFINE_BAKERY_LOCK(pm_client_secure_lock);
+static DEFINE_BAKERY_LOCK(pm_client_secure_lock);
static const struct pm_ipi apu_ipi = {
.local_ipi_id = IPI_LOCAL_ID,
diff --git a/plat/xilinx/versal/sip_svc_setup.c b/plat/xilinx/versal/sip_svc_setup.c
index 3027946..bb3f728 100644
--- a/plat/xilinx/versal/sip_svc_setup.c
+++ b/plat/xilinx/versal/sip_svc_setup.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -116,6 +116,6 @@
sip_svc,
OEN_SIP_START,
OEN_SIP_END,
- SMC_TYPE_FAST,
+ (uint8_t)SMC_TYPE_FAST,
sip_svc_setup,
sip_svc_smc_handler);
diff --git a/plat/xilinx/versal/versal_ipi.c b/plat/xilinx/versal/versal_ipi.c
index 74b082d..ac2a3c0 100644
--- a/plat/xilinx/versal/versal_ipi.c
+++ b/plat/xilinx/versal/versal_ipi.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -73,5 +73,6 @@
*/
void versal_ipi_config_table_init(void)
{
- ipi_config_table_init(versal_ipi_table, ARRAY_SIZE(versal_ipi_table));
+ ipi_config_table_init(versal_ipi_table,
+ (uint32_t)ARRAY_SIZE(versal_ipi_table));
}
diff --git a/plat/xilinx/versal_net/bl31_versal_net_setup.c b/plat/xilinx/versal_net/bl31_versal_net_setup.c
index d131a92..2308a75 100644
--- a/plat/xilinx/versal_net/bl31_versal_net_setup.c
+++ b/plat/xilinx/versal_net/bl31_versal_net_setup.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -203,14 +203,28 @@
return ret;
}
+#if SDEI_SUPPORT
+static int rdo_el3_interrupt_handler(uint32_t id, uint32_t flags,
+ void *handle, void *cookie)
+#else
static uint64_t rdo_el3_interrupt_handler(uint32_t id, uint32_t flags,
void *handle, void *cookie)
+#endif
{
uint32_t intr_id;
uint32_t i;
interrupt_type_handler_t handler = NULL;
+#if SDEI_SUPPORT
+ /* when SDEI_SUPPORT is enabled, ehf_el3_interrupt_handler
+ * reads the interrupt id prior to calling the
+ * rdo_el3_interrupt_handler and passes that id to the
+ * handler.
+ */
+ intr_id = id;
+#else
intr_id = plat_ic_get_pending_interrupt_id();
+#endif
for (i = 0; i < MAX_INTR_EL3; i++) {
if (intr_id == type_el3_interrupt_table[i].id) {
@@ -236,6 +250,7 @@
void bl31_plat_runtime_setup(void)
{
+#if !SDEI_SUPPORT
uint64_t flags = 0;
int32_t rc;
@@ -245,6 +260,9 @@
if (rc != 0) {
panic();
}
+#else
+ ehf_register_priority_handler(PLAT_IPI_PRI, rdo_el3_interrupt_handler);
+#endif
}
/*
diff --git a/plat/xilinx/versal_net/include/platform_def.h b/plat/xilinx/versal_net/include/platform_def.h
index a7ff84e..461fda8 100644
--- a/plat/xilinx/versal_net/include/platform_def.h
+++ b/plat/xilinx/versal_net/include/platform_def.h
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2021-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -10,6 +10,7 @@
#define PLATFORM_DEF_H
#include <arch.h>
+#include <drivers/arm/gic_common.h>
#include <plat_common.h>
#include "versal_net_def.h"
@@ -73,6 +74,12 @@
#endif
/*******************************************************************************
+ * HIGH and LOW DDR MAX definitions
+ ******************************************************************************/
+#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
+#define PLAT_DDR_HIGHMEM_MAX U(0x100000000)
+
+/*******************************************************************************
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
@@ -84,7 +91,6 @@
/*******************************************************************************
* Platform specific page table and MMU setup constants
******************************************************************************/
-#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
#define PLAT_PHY_ADDR_SPACE_SIZE (1ULL << 32U)
#define PLAT_VIRT_ADDR_SPACE_SIZE (1ULL << 32U)
@@ -114,6 +120,24 @@
#define PLAT_ARM_GICD_BASE U(0xE2000000)
#define PLAT_ARM_GICR_BASE U(0xE2060000)
+/* interrupt priorities when SDEI is enabled:
+ * RAS in future is planned to have highest priority (lower value 0x10)
+ * followed by IPI and SDEI exceptions in a step of 0x10.
+ */
+
+#if SDEI_SUPPORT
+#define VERSAL_NET_SDEI_SGI_PRIVATE U(8)
+#define PLAT_SDEI_CRITICAL_PRI 0x30
+#define PLAT_SDEI_NORMAL_PRI 0x40
+#define PLAT_PRI_BITS U(3)
+#define PLAT_IPI_PRI 0x20
+
+#define PLAT_EHF_DESC EHF_PRI_DESC(PLAT_PRI_BITS, PLAT_IPI_PRI)
+
+#define VERSAL_NET_SDEI_SH_EVENT_0 U(200)
+#define VERSAL_NET_SDEI_PRV_EV U(201)
+#endif
+
/*
* Define a list of Group 1 Secure and Group 0 interrupts as per GICv3
* terminology. On a GICv2 system or mode, the lists will be merged and treated
@@ -122,6 +146,19 @@
#define PLAT_VERSAL_NET_IPI_IRQ 89
#define PLAT_VERSAL_IPI_IRQ PLAT_VERSAL_NET_IPI_IRQ
+#if SDEI_SUPPORT
+#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(VERSAL_NET_IRQ_SEC_PHY_TIMER, PLAT_IPI_PRI, grp, \
+ GIC_INTR_CFG_LEVEL)
+
+#define PLAT_ARM_G0_IRQ_PROPS(grp) \
+ INTR_PROP_DESC(PLAT_VERSAL_IPI_IRQ, PLAT_IPI_PRI, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(CPU_PWR_DOWN_REQ_INTR, PLAT_IPI_PRI, grp, \
+ GIC_INTR_CFG_EDGE), \
+ INTR_PROP_DESC(VERSAL_NET_SDEI_SGI_PRIVATE, PLAT_SDEI_NORMAL_PRI, grp, \
+ GIC_INTR_CFG_EDGE)
+#else
#define PLAT_ARM_G1S_IRQ_PROPS(grp) \
INTR_PROP_DESC(VERSAL_NET_IRQ_SEC_PHY_TIMER, GIC_HIGHEST_SEC_PRIORITY, grp, \
GIC_INTR_CFG_LEVEL)
@@ -131,6 +168,7 @@
GIC_INTR_CFG_EDGE), \
INTR_PROP_DESC(CPU_PWR_DOWN_REQ_INTR, GIC_HIGHEST_SEC_PRIORITY, grp, \
GIC_INTR_CFG_EDGE)
+#endif
#define IRQ_MAX 200U
diff --git a/plat/xilinx/versal_net/plat_psci_pm.c b/plat/xilinx/versal_net/plat_psci_pm.c
index a76832e..6ec8649 100644
--- a/plat/xilinx/versal_net/plat_psci_pm.c
+++ b/plat/xilinx/versal_net/plat_psci_pm.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022-2024, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2025, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -103,13 +103,27 @@
return;
}
+static int32_t versal_net_validate_ns_entrypoint(uint64_t ns_entrypoint)
+{
+ int32_t ret = PSCI_E_SUCCESS;
+
+ if (((ns_entrypoint >= PLAT_DDR_LOWMEM_MAX) && (ns_entrypoint <= PLAT_DDR_HIGHMEM_MAX)) ||
+ ((ns_entrypoint >= BL31_BASE) && (ns_entrypoint <= BL31_LIMIT))) {
+ ret = PSCI_E_INVALID_ADDRESS;
+ }
+
+ return ret;
+}
+
/**
- * versal_net_system_reset() - This function sends the reset request to firmware
- * for the system to reset. This function does not
- * return.
+ * versal_net_system_reset_scope() - Sends the reset request to firmware for
+ * the system to reset.
+ * @scope : scope of reset which could be SYSTEM/SUBSYSTEM/PS-ONLY
*
+ * Return:
+ * Does not return if system resets, none if there is a failure.
*/
-static void __dead2 versal_net_system_reset(void)
+static void __dead2 versal_net_system_reset_scope(uint32_t scope)
{
uint32_t ret, timeout = 10000U;
@@ -121,7 +135,7 @@
*/
if (!pwrdwn_req_received) {
(void)pm_system_shutdown(XPM_SHUTDOWN_TYPE_RESET,
- pm_get_shutdown_scope(), SECURE_FLAG);
+ scope, SECURE_FLAG);
/*
* Wait for system shutdown request completed and idle callback
@@ -143,6 +157,54 @@
}
/**
+ * versal_net_system_reset() - This function sends the reset request to firmware
+ * for the system to reset in response to SYSTEM_RESET call
+ *
+ * Return:
+ * Does not return if system resets, none if there is a failure.
+ */
+static void __dead2 versal_net_system_reset(void)
+{
+ /*
+ * Any platform-specific actions for handling a cold reset
+ * should be performed here before invoking
+ * versal_net_system_reset_scope.
+ */
+ versal_net_system_reset_scope(XPM_SHUTDOWN_SUBTYPE_RST_SUBSYSTEM);
+}
+
+/**
+ * versal_net_system_reset2() - Handles warm / vendor-specific system reset
+ * in response to SYSTEM_RESET2 call.
+ * @is_vendor: Flag indicating if this is a vendor-specific reset
+ * @reset_type: Type of reset requested
+ * @cookie: Additional reset data
+ *
+ * This function initiates a controlled system reset by requesting it
+ * through the PM firmware.
+ *
+ * Return:
+ * Does not return if system resets, PSCI_E_INTERN_FAIL
+ * if there is a failure.
+ */
+static int versal_net_system_reset2(int is_vendor, int reset_type, u_register_t cookie)
+{
+ if (is_vendor == 0 && reset_type == PSCI_RESET2_SYSTEM_WARM_RESET) {
+ /*
+ * Any platform-specific actions for handling a warm reset
+ * should be performed here before invoking
+ * versal_net_system_reset_scope.
+ */
+ versal_net_system_reset_scope(XPM_SHUTDOWN_SUBTYPE_RST_SUBSYSTEM);
+ } else {
+ /* Vendor specific reset */
+ versal_net_system_reset_scope(pm_get_shutdown_scope());
+ }
+
+ return PSCI_E_INTERN_FAIL;
+}
+
+/**
* versal_net_pwr_domain_suspend() - This function sends request to PMC to suspend
* core.
* @target_state: Targeted state.
@@ -303,6 +365,8 @@
.pwr_domain_suspend_finish = versal_net_pwr_domain_suspend_finish,
.system_off = versal_net_system_off,
.system_reset = versal_net_system_reset,
+ .system_reset2 = versal_net_system_reset2,
+ .validate_ns_entrypoint = versal_net_validate_ns_entrypoint,
.validate_power_state = versal_net_validate_power_state,
.get_sys_suspend_power_state = versal_net_get_sys_suspend_power_state,
};
diff --git a/plat/xilinx/versal_net/platform.mk b/plat/xilinx/versal_net/platform.mk
index 25caab4..5e8f2b4 100644
--- a/plat/xilinx/versal_net/platform.mk
+++ b/plat/xilinx/versal_net/platform.mk
@@ -141,7 +141,14 @@
${PLAT_PATH}/bl31_versal_net_setup.c \
common/fdt_fixup.c \
common/fdt_wrappers.c \
- plat/arm/common/arm_gicv3.c \
+ plat/common/plat_gicv3_base.c \
${LIBFDT_SRCS} \
${PLAT_PATH}/sip_svc_setup.c \
${XLAT_TABLES_LIB_SRCS}
+
+SDEI_SUPPORT := 0
+EL3_EXCEPTION_HANDLING := $(SDEI_SUPPORT)
+ifeq (${SDEI_SUPPORT},1)
+BL31_SOURCES += plat/common/aarch64/plat_ehf.c \
+ plat/xilinx/versal_net/versal_net_sdei.c
+endif
diff --git a/plat/xilinx/versal_net/versal_net_sdei.c b/plat/xilinx/versal_net/versal_net_sdei.c
new file mode 100644
index 0000000..e42c066
--- /dev/null
+++ b/plat/xilinx/versal_net/versal_net_sdei.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2025, Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <bl31/ehf.h>
+#include <common/debug.h>
+#include <plat/common/platform.h>
+#include <services/sdei.h>
+
+#include <platform_def.h>
+
+int arm_validate_ns_entrypoint(uintptr_t entrypoint)
+{
+ int ret;
+ uintptr_t base = BL31_BASE;
+ uintptr_t limit = BL31_LIMIT;
+
+ ret = ((entrypoint < base) || (entrypoint > limit)) ? 0 : -1;
+ return ret;
+}
+
+/* Private event mappings */
+static sdei_ev_map_t versal_net_sdei_private[] = {
+ SDEI_DEFINE_EVENT_0(VERSAL_NET_SDEI_SGI_PRIVATE),
+ SDEI_PRIVATE_EVENT(VERSAL_NET_SDEI_PRV_EV, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
+};
+
+/* Shared event mappings */
+static sdei_ev_map_t versal_net_sdei_shared[] = {
+ SDEI_SHARED_EVENT(VERSAL_NET_SDEI_SH_EVENT_0, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
+};
+
+void plat_sdei_setup(void)
+{
+ INFO("SDEI platform setup\n");
+}
+
+/* Export ARM SDEI events */
+REGISTER_SDEI_MAP(versal_net_sdei_private, versal_net_sdei_shared);
diff --git a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
index 412238d..822919b 100644
--- a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
+++ b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
@@ -406,7 +406,7 @@
uint32_t ret = 0U;
if (ver == ZYNQMP_CSU_VERSION_QEMU) {
- ret = 65000000U;
+ ret = 62500000U;
} else {
ret = mmio_read_32((uint64_t)IOU_SCNTRS_BASEFREQ);
}
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index 9a9c8d1..bf6ed58 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -75,6 +75,12 @@
#endif
/*******************************************************************************
+ * HIGH and LOW DDR MAX definitions.
+ ******************************************************************************/
+#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
+#define PLAT_DDR_HIGHMEM_MAX U(0x100000000)
+
+/*******************************************************************************
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
@@ -87,7 +93,6 @@
* Platform specific page table and MMU setup constants
******************************************************************************/
#define XILINX_OF_BOARD_DTB_MAX_SIZE U(0x200000)
-#define PLAT_DDR_LOWMEM_MAX U(0x80000000)
#define PLAT_OCM_BASE U(0xFFFC0000)
#define PLAT_OCM_LIMIT U(0xFFFFFFFF)
diff --git a/plat/xilinx/zynqmp/plat_psci.c b/plat/xilinx/zynqmp/plat_psci.c
index 3fae407..d2faa37 100644
--- a/plat/xilinx/zynqmp/plat_psci.c
+++ b/plat/xilinx/zynqmp/plat_psci.c
@@ -193,6 +193,18 @@
}
}
+static int32_t zynqmp_validate_ns_entrypoint(uint64_t ns_entrypoint)
+{
+ int32_t ret = PSCI_E_SUCCESS;
+
+ if (((ns_entrypoint >= PLAT_DDR_LOWMEM_MAX) && (ns_entrypoint <= PLAT_DDR_HIGHMEM_MAX)) ||
+ ((ns_entrypoint >= BL31_BASE) && (ns_entrypoint <= BL31_LIMIT))) {
+ ret = PSCI_E_INVALID_ADDRESS;
+ }
+
+ return ret;
+}
+
static int32_t zynqmp_validate_power_state(uint32_t power_state,
psci_power_state_t *req_state)
{
@@ -235,6 +247,7 @@
.pwr_domain_suspend_finish = zynqmp_pwr_domain_suspend_finish,
.system_off = zynqmp_system_off,
.system_reset = zynqmp_system_reset,
+ .validate_ns_entrypoint = zynqmp_validate_ns_entrypoint,
.validate_power_state = zynqmp_validate_power_state,
.get_sys_suspend_power_state = zynqmp_get_sys_suspend_power_state,
};
diff --git a/plat/xilinx/zynqmp/platform.mk b/plat/xilinx/zynqmp/platform.mk
index 5a86658..27e5427 100644
--- a/plat/xilinx/zynqmp/platform.mk
+++ b/plat/xilinx/zynqmp/platform.mk
@@ -101,7 +101,7 @@
drivers/cadence/uart/aarch64/cdns_console.S \
plat/arm/common/arm_cci.c \
plat/arm/common/arm_common.c \
- plat/arm/common/arm_gicv2.c \
+ plat/common/plat_gicv2_base.c \
plat/common/plat_gicv2.c \
plat/xilinx/common/ipi.c \
plat/xilinx/zynqmp/zynqmp_ipi.c \
diff --git a/services/arm_arch_svc/arm_arch_svc_setup.c b/services/arm_arch_svc/arm_arch_svc_setup.c
index 46333af..6051de8 100644
--- a/services/arm_arch_svc/arm_arch_svc_setup.c
+++ b/services/arm_arch_svc/arm_arch_svc_setup.c
@@ -7,9 +7,6 @@
#include <common/debug.h>
#include <common/runtime_svc.h>
#include <lib/cpus/errata.h>
-#include <lib/cpus/wa_cve_2017_5715.h>
-#include <lib/cpus/wa_cve_2018_3639.h>
-#include <lib/cpus/wa_cve_2022_23960.h>
#include <lib/smccc.h>
#include <services/arm_arch_svc.h>
#include <smccc_helpers.h>
@@ -35,8 +32,11 @@
/* Workaround checks are currently only implemented for aarch64 */
#if WORKAROUND_CVE_2017_5715
case SMCCC_ARCH_WORKAROUND_1:
- if (check_wa_cve_2017_5715() == ERRATA_NOT_APPLIES)
+ if (check_erratum_applies(CVE(2017, 5715))
+ == ERRATA_NOT_APPLIES) {
return 1;
+ }
+
return 0; /* ERRATA_APPLIES || ERRATA_MISSING */
#endif
@@ -66,8 +66,10 @@
* or permanently mitigated, report the latter as not
* needing dynamic mitigation.
*/
- if (wa_cve_2018_3639_get_disable_ptr() == NULL)
+ if (check_erratum_applies(ERRATUM(ARCH_WORKAROUND_2))
+ == ERRATA_NOT_APPLIES)
return 1;
+
/*
* If we get here, this CPU requires dynamic mitigation
* so report it as such.
@@ -87,10 +89,13 @@
* CVE-2017-5715 since this SMC can be used instead of
* SMCCC_ARCH_WORKAROUND_1.
*/
- if ((check_smccc_arch_wa3_applies() == ERRATA_NOT_APPLIES) &&
- (check_wa_cve_2017_5715() == ERRATA_NOT_APPLIES)) {
+ if ((check_erratum_applies(ERRATUM(ARCH_WORKAROUND_3))
+ == ERRATA_NOT_APPLIES) &&
+ (check_erratum_applies(CVE(2017, 5715))
+ == ERRATA_NOT_APPLIES)) {
return 1;
}
+
return 0; /* ERRATA_APPLIES || ERRATA_MISSING */
#endif
@@ -101,7 +106,7 @@
#if WORKAROUND_CVE_2024_7881
case SMCCC_ARCH_WORKAROUND_4:
- if (check_wa_cve_2024_7881() != ERRATA_APPLIES) {
+ if (check_erratum_applies(CVE(2024, 7881)) != ERRATA_APPLIES) {
return SMC_ARCH_CALL_NOT_SUPPORTED;
}
return 0;
diff --git a/services/spd/tlkd/tlkd.mk b/services/spd/tlkd/tlkd.mk
index fc8840d..6d71632 100644
--- a/services/spd/tlkd/tlkd.mk
+++ b/services/spd/tlkd/tlkd.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2024, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2024-2025, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -8,9 +8,11 @@
SPD_INCLUDES := -Iinclude/bl32/payloads
endif
-ifeq (${ENABLE_FEAT_D128}, 0)
+ifneq (${ENABLE_FEAT_D128}, 0)
+ $(error spd=tlkd will not work with ENABLE_FEAT_D128 enabled.)
+endif
+
SPD_SOURCES := services/spd/tlkd/tlkd_common.c \
services/spd/tlkd/tlkd_helpers.S \
services/spd/tlkd/tlkd_main.c \
services/spd/tlkd/tlkd_pm.c
-endif
\ No newline at end of file
diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c
index c302863..b7a03f3 100644
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@@ -293,8 +293,8 @@
/* Prepare DRTM event log for DLME. */
drtm_serialise_event_log(dlme_data_cursor, &serialised_bytes_actual);
assert(serialised_bytes_actual <= ARM_DRTM_MIN_EVENT_LOG_SIZE);
- dlme_data_hdr->dlme_tpm_log_size = ARM_DRTM_MIN_EVENT_LOG_SIZE;
- dlme_data_cursor += dlme_data_hdr->dlme_tpm_log_size;
+ dlme_data_hdr->dlme_tpm_log_size = serialised_bytes_actual;
+ dlme_data_cursor += serialised_bytes_actual;
/*
* TODO: Prepare the TCB hashes for DLME, currently its size
@@ -329,10 +329,8 @@
* Ensure that if DLME Authorities Schema (Bits [2:1]) is set, then
* DLME image authentication (Bit[6]) must also be set
*/
- if ((EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_MASK,
- DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_SHIFT) == DLME_AUTH_SCHEMA) &&
- (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_MASK,
- DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_SHIFT) != DLME_IMG_AUTH)) {
+ if ((EXTRACT(DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA, val) == DLME_AUTH_SCHEMA) &&
+ (EXTRACT(DRTM_LAUNCH_FEAT_DLME_IMG_AUTH, val) != DLME_IMG_AUTH)) {
return INVALID_PARAMETERS;
}
@@ -340,8 +338,7 @@
* Check if Bits [5:3] (Memory protection type) matches with platform's
* memory protection type
*/
- if (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_MASK,
- DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_SHIFT) !=
+ if (EXTRACT(DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE, val) !=
__builtin_ctz(plat_dma_prot_feat->dma_protection_support)) {
return INVALID_PARAMETERS;
}
@@ -350,8 +347,7 @@
* Check if Bits [0] (Type of hashing) matches with platform's
* supported hash type.
*/
- if (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_HASHING_TYPE_MASK,
- DRTM_LAUNCH_FEAT_HASHING_TYPE_SHIFT) !=
+ if (EXTRACT(DRTM_LAUNCH_FEAT_HASHING_TYPE, val) !=
plat_tpm_feat->tpm_based_hash_support) {
return INVALID_PARAMETERS;
}
diff --git a/services/std_svc/drtm/drtm_measurements.c b/services/std_svc/drtm/drtm_measurements.c
index d4f2b57..7214e23 100644
--- a/services/std_svc/drtm/drtm_measurements.c
+++ b/services/std_svc/drtm/drtm_measurements.c
@@ -56,7 +56,10 @@
}
/* Record the mesasurement in the EventLog buffer */
- event_log_record(hash_data, event_type, &metadata);
+ rc = event_log_record(hash_data, event_type, &metadata);
+ if (rc != 0) {
+ return rc;
+ }
return 0;
}
diff --git a/services/std_svc/errata_abi/cpu_errata_info.h b/services/std_svc/errata_abi/cpu_errata_info.h
index d688431..d685eef 100644
--- a/services/std_svc/errata_abi/cpu_errata_info.h
+++ b/services/std_svc/errata_abi/cpu_errata_info.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -48,5 +48,5 @@
struct em_cpu cpu_errata_list[MAX_PLAT_CPU_ERRATA_ENTRIES];
};
-int32_t verify_errata_implemented(uint32_t errata_id, uint32_t forward_flag);
+int32_t verify_errata_implemented(uint32_t errata_id);
#endif /* ERRATA_CPUSPEC_H */
diff --git a/services/std_svc/errata_abi/errata_abi_main.c b/services/std_svc/errata_abi/errata_abi_main.c
index a945637..74a1586 100644
--- a/services/std_svc/errata_abi/errata_abi_main.c
+++ b/services/std_svc/errata_abi/errata_abi_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -166,50 +166,33 @@
#endif
/* Function to check if the errata exists for the specific CPU and rxpx */
-int32_t verify_errata_implemented(uint32_t errata_id, uint32_t forward_flag)
+int32_t verify_errata_implemented(uint32_t errata_id)
{
- int32_t ret_val;
- struct cpu_ops *cpu_ops;
- struct erratum_entry *entry, *end;
+ struct erratum_entry *entry;
long rev_var;
- ret_val = EM_UNKNOWN_ERRATUM;
rev_var = cpu_get_rev_var();
#if ERRATA_NON_ARM_INTERCONNECT
- ret_val = non_arm_interconnect_errata(errata_id, rev_var);
+ int32_t ret_val = non_arm_interconnect_errata(errata_id, rev_var);
if (ret_val != EM_UNKNOWN_ERRATUM) {
return ret_val;
}
#endif
+ entry = find_erratum_entry(errata_id);
+ if (entry == NULL)
+ return EM_UNKNOWN_ERRATUM;
- cpu_ops = get_cpu_ops_ptr();
- assert(cpu_ops != NULL);
-
- entry = cpu_ops->errata_list_start;
- assert(entry != NULL);
-
- end = cpu_ops->errata_list_end;
- assert(end != NULL);
-
- end--; /* point to the last erratum entry of the queried cpu */
-
- while ((entry <= end) && (ret_val == EM_UNKNOWN_ERRATUM)) {
- if (entry->id == errata_id) {
- if (entry->check_func(rev_var)) {
- if (entry->chosen & WA_ENABLED_MASK)
- if (entry->chosen & SPLIT_WA_MASK)
- return EM_AFFECTED;
- else
- return EM_HIGHER_EL_MITIGATION;
- else
- return EM_AFFECTED;
- }
- return EM_NOT_AFFECTED;
- }
- entry += 1;
+ if (entry->check_func(rev_var)) {
+ if (entry->chosen & WA_ENABLED_MASK)
+ if (entry->chosen & SPLIT_WA_MASK)
+ return EM_AFFECTED;
+ else
+ return EM_HIGHER_EL_MITIGATION;
+ else
+ return EM_AFFECTED;
}
- return ret_val;
+ return EM_NOT_AFFECTED;
}
/* Predicate indicating that a function id is part of EM_ABI */
@@ -271,7 +254,7 @@
if (((uint32_t)x2 != 0) && (validate_spsr_mode())) {
SMC_RET1(handle, EM_INVALID_PARAMETERS);
}
- ret_id = verify_errata_implemented((uint32_t)x1, (uint32_t)x2);
+ ret_id = verify_errata_implemented((uint32_t)x1);
SMC_RET1(handle, ret_id);
break; /* unreachable */
default:
diff --git a/services/std_svc/rmmd/rmmd.mk b/services/std_svc/rmmd/rmmd.mk
index eae5031..67955ff 100644
--- a/services/std_svc/rmmd/rmmd.mk
+++ b/services/std_svc/rmmd/rmmd.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2021-2024, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2021-2025, ARM Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -16,7 +16,8 @@
RMMD_SOURCES += $(addprefix services/std_svc/rmmd/, \
${ARCH}/rmmd_helpers.S \
rmmd_main.c \
- rmmd_attest.c)
+ rmmd_attest.c \
+ rmmd_keymgmt.c)
# Let the top-level Makefile know that we intend to include RMM image
NEED_RMM := yes
diff --git a/services/std_svc/rmmd/rmmd_keymgmt.c b/services/std_svc/rmmd/rmmd_keymgmt.c
new file mode 100644
index 0000000..2414b35
--- /dev/null
+++ b/services/std_svc/rmmd/rmmd_keymgmt.c
@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2025, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#include <errno.h>
+#include <stdint.h>
+#include <string.h>
+#include "rmmd_private.h"
+#include <common/debug.h>
+#include <lib/spinlock.h>
+#include <plat/common/platform.h>
+#include <services/rmmd_svc.h>
+#include <smccc_helpers.h>
+
+#define DIR_BIT_SHIFT 0xB
+#define KEYSET_BIT_SHIFT 0xC
+#define STREAM_ID_MASK 0xFF
+#define SUBSTREAM_MASK 0x7
+#define SUBSTREAM_SHIFT 0x8
+#define MAX_STREAM_ID 32U
+#define MAX_SUBSTREAM 3U
+
+bool extract_ide_stream_info(uint64_t ide_stream_info)
+{
+ uint8_t keyset, dir;
+ uint8_t stream_id, substream;
+
+ /* Extract keyset, dir, substream and stream ID */
+ keyset = (ide_stream_info >> KEYSET_BIT_SHIFT) & 0x1;
+ dir = (ide_stream_info >> DIR_BIT_SHIFT) & 0x1;
+ stream_id = ide_stream_info & STREAM_ID_MASK;
+ substream = (ide_stream_info >> SUBSTREAM_SHIFT) & SUBSTREAM_MASK;
+
+ if ((stream_id >= MAX_STREAM_ID) || (substream >= MAX_SUBSTREAM)) {
+ ERROR("invalid input: stream_id = %x, substream = %x\n", stream_id, substream);
+ return false;
+ }
+
+ VERBOSE("keyset = %d, dir = %d, stream_id = %d and substream = %d\n", keyset, dir,
+ stream_id, substream);
+
+ return true;
+}
+
+int rmmd_el3_ide_key_program(uint64_t ecam_address, uint64_t rp_id,
+ uint64_t ide_stream_info, rp_ide_key_info_t *ide_key_info_ptr,
+ uint64_t request_id, uint64_t cookie)
+{
+ int err;
+
+ /* TODO: Do validation of params */
+
+ VERBOSE("IDE_KEY_PROG: ecam address = 0x%lx and rp_id = 0x%lx\n", ecam_address, rp_id);
+
+ if (!extract_ide_stream_info(ide_stream_info)) {
+ err = E_RMM_INVAL;
+ goto exit_fn;
+ }
+
+ err = plat_rmmd_el3_ide_key_program(ecam_address, rp_id, ide_stream_info,
+ ide_key_info_ptr, request_id, cookie);
+
+ assert(err == E_RMM_OK || err == E_RMM_AGAIN || err == E_RMM_INVAL ||
+ err == E_RMM_IN_PROGRESS || err == E_RMM_UNK || err == E_RMM_FAULT);
+
+exit_fn:
+ return err;
+}
+
+int rmmd_el3_ide_key_set_go(uint64_t ecam_address, uint64_t rp_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie)
+{
+ int err;
+
+ /* TODO: Do validation of params */
+
+ VERBOSE("IDE_KEY_SET_GO: ecam address = 0x%lx and rp_id = 0x%lx\n", ecam_address, rp_id);
+
+ if (!extract_ide_stream_info(ide_stream_info)) {
+ err = E_RMM_INVAL;
+ goto exit_fn;
+ }
+
+ err = plat_rmmd_el3_ide_key_set_go(ecam_address, rp_id, ide_stream_info,
+ request_id, cookie);
+
+ assert(err == E_RMM_OK || err == E_RMM_AGAIN || err == E_RMM_INVAL ||
+ err == E_RMM_IN_PROGRESS || err == E_RMM_UNK || err == E_RMM_FAULT);
+
+exit_fn:
+ return err;
+}
+
+int rmmd_el3_ide_key_set_stop(uint64_t ecam_address, uint64_t rp_id,
+ uint64_t ide_stream_info, uint64_t request_id,
+ uint64_t cookie)
+{
+ int err;
+
+ /* TODO: Do validation of params */
+
+ VERBOSE("IDE_KEY_SET_STOP: ecam address = 0x%lx and rp_id = 0x%lx\n", ecam_address, rp_id);
+
+ if (!extract_ide_stream_info(ide_stream_info)) {
+ err = E_RMM_INVAL;
+ goto exit_fn;
+ }
+
+ err = plat_rmmd_el3_ide_key_set_stop(ecam_address, rp_id, ide_stream_info,
+ request_id, cookie);
+
+ assert(err == E_RMM_OK || err == E_RMM_AGAIN || err == E_RMM_INVAL ||
+ err == E_RMM_IN_PROGRESS || err == E_RMM_UNK || err == E_RMM_FAULT);
+
+exit_fn:
+ return err;
+}
+
+int rmmd_el3_ide_km_pull_response(uint64_t ecam_address, uint64_t rp_id,
+ uint64_t *req_resp, uint64_t *request_id,
+ uint64_t *cookie)
+{
+ int err;
+
+ /* TODO: Do validation of params */
+
+ VERBOSE("IDE_KM_PULL: ecam address = 0x%lx, rp_id = 0x%lx\n", ecam_address, rp_id);
+
+ err = plat_rmmd_el3_ide_km_pull_response(ecam_address, rp_id, req_resp, request_id, cookie);
+
+ assert(err == E_RMM_OK || err == E_RMM_AGAIN || err == E_RMM_INVAL ||
+ err == E_RMM_IN_PROGRESS || err == E_RMM_UNK || err == E_RMM_FAULT);
+
+ return err;
+}
diff --git a/services/std_svc/rmmd/rmmd_main.c b/services/std_svc/rmmd/rmmd_main.c
index e94b048..35582dc 100644
--- a/services/std_svc/rmmd/rmmd_main.c
+++ b/services/std_svc/rmmd/rmmd_main.c
@@ -19,6 +19,7 @@
#include <lib/el3_runtime/context_mgmt.h>
#include <lib/el3_runtime/cpu_data.h>
#include <lib/el3_runtime/pubsub.h>
+#include <lib/extensions/mpam.h>
#include <lib/extensions/pmuv3.h>
#include <lib/extensions/sys_reg_trace.h>
#include <lib/gpt_rme/gpt_rme.h>
@@ -169,6 +170,16 @@
if (is_feat_sme_supported()) {
sme_enable_per_world(&per_world_context[CPU_CONTEXT_REALM]);
}
+
+ /*
+ * If FEAT_MPAM is supported and enabled, then disable trapping access
+ * to the MPAM registers for Realm world. Instead, RMM will configure
+ * the access to be trapped by itself so it can inject undefined aborts
+ * back to the Realm.
+ */
+ if (is_feat_mpam_supported()) {
+ mpam_enable_per_world(&per_world_context[CPU_CONTEXT_REALM]);
+ }
}
/*******************************************************************************
@@ -479,6 +490,14 @@
int ret;
/*
+ * Check whether FEAT_MEC is supported by the hardware. If not, return
+ * unknown SMC.
+ */
+ if (is_feat_mec_supported() == false) {
+ return E_RMM_UNK;
+ }
+
+ /*
* Check whether the mecid parameter is at most MECIDR_EL2.MECIDWidthm1 + 1
* in length.
*/
@@ -542,6 +561,37 @@
case RMM_EL3_TOKEN_SIGN:
return rmmd_el3_token_sign(handle, x1, x2, x3, x4);
#endif
+
+#if RMMD_ENABLE_IDE_KEY_PROG
+ case RMM_IDE_KEY_PROG:
+ {
+ rp_ide_key_info_t ide_key_info;
+
+ ide_key_info.keyqw0 = x4;
+ ide_key_info.keyqw1 = SMC_GET_GP(handle, CTX_GPREG_X5);
+ ide_key_info.keyqw2 = SMC_GET_GP(handle, CTX_GPREG_X6);
+ ide_key_info.keyqw3 = SMC_GET_GP(handle, CTX_GPREG_X7);
+ ide_key_info.ifvqw0 = SMC_GET_GP(handle, CTX_GPREG_X8);
+ ide_key_info.ifvqw1 = SMC_GET_GP(handle, CTX_GPREG_X9);
+ uint64_t x10 = SMC_GET_GP(handle, CTX_GPREG_X10);
+ uint64_t x11 = SMC_GET_GP(handle, CTX_GPREG_X11);
+
+ ret = rmmd_el3_ide_key_program(x1, x2, x3, &ide_key_info, x10, x11);
+ SMC_RET1(handle, ret);
+ }
+ case RMM_IDE_KEY_SET_GO:
+ ret = rmmd_el3_ide_key_set_go(x1, x2, x3, x4, SMC_GET_GP(handle, CTX_GPREG_X5));
+ SMC_RET1(handle, ret);
+ case RMM_IDE_KEY_SET_STOP:
+ ret = rmmd_el3_ide_key_set_stop(x1, x2, x3, x4, SMC_GET_GP(handle, CTX_GPREG_X5));
+ SMC_RET1(handle, ret);
+ case RMM_IDE_KM_PULL_RESPONSE: {
+ uint64_t req_resp = 0, req_id = 0, cookie_var = 0;
+
+ ret = rmmd_el3_ide_km_pull_response(x1, x2, &req_resp, &req_id, &cookie_var);
+ SMC_RET4(handle, ret, req_resp, req_id, cookie_var);
+ }
+#endif /* RMMD_ENABLE_IDE_KEY_PROG */
case RMM_BOOT_COMPLETE:
VERBOSE("RMMD: running rmmd_rmm_sync_exit\n");
rmmd_rmm_sync_exit(x1);
diff --git a/services/std_svc/rmmd/rmmd_private.h b/services/std_svc/rmmd/rmmd_private.h
index 0ce104d..1fbcd31 100644
--- a/services/std_svc/rmmd/rmmd_private.h
+++ b/services/std_svc/rmmd/rmmd_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,6 +8,7 @@
#define RMMD_PRIVATE_H
#include <context.h>
+#include <services/rmmd_svc.h>
/*******************************************************************************
* Constants that allow assembler code to preserve callee-saved registers of the
@@ -54,6 +55,17 @@
uint64_t rmmd_el3_token_sign(void *handle, uint64_t x1, uint64_t x2,
uint64_t x3, uint64_t x4);
+/* Functions implementing IDE KM programming */
+int rmmd_el3_ide_key_program(uint64_t ecam_address, uint64_t rp_id,
+ uint64_t ide_stream_info, rp_ide_key_info_t *ide_key_info_ptr,
+ uint64_t request_id, uint64_t cookie);
+int rmmd_el3_ide_key_set_go(uint64_t ecam_address, uint64_t rp_id, uint64_t ide_stream_info,
+ uint64_t request_id, uint64_t cookie);
+int rmmd_el3_ide_key_set_stop(uint64_t ecam_address, uint64_t rp_id, uint64_t ide_stream_info,
+ uint64_t request_id, uint64_t cookie);
+int rmmd_el3_ide_km_pull_response(uint64_t ecam_address, uint64_t rp_id, uint64_t *req_resp,
+ uint64_t *request_id, uint64_t *cookie_ptr);
+
/* Assembly helpers */
uint64_t rmmd_rmm_enter(uint64_t *c_rt_ctx);
void __dead2 rmmd_rmm_exit(uint64_t c_rt_ctx, uint64_t ret);
diff --git a/services/std_svc/rmmd/trp/trp_entry.S b/services/std_svc/rmmd/trp/trp_entry.S
index 3e1d8c9..a2fd6a0 100644
--- a/services/std_svc/rmmd/trp/trp_entry.S
+++ b/services/std_svc/rmmd/trp/trp_entry.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,6 +21,8 @@
* ---------------------------------------------
*/
.macro restore_args_call_smc
+ ldp x10, x11, [x0, #TRP_ARG10]
+ ldp x8, x9, [x0, #TRP_ARG8]
ldp x6, x7, [x0, #TRP_ARG6]
ldp x4, x5, [x0, #TRP_ARG4]
ldp x2, x3, [x0, #TRP_ARG2]
diff --git a/services/std_svc/rmmd/trp/trp_helpers.c b/services/std_svc/rmmd/trp/trp_helpers.c
index 159f3a5..0607864 100644
--- a/services/std_svc/rmmd/trp/trp_helpers.c
+++ b/services/std_svc/rmmd/trp/trp_helpers.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -25,7 +25,11 @@
uint64_t arg4,
uint64_t arg5,
uint64_t arg6,
- uint64_t arg7)
+ uint64_t arg7,
+ uint64_t arg8,
+ uint64_t arg9,
+ uint64_t arg10,
+ uint64_t arg11)
{
uint32_t linear_id;
trp_args_t *pcpu_smc_args;
@@ -44,6 +48,10 @@
write_trp_arg(pcpu_smc_args, TRP_ARG5, arg5);
write_trp_arg(pcpu_smc_args, TRP_ARG6, arg6);
write_trp_arg(pcpu_smc_args, TRP_ARG7, arg7);
+ write_trp_arg(pcpu_smc_args, TRP_ARG8, arg8);
+ write_trp_arg(pcpu_smc_args, TRP_ARG9, arg9);
+ write_trp_arg(pcpu_smc_args, TRP_ARG10, arg10);
+ write_trp_arg(pcpu_smc_args, TRP_ARG11, arg11);
return pcpu_smc_args;
}
@@ -53,6 +61,6 @@
*/
__dead2 void trp_boot_abort(uint64_t err)
{
- (void)trp_smc(set_smc_args(RMM_BOOT_COMPLETE, err, 0, 0, 0, 0, 0, 0));
+ (void)trp_smc(set_smc_args(RMM_BOOT_COMPLETE, err, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0));
panic();
}
diff --git a/services/std_svc/rmmd/trp/trp_main.c b/services/std_svc/rmmd/trp/trp_main.c
index b75483c..a82966e 100644
--- a/services/std_svc/rmmd/trp/trp_main.c
+++ b/services/std_svc/rmmd/trp/trp_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2021-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -15,6 +15,27 @@
#include <platform_def.h>
+#define RMI_ERROR_REALM 2U
+#define RMI_ERROR_NOT_SUPPORTED 6U
+
+#define DIR_BIT_SHIFT 0x8
+#define KEYSET_SHIFT 0xC
+#define STREAM_ID_MASK 0xFF
+#define STREAM_ID_SHIFT 0x0
+#define SUBSTREAM_MASK 0x7
+#define SUBSTREAM_SHIFT 0x8
+
+#define KEY_SET 0x0
+#define DIR_VAL 0x0
+#define SUBSTREAM_VAL 0x1
+#define STREAM_ID 0x1
+
+#define ENCODE_STREAM_INFO(key, dir, substream, stream_id) \
+ (((key & 0x1) << KEYSET_SHIFT) | \
+ ((dir & 0x1) << DIR_BIT_SHIFT) | \
+ ((substream && SUBSTREAM_MASK) << SUBSTREAM_SHIFT) | \
+ ((stream_id && STREAM_ID_MASK) << STREAM_ID_SHIFT))
+
/* Parameters received from the previous image */
static unsigned int trp_boot_abi_version;
static uintptr_t trp_shared_region_start;
@@ -129,7 +150,7 @@
{
VERBOSE("Delegating granule 0x%llx\n", x1);
smc_ret->x[0] = trp_smc(set_smc_args(RMM_GTSI_DELEGATE, x1,
- 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
if (smc_ret->x[0] != 0ULL) {
ERROR("Granule transition from NON-SECURE type to REALM type "
@@ -145,7 +166,7 @@
{
VERBOSE("Undelegating granule 0x%llx\n", x1);
smc_ret->x[0] = trp_smc(set_smc_args(RMM_GTSI_UNDELEGATE, x1,
- 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
if (smc_ret->x[0] != 0ULL) {
ERROR("Granule transition from REALM type to NON-SECURE type "
@@ -154,6 +175,62 @@
}
/*******************************************************************************
+ * Test the IDE Key management interface
+ ******************************************************************************/
+static void trp_ide_keymgmt_interface_fn(unsigned long long x1, unsigned long long x2,
+ struct trp_smc_result *smc_ret)
+{
+ uint64_t ecam_address = 0U, rp_id = 0U, ide_stream_info;
+ uint64_t keyqw0, keyqw1, keyqw2, keyqw3;
+ uint64_t ifvqw0, ifvqw1;
+ int return_value;
+
+#if RMMD_ENABLE_IDE_KEY_PROG
+ trp_get_test_rootport(&ecam_address, &rp_id);
+#endif /* RMMD_ENABLE_IDE_KEY_PROG */
+ /*
+ * Dummy values for testing:
+ * Key set = 0x0
+ * Dir = 0x0
+ * Substream = 0x1
+ * Stream ID = 0x1
+ */
+ ide_stream_info = ENCODE_STREAM_INFO(KEY_SET, DIR_VAL, SUBSTREAM_VAL, STREAM_ID);
+
+ /* Dummy key and IV values for testing */
+ keyqw0 = 0xA1B2C3D4E5F60708;
+ keyqw1 = 0x1122334455667788;
+ keyqw2 = 0xDEADBEEFCAFEBABE;
+ keyqw3 = 0x1234567890ABCDEF;
+ ifvqw0 = 0xABCDEF0123456789;
+ ifvqw1 = 0x9876543210FEDCBA;
+
+ return_value = trp_smc(set_smc_args(RMM_IDE_KEY_PROG, ecam_address, rp_id,
+ ide_stream_info, keyqw0, keyqw1, keyqw2, keyqw3, ifvqw0,
+ ifvqw1, 0UL, 0UL));
+
+ INFO("return value from RMM_IDE_KEY_PROG = %d\n", return_value);
+
+ return_value = trp_smc(set_smc_args(RMM_IDE_KEY_SET_GO, ecam_address, rp_id,
+ ide_stream_info, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
+
+ INFO("return value from RMM_IDE_KEY_SET_GO = %d\n", return_value);
+
+ return_value = trp_smc(set_smc_args(RMM_IDE_KEY_SET_STOP, ecam_address, rp_id,
+ ide_stream_info, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
+
+ INFO("return value from RMM_IDE_KEY_SET_STOP = %d\n", return_value);
+
+ return_value = trp_smc(set_smc_args(RMM_IDE_KM_PULL_RESPONSE, ecam_address, rp_id,
+ 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL));
+
+ INFO("return value from RMM_IDE_KEY_SET_STOP = %d\n", return_value);
+
+ smc_ret->x[0] = RMI_ERROR_NOT_SUPPORTED;
+
+}
+
+/*******************************************************************************
* Main RMI SMC handler function
******************************************************************************/
void trp_rmi_handler(unsigned long fid,
@@ -179,6 +256,9 @@
case RMI_RMM_GRANULE_UNDELEGATE:
trp_asc_mark_nonsecure(x1, smc_ret);
break;
+ case RMI_RMM_PDEV_CREATE:
+ trp_ide_keymgmt_interface_fn(x1, x2, smc_ret);
+ break;
default:
ERROR("Invalid SMC code to %s, FID %lx\n", __func__, fid);
smc_ret->x[0] = SMC_UNK;
diff --git a/services/std_svc/rmmd/trp/trp_private.h b/services/std_svc/rmmd/trp/trp_private.h
index d8c6960..16edc5e 100644
--- a/services/std_svc/rmmd/trp/trp_private.h
+++ b/services/std_svc/rmmd/trp/trp_private.h
@@ -28,6 +28,7 @@
#define RMI_RMM_REQ_VERSION SMC64_RMI_FID(U(0))
#define RMI_RMM_GRANULE_DELEGATE SMC64_RMI_FID(U(1))
#define RMI_RMM_GRANULE_UNDELEGATE SMC64_RMI_FID(U(2))
+#define RMI_RMM_PDEV_CREATE SMC64_RMI_FID(U(0x26))
/* Definitions for RMI VERSION */
#define RMI_ABI_VERSION_MAJOR U(0x0)
diff --git a/services/std_svc/sdei/sdei_event.c b/services/std_svc/sdei/sdei_event.c
index e0c7971..cc8f557 100644
--- a/services/std_svc/sdei/sdei_event.c
+++ b/services/std_svc/sdei/sdei_event.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -19,14 +19,14 @@
* Both shared and private maps are stored in single-dimensional array. Private
* event entries are kept for each PE forming a 2D array.
*/
-sdei_entry_t *get_event_entry(sdei_ev_map_t *map)
+sdei_entry_t *get_event_entry(const sdei_ev_map_t *map)
{
const sdei_mapping_t *mapping;
sdei_entry_t *cpu_priv_base;
unsigned int base_idx;
long int idx;
- if (is_event_private(map)) {
+ if ((map->map_flags & BIT_32(SDEI_MAPF_PRIVATE_SHIFT_)) != 0U) {
/*
* For a private map, find the index of the mapping in the
* array.
@@ -52,6 +52,39 @@
}
/*
+ * Retrieve the SDEI entry for the given mapping and target PE.
+ *
+ * on success : Returns a pointer to the SDEI entry
+ *
+ * On error, returns NULL
+ *
+ * Both shared and private maps are stored in single-dimensional array. Private
+ * event entries are kept for each PE forming a 2D array.
+ */
+sdei_entry_t *get_event_entry_target_pe(long int mapsub, unsigned int nm, uint64_t target_pe)
+{
+ sdei_entry_t *cpu_priv_base;
+ unsigned int base_idx;
+ long int idx;
+
+ /*
+ * For a private map, find the index of the mapping in the
+ * array.
+ */
+ idx = mapsub;
+
+ /* Base of private mappings for this CPU */
+ base_idx = (unsigned int) plat_core_pos_by_mpidr(target_pe);
+ base_idx *= nm;
+ cpu_priv_base = &sdei_private_event_table[base_idx];
+ /*
+ * Return the address of the entry at the same index in the
+ * per-CPU event entry.
+ */
+ return &cpu_priv_base[idx];
+}
+
+/*
* Find event mapping for a given interrupt number: On success, returns pointer
* to the event mapping. On error, returns NULL.
*/
diff --git a/services/std_svc/sdei/sdei_intr_mgmt.c b/services/std_svc/sdei/sdei_intr_mgmt.c
index c58adba..4854b2e 100644
--- a/services/std_svc/sdei/sdei_intr_mgmt.c
+++ b/services/std_svc/sdei/sdei_intr_mgmt.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -29,7 +29,8 @@
#define MAX_EVENT_NESTING 2U
/* Per-CPU SDEI state access macro */
-#define sdei_get_this_pe_state() (&cpu_state[plat_my_core_pos()])
+#define sdei_get_this_pe_state() (&cpu_state[plat_my_core_pos()])
+#define sdei_get_target_pe_state(_pe) (&cpu_state[plat_core_pos_by_mpidr(_pe)])
/* Structure to store information about an outstanding dispatch */
typedef struct sdei_dispatch_context {
@@ -58,6 +59,13 @@
/* SDEI states for all cores in the system */
static sdei_cpu_state_t cpu_state[PLATFORM_CORE_COUNT];
+bool sdei_is_target_pe_masked(uint64_t target_pe)
+{
+ const sdei_cpu_state_t *state = sdei_get_target_pe_state(target_pe);
+
+ return state->pe_masked;
+}
+
int64_t sdei_pe_mask(void)
{
int64_t ret = 0;
diff --git a/services/std_svc/sdei/sdei_main.c b/services/std_svc/sdei/sdei_main.c
index 01cc131..bbc9f73 100644
--- a/services/std_svc/sdei/sdei_main.c
+++ b/services/std_svc/sdei/sdei_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -910,25 +910,54 @@
/* Send a signal to another SDEI client PE */
static int sdei_signal(int ev_num, uint64_t target_pe)
{
+ unsigned int i;
sdei_ev_map_t *map;
+ sdei_ev_map_t *map_priv;
+ sdei_entry_t *se;
/* Only event 0 can be signalled */
- if (ev_num != SDEI_EVENT_0)
+ if (ev_num != SDEI_EVENT_0) {
return SDEI_EINVAL;
+ }
/* Find mapping for event 0 */
map = find_event_map(SDEI_EVENT_0);
- if (map == NULL)
+ if (map == NULL) {
return SDEI_EINVAL;
+ }
/* The event must be signalable */
- if (!is_event_signalable(map))
+ if (!is_event_signalable(map)) {
return SDEI_EINVAL;
+ }
/* Validate target */
- if (!is_valid_mpidr(target_pe))
+ if (!is_valid_mpidr(target_pe)) {
return SDEI_EINVAL;
+ }
+ /* The event must be unmasked */
+ if (sdei_is_target_pe_masked(target_pe)) {
+ return SDEI_EINVAL;
+ }
+
+ /* The event must be registered and enabled */
+ if (is_event_private(map)) {
+ map_priv = SDEI_PRIVATE_MAPPING()->map;
+ for (i = 0; i < SDEI_PRIVATE_MAPPING()->num_maps; i++) {
+ if (map_priv->ev_num == SDEI_EVENT_0) {
+ se = get_event_entry_target_pe((long int) i,
+ (unsigned int) SDEI_PRIVATE_MAPPING()->num_maps, target_pe);
+ if (!(GET_EV_STATE((se), REGISTERED))) {
+ return SDEI_EINVAL;
+ }
+ if (!(GET_EV_STATE((se), ENABLED))) {
+ return SDEI_EINVAL;
+ }
+ }
+ map_priv++;
+ }
+ }
/* Raise SGI. Platform will validate target_pe */
plat_ic_raise_el3_sgi((int) map->intr, (u_register_t) target_pe);
diff --git a/services/std_svc/sdei/sdei_private.h b/services/std_svc/sdei/sdei_private.h
index 44a7301..d48db46 100644
--- a/services/std_svc/sdei/sdei_private.h
+++ b/services/std_svc/sdei/sdei_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -232,13 +232,15 @@
sdei_ev_map_t *find_event_map_by_intr(unsigned int intr_num, bool shared);
sdei_ev_map_t *find_event_map(int ev_num);
-sdei_entry_t *get_event_entry(sdei_ev_map_t *map);
+sdei_entry_t *get_event_entry(const sdei_ev_map_t *map);
+sdei_entry_t *get_event_entry_target_pe(long int mapsub, unsigned int nm, uint64_t target_pe);
int64_t sdei_event_context(void *handle, unsigned int param);
int sdei_event_complete(bool resume, uint64_t pc);
-void sdei_pe_unmask(void);
+bool sdei_is_target_pe_masked(uint64_t target_pe);
int64_t sdei_pe_mask(void);
+void sdei_pe_unmask(void);
int sdei_intr_handler(uint32_t intr_raw, uint32_t flags, void *handle,
void *cookie);
diff --git a/services/std_svc/spm/el3_spmc/spmc_main.c b/services/std_svc/spm/el3_spmc/spmc_main.c
index bddfe96..c67a6fc 100644
--- a/services/std_svc/spm/el3_spmc/spmc_main.c
+++ b/services/std_svc/spm/el3_spmc/spmc_main.c
@@ -1359,6 +1359,16 @@
/* Execution stops here. */
/* Supported ABIs only from the secure world. */
+ case FFA_MEM_PERM_GET_SMC32:
+ case FFA_MEM_PERM_GET_SMC64:
+ case FFA_MEM_PERM_SET_SMC32:
+ case FFA_MEM_PERM_SET_SMC64:
+ /* these ABIs are only supported from S-EL0 SPs */
+ #if !(SPMC_AT_EL3_SEL0_SP)
+ return spmc_ffa_error_return(handle, FFA_ERROR_NOT_SUPPORTED);
+ #endif
+ /* fall through */
+
case FFA_SECONDARY_EP_REGISTER_SMC64:
case FFA_MSG_SEND_DIRECT_RESP_SMC32:
case FFA_MSG_SEND_DIRECT_RESP_SMC64:
@@ -1367,7 +1377,6 @@
case FFA_MSG_WAIT:
case FFA_CONSOLE_LOG_SMC32:
case FFA_CONSOLE_LOG_SMC64:
-
if (!secure_origin) {
return spmc_ffa_error_return(handle,
FFA_ERROR_NOT_SUPPORTED);
diff --git a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
index 5263c04..323f7f7 100644
--- a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
+++ b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
@@ -679,6 +679,18 @@
return 0;
}
+static bool compatible_version(uint32_t ffa_version, uint16_t major,
+ uint16_t minor)
+{
+ bool bit31_set = ffa_version & FFA_VERSION_BIT31_MASK;
+ uint16_t majv = (ffa_version >> FFA_VERSION_MAJOR_SHIFT) &
+ FFA_VERSION_MAJOR_MASK;
+ uint16_t minv = (ffa_version >> FFA_VERSION_MINOR_SHIFT) &
+ FFA_VERSION_MINOR_MASK;
+
+ return !bit31_set && majv == major && minv >= minor;
+}
+
static int
spmc_validate_mtd_start(struct ffa_mtd *desc, uint32_t ffa_version,
size_t fragment_length, size_t total_length)
@@ -691,7 +703,7 @@
/* Determine the appropriate minimum descriptor size. */
if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
min_desc_size = sizeof(struct ffa_mtd_v1_0);
- } else if (ffa_version == MAKE_FFA_VERSION(1, 1)) {
+ } else if (compatible_version(ffa_version, 1, 1)) {
min_desc_size = sizeof(struct ffa_mtd);
} else {
return FFA_ERROR_INVALID_PARAMETER;
@@ -1212,7 +1224,7 @@
if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
min_desc_size = sizeof(struct ffa_mtd_v1_0);
- } else if (ffa_version == MAKE_FFA_VERSION(1, 1)) {
+ } else if (compatible_version(ffa_version, 1, 1)) {
min_desc_size = sizeof(struct ffa_mtd);
} else {
WARN("%s: bad FF-A version.\n", __func__);
diff --git a/services/std_svc/spm/spm_mm/spm_mm_main.c b/services/std_svc/spm/spm_mm/spm_mm_main.c
index 34e2c00..7fe826d 100644
--- a/services/std_svc/spm/spm_mm/spm_mm_main.c
+++ b/services/std_svc/spm/spm_mm/spm_mm_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -34,53 +34,19 @@
/*******************************************************************************
* Set state of a Secure Partition context.
******************************************************************************/
-void sp_state_set(sp_context_t *sp_ptr, sp_state_t state)
+static void sp_state_set(sp_context_t *sp_ptr, sp_state_t state)
{
- spin_lock(&(sp_ptr->state_lock));
sp_ptr->state = state;
spin_unlock(&(sp_ptr->state_lock));
}
/*******************************************************************************
- * Wait until the state of a Secure Partition is the specified one and change it
- * to the desired state.
+ * Change the state of a Secure Partition to the one specified.
******************************************************************************/
-void sp_state_wait_switch(sp_context_t *sp_ptr, sp_state_t from, sp_state_t to)
+static void sp_state_wait_switch(sp_context_t *sp_ptr, sp_state_t from, sp_state_t to)
{
- int success = 0;
-
- while (success == 0) {
- spin_lock(&(sp_ptr->state_lock));
-
- if (sp_ptr->state == from) {
- sp_ptr->state = to;
-
- success = 1;
- }
-
- spin_unlock(&(sp_ptr->state_lock));
- }
-}
-
-/*******************************************************************************
- * Check if the state of a Secure Partition is the specified one and, if so,
- * change it to the desired state. Returns 0 on success, -1 on error.
- ******************************************************************************/
-int sp_state_try_switch(sp_context_t *sp_ptr, sp_state_t from, sp_state_t to)
-{
- int ret = -1;
-
spin_lock(&(sp_ptr->state_lock));
-
- if (sp_ptr->state == from) {
- sp_ptr->state = to;
-
- ret = 0;
- }
-
- spin_unlock(&(sp_ptr->state_lock));
-
- return ret;
+ sp_ptr->state = to;
}
/*******************************************************************************
diff --git a/services/std_svc/spmd/spmd_main.c b/services/std_svc/spmd/spmd_main.c
index 94634f2..310610d 100644
--- a/services/std_svc/spmd/spmd_main.c
+++ b/services/std_svc/spmd/spmd_main.c
@@ -888,11 +888,15 @@
}
/*
- * If there was an SPMD logical partition direct request on-going,
+ * Perform a synchronous exit:
+ * 1. If there was an SPMD logical partition direct request on-going,
* return back to the SPMD logical partition so the error can be
* consumed.
+ * 2. SPMC sent FFA_ERROR in response to a power management
+ * operation sent through direct request.
*/
- if (is_spmd_logical_sp_dir_req_in_progress(ctx)) {
+ if (is_spmd_logical_sp_dir_req_in_progress(ctx) ||
+ ctx->psci_operation_ongoing) {
assert(secure_origin);
spmd_spm_core_sync_exit(0ULL);
}
diff --git a/services/std_svc/spmd/spmd_pm.c b/services/std_svc/spmd/spmd_pm.c
index fd89c81..4ed3e2f 100644
--- a/services/std_svc/spmd/spmd_pm.c
+++ b/services/std_svc/spmd/spmd_pm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -117,6 +117,8 @@
spmd_spm_core_context_t *ctx = spmd_get_context();
unsigned int linear_id = plat_my_core_pos();
int64_t rc;
+ uint32_t ffa_resp_func_id, msg_flags;
+ int status;
assert(ctx != NULL);
assert(ctx->state != SPMC_STATE_OFF);
@@ -137,24 +139,60 @@
write_ctx_reg(gpregs, CTX_GPREG_X16, 0);
write_ctx_reg(gpregs, CTX_GPREG_X17, 0);
+ /* Mark current core as processing a PSCI operation. */
+ ctx->psci_operation_ongoing = true;
+
rc = spmd_spm_core_sync_entry(ctx);
+
if (rc != 0ULL) {
ERROR("%s failed (%" PRIu64 ") on CPU%u\n", __func__, rc, linear_id);
}
+ ctx->psci_operation_ongoing = false;
+
/* Expect a direct message response from the SPMC. */
- u_register_t ffa_resp_func = read_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx),
+ ffa_resp_func_id = (uint32_t)read_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx),
CTX_GPREG_X0);
- if (ffa_resp_func != FFA_MSG_SEND_DIRECT_RESP_SMC32) {
- ERROR("%s invalid SPMC response (%lx).\n",
- __func__, ffa_resp_func);
- return -EINVAL;
+
+ /*
+ * Retrieve flags indicating framework message and power management
+ * response.
+ */
+ msg_flags = (uint32_t)read_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx),
+ CTX_GPREG_X2);
+
+ /* Retrieve error code indicating status of power management operation. */
+ status = (int)read_ctx_reg(get_gpregs_ctx(&ctx->cpu_ctx),
+ CTX_GPREG_X3);
+
+ if (ffa_resp_func_id == FFA_ERROR) {
+ /*
+ * It is likely that SPMC does not support receiving PSCI
+ * operation through framework message. SPMD takes an
+ * implementation defined choice to not treat it as a fatal
+ * error. Consequently, SPMD ignores the error and continues
+ * with power management operation.
+ */
+ VERBOSE("SPMC ignored PSCI CPU_OFF framework message\n");
+ } else if (ffa_resp_func_id != FFA_MSG_SEND_DIRECT_RESP_SMC32) {
+ ERROR("%s invalid SPMC response (%x).\n",
+ __func__, ffa_resp_func_id);
+ panic();
+ } else if (((msg_flags & FFA_FWK_MSG_BIT) == 0U) ||
+ ((msg_flags & FFA_FWK_MSG_MASK) != FFA_PM_MSG_PM_RESP)) {
+ ERROR("SPMC failed to send framework message response for power"
+ " management operation, message flags = (%x)\n",
+ msg_flags);
+ panic();
+ } else if (status != PSCI_E_SUCCESS) {
+ ERROR("SPMC denied CPU_OFF power management request\n");
+ panic();
+ } else {
+ VERBOSE("CPU %u off!\n", linear_id);
}
ctx->state = SPMC_STATE_OFF;
- VERBOSE("CPU %u off!\n", linear_id);
-
return 0;
}
diff --git a/services/std_svc/spmd/spmd_private.h b/services/std_svc/spmd/spmd_private.h
index 2cd18a2..0dfad02 100644
--- a/services/std_svc/spmd/spmd_private.h
+++ b/services/std_svc/spmd/spmd_private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -52,6 +52,7 @@
cpu_context_t cpu_ctx;
spmc_state_t state;
bool secure_interrupt_ongoing;
+ bool psci_operation_ongoing;
#if ENABLE_SPMD_LP
uint8_t spmd_lp_sync_req_ongoing;
#endif
diff --git a/services/std_svc/std_svc_setup.c b/services/std_svc/std_svc_setup.c
index 5cfe5f9..deca1c0 100644
--- a/services/std_svc/std_svc_setup.c
+++ b/services/std_svc/std_svc_setup.c
@@ -94,14 +94,19 @@
* calls to PSCI SMC handler
*/
static uintptr_t std_svc_smc_handler(uint32_t smc_fid,
- u_register_t x1,
- u_register_t x2,
- u_register_t x3,
- u_register_t x4,
+ u_register_t x1_arg,
+ u_register_t x2_arg,
+ u_register_t x3_arg,
+ u_register_t x4_arg,
void *cookie,
void *handle,
u_register_t flags)
{
+ u_register_t x1 = x1_arg;
+ u_register_t x2 = x2_arg;
+ u_register_t x3 = x3_arg;
+ u_register_t x4 = x4_arg;
+
if (((smc_fid >> FUNCID_CC_SHIFT) & FUNCID_CC_MASK) == SMC_32) {
/* 32-bit SMC function, clear top parameter bits */
diff --git a/tools/marvell/doimage/doimage.c b/tools/marvell/doimage/doimage.c
index 1f0985c..12e1327 100644
--- a/tools/marvell/doimage/doimage.c
+++ b/tools/marvell/doimage/doimage.c
@@ -421,7 +421,7 @@
char *ptmp = (char *)&tv;
unsigned char digest[32];
unsigned char IV[AES_BLOCK_SZ];
- int i, k;
+ size_t i, k;
mbedtls_aes_context aes_ctx;
int rval = -1;
uint8_t *test_img = 0;
@@ -516,7 +516,8 @@
for (i = 0; i < blen; i++) {
if (buf[i] != test_img[i]) {
fprintf(stderr, "Failed to compare the image after");
- fprintf(stderr, " decryption! Byte count is %d\n", i);
+ fprintf(stderr, " decryption! Byte count is %lu\n",
+ (unsigned long)i);
rval = -1;
goto encrypt_exit;
}
@@ -614,11 +615,11 @@
int verify_and_copy_file_name_entry(const char *element_name,
const char *element, char *copy_to)
{
- int element_length = strlen(element);
+ size_t element_length = strlen(element);
if (element_length >= MAX_FILENAME) {
- fprintf(stderr, "The file name %s for %s is too long (%d). ",
- element, element_name, element_length);
+ fprintf(stderr, "The file name %s for %s is too long (%lu). ",
+ element, element_name, (unsigned long)element_length);
fprintf(stderr, "Maximum allowed %d characters!\n",
MAX_FILENAME);
return -1;
diff --git a/tools/nxp/create_pbl/Makefile b/tools/nxp/create_pbl/Makefile
index cd2ccc1..9285b72 100644
--- a/tools/nxp/create_pbl/Makefile
+++ b/tools/nxp/create_pbl/Makefile
@@ -44,7 +44,7 @@
$(s)echo "Built $@ successfully"
$(s)echo
-+${OBJECTS_1} ${OBJECTS_2}: %.o: %.c Makefile
+${OBJECTS_1} ${OBJECTS_2}: %.o: %.c Makefile
$(s)echo " CC $<"
$(q)$(host-cc) -c ${CPPFLAGS} ${CFLAGS} ${INCLUDE_PATHS} $< -o $@
