mirror of
git://nv-tegra.nvidia.com/tegra/optee-src/atf.git
synced 2025-12-22 09:21:26 +03:00
Updating prebuilts and/or headers
600af606544528acefdcda1ac9360385c7fb445e - nvbuild.sh ad7dc8da66a1a95925c5d25352922f3878707e31 - nvcommon_build.sh 0907bfcdbb17c8012151b65666827033c895982c - arm-trusted-firmware.t234/package-lock.json 0014850d17c6d073452c1de344bf3e5e48c3ff1a - arm-trusted-firmware.t234/Makefile 7f3fadaf80e3c4745d24cb1a5881c7c5f4d898ba - arm-trusted-firmware.t234/.checkpatch.conf 584715f8f3c3f87ea97b9b3da77cdc7c576262bc - arm-trusted-firmware.t234/.nspect-allowlist.toml ace10cf6c86db4d397dce5eb15be3904f60c70f9 - arm-trusted-firmware.t234/.readthedocs.yaml e7b6512c235c4956d5e5c54a1bba110101ee7219 - arm-trusted-firmware.t234/poetry.lock 3b07f1cc18499c3a94f20780855567ecbb2406a0 - arm-trusted-firmware.t234/.commitlintrc.js 4bdcaddad6efc78faa2c744a8179fe2b722d1745 - arm-trusted-firmware.t234/readme.rst 58ac0e2c4882938ac294f7180d8d372c1a23c60c - arm-trusted-firmware.t234/.versionrc.cjs 4a2bf00f1f07dd12abeef076606cbbb954f22aa8 - arm-trusted-firmware.t234/package.json 459346b6306a9ab8abdbbc9bab327a65d5c0bd4a - arm-trusted-firmware.t234/.cz-adapter.cjs 2d62a7583b85631859c4143f08e0dc332e1cb87e - arm-trusted-firmware.t234/.gitreview 96d71bc7e0063a06f7a82508b968b73a54857d0d - arm-trusted-firmware.t234/.editorconfig 6b4f543445bf3b97440b6828e63b2efae8cc5d48 - arm-trusted-firmware.t234/pyproject.toml d8da3627085908a5f974b45528b85dc0a41a8b75 - arm-trusted-firmware.t234/license.rst c5b6edb1f19eb7b57761adc898d9906ccf9f5593 - arm-trusted-firmware.t234/OWNERS dcbcc9dad91ad237daae72ab81613fa540d989ec - arm-trusted-firmware.t234/.cz.json b509c8a6f834e67a07b5eb787d0c2f5e7c8f0ab7 - arm-trusted-firmware.t234/.ctags 693d8edcd6f6e57cb33293e518fc9f017e953dc8 - arm-trusted-firmware.t234/.nvmrc 89e8f1fd50ac707f0dcb450575a69bf86eba15d7 - arm-trusted-firmware.t234/changelog.yaml c16e3571ab87b0ea9f8067989a5b0f97251ff8cb - arm-trusted-firmware.t234/lib/libfdt/fdt_wip.c ea823073be5d673a06dfad272a7582df4482b150 - arm-trusted-firmware.t234/lib/libfdt/fdt_ro.c fdf423cffe52c2e918c815f60c8bea0d7f7c8d70 - arm-trusted-firmware.t234/lib/libfdt/fdt_overlay.c d2dc4f22a3f4d18e90f3c200fc9236e910900b67 - arm-trusted-firmware.t234/lib/libfdt/fdt_rw.c 0c0bc4ae346c1591ec8aa09a444d3aeaa3d210fb - arm-trusted-firmware.t234/lib/libfdt/fdt.c e01b7a0052b837a4650f2c9ac75ad38c40edc583 - arm-trusted-firmware.t234/lib/libfdt/fdt_empty_tree.c 1888e43d0d65ec169628a14ff94eb9d06adb47b2 - arm-trusted-firmware.t234/lib/libfdt/fdt_strerror.c 71e3b9e723c948c08594cfa38c65a708d0ab7f88 - arm-trusted-firmware.t234/lib/libfdt/fdt_sw.c a9e7388adeea4bb813155c62caacc545e9e98bfc - arm-trusted-firmware.t234/lib/libfdt/libfdt_internal.h 282524cbc0a8f7d16c36b9954bb4fad4c0d76c0a - arm-trusted-firmware.t234/lib/libfdt/fdt_addresses.c 90037639cf8fb4c81695f9d8aa4f15ee05af1b0d - arm-trusted-firmware.t234/lib/pmf/pmf_main.c 748a73855a307a23e9042a2467fd508bcc7e2719 - arm-trusted-firmware.t234/lib/pmf/pmf_smc.c 8102f862edb5ab07783993999c8781385e261628 - arm-trusted-firmware.t234/lib/debugfs/dev.c 78982645d4d3008984c9307ee68bfa8eeb1a43a7 - arm-trusted-firmware.t234/lib/debugfs/blobs.h db9f0e301c7178c315a1c6e72358bae572ce85db - arm-trusted-firmware.t234/lib/debugfs/devfip.c 678b679be4c3816d85eb8d851b7f46b7393739a2 - arm-trusted-firmware.t234/lib/debugfs/debugfs_smc.c 9802d55cbbaff09010b37afad6d494d8e755eae2 - arm-trusted-firmware.t234/lib/debugfs/devroot.c 5260672b27f35a4368d3be1f6ee66ec91d4beb26 - arm-trusted-firmware.t234/lib/debugfs/dev.h 7c85c537adcb24f5e03d6c71424a2618815086e3 - arm-trusted-firmware.t234/lib/debugfs/devc.c b686543bed166afb322167276d451afec04adc59 - arm-trusted-firmware.t234/lib/romlib/Makefile 481822cc2e7c15342af97aee4d6a88357f33ef86 - arm-trusted-firmware.t234/lib/romlib/romlib_generator.py eb057f1c025e3c00715bfc73c35c4550fba204ce - arm-trusted-firmware.t234/lib/romlib/jmptbl.i 84d815be083f637cd9f96c31d1fddf3042e11b9a - arm-trusted-firmware.t234/lib/romlib/romlib.ld.S d558c9ec1044a052e3ae32d32fa5e185b31bc800 - arm-trusted-firmware.t234/lib/romlib/gen_combined_bl1_romlib.sh bb10bb4fd88d1ee33bbcbdc3fe783aeea6421835 - arm-trusted-firmware.t234/lib/romlib/init.s b022feb15f3e84d4eefd318657af38a3a523e363 - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_entry_function_bti.S 56fc8c8a2950a0303783ced6bd0e388176043a47 - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_entry_function.S 0e6c307caa236b447ebce1b8530688dc19799210 - arm-trusted-firmware.t234/lib/romlib/templates/wrapper_bti.S 91d0e6f060cd659ba73d0db8886497a823814c65 - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_entry_reserved_bti.S fa26b89e848f7affd6fd3be71153b55961fbf971 - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_glob_var.S 8bd9f16af17fc4a81e921654d50217d6ba334d4f - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_header.S f9c9050fd5c89b246d718f406a9d9a13f3388a5e - arm-trusted-firmware.t234/lib/romlib/templates/jmptbl_entry_reserved.S 0598d43a54d46872be6b5e9f5a8b45597813d4ae - arm-trusted-firmware.t234/lib/romlib/templates/wrapper.S 18fdfde595d6c7a6409f3d91382d81f736bf775d - arm-trusted-firmware.t234/lib/fconf/fconf_mpmm_getter.c eb04a6d9ab9c6c79abc707068733945ca7ea49e4 - arm-trusted-firmware.t234/lib/fconf/fconf_dyn_cfg_getter.c 792d27179cb94886b8e3d403c6e11c05bdda0a57 - arm-trusted-firmware.t234/lib/fconf/fconf_cot_getter.c a56e2c964f2491dc1846e59e1e802dcb4e62944e - arm-trusted-firmware.t234/lib/fconf/fconf.c 9ad7e79093e5a9eee5c2b34fbfcef507564686b9 - arm-trusted-firmware.t234/lib/fconf/fconf_tbbr_getter.c 3567bc768ff2f143e4933244eb221b010bd91f80 - arm-trusted-firmware.t234/lib/fconf/fconf_amu_getter.c cb401a0f792df9b95c613f8dbc7bd40e4a954578 - arm-trusted-firmware.t234/lib/locks/exclusive/aarch64/spinlock.S 5578b09675f79e87026c64d8253ca469bed1c0da - arm-trusted-firmware.t234/lib/locks/exclusive/aarch32/spinlock.S db66c79ee8bc7db859a7db3b8cdf21b572da1798 - arm-trusted-firmware.t234/lib/locks/bakery/bakery_lock_normal.c c2b314d067fb125f7d7f77f2ad93b06398c43238 - arm-trusted-firmware.t234/lib/locks/bakery/bakery_lock_coherent.c 121d77395255b9b8a1089ac9f257e5123271a4a2 - arm-trusted-firmware.t234/lib/extensions/pmuv3/aarch64/pmuv3.c c224a46a1b416397b079caa7481121ed6d03a41f - arm-trusted-firmware.t234/lib/extensions/pmuv3/aarch32/pmuv3.c 7b10cd2b968063a4101c0e4252133a1059d29904 - arm-trusted-firmware.t234/lib/extensions/mpam/mpam.c 38ababf4127a1ac92a31f9485dfd42fc17c66fde - arm-trusted-firmware.t234/lib/extensions/sys_reg_trace/aarch64/sys_reg_trace.c 4fc0f4b3fea6016c5d47f226751b006e7a17bc58 - arm-trusted-firmware.t234/lib/extensions/sys_reg_trace/aarch32/sys_reg_trace.c 19408c082672877fc4e00dc3281cc2de4162fe20 - arm-trusted-firmware.t234/lib/extensions/sve/sve.c 69b9b55a68a218bedfb7e02f5620c395cfee184f - arm-trusted-firmware.t234/lib/extensions/trbe/trbe.c 48250a5aa4f7c0033c2614e34a070c2e85615896 - arm-trusted-firmware.t234/lib/extensions/spe/spe.c ebe5066f50de32f019ea11419b6ef11da4604812 - arm-trusted-firmware.t234/lib/extensions/pauth/pauth_helpers.S 3c13274221c18d09899b7e8d8be37e88e2adba23 - arm-trusted-firmware.t234/lib/extensions/tcr/tcr2.c dfebf62e45987649a709947042771374f897ccb1 - arm-trusted-firmware.t234/lib/extensions/sme/sme.c 6c920523169ecc73baa0b1836746513d12e87ee4 - arm-trusted-firmware.t234/lib/extensions/debug/debugv8p9.c 03582f2ba83c81eb87dadb3331f89bd1eb2db334 - arm-trusted-firmware.t234/lib/extensions/trf/aarch64/trf.c bc3797c909ca4ec52ec4784ab67d73e9096a351e - arm-trusted-firmware.t234/lib/extensions/trf/aarch32/trf.c 1ee17fe9c431bda9d612efde5b701a6e51665f5c - arm-trusted-firmware.t234/lib/extensions/sysreg128/sysreg128.S f063c227afb0e9bcf6c77f5a85108129438106c2 - arm-trusted-firmware.t234/lib/extensions/brbe/brbe.c df6d90a9554d7a2e8872622c900dd69db242efad - arm-trusted-firmware.t234/lib/extensions/fgt/fgt2.c 1af38f4d9fcd54c0328c896c8b154ee6f996728c - arm-trusted-firmware.t234/lib/extensions/amu/amu_private.h b7c59535736596f6c096a74b33ecc50269cf6d8d - arm-trusted-firmware.t234/lib/extensions/amu/aarch64/amu.c f97f9c6e3eeb0054517b2b9f0758a32468a9a9f3 - arm-trusted-firmware.t234/lib/extensions/amu/aarch64/amu_helpers.S 8d9a850eda16f822a2da9e30317ebd0eac347311 - arm-trusted-firmware.t234/lib/extensions/amu/aarch32/amu.c 2d632b20837314c97922e2f7a2156de2cde88c8b - arm-trusted-firmware.t234/lib/extensions/amu/aarch32/amu_helpers.S 9bbf285e5fb015b4281d9989bf1f5cdefe96cec0 - arm-trusted-firmware.t234/lib/extensions/fpmr/fpmr.c ad3316abca20d34d7293aac76cbfc64ce9a5c012 - arm-trusted-firmware.t234/lib/extensions/ras/std_err_record.c 4616f57dc89bb192f724bb4d34ae9e7f516e4b8a - arm-trusted-firmware.t234/lib/extensions/ras/ras_common.c 2e0b4a8eb4d69373e109f9be1a02cc409b3b9068 - arm-trusted-firmware.t234/lib/el3_runtime/simd_ctx.c 9a20231094ee9cab4a2435987bdc2aebcf9b89dd - arm-trusted-firmware.t234/lib/el3_runtime/cpu_data_array.c 925b7522c8a43da8c48b93d665e4f89b18059b4d - arm-trusted-firmware.t234/lib/el3_runtime/aarch64/context.S 7823e00fc8ac59a91343911721874f34edaee500 - arm-trusted-firmware.t234/lib/el3_runtime/aarch64/context_mgmt.c b248c2857449f37281505ffc12499e7ce94f2ee8 - arm-trusted-firmware.t234/lib/el3_runtime/aarch64/cpu_data.S d19f573e44d900281f2785adec1a4c5369b328e7 - arm-trusted-firmware.t234/lib/el3_runtime/aarch64/context_debug.c a7d92facc0752c0840fcbee6f90f691658918f04 - arm-trusted-firmware.t234/lib/el3_runtime/aarch32/context_mgmt.c dcb9b7147ff211c4c3bfc81afa41e26753797fe1 - arm-trusted-firmware.t234/lib/el3_runtime/aarch32/cpu_data.S 06f4bc9f41eeaa4be122a19cd6ff5105ff5b3666 - arm-trusted-firmware.t234/lib/psa/measured_boot_private.h b577cd6b4f9481795aa38bdba16a06d556c005cd - arm-trusted-firmware.t234/lib/psa/rse_platform.c eee36c863935c30bfe8c8d97e575bf298df49235 - arm-trusted-firmware.t234/lib/psa/dice_protection_environment.c be57ec731ef978a1cb592ddcd54df181cf3854bd - arm-trusted-firmware.t234/lib/psa/cca_attestation.c 98ec93022cebd1d2bfafa3f6f1754aac502f039e - arm-trusted-firmware.t234/lib/psa/delegated_attestation.c ded7da36471dba8afc5a2ee5c7cd83017358a01a - arm-trusted-firmware.t234/lib/psa/measured_boot.c 461f0e6549aecb25a42e26daa4990367b0c0349e - arm-trusted-firmware.t234/lib/stack_protector/stack_protector.c 4f46a17dd2d45cbfecc56cdc62335d16e7f8e9fd - arm-trusted-firmware.t234/lib/stack_protector/aarch64/asm_stack_protector.S 2a002a927728f82056d756fb1887d05d85bc76f1 - arm-trusted-firmware.t234/lib/stack_protector/aarch32/asm_stack_protector.S 5c0d29046bc86d69be79a8f490d15c6278e7c1bf - arm-trusted-firmware.t234/lib/xlat_tables/xlat_tables_common.c ada03d858deab4a12708645a227784e1380cc81a - arm-trusted-firmware.t234/lib/xlat_tables/xlat_tables_private.h bb74aa53a76cf8da53b1247c526a828eda4a1792 - arm-trusted-firmware.t234/lib/xlat_tables/aarch64/xlat_tables.c 6f6a68d4d740fe29efffe15b3f231637931603ca - arm-trusted-firmware.t234/lib/xlat_tables/aarch32/xlat_tables.c 35355a9c23c311ebb37e6654a0310fa8a186fd42 - arm-trusted-firmware.t234/lib/xlat_tables/aarch32/nonlpae_tables.c 1d272a148f99cc5bfa1d9d1f1d557138b845eb09 - arm-trusted-firmware.t234/lib/bl_aux_params/bl_aux_params.c 621d91c2abfb7ec906a3341bb6849212c0972fe0 - arm-trusted-firmware.t234/lib/semihosting/semihosting.c 1d3c306a7abd961df54876afd2f68397653a722d - arm-trusted-firmware.t234/lib/semihosting/aarch64/semihosting_call.S 96e457fca8175f03f288deb171768f7d390a2d85 - arm-trusted-firmware.t234/lib/semihosting/aarch32/semihosting_call.S 972bcfa9e5506820069f2681ecfc8724e161857c - arm-trusted-firmware.t234/lib/aarch64/cache_helpers.S 2c301ef78cf219d3946f1a0d8dea0fbb66b8710c - arm-trusted-firmware.t234/lib/aarch64/misc_helpers.S 7514c02332a91f81b01c38fab0c57628b5a1552e - arm-trusted-firmware.t234/lib/aarch64/armclang_printf.S 2935ae164681477772e886442e2e1addcfbb2157 - arm-trusted-firmware.t234/lib/libc/putchar.c 571f090fbb81f922731ecd747dc426eb612ec25b - arm-trusted-firmware.t234/lib/libc/strlen.c edb57dde15d3376a064cceb642c2c2ea6cfc5659 - arm-trusted-firmware.t234/lib/libc/assert.c 82f54f160965b93a70dc958c51a0328ae0540956 - arm-trusted-firmware.t234/lib/libc/strncmp.c b09d8dfbbff3c2a148e2323a97e5db8c3b864bab - arm-trusted-firmware.t234/lib/libc/memcmp.c ecdb0573af2e72655f16bf065fbb5efe33c7cfbd - arm-trusted-firmware.t234/lib/libc/snprintf.c be9487ae2df331c4b6d1e8eb831fe36f80300829 - arm-trusted-firmware.t234/lib/libc/strlcpy.c ffb9b36696d1be240d6c300924b1b16f8b7d193a - arm-trusted-firmware.t234/lib/libc/memcpy.c 38a578098af152b953ec1c824f1abd335b84979e - arm-trusted-firmware.t234/lib/libc/abort.c c72f1f1842a78fb427805c7447d370fc148dc89f - arm-trusted-firmware.t234/lib/libc/strtoul.c 8f8edbf780871676227a4f4130b3a9c718b3c64c - arm-trusted-firmware.t234/lib/libc/strcmp.c da2d6f3d96f3b941a06349c46b943cce37ac6a6e - arm-trusted-firmware.t234/lib/libc/memchr.c bacec6dd7a3b9e28603e5cfd058756eab0f892af - arm-trusted-firmware.t234/lib/libc/memmove.c c09671253fa56542c6aa0c9bb84abbd6e6b2306d - arm-trusted-firmware.t234/lib/libc/memcpy_s.c 8c9668a348c3ffbe4509aa2246941450a7b0de00 - arm-trusted-firmware.t234/lib/libc/strtoll.c 359ff50d6cb3845b71124e0ca9942745bda9e2c5 - arm-trusted-firmware.t234/lib/libc/memset.c 8172487e3b3f801cb06d4e60707f53c4d77b483f - arm-trusted-firmware.t234/lib/libc/strchr.c 07dbfb512cae53c03504d60ec4b02bfc74c2af8a - arm-trusted-firmware.t234/lib/libc/strtol.c 82032c79de7b24a84341c8bd5d72baba75337f1e - arm-trusted-firmware.t234/lib/libc/strtoull.c 6d62f8972d334e9b7016abfa5fd60039fd045392 - arm-trusted-firmware.t234/lib/libc/strlcat.c c64e54b9d37e79c6a5ddf5440518980b4d8023d6 - arm-trusted-firmware.t234/lib/libc/strrchr.c 06782e2bb8b5e2b70cd089f061be9c1a08621523 - arm-trusted-firmware.t234/lib/libc/memrchr.c e7eb31dbd9893d98f8ab6cbef6a11143aa052581 - arm-trusted-firmware.t234/lib/libc/strtok.c b4e1859698344300f46b5b4523efb8e7a22c5e3d - arm-trusted-firmware.t234/lib/libc/printf.c 9004bf8bc547abf250c43d48b20ee66119a0f325 - arm-trusted-firmware.t234/lib/libc/exit.c cdc60a84cbcd4ae8a4fd73df6250ad538db0668a - arm-trusted-firmware.t234/lib/libc/strnlen.c 83b77c3ae8eca3bf7da4de83d82fa7b0edeff85a - arm-trusted-firmware.t234/lib/libc/puts.c 02977fbcda3d55ed39cafa721d2bd2a901f0c637 - arm-trusted-firmware.t234/lib/libc/aarch64/memset.S e450aea2c775f055c707f053de39e7aa7ed66223 - arm-trusted-firmware.t234/lib/libc/aarch64/setjmp.S 75786d0b78f57474b1c6f960b2c8ecbc07ba830b - arm-trusted-firmware.t234/lib/libc/aarch32/memset.S 14efe65532640ad904e16c0fcfdf2a0aa8ef7892 - arm-trusted-firmware.t234/lib/aarch32/cache_helpers.S ee1a450f356e424a2bf60417432806e1c48e8b4b - arm-trusted-firmware.t234/lib/aarch32/misc_helpers.S f3656db9134aa2171dd45f1a9678477dd7cd96e0 - arm-trusted-firmware.t234/lib/aarch32/armclang_printf.S e99b439f92ab3e8025a95af724ddbf92e03bf8cb - arm-trusted-firmware.t234/lib/aarch32/arm32_aeabi_divmod.c 65adc9dcdcfda338ac28944b6d78e9022351ce50 - arm-trusted-firmware.t234/lib/aarch32/arm32_aeabi_divmod_a32.S f19e7e7ffa2bd22a6e1d0cceeca043d433fa6681 - arm-trusted-firmware.t234/lib/cpus/errata_common.c 151b3b0184be16c7d540dc87a99bccaf4801776a - arm-trusted-firmware.t234/lib/cpus/errata_report.c 6f1b0a8a7e18b98e1d7cc25071e370266244a0b6 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_x2.S 6460b029250d2f405f1b9e625811dde8aba049e1 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_arcadia.S bac60e2cdc71bd54539af3a40b00694b853b6833 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a710.S 773c971c7fab4197843edb566f6a123d7f53fa54 - arm-trusted-firmware.t234/lib/cpus/aarch64/nevis.S 80f25f36b7c8160af1b67386572ac6649901344e - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_x4.S 5a3fca8ad8ae38716f40b2ebc56014b27be7d133 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_v1.S a7d88cc794b4858c93c50a30de80da12e8f69118 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a715.S fd801851b71a05fbc5920f6815d5ab8025a7f156 - arm-trusted-firmware.t234/lib/cpus/aarch64/cpuamu.c 204159ce855dfbaebe9349445b58709db160e7e6 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_x3.S 0daf69c41824bd504505b14e1e7d6fd628579894 - arm-trusted-firmware.t234/lib/cpus/aarch64/denver.S 13c02216861ca96f979be302e598e2c338e5c846 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a75_pubsub.c b78132930889bb2cf8f098e95409c57873bc777b - arm-trusted-firmware.t234/lib/cpus/aarch64/generic.S d00df0c88355a2c96a1a4fd81120564cc1e44bfb - arm-trusted-firmware.t234/lib/cpus/aarch64/qemu_max.S d02d67051d5e185ab71b89b57d9113b9ec1f58b0 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a78c.S f798471e2775e0746f2f0bd400ad42fb9fafb3f0 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a510.S 61e265cc57efd9fb71f0ba4436e9fd18d0e8b903 - arm-trusted-firmware.t234/lib/cpus/aarch64/dsu_helpers.S 04cc09259ebe804c4432489705aee24db4a4f94b - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a78.S 92ab5877b0b9154d20b2d1bb1375f0a9389800d2 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_n3.S 90cef01a1a85d21c9d067d718905981bd794218b - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a73.S 3f9d958d991e65def01a6e11f218ce7b2c11fc29 - arm-trusted-firmware.t234/lib/cpus/aarch64/travis.S f2d8c3323d7ceef9220c523cd7d0183f1a2d5bd6 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a720.S 2cf8aab5b6ac05d2fe43253d43a0fb1adb184c36 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_v3.S ac88a6dce94582824e1d3dc9fd3e26b4cbea53b5 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a720_ae.S 19c11d656632437a5b7cee78c58311e4242e612b - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_e1.S 8376942f9a9893ebb382ee1071ca83808009fa59 - arm-trusted-firmware.t234/lib/cpus/aarch64/aem_generic.S 109617d6ff0774805702abd740ceae9dc615c315 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_n1.S 34f0efa51f5c16ed226d7e915bf311587d08446a - arm-trusted-firmware.t234/lib/cpus/aarch64/wa_cve_2017_5715_bpiall.S 1041d13dff7bfde379a3a4cb3f73da3b31677a3a - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a76.S 627aefa1b10c5eaf407c95ff6dedf66ccf9ebff2 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a65ae.S 027ecc7e62dfa6832c729cb491eb8554f06eb61c - arm-trusted-firmware.t234/lib/cpus/aarch64/wa_cve_2017_5715_mmu.S 48a206e356ce212c7ddb631cc26e20f027f4ef2d - arm-trusted-firmware.t234/lib/cpus/aarch64/rainier.S 16bd69df8653c815b2bc248b98cc671478dff76b - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a75.S f8e4b5a1e8148db1fb73cc0eb792b60cd0cb12fa - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a78_ae.S f5e02d8ca645c7a61e81e6f13807b048e600e9eb - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a520.S f382f5af3fd88a0d159f0fc27bf3ff89e6e6517b - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_n_common.S 603344720eac7da2f6479b0231c34c8ecc1d7821 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a55.S 9a7a6c39f82a197d6947b48d9618d2d4263f8f55 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a65.S 41167adb105520c3e8e75e545b9361a94e3685da - arm-trusted-firmware.t234/lib/cpus/aarch64/olympus.S d7903eed0bc8f620ad2a2efc7aaccd9fafb4d7a0 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_n1_pubsub.c 5e64126fe122470b5f906cbd26adc7b19c2b1cbd - arm-trusted-firmware.t234/lib/cpus/aarch64/wa_cve_2022_23960_bhb_vector.S c4951898bedfa72c7f4da6531946135e5f462db8 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_poseidon.S 09784d1fc8ac81c7cb46d42baff067a40211a752 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_x925.S 42a72fd058cd8565031ea592af6e6fdfb8f53891 - arm-trusted-firmware.t234/lib/cpus/aarch64/cpu_helpers.S 5f66eab0be844d0e970e05cfa277127931965f47 - arm-trusted-firmware.t234/lib/cpus/aarch64/cpuamu_helpers.S 01aaed791b20f550f8f0b7ecce72438670a251b7 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_gelas.S 21f9b1c32243077f74e01e12031f0746c202ef90 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a725.S 68d29897732b371150ae49175e89e06dd7f3be54 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_x1.S 900196848e9511f7a527083cd09e84e48a24ddbc - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a57.S e78db017ac2111a43237a2a18652c554285c97dc - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_n2.S 02b378a990eabb5cac8928f2250e61126e8a1c9b - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a72.S f9e62ebfddc2b8f40cfb3ead5aa15778e28e5a36 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a35.S 7730de923e8f76e9bd151edd8daee83f20cc1fd9 - arm-trusted-firmware.t234/lib/cpus/aarch64/wa_cve_2022_23960_bhb.S 3a929e95e25fd795a0467df2f583da04fa8fd341 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a77.S b860c05df4c35373b359cf4dba90dbfc93c3b1c3 - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a76ae.S 7e0d8eb4654be2acc0360b89ba48dcc40d532437 - arm-trusted-firmware.t234/lib/cpus/aarch64/a64fx.S c4445c8a8636a4814ad23fd5844710ec53b8de65 - arm-trusted-firmware.t234/lib/cpus/aarch64/neoverse_v2.S 1b3923bc17860a25b35b21b00b06f4cd4b6afc2d - arm-trusted-firmware.t234/lib/cpus/aarch64/cortex_a53.S 6b206867adc31b1e7f2382b480ead0a0063fdd53 - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a5.S 0344fe0d9d7db34c8714690fbbdfeb5d868de6be - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a7.S 4b12937e5f416894be86b9fdf302dae48b1c80da - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a12.S a0af6ac6d8013c40ca046fdc958a1b13d3e44c2a - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a17.S 234f442077ccae9173ed0b1c57de84bf63004675 - arm-trusted-firmware.t234/lib/cpus/aarch32/aem_generic.S e21911b5ab0bae2a34b765e357ea2b41e96d3670 - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a32.S f10061f7dfe4e16be0eac2563cfe4b4c0fe96586 - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a9.S 72f323a24fa7d8563e8c58de7176d8e05ab3ca75 - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a15.S f29c9407c77bb37b7646b29feefd97da6d745253 - arm-trusted-firmware.t234/lib/cpus/aarch32/cpu_helpers.S 6ef3bcd5afac41bb02deacac105bc6a37d4d994d - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a57.S 7602cb3c6c7e95341f31d202ed801ce46bbf265c - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a72.S 6ff39087ab3081765fc19dafed572ad5f263c932 - arm-trusted-firmware.t234/lib/cpus/aarch32/cortex_a53.S 00e3cf9ccfb86301447fa7c3d183b3f9f662fc56 - arm-trusted-firmware.t234/lib/utils/mem_region.c a6d53b6358c0ed174cdfa6cacbd56c436acb8d4f - arm-trusted-firmware.t234/lib/xlat_tables_v2/xlat_tables_context.c 9eb28ea052af12a4a8e5e648ab72dd3309de5835 - arm-trusted-firmware.t234/lib/xlat_tables_v2/xlat_tables_utils.c 21257035c5b90378d3b4716da4676e4f54782aaa - arm-trusted-firmware.t234/lib/xlat_tables_v2/xlat_tables_core.c eaf23114b5279a2e5177c2d4a103265159f839d9 - arm-trusted-firmware.t234/lib/xlat_tables_v2/xlat_tables_private.h f59fd6f803fc5ecb04f0a0fe06d11b60cd5ba523 - arm-trusted-firmware.t234/lib/xlat_tables_v2/aarch64/enable_mmu.S 480cc34ffcd44ea1af51f6a632d17c9dd047f6bb - arm-trusted-firmware.t234/lib/xlat_tables_v2/aarch64/xlat_tables_arch.c db7bf40ae8a204975998abf6d02efa8de601ebbe - arm-trusted-firmware.t234/lib/xlat_tables_v2/aarch32/enable_mmu.S bbc86d94a148d6294fc89e0c1838e32494e5e1cf - arm-trusted-firmware.t234/lib/xlat_tables_v2/aarch32/xlat_tables_arch.c 08da74471b7980e579f18bd5c4f26c9eb14e5636 - arm-trusted-firmware.t234/lib/mpmm/mpmm.c dbe6388dacbeeede0de0701bc01d77e2679714b2 - arm-trusted-firmware.t234/lib/xlat_mpu/xlat_mpu_private.h 2b599881cd5f4a27bfc603bee6e626f23ef601bd - arm-trusted-firmware.t234/lib/xlat_mpu/xlat_mpu_utils.c 852535843145c50d49e28ae6c182674fc9f113f4 - arm-trusted-firmware.t234/lib/xlat_mpu/xlat_mpu_context.c 11e90bbfcdc1c5aeb4704b96165eee202c01d3b6 - arm-trusted-firmware.t234/lib/xlat_mpu/xlat_mpu_core.c c0458c8fedaccd39371b035dc3731262a6a070da - arm-trusted-firmware.t234/lib/xlat_mpu/aarch64/enable_mpu.S 7d45e31d6e18af586abdc54141ec568752d3378a - arm-trusted-firmware.t234/lib/xlat_mpu/aarch64/xlat_mpu_arch.c dfe9d1459f2afc808df76389971581e7cd156c05 - arm-trusted-firmware.t234/lib/compiler-rt/LICENSE.TXT 6c29cd9132b9b0dbeaa4fafd24119255f0199cba - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_types.h ff2207836a40606df69ec1e611e158aa0ed14f04 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/lshrdi3.c e511f9f9577bcc85b6fa950daebe4bc056e072ba - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_math.h 34b18e6e0c6ebd07cb7fa4cadd2b07a0e7084147 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/udivmoddi4.c ca5ea990905079d8c53e6e335f64ee671ba845b3 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_div_impl.inc 1ce7c11507532414c0328c081b09944fedebad24 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_endianness.h b6be19539d8655496dc24041788f2230aae64b8a - arm-trusted-firmware.t234/lib/compiler-rt/builtins/popcountdi2.c 13ea97d65ad11b86a7059983411c89865cb69a6b - arm-trusted-firmware.t234/lib/compiler-rt/builtins/divmoddi4.c 73ea5b88f90e306be69dd8ecb81f834d49c9160e - arm-trusted-firmware.t234/lib/compiler-rt/builtins/divdi3.c 43ef4b5dd652db346a1d160c3bca2884964f8891 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/popcountsi2.c d6880c6c7b562b3ccf4b40f670946530d4246d7c - arm-trusted-firmware.t234/lib/compiler-rt/builtins/assembly.h 1a2037ae94351f0b08ce8ba1263615995af0c259 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_lib.h f07542388c57814e54f0c96a951e2ef2bbe405d9 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/ctzdi2.c 277a460ac9c4747b9da6d700bbf4ca70f7bd8412 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/int_util.h 09e84134d69bb68f94e002274aa7a891c950b3d9 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/arm/aeabi_memset.S c45f0973450713a6714be330fb6ea8345d666b07 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/arm/aeabi_ldivmod.S 872cb517e7f08860b62b6224c1d79ddb1912c998 - arm-trusted-firmware.t234/lib/compiler-rt/builtins/arm/aeabi_memcpy.S 4906ba0646aef187813f1fa743316b986052234d - arm-trusted-firmware.t234/lib/compiler-rt/builtins/arm/aeabi_uldivmod.S 757c9a0f88aae890f517b61cbb32a35238c8fd48 - arm-trusted-firmware.t234/lib/coreboot/coreboot_table.c ee9898c5eb97037bf728442462c8ed3bf5316267 - arm-trusted-firmware.t234/lib/transfer_list/transfer_list.c 8dda484bcdf04581272a722de2a350f81eee88ca - arm-trusted-firmware.t234/lib/zlib/adler32.c 19860c77d37d4fc052dfcd5925c3a02083f914fa - arm-trusted-firmware.t234/lib/zlib/zutil.h 487e036a5a0a89aaffb0d2ab95de32e592259abb - arm-trusted-firmware.t234/lib/zlib/zconf.h e5e12d4c9a3fe89c8c506ff80410672134cbcdd3 - arm-trusted-firmware.t234/lib/zlib/inffast.c 5b4b8798bdd0c34e076d2e3cf365ea5451837b57 - arm-trusted-firmware.t234/lib/zlib/inflate.h b5939a78a13c23bb96e51c2f6fbee67192e29506 - arm-trusted-firmware.t234/lib/zlib/inffast.h 8770ab43c9050b824c646f6e6cee8b3c0628cbda - arm-trusted-firmware.t234/lib/zlib/inffixed.h 585668b2bc354980c698c849303fc1a38095a74f - arm-trusted-firmware.t234/lib/zlib/zutil.c a5e4b3a86773f8dd3c19627590f2008603cb5399 - arm-trusted-firmware.t234/lib/zlib/inftrees.c 062f40c9d28add83361889e988e157e634f78d47 - arm-trusted-firmware.t234/lib/zlib/inflate.c 7490b45c6fadaf3499c905f2865b8c28d71125be - arm-trusted-firmware.t234/lib/zlib/zlib.h 77ad5f5a3ebf88a2a890b91993f5ce0ab835bccc - arm-trusted-firmware.t234/lib/zlib/crc32.c 473c6f8ab9e5be2d4340bf8b82d5c87ace400746 - arm-trusted-firmware.t234/lib/zlib/inftrees.h 083ae032c7ce5cde8a3324c4887e88d3bb667e32 - arm-trusted-firmware.t234/lib/zlib/crc32.h 0c9ac06f4a4bf5ccdbff7602b2eadc836ad3d4c5 - arm-trusted-firmware.t234/lib/zlib/tf_gunzip.c 2e19efdfcb375785ea58581733b77a1d231e2839 - arm-trusted-firmware.t234/lib/optee/optee_utils.c 12d13fc97f47318fff07798fdf306e7a9e229e63 - arm-trusted-firmware.t234/lib/psci/psci_stat.c fb6d22653837b651bc8cf259e8035e2ee548e55b - arm-trusted-firmware.t234/lib/psci/psci_mem_protect.c b8d86235c09c86d6e251b2919c5fb4bd32b6f0a5 - arm-trusted-firmware.t234/lib/psci/psci_on.c 0adcb049353da30c0f2fa2dfef1dcd3d01df457f - arm-trusted-firmware.t234/lib/psci/psci_main.c 056d8dc425830f5971151529a95e3d64dee6ccc7 - arm-trusted-firmware.t234/lib/psci/psci_private.h 6a317ba95dc91887dee66f2b941faa911eaa6e8b - arm-trusted-firmware.t234/lib/psci/psci_setup.c 37418ff69f07f8fff15c17ff6db7205cf618e093 - arm-trusted-firmware.t234/lib/psci/psci_common.c 6aeeb09d657fcb1d5e8e4084b08a2d27fcff10b9 - arm-trusted-firmware.t234/lib/psci/psci_off.c 829a7e8232b3efde8c6ad84aff7745c16582da77 - arm-trusted-firmware.t234/lib/psci/psci_system_off.c 9992df191cac7474997663c4c56dd11f9a6c41bb - arm-trusted-firmware.t234/lib/psci/psci_suspend.c 5993b2f51f9d540f9b53a97f573e1234d58d9f78 - arm-trusted-firmware.t234/lib/psci/aarch64/psci_helpers.S 2900957786a225a6caefa6da15735fe17d1d304d - arm-trusted-firmware.t234/lib/psci/aarch32/psci_helpers.S aabc32f9d81ea64fc6e6f84a2914210b22014b67 - arm-trusted-firmware.t234/lib/gpt_rme/gpt_rme_private.h 89b3f618b007a68181d05de23c92a121a4293137 - arm-trusted-firmware.t234/lib/gpt_rme/gpt_rme.c f5069ac5130c2d8c45f46b02c94388bc255fbb5a - arm-trusted-firmware.t234/bl32/tsp/ffa_helpers.c e443759da4289ab52f2a7e10a79bbba4359a0108 - arm-trusted-firmware.t234/bl32/tsp/tsp_ffa_main.c cff876b0d1c0c61c7c0bf3c11d01e5dd636e357a - arm-trusted-firmware.t234/bl32/tsp/tsp_private.h 3301ad439bae604f492e996029e4a4cacf75fdc3 - arm-trusted-firmware.t234/bl32/tsp/ffa_helpers.h f763c85b0b3a762cfd5029113722efc98a75bc7a - arm-trusted-firmware.t234/bl32/tsp/tsp_common.c 03a90ab03b290a2846da1a80d62a4d5525c16c83 - arm-trusted-firmware.t234/bl32/tsp/tsp.ld.S 9e87e30c75c48b862081fb04c17a8bfa6846ce77 - arm-trusted-firmware.t234/bl32/tsp/tsp_interrupt.c 6727eccb78b649034342ffa087bb189e40734608 - arm-trusted-firmware.t234/bl32/tsp/tsp_timer.c 74dedb853967e019b61bbd1fc9093e608f6f1579 - arm-trusted-firmware.t234/bl32/tsp/tsp_context.c 6cf66a393f175bfa8d74ea84257a7a9070036af8 - arm-trusted-firmware.t234/bl32/tsp/tsp_main.c 8d77cc1453037a319f4a5da2e5b77b37bb406277 - arm-trusted-firmware.t234/bl32/tsp/aarch64/tsp_request.S e94cc0b80bb21c55fc68026d8a981988414ab611 - arm-trusted-firmware.t234/bl32/tsp/aarch64/tsp_exceptions.S 8899af4cf35b59bed20e51e7d3fc8d6f684ceded - arm-trusted-firmware.t234/bl32/tsp/aarch64/tsp_entrypoint.S 21ac60534e5269742f6651b6c3f71365c70154d6 - arm-trusted-firmware.t234/bl32/sp_min/sp_min.ld.S e28e0dcd786b8b3322694973113376de947441bf - arm-trusted-firmware.t234/bl32/sp_min/sp_min_private.h 79a0f2cf6937e7d799c03ce926069c1a07a6dd44 - arm-trusted-firmware.t234/bl32/sp_min/sp_min_main.c 5ef0dab419f42df9935d7fbc4e30baa8ea83d75e - arm-trusted-firmware.t234/bl32/sp_min/wa_cve_2017_5715_bpiall.S 68e3f9565c5bf338271a1445ca22507fb2afc5af - arm-trusted-firmware.t234/bl32/sp_min/wa_cve_2017_5715_icache_inv.S 6c0a78f2d0db2148ba56145239aa70494664c8e8 - arm-trusted-firmware.t234/bl32/sp_min/aarch32/entrypoint.S 26f88afc916ce84676a3a91b6c16c53fcdbb7079 - arm-trusted-firmware.t234/.husky/prepare-commit-msg 13991497d7f0f04e8550b4fa53f60d716f4b5925 - arm-trusted-firmware.t234/.husky/pre-commit.copyright 201f68ff32e77e6400dc5624a726bb46fafe1ac3 - arm-trusted-firmware.t234/.husky/commit-msg.gerrit edf09f8f672ed108a22d57c3be9c64c542957347 - arm-trusted-firmware.t234/.husky/commit-msg.commitlint 7d1ebf9b000835ad87a18bc1163f36627ba178b3 - arm-trusted-firmware.t234/.husky/commit-msg 4a2eb9ef19eb7a479545c0d6d4c8d6d551c02169 - arm-trusted-firmware.t234/.husky/pre-commit fd32ceb86780ba4682d238401c5bdc6c51f6652f - arm-trusted-firmware.t234/.husky/prepare-commit-msg.cz 2d56ba2f04ec9c3b601bef1ce03e87e2fc2c9b65 - arm-trusted-firmware.t234/fdts/rtsm_ve-motherboard.dtsi c028d02d6d68dfd3c16c8ea9c6e247c72a911abc - arm-trusted-firmware.t234/fdts/fvp-foundation-motherboard.dtsi 945757d16f3e2386606861338972df40e28974db - arm-trusted-firmware.t234/fdts/stm32mp25-fw-config.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157c-ed1-fw-config.dts 35607514aefc72e49975cef3800ae14f377a2414 - arm-trusted-firmware.t234/fdts/morello.dtsi abbe0e5a7c63995c207b1995649e3a6ed6b4221a - arm-trusted-firmware.t234/fdts/stm32mp15xc.dtsi 9cb39a5d304cbf059934c56a522e8ddd320c7c40 - arm-trusted-firmware.t234/fdts/stm32mp15xx-dhcom-som.dtsi 91f5f06e8733a1c9c215fe3856c5df0b3362ea19 - arm-trusted-firmware.t234/fdts/stm32mp13-pinctrl.dtsi 775896f2dacd473d7e9aeae79154270439d15e7b - arm-trusted-firmware.t234/fdts/fvp-ve-Cortex-A7x1.dts a2179d252faf4859c7a7e68d3ba75a0955f53d37 - arm-trusted-firmware.t234/fdts/stm32mp157c-odyssey.dts ee1bb06de6ee0eba0fe695f5c7f9dbc12abb6f3e - arm-trusted-firmware.t234/fdts/fvp-base-gicv3-psci-dynamiq-common.dtsi 4d121467e71a4bd15241201c1c23fbb169901959 - arm-trusted-firmware.t234/fdts/a5ds.dts 30ee0cec0ca21d055812b75a096ed15728a6baf4 - arm-trusted-firmware.t234/fdts/stm32mp157c-ev1.dts eedbebd67d61b1dd133c6cb2dbe6ab8ff6d87b28 - arm-trusted-firmware.t234/fdts/stm32mp25-bl2.dtsi f85104611fdc6007a4b9bae25e55c065222c8cd4 - arm-trusted-firmware.t234/fdts/stm32mp15-ddr3-1x2Gb-1066-binG.dtsi 2bd62159cd6db2c8376d8e03bd519fbf5633582a - arm-trusted-firmware.t234/fdts/tc-fpga.dtsi a3753a49e7bce1fb692e15e52db0bb957b6b54c1 - arm-trusted-firmware.t234/fdts/stm32mp151a-prtt1a.dts 3b21b710cc058aa0493ac54f0e9fbc7b2547734f - arm-trusted-firmware.t234/fdts/stm32mp15-ddr3-dhsom-2x4Gb-1066-binG.dtsi e43ae80ffc49dacd281e021e2b2c929f94b7558c - arm-trusted-firmware.t234/fdts/stm32mp157a-avenger96.dts ac548bc11fadca6cc0c3eb4d0a551c4f1917fb4b - arm-trusted-firmware.t234/fdts/fvp-base-gicv2.dtsi 84f2fbf7e3f43a269b2ec65171b627dfab1ebffe - arm-trusted-firmware.t234/fdts/stm32mp133.dtsi 9be10d595fea4efc6529cca10bd437ebc2fdaae2 - arm-trusted-firmware.t234/fdts/stm32mp257f-ev1-fw-config.dts f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware.t234/fdts/stm32mp157c-dk2-fw-config.dts 593a991aa58a9f55d3b87c876cbefc0f7230b277 - arm-trusted-firmware.t234/fdts/stm32mp257f-ev1-ca35tdcid-rcc.dtsi f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware.t234/fdts/stm32mp157f-dk2-fw-config.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157f-ed1-fw-config.dts 2e1bcc40a84014cafd859ad8eda4f4cb2c28845b - arm-trusted-firmware.t234/fdts/stm32mp135f-dk.dts 910ac0ace6638b52d04843f12c3f0f521eb4f4e5 - arm-trusted-firmware.t234/fdts/corstone700_fpga.dts 592fceb8d431ae9bd20b02e4278a0f4227aad48d - arm-trusted-firmware.t234/fdts/stm32mp255.dtsi f99071420aca4da5f493b73afa3d3777206e23d7 - arm-trusted-firmware.t234/fdts/n1sdp-single-chip.dts f929c99ec4f9bfaf3f937ef2eb05c308db8b28c1 - arm-trusted-firmware.t234/fdts/stm32mp25-bl31.dtsi 33afbee5fd7bbf5c15449c00db2a57cd4ba0634e - arm-trusted-firmware.t234/fdts/fvp-ve-Cortex-A5x1.dts e4effdaad7d40cbfb9d50d65850001f78798f0ab - arm-trusted-firmware.t234/fdts/stm32mp25-ddr4-2x8Gbits-2x16bits-1200MHz.dtsi 69f9c6b52922817172d8364017bc505dbd6efde7 - arm-trusted-firmware.t234/fdts/tc3.dts b61926af906ac72d7ffe15c3a30ce22c0ecce8ae - arm-trusted-firmware.t234/fdts/fvp-base-gicv3.dtsi a61a77e18f14a9ba0916b5d0c1d4c7b0e07d1441 - arm-trusted-firmware.t234/fdts/stm32mp15xxac-pinctrl.dtsi 7739f364421e9d716a4b9ed3d05f78cbf641973b - arm-trusted-firmware.t234/fdts/fvp-foundation-gicv2-psci.dts 6edd65ecdfb3865714312fee840a5fdf3d39db3b - arm-trusted-firmware.t234/fdts/tbbr_cot_descriptors.dtsi dbed6c5c0e011af658818b570feee9c093e65a26 - arm-trusted-firmware.t234/fdts/stm32mp135f-dk-fw-config.dts 7aef226154cbdf7568d849f90766e418e218ec39 - arm-trusted-firmware.t234/fdts/stm32mp25xxai-pinctrl.dtsi f7ab9d27f753fb7c89ce3a7d204d10047c97b366 - arm-trusted-firmware.t234/fdts/fvp-base-psci-common.dtsi a50dec7e2783a8212860dc362ed39193bd7980e6 - arm-trusted-firmware.t234/fdts/fvp-base-gicv3-psci-dynamiq.dts 915cde638849b3835b472fd2aced811c8a75ebbf - arm-trusted-firmware.t234/fdts/tc3-4-base.dtsi 06575b7d85734144ba2b938ccb57c57cbec514a2 - arm-trusted-firmware.t234/fdts/stm32mp1-cot-descriptors.dtsi 180b7b537e0272e8e8ce9e631259c8bb1c9a7bb6 - arm-trusted-firmware.t234/fdts/stm32mp15xx-dhcor-io1v8.dtsi 9b8ac26e6aba8c07f1c006c77f572ab706effc6f - arm-trusted-firmware.t234/fdts/stm32mp25-ddr.dtsi 35e98c0189c054e2d984740094c7a6995421880c - arm-trusted-firmware.t234/fdts/stm32mp157c-dk2.dts 5acde1db230ce29d509b411d7f31057308ab45ea - arm-trusted-firmware.t234/fdts/stm32mp25-pinctrl.dtsi f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware.t234/fdts/stm32mp157a-dk1-fw-config.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157c-ev1-fw-config.dts a88bff2feebe3949acee8413241a06f4643f5419 - arm-trusted-firmware.t234/fdts/n1sdp-multi-chip.dts f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware.t234/fdts/stm32mp157d-dk1-fw-config.dts 2f05be7afa52d4db4c62e213a91e5efc3908193a - arm-trusted-firmware.t234/fdts/stm32mp157c-lxa-mc1.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157a-dhcor-avenger96-fw-config.dts 0a97055a017b87350c17c64367ffe6d5b1271f7d - arm-trusted-firmware.t234/fdts/stm32mp15xx-osd32.dtsi 1eec69a2fb20f914f15b04407b66d3758c2b48e8 - arm-trusted-firmware.t234/fdts/stm32mp15xx-dhcor-avenger96.dtsi 2d9983ae7b41417977f671f99eec7d6c8f5a99be - arm-trusted-firmware.t234/fdts/stm32mp15xxaa-pinctrl.dtsi 79d8f41f2a5afa474094fe763ef4ee39909d283b - arm-trusted-firmware.t234/fdts/stm32mp157c-odyssey-fw-config.dts 7f4101d99c2907d29974fc114aae5e3d1d23300f - arm-trusted-firmware.t234/fdts/stm32mp131.dtsi 5e702bf5a9e551d9ebeb8fcf481b4511c408728b - arm-trusted-firmware.t234/fdts/fvp-foundation-gicv3-psci.dts c49dfbfab50db6d0014130e8d213b6a8113c9525 - arm-trusted-firmware.t234/fdts/stm32mp153.dtsi fdc05334cd630b63cf2fd11add62d6580489d832 - arm-trusted-firmware.t234/fdts/stm32mp13-ddr.dtsi 2975b8960cae049843178f072921ce9c826e8822 - arm-trusted-firmware.t234/fdts/stm32mp135.dtsi 9b1d0d1d96c158519a45d4440f0858e117c4f1d3 - arm-trusted-firmware.t234/fdts/stm32mp15-bl32.dtsi db374238bb93f89266735e4b970aac5d11e24101 - arm-trusted-firmware.t234/fdts/stm32mp257.dtsi 428fbc2f43a001e628c675e0662fa8e6e8fcb52b - arm-trusted-firmware.t234/fdts/stm32mp253.dtsi 508525cfbd32039b3cda3584e3519944fa3103a3 - arm-trusted-firmware.t234/fdts/cca_cot_descriptors.dtsi 38b20f02073eeef64e5d4edace9e7a8a4a2225ef - arm-trusted-firmware.t234/fdts/stm32mp15xx-dkx.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157a-avenger96-fw-config.dts 25f9d92fd043c9a5e23ab3625211649466ddad4c - arm-trusted-firmware.t234/fdts/stm32mp15-pinctrl.dtsi 094f752c659ba4c70dae4bfdd3041ffdc45d6451 - arm-trusted-firmware.t234/fdts/corstone700.dtsi 992348633a6518e2d0464e4afe90c22c87a617a6 - arm-trusted-firmware.t234/fdts/stm32mp13-ddr3-1x4Gb-1066-binF.dtsi ca0ac09e5eb628e7c9a43b6fb0e1e24ce5c836e6 - arm-trusted-firmware.t234/fdts/stm32mp157a-dhcor-avenger96.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157f-ev1-fw-config.dts b9358e086a22689753d8de7eeb0a3ab9d4ae0d81 - arm-trusted-firmware.t234/fdts/stm32mp251.dtsi f92cb32ea29e10232721e9d596972e82444c21d2 - arm-trusted-firmware.t234/fdts/stm32mp15xxad-pinctrl.dtsi 6202639d45825ef9be69ddf414ef09baa4699497 - arm-trusted-firmware.t234/fdts/stm32mp25-ddr4-2x16Gbits-2x16bits-1200MHz.dtsi fafc1a46bd195774df21a32f1e87a087f14e2c67 - arm-trusted-firmware.t234/fdts/stm32mp15-ddr3-2x4Gb-1066-binG.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157d-ev1-fw-config.dts 4d925eeb31fde1c031dcf7ce98fcf1d5ecaf5fac - arm-trusted-firmware.t234/fdts/stm32mp25xc.dtsi bc6c22a9eb6a331b29f27c4c829076992d321463 - arm-trusted-firmware.t234/fdts/fvp-base-gicv3-psci-1t.dts 0b13e4d48e2f38d369a9079669a8bc9ec293c906 - arm-trusted-firmware.t234/fdts/stm32mp25xxal-pinctrl.dtsi 9ba3ae553db0be8969881ea12aba908298bee353 - arm-trusted-firmware.t234/fdts/fvp-base-gicv3-psci.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157a-ed1-fw-config.dts bd7d3935744e8d80f99b37c1292da7cc4e4eb33a - arm-trusted-firmware.t234/fdts/stm32mp151.dtsi 6ff3248bcbd3b30944f0097c16d36586da7ddfd7 - arm-trusted-firmware.t234/fdts/stm32mp157c-odyssey-som.dtsi ddb3d9266ce77ac3e0746820b562a07f35eafb01 - arm-trusted-firmware.t234/fdts/n1sdp.dtsi ca71563d0fa28538f143c0ae69e1f638dfb82942 - arm-trusted-firmware.t234/fdts/stm32mp157c-dhcom-pdk2.dts 0b13e4d48e2f38d369a9079669a8bc9ec293c906 - arm-trusted-firmware.t234/fdts/stm32mp25xxak-pinctrl.dtsi 79d8f41f2a5afa474094fe763ef4ee39909d283b - arm-trusted-firmware.t234/fdts/stm32mp157c-lxa-mc1-fw-config.dts 4d414b21f3b987c4e1aa81b217c0f86563d4df5f - arm-trusted-firmware.t234/fdts/stm32mp257f-ev1-ca35tdcid-fw-config.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157d-ed1-fw-config.dts 7f2b19da9408af336f8118f41988c2bd3d737879 - arm-trusted-firmware.t234/fdts/morello-soc.dts 5a6619b992c6ac01da7486fa0e2392320bbad0d4 - arm-trusted-firmware.t234/fdts/morello-coresight.dtsi b97ef7b89b0064ff2dcadf45495d02f7a2a5aa07 - arm-trusted-firmware.t234/fdts/stm32mp157c-dhcom-pdk2-fw-config.dts 400db7184ca4fa2e589544de42921c4479438f67 - arm-trusted-firmware.t234/fdts/tc-fvp.dtsi 6b86a9e9c6c06841937a884fcc7b91e67ce3b81c - arm-trusted-firmware.t234/fdts/stm32mp13xd.dtsi 195376b3fa6a4af6db8e90af65ae62d649d506c1 - arm-trusted-firmware.t234/fdts/fvp-defs-dynamiq.dtsi 7c44644d294c12414140ec35af62e6b0a16c6b47 - arm-trusted-firmware.t234/fdts/rd1ae.dts 30b946fb5e2892807796b83e57feb4493702a198 - arm-trusted-firmware.t234/fdts/stm32mp151a-prtt1a-fw-config.dts a6ef63af22c25465b4276c77535b30d8baaa1ea4 - arm-trusted-firmware.t234/fdts/arm_fpga.dts f23b0ff90228b171396c1c623ac8d340e8879041 - arm-trusted-firmware.t234/fdts/morello-fvp.dts c078bf1220e11a54b0ae9d20bf948f1f4cb30d37 - arm-trusted-firmware.t234/fdts/stm32mp15-ddr.dtsi 4d925eeb31fde1c031dcf7ce98fcf1d5ecaf5fac - arm-trusted-firmware.t234/fdts/stm32mp25xf.dtsi c9c9cfb5244a613a263eda2689902bce219aec25 - arm-trusted-firmware.t234/fdts/dualroot_cot_descriptors.dtsi 07dea9d014bf6f86c5ceed73c6656d32a583cd5e - arm-trusted-firmware.t234/fdts/fvp-base-gicv2-psci.dts 561d58d7c0fe33f9ab8972df13dd6343378a5023 - arm-trusted-firmware.t234/fdts/stm32mp13xc.dtsi 6b86a9e9c6c06841937a884fcc7b91e67ce3b81c - arm-trusted-firmware.t234/fdts/stm32mp13xa.dtsi 983059d4f703147fcfb2225b03106f3181771b2a - arm-trusted-firmware.t234/fdts/juno.dts ee4d6267d4816b0273448875ba51ef8875240c16 - arm-trusted-firmware.t234/fdts/stm32mp15-fw-config.dtsi bd4b7344a1a75bf719821779b8635c116653ea12 - arm-trusted-firmware.t234/fdts/stm32mp13-bl2.dtsi c8fd8ec89618a1cf2384c117aa86de6a6f748825 - arm-trusted-firmware.t234/fdts/stm32mp13-fw-config.dtsi 3af6cec909dbf6deb1ba617bd2d6005648a9103e - arm-trusted-firmware.t234/fdts/stm32mp157a-dk1.dts 9c409a5e63830a8252f05627060449b59408b7b6 - arm-trusted-firmware.t234/fdts/stm32mp13xf.dtsi b58ac881868f3dd7cf4a0002e4901c674e592c96 - arm-trusted-firmware.t234/fdts/tc-base.dtsi 266d21043cd7cb1e457def745a1a90b859ba0be7 - arm-trusted-firmware.t234/fdts/fvp-defs.dtsi 9f4dbd1d41a7e46da3e48424f539da6a2552c3f2 - arm-trusted-firmware.t234/fdts/tc-common.dtsi 20769b04e4fa588ef10d7460a5b4a9061c70ebfa - arm-trusted-firmware.t234/fdts/corstone700_fvp.dts c16d24f2e8b21de95d29f0c61b7b73995caa907e - arm-trusted-firmware.t234/fdts/stm32mp15-bl2.dtsi 4c4b1be077363ed3886e65fa9ceaf74f62f84100 - arm-trusted-firmware.t234/fdts/stm32mp257f-ev1.dts cba7203d5986c69081115165043210b920cd1a89 - arm-trusted-firmware.t234/fdts/tc2.dts 390a6cef77d9095a9c98b9abe19eaaa6eedbdb73 - arm-trusted-firmware.t234/fdts/stm32mp15-ddr3-1x4Gb-1066-binG.dtsi dc880b2cbd39cde08860e8ebf3cb4b92bbb21748 - arm-trusted-firmware.t234/fdts/stm32mp15xxab-pinctrl.dtsi c1d24ce6492d52d78484c4b3cf9d2466dbf9c0b0 - arm-trusted-firmware.t234/fdts/stm32mp157.dtsi 889b7dc978be57e1d427576211af0bc8a9af18af - arm-trusted-firmware.t234/fdts/tc4.dts a035ecb2738ee727c5cce5cde80d6a9225206fdf - arm-trusted-firmware.t234/fdts/fvp-base-gicv3-psci-dynamiq-2t.dts bec9df99a99a03c52b401a1c574ff4b13acc27fa - arm-trusted-firmware.t234/fdts/juno-ethosn.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware.t234/fdts/stm32mp157a-ev1-fw-config.dts 124937cb57b572870bb81ed00b3d01cad74c5080 - arm-trusted-firmware.t234/fdts/stm32mp157c-ed1.dts a4208974e4c39b113510787cccd6c941971d46ee - arm-trusted-firmware.t234/fdts/stm32mp15xx-dhcom-pdk2.dtsi 3c85ec5a13b8d1e56f6af2a8a7566c3ebca7d9e2 - arm-trusted-firmware.t234/fdts/stm32mp15xx-dhcor-som.dtsi f693a01d0f74eff560e7ca6773ad9404a7a50314 - arm-trusted-firmware.t234/common/fdt_fixup.c 54620aa80f910434a484672d917861106ecc2df1 - arm-trusted-firmware.t234/common/runtime_svc.c ab5f6387eb206214c132b75fa1e4b67ae025e749 - arm-trusted-firmware.t234/common/fdt_wrappers.c 4e8e81d22968abbb440726d3094bc3a5bbab94c6 - arm-trusted-firmware.t234/common/tf_crc32.c c955ba7f772157176deee4cfcf7ae01569baa055 - arm-trusted-firmware.t234/common/feat_detect.c 91cec99e37b1e7e986e62eb3474f5b0d63516507 - arm-trusted-firmware.t234/common/image_decompress.c 7a3727f63db92e64ec71b480906579a73f4fb4b7 - arm-trusted-firmware.t234/common/bl_common.c f4efa0610d34dd7e2935e65e54d8226cf36f94ff - arm-trusted-firmware.t234/common/desc_image_load.c bea1536b1c707834f2e029fad9d0bb684132671a - arm-trusted-firmware.t234/common/uuid.c d89e84a6e978e6383cb3aa345d87e7941addcfa9 - arm-trusted-firmware.t234/common/tf_log.c 8f38a18a8b5d07fbff793edbd229c26ca793996e - arm-trusted-firmware.t234/common/backtrace/backtrace.c bbba30bc6efe3fa7832672b0cbc5fc4f0f32b60f - arm-trusted-firmware.t234/common/aarch64/debug.S b21d0924c4f52357b3815446ebd25cc4f58ad622 - arm-trusted-firmware.t234/common/aarch64/early_exceptions.S 89b25cb80f0e3ecf95b200a6313848b5407d38c3 - arm-trusted-firmware.t234/common/aarch32/debug.S 3dc53d4b4c94d64eedda0de25c4e0801a47445eb - arm-trusted-firmware.t234/include/lib/coreboot.h 37deb6e9cbc2e3e8b464fc8ce14c1c4e6284a776 - arm-trusted-firmware.t234/include/lib/semihosting.h c7cb196373c73f10df4d5a3e60dd9779beee625e - arm-trusted-firmware.t234/include/lib/bakery_lock.h 189acbba01a7310177396337024e181d6bcac82b - arm-trusted-firmware.t234/include/lib/object_pool.h 446f765e7f2a8789d673363d00c94b8c1ae45105 - arm-trusted-firmware.t234/include/lib/runtime_instr.h 1590b15f0617fb9c858c955054d89705a4afd349 - arm-trusted-firmware.t234/include/lib/smccc.h 9e57804db55fcf4d528d1e521bf0320b8eff22ce - arm-trusted-firmware.t234/include/lib/transfer_list.h 84d9882c82bfe16d8176a6ac4ef417ab4c66b164 - arm-trusted-firmware.t234/include/lib/optee_utils.h 02a633ab274c33e7335a444c79a6a53d40a89ed8 - arm-trusted-firmware.t234/include/lib/utils.h 7b6ee0cba00e866054e301d3ef68388d1eb807b8 - arm-trusted-firmware.t234/include/lib/utils_def.h 5dd5d3be759594166b1cb768247348efdcd554ad - arm-trusted-firmware.t234/include/lib/bootmarker_capture.h 98f2dcf4406858b3a47f1f18fdd3a94716e7c72d - arm-trusted-firmware.t234/include/lib/debugfs.h 26b6c6d8f836c8aa9a280aa01d3e811655f7efa7 - arm-trusted-firmware.t234/include/lib/spinlock.h a083f42475c44e6541c933d673c3e3f40309ddc8 - arm-trusted-firmware.t234/include/lib/cassert.h 6fe25bd387c1008e2a052a92a7da2a6f3921019b - arm-trusted-firmware.t234/include/lib/mmio.h 0be181d09547721f4a8d33af30819a24951ac4b6 - arm-trusted-firmware.t234/include/lib/libfdt/fdt.h c90d25bb7b217171ad9437ee0bc8d4e0c5c7f4d3 - arm-trusted-firmware.t234/include/lib/libfdt/libfdt_env.h 3235f35fe9c47f94346289986445736f3da75910 - arm-trusted-firmware.t234/include/lib/libfdt/libfdt.h d278e9e8f48e85d05fc982e2de6d216975f07262 - arm-trusted-firmware.t234/include/lib/pmf/pmf_helpers.h 6d896373865695a1b60dc3d470fc0e1f17c6601e - arm-trusted-firmware.t234/include/lib/pmf/pmf.h 5a844f4a467099ae09e7d437bf97ba26dd0a228d - arm-trusted-firmware.t234/include/lib/pmf/aarch64/pmf_asm_macros.S be45471818b5fb856ed0fc1c303a3439ac749d6c - arm-trusted-firmware.t234/include/lib/pmf/aarch32/pmf_asm_macros.S 11d9832f644c53ec37d507c89dc331c74cb8deeb - arm-trusted-firmware.t234/include/lib/fconf/fconf_tbbr_getter.h 368eb064d2bb6e6665b4e7c3cb7878345358f8f3 - arm-trusted-firmware.t234/include/lib/fconf/fconf_dyn_cfg_getter.h 531877858c00a04ba41ba7d211235fcad2bf2f77 - arm-trusted-firmware.t234/include/lib/fconf/fconf_mpmm_getter.h 1cc2ff30d9d45589c3c7fa34a79ab141314e4974 - arm-trusted-firmware.t234/include/lib/fconf/fconf_amu_getter.h 75e6787b9a5e8d6a89f9fbefbfd5ac58c79b6cf7 - arm-trusted-firmware.t234/include/lib/fconf/fconf.h 6ddb2152a3557adeabd4501a6fa17a016679fb1b - arm-trusted-firmware.t234/include/lib/dice/dice.h 1025e17317a6bd0006b634251cfa7d8d8525ee88 - arm-trusted-firmware.t234/include/lib/extensions/tcr2.h 68788e670ff4f9c39125676503b44574b4c83124 - arm-trusted-firmware.t234/include/lib/extensions/sysreg128.h 617c43bd1ff656a0934d878a808926d4b9b5ec4b - arm-trusted-firmware.t234/include/lib/extensions/debug_v8p9.h 03f218691f1f1bc83fe16d4dd9ce678e12d9506c - arm-trusted-firmware.t234/include/lib/extensions/trf.h cdda4f9e22d8ec05fbab4a72aee84b4131c32d5e - arm-trusted-firmware.t234/include/lib/extensions/ras_arch.h 7eaa9363f2d98233218b4fae7df64da9c51b3055 - arm-trusted-firmware.t234/include/lib/extensions/sys_reg_trace.h 31f052834d8696d495161a4518bdc1542376349f - arm-trusted-firmware.t234/include/lib/extensions/spe.h 9d4077ef10030b7608685ee2ae4a8e513c8f0f15 - arm-trusted-firmware.t234/include/lib/extensions/pmuv3.h 67dbec444c7b96be6c380850d7f727687f4db4a4 - arm-trusted-firmware.t234/include/lib/extensions/sve.h ea6c21cf60cc92373dcb06e23b72ddac8b084019 - arm-trusted-firmware.t234/include/lib/extensions/mpam.h 3bd16a1da1a79c7a8f476ff772c3c831e3f49bae - arm-trusted-firmware.t234/include/lib/extensions/amu.h 0e5bbab2e98cb209a4ee2e54b40149b32d216998 - arm-trusted-firmware.t234/include/lib/extensions/fpmr.h d4715461cb3c3b61b38fcd20668df6e04e35e864 - arm-trusted-firmware.t234/include/lib/extensions/trbe.h 3fab4035d82456a56f85007c73888f966a24cb30 - arm-trusted-firmware.t234/include/lib/extensions/brbe.h ca841be2c50148111cb97c73914ef9b4ee02870c - arm-trusted-firmware.t234/include/lib/extensions/pauth.h 383006eb36b399f7af32c0a066643f3474f75c07 - arm-trusted-firmware.t234/include/lib/extensions/fgt2.h 41600f0f23a78de530a45aada00e36f88eae5475 - arm-trusted-firmware.t234/include/lib/extensions/ras.h 2b2543c9385f41cad38e80b5c632e89d3b841b21 - arm-trusted-firmware.t234/include/lib/extensions/sme.h 591a7fc1eb8339e69126ae9cdaef60a0e0a1b7a2 - arm-trusted-firmware.t234/include/lib/el3_runtime/pubsub_events.h a0ad594d11eeaf8a96f7ef7f0007e1b6ef82f538 - arm-trusted-firmware.t234/include/lib/el3_runtime/simd_ctx.h f0cd55487844b57f91ef1a42207450a0d13d2b0a - arm-trusted-firmware.t234/include/lib/el3_runtime/context_el1.h aa1d945fff5b9aa02e1a179ebbacefd9dd35d71d - arm-trusted-firmware.t234/include/lib/el3_runtime/cpu_data.h b292b0dd79861d9b0df86d18f816d4b09cb87a56 - arm-trusted-firmware.t234/include/lib/el3_runtime/context_debug.h 898a706e4d55e6a8e460b127a55c8b56e166a20c - arm-trusted-firmware.t234/include/lib/el3_runtime/context_mgmt.h 3c2234578452ae3c18f08356e71241713817bae7 - arm-trusted-firmware.t234/include/lib/el3_runtime/pubsub.h fb47e413b0a4d82447e0c1c84a9cfffdb15e7a85 - arm-trusted-firmware.t234/include/lib/el3_runtime/context_el2.h 234fee0187ce90b47cfb82f600dea08065f22bb5 - arm-trusted-firmware.t234/include/lib/el3_runtime/aarch64/context.h 2b2b51125e2af7cdc48a6aaf10fbd7f3eace4fef - arm-trusted-firmware.t234/include/lib/el3_runtime/aarch32/context.h 9d353d15c89a7e33c0bb7e4a60d725836351758d - arm-trusted-firmware.t234/include/lib/psa/rse_platform_api.h 6c7636e87feae48d8608c55987525781fadd983b - arm-trusted-firmware.t234/include/lib/psa/cca_attestation.h 2149dfe5e1d5ca5858398229dcdb84d38f9a5c90 - arm-trusted-firmware.t234/include/lib/psa/delegated_attestation.h 385cc0ccaa9abcc183c4833a8021b5a9c111ab16 - arm-trusted-firmware.t234/include/lib/psa/measured_boot.h 3a49eb3ad2ddc01c2a56d99337827a432f0977b1 - arm-trusted-firmware.t234/include/lib/psa/rse_crypto_defs.h 062a4029c11af52064bb52e2612a69ef4777746a - arm-trusted-firmware.t234/include/lib/psa/dice_protection_environment.h a839999f7dbf6fc6a9e540d955daf6b6e8400b53 - arm-trusted-firmware.t234/include/lib/psa/psa_manifest/sid.h b26105a24130cc301a2103ca9d617e9e148c28f2 - arm-trusted-firmware.t234/include/lib/psa/psa/client.h 9929d7145e068add1adeab78298ed4cc893eda3e - arm-trusted-firmware.t234/include/lib/psa/psa/error.h 77e396cb2d74cc6746740df59b764de5f8371e02 - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables_v2_helpers.h 9d906ce1d1d4d34e3b825c20dd6f7adf85a5e114 - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables_compat.h 3104ba88d9764209dcc5a7094e37d5eeb7a0c2d2 - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables_arch.h d6c813a928bf0ab001eff3a675cf829eedd1ae6a - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_mmu_helpers.h 11eb0bd39acad3af9894482068dd876aad2edbfa - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables.h af03c45fae390a0c24d1db4a6fbcfb667bace787 - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables_v2.h faa8031ef6bd08f99925e42f11123a8d60209764 - arm-trusted-firmware.t234/include/lib/xlat_tables/xlat_tables_defs.h 60dc8dbd0142564dbb964560b16fccd2c8508536 - arm-trusted-firmware.t234/include/lib/xlat_tables/aarch64/xlat_tables_aarch64.h 08c8903abbbd41ce4a41592d02b764f4f63fec9e - arm-trusted-firmware.t234/include/lib/xlat_tables/aarch32/xlat_tables_aarch32.h 1c209b81e20487f711c56301c87d638abbac7259 - arm-trusted-firmware.t234/include/lib/bl_aux_params/bl_aux_params.h 5ff5a138db10a9817def16cfbc99196b8149304d - arm-trusted-firmware.t234/include/lib/libc/cdefs.h e1f1c00863bb022868e25533ff7b04604fe66f00 - arm-trusted-firmware.t234/include/lib/libc/inttypes.h 5a5a60f11370ca2f90890448a6b35d1ddba023fc - arm-trusted-firmware.t234/include/lib/libc/assert.h fab66bcf86550e805e965f84b1f233a4cb17b9ce - arm-trusted-firmware.t234/include/lib/libc/stdlib.h 3e4e872642e46a1bc5d8bb1ec81799aa7d688342 - arm-trusted-firmware.t234/include/lib/libc/errno.h 0246dcf17833ed1fef3cd37fa31d2e8c3ae5985c - arm-trusted-firmware.t234/include/lib/libc/stdint.h 9b9ca9a1e8aaa630fce2389f864c8f17a3788ab6 - arm-trusted-firmware.t234/include/lib/libc/stdbool.h 4ee24fa72dd6c601e456f7f01f99526d70d3dd94 - arm-trusted-firmware.t234/include/lib/libc/stdio.h 9bf7dcbe71fef7bfbe5ee3f2fefb836220c4b33d - arm-trusted-firmware.t234/include/lib/libc/endian.h 3ba71c108fae3e13a2c41b513a24b5b7c7fd0c41 - arm-trusted-firmware.t234/include/lib/libc/stdarg.h 2e905291396940d21065458c7d53c4a6cf05aa7d - arm-trusted-firmware.t234/include/lib/libc/time.h d9b26569ac38ec228626f0f6d1047f838f3484e1 - arm-trusted-firmware.t234/include/lib/libc/arm_acle.h 86dbebbd92337bcdb5ba8018625a4cc8ca95178d - arm-trusted-firmware.t234/include/lib/libc/limits.h 8ec717b2253fdd28f139221e629d91aa137520b2 - arm-trusted-firmware.t234/include/lib/libc/setjmp.h 68b973781ccf190bd547c0333f5240ae94f6c9b6 - arm-trusted-firmware.t234/include/lib/libc/string.h 5531598e2e2527106b17bef5da61de894698bf94 - arm-trusted-firmware.t234/include/lib/libc/stddef.h c7cf4ea6cb1c7a44c51c0ad5915bbec19e4f2c8c - arm-trusted-firmware.t234/include/lib/libc/aarch64/setjmp_.h 9b37140e6e8b78c090e0c5455dbd1a9259d52473 - arm-trusted-firmware.t234/include/lib/libc/aarch64/limits_.h 8aa93ed81017b7c5ae3021e5d18caf053c4300d1 - arm-trusted-firmware.t234/include/lib/libc/aarch64/stdio_.h 4bbed5908e63c692773d72d681d85ca77146d6e3 - arm-trusted-firmware.t234/include/lib/libc/aarch64/stdint_.h 483e052e0811a5553e8a1dcd9683ebdbc1950f50 - arm-trusted-firmware.t234/include/lib/libc/aarch64/inttypes_.h 4803a247e01864e1b725392c0728aa140f4f6e18 - arm-trusted-firmware.t234/include/lib/libc/aarch64/stddef_.h 6305b6c31c263577fda498c58fcc5f74b74ae5d5 - arm-trusted-firmware.t234/include/lib/libc/aarch64/endian_.h 13cd0817f8e38f22995768011acff261a52b5351 - arm-trusted-firmware.t234/include/lib/libc/aarch64/float.h 9ff822c81c07ff7d17775e7ad52ef05455120222 - arm-trusted-firmware.t234/include/lib/libc/aarch32/limits_.h 3af96b62f1dce219f46ae7954907dff07b76d9c2 - arm-trusted-firmware.t234/include/lib/libc/aarch32/stdio_.h a3fc892826f20a66484e36cc4655d38abe71ad64 - arm-trusted-firmware.t234/include/lib/libc/aarch32/stdint_.h 5901e5db1042baa3fa7e36eddcf57e149c0951c9 - arm-trusted-firmware.t234/include/lib/libc/aarch32/inttypes_.h 7dd94639a21fb2d00d31c9bdd18c3ac5412dc9ee - arm-trusted-firmware.t234/include/lib/libc/aarch32/stddef_.h 3aeb2a46d0e20156707faae20ff3d8fd17ed83d3 - arm-trusted-firmware.t234/include/lib/libc/aarch32/endian_.h 23c362318a90ff79c1855b9811de06b97efd7748 - arm-trusted-firmware.t234/include/lib/libc/aarch32/float.h 945134d8abfd9b6f15d9b2d515cc7b78709591e9 - arm-trusted-firmware.t234/include/lib/libc/sys/cdefs.h 1d71c23184f1b1402734a8ea0a60d6978eef28b6 - arm-trusted-firmware.t234/include/lib/cpus/errata.h db705f295e95f3181ecd160b740e01e77e4fd371 - arm-trusted-firmware.t234/include/lib/cpus/cpu_ops.h c3b0f105e5a9845da0f3371050ad7152766a8a8e - arm-trusted-firmware.t234/include/lib/cpus/wa_cve_2018_3639.h 1c83888ebb5b534513cbebd5cf905a73b3ed8b62 - arm-trusted-firmware.t234/include/lib/cpus/wa_cve_2017_5715.h 1e92f48a602540e1dd1ffd10c6644db52357d539 - arm-trusted-firmware.t234/include/lib/cpus/wa_cve_2022_23960.h 50c9ba00cb444579e9f1eb44dafa14b432ca8c2c - arm-trusted-firmware.t234/include/lib/cpus/aarch64/generic.h 0e85e6e9ab42a7871214b60120a07a34762d6d57 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a75.h f2738e4eec7622ef0a3a629754842da35ec8c4a4 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a78c.h 5e9fa4dab46748934c4c88271d37b5fdce93f986 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a720_ae.h 866c865614acbdcfbe8ae0d88e4b57579dfaceaf - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a78_ae.h dd9c6823a0e565d3cbea437b212fc46a61bab1dd - arm-trusted-firmware.t234/include/lib/cpus/aarch64/qemu_max.h c2bea4721250215e302e0f437bc2c4cde3ee0fad - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_gelas.h 01b60c91033af191a91fe973f95723e8ebf80f27 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a520.h 41ffad5aabaa634a70bea616624d336cd63de635 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a35.h f8fdee8d6fc4926aaee8a0d0dae0a52b0520da86 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/dsu_def.h 79f44f5667f918f3a00c6e1b75ef2d1d8d058194 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_v2.h e935e9cfaae5f8493e694641b55553722a98f5cc - arm-trusted-firmware.t234/include/lib/cpus/aarch64/a64fx.h 5143e189219c6b6486ad898d9976a9804afd2716 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_v3.h f95e4dc1c0473da6588399f45aafd87927b7053a - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_x925.h fd19e25097cfd7b52c6c5bdd0ba682740720aa74 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cpuamu.h 1c091c1074bfba4331ce86358da93c4cadb3fc4b - arm-trusted-firmware.t234/include/lib/cpus/aarch64/olympus.h cecb6b77ddae233e9012f44da229b0f25904b481 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a65ae.h 9ed8acc2387d0f31bf8f384f213fa2ada8b67d03 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a73.h 207825f7c7bc6a3629fb083bb28ba05c4281e2ca - arm-trusted-firmware.t234/include/lib/cpus/aarch64/aem_generic.h fb4a3e494040063947ad8b53a4422c89be5f31f9 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a725.h da71d680044b76367b5dbc48c9487e8e81e2b536 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/travis.h 01f0437d6b85c6142de0b80fb1f808e3f5212a8a - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_n2.h c2e73e8b281ebb97b785d71a94b08248af9dbdcc - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a710.h 6f80e2ceb55f9179c0e8b9d91d249e62d6b1face - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_n_common.h 34dfc5dff2e53ab688d4820a31904505dd9151ff - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_n3.h 5097ef709c8295041cbc1eea4a4303bf7180e849 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_arcadia.h a99ff7c88fc25ee8fba8923e92e998f15e916d02 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/denver.h 9972db2a6e642a25e645bddb3e857454d0a0c606 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a57.h fb3eea3ab90d3923adcc1af2ca06c348e3ad47a9 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_x3.h 2ec8e53bda3ae38009eb4c591feee1d2086246c7 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a78.h 855d46ce471075fa336a51267cbb17002c3a1258 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_v1.h c835949ad954dcdeee9fdbac76e560a93c695e73 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_x2.h 5dc4223eb5f32b8f9982f7668f8697f600f386b8 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a77.h 3c1a4927c3fbf27a69b4e6e0b0bf60c7880e6955 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a53.h 6c287cd10c8e7b2dc3f31f82ded8a7227a079deb - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a72.h b58c922be5d4bad0866dbb86570d6f9e94310f89 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/rainier.h 3b310ce1b5f71d2835e727423010a354ad1e22d8 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cpu_macros.S 26f966576d1ba5fe1e871578dea3ea004be5ee67 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a76ae.h 8a20bc504c67d0e10a7b5edb81bf79ef9a5802f9 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_e1.h ed260f8199efb4c6b1d32218c83039568c4ef425 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a65.h c6a19e6c4b882f8e761d256def650bdc6c119751 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a720.h 45b054fd36d16be7674be301df036a74c8688e76 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a55.h 6fa88ffd7dda8e9e5b08bf821d53cf8bc9ef9e15 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a510.h c28183e30f9dcc69c70f2b869675e702310293f8 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_x1.h ac31ef734975ddb20b04a2b9fe06160b6bf19c8e - arm-trusted-firmware.t234/include/lib/cpus/aarch64/neoverse_n1.h 4f8ec6db8ee331488e9d98e86ed706158ec40873 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a76.h d053e010296979a2d289cf9003d89644663b942a - arm-trusted-firmware.t234/include/lib/cpus/aarch64/nevis.h ed07ffb9be292cdf10a674ac9aee97b093c0ea88 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_x4.h 405277db88485b78599ca741cc93eb2a99628079 - arm-trusted-firmware.t234/include/lib/cpus/aarch64/cortex_a715.h 1bc0dcff517f9e545464efecbd36fa6484590c30 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a17.h 06f7148d66d4ebb4a10c192fd997ac59aa0996aa - arm-trusted-firmware.t234/include/lib/cpus/aarch32/aem_generic.h 3757773c42089960cdf6725ee9c060f64796e5a9 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a9.h 1f43c62ae0fb8409a94d40edf68f4fcd5eb84605 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a57.h ae3e4d0bb2fd8a193fb3a305adf0f437e6f6d33c - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a53.h 23f62cfa95ffada9a544734d3010f9c7f3921012 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a72.h c44bad4eb634350b8a31606cbbe8a1a9505c298b - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cpu_macros.S 80926a371be75aa9ad95d7bdb14a2d0db1ed6dd6 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a15.h 39929d48bca6eb2ab21b1b422d959d985d29dd68 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a12.h 7728a2de102f6b888e166ed06115e4eea2127cd5 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a7.h 90d8ba92d25f672f98a191f0a20cbe7f95308069 - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a5.h 63d398e70dfe48ab2e6b00673a955c95c5a3f10a - arm-trusted-firmware.t234/include/lib/cpus/aarch32/cortex_a32.h 0f9c6bddf555b127d0deea955abd911c85bc89b9 - arm-trusted-firmware.t234/include/lib/mpmm/mpmm.h 4d48f594622f4a73313ba25ddf42cd8310901b7f - arm-trusted-firmware.t234/include/lib/xlat_mpu/xlat_mpu.h 5567b7f52cbe97b0b31793e6894e88dd8208d5c0 - arm-trusted-firmware.t234/include/lib/zlib/tf_gunzip.h 7181b4b550ec74705c65a31636d678649f424e6f - arm-trusted-firmware.t234/include/lib/psci/psci_lib.h bc411c74bbe40f70194d6faf15cb56316de49240 - arm-trusted-firmware.t234/include/lib/psci/psci.h 84b28157b2cc81f5a9aa46c6edf2de6083f696bd - arm-trusted-firmware.t234/include/lib/gpt_rme/gpt_rme.h 7efe8c0a3fbb4e9b29850fac16b475c45925c6e3 - arm-trusted-firmware.t234/include/dt-bindings/pinctrl/stm32-pinfunc.h b7307a0a106f93b2429fa105547d42bc65f8afc2 - arm-trusted-firmware.t234/include/dt-bindings/reset/stm32mp15-resets.h c5098c5b107f74cd689ca039a39721bc1ecb7523 - arm-trusted-firmware.t234/include/dt-bindings/reset/stm32mp1-resets.h 0ca59c4b41f2264bcc0d4b45550b8a587211aece - arm-trusted-firmware.t234/include/dt-bindings/reset/stm32mp13-resets.h d8e9a7cb4de19cd9b3010edc4b9fba8107e5d0f1 - arm-trusted-firmware.t234/include/dt-bindings/reset/stm32mp25-resets.h 3a4737826d5e90e262be765553886dc9b2cad966 - arm-trusted-firmware.t234/include/dt-bindings/interrupt-controller/irq.h 56af3734637f9dcf2f75c88aad9614e515be1570 - arm-trusted-firmware.t234/include/dt-bindings/interrupt-controller/arm-gic.h 080c331a370bfcf9f9ce11ccdc89838ea7fd401c - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp1-clksrc.h f28db646c8bdd11bb9593e0d241d924482a7d3ad - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp15-clks.h 0685bce6ef0e372f156941cbf1cd1c02e5fb59f6 - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp15-clksrc.h 06e2d66ed8b45da49b7d47f93cadafdc10539154 - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp13-clks.h fd1e043f322c708de5aa529250ef0ca7430cc508 - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp13-clksrc.h e0d1075d19bd35b9bf189dad00ef6b45991c1bf0 - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp1-clks.h 0b8f51ee0026fd2c90daaadcfdfdb1463ab41d99 - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp25-clksrc.h 03f1a2ecf1951dc5f1d01497ecf97ee94820e9ae - arm-trusted-firmware.t234/include/dt-bindings/clock/stm32mp25-clks.h cb86fcd259e7f1279c211d514fbdbc11b5e9f51d - arm-trusted-firmware.t234/include/dt-bindings/gpio/stm32-gpio.h 5c7d53dffc9e4dbe1b29a7a3f2c66a36954dd32d - arm-trusted-firmware.t234/include/dt-bindings/soc/stm32mp13-tzc400.h f237c837e7f3ca6eb78a837961cc378136eb56a4 - arm-trusted-firmware.t234/include/dt-bindings/soc/stm32mp15-tzc400.h 4b89cad3c01b7767a5a3a13de49705b2cb3e7f9e - arm-trusted-firmware.t234/include/dt-bindings/soc/st,stm32-etzpc.h cb4a166015b83acf19a78617be8e774abc6e1798 - arm-trusted-firmware.t234/include/bl32/payloads/tlk.h 8007432990a6eb0f56eadef81f32fb2f17403fd5 - arm-trusted-firmware.t234/include/bl32/tsp/tsp_el1_context.h ba505e9030f7f3b5425e3bfbfd97fb3174a6193a - arm-trusted-firmware.t234/include/bl32/tsp/tsp.h 61531a0b7ca81943d7aebe7d3183f30c4b6b42b7 - arm-trusted-firmware.t234/include/bl32/tsp/platform_tsp.h 2e44c81aaa54a5499ffaf341151168a669ea79cd - arm-trusted-firmware.t234/include/bl32/sp_min/platform_sp_min.h c8e4bf0f7dc18bfbfdfaa6261fb61aa8c47b18e7 - arm-trusted-firmware.t234/include/bl32/pnc/pnc.h b7a8bb81d46aa4079cf85677a232403a9dca0b7c - arm-trusted-firmware.t234/include/arch/aarch64/el3_common_macros.S 9d67132dcd6f3902c2d84008afa938e393509430 - arm-trusted-firmware.t234/include/arch/aarch64/el2_common_macros.S a1eb3b50122db343d2b7476b2f0b7bc3ac76f901 - arm-trusted-firmware.t234/include/arch/aarch64/arch.h 4de89e8a0f00e103f36c38726d5bd348b74305b3 - arm-trusted-firmware.t234/include/arch/aarch64/arch_helpers.h 65d374e7e01020f84f8ca44e0ab0d9b968026a6d - arm-trusted-firmware.t234/include/arch/aarch64/asm_macros.S 04b3308044a6768acf0bad187fc2b69cb69a1fe4 - arm-trusted-firmware.t234/include/arch/aarch64/assert_macros.S a13505cdf16ade7914b652d69ce8cadf06f498c5 - arm-trusted-firmware.t234/include/arch/aarch64/smccc_helpers.h ace1c14e0bb27ddcc5c3ea649c5d3064961fbb94 - arm-trusted-firmware.t234/include/arch/aarch64/arch_features.h 7ed15637f4168af5719ca94bc5ce3ffd9b7cccf2 - arm-trusted-firmware.t234/include/arch/aarch64/console_macros.S 93bbb9da328d0f25cbafb2f765732521f27f2b96 - arm-trusted-firmware.t234/include/arch/aarch32/el3_common_macros.S 1ac6bbd72fd5efcdea46d665f3b42539e55d19af - arm-trusted-firmware.t234/include/arch/aarch32/smccc_macros.S 7131b2883f3736e14efac9e6873a2551e1533cc2 - arm-trusted-firmware.t234/include/arch/aarch32/arch.h 1c4dd118e81e53bd7126dab504df19bf552592d7 - arm-trusted-firmware.t234/include/arch/aarch32/arch_helpers.h 1c95ac8f9916e95ce88b9a1f1736ba58bd47da1a - arm-trusted-firmware.t234/include/arch/aarch32/asm_macros.S 7473145f94c25355b413a071f083825a5bbf2ce8 - arm-trusted-firmware.t234/include/arch/aarch32/assert_macros.S a72bb106f684521756ced6c2050e9419fc6b884c - arm-trusted-firmware.t234/include/arch/aarch32/smccc_helpers.h d83875417e03bba3efaf9f70576ee30932ac820d - arm-trusted-firmware.t234/include/arch/aarch32/arch_features.h 460b1979782a0cccdf08f5baad8fed8672db25d2 - arm-trusted-firmware.t234/include/arch/aarch32/console_macros.S b46a10bce55c312c93a16f506296f5642158a823 - arm-trusted-firmware.t234/include/common/asm_macros_common.S ff9dcfa75dfbd082499e82016cf0b462fd635d8a - arm-trusted-firmware.t234/include/common/fdt_fixup.h bee3161f6017851d274cf405677a92450d6fd385 - arm-trusted-firmware.t234/include/common/feat_detect.h 4b65277cf8fd7a6da3db9e4272fe9452f55c3f9b - arm-trusted-firmware.t234/include/common/debug.h 03188e663ea97de557a55ed8081336e62c5c5c85 - arm-trusted-firmware.t234/include/common/bl_common.ld.h b0aadb059bd035c38b54ce8f2f7690b49b417e5a - arm-trusted-firmware.t234/include/common/param_header.h 0adc1932137e9f09ebf8948f60d0bb0258ad0249 - arm-trusted-firmware.t234/include/common/tf_crc32.h 3061ebcc5cc39e9b66461188d5eccd5bef4173d0 - arm-trusted-firmware.t234/include/common/image_decompress.h 2924eec6fd469d478b63c21c84338234a7ea1014 - arm-trusted-firmware.t234/include/common/uuid.h 06d8004a1a0bfa5be2aa0b9878434eaf7a87d731 - arm-trusted-firmware.t234/include/common/sha_common_macros.h 5afd89832d7eb27979b6864884c4c5564a60279d - arm-trusted-firmware.t234/include/common/romlib.h 227245db4039eba1e0adf3fc9e0ef8e7ed8401a4 - arm-trusted-firmware.t234/include/common/interrupt_props.h 483eeedae145bb59bee695e4b64f4e43c4b6c97c - arm-trusted-firmware.t234/include/common/bl_common.h 835fd8c82abcfae1bf3c5dceb1123a8b2bfd587d - arm-trusted-firmware.t234/include/common/ep_info.h 9acd7a0a005acdb9eb6ee122677ee9528b36b6e0 - arm-trusted-firmware.t234/include/common/nv_cntr_ids.h 58f9077cebc2eeeb918b9027a8dac8f99eb88906 - arm-trusted-firmware.t234/include/common/fdt_wrappers.h f3ec87cdd303cc80ab1975ee4c970c1d72f2a1d9 - arm-trusted-firmware.t234/include/common/desc_image_load.h b80a1cc216083dfe14d3e3be957ffae7e007624e - arm-trusted-firmware.t234/include/common/runtime_svc.h be7db66855405661923f34d6bfcd43101692fbf1 - arm-trusted-firmware.t234/include/common/build_message.h cafb37ec37ca0351af03e8f0dd1aad14a5f44633 - arm-trusted-firmware.t234/include/common/par.h 87de53102d5297ef64042ecacbedc3c7d6bd6f9e - arm-trusted-firmware.t234/include/common/tbbr/cot_def.h 22b063584c188624815fe5a57f199b9bde282c6a - arm-trusted-firmware.t234/include/common/tbbr/tbbr_img_def.h bd2d4eb5c212d160761d64412ed154d8e796cdd2 - arm-trusted-firmware.t234/include/drivers/ufs.h 53f7f9d34790574d543c7863e82a4d9d4f4f59d9 - arm-trusted-firmware.t234/include/drivers/spi_nand.h c6196bb0257e22a01c41c4f1d7abbac3eb2b094d - arm-trusted-firmware.t234/include/drivers/console_assertions.h c4429ee53ef448b397f7bb00549865cde71b807e - arm-trusted-firmware.t234/include/drivers/nand.h 2c8fac425744348a8ae0d124f4784f930cb2c5d6 - arm-trusted-firmware.t234/include/drivers/mmc.h 1e85ce64c0bc0c37f1c87dab8859540aadd4d842 - arm-trusted-firmware.t234/include/drivers/raw_nand.h c8f57a02330fc21d063cbfa19b558cbd20de2787 - arm-trusted-firmware.t234/include/drivers/generic_delay_timer.h beb3e629b953dd33bc44df27d3f0b251af4a75e5 - arm-trusted-firmware.t234/include/drivers/scmi.h 943b075091659ce6547f829ef1ac47e0df8adcf6 - arm-trusted-firmware.t234/include/drivers/scmi-msg.h 32b681b12e18f054ea32d70a554e9c07ff59e4f5 - arm-trusted-firmware.t234/include/drivers/spi_nor.h bb163896fcf9655f45d24b8676ea0a79a6c28272 - arm-trusted-firmware.t234/include/drivers/dw_ufs.h d152537f75eef1899b821bedef959cb692f18127 - arm-trusted-firmware.t234/include/drivers/console.h 17bc507416f9fc55db60d94bd3f67050f792e2d7 - arm-trusted-firmware.t234/include/drivers/clk.h 061a6a5d58a19fa40602dcb1c9d1042a206ad73e - arm-trusted-firmware.t234/include/drivers/spi_mem.h ae322b2ecb32d3457fc3a6251b4b2c293c59dab4 - arm-trusted-firmware.t234/include/drivers/usb_device.h bd1a55c39b794d7162ff5ec69867893ff756c7f7 - arm-trusted-firmware.t234/include/drivers/delay_timer.h b11f7ad45072a13e91bd01040adca94742f7cff1 - arm-trusted-firmware.t234/include/drivers/gpio.h 95f57bdb58eaa0c98d1495b69af4481368294101 - arm-trusted-firmware.t234/include/drivers/synopsys/dw_mmc.h fb2ab0b52f4f35df23b3edcece8abda9ff13a06c - arm-trusted-firmware.t234/include/drivers/cadence/cdns_nand.h 636dd42ee6cc51da2688543f0ed001e5e2846054 - arm-trusted-firmware.t234/include/drivers/cadence/cdns_combo_phy.h 23990ec2bf37fdd1bffa76545d40b74f0f21001b - arm-trusted-firmware.t234/include/drivers/cadence/cdns_sdmmc.h f19d8a3d79c7ce6d707c0876eccb43bdf030f5d6 - arm-trusted-firmware.t234/include/drivers/cadence/cdns_uart.h f255bd6542ce1b5d70e6f1e8d795bf29367099a7 - arm-trusted-firmware.t234/include/drivers/io/io_memmap.h d44cfbded1853f569ae63d99598504a959d6be61 - arm-trusted-firmware.t234/include/drivers/io/io_fip.h e65ada86295c449ba40e5e0d4d1558b8c57e24c5 - arm-trusted-firmware.t234/include/drivers/io/io_mtd.h ea2dcfb76c08ec6fec8d8a369642b152753b0780 - arm-trusted-firmware.t234/include/drivers/io/io_driver.h 19c072aa0aafa961d7d7111c7a7159356ecadaf1 - arm-trusted-firmware.t234/include/drivers/io/io_storage.h 10532a6db736e62308718e7ed4602bcdad21e3e0 - arm-trusted-firmware.t234/include/drivers/io/io_block.h 65ea10cb954a4eafbc5c1b0e1f4118cece4ff74b - arm-trusted-firmware.t234/include/drivers/io/io_semihosting.h fe49b84f7431a3680d29420770e6c5a8e81abd5c - arm-trusted-firmware.t234/include/drivers/io/io_encrypted.h 3627b7b1be6ec0689ff827a4f2cdc13cf7b878fd - arm-trusted-firmware.t234/include/drivers/st/stm32_pka.h 6e705f58e33f92038f70bef6cfbe96e9c14a8d75 - arm-trusted-firmware.t234/include/drivers/st/stm32_uart.h 44ae19e6ee5416f22bd43d532b1f20ff496d29c0 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_pmic2.h 1b6f5d6f48fb0ceab8d15c6308e31e78e85bddba - arm-trusted-firmware.t234/include/drivers/st/stm32_uart_regs.h 4e2359db2175d2e11c20d1dc894274fabea33c90 - arm-trusted-firmware.t234/include/drivers/st/stpmic2.h 51b50b86f5dea96ef59764df60f2d64a45d54bf1 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_ddr.h 55bfa368d9358ffecc69cfaced82290b7639ff6e - arm-trusted-firmware.t234/include/drivers/st/bsec2_reg.h 91bfb605e20bff6aead18279afab90eed7856ddd - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_pwr.h 012bc14e697b26babd60ebc5e4d71cb855c093c5 - arm-trusted-firmware.t234/include/drivers/st/stm32_saes.h a3becf8117461fb446d010ddfafef0015838b121 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_pmic.h 5004ab907a6caf0daceb12d40c69e035411b0f12 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_clkfunc.h d2e2e0939e18b6315abfdb5b19c3081f4c18f142 - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_ram.h 66244e11c485678c387bae4e760008cb895974ac - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_pwr.h 16d36c74e72bc40e7ba15ea25ce38621a3dc3a9e - arm-trusted-firmware.t234/include/drivers/st/stm32_console.h e545051ef77d33ec66036fa94f2d53b51253d436 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_ddr_helpers.h cacf83dd6e129df0a9ffedbd38bfb757074d1240 - arm-trusted-firmware.t234/include/drivers/st/etzpc.h 2e656fcabdc84178c5fe10c22ef9ecabbcd1d727 - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_ddr_regs.h 173981f3ca549df6d0e56fd0a16e4a055b9151eb - arm-trusted-firmware.t234/include/drivers/st/stm32mp15_rcc.h eaf998cd31b2112d0a61198a5a7f14d484217251 - arm-trusted-firmware.t234/include/drivers/st/regulator.h 939de7d8bc353805cf540249a5ccc11867a3f91f - arm-trusted-firmware.t234/include/drivers/st/bsec3_reg.h 837212152227738be545a2d712a87729e35817de - arm-trusted-firmware.t234/include/drivers/st/stm32_hash.h ff21abb6526ad91314e2f7cc58fa6fd6546c926f - arm-trusted-firmware.t234/include/drivers/st/stm32_sdmmc2.h 86a1ad6cd3ce837f820ba6c1b9f6ee7182e74956 - arm-trusted-firmware.t234/include/drivers/st/stm32_fmc2_nand.h c13f39e45ffdff80cfe87c12423322a15b959794 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_ddr_regs.h ab2d49d778d0a37a68c96bd8815cc72184bf1fe9 - arm-trusted-firmware.t234/include/drivers/st/bsec.h e3919f806d7a8cd151c4a8cb6cd0d377e3d68eee - arm-trusted-firmware.t234/include/drivers/st/stm32mp_ddrctrl_regs.h 431e908bb797e10b7839fe28a0ace7d8a9e7bf99 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_ram.h cd0824138d28d52fa69e71b8e1e1cceb731d255c - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_clk.h aa92e49bb5c5c93533c8be94c535153fb8ed2f21 - arm-trusted-firmware.t234/include/drivers/st/stm32_i2c.h 4117d3cbb2473d56afd4d4c4bc60a948b1964824 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_reset.h 967e02371bf07f76cf015635f5a50c0956176296 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_usb.h 6c00673ea5fb61808caf3b77e422043972ecafc7 - arm-trusted-firmware.t234/include/drivers/st/stm32_qspi.h 45a56579470aa4ad7e007373a068f3285f046de0 - arm-trusted-firmware.t234/include/drivers/st/stpmic1.h 0f0f134d4b9df35b4086136d01f237e11b7ad6ec - arm-trusted-firmware.t234/include/drivers/st/stm32mp_ddr.h bcfc65cd26c42c404b6482da16cdacf6e95c5733 - arm-trusted-firmware.t234/include/drivers/st/stm32_iwdg.h 167aece37d5977b1e089fe8ca13fd6357dbdd9ef - arm-trusted-firmware.t234/include/drivers/st/stm32mp_ddr_test.h d688f9d156778709e953056a9145ea0e886a0212 - arm-trusted-firmware.t234/include/drivers/st/stm32_rng.h 94f845e95797edb652183a77e906aee2b4dc0ac4 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_risab_regs.h 0d3666c08830eecbed25f72f5bf0e2e46452ae94 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_clk.h ac1cd6d311e2280721ba62f9e82c10322f6dad41 - arm-trusted-firmware.t234/include/drivers/st/stm32mp_ram.h 93ec142c22c78453c81f80e362995d02ce9e72ac - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_ddr.h 00445fbdee5eecf0812f44919362da05830ef471 - arm-trusted-firmware.t234/include/drivers/st/stm32_gpio.h e02eff807301ff7775369975495cad2a2082972f - arm-trusted-firmware.t234/include/drivers/st/stm32mp13_rcc.h a1716c4ae30a5bafc5deca15532ade2c621305c8 - arm-trusted-firmware.t234/include/drivers/st/stm32mp25_rcc.h ec0355e035856ac49891ebbbfb6b249439fe6bc2 - arm-trusted-firmware.t234/include/drivers/st/stm32mp1_rcc.h 4b444c3e0e1c97a21669bfd90a2dbdda942b6612 - arm-trusted-firmware.t234/include/drivers/st/stm32mp2_ddr_helpers.h f2ca7edf66b0d71fec9b893659707c7675f9d0a6 - arm-trusted-firmware.t234/include/drivers/st/regulator_fixed.h 1c35b8d1dd99e2556585b97e6c5f472b95565fd0 - arm-trusted-firmware.t234/include/drivers/amlogic/meson_console.h 598adf21c9089a664c913fb3faf852fa36dddef8 - arm-trusted-firmware.t234/include/drivers/amlogic/crypto/sha_dma.h e7c7a3a8cb786033ce9a808d8418e5a87bf520c1 - arm-trusted-firmware.t234/include/drivers/fwu/fwu_metadata.h ec9556ddda3960ab0b31236255e5ce6594fb37a2 - arm-trusted-firmware.t234/include/drivers/fwu/fwu.h 907603dcc9f90f3393201ab4a2a5c8ce32f61543 - arm-trusted-firmware.t234/include/drivers/brcm/sotp.h 5632d0130d0787f77618a2ca64d09d7bc3d2433b - arm-trusted-firmware.t234/include/drivers/brcm/usbh_xhci_regs.h 5afc35a13cf962ad7cd0f15b0532bbe11c7ad17a - arm-trusted-firmware.t234/include/drivers/brcm/ocotp.h 2dedb1c6a08bb98fab574fbb49becf23a0a40b3d - arm-trusted-firmware.t234/include/drivers/brcm/dmu.h 67ec9883d9b0ac3959b68dcf32dbf8d8fbc84bc8 - arm-trusted-firmware.t234/include/drivers/brcm/scp.h 3b8d411ed511e8d5f5cd285a04229eb0779c2609 - arm-trusted-firmware.t234/include/drivers/brcm/iproc_gpio.h 8c4e00a589a41eac59a1e3f7743e362f874b80cd - arm-trusted-firmware.t234/include/drivers/brcm/fru.h 542f2f80df9c9b264f0bfc9387e38e99ad2a9e7b - arm-trusted-firmware.t234/include/drivers/brcm/spi_flash.h 2a62cccb75603f1abe573a211d9b149826e87356 - arm-trusted-firmware.t234/include/drivers/brcm/chimp_nv_defs.h 823fbabdd578bbfbf92d8a2d68e8d7d2c3f652cd - arm-trusted-firmware.t234/include/drivers/brcm/spi.h 04cc0e519d24a6729fbf6f89e981eaf992fe19d5 - arm-trusted-firmware.t234/include/drivers/brcm/sf.h f1e9babc3d5e854ba472c64f889f2fb01138cff0 - arm-trusted-firmware.t234/include/drivers/brcm/chimp.h 40a4365490452d1db063c69f305c46be1d20e9f5 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_chal_sd.h c3be01e418a0c44f650529178aabc99c5fdbef33 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_api.h 5657b1337210a575a742026dfa31f3136b5bb625 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_chal_types.h d6123ce1d15ed92eb457d0e0d13d66841deb34ea - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_pboot_hal_memory_drv.h af14073522c90e3d69b0abc31fd3a2820dc54d47 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/bcm_emmc.h 38ad4c8652f178df916a5a1622fad23851187ba2 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_csl_sd.h 1eaa8e808ec95a89d9c7204260d34f69b7a5a9af - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_csl_sdprot.h eafab2881a9d078ab544df13644c4b47b0670003 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_csl_sdcmd.h 869edd881664c3e2332d5b2e6765e7dacbb0afb7 - arm-trusted-firmware.t234/include/drivers/brcm/emmc/emmc_brcm_rdb_sd4_top.h 1fa9cb75f94edc8b2efc2719b8e1b5a22193f2c9 - arm-trusted-firmware.t234/include/drivers/brcm/i2c/i2c.h ba4c82c4f42cf7c6060c7266d23de675e741a191 - arm-trusted-firmware.t234/include/drivers/brcm/i2c/i2c_regs.h 281ab6dc0343aa92cc689456d9b8b56e7e853961 - arm-trusted-firmware.t234/include/drivers/brcm/mdio/mdio.h d9fee9976962b8d9daffbf4d4cb1e7400e14c745 - arm-trusted-firmware.t234/include/drivers/ti/uart/uart_16550.h 0a1b3d82f947faafe17e0e8131765650250925d1 - arm-trusted-firmware.t234/include/drivers/measured_boot/metadata.h b7b67e52afc95aa787f658f7c186404e1a390294 - arm-trusted-firmware.t234/include/drivers/measured_boot/event_log/tcg.h ba01a6e61137d439482708c00b1dca621ec40e6c - arm-trusted-firmware.t234/include/drivers/measured_boot/event_log/event_log.h 8b55b296e3a04e92c2621860d07055a95296871c - arm-trusted-firmware.t234/include/drivers/measured_boot/rse/rse_measured_boot.h 92fc333d70d09428f3310f437da66644ca12bba4 - arm-trusted-firmware.t234/include/drivers/measured_boot/rse/dice_prot_env.h 0601d762e1bfda8d93d085ea44202fdbff2d1ad9 - arm-trusted-firmware.t234/include/drivers/allwinner/sunxi_rsb.h 1fad8ad24347aab9e6da6d46f5cf581f938d2ab8 - arm-trusted-firmware.t234/include/drivers/allwinner/axp.h 490bae640af8d15a10cc4a530a23cd51226ca709 - arm-trusted-firmware.t234/include/drivers/mentor/mi2cv.h 3fc98fd098de6cd5d82126a0b14567458879776a - arm-trusted-firmware.t234/include/drivers/nuvoton/npcm845x/npcm845x_lpuart.h d175f943d7846f236aea6dc60a56f1659533d132 - arm-trusted-firmware.t234/include/drivers/nuvoton/npcm845x/npcm845x_gcr.h e0a96a58eb7118c5efb73509500cbd7edae17df9 - arm-trusted-firmware.t234/include/drivers/nuvoton/npcm845x/npcm845x_clock.h 898f43097b2545ca29358b143d6e97761f1dbce4 - arm-trusted-firmware.t234/include/drivers/rpi3/rng/rpi3_rng.h 474323ff4ce5e5f841021bdfdaf75c9596b56e8f - arm-trusted-firmware.t234/include/drivers/rpi3/mailbox/rpi3_mbox.h 494105c3d145b645b67d5f74385addfba14f9a87 - arm-trusted-firmware.t234/include/drivers/rpi3/sdhost/rpi3_sdhost.h affa2c8404660a48bcd956f29a50e79120b1cc3b - arm-trusted-firmware.t234/include/drivers/rpi3/gpio/rpi3_gpio.h 5c2e0ca868faae2060e6a9f3bf20896783564942 - arm-trusted-firmware.t234/include/drivers/marvell/ccu.h a3de98e4cc085d3cf7d5d52931b5b3623d0a619f - arm-trusted-firmware.t234/include/drivers/marvell/mci.h d7bc8fa93e6253a8b9ef6c39613ea88489703b1f - arm-trusted-firmware.t234/include/drivers/marvell/gwin.h 000c88b50b95ab8b54fed58ab9f840b9bb69e06c - arm-trusted-firmware.t234/include/drivers/marvell/i2c.h 15475b1e40e5c5bddbfabed61f7f24162136b1f7 - arm-trusted-firmware.t234/include/drivers/marvell/amb_adec.h 69f49992d9c55ee0e777a11643d0b52001cb7622 - arm-trusted-firmware.t234/include/drivers/marvell/aro.h 02710fe143b7937c1b4fad8c1e757146513ac135 - arm-trusted-firmware.t234/include/drivers/marvell/io_win.h 2a16f04ed2b2358e61aa3683ec3d1f2b3960dd2b - arm-trusted-firmware.t234/include/drivers/marvell/cache_llc.h fd4a5e7af241c3b0572f5c9e81decf1868f17fb4 - arm-trusted-firmware.t234/include/drivers/marvell/thermal.h 9b00b75ebe2ac0600a4eb5f6e9b76c2c77e19a94 - arm-trusted-firmware.t234/include/drivers/marvell/ap807_clocks_init.h 7f1222ae6a5838bc830b1300ab199a3d42290790 - arm-trusted-firmware.t234/include/drivers/marvell/addr_map.h 6fb4915c93922ffd80c2b7082f5219b13d64a4a9 - arm-trusted-firmware.t234/include/drivers/marvell/iob.h 9fe146fde5aec71f5cc47d07590e1f76602bc9cc - arm-trusted-firmware.t234/include/drivers/marvell/mochi/ap_setup.h 80057d817a90e75ad1e4eab0e4c81c6a62aa3911 - arm-trusted-firmware.t234/include/drivers/marvell/mochi/cp110_setup.h 1bd923068f35229b4648825afdbe2d5ee74ba4fe - arm-trusted-firmware.t234/include/drivers/marvell/uart/a3700_console.h c269f40255323bed655d0c076e5fc771bee91550 - arm-trusted-firmware.t234/include/drivers/arm/cci.h 3c63f525fa4ab772695c59df263364d15f606582 - arm-trusted-firmware.t234/include/drivers/arm/sp804_delay_timer.h 8d3c051e8ba42150549dab299eca67bf73caf21d - arm-trusted-firmware.t234/include/drivers/arm/tzc_common.h 7ca64097543e0475ded88ff1b0c756ea3e68dce4 - arm-trusted-firmware.t234/include/drivers/arm/tzc400.h be5093d8f8d48610060e70ed9a8ee5602ad6739b - arm-trusted-firmware.t234/include/drivers/arm/tzc_dmc620.h e22e3fc4397a8a46024bbed29fd10f5c69f0f91f - arm-trusted-firmware.t234/include/drivers/arm/ethosn_cert.h cd54a5c35b74beeacb16c618204bb31eaa33126b - arm-trusted-firmware.t234/include/drivers/arm/gic_common.h 59b0744b90366dbe8e668e086e4b713ba9819b4d - arm-trusted-firmware.t234/include/drivers/arm/mhu.h 9d3f8d8e035f50cdbbce90c33f419ebcd7641645 - arm-trusted-firmware.t234/include/drivers/arm/smmu_v3.h ff57e2eeb8df1ea48a2e861c72cc1d2a6625dc97 - arm-trusted-firmware.t234/include/drivers/arm/gic600_multichip.h 720d4bb282dee6b7e1e9b67b67fe1b83fa342188 - arm-trusted-firmware.t234/include/drivers/arm/arm_gicv3_common.h 9110f517d301dccf65661ec7f7e288a0949710d2 - arm-trusted-firmware.t234/include/drivers/arm/gicv2.h 586ab50660410dbe5f07cfa022e918e06a86cd90 - arm-trusted-firmware.t234/include/drivers/arm/gicv3.h eb064e58fc5aaf99768b3c9f167e6a369c5d51b2 - arm-trusted-firmware.t234/include/drivers/arm/pl011.h 613fae3ba8657c4a10bd691e6b770fbac8a66f79 - arm-trusted-firmware.t234/include/drivers/arm/ethosn.h dcf945c46dc4a63e7ee5cc9932c03164682c6fa6 - arm-trusted-firmware.t234/include/drivers/arm/dcc.h 1f2f3ae5b2636732d8a2b76e04392deacdc51203 - arm-trusted-firmware.t234/include/drivers/arm/ccn.h c313d8aea2aa56300528293ebb42d4b35d46b18c - arm-trusted-firmware.t234/include/drivers/arm/nic_400.h 3ab35bb087bacfad183b03aca5ff9daf8e5285de - arm-trusted-firmware.t234/include/drivers/arm/gic600ae_fmu.h 927e3de8b90f578e6bd94aaacaf28a3b80e69af8 - arm-trusted-firmware.t234/include/drivers/arm/ethosn_fip.h 0282c52c2cf6a737b53c9bcebcd089c5bf35ab24 - arm-trusted-firmware.t234/include/drivers/arm/tzc_dmc500.h 8971a6e6b857b7b1e6544d6c3c9a52ca567a9e11 - arm-trusted-firmware.t234/include/drivers/arm/scu.h ea619e78dc1630857e7bca57a8fb64b7d45583ba - arm-trusted-firmware.t234/include/drivers/arm/pl061_gpio.h d4638973b87c8ea1c20e31d7e51bbfa76427f5ff - arm-trusted-firmware.t234/include/drivers/arm/ethosn_oid.h a77e26a53a5143d06be87ca1ea8c9ef63e38d20b - arm-trusted-firmware.t234/include/drivers/arm/sbsa.h dec10f747df4d49f38094ed6a967bb20dcbb125a - arm-trusted-firmware.t234/include/drivers/arm/rse_comms.h abaea50a4f3861dfaa3f55cba235dc00114b68f4 - arm-trusted-firmware.t234/include/drivers/arm/sp805.h 5144a08d3a80ac5dc07815f63313d04ccdf2b152 - arm-trusted-firmware.t234/include/drivers/arm/dsu.h f18d30ed876fb854340d329c32144778921ba136 - arm-trusted-firmware.t234/include/drivers/arm/tzc380.h 632aba063f65ca42a1020106d8e4ad5b5f4d3b43 - arm-trusted-firmware.t234/include/drivers/arm/fvp/fvp_cpu_pwr.h 749ed7a2a602879315a2a407faa53d9fcc6f4242 - arm-trusted-firmware.t234/include/drivers/arm/fvp/fvp_pwrc.h fdc34a2731639423ad5caeb5261f3207a4183cb1 - arm-trusted-firmware.t234/include/drivers/arm/css/css_mhu.h f0ff03dadf821eb229d5fd319d9ce4aa80d6fa49 - arm-trusted-firmware.t234/include/drivers/arm/css/css_mhu_doorbell.h 0bc296c8959e27ae44f15308fd6cbbbf09877ad7 - arm-trusted-firmware.t234/include/drivers/arm/css/scmi.h 535e22d093e44b3ec4e9ee3ec4488f3e24d37566 - arm-trusted-firmware.t234/include/drivers/arm/css/sds.h c4e97cf187b8de349d494ab89ca4f5c1a83aadc7 - arm-trusted-firmware.t234/include/drivers/arm/css/css_scpi.h cb3a4608dbc689332bbeee2134f523d78ea6fcb8 - arm-trusted-firmware.t234/include/drivers/arm/css/css_scp.h 577f82f8ee95d948f95fd9f987c46426bc7a44ce - arm-trusted-firmware.t234/include/drivers/arm/css/dsu.h 822cec46e9e5c6933e3485023cc46b593677de2b - arm-trusted-firmware.t234/include/drivers/partition/efi.h 25258725a1e16d8fbdb8890ec37895a52081155d - arm-trusted-firmware.t234/include/drivers/partition/gpt.h 1c27aa6ecf64d9c63f2e200bb4b4f34c1493e6b4 - arm-trusted-firmware.t234/include/drivers/partition/mbr.h 6d1396ba5fa197ef4e45d5c22ba3f9fbc0f3779b - arm-trusted-firmware.t234/include/drivers/partition/partition.h 5bdbb4a50cd5f8a416e729eca2cdb29c426aad61 - arm-trusted-firmware.t234/include/drivers/auth/tbbr_cot_common.h 33864a157e6cca4daf263a9c34be8d11dd7f4cd9 - arm-trusted-firmware.t234/include/drivers/auth/auth_mod.h 125b1a75a3651ff04f7dd19ba665ccb6846f3a0b - arm-trusted-firmware.t234/include/drivers/auth/auth_common.h 9944994b61704f38858e546c002827c9705d6a9d - arm-trusted-firmware.t234/include/drivers/auth/crypto_mod.h c7235a5c0dc2db938ba5586b4a94294d0c1cef98 - arm-trusted-firmware.t234/include/drivers/auth/img_parser_mod.h 8990234b68caadc3262242514364a5e4326b0c2f - arm-trusted-firmware.t234/include/drivers/auth/mbedtls/mbedtls_common.h 28917e3312696abc702730911c8f571aefd7c211 - arm-trusted-firmware.t234/include/drivers/auth/mbedtls/mbedtls_config-3.h 2be88a5767bfa725e94a39cc7f242a7d02556e56 - arm-trusted-firmware.t234/include/drivers/auth/mbedtls/psa_mbedtls_config.h 8d5bb836b8836f486476f20753a83ca09d64567e - arm-trusted-firmware.t234/include/drivers/coreboot/cbmem_console.h 04830d2bd9eaac4d5ab2cf414e66ae7439c3832d - arm-trusted-firmware.t234/include/drivers/cfi/v2m_flash.h 6092827f0eb5f3c784b6a1da04df8d26918b01c5 - arm-trusted-firmware.t234/include/drivers/renesas/rcar/console/console.h 56618eda200d872addc06447897a8b7ec619ffb8 - arm-trusted-firmware.t234/include/drivers/nxp/pmu/pmu.h 69289264b7a28a5ce23aa04ce828d8b4af255860 - arm-trusted-firmware.t234/include/drivers/nxp/flexspi/xspi_error_codes.h 7989591e2a2162069486ebab7e2728208c51b5c2 - arm-trusted-firmware.t234/include/drivers/nxp/flexspi/fspi_api.h ce837ddd809c0d8f381cefc82d212e9a1a20209b - arm-trusted-firmware.t234/include/drivers/nxp/flexspi/flash_info.h d0fc8c7cc714365c4b36dc3b12083432b0173dd3 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/immap.h 190e1845f17fd2f9c9e7fdcb31f62f22735c2401 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/ddr.h 2b66abb34254db06ee8c88f5e0596c908b2d2026 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/utility.h 90e8213c057c2449b5ba645b49e85458c0dc2e43 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/dimm.h f76687e9c42877c6684b9f0f42809be11e898f2e - arm-trusted-firmware.t234/include/drivers/nxp/ddr/opts.h a38ba636dc7402ba5f0f12fac9db9813190a8c39 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/regs.h 3b20fa259fde3f160db7996e9571edfc5ab34bc5 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/ddr_io.h d8d9fce57d178fdfd41f5be63879bfa85d2e2e15 - arm-trusted-firmware.t234/include/drivers/nxp/ddr/fsl-mmdc/fsl_mmdc.h f3d0781d23ad253eaa32fa12188b96f6ff7f7c21 - arm-trusted-firmware.t234/include/drivers/nxp/trdc/imx_trdc.h b0e9643a90314ef89452944214806403f53b7b54 - arm-trusted-firmware.t234/include/drivers/nxp/tzc/plat_tzc400.h 225ffbb6a71c970da33f40390a7828768770c824 - arm-trusted-firmware.t234/include/drivers/nxp/tzc/plat_tzc380.h cd9ce08e3ca357e9ac083fd384e2ffd154288032 - arm-trusted-firmware.t234/include/drivers/nxp/ifc/ifc_nand.h 7f0601b767be7522d2b3b053924b860224900737 - arm-trusted-firmware.t234/include/drivers/nxp/ifc/ifc_nor.h 46896393ac73e49d174031ad9db2b897a5a53cd5 - arm-trusted-firmware.t234/include/drivers/nxp/timer/nxp_timer.h e81281948e932f6635309e0cc817672144dd5cc1 - arm-trusted-firmware.t234/include/drivers/nxp/dcfg/scfg.h 95b4d87dfcfc29bdf2b6cd0bbb06749112243507 - arm-trusted-firmware.t234/include/drivers/nxp/dcfg/dcfg_lsch3.h 790d112d19d7a6e2b58c8256026f25a6d42fd2b0 - arm-trusted-firmware.t234/include/drivers/nxp/dcfg/dcfg_lsch2.h a059599e81d888a5c020f1d4bd2ea749cb34cfd3 - arm-trusted-firmware.t234/include/drivers/nxp/dcfg/dcfg.h 6bf47fe3a98b2ab7b4d85b0d215dc3fc77bfd5fc - arm-trusted-firmware.t234/include/drivers/nxp/clk/s32cc/s32cc-clk-drv.h a0a5bbf66958dd28e6f267fc987b5c80647c13e7 - arm-trusted-firmware.t234/include/drivers/nxp/clk/s32cc/s32cc-clk-modules.h 904d7155214972eb694f86413740709b10037d5a - arm-trusted-firmware.t234/include/drivers/nxp/clk/s32cc/s32cc-clk-utils.h ccda6ed8b9a6994a8269e638b80d5cfc65030862 - arm-trusted-firmware.t234/include/drivers/nxp/clk/s32cc/s32cc-clk-ids.h 2388bdc4442c2695122e844d49738f95b18a84cf - arm-trusted-firmware.t234/include/drivers/nxp/csu/csu.h 3d4947f956585eb9cfe3b8245ad4c1749cdc72b1 - arm-trusted-firmware.t234/include/drivers/nxp/sec_mon/snvs.h be8a6b00a6db26fef151d90020cd12c856e4cacd - arm-trusted-firmware.t234/include/drivers/nxp/i2c/i2c.h 6728d8e96ff826363de0599ff76662615aff4495 - arm-trusted-firmware.t234/include/drivers/nxp/smmu/nxp_smmu.h 4453a2af06ed170ae6c69f42b415c69314fd3d9b - arm-trusted-firmware.t234/include/drivers/nxp/auth/csf_hdr_parser/csf_hdr.h 3584254639e10b77ffd6ccf07f7a59923b337ffe - arm-trusted-firmware.t234/include/drivers/nxp/sfp/sfp_error_codes.h f75c54f08edcc8069804184e40a6d8a74d3d1b42 - arm-trusted-firmware.t234/include/drivers/nxp/sfp/sfp.h b6baa4f2facaae8fcb1873db219796f86e62cbbf - arm-trusted-firmware.t234/include/drivers/nxp/sfp/fuse_prov.h 07aabe0c38fbe8ae82313542589e8b6013f0a704 - arm-trusted-firmware.t234/include/drivers/nxp/qspi/qspi.h 26748e486ff05a3ed33d842cba65e4fecc362aae - arm-trusted-firmware.t234/include/drivers/nxp/gpio/nxp_gpio.h 91adf35b394ad394248624343b9c5b19fa0c2b09 - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/jobdesc.h 460f93da77ff4c52f61d06eca41dc83c56a92b6d - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/rsa.h fc12ffe1d77603728f2c875a296218ae6cddb095 - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/caam_io.h 2c95c38a7f65a3ef7eb3992c7136879ef75e4c7a - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/caam.h bf836adf23266f3749b5e68af59a31d0ac0ea00a - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/jr_driver_config.h 73881c702f6406ba2b1b8c27d971def3ee82c536 - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/sec_hw_specific.h 6aca6b25773c577244b03cc1808576ad5690b43e - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/hash.h 228ca5e5fa8c0d1d3cc53a244e2c381d51670d37 - arm-trusted-firmware.t234/include/drivers/nxp/crypto/caam/sec_jr_driver.h 141c6ec9750c86044338eb19ee622331b9a6c0d8 - arm-trusted-firmware.t234/include/drivers/nxp/gic/gicv2/plat_gic.h ad1aee42247671abf00ceef8e5ddff7485a73431 - arm-trusted-firmware.t234/include/drivers/nxp/gic/gicv3/plat_gic.h eb200bcc06472d689f3a7419f0710c4c3d8ce0c5 - arm-trusted-firmware.t234/include/drivers/nxp/interconnect/ls_interconnect.h 68d8b9e0ef5c3de1c94d08b1bf5b29ee86e6d789 - arm-trusted-firmware.t234/include/drivers/nxp/console/linflex.h 4229b536f33d8f4775076953d8c91ea47ad378a5 - arm-trusted-firmware.t234/include/drivers/nxp/console/plat_console.h aabedc9062342279b677c72861038190cfa65939 - arm-trusted-firmware.t234/include/drivers/nxp/sd/sd_mmc.h ddd09be972db2607bb424326a6c8fbb441dbfec2 - arm-trusted-firmware.t234/include/drivers/rambus/trng_ip_76.h d5f0d5657c05d4db657c9eab2135b55d9a63681e - arm-trusted-firmware.t234/include/services/errata_abi_svc.h 53e733abf11ec08954e5e64474973896323d428b - arm-trusted-firmware.t234/include/services/arm_arch_svc.h 5e2a19487a294a8dad5414d19f9c0c85087d8c54 - arm-trusted-firmware.t234/include/services/rmmd_svc.h 5e271ba2d6a1da2a91ebb078e098212e77367d9b - arm-trusted-firmware.t234/include/services/rmm_core_manifest.h 0949879ec23b9fb4044e60fd409382828d876ad5 - arm-trusted-firmware.t234/include/services/drtm_svc.h 67e4a45c798bef1bbe502f0504fb69be6cbf078b - arm-trusted-firmware.t234/include/services/el3_spmc_logical_sp.h d9a9da03c54f05866b67c7b3fd705516769bb237 - arm-trusted-firmware.t234/include/services/spmd_svc.h 9932b2ceddde6219cef91f07882c64491f075898 - arm-trusted-firmware.t234/include/services/el3_spmc_ffa_memory.h dca26a0fd95477dc2bc43962955e0e787d5246d5 - arm-trusted-firmware.t234/include/services/ffa_svc.h 044fd37b7fd59463f04ad79fcc4f71087f72ed36 - arm-trusted-firmware.t234/include/services/ven_el3_svc.h 583482e243ae52386041c084650c8579a1f113ab - arm-trusted-firmware.t234/include/services/std_svc.h 68410e63432d33f0661dc522bdffc99b13f92cd0 - arm-trusted-firmware.t234/include/services/spmc_svc.h c322c63ec8512fae64ddf64b16f555410861459c - arm-trusted-firmware.t234/include/services/sdei.h 1eb4a1f5a6bf7a9fcfa1d44708b5d6a83fe45f47 - arm-trusted-firmware.t234/include/services/rmm_el3_token_sign.h 3b7a4c6d6c8ce3c42694e589dd7dd5d4ed7a4ced - arm-trusted-firmware.t234/include/services/spm_mm_svc.h 00f5eb914a9fb45bcaa8e031ece97c7ee6156a1b - arm-trusted-firmware.t234/include/services/el3_spmd_logical_sp.h bd59ae9370224873185cfa4dfc1459db223f86d3 - arm-trusted-firmware.t234/include/services/spm_core_manifest.h d3bd4cf8e1c91ab4b8019456b7e19c3fd4675567 - arm-trusted-firmware.t234/include/services/spm_mm_partition.h f9e8e6beb1285dc1b188488dc9a217ba805b04e1 - arm-trusted-firmware.t234/include/services/pci_svc.h 6b3525de0de5c707191677733b6c49dba80eed96 - arm-trusted-firmware.t234/include/services/sdei_flags.h e7744d6577eca544cbed5801a58c554d3de82c3b - arm-trusted-firmware.t234/include/services/trng_svc.h 87c4dab05fb90823aa91db0064a505c73934bfb6 - arm-trusted-firmware.t234/include/services/oem/chromeos/widevine_smc_handlers.h 35193066698605d65535ee44d2eb5966e053a6a6 - arm-trusted-firmware.t234/include/services/trp/trp_helpers.h 071412578138bc1523eccf975c76a151e09d71cf - arm-trusted-firmware.t234/include/services/trp/platform_trp.h e1699b761cd12de148f701d78db5c24eb3aa7251 - arm-trusted-firmware.t234/include/export/README 227136c75da926f42a01d64eac35d8f89b921c83 - arm-trusted-firmware.t234/include/export/lib/utils_def_exp.h 7bff667c85a700215ff99fc138eead181095b229 - arm-trusted-firmware.t234/include/export/lib/bl_aux_params/bl_aux_params_exp.h 60669a2cabdf40b63773d538d47861c1a584f800 - arm-trusted-firmware.t234/include/export/common/param_header_exp.h 9e9bd7336b20288fec4baabb6bf465e2848287e4 - arm-trusted-firmware.t234/include/export/common/bl_common_exp.h 45ecabce41da084db92b27dd88e6e89f30506036 - arm-trusted-firmware.t234/include/export/common/ep_info_exp.h 351d76abe51b5b2ba40aa7c5097998ee4bc8c94c - arm-trusted-firmware.t234/include/export/common/tbbr/tbbr_img_def_exp.h 9367cefce0520648ccdaad1fe3a402422becdf55 - arm-trusted-firmware.t234/include/export/drivers/gpio_exp.h dcd0ca426668c19ab921df2fefbf2d83ca5afdd8 - arm-trusted-firmware.t234/include/export/plat/rockchip/common/plat_params_exp.h 9bb9fdc2ec0963a6cbbd0188ae70e368e67755f2 - arm-trusted-firmware.t234/include/export/plat/mediatek/common/plat_params_exp.h 54218b425b31488a3d21ea77ebc04bfb2106f022 - arm-trusted-firmware.t234/include/bl31/interrupt_mgmt.h 63d21ebfe4cd4f246055a154212896dc1de385e1 - arm-trusted-firmware.t234/include/bl31/bl31.h d379c40dad7a3334a176776669c65f300b7cba1d - arm-trusted-firmware.t234/include/bl31/sync_handle.h e53e05c12f386bf240e72039e4f1a8dbe5b62ef3 - arm-trusted-firmware.t234/include/bl31/ehf.h 878086fb0fb552820c010678949e1106849e4390 - arm-trusted-firmware.t234/include/bl31/ea_handle.h d7f8e1c595627094eb1807e5f15cbb7674cb02d5 - arm-trusted-firmware.t234/include/plat/brcm/common/bcm_console.h 5d91bb2b767050d467d072d4e6d7036d8c71d06a - arm-trusted-firmware.t234/include/plat/brcm/common/bcm_elog.h 0ad5bfa2837c10aafe72e696c238db4ebd82794f - arm-trusted-firmware.t234/include/plat/brcm/common/plat_brcm.h e639b2614ce8c77a52995ee2da45fe54fbb8dc2e - arm-trusted-firmware.t234/include/plat/brcm/common/brcm_def.h 3b3d4fc03681e33f7a50ae1a02df45e3017536c2 - arm-trusted-firmware.t234/include/plat/common/platform.h 5541395456950f86b55e89c94c1bf99c79649178 - arm-trusted-firmware.t234/include/plat/common/common_def.h 9cd1950e6a5ff8b2dcd0143c1dfe498c7804a1f0 - arm-trusted-firmware.t234/include/plat/common/plat_trng.h 3eb57bdf4c6bb7a748f8d3560e2db9a39cf8a444 - arm-trusted-firmware.t234/include/plat/common/plat_drtm.h 0453964dafe11ddc99cbaa5f831f57ea35bdfc3d - arm-trusted-firmware.t234/include/plat/nuvoton/common/plat_macros.S 7c5b08c03256a59144c3ea24d00440f96711cc7b - arm-trusted-firmware.t234/include/plat/nuvoton/common/plat_npcm845x.h 405835fa7bf565ae68af973893b2d1ec157628cd - arm-trusted-firmware.t234/include/plat/nuvoton/common/npcm845x_arm_def.h e8f7c4e59944d087e03a961edd0bf58338868c4a - arm-trusted-firmware.t234/include/plat/nuvoton/npcm845x/platform_def.h 9dd486928223e599a25bc6f13b414fc57c242b36 - arm-trusted-firmware.t234/include/plat/marvell/armada/common/marvell_pm.h 8cdfa6f8ca1d681ba760da2fe49c8f365ef0dcbe - arm-trusted-firmware.t234/include/plat/marvell/armada/common/marvell_plat_priv.h dc4318dff472842b4c63c7b87f23c3688def3c5a - arm-trusted-firmware.t234/include/plat/marvell/armada/common/mvebu.h b7faf2c71aa5d9ab793eadfeb28cd9effe284930 - arm-trusted-firmware.t234/include/plat/marvell/armada/common/aarch64/marvell_macros.S e2d034b7bbecdf28360fcf107159eae0bf87de48 - arm-trusted-firmware.t234/include/plat/marvell/armada/common/aarch64/cci_macros.S 48923d6fcb9d9e02790b158b5eaf6edb34db109d - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/efuse_def.h 36e0657b50b40ad54b3ef6b8b6848377fa423ee2 - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/marvell_def.h 79fec062b150f074e53c3a4b1987aea42e5a4eff - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/board_marvell_def.h 6e72bb219cdd7c32b97b3df3a2fd695dab5d6fc4 - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/plat_pm_trace.h f1567dc5b7ad98ac1f602cf6a7ec37025de4b2b5 - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/plat_marvell.h 5eb5b60a95f1d5821d119a38a870719cd6345ca8 - arm-trusted-firmware.t234/include/plat/marvell/armada/a8k/common/armada_common.h 98c1515593c3e784076edd107c7aa20f26d00900 - arm-trusted-firmware.t234/include/plat/marvell/armada/a3k/common/marvell_def.h 71dfe89c5f0b7453c5e1af8a81c440aea8ecb34b - arm-trusted-firmware.t234/include/plat/marvell/armada/a3k/common/board_marvell_def.h 618289fd2c98548dbc401a283df9d3c6386ce002 - arm-trusted-firmware.t234/include/plat/marvell/armada/a3k/common/plat_marvell.h e6b0db0b8079bfb25c6c3257a0bc6403591a354f - arm-trusted-firmware.t234/include/plat/marvell/armada/a3k/common/armada_common.h 6b8b6142495594151c9bf95b833ae1fed31b2acd - arm-trusted-firmware.t234/include/plat/arm/common/plat_arm.h eb2f94f2fc7e75343b6ebf27607b356ad90cdb7f - arm-trusted-firmware.t234/include/plat/arm/common/arm_fconf_getter.h 0444d295542ff65443ad5441379b36ed93ddec16 - arm-trusted-firmware.t234/include/plat/arm/common/arm_tzc_dram.ld.S 0f8490b0f289e779f2e59c9e8836e8b8c4bfecf0 - arm-trusted-firmware.t234/include/plat/arm/common/fconf_ethosn_getter.h f20a51a1c34de075ae5674f2e95caf0d5dece0d7 - arm-trusted-firmware.t234/include/plat/arm/common/arm_def.h 971368d067997c8cf7b990346646cedab7fb9189 - arm-trusted-firmware.t234/include/plat/arm/common/fconf_nv_cntr_getter.h 0b4ac0e5a8fcfccc88106198b0a7624ed441d620 - arm-trusted-firmware.t234/include/plat/arm/common/arm_reclaim_init.ld.S 44ce8058a0b197c5c89e419bcebc0ddcd8434c36 - arm-trusted-firmware.t234/include/plat/arm/common/arm_spm_def.h 36a2614776249ab76e9c86d1f08fd0057bab8263 - arm-trusted-firmware.t234/include/plat/arm/common/arm_config.h 9614eaaa389957bca1a0ff86c9bd4d31a96fec4d - arm-trusted-firmware.t234/include/plat/arm/common/fconf_arm_sp_getter.h 0afd9c0926d88821488dcd5686914fd1ccee3763 - arm-trusted-firmware.t234/include/plat/arm/common/fconf_sdei_getter.h 52ec8dd66179e3ae0ad762addce7fd4f089d0c09 - arm-trusted-firmware.t234/include/plat/arm/common/arm_sip_svc.h fdc727288dd453b4dcf18b744fc052a039bed405 - arm-trusted-firmware.t234/include/plat/arm/common/arm_dyn_cfg_helpers.h 88fe915ca8ec7f1f3499a57f534e1396c6b7c98e - arm-trusted-firmware.t234/include/plat/arm/common/smccc_def.h f0fb541bb623a169168129c94b788f2a409ffb5b - arm-trusted-firmware.t234/include/plat/arm/common/fconf_sec_intr_config.h 85db4d68c709e11a4b63da0a434f5aeeef2aadec - arm-trusted-firmware.t234/include/plat/arm/common/arm_fconf_io_storage.h d7d30c230872f198ef033604c86c18f647b31d74 - arm-trusted-firmware.t234/include/plat/arm/common/aarch64/arm_macros.S 657f1176fd4f82dc1155d86438b6fbf624d2747a - arm-trusted-firmware.t234/include/plat/arm/common/aarch64/cci_macros.S c7716674546efed045f85590687f4ea16fb69cf2 - arm-trusted-firmware.t234/include/plat/arm/board/common/v2m_def.h b78713365fafdc5de5fa6456e10e901ce9f1d63a - arm-trusted-firmware.t234/include/plat/arm/board/common/board_css_def.h 9a04e8139bec9c1c1a869b61677c285a5cf75360 - arm-trusted-firmware.t234/include/plat/arm/board/common/rotpk/rotpk_def.h 40577c7bc2464cf873f1f2708e2db8112b51374f - arm-trusted-firmware.t234/include/plat/arm/board/fvp_r/fvp_r_bl1.h faf44d2a7589fe39f462d8b88f1d1283e1356a89 - arm-trusted-firmware.t234/include/plat/arm/css/common/css_pm.h d96e2b0bdc8334ba16cb927ced08fa35429756f6 - arm-trusted-firmware.t234/include/plat/arm/css/common/css_def.h 406bbb095f6bf7f140e7814e98b0ea99062ad767 - arm-trusted-firmware.t234/include/plat/arm/css/common/aarch64/css_macros.S a4c302b222e019205abf65fd01745d571d810ce7 - arm-trusted-firmware.t234/include/plat/arm/soc/common/soc_css_def.h 64f1e7c2408515cbabe2321cf6584901213dcf2b - arm-trusted-firmware.t234/include/plat/arm/soc/common/soc_css.h 82ebb1410abf7bba3feac4c77c2c037cdeb2e516 - arm-trusted-firmware.t234/include/tools_share/tbbr_oid.h a2952e3c640dc139fca004a8c8a7deb15240f89d - arm-trusted-firmware.t234/include/tools_share/uuid.h 62c2a3a060cdbd680f1b31d48c8b123249703474 - arm-trusted-firmware.t234/include/tools_share/cca_oid.h b8ded722f2969756096f51971579a3ed97e61d8b - arm-trusted-firmware.t234/include/tools_share/firmware_image_package.h b279cf845b5ea6ce93f6563029c2dfbe6f85a541 - arm-trusted-firmware.t234/include/tools_share/firmware_encrypted.h 32f9501e9d5148993460f9531c0f9d92df14bdab - arm-trusted-firmware.t234/include/tools_share/dualroot_oid.h de295596622d15f9ecd1572d4846bc0919d025f1 - arm-trusted-firmware.t234/include/tools_share/zero_oid.h 11335e71ce700055225b4223bb4218122db63853 - arm-trusted-firmware.t234/include/bl2u/bl2u.h 7273d964e77dcc8a6e552832ca8c5de3038ef5d8 - arm-trusted-firmware.t234/include/bl1/bl1.h f3d565fadbf6176b3034b8359d22fa8c03772f95 - arm-trusted-firmware.t234/include/bl1/tbbr/tbbr_img_desc.h 76f24b5df32a33ff953257acc268f140bef007d8 - arm-trusted-firmware.t234/include/bl2/bl2.h 0fc051c6d2c2e54cfe39b37cf1a1f85f883f31e3 - arm-trusted-firmware.t234/drivers/usb/usb_device.c 8e0afaebcd5d1ed41d30457bdb8543f3617640eb - arm-trusted-firmware.t234/drivers/synopsys/emmc/dw_mmc.c 1d5e94fb3b734e7c9eb7b1628230f3d140a8e958 - arm-trusted-firmware.t234/drivers/synopsys/ufs/dw_ufs.c de86764a266f7d9ba74ff8dfc3d6fd4de4585028 - arm-trusted-firmware.t234/drivers/cadence/nand/cdns_nand.c 6d1e66537a325ebf6dcf66cffcf5a40b1442aa66 - arm-trusted-firmware.t234/drivers/cadence/emmc/cdns_sdmmc.c a15e1156390f1cc3df2e59e7a3d6c4dad616ef58 - arm-trusted-firmware.t234/drivers/cadence/uart/aarch64/cdns_console.S f143de1695a99ae99ca76b78ac88d5f59cf55b70 - arm-trusted-firmware.t234/drivers/cadence/combo_phy/cdns_combo_phy.c bb264060cf147f5fd4feae216d66ad8c9c66f891 - arm-trusted-firmware.t234/drivers/io/io_fip.c 88a6a7b48a8b3da04a2a2bb9d5bcb70f03c372d3 - arm-trusted-firmware.t234/drivers/io/io_encrypted.c 78ab979470824d9703736ca6da3735d7c11fcba1 - arm-trusted-firmware.t234/drivers/io/io_mtd.c 78d0bb21fe92f684f28119691c173b36006dbbb5 - arm-trusted-firmware.t234/drivers/io/io_semihosting.c 57f2e633e1eb7033f947a8941e4075277676a772 - arm-trusted-firmware.t234/drivers/io/io_block.c 858e3130488ef425faa5341098347a0cd446a49d - arm-trusted-firmware.t234/drivers/io/io_memmap.c 2975f82e852f74ac877b00bfa9bcaa8c3baec7e2 - arm-trusted-firmware.t234/drivers/io/io_storage.c e2cb4156c1827efffb1df9f58444367c633e937e - arm-trusted-firmware.t234/drivers/st/usb/stm32mp1_usb.c a9d894b2465b17dff1217d99ed6752861aadc069 - arm-trusted-firmware.t234/drivers/st/iwdg/stm32_iwdg.c ba57d0e9281c16aea03f7b413dd8d5130590ca78 - arm-trusted-firmware.t234/drivers/st/regulator/regulator_fixed.c 28df04397d864bf295cf671c4fdf6480ead9ebf6 - arm-trusted-firmware.t234/drivers/st/regulator/regulator_core.c e51daf8420a9723e7f6316ad730d9958b8eee945 - arm-trusted-firmware.t234/drivers/st/reset/stm32mp1_reset.c ca75b9b89c38c7236ef4b778fb335520a061690e - arm-trusted-firmware.t234/drivers/st/reset/stm32mp2_reset.c bc36df3e1aab86d54e4da7b346a5ecf061aba4d2 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp2_ddr.c a3e93da01690cfc6cdf2c2fcba5d2049393b636b - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp1_ddr.c c4bd4841d1ec9b03400ebd80a95b275f87c4e2e9 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp_ddr_test.c 06c5cac3c4dc6f1fb28c9d492e26764aeed6e5c1 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp2_ram.c a83b9f3419972fd8fa4dd0b4a2283cd520ec02b6 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp1_ram.c 1a36563147f46fb25349af0f621e6d07a6652e01 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp_ram.c 88fb79719982f0a2687d7f693109e940e3cdba9f - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp1_ddr_helpers.c 79ac5bad2aa2d36fc9f944ac60f4d2a9cb9d7f22 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp_ddr.c 94b1c621559516e9f7bc38ced139bfa59ae68738 - arm-trusted-firmware.t234/drivers/st/ddr/stm32mp2_ddr_helpers.c e91733fe30643314963f06300e6bad239081ab54 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/include/ddrphy_phyinit_struct.h e4339c00ef3e1911c0edb8292dedb4433ea03896 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/include/ddrphy_csr_all_cdefines.h cbd7f59b9b731f2ed656f86be5272525b522eac3 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/include/ddrphy_phyinit.h 15188c1c541069e89faa5f64e4dc08d0e76048ba - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/include/ddrphy_wrapper.h d042546c7374b5983d7868419dcf51d9fa7d5907 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/include/ddrphy_phyinit_usercustom.h 8be0f26424d94a91abd74a2f52fa4cf3f9f7b4e9 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_writeoutmem.c 3f4edb56d379143fc169a7895eb9463e4ca5dd8e - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_g_execfw.c 9270cd446591ebb71879014d5ce835ef6a3e3382 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_reginterface.c 6b87cef9770627c0db78df6aa5e43b09266edc06 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_mapdrvstren.c 681a811063b931c4353716f1dfcbc1e3fdf1209f - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_i_loadpieimage.c b01bd99bcfb46dab47599b96d34f62c790430b86 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_c_initphyconfig.c 9a9498723ed191b598fdef1a60a6ca8d2fccadb8 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_isdbytedisabled.c 3e41c92f329c5c3c1dcc16c3c0889c28f876824a - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_softsetmb.c 523c4ba82c336ecc7192fdcba6f6437b52ec538b - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_sequence.c bad0a5738b435c5ce04f87f28431fc928afd83bb - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_restore_sequence.c 9a24a8abb764c8309ed6ba3254c8220ef11a95b3 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_f_loaddmem.c 293d20b81d06fde0cc7a514106ba455486d01dfe - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_progcsrskiptrain.c a4a756f94233847922fab110572b98a17fe58e92 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_initstruct.c f6de97e9190e355fc0e68dac3a8dcead89a5ed56 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_d_loadimem.c 47ebf6529b756e089f5be821c8bd03b4fcc749cf - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_loadpieprodcode.c 4e96f1ba1de4fdcc59556a323679b6af929337fd - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/src/ddrphy_phyinit_calcmb.c 925f7801402e2286ee44916d26163ca139336e0b - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/usercustom/ddrphy_phyinit_usercustom_custompretrain.c d24f8f068b4212001e1654e987f4265ef04ed7d9 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/usercustom/ddrphy_phyinit_usercustom_saveretregs.c 9f3a1a734251ef8283528360145f7bb0d5dd9472 - arm-trusted-firmware.t234/drivers/st/ddr/phy/phyinit/usercustom/ddrphy_phyinit_usercustom_g_waitfwdone.c bc064e1eb42924f6d78d09efc5f5735c89bfb5f9 - arm-trusted-firmware.t234/drivers/st/ddr/phy/firmware/include/mnpmusrammsgblock_ddr3.h 107dafc8bf1a248ea36c6fec47ff22ff45c80398 - arm-trusted-firmware.t234/drivers/st/ddr/phy/firmware/include/mnpmusrammsgblock_ddr4.h d621605a5e754b03cc0f554c59f1a584718cc011 - arm-trusted-firmware.t234/drivers/st/ddr/phy/firmware/include/mnpmusrammsgblock_lpddr4.h 3115ec9f675484992db63c431789119715bababf - arm-trusted-firmware.t234/drivers/st/etzpc/etzpc.c 42561883ec1c33fa7b8c4134042881d8af161697 - arm-trusted-firmware.t234/drivers/st/uart/stm32_uart.c 5c221c34c749136d97bb6edf5a142ed4acbd4a6a - arm-trusted-firmware.t234/drivers/st/uart/aarch64/stm32_console.S 32b7a019782c8ef8bf21c0e5d04837b1c2e2bf42 - arm-trusted-firmware.t234/drivers/st/uart/aarch32/stm32_console.S d6de335f0f78631bd2dc0c0f276150b3f4ee7e67 - arm-trusted-firmware.t234/drivers/st/clk/stm32mp1_clk.c 154695f6902ccb434ff28e481ce091bb447ef737 - arm-trusted-firmware.t234/drivers/st/clk/clk-stm32mp13.c 11ac92b2c904e2ff8bdfd046ea5f7ab3de00f72c - arm-trusted-firmware.t234/drivers/st/clk/clk-stm32mp2.c 358fd5d2f081a4fdb3889692ffc8dcc5e164fd82 - arm-trusted-firmware.t234/drivers/st/clk/stm32mp_clkfunc.c e125a59bd3e2883b74f8e43ec0317199c048cc2d - arm-trusted-firmware.t234/drivers/st/clk/clk-stm32-core.c c4ea62db8c5d7af5b1ef01e498eb9ac517db96b0 - arm-trusted-firmware.t234/drivers/st/clk/clk-stm32-core.h 4c4d4c64134fd1ce5445e2904ce33078ca58c880 - arm-trusted-firmware.t234/drivers/st/bsec/bsec3.c 1c09806390d2cef5014c3b464bab86f69b2dce5c - arm-trusted-firmware.t234/drivers/st/bsec/bsec2.c 8d38f1b27715b1c0de5a506228b4ceadb9fbcf67 - arm-trusted-firmware.t234/drivers/st/i2c/stm32_i2c.c 7cd712709ee54122f0bf0cc5f0eff50166a1a8e7 - arm-trusted-firmware.t234/drivers/st/spi/stm32_qspi.c 1093a85f97932dfdecd136b4975a52727761cc6a - arm-trusted-firmware.t234/drivers/st/gpio/stm32_gpio.c dc6e11a7d7178876069b6fd73f0d1c2fb8ff3b4b - arm-trusted-firmware.t234/drivers/st/crypto/stm32_hash.c 7948a66270e2843aa9f4495bd4cfc265235ef8fb - arm-trusted-firmware.t234/drivers/st/crypto/stm32_pka.c 382ff1c003cc8bb1b74eed273df2867cd2fcb542 - arm-trusted-firmware.t234/drivers/st/crypto/stm32_saes.c 469e7a2a432b90598edcba60353c76bab1f0b610 - arm-trusted-firmware.t234/drivers/st/crypto/stm32_rng.c def00bc3c52b54611ea6f11a6f5206cf0b3cc08a - arm-trusted-firmware.t234/drivers/st/fmc/stm32_fmc2_nand.c 85cdca7a46d03b70a8ed574a0b54f15711a12718 - arm-trusted-firmware.t234/drivers/st/pmic/stm32mp_pmic.c 2a66f83e8ddaa5a037560b4d32169bf8405a6d46 - arm-trusted-firmware.t234/drivers/st/pmic/stpmic2.c dc5909c790f8267bcb9bbc047b904810550cb78b - arm-trusted-firmware.t234/drivers/st/pmic/stpmic1.c 700f6a5dc99a45431afda631f5d60881748f045a - arm-trusted-firmware.t234/drivers/st/pmic/stm32mp_pmic2.c b21d240b08ae042432be992f45eca2560b6dcc75 - arm-trusted-firmware.t234/drivers/st/mmc/stm32_sdmmc2.c 583e038383081fb802062fbb6ad8c3e3060afba4 - arm-trusted-firmware.t234/drivers/amlogic/crypto/sha_dma.c 340cdc84fe5f8c1acf791cadabca087b200a4ad5 - arm-trusted-firmware.t234/drivers/amlogic/console/aarch64/meson_console.S 8510cb587dc389d55d57bb3315fa9dd2c4c5e398 - arm-trusted-firmware.t234/drivers/fwu/fwu.c 9b9a1876a8dd35bdd34baeedd3e531617f4b2e03 - arm-trusted-firmware.t234/drivers/brcm/iproc_gpio.c 3aa0dd7cf59a38391e4406e45ed438e3ce73a7da - arm-trusted-firmware.t234/drivers/brcm/sotp.c 2f55d6018c61491a206aef1e089af2001db52b87 - arm-trusted-firmware.t234/drivers/brcm/rng.c 340b2a1703f14c42abdade167ac06919ec7deed5 - arm-trusted-firmware.t234/drivers/brcm/chimp.c 490663a4660be758e46f4878a43d7cb947b072e0 - arm-trusted-firmware.t234/drivers/brcm/spi_sf.c e8c6d05d166788f91925b45e27853f92f98251e5 - arm-trusted-firmware.t234/drivers/brcm/scp.c df0910b2680c7694f0b75737fda7682a8712fb64 - arm-trusted-firmware.t234/drivers/brcm/spi_flash.c 9156a544c31c11073920be56fe54eb346a8b018b - arm-trusted-firmware.t234/drivers/brcm/ocotp.c beed9bad68d4e518ebddf793813229feaa0b4eda - arm-trusted-firmware.t234/drivers/brcm/emmc/emmc_csl_sdcard.c fe0d17716e45be5d2af61ae9204dab49cfff3dae - arm-trusted-firmware.t234/drivers/brcm/emmc/emmc_pboot_hal_memory_drv.c a70c96d7324a040b39217a657625b8b369ed65f9 - arm-trusted-firmware.t234/drivers/brcm/emmc/emmc_csl_sdcmd.c 251cb23a001f2ca982937545e2a900f0ad373e9a - arm-trusted-firmware.t234/drivers/brcm/emmc/emmc_chal_sd.c fd693ca602139875e7dcd4f53be184a4799faddb - arm-trusted-firmware.t234/drivers/brcm/i2c/i2c.c de63fe21caac7ce499c3a244965fca77766a1d19 - arm-trusted-firmware.t234/drivers/brcm/spi/iproc_qspi.h 2dc1c9032a1e64aa390c69bcdf0a42359e402b5a - arm-trusted-firmware.t234/drivers/brcm/spi/iproc_spi.c 653b6a961a19436e1cdba80c2b3b153c1d89a954 - arm-trusted-firmware.t234/drivers/brcm/spi/iproc_qspi.c c9c8847417d95e3ba03ff5c005edbe8a088cee14 - arm-trusted-firmware.t234/drivers/brcm/mdio/mdio.c eefd56420faeb9d836077b23eea175eb7e022871 - arm-trusted-firmware.t234/drivers/mtd/nor/spi_nor.c 5b92eec397dde94bd596421cac925ea3b3b518bd - arm-trusted-firmware.t234/drivers/mtd/nand/raw_nand.c d168b6d956520878eedb32253c74bf920e673e3c - arm-trusted-firmware.t234/drivers/mtd/nand/core.c 9952fdd115f3367770cbc335a2b7501c585341aa - arm-trusted-firmware.t234/drivers/mtd/nand/spi_nand.c 46c3bb0a303498f1a79fd2bc48b1becffddbfd71 - arm-trusted-firmware.t234/drivers/mtd/spi-mem/spi_mem.c d1006aeaf80ceaafa671362a6f67e29c3dca36d1 - arm-trusted-firmware.t234/drivers/ti/uart/aarch64/16550_console.S dab8699dbd5ab3293b8c60930b63813d5d8be6a1 - arm-trusted-firmware.t234/drivers/ti/uart/aarch32/16550_console.S 79c549d57c9be21de7cf4fa62cd5493b7e7ee80a - arm-trusted-firmware.t234/drivers/measured_boot/event_log/event_log.c 150bd08bfbcc1de20e05b6d07950021df0a46322 - arm-trusted-firmware.t234/drivers/measured_boot/event_log/event_print.c c704078df10c3efa018d41f4bf9824bdd19001e1 - arm-trusted-firmware.t234/drivers/measured_boot/rse/rse_measured_boot.c 59ec981b01fbed9be451f642eb3688189fbc8851 - arm-trusted-firmware.t234/drivers/measured_boot/rse/dice_prot_env.c 5dda361745c9b337192dcd67fc63865e04a3a8a5 - arm-trusted-firmware.t234/drivers/allwinner/sunxi_rsb.c c841aaad58e92f728c90bb7cab1771d2578be18a - arm-trusted-firmware.t234/drivers/allwinner/sunxi_msgbox.c f3f36bb92d56df7e9785cc98f6b13594df6404c0 - arm-trusted-firmware.t234/drivers/allwinner/axp/axp803.c 956dadae6d826687fecfa1b522fd8b5c4fdfc764 - arm-trusted-firmware.t234/drivers/allwinner/axp/axp805.c a419bf8dcc1208b06668c17d9c7963020e4b139f - arm-trusted-firmware.t234/drivers/allwinner/axp/common.c 7ff3e84af33c3fcf6ee55936d6400a52d52203b4 - arm-trusted-firmware.t234/drivers/mentor/i2c/mi2cv.c a121658e01780d73e4dba52cddda50c049bfa7eb - arm-trusted-firmware.t234/drivers/clk/clk.c db93ded4416de884fe1f0d47b2567f38f9fd99dc - arm-trusted-firmware.t234/drivers/rpi3/rng/rpi3_rng.c 1529e10e42582df4a41e7632598e85d97dd59ebb - arm-trusted-firmware.t234/drivers/rpi3/mailbox/rpi3_mbox.c e2d55a56a3e5ac8b523864b209db0f5743a79a3a - arm-trusted-firmware.t234/drivers/rpi3/sdhost/rpi3_sdhost.c d9cfec7180993a4853c13fc78ffd507dd5c113ad - arm-trusted-firmware.t234/drivers/rpi3/gpio/rpi3_gpio.c e352b30931747ba506a85329d7c6fe69935dd5b0 - arm-trusted-firmware.t234/drivers/marvell/ccu.c d0ef41df34b7a9ed1d587f10727ba0ee57d04c83 - arm-trusted-firmware.t234/drivers/marvell/ddr_phy_access.h c523b2dcff8e39c5cacc416584d42aa530a93315 - arm-trusted-firmware.t234/drivers/marvell/mci.c 7753b52c1292c6e46e084ae041ddd2751ebb9cf4 - arm-trusted-firmware.t234/drivers/marvell/gwin.c 6dc9f5af1b3c165888d4faae36b6da72adb6faf0 - arm-trusted-firmware.t234/drivers/marvell/cache_llc.c e082e89bfcb90fcea87099285d6eb142fff1f589 - arm-trusted-firmware.t234/drivers/marvell/io_win.c 77e98f136f88749eb01cf7092f9d086cae652384 - arm-trusted-firmware.t234/drivers/marvell/thermal.c b724830f0762dc7701cc9fd88c863c7b53f405c5 - arm-trusted-firmware.t234/drivers/marvell/iob.c a275b56587e6c0c05df6a7985ad0cf0e2216e4f8 - arm-trusted-firmware.t234/drivers/marvell/comphy.h 6256615787b3a1bb1f9b4fc3d64794006722b859 - arm-trusted-firmware.t234/drivers/marvell/ap807_clocks_init.c c8524aa6f76d32913ffaffda10350b753e429b5b - arm-trusted-firmware.t234/drivers/marvell/ddr_phy_access.c 857ba1731ec174905f4cccd68d02bdd3abf08b6e - arm-trusted-firmware.t234/drivers/marvell/amb_adec.c 5a1bf4459a810008901d22e77f2e66c2af4ca7f9 - arm-trusted-firmware.t234/drivers/marvell/secure_dfx_access/dfx.h 12a1ccf32210f9e1106d8d27942f264ab96f58fd - arm-trusted-firmware.t234/drivers/marvell/secure_dfx_access/armada_thermal.c e586fb95d55e301bd75a1db9d6ac7b843f45984f - arm-trusted-firmware.t234/drivers/marvell/secure_dfx_access/misc_dfx.c bb5f60fb041d3fbc6812ce56b8976c686be8105a - arm-trusted-firmware.t234/drivers/marvell/mochi/ap807_setup.c 9a1f55dbc2fc4e8ca97f9af3e7d435f1bddfd83c - arm-trusted-firmware.t234/drivers/marvell/mochi/cp110_setup.c cd9af6970ea49226ec63b2b04d0b06b86d503eae - arm-trusted-firmware.t234/drivers/marvell/mochi/apn806_setup.c c6786eaab3e970ef499ac04657f31a6b5857f544 - arm-trusted-firmware.t234/drivers/marvell/uart/a3700_console.S 6426cc04f9e4ae36d19a6624130d17fd035ba491 - arm-trusted-firmware.t234/drivers/marvell/mc_trustzone/mc_trustzone.h 282cbabd8ee584e3d6c2657cd202c11bbbf31685 - arm-trusted-firmware.t234/drivers/marvell/mc_trustzone/mc_trustzone.c 1ceb9ca7a78559ee70cb2833d391d99c2ccb3334 - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-comphy-common.h 52740dfd3574268d954c81e6a708c55188bca7e1 - arm-trusted-firmware.t234/drivers/marvell/comphy/comphy-cp110.h 6b20ef2ea4fdeded083ed64a100d2e10cc8c4fdb - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-comphy-3700.c 8e492b3a1b160f6991392dd4b045f02e7c5cdc48 - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-comphy-cp110.c 4fc44238fa459de070b3ffae100986f736c5e3d2 - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-default-porting-layer.h 041d0631d9cb0fe39ee3d1f8d20629d3d2225f86 - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-comphy-3700.h db0bb43d5c002bc3633403571c9e8c06da7c0ead - arm-trusted-firmware.t234/drivers/marvell/comphy/phy-comphy-cp110.h 10ce6fa5d5bbc4205013818f591e235cbcadccd1 - arm-trusted-firmware.t234/drivers/marvell/mg_conf_cm3/mg_conf_cm3.h 1eb5c0a7322073c6dd20123df1088c459d8a69bb - arm-trusted-firmware.t234/drivers/marvell/mg_conf_cm3/mg_conf_cm3.c 0891248211ac67ec6f11dd2f388500fbeb3d6206 - arm-trusted-firmware.t234/drivers/arm/dsu/ppu.c 9cb6b217ac9499219fd1bb05530709e1ed53c3ff - arm-trusted-firmware.t234/drivers/arm/ccn/ccn.c 79f4ef16ca7e0a07b86de03a9a04dcb9c6c3673d - arm-trusted-firmware.t234/drivers/arm/ccn/ccn_private.h a9cab74a3aa9f59289ec4dac11558cb1e6e3c2a4 - arm-trusted-firmware.t234/drivers/arm/cci/cci.c 4c4ffe17b185acc80be822b37187870da7853033 - arm-trusted-firmware.t234/drivers/arm/dcc/dcc_console.c 6e2168e850f7a67c6cfa2dadf01943cbb34d43bb - arm-trusted-firmware.t234/drivers/arm/sbsa/sbsa.c 6144e283a645ee6361b497ad2d70b12d44088d5e - arm-trusted-firmware.t234/drivers/arm/fvp/fvp_pwrc.c b2e58e1a761614ee8bb95e48797500fcd9f66c4c - arm-trusted-firmware.t234/drivers/arm/tzc/tzc_dmc500.c 73c05b4fdb011d3783f2f3f3ed7285ca58a63cc9 - arm-trusted-firmware.t234/drivers/arm/tzc/tzc400.c d0a784c19a578becbc821a36080372d78af9b3b5 - arm-trusted-firmware.t234/drivers/arm/tzc/tzc380.c ed924dc3ed7f91ecff8a2e441fa5152d9fe2b9de - arm-trusted-firmware.t234/drivers/arm/tzc/tzc_common_private.h 0e845129705069d3fce0df742ab8d56a7966edbc - arm-trusted-firmware.t234/drivers/arm/tzc/tzc_dmc620.c 1c897f5bd19b9a4c18e905afda282375cbf4f5ba - arm-trusted-firmware.t234/drivers/arm/sp804/sp804_delay_timer.c 2d03c7f12c2da488246ee6c0adf67085dd8a94c3 - arm-trusted-firmware.t234/drivers/arm/css/dsu/dsu.c 9fdd5749ba87bd5ded91306fd6826fa2cf990806 - arm-trusted-firmware.t234/drivers/arm/css/sds/sds_private.h 1eed8f50d5e65263a9bdeb6d8e8dcbe03faf7966 - arm-trusted-firmware.t234/drivers/arm/css/sds/sds.c e609accbdf6501d2f83400b84b7690aaa2bca38a - arm-trusted-firmware.t234/drivers/arm/css/sds/aarch64/sds_helpers.S f55aeff6049754049ad1b23958094a7dd255200f - arm-trusted-firmware.t234/drivers/arm/css/sds/aarch32/sds_helpers.S 6ecb1da96fa3132c1433fd0494362d907bc69fee - arm-trusted-firmware.t234/drivers/arm/css/scp/css_sds.c 80686a47331e2b609be783462ef53eb0ad73279e - arm-trusted-firmware.t234/drivers/arm/css/scp/css_pm_scpi.c 63385bff4d38a1fd8628c6ed6191b7faf316e32e - arm-trusted-firmware.t234/drivers/arm/css/scp/css_pm_scmi.c 7aaa9f31ec7c9d36e48fb2d95a6b3895cbef43ae - arm-trusted-firmware.t234/drivers/arm/css/scp/css_bom_bootloader.c 9b45f1ebc9a189e59d1fdade91bde81f2ea110c0 - arm-trusted-firmware.t234/drivers/arm/css/scpi/css_scpi.c 6dfee94cccd0efeaeda770f83e1d10227886d137 - arm-trusted-firmware.t234/drivers/arm/css/mhu/css_mhu.c 61edc5ba9e506f85c048ef4a0e4f4bc504a56b8e - arm-trusted-firmware.t234/drivers/arm/css/mhu/css_mhu_doorbell.c b81d931e597cde97768e39fdad4325133c31b76d - arm-trusted-firmware.t234/drivers/arm/css/scmi/scmi_ap_core_proto.c 50defd7dfa4e38cf230f830fa7e03358ccfcdbb0 - arm-trusted-firmware.t234/drivers/arm/css/scmi/scmi_sys_pwr_proto.c 12e2ef4efff1bfd584d3424cee31bbcbaf0f9a1c - arm-trusted-firmware.t234/drivers/arm/css/scmi/scmi_private.h e76c3b0b1252232e7854b8af9db8a9ce94192cd1 - arm-trusted-firmware.t234/drivers/arm/css/scmi/scmi_pwr_dmn_proto.c 5f45d6c856d84345d180566f45cb3680f06e6bbb - arm-trusted-firmware.t234/drivers/arm/css/scmi/scmi_common.c e4a68362e5109d4e46f1d720d9b02c8fb20a88c1 - arm-trusted-firmware.t234/drivers/arm/css/scmi/vendor/scmi_sq.h 50b6e41e60390f1a3464b9a4fc4dc51fefdd28e2 - arm-trusted-firmware.t234/drivers/arm/css/scmi/vendor/scmi_sq.c fcdbc7d1ba6dd59840b82ac787ebf67cf36fe4eb - arm-trusted-firmware.t234/drivers/arm/sp805/sp805.c acf291d22225318a8085b6b36d8f418e810bddbd - arm-trusted-firmware.t234/drivers/arm/smmu/smmu_v3.c 960e4d083c1d4f31df54f443dbe23554889af0de - arm-trusted-firmware.t234/drivers/arm/pl061/pl061_gpio.c a2fe11cdf3d3532b99a07f69e5e3d7f12dbfb019 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol_common.h 8de9214ec88ef88d5405ba5aef9f84b349ba0821 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol.c 6619745efb6e3b34c2e0403308f5a1eed29d4040 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol_embed.h 39bb7556cb6c1190a4b1ddabf01a5d1c6ad8c02e - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms.c 98a0841554d74c6d8e627042e5957f7f75e484a0 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol_embed.c d96110151cac01364fe4dffa7c7b85afca2e4ef0 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol_pointer_access.c 02fbd339d7846ec5afe6b1ae76593b9a9627fc6d - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol_pointer_access.h 065e07b0f0e4d06c3ff805b17c265d7b6a45fe96 - arm-trusted-firmware.t234/drivers/arm/rse/rse_comms_protocol.h e558e0f784d68ad8b4163a06ce345f0d7426b84b - arm-trusted-firmware.t234/drivers/arm/ethosn/ethosn_big_fw.c 7780bf0d6689d70bcfca6e9876fd5e1bc30caa29 - arm-trusted-firmware.t234/drivers/arm/ethosn/ethosn_smc.c 25205a7e67600a14b45ee44c9fa9ba0c4ef0fd21 - arm-trusted-firmware.t234/drivers/arm/ethosn/ethosn_big_fw.h 3777989a45b625cf209fc89bcf8a91a468f52a3a - arm-trusted-firmware.t234/drivers/arm/scu/scu.c 186bb8885f4c1c27e19050456c66801f47404d55 - arm-trusted-firmware.t234/drivers/arm/pl011/aarch64/pl011_console.S c0a2a1186846f5be78e2165833afa952b7f9abbb - arm-trusted-firmware.t234/drivers/arm/pl011/aarch32/pl011_console.S 28b6eb0d5d5856997722ea707dd42c5ad7448dd1 - arm-trusted-firmware.t234/drivers/arm/gic/common/gic_common_private.h 47db01b738865c987fa5dbb3656b6b1dab2df5d7 - arm-trusted-firmware.t234/drivers/arm/gic/common/gic_common.c 20000ccb435ae8423c5a2294ecb47fd7961e90f2 - arm-trusted-firmware.t234/drivers/arm/gic/v2/gicv2_helpers.c 8f83171e122be92a8d5e4b0c5ecb35e4918ead83 - arm-trusted-firmware.t234/drivers/arm/gic/v2/gicv2_private.h 434c9e8886ec039830df6105bbb3e6a38c4e61c3 - arm-trusted-firmware.t234/drivers/arm/gic/v2/gicv2_main.c 0325f0421798955c9df7f963bd6f917152f3f9fc - arm-trusted-firmware.t234/drivers/arm/gic/v2/gicdv2_helpers.c 73bb04bd3b4d9fbaec23c129c93b2e89e276c7d5 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gicrv3_helpers.c 23685b590420ff2c07da48796da7cc876456b33f - arm-trusted-firmware.t234/drivers/arm/gic/v3/gic600_multichip.c 1cba50e0257d2346b291e4999b96d50aee407aa5 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gic600_multichip_private.h 16963041f34d65707d92f6e089edd696458ab62f - arm-trusted-firmware.t234/drivers/arm/gic/v3/gic600ae_fmu_helpers.c 7737340fec1ab656ef4ac2544dd9484007923edc - arm-trusted-firmware.t234/drivers/arm/gic/v3/gicv3_private.h 97201a04362eb764f203b4fb0835f8c0ca01af21 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gic-x00.c c9735998f9f6132e3bd20ff901e7b9c1bec28519 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gicv3_helpers.c 05102327acf5e15be4f22e671cab5ffa3ad4819c - arm-trusted-firmware.t234/drivers/arm/gic/v3/arm_gicv3_common.c aecc97187b821201843f2d14dd48ce7d5c76e450 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gicv3_main.c 736cd9f59b4b2ae65ddc093bd132bea8ace60805 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gicdv3_helpers.c 77f2a04a1cb74cca5c315472a5453a7848d82ce7 - arm-trusted-firmware.t234/drivers/arm/gic/v3/gic600ae_fmu.c 59fdfb949b22174750e33899b9da3ea46b68cb55 - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_v2_x.c f6698fcfe2ee499dd41d5ad9cf4153cc4f0497a0 - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_wrapper_v3_x.c cded5a08a703e65b1aed182e38ed9c190a59cae6 - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_v3_x.h fa8ac882b1e31f825c15336b590ab0322fa917ff - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_v3_x_private.h fb169536fbec23ec1e84e4bab3a2ee8f8c321192 - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_wrapper_v2_x.c a28058cffee68cf5445d4e04bbd45701e2b1d180 - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_v3_x.c 3d01d5ef8bb71e4cb7447ff707a12be97a6fdf8d - arm-trusted-firmware.t234/drivers/arm/mhu/mhu_v2_x.h 186a430293e386769c76c82e59d880a742f94a29 - arm-trusted-firmware.t234/drivers/scmi-msg/clock.c c160472ee5755e431363a65095ce2c5bee9ffc14 - arm-trusted-firmware.t234/drivers/scmi-msg/sensor.c 51f712caca20f1532dbd7a569fab515695f574f9 - arm-trusted-firmware.t234/drivers/scmi-msg/reset_domain.c 5ccb137165a77ff1e70aaf78a3a5f50bfffd5c56 - arm-trusted-firmware.t234/drivers/scmi-msg/entry.c 6854b6e16a5d00e32471a842ac82a42307f4fd25 - arm-trusted-firmware.t234/drivers/scmi-msg/reset_domain.h c131856e6e46bbe3975ea2d7800d21d2c9dd65f5 - arm-trusted-firmware.t234/drivers/scmi-msg/base.c 9a06fcf18608dead4701ec10a63da3ace748fe3d - arm-trusted-firmware.t234/drivers/scmi-msg/smt.c 87e2ccd433b23fc20ba9c6b329c0e70654df069e - arm-trusted-firmware.t234/drivers/scmi-msg/power_domain.c 7ae186cf8c542e8a7ee539e5a836fbcf3c6b2835 - arm-trusted-firmware.t234/drivers/scmi-msg/common.h 461a7571a4c7bcd3d79b52f40e356e3fd02577ad - arm-trusted-firmware.t234/drivers/scmi-msg/sensor.h 6494de9c4e6d28e03514a090db2224f8b96327ba - arm-trusted-firmware.t234/drivers/scmi-msg/power_domain.h 3793e73034176c719a8160e57d2216f834867aea - arm-trusted-firmware.t234/drivers/scmi-msg/base.h a9219fa6261f43e472c7b1655189ae66022de0e2 - arm-trusted-firmware.t234/drivers/scmi-msg/clock.h 11afd5aa50fb15f02161b17edf34d224b17368fe - arm-trusted-firmware.t234/drivers/partition/gpt.c ecb048f796a6ea0f047d8590aa897a5d2b0cc7fc - arm-trusted-firmware.t234/drivers/partition/partition.c bf6cd6123996ffba448042a934561a9845514132 - arm-trusted-firmware.t234/drivers/imx/uart/imx_uart.h 2b9b4163928ad22b375942df6a419ac25791d15b - arm-trusted-firmware.t234/drivers/imx/uart/imx_crash_uart.S 30ead9b9f8c8e8a0d0443291726c90dcc10f24ef - arm-trusted-firmware.t234/drivers/imx/uart/imx_uart.c e7fdf9ac8aa8e62e2b82e935887ea9fa71277e50 - arm-trusted-firmware.t234/drivers/imx/timer/imx_gpt.c b0d5b078d9666eb577b6d96327526056a9c5ff46 - arm-trusted-firmware.t234/drivers/imx/timer/imx_gpt.h 11d6bed45c0c1633f53d1a14e935db95a494322d - arm-trusted-firmware.t234/drivers/imx/usdhc/imx_usdhc.h 9bc70005e12c02d5fff1be0c6fcab4b26730256a - arm-trusted-firmware.t234/drivers/imx/usdhc/imx_usdhc.c 639d42262958e84f1bd83a574ec62649802513a1 - arm-trusted-firmware.t234/drivers/auth/img_parser_mod.c 383ccf90d4c09c5efe1d3bc0601adbbcfae19658 - arm-trusted-firmware.t234/drivers/auth/crypto_mod.c 63e0dc6ba6ef64d603e76fc15f2a2796e703402b - arm-trusted-firmware.t234/drivers/auth/auth_mod.c 3800c7eab9872036ff7811566577b748ce971805 - arm-trusted-firmware.t234/drivers/auth/mbedtls/mbedtls_psa_crypto.c d590898b2f1bd67f35297dea82d7bbe68f3c627a - arm-trusted-firmware.t234/drivers/auth/mbedtls/mbedtls_crypto.c 4431fce724672381d55e32ed6ceb7b54ca66fe3d - arm-trusted-firmware.t234/drivers/auth/mbedtls/mbedtls_common.c a9c9b581808fc89f609d088dcf922921b2215731 - arm-trusted-firmware.t234/drivers/auth/mbedtls/mbedtls_x509_parser.c cd26a5d108b329cc5b012622b8a8f43fb97d97c4 - arm-trusted-firmware.t234/drivers/auth/cca/bl1_cot.c 096f1a1d2313eea3dc392ca889350de5638792f8 - arm-trusted-firmware.t234/drivers/auth/tbbr/tbbr_cot_common.c 6c002487a9db1949616f6595e8be687b5c556207 - arm-trusted-firmware.t234/drivers/auth/tbbr/tbbr_cot_bl2.c 0c35f62d8d8d0ea76fd218563f9e1e5059e68476 - arm-trusted-firmware.t234/drivers/auth/tbbr/tbbr_cot_bl1_r64.c 55aa6bfe71f6c8b7e4129b5dd9996fe660990913 - arm-trusted-firmware.t234/drivers/auth/tbbr/tbbr_cot_bl1.c bfbe127e115c64f3452d5810006157444e9b6b2d - arm-trusted-firmware.t234/drivers/auth/dualroot/bl1_cot.c c83fb1312ae05c6e624572806f085c6919f189af - arm-trusted-firmware.t234/drivers/coreboot/cbmem_console/aarch64/cbmem_console.S 5bf3028d91229a2bab7d9be2fbf3db5b63dbdac5 - arm-trusted-firmware.t234/drivers/cfi/v2m/v2m_flash.c 8c724782b7fa36eaa061116f99ad75a5e011101d - arm-trusted-firmware.t234/drivers/renesas/common/pfc_regs.h 96023687d119cdc2a88f0f96847b71070be44d0e - arm-trusted-firmware.t234/drivers/renesas/common/common.c eb5eaa562bc901bbcea6e5e722e629a4ffe14fa3 - arm-trusted-firmware.t234/drivers/renesas/common/ddr_regs.h b31c95edffddbecf9d51e7ba6d57f59b07381718 - arm-trusted-firmware.t234/drivers/renesas/common/qos_reg.h 197394f4b9c3387bbbe8ade40aed6fd5ba67cd49 - arm-trusted-firmware.t234/drivers/renesas/common/iic_dvfs/iic_dvfs.c 81389d507ab4f6c15c8302b9d4a550e929350170 - arm-trusted-firmware.t234/drivers/renesas/common/iic_dvfs/iic_dvfs.h cc69cc1cdbf38f685bfb8c4e843841fc12c17072 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_private.h ff8a273a7c0157436d3d58824bb0822c1e4c8880 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_emmcdrv.c 94592c6b00d8f46906214144913018912da2cdb1 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_emmcdrv.h 7c0cd66835bf24e2086572d390e9e42847b2cc7c - arm-trusted-firmware.t234/drivers/renesas/common/io/io_rcar.h 439b0f6a75902ac53407ef84e11e727e09d08291 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_rcar.c 2a9a321a7d2d3f302f63914ea61c0b24ef77ae46 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_memdrv.c 7e6776a062962247d7356aa2a4e3db30e8ec9a35 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_common.h d954a56fdaa915b42433e7f02b933ff5a7f4d553 - arm-trusted-firmware.t234/drivers/renesas/common/io/io_memdrv.h 9c78d4764ec4942f586af7e70fa2906b79718e72 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_def.h e38e56acce60e8f8ba79bf52ebdccbfbb84e60e7 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_utility.c 7526f3b1661670d99bae978d76b826697f8eafcc - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_registers.h d18f211fb0f471b7b72797133ccf3a89ff3fe561 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_mount.c 53d888462033b6fd9f510352b7ef5a997db98215 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_std.h e3d0fe455add19648ab1dab17abbf8a036851187 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_read.c 01640294fe0a77d2deffd5544fc35d2cbbd2a001 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_hal.h b95edfb86992c01b146085a6a3a6fa260f62cfb1 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_config.h da6c00a918a45fb21f34a94a1153a619126f856e - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_init.c 1f0175831d01e9a83091abf339b764707fa15732 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_interrupt.c cb043720de45561eaad93379a30094150ff40186 - arm-trusted-firmware.t234/drivers/renesas/common/emmc/emmc_cmd.c 3567bb0ce5e977a1fe4ee5a8fed4db8dc67ccca3 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/dram_sub_func.h bbe9ec354aa9a66731a4a68b1214e7c88433e78e - arm-trusted-firmware.t234/drivers/renesas/common/ddr/boot_init_dram.h f6092db4bdf15b55332ebf36fb13af42ee1b8f8e - arm-trusted-firmware.t234/drivers/renesas/common/ddr/dram_sub_func.c b5212a79f0a8c1abb0c5088b5730968747253bd9 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_a/ddr_init_v3m.c 55a51a3127d0a24e084fc5ad73c0ddc5d5b2fe3b - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_a/boot_init_dram_regdef.h 24c58c71c66617770ef83cfba554a31128de8f35 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_a/ddr_init_d3.c f5798c0927729a362f779e583438e52a2da51faf - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_a/ddr_init_e3.c 37a90760b517965724b098859e8ebec0350b9bdb - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/boot_init_dram_regdef.h 94ab11fdbe4c8a942cb23f6604e8a013e0c6c083 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/boot_init_dram_config.c e0742763d58338812ccc5554c344ad5313406c69 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_h3ver2.h adeed77084cd41298c4e4f62a9c1c02be218cefc - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_m3.h c8a7b6b485a22db75710d3813b31d5d5b40fa7fe - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/boot_init_dram.c 63b579cc89ed7ce4a122dd857f16d26fb9c54c76 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_m3n.h 56a16c8b12428935f7d194f7bdbda33ebc432e4f - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_h3.h b014a41cf8b77ed434dc0aaeae7efd1a154065c4 - arm-trusted-firmware.t234/drivers/renesas/common/ddr/ddr_b/ddr_regdef.h db6311bc705a8c1d60a616425947adcee84d1063 - arm-trusted-firmware.t234/drivers/renesas/common/delay/micro_delay.h 724917ae7e24d07722880d4b74d6a9730336be06 - arm-trusted-firmware.t234/drivers/renesas/common/delay/micro_delay.c fd800015d9fb816da01ef845c1df74f11ddc4a5a - arm-trusted-firmware.t234/drivers/renesas/common/rom/rom_api.h 87828e73a5f3b026825d97d75aabf28c2d70d3eb - arm-trusted-firmware.t234/drivers/renesas/common/rom/rom_api.c f6c548f6ac120c9eae0551d5ca111a654a28e241 - arm-trusted-firmware.t234/drivers/renesas/common/avs/avs_driver.c 04d76f4dff98e3290cc3b56689eea7eae6973401 - arm-trusted-firmware.t234/drivers/renesas/common/avs/avs_driver.h 8e9c2ed157c641c0bec372759c5f0d1a29495392 - arm-trusted-firmware.t234/drivers/renesas/common/watchdog/swdt.c 6173062885150750f1c102edb35796e50d6a012a - arm-trusted-firmware.t234/drivers/renesas/common/pwrc/pwrc.h 11290dbdcaf0fc67e9947d59e3177ac503f1276c - arm-trusted-firmware.t234/drivers/renesas/common/pwrc/pwrc.c c11df9b69a5d8144823fe6b09c8aee8c6dac3579 - arm-trusted-firmware.t234/drivers/renesas/common/pwrc/call_sram.S 23d0235cda981605fc638d9031316ff71003ea9f - arm-trusted-firmware.t234/drivers/renesas/common/rpc/rpc_driver.c 5737620466366563b17443ac716f582a4a0e1e8b - arm-trusted-firmware.t234/drivers/renesas/common/rpc/rpc_registers.h 3a2172abc0cd0c826ca5c1f958e47c616e2d0c2c - arm-trusted-firmware.t234/drivers/renesas/common/auth/auth_mod.c 26bba8a723b7f85d907e8da853e41cb0ec1bc46c - arm-trusted-firmware.t234/drivers/renesas/common/console/rcar_console.S 1692445c557b6b33fa657f6d1ec36b7ce40b05f6 - arm-trusted-firmware.t234/drivers/renesas/common/console/rcar_printf.c f81a020bdd63ac732719bf014ffb749bc0f35bba - arm-trusted-firmware.t234/drivers/renesas/common/console/rcar_printf.h ba0424f1fb02f541d26148c808ee8576203fae19 - arm-trusted-firmware.t234/drivers/renesas/common/dma/dma_driver.c 648595ebf99d157ff5bec437919b34a18258b411 - arm-trusted-firmware.t234/drivers/renesas/common/scif/scif.S 8ae500671f7227739bb3b389ee74418bae4974ee - arm-trusted-firmware.t234/drivers/renesas/rzg/board/board.h fe1e1e2a68a2409c85008f78bb7f4048be6dc1c9 - arm-trusted-firmware.t234/drivers/renesas/rzg/board/board.c 2802b6fb340525ddb96baca00341a6a25f703c74 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/qos_init.h 4186c27c3850565f08118234f39f3224a0094fb6 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/qos_common.h fa11d997720f3e8e38a41e393a485385f56a4981 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/qos_init.c d1016ddc5354d7e63a3ef654ae6899c8c078ce00 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10_mstat390.h d0a732f21ab78828c622303f2eb7f2ab8e85c92a - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10_mstat780.h 98bd2a7be1d0dcdf1cc534ac4dfa0adf7b3bd752 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10.c 635fa9d52596ee34cf2cbf85617657684fb653c1 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10.h 2e4f2532cb1b9aee27f82677a76fc8598ae3e720 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_qoswt195.h 0d2a4685c4bd34d6ec121270bc38ec212c7b1e0a - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_qoswt390.h a084e9fcbfdc195d063eee7f1561a5b311238aa2 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_v30.c 6bfed6bf0d3eb45780762fbb929d5d57eaeaaedd - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_mstat390.h 05c9d8b400726b0d87a72783f40f17a2a061c31b - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_v30.h 6a2add07f71f904a80881847adbb4576860c245d - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2H/qos_init_g2h_mstat195.h 8146506bb0d47e4499b692d8a0b0d168c697db9a - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11.c 7262dc7de38f8216be32a2cf973c4077da6a5ced - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11.h 49c7e8143b952aa89509efb296f2a3d848f1fcf1 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10.h d1c7d38c66ff34e537261485132cb0beb3ab4765 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_mstat195.h 4fc3b8212dd33e6a33a9bbf4b96d0ffdb7032083 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_qoswt390.h ae6bc783ddb0cb6feec22e234a5383965ad75a8b - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30.h 1ebeec74f28d94d33ad88f9e3cb8abeb2ff4462b - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_mstat390.h 046e1d3b18c291d99e7f1f95658f5a6bb9f7c207 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_mstat390.h 17c66fa0e8ef76563d00547c6c281d4fcd025dbf - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10_mstat.h e074216ecbdf97f24cb3e12cc7f5d8e5c99721b5 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_qoswt390.h 5cf260b6fef6d9a6c0ddbe6c45bed9d54daf027e - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30.c c9bbbceaf55fd9cdcf0943b427f8b302c902199f - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_qoswt195.h 3ebe3831af51ff6dd31f04c19ed726ea47d12ffb - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_qoswt195.h ba3202740e2551524bc86abc295cc82374fea770 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_mstat195.h 4120c27434066995e75487d1311e78e2dcf57cb3 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10.c 7c37eb45f9f11ee9f370e775f741dd1075944a69 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10.h 3ca890e94b8943ef7719c09f20c3a71ad9e60295 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_qoswt195.h 330b138c5e24e14484fbdcc38db468c06168918a - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_mstat390.h 282efe9d196e496f3be41e3be701e9dc02c1bfc5 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_qoswt390.h 80605fd39dfaf3536b1da46e80b450127a5ac723 - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10.c 33416277d7d82e170d6f1d7ef205870c003c8aff - arm-trusted-firmware.t234/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_mstat195.h 45854b76c28a405b83a3ad2f7975038a6a8a34c1 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/pfc_init.c 987d099de106542df3c8adb7613b27edcfd5cb76 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2E/pfc_init_g2e.c fa65175525fa82bac340b43f6d95f68574a6cd59 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2E/pfc_init_g2e.h 08bed1ad3f35993a6b63c3a553c0cd1f817cdf72 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2H/pfc_init_g2h.h 313d480f7fd9b09de41195d3fe75df7e06b8fad2 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2H/pfc_init_g2h.c fb75fabcb7a5cccd23dafcb83996362d131b28e4 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2M/pfc_init_g2m.c 3e16dde8ddd77df4368ed97df8dedfcd363f2195 - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2M/pfc_init_g2m.h 9850cfe7fffb94712b5526ba4dd947a9cec6efbf - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2N/pfc_init_g2n.c 42cec83a589b1e8282a06dc496c09fa4d8019bdf - arm-trusted-firmware.t234/drivers/renesas/rzg/pfc/G2N/pfc_init_g2n.h c2b1735bd5896fe759c99cc8b22c392af5bb841b - arm-trusted-firmware.t234/drivers/renesas/rcar/cpld/ulcb_cpld.c ba3873513a76a74ceff9f6818187870191d1faba - arm-trusted-firmware.t234/drivers/renesas/rcar/cpld/ulcb_cpld.h f069abc20e8eb6537ae1395fe54741068d040a20 - arm-trusted-firmware.t234/drivers/renesas/rcar/board/board.h cf8b9626df3b3f81ae4674acc1f379aaf9eea1b5 - arm-trusted-firmware.t234/drivers/renesas/rcar/board/board.c 50775f0e3315375d2b392a52b57df2e19834d985 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/qos_init.h cb0d0e4e929b276e850cc30884ddfd8846a9048f - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/qos_common.h bab2ef59fc4f4088c90466ebb4823889a1bf3996 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/qos_init.c 4c577e5e3e00506da4ab89990b8dae561786e20a - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_qoswt390.h 60944cd086bb0354e4747ae185b5149ae3f85f72 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10.h 96354da81a56cb6373ff756124b8eee42409bfca - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_mstat390.h 5084ea58968f58ebfbd7dc6f9ca8bfd62338c0be - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10.c 2bb5c4f7c8795b5aeecf3a8997f515c4890514ae - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_mstat195.h aa7f8d7b49fdee6efbfc48acf8e8bddb01fd52a4 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_qoswt195.h 824a3717d01b009cea509c61015e64d1722fc212 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v10_mstat.h bd60292a364659d7f11eeecac384213969357c04 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_mstat195.h 8eea8028ec6b2cd4e6e1c5e0a8d8fd9af01ff4fd - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_mstat390.h 59c0f7639b01b8af843d8142eb013348e6a1ba18 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_qoswt195.h bc682493eeddc9cec3b24b5dd37418a00e0c064a - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_qoswt390.h 25b0f36e8b08eb30e6e67d89d69defa23dd5fd95 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30.c dae17d610957cce3799fa9c9946c0196c67d46ac - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v11_mstat.h a9bbbbbec45160d1c172adea1b4b9040ac0de99e - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30.c 811eb1fecd60de207e7c92a5986acb80e7ecf0f3 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_qoswt195.h 6ea58175e376d869ac3c2a4f103d934df3c2c465 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_mstat195.h 630b48fd35a697ed4d1daa03bfc67d0d299a2776 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v11.h 504bd76520d259ea03e8b93380c763a3c17ffeb0 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_qoswt390.h 3133890e85ecc2895d1d4e7b7f6766af5779fa70 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20.c 23507b41fbfc9c3a39c4c3f5daf7562d67d10b1b - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_mstat390.h b7890473a9576eca8081825037d037349512add5 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v10.c 700940ac5d64f4902064fbf6670e6e59150d9fd0 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30.h 8623a6e816d06c37ce20ab1b6e410fc23c052d43 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_mstat390.h 7131d3227d06785258892fe7a42df3c91cc8c9f9 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20.h f5fd4a9a5d50b214bc6ebdebed3c35ae0f1f2be4 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_qoswt195.h a6934a3af85414d49cca5e5d99e162bbe9ca133b - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v10.h 9734f42b1bf98f600ef3f9014fd09eb6fc350e1d - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3_v11.c f0db0106cc97b359f7a0ab316784658b79e9d544 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_qoswt390.h f8c08f7eee854de735ce3c60a3e23d3f74fd73f8 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_mstat195.h 7329eefcfc343e2cafffcbc3a208b34789e57968 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30.h ad608451ef421359c092c0b63326dd929f8d2c66 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/V3M/qos_init_v3m.c 70405034a321bd4ced206115508ab438f2f536f6 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/V3M/qos_init_v3m.h 21ada158d24d4473b1e20f73c499f4d5600e3c8b - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/V3M/qos_init_v3m_mstat.h 6dea13df81dd5a2913039ff42dcb9216eb922586 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/E3/qos_init_e3_v10_mstat390.h 48f7ee0d258f661040d23d898a98d0bc9c066613 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/E3/qos_init_e3_v10.h a97dc9032e7371a6e36c4da57b637a9d7560f961 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/E3/qos_init_e3_v10.c 81d4efe56b1d9f4c44c942700d01a9ede1677bae - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/E3/qos_init_e3_v10_mstat780.h c2f5bcbfd3751341e871e36cd4d2f278b2a4150d - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/D3/qos_init_d3.h 46f147d7d880a38e6cb07b4d198f1845f45b45b9 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/D3/qos_init_d3.c b8ba25ef62d360d72dd17d26934062bc0eeea376 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/D3/qos_init_d3_mstat.h a6126e66f35f584f38379a6ee5529fed08edf8d8 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_mstat195.h 2717b8ac46d4da69ba6b99a7f25097f9e314aad3 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_mstat390.h bf20ed2160ab9535cba30cc680a7bf881b5a442a - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_qoswt390.h 7cbcad70fd46dc5761bb14b31f104d6806752af8 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_qoswt195.h 8aa68f57355243a72231c3848caec899565cf5da - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11.h f1b2a6505d48a1a6566f88c1e80b4f27cb09896e - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_mstat195.h a3a502f90241a6c8f8be7ed9af2e0b6cfe9e59e5 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_qoswt390.h ec016158b5c3b5502240e5835181cf7929e6fb5e - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v10.h 2a066b2fcd7583651082fa57bbf12dfe4352326f - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v10_mstat.h 98bfe2ac9414a1ebf54ec51f034ad2b9200f74da - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11.c 77f8e84524f8a31cd4e5261eca8974eec4bd131a - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_mstat390.h d09db552b2bf3efa0e9a5ea6643db0419a1ebe16 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v10.c 6b699b1443429c5428b8a7056804ed3da10f02f8 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_qoswt195.h 0bd9da0a10479be006322d8a5e4ba700ee504c2d - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30.c 758dc7396c31d1186836e5ed6c7cafd0a678b4f6 - arm-trusted-firmware.t234/drivers/renesas/rcar/qos/M3/qos_init_m3_v30.h 3ae8c8947fe42e322d70fb7903ada181bfd006ed - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/pfc_init.c 1a2dd6951973faf90ec734331605c3fb336bde9f - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/M3N/pfc_init_m3n.h ed9b151f951387e31b4a9fc5a26f0d4621beaf13 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/M3N/pfc_init_m3n.c 83dad15a244674be1d30dc0200428aa0e82090e6 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v1.c 7a112959b420ec60382c2d5688ddced8ca0affd4 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v2.c 5eda21c234b108bb6ed5b65d5e58825ec9ac0210 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v1.h 8472797f3f7c7a334dd21719d4dd718c5df01e47 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v2.h 0b6aac349254850a645458a0a1bfbf6dc60b78c8 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/V3M/pfc_init_v3m.c b9d9644305cbbf1e06e176a46903dd18819761a4 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/V3M/pfc_init_v3m.h c7dfaadbc4d96d1fceadc4fae5536b1e1a9cdd59 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/E3/pfc_init_e3.c c248864592a61213518c8881be85e4f65fe0a3a2 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/E3/pfc_init_e3.h 6465a6a55c524b8ffb1dca351757b9d96e79d203 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/D3/pfc_init_d3.c a7f9c2cb5010e2bfe1f501830a449d314d447ce7 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/D3/pfc_init_d3.h 6fb897befbc4164b71d8975b2d5322b9e77412b4 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/M3/pfc_init_m3.c 3802b683cd17e49eba932611e33205446291cde4 - arm-trusted-firmware.t234/drivers/renesas/rcar/pfc/M3/pfc_init_m3.h 627856de3e6c6e4ff2ba2bf3dc3803a13f08d1bb - arm-trusted-firmware.t234/drivers/gpio/gpio.c 1c9fa968ab5e023d06dcdbe0d3d12847d4e13273 - arm-trusted-firmware.t234/drivers/nxp/pmu/pmu.c 396f26a188a6fb1077b280cdc459ee52ac4dec89 - arm-trusted-firmware.t234/drivers/nxp/flexspi/nor/test_fspi.c aa90dde4baf63bc0c01bf8e59793d8b429912e71 - arm-trusted-firmware.t234/drivers/nxp/flexspi/nor/fspi.c af21526870ded933cf4e5455fdd2935a82cea61b - arm-trusted-firmware.t234/drivers/nxp/flexspi/nor/flexspi_nor.c 0c3739bdd3d04953083299f803b7c30e40e3fa93 - arm-trusted-firmware.t234/drivers/nxp/flexspi/nor/fspi.h d354d19d9f42611b3ad0f293660bac71ee3a801c - arm-trusted-firmware.t234/drivers/nxp/flexspi/nor/flexspi_nor.h 6ba34d8cf6a1e66a6b8781b632305c8192f8c47f - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen1/phy.c 74e03c3ae9247f2dcf06a8f4c0bf87e7188f5531 - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/messages.h aac92f8b51eb5a99b8c6c1b861b65d8ed56c92b9 - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/csr.h c7a8d2e4c9d251f199893093970dd028c5a2aed4 - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/phy.c 9c36d85b72ea62f1b3e6d8df34efe02d50c468ca - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/pie.h 8ced20b50814e640a734b45571534428a03235aa - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/input.h 79c2efcdc6a10632eb5fcbc5fd5930ef914737b3 - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/phy.h ac55bbcc1387d5092bdce1d236686694d82f2a87 - arm-trusted-firmware.t234/drivers/nxp/ddr/phy-gen2/ddr4fw.h e083ea048179544e9c8e52f7a48d7c315f03a475 - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/README.odt 12285abf0cb1bf37dc6969edc0ef0820cfbcaf51 - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/regs.c fed7a4d64f892002dd30f1e1bf50d5fbf537281d - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/dimm.c eafda399ba84a394b113aa53df7ce17698124030 - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/ddr.c eaefee9029f7ccfd854a5813aae54ad816808645 - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/utility.c 08d523b32301717f7f1dceef4c53f66af71983f9 - arm-trusted-firmware.t234/drivers/nxp/ddr/nxp-ddr/ddrc.c d9b4015568e26bddf900e57b2034588011dc76fe - arm-trusted-firmware.t234/drivers/nxp/ddr/fsl-mmdc/fsl_mmdc.c 6110f91b4e4951530a572287ec5ccab22df2ea6c - arm-trusted-firmware.t234/drivers/nxp/trdc/imx_trdc.c 73a87390ee3b46e2b5587087457d8a10a6f4cd35 - arm-trusted-firmware.t234/drivers/nxp/tzc/plat_tzc400.c 6c7fa04e4aacd8bc5cdd63e5ade38bdf11ad8ba9 - arm-trusted-firmware.t234/drivers/nxp/tzc/plat_tzc380.c 85860d4c7284e5f15ce31d18787f687d6bde61b8 - arm-trusted-firmware.t234/drivers/nxp/ifc/nor/ifc_nor.c b60ab555dfb381cb8ca75b8250c3d15cd906b069 - arm-trusted-firmware.t234/drivers/nxp/ifc/nand/ifc_nand.c 3976af866b0f1353ade3d95b9d4ef92a7a2169ea - arm-trusted-firmware.t234/drivers/nxp/ifc/nand/ifc.h 025585adc082ce5200473b4283d6b03a234e44f4 - arm-trusted-firmware.t234/drivers/nxp/timer/nxp_timer.c 1d31a2492e42b2087d68ef756a91274f671987c7 - arm-trusted-firmware.t234/drivers/nxp/dcfg/dcfg.c e226a83d545290dc0eafd0a22f178e6d897f8754 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/s32cc_clk_modules.c 351caa4dffd317f297fa641693440b83c3020fa9 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/s32cc_clk_drv.c ea9c61eb63671d677486f9642369f7ad3af3ba29 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/s32cc_early_clks.c b2ede945a5d704e2d8264434328af373da1d30ff - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/mc_rgm.c 9beea6e3717ab5d4db741724e07dae5505a513b5 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/s32cc_clk_utils.c b04df43aeaf2e5ca3edf5ca78184faf5006006dc - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/mc_me.c c57b4cd990d5115cae8b863a10d2bb92b3813ea3 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/include/s32cc-mc-me.h a45d945f79fe79bf4b28ab4cec67b7b053a306a0 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/include/s32cc-mc-rgm.h e54819925cb200dce101bcc7d67dfe5b7d11cdb8 - arm-trusted-firmware.t234/drivers/nxp/clk/s32cc/include/s32cc-clk-regs.h f29d54b17cb5dd1f602641d092227c883cb6a57b - arm-trusted-firmware.t234/drivers/nxp/csu/csu.c 5579fdab0db3121aceafcaf39eab316e0253aee3 - arm-trusted-firmware.t234/drivers/nxp/sec_mon/snvs.c 3a182ddb4f6fa33eaf8b5ae0c60f6bdf113f4fcc - arm-trusted-firmware.t234/drivers/nxp/i2c/i2c.c e9bddb61157fc79a6db73771f3abc44b0fa2180e - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_pbi_ch3_2 9489f5c75aa894fc166bb99b848883d0413170cb - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch3_2 e8b0ec7c11f4a62b325a01e3c18334ff81f184fa - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/csf_hdr_parser.c 58bff9b3422ffad20520362a80a6f322da632da3 - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch2 aaaf596468de0e2b0f1fd9df798408ccae3ec67c - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/cot.c dd7d454c97e1855bb1c228cacfecb6238f4e487d - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch3 bc6fe6b33a974e9a9e2ae522e3ac00b9f7ff4967 - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_pbi_ch3 cb8400c786b03ab4685825c49454f7915622e629 - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/plat_img_parser.c 753107ce7c270d602a0018c1cabb0ef8e7d3c54a - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_blx_ch3 9b849f025149e6cf51b2500c8f70b38703ed5078 - arm-trusted-firmware.t234/drivers/nxp/auth/csf_hdr_parser/input_blx_ch2 9ae459f7596a73bda30431770bae14b54b3d8f1f - arm-trusted-firmware.t234/drivers/nxp/auth/tbbr/tbbr_cot.c e87ea077dcc89cfad504b38c454094873eb4bbae - arm-trusted-firmware.t234/drivers/nxp/sfp/sfp.c 904d53ac1f2e9c98f1e176eae19be267e985db33 - arm-trusted-firmware.t234/drivers/nxp/sfp/fuse_prov.c 7e7c03a074969dc0547afeb5dbe289ae008dae93 - arm-trusted-firmware.t234/drivers/nxp/qspi/qspi.c 6e6462d105804dd2ae10bf643fa50826833d672a - arm-trusted-firmware.t234/drivers/nxp/gpio/nxp_gpio.c d4cf1b07b3a081078c4e7da1e354adc42f41f7ca - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/sec_hw_specific.c 3c761add629210b3e453b4a2fed25e86faa7dd21 - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/hw_key_blob.c 031c599e3fe334783cfcb7d7f041aa1536393789 - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/rng.c 56049903c150ec74bf91c43136c2171b9a5d1caf - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/jobdesc.c eeaa299335bd10e0531ff65d6a24c6a4da294057 - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/caam.c bb9ccbfadb1dba83a0035f9bf7b3d22a48fa01ff - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/sec_jr_driver.c f57b50469999cb4e73078d091922c80a5902e4b0 - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/auth/hash.c d50c52a60933dda049d46b7b8069bb64acde5f48 - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/auth/nxp_crypto.c eb5515126eb5fa4bef2f7976e79e3f9fd0944afa - arm-trusted-firmware.t234/drivers/nxp/crypto/caam/src/auth/rsa.c cbb35d75dea21db6209d5ab41ce216af0acbd5f3 - arm-trusted-firmware.t234/drivers/nxp/gic/ls_gicv2.c a8b2be0d9781815f941f3b5c54c06d66869ebbb8 - arm-trusted-firmware.t234/drivers/nxp/gic/ls_gicv3.c fa805a963aca474eb7b99d376fc23bf898fe4457 - arm-trusted-firmware.t234/drivers/nxp/interconnect/ls_ccn.c a4736e2e943ff2c95ee55ab5550d95dbf4e9fae5 - arm-trusted-firmware.t234/drivers/nxp/interconnect/ls_cci.c d3e9bd0226d74dffd59af6ef1c8f029ca195db90 - arm-trusted-firmware.t234/drivers/nxp/console/console_16550.c 790fe3d8c9dc161c912d7b07fc41fd3e7b777a20 - arm-trusted-firmware.t234/drivers/nxp/console/linflex_console.S f15b111b5f8ec4a947c36b642e6c6331bb5331a4 - arm-trusted-firmware.t234/drivers/nxp/console/console_pl011.c 2a1bdb18c58966ddfd311779afafcf0b45a8c45a - arm-trusted-firmware.t234/drivers/nxp/console/16550_console.S c836acb10409ae93eddaad015a63f2295b8cacd1 - arm-trusted-firmware.t234/drivers/nxp/sd/sd_mmc.c 1187d1241eb1f12b189515f010e7a2e14c1b012f - arm-trusted-firmware.t234/drivers/ufs/ufs.c 1fa3c347f937895d6e5869cff641faf35158d0e0 - arm-trusted-firmware.t234/drivers/intel/soc/stratix10/io/s10_memmap_qspi.c e57afb5e1e8ac09fd8384974dc56428c4687f3ea - arm-trusted-firmware.t234/drivers/console/multi_console.c 55e3619c99952dadcc6c544ef95df93be5bab4d0 - arm-trusted-firmware.t234/drivers/console/aarch64/skeleton_console.S eff91293b96b4a047cfd3e5c65aee88e48005e16 - arm-trusted-firmware.t234/drivers/console/aarch32/skeleton_console.S 3325b2a520df18fb8bd8859eafba82aa1c89eec1 - arm-trusted-firmware.t234/drivers/rambus/trng_ip_76.c 24152cd37640d4bace3e1ed37f798988efef621d - arm-trusted-firmware.t234/drivers/delay_timer/generic_delay_timer.c 7eead4d84e280cd933037880ee98a459805c6e12 - arm-trusted-firmware.t234/drivers/delay_timer/delay_timer.c 9b062a0b911071bbb975d30f01bb8e898cf2bbd2 - arm-trusted-firmware.t234/drivers/mmc/mmc.c 12473d63d565d1782e4e3273a27c29c04adaf86f - arm-trusted-firmware.t234/tools/amlogic/doimage.c 12941bd6251f5bd1a7c7cf8b24200055c2756752 - arm-trusted-firmware.t234/tools/amlogic/Makefile de1c1723fefd41c417984f09cf27ac51dbf1e8ac - arm-trusted-firmware.t234/tools/tlc/tox.ini 81c4d416abded7c45da42be4a5f2c112c6e828aa - arm-trusted-firmware.t234/tools/tlc/poetry.lock aae9c6fb17847c45428bd704b75575c91375ca37 - arm-trusted-firmware.t234/tools/tlc/pyproject.toml d0b71ad95ecacfde1863424def930acae738905e - arm-trusted-firmware.t234/tools/tlc/setup.cfg 6e1c8c3d79252f9297dc1a5eaa61277aed582d0b - arm-trusted-firmware.t234/tools/tlc/tlc/cli.py 13e248fac2e9a6af73309828e28569f28beced75 - arm-trusted-firmware.t234/tools/tlc/tlc/__init__.py a3d41b0992ec71b8a817e6852441c49372f69bb9 - arm-trusted-firmware.t234/tools/tlc/tlc/te.py 7f2eaa3de886f5dd6ad0cc37ca5429dba39f7d1f - arm-trusted-firmware.t234/tools/tlc/tlc/__main__.py 0996f28e4e94d92276ba3b2d7e3001687c2246d2 - arm-trusted-firmware.t234/tools/tlc/tlc/tl.py b18be653910faa8994bb06308427ed35364bac38 - arm-trusted-firmware.t234/tools/tlc/tlc/templates/header.h.j2 b7db50608408019b1e268ab714c85bc8c0bd303c - arm-trusted-firmware.t234/tools/tlc/assets/images/coverage.svg 228c7122430b28e0f738f6de24d9f660eddf5b63 - arm-trusted-firmware.t234/tools/tlc/tests/conftest.py 365db19b34a871749bf725b1fe8a0ca71c8c3cd4 - arm-trusted-firmware.t234/tools/tlc/tests/test_cli.py 8814eb6ac3ec5717d7e350873e1fc067344acfb5 - arm-trusted-firmware.t234/tools/tlc/tests/test_transfer_list.py 3ee5dfa9a791d130e1d7292c616deb22b973d2c0 - arm-trusted-firmware.t234/tools/stm32image/Makefile 75e7e633ff5fcf6dca970eef0c2acd786d23f188 - arm-trusted-firmware.t234/tools/stm32image/stm32image.c c336429ef398284ff8d714a4fbdb8595f3647986 - arm-trusted-firmware.t234/tools/memory/__init__.py c8dffb8aee2b02a4ee20b2154fcd34ba96a5bae0 - arm-trusted-firmware.t234/tools/memory/memory/mapparser.py c336429ef398284ff8d714a4fbdb8595f3647986 - arm-trusted-firmware.t234/tools/memory/memory/__init__.py bf84e52d75ba9616e5062ba1e2654e88232b9774 - arm-trusted-firmware.t234/tools/memory/memory/printer.py 9a17a0be50dc46f7c7a20bf6f65513a464ca136b - arm-trusted-firmware.t234/tools/memory/memory/buildparser.py 6b2e90d377388f801c45a5ee392f4c60397a3d67 - arm-trusted-firmware.t234/tools/memory/memory/memmap.py b17f00c165f3d3913b232007a840fdc58750b253 - arm-trusted-firmware.t234/tools/memory/memory/elfparser.py 143fba71e342babd2ee64d698f93090aea233937 - arm-trusted-firmware.t234/tools/sptool/sp_mk_generator.py 8ff7462ac14d934115235866ba7a90018870c6c8 - arm-trusted-firmware.t234/tools/sptool/Makefile 94e9758f25bc25bb3cf28c26f021394ee7ab7c76 - arm-trusted-firmware.t234/tools/sptool/sptool.py d1d13fd8efcddd123f275316a3a9bdec7f51b1f5 - arm-trusted-firmware.t234/tools/sptool/spactions.py ea6c13979a078b93b02205328962439613b2ef80 - arm-trusted-firmware.t234/tools/fiptool/fiptool.c e43cd1584b0cdd76b55d7ab5fbc3f1bdbafd0568 - arm-trusted-firmware.t234/tools/fiptool/Makefile 6dcc9e2c01e4d8e4c0b531154c0598192ba190c7 - arm-trusted-firmware.t234/tools/fiptool/fiptool_platform.h 12207fca29ab69b8fccc71ef7a95f9d551ec744f - arm-trusted-firmware.t234/tools/fiptool/win_posix.c 221615f987e75fb5b09b12b592251828c160b02e - arm-trusted-firmware.t234/tools/fiptool/win_posix.h 30931543e94deea26c28007433bf6d837f1839aa - arm-trusted-firmware.t234/tools/fiptool/tbbr_config.h c860da006e5f777f7d8eafce03f5c19e259ad4a5 - arm-trusted-firmware.t234/tools/fiptool/fiptool 3d5b607383dc4f856b78413d5717b3dd825ef661 - arm-trusted-firmware.t234/tools/fiptool/tbbr_config.c ff33081f63178813dd9c9235d17538954c29d7c6 - arm-trusted-firmware.t234/tools/fiptool/fiptool.h d47913d50cdf551a4f0677629c59c1464b96f606 - arm-trusted-firmware.t234/tools/fiptool/Makefile.msvc c3790f0231604e98c9505d4303e4c3610c5e6184 - arm-trusted-firmware.t234/tools/fiptool/plat_fiptool/st/plat_def_uuid_config.c 4851ccfd0900e6a09522dcb1ca41ace39024cd4d - arm-trusted-firmware.t234/tools/fiptool/plat_fiptool/arm/board/tc/plat_def_uuid_config.c ee87af83d314b14a8d8a41acb7fa47c97f7dda56 - arm-trusted-firmware.t234/tools/fiptool/plat_fiptool/nxp/plat_def_uuid_config.c 4bb1f396539bb06d05af57b630b8ef57df8a4bcb - arm-trusted-firmware.t234/tools/cot_dt2c/poetry.lock e90eb5e1afa25193cac99a3a9959e70aa8941749 - arm-trusted-firmware.t234/tools/cot_dt2c/pyproject.toml 4583445803f67199a823e65ffe1021528017efe9 - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test.dtsi ab261c4e95442bd2452f176055d7998d773b8a41 - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_util.py 1793a5d50c6551fe5395d2be8c2758dedaed5a8e - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_invalid_missing_root.dtsi 69a84057448a604721281e7d99b0ae418a5da068 - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test2.dtsi 4d5c73e53fe313ba5524d243d78bbea7a2261bdc - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_invalid_missing_attribute.dtsi 308068b1095b9788741890485d47ce4e66263b34 - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_invalid_undefined_parent.dtsi aa888f651556d0dc5da802f36d4af65489c0fa1c - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_invalid_bracket.dtsi 55d75426ebe3e4f28caabfbc374c729355184815 - arm-trusted-firmware.t234/tools/cot_dt2c/tests/test_invalid_missing_ctr.dtsi f1b8272be15cd774e3a3436f96842a58ba104871 - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/cli.py 03c1ce1f5ac33e6079a59be5e13795228cce30bb - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/dt_validator.py 065257a76434afec0c6c794b0810cd20bbb7d7bc - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/__init__.py 363358eb68004a04eb1022dfdf69eec58f63130b - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/cot_dt2c.py 815218445c1c243b59f54d9cfa1f5b0f333f24ff - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/__main__.py f758e2fd184934cc0fe28e30377cc0d32860af5f - arm-trusted-firmware.t234/tools/cot_dt2c/cot_dt2c/cot_parser.py db638509a7e5bfaf3a43de5e837b0135035b8b14 - arm-trusted-firmware.t234/tools/marvell/doimage/doimage.c 756e775ae7fd1a2a2bd5b1de079b5e28590fba48 - arm-trusted-firmware.t234/tools/marvell/doimage/Makefile f35a6333e76f3fb2bed05bad996a131317f5ac9d - arm-trusted-firmware.t234/tools/marvell/doimage/secure/csk_priv_pem3.key 8602871bb27d59d5b5ce180448e1ceb232027bad - arm-trusted-firmware.t234/tools/marvell/doimage/secure/csk_priv_pem1.key 954bc6cdf269e0eaa9581057657a1e2bf9621f38 - arm-trusted-firmware.t234/tools/marvell/doimage/secure/csk_priv_pem0.key 8fc012a12a4398216ad6fd4b97199ccd159711e5 - arm-trusted-firmware.t234/tools/marvell/doimage/secure/sec_img_7K.cfg f848ecb51058182d4c908f7c9a88561dbdce34bd - arm-trusted-firmware.t234/tools/marvell/doimage/secure/kak_priv_pem.key c8f9244b21f28bb382b1befed8dce13e4eae06f9 - arm-trusted-firmware.t234/tools/marvell/doimage/secure/csk_priv_pem2.key 5b6535dd6c94832d3113588ea938b9526b06b0fc - arm-trusted-firmware.t234/tools/marvell/doimage/secure/sec_img_8K.cfg 85d5f1c910be7dcbb6057611ed67d041c158964e - arm-trusted-firmware.t234/tools/encrypt_fw/Makefile 843248736f6bce43a9ac3f11f9bfa6a094face5a - arm-trusted-firmware.t234/tools/encrypt_fw/include/debug.h 08dcc81abf0dd5a951f1d7cb36e2d05628055bec - arm-trusted-firmware.t234/tools/encrypt_fw/include/cmd_opt.h f37ed62897799b6165569c0842904eb6fe5d21d5 - arm-trusted-firmware.t234/tools/encrypt_fw/include/encrypt.h 29f5f62fba8f9c0fb9e528df8a7c5f9a264d9bad - arm-trusted-firmware.t234/tools/encrypt_fw/src/cmd_opt.c 93d36734d229d79068472d13bb173cb9b1537d9d - arm-trusted-firmware.t234/tools/encrypt_fw/src/encrypt.c 806d63be7090d5c683064d0881e117eb44ff145c - arm-trusted-firmware.t234/tools/encrypt_fw/src/main.c 21a579ca91b991a544475979740fce41ec9456c2 - arm-trusted-firmware.t234/tools/cert_create/Makefile 843248736f6bce43a9ac3f11f9bfa6a094face5a - arm-trusted-firmware.t234/tools/cert_create/include/debug.h 9a9f3a2fd153f33162e606382d2b3fe41e263b75 - arm-trusted-firmware.t234/tools/cert_create/include/ext.h 0a307fbdd842fe9ae8212a2362b356addf0a38df - arm-trusted-firmware.t234/tools/cert_create/include/sha.h 134c6c14b6a384f0e036827b128d4adf08612d9a - arm-trusted-firmware.t234/tools/cert_create/include/cmd_opt.h 050230b0195ee8a824b3f37ea26da29901aa2061 - arm-trusted-firmware.t234/tools/cert_create/include/key.h 8b842068cbb1b417974e3790f0b22384fd832557 - arm-trusted-firmware.t234/tools/cert_create/include/cert.h 3ba13f5968bdc33f9769ea0baa4f65fb4bb37660 - arm-trusted-firmware.t234/tools/cert_create/include/cca/cca_cot.h a015fcfd89d3e63781911e5134884343975d6284 - arm-trusted-firmware.t234/tools/cert_create/include/tbbr/tbb_cert.h 728ba9b1bbfe33e0ca3e33eb166f04922947e3e3 - arm-trusted-firmware.t234/tools/cert_create/include/tbbr/tbb_key.h 0c696ba78f7d568469b58576262a035b3074ae67 - arm-trusted-firmware.t234/tools/cert_create/include/tbbr/tbb_ext.h 596785e69869c848d5fdb306b8084f282876abe7 - arm-trusted-firmware.t234/tools/cert_create/include/dualroot/cot.h 141db0ebbb3519ad3f12eef3776040eb6d3e7995 - arm-trusted-firmware.t234/tools/cert_create/src/ext.c ae1529ca4227309b67f0274139bec6dc24696084 - arm-trusted-firmware.t234/tools/cert_create/src/key.c 29f5f62fba8f9c0fb9e528df8a7c5f9a264d9bad - arm-trusted-firmware.t234/tools/cert_create/src/cmd_opt.c be863190f00aa6265cc9d462c89dea146f1acc0c - arm-trusted-firmware.t234/tools/cert_create/src/sha.c 169e3b31b7c2bff5c1f713172b93b060db25ccc3 - arm-trusted-firmware.t234/tools/cert_create/src/cert.c f213a5dbdc4bdd6855db838856f91256c725316a - arm-trusted-firmware.t234/tools/cert_create/src/main.c eb36f048bf994de32230bba2dc5073eb111ddb2b - arm-trusted-firmware.t234/tools/cert_create/src/cca/cot.c 11fe1d417bcbf3a47d588f48d738d47a156b9c49 - arm-trusted-firmware.t234/tools/cert_create/src/tbbr/tbb_ext.c 150a3fed1ca6eb5f4d72dc97cbbd70d8de56c8d4 - arm-trusted-firmware.t234/tools/cert_create/src/tbbr/tbb_key.c a71f6edc951824d84282d7f0262e1ebd260a5a38 - arm-trusted-firmware.t234/tools/cert_create/src/tbbr/tbb_cert.c 3ebbb87aa093e9d7f76862d62f88b94c9d40c25e - arm-trusted-firmware.t234/tools/cert_create/src/dualroot/cot.c 01000b7d50599a58601322b9a12174d81bd80571 - arm-trusted-firmware.t234/tools/renesas/rzg_layout_create/sa0.ld.S 90c0ad3ef49aaef9a6d5dbbab1f4e3bc6bec41df - arm-trusted-firmware.t234/tools/renesas/rzg_layout_create/makefile f51f929a6294d60d681b03dbf0f3f1fe0835fa3a - arm-trusted-firmware.t234/tools/renesas/rzg_layout_create/sa0.c 8c2b63db003e2e330f2af95b94c2132bc2fc9725 - arm-trusted-firmware.t234/tools/renesas/rzg_layout_create/sa6.ld.S 4085a8d4104eac744977d5ec6feacf08b8a1283a - arm-trusted-firmware.t234/tools/renesas/rzg_layout_create/sa6.c a728eb1898ea80778d60fcf57b727f977c29ec98 - arm-trusted-firmware.t234/tools/renesas/rcar_layout_create/sa0.ld.S 8325821679e16b5d1a049fbfdd7489f97c80d15c - arm-trusted-firmware.t234/tools/renesas/rcar_layout_create/makefile 213e1746ba029a55b6baf19ac0d8863713811b64 - arm-trusted-firmware.t234/tools/renesas/rcar_layout_create/sa0.c c6acebe37afdaba95dbaf9f814eb4bba5dd989a9 - arm-trusted-firmware.t234/tools/renesas/rcar_layout_create/sa6.ld.S 39d3bed79f18d521e0dfc0925252e7c89800e244 - arm-trusted-firmware.t234/tools/renesas/rcar_layout_create/sa6.c bb8bbd9e1032ab1c84c5fb160c50ae8b8224ae88 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/package.json 9bdff25d946a2c61d8312e1f53c49802d66d3577 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/index.js 65198bc7a494eba7c91745808f3ada1e3034659a - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/note.hbs 5e9ebb4c1ffaf478200ddbd8bd5bbef2b0f2d2f6 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/commit-section.hbs da39a3ee5e6b4b0d3255bfef95601890afd80709 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/footer.hbs 99f27ae0dfb07952b2130a819e32599cfc2d78c6 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/header.hbs bdd671375b10dbdabd4f1f87941d3071e275ff64 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/commit.hbs 1d1032e5160d84f70af7f7ab6dddaf003244f768 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/note-section.hbs 85453d72f48122ba14bd00512fac19ef0fc42d07 - arm-trusted-firmware.t234/tools/conventional-changelog-tf-a/templates/template.hbs d9c03766200f7f9e698f262a7b9b2a66ab1615f7 - arm-trusted-firmware.t234/tools/nxp/create_pbl/Makefile 2ec990b299f9fd69d0e0a85e98faba9055f56bab - arm-trusted-firmware.t234/tools/nxp/create_pbl/README 8c244c35557d7783298b64de071cdd3a9425ce43 - arm-trusted-firmware.t234/tools/nxp/create_pbl/create_pbl.c d66ad3c8e97d38face17234980203ac71836e11f - arm-trusted-firmware.t234/tools/nxp/create_pbl/byte_swap.c 621d8ec57a445f0149ebb8b216ef913ed05f8754 - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/include/pdef_tbb_key.h 3d16696dce452bf99b18bdd1a964fe7ad191477b - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/include/pdef_tbb_ext.h 46fb0f5a24245e631af2a4690c0d7202204c0e54 - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/include/pdef_tbb_cert.h f328e450c8ae941e8109578f1721860acbfafbbe - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/src/pdef_tbb_cert.c 4065b3a492865b1f4525586a648df384bf7c961a - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/src/pdef_tbb_ext.c 07aa178db31744c36f0989fd6906a333b6192848 - arm-trusted-firmware.t234/tools/nxp/cert_create_helper/src/pdef_tbb_key.c 29c65fd05d09ec0b8c462b48d7e65026f1a9415b - arm-trusted-firmware.t234/services/std_svc/std_svc_setup.c 250540ab4306221c494658c2239ffed65aa3fbd9 - arm-trusted-firmware.t234/services/std_svc/pci_svc.c bb20fb1a3e8986d55acfcd1c0ffb6481360dac1e - arm-trusted-firmware.t234/services/std_svc/errata_abi/errata_abi_main.c 0cd8f0fbaa69feb3f4f8bc6e1c6f5b426268805d - arm-trusted-firmware.t234/services/std_svc/errata_abi/cpu_errata_info.h c53e4b9cdb4eaee27196d9759c484c4faeaf7d06 - arm-trusted-firmware.t234/services/std_svc/trng/trng_entropy_pool.h af765e45fd91c02ff22721ec1913043fd96434a4 - arm-trusted-firmware.t234/services/std_svc/trng/trng_entropy_pool.c 37b01eb1ed4da3bb42e9ba829719b6d771d1c8b4 - arm-trusted-firmware.t234/services/std_svc/trng/trng_main.c f350480c66a48d9aa0dfdfe68680d49bc7fa3fc7 - arm-trusted-firmware.t234/services/std_svc/rmmd/rmmd_attest.c 8449142d13bece8438bd4c1ab51d294b6e3c8fbb - arm-trusted-firmware.t234/services/std_svc/rmmd/rmmd_main.c 26be0a6e880962cffc338be91ad0f344e8aee9ef - arm-trusted-firmware.t234/services/std_svc/rmmd/rmmd_initial_context.h 96470d49174bfc4da005d7f4ad1de03487b14bae - arm-trusted-firmware.t234/services/std_svc/rmmd/rmmd_private.h 51c4bc5d5a6c9b18e2f3f2c951d3f8abe0869ba2 - arm-trusted-firmware.t234/services/std_svc/rmmd/aarch64/rmmd_helpers.S ff0c111a2f42278dab1ef79a54691d48f1bcb9d8 - arm-trusted-firmware.t234/services/std_svc/rmmd/trp/trp_helpers.c 76fdf0170d89eeee63d4c129044614ed0e923d32 - arm-trusted-firmware.t234/services/std_svc/rmmd/trp/trp_private.h 4f8baa7bd263dc08f7cf1e38fbf581092ba1f933 - arm-trusted-firmware.t234/services/std_svc/rmmd/trp/trp_entry.S c07ea895c4dcc550d2b6538157d6335283491741 - arm-trusted-firmware.t234/services/std_svc/rmmd/trp/linker.ld.S afdf0cb5efb3ab1d18c35e32bfd30b8f566bd9b4 - arm-trusted-firmware.t234/services/std_svc/rmmd/trp/trp_main.c a37e13997e7f9f9c3e56b6dd87d84107e42ad208 - arm-trusted-firmware.t234/services/std_svc/spm/spm_mm/spm_mm_private.h 85a4b673b62f9fd8005fcbe64068b5c1ace3500a - arm-trusted-firmware.t234/services/std_svc/spm/spm_mm/spm_mm_xlat.c 904282887a7f3f2461fd3fb468a811498840445c - arm-trusted-firmware.t234/services/std_svc/spm/spm_mm/spm_mm_main.c 19031962bbf9758aa9e474b9eb9c35bf082d0b6c - arm-trusted-firmware.t234/services/std_svc/spm/spm_mm/spm_mm_setup.c d9a9bbb9fbb84e6b4cd5c911385762837185d34c - arm-trusted-firmware.t234/services/std_svc/spm/common/spm_xlat_common.c d46adc7f9d08235a036ecf30da3d84c5321aed7f - arm-trusted-firmware.t234/services/std_svc/spm/common/include/spm_shim_private.h 0fe96ee27a62d45f27d16ce2a457915c378bb7e0 - arm-trusted-firmware.t234/services/std_svc/spm/common/include/spm_common.h 1d78e66e35ecda90ea616a2e2c56d19e17b94c93 - arm-trusted-firmware.t234/services/std_svc/spm/common/aarch64/spm_helpers.S 785ff37c2c59d92ad49861aab2dcf74eea24ac2e - arm-trusted-firmware.t234/services/std_svc/spm/common/aarch64/spm_shim_exceptions.S bc55f1789ef57bd1a4ab9acf214236a8d8848f12 - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc_shared_mem.c 6d76a1e464541299511fb063464a36aa684a9a1b - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc_main.c cdbb2f43d2692b57af33b66a74fd05995592deb3 - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc.h 2813c1a896e3ea379d291b876d460b3c3fb595cf - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc_setup.c 586f59679745adddacc84ba8bb2da429eff1403b - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/logical_sp.c ea0ee7f763e533a5c9d4103dc66c27e4d4a39847 - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc_pm.c f95a2beac255a48f06c6d600526017ec36556fde - arm-trusted-firmware.t234/services/std_svc/spm/el3_spmc/spmc_shared_mem.h 011506971ee4c1f729cff29362d757f65d0a7e1c - arm-trusted-firmware.t234/services/std_svc/spmd/spmd_main.c df5124cb1afa8f7cae00b597f3427f3d11e3575f - arm-trusted-firmware.t234/services/std_svc/spmd/spmd_logical_sp.c cea07d2bb71dd582152a479f90069cf99c102579 - arm-trusted-firmware.t234/services/std_svc/spmd/spmd_private.h de3a93929ead7eaea70114a4c3c073560aacd2a1 - arm-trusted-firmware.t234/services/std_svc/spmd/spmd_pm.c eb5c9e4113243964f83a249807ed07711dc6f145 - arm-trusted-firmware.t234/services/std_svc/spmd/aarch64/spmd_helpers.S ef7031b55ae8ccff8614b097dab00ba1367d15ee - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_measurements.h f130d33bc42e951d60495f5991c9401d87ad02fc - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_measurements.c d3bfc986d76556c18127069d7171f912a650262f - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_remediation.h 94a4dbebd05b5ac04ddc62f410c23978d1af5e79 - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_dma_prot.h 3510e57e814a2ad8cc236670963d9b8179968c88 - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_dma_prot.c 8304770927ec294961c83a628cc5e32676535d52 - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_main.h 8f97a01d1402ba0622a4f55df2bfc9955e237f0f - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_main.c 04ab7e26c327dba2afac277bfc9b9411015427df - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_remediation.c a13fa14815a742133d25519d9616e0753aed9864 - arm-trusted-firmware.t234/services/std_svc/drtm/drtm_res_address_map.c cf9d5355c3df9df5931e91509161773db2e75527 - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_intr_mgmt.c c8a8e3febebccece37ca7976f39c7db13be5882c - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_event.c ed3a4e16186524a88ed19aa95176bc233b0928fe - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_dispatch.S b8207b17922c0b2192565df4c3bc9e1e9e726afa - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_state.c 36f054958b6c01f03eed070113b49903ce936a5d - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_private.h f14e88f4c5e8f9148871857632348412fc482ab2 - arm-trusted-firmware.t234/services/std_svc/sdei/sdei_main.c 9627f6c760a904df46967b233f4f82b93ad7dc51 - arm-trusted-firmware.t234/services/oem/chromeos/widevine_smc_handlers.c 6c95022182f6c852c22a18b065ba0adbc70c78f4 - arm-trusted-firmware.t234/services/el3/ven_el3_svc.c da74a3d01ff81faa8d4b11d5eb728cf282490890 - arm-trusted-firmware.t234/services/spd/pncd/pncd_helpers.S 0fb6679b9728b7bf5f45e7f3f51e86605ab4b044 - arm-trusted-firmware.t234/services/spd/pncd/pncd_private.h fb004742ba4ab163a988141534bc07d39179974b - arm-trusted-firmware.t234/services/spd/pncd/pncd_main.c 4a8bc1d1730d437d80a54c436d2903ae9eae82de - arm-trusted-firmware.t234/services/spd/pncd/pncd_common.c 55c35f079c4fec17128f7c644425b13fd516f2e8 - arm-trusted-firmware.t234/services/spd/trusty/smcall.h 2bbaae4a856f5eba1f98688458729049af38a448 - arm-trusted-firmware.t234/services/spd/trusty/generic-arm64-smcall.h 405a4e398e27192766391869719c952a77d4e789 - arm-trusted-firmware.t234/services/spd/trusty/generic-arm64-smcall.c 912f672668f3beed13a6a55a3fab7666e147ea6c - arm-trusted-firmware.t234/services/spd/trusty/sm_err.h 4ee401d3a731dc01f150a631703aa677393cfce6 - arm-trusted-firmware.t234/services/spd/trusty/trusty.c ba437dffc2a576e12cd8b8b5e8331a43244754b0 - arm-trusted-firmware.t234/services/spd/trusty/trusty_helpers.S 4de68d8c201f2ab1e06193436a4bc1607fce0a4f - arm-trusted-firmware.t234/services/spd/tspd/tspd_main.c 9e1f0869cd197cf08ef7ccf3d405aabd2d1dff8d - arm-trusted-firmware.t234/services/spd/tspd/tspd_private.h f9cf95e919ab4903bc80205e402547ddebe078a8 - arm-trusted-firmware.t234/services/spd/tspd/tspd_helpers.S 45855bd72493c075e03c590cfade6075e5656654 - arm-trusted-firmware.t234/services/spd/tspd/tspd_common.c d68051c573aae1f65601f9c9307d095259f8de63 - arm-trusted-firmware.t234/services/spd/tspd/tspd_pm.c 176e5bf39535fbb39c81b2deb17ee470cac87159 - arm-trusted-firmware.t234/services/spd/tlkd/tlkd_pm.c 142d38075927c9f109ad340ad654796cee0d35f8 - arm-trusted-firmware.t234/services/spd/tlkd/tlkd_private.h 61ff410fd8dae3d3ecffc63595125321444d53c7 - arm-trusted-firmware.t234/services/spd/tlkd/tlkd_main.c c213fbde43c8075e8fe28297dd6934f2f7c5f6fa - arm-trusted-firmware.t234/services/spd/tlkd/tlkd_common.c 14bc8b1de264fc27498c195073dcf7c1dd736c4d - arm-trusted-firmware.t234/services/spd/tlkd/tlkd_helpers.S 834b1b5e96e49133c1d18535a047a3f6e368d4c5 - arm-trusted-firmware.t234/services/spd/opteed/teesmc_opteed.h 37cf3bd9e8a7f0387a207205e16161b32d4e9521 - arm-trusted-firmware.t234/services/spd/opteed/teesmc_opteed_macros.h 4635025f320be95a9f6d0bf99ff5aeb9bd399b0b - arm-trusted-firmware.t234/services/spd/opteed/opteed_common.c ff4fb5fa51d7d697bdfd2a6ba5a4031d119efafd - arm-trusted-firmware.t234/services/spd/opteed/opteed_private.h cbbca4497a47361c068ee738dcb9003eeb97d52f - arm-trusted-firmware.t234/services/spd/opteed/opteed_main.c ac780cf28ae1b9386edc9bc1ed664ef1f74033e6 - arm-trusted-firmware.t234/services/spd/opteed/opteed_pm.c c8ea87fefa1ecd86c162a85206e9427be8c93afb - arm-trusted-firmware.t234/services/spd/opteed/opteed_helpers.S e5a3069e5559c7a03e2472e9ae57479e71fd854a - arm-trusted-firmware.t234/services/arm_arch_svc/arm_arch_svc_setup.c d776b421c44d86a91304c364e33ebf4f48d08018 - arm-trusted-firmware.t234/docs/glossary.rst aa47f6ef5e32104b354ad6ece6974d984070fd93 - arm-trusted-firmware.t234/docs/Makefile c0dbc6d573e30a2884706dffd5196185a81dd5fe - arm-trusted-firmware.t234/docs/conf.py daa9297e070c7737bed1379ab58be6de305f2b6b - arm-trusted-firmware.t234/docs/porting-guide.rst f6d1ada6cc3b1d652f04dcae67db6de0c118f150 - arm-trusted-firmware.t234/docs/change-log.md 4db0a3d5fc983608dfa2c7307e3c83ce59268ced - arm-trusted-firmware.t234/docs/license.rst a45f43298e13c2a1ef63d78c6368bc951bb70d1a - arm-trusted-firmware.t234/docs/index.rst add0156b84b7d9f7760db313170bf81a672a66a6 - arm-trusted-firmware.t234/docs/resources/TrustedFirmware-Logo_standard-white.png d61db810bf6d286e5ddfdbd1dd2fa71d07951955 - arm-trusted-firmware.t234/docs/resources/diagrams/context_init_warmboot.png 19e287ff6d7c25917fd56356da40bee3e5ef120e - arm-trusted-firmware.t234/docs/resources/diagrams/sec-int-handling.png ce1631bf5349310ea9958448225693d64e1f0ade - arm-trusted-firmware.t234/docs/resources/diagrams/Makefile 10d343a1dfde1e76a19cfc7a0f8a9ca28710ee17 - arm-trusted-firmware.t234/docs/resources/diagrams/reset_code_no_cpu_check.png 40dca2e6d5cf7cdc88398bf5e2df39f3fce31bab - arm-trusted-firmware.t234/docs/resources/diagrams/spm-threat-model-trust-boundaries.png 66f1f1fd09b5146cb2a5e1c538de29ea7f88ed7e - arm-trusted-firmware.t234/docs/resources/diagrams/fwu_states.png bc8397b0eed8a70790b8f0aba5ec95b35eb1df84 - arm-trusted-firmware.t234/docs/resources/diagrams/psci-osi-mode.png a4a155ed455ea56cd17002632d553e84ce799a0b - arm-trusted-firmware.t234/docs/resources/diagrams/secure_sw_stack_tos.png c25efaeb5d88d10b100f05ff7134486a52eee33d - arm-trusted-firmware.t234/docs/resources/diagrams/cot-tbbr.jpg 3b97ed1d832abbae11196e9978c4dad4899df01b - arm-trusted-firmware.t234/docs/resources/diagrams/tf-a_system_diagram.png 04d4d19fb5f3fb1962a5f0ed8afc5b59c4d4747f - arm-trusted-firmware.t234/docs/resources/diagrams/rse_measured_boot_flow.svg f9e79c3023f932bdf0edb432415a33c29ca4bd87 - arm-trusted-firmware.t234/docs/resources/diagrams/cpu_data_config_context_memory.png d2522911e613a4005eb1e10931779a1bb350a363 - arm-trusted-firmware.t234/docs/resources/diagrams/FIP_in_a_GPT_image.png aacd72a3c084647a884d67147510a1b0c26d8359 - arm-trusted-firmware.t234/docs/resources/diagrams/reset_code_flow.dia e5b50760d9ffdba66cef4e05bd4f8337791dc975 - arm-trusted-firmware.t234/docs/resources/diagrams/bl31-exception-entry-error-synchronization.png 77da82b847d9c9a0cecaa2e43e40dac166a66399 - arm-trusted-firmware.t234/docs/resources/diagrams/cmake_framework_structure.png d10eb3ff6f8cf071330205ec0d59126d79f939f4 - arm-trusted-firmware.t234/docs/resources/diagrams/non-sec-int-handling.png 08ebe00cb9823cd55d80c05b4aaaa64c103093ce - arm-trusted-firmware.t234/docs/resources/diagrams/xlat_align.dia ada526023821d5e57e3e1aa979b38d2c8708227e - arm-trusted-firmware.t234/docs/resources/diagrams/ff-a-spm-sel2.png bd8f72d2bcb7548f20b3be728f27924ac4ce7f48 - arm-trusted-firmware.t234/docs/resources/diagrams/secure_sw_stack_sp.png 42caf7b1be51be31c29647e71c14dd18dbc3be1e - arm-trusted-firmware.t234/docs/resources/diagrams/measured_boot_design.png 1de3f72eb01a146af223fd1ca40674a98ad2531e - arm-trusted-firmware.t234/docs/resources/diagrams/root_context_sequence.png 17e11d01f23f073cec01fb44acaa3c976495e982 - arm-trusted-firmware.t234/docs/resources/diagrams/cmake_framework_workflow.png 80b81639bb1aa78723d3635f0359764c595e38c8 - arm-trusted-firmware.t234/docs/resources/diagrams/romlib_design.png 7c4678ac4952c496df4536445b336d96139b0066 - arm-trusted-firmware.t234/docs/resources/diagrams/ffa-secure-interrupt-handling-swd.png c194964eb3447a9c4baad661a58b201ca88c0e8f - arm-trusted-firmware.t234/docs/resources/diagrams/partition-package.png 13746a3b0bb6f10e8d6602ba7a8d0ba8115f75ac - arm-trusted-firmware.t234/docs/resources/diagrams/psci-flattened-vs-hierarchical-idle-states.png 84f99bb590f5c8748bc6e47f3e7bd4bf5890447d - arm-trusted-firmware.t234/docs/resources/diagrams/xlat_align.png 50f763945869b47f10e2ee3322cbbb09cc75916b - arm-trusted-firmware.t234/docs/resources/diagrams/cot-dualroot.jpg fd3f89a0c0509273b1ad8532ee561ba5b112edac - arm-trusted-firmware.t234/docs/resources/diagrams/rmm_cold_boot_generic.dia 99cbcaf2a259695669bf32175773b98f1d094802 - arm-trusted-firmware.t234/docs/resources/diagrams/psci-pc-mode-vs-osi-mode.png eb920891f11d0b8a50653c492d505cadfa7cfcf3 - arm-trusted-firmware.t234/docs/resources/diagrams/tf-a_data_flow_diagram.png 312d68f45cd68f14b7f2e449e73ecd1926e01c67 - arm-trusted-firmware.t234/docs/resources/diagrams/measured_boot_design.dia 4ab0332c836fdf5e5596c2b7ecc6ea4bccb62b8c - arm-trusted-firmware.t234/docs/resources/diagrams/reset_code_no_checks.png 40ffa83fe202970879802b809b75c10ed360c7d4 - arm-trusted-firmware.t234/docs/resources/diagrams/romlib_wrapper.png 2417a250f3f2552f5e881830e947024a92e55adf - arm-trusted-firmware.t234/docs/resources/diagrams/arm-cca-software-arch.png d9a6dc06e1a28c0235940539e527ac285c179342 - arm-trusted-firmware.t234/docs/resources/diagrams/reset_code_no_boot_type_check.png be45d18c63f67896114536f9eb149b14904be8c6 - arm-trusted-firmware.t234/docs/resources/diagrams/context_init_coldboot.png c05984305daded35b5f3a14ea3c5ac88319f4292 - arm-trusted-firmware.t234/docs/resources/diagrams/romlib_design.dia 2bd536051e1dd879aa3f05a384daeb20b34f281d - arm-trusted-firmware.t234/docs/resources/diagrams/percpu-data-struct.png c0699dda17e5170414bfd6c040e320f86b076a3c - arm-trusted-firmware.t234/docs/resources/diagrams/context_memory_allocation.png fdb07d57fc0ab62ee420a06287f1ebdc8c89f0fd - arm-trusted-firmware.t234/docs/resources/diagrams/ff-a-spm-at-el3.png 763017cfa85171acb7422b0f8ef1c40ba69443a3 - arm-trusted-firmware.t234/docs/resources/diagrams/rt-svc-descs-layout.png 2e886fd02f6b39a545824f0819608260e0671c14 - arm-trusted-firmware.t234/docs/resources/diagrams/context_mgmt_existing.png c279d33545695cac4327bf14a8d84b4237dc8387 - arm-trusted-firmware.t234/docs/resources/diagrams/MMU-600.png 04a65e98eceabb17ea534a6dea187021477a1fb2 - arm-trusted-firmware.t234/docs/resources/diagrams/int_handling.dia a6a4256584fddbb776f1e274748edeff4289cf4a - arm-trusted-firmware.t234/docs/resources/diagrams/psci-suspend-sequence.png 1586bdc989b8698512851e436d39fed8ad375030 - arm-trusted-firmware.t234/docs/resources/diagrams/romlib_wrapper.dia 64d840596ae8dbdfb803bfdd471e3d4e7955ca82 - arm-trusted-firmware.t234/docs/resources/diagrams/fwu_flow.png 4d2668ab5814fb9b799f65b69b427db29952658b - arm-trusted-firmware.t234/docs/resources/diagrams/ffa-secure-interrupt-handling-nwd.png 168efaed29ad0e41af7a5a0c99a51e33a0db654b - arm-trusted-firmware.t234/docs/resources/diagrams/tf-a_attack_tree.png a0ca882a9a47bf5642759780b006f69f3c667fff - arm-trusted-firmware.t234/docs/resources/diagrams/context_management_abs.png d5775195107610d6a67d5d7f8af6590e4e53e570 - arm-trusted-firmware.t234/docs/resources/diagrams/default_reset_code.png 60085ca8f9241e330d229fb5c279e725e59518c6 - arm-trusted-firmware.t234/docs/resources/diagrams/rse_attestation_flow.svg 5058f6e8c3278aeb9fcf6b27526000cd079a9d07 - arm-trusted-firmware.t234/docs/resources/diagrams/ff-a-lsp-at-el3.png 77f9b835b00f7926f05f699362fefbecf98c649f - arm-trusted-firmware.t234/docs/resources/diagrams/PSA-FWU.dia b605edbecdbd0fe48f45856493d43740e3c060be - arm-trusted-firmware.t234/docs/resources/diagrams/PSA-FWU.png b42c9e2672802e26c9137df29eff6a1c68652ea6 - arm-trusted-firmware.t234/docs/resources/diagrams/context_mgmt_proposed.png aa7462d2e5339e422146420f79d882671016b17b - arm-trusted-firmware.t234/docs/resources/diagrams/rmm_cold_boot_generic.png ad73cbcd10b1b5e45ca3a01df6c435b345686322 - arm-trusted-firmware.t234/docs/resources/diagrams/draw.io/ehf.svg a2eed4587b5987e97e3f8207a2c9783c5e322c90 - arm-trusted-firmware.t234/docs/resources/diagrams/draw.io/ras.svg 2c5f1b895b01d75ebe2fd874d61f728fe18fca4a - arm-trusted-firmware.t234/docs/resources/diagrams/draw.io/ras.xml 4eb0b99548ee5cdbff9d0e01b3455c7c1e1af275 - arm-trusted-firmware.t234/docs/resources/diagrams/draw.io/ehf.xml 732ce8b12943c9ca218e89a1aa3eae1379952d12 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/fip-secure-partitions.puml 0130e90e98cac66f9ac28a56d8fa17af801ead7a - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/io_dev_init_and_check.puml f2de9c83dfacd4a238df7773b4cba2d566647801 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/rse_measured_boot_flow.puml cde708741ffdd39f92d8670aea4a93ef451cd611 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/spm_dfd.puml 7ca50157b91a940fdcd61fed7da54e93501b2c3e - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/io_framework_usage_overview.puml b58a1fb5e8edf2e3e6992c3ca0c152016a1cbfcb - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/rse_attestation_flow.puml e7d90ce5c6507c7ea4b3337460d633fc2eba9627 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/tfa_dfd.puml 0cbedd3989e3d4fc11c3401d7b250d8b14411c50 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/sdei_explicit_dispatch.puml 2c516abafcee77f3889360526590d0764a35d61c - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/bl2-loading-sp.puml 89429fb35fc54ad81b4aab0c9d5860b228aab347 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml dffc936ec4f4efa78850a08b6bf70c0e75da5188 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml a431301dad1931dd6247cef4df049efa732cefe8 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/el3_spm_dfd.puml a92a6d3451184afa73bc3f6cc634befe679a8c17 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/tfa_arm_cca_dfd.puml 1db2031ada75fc6c1de9b1e247069fee6fa4586d - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/tfa_rse_dfd.puml 9e7994a98a6d3531ff8f3c7e16b9e27ae0240805 - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/io_arm_class_diagram.puml 853a892ccba3dedfcb4491b7ad449b46d6a4d47c - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/sdei_general.puml 695a4bfc3f0c50586104d10e16a8527c37f3541f - arm-trusted-firmware.t234/docs/resources/diagrams/plantuml/io_dev_registration.puml 658edbd601287357ba1a2f62f6ab44de095d073d - arm-trusted-firmware.t234/docs/threat_model/supply_chain_threat_model.rst 2a46c4e9b1aa01de8b9ac24d80cad8b463fb0657 - arm-trusted-firmware.t234/docs/threat_model/index.rst f60613a2f0392f0001f85570b7367397e8918225 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model_rse_interface.rst 54cf04e030b0f1c704847e2fa8ea302fab42ba7d - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model_el3_spm.rst 5997a3dcf5a5c3396ea52a5f971e903abad05b90 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model.rst f4313d454b94886703fa8cccee1fe4b4b9562358 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model_arm_cca.rst b2d5c37122edea16af4ba5efb0f6b45ed349a351 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model_fw_update_and_recovery.rst 97b069f631b2d453daa914e58ee0d31edcc7f417 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/index.rst f185c43a46e00f66d19abe5ee3f8b75932d783b6 - arm-trusted-firmware.t234/docs/threat_model/firmware_threat_model/threat_model_fvp_r.rst 966ba943c005919435b2b1d9b5d24afe2422c17c - arm-trusted-firmware.t234/docs/tools/cot-dt2c.rst 6816b259d47237b41fa1a86de9a13e2709284071 - arm-trusted-firmware.t234/docs/tools/transfer-list-compiler.rst 1206795e4d36b6c10c0a35d2a350eefa003ef465 - arm-trusted-firmware.t234/docs/tools/memory-layout-tool.rst 9364cf1fab373e517efc04f2a119861b14861f8f - arm-trusted-firmware.t234/docs/tools/index.rst c58abddf23ca493d1ad75ad62fdf1678a0a2ef06 - arm-trusted-firmware.t234/docs/design_documents/context_mgmt_rework.rst 0a78dfc0bd78f6d8c531d55de25b9ff7f90493f7 - arm-trusted-firmware.t234/docs/design_documents/psci_osi_mode.rst 939ce9d2133afbe8b47ebceaa122932079e5d6dc - arm-trusted-firmware.t234/docs/design_documents/measured_boot_poc.rst 9891ed85f2bc9de65aa8cf83cd460f2b88405633 - arm-trusted-firmware.t234/docs/design_documents/drtm_poc.rst 7a036c92324d9245792ca2013247f6321f8dbdda - arm-trusted-firmware.t234/docs/design_documents/rse.rst e600d33bf17860b78a1182d7b65269f91dd55dbd - arm-trusted-firmware.t234/docs/design_documents/cmake_framework.rst 2eb0c204015a0d0323916d23dec1f365e94e321c - arm-trusted-firmware.t234/docs/design_documents/index.rst 7bf18dbc293466e75606fb2e908bbb83baa5bd0c - arm-trusted-firmware.t234/docs/design_documents/measured_boot.rst 876ecd2cd0b72cde1e326aca634b13590eb65127 - arm-trusted-firmware.t234/docs/about/features.rst 3d4d6eeef77d8e11c9b5da38bf3008531d4cdff8 - arm-trusted-firmware.t234/docs/about/acknowledgements.rst 59188a229cb22f62c915c6615051abf66941512a - arm-trusted-firmware.t234/docs/about/index.rst 023ce035b13ab6b22bffab6add0c22ae58e27d77 - arm-trusted-firmware.t234/docs/about/maintainers.rst f52af6d843069d9182360c30cb512e12cda75eee - arm-trusted-firmware.t234/docs/about/release-information.rst bcef6a5f9db857ad5896f4e9374aecc615b4b915 - arm-trusted-firmware.t234/docs/about/contact.rst dd31a42d63ccf51148db05110d91ac7fd95061ed - arm-trusted-firmware.t234/docs/plat/mt8195.rst 53ad796a079c18ccb28e378fbe08125ccd1c307e - arm-trusted-firmware.t234/docs/plat/qemu.rst 45f03fd73a50f2fe124a2bd1d70fb40243ba0e82 - arm-trusted-firmware.t234/docs/plat/warp7.rst 16ea8f704b5d359f11c9d7933a9e2f5917aa0667 - arm-trusted-firmware.t234/docs/plat/xilinx-versal-net.rst 53f0692ccc04d5d659e88ac1dc1080af6dcda94d - arm-trusted-firmware.t234/docs/plat/qti.rst f2bbe77ac618ba9be663de2bba3cee62eaf17f60 - arm-trusted-firmware.t234/docs/plat/mt8186.rst dbd0fdaf8a0709f4231183ef22ec88c8cac28a9e - arm-trusted-firmware.t234/docs/plat/stm32mp1.rst b5fd0cc9873aa28dfee1359df06c554055c5cb63 - arm-trusted-firmware.t234/docs/plat/ast2700.rst 911b04f9f4d7b4b3adec613748b9916cec40c5f4 - arm-trusted-firmware.t234/docs/plat/npcm845x.rst a970558632482b93ee96aba756982061d20ea4e8 - arm-trusted-firmware.t234/docs/plat/intel-agilex.rst 740342b5a11fca63f16d52d91e9a50dfd34e9126 - arm-trusted-firmware.t234/docs/plat/amd-versal2.rst 556090a5f980031e56bccbb5c6d93f41384aad09 - arm-trusted-firmware.t234/docs/plat/intel-stratix10.rst 1fb07134c685f21246757d77653a8c6bb12d949c - arm-trusted-firmware.t234/docs/plat/socionext-uniphier.rst 36ff292b1e69d9196de27befe5bcff966f10dfc5 - arm-trusted-firmware.t234/docs/plat/rpi3.rst 8deb92e6279b36a3cb6face9f94646bed89dfd97 - arm-trusted-firmware.t234/docs/plat/imx9.rst de25efbc7acce27ba0385c2c51a59fbc0f7f7124 - arm-trusted-firmware.t234/docs/plat/brcm-stingray.rst 84cb8ce1de6f042d0693d8a1a4bb2265ef8a7ed0 - arm-trusted-firmware.t234/docs/plat/meson-axg.rst 4905e051c0a996867dcc2389b8bd5430b0741699 - arm-trusted-firmware.t234/docs/plat/imx8.rst 8b88e9d6cfe72a03efd7e226122d5cd33334fe66 - arm-trusted-firmware.t234/docs/plat/ti-k3.rst 12b7c2db7722b49705438fabf8b96c0943d163bd - arm-trusted-firmware.t234/docs/plat/meson-g12a.rst 6b1f0cb39f8a603b024144ef239be0a20c53c377 - arm-trusted-firmware.t234/docs/plat/rockchip.rst b54be1ac4f13d0a724629f301e245bbcc4379d44 - arm-trusted-firmware.t234/docs/plat/nvidia-tegra.rst 7744970a57723aa0882c4ffcca346a018dfa9816 - arm-trusted-firmware.t234/docs/plat/rpi5.rst dc428854972c4fe85278d839362b2e928e3ddaf8 - arm-trusted-firmware.t234/docs/plat/allwinner.rst 2ed0c805bd3cba59619101f0918aeac59d4e6fd3 - arm-trusted-firmware.t234/docs/plat/rcar-gen3.rst ddffb1cc078fd2d3c58ed8cde2b32388ccd532c9 - arm-trusted-firmware.t234/docs/plat/meson-gxl.rst 2f1fe73b1396f1d4d6c9c340f8574155ce1c6a3f - arm-trusted-firmware.t234/docs/plat/imx8ulp.rst 9bfeb07c04a47aacac6ae649f75799c894e74067 - arm-trusted-firmware.t234/docs/plat/mt8183.rst 01b97fb19ab7a8e8baa5a1a96d35f2cb5dc0a05c - arm-trusted-firmware.t234/docs/plat/rpi4.rst 3cefd2238957aeadfec4d578846bb38b56ca5c26 - arm-trusted-firmware.t234/docs/plat/hikey960.rst 92b2fa09de5e4e7dc0ee6ff61456bcc41b3fa711 - arm-trusted-firmware.t234/docs/plat/qti-msm8916.rst 9e85f6fbc5306c4b0604e98de5fcbddb385c4ce1 - arm-trusted-firmware.t234/docs/plat/mt8192.rst a9d7ad7c4cb2a7c60556534bbe29f765dc6d1c64 - arm-trusted-firmware.t234/docs/plat/xilinx-versal.rst b4e4939c027168061216b513705a698e3b671665 - arm-trusted-firmware.t234/docs/plat/imx8m.rst 05664e895ce6375be6ad98e9576013d1209cb012 - arm-trusted-firmware.t234/docs/plat/hikey.rst a6c4746123e21eba44253912da4e92f0fd31a6cc - arm-trusted-firmware.t234/docs/plat/rz-g2.rst b2aa675ccb8952fdae09d53243a446eab5bd0d56 - arm-trusted-firmware.t234/docs/plat/index.rst 5e8683cb8a4bd212afefc2295ce7ebc01bf8a029 - arm-trusted-firmware.t234/docs/plat/mt8188.rst d0ad3f088b7307bd002023c2fcda2de07a36f40f - arm-trusted-firmware.t234/docs/plat/synquacer.rst 25ec8ee5167ea3d60afe26566de20782ee6aa44c - arm-trusted-firmware.t234/docs/plat/qemu-sbsa.rst 080191f60f9e441f7527257b977a2c8f6d8c5533 - arm-trusted-firmware.t234/docs/plat/poplar.rst 2a492964dd82db785e381f828fae2b2a729f6749 - arm-trusted-firmware.t234/docs/plat/meson-gxbb.rst 264804ef6d1b8919af3cd8978866bc0070372862 - arm-trusted-firmware.t234/docs/plat/s32g274a.rst 24b8105bdda1d9d4f80d6d206326c8a8b0c080bd - arm-trusted-firmware.t234/docs/plat/xilinx-zynqmp.rst d2fd68aa984d6ea32758a6ce4acc4fdb8ce6a6f5 - arm-trusted-firmware.t234/docs/plat/st/stm32mp1.rst 0b45d66fda91e32c39d073afbc10b848d06355ba - arm-trusted-firmware.t234/docs/plat/st/stm32mp2.rst 7a031e18db18fc4463b782ef7b3d3194ad7a919f - arm-trusted-firmware.t234/docs/plat/st/stm32mpus.rst 6843bcda991ac32b56909efb458ac7b9ccfe4c70 - arm-trusted-firmware.t234/docs/plat/st/index.rst 9a8421091aa139e567a9d2716972e0169baf832a - arm-trusted-firmware.t234/docs/plat/marvell/index.rst 5315af3195d5a7c46ec750dccbf4f684c0df4e81 - arm-trusted-firmware.t234/docs/plat/marvell/armada/porting.rst 011fd015be24cc6440f16c9224d4b7ebaf9c4e8f - arm-trusted-firmware.t234/docs/plat/marvell/armada/uart-booting.rst e9622121f101a843f70aaae2b455adfb3e2170b5 - arm-trusted-firmware.t234/docs/plat/marvell/armada/build.rst bcb055e4f5b81eda0adb88f8b79f78b72b1332b9 - arm-trusted-firmware.t234/docs/plat/marvell/armada/misc/mvebu-amb.rst 30afe5cabdcd30362317ee05e9fc4203912e1e30 - arm-trusted-firmware.t234/docs/plat/marvell/armada/misc/mvebu-a8k-addr-map.rst 3b71f880342eddec219418df7f6e6034cce505b5 - arm-trusted-firmware.t234/docs/plat/marvell/armada/misc/mvebu-ccu.rst 0af03a25bc9938840be478afe1f0c3375e852dc7 - arm-trusted-firmware.t234/docs/plat/marvell/armada/misc/mvebu-iob.rst 4496a36f12db50b8075c93550ad2b7a23c24e490 - arm-trusted-firmware.t234/docs/plat/marvell/armada/misc/mvebu-io-win.rst b866c4c537783ada4579ff174f14b4e1bd639fe7 - arm-trusted-firmware.t234/docs/plat/arm/index.rst b23ce573b67c042848709b2c212498b894553d47 - arm-trusted-firmware.t234/docs/plat/arm/arm-build-options.rst 78440e5f0e1b7a1f861e281caf3b8e73bb490a53 - arm-trusted-firmware.t234/docs/plat/arm/corstone1000/index.rst 24c76f158d1e87e91f57e9fd829239dbea4feb4f - arm-trusted-firmware.t234/docs/plat/arm/morello/index.rst 2fafe94098027a5e4dd7a0b123b9e0fc38a4515f - arm-trusted-firmware.t234/docs/plat/arm/juno/index.rst cc554a2b117e7ce25a8fcacd3c6f177a20b98695 - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-specific-configs.rst 864cddeaf169a1ecfbd13f8afa114d0c295fde7e - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-build-options.rst df8503c49b97eba7b87932df5068bc5a7eec898c - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-aemv8-base.rst 0bf2a97f475c2d262ace3e20062c68ad953f86f7 - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-cortex-a57-a53.rst 9ee5a88a5fcaaafa91fd9dc7069a7514fff265cd - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-foundation.rst a9b503e8f3c8418386b1f5a2dcf8b24b39bf5d12 - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-cortex-a32.rst d4e431dfe3bb43fa47b5f0e7ac16b16440fae089 - arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-support.rst 923bb981665fbc4bdd7bf5c0ba0a0fc71056c881 - arm-trusted-firmware.t234/docs/plat/arm/fvp/index.rst b10bad88c8647f9ecfe8b3bad163830573cfbdc0 - arm-trusted-firmware.t234/docs/plat/arm/arm_fpga/index.rst a845be9736fc1cfcd3cefda5b6a0bde2419f9bc0 - arm-trusted-firmware.t234/docs/plat/arm/fvp_r/index.rst d2fe1858335b68dc33ba4884d086fe748bdd848a - arm-trusted-firmware.t234/docs/plat/arm/automotive_rd/index.rst 1f9947a98dc606f209b59e036ccb7a1e330d9398 - arm-trusted-firmware.t234/docs/plat/arm/tc/index.rst 839b91011a0ebdde7ac9b056ab0a3b087ef11114 - arm-trusted-firmware.t234/docs/plat/arm/fvp-ve/index.rst 7b3072f9759a1fe276a22dcb70d936006608d299 - arm-trusted-firmware.t234/docs/plat/nxp/nxp-layerscape.rst ed3ec7c6e5baceda79c359ce661ac80dbf660d61 - arm-trusted-firmware.t234/docs/plat/nxp/nxp-ls-tbbr.rst 231fc05a0b2de9270bfe513d92b37243b1cc9601 - arm-trusted-firmware.t234/docs/plat/nxp/nxp-ls-fuse-prov.rst 5d7bd6f5908ace2c36015e0535f2deacac9a2956 - arm-trusted-firmware.t234/docs/plat/nxp/index.rst f20a319b0c9088ccbcb1c0759af60c647ccc2288 - arm-trusted-firmware.t234/docs/design/reset-design.rst 48f6b0262898ebac7f25940c555469309cbe2d8e - arm-trusted-firmware.t234/docs/design/trusted-board-boot.rst b15afee5cbc5225a2ef2f709e9761fa2cd73d65e - arm-trusted-firmware.t234/docs/design/psci-pd-tree.rst 075afa19150ab8016c8bbc6bd92590dc61285e43 - arm-trusted-firmware.t234/docs/design/auth-framework.rst f880dd25cbf380065e9d345752376e40bc756664 - arm-trusted-firmware.t234/docs/design/interrupt-framework-design.rst af13c03890ced7d9972ef4a09b1dc9f987dc8e94 - arm-trusted-firmware.t234/docs/design/trusted-board-boot-build.rst a3f0b5a39e2120fdbcad8de599b7c1a18345cfcc - arm-trusted-firmware.t234/docs/design/alt-boot-flows.rst e905f9f7204b60939df7cfc9b3b10b4d2f95811d - arm-trusted-firmware.t234/docs/design/cpu-specific-build-macros.rst 8795f3e11e470aa0945c4c65f8e160672001edd1 - arm-trusted-firmware.t234/docs/design/index.rst 01b30c3faa00cb31cebcc3c5f1f110e36d65d2c5 - arm-trusted-firmware.t234/docs/design/firmware-design.rst 3fe053ce17752ae01f7d815a5df51f4887d2749f - arm-trusted-firmware.t234/docs/_static/css/custom.css ff8ad4850057cbaba3caddae15b9429bb9c42b66 - arm-trusted-firmware.t234/docs/perf/tsp.rst ff86f02c4e8961c3162074a1503b5d65110f849d - arm-trusted-firmware.t234/docs/perf/psci-performance-juno.rst 0eab2048ee6b94e8faa3ea1c9a022760e34a7e45 - arm-trusted-firmware.t234/docs/perf/psci-performance-methodology.rst 0e42cd324330daf481d3e5027372ffd1ed081ebd - arm-trusted-firmware.t234/docs/perf/psci-performance-instr.rst 46a35893c4f839ece238bc6b0f2dd725d979eeeb - arm-trusted-firmware.t234/docs/perf/psci-performance-n1sdp.rst 048e8b5c6fe278f20eed8cab6425c4c7407ebbc4 - arm-trusted-firmware.t234/docs/perf/index.rst 840dcafe1996d0299a5922474d7980b6d2eb779c - arm-trusted-firmware.t234/docs/perf/performance-monitoring-unit.rst 9ef48bf2b7778ef9dabae9d78371b87f009f5fe3 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-11.rst f25a4a4b679cf6523ff3ccfe524b119b8711724f - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-10.rst 939eb2b8d82c68d6c9a4e8c1271bd83151818553 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-1.rst 1b8c8e49a1eac7ac65f01b730ef3d22dee6de50f - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-5.rst b748a01e82c3ad35dacc68ae9295e4553d57beab - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-3.rst e03dee87868096ffa7982026e20837ddfc9a6aa3 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-4.rst 266a8326bc618859a7a18572589b40f197ed1a82 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-6.rst fab06483aeca0f68846039c9146a6d828ab12518 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-7.rst 5a8ee89be8b54261b0e207ca882fab66cb4db5b9 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-2.rst 63e67342811855c2803be11bca43aa4c60543575 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-8.rst c11d193007ee19da13e1377b7d68d91cd86c44f1 - arm-trusted-firmware.t234/docs/security_advisories/index.rst c14230a1545a15e94c1a660bf6e03e6ed9280341 - arm-trusted-firmware.t234/docs/security_advisories/security-advisory-tfv-9.rst ece2a08a4c95f35765c02626596eedd1e7473da8 - arm-trusted-firmware.t234/docs/getting_started/docs-build.rst ca183a490eff11cd37e117856eaac7530ad62590 - arm-trusted-firmware.t234/docs/getting_started/psci-lib-integration-guide.rst 017d049b66bc58f569acc3b9c87d84d478079a9d - arm-trusted-firmware.t234/docs/getting_started/tools-build.rst 42c9d8a0f17ea5de05d6dcae315e8c0cba8de638 - arm-trusted-firmware.t234/docs/getting_started/initial-build.rst 70e219856337d42a79ce2091e96aa0417481faa2 - arm-trusted-firmware.t234/docs/getting_started/image-terminology.rst b156462eb31820ee252456ab5f05988abe35d971 - arm-trusted-firmware.t234/docs/getting_started/build-internals.rst c3f3b07a11d8fc7450f0949838c20c40999e5257 - arm-trusted-firmware.t234/docs/getting_started/rt-svc-writers-guide.rst 4ef1d63a74dbf3dcd52b1b20dc7b2e66d8a9e4c1 - arm-trusted-firmware.t234/docs/getting_started/prerequisites.rst a2511f17f7adb686f0e90b6d796685d9a2549d4a - arm-trusted-firmware.t234/docs/getting_started/index.rst 3c0a85ce3fc87ecd9a644e01929021be694d2547 - arm-trusted-firmware.t234/docs/getting_started/build-options.rst bd9dcc8d709ebf0800b2af271b539289417d792a - arm-trusted-firmware.t234/docs/process/security-hardening.rst c52a6129caa44132173e92e0958f20750c537853 - arm-trusted-firmware.t234/docs/process/faq.rst 4b0bd692c00557dbf0eaed6138b2f32a118ee3aa - arm-trusted-firmware.t234/docs/process/coding-guidelines.rst 9b6c423fe9bf032c4f8a7a0c383d0b81468c6efc - arm-trusted-firmware.t234/docs/process/misra-compliance.csv f85dba23d841a79446eb2390219c040d12126279 - arm-trusted-firmware.t234/docs/process/commit-style.rst 6b4d27c4d85632c03ce33cb612293f62c930b7bf - arm-trusted-firmware.t234/docs/process/security.rst 6c4374f40124784cb901804394885bcc74b79aac - arm-trusted-firmware.t234/docs/process/contributing.rst c2ce326551b23201a578ca6d8bd997d65ceda660 - arm-trusted-firmware.t234/docs/process/platform-ports-policy.rst 86800bc7e3ee1e926e72afa72681030a51dcfd96 - arm-trusted-firmware.t234/docs/process/maintenance.rst de1045410d40631927808cf16bace70551bafd2d - arm-trusted-firmware.t234/docs/process/coding-style.rst ec45d0fec66e8262c6dad8c021b34733aad1a786 - arm-trusted-firmware.t234/docs/process/code-review-guidelines.rst a25af3d21109e8b6ac297c2d274ab9fb80a8cc98 - arm-trusted-firmware.t234/docs/process/index.rst 936d1cfd30a3951a43dbf429d597a6fd8ab79d53 - arm-trusted-firmware.t234/docs/components/realm-management-extension.rst 27010f32c64633e838ad226428134580c6275e87 - arm-trusted-firmware.t234/docs/components/el3-spmc.rst 3c24e49f01a464d92e52d853d8124b207a645311 - arm-trusted-firmware.t234/docs/components/secure-partition-manager.rst f14d93f8fc140e8ad6229c5a974c7c6acf7510a3 - arm-trusted-firmware.t234/docs/components/secure-partition-manager-mm.rst 76f2ca4c1ef43ea836ee56eb5c7c2061a2aac702 - arm-trusted-firmware.t234/docs/components/rmm-el3-comms-spec.rst b8c0dca136789abf65c7b9c07a19697e80dcd6c9 - arm-trusted-firmware.t234/docs/components/romlib-design.rst 1376583e825b59306a5f4a4e9eab19943b513585 - arm-trusted-firmware.t234/docs/components/ras.rst a50723d9d8d3d232274b364d1b2c0d509a6537b3 - arm-trusted-firmware.t234/docs/components/sdei.rst 85d25667f22cf5f6cf7fbb240287d8e09c6d5f5e - arm-trusted-firmware.t234/docs/components/cot-binding.rst 3018701b7ef2e5eca172d3608726f506c4b22909 - arm-trusted-firmware.t234/docs/components/debugfs-design.rst f56796051b00b8fa82028b980e55280d50816822 - arm-trusted-firmware.t234/docs/components/ffa-manifest-binding.rst b8d62ed8d8e52992c481b3f032a11c132ddc32ca - arm-trusted-firmware.t234/docs/components/mpmm.rst 0d0ae124e9b7ab12f7478283b299e5d493edae4c - arm-trusted-firmware.t234/docs/components/platform-interrupt-controller-API.rst 49fe0cef52f7b567500a9ba75233e30c7409921b - arm-trusted-firmware.t234/docs/components/ven-el3-debugfs.rst ce0e3b4dc5b3a56bc65eae7507a48a04c631e477 - arm-trusted-firmware.t234/docs/components/activity-monitors.rst 67e3f91990393851134d463646f150e9016fd31b - arm-trusted-firmware.t234/docs/components/ven-el3-service.rst aeb3417c57d05d65dec9ab5ff67e7e0a3457a18a - arm-trusted-firmware.t234/docs/components/index.rst 52a0dad94ae1ae6eb4c53e18b2c75100e6c2488f - arm-trusted-firmware.t234/docs/components/context-management-library.rst 8a1dffa8292f295ef5014ac04a74011b4aeea398 - arm-trusted-firmware.t234/docs/components/exception-handling.rst 709dc0949ae8b7a40e31f72c73627f3717b73c89 - arm-trusted-firmware.t234/docs/components/arm-sip-service.rst 602d20bd46337be44a23550620a7a1f748130fb9 - arm-trusted-firmware.t234/docs/components/xlat-tables-lib-v2-design.rst b289b927968774be53458f83a00705a472568848 - arm-trusted-firmware.t234/docs/components/granule-protection-tables-design.rst 57f5aa1785e0c5f56a0b7179861930402e496e81 - arm-trusted-firmware.t234/docs/components/firmware-update.rst d795da44f403a2a0bc4010ba95915fcabbef3c31 - arm-trusted-firmware.t234/docs/components/fconf/amu-bindings.rst 10529cbd50c1b2a10d7bf7669a515a30f564db2c - arm-trusted-firmware.t234/docs/components/fconf/mpmm-bindings.rst 3018c01a8e5fddb43491531a1a39845b88dd39aa - arm-trusted-firmware.t234/docs/components/fconf/fconf_properties.rst 80075b20bcdeb5ce79e0110e3ba5d5fba6f63604 - arm-trusted-firmware.t234/docs/components/fconf/index.rst af2b691a09a6c68b5f5991b6f9188417256ade0a - arm-trusted-firmware.t234/docs/components/fconf/tb_fw_bindings.rst 68d992f28a446b0ffe6adad209b6189f9f0dd6a9 - arm-trusted-firmware.t234/docs/components/spd/trusty-dispatcher.rst 6ebb1d5ba17946b71f109147c6e30cf117a6c4f1 - arm-trusted-firmware.t234/docs/components/spd/optee-dispatcher.rst 5d7421fde74010efb451e6e515079f37ec3227e2 - arm-trusted-firmware.t234/docs/components/spd/tlk-dispatcher.rst 714f4840f1b5579f9bc25776cbd19e891afd9b0a - arm-trusted-firmware.t234/docs/components/spd/index.rst 16ccf6b90697399bd4231bdb3ca642c8d9ec5c0e - arm-trusted-firmware.t234/docs/components/spd/pnc-dispatcher.rst 6c795ecdce21a9cb16526c75212115fd9a89df09 - arm-trusted-firmware.t234/docs/components/measured_boot/event_log.rst f39c4c5b080cb5537f0260d9f3e477e02aa63bfa - arm-trusted-firmware.t234/docs/components/measured_boot/index.rst 7a066bc656ac22d6a222ecd7116be94d6f3478e7 - arm-trusted-firmware.t234/bl31/bl31_traps.c fb2631d4b51208a3d65ef9d5079f7bd86e1cfd38 - arm-trusted-firmware.t234/bl31/interrupt_mgmt.c 6274135d27733b786ca563eab4e7677456dae192 - arm-trusted-firmware.t234/bl31/ehf.c b838eb7c3d1424ac7ea03dbe4fd7fefef81cec92 - arm-trusted-firmware.t234/bl31/bl31_main.c 75c196ade8ef57a9775c286e3c2f88b52c492e67 - arm-trusted-firmware.t234/bl31/bl31_context_mgmt.c f700a4fd895b8dd57f8ed69830d93534cc90333a - arm-trusted-firmware.t234/bl31/bl31.ld.S c5a19a2816b0c8f8e11e1abf869fb09cec51a502 - arm-trusted-firmware.t234/bl31/aarch64/ea_delegate.S 64d9ec5275f2371b8426086be2be22e3daa86d32 - arm-trusted-firmware.t234/bl31/aarch64/bl31_entrypoint.S ba9f339eea7d260498b40d19f8782a60ace31554 - arm-trusted-firmware.t234/bl31/aarch64/crash_reporting.S abb6a9d7c2959947297a0b881c42cb06365caa64 - arm-trusted-firmware.t234/bl31/aarch64/runtime_exceptions.S b8c00bbc1912105096c211322a3c7a93ed2c4d01 - arm-trusted-firmware.t234/plat/st/stm32mp1/plat_ddr.c 7279d53c82ffd64fade5ce654d99089d6617423f - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_fip_def.h c30e0cb22c60425a9de10536d78f3ecf8232e8ff - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_def.h 155e11b39243b6257695dfe51258e330e378e1b8 - arm-trusted-firmware.t234/plat/st/stm32mp1/plat_bl2_mem_params_desc.c 6273e64754fa0752b6f49b446ce29f8dc23aa683 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_private.c d364b16403787c5c6a964a26074a943db7da981e - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_syscfg.c 582eeade878ce325ad10baafc88914c02631aff9 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_fconf_firewall.c 494b344c5c893bd8e9e3ab32c16acc57ebd39f73 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_boot_device.c 0f0baced38fb65393cd300bdc024b68e707f5f4b - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_topology.c ec9fe0a8eec79fee1d3dd34bf1a969b8f0b93f4a - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_shared_resources.c f171c1cd88d3ea2070a747ca519f7d6b9e8257f5 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_usb_dfu.c 5219346badc88996294b1e6304843c005a6bc3e2 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_tbb_cert.c e9bf2a255a3615d1939e4f6d7ac9ef0b19052a2b - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_helper.S a5ddf38d0d34f6faef078daf78cdbea503cc696d - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_pm.c d1bdbf201f1623fe82caa42aa1898d825bec54f3 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_scmi.c 77c94644e0ef95316e08e0a339fb16a856ae5d97 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_dbgmcu.c 43753b990fdb953ffc38ef29474ef4af453444b7 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1_stack_protector.c 168a3e80fa38489428f2b6ee242c480adee12b73 - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1.ld.S 307226024d16b1d805f1b21e30c37768ab813902 - arm-trusted-firmware.t234/plat/st/stm32mp1/bl2_plat_setup.c d5b0e2699695505579def8552759c7d668a0b3eb - arm-trusted-firmware.t234/plat/st/stm32mp1/stm32mp1.S 7eaf59b974175885a0dfccf0b42c774580444f92 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/stm32mp1_smc.h 6d6391c62306978263be31d559221680ed9b6025 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/stm32mp1_shared_resources.h 9d3a5dda1437dfa9406e9e7fa5cdd3e8b9682185 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/boot_api.h d12872b893bf8db2b51b7243dd638bf34e9d6cfa - arm-trusted-firmware.t234/plat/st/stm32mp1/include/stm32mp1_dbgmcu.h c36ac3579d4ca3417d036b7c60a1b8e7615e5740 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/platform_def.h 08483c5e8b122913b20ea045dbb185897d5bccf1 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/plat_tbbr_img_def.h 4bb9a48c0b8efa277dd910d514788974b0e73f53 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/stm32mp1_private.h 3634a2a5153ce08df9ec6873bf13d67cfbe72002 - arm-trusted-firmware.t234/plat/st/stm32mp1/include/tbbr/stm32mp1_tbb_cert.h 5e0ada98ae7889e8e0d4fdbd034bcb7da8a45ef8 - arm-trusted-firmware.t234/plat/st/stm32mp1/sp_min/sp_min_setup.c 406790007d4d597b108faf9871360acfa7cdcf23 - arm-trusted-firmware.t234/plat/st/stm32mp1/services/stm32mp1_svc_setup.c 3b882920ab056c9bbc38be63b2715e1d796109c4 - arm-trusted-firmware.t234/plat/st/stm32mp1/services/bsec_svc.h 51533a93ab56e624ca0c49879470798b2abbe74f - arm-trusted-firmware.t234/plat/st/stm32mp1/services/bsec_svc.c 356f823bccc7081e026233c6fb511c0602208101 - arm-trusted-firmware.t234/plat/st/common/usb_dfu.c ea7aee275f01620bfa753e4e5168f93bbf947599 - arm-trusted-firmware.t234/plat/st/common/stm32cubeprogrammer_uart.c 11f5e9c07cc96f678ae502bcb9ad094213b50025 - arm-trusted-firmware.t234/plat/st/common/stm32mp_dt.c 12d54ecaaec6dd162057886ec8fd87eb8b5e0c24 - arm-trusted-firmware.t234/plat/st/common/plat_image_load.c c0fcb84a94921b5ff081822dea1f4054a0733389 - arm-trusted-firmware.t234/plat/st/common/stm32cubeprogrammer_usb.c 919812f48e98532659b1898a4e8ba0457f902669 - arm-trusted-firmware.t234/plat/st/common/stm32mp_gic.c 25ba48f0c4d336e5242aa170c1a522df4e4be9b1 - arm-trusted-firmware.t234/plat/st/common/stm32mp_common.c e7e5465901d77262db9db582157ba05b7173bee2 - arm-trusted-firmware.t234/plat/st/common/stm32mp_trusted_boot.c 8090dcc709da5050c11279909f4849272c8b87ca - arm-trusted-firmware.t234/plat/st/common/stm32mp_fconf_io.c 57f1aeef36a544413a7a5dca2900e8112296199c - arm-trusted-firmware.t234/plat/st/common/bl2_io_storage.c 63ade0923237dfdccc1926943e50b9872a8e306e - arm-trusted-firmware.t234/plat/st/common/stm32mp_crypto_lib.c dd7ae18098736e737a0482a59de65f64d5edd503 - arm-trusted-firmware.t234/plat/st/common/include/stm32cubeprogrammer.h b270dbb723f5c002dbf393eb752ccb946afc5baf - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_shared_resources.h 8bb1550cf77c8680e05ba46ad44ab77ff26bb8f3 - arm-trusted-firmware.t234/plat/st/common/include/usb_dfu.h 4ca9fb0296b649411cecd45263ecadb41540d6e4 - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_fconf_getter.h 1c4a3f35622f484097d7050f763321fd05ed9541 - arm-trusted-firmware.t234/plat/st/common/include/plat_def_fip_uuid.h 5384018d2f98663d39f3b0ab4b86b8f324353d6f - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_dt.h 9493baf676bf0aaa33abb0378ffd790ab48fff16 - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_efi.h 4025b4c5c563b66da3f21fd0fd6a15c711ac50ba - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_common.h cfae9782d6fd30576992a81580b7edaf1773fc13 - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_io_storage.h c0f15ec0b672346666bfec260b107cd40b413c70 - arm-trusted-firmware.t234/plat/st/common/include/stm32mp_mbedtls_config-3.h 234cb6418c0cc95f7bba62022a09daecfc4503a6 - arm-trusted-firmware.t234/plat/st/stm32mp2/plat_ddr.c d6653dece63597a75050241dac5ec2cb3fc97395 - arm-trusted-firmware.t234/plat/st/stm32mp2/plat_bl2_mem_params_desc.c 9c0489c6a88163241e3538573c41b8416f874dba - arm-trusted-firmware.t234/plat/st/stm32mp2/bl31_plat_setup.c 3533666c8ba110bbdcede6c7777e3b4565966536 - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_private.c 94a8b4f1139c81aa1befa3d335a4d38f439ce4cf - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_usb_dfu.c 17ebead11bacaf22bcc000c300e149639140d1d2 - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_syscfg.c 0ee0edb29cb2b662a23109663e1bf99e19aa4de6 - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_def.h ffc7ff7004de939a2e562673a2ee31578c92a363 - arm-trusted-firmware.t234/plat/st/stm32mp2/bl2_plat_setup.c 279a44b5cd00d8ddf4c6526dc3033004ccd64820 - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_topology.c 81d9f8448d325100e6d1b56052fd780541991df0 - arm-trusted-firmware.t234/plat/st/stm32mp2/stm32mp2_pm.c adbdb019e9eac1b28f2fc1660021660cea1f6e79 - arm-trusted-firmware.t234/plat/st/stm32mp2/include/plat_macros.S b438b9a1d9eb85f36249ae119418e0354ca29689 - arm-trusted-firmware.t234/plat/st/stm32mp2/include/boot_api.h 998a7724e6765354cb630adf5a19c6d3ddd24656 - arm-trusted-firmware.t234/plat/st/stm32mp2/include/stm32mp2_private.h 3208080f99983f0d7c366498b7101e1898effe23 - arm-trusted-firmware.t234/plat/st/stm32mp2/include/platform_def.h fcd7047343f3b3a63e96e01d368173ebd70338d3 - arm-trusted-firmware.t234/plat/st/stm32mp2/include/plat_tbbr_img_def.h 898bb7d02ed7ba8e25e9f3484ac86c3ca05760ef - arm-trusted-firmware.t234/plat/st/stm32mp2/aarch64/stm32mp2.ld.S 2b925179f2562cd993190457d6321085ca802981 - arm-trusted-firmware.t234/plat/st/stm32mp2/aarch64/stm32mp2.S 1bf7296f7a9251e10006dd206f33617cfa0eca5a - arm-trusted-firmware.t234/plat/st/stm32mp2/aarch64/stm32mp2_helper.S 3c4ffc5988928f60a4c4017e161db2dacfc51433 - arm-trusted-firmware.t234/plat/aspeed/ast2700/plat_topology.c c13c9949e6fc87d661d57c1833e0c1056ca130d5 - arm-trusted-firmware.t234/plat/aspeed/ast2700/plat_bl31_setup.c 7303317b4d929ac7d91eb9263618f33bb78c1383 - arm-trusted-firmware.t234/plat/aspeed/ast2700/plat_helpers.S b65f7224bcc6b176d9d46a6f5b979d3adeebf7f2 - arm-trusted-firmware.t234/plat/aspeed/ast2700/plat_pm.c 9dd5a6fe730f6a211e2b33b8e6de09d90f1f330d - arm-trusted-firmware.t234/plat/aspeed/ast2700/include/plat_macros.S 5b883718b7852523086995ef91658c6ddbe24368 - arm-trusted-firmware.t234/plat/aspeed/ast2700/include/platform_reg.h 093639073d5f42df9c79565535c7d732a80f8b73 - arm-trusted-firmware.t234/plat/aspeed/ast2700/include/platform_def.h 046cbd941d12f41d3fa373d7b4a81a5719a72aa9 - arm-trusted-firmware.t234/plat/rockchip/rk3568/plat_sip_calls.c db744ce1fd25b3e4dc1204330e2469b2ea559c78 - arm-trusted-firmware.t234/plat/rockchip/rk3568/rk3568_def.h bd39550f20390d82b1df1d9156cfff976a84db47 - arm-trusted-firmware.t234/plat/rockchip/rk3568/include/plat.ld.S c5054bc95bdb950f3b97c7ab0190939e4f2134ac - arm-trusted-firmware.t234/plat/rockchip/rk3568/include/plat_sip_calls.h 1a0afffd54ac8323561c8e59e5343885d6d6297e - arm-trusted-firmware.t234/plat/rockchip/rk3568/include/platform_def.h d9a6a6abf3f3dd8c5c9f3d5e420a6f28ef5cea06 - arm-trusted-firmware.t234/plat/rockchip/rk3568/drivers/pmu/plat_pmu_macros.S 80c5fba0ce3790eda6a6ce6b71dda6cf857426b3 - arm-trusted-firmware.t234/plat/rockchip/rk3568/drivers/pmu/pmu.c ba4f72eb484610519f509a5313f6ed538d2cc486 - arm-trusted-firmware.t234/plat/rockchip/rk3568/drivers/pmu/pmu.h de7fb5aa3c6c7d6de12b128d4e14c34ccd96f16c - arm-trusted-firmware.t234/plat/rockchip/rk3568/drivers/soc/soc.c 26b15879e76e06a97e36025606a4683cd37bfcfb - arm-trusted-firmware.t234/plat/rockchip/rk3568/drivers/soc/soc.h e164c03ecd681a0626a63bed9a56db25fc608c37 - arm-trusted-firmware.t234/plat/rockchip/rk3588/rk3588_def.h 722cb58cd92e87efce107585eee82bebdcaa620b - arm-trusted-firmware.t234/plat/rockchip/rk3588/plat_sip_calls.c 425605e5b2a8d6b02d2762b50cdb18cac73a8890 - arm-trusted-firmware.t234/plat/rockchip/rk3588/include/plat.ld.S af8960d3632f9179c6fedc655200c05f9182dda5 - arm-trusted-firmware.t234/plat/rockchip/rk3588/include/plat_sip_calls.h d6740bc959d6ed4a93212e49ada0441eae541ff8 - arm-trusted-firmware.t234/plat/rockchip/rk3588/include/platform_def.h a25747c43404b1b24e74f72864bc7b449b3050d7 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/secure/secure.h 471b83c428fea2ae2b4e176506f3d1977dc91783 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/secure/secure.c f65947a433211f9a2ff9c6bc6788d38a96c2b26d - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/pmu/plat_pmu_macros.S c839128c4e2509de79d4cb77ba6e5f4652273c3f - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/pmu/pmu.c 0b20686b66dc0e71e6e80bd4da4c9121e20ef5d6 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/pmu/pm_pd_regs.h 99ad903e3e40941341d3992d2e50afc3529b56a0 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/pmu/pm_pd_regs.c a560a8847ab87eaacb5c634461bd407f99b622d4 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/pmu/pmu.h d828bbf1f2fdaf7c8ca16a6e0b8c5fcc4d636827 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/soc/soc.c bbb76b77b4df99d8fab8ec9ea3d5b9f6dba8b72b - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/soc/soc.h 10a84bbb533400b471e84a6707b789966a291a3a - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/scmi/rk3588_rstd.c 1193e071e9b73dfc13254fbb14aa5fad189715d5 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/scmi/rk3588_clk.h a9f6a62fac2c5a95c50dd5c4f5d46d5aa6ab3510 - arm-trusted-firmware.t234/plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c bfe2404fd1a0527ae5a717e68937706ff9804770 - arm-trusted-firmware.t234/plat/rockchip/common/plat_pm_helpers.c 3bb10820f3cac4793d72ccd0dbaa9513b9945d80 - arm-trusted-firmware.t234/plat/rockchip/common/rockchip_gicv3.c 4a1355d1645ef943a89aa54999041bd5a970c764 - arm-trusted-firmware.t234/plat/rockchip/common/rockchip_stack_protector.c 9213c21ad6f4d071ef85303d7f16f295b02bc212 - arm-trusted-firmware.t234/plat/rockchip/common/rockchip_gicv2.c 32f9de1c486103a42cf6a9d291f42989b42a98e4 - arm-trusted-firmware.t234/plat/rockchip/common/plat_topology.c 1f63c15382d48351f3d1c1709e7428545ce2cb72 - arm-trusted-firmware.t234/plat/rockchip/common/rockchip_sip_svc.c ba17a687e1dfb259bb313a008db3b9ba7f83171e - arm-trusted-firmware.t234/plat/rockchip/common/bl31_plat_setup.c 6521811c0b99295a51c9441701e0fb81a72adff2 - arm-trusted-firmware.t234/plat/rockchip/common/sp_min_plat_setup.c 2047ecc940bb80f5a0b484df48d3c24d285820e9 - arm-trusted-firmware.t234/plat/rockchip/common/params_setup.c 85d08d7cf74717daed56a0770f3c79bca90280dc - arm-trusted-firmware.t234/plat/rockchip/common/plat_pm.c 4db0b70aecaf5352c4deda76075a44c7ed772f91 - arm-trusted-firmware.t234/plat/rockchip/common/pmusram/cpus_on_fixed_addr.S 1b33ae60df43cf398d1a8b472866e811981ad1c4 - arm-trusted-firmware.t234/plat/rockchip/common/pmusram/cpus_on_fixed_addr.h 1b803d2536e22fdacd3d18c47ed89eea6880e443 - arm-trusted-firmware.t234/plat/rockchip/common/include/plat_macros.S e0b9109d2e15ba78290c67b35d231cc82990137e - arm-trusted-firmware.t234/plat/rockchip/common/include/plat_params.h 7c49c532d994db62b241d7e2c4b6bd6a509bb057 - arm-trusted-firmware.t234/plat/rockchip/common/include/plat_private.h bcad2d4a4efa92987138714b5c570e3d09a455a5 - arm-trusted-firmware.t234/plat/rockchip/common/include/plat_pm_helpers.h 840c5bba5d5b4a5cddde5551f3344b54099c1938 - arm-trusted-firmware.t234/plat/rockchip/common/include/rockchip_sip_svc.h a66d999fd75887d0dc3e6b4e5246df6adef71239 - arm-trusted-firmware.t234/plat/rockchip/common/drivers/pmu/pmu_com.h 5c96dda447934109fef22dbfc20108fea56100fe - arm-trusted-firmware.t234/plat/rockchip/common/drivers/parameter/ddr_parameter.c e40967392bea64496e752401f887b55eae946bf3 - arm-trusted-firmware.t234/plat/rockchip/common/drivers/parameter/ddr_parameter.h 56bd29d7f9b99e05b9917f2a2e68d9aac47900d1 - arm-trusted-firmware.t234/plat/rockchip/common/aarch64/plat_helpers.S 258f177b9b9412883f714cff3406818288eca04f - arm-trusted-firmware.t234/plat/rockchip/common/aarch64/pmu_sram_cpus_on.S b093c6e7d10be0c02ee95533e2ad7dce86102b2f - arm-trusted-firmware.t234/plat/rockchip/common/aarch64/platform_common.c 83348aebc9c7f6082dea782ec56117cbbc1a509a - arm-trusted-firmware.t234/plat/rockchip/common/aarch32/plat_helpers.S ba0fb41c4b6e827fc3092feb1e41d096daa7e77c - arm-trusted-firmware.t234/plat/rockchip/common/aarch32/pmu_sram_cpus_on.S 2c9501229129032c44b8b888db1fac2a0a270830 - arm-trusted-firmware.t234/plat/rockchip/common/aarch32/platform_common.c 3f50031abceb2650a87e1c823ed499acb67699dc - arm-trusted-firmware.t234/plat/rockchip/common/scmi/scmi.c 26eb5869e10f837a162f1876df78daf1ab69fdbe - arm-trusted-firmware.t234/plat/rockchip/common/scmi/scmi_clock.h 1b5042fa35408146c9efc51f91fa839c7205c321 - arm-trusted-firmware.t234/plat/rockchip/common/scmi/scmi_rstd.h 07a40d3c7729c191a7ba4f4836c54e07c6312b75 - arm-trusted-firmware.t234/plat/rockchip/common/scmi/scmi_clock.c f314f65b095383a27b50d043515e4c0498d90f71 - arm-trusted-firmware.t234/plat/rockchip/common/scmi/scmi_rstd.c 0b8ef1037611c38ba89966b1da4ef153e47b4fb4 - arm-trusted-firmware.t234/plat/rockchip/rk3368/rk3368_def.h 524ab6d6a8a79e76857af71a8c36886929a16243 - arm-trusted-firmware.t234/plat/rockchip/rk3368/plat_sip_calls.c c03dbe37ab69ed71bbbc9100b47ff77d3c1f19e9 - arm-trusted-firmware.t234/plat/rockchip/rk3368/include/plat.ld.S 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware.t234/plat/rockchip/rk3368/include/plat_sip_calls.h 5817c26932930a69f20037fcfd33b6f700e518a0 - arm-trusted-firmware.t234/plat/rockchip/rk3368/include/platform_def.h 0ea97dd2ed72ec48826e4668463b1067b1e3e91a - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/pmu/plat_pmu_macros.S 859692a896bf24f76093c6cc1a923f3bd7f06c49 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/pmu/pmu.c 985e72c79b58499d32fbf6ef6f46a741c6356e9d - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/pmu/pmu.h a4fe0b238351912e5a3b7e1de16ea4b470dbcfe0 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/ddr/ddr_rk3368.h edac1a959247a82db5f820097a9f8ded6c4665b4 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/ddr/ddr_rk3368.c 7a2d810a3f11780033972a9b1f3f2eb09adddfc5 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin a39f5eb5f70d4ec19316c1bbed951ac31a7e97b5 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/soc/soc.c cb622b7fdee1e5387ed783d371b6cfdd0400df92 - arm-trusted-firmware.t234/plat/rockchip/rk3368/drivers/soc/soc.h 524ab6d6a8a79e76857af71a8c36886929a16243 - arm-trusted-firmware.t234/plat/rockchip/rk3288/plat_sip_calls.c 7d9851bfe1b3a6bff1b3fe3a5a42152bdbbdd641 - arm-trusted-firmware.t234/plat/rockchip/rk3288/rk3288_def.h 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware.t234/plat/rockchip/rk3288/include/plat_sip_calls.h 0a2a001f434d83ab306c453b6d60f886a0b59a96 - arm-trusted-firmware.t234/plat/rockchip/rk3288/include/platform_def.h 58f0ccc10fae70932566781c7c34457a239e027c - arm-trusted-firmware.t234/plat/rockchip/rk3288/include/plat_sp_min.ld.S 1321792bce42c44c3fed91fea86cceca52486ffa - arm-trusted-firmware.t234/plat/rockchip/rk3288/include/shared/bl32_param.h 70ecc34e2c4236edbd52a088d6dc72300d1038e0 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/secure/secure.h 90e4b5914845f3238bde4617bcf04acabfc52406 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/secure/secure.c db1ef060ee221e9b61acbb781c42ed42e926b26e - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/pmu/plat_pmu_macros.S 67df6cab20c4cca027c76c923468b9b4a734b610 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/pmu/pmu.c 53d9e3936b39e758560745d492d1473ac9c98278 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/pmu/pmu.h 4f36427668a7b19acff9330d467b130430031017 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/soc/soc.c 00a800ecdcad577d80ed2968cfee8abc2ff260d0 - arm-trusted-firmware.t234/plat/rockchip/rk3288/drivers/soc/soc.h 80988c6b4c1d5c128f556b4704d2a13dca1b94ac - arm-trusted-firmware.t234/plat/rockchip/rk3399/plat_sip_calls.c 07fcff2e4785739f2818730be2df2798395d6dd0 - arm-trusted-firmware.t234/plat/rockchip/rk3399/rk3399_def.h 735db5fedc39c83875dd50d345431e840a75ce95 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/addressmap.h 33691c33d59c3cbf5321efb5e9cf1ce6f908b1b3 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/plat.ld.S 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/plat_sip_calls.h d037385198294976c392eaac15722c2bc43171e6 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/platform_def.h f61d8134dfdbc2de01b130177e3623bfc96e582b - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/dram_regs.h 37de06dae36b2c9133dfa3db58b9403eca97534e - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/m0_param.h a3ec096942a7038a658d2de2da28c8d7772e2601 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/pmu_bits.h dffb716056a5cfe4289bde5769bacd0a9c517467 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/bl31_param.h d3a8c566b07530d947493f642a829c2173e7eb3c - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/addressmap_shared.h 514bb50a35bc277734414a501833d9cf9103b613 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/misc_regs.h e27f9ab0eb7cc700bac4af81ef063675ddea3d16 - arm-trusted-firmware.t234/plat/rockchip/rk3399/include/shared/pmu_regs.h 82920405b9733297c9a7904d46fef28aed2c5372 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/secure/secure.h 12d0e498bcf7645b6d17eda0b6c88f9c68345720 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/secure/secure.c fdf96b7b34ebbd88b6c053c20c493dfcd5d2eec6 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/m0_ctl.h 4f34aa4fe829a116338b7c8cb363091b98b1df1c - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/plat_pmu_macros.S ce25fa3f4352a520a7ffae7ade334c17de271814 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/pmu.c 26f96f6bfc5d8cd2811341eaa144693019daa5cf - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/pmu.h 8080df60a96f3ccb59e64a8c4468c29298a40160 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/m0_ctl.c d110f9fe7e7241dcb85193068eefabfe25ec8502 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pmu/pmu_fw.S 3438e67609170c78e495d3cd8db4d7d9f8f96341 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/Makefile 98a096aced18ab4c9a4b3ab325773ed273acd4cd - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/include/addressmap.h 222366fd88fa37c34896b96be4724020febaf122 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/include/rk3399_mcu.h 9cfa6b80558dac90724c830c7c2b792099232962 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/src/rk3399m0.ld.S 249a2bba707f4aae60e76e4d2ca07180426f3657 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/src/stopwatch.c 3832f35bf0192ab6299ed6f72d97ea798c64ec01 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/src/dram.c c651d2e10f915a285792aa7e66836e66a3fb3b68 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/src/startup.c 54eadcdfdad063885889595045b641fa6a8454a1 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/m0/src/suspend.c 912b3ac53149ee0912cdc571503cbe6f5d9e5e31 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pwm/pwm.h 81bb90565c30ebb1d2a2074e665099c5df4b3f16 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/pwm/pwm.c e4ba052fe71c1dbb0fd712a9e23751995fa17236 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dp/hdcp.bin 8af098c906ff4222b7fb1b8a8e528a842931e11a - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dp/cdn_dp.c f9bf2a5c3fa81d2991e4880f4c0d082a329f9840 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dp/cdn_dp.h 1c5f6ab9e0780ba09fc4009303d8f48ca69ba0d0 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/gpio/rk3399_gpio.c e385bc607caa24dd99309765bffdb7e49e36b5cd - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dfs.c cc96ce897ce3dfd398d571f73d60df020e312a7f - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dram.h 4054be663e17eccfa1f97c242b47ed2aa7661ee2 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dram_spec_timing.h 1a0ef7b5013eea98c8892cc73f9acf7aadc6542b - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dram.c 91fa17de464bf17060f5d782d3addc2d250f2bcf - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dfs.h 8bb28c62f323cba1149703071fa6c9cd723e7681 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/suspend.h 341cf7780e76c0eed9bb587ced84821148eaeba4 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/dram_spec_timing.c 27aa9609a5b7f4a133b52b7f298cef95b6b1332a - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/dram/suspend.c 8524ea750c376402a2c507655783fb69d6ca49af - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/soc/soc.c d6f6a92953b02dda92949d05699b4a8c09ec1ab6 - arm-trusted-firmware.t234/plat/rockchip/rk3399/drivers/soc/soc.h ef5a8ce281d95041b91f8f165ef782642d022de2 - arm-trusted-firmware.t234/plat/rockchip/px30/px30_def.h 6fd13eff5a2d17a6f2e651b3eba6211a93d3522f - arm-trusted-firmware.t234/plat/rockchip/px30/plat_sip_calls.c be822c3b60a3f8f4215925d9c6aa8ff3d90ab56b - arm-trusted-firmware.t234/plat/rockchip/px30/include/plat.ld.S 4abb3f49d90cc7242ff9d366432f9423ed190c44 - arm-trusted-firmware.t234/plat/rockchip/px30/include/plat_sip_calls.h 8b1c4b26a5cf109ec97a2bd711e46dc76c20891c - arm-trusted-firmware.t234/plat/rockchip/px30/include/platform_def.h 7129bd0759914b2bdbe0af12743e79277b990a3d - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/secure/secure.h e5df7e7476f59e23d9c3c1097c64bad93fb273ca - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/secure/secure.c 4661321c301694bb1cfb029693c60d50387885d6 - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/pmu/plat_pmu_macros.S 8d80af186adc9632f394dc2fa3241efc89d3697f - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/pmu/pmu.c 6940e4242af969ec608caab6d93dd03364b78580 - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/pmu/pmu.h 288f8f52c9a5423576d1fd403f776da8e5906395 - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/soc/soc.c dbc0dd67905cb60b55ff82d4f1d8bf96a7ec2514 - arm-trusted-firmware.t234/plat/rockchip/px30/drivers/soc/soc.h 9eb41f0b086d93dd52f10cd88c871e9f872da485 - arm-trusted-firmware.t234/plat/rockchip/rk3328/rk3328_def.h c03dbe37ab69ed71bbbc9100b47ff77d3c1f19e9 - arm-trusted-firmware.t234/plat/rockchip/rk3328/include/plat.ld.S d0cf327dcd15f8fc85f2c3c93e82fd6199973f0b - arm-trusted-firmware.t234/plat/rockchip/rk3328/include/platform_def.h 74e69a5d06c7c10f8fd04052bfd92c89a6b685c2 - arm-trusted-firmware.t234/plat/rockchip/rk3328/drivers/pmu/plat_pmu_macros.S 38e448c11bc1d7a2c4d8a91f47f89579e1ba1692 - arm-trusted-firmware.t234/plat/rockchip/rk3328/drivers/pmu/pmu.c 75d3fb351c1418d28d1be951921dde7cac623d53 - arm-trusted-firmware.t234/plat/rockchip/rk3328/drivers/pmu/pmu.h aa37703bdb16d2d93c4cb6a1c3f5740f10400717 - arm-trusted-firmware.t234/plat/rockchip/rk3328/drivers/soc/soc.c 7dabeaea27a9149c6997c51413ae55f6af467951 - arm-trusted-firmware.t234/plat/rockchip/rk3328/drivers/soc/soc.h 1b86970e6e211ba1548f3469a4682db7c31577f1 - arm-trusted-firmware.t234/plat/amlogic/common/aml_mhu.c 1c810633809eed169ef7ae47da01b6326b111a64 - arm-trusted-firmware.t234/plat/amlogic/common/aml_console.c f1168dcf0c90f4d7a3456d82b909e287a16875ed - arm-trusted-firmware.t234/plat/amlogic/common/aml_topology.c fa91c2d51bbe34be89ba41e055f4e78eba6ac67e - arm-trusted-firmware.t234/plat/amlogic/common/aml_efuse.c 2321fbf75d8e96d90a1b6f6a14160c91b949cabc - arm-trusted-firmware.t234/plat/amlogic/common/aml_scpi.c 22fc306f5f9b6613312023233481baaf99493614 - arm-trusted-firmware.t234/plat/amlogic/common/aml_sip_svc.c 887d16c962bbfdec5ddb366c33ffec0ad5697447 - arm-trusted-firmware.t234/plat/amlogic/common/aml_thermal.c 74bc476713af13ff5ee94c7bdad6c5763f99e9af - arm-trusted-firmware.t234/plat/amlogic/common/include/plat_macros.S 5240bdc42061a821a089cae1eeca3fb799e6aa1c - arm-trusted-firmware.t234/plat/amlogic/common/include/aml_private.h 61752908966c74b637938d2fa11e73c5d5373d9d - arm-trusted-firmware.t234/plat/amlogic/common/aarch64/aml_helpers.S 28726387d3750ce4724f9147e5e173131ee7164f - arm-trusted-firmware.t234/plat/amlogic/g12a/g12a_common.c 03a70925292deabd473bf5ffcd0d0d95dd70456e - arm-trusted-firmware.t234/plat/amlogic/g12a/g12a_pm.c fe8712d8d4a3787c6c2456ffcc2cc468b12bfd7e - arm-trusted-firmware.t234/plat/amlogic/g12a/g12a_bl31_setup.c 495f096204283e82b03abed56414e3d1a29f9b6f - arm-trusted-firmware.t234/plat/amlogic/g12a/g12a_def.h 8e1154709ae343cd8d783739b29005ea2b9a7c7f - arm-trusted-firmware.t234/plat/amlogic/g12a/include/platform_def.h 3667781fa0058dcdd1cff5587b45c798978c7966 - arm-trusted-firmware.t234/plat/amlogic/axg/axg_bl31_setup.c d3c822e681ab6d5016ae06adb88ca9aeb6073aba - arm-trusted-firmware.t234/plat/amlogic/axg/axg_common.c 7fdb79ffddbe1ee7f1b2c543a1eaa07f2671a2ca - arm-trusted-firmware.t234/plat/amlogic/axg/axg_pm.c c60f26b9eb14d703065a758062f9c76e4e70f8ed - arm-trusted-firmware.t234/plat/amlogic/axg/axg_def.h faf31bdcea206b83c40fbe2d878c14fa8327a37a - arm-trusted-firmware.t234/plat/amlogic/axg/include/platform_def.h 3389361e87f5cd5e4f7e606599032c3aa3a41b72 - arm-trusted-firmware.t234/plat/amlogic/gxbb/gxbb_def.h 25d4db1b1e385a2e45f4ffea43edbfc8bf4fef89 - arm-trusted-firmware.t234/plat/amlogic/gxbb/gxbb_common.c 704885551348b4b44d9b7b092aafc3c54533b7e0 - arm-trusted-firmware.t234/plat/amlogic/gxbb/gxbb_bl31_setup.c 80fbc4757d8f389dc885b90a5eef8c0c4f6e23c2 - arm-trusted-firmware.t234/plat/amlogic/gxbb/gxbb_pm.c d558f98c64955249d21b9227149b68808cb3e358 - arm-trusted-firmware.t234/plat/amlogic/gxbb/include/platform_def.h 8b93edbe34b51b737299797607de4e6ff0003917 - arm-trusted-firmware.t234/plat/amlogic/gxl/gxl_common.c 550ec6753c2e8a5f41a920ea9bfffec47ae78dc8 - arm-trusted-firmware.t234/plat/amlogic/gxl/gxl_bl31_setup.c 5ce07f2865d514a3a8979c638337a338fa110f74 - arm-trusted-firmware.t234/plat/amlogic/gxl/gxl_pm.c 68a18488494ea52a108462ec30b6833447e75e62 - arm-trusted-firmware.t234/plat/amlogic/gxl/gxl_def.h 22603b51918b7c1f721eee33d26629b16cff6683 - arm-trusted-firmware.t234/plat/amlogic/gxl/include/platform_def.h 0daa3a8c1ed607bfafc9ba0daa93d2de60c3c19e - arm-trusted-firmware.t234/plat/rpi/rpi5/rpi5_setup.c fb7a65f5e63f9ff71666e9d3eb9da94a92f87657 - arm-trusted-firmware.t234/plat/rpi/rpi5/include/plat.ld.S 6fea9452a77e8d6eeb1fdb1c20f061aa14a5c1fd - arm-trusted-firmware.t234/plat/rpi/rpi5/include/platform_def.h 9924fb496a54b9815362ce2168a6fa02e3272e38 - arm-trusted-firmware.t234/plat/rpi/rpi5/include/rpi_hw.h 46c13e3cff3d9c29a733d01629589bd31b37eb5e - arm-trusted-firmware.t234/plat/rpi/common/rpi3_stack_protector.c a2d78854277019ce68ad1c236091dffcc55e8649 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_topology.c 42b3bec4b29977924bd7bf3da9ec372d1ec2dcd4 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_console_dual.c d2d1fd0fffc8a200fd42f1b74c8c7d54c483f219 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_trusted_boot.c 11c87bf8a084123bf9a431cc289a66e23112bade - arm-trusted-firmware.t234/plat/rpi/common/rpi3_rotpk.S dedb8aeb92c172f57fe525444f7dbdcc1fa2d2b8 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_pm.c e621f46501a2d1856f297145947d1c8d89d5f990 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_image_load.c 6362652e60de8bcc5d723a13459a55c254c8d476 - arm-trusted-firmware.t234/plat/rpi/common/rpi3_console_pl011.c b697cf6920f885db9dda66079d5997b292c5f7af - arm-trusted-firmware.t234/plat/rpi/common/rpi3_common.c 854bc00d3c5fce60726920c1e5b1b7cd9352568a - arm-trusted-firmware.t234/plat/rpi/common/rpi3_io_storage.c 8609a5c2bf4708bd3e911d1e1bb6d70d9786a950 - arm-trusted-firmware.t234/plat/rpi/common/rpi4_bl31_setup.c a03e44dcbb6ab955502dd4f183cb5239c89200b9 - arm-trusted-firmware.t234/plat/rpi/common/rpi_pci_svc.c cd6861322dab161ff32b161e169f6666527d7c58 - arm-trusted-firmware.t234/plat/rpi/common/include/plat_macros.S 0b18df9aeaa2471fca9ccca4aa97bd59e9260c62 - arm-trusted-firmware.t234/plat/rpi/common/include/rpi_shared.h 88f0a7d8a08454725fb7a8be1beed6f25794909d - arm-trusted-firmware.t234/plat/rpi/common/aarch64/armstub8_header.S a700a057a4a1fb7d34369437a66b726ca5aabf38 - arm-trusted-firmware.t234/plat/rpi/common/aarch64/plat_helpers.S 052815ff6a9d47f47e57d320313a74f10c8a34d3 - arm-trusted-firmware.t234/plat/rpi/rpi3/rpi3_bl31_setup.c 7196024a6af6785c77d069f9ef4452fb6add7253 - arm-trusted-firmware.t234/plat/rpi/rpi3/rpi3_bl2_setup.c 1d34ea11e67e063bb8bd34859509e7056e2f0f88 - arm-trusted-firmware.t234/plat/rpi/rpi3/rpi3_bl1_setup.c fd5000ab9d2eac8341e267b879e1ef29eaebf5d7 - arm-trusted-firmware.t234/plat/rpi/rpi3/rpi_mbox_board.c cc26f2aa2450e40b407d6c6cf3b2930941104a04 - arm-trusted-firmware.t234/plat/rpi/rpi3/include/platform_def.h f7fa2098bc54614b8e72440485d1a39018e94462 - arm-trusted-firmware.t234/plat/rpi/rpi3/include/rpi_hw.h 5a79ec05194636d3850044f358b4673a3f0b9fa0 - arm-trusted-firmware.t234/plat/rpi/rpi3/aarch64/rpi3_bl2_mem_params_desc.c 244b486f5228a8951dfd37236b46a480b6d4b89a - arm-trusted-firmware.t234/plat/rpi/rpi4/rpi4_setup.c 4d8d91a23a19a15ff7c18f8e6e523c26cd453f2f - arm-trusted-firmware.t234/plat/rpi/rpi4/include/plat.ld.S dd7d4e7ce479f02308a052bafb30a9cd5571a9d4 - arm-trusted-firmware.t234/plat/rpi/rpi4/include/platform_def.h f3c4e6ee6202d875428eb7ee77377945e5bea22f - arm-trusted-firmware.t234/plat/rpi/rpi4/include/rpi_hw.h 9b8db7387e47af68fc183fe909d3060d65438cb2 - arm-trusted-firmware.t234/plat/brcm/common/brcm_io_storage.c 6d6865834cfc5ce82506bf1ef6df2e3cb196e028 - arm-trusted-firmware.t234/plat/brcm/common/brcm_scpi.c c6468bf11edbc5de5a422f7edfa9ac5a8fee6561 - arm-trusted-firmware.t234/plat/brcm/common/brcm_bl31_setup.c 389238486613bb86c6032f788a4605c782e7475c - arm-trusted-firmware.t234/plat/brcm/common/brcm_gicv3.c bc616aa281d726780f6a73b3986accbe986e780f - arm-trusted-firmware.t234/plat/brcm/common/brcm_bl2_mem_params_desc.c 02ea7c4006c2910720bf4a85c3766c293d4cb8e5 - arm-trusted-firmware.t234/plat/brcm/common/brcm_mhu.h 43da4a7bd6435c6cc7d733e6363a59cacabb9ef5 - arm-trusted-firmware.t234/plat/brcm/common/brcm_mhu.c 43088754fcc9a1fcbb6308988d79eca0c2771d5a - arm-trusted-firmware.t234/plat/brcm/common/brcm_ccn.c 48faf64df1848d8493a3f273494ea883a4aafb0c - arm-trusted-firmware.t234/plat/brcm/common/brcm_common.c 303c81103a6ebbdf9e4afc16b17d17195a5b9238 - arm-trusted-firmware.t234/plat/brcm/common/brcm_scpi.h c02bbae941528cbae0665016d62e54bfffb74444 - arm-trusted-firmware.t234/plat/brcm/common/brcm_bl2_setup.c 2ef6d891873792dd5af17cc1091f369c0865c70d - arm-trusted-firmware.t234/plat/brcm/common/brcm_image_load.c 4573848f39ea4bfceb55e0932f0494af8b890d1d - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/sr_usb.h 136ec48ffd5cee7ea9fefb7439969040868a0b30 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/swreg.c 13bbb4dc261e840997a59d4e914f071835d33fab - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/usb_phy.c 7cc68c731d1d4e967a6b258c94afef74800e2c27 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/usb.c 483849480279e54ca28e4177fea05d6bd3cd36d7 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/ihost_pll_config.c b4637f982a40118b9d83d3908d0b189d3524bce0 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/plat_emmc.c 46e832c20411ea4d2bcbcf1cc8968149375047f4 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/ext_sram_init/ext_sram_init.h d0dacd8fc79f78cee10bd8513550abf93624afe2 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/ext_sram_init/ext_sram_init.c eed068af90592502021f8e15b556ae302cd8db87 - arm-trusted-firmware.t234/plat/brcm/board/stingray/driver/ddr/soc/include/board_family.h 2ef5c016a1130291e30fb58c1e1b397bb15a531c - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/platform_sotp.h 491a5116f054df365b530dc8b09613f1178c2d8a - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/sr_def.h 10104d7d5d9eeeb545dea9ac306deb2c5cf46036 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/plat_macros.S e7629876236e444ee69e40c96440f3f24b16fefe - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/usb_phy.h 8c57e437d9f4b2b49f005f899624af9b47121102 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/crmu_def.h 9765542d155d4fc37ee167eda672c6a33030ca8c - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/iommu.h 90c98d478915f89433c419b06613a52965aeeef6 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/sr_utils.h a6bea74c09e847241ba6a156aff89b12670cc98b - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/scp_cmd.h 2817bede11ad2da4d5612a155f5a76e30b62de62 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/paxc.h bbaec5f331d8cf8f24898a8d172190c5f7940b6a - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/ihost_pm.h d823df9c59408673229302e557a65ad1c404e047 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/platform_def.h 4bc4735b9e7c2a5eab8ae91a28d110dd24a42d75 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/sdio.h 0228e24fbe8ff775ac7a709f272d375a8e7aa3bf - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/scp_utils.h 1dea9a2af71a56fe60929b854a2c73220603d2be - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/timer_sync.h cc26d153c04427651e12bf00d19497e5bd8cb7a3 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/platform_usb.h 76dbcdb10f12f01d94b3c70d2f8562b0cc8b233a - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/paxb.h b0a1c672d4d7095f6e7ec5305e084cb3a29a790e - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/bl33_info.h 0ef862af40a95d70feda6b8367e6e7452e90099b - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/board_info.h eeabf0e8e4cda99b503b2ea41298aff2d87e1278 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/ddr_init.h 2c4acf78dfd7c25c281471b6717273ff7920fea8 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/ncsi.h bd25c5d9d7605649bc1d1dee9a734ccb130101c3 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/fsx.h 1e67ee0873eb29816b418096b514d39c3aeb7d27 - arm-trusted-firmware.t234/plat/brcm/board/stingray/include/swreg.h ac2b64132debec3b54ae614c64dac69067b39291 - arm-trusted-firmware.t234/plat/brcm/board/stingray/aarch64/plat_helpers.S 78d2915d5c3a6c4b75eb97c897cd4e58b4d5b962 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/topology.c f89deabe82fe9129f1dde3fb24e57c940e008913 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/bl2_setup.c 52a5e5247c12940390abe486ab490a1d8929feb4 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/paxb.c 863c6f32899af28cd9a60fb273bdc02a29100114 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/sr_paxb_phy.c c01d8b9f9c48a1185129c492ab1f8ce1134ed892 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/scp_utils.c d746f7070f366ac250b3766606d2de76a6192436 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/fsx.c 75de08bf7cc548fc88463a459efa719ce9dae276 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/pm.c 085cb8e4f6dd01efc01f633680e7db315718c304 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/ihost_pm.c d15b82eea2aaa023805036e829ee46cd08ea72ed - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/iommu.c e9f5650def0bf0c03c50ad69056cf6ff9d71a715 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/tz_sec.c 062b1d173f23bc015ebb5c790f890e5f2a6934e1 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/paxc.c 0283858faf5651d4db16f0e4b8bcaadd40bcabe1 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/scp_cmd.c 9b0afdae90ec3159bd428d4b9f586d84a0cb55b3 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/sdio.c 77916c4c9e55da373b1b66dba19dfed0034cde48 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/bl31_setup.c 072e5bc5c72a860c50c3413898b60dd18931b100 - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/ncsi.c 1fd2e7122a0c63a14a64215ae5750097f050841b - arm-trusted-firmware.t234/plat/brcm/board/stingray/src/brcm_pm_ops.c 500e36754a0240001fe7b400bf8d4806a06de6ee - arm-trusted-firmware.t234/plat/brcm/board/common/timer_sync.c 2d3a08ac4729a455bffd5c4c70365350fec69e23 - arm-trusted-firmware.t234/plat/brcm/board/common/bcm_elog_ddr.h eeff346a4c2b6893ad0fa417570e747058627c11 - arm-trusted-firmware.t234/plat/brcm/board/common/cmn_sec.h 801bb1cdab4baf3440ac23728e6190881af4264f - arm-trusted-firmware.t234/plat/brcm/board/common/bcm_elog_ddr.c b2a5352558dc92001c80e614a9b293a1eb19573a - arm-trusted-firmware.t234/plat/brcm/board/common/plat_setup.c 9635661f5e56e9ab172dcec943257465bf36e634 - arm-trusted-firmware.t234/plat/brcm/board/common/bcm_elog.c c0ecc823e4de1814edd6bf48321b6317c448b16d - arm-trusted-firmware.t234/plat/brcm/board/common/sbl_util.c 5f45cc70d813bf16880f4f1f4a246ad6114fbb78 - arm-trusted-firmware.t234/plat/brcm/board/common/cmn_plat_util.h 9eda9f547bdfb6e83ef3c8d82d849e1e4cb68252 - arm-trusted-firmware.t234/plat/brcm/board/common/brcm_mbedtls.c e1b5c755e9973d3e41e6f8dd620990a0dd5ba5e6 - arm-trusted-firmware.t234/plat/brcm/board/common/cmn_plat_def.h dfc2e7fae9dd66b664758412e1f4c06762246ed6 - arm-trusted-firmware.t234/plat/brcm/board/common/cmn_sec.c 515e3aecc5237dcc8197e4e8ed7fd7d15765d808 - arm-trusted-firmware.t234/plat/brcm/board/common/bcm_console.c eca89f1edcb0c3fc702ac123a55821cde16106bb - arm-trusted-firmware.t234/plat/brcm/board/common/err.c 779be799404c9562032c8c586f3a3b23835ad722 - arm-trusted-firmware.t234/plat/brcm/board/common/board_arm_trusted_boot.c c124ba5ec6d9fc3e8f1f0b72d3852473ab67e998 - arm-trusted-firmware.t234/plat/brcm/board/common/board_common.c a731b4badf1cf5a90a0ab197b39a2723e4c85dd9 - arm-trusted-firmware.t234/plat/brcm/board/common/platform_common.c a794cd95a890c951acc5192426abc008b4213a8f - arm-trusted-firmware.t234/plat/brcm/board/common/chip_id.h 2cf7d5accbb22d89a3c89c768604f667a23bef52 - arm-trusted-firmware.t234/plat/brcm/board/common/sbl_util.h cc7d9e276a747dac9424d11c30e770fb8d806ff4 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/zynqmp_ipi.c c06e075651f962326859a541fd4c6d54384e64a6 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/sip_svc_setup.c 642eb4d4430e06b81dbd875c82162b74e9e8dd2c - arm-trusted-firmware.t234/plat/xilinx/zynqmp/plat_topology.c 3629335d3e583ddb6e37e48a2d6d7653b1985648 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/bl31_zynqmp_setup.c eaef9a5e9145508301056f3fcb1a77e04a4c561a - arm-trusted-firmware.t234/plat/xilinx/zynqmp/plat_psci.c 34f4ef859bbabcddff900cfabd68a2090bf42175 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/plat_zynqmp.c 9eaf999ae240de204662f71676fb66f53ecc332d - arm-trusted-firmware.t234/plat/xilinx/zynqmp/custom_sip_svc.c 73a2d5fda9d539ed08b6befd6b191510b9b43362 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/zynqmp_ehf.c dee59d0a0aeb4843bf61e41e8c21be39c7ec546c - arm-trusted-firmware.t234/plat/xilinx/zynqmp/zynqmp_sdei.c 7c0e9941101ef7a46412a4a76b4f4a4e5b502191 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/plat_macros.S ad638c9b601da8a4d3cbd78506ac054846db14f1 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/plat_ipi.h cce139e76a7843b57fc7482ecb0388fd6b2a4911 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/plat_private.h 9f203c79452a3fcd9e136bc23df740259ce0e205 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/zynqmp_def.h 28439bb42d404d18393fdbe4d62dd4cd3292705b - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/platform_def.h 1c8c6518fff25d475d0df061a025384f19442a8a - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/custom_svc.h bc56321a1175337ac44a1c78f4d55551d63d60b4 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/include/plat_pm_common.h 3072ddd097d56c74d4222aa74f0693da1d3320ce - arm-trusted-firmware.t234/plat/xilinx/zynqmp/aarch64/zynqmp_helpers.S eff36d802d067b0078f2b2d0e25a832e09138bbd - arm-trusted-firmware.t234/plat/xilinx/zynqmp/aarch64/zynqmp_common.c 563784af7e46e7f66cc1c67d3def08075cb5663e - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h 064c26ad5aa015282a59881e7a9fe9f5cbad799f - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/zynqmp_pm_svc_main.h c5c1c23dcd39f835f1e6a82c8a4df4ec8f202888 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/zynqmp_pm_defs.h 08361ca069acf1918105f928b8b7c98835d94f5c - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c 113174a35274731059356e4cb16ab595234fb448 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/zynqmp_pm_api_sys.c 01cd92b68260ef2ea5b78bf01ad1e083de0dc222 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/zynqmp_pm_svc_main.c adeb0002ac2bd49d29b00e3333bfc87bcab0396a - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c b753245ff55fee0c9ba49c7b2c3ad90457fdb873 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h 3198f77b2d6d3b55049508887b0fa242fb5b3884 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_clock.h 611269f24718d7e93696a90d49172e54a66ac6a8 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_api_clock.c 8acdd91f18b993b46531855492300c94e70f1eb6 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/pm_client.c 3becc2ae7d030cf76b8a5b670617c90c33fe8005 - arm-trusted-firmware.t234/plat/xilinx/zynqmp/pm_service/zynqmp_pm_api_sys.h 321387cbc42fe492729df181a5a8f0b6f6d0bc7a - arm-trusted-firmware.t234/plat/xilinx/versal/sip_svc_setup.c e6712e1ce7b24d2ef0bd5e3fc53c9b97185ce128 - arm-trusted-firmware.t234/plat/xilinx/versal/plat_topology.c ce54ee4b7b986bb10cc10c389ba555e62f714586 - arm-trusted-firmware.t234/plat/xilinx/versal/plat_versal.c f1d5667a70097ee8d1780fcf1626d47b6ffbd534 - arm-trusted-firmware.t234/plat/xilinx/versal/versal_ipi.c d40d09ef40e5affbe674c9b4d42249f01a48087b - arm-trusted-firmware.t234/plat/xilinx/versal/plat_psci.c 1c4573a41454be103fd5c851acdc7f10f34ff257 - arm-trusted-firmware.t234/plat/xilinx/versal/versal_gicv3.c a1fce13884c27764f98c796319919367f4453735 - arm-trusted-firmware.t234/plat/xilinx/versal/bl31_versal_setup.c 8c7b627a320c1e9439131898be571ce0ce2023a6 - arm-trusted-firmware.t234/plat/xilinx/versal/include/plat_macros.S a738107a7e91eb15a44d04a18a71b7c9b79b1f6a - arm-trusted-firmware.t234/plat/xilinx/versal/include/plat_ipi.h 8ad029d79365084ef71ad03ea882929b31b6f6e7 - arm-trusted-firmware.t234/plat/xilinx/versal/include/plat_private.h 725131219f4d9c362c19715b38a22e106214a024 - arm-trusted-firmware.t234/plat/xilinx/versal/include/platform_def.h 528a01ee2bc40db85bf6781c4e13a492e8e0cd98 - arm-trusted-firmware.t234/plat/xilinx/versal/include/versal_def.h 8f5ba9d023ea37ec1be405d0ab7c792818d61de9 - arm-trusted-firmware.t234/plat/xilinx/versal/include/plat_pm_common.h e7420b1437528d09e540e96242c60d13d0409380 - arm-trusted-firmware.t234/plat/xilinx/versal/aarch64/versal_helpers.S d4bc06e5340da4594b4a6129fa8228606d3e634e - arm-trusted-firmware.t234/plat/xilinx/versal/aarch64/versal_common.c 03a90fba2ffa4fdfe2083778b222e6648d46393e - arm-trusted-firmware.t234/plat/xilinx/versal/pm_service/pm_client.c 8cd7a670b86e8f89e80575547eda2c5287ee9b03 - arm-trusted-firmware.t234/plat/xilinx/common/plat_clkfunc.c 21addbd5d819a91e8830d4814f13c668d4de16b6 - arm-trusted-firmware.t234/plat/xilinx/common/ipi.c ee78ac1fe8d20433cc795fb099f456aded85bd50 - arm-trusted-firmware.t234/plat/xilinx/common/plat_xfer_list.c c6bce498be26fd57af599326f85f68b9064c4a55 - arm-trusted-firmware.t234/plat/xilinx/common/versal.c ee10032dc2472fb753a03832b64f063116b86db1 - arm-trusted-firmware.t234/plat/xilinx/common/plat_fdt.c 05dad522daa45e95940a4696af66aeaefe166950 - arm-trusted-firmware.t234/plat/xilinx/common/plat_console.c f4e990d1cc712446364af2434680454bc8288b4e - arm-trusted-firmware.t234/plat/xilinx/common/plat_startup.c 31112b8920009b3a0dc508bd673f2bb52f2cc1e9 - arm-trusted-firmware.t234/plat/xilinx/common/tsp/tsp_plat_setup.c 0c3f6c8f3a54ea899a2dd524b00782841e762469 - arm-trusted-firmware.t234/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c 47a15169c3186aa42acc9f876ece01a8661ebaca - arm-trusted-firmware.t234/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h f8f5521e2cb2f41d076f3d5f5e19e81d202b1537 - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_ipi.h 127d5b6672e9e114dfed723d5cd61b804def4b5f - arm-trusted-firmware.t234/plat/xilinx/common/include/ipi.h 87282d828ae98b298b974db10bcd94bd07852453 - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_fdt.h c5a8773ddc55c3af2b95ee9844a127ac9a34b75a - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_api_sys.h bbdfcfdb0d57dbea5e06c5953d00a1e6d0e27881 - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_defs.h eca1a9cddb60507336c4e8a7501b8260bafcf5d9 - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_common.h b23f1f367acd5eef84ffe84a78bf6e719c50c776 - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_console.h c49f575e32d158e1e5b6695df45d13ccac8fec3b - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_svc_main.h 14a71f97c9f72853ed3d3470ddd9e0eab79b428e - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_node.h 5dff40c389376bbc22b5d3aa0e69a700dcdbef41 - arm-trusted-firmware.t234/plat/xilinx/common/include/pm_client.h b5bc55e22d63c3b852df47693e3fecb9aec02401 - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_startup.h a370a9524e6e61bfba7cb0123a9b0329b0618cdb - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_xfer_list.h 957cdc0dfc01354c33eefd74423c3105ea5146dc - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_clkfunc.h 33e1960be09c4bd041523c9a9862b69f06eed668 - arm-trusted-firmware.t234/plat/xilinx/common/include/plat_common.h fed3a6e23ee9278ec1158a4a8ba1a516cb7829cb - arm-trusted-firmware.t234/plat/xilinx/common/pm_service/pm_svc_main.c eb1ea6a079269764de3c9a4865e185092374147c - arm-trusted-firmware.t234/plat/xilinx/common/pm_service/pm_api_sys.c 4fbc3a8db53c312a6bda87841cacc04d3444df01 - arm-trusted-firmware.t234/plat/xilinx/common/pm_service/pm_ipi.c 0c2b99bf230517b6436b54afd86f9249a3276d76 - arm-trusted-firmware.t234/plat/xilinx/versal_net/sip_svc_setup.c 3fcd84c8940d78283e08fb9f25352ee2144fc9c9 - arm-trusted-firmware.t234/plat/xilinx/versal_net/plat_topology.c 5ad7f71e61698bc1d48578467d2929da57d7e0ce - arm-trusted-firmware.t234/plat/xilinx/versal_net/bl31_versal_net_setup.c 1358530a8d110b0fa57621246141c98140916e3f - arm-trusted-firmware.t234/plat/xilinx/versal_net/plat_psci.c fd24c012682e7e9caa683839da113633bc242716 - arm-trusted-firmware.t234/plat/xilinx/versal_net/versal_net_ipi.c 06929b42be201e28e229968b29ed081d6e91b4bc - arm-trusted-firmware.t234/plat/xilinx/versal_net/plat_psci_pm.c 1e88a1bd5b372cba0e09876dcf5b6c1cf260eebb - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/plat_macros.S 3a4fee174ce193796978c2403734e0d8ed2324a9 - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/plat_ipi.h bd88c3eb5d95c2114b51b0cf767dcd0502aac368 - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/plat_private.h 19b5d399c8b8981e8d74daa4376ddc3b1634b47e - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/platform_def.h d7054f3810666d400f5b278776099a637d78ca90 - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/versal_net_def.h 07840fb181414f58a85ccd588dc886e17444dbe1 - arm-trusted-firmware.t234/plat/xilinx/versal_net/include/plat_pm_common.h acaa6efe005360cd5e750af53cc1839622927e55 - arm-trusted-firmware.t234/plat/xilinx/versal_net/aarch64/versal_net_common.c c6d79d919d099811c8ae221653ac975bb8d8f1fe - arm-trusted-firmware.t234/plat/xilinx/versal_net/aarch64/versal_net_helpers.S 514b603921dbe126e3e4c4026e5dd09ca19ccdf4 - arm-trusted-firmware.t234/plat/xilinx/versal_net/pm_service/pm_client.c dd38f3a1079a17328d48c8cb719713d4de7361a6 - arm-trusted-firmware.t234/plat/common/ubsan.c b7987bfe5968db3bc9818e4db42c003eced6ef68 - arm-trusted-firmware.t234/plat/common/plat_gicv3.c 35a081739341fa36878726fc4b1f83fc62a4cf32 - arm-trusted-firmware.t234/plat/common/plat_bl1_common.c 770195adb4f13e3b639c61646c812d5b051abee2 - arm-trusted-firmware.t234/plat/common/plat_gicv2.c 66a9f3850a6d815318f496213017e7f49cd05602 - arm-trusted-firmware.t234/plat/common/plat_bl_common.c ec9195d2ba3b66b6f4258c18a36b14a5cf41ac55 - arm-trusted-firmware.t234/plat/common/plat_psci_common.c a352a6dbccb3b6bb3324dd8bfacc5d4356d8644e - arm-trusted-firmware.t234/plat/common/plat_spmd_manifest.c 5e22516412e81af7bbc52e0e460447cf2d1d63f3 - arm-trusted-firmware.t234/plat/common/plat_log_common.c 97b4d52d0b6dff78ce2740e514b825c3450caa58 - arm-trusted-firmware.t234/plat/common/aarch64/plat_ehf.c 2b978a8ff5ff6691e49942af52fbee8dd1e500fc - arm-trusted-firmware.t234/plat/common/aarch64/plat_common.c d9432cd7a12c85878af463506821dad810edee3e - arm-trusted-firmware.t234/plat/common/aarch64/platform_mp_stack.S 53568d8d4a43005d8a1be8a379cf0f4b7ddc5637 - arm-trusted-firmware.t234/plat/common/aarch64/platform_helpers.S 1aab68f8337f2cd392589e5b7f227ebb145019bf - arm-trusted-firmware.t234/plat/common/aarch64/crash_console_helpers.S 9f8019f14fe1c7b6b704647357ce49dfc6ff27ad - arm-trusted-firmware.t234/plat/common/aarch64/platform_up_stack.S 063f7a782c2ed73e85b58e547241e5cb237bf79e - arm-trusted-firmware.t234/plat/common/aarch32/plat_common.c f742befce701fed79ec16b324c92409b36838226 - arm-trusted-firmware.t234/plat/common/aarch32/plat_sp_min_common.c 384c6edb2367b639f49a5540ddaf03ea6c75276d - arm-trusted-firmware.t234/plat/common/aarch32/platform_mp_stack.S 2f11ce1b9cf6e69ec84aaca831735fcb77ab9bc8 - arm-trusted-firmware.t234/plat/common/aarch32/platform_helpers.S c8eab49f9d5326ffc974d2ba7c05bd411df90eb1 - arm-trusted-firmware.t234/plat/common/aarch32/crash_console_helpers.S 23d194e7099cee098d207c309f1a5075546c3279 - arm-trusted-firmware.t234/plat/common/aarch32/platform_up_stack.S 36144ebe1637da9185e2256593f8aa7307d0cccb - arm-trusted-firmware.t234/plat/common/tbbr/plat_tbbr.c e859a0cb15b0a9f5269bb49b854f56440159ee97 - arm-trusted-firmware.t234/plat/qemu/common/qemu_private.h a58c658f18083c55761b946dd01b034df662dada - arm-trusted-firmware.t234/plat/qemu/common/topology.c 5f70285bd12102998a4cff3b3b410c8f34af9716 - arm-trusted-firmware.t234/plat/qemu/common/qemu_pm.c edad3efc3341901bce791af691a499cbc13d6900 - arm-trusted-firmware.t234/plat/qemu/common/qemu_bl2_mem_params_desc.c 1148cf058832b709814de888643962ebd19f03b4 - arm-trusted-firmware.t234/plat/qemu/common/qemu_plat_attest_token.c ab28bb3df2cb3355c3a0a9d6b1b8b7a81de0bf94 - arm-trusted-firmware.t234/plat/qemu/common/qemu_realm_attest_key.c 69014982d0852913e07e63bb95ce05ce55bb855c - arm-trusted-firmware.t234/plat/qemu/common/qemu_spm.c f438bdf7db5e42ee4e7dee2f22f2d37c8054e7aa - arm-trusted-firmware.t234/plat/qemu/common/qemu_bl2_setup.c 570d379ddaf975ce99e67d7bd0660c3a1aed1e0a - arm-trusted-firmware.t234/plat/qemu/common/qemu_bl31_setup.c 2b04b574819cd6ca74cb81971a715df8f9e26ae7 - arm-trusted-firmware.t234/plat/qemu/common/qemu_bl1_setup.c 19e3c8b70013a65d32361d7cd0e5d76afdde9469 - arm-trusted-firmware.t234/plat/qemu/common/qemu_image_load.c d78afc172ccab4bef7ee3773a1a534b478b9b675 - arm-trusted-firmware.t234/plat/qemu/common/qemu_common.c 1f8194edf2bf0b58ef9b58c057a0c567ab37421b - arm-trusted-firmware.t234/plat/qemu/common/qemu_stack_protector.c 2085009221c46e8e62ac297e819084f4b6087615 - arm-trusted-firmware.t234/plat/qemu/common/qemu_rotpk.S 16be159c4a5d2a3878237098afe450cac07536d1 - arm-trusted-firmware.t234/plat/qemu/common/qemu_trusted_boot.c a4bad2ed380ad5df3257650a246b10d93edb0292 - arm-trusted-firmware.t234/plat/qemu/common/qemu_sdei.c ec654aff1a7a4e282bbbe2dc13b2042b9534eb61 - arm-trusted-firmware.t234/plat/qemu/common/qemu_gicv3.c d78bd11a3e46b66140586c01d9f834a788316251 - arm-trusted-firmware.t234/plat/qemu/common/qemu_gicv2.c ce499ea5552f0a580d2d730cd86b20a544fb4759 - arm-trusted-firmware.t234/plat/qemu/common/qemu_console.c 06e554aa03b85986f82144c8205ea168f819fcaf - arm-trusted-firmware.t234/plat/qemu/common/qemu_io_storage.c f58716f140fa8f450f8073fca6f98a8eda79bbc2 - arm-trusted-firmware.t234/plat/qemu/common/include/plat_macros.S 1e9d7008ec6ed723f6e81a5d4ccc58175dae0bcd - arm-trusted-firmware.t234/plat/qemu/common/sp_min/sp_min_setup.c fe635c884df368ae689c259f9ac0787b17064bb4 - arm-trusted-firmware.t234/plat/qemu/common/aarch64/plat_helpers.S 674a4514924db14c06277e39651b46250347d7a4 - arm-trusted-firmware.t234/plat/qemu/common/aarch32/plat_helpers.S 0ac100f34106f46e99e68a38bdddd840b5b1e4e3 - arm-trusted-firmware.t234/plat/qemu/common/trp/qemu_trp_setup.c 9ecc9225faeef614667c68362c1797828df014ad - arm-trusted-firmware.t234/plat/qemu/qemu/qemu_bl1_measured_boot.c 24b0b81755b937e036388c1a4518eb1f50914c89 - arm-trusted-firmware.t234/plat/qemu/qemu/qemu_measured_boot.c 550744a18b4aa7236d084b7faa39941e6e0fea6f - arm-trusted-firmware.t234/plat/qemu/qemu/qemu_helpers.c 3a03230a8c9e2350cd6c8d9b45fa67b1ea3b3516 - arm-trusted-firmware.t234/plat/qemu/qemu/include/qemu_pas_def.h af52254c93512d3b820e577910fa7fde6c1167ee - arm-trusted-firmware.t234/plat/qemu/qemu/include/platform_def.h a3366d3ea9b4a5a823b365b0a4fe16dd24af7388 - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/sbsa_private.h 1d2ec75bf24e99926a32e7558f11f7f4c8ef2175 - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/sbsa_gic.c 2e229332b18ca87c4768924782627568e554aaab - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/sbsa_sip_svc.c f2efe87ffe7cd41bf5ac442c75b40fb2593a8fbb - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/sbsa_topology.c 151cea63605746875bff4fceaa296485033aa280 - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/sbsa_pm.c 13ec9483be356033a484d817e83671b5124fda73 - arm-trusted-firmware.t234/plat/qemu/qemu_sbsa/include/platform_def.h c7fe9a8c86d875385974c63d826b15ee7f0629f2 - arm-trusted-firmware.t234/plat/nvidia/tegra/lib/debug/profiler.c c7104ef4a0ccb4a2ceb01951a0c8442349cf4ca7 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_delay_timer.c a6093251bc475596820146bee62ff414265236a9 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_gicv3.c 348ad39495b7209e9858421f7bd1a02f9712a410 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_pauth.c 19e6b82beb11a6c0f5ec68fbcf5ae3bc22eb17a0 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_bl31_setup.c 0fd414a53c555f6cb2d89172408867dc6c3c8e41 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_trng.c a9a4a4ba5e39c0a614f6312b919047527a6b018e - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_fiq_glue.c e232b8ef9078b8e84a919ede3ae77e6207651a0d - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_pm.c be042b8545fd4a1126c9d4225ce172c15b131e63 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_sip_calls.c 0c5a65d7362595eff6d472ba23ccde7af61d9ce8 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_io_storage.c 55b938cb527f31dfe8ec3b11bd74470694eec560 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_gicv2.c 24988e0095d3d939872f55e8ac0db7a7d20f4172 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_platform.c 8617ceef396a9a7f9b5e9e1a4866cede187f6ba6 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_sdei.c 7832f9e627bdeb224b72a22840b7b4cd3354b962 - arm-trusted-firmware.t234/plat/nvidia/tegra/common/tegra_stack_protector.c effe3b55d620b5594fe62260c5ab52fc7c4320ce - arm-trusted-firmware.t234/plat/nvidia/tegra/common/aarch64/tegra_helpers.S 51cb94b5769497d44f69f9fb6c4014c012117381 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/tegra_platform.h 949736009adf4b730b592ef786e3d66eaf769d8c - arm-trusted-firmware.t234/plat/nvidia/tegra/include/plat_macros.S 460da9b247182d92fa1f4aa0291534757b2c142e - arm-trusted-firmware.t234/plat/nvidia/tegra/include/platform_def.h 14b3cda1ba99047b2d55f66548d8f182d8d8f03d - arm-trusted-firmware.t234/plat/nvidia/tegra/include/tegra_private.h 81ea9f15588c258ecbc3f05e477af82433321620 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t234/tegra234_ras_private.h 06b78efa72c2fd24fec6849056456faa9678a613 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t234/tegra234_private.h 7648f2df8c85871044ce8f4b811434470760e129 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t234/tegra_def.h b76d085fd8bf62b29b2651fb2baafb167bbb3f37 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t234/tegra_mc_def.h c74d357832f8b1e2009a8945bef4937224b24970 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t264/tegra_def.h 9f1ba25c06a2566f195f7d04447c82c16fdc7608 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t264/t264_private.h d69603c11e71fef0844a88bdb818465bc94627c2 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t264/tegra_mc_def.h df5462d1132df1830cc8e93b21f3d845a6ad6219 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/lib/profiler.h 65dcb16996ba6f5480b25b088c00618a8401e2b0 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t194/tegra194_ras_private.h 0770b19832587bf494cdf6a16cf0af55ef4e3eba - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t194/tegra194_private.h 2d11f6ea7a132b71e2227d2dab9cdcdf549de499 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/t194/tegra_def.h b01b1d6699848ec430ef6c7ff1fa536c611ac8d8 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/bpmp.h eccbd7dbdb2b149abd38a48ddd5f6b0f292373b7 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/memctrl_v2.h fa073698981deb8685410d390184a2fea2477d8d - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/smmu.h 1ad3acb2c35dab529632e51cfd8a1977d0a3e495 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/pmc.h 7eee98bf96c4e615e71244fad2270fe3ac7bca96 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/spe.h 97366374236e04da0a203c6df1ed7e93325e40f5 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/memctrl.h 2693485a6a4c24984696bab65e09494c4af953a6 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/psc_mailbox.h 0005633528a5228ce544a5fe3fc8b984d26eff95 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/gpcdma.h d6acbb5f1eb851fbab413c7209bfba21509b4d31 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/memctrl_v1.h dd094069cb1a5bb53cf55c4e87b2364925c1e25c - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/mce.h 6d07e5af0ce90657c3fa05b05110cc06037b6648 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/bpmp_ipc.h 9e0e68509f99c921b95b46a65ac5ca876e3789f1 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/tegra_gic.h ecb6bb2512f5f946927baadc3238cacaf9e9c42f - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/flowctrl.h e4e77bfcd8d045ecce243b060298bf229cbf3941 - arm-trusted-firmware.t234/plat/nvidia/tegra/include/drivers/security_engine.h 733bff8880d1f33ec4bdbe6451c1560b8426bd7e - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/pmc/pmc.c fb218e655fd6a3d77f969fce9cd6cb5dd0a6c5b2 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/gpcdma/gpcdma.c 2a6016cc527d04ca332373c0d14542d5176aebf8 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/psc/psc_mailbox.c 8d9b8ebe2f8407dfc849bee6942b55d0a9c76d41 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/bpmp/bpmp.c ea44439d01bb9f52d710121f37d71ecec4d7de36 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/bpmp_ipc/intf.c 187ab51e161e2024160096e2f5c69b9649213424 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/bpmp_ipc/intf.h 8724a95f2af055e28a26a7fa510e1e2312dbb435 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.h ecf2d932f335bc64d226c7d6502806590af552b6 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.c 8204c0be396e5a8b38656b7c4c4e05e2438434cc - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c ee1c0975e985f63ed2ce9cc5078b95784d4f77e8 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/spe/shared_console.S 8c6898bbd3ac5ec7758ffca2946430953626cdd8 - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/memctrl/memctrl_v2.c 4dbec584881036aa37e59b66185d958a695a455d - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/memctrl/memctrl_v1.c d25c56f572cf7b3618f7567d502c1ee11dec2bae - arm-trusted-firmware.t234/plat/nvidia/tegra/drivers/smmu/smmu.c cd358a57c9eb70c10cf1a2d5c2f581fe53cad9a1 - arm-trusted-firmware.t234/plat/nvidia/tegra/scat/bl31.scat 3d01d365783ad5b2ce0f76df72a4a10db3d9a10d - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_memctrl.c f3ee87d8900d331eb65f27dcce162aa818905ceb - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_ras.c c2cd522ab9668274cd7bf26fde63e9dbc9a94f28 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_secondary.c 86e80848dc0a3e938a77237600396b941877ae2d - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_setup.c b35ac81be1ee9736eeb78302fdab93ef8155918a - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_sip_calls.c 6c60b9281955731cdcd3470c26235eb76a9335bb - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_errata.c fedaa8fbfbf95a4657c693da435acbf035995d53 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/plat_psci_handlers.c b445bacb5c4d8f02da2e408d0e5e7382b69c7108 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/se/se.c 7641a42485d020517c692c523a29fe5be4136651 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/se/se_private.h 83d9b00e44be4758c0c5171072545bcc0d7feb8b - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/mce/ari.c e2bf712bccf61c2eadb061d6a615891f5d0b1f54 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/mce/mce.c ce88b9f9a752b57b5a9b852374cefa3c2476672a - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/include/t234_ari.h 08aec0d0be276f69ddac5a77363f59f1ef42d88b - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/include/se.h 97be2d05021abe3f3efae84ce56f37d1597701c3 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t234/drivers/include/mce_private.h 595bafd552b05d81a25e9916fe91779e18beddda - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_memctrl.c 5c0dff5a31ce3b1ccbb934f961c94488e994ba83 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_ras.c e17a699cecafbd3bdb8d61ca87a15bf611962a09 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_secondary.c 41ba8bd7300da545d7de6d5766b2a0f0863e9c31 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_setup.c aa4f71e82caadc9e0e65cf0bf6d2fdc4542dacb6 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_sip_calls.c 9616cc75e29c9b715a22c8e0ed35a7d757301e0d - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_smmu.c d893793283c93ce6c488a51940c01574780f7333 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_trampoline.S 63569bbb6a2fcb93c165b48c77dc2e26313cb4ed - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/plat_psci_handlers.c ee99b21f1c4746989c94c7e3a6a28309b2cb7929 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/se/se.c fa7909d4e0ccdeee6f0765cf68a95899ac8aec1f - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/se/se_private.h 0cdfadd153db5ee7d515adb01dd35d62e546226a - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/mce/nvg.c ccebfe25a0f4bc54b5d08685ce74082118f713e4 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/mce/mce.c 99d5d980ae032fa2dfb6e9da5fe48dd600b2a896 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/mce/aarch64/nvg_helpers.S 3a4f9975be9b5fd8328ef7d595db018d71929bc3 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/include/t194_nvg.h 298abb9097e851023b914f09fe36c8cdaf367e22 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/include/se.h 8cec2a63b748c24a5fab3c7c47f114b8147894c4 - arm-trusted-firmware.t234/plat/nvidia/tegra/soc/t194/drivers/include/mce_private.h 170634ac25c995303394743ee26ab4f2265800ca - arm-trusted-firmware.t234/plat/ti/k3/common/k3_topology.c 0c1b93ab43b2ba80888285d54bd6c88a330abd32 - arm-trusted-firmware.t234/plat/ti/k3/common/k3_helpers.S b7db92eb179805a28d1ea0c01a30b3c856d97a70 - arm-trusted-firmware.t234/plat/ti/k3/common/k3_psci.c 500492fb75dd570ba4fbeccc3664611b5da3a1ba - arm-trusted-firmware.t234/plat/ti/k3/common/k3_gicv3.c 41b9c96e4ffd9d51ef07345b13dbf173adf98260 - arm-trusted-firmware.t234/plat/ti/k3/common/k3_console.c 03c91a4b96c78e27b3534215550a85d2baef4a60 - arm-trusted-firmware.t234/plat/ti/k3/common/k3_bl31_setup.c e26e8ec220100266b7e88e2988430c5e5827b07f - arm-trusted-firmware.t234/plat/ti/k3/common/drivers/ti_sci/ti_sci_protocol.h 9caefb91af945403ff90bd65c3bf2c4d63f0d4e8 - arm-trusted-firmware.t234/plat/ti/k3/common/drivers/ti_sci/ti_sci.h 7c205fd0461ddf35351517c01ec9ff0b3d472453 - arm-trusted-firmware.t234/plat/ti/k3/common/drivers/ti_sci/ti_sci.c 65543dc7d9a840040d346b740384936551691526 - arm-trusted-firmware.t234/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.h 1cc8b5048759dec0cddaaca704360a5e02ff0387 - arm-trusted-firmware.t234/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.c da89ff4506058f3e90a127f4e7d79a7d86057bfd - arm-trusted-firmware.t234/plat/ti/k3/include/plat_macros.S 734674f35450e45ca0c58c9036e71a978ef8407d - arm-trusted-firmware.t234/plat/ti/k3/include/k3_gicv3.h ec6de3dd43f151980eb37303f4f3b8ef9e9ee4ff - arm-trusted-firmware.t234/plat/ti/k3/include/platform_def.h 07586acc76dd409f7eab912bbecaa0477c4a5a31 - arm-trusted-firmware.t234/plat/ti/k3/include/k3_console.h 80cab8852a24cef43b5897050cff90b4cbb1b5df - arm-trusted-firmware.t234/plat/ti/k3/board/j784s4/include/board_def.h 719de8818b0a907ce3b51497c9bf5577634366dd - arm-trusted-firmware.t234/plat/ti/k3/board/generic/include/board_def.h c972344f8497be61b5561d1cf3e16a3a5d065403 - arm-trusted-firmware.t234/plat/ti/k3/board/lite/include/board_def.h c8e9b163151610444afe368cd3525dc165595d51 - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/sunxi_idle_states.c a38730b258e2c37f114fdb3c923369bade8e7a1a - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/sunxi_power.c 0444d8d2183e9c346c278bac56b39912c74aed0a - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/include/sunxi_cpucfg.h 54ee3b911a552e2cd6e3802820f5cf3e09575a01 - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/include/core_off_arisc.h 3f4f908a2f0a6a7660d40d79215077ee248f740e - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/include/sunxi_mmap.h 2c5ad97e48086e62d1d58d1d8289ac4ab3153179 - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/include/sunxi_spc.h 65eec287284371a887adc4c9aa1952c26be66df7 - arm-trusted-firmware.t234/plat/allwinner/sun50i_a64/include/sunxi_ccu.h f5a23e3802d2c1d7b94a9fb3c62e5b43cf3283ac - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/sunxi_idle_states.c a6577cb2995b5f4d303dc8ddccadb2ee872cdd56 - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/sunxi_power.c dd19c5d97b6fda42cdf7822b9932b2c6bb7999de - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/include/sunxi_cpucfg.h 9653d20197e5e808f260d368acf0605730acd73d - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/include/sunxi_mmap.h 3dde76eb498c889851714b3d8e6749211c62bbec - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/include/sunxi_spc.h 1590f260f1febbedf931a1596cea2d2e437ea92b - arm-trusted-firmware.t234/plat/allwinner/sun50i_h6/include/sunxi_ccu.h f5a23e3802d2c1d7b94a9fb3c62e5b43cf3283ac - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/sunxi_idle_states.c 03001e5fa23515aba0765c130aad123367758776 - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/sunxi_h616_dtb.c 597c7d0e25492053936d68d62e433724f752b395 - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/sunxi_power.c 5f9c46257fffc11bc9cc33e4857e303df4ef68cb - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/include/sunxi_cpucfg.h 3aedc81b7dac5e568253b5f0b546617d87eaee95 - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/include/sunxi_mmap.h 3dde76eb498c889851714b3d8e6749211c62bbec - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/include/sunxi_spc.h 1590f260f1febbedf931a1596cea2d2e437ea92b - arm-trusted-firmware.t234/plat/allwinner/sun50i_h616/include/sunxi_ccu.h b60215b5a41eed815c27ed34d6d112d94e26d3e1 - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_scpi_pm.c d0c39fa309e95376cbaab2d859e56d45c214ec07 - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_bl31_setup.c 4fbea1d1c07593e4288cbf95ad006133a753832c - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_pm.c a44feb979fffb71189cf9943a6d99946305122e2 - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_security.c e602a60b0fabfe8e91ecf654c16701712b20c3f1 - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_native_pm.c 704da3ea1b61d5106a6172712ecf6a80b1528bf0 - arm-trusted-firmware.t234/plat/allwinner/common/arisc_off.S 98bd6ed3f41b4f5c592bb0b0b02d1a0a3b29324e - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_common.c 0ded87657ff47f0fe5896f1ab1d6d2f9b34f0429 - arm-trusted-firmware.t234/plat/allwinner/common/plat_helpers.S f2bc1957fa87b9880744d070c964b7803c7bf295 - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_topology.c 0f08c32e56a3d49917e94d91f1f5e67ec04f1f8b - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_cpu_ops.c 1d09c2179f295717db5f78a8b05d8f59c3f7d3fa - arm-trusted-firmware.t234/plat/allwinner/common/sunxi_prepare_dtb.c 6f474bf01aa788552f1f76b11f638fbba9baf15a - arm-trusted-firmware.t234/plat/allwinner/common/include/sunxi_private.h 242047970a5d0ce5a4a6de33577a17208f8793a5 - arm-trusted-firmware.t234/plat/allwinner/common/include/sunxi_cpucfg_ncat2.h 7d746a44b6a3bbaa1c3e923de0abdfc40393712e - arm-trusted-firmware.t234/plat/allwinner/common/include/plat_macros.S fd832fe0636086e24eed0ccf1d3f37823ec3f718 - arm-trusted-firmware.t234/plat/allwinner/common/include/sunxi_cpucfg_ncat.h 1f3580c9b5753f5e99e173cffd6e713bce84d2f4 - arm-trusted-firmware.t234/plat/allwinner/common/include/sunxi_def.h 31a7e9055463700ee8fc1104f79949816de6f944 - arm-trusted-firmware.t234/plat/allwinner/common/include/platform_def.h 77455765d6d80bf4a48d7744bf6f4770b7369215 - arm-trusted-firmware.t234/plat/allwinner/common/include/mentor_i2c_plat.h f5a23e3802d2c1d7b94a9fb3c62e5b43cf3283ac - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/sunxi_idle_states.c 3fa3a563994fcf2710324634950265fc8f9d7850 - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/sunxi_power.c b4383995eb5fd691801c528969c95a7826b48382 - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/include/sunxi_cpucfg.h d430caf710295e9e77a240b785740fdde6705e26 - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/include/sunxi_mmap.h 1acbdb220cff8edffa7cc7fd4808f71574b90966 - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/include/sunxi_spc.h 2870bd5728ae0e5857fadde22b048a6fcf6ee2d3 - arm-trusted-firmware.t234/plat/allwinner/sun50i_r329/include/sunxi_ccu.h 33f9c2d61b7aa3242f22100ba2694ba2709f7a1b - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_topology.c bca37120bec0db88310c0e711220bd8301c8b932 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_pm.c 1b333e35df79afc9319c45ded87fe22b1e5547fc - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_security.c 8b11d0569d254ee10c03b8e7dfaebf823b7b1746 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_bl_common.c 1dc25162c504805b378176ceb2a1fac39b8fa3e2 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_ddr.c 10b56da87c85a4ad254e8e25455c6fc119d4ee23 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_bl31_setup.c 1975a45f73616d0ceb03dab4a9397cbabc1e66ce - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_pwrc.c 132b89dc419b19bfabb3eb2450a5e74317faea11 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_io_storage.c b8ddcea3e66690f3932ae009921566fe249feccd - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_pwrc_sram.S 126933334b9ebdde11859016f3bbcc6ac9bbef88 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_mcu.c 0071214b6af7f5e24aa92d4e7849c79c3818ed05 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_bl2_setup.c b0603f49d7b1252e6774be83ed95232695f1f263 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_ipc.c e90b7c0a59b785560e233605f2968b642d26fcdb - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_sip_svc.c 8d152d6cc7fa809e64664b6fda9d33b121b05eaa - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_bl2_mem_params_desc.c 0472150350a0f6a23e8750e0fe14991d176d1a04 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_bl1_setup.c a68989337ee4c06cf76f89d69cfc5c3aca210b00 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_private.h cfc7af573fbb40bb702a616d8f0bf02b017a3e0b - arm-trusted-firmware.t234/plat/hisilicon/hikey/hisi_dvfs.c 5366b77beffc310cab412735a4e4f43185e171c6 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_image_load.c 0aace28e8f75168d13d7274d81f1f906cc1b2cae - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_rotpk.S 3f90b73f27ba47848db784621dd350e6a5ec54d9 - arm-trusted-firmware.t234/plat/hisilicon/hikey/hikey_tbbr.c e0f40190a4d2a13086e9b7c951d5301f744dd767 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220.h 31f012031e8dec3fe5dab7afc9ab89deffb7fe7c - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220_regs_pmctrl.h 98509207554ab836b38f580d203793668061ce40 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hisi_sip_svc.h ee2004c34a377b43d61f3fde4201ea86e1834fc7 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hisi_pwrc.h 4619ff482dfa91c976c3d58153ac694dd92a0abf - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/plat_macros.S 95b6af34fbda29b2cef5ecaa3ecf9deb1f7a48cb - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hisi_mcu.h 42137e1b1e1f31a2b92b351765982cc8bcf28601 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220_regs_peri.h 5da379773f07f291d897ea36a13ac008c78bbbe4 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220_regs_pin.h b9c87b1b0f989e816c65163d00ead7cd68b4b6bc - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6553.h e2fd2bbe14a506ac8ab6eb8f4c65dd34827b33a8 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hikey_def.h fff863e589a15845fe768ee9bd16a482d5946db7 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220_regs_ao.h 79f261b3e512eb92ef04e1b172276ba95108b6ac - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hisi_ipc.h eb1ee8f26e0a9e1d174893e2a80e0ea2be070df3 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/platform_def.h 379cc0fd2c6486a2bfc850d19190835961783f16 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hisi_sram_map.h c54b714045ab12cfcff4363f00ce94952a40e2d6 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hikey_layout.h 659dfae8f25d18bef4e2ac3c9b2cc07bbd255dd4 - arm-trusted-firmware.t234/plat/hisilicon/hikey/include/hi6220_regs_acpu.h f3431f5300aefc0065b1e6ad9f3e996878027bff - arm-trusted-firmware.t234/plat/hisilicon/hikey/aarch64/hikey_common.c f4fe9f99f519b213b8d23015c37b2e4013ebb066 - arm-trusted-firmware.t234/plat/hisilicon/hikey/aarch64/hikey_helpers.S efef809ad6abb1c1388bcc0ffa92d502ca075b96 - arm-trusted-firmware.t234/plat/hisilicon/poplar/bl2_plat_mem_params_desc.c 166469bcfd5bac8ca50e33d23d40607d532f7a9f - arm-trusted-firmware.t234/plat/hisilicon/poplar/bl1_plat_setup.c 942f440e430db3a0fb9bafcb2877fa0f2b2b2206 - arm-trusted-firmware.t234/plat/hisilicon/poplar/plat_topology.c f74fcf80665ecffb4b4fe3402223e62b707c18ea - arm-trusted-firmware.t234/plat/hisilicon/poplar/bl31_plat_setup.c 706af98521027fbfb3cb50742e9203904186ccfb - arm-trusted-firmware.t234/plat/hisilicon/poplar/poplar_gicv2.c 43b6cb88b4528db3610c0591b417afee9f8e086f - arm-trusted-firmware.t234/plat/hisilicon/poplar/plat_storage.c 5366b77beffc310cab412735a4e4f43185e171c6 - arm-trusted-firmware.t234/plat/hisilicon/poplar/poplar_image_load.c 4df6d997a517a03b7120733e3ff6f1a2634caa47 - arm-trusted-firmware.t234/plat/hisilicon/poplar/bl2_plat_setup.c 87679266798806f6a6ec26551b9b29c5b326e611 - arm-trusted-firmware.t234/plat/hisilicon/poplar/plat_pm.c 7309b02ef23609fb839b029b295bffaf714cdc1a - arm-trusted-firmware.t234/plat/hisilicon/poplar/include/plat_macros.S 2bc481728aac66acbe669f76aa6dd84c3f4e88a7 - arm-trusted-firmware.t234/plat/hisilicon/poplar/include/plat_private.h e8d837174e3274ddbcd923af88d3e19e1af8c06a - arm-trusted-firmware.t234/plat/hisilicon/poplar/include/platform_def.h 886c0f5016e57d19f100e302c07d4ff28dcd032b - arm-trusted-firmware.t234/plat/hisilicon/poplar/include/hi3798cv200.h 54bc2fcf8fb31777a2eee36c5b61246cc0fa0a17 - arm-trusted-firmware.t234/plat/hisilicon/poplar/include/poplar_layout.h 5b726e62a784d7660009ac2235ebf2d76dc809ad - arm-trusted-firmware.t234/plat/hisilicon/poplar/aarch64/poplar_helpers.S ef034cd3245b78dec24c714d8ffbb7e9b490427c - arm-trusted-firmware.t234/plat/hisilicon/poplar/aarch64/platform_common.c fc3d37d2191841fe6bab5841f4be4e364cf919b1 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_io_storage.c 0f1a35cf03c46fa57303de1b14fd3ec9d83d2e72 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_bl2_setup.c 00000d9a64ab9fc946dd3055da2fa43094bc324f - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c e521b7127c97a6dc50d62a6fb23613467dfa5c91 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_boardid.c e7130fd49b764ab203b1f70d8c04929b17c338a1 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_tbbr.c b4ec4794171dff334edac55b287dbba42365301a - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_bl_common.c 9becd5a35328d19646bc14bdbf52f66571aad713 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_el3_spmc_logical_sp.c 58fdfe0ccfcc2206b61f2c7148ae45a7e7b5c061 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_def.h 0cd271eb1db1372ebacbc89a1ab7e6b858522177 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_topology.c 3b43870e172a97e6682dc9e7adeb7ee54b219ce1 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_mcu_load.c bbe8476c612a414078e7e0577543027250b3be7c - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_private.h dd51fbc51f374c1d5e6292885a8f0058321bb5cc - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_image_load.c 71a2f94675c4355ea405600c073865fc13d6e6d6 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_bl31_setup.c df960717d8f3e8b3111b85c464d02214767ffe67 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_rotpk.S 19471da73d6d6e0316b89091e8034b65252676ea - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_bl1_setup.c e5d1ee45233d19ae915b7dcde9d177ac30ff3c59 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/hikey960_pm.c 930c77f84c5ef2c7971e52015e58fd9c314fbba5 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/plat_macros.S 8774867d6c0d50ecb09674f12d85db31de3d0041 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/plat.ld.S b1be891afebf5d255da6f6dcb865725241f566b9 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/hi3660_crg.h 201bc8884be1cfb9b4f87f3fcc6ccf3aeec268d8 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/hi3660_hkadc.h 9b6172a308464c71e87f1f420cb1df10ceb7bfb4 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/hisi_ipc.h 98cbcb7b00b84ca35f3855f0fed8a0bcc35044b6 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/platform_def.h 390e28e24c8915a9f956b1a1de0cafa7306bf9ed - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/hi3660.h d8da79f1ebd9b100b4d3dc915552f3d086d5eda9 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/include/hi3660_mem_map.h 4a0475ff7dac46ea547e623a9a83071f69b5a4b7 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/drivers/pwrc/hisi_pwrc.h 168bc920b2828c8478a977c1e6b9e597791c0e45 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/drivers/pwrc/hisi_pwrc.c 4abee183dc860ea0fe600bb9b19e3c4a0a3d6773 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/drivers/ipc/hisi_ipc.c 14bf1952f6bf5592c70b43aff34b3984bb9079a7 - arm-trusted-firmware.t234/plat/hisilicon/hikey960/aarch64/hikey960_common.c 33e4f92c8882961c556666d4e463a0cd932589bb - arm-trusted-firmware.t234/plat/hisilicon/hikey960/aarch64/hikey960_helpers.S 757aa19204a1a17a1bf7a0c7afe2cc57465477e0 - arm-trusted-firmware.t234/plat/nuvoton/common/plat_nuvoton_gic.c 38c6969429fa46ef1e68d50e6fcb6e311d12bb04 - arm-trusted-firmware.t234/plat/nuvoton/common/nuvoton_helpers.S cf26b6b4a50c5dc5c335b39516ae249521a2c44c - arm-trusted-firmware.t234/plat/nuvoton/common/nuvoton_pm.c 4bf37de1dbaa8dbd7bf7dc13d8d5e18d4649902f - arm-trusted-firmware.t234/plat/nuvoton/common/nuvoton_topology.c b3e5c79ccc166f78d955d7500fc60b3a0a3272a1 - arm-trusted-firmware.t234/plat/nuvoton/npcm845x/npcm845x_common.c c43fc7fe9749f3845fd624c21f1ff765cd0c6ff2 - arm-trusted-firmware.t234/plat/nuvoton/npcm845x/npcm845x_psci.c cdeda009ecac5d7546aeb49da4159077332fd771 - arm-trusted-firmware.t234/plat/nuvoton/npcm845x/npcm845x_serial_port.c 95b3fdae0d8de2d798a10e56f7071e4aa4d3b854 - arm-trusted-firmware.t234/plat/nuvoton/npcm845x/npcm845x_bl31_setup.c 572ea5edf4e0c46c76fdc9b6eb08197c585be8b5 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_rotpk.S 9b1262ca8c6950227a294b789fb3e53dfa2086b1 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_topology.c 77fff6026c1390b1ee72fb8b325459f621ba78e3 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_psci.c b60ee8850906f76ada82b2db19c8656ed9c12d9a - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_gicv3.c fabaf9f847297853dc77c6577d5049ea4ab77809 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_bl2_setup.c 8286dff95425dddb9a5b25ffda50460831781793 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_xlat_setup.c a11d578ee6af8315da34f383d53ad866c3acb944 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_image_desc.c 94f1c76a8b066bc8d833c5c6d9d83cc9d34c7f6a - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_helpers.S b8adf13173155303a49ce111d0e2bf30bae8a3c8 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_tbbr.c a8796cf9a2847c8c6d4851d911b9bd0622450b48 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_io_storage.c 6ea940b481cd25220bd10b37d68e6698200c8e07 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_bl31_setup.c a32f17d7db01cfb7a14811a914ba2066581d29a1 - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_spm.c f43a62ef3a99346a097b8813441539c5354436fc - arm-trusted-firmware.t234/plat/socionext/synquacer/sq_ccn.c 71b4d3a8866abd87734eafad2ffcf269d273af25 - arm-trusted-firmware.t234/plat/socionext/synquacer/include/sq_common.h 9f24e8fcbc08c61f43c8041c0464cae65fe01ce8 - arm-trusted-firmware.t234/plat/socionext/synquacer/include/plat_macros.S 4394260865fca0846df9aeef85e4555cbf807b60 - arm-trusted-firmware.t234/plat/socionext/synquacer/include/plat.ld.S 6852993230615df9cd7a9e8fcdfdf86066533afa - arm-trusted-firmware.t234/plat/socionext/synquacer/include/platform_def.h f57f50699d6a8f3902d4673f01ec3ff0d6931d29 - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/scp/sq_scp.c e431465e90b8b68ce2922ff400c2e6953eaeea9d - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/scp/sq_scmi.c b6784404cec981a185e6f44ef689f28b7d9513e3 - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/scpi/sq_scpi.c f8fe95fbe1e35e8c328ec5a197b76c329feda4bd - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/scpi/sq_scpi.h ebfc7926ca7e342e5cec3fed564e68be76a80fdd - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/mhu/sq_mhu.h 961c660b9e7a5641523d5d23b5396c2a2a67746e - arm-trusted-firmware.t234/plat/socionext/synquacer/drivers/mhu/sq_mhu.c 05b8fac4f5d6b8cee9465b541e992f27f071fe8f - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_console.S 30d16489f342eed522b276128737ad41acb82ba9 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_helpers.S 456820f5853d3f1676ee19bf63b9c360ed9a80a8 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_io_storage.c ab09cd5d8d3222857a607791bee8b31359314aa9 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_bl31_setup.c 98c1438c270db5db7bd6f971cb928420df53c1b7 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_image_desc.c d94b79f813abf374eef409d04968fce943a3ef84 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_boot_device.c 8a0a08bd7b9292bd5b334bc91ad422838eb83118 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_cci.c 2b022afd58ed2221e8abc99099867eab0c42c326 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_emmc.c 26621302eaceca62d3b0e8224c6c14d5ea08df38 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_xlat_setup.c 516680ab29649a33ea07ffa922f3b18448e61e55 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_psci.c 5fa3e198d6ad7a764cb058e6e88fa12a0d8ffe85 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_nand.c b445ddffd2167b6758d19874673ec99f3f2a1d30 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier.h d342acec84b75ea4f64204404f0a54b4158920e1 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_usb.c 21ef9559c64415fef54f3373f28fde4fa86d92d3 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_topology.c eca523ec19dc113ddd19b9427a6651cd6ebe6bb3 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_soc_info.c ad344a675d5f4bf3287a6e32451b462c3ea7d29c - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_rotpk.S 91e3ef5fbfd42b725b57f2608d1934a5c717de3b - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_tbbr.c e4e4584414cea9a632b613da62b76c3999974c0c - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_console.h 30db57b3d947cfae86d4cb1fbd7d79f7365fe01d - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_smp.S 7518b6009c736b543504a3f84be4cbd20e8d9f0c - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_scp.c 32a2fa4301b38d14bb8e4a0ac204b4e13d605a55 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_console_setup.c 69a2371870f65a855d9ff7c728f2e9c32882aa2c - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_bl2_setup.c 7cb14fc4ccfe79fe8ffb080b91337e263775111d - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_syscnt.c 006db753e22b1119a67d4f76bd213bf3de08be09 - arm-trusted-firmware.t234/plat/socionext/uniphier/uniphier_gicv3.c d181839ef722d36e8a51c126deb67a2eae64c527 - arm-trusted-firmware.t234/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c 8bea3f2da202b83b97d9b86e32cb50d5c17cae7e - arm-trusted-firmware.t234/plat/socionext/uniphier/include/plat_macros.S e35ee40c042c15de97496be4f1d9c81b960cc3da - arm-trusted-firmware.t234/plat/socionext/uniphier/include/platform_def.h 60baba93a9e38f989d8f3fdfb045849d1edc2d69 - arm-trusted-firmware.t234/plat/marvell/octeontx/otx2/t91/t9130_cex7_eval/board/marvell_plat_config.c 65b77a7dbb8e28f892af2bf3b76eff17c87a9cbd - arm-trusted-firmware.t234/plat/marvell/octeontx/otx2/t91/t9130/mvebu_def.h 2311f962795291fdd649a3acb3d3fcee85e19d11 - arm-trusted-firmware.t234/plat/marvell/octeontx/otx2/t91/t9130/board/phy-porting-layer.h a1f884a99e9e14ac83551e73429b0cf7a2c5aa0d - arm-trusted-firmware.t234/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c 147f2e7e737cb6a5eb1dd98a0deed8c0462d2041 - arm-trusted-firmware.t234/plat/marvell/octeontx/otx2/t91/t9130/board/marvell_plat_config.c 5e67c15fa899cc3d6d54c6690c27ee68a251e6e5 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_bl31_setup.c 967cec99f7b71e660a863c2b6c7b345e67765961 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_ddr_info.c e8797c2639ec349e76fc1946c984275c010e4cc0 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_console.c 9fa0f4b8209945eb39ccee90bcc305efbe10f211 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_gicv2.c c785e8c07a0fa5d01b9ecf8eee873f7a18697e3a - arm-trusted-firmware.t234/plat/marvell/armada/common/mrvl_sip_svc.c 79f7407103c1059afb212382689fff9c6a4f4350 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_io_storage.c 584933c23c61489326c2c1c2f503b261225081c2 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_gicv3.c 0ff28a152c1c0997120e1e3a5fe654f1ae19ac60 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_cci.c 6ea11f2ef3d7978e714cdf621aeb7c8719c7edf3 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_bl1_setup.c db23baf6374a79472a4b930f1fd68144d4f314a1 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_bl2_setup.c c6e2fab47d050265fe94d5ce57fd1a3a684da2c9 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_topology.c ea896d0f1d011e14c4411020d73d083c22eac783 - arm-trusted-firmware.t234/plat/marvell/armada/common/plat_delay_timer.c 59510c739cc2d9619a9a5c21e1cbf1bb05094867 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_pm.c 69ee13cde36accbde0f355f89f9cc2b5d1aa2cb9 - arm-trusted-firmware.t234/plat/marvell/armada/common/marvell_image_load.c 44573513efade3da9aa2ca94c3d4069a8af646fd - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_mem.h 872e517062b5b548f6de42424dfb8290309f6773 - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_scp_bootloader.h 0bb02e303d4c696fe34379bc2d5dd9f2fe16229d - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_scp_bootloader.c 42d2fb2461687118d1f9e79ed2ae2a274cc91c45 - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_ipc_drv.h 5cecfb1042c66b79c4c4c9bc5961fd91b34c880f - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_scp_bl2_format.h 56e5fda520a793a37c7e8daa1ecfe2354b26e99e - arm-trusted-firmware.t234/plat/marvell/armada/common/mss/mss_ipc_drv.c c990f5d612bc8d238855b21005f4771531af3124 - arm-trusted-firmware.t234/plat/marvell/armada/common/aarch64/marvell_bl2_mem_params_desc.c 0842c4cae12a7c22367b83357a2c824d060dee67 - arm-trusted-firmware.t234/plat/marvell/armada/common/aarch64/marvell_common.c a71cc21b90eb5b1d29b125e9c98c3e50f9a145bc - arm-trusted-firmware.t234/plat/marvell/armada/common/aarch64/marvell_helpers.S 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_mcbin/mvebu_def.h 25524fffee705cfc27dd670e05523c5de9ef0ed6 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_mcbin/board/dram_port.c 586996360a2bcce38bf90fa0b1b7a20a45c6e26b - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_mcbin/board/marvell_plat_config.c 29e2e91f84a20d0c2f220e0eba6c447909e5aab4 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_mochabin/mvebu_def.h 99aea1bcabb4f6d0d7452ad42116629d21bb2b61 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_mochabin/board/phy-porting-layer.h 8211399dfbf7994faafa28d85d5d232265c000fe - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_mochabin/board/dram_port.c e26cc9cf2cffd853101d24b0e6cade82ff5f5cbe - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_mochabin/board/marvell_plat_config.c 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_puzzle/mvebu_def.h 4d33d263a3f05c3d8f3400a45afc2dd7f1792669 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_puzzle/board/dram_port.c 7bdf0ea1da45eaab8f21dca700b29582ccc57d0a - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_puzzle/board/system_power.c f1c6500edd19c1540f562c4ea2dba8443a7cd419 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0_puzzle/board/marvell_plat_config.c 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0/mvebu_def.h 80de920eee6f0214b1cfb2cf104cd6d295bb478b - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0/board/phy-porting-layer.h c0c43ed673f4f38bd78a3d145c4ff0f553bf3032 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0/board/dram_port.c 027eab15e763f75779fca4721b6612e1cef0f74a - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a80x0/board/marvell_plat_config.c bc3edb20ef2a7baebacce2c631f800cb6d206bbc - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_bl1_setup.c 4f7afd096359c9aad1f7852029a643db033fe7c7 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_ble_setup.c c96d4c2fac061ca1e3be3600ee8748de11d20ed0 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_pm_trace.c f1e7a83b618d37eb2df8dcc4cff814b934a4ab74 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_thermal.c 3f6403fd39850e34f4c3bd674ccf8170f74af43d - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_bl31_setup.c f699492dab133c44b5675b2928a93903f59ea700 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/plat_pm.c 86c5d3b710ba9b63aaf82c0f9dc1606c22176f45 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/include/plat_macros.S eb840b0d5bb6e8cbd42b1ab32b72baec165926e7 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/include/platform_def.h 9fe71c8db281a9fc253c959e2bf8d7ed5b59f658 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/include/ddr_info.h 0f1625972d53fdedca61514318bdfd1ca806ac51 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/include/a8k_plat_def.h 3145664e80460f27bc2fd8cda127e916e518678f - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/include/mentor_i2c_plat.h cc11d9f29f29d9c9366f3e6c66183d38e3031ab7 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/mss/mss_pm_ipc.c 392f1834ac5b4679e9ae724c7cf1f3a20c0e566a - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/mss/mss_bl31_setup.c 97ae958df0c9d8f54ff36a7803fe0ba27434e45c - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/mss/mss_pm_ipc.h f83bec0cc962f915447a4582455414387713f7ac - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/mss/mss_defs.h 9acdf9fa5a506b13c376584f49b42a4f437af6c5 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/mss/mss_bl2_setup.c 4b2131b48e6b858b49e7e4d819172c5bc729f213 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/aarch64/plat_arch_config.c 919f5232edc5f6c3ec1670dedf5bf25fbb59356f - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/aarch64/plat_helpers.S 01f390bd22a88039e1fc5f2d062ca126dae34478 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/aarch64/a8k_common.c afff23d84b3d0b2dd27221934ccb9475fce71502 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/ble/ble.ld.S 8d8ccf9d72fb421744052b95f2dc698844542a67 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/ble/ble_mem.S 29b7013d6e080d93a60b3780f10310e29aaa6bbb - arm-trusted-firmware.t234/plat/marvell/armada/a8k/common/ble/ble_main.c b79710e67347483f51ba3aa8fcb25a7f7dbb5083 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0/mvebu_def.h e0382b98cbf2ae3613453ec924646d5af8b1f11e - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0/board/dram_port.c a3184b54f314a3880b11bd80e9ace2a825e4e251 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0/board/marvell_plat_config.c c7d9738b5d030b72c12bb9649d2dfb58e180b5b8 - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_amc/mvebu_def.h eecb4e28621a6ea2bbe58371406ef5f58590424c - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_amc/board/dram_port.c 8eca9aa01df9af91fe07386e941d7557eae7d0ce - arm-trusted-firmware.t234/plat/marvell/armada/a8k/a70x0_amc/board/marvell_plat_config.c 3f70fd4dd52f090e5e86093abe02a4f90c8f4353 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/cm3_system_reset.c 4e66aa51fabafab21b8e01fa4f3d49fc8fe6a97e - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/a3700_sip_svc.c f0aaac82be8c1b465622b1b82d8514de62c2e937 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/dram_win.c 5ce8b4638274f9c66287b2f3662bb0bfcfc00074 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/a3700_ea.c c69cebb7da27f2c1868010e64282cc0bf1710430 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/plat_pm.c a8ca841fb42e9bb5a9c071732f25138003b82d96 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/plat_cci.c 344f94187e37e08b2f532eb66281e7e28e7702c5 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/io_addr_dec.c d00c0cf869839d6cd370b5b6c58e8d066705e2e1 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/marvell_plat_config.c 71cc1316bcad08255d76ad0ad858f47d681be60d - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/a3700_plat_def.h 58c7ff47a2230af870313a655dcab4f22dd64957 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/dram_win.h 12bd9050e1d74b888a3866cf8ff79d17103fd0f2 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/plat_macros.S 4fca4639fadfa096c82d08932ff7c44b56b9ef4f - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/a3700_pm.h 61ab3a7cf4de99459f74b40ee4aa7c4c063f92ab - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/platform_def.h 6c89be0e3e7e102687ce8d216227785edce4db33 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/ddr_info.h 0e8b8f431e24f28a92fcd4fb9d46eb87a1113db4 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/include/io_addr_dec.h 6a97369a4a693cf002e5f5f6ece32516e5978068 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/aarch64/a3700_common.c 965bc32da1f0ff9aa830bcede48eaca19cbe3b29 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/aarch64/plat_helpers.S 80f0ae31f4c2b57b330b01be44b293f6aa2cef72 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/common/aarch64/a3700_clock.S 716620282caf3210c15f6795e996035311a8ddd8 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/a3700/plat_bl31_setup.c 2cecd73b6df5a49196420939a6810672640ce165 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/a3700/mvebu_def.h 8f4af50a0df849dd31970be55e943ee4302b0472 - arm-trusted-firmware.t234/plat/marvell/armada/a3k/a3700/board/pm_src.c dd2c481628c54d07d905a85f08e527943473d31b - arm-trusted-firmware.t234/plat/arm/common/arm_nor_psci_mem_protect.c 29d5aa4597a4a5d917e61847ae451ff6ab6894d5 - arm-trusted-firmware.t234/plat/arm/common/arm_transfer_list.c a0c5e4e24484adfcc6ac93c449bd813fdf93b8d7 - arm-trusted-firmware.t234/plat/arm/common/arm_image_load.c 818f12da52d6ba6cd1d5d93897b8a593c7eb3482 - arm-trusted-firmware.t234/plat/arm/common/arm_dyn_cfg.c 3b628c17fd98697338a0997a380df8a81c7d2e66 - arm-trusted-firmware.t234/plat/arm/common/arm_bl2u_setup.c adfcc84bd8ad9fae1bdcd665a19440e5ab1c98f5 - arm-trusted-firmware.t234/plat/arm/common/plat_arm_sip_svc.c f2f3b9e0893c37d6ecae1332b3df925e9ab4d30f - arm-trusted-firmware.t234/plat/arm/common/arm_console.c 53d385569ada7ff06030853184930078d8a2e4d8 - arm-trusted-firmware.t234/plat/arm/common/arm_cci.c 1393b5f319d3543f91e805b03796d51c174b5aaa - arm-trusted-firmware.t234/plat/arm/common/plat_arm_psa_mbedtls_config.h 842368bd1a44c1ece633a1254dc3cdaa4983c6ae - arm-trusted-firmware.t234/plat/arm/common/arm_topology.c a4601d47fff1bcbd67d6bc5e129818249985a306 - arm-trusted-firmware.t234/plat/arm/common/arm_bl2_el3_setup.c 0ba5633b7ee65a26daba781e30eed64d4238eca8 - arm-trusted-firmware.t234/plat/arm/common/arm_bl1_setup.c a9b2979953ad3e756072669ad95a76af666acde9 - arm-trusted-firmware.t234/plat/arm/common/arm_bl2_setup.c fde62327d83289a093f9126cd1fbd07a704e63b2 - arm-trusted-firmware.t234/plat/arm/common/arm_err.c 667de698f76e8d0b6d6f1b85f8012f3bed27e925 - arm-trusted-firmware.t234/plat/arm/common/arm_ccn.c 5aaf7c7a3e2a32f4ad19ecc91f3ea47adf574963 - arm-trusted-firmware.t234/plat/arm/common/arm_common.c f16aaa79788173495f036dde4e976ca7d3d380d5 - arm-trusted-firmware.t234/plat/arm/common/plat_arm_mbedtls_config.h 9b812991736d46b06d462799a31eb49ffae96260 - arm-trusted-firmware.t234/plat/arm/common/arm_gicv2.c 056e535b44d9a1dd55f6379e7cf5baa3c4388f2b - arm-trusted-firmware.t234/plat/arm/common/arm_ni.c 94f57b42c5609f487f9e4375410d8dffa9518456 - arm-trusted-firmware.t234/plat/arm/common/arm_dyn_cfg_helpers.c b32ea063a86c3eeb95f7e27250ddd711279f78a0 - arm-trusted-firmware.t234/plat/arm/common/arm_sip_svc.c 5f8fb896e304dbb204531641566de21b2e53a426 - arm-trusted-firmware.t234/plat/arm/common/arm_tzc400.c 63de1e2abaa4387cd08adc8593c679c474e72bcf - arm-trusted-firmware.t234/plat/arm/common/arm_bl31_setup.c c3c969f538ef3f3853d867a2c9c020723e5adc66 - arm-trusted-firmware.t234/plat/arm/common/arm_tzc_dmc500.c 48d31c8dd8f1e6886a25987315a8b1ad7afce283 - arm-trusted-firmware.t234/plat/arm/common/arm_gicv3.c abdb20c16e5bae6df0e447b4a356eb5b9ed3eda0 - arm-trusted-firmware.t234/plat/arm/common/arm_bl1_fwu.c c90b7f20ee31cdce57be9e4d5faac201950130f2 - arm-trusted-firmware.t234/plat/arm/common/arm_io_storage.c 16c1174c0de094df0fe6de4c51f30ab149b286ed - arm-trusted-firmware.t234/plat/arm/common/arm_pm.c c8570cb5a21b73e2eaace2d3c46c3bc1d40f888e - arm-trusted-firmware.t234/plat/arm/common/fconf/arm_fconf_io.c 361186531a919bdc7825945fec639bf0db44800f - arm-trusted-firmware.t234/plat/arm/common/fconf/fconf_nv_cntr_getter.c ac62b3ab6e132e1747dbd2ffd6f40a72b4270235 - arm-trusted-firmware.t234/plat/arm/common/fconf/fconf_sec_intr_config.c c46f281d3ce64ebf0bb688c9cdcfe4585c3a6dbe - arm-trusted-firmware.t234/plat/arm/common/fconf/fconf_ethosn_getter.c 310f5212c93492a9ca17bbf110947773178b8581 - arm-trusted-firmware.t234/plat/arm/common/fconf/arm_fconf_sp.c dce55e77a6a4b9da7a42be37f5bba717d0c353e0 - arm-trusted-firmware.t234/plat/arm/common/fconf/fconf_sdei_getter.c a6b8e0383455c200650248d8c5e139a1777f0de2 - arm-trusted-firmware.t234/plat/arm/common/tsp/arm_tsp_setup.c f103981566e73c2dc3f637dc95cbc407e347fe2d - arm-trusted-firmware.t234/plat/arm/common/sp_min/arm_sp_min_setup.c e2af2aba9ebd2c15f77983971f68c3813078e195 - arm-trusted-firmware.t234/plat/arm/common/aarch64/arm_helpers.S f11f87dd8e83dda1998c40b344a600b335b14543 - arm-trusted-firmware.t234/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c 1177013eddcf476b6a6d1f3367ae319363663450 - arm-trusted-firmware.t234/plat/arm/common/aarch64/arm_pauth.c a60fe2bc76c9c5a5a3a4e04918884fd7983a6c8e - arm-trusted-firmware.t234/plat/arm/common/aarch64/execution_state_switch.c 67dd9243850252949cc95efb3408af47a1791ba0 - arm-trusted-firmware.t234/plat/arm/common/aarch64/arm_sdei.c 8c6171b381cfc6eca906ce2f7e2e6658895380ca - arm-trusted-firmware.t234/plat/arm/common/aarch32/arm_helpers.S 2147b3c541e549d0bc01f00aed57c924d90d6003 - arm-trusted-firmware.t234/plat/arm/common/aarch32/arm_bl2_mem_params_desc.c 84e0ca77e294f11654f20b287fb541b2287bdb4a - arm-trusted-firmware.t234/plat/arm/common/trp/arm_trp_setup.c 5562bd387d6506e0db4a62fe23b24cd1c5046754 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_stack_protector.c 151a77208d20281181da91b2119b75c4de526102 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c 1e7fe4ccc25d366dfe5f6a14851dab68001bdb13 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_topology.c c31d926d306ddef7f77235e1b4e46b86660dca2e - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_helpers.S b8986dac246e932ea1ba7ee38e8e8ede263e1b24 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c fbb932100f4228bb8fe153a58d84898837188f8b - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_err.c 9f0cc46bc47b39bf5ef4354b925680e7a3b6d55f - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_plat.c f5cf856183484e5aa80eb7575ef916bd59e8b801 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_bl31_setup.c 205b4ca0cb05e33669284a62b9c25f52ece1b8e9 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_pm.c b9f80852b169e9c137876fadebe0782792162fe4 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/corstone1000_security.c 16e3686521725b2e8cf355c2d990811fc260a02c - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts a51899dda2820f571a0f0210e0ca82ad8e6a8ac7 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/common/include/platform_def.h 70913ecf05a6e846d99d63213b643de746a371e8 - arm-trusted-firmware.t234/plat/arm/board/corstone1000/include/plat_macros.S d115cd145587e366c9c6d02d47cc7ea610f7791f - arm-trusted-firmware.t234/plat/arm/board/morello/morello_security.c 846d7f92ffe6c368d0d0b85ffa36409b0dd04caf - arm-trusted-firmware.t234/plat/arm/board/morello/morello_trusted_boot.c 3fcdf0172f72867955ed0a4642a76273495b9e0e - arm-trusted-firmware.t234/plat/arm/board/morello/morello_def.h b33c4793c6b90b79c1ab036206dc1490ab62397d - arm-trusted-firmware.t234/plat/arm/board/morello/morello_pm.c 62d9b510aead8dcbacf77dd79db42a1476042efe - arm-trusted-firmware.t234/plat/arm/board/morello/morello_plat.c c855687b5adb537f1a56e37496a708864bd72650 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_bl1_setup.c 021dca0ec2928f72c45e98a602338d8a2bb08cc2 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_err.c 4f36abd47ee21300743bf884228af4062ead9ca9 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_private.h 5457ec463cc8a966e6b179d42b57efbe3129da4b - arm-trusted-firmware.t234/plat/arm/board/morello/morello_bl2_setup.c 828d3802a958b2c62db6a6f9ac029d237dfb39f8 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_image_load.c 0105670429d8a205bc698cf69de09044501a55a1 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_topology.c 42659a5e25bf580b3f178c1c4fe693c1ff420253 - arm-trusted-firmware.t234/plat/arm/board/morello/morello_bl31_setup.c 59b5177c9b302f117bea58642d758d747224eaed - arm-trusted-firmware.t234/plat/arm/board/morello/morello_interconnect.c dc1fea308c9ff63b2d391c035a136843525821d5 - arm-trusted-firmware.t234/plat/arm/board/morello/fdts/morello_fw_config.dts 633df151e127cb07991e6c151374adac1ab4e203 - arm-trusted-firmware.t234/plat/arm/board/morello/fdts/morello_nt_fw_config.dts a95b1476c52a6213400f2402811d15e5d82d7d83 - arm-trusted-firmware.t234/plat/arm/board/morello/fdts/morello_tb_fw_config.dts 5361abb465b0253014c38facafec374dd284699a - arm-trusted-firmware.t234/plat/arm/board/morello/include/plat_macros.S cc684c89885c0f75997f4934fc04e8171c8be3e1 - arm-trusted-firmware.t234/plat/arm/board/morello/include/platform_def.h 1c3ff5d4d35a2aa211380dea2b252236f3dae0b1 - arm-trusted-firmware.t234/plat/arm/board/morello/aarch64/morello_helper.S 8908fa02b1140f0d45e9bdcc3d5552190eb3af41 - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_security.c ed51f976efc9644368dd64840ed3d158c086650e - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_stack_protector.c 3d1a55d785180dd11beb8473207268d04543695a - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_helpers.S 5f0ac09b373c85fd1d635fb4f06ea45011389b19 - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_topology.c df9742f665da99900fe4a3fdc0b6fbcc02209a0f - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_pm.c 9351efb35af5c14748c7b05d814c8176be5b8716 - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/corstone700_plat.c 3c1fd619c9a1da90f7af84b9c6e1b8eceb5e7a20 - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/include/platform_def.h c7a771e05849f4d7b946b8b3c32ba774fbff39dd - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.c a3a970e3ac6e7d75b9c190fb16599a2ab423f3db - arm-trusted-firmware.t234/plat/arm/board/corstone700/common/drivers/mhu/corstone700_mhu.h d2cf1d7868d3a048734caa91b018fb43f56c36dd - arm-trusted-firmware.t234/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c b778372c894148d33d27db1b0b22116868317d32 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_plat2.c e8282a093ef65c96e3efdd2a39cddfd286a52d00 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_plat3.c fbe31a56db747d6aa83da511529446226a4eb4f6 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_bl1_setup.c c09bbae5d621234264b9293e43dd735fcf845218 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_interconnect.c ec6079ff170e795c6d6a8582b85e3d5bbfd538b6 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_topology.c f1befa10c6fbf59721f3ffba385d606c03bb4a45 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_plat1.c 812f89cfead223183acb747f2f15e4b97cbc17ba - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_image_load.c c8662f02946b7172675d9ec85a5604c71c89b030 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/nrd_bl31_setup.c 26408b43b04d8cc97360ceed6071e260a87fb317 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/arch/aarch64/nrd_helper.S 4fd5fdfb9e3fb2e03cdbeb9d862b07eff3611726 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd_plat.h 23773a3abfb7dfdccd92c4b90c705782ff4cbf87 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/plat_macros.S 0f8a04985ab3425f92865148d4c4858add74aadc - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd_variant.h 94083014415642b2915add78118ecbae45d0af7a - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd_dmc620_tzc_regions.h 9527d4ae5a828c198272d1fc41bf8d3c3c117ed7 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd_sdei.h fceb82d9968fadd2629d420d2ac329520f35d69a - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd_ras.h 1a9565a8c5c1a0984e3c1ac833b63ff00b6a0f99 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_def1.h 88ed3cdb112b7de236bab48a3336893cebe7c19c - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_ros_fw_def1.h 8734c98f3a3ca423045b55a9151ebb72f292065f - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_def1.h f736f3f8b2474f8917a7d921687bd1e68db30b15 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_css_fw_def1.h 98a5fbb96b825c2d0784250e6c5898c5565a3508 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd1/nrd_plat_arm_def1.h 2b8a14266b215e8500c8ebcd11083ab100b2ac13 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd2/nrd_ros_fw_def2.h 131f69d567a1fd1fb70d8ded011d6862d21ec3fa - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd2/nrd_css_def2.h fbab619cb6f390cc8acddfee0a713c6592ca8d74 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd2/nrd_plat_arm_def2.h e7f86574297c19a977bce4534e53eb0f8fd7357a - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd2/nrd_css_fw_def2.h 2971ac274effa51d03ea89ffb49bd0a767b44576 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd2/nrd_ros_def2.h c091463ca1e8bd081e4a5c3a17c29d61dbd2c15f - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_css_def3.h 81baaae9312c41d3005712c868f511fa042e1731 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_plat_arm_def3.h bb4cb09640b54037f02cab9cd9ce6e7ab4438b06 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_ros_fw_def3.h 53fc6aa7c2945399e03789a441479797aba72000 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_css_fw_def3.h c931e67dda69964bfe3c6299527c5a62ee8e6458 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_ros_def3.h 8d9825c7e23ce8ef5e4fa4cca7b9fc227783a1e2 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/include/nrd3/nrd_pas_def3.h 3f6b7ff80db64736174b438dfe6c170e09adb050 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/ras/nrd_ras_sram.c d2e517a35469f61bd7deaa5fc56a18b56562dc98 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/ras/nrd_ras_cpu.c b9442e4a56b0f18d8a60f34623f2333a1a8db37c - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/common/ras/nrd_ras_common.c a65b9a275a0dae548ed35a0f3b55acaa27255501 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_plat.c 6a2b5cdb19a83e82f71a5025a3e2214bbf609e95 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_trusted_boot.c 5858c3b1d4b21d4ca84fbb6763820f4d3afdf79c - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_err.c f5c7185914cb858d2076adca1ae93c0f1cf61a23 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_ras.c 907835594713eea33682fdffd88e632e5721f9f9 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_security.c b624f43826591988b650f0f9d787a23892270ba8 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/rdn2_topology.c 077866bbea9900cafe83ec0e3c96e5c0284df074 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/fdts/rdn2_stmm_sel0_manifest.dts 3b7c8e98f1d573f51f2d9701e383dfe6493e56af - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/fdts/rdn2_nt_fw_config.dts 0d43a64df16e1cd2b98d48e1a1d31b1bd4b59564 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/fdts/rdn2_tb_fw_config.dts 9453a3e5b2340c446a77eca620ce3873c4121c56 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/fdts/rdn2_fw_config.dts c35566aa8533bef9d01d1b9d4ddb676323929eb7 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/include/rdn2_ras.h b67141de571ca48346ceea94685e907a396e13d9 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn2/include/platform_def.h 6a2b5cdb19a83e82f71a5025a3e2214bbf609e95 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_trusted_boot.c 6034cf405e8d40ea338c6b5172ea229b46b44576 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_err.c 3c8ff65a0313624c20411817451e410417e8f777 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_security.c 2e5cd73795082b1002993679b6956fb733e9bcba - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_topology.c c89bb9108eafcda12d2d30442653f581b323c69b - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/rdv1mc_plat.c f9e935cb9812b5725c10b475ac5726697f54e9b1 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_nt_fw_config.dts 0d43a64df16e1cd2b98d48e1a1d31b1bd4b59564 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_tb_fw_config.dts d6bdd8815cd24802d7e1e7ed58eb7856206f1a09 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/fdts/rdv1mc_fw_config.dts 56944f2721bc3a91524137653594f4d94b111df2 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1mc/include/platform_def.h 71e8586103fba3d42cfcedf2d73fbb3159e644c6 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_topology.c 37ed8904207b830aa41768911cb375be7a80c255 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_err.c 469fb01244193b10029f4f3a0f9cd74392ecb4c6 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_plat.c c1e621e5e37b4ee147fc5aa947bb35c129ba4379 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_security.c 6a2b5cdb19a83e82f71a5025a3e2214bbf609e95 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/rdn1edge_trusted_boot.c 5b0f45b21735c43c8957e2a335abfd5117d89164 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_fw_config.dts da5aac82c5ab2281c1141e95cb9b38a41fc5f3bf - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_tb_fw_config.dts 09260355a3e8b0f8bbed29d98c59c79413da69e5 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/fdts/rdn1edge_nt_fw_config.dts 0163f0fae9144ca2b611776569482f6571863d9b - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdn1edge/include/platform_def.h ed9e0a089ee0f21790dd758e8e4c151b2f68f383 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_security.c 6a2b5cdb19a83e82f71a5025a3e2214bbf609e95 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_trusted_boot.c 85a17a0819179aeb4591efe6975f9f48ff34ab99 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_topology.c 6e722b7ead7c5313ce09cb810102003a31b382dd - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_err.c 84f5fd250c0d30d34a514089a29b1ed4f94d86c5 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/sgi575_plat.c d6987099c760212bc826a809b4d53e21dd9ebd84 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_nt_fw_config.dts 0d43a64df16e1cd2b98d48e1a1d31b1bd4b59564 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_tb_fw_config.dts 6a79ec9acea716907d56f80b0007a61a9362b1a8 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/fdts/sgi575_fw_config.dts 7c431efb22832ced28c05c6c5dd1271fe202a036 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/sgi575/include/platform_def.h fec600dc31ef070dfc64e767ea96ba49fb5deeb6 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_bl2_measured_boot.c 22181a190db64469b82ebe5a399eaa836475d5b8 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_err.c 17f22a5c0108a3a5e8a92d1c6ec623dc7ca376f5 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_trusted_boot.c d2cd1188e9ca5ca2ea8e0f1344b16b6f8f61adf0 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common_measured_boot.c 3e278ea611eac17a4e533f6bb28a719defb64714 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_plat_attest_token.c 6bfdb3a884ba427562c72062ce73bbe2ad450320 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_bl1_measured_boot.c 7991ce13ba981261d047ef803a8025056a6199c7 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_mhuv3.c 974fc5a27148b7af1ece42b6f6e279b8c99180ab - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_topology.c 0f3254c9ecf532c92ef631bca6e612320e130c4d - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_security.c afb3530ce3e09217a96e966d9cd837bb8730096b - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_bl31_setup.c b1dca155742c20c0db4e000bf513d9b831b7221e - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_bl2_setup.c 926c08a4b547762700023e447d7621b68ff13b4c - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_common.c d12570416eb6e6438d54e6c5ebad359849b48095 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/rdv3_realm_attest_key.c b240d839bca058635ac96814a23c5774c6ddc44d - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/fdts/rdv3_tb_fw_config.dts 8b74ab00f140b4a64246d56b03e5632c884a60e0 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/fdts/rdv3_fw_config.dts 85771f3b883a4fbd653735ac40abbb166c52b6a5 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/fdts/rdv3_nt_fw_config.dts 9cc87cc549a3f4979e9255040569fd3a4d5c1bb1 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/include/rdv3_rse_comms.h 8d417f6f631b1208cbb043fdd85ae47af7c88691 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/include/rdv3_mhuv3.h 264ef19045ae0502bfa3092aa6c7814d54c006ba - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv3/include/platform_def.h 72bc5d2d1b50d44b7c610a7425645c77f88d3727 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_plat.c 6a2b5cdb19a83e82f71a5025a3e2214bbf609e95 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_trusted_boot.c 69cc381044abd94ae54bf5209dcd18e6ae027873 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_security.c e9bd0bfeb33d58e9536f4018a953db456a39f8f9 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_topology.c bbde7d7daefde0af4404ab4432d79329baadf91c - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/rdv1_err.c 14738e4d3720835e9d1e885b89e12b6720ccb0e2 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_nt_fw_config.dts 0d43a64df16e1cd2b98d48e1a1d31b1bd4b59564 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_tb_fw_config.dts d6bdd8815cd24802d7e1e7ed58eb7856206f1a09 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/fdts/rdv1_fw_config.dts b2e1bf8f98129674552b01aaf6c5e1f677dd28d1 - arm-trusted-firmware.t234/plat/arm/board/neoverse_rd/platform/rdv1/include/platform_def.h c0478746f7abb1567136588aa75b9ec5142ebcea - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_bl1_setup.c 7d80d6700188f44364662e46113af9036afedcbc - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_topology.c 77da2e434230b1921a1c5b422e3c386fad0b1f1c - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_bl2_setup.c 05da4de5668520b3a0633f1d1c430ccb423a37af - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_plat.c eac5333643e2301e539caa3f51e1e49aad8420c2 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_image_load.c 7104250da7bca258ddb0bf081570d32f8900092b - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_interconnect.c 4b2fa306464372689007dbc453675d5ea6a5783d - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_def.h c12269118b21e6143b6706a81b90cf54740d000e - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_err.c 4497a7586471f072a94ff5a066931c86dcb6fd2d - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_security.c d6f16cc07cd579ab557c8f7f32e2066974b293f6 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_private.h 3647b36251a85e6126342ef6b3d68542eebbc2a1 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_bl31_setup.c b1dfaefa227716c170afec54c007df39ab1ed523 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_pm.c 31f172efc8e16bf86bc5a0266155410faa98e56d - arm-trusted-firmware.t234/plat/arm/board/n1sdp/n1sdp_trusted_boot.c 7f1a7e1c53ebc90c5254e41517a96e05072b6af6 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/fdts/n1sdp_nt_fw_config.dts 85ebc38bf15e709a94617d0e22454746189c93a0 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/fdts/n1sdp_optee_spmc_manifest.dts 138fe343329f375a545d7daa55144c70b2cbddb8 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/fdts/n1sdp_tb_fw_config.dts 9da6c3964d40da13feef13c16d595d7266ce7e68 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/fdts/n1sdp_fw_config.dts b45c063aa1fdf9280c52020500ae6e83d71244c5 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/include/plat_macros.S 7c4ff43b991aa5590995c5dc201a454a41cfcec7 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/include/platform_def.h 4b16feb977654bc82a89a104dc5b31b167bf17d1 - arm-trusted-firmware.t234/plat/arm/board/n1sdp/aarch64/n1sdp_helper.S 0b886935846ab1d278829932851b6cc492f106cc - arm-trusted-firmware.t234/plat/arm/board/juno/juno_bl31_setup.c 0ff3d7a6c51d9752cc2a86bb19e800a94245eea2 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_stack_protector.c f1262524f15f6487ec46be099eb8378e4a784b4b - arm-trusted-firmware.t234/plat/arm/board/juno/juno_ethosn_tzmp1_def.h 3fcd19e6a323337c4af4cde99dc166550c4c6eba - arm-trusted-firmware.t234/plat/arm/board/juno/jmptbl.i 23da338614af139216ee02d8c2b7aa2bed62f568 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_tbbr_cot_bl2.c 5e874e21c2f386e1ac9ef65367353ad8b0f9c0c3 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_security.c 6cea3743018f1d02cac51c8d78a92561ea46ce14 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_bl2_setup.c 20034278cf98a4d6c7316c2f6dc4e5f3ec002f16 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_trusted_boot.c 5c5694761df0047dcd77db1778fb36c97281aec4 - arm-trusted-firmware.t234/plat/arm/board/juno/plat_def_uuid_config.c 8a5716ff7852804effaf5810a335e69d3a788a50 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_trng.c ebbb9c3ccbc5ea001a213d0ba5a9b7744bd561dc - arm-trusted-firmware.t234/plat/arm/board/juno/juno_tzmp1_def.h 9d0a0cbecb6a779f36773466853583a46ea3d135 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_common.c bef868e2dcb239da5ba7d1787c2f790e1f31d33a - arm-trusted-firmware.t234/plat/arm/board/juno/juno_err.c 17d854b860806d6ad8af6ee63952524a3bcbd9e9 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_pm.c 83d4938b8cf97604e7eac4f77fe9cc0e67ef9744 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_topology.c 656e679faf449c50d26530c361cd799196f6dbfe - arm-trusted-firmware.t234/plat/arm/board/juno/juno_bl1_setup.c 53c5a79a63bf1f5551016da97e29bf8702e32ad3 - arm-trusted-firmware.t234/plat/arm/board/juno/juno_def.h cb0f56480317a5630d523bfd3cc5551129f423d5 - arm-trusted-firmware.t234/plat/arm/board/juno/fip/plat_def_fip_uuid.h 2db54272dec2f0dbc6616ab391f6887847627296 - arm-trusted-firmware.t234/plat/arm/board/juno/fdts/juno_fw_config.dts 4798fcb09c714691791fc766d27d21f097c26204 - arm-trusted-firmware.t234/plat/arm/board/juno/fdts/juno_tb_fw_config.dts 53f8c45c8436fb9bb4378cd8782a0b7d8037e5d2 - arm-trusted-firmware.t234/plat/arm/board/juno/include/plat_macros.S c2cd21954b1b353afb4c886a9a781feb91e4587b - arm-trusted-firmware.t234/plat/arm/board/juno/include/platform_def.h 4c30f5608277e45227efb0b4805d893ced845da7 - arm-trusted-firmware.t234/plat/arm/board/juno/include/plat_tbbr_img_def.h 4780ddabb988fa673f07503011a00242d2ea9faa - arm-trusted-firmware.t234/plat/arm/board/juno/aarch64/juno_helpers.S 319dfb0515299119770970eb5953825ab7abd95c - arm-trusted-firmware.t234/plat/arm/board/juno/aarch32/juno_helpers.S 3e7ffd12968cb0decf56863e52d66472f3184fa1 - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/include/juno_tbb_key.h 390f8dfb0b214a486db324fcd319f30389e6b474 - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/include/juno_tbb_ext.h a0c8a50740fbdb6079df1a7c71fdd4d24def4392 - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/include/platform_oid.h 0abfb116873c78fc6ab86db498571502b0aebb42 - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/include/juno_tbb_cert.h c13be3d7530617faac238dc0e5eb066cc7eef01e - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/src/juno_tbb_ext.c df9bd9cb70850644227cd6a033f68c2480337cdf - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/src/juno_tbb_cert.c a71bf3d08ddab262f53fd41a98baa835ffa168a3 - arm-trusted-firmware.t234/plat/arm/board/juno/certificate/src/juno_tbb_key.c 86c2465abfadc0a5dfe9b561b0f5675db8fee013 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_stack_protector.c 0483d2dc6e0ad4e862380a7eda2af77638689551 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_el3_spmc_logical_sp.c 4f4a16c38d5657077db5656ce10b9eb5e677fed1 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_el3_token_sign.c 39f7e9928719ef3a033225617690172331a84c47 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_realm_attest_key.c 4aaf755d9c75e376f13da72aacf8895bacf228c9 - arm-trusted-firmware.t234/plat/arm/board/fvp/jmptbl.i 303747021964dffaf88cf06097a39eff5393722c - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_spmd.c 0c9d3267229403366a43f37306593c660c95628b - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_drtm_measurement.c 82ed42473643f46d039c3fed625bfc4c52a73ea9 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_drtm_addr.c 18f3aa0aff6bb4d6f611db9497d43afc72362199 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_sync_traps.c 31b4f3683dc81479b66220b687084c8b6e336c6c - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_pm.c 62e214ea809f0f6c8074d86d3bb07e98705aa2e0 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_el3_spmc.c 20e8179e5c61147fc2d627dbb503babac430603c - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_def.h 94d78edbb8ad62b70bf268d61b47d5711d4c7eca - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_cpu_pwr.c 3a2a8a3ccb8fe94b707bcaa818e8d9d56c18ea17 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl31_setup.c 5e316e7aff707351abdd130d85610317b23b3078 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl2_setup.c 0cd688de833f2a18c6d772bd627a60f6ada7351b - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_drtm_stub.c c3b37e78d800d72c84dbc47eb390c922660d1a15 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_trusted_boot.c bdecc785eec7da69776ea2524aa2300f00368c43 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_console.c 39a17d4b7f2ec599676cd537f36657273bf30b51 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_spmd_logical_sp.c 79412e695ecbb03e3a0547e5f21f2bd1e40eb3a9 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_drtm_dma_prot.c 08b0026f4dffa89a42ad4c11149acce9a60fa627 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_err.c b65762bd82129d797940515888cfc6de830bb33f - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_topology.c bb86f05382c2d063a28dd70eb5c5b0786b9ccc32 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl1_measured_boot.c 2394ce186fe1fd2d76b8a728058bf8c779d8495e - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_drtm_err.c fa75b4ccee6e6d8604b819da30a1ed892db70b15 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl1_setup.c 31adcc52d1bea363033663d8e1d60e1df03634ee - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl2_measured_boot.c 87220bf30d58a155c2f10f38418d094db212e5b6 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_private.h 325c5839cfe769d385c5a20e72339e525395a5a8 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_common_measured_boot.c 1570105ddfc280d36e64641b556bc2da9a0529dc - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_security.c eeea1969158f809248eeb796fdc5e344e554da46 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_plat_attest_token.c df0b10a5b65cf57a485f5eb846e0cfa7e64c429b - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_io_storage.c 71418933f8bb76fa971723d4cb9bc6748a009f33 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl2_el3_setup.c fe8cc2e85b4f542f5e3598a28a47287a535b24fc - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_gicv3.c 7a6cbb60ac17407e2d79e35e3ff3d0b5b366e6c7 - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_common.c 1924351967826f1ad9898254b30419ba2e7fb9cc - arm-trusted-firmware.t234/plat/arm/board/fvp/fvp_bl2u_setup.c 83e404fdd5bc4dda0b68b92d365d6e9b047f13d3 - arm-trusted-firmware.t234/plat/arm/board/fvp/fconf/fconf_nt_config_getter.c bff16503222a684a26cee97879fc37988a41bc21 - arm-trusted-firmware.t234/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c 5601a00daf6c8ba481f1addc03652d97efe84a3c - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_soc_fw_config.dts da7526b502763a9c480620f32c08e79674d7fd3d - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts 56e13f4a58600986e9375220ad5ff2f9c55cb305 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_tsp_sp_manifest.dts 3d7eea8f5e5c69137dda93073be576a80e06f69e - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts 33a1a8c0c5e1f8f806d0dbe69adab509f55301be - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_nt_fw_config.dts ea917767ab3297dbc74f85d6ff5f13724e18ab13 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/event_log.dtsi 6552b6b80dd4294a72b50893280cd319da4efaf4 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/optee_sp_manifest.dts 70c565ab0800d48ba7fa03bf70d3746f68e7f9d7 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_fw_config.dts d6bbf0496f344ed38af40adfa4e2db6b5dfe1599 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_cot_desc.dtsi 8d52ce99d3bf6ff177d948115bb9c64ef3020005 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_spmc_el1_optee_manifest.dts 5da0f5aa42383aeccff9c7a0515482c17e94c231 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_cactus_sp_manifest.dts 26761d08528feec31bb15a854b65dd46629135fe - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_tsp_fw_config.dts b3f3f980dd248aedd952dd1f1ff99c1069a5fe45 - arm-trusted-firmware.t234/plat/arm/board/fvp/fdts/fvp_spmc_optee_sp_manifest.dts b59b8589b390aaea5c26a9621713fe3d78e47e8b - arm-trusted-firmware.t234/plat/arm/board/fvp/tsp/fvp_tsp_setup.c aed581dcf8acf86f277ecf028cc1eec4f0c081fc - arm-trusted-firmware.t234/plat/arm/board/fvp/include/plat_macros.S aaff5cd1241ce58ab9627da89fb4860390a0864b - arm-trusted-firmware.t234/plat/arm/board/fvp/include/fconf_nt_config_getter.h 32e2ce8864238d47ba94b2bf573bf381d44dceaf - arm-trusted-firmware.t234/plat/arm/board/fvp/include/plat.ld.S 78cc8febd5375e0b115cbab331fc46e6d3e9707c - arm-trusted-firmware.t234/plat/arm/board/fvp/include/fconf_hw_config_getter.h 71ef78ba177f4bdbb4f5d4b357ed4933c1131665 - arm-trusted-firmware.t234/plat/arm/board/fvp/include/fvp_pas_def.h c6b81accb44678a523485111e3a272cfda2337aa - arm-trusted-firmware.t234/plat/arm/board/fvp/include/fvp_critical_data.h 98dc98a2d888d537d09ea6468dedc1dd65b04816 - arm-trusted-firmware.t234/plat/arm/board/fvp/include/platform_def.h ff89429423ddd29d078bf2834e6cf5173a7d9ce2 - arm-trusted-firmware.t234/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c 850f319080c25c951b1808671bf323171caad343 - arm-trusted-firmware.t234/plat/arm/board/fvp/aarch64/fvp_lsp_ras_sp.c 5e28ec840c73ad9cecda010aeb303a375ef28cdd - arm-trusted-firmware.t234/plat/arm/board/fvp/aarch64/fvp_ras.c aa04a8001d20b378e4208a33c227dc7f55bbe9c8 - arm-trusted-firmware.t234/plat/arm/board/fvp/aarch64/fvp_ea.c 5890345828c7c352458654bb1d06a86a53540608 - arm-trusted-firmware.t234/plat/arm/board/fvp/aarch64/fvp_helpers.S 2c7ccf1e47b4fdac9dc7745e506f4194cce2e498 - arm-trusted-firmware.t234/plat/arm/board/fvp/aarch32/fvp_helpers.S 36df94db88792c53f69d0cce19aec34b0d428574 - arm-trusted-firmware.t234/plat/arm/board/common/board_arm_trusted_boot.c aa5febfe9cf8a923785e2509c54c7e03032167e7 - arm-trusted-firmware.t234/plat/arm/board/common/protpk/README cdb90754cb9118d6571aad9c3846b2c410f708d1 - arm-trusted-firmware.t234/plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin a819075a49fd85dede74b56ddededf2f4c046f07 - arm-trusted-firmware.t234/plat/arm/board/common/protpk/arm_protprivk_rsa.pem ce90ae54534188e8ed455e84da4ee7656807dc45 - arm-trusted-firmware.t234/plat/arm/board/common/protpk/arm_dev_protpk.S 885dbc360b97a82697b2978ae8f5665ba4878080 - arm-trusted-firmware.t234/plat/arm/board/common/aarch64/board_arm_helpers.S d7941a7e9ec8fa11c4dd7580b57e1543e335d61b - arm-trusted-firmware.t234/plat/arm/board/common/aarch32/board_arm_helpers.S f06e3bb0c501f8c6d86fc8db78e724dcf47cb291 - arm-trusted-firmware.t234/plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin 4907b4eaa1230000b1db585d555d4fd41be655b8 - arm-trusted-firmware.t234/plat/arm/board/common/swd_rotpk/README 80a8b20bcc3bcbf794bc78499c52841c807ec68e - arm-trusted-firmware.t234/plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S ee231e4311e32bd023dc5df9d23a580c2109fe2a - arm-trusted-firmware.t234/plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem d6ffc0fc474dad94572c075f7a2dbb8082d08b65 - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_dev_rotpk.S f63762c7a16038a4bc3a046a89d815cf9ae9089b - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem 99b2edcf01ed68e8e25f2687d31ef61f0531f26f - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotpk_rsa.der 60db5d9f76508b35a789efa0edf63a8782f5a6be - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa_secp384r1.pem b48500f3591ea941f29e3cb482855cd947d886c3 - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin 64194de14ee2424df1ca72d388c407f3d0c16184 - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem 65b5c19f15afef0d96b3a49f44a453ebd52fbd2f - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_full_dev_ecdsa_p256_rotpk.S e11a9c704f8c2cf0d3b86ac54a4e2ae42b67ebe0 - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_full_dev_ecdsa_p384_rotpk.S 2b0cf90adf32af769b93e85764f195737286be65 - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin b22a3e04b7c492d96f48978250bd02b1de04304b - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der 318840e9e39b735d0a03b6fa028f56503324c71e - arm-trusted-firmware.t234/plat/arm/board/common/rotpk/arm_full_dev_rsa_rotpk.S bdf16498e248d1d87d012aca5001940fb8328395 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_private.h 1426cbeb378272a8b4f7940a9268f0473ace0b8e - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_bl31_setup.c 86553039cac69d2003776608e4a3172af5f6263d - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_console.c 1cfbd3237d5138875eda5a3f57ebd08f452c4992 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/kernel_trampoline.S 78391ad4c170cb70d2db6ad5639108f4f6020dc6 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/rom_trampoline.S 0ca4a4d2749cd227831e57d361b8c16ee0f3cf03 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_gicv3.c e756912d9ee2335ca7c0a9a465a677b0b5e7ab88 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/build_axf.ld.S 01fdf4e1212ed95e12e1fd795084ecd4f814234b - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_def.h 70fd1afdd7b31d55ddd95d7018ba66095315083e - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_topology.c 15269f87cab6dfa65ce9cbaacbb13ee9cf2af583 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/fpga_pm.c 87820ef2083d1576c3d29546b46fb922eafa3737 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/include/plat_macros.S 6631f2221faec011381242d2e2011d9eda3e9780 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/include/platform_def.h 205b5febc22c83179a2fc6c9005499ef61e8f347 - arm-trusted-firmware.t234/plat/arm/board/arm_fpga/aarch64/fpga_helpers.S db240cab0da9aaf6298ede4c8418abd28744a258 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_err.c deb3a6a31fba479e597c0ae722532692996e2372 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_common.c 1f85fcf3a3d2c0bd5a8c5e848a4841400b54f9fe - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_private.h 2ce9cd0a5ef399a537316089ff1451da165bdd42 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S b5fe2445bbd4cfd3d360d2d930d9358c4eed5555 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_trusted_boot.c 8d8dd00ae6bcd53c679985ba47d7d0badf2f3b13 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_bl1_main.c efd5139ee502cdc5570d9ec338ee84b3410067fd - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_misc_helpers.S 0fa67a9e3baade23364e588643149159b41d951b - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_debug.S e985480b9d1aa1426a500f3c4869a1f32bb8b422 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_io_storage.c 181e66fa9c41732917a323ee0fe465da3b5ce36d - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_stack_protector.c 61fa6bbfd2f41f1cc6fe1c4caacb1fa09461692c - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_helpers.S 5f78d5ae0c4547371279bfc19196f01fb454e3b6 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c cb1a2983e1ba147d7e3cce2b7b48cd124ba55bd7 - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b1777d180724d85711393cf136ad5b34e80ce86a - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_def.h b20640f66687a9edf5c361b2cf32bf1244777ecd - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_context_mgmt.c 860f2b3b1633322a3865add4e226f457c1a7237d - arm-trusted-firmware.t234/plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S 49311916a4aa02599dfdeaadee01b7c05290e2ad - arm-trusted-firmware.t234/plat/arm/board/fvp_r/include/platform_def.h e9c7e8c62f6a1ac8f4b8f79ebb080765f9244fbe - arm-trusted-firmware.t234/plat/arm/board/fvp_r/include/fvp_r_arch_helpers.h 25ba9f0211c95d3e0145319f7018f2e2f8d6986c - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_err.c 0a80985b93c74b085be72cc7509dd6a58ac862e7 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_plat.c 4c9ed8d9ae8838c524e2cca5da1525008143aefc - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_bl2_mem_params_desc.c 512907ac88f5504ffcd2a9ea58bc0da3cae848c3 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_bl31_setup.c cfa062aed72d140114c7250239d92462e5971fb2 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_topology.c 1a22099751ddad98166385238ee8a7b3717b5ba2 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/rd1ae_tbb.c e43960840363598452f217ae5ee0dfb00ee613fa - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/fdts/rd1ae_fw_config.dts 6e7076be6786a474a19e32b1d3925254ece636d7 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/include/plat_macros.S 3de330361b52d892fb57f977af63f5f6c52e527d - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/include/rd1ae_helpers.S 5a7431e547b27575f2c9ca5a43bd106fd4705ed6 - arm-trusted-firmware.t234/plat/arm/board/automotive_rd/platform/rd1ae/include/platform_def.h af1f8d5af2ee91ba0dd180c42a7b8f73b7543474 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_security.c 4a175994a02eeb79a8ccc76f0b3be5ac2d45771d - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_private.h a99732014092e8e5c9b31b1349968f2641b0e5d7 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c b370460e14d8e464d9f852b0e3f18cf2dca4950b - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_pm.c 87d9fc22d1228a7faf0c17443f9d5afd194e4334 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_err.c 6733f3383940d86208b8239c1d08d9221c2c2929 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_common.c a924444b8053fdd6d907961d26d25ef0d3a207f7 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_topology.c 32afe5c24a182a32be9485b319f3a3f97cf38387 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_def.h b0261bd454617bc33a79aa98dcfa987149992300 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fvp_ve_bl1_setup.c 996afef966d673534a7502180616ba362cdb0d9c - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fdts/fvp_ve_tb_fw_config.dts bf8e9350ca2a3873bc45ff3c2c1be85d795d0998 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/fdts/fvp_ve_fw_config.dts 4a689338afdb70548a3c2d1adce2b5c8c1083e5d - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/include/platform_def.h d56cac77b62eee0ed50166d2264e0a00c8fe4ffa - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c 2ff5ebca71b32318bae21e3dbb7699236b9cbe61 - arm-trusted-firmware.t234/plat/arm/board/fvp_ve/aarch32/fvp_ve_helpers.S 1f68f4b41cf660f6aecbd9c91cffd25b5da791a9 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_err.c ded1714043a17b1985c18754683ddcc8a2954d2a - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl2_setup.c 3e15f3b21c06622d38b81a2bdcf7f70618bf25cb - arm-trusted-firmware.t234/plat/arm/board/tc/rse_ap_tests.c 4a9977f4650713d7e5e1dd060919eef4e2b41575 - arm-trusted-firmware.t234/plat/arm/board/tc/nv_counter_test.c e359fea3cdefe52d1384eaf4e3657d1a8639ce5c - arm-trusted-firmware.t234/plat/arm/board/tc/tc_trusted_boot.c c672d7df274eb04d8ec2173d13faf7eae4d43b6f - arm-trusted-firmware.t234/plat/arm/board/tc/rse_ap_testsuites.c f82dd0efa2a9f783222b586215fb58731e3b399b - arm-trusted-firmware.t234/plat/arm/board/tc/tc_common_dpe.c c2687f232f3b2585a4f948e4eb4e3ec0c8f2c1e3 - arm-trusted-firmware.t234/plat/arm/board/tc/rse_ap_test_stubs.c 4335b9a6f68fb49824b223397621a29f3d1030c9 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_interconnect.c 42b101951225b0d35c6b2214f9a3a68c73c520f6 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_common_measured_boot.c 474af3b999f8d013e14e61f5b2f9fbff9dd683bd - arm-trusted-firmware.t234/plat/arm/board/tc/plat_def_fip_uuid.h 847258be73f3664fe204f1de5b67eed63d51c266 - arm-trusted-firmware.t234/plat/arm/board/tc/rse_ap_testsuites.h 6aa8db5533540584c49fc4d1520e379481435b9e - arm-trusted-firmware.t234/plat/arm/board/tc/tc_plat.c 922b31c094a63d7ca2eb2b9a02eeac641a6bb353 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl2_measured_boot.c 791e2890fddbdd08be418de13277351b090d9377 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_trng.c 6cfb066f671e1aa12c64d32c474eeaa09d014b5a - arm-trusted-firmware.t234/plat/arm/board/tc/rotpk_test.c 40403268ab8263e3afd3d7262a38f7daf74fe476 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_topology.c 08123869f38a7ae6d962ae0be1315d489519519b - arm-trusted-firmware.t234/plat/arm/board/tc/tc_security.c 3bac93c17f40c2084de7ec740cfac37d6c8636ab - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl1_dpe.c ee81ce7dd7cc96ad4ec5a53255675eea10318f4a - arm-trusted-firmware.t234/plat/arm/board/tc/tc_dpe.h c403ac36c965c740da1992396813a1f7c7b0d2a3 - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl1_measured_boot.c 9b7b44f85961656b1e758adb256d295a39c4caba - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl2_dpe.c 59115ded15758bd0601908b8d41951924d44825f - arm-trusted-firmware.t234/plat/arm/board/tc/region_defs.h 361cdd965c5abf16b124f6202f2360a838f62dba - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl31_setup.c e421e1e34ece54402f7c926ce59a67a47e5ca43d - arm-trusted-firmware.t234/plat/arm/board/tc/tc_bl1_setup.c e0927a291e8e36a0d86d78b96ad439f8145accf1 - arm-trusted-firmware.t234/plat/arm/board/tc/plat_tc_mbedtls_config.h ded9aa57ae68004e49074e6a736b7346108bd64f - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_spmc_trusty_sp_manifest.dts 90a2931998e1a80a48e64eb245f091e31e668ac4 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_tb_fw_config.dts f03091632b759364de438c9465e83b93dc39f13a - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_spmc_common_sp_manifest.dtsi 44863c9821a5a73ea2d85cca8409b8a48fcfee76 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_spmc_test_manifest.dts a005d03d14c3bfc030c6416a506c86e3c32d6a24 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts a93c661cc951b97f8a6b5f9db7839331a5e07666 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_nt_fw_config.dts 23e53e0acfd7d2f0301eeb7a3c9e13c3ac0b3c85 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_spmc_manifest.dtsi fa2a2d1fa31b5747a53ac23bf2035d1d99b07985 - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/dice_prot_env.dtsi 6acdee69fca2297a3c87c676731e567134c1772d - arm-trusted-firmware.t234/plat/arm/board/tc/fdts/tc_fw_config.dts 12e15891d91866e073604872dd843da7a55ab1ca - arm-trusted-firmware.t234/plat/arm/board/tc/include/plat_macros.S 628d4fd5778e585b5b621c3601d2246430aabb57 - arm-trusted-firmware.t234/plat/arm/board/tc/include/tc_plat.h 3bb5dd582d58a4fc65236b8dbd8605cd750b0538 - arm-trusted-firmware.t234/plat/arm/board/tc/include/tc_helpers.S 442586adbc51aefc5a407174827ee740f0737853 - arm-trusted-firmware.t234/plat/arm/board/tc/include/platform_def.h 79f104e1964a23fa6fbb4f5b022d1c9976292530 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_bl2_setup.c 007839db0f0e5c02b3362ce770b02771a47faa27 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_topology.c f2a71185ac9189cbe4310e27a7ead8d40c23c377 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_pm.c fabc6650d0d7860d4d615e5e997c72bed71aecb3 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_bl1_setup.c c6fdde231ff1fe0ddb8f585bd3fead2a7f2f0f46 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_security.c c8bea252a67bd4f3ad0910e3dadd0b76dc62c7f3 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_private.h be0cd4f5f48b5eb3a64885536643645036173809 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_common.c 7d714f8f2b3f7274c9d2e73eaa5d46215c7d3911 - arm-trusted-firmware.t234/plat/arm/board/a5ds/a5ds_err.c 996afef966d673534a7502180616ba362cdb0d9c - arm-trusted-firmware.t234/plat/arm/board/a5ds/fdts/a5ds_tb_fw_config.dts 45dcd41437294ea1036e66f7c4fa1c8561783de5 - arm-trusted-firmware.t234/plat/arm/board/a5ds/fdts/a5ds_fw_config.dts 48a904976f005ca8b1b9f0bf6a649dc088c22376 - arm-trusted-firmware.t234/plat/arm/board/a5ds/include/platform_def.h a8eb0724c2056ed80453ea31aa3ebc822e93ffa2 - arm-trusted-firmware.t234/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c 142d4bce7860550461e2498ba8c9f4ebb17d902d - arm-trusted-firmware.t234/plat/arm/board/a5ds/aarch32/a5ds_helpers.S 6d9bb8b050de6be018d5c09d8f2664c225d4bc84 - arm-trusted-firmware.t234/plat/arm/css/common/css_pm.c 75cc05419580aa9e613157ed0cacf5e0447c7d7b - arm-trusted-firmware.t234/plat/arm/css/common/css_bl2u_setup.c 3bc7caa521ce87bd672c20940f330d81613afdc1 - arm-trusted-firmware.t234/plat/arm/css/common/css_topology.c 1be9df9e373623ca11c2f078fb14545de995067b - arm-trusted-firmware.t234/plat/arm/css/common/css_bl2_setup.c f00b456e46701cc6a1e2b31fdd93091805ab0809 - arm-trusted-firmware.t234/plat/arm/css/common/css_bl1_setup.c 3ddcf64aa2f7a53edf4016ea4d4c636a371f4516 - arm-trusted-firmware.t234/plat/arm/css/common/aarch64/css_helpers.S 29476751ce928c5170b93c840f4fd925619fb9f9 - arm-trusted-firmware.t234/plat/arm/css/common/aarch32/css_helpers.S 08fffa1ca580eaca04a26cfc974edd901c2997b1 - arm-trusted-firmware.t234/plat/arm/soc/common/soc_css_security.c 26e28746dfd5ec513f63276a4d4a09739a15175a - arm-trusted-firmware.t234/plat/imx/imx8qx/imx8qx_bl31_setup.c b8a368d04709d67fe8a1298d78d6ee45a77d2eb1 - arm-trusted-firmware.t234/plat/imx/imx8qx/imx8qx_psci.c 439067e99cffee5d166721c43ffdb1b4f24b3302 - arm-trusted-firmware.t234/plat/imx/imx8qx/include/platform_def.h 06458d5a3b748df586e9ba2064614354842c162f - arm-trusted-firmware.t234/plat/imx/imx8qx/include/sec_rsrc.h b292b6626a835c341132f9619554b90157265113 - arm-trusted-firmware.t234/plat/imx/imx8qm/imx8qm_psci.c 4260edde76157c80fedaa1182012ff5b29241b92 - arm-trusted-firmware.t234/plat/imx/imx8qm/imx8qm_bl31_setup.c 1fdf9dd0a1e00cee360596ce35842f77598cbf1e - arm-trusted-firmware.t234/plat/imx/imx8qm/include/platform_def.h 6beb54a392291f2d54d207842b2620c7c344af8e - arm-trusted-firmware.t234/plat/imx/imx8qm/include/sec_rsrc.h e62b1b231464e7b85ff4aa5c3dd931106fe58146 - arm-trusted-firmware.t234/plat/imx/imx93/imx93_bl31_setup.c 3eb8afb9e770d1ab732c2856fdae97cd9223356e - arm-trusted-firmware.t234/plat/imx/imx93/trdc_config.h 22250c0cc8e0904ae9bd4b5543ca7569175e98a8 - arm-trusted-firmware.t234/plat/imx/imx93/plat_topology.c 09152739b158db04beab91522094b2a1369072eb - arm-trusted-firmware.t234/plat/imx/imx93/trdc.c 3494cad477e97160dd1bc478c8324f472b036f4c - arm-trusted-firmware.t234/plat/imx/imx93/pwr_ctrl.c 36880b370e4f08940c35307d0a052deb39f5ff77 - arm-trusted-firmware.t234/plat/imx/imx93/imx93_psci.c 265b7e1e83ad2bf6d727ad8293915e86c6bdbc77 - arm-trusted-firmware.t234/plat/imx/imx93/include/pwr_ctrl.h f8c81b541c5134a08b682c94d98173dd24bc39e4 - arm-trusted-firmware.t234/plat/imx/imx93/include/platform_def.h 48b66d7a63aa548b349aae6972d2934b40478d87 - arm-trusted-firmware.t234/plat/imx/imx93/aarch64/plat_helpers.S 1b219401b9b5eb5bd8c83fa92fc68c591d48a3da - arm-trusted-firmware.t234/plat/imx/common/imx_io_mux.c 1901b0c4a5e19926a9e1b5ae437ebbeb0dc0d181 - arm-trusted-firmware.t234/plat/imx/common/imx7_clock.c 95e713c93fecd4eac2264fc43eda645102c79e3d - arm-trusted-firmware.t234/plat/imx/common/imx_sip_svc.c c014188b6f4a48f9dc6d6fed678081f02f8d8e86 - arm-trusted-firmware.t234/plat/imx/common/plat_imx8_gic.c 20451ea874c502779179401751c4ec77f7a4a8dd - arm-trusted-firmware.t234/plat/imx/common/imx8_helpers.S 561b0822ac98206dceac588b536d745fc70829d9 - arm-trusted-firmware.t234/plat/imx/common/imx_ehf.c 5225b741c941cba9f489d347aae2707d99896d7d - arm-trusted-firmware.t234/plat/imx/common/imx_csu.c 2d79c0ce921843372c717f304c785a95565680ec - arm-trusted-firmware.t234/plat/imx/common/imx_sip_handler.c b26cdffd75a0ba04b4a312520443d0c77b388242 - arm-trusted-firmware.t234/plat/imx/common/imx8_topology.c e03b60801f58711597b0bb457ecf6e3e84c9f44e - arm-trusted-firmware.t234/plat/imx/common/imx8_psci.c ac923dd7af0d3485eceae86115ea73150575ac4f - arm-trusted-firmware.t234/plat/imx/common/imx_wdog.c fab7df73374331de5b74c4d2573449d998e0fd2d - arm-trusted-firmware.t234/plat/imx/common/lpuart_console.S ad339798ed1c81b2dfda72cc1cefaae7acb622d9 - arm-trusted-firmware.t234/plat/imx/common/imx_io_storage.c 03ff82e03dc9eb60e02c6e23f0c199fdd1753c9c - arm-trusted-firmware.t234/plat/imx/common/imx_aips.c e49a318f8631554d6c1d27de7ea47b8b5f9022a2 - arm-trusted-firmware.t234/plat/imx/common/imx_bl31_common.c e7ef15bdf83a7d4e3ca78dd0d0e9daf56414e55e - arm-trusted-firmware.t234/plat/imx/common/imx_caam.c 6ac985911e7e26d13c75d48a04457fbcb209b62f - arm-trusted-firmware.t234/plat/imx/common/imx_sdei.c f30799014ffd50a32b0d021473b50cf5c4a28634 - arm-trusted-firmware.t234/plat/imx/common/imx_clock.c c485fa1c8fb5290a318a18c2a2c9b7195f42992f - arm-trusted-firmware.t234/plat/imx/common/imx_common.c a27c7aec4da48958be7d34b37e751d070dc92b84 - arm-trusted-firmware.t234/plat/imx/common/imx_uart_console.S da4b81f475ec53f2578ba031cd1f30f759bc5dde - arm-trusted-firmware.t234/plat/imx/common/imx_snvs.c 8ae002187ace1e1358c7af1e06ef7957179939f5 - arm-trusted-firmware.t234/plat/imx/common/include/plat_macros.S 0b633d6b19c3fd7cb43c433d74b84ede423bab4f - arm-trusted-firmware.t234/plat/imx/common/include/imx_hab.h 492a603fb7aa764d055951b06223eaa893b0cfb3 - arm-trusted-firmware.t234/plat/imx/common/include/imx_plat_common.h 8830c18819f942388c5badcb2c19eaea2ae058dd - arm-trusted-firmware.t234/plat/imx/common/include/imx_caam.h 36d5f07566aad340b6ec06b01cfbe631023ca7f5 - arm-trusted-firmware.t234/plat/imx/common/include/imx_wdog.h bddfe7c6dc079e9f45c4a41601888d27f5d29c48 - arm-trusted-firmware.t234/plat/imx/common/include/imx_csu.h 6f89a14dc12ddacabad367a7e69d8bf469274ec4 - arm-trusted-firmware.t234/plat/imx/common/include/imx_uart.h a3a14f38cbc846da3bc2498cf8e07b62479aa62a - arm-trusted-firmware.t234/plat/imx/common/include/imx_snvs.h 24f8d34fd7865c2235d12e87791c7ae77d55d281 - arm-trusted-firmware.t234/plat/imx/common/include/imx_io_mux.h 2e84528c7d6b12beb2c64505a14d73bcfb03ef87 - arm-trusted-firmware.t234/plat/imx/common/include/imx_aips.h b9d688fac07189d434ac636324a632e9bf78825c - arm-trusted-firmware.t234/plat/imx/common/include/imx_clock.h a5fcaffa0e69f234b0620f32d3556bf79ace50f1 - arm-trusted-firmware.t234/plat/imx/common/include/imx8_iomux.h 55492f14ac0642f07fd2abd04fc77e5e7b654ce4 - arm-trusted-firmware.t234/plat/imx/common/include/imx_sip_svc.h 28b31b74552131c2ba5875fb7db44b22ca16b722 - arm-trusted-firmware.t234/plat/imx/common/include/imx8qx_pads.h 816bfc02478ff083b5f3557753a4d0d4f2f32c9e - arm-trusted-firmware.t234/plat/imx/common/include/imx8_lpuart.h 1d847530cd83143e4a50b94c5499ee8c11f9d3e1 - arm-trusted-firmware.t234/plat/imx/common/include/imx8qm_pads.h e1463841ff8d7abeb6f4c17312f37a2ffc275e94 - arm-trusted-firmware.t234/plat/imx/common/include/plat_common.h f5724b26de0d68b4b37e1d580c6e30842eacd6c0 - arm-trusted-firmware.t234/plat/imx/common/include/plat_imx8.h daeb14deb7c4f498330bb44186346cd1ac4eef92 - arm-trusted-firmware.t234/plat/imx/common/include/sci/sci_types.h 8a65436d5e0b335e9003a30f2da5f7892d23dc05 - arm-trusted-firmware.t234/plat/imx/common/include/sci/sci_scfw.h 19674e70669fa3f7fb7e509377e445f7fd4c7be4 - arm-trusted-firmware.t234/plat/imx/common/include/sci/sci.h cc9366b07e946d7946bdfeae628f8a6c7ac3bed3 - arm-trusted-firmware.t234/plat/imx/common/include/sci/sci_ipc.h 8bd35c7c47524960ce1f13734d78398d397d4960 - arm-trusted-firmware.t234/plat/imx/common/include/sci/sci_rpc.h ed161c9a5037eb029c085ce4a21dfb20428da668 - arm-trusted-firmware.t234/plat/imx/common/include/sci/svc/pm/sci_pm_api.h 70210ef96ff1f0ccd4e790bb79a148f1bf02efcc - arm-trusted-firmware.t234/plat/imx/common/include/sci/svc/rm/sci_rm_api.h 2507eeb7a0cd662322ea96553146f0f0dc8c6e45 - arm-trusted-firmware.t234/plat/imx/common/include/sci/svc/timer/sci_timer_api.h bcebceb005cf98eec862b3e3db457db6abd4baa9 - arm-trusted-firmware.t234/plat/imx/common/include/sci/svc/pad/sci_pad_api.h cf9e73e1a62f99ecb17abeeda5efbdad0f7b1c21 - arm-trusted-firmware.t234/plat/imx/common/include/sci/svc/misc/sci_misc_api.h 8c98c79db7801610b0bf01e1ea680ec8347be4f2 - arm-trusted-firmware.t234/plat/imx/common/sci/ipc.c f2ab11050d68bdc711e7c18f9437fba728ab77bb - arm-trusted-firmware.t234/plat/imx/common/sci/imx8_mu.h 985fca791927ad8088399ab8840bcbcfb8277a6e - arm-trusted-firmware.t234/plat/imx/common/sci/imx8_mu.c 39a01649e39d57948e7056d22a38804f99222129 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c 99d10095088dddbbe81826dbf7827bdc9c6bffb8 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/pm/sci_pm_rpc.h 4abd423f25894865e31a857db62939c27fccb014 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c 9162637c3ad8ef97f19a264c504c58d5886f9d7c - arm-trusted-firmware.t234/plat/imx/common/sci/svc/rm/sci_rm_rpc.h 3f381087336a847b53323f6828aa61478b46a2cc - arm-trusted-firmware.t234/plat/imx/common/sci/svc/timer/sci_timer_rpc.h 30cf1dfdd48ef57921bbd93789aaedbebd754c55 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/timer/timer_rpc_clnt.c 53b961e268ec00956cf3635d8561601e5c5bf70b - arm-trusted-firmware.t234/plat/imx/common/sci/svc/pad/sci_pad_rpc.h a593348ba8dcf5a3577bb48cd9d9ab7fe88c6df7 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/pad/pad_rpc_clnt.c 65f1e12aab1c7815ccb98973525d32d30e635a1d - arm-trusted-firmware.t234/plat/imx/common/sci/svc/misc/misc_rpc_clnt.c 1dc0e610322825b6f58ac08670b99a4598bc01f1 - arm-trusted-firmware.t234/plat/imx/common/sci/svc/misc/sci_misc_rpc.h b8c9420f8ba3e11022dea4bb5ce4c530711ec1bb - arm-trusted-firmware.t234/plat/imx/common/aarch32/imx_uart_console.S ca916a8168ea1d5e57e417fcc1d71635d7deee3f - arm-trusted-firmware.t234/plat/imx/imx8ulp/dram.c a60f22f6fe195ed7cc36ad95512aaf89fdee0504 - arm-trusted-firmware.t234/plat/imx/imx8ulp/imx8ulp_caam.c 444484e27766132079c20c0a82975a51a6fcdbb1 - arm-trusted-firmware.t234/plat/imx/imx8ulp/imx8ulp_psci.c b04f9003f182105ba81b8515daf820137b663f2b - arm-trusted-firmware.t234/plat/imx/imx8ulp/apd_context.c 8923f37b1d1b0d270e714bdf773ed3c3efae1016 - arm-trusted-firmware.t234/plat/imx/imx8ulp/imx8ulp_bl31_setup.c 0f73afe510eafefb2a0112a1cbdd182c14278241 - arm-trusted-firmware.t234/plat/imx/imx8ulp/xrdc/xrdc_config.h b5f967aa1278dec3458f28828ef7d7fb6db00820 - arm-trusted-firmware.t234/plat/imx/imx8ulp/xrdc/xrdc_core.c 9116f53bded4ce4154ee4dba8c61b3744ce47e3f - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/scmi_sensor.h eb8ccfa1f14470f2942fa955afc0c5de30c78362 - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/imx8ulp_caam.h d4daab05d329079bd2e068028cef598c86bf62c4 - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/dram.h 561f5f07a58fbd1e17cbf7151b62c93549ff4e03 - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/xrdc.h c31e52b1ae817b100807c607ac603468a7a5d49f - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/scmi.h ee352183edb020aeb94b5ac92a4089e3c71ca702 - arm-trusted-firmware.t234/plat/imx/imx8ulp/include/platform_def.h a560ed3c2759381e3460b1cb71526d4caa99642a - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upower_defs.h 999887bef51661fcede97971b72f1fd96ed2e5d2 - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upower_api.h 2739711d6e245c5c61cfab44a704d59594782859 - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upmu.h fe2feec5a6ff91964830672dc5cf2cdacb58dca4 - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upower_hal.c 7993d36e73726728d66a91ad4d2b81107a7dfdfa - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upower_api.c 5a4adfdb81df94b2fa4dfc2392c7596917501ef6 - arm-trusted-firmware.t234/plat/imx/imx8ulp/upower/upower_soc_defs.h a9c191cf73abc0a4a27f83b6033859068143de4a - arm-trusted-firmware.t234/plat/imx/imx8ulp/scmi/scmi_sensor.c a5827d9e8723d930e42d4ddee2c1e5b5d03159f0 - arm-trusted-firmware.t234/plat/imx/imx8ulp/scmi/scmi_pd.c 29905d65c1b8adc1d3caa427d2ec1312abdb1a80 - arm-trusted-firmware.t234/plat/imx/imx8ulp/scmi/scmi.c 1e1f92bc6f801c91fde3bbe4ce99b62beb0eb7d2 - arm-trusted-firmware.t234/plat/imx/imx7/warp7/warp7_bl2_el3_setup.c 42143dbacac34a118b7b86673774e843e7e84fd8 - arm-trusted-firmware.t234/plat/imx/imx7/warp7/include/platform_def.h 1e876f487cd25f4a6cd08d0a21926f5405676a07 - arm-trusted-firmware.t234/plat/imx/imx7/picopi/picopi_bl2_el3_setup.c 1b13f9e313e75353b45d6528629485488b180345 - arm-trusted-firmware.t234/plat/imx/imx7/picopi/include/platform_def.h bffe5bd7851f8d028c92d9d68dba7806be5bd662 - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_image_load.c 7b5d73ec9d9c7e14fd48653c6e018d432654101d - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_bl2_mem_params_desc.c 3bba3282b340c9896990c2ffcbf10d5bfb0070b2 - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_rotpk.S 8403135be33e11a4b696e90b5b253465b6838682 - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_helpers.S 4d406209e8b278e9730968baee57f5106d424aef - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_trusted_boot.c 81ea2015e04bbc53b7d42589a21821a183fc1c8a - arm-trusted-firmware.t234/plat/imx/imx7/common/imx7_bl2_el3_common.c 10003f2e608d5073c076ab1a446f4ba07c06086d - arm-trusted-firmware.t234/plat/imx/imx7/include/imx7_def.h d4e968db5e699bc36032dfe35d7fada27142c699 - arm-trusted-firmware.t234/plat/imx/imx7/include/imx_hab_arch.h 1027e5173d316fd6d9dd6588b9666b53ed9d1116 - arm-trusted-firmware.t234/plat/imx/imx7/include/imx_regs.h d08ec11462c38ed056bd8ce300169c64d976b21d - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_csu.c 10fb6753c1ece21522f45f372d0cbf3b416b5190 - arm-trusted-firmware.t234/plat/imx/imx8m/imx_aipstz.c 996e00079997c54373e5acb4a6f39bfe8cbe346e - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_image_load.c 16aabd0793371f0695c3e323ca48c440a8340332 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_psci_common.c 9b5e8b8d9515c374e55191eefd3318dd29b4ec02 - arm-trusted-firmware.t234/plat/imx/imx8m/imx_rdc.c f93139cada46230f87d4733c0e9d4d0be94f7be3 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_measured_boot.c 1ccbc8b82968361279d02b4c1cf10c91215a3e19 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_caam.c e345520494aee2764cb14af7ae66ab0293c32ea8 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_dyn_cfg_helpers.c 71e15d70fa572d5ea30c2eaebe0aaecc691cb8fb - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_ccm.c 1bba3cc395cdcde6e82914792b00d3ffcb135bfd - arm-trusted-firmware.t234/plat/imx/imx8m/imx8m_snvs.c 27b7f5cd3416b96295c70624ef4970c56913b2dd - arm-trusted-firmware.t234/plat/imx/imx8m/imx_hab.c 8acc5dd8916f199434c21426fb546d92c32c5a19 - arm-trusted-firmware.t234/plat/imx/imx8m/gpc_common.c 9f3b4c37071328e939a48c501a6977bd74995abe - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c b7ab95b22954f11c0ec38dcc8f02d5aa85aeaf55 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/imx8mq_psci.c 9839cb099ef500e386990967fe32866822c800e9 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/gpc.c d1fa70b45e2971a3e4103d0b2ff864ec706c5af5 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/include/gpc_reg.h 6b72ec3d8edc7fc323fd768161812a0b5e5b7105 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/include/imx_sec_def.h 76f9c34a4be17c36af4ca84f17a5576380b3edeb - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mq/include/platform_def.h d54819484772902a3430637b5e9e0297b0957c9d - arm-trusted-firmware.t234/plat/imx/imx8m/ddr/clock.c c6c5b39f93cfc6dfd7c72ad357aa46c34268aa1c - arm-trusted-firmware.t234/plat/imx/imx8m/ddr/dram_retention.c f70125368c5e05f845f6c8afdd8d3f35c0bd4f58 - arm-trusted-firmware.t234/plat/imx/imx8m/ddr/ddr4_dvfs.c 913601228fc4f9634055ee5a2937ea281da347c3 - arm-trusted-firmware.t234/plat/imx/imx8m/ddr/lpddr4_dvfs.c 4ce79e7bc1d5a4aced549b62eaf8a39fc8788e4b - arm-trusted-firmware.t234/plat/imx/imx8m/ddr/dram.c 552dd217b5167db0981cbc7c6c57e1f2a57b4fde - arm-trusted-firmware.t234/plat/imx/imx8m/include/dram.h 9bf31b2deb68ecd9e1ba14b273cdf44527835db0 - arm-trusted-firmware.t234/plat/imx/imx8m/include/gpc.h 59fd91cd051ebecbab4a936f03eb6e9444443053 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_csu.h 4bc0eb69bf40f2ac07200a788f79ad6e9ec8b3f2 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_psci.h 3bc736f072705dfa2d00383fe60d8497b3676fcc - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_caam.h 142aec7d079611005371d97442c5aaa2426513db - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_snvs.h 47de7cdf356158f2b651bafb8659187db3a13e65 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_measured_boot.h 47d4d332045a770093cbd6ca7e1ca8785f26c1b0 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx_rdc.h b2cabe2526ae3990fa405688f4fb6eaf16d90a07 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx8m_ccm.h 5ec5413514abe79264b0bed81c75f811d2621d46 - arm-trusted-firmware.t234/plat/imx/imx8m/include/imx_aipstz.h 5eac3f0d57b86e7c5a80ef9b695586701ae316cf - arm-trusted-firmware.t234/plat/imx/imx8m/include/ddrc.h 0efee336c964d1973fec201980455aee08396081 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_trusted_boot.c 169ab98f3d4cd7620ffef0d78f7c2329be9c1586 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_psci.c 97a556f1fc780240a2ad81127c295bd39a0c6512 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_rotpk.S 8c540b3bbcde276f96d20d71011c966a8b4121ee - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c be1935709a939c0480bc4cc27058482508f2596b - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_bl2_mem_params_desc.c 566e9b1ab9526aa568eec00fa2bdd7504ce690c8 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/gpc.c 3d38c99169530f67aeba8526bd7cd4559981a349 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/imx8mp_bl2_el3_setup.c df0e3b50430ac47d2263ca8e0a4b83d46c8c0193 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/include/gpc_reg.h ffdaf59c15cfad24af89cc1357c4b9c6178c75e8 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/include/imx_sec_def.h c65d55a5e1a73f615b9fe213427e4605f4b3806c - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/include/imx8mp_private.h 7c48c904287aa073e83f2de62a1e29dbd78eb62f - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mp/include/platform_def.h 3fcc366713e1667476479363fd2d0fb74144e491 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_bl2_mem_params_desc.c 0e0933de6793e323f4c77e12a89455776a0dfe57 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_psci.c 060756d07ff95fa2e15ef2cab742c6f6fdfdc5e3 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_rotpk.S 5e7971c14f77e2f2450badad4a156ca33a9eb89f - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_bl2_el3_setup.c dcd3cf883daf67195df7539d71232ca01a823ab4 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/gpc.c ef3284df4a0ede5ce613a7a839898cb2a1e9c9a1 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c f9007785b7de40f327bd11a83c710c297b45e4ab - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/imx8mm_trusted_boot.c 4a704d5f5cc4958ad509fe9771d30d6632cb1a0a - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/include/gpc_reg.h 04fdaf688f6c35956e290eee3b0b4f09932424a1 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/include/imx_sec_def.h 0f9e1a9d6497a3ad4e415d483905f2ef16aaa423 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/include/imx8mm_private.h cac152bceccacc4dfcefcb06f70bc94a942e811b - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mm/include/platform_def.h 10405a9037f559e702c7588cf44df9cedf17fbd1 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c e7ded5d1571dcf2246b5480dea7517bbc0e45a87 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/imx8mn_psci.c f510a33475391ae77425faa5cf9b155f5b4f4eed - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/gpc.c 82259d3c2b7d974ad94a42c37f37e0a8f0ce576f - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/include/gpc_reg.h 8ce176eac7c0cd84477d823797e6ec1b94a7710c - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/include/imx_sec_def.h e2cbf16502d88d260315ea8f6ebf0fda8ea48f82 - arm-trusted-firmware.t234/plat/imx/imx8m/imx8mn/include/platform_def.h 7e1d50a10455cae2f24e8ada077e8d707897363c - arm-trusted-firmware.t234/plat/amd/versal2/gicv3.c fd4e4d8e4e5dff8e1ee06cd871c1dece6ed0f7e1 - arm-trusted-firmware.t234/plat/amd/versal2/sip_svc_setup.c f46f70cab0ddaa6cfed17301a44127f90db8d6c1 - arm-trusted-firmware.t234/plat/amd/versal2/plat_topology.c 6e29364227d4fd4ab5c38c4e6bb53b96a7e34180 - arm-trusted-firmware.t234/plat/amd/versal2/plat_psci.c 1247aa83fb6b4428b7837fc9ab72b243faabeb7b - arm-trusted-firmware.t234/plat/amd/versal2/scmi.c fcd6bb0d9fab9d859b607e7f1b99d3ecee00181d - arm-trusted-firmware.t234/plat/amd/versal2/bl31_setup.c f8f943e74aa0044cf973a1c10769cbb163d0c0c0 - arm-trusted-firmware.t234/plat/amd/versal2/soc_ipi.c 5c2e772c8aba07c6fe4f8b403035417fe0ce1b00 - arm-trusted-firmware.t234/plat/amd/versal2/include/plat_macros.S 4d48bf24f8a8745f7d24b8ef498617aa24e48bf3 - arm-trusted-firmware.t234/plat/amd/versal2/include/plat_ipi.h dcddb8ded444ac27e925e2cfe092142bd68597bb - arm-trusted-firmware.t234/plat/amd/versal2/include/scmi.h 586c381b1ccf47d4fe0a8787467d84f695f8c167 - arm-trusted-firmware.t234/plat/amd/versal2/include/plat_private.h c3a2edf4f2b4f5e032b022561be465f687da06db - arm-trusted-firmware.t234/plat/amd/versal2/include/def.h 94532fde4c9cebad24a5963743b1088399cd297a - arm-trusted-firmware.t234/plat/amd/versal2/include/platform_def.h e85c171e8035cad0afc68fc4cd11680b57a687da - arm-trusted-firmware.t234/plat/amd/versal2/include/versal2-scmi.h 74a36dd4cf603bb7196309cbc95776d5b6909d37 - arm-trusted-firmware.t234/plat/amd/versal2/include/plat_pm_common.h 671239388cb3c2dc0bfd8b4d8cb3457aece33f3f - arm-trusted-firmware.t234/plat/amd/versal2/aarch64/common.c 994a657361f0f8a70ae50e79cf183624aff64a40 - arm-trusted-firmware.t234/plat/amd/versal2/aarch64/helpers.S 522b63231b909ee04c701b3cfc83f0e36837b43c - arm-trusted-firmware.t234/plat/mediatek/helpers/armv8_2/arch_helpers.S 4ba889b4d34e8b0d77d2e96be7443670fc8c51b4 - arm-trusted-firmware.t234/plat/mediatek/lib/pm/mtk_pm.c 813385e82fabd06d5d9692ffd200a4f727c11fad - arm-trusted-firmware.t234/plat/mediatek/lib/pm/mtk_pm.h 6c7a6b0f1a8f8bb9669f4da479574579c42cc692 - arm-trusted-firmware.t234/plat/mediatek/lib/pm/armv8_2/pwr_ctrl.c 6311b185f7f7c8af501aa62696276641763e1810 - arm-trusted-firmware.t234/plat/mediatek/lib/system_reset/reset_cros.c d9cf3a5339c9b4f70641e25b6acbf16e49cf61dc - arm-trusted-firmware.t234/plat/mediatek/lib/mtk_init/mtk_init.c 0836a904278842a9ddbdfe4c73ff81b9c1d56d85 - arm-trusted-firmware.t234/plat/mediatek/lib/mtk_init/mtk_mmap_init.c 2f1976dda894f28a35f0cc50623e070a354d044c - arm-trusted-firmware.t234/plat/mediatek/mt8183/scu.c 03b9e95dd87fe5cdd436743fb8f5f59d4b2f2de3 - arm-trusted-firmware.t234/plat/mediatek/mt8183/plat_topology.c e9bb8f5dfe42b8cfdd770db2301155ad00d93617 - arm-trusted-firmware.t234/plat/mediatek/mt8183/plat_mt_gic.c ab7d909a710012da6745094b10bd2d8c989e38bb - arm-trusted-firmware.t234/plat/mediatek/mt8183/bl31_plat_setup.c 7a7fbf6ac91e6e9ff86ac7350e8de64f834b5997 - arm-trusted-firmware.t234/plat/mediatek/mt8183/plat_dcm.c 3cb5ee19a3d0915879c602a240e4affb4a0d7c94 - arm-trusted-firmware.t234/plat/mediatek/mt8183/plat_debug.c 8274c219bcba2090fe7e6e628abe65c7c3780d33 - arm-trusted-firmware.t234/plat/mediatek/mt8183/plat_pm.c f7b9354cce893182c4203079dc774a9b048d05d7 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/plat_macros.S a52a6337e1e29bc64b0d301f31d88c42981a1105 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/sspm_reg.h a4d241e1fe6a38acfd38a895dc29d0d3762c185f - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/plat_private.h 447f690a22efc00539cd931fc1d9aba592997a19 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/plat_dcm.h 387e06d0f2e4f36818ebd660cd1c4d429222a6fa - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/platform_def.h 58b0e33d4a7460c72049a50f5cb8e8af5a5260d9 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/plat_debug.h 01e8de6953d79923463ea639e7d8e218ecdbc8e6 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/power_tracer.h 9ff5bdd1f6610dc5e442304399c97ab95361e3a3 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/scu.h 97a99a4b4542d549efbe9122362e0ee8fcac89fa - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/mt_gic_v3.h 16b7a7f8d62f9bc9d06c01d5e72b2ef5653e7455 - arm-trusted-firmware.t234/plat/mediatek/mt8183/include/mcucfg.h 23040542c3bf819fe42a45ea51427b1a39edfab5 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/timer/mt_timer.c 1f21078b5dce77d5939c39ae046fcf15cf1bcc4d - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/timer/mt_timer.h e92a0c648e09b96cd906a5e008c418d7d61fd577 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm.h fe16bd5deb42a8c0e902c3a7547e11d7d5afa0bd - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm_suspend.c fdbc0bcded1a96ceeb994c74a3a48eec3af06df3 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm.c b26d910796c32c24b2519666922a9991a16d3562 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm_pmic_wrap.c f1a812bc872a1ac1c695c5485fba1a135307986c - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm_suspend.h 8156e8c4b7f219c9590cfcb2338d845c2b0c71b6 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spm/spm_pmic_wrap.h 7ac4fd4d1072962002d4b4a7439a7fc6fea85b48 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/mcdi/mtk_mcdi.c 0bae9ef296eeb3bf9ed2342aa58b2d505dc8f04f - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/mcdi/mtk_mcdi.h 4ab8cc9c4d3ff197639f9b78f7b860ebb8879967 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/mcsi/mcsi.c 51b89484342a85c2ee1e944fbbfc08a8bc663f63 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/mcsi/mcsi.h fb3c91bb75b7fe6fff5323ead8dc73efc07f1289 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/sspm/sspm.c 645f76b92e2714b452ae24edcd6a40cfa879ea61 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/sspm/sspm.h 62325eff3c956aa9ca90b298e958e8ed5941a8a4 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/emi_mpu/emi_mpu.c 88c148094b3fac4149258b8fe4786fe4ac3f8f3a - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/emi_mpu/emi_mpu.h 96ac9c853839aff7b9c19b8ce2bdd09ffee2c87d - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spmc/mtspmc_private.h 316277d91acd7098ec6ac153e95c932aca46d3c5 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spmc/mtspmc.h 2e1849b9de23cbd064f9e90e4c83cd761e284e18 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/spmc/mtspmc.c 94b038f0c7b76069f4f85185a375d4d2aa61a74f - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/gpio/mtgpio_cfg.h 3a86fc89605145b3faa5aa385e8f7a11851b424a - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/gpio/mtgpio.h 346960934a0779649e0412ae87abde963086ff8a - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/gpio/mtgpio.c 888e5c6480da8cc9f0dd6d5febc12f7d0a8a16fd - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/rtc/rtc.c edd71b3e0aaea146cfadebca131cd7e6ee13d303 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/rtc/rtc.h 1d535ab7f8d2fb5131a0ce0e6a7b11c4a188a009 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/pmic/pmic.c 214f922545d6899c3e5621df156f1712ebb3c009 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/pmic/pmic_wrap_init.h ddd6d454dc5e0a1dead801b5cb856c7f27a8065e - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/pmic/pmic.h 264db153102d726c6a9455244b40d552d0960af2 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/devapc/devapc.h ed39e8ba2090c26070e12def3287c0ff46721987 - arm-trusted-firmware.t234/plat/mediatek/mt8183/drivers/devapc/devapc.c c5295d987eeadbc7fa82ddedb5266f20e7dd3cec - arm-trusted-firmware.t234/plat/mediatek/mt8183/aarch64/plat_helpers.S c7ae3ce6e37f4d27b8733d9c3b1bafa8add40a8b - arm-trusted-firmware.t234/plat/mediatek/mt8183/aarch64/platform_common.c 2036b11036478a7316c8fd022436bf0c5c86fcb1 - arm-trusted-firmware.t234/plat/mediatek/mt8188/plat_mmap.c 6c02313dd3c36357c07071c1b1e8c6541d7fac3d - arm-trusted-firmware.t234/plat/mediatek/mt8188/include/plat_macros.S fe92777b57e50f9794d099db02b51f77dc6ba550 - arm-trusted-firmware.t234/plat/mediatek/mt8188/include/spm_reg.h edf168931ae63b6f50119f11a6c30332f17b221b - arm-trusted-firmware.t234/plat/mediatek/mt8188/include/plat_private.h 14900bc528ff1f9aa32b65ca0826bd6b1036cc58 - arm-trusted-firmware.t234/plat/mediatek/mt8188/include/platform_def.h 155fd15ce538601c80626e0ac924d86efeee81c2 - arm-trusted-firmware.t234/plat/mediatek/common/mtk_smc_handlers.c ef095211d957e529510d9557e660cdf71b19dac4 - arm-trusted-firmware.t234/plat/mediatek/common/mtk_bl31_setup.c 7858c40d5378047a8869189376fb70d934ed6f9b - arm-trusted-firmware.t234/plat/mediatek/common/plat_params.h ffdbbcc522937a13b7f658754005673d0257f6dc - arm-trusted-firmware.t234/plat/mediatek/common/mtk_sip_svc.c 8b0adf6f37fac4a221d543c6307ba999c9272fe3 - arm-trusted-firmware.t234/plat/mediatek/common/mtk_plat_common.c 4f1e69980b6fa0691ac24f320f777fa5f690c987 - arm-trusted-firmware.t234/plat/mediatek/common/params_setup.c 078e8353bd2d5d9a24dc7b0eb02885c17df8a41b - arm-trusted-firmware.t234/plat/mediatek/common/mtk_plat_common.h 2cb2045af159fb4b0fc67e80347a125d16746868 - arm-trusted-firmware.t234/plat/mediatek/common/lpm/mt_lp_api.c 048568ea3544fb70a213a18fce44cf61d2569afc - arm-trusted-firmware.t234/plat/mediatek/common/lpm/mt_lp_rq.c 240763d9f4cc8587183e76d43c9682c0da5d79a1 - arm-trusted-firmware.t234/plat/mediatek/common/lpm/mt_lp_rm.c 4f5f60f494b7c5e54c5fcc61e93c22948842bd50 - arm-trusted-firmware.t234/plat/mediatek/include/vendor_pubsub_events.h 77426715ab3ae7fdf820e2d94d33a3c49af87b32 - arm-trusted-firmware.t234/plat/mediatek/include/plat_helpers.h 1052acdec92753ec565b872a6178633568f1afde - arm-trusted-firmware.t234/plat/mediatek/include/mtk_sip_svc.h adb5db59d1de99ae5b63a6a97f45db0bd5d32546 - arm-trusted-firmware.t234/plat/mediatek/include/plat.ld.rodata.inc 730fc794ca6543e8ce9f5fbf3106440fdd972a88 - arm-trusted-firmware.t234/plat/mediatek/include/mtk_mmap_pool.h 2007bbc2e757b8f9a7c8d2c1268e61d5476b5112 - arm-trusted-firmware.t234/plat/mediatek/include/mtk_sip_def.h 1ebe4b764d469b2138366b316a32f9aa69e86930 - arm-trusted-firmware.t234/plat/mediatek/include/lib/mtk_init/mtk_init_def.h f430f1fc1cb4e9869f5188a8a2e41fe2388d6337 - arm-trusted-firmware.t234/plat/mediatek/include/lib/mtk_init/mtk_init.h 28e698c3db9ff4cd8214e6c19d2e862b84d58997 - arm-trusted-firmware.t234/plat/mediatek/include/lpm/mt_lp_rqm.h 131f5bfb6f675e5d109359c7b033f8b5661462a4 - arm-trusted-firmware.t234/plat/mediatek/include/lpm/mt_lp_api.h d6580f799b542fccd5694096527e04c1eef6d90b - arm-trusted-firmware.t234/plat/mediatek/include/lpm/mt_lp_rq.h 452249986e924e593c69b4490fd404923ca00613 - arm-trusted-firmware.t234/plat/mediatek/include/lpm/mt_lp_rm.h dd1742b2f03a27f309a895ad42cd54a673c7e8a6 - arm-trusted-firmware.t234/plat/mediatek/include/lpm/mt_lpm_smc.h 2f24ac043a34f33be26778e4bcef73be1d2560de - arm-trusted-firmware.t234/plat/mediatek/include/armv8_2/arch_def.h f231a8cba31d27c6b5620603e282f16c8e11d068 - arm-trusted-firmware.t234/plat/mediatek/include/drivers/spm/mt_spm_resource_req.h ef31a3fe64f2f80b9bf38648ea21c4308e5d9499 - arm-trusted-firmware.t234/plat/mediatek/drivers/usb/mt8188/mt_usb.c 95dafe420ae67f2efd1510f1092a4779616c29f5 - arm-trusted-firmware.t234/plat/mediatek/drivers/dcm/mtk_dcm.h 69f1fae59df7524be33d4147b2a092c6e51ef8e9 - arm-trusted-firmware.t234/plat/mediatek/drivers/dcm/mtk_dcm.c df145329af783d50890626c102e62382f51887ce - arm-trusted-firmware.t234/plat/mediatek/drivers/dcm/mt8188/mtk_dcm_utils.h 89c6cdceb30d5175973c272aa2357dc7aa1a3543 - arm-trusted-firmware.t234/plat/mediatek/drivers/dcm/mt8188/mtk_dcm_utils.c 4026cdd707525c9b0b2f452353e7ba7bca28e30d - arm-trusted-firmware.t234/plat/mediatek/drivers/rng/rng.c 633855fa4cd760864ff1993f9ba116691e17fe0b - arm-trusted-firmware.t234/plat/mediatek/drivers/rng/mt8188/rng_plat.c 9a9f2989b8796b1f086830e28d1f42f15ec7944e - arm-trusted-firmware.t234/plat/mediatek/drivers/rng/mt8188/rng_plat.h 21da27715cf8cca9b7fab5c020f8e365081c434d - arm-trusted-firmware.t234/plat/mediatek/drivers/rng/mt8186/rng_plat.c e0879dbef407ef82e9d99d14188cb0ab71334424 - arm-trusted-firmware.t234/plat/mediatek/drivers/rng/mt8186/rng_plat.h ee1c1bf9c78b5c46f7772dc45f77f687953b93fe - arm-trusted-firmware.t234/plat/mediatek/drivers/msdc/mt_msdc.c 156cac9afbdde89449a6d21df46d0c5a1bf37071 - arm-trusted-firmware.t234/plat/mediatek/drivers/msdc/mt_msdc.h 8f1cfa9df72c598247cff91a97b5a830e3569cc9 - arm-trusted-firmware.t234/plat/mediatek/drivers/msdc/mt8186/mt_msdc_priv.h a0b0b3baf65bc8806a395dc788a2b106c02f3949 - arm-trusted-firmware.t234/plat/mediatek/drivers/dfd/dfd.c d9bded336f634453e481841c74413768ad395834 - arm-trusted-firmware.t234/plat/mediatek/drivers/dfd/dfd.h 261cf35d5384041d1dbb855b554e68ea39a1664c - arm-trusted-firmware.t234/plat/mediatek/drivers/dfd/mt8188/plat_dfd.h 6abded7e1568631f71e2d6557c3332d3847ea188 - arm-trusted-firmware.t234/plat/mediatek/drivers/dfd/mt8188/plat_dfd.c 7f192da248ec23c019cb333f4caafc278271f676 - arm-trusted-firmware.t234/plat/mediatek/drivers/mcusys/mcusys.c aee672e423696b65c1630801b16273e8e495a149 - arm-trusted-firmware.t234/plat/mediatek/drivers/mcusys/v1/mcucfg.h 2a10904482493ddeae18582fba23ff8f9181bf75 - arm-trusted-firmware.t234/plat/mediatek/drivers/pmic_wrap/pmic_wrap_init_common.h bb9905d3ca82a3d6dfa57699b19611f4867577ac - arm-trusted-firmware.t234/plat/mediatek/drivers/pmic_wrap/pmic_wrap_init_v2.c eb7915fed5f701e9926022ff49c0a65788171ee7 - arm-trusted-firmware.t234/plat/mediatek/drivers/pmic_wrap/pmic_wrap_init.c c7f5e857fc70c5ce4f9dcaa96f337af61105ace8 - arm-trusted-firmware.t234/plat/mediatek/drivers/pmic_wrap/mt8188/pmic_wrap_init.h 1684070d09d29ebffbd8554091fc33e886e3e2ee - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm_cpc.h c898216aa5b8f9fe89997d856427e3778ef12d5d - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_smp.c 9b4ecc667dc11af294dbd507e43cab0314e2dd11 - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm_mbox.h 134fbe21ac0f2c1854b10e7eef89ee12b020fe20 - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm_mbox.c 701ff478c6dc1481f2343efd5cd06af1507f256c - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm.c 0b7f2e5711c02061341a8dad767bd48e81ed38d7 - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_smp.h 0711d9c3c743a3380f9dede1b38165296fce1778 - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm_cpc.c e3cec46ff910a44ee5ea099c67fcd1a9118aadd8 - arm-trusted-firmware.t234/plat/mediatek/drivers/cpu_pm/cpcv3_2/mt_cpu_pm.h 98496e45e45833386917e41a5a20706c54c620e0 - arm-trusted-firmware.t234/plat/mediatek/drivers/uart/uart.h 930f766565bf0d229b59529e45f88732759a7231 - arm-trusted-firmware.t234/plat/mediatek/drivers/uart/8250_console.S bdb3af368e931968e90077cf992a6651daac9391 - arm-trusted-firmware.t234/plat/mediatek/drivers/uart/uart.c ec8068037d563767633d21d9e3b1f5baea14858e - arm-trusted-firmware.t234/plat/mediatek/drivers/uart/uart8250.h eecd4e88de7385f35bc50c0cadf49e4a947430d1 - arm-trusted-firmware.t234/plat/mediatek/drivers/iommu/mtk_iommu_smc.h 1fc4c3aa890f2e17c8be6a6dbbf6567486f157e8 - arm-trusted-firmware.t234/plat/mediatek/drivers/iommu/mtk_iommu_smc.c b27a223582d98aea35079b5d0bfaa1b3f8721cb5 - arm-trusted-firmware.t234/plat/mediatek/drivers/iommu/mtk_iommu_priv.h 133b64f64c5975ba10b2be0e87fc69b423ac2177 - arm-trusted-firmware.t234/plat/mediatek/drivers/iommu/mt8188/mtk_iommu_plat.h 67a2134c19d1424bf3c87a36306742845ac619c8 - arm-trusted-firmware.t234/plat/mediatek/drivers/iommu/mt8188/mtk_iommu_plat.c 5641ce56f5875f82b1bcd52ccac754d6434a429d - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/apusys.c b0bb7819e1cfa2a01fce23b139ea472f841352cf - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/apusys.h 9048ba6a48ac14608b665c8bad2f5bb951a27024 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_devapc_def.h d58a704e433339131096e918700e842b0fa15168 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_security_ctrl_plat.c 9c431370eef2ba564a1787f401a8ef5e12c36ed4 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_power.c 86aa1267852d8904cdbc7c0b57f4ad78cc5728d0 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_power.h 84d142258a0c10ae1990238c3d60026351212e52 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_devapc.c 966b63eb3fc5f4e378e22aba9e1e784e0e2bf33e - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_devapc.h ac06993b9ac9acbab82e04e2042d0a8eefe61ce0 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/mt8188/apusys_security_ctrl_plat.h 562bc45c0151323ee67ed5563d2be73f2c872086 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/apusys_rv/2.0/apusys_rv.c 2e8f5da822645622d105b051be9e1b6ffa459bfa - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/apusys_rv/2.0/apusys_rv_mbox_mpu.h bcec235558592f7669bebeeed09689faac0d77ad - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/apusys_rv/2.0/apusys_rv.h b442dbf244bc7a547e04c0f40702676e578678e0 - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.c fd860896b0d27704975fa01c90529c8670e5c45d - arm-trusted-firmware.t234/plat/mediatek/drivers/apusys/devapc/apusys_dapc_v1.h 1f18015e4a91fbc2f6f458600c406f2460034d01 - arm-trusted-firmware.t234/plat/mediatek/drivers/timer/mt_timer.c 1dd137b3f01e2411cbb14572a975e1b3f4105830 - arm-trusted-firmware.t234/plat/mediatek/drivers/timer/mt_timer.h 532fa3e763874411f39bbd85ad681e402e90f231 - arm-trusted-firmware.t234/plat/mediatek/drivers/dp/mt_dp.c 126809c50663fcf6c39cfc9d13e7e92ca3c5fb6f - arm-trusted-firmware.t234/plat/mediatek/drivers/dp/mt_dp.h dbc7c826ad61d42add672e4a8a99d45d202bfdfd - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_constraint.h 6bfc6138b5154aa9736b4a4a345aabe33fee78a9 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm.c 12dd698b1196a2fc3afc27305c76ad1e2c258bcf - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_cond.c 71fef70388b8918cbc07e8f65f9b0e7a4c89ed74 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_cond.h 5f179d6ee720aba7136dd80825300df68270eed5 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/sleep_def.h 81048f87a770053f0805ec66d9fa16b84a77f636 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_reg.h 818234ca0720434f52f23b93f72dce1ce5c9d4e3 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_pmic_wrap.c fed22f164e0a53cbae09721f293affa2ec1f2f01 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_suspend.c 0769df3cb5b8b9e19dfb1123c46dee7f1f9557ae - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_idle.h 831ddbe553333b41fcc723b7789a93dcea7568dc - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_idle.c 47a4098a0efa1e12ed9e27f75331e2441779101b - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_internal.c 0985261c4e5a8bb2c2e37e4ef058afa59757ad71 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/pcm_def.h e3c0e7928b00678198d90d8fb1a2f82e8bed1583 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_conservation.h 684d73409dbe996226ca1447b9d63957867467a1 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm.h 6268b8fa4219dcd8875ef6209642b2d49f7118ea - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_pmic_wrap.h 73923179a04adffb30861558a79f25f7ed3d768f - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_internal.h 17f497f076bdd43ffbdd72fd3b425e44ff22d8f1 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_suspend.h e396c6c90c6556d467fc562e68e005f44c4d8b95 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/mt_spm_conservation.c 6cd940278f11b3d6b63cd0a31273aaece40a30c3 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_api.h 0a62ee963357d3bec459881c0e45a8ffa6c7a918 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_cpu_buck_ldo.c 55813ebfcfd70bc4977c941b3b1b909f708db0fc - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_bus26m.c 5b4849541403374ccaeecb00883e829f66202395 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_dram.c e583068a2fdb63753f6e2f856317202006b46ec7 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_syspll.c 70d29f5044a5bd6aa77260aeda1506ef4a9995ac - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_api.c 018910a30baede69e5bdbf766cbfeecc97c39d65 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_internal.h bb323bebc6cb446ed2b0da97475df6b313b6d48c - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/version/notifier/v1/mt_spm_sspm_intc.h 6ebfcaae396ba118af39f0d41aee8fb9ac4417e0 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/version/notifier/v1/mt_spm_sspm_notifier.c 57b362129e071f4b6358ee2f67668a5723149f84 - arm-trusted-firmware.t234/plat/mediatek/drivers/spm/version/notifier/inc/mt_spm_notifier.h 6e8328bde0c302e5e4a920571add2cb941bd94bd - arm-trusted-firmware.t234/plat/mediatek/drivers/ptp3/ptp3_common.h 04c6c2bf26c5aebf15755019eb1ecb9e65ce69b6 - arm-trusted-firmware.t234/plat/mediatek/drivers/ptp3/ptp3_common.c 8496c537b7b48853a0cb2708741487f8a36ffe6a - arm-trusted-firmware.t234/plat/mediatek/drivers/ptp3/mt8188/ptp3_plat.h 77e9f93ff781a1987a0a63caa4c149bdaa1252a0 - arm-trusted-firmware.t234/plat/mediatek/drivers/audio/audio.c 7a6ca16f381f362b101117ec84ac8c0911cf8861 - arm-trusted-firmware.t234/plat/mediatek/drivers/audio/audio.h 24c24026f60ea4f0f096ff1c721dd6b8916c733f - arm-trusted-firmware.t234/plat/mediatek/drivers/audio/mt8188/audio_domain.c da5af19c7dc77d5deda15f6e2a5b62f584a72556 - arm-trusted-firmware.t234/plat/mediatek/drivers/audio/mt8188/mt_audio_private.h 827da74eb1c8e96107bf4b105d2456e9128d5807 - arm-trusted-firmware.t234/plat/mediatek/drivers/emi_mpu/emi_mpu.h 2041e4aeff6cb78547f1172dc32853c4ef54a2c1 - arm-trusted-firmware.t234/plat/mediatek/drivers/emi_mpu/emi_mpu_common.c 6f0c69e0545afe6ace0834c1a7738b032c5edb46 - arm-trusted-firmware.t234/plat/mediatek/drivers/emi_mpu/mt8188/emi_mpu.c cf73315f489104b325fe332e184062cbca7ba1fd - arm-trusted-firmware.t234/plat/mediatek/drivers/emi_mpu/mt8188/emi_mpu_priv.h 0285366adb4935f641e32567eb7f77904837f281 - arm-trusted-firmware.t234/plat/mediatek/drivers/cirq/mt_cirq.c 99f0022ad9e87c24e1887747d2c9884d00178733 - arm-trusted-firmware.t234/plat/mediatek/drivers/cirq/mt_cirq.h b93167035da9f66b5184ca2bafec958b3f155989 - arm-trusted-firmware.t234/plat/mediatek/drivers/gic600/mt_gic_v3.c 16462f5d17a1157411af721102b9276f82abeaeb - arm-trusted-firmware.t234/plat/mediatek/drivers/gic600/mt_gic_v3.h ad4b615259a210c00456d992b513086733bcb9c7 - arm-trusted-firmware.t234/plat/mediatek/drivers/gpio/mtgpio_common.h 490fcf180d98bb8cb8e2efc29f9d5501848afd7d - arm-trusted-firmware.t234/plat/mediatek/drivers/gpio/mtgpio_common.c a84237a9b3216421db5d1231f196ac9c22aa66d0 - arm-trusted-firmware.t234/plat/mediatek/drivers/gpio/mt8188/mtgpio.h 1d48befec54e9fa19cfb6946d74529810512043c - arm-trusted-firmware.t234/plat/mediatek/drivers/gpio/mt8188/mtgpio.c b6c9e8ee30ac8f5f0ac0b9bb03694eeb4a7f155a - arm-trusted-firmware.t234/plat/mediatek/drivers/rtc/rtc_mt6359p.h 03e4798e0ab038392164d015a29e788781517dce - arm-trusted-firmware.t234/plat/mediatek/drivers/rtc/rtc_common.c f0c7283e2441d12480c08faab3da2308d913f99b - arm-trusted-firmware.t234/plat/mediatek/drivers/rtc/rtc_mt6359p.c c2355cf6efda6f81bd7a9c35e7752d27980b28a9 - arm-trusted-firmware.t234/plat/mediatek/drivers/rtc/mt8188/rtc.h 02f0daaeeb8c59d391a631dd2f7624e598748e99 - arm-trusted-firmware.t234/plat/mediatek/mt8195/plat_topology.c b37bbd500187156b786138580f834face811db4c - arm-trusted-firmware.t234/plat/mediatek/mt8195/bl31_plat_setup.c 47db6d8212b0a5f9f1f0006ef388a69936ae3db8 - arm-trusted-firmware.t234/plat/mediatek/mt8195/plat_sip_calls.c 3d4c7bca1a506e4803a73126897ce1d6a95d97a8 - arm-trusted-firmware.t234/plat/mediatek/mt8195/plat_pm.c 1244ea062e485744ad8d59bf66ba3a455bec7f13 - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/plat_mtk_lpm.h 4b7558ac17d450a33285d28478f8d8596edbb1b5 - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/plat_macros.S 89839e3156f8231e002ce636b3025d34e9f4e407 - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/plat_sip_calls.h 5fdb5614708d12a66d8b58741f2e38c49b7690aa - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/rtc.h d923270912bbaad8959a73f39f933db6c98a49ce - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/plat_private.h cfc60d518acd24b2043bf29a48105110ad3068aa - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/plat_pm.h 7533ff64c34152805308fef95337aeebc5689b8b - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/platform_def.h af49cf4a43c7cf77fcfa20fe09d7197390bf3969 - arm-trusted-firmware.t234/plat/mediatek/mt8195/include/mcucfg.h b1174b8477d0e126d9a35147161079391bf09ab0 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dcm/mtk_dcm.h b6ba63645f7269f8d27b087a36b742340630864b - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dcm/mtk_dcm.c d83f926ab5ef0f16323281a34f12b358f3af50be - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dcm/mtk_dcm_utils.h 79890abe09ae9210d94ce3c0f27c8e1d61ed6fae - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dcm/mtk_dcm_utils.c 4168e0d14bbe98c0b575d2e572fdb4b73586f8c7 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dfd/plat_dfd.h 17199f9bb411ca8735cf2bc4b22e8baa7bc2d152 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/dfd/plat_dfd.c c925ae2549008a58fda62b34de221dd620c70d96 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/mtk_apusys.c e37292ff38e07fc925308e8d725c49e48fa0a085 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl_def.h db6d209cc48fd63ad9e73ca52f4c70391db28bb2 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/apupll.c 98090ad034ce904969ba1583467f8e5ef565d2d8 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl.c fb86370251784e4a48a2bfe74baf2d7c56f3701b - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl.h dace58b25824fbc880b58670389d47358981547f - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/apusys/mtk_apusys.h 1209a457ffc9d4ceeebf3f3e24300146fecbd276 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_constraint.h 0a4ed6a9c901c1bc5b75371aa26917fe6d9b243e - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_vcorefs.h f438fe8befd240fc23c7cc48c7e77e1e1a3cc0c8 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm.c 6ef0f4493d19b357c77df1b5cd49696a5263d102 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_vcorefs.c 1c5969bf63da110696877497bf7bb035238af2c3 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_resource_req.h d56a8aa3fe480cd0d540c0fc4fb8a86b16126380 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_cond.c da0d11a08b56a05381b8a262e5d2a508dfc9692a - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_cond.h 709be723f3bb2b8be34dabc19ffec007a928b060 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/sleep_def.h c5542e49f5d3326418606d161d9490c9dc3c7bcf - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_reg.h 33b92edafecacba8aed5f6b12c0b051740d4aa8e - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_pmic_wrap.c 2516c5016c27a7706bfb86cea698a6741d845eef - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c d21496a22308580c07df11ebe7adf41f274bfd59 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_idle.h c13822b4c2268325ef4398fbd0d28eacdfb59602 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_idle.c c997c26d9a441b3b550fa191f122a33d669d38b4 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_internal.c 445db7752ab6359cd4ddfebded67f1dc59603220 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/pcm_def.h 3e3b62df98d3d83eb2016c9d8dd1f67a641e95e4 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_conservation.h 416b58dbb44fb50ec9cbdda2b4af6cc04bd48d20 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm.h 618680bf1155ee1bdf7f67df15cfeefeded70e66 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_pmic_wrap.h 1e9fb5aa9c1bd6bfedf0be53b9f529290a141a9e - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_internal.h a2ab35d6915d2ac73d85c1068d973a0d3514da41 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.h b24e7e4ca2cd9b25fdbad93fed94631f347b78f8 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/mt_spm_conservation.c 872b3910dfca5bff8749f70e72fba760cf6289c7 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c 9cad31dffedae7113515acf396b47ad67db95e65 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_bus26m.c c24f82eb4ee80d7945922eac27dac514db2a49ac - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_dram.c a3456911635f8af4f989688a8a1ae80de5256fb3 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_syspll.c 98f55522313c18575ac3b999f71ef98dd128d004 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_internal.h e3e6596065738a8b19bfde088f92c7a4bf51b851 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_notifier.h 73de5db2e94313670371f83a648fe95de097e7f7 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_sspm_intc.h 85497a05edddd868fbe7322a3621d2b7c88c9814 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_sspm_notifier.c 0bcb38d8c8e61fff34a01235e370ae936b49f149 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/ptp3/ptp3_plat.h f8540b0d0f9d75dd733f6683d68945b2408cb0be - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm_cpc.h 06c0f0dc497d1eace969a99a623d8c675e5e98a3 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c 670e89ed3e54a8fcab5f9bdc69b0710229d556a7 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_lp_irqremain.h c4e2a5509c4bbef64807d58ddfea984f66031f26 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm.c 368d6d264c555843d3708e20700f8851e215df63 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm_cpc.c 73a75da66496e41636460ff121095c03a41ba9a7 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.h 45cc9c21a8808b71ae0f1ed548228c543b03809a - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/mcdi/mt_lp_irqremain.c 207fabe0105631d3be5740a123996804198aca66 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c a8ba5c83723798383541093aee374915fc69daca - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h f70563982bec81cd15b17e693da41e7d1f469c6d - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spmc/mtspmc_private.h e1b4cce4c465228019f6128073e4634dce0d2986 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spmc/mtspmc.h cb6cde28e9dcb269b456216c0e1b8d55c8ea996f - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/spmc/mtspmc.c cd5607156fa9256dbf860561db48d3e74c800295 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/gpio/mtgpio.h 49758ae69918fd8c1b52c54bc298f1f3e80fe1b9 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/gpio/mtgpio.c 9b146c3beb02a68ede21f883f70b46fd4239d784 - arm-trusted-firmware.t234/plat/mediatek/mt8195/drivers/pmic/pmic_wrap_init.h 1e5bead24560b23256aa9e306e5a4ece724bd6af - arm-trusted-firmware.t234/plat/mediatek/mt8195/aarch64/plat_helpers.S cf12b1cf99214c2d6e1e4c31e66bc9aa981037b2 - arm-trusted-firmware.t234/plat/mediatek/mt8195/aarch64/platform_common.c 02f0daaeeb8c59d391a631dd2f7624e598748e99 - arm-trusted-firmware.t234/plat/mediatek/mt8186/plat_topology.c 0fcb636bf98463eb44e77b7b99e75c29af2c4eaf - arm-trusted-firmware.t234/plat/mediatek/mt8186/bl31_plat_setup.c 8fcd8c6da6a5b779050aba77c3a1d180e1fcf42b - arm-trusted-firmware.t234/plat/mediatek/mt8186/plat_sip_calls.c 98b250fb48fc293e489948124f342093ba6dd423 - arm-trusted-firmware.t234/plat/mediatek/mt8186/plat_pm.c 80a7b771023f421a796b8da96a4d42a7672cb817 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_mtk_lpm.h 9d9e1a21208cd3b5491a40bacb421776e8c1b680 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_uart.h 4b7558ac17d450a33285d28478f8d8596edbb1b5 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_macros.S 85515b62d8aa7cf44ac7f0b5a705f9507bc7da21 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/mt_spm_resource_req.h 80f29d1cc6d6673486836b7eb69a41f7a95ba4a7 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_sip_calls.h b220ab62195da381290e15b4cfd22942786b4eb1 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/sspm_reg.h d923270912bbaad8959a73f39f933db6c98a49ce - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_private.h c02f1fbfaf33a5bbf3351dff53710e6e70a59e74 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/plat_pm.h b569920a90ac8edcfdd38257ab3fbbccbc56eae5 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/platform_def.h f3091cf7bfc468b69812a8ad31b9b5d768775e88 - arm-trusted-firmware.t234/plat/mediatek/mt8186/include/mcucfg.h 8836e6535eaf80d79c28bc7e61f796c61f019c9a - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dcm/mtk_dcm.h 3880fbedb01ad739666ead858ff32c11692d7ab0 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dcm/mtk_dcm.c 982ba0c3e5b8772dbcb65fe9ec04f07cd66c03e3 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dcm/mtk_dcm_utils.h 26687de903046dca0b5e9750e8a59b9355a29ec0 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dcm/mtk_dcm_utils.c f0e1185e7fac539c5d2edbf5893678d2ca131f70 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dfd/plat_dfd.h d2b7ae5854f6cb1abfe5c55f52385c86fe6752f0 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/dfd/plat_dfd.c 8d4291524d054f1b355580fb4254843ee94015f3 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_extern.h d252e68c77c34429d934422da1ce46e64553c23d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_constraint.h 6fad70943b4e7bc9042ec608eca4905531b622d8 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_vcorefs.h c6cd4eccdc73fc94fe1d36f9c0d24adf82f6b762 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm.c 8e4cded7b48b70c4d63171d01619ea77582a15d8 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_vcorefs.c c493de6825dedbe205476271578675f186aad0a2 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_resource_req.h 169c683f8206d3968bee1e5ba5f222dab71cebf2 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_cond.c 869e5ce6996225d55b0206e7bd3efac2a6c98596 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_cond.h 302fea6e0fc2351dbc6ccda1ed9190941f2c0250 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/sleep_def.h 85a883d9102bcbda2f8b172b3428fa270a259858 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_reg.h 14bc032be258ef049809f2d64758d7861d5e5ac2 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_pmic_wrap.c b196a520bf04181913710fa0ad6c7e98df814be6 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_suspend.c 0c0e64bb4e502f8b06cddf4f5701a2004dae88bb - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_idle.h ed2f1e43ce8ff9065b95a274256a78d34d08b184 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_idle.c be59b0efd4cc9ca4eb6570a3a2fe1d3f0f812fc6 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_internal.c 2f14e2189e22b58a7f814523923a82b761565793 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_extern.c 1b4a0d65fcaaccb28afc897aef9a76972b99b9f2 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/pcm_def.h ff8ca308a59e802f869d16233f792ae0e6d19a52 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_conservation.h 9842a9ba9c2a948191518a1dcac7efa316141dd3 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm.h c3913ece4d63b48d8aaa43aaaa4f7c5927073b30 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_pmic_wrap.h 2915d56fef4019217f23aeab0ebcf0ff98b2818d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_internal.h 714e06306174609b86f6dfecb362e5d307815984 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_suspend.h a6cfe8969863b9001520ec912315467a2b1213e8 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/mt_spm_conservation.c 97b36bd56cf9603b43fd2acace9ae94457d14776 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c b0b7d71eae5d9658f4318b8d609630ce8baa600f - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_bus26m.c d7be908565309c39ef0e37d464011c7340c16d6d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_dram.c 6dd95a8f29a4eb734a92736d768d92a35ce910f8 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_syspll.c 6dea64a1dcb62407a4021b892e2da1cdc50af221 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_internal.h 3b25bdf185a1377c793c31e212d50a0027fda91d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_notifier.h ec1e10ba1585046d426fcca0c8d6a0452015786a - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_sspm_intc.h b0f17b327e8e440edfd9723c0c1af4418672b99d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_sspm_notifier.c 68d0d1df925010bde7b53a36dd82ab05a0cc23dc - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm_cpc.h 5f4b55b0fb0544621045b48407c53734d39547ae - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c 680305a5142d3cda1b9ccc1bba0d1ca8dbf42b0e - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_lp_irqremain.h 63bd27946e361d2e05b681e47abfc894e0b23e88 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm.c 3de0a5c82b6c6679381b6c8887a23b11e1ee49e5 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm_cpc.c 63d1221a97ab18b30010ef6dd666592c84488052 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm.h 391c8bd0413603fab7961273368ae142ef2e605d - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.h b25eb762ade9feade7265b6836091ffda16eb118 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/mcdi/mt_lp_irqremain.c df5d6cd84cc2ebf2e1a29b946cfbfe1742c01b79 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/emi_mpu/emi_mpu.c 35dc8ecb34f8b16c7fc40797709568394bfa2700 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/emi_mpu/emi_mpu.h acd408521525ea61a78ab71ab790b33f6c8835a5 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spmc/mtspmc_private.h 514a984bcec8f805fbc3fc8b0213b8603009b717 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spmc/mtspmc.h 97a67051462aa2dc020abb4c615ec1b8d55798dc - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/spmc/mtspmc.c 175403c002e2bae8b4b5f15356300cbbf3a37aac - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/gpio/mtgpio.h 1cd2b844b96d5646b2f021f2b7a50358af7908a1 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/gpio/mtgpio.c 0bf3be2cc82c84d28437a838ec18ee32b52448a2 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/rtc/rtc.c 9114133093483da052525a109b5ca5242a14cdc7 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/rtc/rtc.h 8fdeee52467e248a082f45d92512e951f2611360 - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/pmic/pmic.c fae5279d3f23c61cc28aef0666b48296099ed71c - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/pmic/pmic_wrap_init.h 60b16e786121e9076be12c5a78ec91c7e33801be - arm-trusted-firmware.t234/plat/mediatek/mt8186/drivers/pmic/pmic.h 2c9ea17eea925548d393c14f7f51d8bc2fbccdcf - arm-trusted-firmware.t234/plat/mediatek/mt8186/aarch64/plat_helpers.S e55a87f7c47f362fafe9a61204603c0aacd71ab9 - arm-trusted-firmware.t234/plat/mediatek/mt8186/aarch64/platform_common.c 653b82370d0b1ad6cebef8b6d7072051e934caa0 - arm-trusted-firmware.t234/plat/mediatek/mt8192/plat_topology.c 5156247477a1d072e43ab2a0abbf3702053e9f8c - arm-trusted-firmware.t234/plat/mediatek/mt8192/bl31_plat_setup.c 56805f883f3c9325a69cdc97e327ca7c80bce78e - arm-trusted-firmware.t234/plat/mediatek/mt8192/plat_sip_calls.c e1863524c093ea2e6d043b9f6c7dc1e219f08467 - arm-trusted-firmware.t234/plat/mediatek/mt8192/plat_pm.c c080e0d9285c2d3fd252d1b5d80f857f7b5f7ca5 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/plat_mtk_lpm.h 166890efce4ba83ab0783f4b56821c8576731a31 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/plat_macros.S 9a55085dd16d8fb1643981ea5bd79a7009ebc8e4 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/plat_sip_calls.h 5fdb5614708d12a66d8b58741f2e38c49b7690aa - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/rtc.h a6ce0baf4ebd3c81556e0945c2649f2efae6c879 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/plat_private.h cfc60d518acd24b2043bf29a48105110ad3068aa - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/plat_pm.h 56997748655d5aea2de0ee46becb8aac0b37fc90 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/platform_def.h af49cf4a43c7cf77fcfa20fe09d7197390bf3969 - arm-trusted-firmware.t234/plat/mediatek/mt8192/include/mcucfg.h a84fa1ee247e2005166d9018df2bcc75e63deaab - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dcm/mtk_dcm.h 0652a5c416f4dd969f772d9774e55501993af032 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dcm/mtk_dcm.c 6710f6e1dfa15b331f9d813a5003b5198af81c04 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dcm/mtk_dcm_utils.h 51222b809151abb01db2556abfba262c93f7f0e1 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dcm/mtk_dcm_utils.c 89fce0253e363a84cec3e3957ac8d951a80ebe74 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dfd/plat_dfd.h 9b42c233c5ba1e6b8a384b28424da455c27a53a6 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/dfd/plat_dfd.c 1b68266c3c155960dc03cba027a4d430c74473bf - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/apusys/mtk_apusys.c cb930a7db51e4c8871ab7fcfa242466c2a8b36df - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc.h 45377afc42584fa85f873fca2cd0e157c1a16b37 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/apusys/mtk_apusys.h f5cfe3883759a648f72458b1bd84bf01d3bb1657 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc.c f7c1784f7532b244fe2bbca846d710d03061bed6 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc_def.h a65ccd601ba3861f13ec19d1ec6cc79d4295961d - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_constraint.h e5e46ff7c9820b84c61e6bf2afdad854e42c6985 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_vcorefs.h 4b3e251e2f0c0e4796105e6d25927067e14a2a6f - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm.c 9858935fcdc71e5145d69b0d6b65410dfc4c6dd0 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_vcorefs.c 6c9c6446695fbbb9ef086f4f783aae57f24ff6af - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_resource_req.h 6cc4993cc61746ef2d388027e535cbf6fcddd68c - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_cond.c 3646263e96b9e1bf68dd70363af40a9ebebfc683 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_cond.h 9479c40f7955d1b8da21fece7877b3f970886a62 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/sleep_def.h aa2819aa55d76d63f05809805f6ebf6f84fb8f71 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_reg.h b2f984f7c8707ce9470fc25ae8af0f7a041f1602 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_pmic_wrap.c ab677ba0b11817e784f6008456b3501b7438cfbf - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_suspend.c ec2b85d104ef0ad52faf88881e864e93c37e0ffa - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_idle.h 9bd59c04a5dabacf5a9ce010eefebd393e814115 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_idle.c 1637cf9d86b35aef31283240a30095022c0476cf - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_internal.c 26edcaa081665198f705a5d6e4a606c0b4e00689 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/pcm_def.h 1f598d0b85f3b211c05adb41726664e4a2bbddc5 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_conservation.h dd32e9eb6d0e8f5083df2bf5abfe28fcaf6f2c5c - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm.h c7e5e4cde0a05fa756e3fc6cd32654be3343cecb - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_pmic_wrap.h 905a72478cd919c732be2d3f3c066d27f34b489e - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_internal.h 0f8fcf83ec923d192f61376370dd90635259a378 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_suspend.h 9fc0480b22dccdbb2dad940666ba124a785ed285 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/mt_spm_conservation.c eefb0e4293a309d3eae668a9f4fff6b9d45d3597 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c 92c5f85bd201557dbc4e1e49474793a5152f5bd9 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_bus26m.c 345b11fdc0c85e312ed8e6a8643339d691fadf6f - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_dram.c 1e038ef0b716c1ba013366f2d656026ff4bacd71 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_syspll.c b656247e4733dfab4d7db4f7361cd1b15a0c14bf - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_internal.h 067d8c516f8ce37edb7c8228d9d7fc4ba15ad7ed - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_notifier.h d2d41012d692a8857c6f842bcf2eb065142a90c2 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_sspm_intc.h ca56b6a499c7e44f09c1f020859f9e7d51b014a3 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_sspm_notifier.c 2dd99ac3ceb6063e89c9c016bf2e965abd2636c0 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/ptp3/mtk_ptp3_common.h 30341bebf59f92502ed0e0f772ffd6ff3f4691aa - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/ptp3/mtk_ptp3_main.c f8540b0d0f9d75dd733f6683d68945b2408cb0be - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm_cpc.h 898ba302202ad4ff117f207d3cd604155457782a - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c 6158a4631af76550355215276ddfb61772f11c91 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_lp_irqremain.h c42e69a4b160aed3d646987f867de63fd6542f09 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm.c 368d6d264c555843d3708e20700f8851e215df63 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm_cpc.c 73a75da66496e41636460ff121095c03a41ba9a7 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.h ba494a785110e76f1ca2c3a0f49371ab768f7d58 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/mcdi/mt_lp_irqremain.c 09eef3153f8781d6bc852ba079ed0f23a53fd01c - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/emi_mpu/emi_mpu.c a0c85124251b9cdae75734966ce95891397ca477 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/emi_mpu/emi_mpu.h d42c9ba8c699033bed7f64376149e25aaf0ba27b - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spmc/mtspmc_private.h b434a3c4454f2c705b0f3b7c565d85e147e7a7dc - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spmc/mtspmc.h cc63207972ae473d6a68bc41f3aa23093730183f - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/spmc/mtspmc.c 319ec69ebc8189c0b9500805069cb9eab1288242 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/gpio/mtgpio.h fa7a5c1599cac3c19ca4cd64215b1938313806c5 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/gpio/mtgpio.c ee295aa348b00745e28bd430f83fcf77824b88d4 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/pmic/pmic_wrap_init.h 31d2ee83370c6c53704ab1a6ef9b905297491333 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/devapc/devapc.h f1eb5fa4f4de22b769d0667ea9bea00613216cf9 - arm-trusted-firmware.t234/plat/mediatek/mt8192/drivers/devapc/devapc.c 4a2ec93e8013a56c39ca18d0e283fc9cccb43b1c - arm-trusted-firmware.t234/plat/mediatek/mt8192/aarch64/plat_helpers.S 5c6677206ac7ea4573dbb96868e106a55445d4f9 - arm-trusted-firmware.t234/plat/mediatek/mt8192/aarch64/platform_common.c f080b060c3a7a6d1c5f4ffa322865258db95bd1f - arm-trusted-firmware.t234/plat/mediatek/topology/armv8_2/topology.c 9b148285683f9f62babcdd92b4cbb3edf8d47275 - arm-trusted-firmware.t234/plat/mediatek/mt8173/scu.c 322049a08a3981e4c34fb6991314537e02662946 - arm-trusted-firmware.t234/plat/mediatek/mt8173/plat_topology.c 6a2d3a421c077dcc608a94317ecf55a80c640d76 - arm-trusted-firmware.t234/plat/mediatek/mt8173/plat_mt_gic.c 24ee865b1b243120c5a814d16e31a77fef33c308 - arm-trusted-firmware.t234/plat/mediatek/mt8173/bl31_plat_setup.c abe0c66165b32a2f3dee830062f153c3c29738ce - arm-trusted-firmware.t234/plat/mediatek/mt8173/plat_sip_calls.c 5b0d461df0d4936d87d5a3b87846da17b5bffdcd - arm-trusted-firmware.t234/plat/mediatek/mt8173/power_tracer.c e90649554240f75d20e82bcaf1d5fc7f72308d84 - arm-trusted-firmware.t234/plat/mediatek/mt8173/plat_pm.c 95875d234df9d7f7a86bfda389367f298611eb38 - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/plat_macros.S 12c0bb5878f5671aeb4bc9ea733ddd80cdb960da - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/plat_sip_calls.h 755906af584459bc7964059a3022e624d4743b62 - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/mt8173_def.h 3d43facf8bc958241dcaddfa4cd6f9e61362c87e - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/plat_private.h 2bd6a37616bcda8ee48aa9917c65801ceeea804e - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/platform_def.h fb0128ee719cdbc40fa546319e2635e3e19f1e11 - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/power_tracer.h 89bb4015a4309bd60ed5dc2f32033dd0a4f603cc - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/scu.h 7848197b715dc7fd355b6bc2d2232123facb9994 - arm-trusted-firmware.t234/plat/mediatek/mt8173/include/mcucfg.h 3160163c493937b3bb0298d50d918627d0d0e4e4 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/wdt/wdt.h 27287e7e69b6a6be66a87cf9e294f25a682e92fe - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/wdt/wdt.c 0f16bd582feb0391ddd3b4685fab51a7e11667ca - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/crypt/crypt.c 4535129d635202f3bf1b447e411bd1c7eda5f7db - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/crypt/crypt.h d86950fce5e4e2f48f1efc48472289033367e47e - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/timer/mt_cpuxgpt.c bb6c45f6edb308171b205123bd682e3db84ec58f - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/timer/mt_cpuxgpt.h f6fe2ef42009b0fa69b3957d63488b6192072275 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_hotplug.h 0f38df7cc1b225ffb568e7df5c4981b0d29ee7ae - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm.h 4398c8e27acb0bc2b28771ed5c1a0689971fac4f - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_suspend.c c4ecb47d531dfa5f8a9ef5c41b0f213bad6e3639 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm.c d73f4f2080ec7098103c5209a4c302f80535dc77 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c 8ffb063b98ca22c66f9f96260216a31b1de20519 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_mcdi.h 9623b67d4f2dfac8dcc78ed711172fcb5f85511d - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_suspend.h b18c4af2e0471a0d5de267ac5c1e4a52b1c94ea6 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c b7e2ebfeb39fa655c846358a6439c708fba4b6d5 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/rtc/rtc.c 42adaa32fd22643561c090086db64c635fd6d686 - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/rtc/rtc.h 27cbf1f064da3e18b5cd7c0e83fb1c9da349e00e - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/pmic/pmic_wrap_init.h 9e687cd54be9aa08265355e1079ba5f6cd2a93cc - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/mtcmos/mtcmos.h 4af6a675f41b6d5566fcc13863c1507f5fe28f7f - arm-trusted-firmware.t234/plat/mediatek/mt8173/drivers/mtcmos/mtcmos.c fefea9a047dc27fa97fc660c62bc2a4b68539b35 - arm-trusted-firmware.t234/plat/mediatek/mt8173/aarch64/plat_helpers.S 314689d0bbe7b2567ccd667c6f70815679729e1f - arm-trusted-firmware.t234/plat/mediatek/mt8173/aarch64/platform_common.c f91fd8b34fe72458286faf74c6853c3759f551ca - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_gicv2.c c22153a5094d89a48bb7ad3aa427298e918f6256 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_config.c 2ee9b3c33e5198e2074a4ab3cf4f388accb9f4a0 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_bl31_setup.c f7023e35ce3d785f6526a581529a13b820ac6b5b - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_pm.h 1e6d755199daf91b68aab539b007a8222fafbd83 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_gicv2.h 15405b3c695314c07dde006b1fb626f1edf18f2d - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_topology.c 5b0c5ffb393a5da9054dd576afad36575dd1b380 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_setup.c 35f5759122b2027f352c31456f914f69d2ff2928 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_config.h bd340a0887f00f244776a6fca9e53d3107c848e5 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_setup.h c7afc3a62bb9058be8d8e3f3ba0eb03f78426288 - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_cpu_boot.c 09141648acee27892b5410e706b5da2a6f291c9a - arm-trusted-firmware.t234/plat/qti/msm8916/msm8916_pm.c b9c8ce40701305e60bcc5cf99828f377e0e68ed1 - arm-trusted-firmware.t234/plat/qti/msm8916/tsp/msm8916_tsp_setup.c 8150ca146a9314d5192e1e394975bb932029bd0b - arm-trusted-firmware.t234/plat/qti/msm8916/include/uartdm_console.h e1247a97415e84032dab91e8daa6df51645413ac - arm-trusted-firmware.t234/plat/qti/msm8916/include/plat_macros.S 408ad45b859240414cbc219d5387a2ccb3ab81a3 - arm-trusted-firmware.t234/plat/qti/msm8916/include/msm8916_mmap.h 21dc8cb45bc56c7daed7bc35236b81f40326ceb8 - arm-trusted-firmware.t234/plat/qti/msm8916/include/platform_def.h 5d0c83421111fdd41d5dd6f9db159fc5b118de41 - arm-trusted-firmware.t234/plat/qti/msm8916/sp_min/msm8916_sp_min_setup.c fa8791f9f7b5c3e14d11898f318e9bbf417a311d - arm-trusted-firmware.t234/plat/qti/msm8916/aarch64/msm8916_helpers.S 4742c655ad5ea2677cc78dd2937ec7ebf846e3fc - arm-trusted-firmware.t234/plat/qti/msm8916/aarch64/uartdm_console.S df54012d7d4371b4cc563d267d8f05f627cda469 - arm-trusted-firmware.t234/plat/qti/msm8916/aarch32/msm8916_helpers.S 9bebc66446aa697d2164984474ee38984d148977 - arm-trusted-firmware.t234/plat/qti/msm8916/aarch32/uartdm_console.S 7bc95caff2b0700d04cc28cec44bcae1965e8b73 - arm-trusted-firmware.t234/plat/qti/common/inc/qti_plat.h 1d172cb4df58b173035b99b5855545b25fd764be - arm-trusted-firmware.t234/plat/qti/common/inc/qti_uart_console.h f00660ee7d40d5826515fe5266e50d2172c12bc1 - arm-trusted-firmware.t234/plat/qti/common/inc/spmi_arb.h a492ca7a1a6a0dc9b988c09a6838be72f3a00cc3 - arm-trusted-firmware.t234/plat/qti/common/inc/qti_board_def.h 2c7d5721030a2353cd649ad2cf4da49242ed3195 - arm-trusted-firmware.t234/plat/qti/common/inc/qti_cpu.h af87d6c46e8e3304b92c90ed0111bb3066bac8e1 - arm-trusted-firmware.t234/plat/qti/common/inc/qti_interrupt_svc.h 0b01452153b97f032c89b81698730bd0211ee4cf - arm-trusted-firmware.t234/plat/qti/common/inc/qti_rng.h 5901fe33e7d63a4a03e1b95469b48c8299d178f6 - arm-trusted-firmware.t234/plat/qti/common/inc/aarch64/plat_macros.S bea1c249fdc7e365ba7e5d773a7e312de9345fb8 - arm-trusted-firmware.t234/plat/qti/common/src/spmi_arb.c f3b7fa7c62db7248cf8b50316244b8239596f267 - arm-trusted-firmware.t234/plat/qti/common/src/qti_rng.c ea7ed5df42ad1464983f8847a8a679e743b1fb48 - arm-trusted-firmware.t234/plat/qti/common/src/qti_bl31_setup.c 61f5c93cc87bcb54ee0cf5e202fe57f626bcab7f - arm-trusted-firmware.t234/plat/qti/common/src/qti_pm.c f12c8a79f6141094db1aac3d48ac6ea34800ff6d - arm-trusted-firmware.t234/plat/qti/common/src/qti_stack_protector.c 26a9cbddd8b9a236e5d0f3550807554e23563f18 - arm-trusted-firmware.t234/plat/qti/common/src/qti_gic_v3.c aeecda36338ac151632b50ce13795833a9f6ce3b - arm-trusted-firmware.t234/plat/qti/common/src/pm_ps_hold.c ac89500a8d77a91b9b24a426b3394744bf74efb5 - arm-trusted-firmware.t234/plat/qti/common/src/qti_topology.c 3fc5e394e0d8ea8b2367dec56d27e29444d67bfb - arm-trusted-firmware.t234/plat/qti/common/src/qti_common.c accf2747a7781193d7806b7d3d6b6de2a7c9d5e8 - arm-trusted-firmware.t234/plat/qti/common/src/qti_interrupt_svc.c 825f74a7f38dc32847afc499110e74db3937935f - arm-trusted-firmware.t234/plat/qti/common/src/qti_syscall.c c98ce7e3d61f077fa530f3039219fc2da8f4e384 - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_kryo4_gold.S 7547a5ef92ec4ac40eed5a73041ef25902042bf2 - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_uart_console.S 8fd993542eecb4ec1a863568adeafac03a278899 - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_kryo6_gold.S 38bc969178865cffb806402ef5ce2ef9aed19fb7 - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_kryo6_silver.S 6734aa2c66cff472a934ac7860617d215b342c1d - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_kryo4_silver.S e1c323c2517fcdcdc4c19a1be62b15dcf31174ae - arm-trusted-firmware.t234/plat/qti/common/src/aarch64/qti_helpers.S 5db76531814dda261416dc016b511d807c3a4ba5 - arm-trusted-firmware.t234/plat/qti/qtiseclib/inc/qtiseclib_defs.h a28527a439c34c2ff37a3bd1ace46fb9ddb4f357 - arm-trusted-firmware.t234/plat/qti/qtiseclib/inc/qtiseclib_cb_interface.h 186065ea9c6a4a2d16c200d4d07466514f5a1c29 - arm-trusted-firmware.t234/plat/qti/qtiseclib/inc/qtiseclib_interface.h 885aa0bbda57cb30366ac8f9ea09f3f8e7ad31da - arm-trusted-firmware.t234/plat/qti/qtiseclib/inc/sc7180/qtiseclib_defs_plat.h 3e4d34962a59227a5d8d494f35e80b77fdf8d61e - arm-trusted-firmware.t234/plat/qti/qtiseclib/inc/sc7280/qtiseclib_defs_plat.h 1a6c92af22149cf7ac8cccac367bfc9610d45ab3 - arm-trusted-firmware.t234/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c f47c639ba8a5b999f38760e4611b0ccb4cd9511d - arm-trusted-firmware.t234/plat/qti/qtiseclib/src/qtiseclib_cb_interface.c 25ffc66bfd8596789ed4e6ec3329a46ce29927d6 - arm-trusted-firmware.t234/plat/qti/sc7180/inc/qti_map_chipinfo.h ce8e6c97e3af86cafccb6b9ffe857b9c1ec62598 - arm-trusted-firmware.t234/plat/qti/sc7180/inc/qti_secure_io_cfg.h 576c57f662c322a2eac3565e848ea0179d7290a1 - arm-trusted-firmware.t234/plat/qti/sc7180/inc/qti_rng_io.h 19c93a98e1f08d21eaa65898889b3f74f7fca312 - arm-trusted-firmware.t234/plat/qti/sc7180/inc/platform_def.h 9e0b31305ede1a8540fd77a9083d96cc98db3f47 - arm-trusted-firmware.t234/plat/qti/sc7280/inc/qti_map_chipinfo.h d99874d76998c7025371fc6e19def1521bfacc2d - arm-trusted-firmware.t234/plat/qti/sc7280/inc/qti_secure_io_cfg.h 8b0399819af138f97f2f4270408c66b5d23b6052 - arm-trusted-firmware.t234/plat/qti/sc7280/inc/qti_rng_io.h db1632b3d9b656b70c43049ed9e7ff1859e2ca1d - arm-trusted-firmware.t234/plat/qti/sc7280/inc/platform_def.h ea086669ab75f559b2e65b291fea3af158c18bd2 - arm-trusted-firmware.t234/plat/renesas/common/bl2_plat_mem_params_desc.c ffd1e457886f1089d9c344f701ec17dc97f8f074 - arm-trusted-firmware.t234/plat/renesas/common/rcar_common.c a977937122b0a3096d2974c21e1d01713d54ef5b - arm-trusted-firmware.t234/plat/renesas/common/plat_topology.c 5f9406be82d4cf619e442556228de3e2d1283e39 - arm-trusted-firmware.t234/plat/renesas/common/plat_image_load.c d414d4d769295e5a493cf3e77c9c51626ee0e6fb - arm-trusted-firmware.t234/plat/renesas/common/bl2_interrupt_error.c 9e2b414041c35052396135ebdc28539af32c2593 - arm-trusted-firmware.t234/plat/renesas/common/bl31_plat_setup.c ae71ad3a55f0e9c013697f9775e6c12c0ff7bd74 - arm-trusted-firmware.t234/plat/renesas/common/bl2_cpg_init.c 12b42e58567a9ecd3d1d63318cb5ec7011a41573 - arm-trusted-firmware.t234/plat/renesas/common/plat_storage.c 39e6611e685cf71d02170a6793bf959a81ab7fa2 - arm-trusted-firmware.t234/plat/renesas/common/bl2_secure_setting.c 716e1c7c79baa403b9c5d0ef120f23d8cac8e802 - arm-trusted-firmware.t234/plat/renesas/common/plat_pm.c 72226e12e556432cb547181aa73e0d55c5c8777f - arm-trusted-firmware.t234/plat/renesas/common/include/plat_macros.S a5eccfada60ea0db321912c03f41d9321f3f2f6f - arm-trusted-firmware.t234/plat/renesas/common/include/rcar_version.h 2f021b7dce5115d413267052dd5b471ceff900cf - arm-trusted-firmware.t234/plat/renesas/common/include/rcar_private.h f4aa97332efbbc8e20e48e338443fd3b9c208830 - arm-trusted-firmware.t234/plat/renesas/common/include/plat.ld.S ef23f57caa49d57ae463690ade4589f65b3f438d - arm-trusted-firmware.t234/plat/renesas/common/include/rcar_def.h 916f1cfdad44cc6722d2f350cd1965a3b7a170ee - arm-trusted-firmware.t234/plat/renesas/common/include/platform_def.h f08550fcefd7ac0a14a3445b570020594efd6cdc - arm-trusted-firmware.t234/plat/renesas/common/include/registers/cpg_registers.h 64ef91e2bf3528ac94c8eb79c5c3f80113257721 - arm-trusted-firmware.t234/plat/renesas/common/include/registers/lifec_registers.h f773e9cbe28c8c27bd7013b66cd612cd63f790fc - arm-trusted-firmware.t234/plat/renesas/common/include/registers/axi_registers.h 5d2493051124d6190ac07f78aefa3ba8609c0700 - arm-trusted-firmware.t234/plat/renesas/common/aarch64/plat_helpers.S c6761280ab7f2f46bba8fc9b3743bb43bac2e264 - arm-trusted-firmware.t234/plat/renesas/common/aarch64/platform_common.c d9c373f0351531965e8097178bbc13ede3af7485 - arm-trusted-firmware.t234/plat/renesas/rzg/bl2_plat_setup.c b11fa23b19a538f86999ccfa224a0a3936b4a4d8 - arm-trusted-firmware.t234/plat/renesas/rcar/bl2_plat_setup.c f1a1db89fac89eb6923ac537ab49743f07609b6e - arm-trusted-firmware.t234/plat/renesas/rcar/rcar_stack_protector.c 2d8d10b04b9981888a2700bcc16872d0386d64a5 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/soc.c 415b9308ad6c8f358a34c979b2e81644d9af15b7 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/soc.def bfdacfdea0aa10e1ece5ae2925625ce34328672a - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/include/ns_access.h 9ed3d544ff5ab2cfa0ea13d1fb3b59534eb90e14 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/include/soc.h 8cc150d9e1c9199572b24d0af559c82e4db71320 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/aarch64/ls1046a.S 782b9250544df572539dddc2ebf6925789a6d569 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046afrwy/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046afrwy/platform_def.h 945ec23ee2ba0c79a5e6140d043290e9afde9b2c - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046afrwy/ddr_init.c dc407d2ead98e6d20e59ac0b6c5e75116a82ddd3 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046afrwy/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046afrwy/policy.h 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046ardb/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046ardb/platform_def.h 2ea7db20f6633e1dbecd9a70ed4cac89d97c2a76 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046ardb/ddr_init.c 686ad098c68cbf424bb3e89e451ab64b8183a91c - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046ardb/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046ardb/policy.h 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046aqds/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046aqds/platform_def.h dc2f8422b34c58988a9114726e339491a2ed999a - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046aqds/ddr_init.c 39ce8f1f0afc76a2d1a98e86df076ef84d185da3 - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046aqds/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware.t234/plat/nxp/soc-ls1046a/ls1046aqds/policy.h 4ae3f678538de7fa9ef98fc1ad498fb248dd42c8 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/soc.c 059b1c4ea6e6b540b7b01bdeb7153b4dfcacdb1b - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/soc.def 859878633110369cd34a10f6683227f6b49d0006 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/ls1043ardb/platform.c 802c1d23237eb5cc83388950a75fa13d076b0dbf - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/ls1043ardb/platform_def.h f9f0fbba1b0d27332355fe6c4e06137ca772597b - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/ls1043ardb/ddr_init.c 60033abedd63947cfda10bf00d77951046e244c2 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/ls1043ardb/plat_def.h 2e5c9db35f0a8446aa2a2a08f75f1488255df745 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/ls1043ardb/policy.h 69427e6f64ce96dfa6842364a758359b8fa821c6 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/include/ns_access.h 9b815992ca7df805a51a7cdece2e7c074a0958fb - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/include/soc.h b132e33ac02b41bfdd0b2ba27b1e5432e0f7ef08 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/aarch64/ls1043a_helpers.S 18db50ef3d11821179318d84b45c532d3b107226 - arm-trusted-firmware.t234/plat/nxp/soc-ls1043a/aarch64/ls1043a.S 7101b940d392636f546086caa2626d9a940d9eac - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/soc.c 445f9a3d272075394e98530e1c7fb05c242f8ac0 - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/soc.def d78024dda44030bb2c60a6c6f0f31b0cdf79c510 - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/include/soc.h 859878633110369cd34a10f6683227f6b49d0006 - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/ls1028ardb/platform.c daffee032773c1420ec3c8da52a5bc9db4610aaa - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/ls1028ardb/platform_def.h 3268f346c7eb1578007b13a160c4c3d08efe2c0b - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/ls1028ardb/ddr_init.c 264c5f8c566b8945850048aceba967dd8fd1e72b - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/ls1028ardb/plat_def.h b435bed7113e72930be88bfe8f61e7da61994418 - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/ls1028ardb/policy.h 033fd89d203e44c446aba6134e51e46a7d9cf324 - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/aarch64/ls1028a_helpers.S e436d0bfcc7b7c83db0242b6ffefad0a2985a81e - arm-trusted-firmware.t234/plat/nxp/soc-ls1028a/aarch64/ls1028a.S 6edca4ab32d5c19db4706b176997f9bc4f085702 - arm-trusted-firmware.t234/plat/nxp/common/img_loadr/load_img.h 29f392d59518df56b682fde92d9adb7b7e97112c - arm-trusted-firmware.t234/plat/nxp/common/img_loadr/load_img.c e41af019a383e1c29f6cfe79b98e6812ee9e71e8 - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/fuse_fip/fuse_io_storage.c 0f0ae89b60dfac27f5f00ac6c76a3c1fbbf30e8c - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/fuse_fip/fuse_io.h 5898658243b0a5f981f4c051061be8d7f7ff3a7f - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/common/plat_def_fip_uuid.h fc286a6d896799156121d56095076ee1765cdd18 - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/common/plat_tbbr_img_def.h 9670a30b894318a795c85e5ee63edbe979b023b6 - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/common/platform_oid.h 97667263a954ff77c695a93ec98b767bccf035cd - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/ddr_fip/ddr_io_storage.c 96bd522ef14fb5ff8a4247a028501ef7c4367f3a - arm-trusted-firmware.t234/plat/nxp/common/fip_handler/ddr_fip/ddr_io_storage.h 9c72b3ecd5d5982e63db876f7dfefb7cbac10bea - arm-trusted-firmware.t234/plat/nxp/common/sip_svc/sip_svc.c 27f86d14fd5ce72d0aaa417b4c893049acc97e1c - arm-trusted-firmware.t234/plat/nxp/common/sip_svc/include/sipsvc.h be62a5510efe4bb10130935015fc6c12d3b02ed4 - arm-trusted-firmware.t234/plat/nxp/common/sip_svc/aarch64/sipsvc.S dcfd794664af1da07e241e7f44705b02a86955bb - arm-trusted-firmware.t234/plat/nxp/common/include/default/plat_default_def.h 2941f6674d8de1d2b22c22b91db3b63996c45d80 - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_2/soc_default_base_addr.h 764ceec06291ed492b81348c85ad37e77f32eb3a - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h 3b4e4e380dbab1bf4ad037c20f705b6e42b5d992 - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_3/soc_default_base_addr.h 9fecb13f267ce5c792719b3969ef19e96064d75a - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_3/soc_default_helper_macros.h 1c0daba5be7bb7055a56df067ffc86d62af94382 - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_3_2/soc_default_base_addr.h 962eb919fbdac8edf23f3cca5303772adc4690b0 - arm-trusted-firmware.t234/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h f71b1c56189f5904469d9e69c7b5206a4bd12454 - arm-trusted-firmware.t234/plat/nxp/common/warm_reset/plat_warm_reset.c 48b1c6e031a18037fbc338e8d3f6d0efbe6c0eca - arm-trusted-firmware.t234/plat/nxp/common/warm_reset/plat_warm_rst.h 08360ed6a8b3d051a5cad1cb6e001cf1600b7ac8 - arm-trusted-firmware.t234/plat/nxp/common/ocram/ocram.h 5e45989256d4cb803eb129882666969d3d952ac6 - arm-trusted-firmware.t234/plat/nxp/common/ocram/aarch64/ocram.S fdb986fc3069c5b8c185c58c199bc5e56a6d1655 - arm-trusted-firmware.t234/plat/nxp/common/aarch64/bl31_data.S 2c5220969ad934f5e3904f8b72774332826fb89d - arm-trusted-firmware.t234/plat/nxp/common/aarch64/ls_helpers.S 5f62419793539e6fbda55df6e2b3fa9e0b21b776 - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata.h 2e0e20e6baddb412ce97b52be66cd32d6f8f367f - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata_a010539.c f925bc09cf5f24b92110d8e7eb81b6948bc855b7 - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata.c 254c94ec21e9680a13a88c1c24d884bfb8b9479c - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata_a008850.c 492965693fd60a384d16d12de2ecd89c7f522702 - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata_list.h 0b417a1d9881a05757a25db89aa6739867cc6cff - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata_a009660.c c693c689d519e4697e033a4df6e7da75ecaca5b7 - arm-trusted-firmware.t234/plat/nxp/common/soc_errata/errata_a050426.c 98e57da5931c557522da93cce9fe3bfb911d2cb0 - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_err.c 7159132c839b1d3568d7b7b03da30f6d03e5336e - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_interrupt_mgmt.c 943a5899104297ce514e06e731e5dd9819bb7381 - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_bl31_setup.c e0dfec4c8847e15aeb7a774844188ab382bdd027 - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_stack_protector.c de50adad02cc0f2c2f34b32e9f3ba2aafe28571c - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_common.c 6694d9cc9520a800f00a344d9cc1c534b6e88d91 - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_bl2_el3_setup.c d736c2075e7e15a400e61a1db310a4d1b43bffd2 - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_image_load.c 475644583f7d46ef814913dcdcfddfa706f9f9bb - arm-trusted-firmware.t234/plat/nxp/common/setup/ls_io_storage.c 9e4c6090807eed8550b5e6acaf048f870d04011b - arm-trusted-firmware.t234/plat/nxp/common/setup/include/bl31_data.h c8d60b0a7cea607dac9dc88673f41a4be9285d2e - arm-trusted-firmware.t234/plat/nxp/common/setup/include/plat_macros.S 4f9b26944e2ce37da586a62bdec3d03549edca60 - arm-trusted-firmware.t234/plat/nxp/common/setup/include/mmu_def.h 7deb5f8e4cedbb8f2f2faed66426dac4607d7f04 - arm-trusted-firmware.t234/plat/nxp/common/setup/include/ls_interrupt_mgmt.h 52c5991d0ead354cd375910f00aefc81953d5681 - arm-trusted-firmware.t234/plat/nxp/common/setup/include/plat_common.h 8094976b2b7aa5bbc113bbc852215f8e0513c202 - arm-trusted-firmware.t234/plat/nxp/common/setup/aarch64/ls_bl2_mem_params_desc.c 99de11a8e1d6aa0d67bff400dc27222a3f67bda3 - arm-trusted-firmware.t234/plat/nxp/common/tbbr/x509_tbbr.c 9b61ef7f7b42a7a2448ff56ef3a4dde77d0a3c6a - arm-trusted-firmware.t234/plat/nxp/common/tbbr/csf_tbbr.c 003b4e0c6ab04fb9bd51037a2c976e8e9a1e90dc - arm-trusted-firmware.t234/plat/nxp/common/tbbr/nxp_rotpk.S 430480949fc70686014799ff489475a1280cf188 - arm-trusted-firmware.t234/plat/nxp/common/nv_storage/plat_nv_storage.c 3a09baff31a554c63552bd51f6adea91aa05d3c1 - arm-trusted-firmware.t234/plat/nxp/common/nv_storage/plat_nv_storage.h 59d386289925e710b36aa567861c336198baf649 - arm-trusted-firmware.t234/plat/nxp/common/psci/plat_psci.c 187a0bff6625818b129b5ab42039158f8126ddb3 - arm-trusted-firmware.t234/plat/nxp/common/psci/include/plat_psci.h 11b25502ea937dd88b3986d358aad3eff9f39c71 - arm-trusted-firmware.t234/plat/nxp/common/psci/aarch64/psci_utils.S 26382eb9bdb0e3ee9280a191f107aa1549a08587 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/soc.c c7d2d10588ae01cc411fa68c1f85c4ca4d309d25 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/soc.def b52ff38c67c39f3dc4731b38d094152cb31b4ccd - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160aqds/platform.c c515220a4c8200d4212a8d951e49a9022e7bef2f - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160aqds/platform_def.h d07e54f7cdb54922dac5c758dd79b5adb4d9e93f - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160aqds/ddr_init.c 2881529cc073176412af0c380690bab77add20c5 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160aqds/plat_def.h 353f72fa699efe7dc63602a04a220dd43adb85ba - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160aqds/policy.h d190cddf2210ad3d78be9924417d55be3ba19ead - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/include/soc.h 63c93614b627d3a013d8176aa4248010115eecf0 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/aarch64/lx2160a_warm_rst.S ed1f52b1a3d4ce48135556f32d8667c7367494d8 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/aarch64/lx2160a_helpers.S 3e9660b08500144943aee803a37816f45307d66b - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/aarch64/lx2160a.S b52ff38c67c39f3dc4731b38d094152cb31b4ccd - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160ardb/platform.c 0fe0002fb83ef9fcbbed68caa9cea3b775bfc529 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160ardb/platform_def.h 764850c7f4814c83fc8b48d4a353c5ae2836edf6 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160ardb/ddr_init.c f53ad9b2677286b07fdbc25c8c257e4891f15607 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160ardb/plat_def.h e7b379eaa610c82050a0e57c194b10a794f23d91 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2160ardb/policy.h 85eb1ecc310643c5e3edb3761897745f5f4eaa6a - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2162aqds/platform.c c515220a4c8200d4212a8d951e49a9022e7bef2f - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2162aqds/platform_def.h e8ecd59dc257f4918515a132b0c4787bc1890021 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2162aqds/ddr_init.c 6701efe4878d9b4a7d1035d7d747426951d04e8b - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2162aqds/plat_def.h ab191a3fce41d791a52ed732c81fa4c127537b13 - arm-trusted-firmware.t234/plat/nxp/soc-lx2160a/lx2162aqds/policy.h 3e8badee59dae5a5cb50149143c7dda7f98736ee - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/s32cc_ncore.c f6d85e92bcf0d149a805d3bac5295351eb10b462 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_bl2_el3_setup.c fa1ca4308efaa4ea4834c4255d1232e6db209978 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_io_storage.c db39f4f9ba3e32a557cfac75876f11ef1b9c7bcd - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/s32g2_psci.c 006d08ed17cd3bcfda367f1ef25c3d7105bdb009 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_bl31_setup.c a16ba1ec284d8ee3faa797dda383f7151e490f6b - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_bl2_image_desc.c ae7a8ae36c2d55a614c922afbbbce658617589ee - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_helpers.S d7babb68656fba6a68c55db28617a9d237af8f0b - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/plat_console.c 730776d77a975257e0570c5cd1900e5a19d22a5c - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/s32g2_soc.c 567414cb2c0845b9b09c0c671e3f9c0506355a3e - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/plat_macros.S e6c219f0512c0886e0a3006c3894949360b75758 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/plat_console.h d82dbfd4e1d8673e88d5f5c987f6e564a9e4f1af - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/plat_helpers.h 75bfe39b28cd0e4d97458dd5aac48d8b06997364 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/s32cc-ncore.h a1948a4c46fdab92a5531f9aeccfa3822b1dad49 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/plat_io_storage.h 6bdfbea930081f082751b11bb4bc7081d7d664e9 - arm-trusted-firmware.t234/plat/nxp/s32/s32g274ardb2/include/platform_def.h 8097dc98d221517d51549e66beac9f679823f499 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/soc.c 23f5eac9a8d36a1f2a3fc833045fcd99d915f99a - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/soc.def 08f03d57de11ed7d8871eb19cd3cd0bbdd4440cb - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/include/soc.h 764c8c04a6189e6992612672f9e41abde5000248 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/aarch64/ls1088a_helpers.S 492d3f0900343c093e718ba1816eb94bfc3931e9 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/aarch64/ls1088a.S 344959df5ba88c1bf9ce847e6735395045c1253c - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088aqds/platform.c 11e2d32b094714041c63cf972054b12b7c0db04e - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088aqds/platform_def.h 973eaeebcb5b1411a2dc0a2febdad7eb6401ec39 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088aqds/ddr_init.c 3328578a5401038f068eded4991d6a403c5276b7 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088aqds/plat_def.h a7f75b9047c373fb59a317bd6d2995d70aa0aefa - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088aqds/policy.h 344959df5ba88c1bf9ce847e6735395045c1253c - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088ardb/platform.c 11e2d32b094714041c63cf972054b12b7c0db04e - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088ardb/platform_def.h 8d86c4d246cf2dcce9fe3738a6ab3f71bce12e7a - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088ardb/ddr_init.c 9c8add03dd402a33b546ebe338030483a6e30892 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088ardb/plat_def.h 992637daa6e8a443c6f0a176079ce731d593f699 - arm-trusted-firmware.t234/plat/nxp/soc-ls1088a/ls1088ardb/policy.h f11ea575602c3158b7e1ad94825bcf248e8a1471 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/bl31_plat_setup.c 7cc610e1329bf4afdddb94016e95eed761e85959 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/bl2_plat_setup.c fbf4ab727479f904a0ae30ca600e339277fc9c11 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/s10_pinmux.h 6569c6244a923e1aa7f5ce62d1edef532b9c61e2 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/s10_mmc.h 7035e0f4f70dc24b534fc39700b70029c3a86812 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/s10_memory_controller.h ca947b5538ae76cc1a814e740f5905b3789ee34b - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/s10_system_manager.h 114049d9edb59211951ae880f467bed5bcbb8fc5 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/socfpga_plat_def.h af8aff60807cfc847da0f7878aefb90994f0055c - arm-trusted-firmware.t234/plat/intel/soc/stratix10/include/s10_clock_manager.h 70667783807950b851233233349f9cadef62b70d - arm-trusted-firmware.t234/plat/intel/soc/stratix10/soc/s10_memory_controller.c 87dc55fea317913960f41df594ea406bd410da89 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/soc/s10_mmc.c 6c9817bb2f2365b7bb2fd5b14b310e52045f07f6 - arm-trusted-firmware.t234/plat/intel/soc/stratix10/soc/s10_clock_manager.c 5a527e1803e29b659091fe8cf586adaf527a55dd - arm-trusted-firmware.t234/plat/intel/soc/stratix10/soc/s10_pinmux.c 3df9802ffd265380240877d4ce06de1630e2de2e - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_ros.c db54c71e5c5b4a799c3b868c4a80763f00ca5295 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_sip_svc.c 973a09df926875ff67b7c0bec14ee9cdfa7984d5 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_delay_timer.c 563bdce3ee933ab1225d21e6fb8be8121898d577 - arm-trusted-firmware.t234/plat/intel/soc/common/bl2_plat_mem_params_desc.c dfa9aa4e33265186439b9ea30a3b3e1ad98e387f - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_topology.c 20d809e21ceb51045c8836ce01ffa1a5c434ebc9 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_psci.c 30a437ff9d0fd01b34a6c8b72591cb510c27e573 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_vab.c 981ec388cd8c2458946f252c4ad0c07c89758826 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_sip_svc_v2.c 956fc4a32c77b211933cac71db126d488f2506cd - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_image_load.c 5f2040bf0759223af0dbe1a1f2f283376da5de03 - arm-trusted-firmware.t234/plat/intel/soc/common/socfpga_storage.c 7dbe14e25d72598cb29998d493458462df2d55a1 - arm-trusted-firmware.t234/plat/intel/soc/common/lib/sha/sha.h 01b6d21ebe8e8600a2dbcaacae0a2a691e988c92 - arm-trusted-firmware.t234/plat/intel/soc/common/lib/sha/sha.c 3eb20b0d72778ce95cdd02e0732ff2485fdcbe49 - arm-trusted-firmware.t234/plat/intel/soc/common/include/plat_macros.S 5bd9b72b3c06fa06725d2a463b81c9d7f63e740c - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_private.h 4b7fe47ec547fc958e31edb45915a4e011ab05d7 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_f2sdram_manager.h 86c8ca066d0e068ec8a41c7d92a4d873a81f50e8 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_sip_svc.h e2b7d0b701a71ac73d09450369aafd5ece09c482 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_vab.h a5b7e88d4a7fc28f91fb442bc05e3419e8161565 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_handoff.h ffac73fe826ff46223b2ddaebd9e7206528dfe33 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_emac.h 0f44530d5af64818a5a9294e49eb09bad64aaea5 - arm-trusted-firmware.t234/plat/intel/soc/common/include/platform_def.h 1c8fe883e8ed9872ba750a8698f93f25c5c79bc1 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_system_manager.h a932a6814a2bf33cf8a5c7d9022f9d01e9b8d495 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_ros.h 01153c80103e1b549ee0560ad2e96184b6009713 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_noc.h 0cd9ab1c1424ce3e8dbbfbdf0e841ed457cf1eb6 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_fcs.h a6b47226ccc9e0056e74f981965bb7e2f36a10b6 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_mailbox.h 3fce61eb50d1ee098c1f21efb4ca3c187428e7e6 - arm-trusted-firmware.t234/plat/intel/soc/common/include/socfpga_reset_manager.h a5f576f9aacb4862d6a823d819ba0a7a8d337daf - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/sdmmc/sdmmc.h 475a568dba4bb0acc4223b46582448b78365f15a - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/sdmmc/sdmmc.c 7b0c57e6a056d46fd3ac15c2bc7d6c26cc3170c1 - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/nand/nand.h 0a71e9f017db1a7a7e6a09fec5b3f1338828fa3d - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/nand/nand.c c72a5bba918c6067f6a77a639c42bc477c71de2c - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/wdt/watchdog.c c7d9fa36aa504a4a1ad50be887c5881f98e5e8bb - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/wdt/watchdog.h 5e1e94bbc29e446ca949f263783f030b540217bd - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/ddr/ddr.c 900417b29e6634b77ac22b49ceccb169c9b34154 - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/ddr/ddr.h 12037ac9ed090a8e147bc1ca0b2e67d64e17a7fe - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/combophy/combophy.c 3c0a4ae089fd04e2b77025a291c417f7eec6e6bf - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/combophy/combophy.h 0a1a3ddc5f1b9abf82cb7c9d38754577085b29ec - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/ccu/ncore_ccu.h 55eb31ef102f9298bc371c745bd67a5cca4a5f34 - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/ccu/ncore_ccu.c 8a9ab96fbcd52e07cc5d4382ff896d6114fedfd1 - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/qspi/cadence_qspi.h ddb49e10a46fc48891eae4abca038bface1f78bc - arm-trusted-firmware.t234/plat/intel/soc/common/drivers/qspi/cadence_qspi.c 335d48e3f1cde5a2fc45b25d453a6368dc32e1af - arm-trusted-firmware.t234/plat/intel/soc/common/aarch64/plat_helpers.S e9dd975c867215a861b35212589f5fe912fd4a36 - arm-trusted-firmware.t234/plat/intel/soc/common/aarch64/platform_common.c a6e316f17f63927cb8bc0c119e50748cfa18252a - arm-trusted-firmware.t234/plat/intel/soc/common/sip/socfpga_sip_ecc.c 374cff6db44aa21376efd07ce958831d615674c2 - arm-trusted-firmware.t234/plat/intel/soc/common/sip/socfpga_sip_fcs.c 7438041f780308ac9acf3c71f59252a986d95db5 - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_emac.c 857132d16b337c4c69791ae45351bf2bb65b91f4 - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_firewall.c 70683b56e2eeed75f8d9470eca64d84943e6b6b7 - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_mailbox.c f855b6c6c7c34d8af5381af95e3e5f125fc3933d - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_system_manager.c 3e73a72f8cb99395ecb0da6db503d4ace312d10f - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_handoff.c c25bc7d107e87668eedab2b2925dfc0be1e90595 - arm-trusted-firmware.t234/plat/intel/soc/common/soc/socfpga_reset_manager.c 4e57f9c1dde8fc2aeaea547259aea91ffd0c9bfd - arm-trusted-firmware.t234/plat/intel/soc/agilex/bl31_plat_setup.c 5dade996ad4d95b1f46ab0fd483f2b9b5a346896 - arm-trusted-firmware.t234/plat/intel/soc/agilex/bl2_plat_setup.c 034cbd5a8227129496d3ced4d8becc198e256286 - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/agilex_pinmux.h 83fe4eed377f80c76b5df87abe64e93c95c22eb7 - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/agilex_clock_manager.h 26eca0157aa0306f7a9ff80971373375fbcddaf9 - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/agilex_memory_controller.h feca9cd552d94f4e89ac38dda7a3eb8980c9e6b9 - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/socfpga_plat_def.h 1fcf1ba011fbe8ea0991323bbdd55e4ed27343aa - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/agilex_system_manager.h 2cbef8a830bfec6a533910d7a00ca01de32629c3 - arm-trusted-firmware.t234/plat/intel/soc/agilex/include/agilex_mmc.h 243a4ec07a4a01f52536d42fba5b684447b24e9a - arm-trusted-firmware.t234/plat/intel/soc/agilex/soc/agilex_clock_manager.c 0701baf6d3a2c6d67485a189fa41e9c33fd20ca4 - arm-trusted-firmware.t234/plat/intel/soc/agilex/soc/agilex_memory_controller.c 3c317104013baa1af66596ba8f1eef175f48843d - arm-trusted-firmware.t234/plat/intel/soc/agilex/soc/agilex_mmc.c f51c43031ec09003bb1eff431e97520ea753b6a8 - arm-trusted-firmware.t234/plat/intel/soc/agilex/soc/agilex_pinmux.c 4c2a6c526ac5b16c2ad4d7aa3617c1df0313b0c3 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/bl31_plat_setup.c d4133e0c37700d93597babb953db5f419f4fc9e2 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/bl2_plat_setup.c cf67d438bb10a1693672d3491e54a0db01e4c6b6 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_clock_manager.h 004e1579c391eb0cceae48db7e211cbe84347fa4 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_ddr.h 456a36f614bdbef0623b2c77ac642cb70f564cda - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_mmc.h 484b1dedc770b4d64cbdf78e48486f95d6cbdd02 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_system_manager.h d6446c0e593b2cbf90b1b5d41c01020054ec52b7 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_memory_controller.h 12b311e58762934be36c9e3ea49b5b617ef4a0f7 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/socfpga_plat_def.h 7855866163c2ac45d6eb3e082195742fe91f0323 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_pinmux.h 9791fc238afa745d4abdd7963d63e8623f99113f - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_cache.h 65580d5fb7e0e1adc42e7be52cecf26035d81097 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_iossm_mailbox.h 96f31179bfe61ce5627223ec39c26f4e6ae26e53 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/include/agilex5_power_manager.h f8b0ae90b97333f0be783301d4caa49f03c801bc - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_memory_controller.c 3c6636db11dfab62238b895efda7748d02171f57 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_cache.S 230e1c905651121fab070148430f6ebf5400ab09 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_clock_manager.c 8a6b32556664cc7ae89990d8d967b9213f9428dc - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_pinmux.c 8baee4b19ce961c4b814eab5ba26dc7b07e769cc - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_power_manager.c 8a8f15f8a014fbb38f994dfcf21eb1e116900cf3 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_ddr.c 3934c4c848a1f6a3c32ba9c994528b10976b59f0 - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_iossm_mailbox.c 267a60e4710ff9f273e1888b27a10a1f2e2b674f - arm-trusted-firmware.t234/plat/intel/soc/agilex5/soc/agilex5_mmc.c e8756e13cdf5a3803ec111ad4f36ff3557db2f30 - arm-trusted-firmware.t234/plat/intel/soc/n5x/bl31_plat_setup.c 97262dde07774e3f21b3e6cd615135910a58ceea - arm-trusted-firmware.t234/plat/intel/soc/n5x/include/n5x_clock_manager.h 5435181a710810ef4a0623cb7c964afde19142c8 - arm-trusted-firmware.t234/plat/intel/soc/n5x/include/n5x_system_manager.h c5c3fc5999d99ae049decf695f9dc2b909f25d5a - arm-trusted-firmware.t234/plat/intel/soc/n5x/include/socfpga_plat_def.h e25e694933ab64edbafcb8b99016edd48936849c - arm-trusted-firmware.t234/plat/intel/soc/n5x/soc/n5x_clock_manager.c 01a6a64f373bfeca1de0508f1ade0462d91c5d23 - arm-trusted-firmware.t234/bl2u/bl2u.ld.S e5c00987d945936ea61d9f9abb6c38594917a392 - arm-trusted-firmware.t234/bl2u/bl2u_main.c 1df1aad13ba7e2ed5cb1ae4a6200d169a1715578 - arm-trusted-firmware.t234/bl2u/aarch64/bl2u_entrypoint.S 0227b9aa908915e602a5839d4229f7832e99c76b - arm-trusted-firmware.t234/bl2u/aarch32/bl2u_entrypoint.S 20113f49289a58e42b03525ea9427f94e093f58f - arm-trusted-firmware.t234/bl1/bl1_private.h b253e87c4f7dd2623d20cc9694f4948cefd07acb - arm-trusted-firmware.t234/bl1/bl1_fwu.c 83d6724ffc1d3168d8c1da86beffde1d5b3e7922 - arm-trusted-firmware.t234/bl1/bl1_main.c a3088cb3308f26badbe3d24017750f37b76470f5 - arm-trusted-firmware.t234/bl1/bl1.ld.S 587ecb158bf5940ddc7f95250a8802df39806ef0 - arm-trusted-firmware.t234/bl1/aarch64/bl1_context_mgmt.c 5c5e2355ca375fa98ae30f56bcf2f57ea7056c71 - arm-trusted-firmware.t234/bl1/aarch64/bl1_entrypoint.S 02f9462536385b5f81c2c9a40b7d4472fa041529 - arm-trusted-firmware.t234/bl1/aarch64/bl1_exceptions.S 284a0afe619de982f2bd1d4b1c625831ef7b3b5e - arm-trusted-firmware.t234/bl1/aarch64/bl1_arch_setup.c 095ac3b2483b968f263618a4bd6cdd8d6f66d321 - arm-trusted-firmware.t234/bl1/aarch32/bl1_context_mgmt.c caf76eacd5e8708391bbf7db7315acad4b89c7fd - arm-trusted-firmware.t234/bl1/aarch32/bl1_entrypoint.S bea69e37646041aff3c96bf107e1db48f382a1b4 - arm-trusted-firmware.t234/bl1/aarch32/bl1_exceptions.S 8d6e2008e280f848fb14017ba5ba559a10724421 - arm-trusted-firmware.t234/bl1/aarch32/bl1_arch_setup.c 85b2afc44851dc57e79c264641730d0e2eca3016 - arm-trusted-firmware.t234/bl1/tbbr/tbbr_img_desc.c 2c87153926f8a458cffc9a435e15571ba721c2fa - arm-trusted-firmware.t234/licenses/LICENSE.MIT 4b776badf454a3bcf0cc1524d1b63fd9871f6c8c - arm-trusted-firmware.t234/bl2/bl2_el3.ld.S 88bbfcb3f9b827bdab7f16cdfe892b2aa1470576 - arm-trusted-firmware.t234/bl2/bl2_image_load_v2.c 991c05cee7a30247e2edcade94405aef95480121 - arm-trusted-firmware.t234/bl2/bl2_private.h 99df04b45b026a439c20349ab80458e960dfc23c - arm-trusted-firmware.t234/bl2/bl2.ld.S f9af212975b69e0fe4006e2c0d6ec7d1519c473a - arm-trusted-firmware.t234/bl2/bl2_main.c 62ef4221f56feaf0907dbe17cad47a9bab86bf03 - arm-trusted-firmware.t234/bl2/aarch64/bl2_el3_exceptions.S 777576955f2ae3959035c33791a33835fe6578f4 - arm-trusted-firmware.t234/bl2/aarch64/bl2_rme_entrypoint.S a34048b4cc67bca14b7594e2c1a53b4c0376d779 - arm-trusted-firmware.t234/bl2/aarch64/bl2_el3_entrypoint.S c426fa02b617581d2495667828e9430110cf713a - arm-trusted-firmware.t234/bl2/aarch64/bl2_entrypoint.S 247751d71fb2863f439cc217ac18c219dbf15453 - arm-trusted-firmware.t234/bl2/aarch64/bl2_run_next_image.S 776c1699268eee43ba9230cb7e785e298e56a233 - arm-trusted-firmware.t234/bl2/aarch64/bl2_arch_setup.c 44692bdbcbccddc6c4fc022d5028cacb8842376a - arm-trusted-firmware.t234/bl2/aarch32/bl2_el3_exceptions.S aac463ba1d35408d94f960ade6d2db95d68455ab - arm-trusted-firmware.t234/bl2/aarch32/bl2_el3_entrypoint.S 1f72bb253974087b2a555dc3a89651f7ad462387 - arm-trusted-firmware.t234/bl2/aarch32/bl2_entrypoint.S f64693060b1ef904b4abfc04b8480a0f458494c5 - arm-trusted-firmware.t234/bl2/aarch32/bl2_run_next_image.S 2534665e628b7612c3896fed4e659f3351601296 - arm-trusted-firmware.t234/bl2/aarch32/bl2_arch_setup.c Change-Id: I806f8c263557ca545fbd1f91da80741a3e098cbd
This commit is contained in:
svcmobrel-release
28
arm-trusted-firmware.t234/docs/Makefile
Normal file
28
arm-trusted-firmware.t234/docs/Makefile
Normal file
@@ -0,0 +1,28 @@
|
||||
#
|
||||
# Copyright (c) 2019-2024, Arm Limited. All rights reserved.
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Minimal makefile for Sphinx documentation
|
||||
#
|
||||
|
||||
include ../make_helpers/common.mk
|
||||
|
||||
# You can set these variables from the command line.
|
||||
SPHINXOPTS = -W
|
||||
SPHINXBUILD = sphinx-build
|
||||
SPHINXPROJ = TrustedFirmware-A
|
||||
SOURCEDIR = .
|
||||
BUILDDIR = build
|
||||
|
||||
# Put it first so that "make" without argument is like "make help".
|
||||
help:
|
||||
$(q)$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
|
||||
|
||||
.PHONY: help Makefile
|
||||
|
||||
# Catch-all target: route all unknown targets to Sphinx using the new
|
||||
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
|
||||
.DEFAULT: Makefile
|
||||
$(if $(host-poetry),$(q)poetry -q install --with=docs)
|
||||
$(q)$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
|
||||
15
arm-trusted-firmware.t234/docs/_static/css/custom.css
vendored
Normal file
15
arm-trusted-firmware.t234/docs/_static/css/custom.css
vendored
Normal file
@@ -0,0 +1,15 @@
|
||||
/*
|
||||
* Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*
|
||||
* Set the white-space property of tables to normal.
|
||||
* With this setting sequences of whitespace inside
|
||||
* a table will collapse into a single whitespace,
|
||||
* and text will wrap when necessary.
|
||||
*/
|
||||
.wy-table-responsive table td {
|
||||
white-space: normal;
|
||||
}
|
||||
22
arm-trusted-firmware.t234/docs/about/acknowledgements.rst
Normal file
22
arm-trusted-firmware.t234/docs/about/acknowledgements.rst
Normal file
@@ -0,0 +1,22 @@
|
||||
Contributor Acknowledgements
|
||||
============================
|
||||
|
||||
.. note::
|
||||
This file is only relevant for legacy contributions, to acknowledge the
|
||||
specific contributors referred to in "Arm Limited and Contributors" copyright
|
||||
notices. As contributors are now encouraged to put their name or company name
|
||||
directly into the copyright notices, this file is not relevant for new
|
||||
contributions. See the :ref:`License` document for the correct template to
|
||||
use for new contributions.
|
||||
|
||||
- Linaro Limited
|
||||
- Marvell International Ltd.
|
||||
- NVIDIA Corporation
|
||||
- NXP Semiconductors
|
||||
- Socionext Inc.
|
||||
- STMicroelectronics
|
||||
- Xilinx, Inc.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
55
arm-trusted-firmware.t234/docs/about/contact.rst
Normal file
55
arm-trusted-firmware.t234/docs/about/contact.rst
Normal file
@@ -0,0 +1,55 @@
|
||||
Support & Contact
|
||||
-----------------
|
||||
|
||||
We welcome any feedback on |TF-A| and there are several methods for providing
|
||||
it or for obtaining support.
|
||||
|
||||
.. warning::
|
||||
If you think you have found a security vulnerability, please report this using
|
||||
the process defined in the :ref:`Security Handling` document.
|
||||
|
||||
Mailing Lists
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Public mailing lists for TF-A and the wider Trusted Firmware project are
|
||||
hosted on TrustedFirmware.org. The mailing lists can be used for general
|
||||
enquiries, enhancement requests and issue reports, or to follow and participate
|
||||
in technical or organizational discussions around the project. These discussions
|
||||
include design proposals, advance notice of changes and upcoming events.
|
||||
|
||||
The relevant lists for the TF-A project are:
|
||||
|
||||
- `TF-A development`_
|
||||
- `TF-A-Tests development`_
|
||||
|
||||
You can see a `summary of all the lists`_ on the TrustedFirmware.org website.
|
||||
|
||||
Open Tech Forum Call
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Every other week, we organize a call with all interested TF-A contributors.
|
||||
Anyone is welcome to join. This is an opportunity to discuss any technical
|
||||
topic within the community. More details can be found `here`_.
|
||||
|
||||
.. _here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
|
||||
|
||||
Issue Tracker
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Bug reports may be filed on the `issue tracker`_ on Github. Using this tracker
|
||||
gives everyone visibility of the known issues in TF-A.
|
||||
|
||||
Arm Licensees
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Arm licensees have an additional support conduit - they may contact Arm directly
|
||||
via their partner managers.
|
||||
|
||||
.. _`issue tracker`: https://github.com/TrustedFirmware-A/trusted-firmware-a/issues
|
||||
.. _`TF-A development`: https://lists.trustedfirmware.org/mailman3/lists/tf-a.lists.trustedfirmware.org/
|
||||
.. _`TF-A-Tests development`: https://lists.trustedfirmware.org/mailman3/lists/tf-a-tests.lists.trustedfirmware.org/
|
||||
.. _`summary of all the lists`: https://lists.trustedfirmware.org/mailman3/lists/
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
|
||||
154
arm-trusted-firmware.t234/docs/about/features.rst
Normal file
154
arm-trusted-firmware.t234/docs/about/features.rst
Normal file
@@ -0,0 +1,154 @@
|
||||
Feature Overview
|
||||
================
|
||||
|
||||
This page provides an overview of the current |TF-A| feature set. For a full
|
||||
description of these features and their implementation details, please see
|
||||
the documents that are part of the *Components* and *System Design* chapters.
|
||||
|
||||
The :ref:`Change Log & Release Notes` provides details of changes made since the
|
||||
last release.
|
||||
|
||||
Current features
|
||||
----------------
|
||||
|
||||
- Initialization of the secure world, for example exception vectors, control
|
||||
registers and interrupts for the platform.
|
||||
|
||||
- Library support for CPU specific reset and power down sequences. This
|
||||
includes support for errata workarounds and the latest Arm DynamIQ CPUs.
|
||||
|
||||
- Drivers to enable standard initialization of Arm System IP, for example
|
||||
Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI),
|
||||
Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone
|
||||
Controller (TZC).
|
||||
|
||||
- Secure Monitor library code such as world switching, EL2/EL1 context
|
||||
management and interrupt routing.
|
||||
|
||||
- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
|
||||
Convention`_ using an EL3 runtime services framework.
|
||||
|
||||
- |PSCI| library support for CPU, cluster and system power management
|
||||
use-cases.
|
||||
This library is pre-integrated with the AArch64 EL3 Runtime Software, and
|
||||
is also suitable for integration with other AArch32 EL3 Runtime Software,
|
||||
for example an AArch32 Secure OS.
|
||||
|
||||
- A generic |SCMI| driver to interface with conforming power controllers, for
|
||||
example the Arm System Control Processor (SCP).
|
||||
|
||||
- A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library
|
||||
integration with AArch32 EL3 Runtime Software.
|
||||
|
||||
- Secure partition manager dispatcher(SPMD) with following two configurations:
|
||||
|
||||
- S-EL2 SPMC implementation, widely compliant with FF-A v1.1 EAC0 and initial
|
||||
support of FF-A v1.2.
|
||||
|
||||
- EL3 SPMC implementation, compliant with a subset of FF-A v1.1 EAC0.
|
||||
|
||||
- Support for Arm CCA based on FEAT_RME which supports authenticated boot and
|
||||
execution of RMM with the necessary routing of RMI commands as specified in
|
||||
RMM Beta 0 Specification.
|
||||
|
||||
- A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP
|
||||
interaction with PSCI.
|
||||
|
||||
- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_,
|
||||
`Trusty Secure OS`_ and `ProvenCore Secure OS`_.
|
||||
|
||||
- A Trusted Board Boot implementation, conforming to all mandatory TBBR
|
||||
requirements. This includes image authentication, Firmware recovery,
|
||||
Firmware encryption and packaging of the various firmware images into a
|
||||
Firmware Image Package (FIP).
|
||||
|
||||
- Measured boot support with PoC to showcase its interaction with firmware TPM
|
||||
(fTPM) service implemneted on top of OP-TEE.
|
||||
|
||||
- Support for Dynamic Root of Trust for Measurement (DRTM).
|
||||
|
||||
- Following firmware update mechanisms available:
|
||||
|
||||
- PSA Firmware Update (PSA FWU)
|
||||
|
||||
- TBBR Firmware Update (TBBR FWU)
|
||||
|
||||
- Reliability, Availability, and Serviceability (RAS) functionality, including
|
||||
|
||||
- A Secure Partition Manager (SPM) to manage Secure Partitions in
|
||||
Secure-EL0, which can be used to implement simple management and
|
||||
security services.
|
||||
|
||||
- An |SDEI| dispatcher to route interrupt-based |SDEI| events.
|
||||
|
||||
- An Exception Handling Framework (EHF) that allows dispatching of EL3
|
||||
interrupts to their registered handlers, to facilitate firmware-first
|
||||
error handling.
|
||||
|
||||
- A dynamic configuration framework that enables each of the firmware images
|
||||
to be configured at runtime if required by the platform. It also enables
|
||||
loading of a hardware configuration (for example, a kernel device tree)
|
||||
as part of the FIP, to be passed through the firmware stages.
|
||||
This feature is now incorporated inside the firmware configuration framework
|
||||
(fconf).
|
||||
|
||||
- Support for alternative boot flows, for example to support platforms where
|
||||
the EL3 Runtime Software is loaded using other firmware or a separate
|
||||
secure system processor, or where a non-TF-A ROM expects BL2 to be loaded
|
||||
at EL3.
|
||||
|
||||
- Support for Errata management firmware interface.
|
||||
|
||||
- Support for the GCC, LLVM and Arm Compiler 6 toolchains.
|
||||
|
||||
- Support for combining several libraries into a "romlib" image that may be
|
||||
shared across images to reduce memory footprint. The romlib image is stored
|
||||
in ROM but is accessed through a jump-table that may be stored
|
||||
in read-write memory, allowing for the library code to be patched.
|
||||
|
||||
- Position-Independent Executable (PIE) support.
|
||||
|
||||
Experimental features
|
||||
---------------------
|
||||
|
||||
A feature is considered experimental when still in development or isn't known
|
||||
to the TF-A team as widely deployed or proven on end products. It is generally
|
||||
advised such options aren't pulled into real deployments, or done with the
|
||||
appropriate level of supplementary integration testing.
|
||||
|
||||
A feature is no longer considered experimental when it is generally agreed
|
||||
the said feature has reached a level of maturity and quality comparable to
|
||||
other features that have been integrated into products.
|
||||
|
||||
Experimental build options are found in following section
|
||||
:ref:`build_options_experimental`. Their use through the build emits a warning
|
||||
message.
|
||||
|
||||
Additionally the following libraries are marked experimental when included
|
||||
in a platform:
|
||||
|
||||
- MPU translation library ``lib/xlat_mpu``
|
||||
- RSE comms driver ``drivers/arm/rse``
|
||||
|
||||
Still to come
|
||||
-------------
|
||||
|
||||
- Support for additional platforms.
|
||||
|
||||
- Documentation enhancements.
|
||||
|
||||
- Ongoing support for new architectural features, CPUs and System IP.
|
||||
|
||||
- Ongoing support for new Arm system architecture specifications.
|
||||
|
||||
- Ongoing security hardening, optimization and quality improvements.
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
|
||||
.. _NVIDIA Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
|
||||
.. _Trusty Secure OS: https://source.android.com/security/trusty
|
||||
.. _ProvenCore Secure OS: https://provenrun.com/products/provencore/
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
|
||||
12
arm-trusted-firmware.t234/docs/about/index.rst
Normal file
12
arm-trusted-firmware.t234/docs/about/index.rst
Normal file
@@ -0,0 +1,12 @@
|
||||
About
|
||||
=====
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
features
|
||||
release-information
|
||||
maintainers
|
||||
contact
|
||||
acknowledgements
|
||||
1134
arm-trusted-firmware.t234/docs/about/maintainers.rst
Normal file
1134
arm-trusted-firmware.t234/docs/about/maintainers.rst
Normal file
File diff suppressed because it is too large
Load Diff
123
arm-trusted-firmware.t234/docs/about/release-information.rst
Normal file
123
arm-trusted-firmware.t234/docs/about/release-information.rst
Normal file
@@ -0,0 +1,123 @@
|
||||
Release Processes
|
||||
=================
|
||||
|
||||
Project Release Cadence
|
||||
-----------------------
|
||||
|
||||
The project currently aims to do a release once every 6 months which will be
|
||||
tagged on the master branch. There will be a code freeze (stop merging
|
||||
non-essential changes) up to 4 weeks prior to the target release date. The release
|
||||
candidates will start appearing after this and only bug fixes or updates
|
||||
required for the release will be merged. The maintainers are free to use their
|
||||
judgement on what changes are essential for the release. A release branch may be
|
||||
created after code freeze if there are significant changes that need merging onto
|
||||
the integration branch during the merge window.
|
||||
|
||||
The release testing will be performed on release candidates and depending on
|
||||
issues found, additional release candidates may be created to fix the issues.
|
||||
|
||||
::
|
||||
|
||||
|<----------6 months---------->|
|
||||
|<---4 weeks--->| |<---4 weeks--->|
|
||||
+-----------------------------------------------------------> time
|
||||
| | | |
|
||||
code freeze ver w.x code freeze ver y.z
|
||||
|
||||
|
||||
Version numbering
|
||||
~~~~~~~~~~~~~~~~~
|
||||
TF-A version is given in Makefile, through several macros:
|
||||
|
||||
- VERSION_MAJOR
|
||||
- VERSION_MINOR
|
||||
- VERSION_PATCH
|
||||
|
||||
For example, TF-A v2.10 has VERSION_MAJOR=2, VERSION_MINOR=10 and VERSION_PATCH=0.
|
||||
|
||||
This VERSION_PATCH macro is only increased for LTS releases.
|
||||
|
||||
Upcoming Releases
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
These are the estimated dates for the upcoming release. These may change
|
||||
depending on project requirement and partner feedback.
|
||||
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| Release Version | Target Date | Expected Code Freeze |
|
||||
+=================+===========================+==============================+
|
||||
| v2.0 | 1st week of Oct '18 | 1st week of Sep '18 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.1 | 5th week of Mar '19 | 1st week of Mar '19 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.2 | 4th week of Oct '19 | 1st week of Oct '19 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.3 | 4th week of Apr '20 | 1st week of Apr '20 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.4 | 2nd week of Nov '20 | 4th week of Oct '20 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.5 | 3rd week of May '21 | 5th week of Apr '21 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.6 | 4th week of Nov '21 | 2nd week of Nov '21 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.7 | 5th week of May '22 | 3rd week of May '22 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.8 | 5th week of Nov '22 | 3rd week of Nov '22 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.9 | 4th week of May '23 | 2nd week of May '23 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.10 | 4th week of Nov '23 | 2nd week of Nov '23 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.11 | 4th week of May '24 | 2nd week of May '24 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.12 | 4th week of Nov '24 | 2nd week of Nov '24 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.13 | 4th week of May '25 | 2nd week of May '25 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
|
||||
Removal of Deprecated Interfaces
|
||||
--------------------------------
|
||||
|
||||
As mentioned in the :ref:`Platform Ports Policy`, this is a live document
|
||||
cataloging all the deprecated interfaces in TF-A project and the Release version
|
||||
after which it will be removed.
|
||||
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
| Interface | Deprecation | Removed | Comments |
|
||||
| | Date | after | |
|
||||
| | | Release | |
|
||||
+================================+=============+=========+=========================================================+
|
||||
| | | | |
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
|
||||
Removal of Deprecated Drivers
|
||||
-----------------------------
|
||||
|
||||
As mentioned in the :ref:`Platform Ports Policy`, this is a live document
|
||||
cataloging all the deprecated drivers in TF-A project and the Release version
|
||||
after which it will be removed.
|
||||
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
| Driver | Deprecation | Removed | Comments |
|
||||
| | Date | after | |
|
||||
| | | Release | |
|
||||
+================================+=============+=========+=========================================================+
|
||||
| None at this time. | | | |
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
|
||||
Build Options deprecated/removed
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Populated table provides details about build options that were removed or deprecated.
|
||||
|
||||
+-----------------------+--------------------------------+
|
||||
| Build Option | Deprecated from TF-A Version |
|
||||
+=======================+================================+
|
||||
| | |
|
||||
+-----------------------+--------------------------------+
|
||||
| | |
|
||||
+-----------------------+--------------------------------+
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
10800
arm-trusted-firmware.t234/docs/change-log.md
Normal file
10800
arm-trusted-firmware.t234/docs/change-log.md
Normal file
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,34 @@
|
||||
Activity Monitors
|
||||
=================
|
||||
|
||||
FEAT_AMUv1 of the Armv8-A architecture introduces the Activity Monitors
|
||||
extension. This extension describes the architecture for the Activity Monitor
|
||||
Unit (|AMU|), an optional non-invasive component for monitoring core events
|
||||
through a set of 64-bit counters.
|
||||
|
||||
When the ``ENABLE_FEAT_AMU=1`` build option is provided, Trusted Firmware-A
|
||||
sets up the |AMU| prior to its exit from EL3, and will save and restore
|
||||
architected |AMU| counters as necessary upon suspend and resume.
|
||||
|
||||
.. _Activity Monitor Auxiliary Counters:
|
||||
|
||||
Auxiliary counters
|
||||
------------------
|
||||
|
||||
FEAT_AMUv1 describes a set of implementation-defined auxiliary counters (also
|
||||
known as group 1 counters), controlled by the ``ENABLE_AMU_AUXILIARY_COUNTERS``
|
||||
build option.
|
||||
|
||||
As a security precaution, Trusted Firmware-A does not enable these by default.
|
||||
Instead, platforms may configure their auxiliary counters through one of two
|
||||
possible mechanisms:
|
||||
|
||||
- |FCONF|, controlled by the ``ENABLE_AMU_FCONF`` build option.
|
||||
- A platform implementation of the ``plat_amu_topology`` function (the default).
|
||||
|
||||
See :ref:`Activity Monitor Unit (AMU) Bindings` for documentation on the |FCONF|
|
||||
device tree bindings.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,96 @@
|
||||
Arm SiP Services
|
||||
================
|
||||
|
||||
This document enumerates and describes the Arm SiP (Silicon Provider) services.
|
||||
|
||||
SiP services are non-standard, platform-specific services offered by the silicon
|
||||
implementer or platform provider. They are accessed via ``SMC`` ("SMC calls")
|
||||
instruction executed from Exception Levels below EL3. SMC calls for SiP
|
||||
services:
|
||||
|
||||
- Follow `SMC Calling Convention`_;
|
||||
- Use SMC function IDs that fall in the SiP range, which are ``0xc2000000`` -
|
||||
``0xc200ffff`` for 64-bit calls, and ``0x82000000`` - ``0x8200ffff`` for 32-bit
|
||||
calls.
|
||||
|
||||
The Arm SiP implementation offers the following services:
|
||||
|
||||
- Execution State Switching service
|
||||
|
||||
Source definitions for Arm SiP service are located in the ``arm_sip_svc.h`` header
|
||||
file.
|
||||
|
||||
+----------------------------+----------------------------+---------------------------------------+
|
||||
| ARM_SIP_SVC_VERSION_MAJOR | ARM_SIP_SVC_VERSION_MINOR | Changes |
|
||||
+============================+============================+=======================================+
|
||||
| 1 | 0 | Move DebugFS and PMF to the new vendor|
|
||||
| | | specific FID range. The old FID range |
|
||||
| | | for these services are deprecated |
|
||||
+----------------------------+----------------------------+---------------------------------------+
|
||||
|
||||
*Table 1: Showing different versions of arm-sip-service and changes done with each version*
|
||||
|
||||
Execution State Switching service
|
||||
---------------------------------
|
||||
|
||||
Execution State Switching service provides a mechanism for a non-secure lower
|
||||
Exception Level (either EL2, or NS EL1 if EL2 isn't implemented) to request to
|
||||
switch its execution state (a.k.a. Register Width), either from AArch64 to
|
||||
AArch32, or from AArch32 to AArch64, for the calling CPU. This service is only
|
||||
available when Trusted Firmware-A (TF-A) is built for AArch64 (i.e. when build
|
||||
option ``ARCH`` is set to ``aarch64``).
|
||||
|
||||
``ARM_SIP_SVC_EXE_STATE_SWITCH``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t Function ID
|
||||
uint32_t PC hi
|
||||
uint32_t PC lo
|
||||
uint32_t Cookie hi
|
||||
uint32_t Cookie lo
|
||||
|
||||
Return:
|
||||
uint32_t
|
||||
|
||||
The function ID parameter must be ``0x82000020``. It uniquely identifies the
|
||||
Execution State Switching service being requested.
|
||||
|
||||
The parameters *PC hi* and *PC lo* defines upper and lower words, respectively,
|
||||
of the entry point (physical address) at which execution should start, after
|
||||
Execution State has been switched. When calling from AArch64, *PC hi* must be 0.
|
||||
|
||||
When execution starts at the supplied entry point after Execution State has been
|
||||
switched, the parameters *Cookie hi* and *Cookie lo* are passed in CPU registers
|
||||
0 and 1, respectively. When calling from AArch64, *Cookie hi* must be 0.
|
||||
|
||||
This call can only be made on the primary CPU, before any secondaries were
|
||||
brought up with ``CPU_ON`` PSCI call. Otherwise, the call will always fail.
|
||||
|
||||
The effect of switching execution state is as if the Exception Level were
|
||||
entered for the first time, following power on. This means CPU registers that
|
||||
have a defined reset value by the Architecture will assume that value. Other
|
||||
registers should not be expected to hold their values before the call was made.
|
||||
CPU endianness, however, is preserved from the previous execution state. Note
|
||||
that this switches the execution state of the calling CPU only. This is not a
|
||||
substitute for PSCI ``SYSTEM_RESET``.
|
||||
|
||||
The service may return the following error codes:
|
||||
|
||||
- ``STATE_SW_E_PARAM``: If any of the parameters were deemed invalid for
|
||||
a specific request.
|
||||
- ``STATE_SW_E_DENIED``: If the call is not successful, or when TF-A is
|
||||
built for AArch32.
|
||||
|
||||
If the call is successful, the caller wouldn't observe the SMC returning.
|
||||
Instead, execution starts at the supplied entry point, with the CPU registers 0
|
||||
and 1 populated with the supplied *Cookie hi* and *Cookie lo* values,
|
||||
respectively.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
@@ -0,0 +1,568 @@
|
||||
Context Management Library
|
||||
**************************
|
||||
|
||||
This document provides an overview of the Context Management library implementation
|
||||
in Trusted Firmware-A (TF-A). It enumerates and describes the APIs implemented
|
||||
and their accessibility from other components at EL3.
|
||||
|
||||
Overview
|
||||
========
|
||||
|
||||
Arm TrustZone architecture facilitates hardware-enforced isolation between
|
||||
software running in various security states (Secure/Non-Secure/Realm).
|
||||
The general-purpose registers, most of the system registers and vector registers
|
||||
are not banked per world. When moving between the security states it is the
|
||||
responsibility of the secure monitor software (BL31(AArch64) / BL32(Aarch32))
|
||||
in TF-A, not the hardware, to save and restore register state.
|
||||
Refer to `Trustzone for AArch64`_ for more details.
|
||||
|
||||
EL3 Runtime Firmware, also termed as secure monitor firmware, is integrated
|
||||
with a context management library to handle the context of the CPU, managing the
|
||||
saving and restoring of register states across the worlds.
|
||||
|
||||
TF-A Context
|
||||
============
|
||||
|
||||
In TF-A, the context is represented as a data structure used by the EL3 firmware
|
||||
to preserve the state of the CPU at the next lower exception level (EL) in a given
|
||||
security state and save enough EL3 metadata to be able to return to that exception
|
||||
level and security state. The memory for the context data structures are allocated
|
||||
in BSS section of EL3 firmware.
|
||||
|
||||
In a trusted system at any instance, a given CPU could be executing in one of the
|
||||
security states (Non-Secure, Secure, Realm). Each world must have its
|
||||
configuration of system registers independent of other security states to access
|
||||
and execute any of the architectural features.
|
||||
|
||||
If the CPU switches across security states (for example: from Non-secure to Secure
|
||||
or vice versa), the register contents, especially the ones that are not banked
|
||||
(EL2/EL1, vector, general-purpose registers), will be overwritten, as the software
|
||||
running in either state has the privileges to access them. Additionally, some of
|
||||
the architectural features enabled in the former security state will be unconditionally
|
||||
accessible in the latter security state as well. This can be a major concern when
|
||||
dealing with security-specific bits, as they need to be explicitly enabled or
|
||||
disabled in each state to prevent data leakage across the worlds.
|
||||
|
||||
In general, an ideal trusted system should have Secure world-specific configurations
|
||||
that are not influenced by Normal World operations. Therefore, for each CPU, we
|
||||
need to maintain world-specific context to ensure that register entries from one
|
||||
world do not leak or impact the execution of the CPU in other worlds.
|
||||
This will help ensure the integrity and security of the system, preventing any
|
||||
unauthorized access or data corruption between the different security states.
|
||||
|
||||
Design
|
||||
======
|
||||
|
||||
The Context Management library in TF-A is designed to cover all the requirements
|
||||
for maintaining world-specific context essential for a trusted system.
|
||||
This includes implementing CPU context initialization and management routines,
|
||||
as well as other helper APIs that are required by dispatcher components in EL3
|
||||
firmware, which are collectively referred to as CPU Context Management.
|
||||
The APIs and their usecases are listed in detail under the :ref:`Library APIs`
|
||||
section.
|
||||
|
||||
Originally, the Context Management library in TF-A was designed to cater for a
|
||||
two-world system, comprising of Non-Secure and Secure Worlds. In this case, the
|
||||
EL3 Firmware is assumed to be running in Secure World.
|
||||
With introduction of Realm Management Extension (RME), from Armv9.2 a system
|
||||
can have four distinct worlds (Non-Secure, Secure, Realm, Root).
|
||||
RME isolates EL3 from all other Security states and moves it into its own security
|
||||
state called root. EL3 firmware now runs at Root World and thereby is
|
||||
trusted from software in Non-secure, Secure, and Realm states.
|
||||
Refer to `Security States with RME`_ for more details.
|
||||
|
||||
Key principles followed in designing the context management library :
|
||||
|
||||
1. **EL3 should only initialize immediate used lower EL**
|
||||
|
||||
Context Management library running at EL3 should only initialize and monitor the
|
||||
immediate used lower EL. This implies that, when S-EL2 is present in the system,
|
||||
EL3 should initialise and monitor S-EL2 registers only. S-EL1 registers should
|
||||
not be the concern of EL3 while S-EL2 is in place. In systems where S-EL2 is
|
||||
absent, S-EL1 registers should be initialised from EL3.
|
||||
|
||||
2. **Decentralized model for context management**
|
||||
|
||||
Each world (Non-Secure, Secure, and Realm) should have their separate component
|
||||
in EL3 responsible for their respective world context management.
|
||||
Both the Secure and Realm world have associated dispatcher components in EL3
|
||||
firmware to allow management of the respective worlds. For the Non-Secure world,
|
||||
PSCI Library (BL31)/context management library provides routines to help
|
||||
initialize the Non-Secure world context.
|
||||
|
||||
3. **Flexibility for Dispatchers to select desired feature set to save and restore**
|
||||
|
||||
Each feature is supported with a helper function ``is_feature_supported(void)``,
|
||||
to detect its presence at runtime. This helps dispatchers to select the desired
|
||||
feature set, and thereby save and restore the configuration associated with them.
|
||||
|
||||
4. **Dynamic discovery of Feature enablement by EL3**
|
||||
|
||||
TF-A supports four states for feature enablement at EL3, to make them available
|
||||
for lower exception levels.
|
||||
|
||||
.. code:: c
|
||||
|
||||
#define FEAT_STATE_DISABLED 0
|
||||
#define FEAT_STATE_ENABLED 1
|
||||
#define FEAT_STATE_CHECK 2
|
||||
#define FEAT_STATE_CHECK_ASYMMETRIC 3
|
||||
|
||||
A pattern is established for feature enablement behavior.
|
||||
Each feature must support the 3 possible values with rigid semantics.
|
||||
|
||||
- **FEAT_STATE_DISABLED** - all code relating to this feature is always skipped.
|
||||
Firmware is unaware of this feature.
|
||||
|
||||
- **FEAT_STATE_ALWAYS** - all code relating to this feature is always executed.
|
||||
Firmware expects this feature to be present in hardware.
|
||||
|
||||
- **FEAT_STATE_CHECK** - same as ``FEAT_STATE_ALWAYS`` except that the feature's
|
||||
existence will be checked at runtime. Default on dynamic platforms (example: FVP).
|
||||
|
||||
- **FEAT_STATE_CHECK_ASYMMETRIC** - same as ``FEAT_STATE_CHECK`` except that the feature's
|
||||
existence is asymmetric across cores, which requires the feature existence is checked
|
||||
during warmboot path also. Note that only limited number of features can be asymmetric.
|
||||
|
||||
.. note::
|
||||
Only limited number of features can be ``FEAT_STATE_CHECK_ASYMMETRIC`` this is due to
|
||||
the fact that Operating systems are designed for SMP systems.
|
||||
There are no clear guidelines what kind of mismatch is allowed but following pointers
|
||||
can help making a decision
|
||||
|
||||
- All mandatory features must be symmetric.
|
||||
- Any feature that impacts the generation of page tables must be symmetric.
|
||||
- Any feature access which does not trap to EL3 should be symmetric.
|
||||
- Features related with profiling, debug and trace could be asymmetric
|
||||
- Migration of vCPU/tasks between CPUs should not cause an error
|
||||
|
||||
Whenever there is asymmetric feature support is added for a feature TF-A need to add
|
||||
feature specific code in context management code.
|
||||
|
||||
.. note::
|
||||
``FEAT_RAS`` is an exception here, as it impacts the execution of EL3 and
|
||||
it is essential to know its presence at compile time. Refer to ``ENABLE_FEAT``
|
||||
macro under :ref:`Build Options` section for more details.
|
||||
|
||||
Code Structure
|
||||
==============
|
||||
|
||||
`lib/el3_runtime/(aarch32/aarch64)`_ - Context library code directory.
|
||||
|
||||
Source Files
|
||||
~~~~~~~~~~~~
|
||||
|
||||
#. ``context_mgmt.c`` : consists of core functions that setup, save and restore
|
||||
context for different security states alongside high level feature enablement
|
||||
APIs for individual worlds.
|
||||
|
||||
#. ``cpu_data_array.c`` : contains per_cpu_data structure instantiation.
|
||||
|
||||
#. ``context.S`` : consists of functions that save and restore some of the context
|
||||
structure members in assembly code.
|
||||
|
||||
#. ``cpu_data.S`` : consists of helper functions to initialise per_cpu_data pointers.
|
||||
|
||||
#. ``el3_common_macros.S`` : consists of macros to facilitate actions to be performed
|
||||
during cold and warmboot and el3 registers initialisation in assembly code.
|
||||
|
||||
Header Files
|
||||
~~~~~~~~~~~~
|
||||
|
||||
#. ``context_mgmt.h`` : contains the public interface to Context Management Library.
|
||||
|
||||
#. ``context.h`` : contains the helper macros and definitions for context entries.
|
||||
|
||||
#. ``cpu_data.h`` : contains the public interface to Per CPU data structure.
|
||||
|
||||
#. ``context_debug.h`` : contains public interface to report context memory
|
||||
utilisation across the security states.
|
||||
|
||||
#. ``context_el2.h`` : internal header consisting of helper macros to access EL2
|
||||
context entries. Used by ``context.h``.
|
||||
|
||||
Apart from these files, we have some context related source files under ``BL1``
|
||||
and ``BL31`` directory. ``bl1_context_mgmt.c`` ``bl31_context_mgmt.c``
|
||||
|
||||
Bootloader Images utilizing Context Management Library
|
||||
======================================================
|
||||
|
||||
+-------------------------------------------+-----------------------------+
|
||||
| Bootloader | Context Management Library |
|
||||
+-------------------------------------------+-----------------------------+
|
||||
| BL1 | Yes |
|
||||
+-------------------------------------------+-----------------------------+
|
||||
| BL2 | No |
|
||||
+-------------------------------------------+-----------------------------+
|
||||
| BL31 (Aarch64- EL3runtime firmware) | Yes |
|
||||
+-------------------------------------------+-----------------------------+
|
||||
| BL32 (Aarch32- EL3runtime firmware) | Yes |
|
||||
+-------------------------------------------+-----------------------------+
|
||||
|
||||
CPU Data Structure
|
||||
==================
|
||||
For a given system, depending on the CPU count, the platform statically
|
||||
allocates memory for the CPU data structure.
|
||||
|
||||
.. code:: c
|
||||
|
||||
/* The per_cpu_ptr_cache_t space allocation */
|
||||
cpu_data_t percpu_data[PLATFORM_CORE_COUNT];
|
||||
|
||||
This CPU data structure has a member element with an array of pointers to hold
|
||||
the Non-Secure, Realm and Secure security state context structures as listed below.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct cpu_data {
|
||||
#ifdef __aarch64__
|
||||
void *cpu_context[CPU_DATA_CONTEXT_NUM];
|
||||
#endif
|
||||
|
||||
....
|
||||
....
|
||||
|
||||
}cpu_data_t;
|
||||
|
||||
|CPU Data Structure|
|
||||
|
||||
At runtime, ``cpu_context[CPU_DATA_CONTEXT_NUM]`` array will be intitialised with
|
||||
the Secure, Non-Secure and Realm context structure addresses to ensure proper
|
||||
handling of the register state.
|
||||
See :ref:`Library APIs` section for more details.
|
||||
|
||||
CPU Context and Memory allocation
|
||||
=================================
|
||||
|
||||
CPU Context
|
||||
~~~~~~~~~~~
|
||||
The members of the context structure used by the EL3 firmware to preserve the
|
||||
state of CPU across exception levels for a given security state are listed below.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct cpu_context {
|
||||
gp_regs_t gpregs_ctx;
|
||||
el3_state_t el3state_ctx;
|
||||
|
||||
cve_2018_3639_t cve_2018_3639_ctx;
|
||||
|
||||
#if ERRATA_SPECULATIVE_AT
|
||||
errata_speculative_at_t errata_speculative_at_ctx;
|
||||
#endif
|
||||
|
||||
#if CTX_INCLUDE_PAUTH_REGS
|
||||
pauth_t pauth_ctx;
|
||||
#endif
|
||||
|
||||
#if (CTX_INCLUDE_EL2_REGS && IMAGE_BL31)
|
||||
el2_sysregs_t el2_sysregs_ctx;
|
||||
#else
|
||||
el1_sysregs_t el1_sysregs_ctx;
|
||||
#endif
|
||||
} cpu_context_t;
|
||||
|
||||
Context Memory Allocation
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
CPUs maintain their context per world. The individual context memory allocation
|
||||
for each CPU per world is allocated by the world-specific dispatcher components
|
||||
at compile time as shown below.
|
||||
|
||||
|Context memory allocation|
|
||||
|
||||
NS-Context Memory
|
||||
~~~~~~~~~~~~~~~~~
|
||||
It's important to note that the Normal world doesn't possess the dispatcher
|
||||
component found in the Secure and Realm worlds. Instead, the PSCI library at EL3
|
||||
handles memory allocation for ``Non-Secure`` world context for all CPUs.
|
||||
|
||||
.. code:: c
|
||||
|
||||
static cpu_context_t psci_ns_context[PLATFORM_CORE_COUNT];
|
||||
|
||||
Secure-Context Memory
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
Secure World dispatcher (such as SPMD) at EL3 allocates the memory for ``Secure``
|
||||
world context of all CPUs.
|
||||
|
||||
.. code:: c
|
||||
|
||||
static spmd_spm_core_context_t spm_core_context[PLATFORM_CORE_COUNT];
|
||||
|
||||
Realm-Context Memory
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
Realm World dispatcher (RMMD) at EL3 allocates the memory for ``Realm`` world
|
||||
context of all CPUs.
|
||||
|
||||
.. code:: c
|
||||
|
||||
rmmd_rmm_context_t rmm_context[PLATFORM_CORE_COUNT];
|
||||
|
||||
To summarize, the world-specific context structures are synchronized with
|
||||
per-CPU data structures, which means that each CPU will have an array of pointers
|
||||
to individual worlds. The figure below illustrates the same.
|
||||
|
||||
|CPU Context Memory Configuration|
|
||||
|
||||
Context Setup/Initialization
|
||||
============================
|
||||
|
||||
The CPU has been assigned context structures for every security state, which include
|
||||
Non-Secure, Secure and Realm. It is crucial to initialize each of these structures
|
||||
during the bootup of every CPU before they enter any security state for the
|
||||
first time. This section explains the specifics of how the initialization of
|
||||
every CPU context takes place during both cold and warm boot paths.
|
||||
|
||||
Context Setup during Cold boot
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
The cold boot path is mainly executed by the primary CPU, other than essential
|
||||
CPU initialization executed by all CPUs. After executing BL1 and BL2, the Primary
|
||||
CPU jumps to the BL31 image for runtime services initialization.
|
||||
During this process, the per_cpu_data structure gets initialized with statically
|
||||
allocated world-specific context memory.
|
||||
|
||||
Later in the cold boot sequence, the BL31 image at EL3 checks for the presence
|
||||
of a Secure world image at S-EL2. If detected, it invokes the secure context
|
||||
initialization sequence under SPMD. Additionally, based on RME enablement,
|
||||
the Realm context gets initialized from the RMMD at EL3. Finally, before exiting
|
||||
to the normal world, the Non-Secure context gets initialized via the context
|
||||
management library. At this stage, all Primary CPU contexts are initialized
|
||||
and the CPU exits EL3 to enter the Normal world.
|
||||
|
||||
|Context Init ColdBoot|
|
||||
|
||||
.. note::
|
||||
The figure above illustrates a scenario on FVP for one of the build
|
||||
configurations with TFTF component at NS-EL2.
|
||||
|
||||
Context Setup during Warmboot
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
During a warm boot sequence, the primary CPU is responsible for powering on the
|
||||
secondary CPUs. Refer to :ref:`CPU Reset` and :ref:`Firmware Design` sections for
|
||||
more details on the warm boot.
|
||||
|
||||
|Context Init WarmBoot|
|
||||
|
||||
The primary CPU initializes the Non-Secure context for the secondary CPU while
|
||||
restoring re-entry information for the Non-Secure world.
|
||||
It initialises via ``cm_init_context_by_index(target_idx, ep )``.
|
||||
|
||||
``psci_warmboot_entrypoint()`` is the warm boot entrypoint procedure.
|
||||
During the warm bootup process, secondary CPUs have their secure context
|
||||
initialized through SPMD at EL3. Upon successful SP initialization, the SPD
|
||||
power management operations become shared with the PSCI library. During this
|
||||
process, the SPMD duly registers its handlers with the PSCI library.
|
||||
|
||||
.. code:: c
|
||||
|
||||
file: psci_common.c
|
||||
const spd_pm_ops_t *psci_spd_pm;
|
||||
|
||||
file: spmd_pm.c
|
||||
const spd_pm_ops_t spmd_pm = {
|
||||
.svc_on_finish = spmd_cpu_on_finish_handler,
|
||||
.svc_off = spmd_cpu_off_handler
|
||||
}
|
||||
|
||||
Secondary CPUs during their bootup in the ``psci_cpu_on_finish()`` routine get
|
||||
their secure context initialised via the registered SPMD handler
|
||||
``spmd_cpu_on_finish_handler()`` at EL3.
|
||||
The figure above illustrates the same with reference of Primary CPU running at
|
||||
NS-EL2.
|
||||
|
||||
.. _Library APIs:
|
||||
|
||||
Library APIs
|
||||
============
|
||||
|
||||
The public APIs and types can be found in ``include/lib/el3_runtime/context_management.h``
|
||||
and this section is intended to provide additional details and clarifications.
|
||||
|
||||
Context Initialization for Individual Worlds
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
The library implements high level APIs for the CPUs in setting up their individual
|
||||
context for each world (Non-Secure, Secure and Realm).
|
||||
|
||||
.. c:function:: static void setup_context_common(cpu_context_t *ctx, const entry_point_info_t *ep);
|
||||
|
||||
This function is responsible for the general context initialization that applies
|
||||
to all worlds. It will be invoked first, before calling the individual
|
||||
world-specific context setup APIs.
|
||||
|
||||
.. c:function:: static void setup_ns_context(cpu_context_t *ctx, const struct entry_point_info *ep);
|
||||
.. c:function:: static void setup_realm_context(cpu_context_t *ctx, const struct entry_point_info *ep);
|
||||
.. c:function:: static void setup_secure_context(cpu_context_t *ctx, const struct entry_point_info *ep);
|
||||
|
||||
Depending on the security state that the CPU needs to enter, the respective
|
||||
world-specific context setup handlers listed above will be invoked once per-CPU
|
||||
to set up the context for their execution.
|
||||
|
||||
.. c:function:: void cm_manage_extensions_el3(void)
|
||||
|
||||
This function initializes all EL3 registers whose values do not change during the
|
||||
lifetime of EL3 runtime firmware. It is invoked from each CPU via the cold boot
|
||||
path ``bl31_main()`` and in the WarmBoot entry path ``void psci_warmboot_entrypoint()``.
|
||||
|
||||
Runtime Save and Restore of Registers
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
EL1 Registers
|
||||
-------------
|
||||
|
||||
.. c:function:: void cm_el1_sysregs_context_save(uint32_t security_state);
|
||||
.. c:function:: void cm_el1_sysregs_context_restore(uint32_t security_state);
|
||||
|
||||
These functions are utilized by the world-specific dispatcher components running
|
||||
at EL3 to facilitate the saving and restoration of the EL1 system registers
|
||||
during a world switch.
|
||||
|
||||
EL2 Registers
|
||||
-------------
|
||||
|
||||
.. c:function:: void cm_el2_sysregs_context_save(uint32_t security_state);
|
||||
.. c:function:: void cm_el2_sysregs_context_restore(uint32_t security_state);
|
||||
|
||||
These functions are utilized by the world-specific dispatcher components running
|
||||
at EL3 to facilitate the saving and restoration of the EL2 system registers
|
||||
during a world switch.
|
||||
|
||||
Pauth Registers
|
||||
---------------
|
||||
|
||||
Pointer Authentication feature is enabled by default for Non-Secure world and
|
||||
disabled for Secure and Realm worlds. In this case, we don't need to explicitly
|
||||
save and restore the Pauth registers during world switch.
|
||||
However, ``CTX_INCLUDE_PAUTH_REGS`` flag is explicitly used to enable Pauth for
|
||||
lower exception levels of Secure and Realm worlds. In this scenario, we save the
|
||||
general purpose and Pauth registers while we enter EL3 from lower ELs via
|
||||
``prepare_el3_entry`` and restore them back while we exit EL3 to lower ELs
|
||||
via ``el3_exit``.
|
||||
|
||||
.. code:: c
|
||||
|
||||
.macro save_gp_pmcr_pauth_regs
|
||||
func restore_gp_pmcr_pauth_regs
|
||||
|
||||
Feature Enablement for Individual Worlds
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. c:function:: static void manage_extensions_nonsecure(cpu_context_t *ctx);
|
||||
.. c:function:: static void manage_extensions_secure(cpu_context_t *ctx);
|
||||
.. c:function:: static void manage_extensions_realm(cpu_context_t *ctx)
|
||||
|
||||
Functions that allow the enabling and disabling of architectural features for
|
||||
each security state. These functions are invoked from the top-level setup APIs
|
||||
during context initialization.
|
||||
|
||||
Further, a pattern is established for feature enablement code (AArch64).
|
||||
Each feature implements following APIs as applicable:
|
||||
Note: (``xxx`` is the name of the feature in the APIs)
|
||||
|
||||
- ``is_feat_xxx_supported()`` and ``is_feat_xxx_present()`` - mandatory for all features.
|
||||
|
||||
- ``xxx_enable(cpu_context * )`` and ``xxx_disable(cpu_context * )`` - optional
|
||||
functions to enable the feature for the passed context only. To be called in
|
||||
the respective world's setup_context to select behaviour.
|
||||
|
||||
- ``xxx_init_el3()`` - optional function to enable the feature in-place in any EL3
|
||||
registers that are never context switched. The values they write must never
|
||||
change, otherwise the functions mentioned in previous point should be used.
|
||||
Invoked from ``cm_manage_extensions_el3()``.
|
||||
|
||||
- ``xxx_init_el2_unused()`` - optional function to enable the feature in-place
|
||||
in any EL2 registers that are necessary for execution in EL1 with no EL2 present.
|
||||
|
||||
The above mentioned rules, followed for ``FEAT_SME`` is shown below:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void sme_enable(cpu_context_t *context);
|
||||
void sme_init_el3(void);
|
||||
void sme_init_el2_unused(void);
|
||||
void sme_disable(cpu_context_t *context);
|
||||
|
||||
Per-world Context
|
||||
=================
|
||||
|
||||
Apart from the CPU context structure, we have another structure to manage some
|
||||
of the EL3 system registers whose values are identical across all the CPUs
|
||||
referred to as ``per_world_context_t``.
|
||||
The Per-world context structure is intended for managing EL3 system registers with
|
||||
identical values across all CPUs, requiring only a singular context entry for each
|
||||
individual world. This structure operates independently of the CPU context
|
||||
structure and is intended to manage specific EL3 registers.
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
typedef struct per_world_context {
|
||||
uint64_t ctx_cptr_el3;
|
||||
uint64_t ctx_zcr_el3;
|
||||
uint64_t ctx_mpam3_el3;
|
||||
} per_world_context_t;
|
||||
|
||||
These functions facilitate the activation of architectural extensions that possess
|
||||
identical values across all cores for the individual Non-secure, Secure, and
|
||||
Realm worlds.
|
||||
|
||||
Root-Context (EL3-Execution-Context)
|
||||
====================================
|
||||
|
||||
EL3/Root Context is the execution environment while the CPU is running at EL3.
|
||||
|
||||
Previously, while the CPU is in execution at EL3, the system registers persist
|
||||
with the values of the incoming world. This implies that if the CPU is entering
|
||||
EL3 from NS world, the EL1 and EL2 system registers which might be modified in
|
||||
lower exception levels NS(EL2/EL1) will carry forward those values to EL3.
|
||||
Further the EL3 registers also hold on to the values configured for Non-secure
|
||||
world, written during the previous ERET from EL3 to NS(EL2/EL1).
|
||||
Same policy is followed with respect to other worlds (Secure/Realm) depending on
|
||||
the system configuration.
|
||||
|
||||
The firmware at EL3 has traditionally operated within the context of the incoming
|
||||
world (Secure/Non-Secure/Realm). This becomes problematic in scenarios where the
|
||||
EL3/Root world must explicitly use architectural features that depend on system
|
||||
registers configured for lower exception levels.
|
||||
A good example of this is the PAuth regs. The Root world would need to program
|
||||
its own PAuth Keys while executing in EL3 and this needs to be restored in entry
|
||||
to EL3 from any world.
|
||||
Therefore, Root world should maintain its own distinct settings to access
|
||||
features for its own execution at EL3.
|
||||
|
||||
Register values which are currently known to be of importance during EL3 execution,
|
||||
is referred to as the EL3/Root context.
|
||||
This includes ( MDCR_EL3.SDD, SCR_EL3.{EA, SIF}, PMCR_EL0.DP, PSTATE.DIT)
|
||||
EL3 Context ensures, CPU executes under fixed EL3 system register settings
|
||||
which is not affected by settings of other worlds.
|
||||
|
||||
Root Context needs to be setup as early as possible before we try and access/modify
|
||||
architectural features at EL3. Its a simple restore operation ``setup_el3_execution_context``
|
||||
that overwrites the selected bits listed above. EL3 never changes its mind about
|
||||
what those values should be, sets it as required for EL3. Henceforth, a Root
|
||||
context save operation is not required.
|
||||
|
||||
The figure below illustrates the same with NS-world as a reference while entering
|
||||
EL3.
|
||||
|
||||
|Root Context Sequence|
|
||||
|
||||
.. code:: c
|
||||
|
||||
# EL3/Root_Context routine
|
||||
.macro setup_el3_execution_context
|
||||
|
||||
EL3 execution context needs to setup at both boot time (cold and warm boot)
|
||||
entrypaths and at all the possible exception handlers routing to EL3 at runtime.
|
||||
|
||||
*Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. |Context Memory Allocation| image:: ../resources/diagrams/context_memory_allocation.png
|
||||
.. |CPU Context Memory Configuration| image:: ../resources/diagrams/cpu_data_config_context_memory.png
|
||||
.. |CPU Data Structure| image:: ../resources/diagrams/percpu-data-struct.png
|
||||
.. |Context Init ColdBoot| image:: ../resources/diagrams/context_init_coldboot.png
|
||||
.. |Context Init WarmBoot| image:: ../resources/diagrams/context_init_warmboot.png
|
||||
.. |Root Context Sequence| image:: ../resources/diagrams/root_context_sequence.png
|
||||
.. _Trustzone for AArch64: https://developer.arm.com/documentation/102418/0101/TrustZone-in-the-processor/Switching-between-Security-states
|
||||
.. _Security States with RME: https://developer.arm.com/documentation/den0126/0100/Security-states
|
||||
.. _lib/el3_runtime/(aarch32/aarch64): https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/lib/el3_runtime
|
||||
374
arm-trusted-firmware.t234/docs/components/cot-binding.rst
Normal file
374
arm-trusted-firmware.t234/docs/components/cot-binding.rst
Normal file
@@ -0,0 +1,374 @@
|
||||
Chain of trust bindings
|
||||
=======================
|
||||
|
||||
The device tree allows to describe the chain of trust with the help of
|
||||
'cot' node which contain 'manifests' and 'images' as sub-nodes.
|
||||
'manifests' and 'images' nodes contains number of sub-nodes (i.e. 'certificate'
|
||||
and 'image' nodes) mentioning properties of the certificate and image respectively.
|
||||
|
||||
Also, device tree describes 'non-volatile-counters' node which contains number of
|
||||
sub-nodes mentioning properties of all non-volatile-counters used in the chain of trust.
|
||||
|
||||
cot
|
||||
------------------------------------------------------------------
|
||||
This is root node which contains 'manifests' and 'images' as sub-nodes
|
||||
|
||||
|
||||
Manifests and Certificate node bindings definition
|
||||
----------------------------------------------------------------
|
||||
|
||||
- Manifests node
|
||||
Description: Container of certificate nodes.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, cert-descs"
|
||||
|
||||
- Certificate node
|
||||
Description:
|
||||
|
||||
Describes certificate properties which are used
|
||||
during the authentication process.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- root-certificate
|
||||
Usage:
|
||||
|
||||
Required for the certificate with no parent.
|
||||
In other words, certificates which are validated
|
||||
using root of trust public key.
|
||||
|
||||
Value type: <boolean>
|
||||
|
||||
- image-id
|
||||
Usage: Required for every certificate with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- parent
|
||||
Usage:
|
||||
|
||||
It refers to their parent image, which typically contains
|
||||
information to authenticate the certificate.
|
||||
This property is required for all non-root certificates.
|
||||
|
||||
This property is not required for root-certificates
|
||||
as root-certificates are validated using root of trust
|
||||
public key provided by platform.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- signing-key
|
||||
Usage:
|
||||
|
||||
For non-root certificates, this property is used to refer
|
||||
public key node present in parent certificate node and it is
|
||||
required property for all non-root certificates which are
|
||||
authenticated using public-key present in parent certificate.
|
||||
|
||||
This property is not required for all root-certificates. If
|
||||
omitted, the root certificate will be validated using the
|
||||
default platform ROTPK. If instead the root certificate needs
|
||||
validating using a different ROTPK, the signing-key property
|
||||
should provide a reference to the ROTPK node to use.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- antirollback-counter
|
||||
Usage:
|
||||
|
||||
This property is used by all certificates which are
|
||||
protected against rollback attacks using a non-volatile
|
||||
counter and it is an optional property.
|
||||
|
||||
This property is used to refer one of the non-volatile
|
||||
counter sub-node present in 'non-volatile counters' node.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
|
||||
SUBNODES
|
||||
- Description:
|
||||
|
||||
Hash and public key information present in the certificate
|
||||
are shown by these nodes.
|
||||
|
||||
- public key node
|
||||
Description: Provide public key information in the certificate.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of public key
|
||||
provided in the certificate with the help of which
|
||||
public key information can be extracted.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
- hash node
|
||||
Description: Provide the hash information in the certificate.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of hash provided in
|
||||
the certificate with the help of which hash information
|
||||
can be extracted.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Example:
|
||||
|
||||
.. code:: c
|
||||
|
||||
cot {
|
||||
manifests {
|
||||
compatible = "arm, cert-descs”
|
||||
|
||||
trusted-key-cert: trusted-key-cert {
|
||||
root-certificate;
|
||||
image-id = <TRUSTED_KEY_CERT_ID>;
|
||||
antirollback-counter = <&trusted_nv_ctr>;
|
||||
|
||||
trusted-world-pk: trusted-world-pk {
|
||||
oid = TRUSTED_WORLD_PK_OID;
|
||||
};
|
||||
non-trusted-world-pk: non-trusted-world-pk {
|
||||
oid = NON_TRUSTED_WORLD_PK_OID;
|
||||
};
|
||||
};
|
||||
|
||||
scp_fw_key_cert: scp_fw_key_cert {
|
||||
image-id = <SCP_FW_KEY_CERT_ID>;
|
||||
parent = <&trusted-key-cert>;
|
||||
signing-key = <&trusted_world_pk>;
|
||||
antirollback-counter = <&trusted_nv_ctr>;
|
||||
|
||||
scp_fw_content_pk: scp_fw_content_pk {
|
||||
oid = SCP_FW_CONTENT_CERT_PK_OID;
|
||||
};
|
||||
};
|
||||
.
|
||||
.
|
||||
.
|
||||
|
||||
next-certificate {
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
Images and Image node bindings definition
|
||||
-----------------------------------------
|
||||
|
||||
- Images node
|
||||
Description: Container of image nodes
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, img-descs"
|
||||
|
||||
- Image node
|
||||
Description:
|
||||
|
||||
Describes image properties which will be used during
|
||||
authentication process.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- image-id
|
||||
Usage: Required for every image with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- parent
|
||||
Usage:
|
||||
|
||||
Required for every image to provide a reference to
|
||||
its parent image, which contains the necessary information
|
||||
to authenticate it.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- hash
|
||||
Usage:
|
||||
|
||||
Required for all images which are validated using
|
||||
hash method. This property is used to refer hash
|
||||
node present in parent certificate node.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
Note:
|
||||
|
||||
Currently, all images are validated using 'hash'
|
||||
method. In future, there may be multiple methods can
|
||||
be used to validate the image.
|
||||
|
||||
Example:
|
||||
|
||||
.. code:: c
|
||||
|
||||
cot {
|
||||
images {
|
||||
compatible = "arm, img-descs";
|
||||
|
||||
scp_bl2_image {
|
||||
image-id = <SCP_BL2_IMAGE_ID>;
|
||||
parent = <&scp_fw_content_cert>;
|
||||
hash = <&scp_fw_hash>;
|
||||
};
|
||||
|
||||
.
|
||||
.
|
||||
.
|
||||
|
||||
next-img {
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
non-volatile counter node binding definition
|
||||
--------------------------------------------
|
||||
|
||||
- non-volatile counters node
|
||||
Description: Contains properties for non-volatile counters.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, non-volatile-counter"
|
||||
|
||||
- #address-cells
|
||||
Usage: required
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
Definition:
|
||||
|
||||
Must be set according to address size
|
||||
of non-volatile counter register
|
||||
|
||||
- #size-cells
|
||||
Usage: required
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
Definition: must be set to 0
|
||||
|
||||
SUBNODE
|
||||
- counters node
|
||||
Description: Contains various non-volatile counters present in the platform.
|
||||
|
||||
PROPERTIES
|
||||
- id
|
||||
Usage: Required for every nv-counter with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- reg
|
||||
Usage:
|
||||
|
||||
Register base address of non-volatile counter and it is required
|
||||
property.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of non-volatile counter
|
||||
provided in the certificate and it is required property.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Example:
|
||||
Below is non-volatile counters example for ARM platform
|
||||
|
||||
.. code:: c
|
||||
|
||||
non_volatile_counters: non_volatile_counters {
|
||||
compatible = "arm, non-volatile-counter";
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
trusted_nv_ctr: trusted_nv_ctr {
|
||||
id = <TRUSTED_NV_CTR_ID>;
|
||||
reg = <TFW_NVCTR_BASE>;
|
||||
oid = TRUSTED_FW_NVCOUNTER_OID;
|
||||
};
|
||||
|
||||
non_trusted_nv_ctr: non_trusted_nv_ctr {
|
||||
id = <NON_TRUSTED_NV_CTR_ID>;
|
||||
reg = <NTFW_CTR_BASE>;
|
||||
oid = NON_TRUSTED_FW_NVCOUNTER_OID;
|
||||
};
|
||||
};
|
||||
|
||||
rot_keys node binding definition
|
||||
---------------------------------
|
||||
|
||||
- rot_keys node
|
||||
Description: Contains root-of-trust keys for the root certificates.
|
||||
|
||||
SUBNODES
|
||||
- Description:
|
||||
|
||||
Root of trust key information present in the root certificates
|
||||
are shown by these nodes.
|
||||
|
||||
- rot key node
|
||||
Description: Provide ROT key information in the certificate.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of ROT key provided
|
||||
in the certificate.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Example:
|
||||
Below is rot_keys example for CCA platform
|
||||
|
||||
.. code:: c
|
||||
|
||||
rot_keys {
|
||||
swd_rot_pk: swd_rot_pk {
|
||||
oid = SWD_ROT_PK_OID;
|
||||
};
|
||||
|
||||
prot_pk: prot_pk {
|
||||
oid = PROT_PK_OID;
|
||||
};
|
||||
};
|
||||
|
||||
Future update to chain of trust binding
|
||||
---------------------------------------
|
||||
|
||||
This binding document needs to be revisited to generalise some terminologies
|
||||
which are currently specific to X.509 certificates for e.g. Object IDs.
|
||||
|
||||
*Copyright (c) 2020-2024, Arm Limited. All rights reserved.*
|
||||
125
arm-trusted-firmware.t234/docs/components/debugfs-design.rst
Normal file
125
arm-trusted-firmware.t234/docs/components/debugfs-design.rst
Normal file
@@ -0,0 +1,125 @@
|
||||
========
|
||||
Debug FS
|
||||
========
|
||||
|
||||
.. contents::
|
||||
|
||||
Overview
|
||||
--------
|
||||
|
||||
The *DebugFS* feature is primarily aimed at exposing firmware debug data to
|
||||
higher SW layers such as a non-secure component. Such component can be the
|
||||
TFTF test payload or a Linux kernel module.
|
||||
|
||||
Virtual filesystem
|
||||
------------------
|
||||
|
||||
The core functionality lies in a virtual file system based on a 9p file server
|
||||
interface (`Notes on the Plan 9 Kernel Source`_ and
|
||||
`Linux 9p remote filesystem protocol`_).
|
||||
The implementation permits exposing virtual files, firmware drivers, and file blobs.
|
||||
|
||||
Namespace
|
||||
~~~~~~~~~
|
||||
|
||||
Two namespaces are exposed:
|
||||
|
||||
- # is used as root for drivers (e.g. #t0 is the first uart)
|
||||
- / is used as root for virtual "files" (e.g. /fip, or /dev/uart)
|
||||
|
||||
9p interface
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The associated primitives are:
|
||||
|
||||
- Unix-like:
|
||||
|
||||
- open(): create a file descriptor that acts as a handle to the file passed as
|
||||
an argument.
|
||||
- close(): close the file descriptor created by open().
|
||||
- read(): read from a file to a buffer.
|
||||
- write(): write from a buffer to a file.
|
||||
- seek(): set the file position indicator of a file descriptor either to a
|
||||
relative or an absolute offset.
|
||||
- stat(): get information about a file (type, mode, size, ...).
|
||||
|
||||
.. code:: c
|
||||
|
||||
int open(const char *name, int flags);
|
||||
int close(int fd);
|
||||
int read(int fd, void *buf, int n);
|
||||
int write(int fd, void *buf, int n);
|
||||
int seek(int fd, long off, int whence);
|
||||
int stat(char *path, dir_t *dir);
|
||||
|
||||
- Specific primitives :
|
||||
|
||||
- mount(): create a link between a driver and spec.
|
||||
- create(): create a file in a specific location.
|
||||
- bind(): expose the content of a directory to another directory.
|
||||
|
||||
.. code:: c
|
||||
|
||||
int mount(char *srv, char *mnt, char *spec);
|
||||
int create(const char *name, int flags);
|
||||
int bind(char *path, char *where);
|
||||
|
||||
This interface is embedded into the BL31 run-time payload when selected by build
|
||||
options. The interface multiplexes drivers or emulated "files":
|
||||
|
||||
- Debug data can be partitioned into different virtual files e.g. expose PMF
|
||||
measurements through a file, and internal firmware state counters through
|
||||
another file.
|
||||
- This permits direct access to a firmware driver, mainly for test purposes
|
||||
(e.g. a hardware device that may not be accessible to non-privileged/
|
||||
non-secure layers, or for which no support exists in the NS side).
|
||||
|
||||
SMC interface
|
||||
-------------
|
||||
|
||||
The communication with the 9p layer in BL31 is made through an SMC conduit
|
||||
(`SMC Calling Convention`_), using a specific SiP Function Id. An NS
|
||||
shared buffer is used to pass path string parameters, or e.g. to exchange
|
||||
data on a read operation. Refer to :ref:`ARM SiP Services <arm sip services>`
|
||||
for a description of the SMC interface.
|
||||
|
||||
Security considerations
|
||||
-----------------------
|
||||
|
||||
- Due to the nature of the exposed data, the feature is considered experimental
|
||||
and importantly **shall only be used in debug builds**.
|
||||
- Several primitive imply string manipulations and usage of string formats.
|
||||
- Special care is taken with the shared buffer to avoid TOCTOU attacks.
|
||||
|
||||
Limitations
|
||||
-----------
|
||||
|
||||
- In order to setup the shared buffer, the component consuming the interface
|
||||
needs to allocate a physical page frame and transmit its address.
|
||||
- In order to map the shared buffer, BL31 requires enabling the dynamic xlat
|
||||
table option.
|
||||
- Data exchange is limited by the shared buffer length. A large read operation
|
||||
might be split into multiple read operations of smaller chunks.
|
||||
- On concurrent access, a spinlock is implemented in the BL31 service to protect
|
||||
the internal work buffer, and re-entrancy into the filesystem layers.
|
||||
- Notice, a physical device driver if exposed by the firmware may conflict with
|
||||
the higher level OS if the latter implements its own driver for the same
|
||||
physical device.
|
||||
|
||||
Applications
|
||||
------------
|
||||
|
||||
The SMC interface is accessible from an NS environment, that is:
|
||||
|
||||
- a test payload, bootloader or hypervisor running at NS-EL2
|
||||
- a Linux kernel driver running at NS-EL1
|
||||
- a Linux userspace application through the kernel driver
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _Notes on the Plan 9 Kernel Source: http://lsub.org/who/nemo/9.pdf
|
||||
.. _Linux 9p remote filesystem protocol: https://www.kernel.org/doc/Documentation/filesystems/9p.txt
|
||||
.. _ARM SiP Services: arm-sip-service.rst
|
||||
597
arm-trusted-firmware.t234/docs/components/el3-spmc.rst
Normal file
597
arm-trusted-firmware.t234/docs/components/el3-spmc.rst
Normal file
@@ -0,0 +1,597 @@
|
||||
EL3 Secure Partition Manager
|
||||
****************************
|
||||
|
||||
.. contents::
|
||||
|
||||
Foreword
|
||||
========
|
||||
|
||||
This document describes the design of the EL3 SPMC based on the FF-A specification.
|
||||
EL3 SPMC provides reference FF-A compliant implementation without S-EL2 virtualization support,
|
||||
to help adopt and migrate to FF-A early.
|
||||
EL3 SPMC implementation in TF-A:
|
||||
|
||||
- Manages a single S-EL1 Secure Partition
|
||||
- Provides a standard protocol for communication and memory sharing between FF-A endpoints.
|
||||
- Provides support for EL3 Logical Partitions to support easy migration from EL3 to S-EL1.
|
||||
|
||||
Sample reference stack
|
||||
======================
|
||||
|
||||
The following diagram illustrates a possible configuration when the
|
||||
FEAT_SEL2 architecture extension is not implemented, showing the SPMD
|
||||
and SPMC at EL3, one S-EL1 secure partition, with an optional
|
||||
Hypervisor:
|
||||
|
||||
.. image:: ../resources/diagrams/ff-a-spm-at-el3.png
|
||||
|
||||
TF-A build options
|
||||
==================
|
||||
|
||||
This section explains the TF-A build options involved in building
|
||||
an FF-A based SPM where the SPMD and SPMC are located at EL3:
|
||||
|
||||
- **SPD=spmd**: this option selects the SPMD component to relay the FF-A
|
||||
protocol from NWd to SWd back and forth. It is not possible to
|
||||
enable another Secure Payload Dispatcher when this option is chosen.
|
||||
- **SPMC_AT_EL3**: this option adjusts the SPMC exception level to being
|
||||
at EL3.
|
||||
- **ARM_SPMC_MANIFEST_DTS**: this option specifies a manifest file
|
||||
providing SP description. It is required when
|
||||
``SPMC_AT_EL3`` is enabled, the secure partitions are loaded
|
||||
by BL2 on behalf of the SPMC.
|
||||
|
||||
Notes:
|
||||
|
||||
- BL32 option is re-purposed to specify the S-EL1 TEE or SP image.
|
||||
BL32 option can be omitted if using TF-A Test Secure Payload as SP.
|
||||
- BL33 option can specify the TFTF binary or a normal world loader
|
||||
such as U-Boot or the UEFI framework payload.
|
||||
|
||||
Sample TF-A build command line when the SPMC is located at EL3:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
SPMC_AT_EL3=1 \
|
||||
BL32=<path-to-tee-binary> (opt for TSP) \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
PLAT=fvp \
|
||||
all fip
|
||||
|
||||
FVP model invocation
|
||||
====================
|
||||
|
||||
Sample FVP command line invocation:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to-fvp-model>/FVP_Base_RevC-2xAEMvA -C pctl.startup=0.0.0.0 \
|
||||
-C cluster0.NUM_CORES=4 -C cluster1.NUM_CORES=4 -C bp.secure_memory=1 \
|
||||
-C bp.secureflashloader.fname=trusted-firmware-a/build/fvp/debug/bl1.bin \
|
||||
-C bp.flashloader0.fname=trusted-firmware-a/build/fvp/debug/fip.bin \
|
||||
-C bp.pl011_uart0.out_file=fvp-uart0.log -C bp.pl011_uart1.out_file=fvp-uart1.log \
|
||||
-C bp.pl011_uart2.out_file=fvp-uart2.log -C bp.vis.disable_visualisation=1
|
||||
|
||||
|
||||
Platform Guide
|
||||
==============
|
||||
|
||||
- Platform Hooks See - `[4]`_
|
||||
|
||||
- plat_spmc_shmem_begin
|
||||
- plat_spmc_shmem_reclaim
|
||||
|
||||
SPMC provides platform hooks related to memory management interfaces.
|
||||
These hooks can be used for platform specific implementations like
|
||||
for managing access control, programming TZ Controller or MPUs.
|
||||
These hooks are called by SPMC before the initial share request completes,
|
||||
and after the final reclaim has been completed.
|
||||
|
||||
- Datastore
|
||||
|
||||
- plat_spmc_shmem_datastore_get
|
||||
|
||||
EL3 SPMC uses datastore for tracking memory transaction descriptors.
|
||||
On FVP platform datastore is allocated from TZC DRAM section.
|
||||
Other platforms need to allocate a similar secure memory region
|
||||
to be used as shared memory datastore.
|
||||
|
||||
The accessor function is used during SPMC initialization to obtain
|
||||
address and size of the datastore.
|
||||
SPMC will also zero out the provided memory region.
|
||||
|
||||
- Platform Defines See - `[5]`_
|
||||
|
||||
- SECURE_PARTITION_COUNT
|
||||
Number of Secure Partitions supported: must be 1.
|
||||
|
||||
- NS_PARTITION_COUNT
|
||||
Number of NWd Partitions supported.
|
||||
|
||||
- MAX_EL3_LP_DESCS_COUNT
|
||||
Number of Logical Partitions supported.
|
||||
|
||||
Logical Secure Partition (LSP)
|
||||
==============================
|
||||
|
||||
- The SPMC provides support for statically allocated EL3 Logical Secure Partitions
|
||||
as per FF-A v1.1 specification.
|
||||
- The DECLARE_LOGICAL_PARTITION macro can be used to add a LSP.
|
||||
- For reference implementation See - `[2]`_
|
||||
|
||||
.. image:: ../resources/diagrams/ff-a-lsp-at-el3.png
|
||||
|
||||
SPMC boot
|
||||
=========
|
||||
|
||||
The SPMD and SPMC are built into the BL31 image along with TF-A's runtime components.
|
||||
BL2 loads the BL31 image as a part of (secure) boot process.
|
||||
|
||||
The SPMC manifest is loaded by BL2 as the ``TOS_FW_CONFIG`` image `[9]`_.
|
||||
|
||||
BL2 passes the SPMC manifest address to BL31 through a register.
|
||||
|
||||
At boot time, the SPMD in BL31 runs from the primary core, initializes the core
|
||||
contexts and launches the SPMC passing the following information through
|
||||
registers:
|
||||
|
||||
- X0 holds the SPMC manifest blob address.
|
||||
- X4 holds the currently running core linear id.
|
||||
|
||||
Parsing SP partition manifests
|
||||
------------------------------
|
||||
|
||||
SPMC consumes the SP manifest, as defined in `[7]`_.
|
||||
SP manifest fields align with Hafnium SP manifest for easy porting.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
compatible = "arm,ffa-manifest-1.0";
|
||||
|
||||
ffa-version = <0x00010001>; /* 31:16 - Major, 15:0 - Minor */
|
||||
id = <0x8001>;
|
||||
uuid = <0x6b43b460 0x74a24b78 0xade24502 0x40682886>;
|
||||
messaging-method = <0x3>; /* Direct Messaging Only */
|
||||
exception-level = <0x2>; /* S-EL1 */
|
||||
execution-state = <0>;
|
||||
execution-ctx-count = <8>;
|
||||
gp-register-num = <0>;
|
||||
power-management-messages = <0x7>;
|
||||
|
||||
|
||||
Passing boot data to the SP
|
||||
---------------------------
|
||||
|
||||
In `[1]`_ , the section "Boot information protocol" defines a method for passing
|
||||
data to the SPs at boot time. It specifies the format for the boot information
|
||||
descriptor and boot information header structures, which describe the data to be
|
||||
exchanged between SPMC and SP.
|
||||
The specification also defines the types of data that can be passed.
|
||||
The aggregate of both the boot info structures and the data itself is designated
|
||||
the boot information blob, and is passed to a Partition as a contiguous memory
|
||||
region.
|
||||
|
||||
Currently, the SPM implementation supports the FDT type which is used to pass the
|
||||
partition's DTB manifest.
|
||||
|
||||
The region for the boot information blob is statically allocated (4K) by SPMC.
|
||||
BLOB contains Boot Info Header, followed by SP Manifest contents.
|
||||
|
||||
The configuration of the boot protocol is done in the SP manifest. As defined by
|
||||
the specification, the manifest field 'gp-register-num' configures the GP register
|
||||
which shall be used to pass the address to the partitions boot information blob when
|
||||
booting the partition.
|
||||
|
||||
Supported interfaces
|
||||
====================
|
||||
|
||||
The following interfaces are exposed to SPs only:
|
||||
|
||||
- ``FFA_MSG_WAIT``
|
||||
- ``FFA_MEM_RETRIEVE_REQ``
|
||||
- ``FFA_MEM_RETRIEVE_RESP``
|
||||
- ``FFA_MEM_RELINQUISH``
|
||||
- ``FFA_SECONDARY_EP_REGISTER``
|
||||
|
||||
The following interfaces are exposed to both NS Client and SPs:
|
||||
|
||||
- ``FFA_VERSION``
|
||||
- ``FFA_FEATURES``
|
||||
- ``FFA_RX_RELEASE``
|
||||
- ``FFA_RXTX_MAP``
|
||||
- ``FFA_RXTX_UNMAP``
|
||||
- ``FFA_PARTITION_INFO_GET``
|
||||
- ``FFA_ID_GET``
|
||||
- ``FFA_MSG_SEND_DIRECT_REQ``
|
||||
- ``FFA_MSG_SEND_DIRECT_RESP``
|
||||
- ``FFA_MEM_FRAG_TX``
|
||||
- ``FFA_SPM_ID_GET``
|
||||
|
||||
The following additional interfaces are forwarded from SPMD to support NS Client:
|
||||
|
||||
- ``FFA_RUN``
|
||||
- ``FFA_MEM_LEND``
|
||||
- ``FFA_MEM_SHARE``
|
||||
- ``FFA_MEM_FRAG_RX``
|
||||
- ``FFA_MEM_RECLAIM``
|
||||
|
||||
|
||||
FFA_VERSION
|
||||
-----------
|
||||
|
||||
``FFA_VERSION`` requires a *requested_version* parameter from the caller.
|
||||
SPMD forwards call to SPMC, the SPMC returns its own implemented version.
|
||||
SPMC asserts SP and SPMC are at same FF-A Version.
|
||||
|
||||
FFA_FEATURES
|
||||
------------
|
||||
|
||||
FF-A features supported by the SPMC may be discovered by secure partitions at
|
||||
boot (that is prior to NWd is booted) or run-time.
|
||||
|
||||
The SPMC calling FFA_FEATURES at secure physical FF-A instance always get
|
||||
FFA_SUCCESS from the SPMD.
|
||||
|
||||
The request made by an Hypervisor or OS kernel is forwarded to the SPMC and
|
||||
the response relayed back to the NWd.
|
||||
|
||||
|
||||
FFA_RXTX_MAP
|
||||
------------
|
||||
|
||||
FFA_RXTX_UNMAP
|
||||
--------------
|
||||
|
||||
When invoked from a secure partition FFA_RXTX_MAP maps the provided send and
|
||||
receive buffers described by their PAs to the EL3 translation regime
|
||||
as secure buffers in the MMU descriptors.
|
||||
|
||||
When invoked from the Hypervisor or OS kernel, the buffers are mapped into the
|
||||
SPMC EL3 translation regime and marked as NS buffers in the MMU
|
||||
descriptors.
|
||||
|
||||
The FFA_RXTX_UNMAP unmaps the RX/TX pair from the translation regime of the
|
||||
caller, either it being the Hypervisor or OS kernel, as well as a secure
|
||||
partition.
|
||||
|
||||
FFA_PARTITION_INFO_GET
|
||||
----------------------
|
||||
|
||||
Partition info get call can originate:
|
||||
|
||||
- from SP to SPMC
|
||||
- from Hypervisor or OS kernel to SPMC. The request is relayed by the SPMD.
|
||||
|
||||
The format (v1.0 or v1.1) of the populated data structure returned is based upon the
|
||||
FFA version of the calling entity.
|
||||
|
||||
EL3 SPMC also supports returning only the count of partitions deployed.
|
||||
|
||||
All LSPs and SP are discoverable from FFA_PARTITION_INFO_GET call made by
|
||||
either SP or NWd entities.
|
||||
|
||||
FFA_ID_GET
|
||||
----------
|
||||
|
||||
The FF-A ID space is split into a non-secure space and secure space:
|
||||
|
||||
- FF-A ID with bit 15 clear relates to VMs.
|
||||
- FF-A ID with bit 15 set related to SPs or LSPs.
|
||||
- FF-A IDs 0, 0xffff, 0x8000 are assigned respectively to the Hypervisor
|
||||
(or OS Kernel if Hyp is absent), SPMD and SPMC.
|
||||
|
||||
This convention helps the SPM to determine the origin and destination worlds in
|
||||
an FF-A ABI invocation. In particular the SPM shall filter unauthorized
|
||||
transactions in its world switch routine. It must not be permitted for a VM to
|
||||
use a secure FF-A ID as origin world by spoofing:
|
||||
|
||||
- A VM-to-SP direct request/response shall set the origin world to be non-secure
|
||||
(FF-A ID bit 15 clear) and destination world to be secure (FF-A ID bit 15
|
||||
set).
|
||||
- Similarly, an SP-to-LSP direct request/response shall set the FF-A ID bit 15
|
||||
for both origin and destination IDs.
|
||||
|
||||
An incoming direct message request arriving at SPMD from NWd is forwarded to
|
||||
SPMC without a specific check. The SPMC is resumed through eret and "knows" the
|
||||
message is coming from normal world in this specific code path. Thus the origin
|
||||
endpoint ID must be checked by SPMC for being a normal world ID.
|
||||
|
||||
An SP sending a direct message request must have bit 15 set in its origin
|
||||
endpoint ID and this can be checked by the SPMC when the SP invokes the ABI.
|
||||
|
||||
The SPMC shall reject the direct message if the claimed world in origin endpoint
|
||||
ID is not consistent:
|
||||
|
||||
- It is either forwarded by SPMD and thus origin endpoint ID must be a "normal
|
||||
world ID",
|
||||
- or initiated by an SP and thus origin endpoint ID must be a "secure world ID".
|
||||
|
||||
|
||||
FFA_MSG_SEND_DIRECT_REQ
|
||||
-----------------------
|
||||
|
||||
FFA_MSG_SEND_DIRECT_RESP
|
||||
------------------------
|
||||
|
||||
This is a mandatory interface for secure partitions participating in direct request
|
||||
and responses with the following rules:
|
||||
|
||||
- An SP can send a direct request to LSP.
|
||||
- An LSP can send a direct response to SP.
|
||||
- An SP cannot send a direct request to an Hypervisor or OS kernel.
|
||||
- An Hypervisor or OS kernel can send a direct request to an SP or LSP.
|
||||
- An SP and LSP can send a direct response to an Hypervisor or OS kernel.
|
||||
- SPMD can send direct request to SPMC.
|
||||
|
||||
FFA_SPM_ID_GET
|
||||
--------------
|
||||
|
||||
Returns the FF-A ID allocated to an SPM component which can be one of SPMD
|
||||
or SPMC.
|
||||
|
||||
At initialization, the SPMC queries the SPMD for the SPMC ID, using the
|
||||
FFA_ID_GET interface, and records it. The SPMC can also query the SPMD ID using
|
||||
the FFA_SPM_ID_GET interface at the secure physical FF-A instance.
|
||||
|
||||
Secure partitions call this interface at the virtual FF-A instance, to which
|
||||
the SPMC returns the SPMC ID.
|
||||
|
||||
The Hypervisor or OS kernel can issue the FFA_SPM_ID_GET call handled by the
|
||||
SPMD, which returns the SPMC ID.
|
||||
|
||||
FFA_ID_GET
|
||||
----------
|
||||
|
||||
Returns the FF-A ID of the calling endpoint.
|
||||
|
||||
FFA_MEM_SHARE
|
||||
-------------
|
||||
|
||||
FFA_MEM_LEND
|
||||
------------
|
||||
|
||||
- If SP is borrower in the memory transaction, these calls are forwarded to SPMC.
|
||||
SPMC performs Relayer responsibilities, caches the memory descriptors in the datastore,
|
||||
and allocates FF-A memory handle.
|
||||
- If format of descriptor was v1.0, SPMC converts the descriptor to v1.1 before caching.
|
||||
In case of fragmented sharing, conversion of memory descriptors happens after last
|
||||
fragment has been received.
|
||||
- Multiple borrowers (including NWd endpoint) and fragmented memory sharing are supported.
|
||||
|
||||
FFA_MEM_RETRIEVE_REQ
|
||||
--------------------
|
||||
|
||||
FFA_MEM_RETRIEVE_RESP
|
||||
---------------------
|
||||
|
||||
- Memory retrieve is supported only from SP.
|
||||
- SPMC fetches the cached memory descriptor from the datastore,
|
||||
- Performs Relayer responsiilities and sends FFA_MEM_RETRIEVE_RESP back to SP.
|
||||
- If descriptor size is more than RX buffer size, SPMC will send the descriptor in fragments.
|
||||
- SPMC will set NS Bit to 1 in memory descriptor response.
|
||||
|
||||
FFA_MEM_FRAG_RX
|
||||
---------------
|
||||
|
||||
FFA_MEM_FRAG_TX
|
||||
---------------
|
||||
|
||||
FFA_MEM_FRAG_RX is to be used by:
|
||||
|
||||
- SP if FFA_MEM_RETRIEVE_RESP returned descriptor with fragment length less than total length.
|
||||
- or by SPMC if FFA_MEM_SHARE/FFA_MEM_LEND is called with fragment length less than total length.
|
||||
|
||||
SPMC validates handle and Endpoint ID and returns response with FFA_MEM_FRAG_TX.
|
||||
|
||||
FFA_SECONDARY_EP_REGISTER
|
||||
-------------------------
|
||||
|
||||
When the SPMC boots, secure partition is initialized on its primary
|
||||
Execution Context.
|
||||
|
||||
The FFA_SECONDARY_EP_REGISTER interface is to be used by a secure partition
|
||||
from its first execution context, to provide the entry point address for
|
||||
secondary execution contexts.
|
||||
|
||||
A secondary EC is first resumed either upon invocation of PSCI_CPU_ON from
|
||||
the NWd or by invocation of FFA_RUN.
|
||||
|
||||
Power management
|
||||
================
|
||||
|
||||
In platforms with or without secure virtualization:
|
||||
|
||||
- The NWd owns the platform PM policy.
|
||||
- The Hypervisor or OS kernel is the component initiating PSCI service calls.
|
||||
- The EL3 PSCI library is in charge of the PM coordination and control
|
||||
(eventually writing to platform registers).
|
||||
- While coordinating PM events, the PSCI library calls backs into the Secure
|
||||
Payload Dispatcher for events the latter has statically registered to.
|
||||
|
||||
When using the SPMD as a Secure Payload Dispatcher:
|
||||
|
||||
- A power management event is relayed through the SPD hook to the SPMC.
|
||||
- In the current implementation CPU_ON (svc_on_finish), CPU_OFF
|
||||
(svc_off), CPU_SUSPEND (svc_suspend) and CPU_SUSPEND_RESUME (svc_suspend_finish)
|
||||
hooks are registered.
|
||||
|
||||
Secure partitions scheduling
|
||||
============================
|
||||
|
||||
The FF-A specification `[1]`_ provides two ways to relinquinsh CPU time to
|
||||
secure partitions. For this a VM (Hypervisor or OS kernel), or SP invokes one of:
|
||||
|
||||
- the FFA_MSG_SEND_DIRECT_REQ interface.
|
||||
- the FFA_RUN interface.
|
||||
|
||||
Additionally a secure interrupt can pre-empt the normal world execution and give
|
||||
CPU cycles by transitioning to EL3.
|
||||
|
||||
Partition Runtime State and Model
|
||||
=================================
|
||||
|
||||
EL3 SPMC implements Partition runtime states are described in v1.1 FF-A specification `[1]`_
|
||||
|
||||
An SP can be in one of the following state:
|
||||
|
||||
- RT_STATE_WAITING
|
||||
- RT_STATE_RUNNING
|
||||
- RT_STATE_PREEMPTED
|
||||
- RT_STATE_BLOCKED
|
||||
|
||||
An SP will transition to one of the following runtime model when not in waiting state:
|
||||
|
||||
- RT_MODEL_DIR_REQ
|
||||
- RT_MODEL_RUN
|
||||
- RT_MODEL_INIT
|
||||
- RT_MODEL_INTR
|
||||
|
||||
Platform topology
|
||||
=================
|
||||
|
||||
SPMC only supports a single Pinned MP S-EL1 SP. The *execution-ctx-count*
|
||||
SP manifest field should match the number of physical PE.
|
||||
|
||||
Interrupt handling
|
||||
==================
|
||||
|
||||
Secure Interrupt handling
|
||||
-------------------------
|
||||
|
||||
- SPMC is capable of forwarding Secure interrupt to S-EL1 SP
|
||||
which has preempted the normal world.
|
||||
- Interrupt is forwarded to SP using FFA_INTERRUPT interface.
|
||||
- Interrupt Number is not passed, S-EL1 SP can access the GIC registers directly.
|
||||
- Upon completion of Interrupt handling SP is expected to return to
|
||||
SPMC using FFA_MSG_WAIT interface.
|
||||
- SPMC returns to normal world after interrupt handling is completed.
|
||||
|
||||
In the scenario when secure interrupt occurs while the secure partition is running,
|
||||
the SPMC is not involved and the handling is implementation defined in the TOS.
|
||||
|
||||
Non-Secure Interrupt handling
|
||||
-----------------------------
|
||||
|
||||
The 'managed exit' scenario is the responsibility of the TOS and the SPMC is not involved.
|
||||
|
||||
Test Secure Payload (TSP)
|
||||
=========================
|
||||
|
||||
- TSP provides reference implementation of FF-A programming model.
|
||||
- TSP has the following support:
|
||||
|
||||
- SP initialization on all CPUs.
|
||||
- Consuming Power Messages including CPU_ON, CPU_OFF, CPU_SUSPEND, CPU_SUSPEND_RESUME.
|
||||
- Event Loop to receive Direct Requests.
|
||||
- Sending Direct Response.
|
||||
- Memory Sharing helper library.
|
||||
- Ability to handle secure interrupt (timer).
|
||||
|
||||
TSP Tests in CI
|
||||
---------------
|
||||
|
||||
- TSP Tests are exercised in the TF-A CI using prebuilt FF-A Linux Test driver in NWd.
|
||||
- Expected output:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
#ioctl 255
|
||||
Test: Echo Message to SP.
|
||||
Status: Completed Test Case: 1
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Message Relay vis SP to EL3 LSP.
|
||||
Status: Completed Test Case: 2
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Send.
|
||||
Verified 1 constituents successfully
|
||||
Status: Completed Test Case: 3
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Send in Fragments.
|
||||
Verified 256 constituents successfully
|
||||
Status: Completed Test Case: 4
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Lend.
|
||||
Verified 1 constituents successfully
|
||||
Status: Completed Test Case: 5
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Lend in Fragments.
|
||||
Verified 256 constituents successfully
|
||||
Status: Completed Test Case: 6
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Send with Multiple Endpoints.
|
||||
random: fast init done
|
||||
Verified 256 constituents successfully
|
||||
Status: Completed Test Case: 7
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Memory Lend with Multiple Endpoints.
|
||||
Verified 256 constituents successfully
|
||||
Status: Completed Test Case: 8
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Ensure Duplicate Memory Send Requests are Rejected.
|
||||
Status: Completed Test Case: 9
|
||||
Test Executed Successfully
|
||||
|
||||
Test: Ensure Duplicate Memory Lend Requests are Rejected.
|
||||
Status: Completed Test Case: 10
|
||||
Test Executed Successfully
|
||||
|
||||
0 Tests Failed
|
||||
|
||||
Exiting Test Application - Total Failures: 0
|
||||
|
||||
|
||||
References
|
||||
==========
|
||||
|
||||
.. _[1]:
|
||||
|
||||
[1] `Arm Firmware Framework for Arm A-profile <https://developer.arm.com/docs/den0077/latest>`__
|
||||
|
||||
.. _[2]:
|
||||
|
||||
[2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fvp_el3_spmc_logical_sp.c
|
||||
|
||||
.. _[3]:
|
||||
|
||||
[3] `Trusted Boot Board Requirements
|
||||
Client <https://developer.arm.com/documentation/den0006/d/>`__
|
||||
|
||||
.. _[4]:
|
||||
|
||||
[4] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fvp_el3_spmc.c
|
||||
|
||||
.. _[5]:
|
||||
|
||||
[5] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/include/platform_def.h
|
||||
|
||||
.. _[6]:
|
||||
|
||||
[6] https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html
|
||||
|
||||
.. _[7]:
|
||||
|
||||
[7] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fdts/fvp_tsp_sp_manifest.dts
|
||||
|
||||
.. _[8]:
|
||||
|
||||
[8] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/CFQFGU6H2D5GZYMUYGTGUSXIU3OYZP6U/
|
||||
|
||||
.. _[9]:
|
||||
|
||||
[9] https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#dynamic-configuration-during-cold-boot
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
|
||||
619
arm-trusted-firmware.t234/docs/components/exception-handling.rst
Normal file
619
arm-trusted-firmware.t234/docs/components/exception-handling.rst
Normal file
@@ -0,0 +1,619 @@
|
||||
Exception Handling Framework
|
||||
============================
|
||||
|
||||
This document describes various aspects of handling exceptions by Runtime
|
||||
Firmware (BL31) that are targeted at EL3, other than SMCs. The |EHF| takes care
|
||||
of the following exceptions when targeted at EL3:
|
||||
|
||||
- Interrupts
|
||||
- Synchronous External Aborts
|
||||
- Asynchronous External Aborts
|
||||
|
||||
|TF-A|'s handling of synchronous ``SMC`` exceptions raised from lower ELs is
|
||||
described in the :ref:`Firmware Design document <handling-an-smc>`. However, the
|
||||
|EHF| changes the semantics of `Interrupt handling`_ and :ref:`synchronous
|
||||
exceptions <Effect on SMC calls>` other than SMCs.
|
||||
|
||||
The |EHF| is selected by setting the build option ``EL3_EXCEPTION_HANDLING`` to
|
||||
``1``, and is only available for AArch64 systems.
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Through various control bits in the ``SCR_EL3`` register, the Arm architecture
|
||||
allows for asynchronous exceptions to be routed to EL3. As described in the
|
||||
:ref:`Interrupt Management Framework` document, depending on the chosen
|
||||
interrupt routing model, TF-A appropriately sets the ``FIQ`` and ``IRQ`` bits of
|
||||
``SCR_EL3`` register to effect this routing. For most use cases, other than for
|
||||
the purpose of facilitating context switch between Normal and Secure worlds,
|
||||
FIQs and IRQs routed to EL3 are not required to be handled in EL3.
|
||||
|
||||
However, the evolving system and standards landscape demands that various
|
||||
exceptions are targeted at and handled in EL3. For instance:
|
||||
|
||||
- Starting with ARMv8.2 architecture extension, many RAS features have been
|
||||
introduced to the Arm architecture. With RAS features implemented, various
|
||||
components of the system may use one of the asynchronous exceptions to signal
|
||||
error conditions to PEs. These error conditions are of critical nature, and
|
||||
it's imperative that corrective or remedial actions are taken at the earliest
|
||||
opportunity. Therefore, a *Firmware-first Handling* approach is generally
|
||||
followed in response to RAS events in the system.
|
||||
|
||||
- The Arm `SDEI specification`_ defines interfaces through which Normal world
|
||||
interacts with the Runtime Firmware in order to request notification of
|
||||
system events. The |SDEI| specification requires that these events are
|
||||
notified even when the Normal world executes with the exceptions masked. This
|
||||
too implies that firmware-first handling is required, where the events are
|
||||
first received by the EL3 firmware, and then dispatched to Normal world
|
||||
through purely software mechanism.
|
||||
|
||||
For |TF-A|, firmware-first handling means that asynchronous exceptions are
|
||||
suitably routed to EL3, and the Runtime Firmware (BL31) is extended to include
|
||||
software components that are capable of handling those exceptions that target
|
||||
EL3. These components—referred to as *dispatchers* [#spd]_ in general—may
|
||||
choose to:
|
||||
|
||||
.. _delegation-use-cases:
|
||||
|
||||
- Receive and handle exceptions entirely in EL3, meaning the exceptions
|
||||
handling terminates in EL3.
|
||||
|
||||
- Receive exceptions, but handle part of the exception in EL3, and delegate the
|
||||
rest of the handling to a dedicated software stack running at lower Secure
|
||||
ELs. In this scheme, the handling spans various secure ELs.
|
||||
|
||||
- Receive exceptions, but handle part of the exception in EL3, and delegate
|
||||
processing of the error to dedicated software stack running at lower secure
|
||||
ELs (as above); additionally, the Normal world may also be required to
|
||||
participate in the handling, or be notified of such events (for example, as
|
||||
an |SDEI| event). In this scheme, exception handling potentially and
|
||||
maximally spans all ELs in both Secure and Normal worlds.
|
||||
|
||||
On any given system, all of the above handling models may be employed
|
||||
independently depending on platform choice and the nature of the exception
|
||||
received.
|
||||
|
||||
.. [#spd] Not to be confused with :ref:`Secure Payload Dispatcher
|
||||
<firmware_design_sel1_spd>`, which is an EL3 component that operates in EL3
|
||||
on behalf of Secure OS.
|
||||
|
||||
The role of Exception Handling Framework
|
||||
----------------------------------------
|
||||
|
||||
Corollary to the use cases cited above, the primary role of the |EHF| is to
|
||||
facilitate firmware-first handling of exceptions on Arm systems. The |EHF| thus
|
||||
enables multiple exception dispatchers in runtime firmware to co-exist, register
|
||||
for, and handle exceptions targeted at EL3. This section outlines the basics,
|
||||
and the rest of this document expands the various aspects of the |EHF|.
|
||||
|
||||
In order to arbitrate exception handling among dispatchers, the |EHF| operation
|
||||
is based on a priority scheme. This priority scheme is closely tied to how the
|
||||
Arm GIC architecture defines it, although it's applied to non-interrupt
|
||||
exceptions too (SErrors, for example).
|
||||
|
||||
The platform is required to `partition`__ the Secure priority space into
|
||||
priority levels as applicable for the Secure software stack. It then assigns the
|
||||
dispatchers to one or more priority levels. The dispatchers then register
|
||||
handlers for the priority levels at runtime. A dispatcher can register handlers
|
||||
for more than one priority level.
|
||||
|
||||
.. __: `Partitioning priority levels`_
|
||||
|
||||
|
||||
.. _ehf-figure:
|
||||
|
||||
.. image:: ../resources/diagrams/draw.io/ehf.svg
|
||||
|
||||
A priority level is *active* when a handler at that priority level is currently
|
||||
executing in EL3, or has delegated the execution to a lower EL. For interrupts,
|
||||
this is implicit when an interrupt is targeted and acknowledged at EL3, and the
|
||||
priority of the acknowledged interrupt is used to match its registered handler.
|
||||
The priority level is likewise implicitly deactivated when the interrupt
|
||||
handling concludes by EOIing the interrupt.
|
||||
|
||||
Non-interrupt exceptions (SErrors, for example) don't have a notion of priority.
|
||||
In order for the priority arbitration to work, the |EHF| provides APIs in order
|
||||
for these non-interrupt exceptions to assume a priority, and to interwork with
|
||||
interrupts. Dispatchers handling such exceptions must therefore explicitly
|
||||
activate and deactivate the respective priority level as and when they're
|
||||
handled or delegated.
|
||||
|
||||
Because priority activation and deactivation for interrupt handling is implicit
|
||||
and involves GIC priority masking, it's impossible for a lower priority
|
||||
interrupt to preempt a higher priority one. By extension, this means that a
|
||||
lower priority dispatcher cannot preempt a higher-priority one. Priority
|
||||
activation and deactivation for non-interrupt exceptions, however, has to be
|
||||
explicit. The |EHF| therefore disallows for lower priority level to be activated
|
||||
whilst a higher priority level is active, and would result in a panic.
|
||||
Likewise, a panic would result if it's attempted to deactivate a lower priority
|
||||
level when a higher priority level is active.
|
||||
|
||||
In essence, priority level activation and deactivation conceptually works like a
|
||||
stack—priority levels stack up in strictly increasing fashion, and need to be
|
||||
unstacked in strictly the reverse order. For interrupts, the GIC ensures this is
|
||||
the case; for non-interrupts, the |EHF| monitors and asserts this. See
|
||||
`Transition of priority levels`_.
|
||||
|
||||
.. _interrupt-handling:
|
||||
|
||||
Interrupt handling
|
||||
------------------
|
||||
|
||||
The |EHF| is a client of *Interrupt Management Framework*, and registers the
|
||||
top-level handler for interrupts that target EL3, as described in the
|
||||
:ref:`Interrupt Management Framework` document. This has the following
|
||||
implications:
|
||||
|
||||
- On GICv3 systems, when executing in S-EL1, pending Non-secure interrupts of
|
||||
sufficient priority are signalled as FIQs, and therefore will be routed to
|
||||
EL3. As a result, S-EL1 software cannot expect to handle Non-secure
|
||||
interrupts at S-EL1. Essentially, this deprecates the routing mode described
|
||||
as :ref:`CSS=0, TEL3=0 <EL3 interrupts>`.
|
||||
|
||||
In order for S-EL1 software to handle Non-secure interrupts while having
|
||||
|EHF| enabled, the dispatcher must adopt a model where Non-secure interrupts
|
||||
are received at EL3, but are then :ref:`synchronously <sp-synchronous-int>`
|
||||
handled over to S-EL1.
|
||||
|
||||
- On GICv2 systems, it's required that the build option ``GICV2_G0_FOR_EL3`` is
|
||||
set to ``1`` so that *Group 0* interrupts target EL3.
|
||||
|
||||
- While executing in Secure world, |EHF| sets GIC Priority Mask Register to the
|
||||
lowest Secure priority. This means that no Non-secure interrupts can preempt
|
||||
Secure execution. See `Effect on SMC calls`_ for more details.
|
||||
|
||||
As mentioned above, with |EHF|, the platform is required to partition *Group 0*
|
||||
interrupts into distinct priority levels. A dispatcher that chooses to receive
|
||||
interrupts can then *own* one or more priority levels, and register interrupt
|
||||
handlers for them. A given priority level can be assigned to only one handler. A
|
||||
dispatcher may register more than one priority level.
|
||||
|
||||
Dispatchers are assigned interrupt priority levels in two steps:
|
||||
|
||||
.. _Partitioning priority levels:
|
||||
|
||||
Partitioning priority levels
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Interrupts are associated to dispatchers by way of grouping and assigning
|
||||
interrupts to a priority level. In other words, all interrupts that are to
|
||||
target a particular dispatcher should fall in a particular priority level. For
|
||||
priority assignment:
|
||||
|
||||
- Of the 8 bits of priority that Arm GIC architecture permits, bit 7 must be 0
|
||||
(secure space).
|
||||
|
||||
- Depending on the number of dispatchers to support, the platform must choose
|
||||
to use the top *n* of the 7 remaining bits to identify and assign interrupts
|
||||
to individual dispatchers. Choosing *n* bits supports up to 2\ :sup:`n`
|
||||
distinct dispatchers. For example, by choosing 2 additional bits (i.e., bits
|
||||
6 and 5), the platform can partition into 4 secure priority ranges: ``0x0``,
|
||||
``0x20``, ``0x40``, and ``0x60``. See `Interrupt handling example`_.
|
||||
|
||||
.. note::
|
||||
|
||||
The Arm GIC architecture requires that a GIC implementation that supports two
|
||||
security states must implement at least 32 priority levels; i.e., at least 5
|
||||
upper bits of the 8 bits are writeable. In the scheme described above, when
|
||||
choosing *n* bits for priority range assignment, the platform must ensure
|
||||
that at least ``n+1`` top bits of GIC priority are writeable.
|
||||
|
||||
The priority thus assigned to an interrupt is also used to determine the
|
||||
priority of delegated execution in lower ELs. Delegated execution in lower EL is
|
||||
associated with a priority level chosen with ``ehf_activate_priority()`` API
|
||||
(described `later`__). The chosen priority level also determines the interrupts
|
||||
masked while executing in a lower EL, therefore controls preemption of delegated
|
||||
execution.
|
||||
|
||||
.. __: `ehf-apis`_
|
||||
|
||||
The platform expresses the chosen priority levels by declaring an array of
|
||||
priority level descriptors. Each entry in the array is of type
|
||||
``ehf_pri_desc_t``, and declares a priority level, and shall be populated by the
|
||||
``EHF_PRI_DESC()`` macro.
|
||||
|
||||
.. warning::
|
||||
|
||||
The macro ``EHF_PRI_DESC()`` installs the descriptors in the array at a
|
||||
computed index, and not necessarily where the macro is placed in the array.
|
||||
The size of the array might therefore be larger than what it appears to be.
|
||||
The ``ARRAY_SIZE()`` macro therefore should be used to determine the size of
|
||||
array.
|
||||
|
||||
Finally, this array of descriptors is exposed to |EHF| via the
|
||||
``EHF_REGISTER_PRIORITIES()`` macro.
|
||||
|
||||
Refer to the `Interrupt handling example`_ for usage. See also: `Interrupt
|
||||
Prioritisation Considerations`_.
|
||||
|
||||
Programming priority
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The text in `Partitioning priority levels`_ only describes how the platform
|
||||
expresses the required levels of priority. It however doesn't choose interrupts
|
||||
nor program the required priority in GIC.
|
||||
|
||||
The :ref:`Firmware Design guide<configuring-secure-interrupts>` explains methods
|
||||
for configuring secure interrupts. |EHF| requires the platform to enumerate
|
||||
interrupt properties (as opposed to just numbers) of Secure interrupts. The
|
||||
priority of secure interrupts must match that as determined in the
|
||||
`Partitioning priority levels`_ section above.
|
||||
|
||||
See `Limitations`_, and also refer to `Interrupt handling example`_ for
|
||||
illustration.
|
||||
|
||||
Registering handler
|
||||
-------------------
|
||||
|
||||
Dispatchers register handlers for their priority levels through the following
|
||||
API:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int ehf_register_priority_handler(int pri, ehf_handler_t handler)
|
||||
|
||||
The API takes two arguments:
|
||||
|
||||
- The priority level for which the handler is being registered;
|
||||
|
||||
- The handler to be registered. The handler must be aligned to 4 bytes.
|
||||
|
||||
If a dispatcher owns more than one priority levels, it has to call the API for
|
||||
each of them.
|
||||
|
||||
The API will succeed, and return ``0``, only if:
|
||||
|
||||
- There exists a descriptor with the priority level requested.
|
||||
|
||||
- There are no handlers already registered by a previous call to the API.
|
||||
|
||||
Otherwise, the API returns ``-1``.
|
||||
|
||||
The interrupt handler should have the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*ehf_handler_t)(uint32_t intr_raw, uint32_t flags, void *handle,
|
||||
void *cookie);
|
||||
|
||||
The parameters are as obtained from the top-level :ref:`EL3 interrupt handler
|
||||
<el3-runtime-firmware>`.
|
||||
|
||||
The :ref:`SDEI dispatcher<SDEI: Software Delegated Exception Interface>`, for
|
||||
example, expects the platform to allocate two different priority levels—
|
||||
``PLAT_SDEI_CRITICAL_PRI``, and ``PLAT_SDEI_NORMAL_PRI`` —and registers the
|
||||
same handler to handle both levels.
|
||||
|
||||
Interrupt handling example
|
||||
--------------------------
|
||||
|
||||
The following annotated snippet demonstrates how a platform might choose to
|
||||
assign interrupts to fictitious dispatchers:
|
||||
|
||||
.. code:: c
|
||||
|
||||
#include <common/interrupt_props.h>
|
||||
#include <drivers/arm/gic_common.h>
|
||||
#include <exception_mgmt.h>
|
||||
|
||||
...
|
||||
|
||||
/*
|
||||
* This platform uses 2 bits for interrupt association. In total, 3 upper
|
||||
* bits are in use.
|
||||
*
|
||||
* 7 6 5 3 0
|
||||
* .-.-.-.----------.
|
||||
* |0|b|b| ..0.. |
|
||||
* '-'-'-'----------'
|
||||
*/
|
||||
#define PLAT_PRI_BITS 2
|
||||
|
||||
/* Priorities for individual dispatchers */
|
||||
#define DISP0_PRIO 0x00 /* Not used */
|
||||
#define DISP1_PRIO 0x20
|
||||
#define DISP2_PRIO 0x40
|
||||
#define DISP3_PRIO 0x60
|
||||
|
||||
/* Install priority level descriptors for each dispatcher */
|
||||
ehf_pri_desc_t plat_exceptions[] = {
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP1_PRIO),
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP2_PRIO),
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP3_PRIO),
|
||||
};
|
||||
|
||||
/* Expose priority descriptors to Exception Handling Framework */
|
||||
EHF_REGISTER_PRIORITIES(plat_exceptions, ARRAY_SIZE(plat_exceptions),
|
||||
PLAT_PRI_BITS);
|
||||
|
||||
...
|
||||
|
||||
/* List interrupt properties for GIC driver. All interrupts target EL3 */
|
||||
const interrupt_prop_t plat_interrupts[] = {
|
||||
/* Dispatcher 1 owns interrupts d1_0 and d1_1, so assigns priority DISP1_PRIO */
|
||||
INTR_PROP_DESC(d1_0, DISP1_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d1_1, DISP1_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
|
||||
/* Dispatcher 2 owns interrupts d2_0 and d2_1, so assigns priority DISP2_PRIO */
|
||||
INTR_PROP_DESC(d2_0, DISP2_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d2_1, DISP2_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
|
||||
/* Dispatcher 3 owns interrupts d3_0 and d3_1, so assigns priority DISP3_PRIO */
|
||||
INTR_PROP_DESC(d3_0, DISP3_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d3_1, DISP3_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
};
|
||||
|
||||
...
|
||||
|
||||
/* Dispatcher 1 registers its handler */
|
||||
ehf_register_priority_handler(DISP1_PRIO, disp1_handler);
|
||||
|
||||
/* Dispatcher 2 registers its handler */
|
||||
ehf_register_priority_handler(DISP2_PRIO, disp2_handler);
|
||||
|
||||
/* Dispatcher 3 registers its handler */
|
||||
ehf_register_priority_handler(DISP3_PRIO, disp3_handler);
|
||||
|
||||
...
|
||||
|
||||
See also the `Build-time flow`_ and the `Run-time flow`_.
|
||||
|
||||
.. _Activating and Deactivating priorities:
|
||||
|
||||
Activating and Deactivating priorities
|
||||
--------------------------------------
|
||||
|
||||
A priority level is said to be *active* when an exception of that priority is
|
||||
being handled: for interrupts, this is implied when the interrupt is
|
||||
acknowledged; for non-interrupt exceptions, such as SErrors or :ref:`SDEI
|
||||
explicit dispatches <explicit-dispatch-of-events>`, this has to be done via
|
||||
calling ``ehf_activate_priority()``. See `Run-time flow`_.
|
||||
|
||||
Conversely, when the dispatcher has reached a logical resolution for the cause
|
||||
of the exception, the corresponding priority level ought to be deactivated. As
|
||||
above, for interrupts, this is implied when the interrupt is EOId in the GIC;
|
||||
for other exceptions, this has to be done via calling
|
||||
``ehf_deactivate_priority()``.
|
||||
|
||||
Thanks to `different provisions`__ for exception delegation, there are
|
||||
potentially more than one work flow for deactivation:
|
||||
|
||||
.. __: `delegation-use-cases`_
|
||||
|
||||
.. _deactivation workflows:
|
||||
|
||||
- The dispatcher has addressed the cause of the exception, and decided to take
|
||||
no further action. In this case, the dispatcher's handler deactivates the
|
||||
priority level before returning to the |EHF|. Runtime firmware, upon exit
|
||||
through an ``ERET``, resumes execution before the interrupt occurred.
|
||||
|
||||
- The dispatcher has to delegate the execution to lower ELs, and the cause of
|
||||
the exception can be considered resolved only when the lower EL returns
|
||||
signals complete (via an ``SMC``) at a future point in time. The following
|
||||
sequence ensues:
|
||||
|
||||
#. The dispatcher calls ``setjmp()`` to setup a jump point, and arranges to
|
||||
enter a lower EL upon the next ``ERET``.
|
||||
|
||||
#. Through the ensuing ``ERET`` from runtime firmware, execution is delegated
|
||||
to a lower EL.
|
||||
|
||||
#. The lower EL completes its execution, and signals completion via an
|
||||
``SMC``.
|
||||
|
||||
#. The ``SMC`` is handled by the same dispatcher that handled the exception
|
||||
previously. Noticing the conclusion of exception handling, the dispatcher
|
||||
does ``longjmp()`` to resume beyond the previous jump point.
|
||||
|
||||
As mentioned above, the |EHF| provides the following APIs for activating and
|
||||
deactivating interrupt:
|
||||
|
||||
.. _ehf-apis:
|
||||
|
||||
- ``ehf_activate_priority()`` activates the supplied priority level, but only
|
||||
if the current active priority is higher than the given one; otherwise
|
||||
panics. Also, to prevent interruption by physical interrupts of lower
|
||||
priority, the |EHF| programs the *Priority Mask Register* corresponding to
|
||||
the PE to the priority being activated. Dispatchers typically only need to
|
||||
call this when handling exceptions other than interrupts, and it needs to
|
||||
delegate execution to a lower EL at a desired priority level.
|
||||
|
||||
- ``ehf_deactivate_priority()`` deactivates a given priority, but only if the
|
||||
current active priority is equal to the given one; otherwise panics. |EHF|
|
||||
also restores the *Priority Mask Register* corresponding to the PE to the
|
||||
priority before the call to ``ehf_activate_priority()``. Dispatchers
|
||||
typically only need to call this after handling exceptions other than
|
||||
interrupts.
|
||||
|
||||
The calling of APIs are subject to allowed `transitions`__. See also the
|
||||
`Run-time flow`_.
|
||||
|
||||
.. __: `Transition of priority levels`_
|
||||
|
||||
Transition of priority levels
|
||||
-----------------------------
|
||||
|
||||
The |EHF| APIs ``ehf_activate_priority()`` and ``ehf_deactivate_priority()`` can
|
||||
be called to transition the current priority level on a PE. A given sequence of
|
||||
calls to these APIs are subject to the following conditions:
|
||||
|
||||
- For activation, the |EHF| only allows for the priority to increase (i.e.
|
||||
numeric value decreases);
|
||||
|
||||
- For deactivation, the |EHF| only allows for the priority to decrease (i.e.
|
||||
numeric value increases). Additionally, the priority being deactivated is
|
||||
required to be the current priority.
|
||||
|
||||
If these are violated, a panic will result.
|
||||
|
||||
.. _Effect on SMC calls:
|
||||
|
||||
Effect on SMC calls
|
||||
-------------------
|
||||
|
||||
In general, Secure execution is regarded as more important than Non-secure
|
||||
execution. As discussed elsewhere in this document, EL3 execution, and any
|
||||
delegated execution thereafter, has the effect of raising GIC's priority
|
||||
mask—either implicitly by acknowledging Secure interrupts, or when dispatchers
|
||||
call ``ehf_activate_priority()``. As a result, Non-secure interrupts cannot
|
||||
preempt any Secure execution.
|
||||
|
||||
SMCs from Non-secure world are synchronous exceptions, and are mechanisms for
|
||||
Non-secure world to request Secure services. They're broadly classified as
|
||||
*Fast* or *Yielding* (see `SMCCC`__).
|
||||
|
||||
.. __: https://developer.arm.com/docs/den0028/latest
|
||||
|
||||
- *Fast* SMCs are atomic from the caller's point of view. I.e., they return
|
||||
to the caller only when the Secure world has finished serving the request.
|
||||
Any Non-secure interrupts that become pending meanwhile cannot preempt Secure
|
||||
execution.
|
||||
|
||||
- *Yielding* SMCs carry the semantics of a preemptible, lower-priority request.
|
||||
A pending Non-secure interrupt can preempt Secure execution handling a
|
||||
Yielding SMC. I.e., the caller might observe a Yielding SMC returning when
|
||||
either:
|
||||
|
||||
#. Secure world completes the request, and the caller would find ``SMC_OK``
|
||||
as the return code.
|
||||
|
||||
#. A Non-secure interrupt preempts Secure execution. Non-secure interrupt is
|
||||
handled, and Non-secure execution resumes after ``SMC`` instruction.
|
||||
|
||||
The dispatcher handling a Yielding SMC must provide a different return code
|
||||
to the Non-secure caller to distinguish the latter case. This return code,
|
||||
however, is not standardised (unlike ``SMC_UNKNOWN`` or ``SMC_OK``, for
|
||||
example), so will vary across dispatchers that handle the request.
|
||||
|
||||
For the latter case above, dispatchers before |EHF| expect Non-secure interrupts
|
||||
to be taken to S-EL1 [#irq]_, so would get a chance to populate the designated
|
||||
preempted error code before yielding to Non-secure world.
|
||||
|
||||
The introduction of |EHF| changes the behaviour as described in `Interrupt
|
||||
handling`_.
|
||||
|
||||
When |EHF| is enabled, in order to allow Non-secure interrupts to preempt
|
||||
Yielding SMC handling, the dispatcher must call ``ehf_allow_ns_preemption()``
|
||||
API. The API takes one argument, the error code to be returned to the Non-secure
|
||||
world upon getting preempted.
|
||||
|
||||
.. [#irq] In case of GICv2, Non-secure interrupts while in S-EL1 were signalled
|
||||
as IRQs, and in case of GICv3, FIQs.
|
||||
|
||||
Build-time flow
|
||||
---------------
|
||||
|
||||
Please refer to the `figure`__ above.
|
||||
|
||||
.. __: `ehf-figure`_
|
||||
|
||||
The build-time flow involves the following steps:
|
||||
|
||||
#. Platform assigns priorities by installing priority level descriptors for
|
||||
individual dispatchers, as described in `Partitioning priority levels`_.
|
||||
|
||||
#. Platform provides interrupt properties to GIC driver, as described in
|
||||
`Programming priority`_.
|
||||
|
||||
#. Dispatcher calling ``ehf_register_priority_handler()`` to register an
|
||||
interrupt handler.
|
||||
|
||||
Also refer to the `Interrupt handling example`_.
|
||||
|
||||
Run-time flow
|
||||
-------------
|
||||
|
||||
.. _interrupt-flow:
|
||||
|
||||
The following is an example flow for interrupts:
|
||||
|
||||
#. The GIC driver, during initialization, iterates through the platform-supplied
|
||||
interrupt properties (see `Programming priority`_), and configures the
|
||||
interrupts. This programs the appropriate priority and group (Group 0) on
|
||||
interrupts belonging to different dispatchers.
|
||||
|
||||
#. The |EHF|, during its initialisation, registers a top-level interrupt handler
|
||||
with the :ref:`Interrupt Management Framework<el3-runtime-firmware>` for EL3
|
||||
interrupts. This also results in setting the routing bits in ``SCR_EL3``.
|
||||
|
||||
#. When an interrupt belonging to a dispatcher fires, GIC raises an EL3/Group 0
|
||||
interrupt, and is taken to EL3.
|
||||
|
||||
#. The top-level EL3 interrupt handler executes. The handler acknowledges the
|
||||
interrupt, reads its *Running Priority*, and from that, determines the
|
||||
dispatcher handler.
|
||||
|
||||
#. The |EHF| programs the *Priority Mask Register* of the PE to the priority of
|
||||
the interrupt received.
|
||||
|
||||
#. The |EHF| marks that priority level *active*, and jumps to the dispatcher
|
||||
handler.
|
||||
|
||||
#. Once the dispatcher handler finishes its job, it has to immediately
|
||||
*deactivate* the priority level before returning to the |EHF|. See
|
||||
`deactivation workflows`_.
|
||||
|
||||
.. _non-interrupt-flow:
|
||||
|
||||
The following is an example flow for exceptions that targets EL3 other than
|
||||
interrupt:
|
||||
|
||||
#. The platform provides handlers for the specific kind of exception.
|
||||
|
||||
#. The exception arrives, and the corresponding handler is executed.
|
||||
|
||||
#. The handler calls ``ehf_activate_priority()`` to activate the required
|
||||
priority level. This also has the effect of raising GIC priority mask, thus
|
||||
preventing interrupts of lower priority from preempting the handling. The
|
||||
handler may choose to do the handling entirely in EL3 or delegate to a lower
|
||||
EL.
|
||||
|
||||
#. Once exception handling concludes, the handler calls
|
||||
``ehf_deactivate_priority()`` to deactivate the priority level activated
|
||||
earlier. This also has the effect of lowering GIC priority mask to what it
|
||||
was before.
|
||||
|
||||
Interrupt Prioritisation Considerations
|
||||
---------------------------------------
|
||||
|
||||
The GIC priority scheme, by design, prioritises Secure interrupts over Normal
|
||||
world ones. The platform further assigns relative priorities amongst Secure
|
||||
dispatchers through |EHF|.
|
||||
|
||||
As mentioned in `Partitioning priority levels`_, interrupts targeting distinct
|
||||
dispatchers fall in distinct priority levels. Because they're routed via the
|
||||
GIC, interrupt delivery to the PE is subject to GIC prioritisation rules. In
|
||||
particular, when an interrupt is being handled by the PE (i.e., the interrupt is
|
||||
in *Active* state), only interrupts of higher priority are signalled to the PE,
|
||||
even if interrupts of same or lower priority are pending. This has the side
|
||||
effect of one dispatcher being starved of interrupts by virtue of another
|
||||
dispatcher handling its (higher priority) interrupts.
|
||||
|
||||
The |EHF| doesn't enforce a particular prioritisation policy, but the platform
|
||||
should carefully consider the assignment of priorities to dispatchers integrated
|
||||
into runtime firmware. The platform should sensibly delineate priority to
|
||||
various dispatchers according to their nature. In particular, dispatchers of
|
||||
critical nature (RAS, for example) should be assigned higher priority than
|
||||
others (|SDEI|, for example); and within |SDEI|, Critical priority
|
||||
|SDEI| should be assigned higher priority than Normal ones.
|
||||
|
||||
Limitations
|
||||
-----------
|
||||
|
||||
The |EHF| has the following limitations:
|
||||
|
||||
- Although there could be up to 128 Secure dispatchers supported by the GIC
|
||||
priority scheme, the size of descriptor array exposed with
|
||||
``EHF_REGISTER_PRIORITIES()`` macro is currently limited to 32. This serves most
|
||||
expected use cases. This may be expanded in the future, should use cases
|
||||
demand so.
|
||||
|
||||
- The platform must ensure that the priority assigned to the dispatcher in the
|
||||
exception descriptor and the programmed priority of interrupts handled by the
|
||||
dispatcher match. The |EHF| cannot verify that this has been followed.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SDEI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
142
arm-trusted-firmware.t234/docs/components/fconf/amu-bindings.rst
Normal file
142
arm-trusted-firmware.t234/docs/components/fconf/amu-bindings.rst
Normal file
@@ -0,0 +1,142 @@
|
||||
Activity Monitor Unit (AMU) Bindings
|
||||
====================================
|
||||
|
||||
To support platform-defined Activity Monitor Unit (|AMU|) auxiliary counters
|
||||
through FCONF, the ``HW_CONFIG`` device tree accepts several |AMU|-specific
|
||||
nodes and properties.
|
||||
|
||||
Bindings
|
||||
^^^^^^^^
|
||||
|
||||
.. contents::
|
||||
:local:
|
||||
|
||||
``/cpus/cpus/cpu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
The ``cpu`` node has been augmented to support a handle to an associated |AMU|
|
||||
view, which should describe the counters offered by the core.
|
||||
|
||||
+---------------+-------+---------------+-------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===============+=======+===============+=====================================+
|
||||
| ``amu`` | O | ``<phandle>`` | If present, indicates that an |AMU| |
|
||||
| | | | is available and its counters are |
|
||||
| | | | described by the node provided. |
|
||||
+---------------+-------+---------------+-------------------------------------+
|
||||
|
||||
``/cpus/amus`` node properties
|
||||
""""""""""""""""""""""""""""""
|
||||
|
||||
The ``amus`` node describes the |AMUs| implemented by the cores in the system.
|
||||
This node does not have any properties.
|
||||
|
||||
``/cpus/amus/amu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
An ``amu`` node describes the layout and meaning of the auxiliary counter
|
||||
registers of one or more |AMUs|, and may be shared by multiple cores.
|
||||
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+====================+=======+============+====================================+
|
||||
| ``#address-cells`` | R | ``<u32>`` | Value shall be 1. Specifies that |
|
||||
| | | | the ``reg`` property array of |
|
||||
| | | | children of this node uses a |
|
||||
| | | | single cell. |
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
| ``#size-cells`` | R | ``<u32>`` | Value shall be 0. Specifies that |
|
||||
| | | | no size is required in the ``reg`` |
|
||||
| | | | property in children of this node. |
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
|
||||
``/cpus/amus/amu*/counter*`` node properties
|
||||
""""""""""""""""""""""""""""""""""""""""""""
|
||||
|
||||
A ``counter`` node describes an auxiliary counter belonging to the parent |AMU|
|
||||
view.
|
||||
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===================+=======+=============+====================================+
|
||||
| ``reg`` | R | array | Represents the counter register |
|
||||
| | | | index, and must be a single cell. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| ``enable-at-el3`` | O | ``<empty>`` | The presence of this property |
|
||||
| | | | indicates that this counter should |
|
||||
| | | | be enabled prior to EL3 exit. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
|
||||
Example
|
||||
^^^^^^^
|
||||
|
||||
An example system offering four cores made up of two clusters, where the cores
|
||||
of each cluster share different |AMUs|, may use something like the following:
|
||||
|
||||
.. code-block::
|
||||
|
||||
cpus {
|
||||
#address-cells = <2>;
|
||||
#size-cells = <0>;
|
||||
|
||||
amus {
|
||||
amu0: amu-0 {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
counterX: counter@0 {
|
||||
reg = <0>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
|
||||
counterY: counter@1 {
|
||||
reg = <1>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
};
|
||||
|
||||
amu1: amu-1 {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
counterZ: counter@0 {
|
||||
reg = <0>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
cpu0@00000 {
|
||||
...
|
||||
|
||||
amu = <&amu0>;
|
||||
};
|
||||
|
||||
cpu1@00100 {
|
||||
...
|
||||
|
||||
amu = <&amu0>;
|
||||
};
|
||||
|
||||
cpu2@10000 {
|
||||
...
|
||||
|
||||
amu = <&amu1>;
|
||||
};
|
||||
|
||||
cpu3@10100 {
|
||||
...
|
||||
|
||||
amu = <&amu1>;
|
||||
};
|
||||
}
|
||||
|
||||
In this situation, ``cpu0`` and ``cpu1`` (the two cores in the first cluster),
|
||||
share the view of their AMUs defined by ``amu0``. Likewise, ``cpu2`` and
|
||||
``cpu3`` (the two cores in the second cluster), share the view of their |AMUs|
|
||||
defined by ``amu1``. This will cause ``counterX`` and ``counterY`` to be enabled
|
||||
for both ``cpu0`` and ``cpu1``, and ``counterZ`` to be enabled for both ``cpu2``
|
||||
and ``cpu3``.
|
||||
@@ -0,0 +1,42 @@
|
||||
DTB binding for FCONF properties
|
||||
================================
|
||||
|
||||
This document describes the device tree format of |FCONF| properties. These
|
||||
properties are not related to a specific platform and can be queried from
|
||||
common code.
|
||||
|
||||
Dynamic configuration
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The |FCONF| framework expects a *dtb-registry* node with the following field:
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "fconf,dyn_cfg-dtb_registry".
|
||||
|
||||
Then a list of subnodes representing a configuration |DTB|, which can be used
|
||||
by |FCONF|. Each subnode should be named according to the information it
|
||||
contains, and must be formed with the following fields:
|
||||
|
||||
- load-address [mandatory]
|
||||
- value type: <u64>
|
||||
- Physical loading base address of the configuration.
|
||||
If secondary-load-address is also provided (see below), then this is the
|
||||
primary load address.
|
||||
|
||||
- max-size [mandatory]
|
||||
- value type: <u32>
|
||||
- Maximum size of the configuration.
|
||||
|
||||
- id [mandatory]
|
||||
- value type: <u32>
|
||||
- Image ID of the configuration.
|
||||
|
||||
- secondary-load-address [optional]
|
||||
- value type: <u64>
|
||||
- A platform uses this physical address to copy the configuration to
|
||||
another location during the boot-flow.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
|
||||
150
arm-trusted-firmware.t234/docs/components/fconf/index.rst
Normal file
150
arm-trusted-firmware.t234/docs/components/fconf/index.rst
Normal file
@@ -0,0 +1,150 @@
|
||||
Firmware Configuration Framework
|
||||
================================
|
||||
|
||||
This document provides an overview of the |FCONF| framework.
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The Firmware CONfiguration Framework (|FCONF|) is an abstraction layer for
|
||||
platform specific data, allowing a "property" to be queried and a value
|
||||
retrieved without the requesting entity knowing what backing store is being used
|
||||
to hold the data.
|
||||
|
||||
It is used to bridge new and old ways of providing platform-specific data.
|
||||
Today, information like the Chain of Trust is held within several, nested
|
||||
platform-defined tables. In the future, it may be provided as part of a device
|
||||
blob, along with the rest of the information about images to load.
|
||||
Introducing this abstraction layer will make migration easier and will preserve
|
||||
functionality for platforms that cannot / don't want to use device tree.
|
||||
|
||||
Accessing properties
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Properties defined in the |FCONF| are grouped around namespaces and
|
||||
sub-namespaces: a.b.property.
|
||||
Examples namespace can be:
|
||||
|
||||
- (|TBBR|) Chain of Trust data: tbbr.cot.trusted_boot_fw_cert
|
||||
- (|TBBR|) dynamic configuration info: tbbr.dyn_config.disable_auth
|
||||
- Arm io policies: arm.io_policies.bl2_image
|
||||
- GICv3 properties: hw_config.gicv3_config.gicr_base
|
||||
|
||||
Properties can be accessed with the ``FCONF_GET_PROPERTY(a,b,property)`` macro.
|
||||
|
||||
Defining properties
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Properties composing the |FCONF| have to be stored in C structures. If
|
||||
properties originate from a different backend source such as a device tree,
|
||||
then the platform has to provide a ``populate()`` function which essentially
|
||||
captures the property and stores them into a corresponding |FCONF| based C
|
||||
structure.
|
||||
|
||||
Such a ``populate()`` function is usually platform specific and is associated
|
||||
with a specific backend source. For example, a populator function which
|
||||
captures the hardware topology of the platform from the HW_CONFIG device tree.
|
||||
Hence each ``populate()`` function must be registered with a specific
|
||||
``config_type`` identifier. It broadly represents a logical grouping of
|
||||
configuration properties which is usually a device tree file.
|
||||
|
||||
Example:
|
||||
- FW_CONFIG: properties related to base address, maximum size and image id
|
||||
of other DTBs etc.
|
||||
- TB_FW: properties related to trusted firmware such as IO policies,
|
||||
mbedtls heap info etc.
|
||||
- HW_CONFIG: properties related to hardware configuration of the SoC
|
||||
such as topology, GIC controller, PSCI hooks, CPU ID etc.
|
||||
|
||||
Hence the ``populate()`` callback must be registered to the (|FCONF|) framework
|
||||
with the ``FCONF_REGISTER_POPULATOR()`` macro. This ensures that the function
|
||||
would be called inside the generic ``fconf_populate()`` function during
|
||||
initialization.
|
||||
|
||||
::
|
||||
|
||||
int fconf_populate_topology(uintptr_t config)
|
||||
{
|
||||
/* read hw config dtb and fill soc_topology struct */
|
||||
}
|
||||
|
||||
FCONF_REGISTER_POPULATOR(HW_CONFIG, topology, fconf_populate_topology);
|
||||
|
||||
Then, a wrapper has to be provided to match the ``FCONF_GET_PROPERTY()`` macro:
|
||||
|
||||
::
|
||||
|
||||
/* generic getter */
|
||||
#define FCONF_GET_PROPERTY(a,b,property) a##__##b##_getter(property)
|
||||
|
||||
/* my specific getter */
|
||||
#define hw_config__topology_getter(prop) soc_topology.prop
|
||||
|
||||
This second level wrapper can be used to remap the ``FCONF_GET_PROPERTY()`` to
|
||||
anything appropriate: structure, array, function, etc..
|
||||
|
||||
To ensure a good interpretation of the properties, this documentation must
|
||||
explain how the properties are described for a specific backend. Refer to the
|
||||
:ref:`binding-document` section for more information and example.
|
||||
|
||||
Loading the property device tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``fconf_load_config(image_id)`` must be called to load fw_config and
|
||||
tb_fw_config devices tree containing the properties' values. This must be done
|
||||
after the io layer is initialized, as the |DTB| is stored on an external
|
||||
device (FIP).
|
||||
|
||||
.. uml:: ../../resources/diagrams/plantuml/fconf_bl1_load_config.puml
|
||||
|
||||
Populating the properties
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Once a valid device tree is available, the ``fconf_populate(config)`` function
|
||||
can be used to fill the C data structure with the data from the config |DTB|.
|
||||
This function will call all the ``populate()`` callbacks which have been
|
||||
registered with ``FCONF_REGISTER_POPULATOR()`` as described above.
|
||||
|
||||
.. uml:: ../../resources/diagrams/plantuml/fconf_bl2_populate.puml
|
||||
|
||||
Namespace guidance
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As mentioned above, properties are logically grouped around namespaces and
|
||||
sub-namespaces. The following concepts should be considered when adding new
|
||||
properties/namespaces.
|
||||
The framework differentiates two types of properties:
|
||||
|
||||
- Properties used inside common code.
|
||||
- Properties used inside platform specific code.
|
||||
|
||||
The first category applies to properties being part of the firmware and shared
|
||||
across multiple platforms. They should be globally accessible and defined
|
||||
inside the ``lib/fconf`` directory. The namespace must be chosen to reflect the
|
||||
feature/data abstracted.
|
||||
|
||||
Example:
|
||||
- |TBBR| related properties: tbbr.cot.bl2_id
|
||||
- Dynamic configuration information: dyn_cfg.dtb_info.hw_config_id
|
||||
|
||||
The second category should represent the majority of the properties defined
|
||||
within the framework: Platform specific properties. They must be accessed only
|
||||
within the platform API and are defined only inside the platform scope. The
|
||||
namespace must contain the platform name under which the properties defined
|
||||
belong.
|
||||
|
||||
Example:
|
||||
- Arm io framework: arm.io_policies.bl31_id
|
||||
|
||||
.. _binding-document:
|
||||
|
||||
Properties binding information
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
fconf_properties
|
||||
amu-bindings
|
||||
mpmm-bindings
|
||||
tb_fw_bindings
|
||||
@@ -0,0 +1,48 @@
|
||||
Maximum Power Mitigation Mechanism (MPMM) Bindings
|
||||
==================================================
|
||||
|
||||
|MPMM| support cannot be determined at runtime by the firmware. Instead, these
|
||||
DTB bindings allow the platform to communicate per-core support for |MPMM| via
|
||||
the ``HW_CONFIG`` device tree blob.
|
||||
|
||||
Bindings
|
||||
^^^^^^^^
|
||||
|
||||
.. contents::
|
||||
:local:
|
||||
|
||||
``/cpus/cpus/cpu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
The ``cpu`` node has been augmented to allow the platform to indicate support
|
||||
for |MPMM| on a given core.
|
||||
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===================+=======+=============+====================================+
|
||||
| ``supports-mpmm`` | O | ``<empty>`` | If present, indicates that |MPMM| |
|
||||
| | | | is available on this core. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
|
||||
Example
|
||||
^^^^^^^
|
||||
|
||||
An example system offering two cores, one with support for |MPMM| and one
|
||||
without, can be described as follows:
|
||||
|
||||
.. code-block::
|
||||
|
||||
cpus {
|
||||
#address-cells = <2>;
|
||||
#size-cells = <0>;
|
||||
|
||||
cpu0@00000 {
|
||||
...
|
||||
|
||||
supports-mpmm;
|
||||
};
|
||||
|
||||
cpu1@00100 {
|
||||
...
|
||||
};
|
||||
}
|
||||
@@ -0,0 +1,159 @@
|
||||
Trusted Boot Firmware Configuration bindings
|
||||
============================================
|
||||
|
||||
This document defines the nodes and properties used to define the Trusted-Boot
|
||||
firmware configuration. Platform owners are advised to define shared bindings
|
||||
here. If a binding does not generalize, they should be documented
|
||||
alongside platform documentation. There is no guarantee of backward
|
||||
compatibility with the nodes and properties outlined in this context.
|
||||
|
||||
Trusted Boot Firmware Configuration
|
||||
-----------------------------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Should be the string ``"<plat>,tb_fw"``, where ``<plat>`` is the name of the
|
||||
platform (i.e. ``"arm,tb_fw"``).
|
||||
|
||||
- disable_auth [mandatory]
|
||||
- value type: <u32>
|
||||
- Flag used to dynamically disable authentication for development purposes.
|
||||
Has two possible values: 0 or 1. Setting the flag to 1 disables
|
||||
authentication.
|
||||
|
||||
- mbedtls_heap_addr [mandatory]
|
||||
- value type: <u64>
|
||||
- Base address of the dynamically allocated Mbed TLS heap. This is given as a placeholder.
|
||||
|
||||
- mbedtls_heap_size [mandatory]
|
||||
- value type: <u32>
|
||||
- Size of the Mbed TLS heap.
|
||||
|
||||
IO FIP Handles
|
||||
--------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Should be the string ``"<plat>,io-fip-handle"``, where ``<plat>`` is the name of the
|
||||
platform (i.e. ``"arm,io-fip-handle"``).
|
||||
|
||||
- scp_bl2_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- SCP Firmware SCP_BL2 UUID
|
||||
|
||||
- bl31_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- EL3 Runtime Firmware BL31 UUID
|
||||
|
||||
- bl32_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Secure Payload BL32 (Trusted OS) UUID
|
||||
|
||||
- bl32_extra1_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Secure Payload BL32_EXTRA1 (Trusted OS Extra1) UUID
|
||||
|
||||
- bl32_extra2_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Secure Payload BL32_EXTRA2 (Trusted OS Extra2) UUID
|
||||
|
||||
- bl33_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Non-Trusted Firmware BL33 UUID
|
||||
|
||||
- hw_cfg_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- HW_CONFIG (e.g. Kernel DT) UUID
|
||||
|
||||
- soc_fw_cfg_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- SOC Firmware Configuration SOC_FW_CONFIG UUID
|
||||
|
||||
- tos_fw_cfg_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Trusted OS Firmware Configuration TOS_FW_CONFIG UUID
|
||||
|
||||
- nt_fw_cfg_uuid [mandatory]
|
||||
- value type: <string>
|
||||
- Non-Trusted Firmware Configuration NT_FW_CONFIG UUID
|
||||
|
||||
- cca_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- CCA Content Certificate UUID
|
||||
|
||||
- core_swd_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Core SWD Key Certificate UUID
|
||||
|
||||
- plat_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Core SWD Key Certificate UUID
|
||||
|
||||
- t_key_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Trusted Key Certificate UUID
|
||||
|
||||
- scp_fw_key_uuid [optional]
|
||||
- value type: <string>
|
||||
- SCP Firmware Key UUID
|
||||
|
||||
- soc_fw_key_uuid [optional]
|
||||
- value type: <string>
|
||||
- SOC Firmware Key UUID
|
||||
|
||||
- tos_fw_key_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- TOS Firmware Key UUID
|
||||
|
||||
- nt_fw_key_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Non-Trusted Firmware Key UUID
|
||||
|
||||
- scp_fw_content_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- SCP Firmware Content Certificate UUID
|
||||
|
||||
- soc_fw_content_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- SOC Firmware Content Certificate UUID
|
||||
|
||||
- tos_fw_content_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- TOS Firmware Content Certificate UUID
|
||||
|
||||
- nt_fw_content_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Non-Trusted Firmware Content Certificate UUID
|
||||
|
||||
- plat_sp_content_cert_uuid [optional]
|
||||
- value type: <string>
|
||||
- Platform Secure Partition Content Certificate UUID
|
||||
|
||||
|
||||
Secure Partitions
|
||||
-----------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Should be the string ``"<plat>,sp"``, where ``<plat>`` is the name of the
|
||||
platform (i.e. ``"arm,sp"``).
|
||||
|
||||
- uuid [mandatory]
|
||||
- value type: <string>
|
||||
- A string identifying the UUID of the service implemented by this partition.
|
||||
The UUID format is described in RFC 4122.
|
||||
|
||||
- load-address [mandatory]
|
||||
- value type: <u32>
|
||||
- Physical base address of the partition in memory. Absence of this field
|
||||
indicates that the partition is position independent and can be loaded at
|
||||
any address chosen at boot time.
|
||||
|
||||
- owner [optional]
|
||||
- value type: <string>
|
||||
- A string property representing the name of the owner of the secure
|
||||
partition, which may be the silicon or platform provider.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,348 @@
|
||||
FF-A manifest binding to device tree
|
||||
====================================
|
||||
|
||||
This document defines the nodes and properties used to define a partition,
|
||||
according to the FF-A specification.
|
||||
|
||||
Partition Properties
|
||||
--------------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-X.Y" which specifies the major and
|
||||
minor versions of the device tree binding for the FFA manifest represented
|
||||
by this node. The minor number is incremented if the binding changes in a
|
||||
backwards compatible manner.
|
||||
|
||||
- X is an integer representing the major version number of this document.
|
||||
- Y is an integer representing the minor version number of this document.
|
||||
|
||||
- ffa-version [mandatory]
|
||||
- value type: <u32>
|
||||
- Must be two 16 bits values (X, Y), concatenated as 31:16 -> X,
|
||||
15:0 -> Y, where:
|
||||
|
||||
- X is the major version of FF-A expected by the partition at the FFA
|
||||
instance it will execute.
|
||||
- Y is the minor version of FF-A expected by the partition at the FFA
|
||||
instance it will execute.
|
||||
|
||||
- uuid [mandatory]
|
||||
- value type: <prop-encoded-array>
|
||||
- An array consisting of 4 <u32> values, identifying the UUID of the service
|
||||
implemented by this partition. The UUID format is described in RFC 4122.
|
||||
|
||||
- id
|
||||
- value type: <u32>
|
||||
- Pre-allocated partition ID.
|
||||
|
||||
- auxiliary-id
|
||||
- value type: <u32>
|
||||
- Pre-allocated ID that could be used in memory management transactions.
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the partition e.g. for debugging purposes.
|
||||
|
||||
- execution-ctx-count [mandatory]
|
||||
- value type: <u32>
|
||||
- Number of vCPUs that a VM or SP wants to instantiate.
|
||||
|
||||
- In the absence of virtualization, this is the number of execution
|
||||
contexts that a partition implements.
|
||||
- If value of this field = 1 and number of PEs > 1 then the partition is
|
||||
treated as UP & migrate capable.
|
||||
- If the value of this field > 1 then the partition is treated as a MP
|
||||
capable partition irrespective of the number of PEs.
|
||||
|
||||
- exception-level [mandatory]
|
||||
- value type: <u32>
|
||||
- The target exception level for the partition:
|
||||
|
||||
- 0x0: EL1
|
||||
- 0x1: S_EL0
|
||||
- 0x2: S_EL1
|
||||
|
||||
- execution-state [mandatory]
|
||||
- value type: <u32>
|
||||
- The target execution state of the partition:
|
||||
|
||||
- 0: AArch64
|
||||
- 1: AArch32
|
||||
|
||||
- load-address
|
||||
- value type: <u64>
|
||||
- Physical base address of the partition in memory. Absence of this field
|
||||
indicates that the partition is position independent and can be loaded at
|
||||
any address chosen at boot time.
|
||||
|
||||
- entrypoint-offset
|
||||
- value type: <u64>
|
||||
- Offset from the base of the partition's binary image to the entry point of
|
||||
the partition. Absence of this field indicates that the entry point is at
|
||||
offset 0x0 from the base of the partition's binary.
|
||||
|
||||
- xlat-granule
|
||||
- value type: <u32>
|
||||
- Translation granule used with the partition:
|
||||
|
||||
- 0x0: 4k
|
||||
- 0x1: 16k
|
||||
- 0x2: 64k
|
||||
|
||||
- boot-order
|
||||
- value type: <u32>
|
||||
- A unique number amongst all partitions that specifies if this partition
|
||||
must be booted before others. The partition with the smaller number will be
|
||||
booted first. Highest vlue allowed for this field is 0xFFFF.
|
||||
|
||||
- rx-tx-buffer
|
||||
- value type: "memory-regions" node
|
||||
- Specific "memory-regions" nodes that describe the RX/TX buffers expected
|
||||
by the partition.
|
||||
The "compatible" must be the string "arm,ffa-manifest-rx_tx-buffer".
|
||||
|
||||
- messaging-method [mandatory]
|
||||
- value type: <u32>
|
||||
- Specifies which messaging methods are supported by the partition, set bit
|
||||
means the feature is supported, clear bit - not supported:
|
||||
|
||||
- Bit[0]: partition can receive direct requests via FFA_MSG_SEND_DIRECT_REQ ABI if set
|
||||
- Bit[1]: partition can send direct requests via FFA_MSG_SEND_DIRECT_REQ ABI if set
|
||||
- Bit[2]: partition can send and receive indirect messages
|
||||
- Bit[9]: partition can receive direct requests via FFA_MSG_SEND_DIRECT_REQ2 ABI if set
|
||||
- Bit[10]: partition can send direct requests via FFA_MSG_SEND_DIRECT_REQ2 ABI if set
|
||||
|
||||
- managed-exit
|
||||
- value type: <empty>
|
||||
- Specifies if managed exit is supported.
|
||||
- This field is deprecated in favor of ns-interrupts-action field in the FF-A
|
||||
v1.1 EAC0 spec.
|
||||
|
||||
- managed-exit-virq
|
||||
- value type: <empty>
|
||||
- Indicates if the partition needs managed exit, if supported, to be signaled
|
||||
through vIRQ signal.
|
||||
|
||||
- ns-interrupts-action [mandatory]
|
||||
- value type: <u32>
|
||||
- Specifies the action that the SPMC must take in response to a Non-secure
|
||||
physical interrupt.
|
||||
|
||||
- 0x0: Non-secure interrupt is queued
|
||||
- 0x1: Non-secure interrupt is signaled after a managed exit
|
||||
- 0x2: Non-secure interrupt is signaled
|
||||
|
||||
- This field supersedes the managed-exit field in the FF-A v1.0 spec.
|
||||
|
||||
- other-s-interrupts-action
|
||||
- value type: <u32>
|
||||
- Specifies the action that the SPMC must take in response to a Other-Secure
|
||||
physical interrupt.
|
||||
|
||||
- 0x0: Other-Secure interrupt is queued
|
||||
- 0x1: Other-Secure interrupt is signaled
|
||||
|
||||
- has-primary-scheduler
|
||||
- value type: <empty>
|
||||
- Presence of this field indicates that the partition implements the primary
|
||||
scheduler. If so, run-time EL must be EL1.
|
||||
|
||||
- time-slice-mem
|
||||
- value type: <empty>
|
||||
- Presence of this field indicates that the partition doesn't expect the
|
||||
partition manager to time slice long running memory management functions.
|
||||
|
||||
- gp-register-num
|
||||
- value type: <u32>
|
||||
- The field specifies the general purpose register number but not its width.
|
||||
The width is derived from the partition's execution state, as specified in
|
||||
the partition properties. For example, if the number value is 1 then the
|
||||
general-purpose register used will be x1 in AArch64 state and w1 in AArch32
|
||||
state.
|
||||
Presence of this field indicates that the partition expects the address of
|
||||
the FF-A boot information blob to be passed in the specified general purpose
|
||||
register.
|
||||
|
||||
- power-management-messages
|
||||
- value type: <u32>
|
||||
- Specifies which power management messages a partition subscribes to.
|
||||
A set bit means the partition should be informed of the power event, clear
|
||||
bit - should not be informed of event:
|
||||
|
||||
- Bit[0]: CPU_OFF
|
||||
- Bit[1]: CPU_SUSPEND
|
||||
- Bit[2]: CPU_SUSPEND_RESUME
|
||||
|
||||
- vm-availability-messages
|
||||
- value type: <u32>
|
||||
- Specifies which VM availability messages a partition subscribes to. A set
|
||||
bit means the partition should be informed of the event, clear bit - should
|
||||
not be informed of event:
|
||||
|
||||
- Bit[0]: VM created
|
||||
- Bit[1]: VM destroyed
|
||||
|
||||
.. _memory_region_node:
|
||||
|
||||
Memory Regions
|
||||
--------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-memory-regions".
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the memory region e.g. for debugging purposes.
|
||||
|
||||
- pages-count [mandatory]
|
||||
- value type: <u32>
|
||||
- Count of pages of memory region as a multiple of the translation granule
|
||||
size
|
||||
|
||||
- attributes [mandatory]
|
||||
- value type: <u32>
|
||||
- Mapping modes: ORed to get required permission
|
||||
|
||||
- 0x1: Read
|
||||
- 0x2: Write
|
||||
- 0x4: Execute
|
||||
- 0x8: Security state
|
||||
|
||||
- base-address
|
||||
- value type: <u64>
|
||||
- Base address of the region. The address must be aligned to the translation
|
||||
granule size.
|
||||
The address given may be a Physical Address (PA), Virtual Address (VA), or
|
||||
Intermediate Physical Address (IPA). Refer to the FF-A specification for
|
||||
more information on the restrictions around the address type.
|
||||
If the base address is omitted then the partition manager must map a memory
|
||||
region of the specified size into the partition's translation regime and
|
||||
then communicate the region properties (including the base address chosen
|
||||
by the partition manager) to the partition.
|
||||
|
||||
- load-address-relative-offset
|
||||
- value type: <u64>
|
||||
- Offset relative to the load address of the partition.
|
||||
When this is provided in the partition manifest, it should be added to the
|
||||
load address to get the base address of the region. The secure partition
|
||||
manifest can have either "base-address" or "load-address-relative-offset".
|
||||
It cannot have both.
|
||||
|
||||
- stream-ids
|
||||
- value type: <prop-encoded-array>
|
||||
- List of IDs belonging to a DMA capable peripheral device that has access to
|
||||
the memory region represented by current node.
|
||||
- Each ID must have been declared in exactly one device region node.
|
||||
|
||||
- smmu-id
|
||||
- value type: <u32>
|
||||
- Identifies the SMMU IP that enforces the access control for the DMA device
|
||||
that owns the above stream-ids.
|
||||
|
||||
- stream-ids-access-permissions
|
||||
- value type: <prop-encoded-array>
|
||||
- List of attributes representing the instruction and data access permissions
|
||||
used by the DMA device streams to access the memory region represented by
|
||||
current node.
|
||||
|
||||
.. _device_region_node:
|
||||
|
||||
Device Regions
|
||||
--------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-device-regions".
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the device region e.g. for debugging purposes.
|
||||
|
||||
- pages-count [mandatory]
|
||||
- value type: <u32>
|
||||
- Count of pages of memory region as a multiple of the translation granule
|
||||
size
|
||||
|
||||
- attributes [mandatory]
|
||||
- value type: <u32>
|
||||
- Mapping modes: ORed to get required permission
|
||||
|
||||
- 0x1: Read
|
||||
- 0x2: Write
|
||||
- 0x4: Execute
|
||||
- 0x8: Security state
|
||||
|
||||
- base-address [mandatory]
|
||||
- value type: <u64>
|
||||
- Base address of the region. The address must be aligned to the translation
|
||||
granule size.
|
||||
The address given may be a Physical Address (PA), Virtual Address (VA), or
|
||||
Intermediate Physical Address (IPA). Refer to the FF-A specification for
|
||||
more information on the restrictions around the address type.
|
||||
|
||||
- smmu-id
|
||||
- value type: <u32>
|
||||
- On systems with multiple System Memory Management Units (SMMUs) this
|
||||
identifier is used to inform the partition manager which SMMU the device is
|
||||
upstream of. If the field is omitted then it is assumed that the device is
|
||||
not upstream of any SMMU.
|
||||
|
||||
- stream-ids
|
||||
- value type: <prop-encoded-array>
|
||||
- List of IDs where an ID is a unique <u32> value amongst all devices assigned
|
||||
to the partition.
|
||||
|
||||
- interrupts
|
||||
- value type: <prop-encoded-array>
|
||||
- A list of (id, attributes) pair describing the device interrupts, where:
|
||||
|
||||
- id: The <u32> interrupt IDs.
|
||||
- attributes: A <u32> value, containing attributes for each interrupt ID:
|
||||
|
||||
+----------------------+----------+
|
||||
|Field | Bit(s) |
|
||||
+----------------------+----------+
|
||||
| Priority | 7:0 |
|
||||
+----------------------+----------+
|
||||
| Security state | 8 |
|
||||
+----------------------+----------+
|
||||
| Config(Edge/Level) | 9 |
|
||||
+----------------------+----------+
|
||||
| Type(SPI/PPI/SGI) | 11:10 |
|
||||
+----------------------+----------+
|
||||
|
||||
Security state:
|
||||
- Secure: 1
|
||||
- Non-secure: 0
|
||||
|
||||
Configuration:
|
||||
- Edge triggered: 0
|
||||
- Level triggered: 1
|
||||
|
||||
Type:
|
||||
- SPI: 0b10
|
||||
- PPI: 0b01
|
||||
- SGI: 0b00
|
||||
|
||||
- interrupts-target
|
||||
- value type: <prop-encoded-array>
|
||||
- A list of (id, mpdir upper bits, mpidr lower bits) tuples describing which
|
||||
mpidr the interrupt is routed to, where:
|
||||
|
||||
- id: The <u32> interrupt ID. Must be one of those specified in the
|
||||
"interrupts" field.
|
||||
- mpidr upper bits: The <u32> describing the upper bits of the 64 bits
|
||||
mpidr
|
||||
- mpidr lower bits: The <u32> describing the lower bits of the 64 bits
|
||||
mpidr
|
||||
|
||||
- exclusive-access
|
||||
- value type: <empty>
|
||||
- Presence of this field implies that this endpoint must be granted exclusive
|
||||
access and ownership of this device's MMIO region.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
497
arm-trusted-firmware.t234/docs/components/firmware-update.rst
Normal file
497
arm-trusted-firmware.t234/docs/components/firmware-update.rst
Normal file
@@ -0,0 +1,497 @@
|
||||
Firmware Update (FWU)
|
||||
=====================
|
||||
|
||||
This document describes the design of the various Firmware Update (FWU)
|
||||
mechanisms available in TF-A.
|
||||
|
||||
1. PSA Firmware Update (PSA FWU)
|
||||
2. TBBR Firmware Update (TBBR FWU)
|
||||
|
||||
PSA Firmware Update implements the specification of the same name (Arm document
|
||||
IHI 0093), which defines a standard firmware interface for installing firmware
|
||||
updates.
|
||||
On the other hand, TBBR Firmware Update only covers firmware recovery. Arguably,
|
||||
its name is somewhat misleading but the TBBR specification and terminology
|
||||
predates PSA FWU. Both mechanisms are complementary in the sense that PSA FWU
|
||||
assumes that the device has a backup or recovery capability in the event of a
|
||||
failed update, which can be fulfilled with TBBR FWU implementation.
|
||||
|
||||
.. _PSA Firmware Update:
|
||||
|
||||
PSA Firmware Update (PSA FWU)
|
||||
-----------------------------
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
The `PSA FW update specification`_ defines the concepts of ``Firmware Update
|
||||
Client`` and ``Firmware Update Agent``.
|
||||
The new firmware images are provided by the ``Client`` to the ``Update Agent``
|
||||
to flash them in non-volatile storage.
|
||||
|
||||
A common system design will place the ``Update Agent`` in the Secure-world
|
||||
while the ``Client`` executes in the Normal-world.
|
||||
The `PSA FW update specification`_ provides ABIs meant for a Normal-world
|
||||
entity aka ``Client`` to transmit the firmware images to the ``Update Agent``.
|
||||
|
||||
Scope
|
||||
~~~~~
|
||||
The design of the ``Client`` and ``Update Agent`` is out of scope of this
|
||||
document.
|
||||
This document mainly covers ``Platform Boot`` details i.e. the role of
|
||||
the second stage Bootloader after FWU has been done by ``Client`` and
|
||||
``Update Agent``.
|
||||
|
||||
Overview
|
||||
~~~~~~~~
|
||||
|
||||
There are active and update banks in the non-volatile storage identified
|
||||
by the ``active_index`` and the ``update_index`` respectively.
|
||||
An active bank stores running firmware, whereas an update bank contains
|
||||
firmware updates.
|
||||
|
||||
Once Firmwares are updated in the update bank of the non-volatile
|
||||
storage, then ``Update Agent`` marks the update bank as the active bank,
|
||||
and write updated FWU metadata in non-volatile storage.
|
||||
On subsequent reboot, the second stage Bootloader (BL2) performs the
|
||||
following actions:
|
||||
|
||||
- Read FWU metadata in memory
|
||||
- Retrieve the image specification (offset and length) of updated images
|
||||
present in non-volatile storage with the help of FWU metadata
|
||||
- Set these image specification in the corresponding I/O policies of the
|
||||
updated images using the FWU platform functions
|
||||
``plat_fwu_set_images_source()`` and ``plat_fwu_set_metadata_image_source()``,
|
||||
please refer :ref:`Porting Guide`
|
||||
- Use these I/O policies to read the images from this address into the memory
|
||||
|
||||
By default, the platform uses the active bank of non-volatile storage to boot
|
||||
the images in ``trial state``. If images pass through the authentication check
|
||||
and also if the system successfully booted the Normal-world image then
|
||||
``Update Agent`` marks this update as accepted after further sanitisation
|
||||
checking at Normal-world.
|
||||
|
||||
The second stage Bootloader (BL2) avoids upgrading the platform NV-counter until
|
||||
it's been confirmed that given update is accepted.
|
||||
|
||||
The following sequence diagram shows platform-boot flow:
|
||||
|
||||
.. image:: ../resources/diagrams/PSA-FWU.png
|
||||
|
||||
If the platform fails to boot from active bank due to any reasons such
|
||||
as authentication failure or non-fuctionality of Normal-world software then the
|
||||
watchdog will reset to give a chance to the platform to fix the issue. This
|
||||
boot failure & reset sequence might be repeated up to ``trial state`` times.
|
||||
After that, the platform can decide to boot from the ``previous_active_index``
|
||||
bank.
|
||||
|
||||
If the images still does not boot successfully from the ``previous_active_index``
|
||||
bank (e.g. due to ageing effect of non-volatile storage) then the platform can
|
||||
choose firmware recovery mechanism :ref:`TBBR Firmware Update` to bring system
|
||||
back to life.
|
||||
|
||||
.. _TBBR Firmware Update:
|
||||
|
||||
TBBR Firmware Update (TBBR FWU)
|
||||
-------------------------------
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
|
||||
This technique enables authenticated firmware to update firmware images from
|
||||
external interfaces such as USB, UART, SD-eMMC, NAND, NOR or Ethernet to SoC
|
||||
Non-Volatile memories such as NAND Flash, LPDDR2-NVM or any memory determined
|
||||
by the platform.
|
||||
This feature functions even when the current firmware in the system is corrupt
|
||||
or missing; it therefore may be used as a recovery mode. It may also be
|
||||
complemented by other, higher level firmware update software.
|
||||
|
||||
FWU implements a specific part of the Trusted Board Boot Requirements (TBBR)
|
||||
specification, Arm DEN0006C-1. It should be used in conjunction with the
|
||||
:ref:`Trusted Board Boot` design document, which describes the image
|
||||
authentication parts of the Trusted Firmware-A (TF-A) TBBR implementation.
|
||||
|
||||
It can be used as a last resort when all firmware updates that are carried out
|
||||
as part of the :ref:`PSA Firmware Update` procedure have failed to function.
|
||||
|
||||
Scope
|
||||
~~~~~
|
||||
|
||||
This document describes the secure world FWU design. It is beyond its scope to
|
||||
describe how normal world FWU images should operate. To implement normal world
|
||||
FWU images, please refer to the "Non-Trusted Firmware Updater" requirements in
|
||||
the TBBR.
|
||||
|
||||
Overview
|
||||
~~~~~~~~
|
||||
|
||||
The FWU boot flow is primarily mediated by BL1. Since BL1 executes in ROM, and
|
||||
it is usually desirable to minimize the amount of ROM code, the design allows
|
||||
some parts of FWU to be implemented in other secure and normal world images.
|
||||
Platform code may choose which parts are implemented in which images but the
|
||||
general expectation is:
|
||||
|
||||
- BL1 handles:
|
||||
|
||||
- Detection and initiation of the FWU boot flow.
|
||||
- Copying images from non-secure to secure memory
|
||||
- FWU image authentication
|
||||
- Context switching between the normal and secure world during the FWU
|
||||
process.
|
||||
|
||||
- Other secure world FWU images handle platform initialization required by
|
||||
the FWU process.
|
||||
- Normal world FWU images handle loading of firmware images from external
|
||||
interfaces to non-secure memory.
|
||||
|
||||
The primary requirements of the FWU feature are:
|
||||
|
||||
#. Export a BL1 SMC interface to interoperate with other FWU images executing
|
||||
at other Exception Levels.
|
||||
#. Export a platform interface to provide FWU common code with the information
|
||||
it needs, and to enable platform specific FWU functionality. See the
|
||||
:ref:`Porting Guide` for details of this interface.
|
||||
|
||||
TF-A uses abbreviated image terminology for FWU images like for other TF-A
|
||||
images. See the :ref:`Image Terminology` document for an explanation of these
|
||||
terms.
|
||||
|
||||
The following diagram shows the FWU boot flow for Arm development platforms.
|
||||
Arm CSS platforms like Juno have a System Control Processor (SCP), and these
|
||||
use all defined FWU images. Other platforms may use a subset of these.
|
||||
|
||||
|Flow Diagram|
|
||||
|
||||
Image Identification
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Each FWU image and certificate is identified by a unique ID, defined by the
|
||||
platform, which BL1 uses to fetch an image descriptor (``image_desc_t``) via a
|
||||
call to ``bl1_plat_get_image_desc()``. The same ID is also used to prepare the
|
||||
Chain of Trust (Refer to the :ref:`Authentication Framework & Chain of Trust`
|
||||
document for more information).
|
||||
|
||||
The image descriptor includes the following information:
|
||||
|
||||
- Executable or non-executable image. This indicates whether the normal world
|
||||
is permitted to request execution of a secure world FWU image (after
|
||||
authentication). Secure world certificates and non-AP images are examples
|
||||
of non-executable images.
|
||||
- Secure or non-secure image. This indicates whether the image is
|
||||
authenticated/executed in secure or non-secure memory.
|
||||
- Image base address and size.
|
||||
- Image entry point configuration (an ``entry_point_info_t``).
|
||||
- FWU image state.
|
||||
|
||||
BL1 uses the FWU image descriptors to:
|
||||
|
||||
- Validate the arguments of FWU SMCs
|
||||
- Manage the state of the FWU process
|
||||
- Initialize the execution state of the next FWU image.
|
||||
|
||||
FWU State Machine
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
BL1 maintains state for each FWU image during FWU execution. FWU images at lower
|
||||
Exception Levels raise SMCs to invoke FWU functionality in BL1, which causes
|
||||
BL1 to update its FWU image state. The BL1 image states and valid state
|
||||
transitions are shown in the diagram below. Note that secure images have a more
|
||||
complex state machine than non-secure images.
|
||||
|
||||
|FWU state machine|
|
||||
|
||||
The following is a brief description of the supported states:
|
||||
|
||||
- RESET: This is the initial state of every image at the start of FWU.
|
||||
Authentication failure also leads to this state. A secure
|
||||
image may yield to this state if it has completed execution.
|
||||
It can also be reached by using ``FWU_SMC_IMAGE_RESET``.
|
||||
|
||||
- COPYING: This is the state of a secure image while BL1 is copying it
|
||||
in blocks from non-secure to secure memory.
|
||||
|
||||
- COPIED: This is the state of a secure image when BL1 has completed
|
||||
copying it to secure memory.
|
||||
|
||||
- AUTHENTICATED: This is the state of an image when BL1 has successfully
|
||||
authenticated it.
|
||||
|
||||
- EXECUTED: This is the state of a secure, executable image when BL1 has
|
||||
passed execution control to it.
|
||||
|
||||
- INTERRUPTED: This is the state of a secure, executable image after it has
|
||||
requested BL1 to resume normal world execution.
|
||||
|
||||
BL1 SMC Interface
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
BL1_SMC_CALL_COUNT
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x0
|
||||
|
||||
Return:
|
||||
uint32_t
|
||||
|
||||
This SMC returns the number of SMCs supported by BL1.
|
||||
|
||||
BL1_SMC_UID
|
||||
^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x1
|
||||
|
||||
Return:
|
||||
UUID : 32 bits in each of w0-w3 (or r0-r3 for AArch32 callers)
|
||||
|
||||
This SMC returns the 128-bit `Universally Unique Identifier`_ for the
|
||||
BL1 SMC service.
|
||||
|
||||
BL1_SMC_VERSION
|
||||
^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Argument:
|
||||
uint32_t function ID : 0x3
|
||||
|
||||
Return:
|
||||
uint32_t : Bits [31:16] Major Version
|
||||
Bits [15:0] Minor Version
|
||||
|
||||
This SMC returns the current version of the BL1 SMC service.
|
||||
|
||||
BL1_SMC_RUN_IMAGE
|
||||
^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x4
|
||||
entry_point_info_t *ep_info
|
||||
|
||||
Return:
|
||||
void
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller) synchronous exception
|
||||
if (ep_info not EL3) synchronous exception
|
||||
|
||||
This SMC passes execution control to an EL3 image described by the provided
|
||||
``entry_point_info_t`` structure. In the normal TF-A boot flow, BL2 invokes
|
||||
this SMC for BL1 to pass execution control to BL31.
|
||||
|
||||
FWU_SMC_IMAGE_COPY
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x10
|
||||
unsigned int image_id
|
||||
uintptr_t image_addr
|
||||
unsigned int block_size
|
||||
unsigned int image_size
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -ENOMEM
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (image_id is non-secure image) return -EPERM
|
||||
if (image_id state is not (RESET or COPYING)) return -EPERM
|
||||
if (secure world caller) return -EPERM
|
||||
if (image_addr + block_size overflows) return -ENOMEM
|
||||
if (image destination address + image_size overflows) return -ENOMEM
|
||||
if (source block is in secure memory) return -ENOMEM
|
||||
if (source block is not mapped into BL1) return -ENOMEM
|
||||
if (image_size > free secure memory) return -ENOMEM
|
||||
if (image overlaps another image) return -EPERM
|
||||
|
||||
This SMC copies the secure image indicated by ``image_id`` from non-secure memory
|
||||
to secure memory for later authentication. The image may be copied in a single
|
||||
block or multiple blocks. In either case, the total size of the image must be
|
||||
provided in ``image_size`` when invoking this SMC for the first time for each
|
||||
image; it is ignored in subsequent calls (if any) for the same image.
|
||||
|
||||
The ``image_addr`` and ``block_size`` specify the source memory block to copy from.
|
||||
The destination address is provided by the platform code.
|
||||
|
||||
If ``block_size`` is greater than the amount of remaining bytes to copy for this
|
||||
image then the former is truncated to the latter. The copy operation is then
|
||||
considered as complete and the FWU state machine transitions to the "COPIED"
|
||||
state. If there is still more to copy, the FWU state machine stays in or
|
||||
transitions to the COPYING state (depending on the previous state).
|
||||
|
||||
When using multiple blocks, the source blocks do not necessarily need to be in
|
||||
contiguous memory.
|
||||
|
||||
Once the SMC is handled, BL1 returns from exception to the normal world caller.
|
||||
|
||||
FWU_SMC_IMAGE_AUTH
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x11
|
||||
unsigned int image_id
|
||||
uintptr_t image_addr
|
||||
unsigned int image_size
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -ENOMEM
|
||||
: -EPERM
|
||||
: -EAUTH
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (secure world caller)
|
||||
if (image_id state is not RESET) return -EPERM
|
||||
if (image_addr/image_size is not mapped into BL1) return -ENOMEM
|
||||
else // normal world caller
|
||||
if (image_id is secure image)
|
||||
if (image_id state is not COPIED) return -EPERM
|
||||
else // image_id is non-secure image
|
||||
if (image_id state is not RESET) return -EPERM
|
||||
if (image_addr/image_size is in secure memory) return -ENOMEM
|
||||
if (image_addr/image_size not mapped into BL1) return -ENOMEM
|
||||
|
||||
This SMC authenticates the image specified by ``image_id``. If the image is in the
|
||||
RESET state, BL1 authenticates the image in place using the provided
|
||||
``image_addr`` and ``image_size``. If the image is a secure image in the COPIED
|
||||
state, BL1 authenticates the image from the secure memory that BL1 previously
|
||||
copied the image into.
|
||||
|
||||
BL1 returns from exception to the caller. If authentication succeeds then BL1
|
||||
sets the image state to AUTHENTICATED. If authentication fails then BL1 returns
|
||||
the -EAUTH error and sets the image state back to RESET.
|
||||
|
||||
FWU_SMC_IMAGE_EXECUTE
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x12
|
||||
unsigned int image_id
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (secure world caller) return -EPERM
|
||||
if (image_id is non-secure image) return -EPERM
|
||||
if (image_id is non-executable image) return -EPERM
|
||||
if (image_id state is not AUTHENTICATED) return -EPERM
|
||||
|
||||
This SMC initiates execution of a previously authenticated image specified by
|
||||
``image_id``, in the other security world to the caller. The current
|
||||
implementation only supports normal world callers initiating execution of a
|
||||
secure world image.
|
||||
|
||||
BL1 saves the normal world caller's context, sets the secure image state to
|
||||
EXECUTED, and returns from exception to the secure image.
|
||||
|
||||
FWU_SMC_IMAGE_RESUME
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x13
|
||||
register_t image_param
|
||||
|
||||
Return:
|
||||
register_t : image_param (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller and no INTERRUPTED secure image) return -EPERM
|
||||
|
||||
This SMC resumes execution in the other security world while there is a secure
|
||||
image in the EXECUTED/INTERRUPTED state.
|
||||
|
||||
For normal world callers, BL1 sets the previously interrupted secure image state
|
||||
to EXECUTED. For secure world callers, BL1 sets the previously executing secure
|
||||
image state to INTERRUPTED. In either case, BL1 saves the calling world's
|
||||
context, restores the resuming world's context and returns from exception into
|
||||
the resuming world. If the call is successful then the caller provided
|
||||
``image_param`` is returned to the resumed world, otherwise an error code is
|
||||
returned to the caller.
|
||||
|
||||
FWU_SMC_SEC_IMAGE_DONE
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x14
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller) return -EPERM
|
||||
|
||||
This SMC indicates completion of a previously executing secure image.
|
||||
|
||||
BL1 sets the previously executing secure image state to the RESET state,
|
||||
restores the normal world context and returns from exception into the normal
|
||||
world.
|
||||
|
||||
FWU_SMC_UPDATE_DONE
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x15
|
||||
register_t client_cookie
|
||||
|
||||
Return:
|
||||
N/A
|
||||
|
||||
This SMC completes the firmware update process. BL1 calls the platform specific
|
||||
function ``bl1_plat_fwu_done``, passing the optional argument ``client_cookie`` as
|
||||
a ``void *``. The SMC does not return.
|
||||
|
||||
FWU_SMC_IMAGE_RESET
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x16
|
||||
unsigned int image_id
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (secure world caller) return -EPERM
|
||||
if (image in EXECUTED) return -EPERM
|
||||
|
||||
This SMC sets the state of an image to RESET and zeroes the memory used by it.
|
||||
|
||||
This is only allowed if the image is not being executed.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Universally Unique Identifier: https://tools.ietf.org/rfc/rfc4122.txt
|
||||
.. |Flow Diagram| image:: ../resources/diagrams/fwu_flow.png
|
||||
.. |FWU state machine| image:: ../resources/diagrams/fwu_states.png
|
||||
.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/latest/
|
||||
@@ -0,0 +1,284 @@
|
||||
Granule Protection Tables Library
|
||||
=================================
|
||||
|
||||
This document describes the design of the Granule Protection Tables (GPT)
|
||||
library used by Trusted Firmware-A (TF-A). This library provides the APIs needed
|
||||
to initialize the GPTs based on a data structure containing information about
|
||||
the systems memory layout, configure the system registers to enable granule
|
||||
protection checks based on these tables, and transition granules between
|
||||
different PAS (physical address spaces) at runtime.
|
||||
|
||||
Arm CCA adds two new security states for a total of four: root, realm, secure,
|
||||
and non-secure. In addition to new security states, corresponding physical
|
||||
address spaces have been added to control memory access for each state. The PAS
|
||||
access allowed to each security state can be seen in the table below.
|
||||
|
||||
.. list-table:: Security states and PAS access rights
|
||||
:widths: 25 25 25 25 25
|
||||
:header-rows: 1
|
||||
|
||||
* -
|
||||
- Root state
|
||||
- Realm state
|
||||
- Secure state
|
||||
- Non-secure state
|
||||
* - Root PAS
|
||||
- yes
|
||||
- no
|
||||
- no
|
||||
- no
|
||||
* - Realm PAS
|
||||
- yes
|
||||
- yes
|
||||
- no
|
||||
- no
|
||||
* - Secure PAS
|
||||
- yes
|
||||
- no
|
||||
- yes
|
||||
- no
|
||||
* - Non-secure PAS
|
||||
- yes
|
||||
- yes
|
||||
- yes
|
||||
- yes
|
||||
|
||||
The GPT can function as either a 1 level or 2 level lookup depending on how a
|
||||
PAS region is configured. The first step is the level 0 table, each entry in the
|
||||
level 0 table controls access to a relatively large region in memory (GPT Block
|
||||
descriptor), and the entire region can belong to a single PAS when a one step
|
||||
mapping is used. Level 0 entry can also link to a level 1 table (GPT Table
|
||||
descriptor) with a 2 step mapping. To change PAS of a region dynamically, the
|
||||
region must be mapped in Level 1 table.
|
||||
|
||||
The Level 1 tables entries with the same PAS can be combined to form a
|
||||
contiguous block entry using GPT Contiguous descriptor. More details about this
|
||||
is explained in the following section.
|
||||
|
||||
Design Concepts and Interfaces
|
||||
------------------------------
|
||||
|
||||
This section covers some important concepts and data structures used in the GPT
|
||||
library.
|
||||
|
||||
There are three main parameters that determine how the tables are organized and
|
||||
function: the PPS (protected physical space) which is the total amount of
|
||||
protected physical address space in the system, PGS (physical granule size)
|
||||
which is how large each level 1 granule is, and L0GPTSZ (level 0 GPT size) which
|
||||
determines how much physical memory is governed by each level 0 entry. A granule
|
||||
is the smallest unit of memory that can be independently assigned to a PAS.
|
||||
|
||||
L0GPTSZ is determined by the hardware and is read from the GPCCR_EL3 register.
|
||||
PPS and PGS are passed into the APIs at runtime and can be determined in
|
||||
whatever way is best for a given platform, either through some algorithm or hard
|
||||
coded in the firmware.
|
||||
|
||||
GPT setup is split into two parts: table creation and runtime initialization. In
|
||||
the table creation step, a data structure containing information about the
|
||||
desired PAS regions is passed into the library which validates the mappings,
|
||||
creates the tables in memory, and enables granule protection checks. It also
|
||||
allocates memory for fine-grained locks adjacent to the L0 tables. In the
|
||||
runtime initialization step, the runtime firmware locates the existing tables in
|
||||
memory using the GPT register configuration and saves important data to a
|
||||
structure used by the granule transition service which will be covered more
|
||||
below.
|
||||
|
||||
In the reference implementation for FVP models, you can find an example of PAS
|
||||
region definitions in the file ``plat/arm/board/fvp/include/fvp_pas_def.h``.
|
||||
Table creation API calls can be found in ``plat/arm/common/arm_common.c`` and
|
||||
runtime initialization API calls can be seen in
|
||||
``plat/arm/common/arm_bl31_setup.c``.
|
||||
|
||||
During the table creation time, the GPT lib opportunistically fuses contiguous
|
||||
GPT L1 entries having the same PAS. The maximum size of
|
||||
supported contiguous blocks is defined by ``RME_GPT_MAX_BLOCK`` build option.
|
||||
|
||||
Defining PAS regions
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
A ``pas_region_t`` structure is a way to represent a physical address space and
|
||||
its attributes that can be used by the GPT library to initialize the tables.
|
||||
|
||||
This structure is composed of the following:
|
||||
|
||||
#. The base physical address
|
||||
#. The region size
|
||||
#. The desired attributes of this memory region (mapping type, PAS type)
|
||||
|
||||
See the ``pas_region_t`` type in ``include/lib/gpt_rme/gpt_rme.h``.
|
||||
|
||||
The programmer should provide the API with an array containing ``pas_region_t``
|
||||
structures, then the library will check the desired memory access layout for
|
||||
validity and create tables to implement it.
|
||||
|
||||
``pas_region_t`` is a public type, however it is recommended that the macros
|
||||
``GPT_MAP_REGION_BLOCK`` and ``GPT_MAP_REGION_GRANULE`` be used to populate
|
||||
these structures instead of doing it manually to reduce the risk of future
|
||||
compatibility issues. These macros take the base physical address, region size,
|
||||
and PAS type as arguments to generate the pas_region_t structure. As the names
|
||||
imply, ``GPT_MAP_REGION_BLOCK`` creates a region using only L0 mapping while
|
||||
``GPT_MAP_REGION_GRANULE`` creates a region using L0 and L1 mappings.
|
||||
|
||||
Level 0 and Level 1 Tables
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The GPT initialization APIs require memory to be passed in for the tables to be
|
||||
constructed. The ``gpt_init_l0_tables`` API takes a memory address and size for
|
||||
building the level 0 tables and also memory for allocating the fine-grained bitlock
|
||||
data structure. The amount of memory needed for bitlock structure is controlled via
|
||||
``RME_GPT_BITLOCK_BLOCK`` config which defines the block size for each bit of the
|
||||
the bitlock.
|
||||
|
||||
The ``gpt_init_pas_l1_tables`` API takes an address and size for
|
||||
building the level 1 tables which are linked from level 0 descriptors. The
|
||||
tables should have PAS type ``GPT_GPI_ROOT`` and a typical system might place
|
||||
its level 0 table in SRAM and its level 1 table(s) in DRAM.
|
||||
|
||||
Granule Transition Service
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The Granule Transition Service allows memory mapped with
|
||||
``GPT_MAP_REGION_GRANULE`` ownership to be changed using SMC calls. Non-secure
|
||||
granules can be transitioned to either realm or secure space, and realm and
|
||||
secure granules can be transitioned back to non-secure. This library only
|
||||
allows Level 1 entries to be transitioned. The lib may either shatter
|
||||
contiguous blocks or fuse adjacent GPT entries to form a contiguous block
|
||||
opportunistically. Depending on the maximum block size, the fuse operation may
|
||||
propogate to higher block sizes as allowed by RME Architecture. Thus a higher
|
||||
maximum block size may have a higher runtime cost due to software operations
|
||||
that need to be performed for fuse to bigger block sizes. This cost may
|
||||
be offset by better TLB performance due to the higher block size and platforms
|
||||
need to make the trade-off decision based on their particular workload.
|
||||
|
||||
Locking Scheme
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
During Granule Transition access to L1 tables is controlled by a lock to ensure
|
||||
that no more than one CPU is allowed to make changes at any given time.
|
||||
The granularity of the lock is defined by ``RME_GPT_BITLOCK_BLOCK`` build option
|
||||
which defines the size of the memory block protected by one bit of ``bitlock``
|
||||
structure. Setting this option to 0 chooses a single spinlock for all GPT L1
|
||||
table entries.
|
||||
|
||||
Library APIs
|
||||
------------
|
||||
|
||||
The public APIs and types can be found in ``include/lib/gpt_rme/gpt_rme.h`` and this
|
||||
section is intended to provide additional details and clarifications.
|
||||
|
||||
To create the GPTs and enable granule protection checks the APIs need to be
|
||||
called in the correct order and at the correct time during the system boot
|
||||
process.
|
||||
|
||||
#. Firmware must enable the MMU.
|
||||
#. Firmware must call ``gpt_init_l0_tables`` to initialize the level 0 tables to
|
||||
a default state, that is, initializing all of the L0 descriptors to allow all
|
||||
accesses to all memory. The PPS is provided to this function as an argument.
|
||||
#. DDR discovery and initialization by the system, the discovered DDR region(s)
|
||||
are then added to the L1 PAS regions to be initialized in the next step and
|
||||
used by the GTSI at runtime.
|
||||
#. Firmware must call ``gpt_init_pas_l1_tables`` with a pointer to an array of
|
||||
``pas_region_t`` structures containing the desired memory access layout. The
|
||||
PGS is provided to this function as an argument.
|
||||
#. Firmware must call ``gpt_enable`` to enable granule protection checks by
|
||||
setting the correct register values.
|
||||
#. In systems that make use of the granule transition service, runtime
|
||||
firmware must call ``gpt_runtime_init`` to set up the data structures needed
|
||||
by the GTSI to find the tables and transition granules between PAS types.
|
||||
|
||||
API Constraints
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
The values allowed by the API for PPS and PGS are enumerated types
|
||||
defined in the file ``include/lib/gpt_rme/gpt_rme.h``.
|
||||
|
||||
Allowable values for PPS along with their corresponding size.
|
||||
|
||||
* ``GPCCR_PPS_4GB`` (4GB protected space, 0x100000000 bytes)
|
||||
* ``GPCCR_PPS_64GB`` (64GB protected space, 0x1000000000 bytes)
|
||||
* ``GPCCR_PPS_1TB`` (1TB protected space, 0x10000000000 bytes)
|
||||
* ``GPCCR_PPS_4TB`` (4TB protected space, 0x40000000000 bytes)
|
||||
* ``GPCCR_PPS_16TB`` (16TB protected space, 0x100000000000 bytes)
|
||||
* ``GPCCR_PPS_256TB`` (256TB protected space, 0x1000000000000 bytes)
|
||||
* ``GPCCR_PPS_4PB`` (4PB protected space, 0x10000000000000 bytes)
|
||||
|
||||
Allowable values for PGS along with their corresponding size.
|
||||
|
||||
* ``GPCCR_PGS_4K`` (4KB granules, 0x1000 bytes)
|
||||
* ``GPCCR_PGS_16K`` (16KB granules, 0x4000 bytes)
|
||||
* ``GPCCR_PGS_64K`` (64KB granules, 0x10000 bytes)
|
||||
|
||||
Allowable values for L0GPTSZ along with the corresponding size.
|
||||
|
||||
* ``GPCCR_L0GPTSZ_30BITS`` (1GB regions, 0x40000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_34BITS`` (16GB regions, 0x400000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_36BITS`` (64GB regions, 0x1000000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_39BITS`` (512GB regions, 0x8000000000 bytes)
|
||||
|
||||
Note that the value of the PPS, PGS, and L0GPTSZ definitions is an encoded value
|
||||
corresponding to the size, not the size itself. The decoded hex representations
|
||||
of the sizes have been provided for convenience.
|
||||
|
||||
The L0 table memory has some constraints that must be taken into account.
|
||||
|
||||
* The L0 table must be aligned to either the table size or 4096 bytes, whichever
|
||||
is greater. L0 table size is the total protected space (PPS) divided by the
|
||||
size of each L0 region (L0GPTSZ) multiplied by the size of each L0 descriptor
|
||||
(8 bytes). ((PPS / L0GPTSZ) * 8)
|
||||
* The L0 memory size must be greater than the table size and have enough space
|
||||
to allocate array of ``bitlock`` structures at the end of L0 table if
|
||||
required (``RME_GPT_BITLOCK_BLOCK`` is not 0).
|
||||
* The L0 memory must fall within a PAS of type GPT_GPI_ROOT.
|
||||
|
||||
The L1 memory also has some constraints.
|
||||
|
||||
* The L1 tables must be aligned to their size. The size of each L1 table is the
|
||||
size of each L0 region (L0GPTSZ) divided by the granule size (PGS) divided by
|
||||
the granules controlled in each byte (2). ((L0GPTSZ / PGS) / 2)
|
||||
* There must be enough L1 memory supplied to build all requested L1 tables.
|
||||
* The L1 memory must fall within a PAS of type GPT_GPI_ROOT.
|
||||
|
||||
If an invalid combination of parameters is supplied, the APIs will print an
|
||||
error message and return a negative value. The return values of APIs should be
|
||||
checked to ensure successful configuration.
|
||||
|
||||
Sample Calculation for L0 memory size and alignment
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Let PPS=GPCCR_PPS_4GB and L0GPTSZ=GPCCR_L0GPTSZ_30BITS
|
||||
|
||||
We can find the total L0 table size with ((PPS / L0GPTSZ) * 8)
|
||||
|
||||
Substitute values to get this: ((0x100000000 / 0x40000000) * 8)
|
||||
|
||||
And solve to get 32 bytes. In this case, 4096 is greater than 32, so the L0
|
||||
tables must be aligned to 4096 bytes.
|
||||
|
||||
Sample calculation for bitlock array size
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Let PGS=GPCCR_PPS_256TB and RME_GPT_BITLOCK_BLOCK=1
|
||||
|
||||
The size of bit lock array in bits is the total protected space (PPS) divided
|
||||
by the size of memory block per bit. The size of memory block
|
||||
is ``RME_GPT_BITLOCK_BLOCK`` (number of 512MB blocks per bit) times
|
||||
512MB (0x20000000). This is then divided by the number of bits in ``bitlock``
|
||||
structure (8) to get the size of bit array in bytes.
|
||||
|
||||
In other words, we can find the total size of ``bitlock`` array
|
||||
in bytes with PPS / (RME_GPT_BITLOCK_BLOCK * 0x20000000 * 8).
|
||||
|
||||
Substitute values to get this: 0x1000000000000 / (1 * 0x20000000 * 8)
|
||||
|
||||
And solve to get 0x10000 bytes.
|
||||
|
||||
Sample calculation for L1 table size and alignment
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Let PGS=GPCCR_PGS_4K and L0GPTSZ=GPCCR_L0GPTSZ_30BITS
|
||||
|
||||
We can find the size of each L1 table with ((L0GPTSZ / PGS) / 2).
|
||||
|
||||
Substitute values: ((0x40000000 / 0x1000) / 2)
|
||||
|
||||
And solve to get 0x20000 bytes per L1 table.
|
||||
31
arm-trusted-firmware.t234/docs/components/index.rst
Normal file
31
arm-trusted-firmware.t234/docs/components/index.rst
Normal file
@@ -0,0 +1,31 @@
|
||||
Components
|
||||
==========
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
spd/index
|
||||
activity-monitors
|
||||
arm-sip-service
|
||||
debugfs-design
|
||||
exception-handling
|
||||
fconf/index
|
||||
firmware-update
|
||||
measured_boot/index
|
||||
mpmm
|
||||
platform-interrupt-controller-API
|
||||
ras
|
||||
romlib-design
|
||||
sdei
|
||||
secure-partition-manager
|
||||
el3-spmc
|
||||
secure-partition-manager-mm
|
||||
xlat-tables-lib-v2-design
|
||||
cot-binding
|
||||
realm-management-extension
|
||||
rmm-el3-comms-spec
|
||||
granule-protection-tables-design
|
||||
ven-el3-service
|
||||
ven-el3-debugfs
|
||||
context-management-library
|
||||
@@ -0,0 +1,43 @@
|
||||
DTB binding for Event Log properties
|
||||
====================================
|
||||
|
||||
This document describes the device tree format of Event Log properties.
|
||||
These properties are not related to a specific platform and can be queried
|
||||
from common code.
|
||||
|
||||
Dynamic configuration for Event Log
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Measured Boot driver expects a *tpm_event_log* node with the following field
|
||||
in 'tb_fw_config', 'nt_fw_config' and 'tsp_fw_config' DTS files:
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,tpm_event_log".
|
||||
|
||||
Then a list of properties representing Event Log configuration, which
|
||||
can be used by Measured Boot driver. Each property is named according
|
||||
to the information it contains:
|
||||
|
||||
- tpm_event_log_sm_addr [fvp_nt_fw_config.dts with OP-TEE]
|
||||
- value type: <u64>
|
||||
- Event Log base address in secure memory.
|
||||
|
||||
Note. Currently OP-TEE does not support reading DTBs from Secure memory
|
||||
and this property should be removed when this feature is supported.
|
||||
|
||||
- tpm_event_log_addr [mandatory]
|
||||
- value type: <u64>
|
||||
- Event Log base address in non-secure memory.
|
||||
|
||||
- tpm_event_log_size [mandatory]
|
||||
- value type: <u32>
|
||||
- Event Log size.
|
||||
|
||||
- tpm_event_log_max_size [mandatory]
|
||||
- value type: <u32>
|
||||
- Event Log maximum size.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,12 @@
|
||||
Measured Boot Driver (MBD)
|
||||
==========================
|
||||
|
||||
.. _measured-boot-document:
|
||||
|
||||
Properties binding information
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
event_log
|
||||
30
arm-trusted-firmware.t234/docs/components/mpmm.rst
Normal file
30
arm-trusted-firmware.t234/docs/components/mpmm.rst
Normal file
@@ -0,0 +1,30 @@
|
||||
Maximum Power Mitigation Mechanism (MPMM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
|MPMM| is an optional microarchitectural power management mechanism supported by
|
||||
some Arm Armv9-A cores, beginning with the Cortex-X2, Cortex-A710 and
|
||||
Cortex-A510 cores. This mechanism detects and limits high-activity events to
|
||||
assist in |SoC| processor power domain dynamic power budgeting and limit the
|
||||
triggering of whole-rail (i.e. clock chopping) responses to overcurrent
|
||||
conditions.
|
||||
|
||||
|MPMM| is enabled on a per-core basis by the EL3 runtime firmware. The presence
|
||||
of |MPMM| cannot be determined at runtime by the firmware, and therefore the
|
||||
platform must expose this information through one of two possible mechanisms:
|
||||
|
||||
- |FCONF|, controlled by the ``ENABLE_MPMM_FCONF`` build option.
|
||||
- A platform implementation of the ``plat_mpmm_topology`` function (the
|
||||
default).
|
||||
|
||||
See :ref:`Maximum Power Mitigation Mechanism (MPMM) Bindings` for documentation
|
||||
on the |FCONF| device tree bindings.
|
||||
|
||||
.. warning::
|
||||
|
||||
|MPMM| exposes gear metrics through the auxiliary |AMU| counters. An
|
||||
external power controller can use these metrics to budget SoC power by
|
||||
limiting the number of cores that can execute higher-activity workloads or
|
||||
switching to a different DVFS operating point. When this is the case, the
|
||||
|AMU| counters that make up the |MPMM| gears must be enabled by the EL3
|
||||
runtime firmware - please see :ref:`Activity Monitor Auxiliary Counters` for
|
||||
documentation on enabling auxiliary |AMU| counters.
|
||||
@@ -0,0 +1,328 @@
|
||||
Platform Interrupt Controller API
|
||||
=================================
|
||||
|
||||
This document lists the optional platform interrupt controller API that
|
||||
abstracts the runtime configuration and control of interrupt controller from the
|
||||
generic code. The mandatory APIs are described in the
|
||||
:ref:`Porting Guide <porting_guide_imf_in_bl31>`.
|
||||
|
||||
Function: unsigned int plat_ic_get_running_priority(void); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : void
|
||||
Return : unsigned int
|
||||
|
||||
This API should return the priority of the interrupt the PE is currently
|
||||
servicing. This must be be called only after an interrupt has already been
|
||||
acknowledged via ``plat_ic_acknowledge_interrupt``.
|
||||
|
||||
In the case of Arm standard platforms using GIC, the *Running Priority Register*
|
||||
is read to determine the priority of the interrupt.
|
||||
|
||||
Function: int plat_ic_is_spi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Shared Peripheral Interrupt. Shared Peripheral Interrupts are typically
|
||||
associated to system-wide peripherals, and these interrupts can target any PE in
|
||||
the system.
|
||||
|
||||
Function: int plat_ic_is_ppi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Private Peripheral Interrupt. Private Peripheral Interrupts are typically
|
||||
associated with peripherals that are private to each PE. Interrupts from private
|
||||
peripherals target to that PE only.
|
||||
|
||||
Function: int plat_ic_is_sgi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Software Generated Interrupt. Software Generated Interrupts are raised by
|
||||
explicit programming by software, and are typically used in inter-PE
|
||||
communication. Secure SGIs are reserved for use by Secure world software.
|
||||
|
||||
Function: unsigned int plat_ic_get_interrupt_active(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API should return the *active* status of the interrupt ID specified by the
|
||||
first parameter, ``id``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API reads
|
||||
the GIC *Set Active Register* to read and return the active status of the
|
||||
interrupt.
|
||||
|
||||
Function: void plat_ic_enable_interrupt(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should enable the interrupt ID specified by the first parameter,
|
||||
``id``. PEs in the system are expected to receive only enabled interrupts.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before enabling interrupt, and
|
||||
then writes to GIC *Set Enable Register* to enable the interrupt.
|
||||
|
||||
Function: void plat_ic_disable_interrupt(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should disable the interrupt ID specified by the first parameter,
|
||||
``id``. PEs in the system are not expected to receive disabled interrupts.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to GIC *Clear Enable Register* to disable the interrupt, and inserts
|
||||
barrier to make memory updates visible afterwards.
|
||||
|
||||
Function: void plat_ic_set_interrupt_priority(unsigned int id, unsigned int priority); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the priority of the interrupt specified by first parameter
|
||||
``id`` to the value set by the second parameter ``priority``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to GIC *Priority Register* set interrupt priority.
|
||||
|
||||
Function: bool plat_ic_has_interrupt_type(unsigned int type); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : bool
|
||||
|
||||
This API should return whether the platform supports a given interrupt type. The
|
||||
parameter ``type`` shall be one of ``INTR_TYPE_EL3``, ``INTR_TYPE_S_EL1``, or
|
||||
``INTR_TYPE_NS``.
|
||||
|
||||
In case of Arm standard platforms using GICv3, the implementation of the API
|
||||
returns *true* for all interrupt types.
|
||||
|
||||
In case of Arm standard platforms using GICv2, the API always return *true* for
|
||||
``INTR_TYPE_NS``. Return value for other types depends on the value of build
|
||||
option ``GICV2_G0_FOR_EL3``:
|
||||
|
||||
- For interrupt type ``INTR_TYPE_EL3``:
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``0``, it returns *false*, indicating no support
|
||||
for EL3 interrupts.
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``1``, it returns *true*, indicating support for
|
||||
EL3 interrupts.
|
||||
|
||||
- For interrupt type ``INTR_TYPE_S_EL1``:
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``0``, it returns *true*, indicating support for
|
||||
Secure EL1 interrupts.
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``1``, it returns *false*, indicating no support
|
||||
for Secure EL1 interrupts.
|
||||
|
||||
Function: void plat_ic_set_interrupt_type(unsigned int id, unsigned int type); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the interrupt specified by first parameter ``id`` to the
|
||||
type specified by second parameter ``type``. The ``type`` parameter can be
|
||||
one of:
|
||||
|
||||
- ``INTR_TYPE_NS``: interrupt is meant to be consumed by the Non-secure world.
|
||||
|
||||
- ``INTR_TYPE_S_EL1``: interrupt is meant to be consumed by Secure EL1.
|
||||
|
||||
- ``INTR_TYPE_EL3``: interrupt is meant to be consumed by EL3.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Group Register* and *Group Modifier Register* (only GICv3) to
|
||||
assign the interrupt to the right group.
|
||||
|
||||
For GICv3:
|
||||
|
||||
- ``INTR_TYPE_NS`` maps to Group 1 interrupt.
|
||||
|
||||
- ``INTR_TYPE_S_EL1`` maps to Secure Group 1 interrupt.
|
||||
|
||||
- ``INTR_TYPE_EL3`` maps to Secure Group 0 interrupt.
|
||||
|
||||
For GICv2:
|
||||
|
||||
- ``INTR_TYPE_NS`` maps to Group 1 interrupt.
|
||||
|
||||
- When the build option ``GICV2_G0_FOR_EL3`` is set to ``0`` (the default),
|
||||
``INTR_TYPE_S_EL1`` maps to Group 0. Otherwise, ``INTR_TYPE_EL3`` maps to
|
||||
Group 0 interrupt.
|
||||
|
||||
Function: void plat_ic_raise_el3_sgi(int sgi_num, u_register_t target); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : int
|
||||
Argument : u_register_t
|
||||
Return : void
|
||||
|
||||
This API should raise an EL3 SGI. The first parameter, ``sgi_num``, specifies
|
||||
the ID of the SGI. The second parameter, ``target``, must be the MPIDR of the
|
||||
target PE.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before raising SGI, then writes
|
||||
to appropriate *SGI Register* in order to raise the EL3 SGI.
|
||||
|
||||
Function: void plat_ic_set_spi_routing(unsigned int id, unsigned int routing_mode, u_register_t mpidr); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Argument : u_register_t
|
||||
Return : void
|
||||
|
||||
This API should set the routing mode of Share Peripheral Interrupt (SPI)
|
||||
specified by first parameter ``id`` to that specified by the second parameter
|
||||
``routing_mode``.
|
||||
|
||||
The ``routing_mode`` parameter can be one of:
|
||||
|
||||
- ``INTR_ROUTING_MODE_ANY`` means the interrupt can be routed to any PE in the
|
||||
system. The ``mpidr`` parameter is ignored in this case.
|
||||
|
||||
- ``INTR_ROUTING_MODE_PE`` means the interrupt is routed to the PE whose MPIDR
|
||||
value is specified by the parameter ``mpidr``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Target Register* (GICv2) or *Route Register* (GICv3) to set
|
||||
the routing.
|
||||
|
||||
Function: void plat_ic_set_interrupt_pending(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the interrupt specified by first parameter ``id`` to
|
||||
*Pending*.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before setting interrupt pending,
|
||||
and writes to the GIC *Set Pending Register* to set the interrupt pending
|
||||
status.
|
||||
|
||||
Function: void plat_ic_clear_interrupt_pending(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should clear the *Pending* status of the interrupt specified by first
|
||||
parameter ``id``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Clear Pending Register* to clear the interrupt pending
|
||||
status, and inserts barrier to make memory updates visible afterwards.
|
||||
|
||||
Function: unsigned int plat_ic_set_priority_mask(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API should set the priority mask (first parameter) in the interrupt
|
||||
controller such that only interrupts of higher priority than the supplied one
|
||||
may be signalled to the PE. The API should return the current priority value
|
||||
that it's overwriting.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barriers to order memory updates before updating mask,
|
||||
then writes to the GIC *Priority Mask Register*, and make sure memory updates
|
||||
are visible before potential trigger due to mask update.
|
||||
|
||||
Function: unsigned int plat_ic_deactivate_priority(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API performs the operations of plat_ic_set_priority_mask along with
|
||||
calling the errata workaround gicv3_apply_errata_wa_2384374(). This is
|
||||
performed when priority mask is restored to it's older value. This API returns
|
||||
the current priority value that it's overwriting.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barriers to order memory updates before updating mask, then writes
|
||||
to the GIC *Priority Mask Register*, and make sure memory updates
|
||||
are visible before potential trigger due to mask update, and
|
||||
applies 2384374 GIC errata workaround to process pending interrupt packets.
|
||||
|
||||
.. _plat_ic_get_interrupt_id:
|
||||
|
||||
Function: unsigned int plat_ic_get_interrupt_id(unsigned int raw); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : unsigned int
|
||||
|
||||
This API should extract and return the interrupt number from the raw value
|
||||
obtained by the acknowledging the interrupt (read using
|
||||
``plat_ic_acknowledge_interrupt()``). If the interrupt ID is invalid, this API
|
||||
should return ``INTR_ID_UNAVAILABLE``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
masks out the interrupt ID field from the acknowledged value from GIC.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
346
arm-trusted-firmware.t234/docs/components/ras.rst
Normal file
346
arm-trusted-firmware.t234/docs/components/ras.rst
Normal file
@@ -0,0 +1,346 @@
|
||||
Reliability, Availability, and Serviceability (RAS) Extensions
|
||||
**************************************************************
|
||||
|
||||
This document describes |TF-A| support for Arm Reliability, Availability, and
|
||||
Serviceability (RAS) extensions. RAS is a mandatory extension for Armv8.2 and
|
||||
later CPUs, and also an optional extension to the base Armv8.0 architecture.
|
||||
|
||||
For the description of Arm RAS extensions, Standard Error Records, and the
|
||||
precise definition of RAS terminology, please refer to the Arm Architecture
|
||||
Reference Manual and `RAS Supplement`_. The rest of this document assumes
|
||||
familiarity with architecture and terminology.
|
||||
|
||||
**IMPORTANT NOTE**: TF-A implementation assumes that if RAS extension is present
|
||||
then FEAT_IESB is also implmented.
|
||||
|
||||
There are two philosophies for handling RAS errors from Non-secure world point
|
||||
of view.
|
||||
|
||||
- :ref:`Firmware First Handling (FFH)`
|
||||
- :ref:`Kernel First Handling (KFH)`
|
||||
|
||||
.. _Firmware First Handling (FFH):
|
||||
|
||||
Firmware First Handling (FFH)
|
||||
=============================
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
EA’s and Error interrupts corresponding to NS nodes are handled first in firmware
|
||||
|
||||
- Errors signaled back to NS world via suitable mechanism
|
||||
- Kernel is prohibited from accessing the RAS error records directly
|
||||
- Firmware creates CPER records for kernel to navigate and process
|
||||
- Firmware signals error back to Kernel via SDEI
|
||||
|
||||
Overview
|
||||
--------
|
||||
|
||||
FFH works in conjunction with `Exception Handling Framework`. Exceptions resulting from
|
||||
errors in Non-secure world are routed to and handled in EL3. Said errors are Synchronous
|
||||
External Abort (SEA), Asynchronous External Abort (signalled as SErrors), Fault Handling
|
||||
and Error Recovery interrupts.
|
||||
RAS Framework in TF-A allows the platform to define an external abort handler and to
|
||||
register RAS nodes and interrupts. It also provides `helpers`__ for accessing Standard
|
||||
Error Records as introduced by the RAS extensions
|
||||
|
||||
|
||||
.. __: `Standard Error Record helpers`_
|
||||
|
||||
.. _Kernel First Handling (KFH):
|
||||
|
||||
Kernel First Handling (KFH)
|
||||
===========================
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
EA's originating/attributed to NS world are handled first in NS and Kernel navigates
|
||||
the std error records directly.
|
||||
|
||||
- KFH is the default handling mode if platform does not explicitly enable FFH mode.
|
||||
- KFH mode does not need any EL3 involvement except for the reflection of errors back
|
||||
to lower EL. This happens when there is an error (EA) in the system which is not yet
|
||||
signaled to PE while executing at lower EL. During entry into EL3 the errors (EA) are
|
||||
synchronized causing async EA to pend at EL3.
|
||||
|
||||
Error Syncronization at EL3 entry
|
||||
=================================
|
||||
|
||||
During entry to EL3 from lower EL, if there is any pending async EAs they are either
|
||||
reflected back to lower EL (KFH) or handled in EL3 itself (FFH).
|
||||
|
||||
|Image 1|
|
||||
|
||||
TF-A build options
|
||||
==================
|
||||
|
||||
- **ENABLE_FEAT_RAS**: Enable RAS extension feature at EL3.
|
||||
- **HANDLE_EA_EL3_FIRST_NS**: Required for FFH
|
||||
- **RAS_TRAP_NS_ERR_REC_ACCESS**: Trap Non-secure access of RAS error record registers.
|
||||
- **RAS_EXTENSION**: Deprecated macro, equivalent to ENABLE_FEAT_RAS and
|
||||
HANDLE_EA_EL3_FIRST_NS put together.
|
||||
|
||||
RAS internal macros
|
||||
|
||||
- **FFH_SUPPORT**: Gets enabled if **HANDLE_EA_EL3_FIRST_NS** is enabled.
|
||||
|
||||
RAS feature has dependency on some other TF-A build flags
|
||||
|
||||
- **EL3_EXCEPTION_HANDLING**: Required for FFH
|
||||
- **FAULT_INJECTION_SUPPORT**: Required for testing RAS feature on fvp platform
|
||||
|
||||
TF-A Tests
|
||||
==========
|
||||
|
||||
RAS functionality is regularly tested in TF-A CI using `RAS test group`_ which has multiple
|
||||
configurations for testing lower EL External aborts.
|
||||
|
||||
All the tests are written in TF-A tests which runs as NS-EL2 payload.
|
||||
|
||||
- **FFH without RAS extension**
|
||||
|
||||
*fvp-ea-ffh,fvp-ea-ffh:fvp-tftf-fip.tftf-aemv8a-debug*
|
||||
|
||||
Couple of tests, one each for sync EA and async EA from lower EL which gets handled in El3.
|
||||
Inject External aborts(sync/async) which traps in EL3, FVP has a handler which gracefully
|
||||
handles these errors and returns back to TF-A Tests
|
||||
|
||||
Build Configs : **HANDLE_EA_EL3_FIRST_NS** , **PLATFORM_TEST_EA_FFH**
|
||||
|
||||
- **FFH with RAS extension**
|
||||
|
||||
Three Tests :
|
||||
|
||||
- *fvp-ras-ffh,fvp-single-fault:fvp-tftf-fip.tftf-aemv8a.fi-debug*
|
||||
|
||||
Inject an unrecoverable RAS error, which gets handled in EL3.
|
||||
|
||||
- *fvp-ras-ffh,fvp-uncontainable:fvp-tftf.fault-fip.tftf-aemv8a.fi-debug*
|
||||
|
||||
Inject uncontainable RAS errors which causes platform to panic.
|
||||
|
||||
- *fvp-ras-ffh,fvp-ras-ffh-nested:fvp-tftf-fip.tftf-ras_ffh_nested-aemv8a.fi-debug*
|
||||
|
||||
Test nested exception handling at El3 for synchronized async EAs. Inject an SError in lower EL
|
||||
which remain pending until we enter EL3 through SMC call. At EL3 entry on encountering a pending
|
||||
async EA it will handle the async EA first (nested exception) before handling the original SMC call.
|
||||
|
||||
- **KFH with RAS extension**
|
||||
|
||||
Couple of tests in the group :
|
||||
|
||||
- *fvp-ras-kfh,fvp-ras-kfh:fvp-tftf-fip.tftf-aemv8a.fi-debug*
|
||||
|
||||
Inject and handle RAS errors in TF-A tests (no El3 involvement)
|
||||
|
||||
- *fvp-ras-kfh,fvp-ras-kfh-reflect:fvp-tftf-fip.tftf-ras_kfh_reflection-aemv8a.fi-debug*
|
||||
|
||||
Reflection of synchronized errors from EL3 to TF-A tests, two tests one each for reflecting
|
||||
in IRQ and SMC path.
|
||||
|
||||
RAS Framework
|
||||
=============
|
||||
|
||||
|
||||
.. _ras-figure:
|
||||
|
||||
.. image:: ../resources/diagrams/draw.io/ras.svg
|
||||
|
||||
Platform APIs
|
||||
-------------
|
||||
|
||||
The RAS framework allows the platform to define handlers for External Abort,
|
||||
Uncontainable Errors, Double Fault, and errors rising from EL3 execution. Please
|
||||
refer to :ref:`RAS Porting Guide <External Abort handling and RAS Support>`.
|
||||
|
||||
Registering RAS error records
|
||||
-----------------------------
|
||||
|
||||
RAS nodes are components in the system capable of signalling errors to PEs
|
||||
through one one of the notification mechanisms—SEAs, SErrors, or interrupts. RAS
|
||||
nodes contain one or more error records, which are registers through which the
|
||||
nodes advertise various properties of the signalled error. Arm recommends that
|
||||
error records are implemented in the Standard Error Record format. The RAS
|
||||
architecture allows for error records to be accessible via system or
|
||||
memory-mapped registers.
|
||||
|
||||
The platform should enumerate the error records providing for each of them:
|
||||
|
||||
- A handler to probe error records for errors;
|
||||
- When the probing identifies an error, a handler to handle it;
|
||||
- For memory-mapped error record, its base address and size in KB; for a system
|
||||
register-accessed record, the start index of the record and number of
|
||||
continuous records from that index;
|
||||
- Any node-specific auxiliary data.
|
||||
|
||||
With this information supplied, when the run time firmware receives one of the
|
||||
notification mechanisms, the RAS framework can iterate through and probe error
|
||||
records for error, and invoke the appropriate handler to handle it.
|
||||
|
||||
The RAS framework provides the macros to populate error record information. The
|
||||
macros are versioned, and the latest version as of this writing is 1. These
|
||||
macros create a structure of type ``struct err_record_info`` from its arguments,
|
||||
which are later passed to probe and error handlers.
|
||||
|
||||
For memory-mapped error records:
|
||||
|
||||
.. code:: c
|
||||
|
||||
ERR_RECORD_MEMMAP_V1(base_addr, size_num_k, probe, handler, aux)
|
||||
|
||||
And, for system register ones:
|
||||
|
||||
.. code:: c
|
||||
|
||||
ERR_RECORD_SYSREG_V1(idx_start, num_idx, probe, handler, aux)
|
||||
|
||||
The probe handler must have the following prototype:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*err_record_probe_t)(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
The probe handler must return a non-zero value if an error was detected, or 0
|
||||
otherwise. The ``probe_data`` output parameter can be used to pass any useful
|
||||
information resulting from probe to the error handler (see `below`__). For
|
||||
example, it could return the index of the record.
|
||||
|
||||
.. __: `Standard Error Record helpers`_
|
||||
|
||||
The error handler must have the following prototype:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*err_record_handler_t)(const struct err_record_info *info,
|
||||
int probe_data, const struct err_handler_data *const data);
|
||||
|
||||
The ``data`` constant parameter describes the various properties of the error,
|
||||
including the reason for the error, exception syndrome, and also ``flags``,
|
||||
``cookie``, and ``handle`` parameters from the :ref:`top-level exception handler
|
||||
<EL3 interrupts>`.
|
||||
|
||||
The platform is expected populate an array using the macros above, and register
|
||||
the it with the RAS framework using the macro ``REGISTER_ERR_RECORD_INFO()``,
|
||||
passing it the name of the array describing the records. Note that the macro
|
||||
must be used in the same file where the array is defined.
|
||||
|
||||
Standard Error Record helpers
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The |TF-A| RAS framework provides probe handlers for Standard Error Records, for
|
||||
both memory-mapped and System Register accesses:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int ras_err_ser_probe_memmap(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
int ras_err_ser_probe_sysreg(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
When the platform enumerates error records, for those records in the Standard
|
||||
Error Record format, these helpers maybe used instead of rolling out their own.
|
||||
Both helpers above:
|
||||
|
||||
- Return non-zero value when an error is detected in a Standard Error Record;
|
||||
- Set ``probe_data`` to the index of the error record upon detecting an error.
|
||||
|
||||
Registering RAS interrupts
|
||||
--------------------------
|
||||
|
||||
RAS nodes can signal errors to the PE by raising Fault Handling and/or Error
|
||||
Recovery interrupts. For the firmware-first handling paradigm for interrupts to
|
||||
work, the platform must setup and register with |EHF|. See `Interaction with
|
||||
Exception Handling Framework`_.
|
||||
|
||||
For each RAS interrupt, the platform has to provide structure of type ``struct
|
||||
ras_interrupt``:
|
||||
|
||||
- Interrupt number;
|
||||
- The associated error record information (pointer to the corresponding
|
||||
``struct err_record_info``);
|
||||
- Optionally, a cookie.
|
||||
|
||||
The platform is expected to define an array of ``struct ras_interrupt``, and
|
||||
register it with the RAS framework using the macro
|
||||
``REGISTER_RAS_INTERRUPTS()``, passing it the name of the array. Note that the
|
||||
macro must be used in the same file where the array is defined.
|
||||
|
||||
The array of ``struct ras_interrupt`` must be sorted in the increasing order of
|
||||
interrupt number. This allows for fast look of handlers in order to service RAS
|
||||
interrupts.
|
||||
|
||||
Double-fault handling
|
||||
---------------------
|
||||
|
||||
A Double Fault condition arises when an error is signalled to the PE while
|
||||
handling of a previously signalled error is still underway. When a Double Fault
|
||||
condition arises, the Arm RAS extensions only require for handler to perform
|
||||
orderly shutdown of the system, as recovery may be impossible.
|
||||
|
||||
The RAS extensions part of Armv8.4 introduced new architectural features to deal
|
||||
with Double Fault conditions, specifically, the introduction of ``NMEA`` and
|
||||
``EASE`` bits to ``SCR_EL3`` register. These were introduced to assist EL3
|
||||
software which runs part of its entry/exit routines with exceptions momentarily
|
||||
masked—meaning, in such systems, External Aborts/SErrors are not immediately
|
||||
handled when they occur, but only after the exceptions are unmasked again.
|
||||
|
||||
|TF-A|, for legacy reasons, executes entire EL3 with all exceptions unmasked.
|
||||
This means that all exceptions routed to EL3 are handled immediately. |TF-A|
|
||||
thus is able to detect a Double Fault conditions in software, without needing
|
||||
the intended advantages of Armv8.4 Double Fault architecture extensions.
|
||||
|
||||
Double faults are fatal, and terminate at the platform double fault handler, and
|
||||
doesn't return.
|
||||
|
||||
Engaging the RAS framework
|
||||
--------------------------
|
||||
|
||||
Enabling RAS support is a platform choice
|
||||
|
||||
The RAS support in |TF-A| introduces a default implementation of
|
||||
``plat_ea_handler``, the External Abort handler in EL3. When ``ENABLE_FEAT_RAS``
|
||||
is set to ``1``, it'll first call ``ras_ea_handler()`` function, which is the
|
||||
top-level RAS exception handler. ``ras_ea_handler`` is responsible for iterating
|
||||
to through platform-supplied error records, probe them, and when an error is
|
||||
identified, look up and invoke the corresponding error handler.
|
||||
|
||||
Note that, if the platform chooses to override the ``plat_ea_handler`` function
|
||||
and intend to use the RAS framework, it must explicitly call
|
||||
``ras_ea_handler()`` from within.
|
||||
|
||||
Similarly, for RAS interrupts, the framework defines
|
||||
``ras_interrupt_handler()``. The RAS framework arranges for it to be invoked
|
||||
when a RAS interrupt taken at EL3. The function bisects the platform-supplied
|
||||
sorted array of interrupts to look up the error record information associated
|
||||
with the interrupt number. That error handler for that record is then invoked to
|
||||
handle the error.
|
||||
|
||||
Interaction with Exception Handling Framework
|
||||
---------------------------------------------
|
||||
|
||||
As mentioned in earlier sections, RAS framework interacts with the |EHF| to
|
||||
arbitrate handling of RAS exceptions with others that are routed to EL3. This
|
||||
means that the platform must partition a :ref:`priority level <Partitioning
|
||||
priority levels>` for handling RAS exceptions. The platform must then define
|
||||
the macro ``PLAT_RAS_PRI`` to the priority level used for RAS exceptions.
|
||||
Platforms would typically want to allocate the highest secure priority for
|
||||
RAS handling.
|
||||
|
||||
Handling of both :ref:`interrupt <interrupt-flow>` and :ref:`non-interrupt
|
||||
<non-interrupt-flow>` exceptions follow the sequences outlined in the |EHF|
|
||||
documentation. I.e., for interrupts, the priority management is implicit; but
|
||||
for non-interrupt exceptions, they're explicit using :ref:`EHF APIs
|
||||
<Activating and Deactivating priorities>`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _RAS Supplement: https://developer.arm.com/documentation/ddi0587/latest
|
||||
.. _RAS Test group: https://git.trustedfirmware.org/ci/tf-a-ci-scripts.git/tree/group/tf-l3-boot-tests-ras?h=refs/heads/master
|
||||
|
||||
.. |Image 1| image:: ../resources/diagrams/bl31-exception-entry-error-synchronization.png
|
||||
@@ -0,0 +1,420 @@
|
||||
|
||||
Realm Management Extension (RME)
|
||||
====================================
|
||||
|
||||
FEAT_RME (or RME for short) is an Armv9-A extension and is one component of the
|
||||
`Arm Confidential Compute Architecture (Arm CCA)`_. TF-A supports RME starting
|
||||
from version 2.6. This chapter discusses the changes to TF-A to support RME and
|
||||
provides instructions on how to build and run TF-A with RME.
|
||||
|
||||
RME support in TF-A
|
||||
---------------------
|
||||
|
||||
The following diagram shows an Arm CCA software architecture with TF-A as the
|
||||
EL3 firmware. In the Arm CCA architecture there are two additional security
|
||||
states and address spaces: ``Root`` and ``Realm``. TF-A firmware runs in the
|
||||
Root world. In the realm world, a Realm Management Monitor firmware (`RMM`_)
|
||||
manages the execution of Realm VMs and their interaction with the hypervisor.
|
||||
|
||||
.. image:: ../resources/diagrams/arm-cca-software-arch.png
|
||||
|
||||
RME is the hardware extension to support Arm CCA. To support RME, various
|
||||
changes have been introduced to TF-A. We discuss those changes below.
|
||||
|
||||
Changes to translation tables library
|
||||
***************************************
|
||||
RME adds Root and Realm Physical address spaces. To support this, two new
|
||||
memory type macros, ``MT_ROOT`` and ``MT_REALM``, have been added to the
|
||||
:ref:`Translation (XLAT) Tables Library`. These macros are used to configure
|
||||
memory regions as Root or Realm respectively.
|
||||
|
||||
.. note::
|
||||
|
||||
Only version 2 of the translation tables library supports the new memory
|
||||
types.
|
||||
|
||||
Changes to context management
|
||||
*******************************
|
||||
A new CPU context for the Realm world has been added. The existing
|
||||
:ref:`CPU context management API<PSCI Library Integration guide for Armv8-A
|
||||
AArch32 systems>` can be used to manage Realm context.
|
||||
|
||||
Boot flow changes
|
||||
*******************
|
||||
In a typical TF-A boot flow, BL2 runs at Secure-EL1. However when RME is
|
||||
enabled, TF-A runs in the Root world at EL3. Therefore, the boot flow is
|
||||
modified to run BL2 at EL3 when RME is enabled. In addition to this, a
|
||||
Realm-world firmware (`RMM`_) is loaded by BL2 in the Realm physical address
|
||||
space.
|
||||
|
||||
The boot flow when RME is enabled looks like the following:
|
||||
|
||||
1. BL1 loads and executes BL2 at EL3
|
||||
2. BL2 loads images including RMM
|
||||
3. BL2 transfers control to BL31
|
||||
4. BL31 initializes SPM (if SPM is enabled)
|
||||
5. BL31 initializes RMM
|
||||
6. BL31 transfers control to Normal-world software
|
||||
|
||||
Granule Protection Tables (GPT) library
|
||||
*****************************************
|
||||
Isolation between the four physical address spaces is enforced by a process
|
||||
called Granule Protection Check (GPC) performed by the MMU downstream any
|
||||
address translation. GPC makes use of Granule Protection Table (GPT) in the
|
||||
Root world that describes the physical address space assignment of every
|
||||
page (granule). A GPT library that provides APIs to initialize GPTs and to
|
||||
transition granules between different physical address spaces has been added.
|
||||
More information about the GPT library can be found in the
|
||||
:ref:`Granule Protection Tables Library` chapter.
|
||||
|
||||
RMM Dispatcher (RMMD)
|
||||
************************
|
||||
RMMD is a new standard runtime service that handles the switch to the Realm
|
||||
world. It initializes the `RMM`_ and handles Realm Management Interface (RMI)
|
||||
SMC calls from Non-secure.
|
||||
|
||||
There is a contract between `RMM`_ and RMMD that defines the arguments that the
|
||||
former needs to take in order to initialize and also the possible return values.
|
||||
This contract is defined in the `RMM`_ Boot Interface, which can be found at
|
||||
:ref:`rmm_el3_boot_interface`.
|
||||
|
||||
There is also a specification of the runtime services provided by TF-A
|
||||
to `RMM`_. This can be found at :ref:`runtime_services_and_interface`.
|
||||
|
||||
Test Realm Payload (TRP)
|
||||
*************************
|
||||
TRP is a small test payload that runs at R-EL2 and implements a subset of
|
||||
the Realm Management Interface (RMI) commands to primarily test EL3 firmware
|
||||
and the interface between R-EL2 and EL3. When building TF-A with RME enabled,
|
||||
if the path to an RMM image is not provided, TF-A builds the TRP by default
|
||||
and uses it as the R-EL2 payload.
|
||||
|
||||
Building and running TF-A with RME
|
||||
----------------------------------
|
||||
|
||||
This section describes how you can build and run TF-A with RME enabled.
|
||||
We assume you have read the :ref:`Prerequisites` to build TF-A.
|
||||
|
||||
The following instructions show you how to build and run TF-A with RME
|
||||
on FVP for two scenarios:
|
||||
|
||||
- Three-world execution: This is the configuration to use if Secure
|
||||
world functionality is not needed. TF-A is tested with the following
|
||||
software entities in each world as listed below:
|
||||
|
||||
- NS Host (RME capable Linux or TF-A Tests),
|
||||
- Root (TF-A)
|
||||
- R-EL2 (`RMM`_ or TRP)
|
||||
|
||||
- Four-world execution: This is the configuration to use if both Secure
|
||||
and Realm world functionality is needed. TF-A is tested with the following
|
||||
software entities in each world as listed below:
|
||||
|
||||
- NS Host (RME capable Linux or TF-A Tests),
|
||||
- Root (TF-A)
|
||||
- R-EL2 (`RMM`_ or TRP)
|
||||
- S-EL2 (Hafnium SPM)
|
||||
|
||||
To run the tests, you need an FVP model. Please use the :ref:`latest version
|
||||
<Arm Fixed Virtual Platforms (FVP)>` of *FVP_Base_RevC-2xAEMvA* model. If NS
|
||||
Host is Linux, then the below instructions assume that a suitable RME enabled
|
||||
kernel image and associated root filesystem are available.
|
||||
|
||||
Three-world execution
|
||||
*********************
|
||||
|
||||
**1. Clone and build RMM Image**
|
||||
|
||||
Please refer to the `RMM Getting Started`_ on how to setup
|
||||
Host Environment and build `RMM`_. The build commands assume that
|
||||
an AArch64 toolchain and CMake executable are available in the
|
||||
shell PATH variable and CROSS_COMPILE variable has been setup
|
||||
appropriately.
|
||||
|
||||
To clone `RMM`_ and build using the default build options for FVP:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone --recursive https://git.trustedfirmware.org/TF-RMM/tf-rmm.git
|
||||
cd tf-rmm
|
||||
cmake -DRMM_CONFIG=fvp_defcfg -S . -B build
|
||||
cmake --build build
|
||||
|
||||
This will generate **rmm.img** in **build/Release** folder.
|
||||
|
||||
**2. Clone and build TF-A Tests with Realm Payload**
|
||||
|
||||
This step is only needed if NS Host is TF-A Tests. The full set
|
||||
of instructions to setup build host and build options for
|
||||
TF-A-Tests can be found in the `TFTF Getting Started`_. TF-A Tests
|
||||
can test Realm world with either `RMM`_ or TRP in R-EL2. In the TRP case,
|
||||
some tests which are not applicable will be skipped.
|
||||
|
||||
Use the following instructions to build TF-A with `TF-A Tests`_ as the
|
||||
non-secure payload (BL33).
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git
|
||||
cd tf-a-tests
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 ENABLE_REALM_PAYLOAD_TESTS=1 all
|
||||
|
||||
This produces a TF-A Tests binary (**tftf.bin**) with Realm payload packaged
|
||||
and **sp_layout.json** in the **build/fvp/debug** directory.
|
||||
|
||||
|
||||
**3. Build RME Enabled TF-A**
|
||||
|
||||
The `TF-A Getting Started`_ has the necessary instructions to setup Host
|
||||
machine and build TF-A.
|
||||
|
||||
To build for RME, set ``ENABLE_RME`` build option to 1 and provide the path to
|
||||
the `RMM`_ binary ``rmm.img`` using ``RMM`` build option.
|
||||
|
||||
.. note::
|
||||
|
||||
ENABLE_RME build option is currently experimental.
|
||||
|
||||
.. note::
|
||||
|
||||
If the ``RMM`` option is not specified, TF-A builds the TRP to load and
|
||||
run at R-EL2.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
|
||||
cd trusted-firmware-a
|
||||
make CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
ENABLE_RME=1 \
|
||||
RMM=<path/to/rmm.img> \
|
||||
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
|
||||
DEBUG=1 \
|
||||
BL33=<path/to/bl33> \
|
||||
all fip
|
||||
|
||||
``BL33`` can point to a Non Secure Bootloader like UEFI/U-Boot or
|
||||
the TF-A Tests binary(**tftf.bin**) from the previous step.
|
||||
|
||||
This produces **bl1.bin** and **fip.bin** binaries in the **build/fvp/debug**
|
||||
directory.
|
||||
|
||||
TF-A can also directly boot Linux kernel on the FVP. The kernel needs to be
|
||||
`preloaded` to a suitable memory location and this needs to be specified via
|
||||
``PRELOADED_BL33_BASE`` build option. Also TF-A should implement the Linux
|
||||
kernel register conventions for boot and this can be set using the
|
||||
``ARM_LINUX_KERNEL_AS_BL33`` option.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
cd trusted-firmware-a
|
||||
make CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
ENABLE_RME=1 \
|
||||
RMM=<path/to/rmm.img> \
|
||||
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
|
||||
DEBUG=1 \
|
||||
ARM_LINUX_KERNEL_AS_BL33=1 \
|
||||
PRELOADED_BL33_BASE=0x84000000 \
|
||||
all fip
|
||||
|
||||
The above command assumes that the Linux kernel will be placed in FVP
|
||||
memory at 0x84000000 via suitable FVP option (see the next step).
|
||||
|
||||
.. _fvp_3_world_cmd:
|
||||
|
||||
**4. Running FVP for 3 world setup**
|
||||
|
||||
Use the following command to run the tests on FVP.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
FVP_Base_RevC-2xAEMvA \
|
||||
-C bp.refcounter.non_arch_start_at_default=1 \
|
||||
-C bp.secureflashloader.fname=<path/to/bl1.bin> \
|
||||
-C bp.flashloader0.fname=<path/to/fip.bin> \
|
||||
-C bp.refcounter.use_real_time=0 \
|
||||
-C bp.ve_sysregs.exit_on_shutdown=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.dram_size=4 \
|
||||
-C bp.secure_memory=0 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_ROOT_IDR0=3 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_ROOT_IIDR=0x43B \
|
||||
-C pci.pci_smmuv3.mmu.root_register_page_offset=0x20000 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster0.PA_SIZE=48 \
|
||||
-C cluster0.ecv_support_level=2 \
|
||||
-C cluster0.gicv3.cpuintf-mmap-access-level=2 \
|
||||
-C cluster0.gicv3.without-DS-support=1 \
|
||||
-C cluster0.gicv4.mask-virtual-interrupt=1 \
|
||||
-C cluster0.has_arm_v8-6=1 \
|
||||
-C cluster0.has_amu=1 \
|
||||
-C cluster0.has_branch_target_exception=1 \
|
||||
-C cluster0.rme_support_level=2 \
|
||||
-C cluster0.has_rndr=1 \
|
||||
-C cluster0.has_v8_7_pmu_extension=2 \
|
||||
-C cluster0.max_32bit_el=-1 \
|
||||
-C cluster0.stage12_tlb_size=1024 \
|
||||
-C cluster0.check_memory_attributes=0 \
|
||||
-C cluster0.ish_is_osh=1 \
|
||||
-C cluster0.restriction_on_speculative_execution=2 \
|
||||
-C cluster0.restriction_on_speculative_execution_aarch32=2 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cluster1.PA_SIZE=48 \
|
||||
-C cluster1.ecv_support_level=2 \
|
||||
-C cluster1.gicv3.cpuintf-mmap-access-level=2 \
|
||||
-C cluster1.gicv3.without-DS-support=1 \
|
||||
-C cluster1.gicv4.mask-virtual-interrupt=1 \
|
||||
-C cluster1.has_arm_v8-6=1 \
|
||||
-C cluster1.has_amu=1 \
|
||||
-C cluster1.has_branch_target_exception=1 \
|
||||
-C cluster1.rme_support_level=2 \
|
||||
-C cluster1.has_rndr=1 \
|
||||
-C cluster1.has_v8_7_pmu_extension=2 \
|
||||
-C cluster1.max_32bit_el=-1 \
|
||||
-C cluster1.stage12_tlb_size=1024 \
|
||||
-C cluster1.check_memory_attributes=0 \
|
||||
-C cluster1.ish_is_osh=1 \
|
||||
-C cluster1.restriction_on_speculative_execution=2 \
|
||||
-C cluster1.restriction_on_speculative_execution_aarch32=2 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.smsc_91c111.enabled=1 \
|
||||
-C bp.hostbridge.userNetworking=1 \
|
||||
-C bp.virtioblockdevice.image_path=<path/to/rootfs.ext4>
|
||||
|
||||
The ``bp.virtioblockdevice.image_path`` option presents the rootfs as a
|
||||
virtio block device to Linux kernel. It can be ignored if NS Host is
|
||||
TF-A-Tests or rootfs is accessed by some other mechanism.
|
||||
|
||||
If TF-A was built to expect a preloaded Linux kernel, then use the following
|
||||
FVP argument to load the kernel image at the expected address.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
--data cluster0.cpu0=<path_to_kernel_Image>@0x84000000 \
|
||||
|
||||
|
||||
.. tip::
|
||||
Tips to boot and run Linux faster on the FVP :
|
||||
1. Set the FVP option ``cache_state_modelled`` to 0.
|
||||
2. Disable the CPU Idle driver in Linux either by setting the kernel command line
|
||||
parameter "cpuidle.off=1" or by disabling the ``CONFIG_CPU_IDLE`` kernel config.
|
||||
|
||||
If the NS Host is TF-A-Tests, then the default test suite in TFTF
|
||||
will execute on the FVP and this includes Realm world tests. The
|
||||
tail of the output from *uart0* should look something like the following.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
...
|
||||
|
||||
> Test suite 'FF-A Interrupt'
|
||||
Passed
|
||||
> Test suite 'SMMUv3 tests'
|
||||
Passed
|
||||
> Test suite 'PMU Leakage'
|
||||
Passed
|
||||
> Test suite 'DebugFS'
|
||||
Passed
|
||||
> Test suite 'RMI and SPM tests'
|
||||
Passed
|
||||
> Test suite 'Realm payload at EL1'
|
||||
Passed
|
||||
> Test suite 'Invalid memory access'
|
||||
Passed
|
||||
...
|
||||
|
||||
Four-world execution
|
||||
********************
|
||||
|
||||
Four-world execution involves software components in each security state: root,
|
||||
secure, realm and non-secure. This section describes how to build TF-A
|
||||
with four-world support.
|
||||
|
||||
We use TF-A as the root firmware, `Hafnium SPM`_ is the reference Secure world
|
||||
component running at S-EL2. `RMM`_ can be built as described in previous
|
||||
section. The examples below assume TF-A-Tests as the NS Host and utilize SPs
|
||||
from TF-A-Tests.
|
||||
|
||||
**1. Obtain and build Hafnium SPM**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone --recurse-submodules https://git.trustedfirmware.org/hafnium/hafnium.git
|
||||
cd hafnium
|
||||
# Use the default prebuilt LLVM/clang toolchain
|
||||
PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH
|
||||
|
||||
Feature MTE needs to be disabled in Hafnium build, apply following patch to
|
||||
project/reference submodule
|
||||
|
||||
.. code:: diff
|
||||
|
||||
diff --git a/BUILD.gn b/BUILD.gn
|
||||
index cc6a78f..234b20a 100644
|
||||
--- a/BUILD.gn
|
||||
+++ b/BUILD.gn
|
||||
@@ -83,7 +83,6 @@ aarch64_toolchains("secure_aem_v8a_fvp") {
|
||||
pl011_base_address = "0x1c090000"
|
||||
smmu_base_address = "0x2b400000"
|
||||
smmu_memory_size = "0x100000"
|
||||
- enable_mte = "1"
|
||||
plat_log_level = "LOG_LEVEL_INFO"
|
||||
}
|
||||
}
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PROJECT=reference
|
||||
|
||||
The Hafnium binary should be located at
|
||||
*out/reference/secure_aem_v8a_fvp_clang/hafnium.bin*
|
||||
|
||||
**2. Build RME enabled TF-A with SPM**
|
||||
|
||||
Build TF-A with RME as well as SPM enabled.
|
||||
|
||||
Use the ``sp_layout.json`` previously generated in TF-A Tests
|
||||
build to run SP tests.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
ENABLE_RME=1 \
|
||||
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
|
||||
SPD=spmd \
|
||||
BRANCH_PROTECTION=1 \
|
||||
CTX_INCLUDE_PAUTH_REGS=1 \
|
||||
DEBUG=1 \
|
||||
SP_LAYOUT_FILE=<path/to/sp_layout.json> \
|
||||
BL32=<path/to/hafnium.bin> \
|
||||
BL33=<path/to/tftf.bin> \
|
||||
RMM=<path/to/rmm.img> \
|
||||
all fip
|
||||
|
||||
**3. Running the FVP for a 4 world setup**
|
||||
|
||||
Use the following arguments in addition to the FVP options mentioned in
|
||||
:ref:`4. Running FVP for 3 world setup <fvp_3_world_cmd>` to run tests for
|
||||
4 world setup.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
-C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0
|
||||
|
||||
.. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture
|
||||
.. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
|
||||
.. _TF-A Getting Started: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/index.html
|
||||
.. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest
|
||||
.. _TFTF Getting Started: https://trustedfirmware-a-tests.readthedocs.io/en/latest/getting_started/index.html
|
||||
.. _Hafnium SPM: https://www.trustedfirmware.org/projects/hafnium
|
||||
.. _RMM Getting Started: https://tf-rmm.readthedocs.io/en/latest/getting_started/index.html
|
||||
.. _RMM: https://www.trustedfirmware.org/projects/tf-rmm/
|
||||
874
arm-trusted-firmware.t234/docs/components/rmm-el3-comms-spec.rst
Normal file
874
arm-trusted-firmware.t234/docs/components/rmm-el3-comms-spec.rst
Normal file
@@ -0,0 +1,874 @@
|
||||
RMM-EL3 Communication interface
|
||||
*******************************
|
||||
|
||||
This document defines the communication interface between RMM and EL3.
|
||||
There are two parts in this interface: the boot interface and the runtime
|
||||
interface.
|
||||
|
||||
The Boot Interface defines the ABI between EL3 and RMM when the CPU enters
|
||||
R-EL2 for the first time after boot. The cold boot interface defines the ABI
|
||||
for the cold boot path and the warm boot interface defines the same for the
|
||||
warm path.
|
||||
|
||||
The RMM-EL3 runtime interface defines the ABI for EL3 services which can be
|
||||
invoked by RMM as well as the register save-restore convention when handling an
|
||||
SMC call from NS.
|
||||
|
||||
The below sections discuss these interfaces more in detail.
|
||||
|
||||
.. _rmm_el3_ifc_versioning:
|
||||
|
||||
RMM-EL3 Interface versioning
|
||||
____________________________
|
||||
|
||||
The RMM Boot and Runtime Interface uses a version number to check
|
||||
compatibility with the register arguments passed as part of Boot Interface and
|
||||
RMM-EL3 runtime interface.
|
||||
|
||||
The Boot Manifest, discussed later in section :ref:`rmm_el3_boot_manifest`,
|
||||
uses a separate version number but with the same scheme.
|
||||
|
||||
The version number is a 32-bit type with the following fields:
|
||||
|
||||
.. csv-table::
|
||||
:header: "Bits", "Value"
|
||||
|
||||
[0:15],``VERSION_MINOR``
|
||||
[16:30],``VERSION_MAJOR``
|
||||
[31],RES0
|
||||
|
||||
The version numbers are sequentially increased and the rules for updating them
|
||||
are explained below:
|
||||
|
||||
- ``VERSION_MAJOR``: This value is increased when changes break
|
||||
compatibility with previous versions. If the changes
|
||||
on the ABI are compatible with the previous one, ``VERSION_MAJOR``
|
||||
remains unchanged.
|
||||
|
||||
- ``VERSION_MINOR``: This value is increased on any change that is backwards
|
||||
compatible with the previous version. When ``VERSION_MAJOR`` is increased,
|
||||
``VERSION_MINOR`` must be set to 0.
|
||||
|
||||
- ``RES0``: Bit 31 of the version number is reserved 0 as to maintain
|
||||
consistency with the versioning schemes used in other parts of RMM.
|
||||
|
||||
This document specifies the 0.4 version of Boot Interface ABI and RMM-EL3
|
||||
services specification and the 0.3 version of the Boot Manifest.
|
||||
|
||||
.. _rmm_el3_boot_interface:
|
||||
|
||||
RMM Boot Interface
|
||||
__________________
|
||||
|
||||
This section deals with the Boot Interface part of the specification.
|
||||
|
||||
One of the goals of the Boot Interface is to allow EL3 firmware to pass
|
||||
down into RMM certain platform specific information dynamically. This allows
|
||||
RMM to be less platform dependent and be more generic across platform
|
||||
variations. It also allows RMM to be decoupled from the other boot loader
|
||||
images in the boot sequence and remain agnostic of any particular format used
|
||||
for configuration files.
|
||||
|
||||
The Boot Interface ABI defines a set of register conventions and
|
||||
also a memory based manifest file to pass information from EL3 to RMM. The
|
||||
Boot Manifest and the associated platform data in it can be dynamically created
|
||||
by EL3 and there is no restriction on how the data can be obtained (e.g by DTB,
|
||||
hoblist or other).
|
||||
|
||||
The register convention and the manifest are versioned separately to manage
|
||||
future enhancements and compatibility.
|
||||
|
||||
RMM completes the boot by issuing the ``RMM_BOOT_COMPLETE`` SMC (0xC40001CF)
|
||||
back to EL3. After the RMM has finished the boot process, it can only be
|
||||
entered from EL3 as part of RMI handling.
|
||||
|
||||
If RMM returns an error during boot (in any CPU), then RMM must not be entered
|
||||
from any CPU.
|
||||
|
||||
.. _rmm_cold_boot_interface:
|
||||
|
||||
Cold Boot Interface
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
During cold boot RMM expects the following register values:
|
||||
|
||||
.. csv-table::
|
||||
:header: "Register", "Value"
|
||||
:widths: 1, 5
|
||||
|
||||
x0,Linear index of this PE. This index starts from 0 and must be less than the maximum number of CPUs to be supported at runtime (see x2).
|
||||
x1,Version for this Boot Interface as defined in :ref:`rmm_el3_ifc_versioning`.
|
||||
x2,Maximum number of CPUs to be supported at runtime. RMM should ensure that it can support this maximum number.
|
||||
x3,Base address for the shared buffer used for communication between EL3 firmware and RMM. This buffer must be of 4KB size (1 page). The Boot Manifest must be present at the base of this shared buffer during cold boot.
|
||||
|
||||
During cold boot, EL3 firmware needs to allocate a 4KB page that will be
|
||||
passed to RMM in x3. This memory will be used as shared buffer for communication
|
||||
between EL3 and RMM. It must be assigned to Realm world and must be mapped with
|
||||
Normal memory attributes (IWB-OWB-ISH) at EL3. At boot, this memory will be
|
||||
used to populate the Boot Manifest. Since the Boot Manifest can be accessed by
|
||||
RMM prior to enabling its MMU, EL3 must ensure that proper cache maintenance
|
||||
operations are performed after the Boot Manifest is populated.
|
||||
|
||||
EL3 should also ensure that this shared buffer is always available for use by RMM
|
||||
during the lifetime of the system and that it can be used for runtime
|
||||
communication between RMM and EL3. For example, when RMM invokes attestation
|
||||
service commands in EL3, this buffer can be used to exchange data between RMM
|
||||
and EL3. It is also allowed for RMM to invoke runtime services provided by EL3
|
||||
utilizing this buffer during the boot phase, prior to return back to EL3 via
|
||||
RMM_BOOT_COMPLETE SMC.
|
||||
|
||||
RMM should map this memory page into its Stage 1 page-tables using Normal
|
||||
memory attributes.
|
||||
|
||||
During runtime, it is the RMM which initiates any communication with EL3. If that
|
||||
communication requires the use of the shared area, it is expected that RMM needs
|
||||
to do the necessary concurrency protection to prevent the use of the same buffer
|
||||
by other PEs.
|
||||
|
||||
The following sequence diagram shows how a generic EL3 Firmware would boot RMM.
|
||||
|
||||
.. image:: ../resources/diagrams/rmm_cold_boot_generic.png
|
||||
|
||||
Warm Boot Interface
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
At warm boot, RMM is already initialized and only some per-CPU initialization
|
||||
is still pending. The only argument that is required by RMM at this stage is
|
||||
the CPU Id, which will be passed through register x0 whilst x1 to x3 are RES0.
|
||||
This is summarized in the following table:
|
||||
|
||||
.. csv-table::
|
||||
:header: "Register", "Value"
|
||||
:widths: 1, 5
|
||||
|
||||
x0,Linear index of this PE. This index starts from 0 and must be less than the maximum number of CPUs to be supported at runtime (see x2).
|
||||
x1 - x3,RES0
|
||||
|
||||
Boot error handling and return values
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
After boot up and initialization, RMM returns control back to EL3 through a
|
||||
``RMM_BOOT_COMPLETE`` SMC call. The only argument of this SMC call will
|
||||
be returned in x1 and it will encode a signed integer with the error reason
|
||||
as per the following table:
|
||||
|
||||
.. csv-table::
|
||||
:header: "Error code", "Description", "ID"
|
||||
:widths: 2 4 1
|
||||
|
||||
``E_RMM_BOOT_SUCCESS``,Boot successful,0
|
||||
``E_RMM_BOOT_ERR_UNKNOWN``,Unknown error,-1
|
||||
``E_RMM_BOOT_VERSION_NOT_VALID``,Boot Interface version reported by EL3 is not supported by RMM,-2
|
||||
``E_RMM_BOOT_CPUS_OUT_OF_RANGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3
|
||||
``E_RMM_BOOT_CPU_ID_OUT_OF_RANGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4
|
||||
``E_RMM_BOOT_INVALID_SHARED_BUFFER``,Invalid pointer to shared memory area,-5
|
||||
``E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED``,Version reported by the Boot Manifest not supported by RMM,-6
|
||||
``E_RMM_BOOT_MANIFEST_DATA_ERROR``,Error parsing core Boot Manifest,-7
|
||||
|
||||
For any error detected in RMM during cold or warm boot, RMM will return back to
|
||||
EL3 using ``RMM_BOOT_COMPLETE`` SMC with an appropriate error code. It is
|
||||
expected that EL3 will take necessary action to disable Realm world for further
|
||||
entry from NS Host on receiving an error. This will be done across all the PEs
|
||||
in the system so as to present a symmetric view to the NS Host. Any further
|
||||
warm boot by any PE should not enter RMM using the warm boot interface.
|
||||
|
||||
.. _rmm_el3_boot_manifest:
|
||||
|
||||
Boot Manifest
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
During cold boot, EL3 Firmware passes a memory Boot Manifest to RMM containing
|
||||
platform information.
|
||||
|
||||
This Boot Manifest is versioned independently of the Boot Interface, to help
|
||||
evolve the former independent of the latter.
|
||||
The current version for the Boot Manifest is ``v0.3`` and the rules explained
|
||||
in :ref:`rmm_el3_ifc_versioning` apply on this version as well.
|
||||
|
||||
The Boot Manifest v0.3 has the following fields:
|
||||
|
||||
- version : Version of the Manifest (v0.3)
|
||||
- plat_data : Pointer to the platform specific data and not specified by this
|
||||
document. These data are optional and can be NULL.
|
||||
- plat_dram : Structure encoding the NS DRAM information on the platform. This
|
||||
field is optional and platform can choose to zero out this structure if
|
||||
RMM does not need EL3 to send this information during the boot.
|
||||
- plat_console : Structure encoding the list of consoles for RMM use on the
|
||||
platform. This field is optional and platform can choose to not populate
|
||||
the console list if this is not needed by the RMM for this platform.
|
||||
|
||||
For the current version of the Boot Manifest, the core manifest contains a pointer
|
||||
to the platform data. EL3 must ensure that the whole Boot Manifest, including
|
||||
the platform data, if available, fits inside the RMM EL3 shared buffer.
|
||||
|
||||
For the data structure specification of Boot Manifest, refer to
|
||||
:ref:`rmm_el3_manifest_struct`
|
||||
|
||||
.. _runtime_services_and_interface:
|
||||
|
||||
RMM-EL3 Runtime Interface
|
||||
__________________________
|
||||
|
||||
This section defines the RMM-EL3 runtime interface which specifies the ABI for
|
||||
EL3 services expected by RMM at runtime as well as the register save and
|
||||
restore convention between EL3 and RMM as part of RMI call handling. It is
|
||||
important to note that RMM is allowed to invoke EL3-RMM runtime interface
|
||||
services during the boot phase as well. The EL3 runtime service handling must
|
||||
not result in a world switch to another world unless specified. Both the RMM
|
||||
and EL3 are allowed to make suitable optimizations based on this assumption.
|
||||
|
||||
If the interface requires the use of memory, then the memory references should
|
||||
be within the shared buffer communicated as part of the boot interface. See
|
||||
:ref:`rmm_cold_boot_interface` for properties of this shared buffer which both
|
||||
EL3 and RMM must adhere to.
|
||||
|
||||
RMM-EL3 runtime service return codes
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The return codes from EL3 to RMM is a 32 bit signed integer which encapsulates
|
||||
error condition as described in the following table:
|
||||
|
||||
.. csv-table::
|
||||
:header: "Error code", "Description", "ID"
|
||||
:widths: 2 4 1
|
||||
|
||||
``E_RMM_OK``,No errors detected,0
|
||||
``E_RMM_UNK``,Unknown/Generic error,-1
|
||||
``E_RMM_BAD_ADDR``,The value of an address used as argument was invalid,-2
|
||||
``E_RMM_BAD_PAS``,Incorrect PAS,-3
|
||||
``E_RMM_NOMEM``,Not enough memory to perform an operation,-4
|
||||
``E_RMM_INVAL``,The value of an argument was invalid,-5
|
||||
``E_RMM_AGAIN``,The resource is busy. Try again.,-6
|
||||
|
||||
If multiple failure conditions are detected in an RMM to EL3 command, then EL3
|
||||
is allowed to return an error code corresponding to any of the failure
|
||||
conditions.
|
||||
|
||||
RMM-EL3 runtime services
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The following table summarizes the RMM runtime services that need to be
|
||||
implemented by EL3 Firmware.
|
||||
|
||||
.. csv-table::
|
||||
:header: "FID", "Command"
|
||||
:widths: 2 5
|
||||
|
||||
0xC400018F,``RMM_RMI_REQ_COMPLETE``
|
||||
0xC40001B0,``RMM_GTSI_DELEGATE``
|
||||
0xC40001B1,``RMM_GTSI_UNDELEGATE``
|
||||
0xC40001B2,``RMM_ATTEST_GET_REALM_KEY``
|
||||
0xC40001B3,``RMM_ATTEST_GET_PLAT_TOKEN``
|
||||
0xC40001B4,``RMM_EL3_FEATURES``
|
||||
0xC40001B5,``RMM_EL3_TOKEN_SIGN``
|
||||
|
||||
RMM_RMI_REQ_COMPLETE command
|
||||
============================
|
||||
|
||||
Notifies the completion of an RMI call to the Non-Secure world.
|
||||
|
||||
This call is the only function currently in RMM-EL3 runtime interface which
|
||||
results in a world switch to NS. This call is the reply to the original RMI
|
||||
call and it is forwarded by EL3 to the NS world.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC400018F``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
err_code,x1,[63:0],RmiCommandReturnCode,Error code returned by the RMI service invoked by NS World. See Realm Management Monitor specification for more info
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
This call does not return.
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
Since this call does not return to RMM, there is no failure condition which
|
||||
can be notified back to RMM.
|
||||
|
||||
RMM_GTSI_DELEGATE command
|
||||
=========================
|
||||
|
||||
Delegate a memory granule by changing its PAS from Non-Secure to Realm.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B0``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
base_pa,x1,[63:0],Address,PA of the start of the granule to be delegated
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 2 4
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table::
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_BAD_ADDR``,``PA`` does not correspond to a valid granule address
|
||||
``E_RMM_BAD_PAS``,The granule pointed by ``PA`` does not belong to Non-Secure PAS
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
RMM_GTSI_UNDELEGATE command
|
||||
===========================
|
||||
|
||||
Undelegate a memory granule by changing its PAS from Realm to Non-Secure.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B1``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
base_pa,x1,[63:0],Address,PA of the start of the granule to be undelegated
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 2 4
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table::
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_BAD_ADDR``,``PA`` does not correspond to a valid granule address
|
||||
``E_RMM_BAD_PAS``,The granule pointed by ``PA`` does not belong to Realm PAS
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
RMM_ATTEST_GET_REALM_KEY command
|
||||
================================
|
||||
|
||||
Retrieve the Realm Attestation Token Signing key from EL3.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B2``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
buf_pa,x1,[63:0],Address,PA where the Realm Attestation Key must be stored by EL3. The PA must belong to the shared buffer
|
||||
buf_size,x2,[63:0],Size,Size in bytes of the Realm Attestation Key buffer. ``bufPa + bufSize`` must lie within the shared buffer
|
||||
ecc_curve,x3,[63:0],Enum,Type of the elliptic curve to which the requested attestation key belongs to. See :ref:`ecc_curves`
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status
|
||||
keySize,x1,[63:0],Size,Size of the Realm Attestation Key
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table::
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_BAD_ADDR``,``PA`` is outside the shared buffer
|
||||
``E_RMM_INVAL``,``PA + BSize`` is outside the shared buffer
|
||||
``E_RMM_INVAL``,``Curve`` is not one of the listed in :ref:`ecc_curves`
|
||||
``E_RMM_UNK``,An unknown error occurred whilst processing the command
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
.. _ecc_curves:
|
||||
|
||||
Supported ECC Curves
|
||||
--------------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "ID", "Curve"
|
||||
:widths: 1 5
|
||||
|
||||
0,ECC SECP384R1
|
||||
|
||||
RMM_ATTEST_GET_PLAT_TOKEN command
|
||||
=================================
|
||||
|
||||
Retrieve the Platform Token from EL3. If the entire token does not fit in the
|
||||
buffer, EL3 returns a hunk of the token (via ``tokenHunkSize`` parameter) and
|
||||
indicates the remaining bytes that are pending retrieval (via ``remainingSize``
|
||||
parameter). The challenge object for the platform token must be populated in
|
||||
the buffer for the first call of this command and the size of the object is
|
||||
indicated by ``c_size`` parameter. Subsequent calls to retrieve remaining hunks of
|
||||
the token must be made with ``c_size`` as 0.
|
||||
|
||||
If ``c_size`` is not 0, this command could cause regeneration of platform token
|
||||
and will return token hunk corresponding to beginning of the token.
|
||||
|
||||
It is valid for the calls of this command to return ``E_RMM_AGAIN`` error,
|
||||
which is an indication to the caller to retry this command again. Depending on the
|
||||
platform, this mechanism can be used to implement queuing to HES, if HES is
|
||||
involved in platform token generation.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B3``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
buf_pa,x1,[63:0],Address,"PA of the platform attestation token. The challenge object must be passed in this buffer for the first call of this command. Any subsequent calls, if required to retrieve the full token, should not have this object. The PA must belong to the shared buffer."
|
||||
buf_size,x2,[63:0],Size,Size in bytes of the platform attestation token buffer. ``bufPa + bufSize`` must lie within the shared buffer
|
||||
c_size,x3,[63:0],Size,"Size in bytes of the challenge object. It corresponds to the size of one of the defined SHA algorithms. Any subsequent calls, if required to retrieve the full token, should set this size to 0."
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status
|
||||
tokenHunkSize,x1,[63:0],Size,Size of the platform token hunk retrieved
|
||||
remainingSize,x2,[63:0],Size,Remaining bytes of the token that are pending retrieval
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table::
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_AGAIN``,Resource for Platform token retrieval is busy. Try again.
|
||||
``E_RMM_BAD_ADDR``,``PA`` is outside the shared buffer
|
||||
``E_RMM_INVAL``,``PA + BSize`` is outside the shared buffer
|
||||
``E_RMM_INVAL``,``CSize`` does not represent the size of a supported SHA algorithm for the first call to this command
|
||||
``E_RMM_INVAL``,``CSize`` is not 0 for subsequent calls to retrieve remaining hunks of the token
|
||||
``E_RMM_UNK``,An unknown error occurred whilst processing the command
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
RMM_EL3_FEATURES command
|
||||
========================
|
||||
|
||||
This command provides a mechanism to discover features and ABIs supported by the
|
||||
RMM-EL3 interface, for a given version. This command is helpful when there are
|
||||
platform specific optional RMM-EL3 interfaces and features exposed by vendor
|
||||
specific EL3 firmware, and a generic RMM that can modify its behavior based on
|
||||
discovery of EL3 features.
|
||||
|
||||
The features can be discovered by specifying the feature register index that
|
||||
has fields defined to indicate presence or absence of features and other
|
||||
relevant information. The feature register index is specified in the
|
||||
``feat_reg_idx`` parameter. Each feature register is a 64 bit register.
|
||||
|
||||
This command is available from v0.4 of the RMM-EL3 interface.
|
||||
|
||||
The following is the register definition for feature register index 0 for
|
||||
v0.4 of the interface:
|
||||
|
||||
RMM-EL3 Feature Resister 0
|
||||
--------------------------
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
63 32 31 16 15 8 7 1 0
|
||||
+-------+-------+-------+-------+-------+-------+-------+-------+
|
||||
| | | | | | | | |
|
||||
| | | | | | | | |
|
||||
+-------+-------+-------+-------+-------+-------+-------+-------+
|
||||
^
|
||||
|
|
||||
RMMD_EL3_TOKEN_SIGN
|
||||
|
||||
**Bit Fields:**
|
||||
|
||||
- **Bit 0**: `RMMD_EL3_TOKEN_SIGN`
|
||||
- When set to 1, the `RMMD_EL3_TOKEN_SIGN` feature is enabled.
|
||||
- When cleared (0), the feature is disabled.
|
||||
- **Bits [1:63]**: Reserved (must be zero)
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B4``
|
||||
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table:: Input values for RMM_EL3_FEATURES
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
feat_reg_idx,x1,[63:0],UInt64, "Feature register index. For v0.4, a value of 0 is the only
|
||||
acceptable value"
|
||||
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table:: Output values for RMM_EL3_FEATURES
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status
|
||||
feat_reg,x1,[63:0],Value,Value of the register as defined above
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table:: Failure conditions for RMM_EL3_FEATURES
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_INVAL``,``feat_reg_idx`` is out of valid range
|
||||
``E_RMM_UNK``,"if the SMC is not present, if interface version is <0.4"
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
RMM_EL3_TOKEN_SIGN command
|
||||
==========================
|
||||
|
||||
This command is an optional command that can be discovered using the RMM_EL3_FEATURES command.
|
||||
This command is used to send requests related to realm attestation token signing requests to EL3.
|
||||
The command supports 3 opcodes:
|
||||
|
||||
- RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP
|
||||
- RMM_EL3_TOKEN_SIGN_PULL_RESP_OP
|
||||
- RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
|
||||
|
||||
The above opcodes can be used to send realm attestation token signing requests to EL3 and get their
|
||||
response, so that the realm attestation token can be constructed.
|
||||
|
||||
This command is useful when the RMM may not have access to the private portion of the realm
|
||||
attestation key and needs signing services from EL3 or CCA HES, or other platform specific
|
||||
mechanisms to perform signing.
|
||||
|
||||
The RMM-EL3 interface for this command is modeled as two separate queues, one for signing requests
|
||||
and one for retrieving the signed responses. It is possible that the queue in EL3 is full or EL3 is busy and
|
||||
unable to service the RMM requests, in which case the RMM is expected to retry the push operation
|
||||
for requests and pop operation for responses.
|
||||
|
||||
FID
|
||||
---
|
||||
|
||||
``0xC40001B5``
|
||||
|
||||
Input values
|
||||
------------
|
||||
|
||||
.. csv-table:: Input values for RMM_EL3_TOKEN_SIGN
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
fid,x0,[63:0],UInt64,Command FID
|
||||
opcode,x1,[63:0],UInt64,"
|
||||
Opcode that is one of:
|
||||
|
||||
- RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP: 0x1 -
|
||||
Opcode to push a token signing request to EL3 using struct el3_token_sign_request as described above
|
||||
- RMM_EL3_TOKEN_SIGN_PULL_RESP_OP: 0x2 -
|
||||
Opcode to pull a token signing response from EL3 using struct el3_token_sign_response as described above
|
||||
- RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP: 0x3 -
|
||||
Opcode to get the realm attestation public key
|
||||
|
||||
"
|
||||
buf_pa,x2,[63:0],Address,"PA where the request structure is stored for the opcode RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP, the response structure needs to be populated for the opcode RMM_EL3_TOKEN_SIGN_PULL_RESP_OP, or where the public key must be populated for the opcode RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP. The PA must belong to the RMM-EL3 shared buffer"
|
||||
buf_size,x3,[63:0],Size,Size in bytes of the input buffer in ``buf_pa``. ``buf_pa + buf_size`` must lie within the shared buffer
|
||||
ecc_curve,x4,[63:0],Enum,Type of the elliptic curve to which the requested attestation key belongs to. See :ref:`ecc_curves`. This parameter is valid on for the opcode RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP
|
||||
|
||||
Output values
|
||||
-------------
|
||||
|
||||
.. csv-table:: Output values for RMM_EL3_TOKEN_SIGN
|
||||
:header: "Name", "Register", "Field", "Type", "Description"
|
||||
:widths: 1 1 1 1 5
|
||||
|
||||
Result,x0,[63:0],Error Code,Command return status. Valid for all opcodes listed in input values
|
||||
retval1,x1,[63:0],Value, "If opcode is RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP, then returns length of
|
||||
public key returned. Otherwise, reserved"
|
||||
|
||||
|
||||
Failure conditions
|
||||
------------------
|
||||
|
||||
The table below shows all the possible error codes returned in ``Result`` upon
|
||||
a failure. The errors are ordered by condition check.
|
||||
|
||||
.. csv-table:: Failure conditions for RMM_EL3_TOKEN_SIGN
|
||||
:header: "ID", "Condition"
|
||||
:widths: 1 5
|
||||
|
||||
``E_RMM_INVAL``,"if opcode is invalid or buffer address and length passed to the EL3 are not in valid range
|
||||
corresponding to the RMM-EL3 shared buffer, or if the curve used for opcode
|
||||
RMM_EL3_TOKEN_SIGN_GET_RAK_PUB_OP is not the ECC P384 curve"
|
||||
``E_RMM_UNK``,"if the SMC is not present, if interface version is <0.4"
|
||||
``E_RMM_AGAIN``,"For opcode RMM_EL3_TOKEN_SIGN_PUSH_REQ_OP, if the request is not queued since
|
||||
the EL3 queue is full, or if the response is not ready yet, for other opcodes"
|
||||
``E_RMM_OK``,No errors detected
|
||||
|
||||
|
||||
RMM-EL3 world switch register save restore convention
|
||||
_____________________________________________________
|
||||
|
||||
As part of NS world switch, EL3 is expected to maintain a register context
|
||||
specific to each world and will save and restore the registers
|
||||
appropriately. This section captures the contract between EL3 and RMM on the
|
||||
register set to be saved and restored.
|
||||
|
||||
EL3 must maintain a separate register context for the following:
|
||||
|
||||
#. General purpose registers (x0-x30) and ``sp_el0``, ``sp_el2`` stack pointers
|
||||
#. EL2 system register context for all enabled features by EL3. These include system registers with the ``_EL2`` prefix. The EL2 physical and virtual timer registers must not be included in this.
|
||||
|
||||
As part of SMC forwarding between the NS world and Realm world, EL3 allows x0-x7 to be passed
|
||||
as arguments to Realm and x0-x4 to be used for return arguments back to Non Secure.
|
||||
As per SMCCCv1.2, x4 must be preserved if not being used as return argument by the SMC function
|
||||
and it is the responsibility of RMM to preserve this or use this as a return argument.
|
||||
EL3 will always copy x0-x4 from Realm context to NS Context.
|
||||
|
||||
EL3 must save and restore the following as part of world switch:
|
||||
#. EL2 system registers with the exception of ``zcr_el2`` register.
|
||||
#. PAuth key registers (APIA, APIB, APDA, APDB, APGA).
|
||||
|
||||
EL3 will not save some registers as mentioned in the below list. It is the
|
||||
responsibility of RMM to ensure that these are appropriately saved if the
|
||||
Realm World makes use of them:
|
||||
|
||||
#. FP/SIMD registers
|
||||
#. SVE registers
|
||||
#. SME registers
|
||||
#. EL1/0 registers with the exception of PAuth key registers as mentioned above.
|
||||
#. zcr_el2 register.
|
||||
|
||||
It is essential that EL3 honors this contract to maintain the Confidentiality and integrity
|
||||
of the Realm world.
|
||||
|
||||
SMCCC v1.3 allows NS world to specify whether SVE context is in use. In this
|
||||
case, RMM could choose to not save the incoming SVE context but must ensure
|
||||
to clear SVE registers if they have been used in Realm World. The same applies
|
||||
to SME registers.
|
||||
|
||||
Types
|
||||
_____
|
||||
|
||||
.. _rmm_el3_manifest_struct:
|
||||
|
||||
RMM-EL3 Boot Manifest structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The RMM-EL3 Boot Manifest v0.3 structure contains platform boot information passed
|
||||
from EL3 to RMM. The size of the Boot Manifest is 64 bytes.
|
||||
|
||||
The members of the RMM-EL3 Boot Manifest structure are shown in the following
|
||||
table:
|
||||
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+==============+========+================+========================================+
|
||||
| version | 0 | uint32_t | Boot Manifest version |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| padding | 4 | uint32_t | Reserved, set to 0 |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| plat_data | 8 | uintptr_t | Pointer to Platform Data section |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| plat_dram | 16 | ns_dram_info | NS DRAM Layout Info structure |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| plat_console | 40 | console_list | List of consoles available to RMM |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
|
||||
.. _ns_dram_info_struct:
|
||||
|
||||
NS DRAM Layout Info structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
NS DRAM Layout Info structure contains information about platform Non-secure
|
||||
DRAM layout. The members of this structure are shown in the table below:
|
||||
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+===========+========+================+========================================+
|
||||
| num_banks | 0 | uint64_t | Number of NS DRAM banks |
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
| banks | 8 | ns_dram_bank * | Pointer to 'ns_dram_bank'[] array |
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
| checksum | 16 | uint64_t | Checksum |
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
|
||||
Checksum is calculated as two's complement sum of 'num_banks', 'banks' pointer
|
||||
and DRAM banks data array pointed by it.
|
||||
|
||||
.. _ns_dram_bank_struct:
|
||||
|
||||
NS DRAM Bank structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
NS DRAM Bank structure contains information about each Non-secure DRAM bank:
|
||||
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+===========+========+================+========================================+
|
||||
| base | 0 | uintptr_t | Base address |
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
| size | 8 | uint64_t | Size of bank in bytes |
|
||||
+-----------+--------+----------------+----------------------------------------+
|
||||
|
||||
.. _console_list_struct:
|
||||
|
||||
Console List structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Console List structure contains information about the available consoles for RMM.
|
||||
The members of this structure are shown in the table below:
|
||||
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+==============+========+================+========================================+
|
||||
| num_consoles | 0 | uint64_t | Number of consoles |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| consoles | 8 | console_info * | Pointer to 'console_info'[] array |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
| checksum | 16 | uint64_t | Checksum |
|
||||
+--------------+--------+----------------+----------------------------------------+
|
||||
|
||||
Checksum is calculated as two's complement sum of 'num_consoles', 'consoles'
|
||||
pointer and the consoles array pointed by it.
|
||||
|
||||
.. _console_info_struct:
|
||||
|
||||
Console Info structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Console Info structure contains information about each Console available to RMM.
|
||||
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+===========+========+===============+========================================+
|
||||
| base | 0 | uintptr_t | Console Base address |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| map_pages | 8 | uint64_t | Num of pages to map for console MMIO |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| name | 16 | char[] | Name of console |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| clk_in_hz | 24 | uint64_t | UART clock (in hz) for console |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| baud_rate | 32 | uint64_t | Baud rate |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
| flags | 40 | uint64_t | Additional flags (RES0) |
|
||||
+-----------+--------+---------------+----------------------------------------+
|
||||
|
||||
.. _el3_token_sign_request_struct:
|
||||
|
||||
EL3 Token Sign Request structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This structure represents a realm attestation toekn signing request.
|
||||
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+=============+========+===============+=========================================+
|
||||
| sig_alg_id | 0 | uint32_t | Algorithm idenfier for the sign request.|
|
||||
| | | | - 0x0: ECC SECP384R1 (ECDSA) |
|
||||
| | | | - Other values reserved |
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
| rec_granule | 8 | uint64_t | Identifier used by RMM to associate |
|
||||
| | | | a signing request to a realm. Must not |
|
||||
| | | | be interpreted or modified. |
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
| req_ticket | 16 | uint64_t | Value used by RMM to associate request |
|
||||
| | | | and responses. Must not be interpreted |
|
||||
| | | | or modified. |
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
| hash_alg_id | 24 | uint32_t | Hash algorithm for data in `hash_buf` |
|
||||
| | | | - 0x1: SHA2-384 |
|
||||
| | | | - All other values reserved. |
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
| hash_buf | 32 | uint8_t[] | TBS (to-be-signed) Hash of length |
|
||||
| | | | defined by hash algorithm `hash_alg_id` |
|
||||
+-------------+--------+---------------+-----------------------------------------+
|
||||
|
||||
.. _el3_token_sign_response_struct:
|
||||
|
||||
EL3 Token Sign Response structure
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This structure represents a realm attestation token signing response.
|
||||
|
||||
+---------------+--------+---------------+-----------------------------------------+
|
||||
| Name | Offset | Type | Description |
|
||||
+===============+========+===============+=========================================+
|
||||
| rec_granule | 0 | uint64_t | Identifier used by RMM to associate |
|
||||
| | | | a signing request to a realm. Must not |
|
||||
| | | | be interpreted or modified. |
|
||||
+---------------+--------+---------------+-----------------------------------------+
|
||||
| req_ticket | 8 | uint64_t | Value used by RMM to associate request |
|
||||
| | | | and responses. Must not be interpreted |
|
||||
| | | | or modified. |
|
||||
+---------------+--------+---------------+-----------------------------------------+
|
||||
| sig_len | 16 | uint16_t | Length of the `signature_buf` field |
|
||||
+---------------+--------+---------------+-----------------------------------------+
|
||||
| signature_buf | 18 | uint8_t[] | Signature |
|
||||
+---------------+--------+---------------+-----------------------------------------+
|
||||
164
arm-trusted-firmware.t234/docs/components/romlib-design.rst
Normal file
164
arm-trusted-firmware.t234/docs/components/romlib-design.rst
Normal file
@@ -0,0 +1,164 @@
|
||||
Library at ROM
|
||||
==============
|
||||
|
||||
This document provides an overview of the "library at ROM" implementation in
|
||||
Trusted Firmware-A (TF-A).
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The "library at ROM" feature allows platforms to build a library of functions to
|
||||
be placed in ROM. This reduces SRAM usage by utilising the available space in
|
||||
ROM. The "library at ROM" contains a jump table with the list of functions that
|
||||
are placed in ROM. The capabilities of the "library at ROM" are:
|
||||
|
||||
1. Functions can be from one or several libraries.
|
||||
|
||||
2. Functions can be patched after they have been programmed into ROM.
|
||||
|
||||
3. Platform-specific libraries can be placed in ROM.
|
||||
|
||||
4. Functions can be accessed by one or more BL images.
|
||||
|
||||
Index file
|
||||
~~~~~~~~~~
|
||||
|
||||
.. image:: ../resources/diagrams/romlib_design.png
|
||||
:width: 600
|
||||
|
||||
Library at ROM is described by an index file with the list of functions to be
|
||||
placed in ROM. The index file is platform specific and its format is:
|
||||
|
||||
::
|
||||
|
||||
lib function [patch]
|
||||
|
||||
lib -- Name of the library the function belongs to
|
||||
function -- Name of the function to be placed in library at ROM
|
||||
[patch] -- Option to patch the function
|
||||
|
||||
It is also possible to insert reserved spaces in the list by using the keyword
|
||||
"reserved" rather than the "lib" and "function" names as shown below:
|
||||
|
||||
::
|
||||
|
||||
reserved
|
||||
|
||||
The reserved spaces can be used to add more functions in the future without
|
||||
affecting the order and location of functions already existing in the jump
|
||||
table. Also, for additional flexibility and modularity, the index file can
|
||||
include other index files.
|
||||
|
||||
For an index file example, refer to ``lib/romlib/jmptbl.i``.
|
||||
|
||||
Wrapper functions
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. image:: ../resources/diagrams/romlib_wrapper.png
|
||||
:width: 600
|
||||
|
||||
When invoking a function of the "library at ROM", the calling sequence is as
|
||||
follows:
|
||||
|
||||
BL image --> wrapper function --> jump table entry --> library at ROM
|
||||
|
||||
The index file is used to create a jump table which is placed in ROM. Then, the
|
||||
wrappers refer to the jump table to call the "library at ROM" functions. The
|
||||
wrappers essentially contain a branch instruction to the jump table entry
|
||||
corresponding to the original function. Finally, the original function in the BL
|
||||
image(s) is replaced with the wrapper function.
|
||||
|
||||
The "library at ROM" contains a necessary init function that initialises the
|
||||
global variables defined by the functions inside "library at ROM".
|
||||
|
||||
Wrapper functions are specified at the link stage of compilation and cannot
|
||||
interpose uppon functions within the same translation unit. For example, if
|
||||
function ``fn_a`` calls ``fn_b`` within translation unit ``functions.c`` and
|
||||
the romlib jump table includes an entry for ``fn_b``, ``fn_a`` will include
|
||||
a reference to ``fn_b``'s original program text instead of the wrapper. Thus
|
||||
the jumptable author must take care to include public entry points into
|
||||
translation units to avoid paying the program text cost twice, once in the
|
||||
original executable and once in romlib.
|
||||
|
||||
Script
|
||||
~~~~~~
|
||||
|
||||
There is a ``romlib_generator.py`` Python script that generates the necessary
|
||||
files for the "library at ROM" to work. It implements multiple functions:
|
||||
|
||||
1. ``romlib_generator.py gentbl [args]`` - Generates the jump table by parsing
|
||||
the index file.
|
||||
|
||||
2. ``romlib_generator.py genvar [args]`` - Generates the jump table global
|
||||
variable (**not** the jump table itself) with the absolute address in ROM.
|
||||
This global variable is, basically, a pointer to the jump table.
|
||||
|
||||
3. ``romlib_generator.py genwrappers [args]`` - Generates a wrapper function for
|
||||
each entry in the index file except for the ones that contain the keyword
|
||||
``patch``. The generated wrapper file is called ``wrappers.s``.
|
||||
|
||||
4. ``romlib_generator.py pre [args]`` - Preprocesses the index file which means
|
||||
it resolves all the include commands in the file recursively. It can also
|
||||
generate a dependency file of the included index files which can be directly
|
||||
used in makefiles.
|
||||
|
||||
Each ``romlib_generator.py`` function has its own manual which is accessible by
|
||||
runing ``romlib_generator.py [function] --help``.
|
||||
|
||||
``romlib_generator.py`` requires Python 3 environment.
|
||||
|
||||
|
||||
Patching of functions in library at ROM
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``romlib_generator.py genwrappers`` does not generate wrappers for the
|
||||
entries in the index file that contain the keyword ``patch``. Thus, it allows
|
||||
calling the function from the actual library by breaking the link to the
|
||||
"library at ROM" version of this function.
|
||||
|
||||
The calling sequence for a patched function is as follows:
|
||||
|
||||
BL image --> function
|
||||
|
||||
Memory impact
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
Using library at ROM will modify the memory layout of the BL images:
|
||||
|
||||
- The ROM library needs a page aligned RAM section to hold the RW data. This
|
||||
section is defined by the ROMLIB_RW_BASE and ROMLIB_RW_END macros.
|
||||
On Arm platforms a section of 1 page (0x1000) is allocated at the top of SRAM.
|
||||
This will have for effect to shift down all the BL images by 1 page.
|
||||
|
||||
- Depending on the functions moved to the ROM library, the size of the BL images
|
||||
will be reduced.
|
||||
For example: moving MbedTLS function into the ROM library reduces BL1 and
|
||||
BL2, but not BL31.
|
||||
|
||||
- This change in BL images size can be taken into consideration to optimize the
|
||||
memory layout when defining the BLx_BASE macros.
|
||||
|
||||
Build library at ROM
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The environment variable ``CROSS_COMPILE`` must be set appropriately. Refer to
|
||||
:ref:`Performing an Initial Build` for more information about setting this
|
||||
variable.
|
||||
|
||||
In the below example the usage of ROMLIB together with mbed TLS is demonstrated
|
||||
to showcase the benefits of library at ROM - it's not mandatory.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp \
|
||||
MBEDTLS_DIR=</path/to/mbedtls/> \
|
||||
TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=</path/to/bl33.bin> \
|
||||
USE_ROMLIB=1 \
|
||||
all fip
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
413
arm-trusted-firmware.t234/docs/components/sdei.rst
Normal file
413
arm-trusted-firmware.t234/docs/components/sdei.rst
Normal file
@@ -0,0 +1,413 @@
|
||||
SDEI: Software Delegated Exception Interface
|
||||
============================================
|
||||
|
||||
This document provides an overview of the SDEI dispatcher implementation in
|
||||
Trusted Firmware-A (TF-A).
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Software Delegated Exception Interface (|SDEI|) is an Arm specification for
|
||||
Non-secure world to register handlers with firmware to receive notifications
|
||||
about system events. Firmware will first receive the system events by way of
|
||||
asynchronous exceptions and, in response, arranges for the registered handler to
|
||||
execute in the Non-secure EL.
|
||||
|
||||
Normal world software that interacts with the SDEI dispatcher (makes SDEI
|
||||
requests and receives notifications) is referred to as the *SDEI Client*. A
|
||||
client receives the event notification at the registered handler even when it
|
||||
was executing with exceptions masked. The list of SDEI events available to the
|
||||
client are specific to the platform [#std-event]_. See also `Determining client
|
||||
EL`_.
|
||||
|
||||
.. _general SDEI dispatch:
|
||||
|
||||
The following figure depicts a general sequence involving SDEI client executing
|
||||
at EL2 and an event dispatch resulting from the triggering of a bound interrupt.
|
||||
A commentary is provided below:
|
||||
|
||||
.. uml:: ../resources/diagrams/plantuml/sdei_general.puml
|
||||
|
||||
As part of initialisation, the SDEI client binds a Non-secure interrupt [1], and
|
||||
the SDEI dispatcher returns a platform dynamic event number [2]. The client then
|
||||
registers a handler for that event [3], enables the event [5], and unmasks all
|
||||
events on the current PE [7]. This sequence is typical of an SDEI client, but it
|
||||
may involve additional SDEI calls.
|
||||
|
||||
At a later point in time, when the bound interrupt triggers [9], it's trapped to
|
||||
EL3. The interrupt is handed over to the SDEI dispatcher, which then arranges to
|
||||
execute the registered handler [10]. The client terminates its execution with
|
||||
``SDEI_EVENT_COMPLETE`` [11], following which the dispatcher resumes the
|
||||
original EL2 execution [13]. Note that the SDEI interrupt remains active until
|
||||
the client handler completes, at which point EL3 does EOI [12].
|
||||
|
||||
Other than events bound to interrupts, as depicted in the sequence above, SDEI
|
||||
events can be explicitly dispatched in response to other exceptions, for
|
||||
example, upon receiving an *SError* or *Synchronous External Abort*. See
|
||||
`Explicit dispatch of events`_.
|
||||
|
||||
The remainder of this document only discusses the design and implementation of
|
||||
SDEI dispatcher in TF-A, and assumes that the reader is familiar with the SDEI
|
||||
specification, the interfaces, and their requirements.
|
||||
|
||||
Defining events
|
||||
---------------
|
||||
|
||||
A platform choosing to include the SDEI dispatcher must also define the events
|
||||
available on the platform, along with their attributes.
|
||||
|
||||
The platform is expected to provide two arrays of event descriptors: one for
|
||||
private events, and another for shared events. The SDEI dispatcher provides
|
||||
``SDEI_PRIVATE_EVENT()`` and ``SDEI_SHARED_EVENT()`` macros to populate the
|
||||
event descriptors. Both macros take 3 arguments:
|
||||
|
||||
- The event number: this must be a positive 32-bit integer.
|
||||
|
||||
- For an event that has a backing interrupt, the interrupt number the event is
|
||||
bound to:
|
||||
|
||||
- If it's not applicable to an event, this shall be left as ``0``.
|
||||
|
||||
- If the event is dynamic, this should be specified as ``SDEI_DYN_IRQ``.
|
||||
|
||||
- A bit map of `Event flags`_.
|
||||
|
||||
To define event 0, the macro ``SDEI_DEFINE_EVENT_0()`` should be used. This
|
||||
macro takes only one parameter: an SGI number to signal other PEs.
|
||||
|
||||
To define an event that's meant to be explicitly dispatched (i.e., not as a
|
||||
result of receiving an SDEI interrupt), the macro ``SDEI_EXPLICIT_EVENT()``
|
||||
should be used. It accepts two parameters:
|
||||
|
||||
- The event number (as above);
|
||||
|
||||
- Event priority: ``SDEI_MAPF_CRITICAL`` or ``SDEI_MAPF_NORMAL``, as described
|
||||
below.
|
||||
|
||||
Once the event descriptor arrays are defined, they should be exported to the
|
||||
SDEI dispatcher using the ``REGISTER_SDEI_MAP()`` macro, passing it the pointers
|
||||
to the private and shared event descriptor arrays, respectively. Note that the
|
||||
``REGISTER_SDEI_MAP()`` macro must be used in the same file where the arrays are
|
||||
defined.
|
||||
|
||||
Regarding event descriptors:
|
||||
|
||||
- For Event 0:
|
||||
|
||||
- There must be exactly one descriptor in the private array, and none in the
|
||||
shared array.
|
||||
|
||||
- The event should be defined using ``SDEI_DEFINE_EVENT_0()``.
|
||||
|
||||
- Must be bound to a Secure SGI on the platform.
|
||||
|
||||
- Explicit events should only be used in the private array.
|
||||
|
||||
- Statically bound shared and private interrupts must be bound to shared and
|
||||
private interrupts on the platform, respectively. See the section on
|
||||
`Configuration within Exception Handling Framework`_.
|
||||
|
||||
- Both arrays should be one-dimensional. The ``REGISTER_SDEI_MAP()`` macro
|
||||
takes care of replicating private events for each PE on the platform.
|
||||
|
||||
- Both arrays must be sorted in the increasing order of event number.
|
||||
|
||||
The SDEI specification doesn't have provisions for discovery of available events
|
||||
on the platform. The list of events made available to the client, along with
|
||||
their semantics, have to be communicated out of band; for example, through
|
||||
Device Trees or firmware configuration tables.
|
||||
|
||||
See also `Event definition example`_.
|
||||
|
||||
Event flags
|
||||
~~~~~~~~~~~
|
||||
|
||||
Event flags describe the properties of the event. They are bit maps that can be
|
||||
``OR``\ ed to form parameters to macros that define events (see
|
||||
`Defining events`_).
|
||||
|
||||
- ``SDEI_MAPF_DYNAMIC``: Marks the event as dynamic. Dynamic events can be
|
||||
bound to (or released from) any Non-secure interrupt at runtime via the
|
||||
``SDEI_INTERRUPT_BIND`` and ``SDEI_INTERRUPT_RELEASE`` calls.
|
||||
|
||||
- ``SDEI_MAPF_BOUND``: Marks the event as statically bound to an interrupt.
|
||||
These events cannot be re-bound at runtime.
|
||||
|
||||
- ``SDEI_MAPF_NORMAL``: Marks the event as having *Normal* priority. This is
|
||||
the default priority.
|
||||
|
||||
- ``SDEI_MAPF_CRITICAL``: Marks the event as having *Critical* priority.
|
||||
|
||||
Event definition example
|
||||
------------------------
|
||||
|
||||
.. code:: c
|
||||
|
||||
static sdei_ev_map_t plat_private_sdei[] = {
|
||||
/* Event 0 definition */
|
||||
SDEI_DEFINE_EVENT_0(8),
|
||||
|
||||
/* PPI */
|
||||
SDEI_PRIVATE_EVENT(8, 23, SDEI_MAPF_BOUND),
|
||||
|
||||
/* Dynamic private events */
|
||||
SDEI_PRIVATE_EVENT(100, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
|
||||
SDEI_PRIVATE_EVENT(101, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC)
|
||||
|
||||
/* Events for explicit dispatch */
|
||||
SDEI_EXPLICIT_EVENT(2000, SDEI_MAPF_NORMAL);
|
||||
SDEI_EXPLICIT_EVENT(2000, SDEI_MAPF_CRITICAL);
|
||||
};
|
||||
|
||||
/* Shared event mappings */
|
||||
static sdei_ev_map_t plat_shared_sdei[] = {
|
||||
SDEI_SHARED_EVENT(804, 0, SDEI_MAPF_DYNAMIC),
|
||||
|
||||
/* Dynamic shared events */
|
||||
SDEI_SHARED_EVENT(3000, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
|
||||
SDEI_SHARED_EVENT(3001, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC)
|
||||
};
|
||||
|
||||
/* Export SDEI events */
|
||||
REGISTER_SDEI_MAP(plat_private_sdei, plat_shared_sdei);
|
||||
|
||||
Configuration within Exception Handling Framework
|
||||
-------------------------------------------------
|
||||
|
||||
The SDEI dispatcher functions alongside the Exception Handling Framework. This
|
||||
means that the platform must assign priorities to both Normal and Critical SDEI
|
||||
interrupts for the platform:
|
||||
|
||||
- Install priority descriptors for Normal and Critical SDEI interrupts.
|
||||
|
||||
- For those interrupts that are statically bound (i.e. events defined as having
|
||||
the ``SDEI_MAPF_BOUND`` property), enumerate their properties for the GIC
|
||||
driver to configure interrupts accordingly.
|
||||
|
||||
The interrupts must be configured to target EL3. This means that they should
|
||||
be configured as *Group 0*. Additionally, on GICv2 systems, the build option
|
||||
``GICV2_G0_FOR_EL3`` must be set to ``1``.
|
||||
|
||||
See also :ref:`porting_guide_sdei_requirements`.
|
||||
|
||||
Determining client EL
|
||||
---------------------
|
||||
|
||||
The SDEI specification requires that the *physical* SDEI client executes in the
|
||||
highest Non-secure EL implemented on the system. This means that the dispatcher
|
||||
will only allow SDEI calls to be made from:
|
||||
|
||||
- EL2, if EL2 is implemented. The Hypervisor is expected to implement a
|
||||
*virtual* SDEI dispatcher to support SDEI clients in Guest Operating Systems
|
||||
executing in Non-secure EL1.
|
||||
|
||||
- Non-secure EL1, if EL2 is not implemented or disabled.
|
||||
|
||||
See the function ``sdei_client_el()`` in ``sdei_private.h``.
|
||||
|
||||
.. _explicit-dispatch-of-events:
|
||||
|
||||
Explicit dispatch of events
|
||||
---------------------------
|
||||
|
||||
Typically, an SDEI event dispatch is caused by the PE receiving interrupts that
|
||||
are bound to an SDEI event. However, there are cases where the Secure world
|
||||
requires dispatch of an SDEI event as a direct or indirect result of a past
|
||||
activity, such as receiving a Secure interrupt or an exception.
|
||||
|
||||
The SDEI dispatcher implementation provides ``sdei_dispatch_event()`` API for
|
||||
this purpose. The API has the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int sdei_dispatch_event(int ev_num);
|
||||
|
||||
The parameter ``ev_num`` is the event number to dispatch. The API returns ``0``
|
||||
on success, or ``-1`` on failure.
|
||||
|
||||
The following figure depicts a scenario involving explicit dispatch of SDEI
|
||||
event. A commentary is provided below:
|
||||
|
||||
.. uml:: ../resources/diagrams/plantuml/sdei_explicit_dispatch.puml
|
||||
|
||||
As part of initialisation, the SDEI client registers a handler for a platform
|
||||
event [1], enables the event [3], and unmasks the current PE [5]. Note that,
|
||||
unlike in `general SDEI dispatch`_, this doesn't involve interrupt binding, as
|
||||
bound or dynamic events can't be explicitly dispatched (see the section below).
|
||||
|
||||
At a later point in time, a critical event [#critical-event]_ is trapped into
|
||||
EL3 [7]. EL3 performs a first-level triage of the event, and a RAS component
|
||||
assumes further handling [8]. The dispatch completes, but intends to involve
|
||||
Non-secure world in further handling, and therefore decides to explicitly
|
||||
dispatch an event [10] (which the client had already registered for [1]). The
|
||||
rest of the sequence is similar to that in the `general SDEI dispatch`_: the
|
||||
requested event is dispatched to the client (assuming all the conditions are
|
||||
met), and when the handler completes, the preempted execution resumes.
|
||||
|
||||
Conditions for event dispatch
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
All of the following requirements must be met for the API to return ``0`` and
|
||||
event to be dispatched:
|
||||
|
||||
- SDEI events must be unmasked on the PE. I.e. the client must have called
|
||||
``PE_UNMASK`` beforehand.
|
||||
|
||||
- Event 0 can't be dispatched.
|
||||
|
||||
- The event must be declared using the ``SDEI_EXPLICIT_EVENT()`` macro
|
||||
described above.
|
||||
|
||||
- The event must be private to the PE.
|
||||
|
||||
- The event must have been registered for and enabled.
|
||||
|
||||
- A dispatch for the same event must not be outstanding. I.e. it hasn't already
|
||||
been dispatched and is yet to be completed.
|
||||
|
||||
- The priority of the event (either Critical or Normal, as configured by the
|
||||
platform at build-time) shouldn't cause priority inversion. This means:
|
||||
|
||||
- If it's of Normal priority, neither Normal nor Critical priority dispatch
|
||||
must be outstanding on the PE.
|
||||
|
||||
- If it's of a Critical priority, no Critical priority dispatch must be
|
||||
outstanding on the PE.
|
||||
|
||||
Further, the caller should be aware of the following assumptions made by the
|
||||
dispatcher:
|
||||
|
||||
- The caller of the API is a component running in EL3; for example, a RAS
|
||||
driver.
|
||||
|
||||
- The requested dispatch will be permitted by the Exception Handling Framework.
|
||||
I.e. the caller must make sure that the requested dispatch has sufficient
|
||||
priority so as not to cause priority level inversion within Exception
|
||||
Handling Framework.
|
||||
|
||||
- The caller must be prepared for the SDEI dispatcher to restore the Non-secure
|
||||
context, and mark that the active context.
|
||||
|
||||
- The call will block until the SDEI client completes the event (i.e. when the
|
||||
client calls either ``SDEI_EVENT_COMPLETE`` or ``SDEI_COMPLETE_AND_RESUME``).
|
||||
|
||||
- The caller must be prepared for this API to return failure and handle
|
||||
accordingly.
|
||||
|
||||
Porting requirements
|
||||
--------------------
|
||||
|
||||
The porting requirements of the SDEI dispatcher are outlined in the
|
||||
:ref:`Porting Guide <porting_guide_sdei_requirements>`.
|
||||
|
||||
Note on writing SDEI event handlers
|
||||
-----------------------------------
|
||||
|
||||
*This section pertains to SDEI event handlers in general, not just when using
|
||||
the TF-A SDEI dispatcher.*
|
||||
|
||||
The SDEI specification requires that event handlers preserve the contents of all
|
||||
registers except ``x0`` to ``x17``. This has significance if event handler is
|
||||
written in C: compilers typically adjust the stack frame at the beginning and
|
||||
end of C functions. For example, AArch64 GCC typically produces the following
|
||||
function prologue and epilogue:
|
||||
|
||||
::
|
||||
|
||||
c_event_handler:
|
||||
stp x29, x30, [sp,#-32]!
|
||||
mov x29, sp
|
||||
|
||||
...
|
||||
|
||||
bl ...
|
||||
|
||||
...
|
||||
|
||||
ldp x29, x30, [sp],#32
|
||||
ret
|
||||
|
||||
The register ``x29`` is used as frame pointer in the prologue. Because neither a
|
||||
valid ``SDEI_EVENT_COMPLETE`` nor ``SDEI_EVENT_COMPLETE_AND_RESUME`` calls
|
||||
return to the handler, the epilogue never gets executed, and registers ``x29``
|
||||
and ``x30`` (in the case above) are inadvertently corrupted. This violates the
|
||||
SDEI specification, and the normal execution thereafter will result in
|
||||
unexpected behaviour.
|
||||
|
||||
To work this around, it's advised that the top-level event handlers are
|
||||
implemented in assembly, following a similar pattern as below:
|
||||
|
||||
::
|
||||
|
||||
asm_event_handler:
|
||||
/* Save link register whilst maintaining stack alignment */
|
||||
stp xzr, x30, [sp, #-16]!
|
||||
bl c_event_handler
|
||||
|
||||
/* Restore link register */
|
||||
ldp xzr, x30, [sp], #16
|
||||
|
||||
/* Complete call */
|
||||
ldr x0, =SDEI_EVENT_COMPLETE
|
||||
smc #0
|
||||
b .
|
||||
|
||||
--------------
|
||||
|
||||
Security Considerations
|
||||
-----------------------
|
||||
|
||||
SDEI introduces concept of providing software based non-maskable interrupts to
|
||||
Hypervisor/OS. In doing so, it modifies the priority scheme defined by Interrupt
|
||||
controllers and relies on Non-Secure clients, Hypervisor or OS, to create/manage
|
||||
high priority events.
|
||||
|
||||
Considering a Non-secure client is involved in SDEI state management, there exists
|
||||
some security considerations which needs to be taken care of in both client and EL3
|
||||
when using SDEI. Few of them are mentioned below.
|
||||
|
||||
Bound events
|
||||
~~~~~~~~~~~~
|
||||
|
||||
A bound event is an SDEI event that corresponds to a client interrupt.
|
||||
The binding of event is done using ``SDEI_INTERRUPT_BIND`` SMC call to associate
|
||||
an SDEI event with a client interrupt. There is a possibility that a rogue
|
||||
client can request an invalid interrupt to be bound. This may potentially
|
||||
cause out-of-bound memory read.
|
||||
|
||||
Even though TF-A implementation has checks to ensure that interrupt ID passed
|
||||
by client is architecturally valid, Non-secure client should also ensure the
|
||||
validity of interrupts.
|
||||
|
||||
Recurring events
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
||||
For a given event source, if the events are generated continuously, then NS client
|
||||
may be unusable. To mitigate against this, the Non-secure client must have
|
||||
mechanism in place to remove such interrupt source from the system.
|
||||
|
||||
One of the examples is a memory region which continuously generates RAS errors.
|
||||
This may result in unusable Non-secure client.
|
||||
|
||||
Dispatched events
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
For a dispatched event, it is the client's responsibility to ensure that the
|
||||
handling finishes in finite time and notify the dispatcher through
|
||||
``SDEI_EVENT_COMPLETE`` or ``SDEI_EVENT_COMPLETE_AND_RESUME``. If the client
|
||||
fails to complete the event handling, it might result in ``UNPREDICTABLE`` behavior
|
||||
in the client and potentially end up in unusable PE.
|
||||
|
||||
*Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. rubric:: Footnotes
|
||||
|
||||
.. [#std-event] Except event 0, which is defined by the SDEI specification as a
|
||||
standard event.
|
||||
|
||||
.. [#critical-event] Examples of critical events are *SError*, *Synchronous
|
||||
External Abort*, *Fault Handling interrupt* or *Error
|
||||
Recovery interrupt* from one of RAS nodes in the system.
|
||||
|
||||
.. _SDEI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _Software Delegated Exception Interface: `SDEI specification`_
|
||||
@@ -0,0 +1,827 @@
|
||||
Secure Partition Manager (MM)
|
||||
*****************************
|
||||
|
||||
Foreword
|
||||
========
|
||||
|
||||
This document describes the implementation where the Secure Partition Manager
|
||||
resides at EL3 and management services run from isolated Secure Partitions at
|
||||
S-EL0. The communication protocol is established through the Management Mode
|
||||
(MM) interface.
|
||||
|
||||
Background
|
||||
==========
|
||||
|
||||
In some market segments that primarily deal with client-side devices like mobile
|
||||
phones, tablets, STBs and embedded devices, a Trusted OS instantiates trusted
|
||||
applications to provide security services like DRM, secure payment and
|
||||
authentication. The Global Platform TEE Client API specification defines the API
|
||||
used by Non-secure world applications to access these services. A Trusted OS
|
||||
fulfils the requirements of a security service as described above.
|
||||
|
||||
Management services are typically implemented at the highest level of privilege
|
||||
in the system, i.e. EL3 in Trusted Firmware-A (TF-A). The service requirements are
|
||||
fulfilled by the execution environment provided by TF-A.
|
||||
|
||||
The following diagram illustrates the corresponding software stack:
|
||||
|
||||
|Image 1|
|
||||
|
||||
In other market segments that primarily deal with server-side devices (e.g. data
|
||||
centres and enterprise servers) the secure software stack typically does not
|
||||
include a Global Platform Trusted OS. Security functions are accessed through
|
||||
other interfaces (e.g. ACPI TCG TPM interface, UEFI runtime variable service).
|
||||
|
||||
Placement of management and security functions with diverse requirements in a
|
||||
privileged Exception Level (i.e. EL3 or S-EL1) makes security auditing of
|
||||
firmware more difficult and does not allow isolation of unrelated services from
|
||||
each other either.
|
||||
|
||||
Introduction
|
||||
============
|
||||
|
||||
A **Secure Partition** is a software execution environment instantiated in
|
||||
S-EL0 that can be used to implement simple management and security services.
|
||||
Since S-EL0 is an unprivileged Exception Level, a Secure Partition relies on
|
||||
privileged firmware (i.e. TF-A) to be granted access to system and processor
|
||||
resources. Essentially, it is a software sandbox in the Secure world that runs
|
||||
under the control of privileged software, provides one or more services and
|
||||
accesses the following system resources:
|
||||
|
||||
- Memory and device regions in the system address map.
|
||||
|
||||
- PE system registers.
|
||||
|
||||
- A range of synchronous exceptions (e.g. SMC function identifiers).
|
||||
|
||||
Note that currently TF-A only supports handling one Secure Partition.
|
||||
|
||||
A Secure Partition enables TF-A to implement only the essential secure
|
||||
services in EL3 and instantiate the rest in a partition in S-EL0.
|
||||
Furthermore, multiple Secure Partitions can be used to isolate unrelated
|
||||
services from each other.
|
||||
|
||||
The following diagram illustrates the place of a Secure Partition in a typical
|
||||
Armv8-A software stack. A single or multiple Secure Partitions provide secure
|
||||
services to software components in the Non-secure world and other Secure
|
||||
Partitions.
|
||||
|
||||
|Image 2|
|
||||
|
||||
The TF-A build system is responsible for including the Secure Partition image
|
||||
in the FIP. During boot, BL2 includes support to authenticate and load the
|
||||
Secure Partition image. A BL31 component called **Secure Partition Manager
|
||||
(SPM)** is responsible for managing the partition. This is semantically
|
||||
similar to a hypervisor managing a virtual machine.
|
||||
|
||||
The SPM is responsible for the following actions during boot:
|
||||
|
||||
- Allocate resources requested by the Secure Partition.
|
||||
|
||||
- Perform architectural and system setup required by the Secure Partition to
|
||||
fulfil a service request.
|
||||
|
||||
- Implement a standard interface that is used for initialising a Secure
|
||||
Partition.
|
||||
|
||||
The SPM is responsible for the following actions during runtime:
|
||||
|
||||
- Implement a standard interface that is used by a Secure Partition to fulfil
|
||||
service requests.
|
||||
|
||||
- Implement a standard interface that is used by the Non-secure world for
|
||||
accessing the services exported by a Secure Partition. A service can be
|
||||
invoked through a SMC.
|
||||
|
||||
Alternatively, a partition can be viewed as a thread of execution running under
|
||||
the control of the SPM. Hence common programming concepts described below are
|
||||
applicable to a partition.
|
||||
|
||||
Description
|
||||
===========
|
||||
|
||||
The previous section introduced some general aspects of the software
|
||||
architecture of a Secure Partition. This section describes the specific choices
|
||||
made in the current implementation of this software architecture. Subsequent
|
||||
revisions of the implementation will include a richer set of features that
|
||||
enable a more flexible architecture.
|
||||
|
||||
Building TF-A with Secure Partition support
|
||||
-------------------------------------------
|
||||
|
||||
SPM is supported on the Arm FVP exclusively at the moment. The current
|
||||
implementation supports inclusion of only a single Secure Partition in which a
|
||||
service always runs to completion (e.g. the requested services cannot be
|
||||
preempted to give control back to the Normal world).
|
||||
|
||||
It is not currently possible for BL31 to integrate SPM support and a Secure
|
||||
Payload Dispatcher (SPD) at the same time; they are mutually exclusive. In the
|
||||
SPM bootflow, a Secure Partition image executing at S-EL0 replaces the Secure
|
||||
Payload image executing at S-EL1 (e.g. a Trusted OS). Both are referred to as
|
||||
BL32.
|
||||
|
||||
A working prototype of a SP has been implemented by re-purposing the EDK2 code
|
||||
and tools, leveraging the concept of the *Standalone Management Mode (MM)* in
|
||||
the UEFI specification (see the PI v1.6 Volume 4: Management Mode Core
|
||||
Interface). This will be referred to as the *Standalone MM Secure Partition* in
|
||||
the rest of this document.
|
||||
|
||||
To enable SPM support in TF-A, the source code must be compiled with the build
|
||||
flag ``SPM_MM=1``, along with ``EL3_EXCEPTION_HANDLING=1`` and ``ENABLE_SVE_FOR_NS=0``.
|
||||
On Arm platforms the build option ``ARM_BL31_IN_DRAM`` must be set to 1. Also, the
|
||||
location of the binary that contains the BL32 image
|
||||
(``BL32=path/to/image.bin``) must be specified.
|
||||
|
||||
First, build the Standalone MM Secure Partition. To build it, refer to the
|
||||
`instructions in the EDK2 repository`_.
|
||||
|
||||
Then build TF-A with SPM support and include the Standalone MM Secure Partition
|
||||
image in the FIP:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
BL32=path/to/standalone/mm/sp BL33=path/to/bl33.bin \
|
||||
make PLAT=fvp SPM_MM=1 EL3_EXCEPTION_HANDLING=1 ENABLE_SVE_FOR_NS=0 ARM_BL31_IN_DRAM=1 all fip
|
||||
|
||||
Describing Secure Partition resources
|
||||
-------------------------------------
|
||||
|
||||
TF-A exports a porting interface that enables a platform to specify the system
|
||||
resources required by the Secure Partition. Some instructions are given below.
|
||||
However, this interface is under development and it may change as new features
|
||||
are implemented.
|
||||
|
||||
- A Secure Partition is considered a BL32 image, so the same defines that apply
|
||||
to BL32 images apply to a Secure Partition: ``BL32_BASE`` and ``BL32_LIMIT``.
|
||||
|
||||
- The following defines are needed to allocate space for the translation tables
|
||||
used by the Secure Partition: ``PLAT_SP_IMAGE_MMAP_REGIONS`` and
|
||||
``PLAT_SP_IMAGE_MAX_XLAT_TABLES``.
|
||||
|
||||
- The functions ``plat_get_secure_partition_mmap()`` and
|
||||
``plat_get_secure_partition_boot_info()`` have to be implemented. The file
|
||||
``plat/arm/board/fvp/fvp_common.c`` can be used as an example. It uses the
|
||||
defines in ``include/plat/arm/common/arm_spm_def.h``.
|
||||
|
||||
- ``plat_get_secure_partition_mmap()`` returns an array of mmap regions that
|
||||
describe the memory regions that the SPM needs to allocate for a Secure
|
||||
Partition.
|
||||
|
||||
- ``plat_get_secure_partition_boot_info()`` returns a
|
||||
``spm_mm_boot_info_t`` struct that is populated by the platform
|
||||
with information about the memory map of the Secure Partition.
|
||||
|
||||
For an example of all the changes in context, you may refer to commit
|
||||
``e29efeb1b4``, in which the port for FVP was introduced.
|
||||
|
||||
Accessing Secure Partition services
|
||||
-----------------------------------
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) describes SMCs as a conduit for
|
||||
accessing services implemented in the Secure world. The ``MM_COMMUNICATE``
|
||||
interface defined in the `Management Mode Interface Specification`_ (*Arm DEN
|
||||
0060A*) is used to invoke a Secure Partition service as a Fast Call.
|
||||
|
||||
The mechanism used to identify a service within the partition depends on the
|
||||
service implementation. It is assumed that the caller of the service will be
|
||||
able to discover this mechanism through standard platform discovery mechanisms
|
||||
like ACPI and Device Trees. For example, *Volume 4: Platform Initialisation
|
||||
Specification v1.6. Management Mode Core Interface* specifies that a GUID is
|
||||
used to identify a management mode service. A client populates the GUID in the
|
||||
``EFI_MM_COMMUNICATE_HEADER``. The header is populated in the communication
|
||||
buffer shared with the Secure Partition.
|
||||
|
||||
A Fast Call appears to be atomic from the perspective of the caller and returns
|
||||
when the requested operation has completed. A service invoked through the
|
||||
``MM_COMMUNICATE`` SMC will run to completion in the partition on a given CPU.
|
||||
The SPM is responsible for guaranteeing this behaviour. This means that there
|
||||
can only be a single outstanding Fast Call in a partition on a given CPU.
|
||||
|
||||
Exchanging data with the Secure Partition
|
||||
-----------------------------------------
|
||||
|
||||
The exchange of data between the Non-secure world and the partition takes place
|
||||
through a shared memory region. The location of data in the shared memory area
|
||||
is passed as a parameter to the ``MM_COMMUNICATE`` SMC. The shared memory area
|
||||
is statically allocated by the SPM and is expected to be either implicitly known
|
||||
to the Non-secure world or discovered through a platform discovery mechanism
|
||||
e.g. ACPI table or device tree. It is possible for the Non-secure world to
|
||||
exchange data with a partition only if it has been populated in this shared
|
||||
memory area. The shared memory area is implemented as per the guidelines
|
||||
specified in Section 3.2.3 of the `Management Mode Interface Specification`_
|
||||
(*Arm DEN 0060A*).
|
||||
|
||||
The format of data structures used to encapsulate data in the shared memory is
|
||||
agreed between the Non-secure world and the Secure Partition. For example, in
|
||||
the `Management Mode Interface specification`_ (*Arm DEN 0060A*), Section 4
|
||||
describes that the communication buffer shared between the Non-secure world and
|
||||
the Management Mode (MM) in the Secure world must be of the type
|
||||
``EFI_MM_COMMUNICATE_HEADER``. This data structure is defined in *Volume 4:
|
||||
Platform Initialisation Specification v1.6. Management Mode Core Interface*.
|
||||
Any caller of a MM service will have to use the ``EFI_MM_COMMUNICATE_HEADER``
|
||||
data structure.
|
||||
|
||||
Runtime model of the Secure Partition
|
||||
=====================================
|
||||
|
||||
This section describes how the Secure Partition interfaces with the SPM.
|
||||
|
||||
Interface with SPM
|
||||
------------------
|
||||
|
||||
In order to instantiate one or more secure services in the Secure Partition in
|
||||
S-EL0, the SPM should define the following types of interfaces:
|
||||
|
||||
- Interfaces that enable access to privileged operations from S-EL0. These
|
||||
operations typically require access to system resources that are either shared
|
||||
amongst multiple software components in the Secure world or cannot be directly
|
||||
accessed from an unprivileged Exception Level.
|
||||
|
||||
- Interfaces that establish the control path between the SPM and the Secure
|
||||
Partition.
|
||||
|
||||
This section describes the APIs currently exported by the SPM that enable a
|
||||
Secure Partition to initialise itself and export its services in S-EL0. These
|
||||
interfaces are not accessible from the Non-secure world.
|
||||
|
||||
Conduit
|
||||
^^^^^^^
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) specification describes the SMC
|
||||
and HVC conduits for accessing firmware services and their availability
|
||||
depending on the implemented Exception levels. In S-EL0, the Supervisor Call
|
||||
exception (SVC) is the only architectural mechanism available for unprivileged
|
||||
software to make a request for an operation implemented in privileged software.
|
||||
Hence, the SVC conduit must be used by the Secure Partition to access interfaces
|
||||
implemented by the SPM.
|
||||
|
||||
A SVC causes an exception to be taken to S-EL1. TF-A assumes ownership of S-EL1
|
||||
and installs a simple exception vector table in S-EL1 that relays a SVC request
|
||||
from a Secure Partition as a SMC request to the SPM in EL3. Upon servicing the
|
||||
SMC request, Trusted Firmware-A returns control directly to S-EL0 through an
|
||||
ERET instruction.
|
||||
|
||||
Calling conventions
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) specification describes the
|
||||
32-bit and 64-bit calling conventions for the SMC and HVC conduits. The SVC
|
||||
conduit introduces the concept of SVC32 and SVC64 calling conventions. The SVC32
|
||||
and SVC64 calling conventions are equivalent to the 32-bit (SMC32) and the
|
||||
64-bit (SMC64) calling conventions respectively.
|
||||
|
||||
Communication initiated by SPM
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
A service request is initiated from the SPM through an exception return
|
||||
instruction (ERET) to S-EL0. Later, the Secure Partition issues an SVC
|
||||
instruction to signal completion of the request. Some example use cases are
|
||||
given below:
|
||||
|
||||
- A request to initialise the Secure Partition during system boot.
|
||||
|
||||
- A request to handle a runtime service request.
|
||||
|
||||
Communication initiated by Secure Partition
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
A request is initiated from the Secure Partition by executing a SVC instruction.
|
||||
An ERET instruction is used by TF-A to return to S-EL0 with the result of the
|
||||
request.
|
||||
|
||||
For instance, a request to perform privileged operations on behalf of a
|
||||
partition (e.g. management of memory attributes in the translation tables for
|
||||
the Secure EL1&0 translation regime).
|
||||
|
||||
Interfaces
|
||||
^^^^^^^^^^
|
||||
|
||||
The current implementation reserves function IDs for Fast Calls in the Standard
|
||||
Secure Service calls range (see `SMC Calling Convention`_ (*Arm DEN 0028B*)
|
||||
specification) for each API exported by the SPM. This section defines the
|
||||
function prototypes for each function ID. The function IDs specify whether one
|
||||
or both of the SVC32 and SVC64 calling conventions can be used to invoke the
|
||||
corresponding interface.
|
||||
|
||||
Secure Partition Event Management
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The Secure Partition provides an Event Management interface that is used by the
|
||||
SPM to delegate service requests to the Secure Partition. The interface also
|
||||
allows the Secure Partition to:
|
||||
|
||||
- Register with the SPM a service that it provides.
|
||||
- Indicate completion of a service request delegated by the SPM
|
||||
|
||||
Miscellaneous interfaces
|
||||
------------------------
|
||||
|
||||
``SPM_MM_VERSION_AARCH32``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Returns the version of the interface exported by SPM.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC32 Version: **0x84000060**
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Status
|
||||
|
||||
On success, the format of the value is as follows:
|
||||
|
||||
- Bit [31]: Must be 0
|
||||
- Bits [30:16]: Major Version. Must be 0 for this revision of the SPM
|
||||
interface.
|
||||
- Bits [15:0]: Minor Version. Must be 1 for this revision of the SPM
|
||||
interface.
|
||||
|
||||
On error, the format of the value is as follows:
|
||||
|
||||
- ``NOT_SUPPORTED``: SPM interface is not supported or not available for the
|
||||
client.
|
||||
|
||||
- Usage
|
||||
|
||||
This function returns the version of the Secure Partition Manager
|
||||
implementation. The major version is 0 and the minor version is 1. The version
|
||||
number is a 31-bit unsigned integer, with the upper 15 bits denoting the major
|
||||
revision, and the lower 16 bits denoting the minor revision. The following
|
||||
rules apply to the version numbering:
|
||||
|
||||
- Different major revision values indicate possibly incompatible functions.
|
||||
|
||||
- For two revisions, A and B, for which the major revision values are
|
||||
identical, if the minor revision value of revision B is greater than the
|
||||
minor revision value of revision A, then every function in revision A must
|
||||
work in a compatible way with revision B. However, it is possible for
|
||||
revision B to have a higher function count than revision A.
|
||||
|
||||
- Implementation responsibilities
|
||||
|
||||
If this function returns a valid version number, all the functions that are
|
||||
described subsequently must be implemented, unless it is explicitly stated
|
||||
that a function is optional.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
Secure Partition Initialisation
|
||||
-------------------------------
|
||||
|
||||
The SPM is responsible for initialising the architectural execution context to
|
||||
enable initialisation of a service in S-EL0. The responsibilities of the SPM are
|
||||
listed below. At the end of initialisation, the partition issues a
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64`` call (described later) to signal readiness for
|
||||
handling requests for services implemented by the Secure Partition. The
|
||||
initialisation event is executed as a Fast Call.
|
||||
|
||||
Entry point invocation
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The entry point for service requests that should be handled as Fast Calls is
|
||||
used as the target of the ERET instruction to start initialisation of the Secure
|
||||
Partition.
|
||||
|
||||
Architectural Setup
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
At cold boot, system registers accessible from S-EL0 will be in their reset
|
||||
state unless otherwise specified. The SPM will perform the following
|
||||
architectural setup to enable execution in S-EL0
|
||||
|
||||
MMU setup
|
||||
^^^^^^^^^
|
||||
|
||||
The platform port of a Secure Partition specifies to the SPM a list of regions
|
||||
that it needs access to and their attributes. The SPM validates this resource
|
||||
description and initialises the Secure EL1&0 translation regime as follows.
|
||||
|
||||
1. Device regions are mapped with nGnRE attributes and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
2. Code memory regions are mapped with RO data and Executable instruction access
|
||||
permissions.
|
||||
|
||||
3. Read Only data memory regions are mapped with RO data and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
4. Read Write data memory regions are mapped with RW data and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
5. If the resource description does not explicitly describe the type of memory
|
||||
regions then all memory regions will be marked with Code memory region
|
||||
attributes.
|
||||
|
||||
6. The ``UXN`` and ``PXN`` bits are set for regions that are not executable by
|
||||
S-EL0 or S-EL1.
|
||||
|
||||
System Register Setup
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
System registers that influence software execution in S-EL0 are setup by the SPM
|
||||
as follows:
|
||||
|
||||
1. ``SCTLR_EL1``
|
||||
|
||||
- ``UCI=1``
|
||||
- ``EOE=0``
|
||||
- ``WXN=1``
|
||||
- ``nTWE=1``
|
||||
- ``nTWI=1``
|
||||
- ``UCT=1``
|
||||
- ``DZE=1``
|
||||
- ``I=1``
|
||||
- ``UMA=0``
|
||||
- ``SA0=1``
|
||||
- ``C=1``
|
||||
- ``A=1``
|
||||
- ``M=1``
|
||||
|
||||
2. ``CPACR_EL1``
|
||||
|
||||
- ``FPEN=b'11``
|
||||
|
||||
3. ``PSTATE``
|
||||
|
||||
- ``D,A,I,F=1``
|
||||
- ``CurrentEL=0`` (EL0)
|
||||
- ``SpSel=0`` (Thread mode)
|
||||
- ``NRW=0`` (AArch64)
|
||||
|
||||
General Purpose Register Setup
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
SPM will invoke the entry point of a service by executing an ERET instruction.
|
||||
This transition into S-EL0 is special since it is not in response to a previous
|
||||
request through a SVC instruction. This is the first entry into S-EL0. The
|
||||
general purpose register usage at the time of entry will be as specified in the
|
||||
"Return State" column of Table 3-1 in Section 3.1 "Register use in AArch64 SMC
|
||||
calls" of the `SMC Calling Convention`_ (*Arm DEN 0028B*) specification. In
|
||||
addition, certain other restrictions will be applied as described below.
|
||||
|
||||
1. ``SP_EL0``
|
||||
|
||||
A non-zero value will indicate that the SPM has initialised the stack pointer
|
||||
for the current CPU.
|
||||
|
||||
The value will be 0 otherwise.
|
||||
|
||||
2. ``X4-X30``
|
||||
|
||||
The values of these registers will be 0.
|
||||
|
||||
3. ``X0-X3``
|
||||
|
||||
Parameters passed by the SPM.
|
||||
|
||||
- ``X0``: Virtual address of a buffer shared between EL3 and S-EL0. The
|
||||
buffer will be mapped in the Secure EL1&0 translation regime with read-only
|
||||
memory attributes described earlier.
|
||||
|
||||
- ``X1``: Size of the buffer in bytes.
|
||||
|
||||
- ``X2``: Cookie value (*IMPLEMENTATION DEFINED*).
|
||||
|
||||
- ``X3``: Cookie value (*IMPLEMENTATION DEFINED*).
|
||||
|
||||
Runtime Event Delegation
|
||||
------------------------
|
||||
|
||||
The SPM receives requests for Secure Partition services through a synchronous
|
||||
invocation (i.e. a SMC from the Non-secure world). These requests are delegated
|
||||
to the partition by programming a return from the last
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64`` call received from the partition. The last call
|
||||
was made to signal either completion of Secure Partition initialisation or
|
||||
completion of a partition service request.
|
||||
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Signal completion of the last SP service request.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000061**
|
||||
|
||||
- **int32** - Event Status Code
|
||||
|
||||
Zero or a positive value indicates that the event was handled successfully.
|
||||
The values depend upon the original event that was delegated to the Secure
|
||||
partition. They are described as follows.
|
||||
|
||||
- ``SUCCESS`` : Used to indicate that the Secure Partition was initialised
|
||||
or a runtime request was handled successfully.
|
||||
|
||||
- Any other value greater than 0 is used to pass a specific Event Status
|
||||
code in response to a runtime event.
|
||||
|
||||
A negative value indicates an error. The values of Event Status code depend
|
||||
on the original event.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Event ID/Return Code
|
||||
|
||||
Zero or a positive value specifies the unique ID of the event being
|
||||
delegated to the partition by the SPM.
|
||||
|
||||
In the current implementation, this parameter contains the function ID of
|
||||
the ``MM_COMMUNICATE`` SMC. This value indicates to the partition that an
|
||||
event has been delegated to it in response to an ``MM_COMMUNICATE`` request
|
||||
from the Non-secure world.
|
||||
|
||||
A negative value indicates an error. The format of the value is as follows:
|
||||
|
||||
- ``NOT_SUPPORTED``: Function was called from the Non-secure world.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- **uint32** - Event Context Address
|
||||
|
||||
Address of a buffer shared between the SPM and Secure Partition to pass
|
||||
event specific information. The format of the data populated in the buffer
|
||||
is implementation defined.
|
||||
|
||||
The buffer is mapped in the Secure EL1&0 translation regime with read-only
|
||||
memory attributes described earlier.
|
||||
|
||||
For the SVC64 version, this parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
For the SVC32 version, this parameter is a 32-bit Virtual Address (VA).
|
||||
|
||||
- **uint32** - Event context size
|
||||
|
||||
Size of the memory starting at Event Address.
|
||||
|
||||
- **uint32/uint64** - Event Cookie
|
||||
|
||||
This is an optional parameter. If unused its value is SBZ.
|
||||
|
||||
- Usage
|
||||
|
||||
This function signals to the SPM that the handling of the last event delegated
|
||||
to a partition has completed. The partition is ready to handle its next event.
|
||||
A return from this function is in response to the next event that will be
|
||||
delegated to the partition. The return parameters describe the next event.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
A Secure Partition must only call ``MM_SP_EVENT_COMPLETE_AARCH64`` to signal
|
||||
completion of a request that was delegated to it by the SPM.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
When the SPM receives this call from a Secure Partition, the corresponding
|
||||
syndrome information can be used to return control through an ERET
|
||||
instruction, to the instruction immediately after the call in the Secure
|
||||
Partition context. This syndrome information comprises of general purpose and
|
||||
system register values when the call was made.
|
||||
|
||||
The SPM must save this syndrome information and use it to delegate the next
|
||||
event to the Secure Partition. The return parameters of this interface must
|
||||
specify the properties of the event and be populated in ``X0-X3/W0-W3``
|
||||
registers.
|
||||
|
||||
Secure Partition Memory Management
|
||||
----------------------------------
|
||||
|
||||
A Secure Partition executes at S-EL0, which is an unprivileged Exception Level.
|
||||
The SPM is responsible for enabling access to regions of memory in the system
|
||||
address map from a Secure Partition. This is done by mapping these regions in
|
||||
the Secure EL1&0 Translation regime with appropriate memory attributes.
|
||||
Attributes refer to memory type, permission, cacheability and shareability
|
||||
attributes used in the Translation tables. The definitions of these attributes
|
||||
and their usage can be found in the `Armv8-A ARM`_ (*Arm DDI 0487*).
|
||||
|
||||
All memory required by the Secure Partition is allocated upfront in the SPM,
|
||||
even before handing over to the Secure Partition for the first time. The initial
|
||||
access permissions of the memory regions are statically provided by the platform
|
||||
port and should allow the Secure Partition to run its initialisation code.
|
||||
|
||||
However, they might not suit the final needs of the Secure Partition because its
|
||||
final memory layout might not be known until the Secure Partition initialises
|
||||
itself. As the Secure Partition initialises its runtime environment it might,
|
||||
for example, load dynamically some modules. For instance, a Secure Partition
|
||||
could implement a loader for a standard executable file format (e.g. an PE-COFF
|
||||
loader for loading executable files at runtime). These executable files will be
|
||||
a part of the Secure Partition image. The location of various sections in an
|
||||
executable file and their permission attributes (e.g. read-write data, read-only
|
||||
data and code) will be known only when the file is loaded into memory.
|
||||
|
||||
In this case, the Secure Partition needs a way to change the access permissions
|
||||
of its memory regions. The SPM provides this feature through the
|
||||
``MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64`` SVC interface. This interface is
|
||||
available to the Secure Partition during a specific time window: from the first
|
||||
entry into the Secure Partition up to the first ``SP_EVENT_COMPLETE`` call that
|
||||
signals the Secure Partition has finished its initialisation. Once the
|
||||
initialisation is complete, the SPM does not allow changes to the memory
|
||||
attributes.
|
||||
|
||||
This section describes the standard SVC interface that is implemented by the SPM
|
||||
to determine and change permission attributes of memory regions that belong to a
|
||||
Secure Partition.
|
||||
|
||||
``MM_SP_MEMORY_ATTRIBUTES_GET_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Request the permission attributes of a memory region from S-EL0.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000064**
|
||||
|
||||
- **uint64** Base Address
|
||||
|
||||
This parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
There are no alignment restrictions on the Base Address. The permission
|
||||
attributes of the translation granule it lies in are returned.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Memory Attributes/Return Code
|
||||
|
||||
On success the format of the Return Code is as follows:
|
||||
|
||||
- Bits[1:0] : Data access permission
|
||||
|
||||
- b'00 : No access
|
||||
- b'01 : Read-Write access
|
||||
- b'10 : Reserved
|
||||
- b'11 : Read-only access
|
||||
|
||||
- Bit[2]: Instruction access permission
|
||||
|
||||
- b'0 : Executable
|
||||
- b'1 : Non-executable
|
||||
|
||||
- Bit[30:3] : Reserved. SBZ.
|
||||
|
||||
- Bit[31] : Must be 0
|
||||
|
||||
On failure the following error codes are returned:
|
||||
|
||||
- ``INVALID_PARAMETERS``: The Secure Partition is not allowed to access the
|
||||
memory region the Base Address lies in.
|
||||
|
||||
- ``NOT_SUPPORTED`` : The SPM does not support retrieval of attributes of
|
||||
any memory page that is accessible by the Secure Partition, or the
|
||||
function was called from the Non-secure world. Also returned if it is
|
||||
used after ``MM_SP_EVENT_COMPLETE_AARCH64``.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- Usage
|
||||
|
||||
This function is used to request the permission attributes for S-EL0 on a
|
||||
memory region accessible from a Secure Partition. The size of the memory
|
||||
region is equal to the Translation Granule size used in the Secure EL1&0
|
||||
translation regime. Requests to retrieve other memory region attributes are
|
||||
not currently supported.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
The caller must obtain the Translation Granule Size of the Secure EL1&0
|
||||
translation regime from the SPM through an implementation defined method.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
The SPM must not return the memory access controls for a page of memory that
|
||||
is not accessible from a Secure Partition.
|
||||
|
||||
``MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Set the permission attributes of a memory region from S-EL0.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000065**
|
||||
|
||||
- **uint64** - Base Address
|
||||
|
||||
This parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
The alignment of the Base Address must be greater than or equal to the size
|
||||
of the Translation Granule Size used in the Secure EL1&0 translation
|
||||
regime.
|
||||
|
||||
- **uint32** - Page count
|
||||
|
||||
Number of pages starting from the Base Address whose memory attributes
|
||||
should be changed. The page size is equal to the Translation Granule Size.
|
||||
|
||||
- **uint32** - Memory Access Controls
|
||||
|
||||
- Bits[1:0] : Data access permission
|
||||
|
||||
- b'00 : No access
|
||||
- b'01 : Read-Write access
|
||||
- b'10 : Reserved
|
||||
- b'11 : Read-only access
|
||||
|
||||
- Bit[2] : Instruction access permission
|
||||
|
||||
- b'0 : Executable
|
||||
- b'1 : Non-executable
|
||||
|
||||
- Bits[31:3] : Reserved. SBZ.
|
||||
|
||||
A combination of attributes that mark the region with RW and Executable
|
||||
permissions is prohibited. A request to mark a device memory region with
|
||||
Executable permissions is prohibited.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Return Code
|
||||
|
||||
- ``SUCCESS``: The Memory Access Controls were changed successfully.
|
||||
|
||||
- ``DENIED``: The SPM is servicing a request to change the attributes of a
|
||||
memory region that overlaps with the region specified in this request.
|
||||
|
||||
- ``INVALID_PARAMETER``: An invalid combination of Memory Access Controls
|
||||
has been specified. The Base Address is not correctly aligned. The Secure
|
||||
Partition is not allowed to access part or all of the memory region
|
||||
specified in the call.
|
||||
|
||||
- ``NO_MEMORY``: The SPM does not have memory resources to change the
|
||||
attributes of the memory region in the translation tables.
|
||||
|
||||
- ``NOT_SUPPORTED``: The SPM does not permit change of attributes of any
|
||||
memory region that is accessible by the Secure Partition. Function was
|
||||
called from the Non-secure world. Also returned if it is used after
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64``.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- Usage
|
||||
|
||||
This function is used to change the permission attributes for S-EL0 on a
|
||||
memory region accessible from a Secure Partition. The size of the memory
|
||||
region is equal to the Translation Granule size used in the Secure EL1&0
|
||||
translation regime. Requests to change other memory region attributes are not
|
||||
currently supported.
|
||||
|
||||
This function is only available at boot time. This interface is revoked after
|
||||
the Secure Partition sends the first ``MM_SP_EVENT_COMPLETE_AARCH64`` to
|
||||
signal that it is initialised and ready to receive run-time requests.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
The caller must obtain the Translation Granule Size of the Secure EL1&0
|
||||
translation regime from the SPM through an implementation defined method.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
The SPM must preserve the original memory access controls of the region of
|
||||
memory in case of an unsuccessful call. The SPM must preserve the consistency
|
||||
of the S-EL1 translation regime if this function is called on different PEs
|
||||
concurrently and the memory regions specified overlap.
|
||||
|
||||
Error Codes
|
||||
-----------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Value"
|
||||
|
||||
``SUCCESS``,0
|
||||
``NOT_SUPPORTED``,-1
|
||||
``INVALID_PARAMETER``,-2
|
||||
``DENIED``,-3
|
||||
``NO_MEMORY``,-5
|
||||
``NOT_PRESENT``,-7
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Armv8-A ARM: https://developer.arm.com/docs/ddi0487/latest/arm-architecture-reference-manual-armv8-for-armv8-a-architecture-profile
|
||||
.. _instructions in the EDK2 repository: https://github.com/tianocore/edk2-staging/blob/AArch64StandaloneMm/HowtoBuild.MD
|
||||
.. _Management Mode Interface Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0060a/DEN0060A_ARM_MM_Interface_Specification.pdf
|
||||
.. _SDEI Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
|
||||
.. |Image 1| image:: ../resources/diagrams/secure_sw_stack_tos.png
|
||||
.. |Image 2| image:: ../resources/diagrams/secure_sw_stack_sp.png
|
||||
@@ -0,0 +1,263 @@
|
||||
Secure Partition Manager
|
||||
************************
|
||||
|
||||
.. contents::
|
||||
|
||||
.. toctree::
|
||||
ffa-manifest-binding
|
||||
|
||||
Acronyms
|
||||
========
|
||||
|
||||
+--------+--------------------------------------+
|
||||
| DTS | Device Tree Source |
|
||||
+--------+--------------------------------------+
|
||||
| FF-A | Firmware Framework for Arm A-profile |
|
||||
+--------+--------------------------------------+
|
||||
| NWd | Normal World |
|
||||
+--------+--------------------------------------+
|
||||
| SP | Secure Partition |
|
||||
+--------+--------------------------------------+
|
||||
| SPD | Secure Payload Dispatcher |
|
||||
+--------+--------------------------------------+
|
||||
| SPM | Secure Partition Manager |
|
||||
+--------+--------------------------------------+
|
||||
| SPMC | SPM Core |
|
||||
+--------+--------------------------------------+
|
||||
| SPMD | SPM Dispatcher |
|
||||
+--------+--------------------------------------+
|
||||
| SWd | Secure World |
|
||||
+--------+--------------------------------------+
|
||||
|
||||
Foreword
|
||||
========
|
||||
|
||||
Three implementations of a Secure Partition Manager co-exist in the TF-A
|
||||
codebase:
|
||||
|
||||
#. S-EL2 SPMC based on the FF-A specification `[1]`_, enabling virtualization in
|
||||
the secure world, managing multiple S-EL1 or S-EL0 partitions `[5]`_.
|
||||
#. EL3 SPMC based on the FF-A specification, managing a single S-EL1 partition
|
||||
without virtualization in the secure world `[6]`_.
|
||||
#. EL3 SPM based on the MM specification, legacy implementation managing a
|
||||
single S-EL0 partition `[2]`_.
|
||||
|
||||
These implementations differ in their respective SW architecture and only one
|
||||
can be selected at build time.
|
||||
|
||||
Support for legacy platforms
|
||||
----------------------------
|
||||
|
||||
The SPM is split into a dispatcher and a core component (respectively SPMD and
|
||||
SPMC) residing at different exception levels. To permit the FF-A specification
|
||||
adoption and a smooth migration, the SPMD supports an SPMC residing either at
|
||||
S-EL1 or S-EL2:
|
||||
|
||||
- The SPMD is located at EL3 and mainly relays the FF-A protocol from NWd
|
||||
(Hypervisor or OS kernel) to the SPMC.
|
||||
- The same SPMD component is used for both S-EL1 and S-EL2 SPMC configurations.
|
||||
- The SPMC exception level is a build time choice.
|
||||
|
||||
TF-A supports both cases:
|
||||
|
||||
- S-EL1 SPMC for platforms not supporting the FEAT_SEL2 architecture
|
||||
extension. The SPMD relays the FF-A protocol from EL3 to S-EL1.
|
||||
- S-EL2 SPMC for platforms implementing the FEAT_SEL2 architecture
|
||||
extension. The SPMD relays the FF-A protocol from EL3 to S-EL2.
|
||||
|
||||
TF-A build options
|
||||
==================
|
||||
|
||||
This section explains the TF-A build options involved in building with
|
||||
support for an FF-A based SPM where the SPMD is located at EL3 and the
|
||||
SPMC located at S-EL1, S-EL2 or EL3:
|
||||
|
||||
- **SPD=spmd**: this option selects the SPMD component to relay the FF-A
|
||||
protocol from NWd to SWd back and forth. It is not possible to
|
||||
enable another Secure Payload Dispatcher when this option is chosen.
|
||||
- **SPMD_SPM_AT_SEL2**: this option adjusts the SPMC exception
|
||||
level to being at S-EL2. It defaults to enabled (value 1) when
|
||||
SPD=spmd is chosen.
|
||||
- **SPMC_AT_EL3**: this option adjusts the SPMC exception level to being
|
||||
at EL3. If neither ``SPMD_SPM_AT_SEL2`` or ``SPMC_AT_EL3`` are enabled the
|
||||
SPMC exception level is set to S-EL1.
|
||||
``SPMD_SPM_AT_SEL2`` is enabled. The context save/restore routine
|
||||
and exhaustive list of registers is visible at `[4]`_.
|
||||
- **SPMC_AT_EL3_SEL0_SP**: this option enables the support to load SEL0 SP
|
||||
when SPMC at EL3 support is enabled.
|
||||
- **SP_LAYOUT_FILE**: this option specifies a text description file
|
||||
providing paths to SP binary images and manifests in DTS format
|
||||
(see `[3]`_). It
|
||||
is required when ``SPMD_SPM_AT_SEL2`` is enabled hence when multiple
|
||||
secure partitions are to be loaded by BL2 on behalf of the SPMC.
|
||||
|
||||
+---------------+------------------+-------------+-------------------------+
|
||||
| | SPMD_SPM_AT_SEL2 | SPMC_AT_EL3 | CTX_INCLUDE_EL2_REGS(*) |
|
||||
+---------------+------------------+-------------+-------------------------+
|
||||
| SPMC at S-EL1 | 0 | 0 | 0 |
|
||||
+---------------+------------------+-------------+-------------------------+
|
||||
| SPMC at S-EL2 | 1 (default when | 0 | 1 |
|
||||
| | SPD=spmd) | | |
|
||||
+---------------+------------------+-------------+-------------------------+
|
||||
| SPMC at EL3 | 0 | 1 | 0 |
|
||||
+---------------+------------------+-------------+-------------------------+
|
||||
|
||||
Other combinations of such build options either break the build or are not
|
||||
supported.
|
||||
|
||||
Notes:
|
||||
|
||||
- Only Arm's FVP platform is supported to use with the TF-A reference software
|
||||
stack.
|
||||
- When ``SPMD_SPM_AT_SEL2=1``, the reference software stack assumes enablement
|
||||
of FEAT_PAuth, FEAT_BTI and FEAT_MTE2 architecture extensions.
|
||||
- ``(*) CTX_INCLUDE_EL2_REGS``, this flag is |TF-A| internal and informational
|
||||
in this table. When set, it provides the generic support for saving/restoring
|
||||
EL2 registers required when S-EL2 firmware is present.
|
||||
- BL32 option is re-purposed to specify the SPMC image. It can specify either
|
||||
the Hafnium binary path (built for the secure world) or the path to a TEE
|
||||
binary implementing FF-A interfaces.
|
||||
- BL33 option can specify the TFTF binary or a normal world loader
|
||||
such as U-Boot or the UEFI framework payload.
|
||||
|
||||
Sample TF-A build command line when the SPMC is located at S-EL1
|
||||
(e.g. when the FEAT_SEL2 architecture extension is not implemented):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
BL32=<path-to-tee-binary> \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
PLAT=fvp \
|
||||
all fip
|
||||
|
||||
Sample TF-A build command line when FEAT_SEL2 architecture extension is
|
||||
implemented and the SPMC is located at S-EL2:
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
SPD=spmd \
|
||||
ARM_ARCH_MINOR=5 \
|
||||
BRANCH_PROTECTION=1 \
|
||||
CTX_INCLUDE_PAUTH_REGS=1 \
|
||||
ENABLE_FEAT_MTE2=1 \
|
||||
BL32=<path-to-hafnium-binary> \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
SP_LAYOUT_FILE=sp_layout.json \
|
||||
all fip
|
||||
|
||||
Sample TF-A build command line when FEAT_SEL2 architecture extension is
|
||||
implemented, the SPMC is located at S-EL2, and enabling secure boot:
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
SPD=spmd \
|
||||
ARM_ARCH_MINOR=5 \
|
||||
BRANCH_PROTECTION=1 \
|
||||
CTX_INCLUDE_PAUTH_REGS=1 \
|
||||
ENABLE_FEAT_MTE2=1 \
|
||||
BL32=<path-to-hafnium-binary> \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
SP_LAYOUT_FILE=sp_layout.json \
|
||||
MBEDTLS_DIR=<path-to-mbedtls-lib> \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
COT=dualroot \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
GENERATE_COT=1 \
|
||||
all fip
|
||||
|
||||
Sample TF-A build command line when the SPMC is located at EL3:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
SPMC_AT_EL3=1 \
|
||||
BL32=<path-to-tee-binary> \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
PLAT=fvp \
|
||||
all fip
|
||||
|
||||
Sample TF-A build command line when the SPMC is located at EL3 and SEL0 SP is
|
||||
enabled:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
SPMC_AT_EL3=1 \
|
||||
SPMC_AT_EL3_SEL0_SP=1 \
|
||||
BL32=<path-to-tee-binary> \
|
||||
BL33=<path-to-bl33-binary> \
|
||||
PLAT=fvp \
|
||||
all fip
|
||||
|
||||
Boot process
|
||||
============
|
||||
|
||||
The boot process involving SPMC is highly dependent on the SPMC implementation.
|
||||
It is recommended to refer to corresponding SPMC documentation for further
|
||||
details. Some aspects of boot process are described here in the greater interest
|
||||
of the project.
|
||||
|
||||
SPMC boot
|
||||
---------
|
||||
|
||||
When SPMC resides at a lower EL i.e., S-EL1 or S-EL2, it is loaded by BL2 as the
|
||||
BL32 image. The SPMC manifest is loaded by BL2 as the ``TOS_FW_CONFIG`` image `[7]`_.
|
||||
|
||||
BL2 passes the SPMC manifest address to BL31 through a register. At boot time,
|
||||
the SPMD in BL31 runs from the primary core, initializes the core contexts and
|
||||
launches the SPMC (BL32) passing the following information through registers:
|
||||
|
||||
- X0 holds the ``TOS_FW_CONFIG`` physical address (or SPMC manifest blob).
|
||||
- X1 holds the ``HW_CONFIG`` physical address.
|
||||
- X4 holds the currently running core linear id.
|
||||
|
||||
|
||||
References
|
||||
==========
|
||||
|
||||
.. _[1]:
|
||||
|
||||
[1] `Arm Firmware Framework for Arm A-profile <https://developer.arm.com/docs/den0077/latest>`__
|
||||
|
||||
.. _[2]:
|
||||
|
||||
[2] :ref:`Secure Partition Manager using MM interface<Secure Partition Manager (MM)>`
|
||||
|
||||
.. _[3]:
|
||||
|
||||
[3] https://hafnium.readthedocs.io/en/latest/secure-partition-manager/secure-partition-manager.html#secure-partitions-layout-file
|
||||
|
||||
.. _[4]:
|
||||
|
||||
[4] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/lib/el3_runtime/aarch64/context.S#n45
|
||||
|
||||
.. _[5]:
|
||||
|
||||
[5] https://hafnium.readthedocs.io/en/latest/secure-partition-manager/index.html
|
||||
|
||||
.. _[6]:
|
||||
|
||||
[6] :ref:`EL3 Secure Partition Manager<EL3 Secure Partition Manager>`
|
||||
|
||||
.. _[7]:
|
||||
|
||||
[7] https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#dynamic-configuration-during-cold-boot
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
11
arm-trusted-firmware.t234/docs/components/spd/index.rst
Normal file
11
arm-trusted-firmware.t234/docs/components/spd/index.rst
Normal file
@@ -0,0 +1,11 @@
|
||||
Secure Payload Dispatcher (SPD)
|
||||
===============================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
optee-dispatcher
|
||||
tlk-dispatcher
|
||||
trusty-dispatcher
|
||||
pnc-dispatcher
|
||||
@@ -0,0 +1,31 @@
|
||||
OP-TEE Dispatcher
|
||||
=================
|
||||
|
||||
`OP-TEE OS`_ is a Trusted OS running as Secure EL1.
|
||||
|
||||
To build and execute OP-TEE follow the instructions at
|
||||
`OP-TEE build.git`_
|
||||
|
||||
There are two different modes for loading the OP-TEE OS. The default mode will
|
||||
load it as the BL32 payload during boot, and is the recommended technique for
|
||||
platforms to use. There is also another technique that will load OP-TEE OS after
|
||||
boot via an SMC call by enabling the option for OPTEE_ALLOW_SMC_LOAD that was
|
||||
specifically added for ChromeOS. Loading OP-TEE via an SMC call may be insecure
|
||||
depending upon the platform configuration. If using that option, be sure to
|
||||
understand the risks involved with allowing the Trusted OS to be loaded this
|
||||
way. ChromeOS uses a boot flow where it verifies the signature of the firmware
|
||||
before executing it, and then only if the signature is valid will the 'secrets'
|
||||
used by the TEE become accessible. The firmware then verifies the signature of
|
||||
the kernel using depthcharge, and the kernel verifies the rootfs using
|
||||
dm-verity. The SMC call to load OP-TEE is then invoked immediately after the
|
||||
kernel finishes loading and before any attack vectors can be opened up by
|
||||
mounting writable filesystems or opening network/device connections. this
|
||||
ensures the platform is 'closed' and running signed code through the point where
|
||||
OP-TEE is loaded.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _OP-TEE OS: https://github.com/OP-TEE/build
|
||||
.. _OP-TEE build.git: https://github.com/OP-TEE/build
|
||||
@@ -0,0 +1,10 @@
|
||||
ProvenCore Dispatcher
|
||||
=====================
|
||||
|
||||
ProvenCore dispatcher (PnC-D) adds support for ProvenRun's ProvenCore micro-kernel
|
||||
to work with Trusted Firmware-A (TF-A).
|
||||
|
||||
ProvenCore is a secure OS developed by ProvenRun S.A.S. using deductive formal methods.
|
||||
|
||||
Once a BL32 is ready, PnC-D can be included in the image by adding "SPD=pncd"
|
||||
to the build command.
|
||||
@@ -0,0 +1,76 @@
|
||||
Trusted Little Kernel (TLK) Dispatcher
|
||||
======================================
|
||||
|
||||
TLK dispatcher (TLK-D) adds support for NVIDIA's Trusted Little Kernel (TLK)
|
||||
to work with Trusted Firmware-A (TF-A). TLK-D can be compiled by including it
|
||||
in the platform's makefile. TLK is primarily meant to work with Tegra SoCs,
|
||||
so while TF-A only supports TLK on Tegra, the dispatcher code can only be
|
||||
compiled for other platforms.
|
||||
|
||||
In order to compile TLK-D, we need a BL32 image to be present. Since, TLKD
|
||||
just needs to compile, any BL32 image would do. To use TLK as the BL32, please
|
||||
refer to the "Build TLK" section.
|
||||
|
||||
Once a BL32 is ready, TLKD can be included in the image by adding "SPD=tlkd"
|
||||
to the build command.
|
||||
|
||||
Trusted Little Kernel (TLK)
|
||||
---------------------------
|
||||
|
||||
TLK is a Trusted OS running as Secure EL1. It is a Free Open Source Software
|
||||
(FOSS) release of the NVIDIA® Trusted Little Kernel (TLK) technology, which
|
||||
extends technology made available with the development of the Little Kernel (LK).
|
||||
You can download the LK modular embedded preemptive kernel for use on Arm,
|
||||
x86, and AVR32 systems from https://github.com/travisg/lk
|
||||
|
||||
NVIDIA implemented its Trusted Little Kernel (TLK) technology, designed as a
|
||||
free and open-source trusted execution environment (OTE).
|
||||
|
||||
TLK features include:
|
||||
|
||||
• Small, pre-emptive kernel
|
||||
• Supports multi-threading, IPCs, and thread scheduling
|
||||
• Added TrustZone features
|
||||
• Added Secure Storage
|
||||
• Under MIT/FreeBSD license
|
||||
|
||||
NVIDIA extensions to Little Kernel (LK) include:
|
||||
|
||||
• User mode
|
||||
• Address-space separation for TAs
|
||||
• TLK Client Application (CA) library
|
||||
• TLK TA library
|
||||
• Crypto library (encrypt/decrypt, key handling) via OpenSSL
|
||||
• Linux kernel driver
|
||||
• Cortex A9/A15 support
|
||||
• Power Management
|
||||
• TrustZone memory carve-out (reconfigurable)
|
||||
• Page table management
|
||||
• Debugging support over UART (USB planned)
|
||||
|
||||
TLK is hosted by NVIDIA on http://nv-tegra.nvidia.com under the
|
||||
3rdparty/ote\_partner/tlk.git repository. Detailed information about
|
||||
TLK and OTE can be found in the Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf
|
||||
manual located under the "documentation" directory\_.
|
||||
|
||||
Build TLK
|
||||
---------
|
||||
|
||||
To build and execute TLK, follow the instructions from "Building a TLK Device"
|
||||
section from Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf manual.
|
||||
|
||||
Input parameters to TLK
|
||||
-----------------------
|
||||
|
||||
TLK expects the TZDRAM size and a structure containing the boot arguments. BL2
|
||||
passes this information to the EL3 software as members of the bl32\_ep\_info
|
||||
struct, where bl32\_ep\_info is part of bl31\_params\_t (passed by BL2 in X0)
|
||||
|
||||
Example
|
||||
~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
bl32_ep_info->args.arg0 = TZDRAM size available for BL32
|
||||
bl32_ep_info->args.arg1 = unused (used only on Armv7-A)
|
||||
bl32_ep_info->args.arg2 = pointer to boot args
|
||||
@@ -0,0 +1,32 @@
|
||||
Trusty Dispatcher
|
||||
=================
|
||||
|
||||
Trusty is a a set of software components, supporting a Trusted Execution
|
||||
Environment (TEE) on mobile devices, published and maintained by Google.
|
||||
|
||||
Detailed information and build instructions can be found on the Android
|
||||
Open Source Project (AOSP) webpage for Trusty hosted at
|
||||
https://source.android.com/security/trusty
|
||||
|
||||
Boot parameters
|
||||
---------------
|
||||
|
||||
Custom boot parameters can be passed to Trusty by providing a platform
|
||||
specific function:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void plat_trusty_set_boot_args(aapcs64_params_t *args)
|
||||
|
||||
If this function is provided ``args->arg0`` must be set to the memory
|
||||
size allocated to trusty. If the platform does not provide this
|
||||
function, but defines ``TSP_SEC_MEM_SIZE``, a default implementation
|
||||
will pass the memory size from ``TSP_SEC_MEM_SIZE``. ``args->arg1``
|
||||
can be set to a platform specific parameter block, and ``args->arg2``
|
||||
should then be set to the size of that block.
|
||||
|
||||
Supported platforms
|
||||
-------------------
|
||||
|
||||
Out of all the platforms supported by Trusted Firmware-A, Trusty is only
|
||||
verified and supported by NVIDIA's Tegra SoCs.
|
||||
343
arm-trusted-firmware.t234/docs/components/ven-el3-debugfs.rst
Normal file
343
arm-trusted-firmware.t234/docs/components/ven-el3-debugfs.rst
Normal file
@@ -0,0 +1,343 @@
|
||||
DebugFS interface
|
||||
=================
|
||||
|
||||
The optional DebugFS interface is accessed through a Vendor specific EL3 service. Refer
|
||||
to the component documentation for details.
|
||||
|
||||
String parameters are passed through a shared buffer using a specific union:
|
||||
|
||||
.. code:: c
|
||||
|
||||
union debugfs_parms {
|
||||
struct {
|
||||
char fname[MAX_PATH_LEN];
|
||||
} open;
|
||||
|
||||
struct mount {
|
||||
char srv[MAX_PATH_LEN];
|
||||
char where[MAX_PATH_LEN];
|
||||
char spec[MAX_PATH_LEN];
|
||||
} mount;
|
||||
|
||||
struct {
|
||||
char path[MAX_PATH_LEN];
|
||||
dir_t dir;
|
||||
} stat;
|
||||
|
||||
struct {
|
||||
char oldpath[MAX_PATH_LEN];
|
||||
char newpath[MAX_PATH_LEN];
|
||||
} bind;
|
||||
};
|
||||
|
||||
Format of the dir_t structure as such:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct {
|
||||
char name[NAMELEN];
|
||||
long length;
|
||||
unsigned char mode;
|
||||
unsigned char index;
|
||||
unsigned char dev;
|
||||
qid_t qid;
|
||||
} dir_t;
|
||||
|
||||
|
||||
* Identifiers
|
||||
|
||||
======================== =============================================
|
||||
SMC_OK 0
|
||||
SMC_UNK -1
|
||||
DEBUGFS_E_INVALID_PARAMS -2
|
||||
======================== =============================================
|
||||
|
||||
======================== =============================================
|
||||
MOUNT 0
|
||||
CREATE 1
|
||||
OPEN 2
|
||||
CLOSE 3
|
||||
READ 4
|
||||
WRITE 5
|
||||
SEEK 6
|
||||
BIND 7
|
||||
STAT 8
|
||||
INIT 10
|
||||
VERSION 11
|
||||
======================== =============================================
|
||||
|
||||
MOUNT
|
||||
~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
This operation mounts a blob of data pointed to by path stored in `src`, at
|
||||
filesystem location pointed to by path stored in `where`, using driver pointed
|
||||
to by path in `spec`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``MOUNT``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if mount operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
OPEN
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
This operation opens the file path pointed to by `fname`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``OPEN``
|
||||
uint32_t mode
|
||||
======== ============================================================
|
||||
|
||||
mode can be one of:
|
||||
|
||||
.. code:: c
|
||||
|
||||
enum mode {
|
||||
O_READ = 1 << 0,
|
||||
O_WRITE = 1 << 1,
|
||||
O_RDWR = 1 << 2,
|
||||
O_BIND = 1 << 3,
|
||||
O_DIR = 1 << 4,
|
||||
O_STAT = 1 << 5
|
||||
};
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if open operation failed
|
||||
|
||||
uint32_t w1: file descriptor id on success.
|
||||
=============== ==========================================================
|
||||
|
||||
CLOSE
|
||||
~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
This operation closes a file described by a file descriptor obtained by a
|
||||
previous call to OPEN.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``CLOSE``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if close operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
READ
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
This operation reads a number of bytes from a file descriptor obtained by
|
||||
a previous call to OPEN.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``READ``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
uint32_t Number of bytes to read
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
On success, the read data is retrieved from the shared buffer after the
|
||||
operation.
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if read operation failed
|
||||
|
||||
uint32_t w1: number of bytes read on success.
|
||||
=============== ==========================================================
|
||||
|
||||
SEEK
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Move file pointer for file described by given `file descriptor` of given
|
||||
`offset` related to `whence`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``SEEK``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
sint32_t offset in the file relative to whence
|
||||
uint32_t whence
|
||||
======== ============================================================
|
||||
|
||||
whence can be one of:
|
||||
|
||||
========= ============================================================
|
||||
KSEEK_SET 0
|
||||
KSEEK_CUR 1
|
||||
KSEEK_END 2
|
||||
========= ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if seek operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
BIND
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Create a link from `oldpath` to `newpath`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``BIND``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if bind operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
STAT
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Perform a stat operation on provided file `name` and returns the directory
|
||||
entry statistics into `dir`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``STAT``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if stat operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
INIT
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
Initial call to setup the shared exchange buffer. Notice if successful once,
|
||||
subsequent calls fail after a first initialization. The caller maps the same
|
||||
page frame in its virtual space and uses this buffer to exchange string
|
||||
parameters with filesystem primitives.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``INIT``
|
||||
uint64_t Physical address of the shared buffer.
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ======================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if already initialized,
|
||||
or internal error occurred.
|
||||
=============== ======================================================
|
||||
|
||||
VERSION
|
||||
~~~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
Returns the debugfs interface version if implemented in TF-A.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x87000010 / 0xC7000010)
|
||||
uint32_t ``VERSION``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ======================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == SMC_UNK if interface is not implemented
|
||||
|
||||
uint32_t w1: On success, debugfs interface version, 32 bits
|
||||
value with major version number in upper 16 bits and
|
||||
minor version in lower 16 bits.
|
||||
=============== ======================================================
|
||||
|
||||
* CREATE(1) and WRITE (5) command identifiers are unimplemented and
|
||||
return `SMC_UNK`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,78 @@
|
||||
Vendor Specific EL3 Monitor Service Calls
|
||||
=========================================
|
||||
|
||||
This document enumerates and describes the Vendor Specific EL3 Monitor Service
|
||||
Calls.
|
||||
|
||||
These are Service Calls defined by the vendor of the EL3 Monitor.
|
||||
They are accessed via ``SMC`` ("SMC calls") instruction executed from Exception
|
||||
Levels below EL3. SMC calls for Vendor Specific EL3 Monitor Services:
|
||||
|
||||
- Follow `SMC Calling Convention`_;
|
||||
- Use SMC function IDs that fall in the vendor-specific EL3 range, which are
|
||||
|
||||
+---------------------------+--------------------------------------------------+
|
||||
| SMC Function Identifier | Service Type |
|
||||
+===========================+==================================================+
|
||||
| 0x87000000 - 0x8700FFFF | SMC32: Vendor Specific EL3 Monitor Service Calls |
|
||||
+---------------------------+--------------------------------------------------+
|
||||
| 0xC7000000 - 0xC700FFFF | SMC64: Vendor Specific EL3 Monitor Service Calls |
|
||||
+---------------------------+--------------------------------------------------+
|
||||
|
||||
Vendor-specific EL3 monitor services are as follows:
|
||||
|
||||
+-----------------------------------+-----------------------+---------------------------------------------+
|
||||
| SMC Function Identifier | Service Type | FID's Usage |
|
||||
+===================================+=======================+=============================================+
|
||||
| 0x87000010 - 0x8700001F (SMC32) | DebugFS Interface | | 0 - 11 are in use. |
|
||||
+-----------------------------------+ | | 12 - 15 are reserved for future expansion.|
|
||||
| 0xC7000010 - 0xC700001F (SMC64) | | |
|
||||
+-----------------------------------+-----------------------+---------------------------------------------+
|
||||
| 0x87000020 - 0x8700002F (SMC32) | Performance | | 0,1 is in use. |
|
||||
+-----------------------------------+ Measurement Framework | | 2 - 15 are reserved for future expansion. |
|
||||
| 0xC7000020 - 0xC700002F (SMC64) | (PMF) | |
|
||||
+-----------------------------------+-----------------------+---------------------------------------------+
|
||||
| 0x87000030 - 0x8700FFFF (SMC32) | Reserved | | reserved for future expansion |
|
||||
+-----------------------------------+ | |
|
||||
| 0xC7000030 - 0xC700FFFF (SMC64) | | |
|
||||
+-----------------------------------+-----------------------+---------------------------------------------+
|
||||
|
||||
Source definitions for vendor-specific EL3 Monitor Service Calls used by TF-A are located in
|
||||
the ``ven_el3_svc.h`` header file.
|
||||
|
||||
+----------------------------+----------------------------+--------------------------------+
|
||||
| VEN_EL3_SVC_VERSION_MAJOR | VEN_EL3_SVC_VERSION_MINOR | Changes |
|
||||
+============================+============================+================================+
|
||||
| 1 | 0 | Added Debugfs and PMF services.|
|
||||
+----------------------------+----------------------------+--------------------------------+
|
||||
|
||||
*Table 1: Showing different versions of Vendor-specific service and changes done with each version*
|
||||
|
||||
Each sub service will have its own version, one FID allocated for sub service version.
|
||||
|
||||
Some ground rules when one should update top level version.
|
||||
- VEN_EL3_SVC_VERSION_MAJOR is incremented when any of the sub service version discovery
|
||||
FID changes or the FID that was allocated for discovery changes. So any breaking subfeature
|
||||
discovery changes will lead to major version update.
|
||||
- VEN_EL3_SVC_VERSION_MINOR is incremented when we add a new FID or a new sub service.
|
||||
For example adding an new monitor service at 0x30, Debugfs starts at 0x10 and PMF
|
||||
starts at 0x20 next one will start at 0x30, this will need a update to minor version.
|
||||
|
||||
Performance Measurement Framework (PMF)
|
||||
---------------------------------------
|
||||
|
||||
The :ref:`Performance Measurement Framework <firmware_design_pmf>`
|
||||
allows callers to retrieve timestamps captured at various paths in TF-A
|
||||
execution.
|
||||
|
||||
DebugFS interface
|
||||
-----------------
|
||||
|
||||
The optional DebugFS interface is accessed through Vendor specific EL3 service. Refer
|
||||
to :ref:`DebugFS interface` documentation for further details and usage.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
@@ -0,0 +1,442 @@
|
||||
Translation (XLAT) Tables Library
|
||||
=================================
|
||||
|
||||
This document describes the design of the translation tables library (version 2)
|
||||
used by Trusted Firmware-A (TF-A). This library provides APIs to create page
|
||||
tables based on a description of the memory layout, as well as setting up system
|
||||
registers related to the Memory Management Unit (MMU) and performing the
|
||||
required Translation Lookaside Buffer (TLB) maintenance operations.
|
||||
|
||||
More specifically, some use cases that this library aims to support are:
|
||||
|
||||
#. Statically allocate translation tables and populate them (at run-time) based
|
||||
upon a description of the memory layout. The memory layout is typically
|
||||
provided by the platform port as a list of memory regions;
|
||||
|
||||
#. Support for generating translation tables pertaining to a different
|
||||
translation regime than the exception level the library code is executing at;
|
||||
|
||||
#. Support for dynamic mapping and unmapping of regions, even while the MMU is
|
||||
on. This can be used to temporarily map some memory regions and unmap them
|
||||
later on when no longer needed;
|
||||
|
||||
#. Support for non-identity virtual to physical mappings to compress the virtual
|
||||
address space;
|
||||
|
||||
#. Support for changing memory attributes of memory regions at run-time.
|
||||
|
||||
|
||||
About version 1, version 2 and MPU libraries
|
||||
--------------------------------------------
|
||||
|
||||
This document focuses on version 2 of the library, whose sources are available
|
||||
in the ``lib/xlat_tables_v2`` directory. Version 1 of the library can still be
|
||||
found in ``lib/xlat_tables`` directory but it is less flexible and doesn't
|
||||
support dynamic mapping. ``lib/xlat_mpu``, which configures Arm's MPU
|
||||
equivalently, is also addressed here. The ``lib/xlat_mpu`` is experimental,
|
||||
meaning that its API may change. It currently strives for consistency and
|
||||
code-reuse with xlat_tables_v2. Future versions may be more MPU-specific (e.g.,
|
||||
removing all mentions of virtual addresses). Although potential bug fixes will
|
||||
be applied to all versions of the xlat_* libs, future feature enhancements will
|
||||
focus on version 2 and might not be back-ported to version 1 and MPU versions.
|
||||
Therefore, it is recommended to use version 2, especially for new platform
|
||||
ports (unless the platform uses an MPU).
|
||||
|
||||
However, please note that version 2 and the MPU version are still in active
|
||||
development and is not considered stable yet. Hence, compatibility breaks might
|
||||
be introduced.
|
||||
|
||||
From this point onwards, this document will implicitly refer to version 2 of the
|
||||
library, unless stated otherwise.
|
||||
|
||||
|
||||
Design concepts and interfaces
|
||||
------------------------------
|
||||
|
||||
This section presents some of the key concepts and data structures used in the
|
||||
translation tables library.
|
||||
|
||||
`mmap` regions
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
An ``mmap_region`` is an abstract, concise way to represent a memory region to
|
||||
map. It is one of the key interfaces to the library. It is identified by:
|
||||
|
||||
- its physical base address;
|
||||
- its virtual base address;
|
||||
- its size;
|
||||
- its attributes;
|
||||
- its mapping granularity (optional).
|
||||
|
||||
See the ``struct mmap_region`` type in ``xlat_tables_v2.h``.
|
||||
|
||||
The user usually provides a list of such mmap regions to map and lets the
|
||||
library transpose that in a set of translation tables. As a result, the library
|
||||
might create new translation tables, update or split existing ones.
|
||||
|
||||
The region attributes specify the type of memory (for example device or cached
|
||||
normal memory) as well as the memory access permissions (read-only or
|
||||
read-write, executable or not, secure or non-secure, and so on). In the case of
|
||||
the EL1&0 translation regime, the attributes also specify whether the region is
|
||||
a User region (EL0) or Privileged region (EL1). See the ``MT_xxx`` definitions
|
||||
in ``xlat_tables_v2.h``. Note that for the EL1&0 translation regime the Execute
|
||||
Never attribute is set simultaneously for both EL1 and EL0.
|
||||
|
||||
The granularity controls the translation table level to go down to when mapping
|
||||
the region. For example, assuming the MMU has been configured to use a 4KB
|
||||
granule size, the library might map a 2MB memory region using either of the two
|
||||
following options:
|
||||
|
||||
- using a single level-2 translation table entry;
|
||||
- using a level-2 intermediate entry to a level-3 translation table (which
|
||||
contains 512 entries, each mapping 4KB).
|
||||
|
||||
The first solution potentially requires less translation tables, hence
|
||||
potentially less memory. However, if part of this 2MB region is later remapped
|
||||
with different memory attributes, the library might need to split the existing
|
||||
page tables to refine the mappings. If a single level-2 entry has been used
|
||||
here, a level-3 table will need to be allocated on the fly and the level-2
|
||||
modified to point to this new level-3 table. This has a performance cost at
|
||||
run-time.
|
||||
|
||||
If the user knows upfront that such a remapping operation is likely to happen
|
||||
then they might enforce a 4KB mapping granularity for this 2MB region from the
|
||||
beginning; remapping some of these 4KB pages on the fly then becomes a
|
||||
lightweight operation.
|
||||
|
||||
The region's granularity is an optional field; if it is not specified the
|
||||
library will choose the mapping granularity for this region as it sees fit (more
|
||||
details can be found in `The memory mapping algorithm`_ section below).
|
||||
|
||||
The MPU library also uses ``struct mmap_region`` to specify translations, but
|
||||
the MPU's translations are limited to specification of valid addresses and
|
||||
access permissions. If the requested virtual and physical addresses mismatch
|
||||
the system will panic. Being register-based for deterministic memory-reference
|
||||
timing, the MPU hardware does not involve memory-resident translation tables.
|
||||
|
||||
Currently, the MPU library is also limited to MPU translation at EL2 with no
|
||||
MMU translation at other ELs. These limitations, however, are expected to be
|
||||
overcome in future library versions.
|
||||
|
||||
Translation Context
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library can create or modify translation tables pertaining to a different
|
||||
translation regime than the exception level the library code is executing at.
|
||||
For example, the library might be used by EL3 software (for instance BL31) to
|
||||
create translation tables pertaining to the S-EL1&0 translation regime.
|
||||
|
||||
This flexibility comes from the use of *translation contexts*. A *translation
|
||||
context* constitutes the superset of information used by the library to track
|
||||
the status of a set of translation tables for a given translation regime.
|
||||
|
||||
The library internally allocates a default translation context, which pertains
|
||||
to the translation regime of the current exception level. Additional contexts
|
||||
may be explicitly allocated and initialized using the
|
||||
``REGISTER_XLAT_CONTEXT()`` macro. Separate APIs are provided to act either on
|
||||
the default translation context or on an alternative one.
|
||||
|
||||
To register a translation context, the user must provide the library with the
|
||||
following information:
|
||||
|
||||
* A name.
|
||||
|
||||
The resulting translation context variable will be called after this name, to
|
||||
which ``_xlat_ctx`` is appended. For example, if the macro name parameter is
|
||||
``foo``, the context variable name will be ``foo_xlat_ctx``.
|
||||
|
||||
* The maximum number of `mmap` regions to map.
|
||||
|
||||
Should account for both static and dynamic regions, if applicable.
|
||||
|
||||
* The number of sub-translation tables to allocate.
|
||||
|
||||
Number of translation tables to statically allocate for this context,
|
||||
excluding the initial lookup level translation table, which is always
|
||||
allocated. For example, if the initial lookup level is 1, this parameter would
|
||||
specify the number of level-2 and level-3 translation tables to pre-allocate
|
||||
for this context.
|
||||
|
||||
* The size of the virtual address space.
|
||||
|
||||
Size in bytes of the virtual address space to map using this context. This
|
||||
will incidentally determine the number of entries in the initial lookup level
|
||||
translation table : the library will allocate as many entries as is required
|
||||
to map the entire virtual address space.
|
||||
|
||||
* The size of the physical address space.
|
||||
|
||||
Size in bytes of the physical address space to map using this context.
|
||||
|
||||
The default translation context is internally initialized using information
|
||||
coming (for the most part) from platform-specific defines:
|
||||
|
||||
- name: hard-coded to ``tf`` ; hence the name of the default context variable is
|
||||
``tf_xlat_ctx``;
|
||||
- number of `mmap` regions: ``MAX_MMAP_REGIONS``;
|
||||
- number of sub-translation tables: ``MAX_XLAT_TABLES``;
|
||||
- size of the virtual address space: ``PLAT_VIRT_ADDR_SPACE_SIZE``;
|
||||
- size of the physical address space: ``PLAT_PHY_ADDR_SPACE_SIZE``.
|
||||
|
||||
Please refer to the :ref:`Porting Guide` for more details about these macros.
|
||||
|
||||
|
||||
Static and dynamic memory regions
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library optionally supports dynamic memory mapping. This feature may be
|
||||
enabled using the ``PLAT_XLAT_TABLES_DYNAMIC`` platform build flag.
|
||||
|
||||
When dynamic memory mapping is enabled, the library categorises mmap regions as
|
||||
*static* or *dynamic*.
|
||||
|
||||
- *Static regions* are fixed for the lifetime of the system. They can only be
|
||||
added early on, before the translation tables are created and populated. They
|
||||
cannot be removed afterwards.
|
||||
|
||||
- *Dynamic regions* can be added or removed any time.
|
||||
|
||||
When the dynamic memory mapping feature is disabled, only static regions exist.
|
||||
|
||||
The dynamic memory mapping feature may be used to map and unmap transient memory
|
||||
areas. This is useful when the user needs to access some memory for a fixed
|
||||
period of time, after which the memory may be discarded and reclaimed. For
|
||||
example, a memory region that is only required at boot time while the system is
|
||||
initializing, or to temporarily share a memory buffer between the normal world
|
||||
and trusted world. Note that it is up to the caller to ensure that these regions
|
||||
are not accessed concurrently while the regions are being added or removed.
|
||||
|
||||
Although this feature provides some level of dynamic memory allocation, this
|
||||
does not allow dynamically allocating an arbitrary amount of memory at an
|
||||
arbitrary memory location. The user is still required to declare at compile-time
|
||||
the limits of these allocations ; the library will deny any mapping request that
|
||||
does not fit within this pre-allocated pool of memory.
|
||||
|
||||
|
||||
Library APIs
|
||||
------------
|
||||
|
||||
The external APIs exposed by this library are declared and documented in the
|
||||
``xlat_tables_v2.h`` header file. This should be the reference point for
|
||||
getting information about the usage of the different APIs this library
|
||||
provides. This section just provides some extra details and clarifications.
|
||||
|
||||
Although the ``mmap_region`` structure is a publicly visible type, it is not
|
||||
recommended to populate these structures by hand. Instead, wherever APIs expect
|
||||
function arguments of type ``mmap_region_t``, these should be constructed using
|
||||
the ``MAP_REGION*()`` family of helper macros. This is to limit the risk of
|
||||
compatibility breaks, should the ``mmap_region`` structure type evolve in the
|
||||
future.
|
||||
|
||||
The ``MAP_REGION()`` and ``MAP_REGION_FLAT()`` macros do not allow specifying a
|
||||
mapping granularity, which leaves the library implementation free to choose
|
||||
it. However, in cases where a specific granularity is required, the
|
||||
``MAP_REGION2()`` macro might be used instead. Using ``MAP_REGION_FLAT()`` only
|
||||
to define regions for the MPU library is strongly recommended.
|
||||
|
||||
As explained earlier in this document, when the dynamic mapping feature is
|
||||
disabled, there is no notion of dynamic regions. Conceptually, there are only
|
||||
static regions. For this reason (and to retain backward compatibility with the
|
||||
version 1 of the library), the APIs that map static regions do not embed the
|
||||
word *static* in their functions names (for example ``mmap_add_region()``), in
|
||||
contrast with the dynamic regions APIs (for example
|
||||
``mmap_add_dynamic_region()``).
|
||||
|
||||
Although the definition of static and dynamic regions is not based on the state
|
||||
of the MMU, the two are still related in some way. Static regions can only be
|
||||
added before ``init_xlat_tables()`` is called and ``init_xlat_tables()`` must be
|
||||
called while the MMU is still off. As a result, static regions cannot be added
|
||||
once the MMU has been enabled. Dynamic regions can be added with the MMU on or
|
||||
off. In practice, the usual call flow would look like this:
|
||||
|
||||
#. The MMU is initially off.
|
||||
|
||||
#. Add some static regions, add some dynamic regions.
|
||||
|
||||
#. Initialize translation tables based on the list of mmap regions (using one of
|
||||
the ``init_xlat_tables*()`` APIs).
|
||||
|
||||
#. At this point, it is no longer possible to add static regions. Dynamic
|
||||
regions can still be added or removed.
|
||||
|
||||
#. Enable the MMU.
|
||||
|
||||
#. Dynamic regions can continue to be added or removed.
|
||||
|
||||
Because static regions are added early on at boot time and are all in the
|
||||
control of the platform initialization code, the ``mmap_add*()`` family of APIs
|
||||
are not expected to fail. They do not return any error code.
|
||||
|
||||
Nonetheless, these APIs will check upfront whether the region can be
|
||||
successfully added before updating the translation context structure. If the
|
||||
library detects that there is insufficient memory to meet the request, or that
|
||||
the new region will overlap another one in an invalid way, or if any other
|
||||
unexpected error is encountered, they will print an error message on the UART.
|
||||
Additionally, when asserts are enabled (typically in debug builds), an assertion
|
||||
will be triggered. Otherwise, the function call will just return straight away,
|
||||
without adding the offending memory region.
|
||||
|
||||
|
||||
Library limitations
|
||||
-------------------
|
||||
|
||||
Dynamic regions are not allowed to overlap each other. Static regions are
|
||||
allowed to overlap as long as one of them is fully contained inside the other
|
||||
one. This is allowed for backwards compatibility with the previous behaviour in
|
||||
the version 1 of the library.
|
||||
|
||||
|
||||
Implementation details
|
||||
----------------------
|
||||
|
||||
Code structure
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
The library is divided into 4 modules:
|
||||
|
||||
- **Core module**
|
||||
|
||||
Provides the main functionality of the library, such as the initialization of
|
||||
translation tables contexts and mapping/unmapping memory regions. This module
|
||||
provides functions such as ``mmap_add_region_ctx`` that let the caller specify
|
||||
the translation tables context affected by them.
|
||||
|
||||
See ``xlat_tables_core.c``.
|
||||
|
||||
- **Active context module**
|
||||
|
||||
Instantiates the context that is used by the current BL image and provides
|
||||
helpers to manipulate it, abstracting it from the rest of the code.
|
||||
This module provides functions such as ``mmap_add_region``, that directly
|
||||
affect the BL image using them.
|
||||
|
||||
See ``xlat_tables_context.c``.
|
||||
|
||||
- **Utilities module**
|
||||
|
||||
Provides additional functionality like debug print of the current state of the
|
||||
translation tables and helpers to query memory attributes and to modify them.
|
||||
|
||||
See ``xlat_tables_utils.c``.
|
||||
|
||||
- **Architectural module**
|
||||
|
||||
Provides functions that are dependent on the current execution state
|
||||
(AArch32/AArch64), such as the functions used for TLB invalidation, setup the
|
||||
MMU, or calculate the Physical Address Space size. They do not need a
|
||||
translation context to work on.
|
||||
|
||||
See ``aarch32/xlat_tables_arch.c`` and ``aarch64/xlat_tables_arch.c``.
|
||||
|
||||
From mmap regions to translation tables
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
A translation context contains a list of ``mmap_region_t``, which holds the
|
||||
information of all the regions that are mapped at any given time. Whenever there
|
||||
is a request to map (resp. unmap) a memory region, it is added to (resp. removed
|
||||
from) the ``mmap_region_t`` list.
|
||||
|
||||
The mmap regions list is a conceptual way to represent the memory layout. At
|
||||
some point, the library has to convert this information into actual translation
|
||||
tables to program into the MMU.
|
||||
|
||||
Before the ``init_xlat_tables()`` API is called, the library only acts on the
|
||||
mmap regions list. Adding a static or dynamic region at this point through one
|
||||
of the ``mmap_add*()`` APIs does not affect the translation tables in any way,
|
||||
they only get registered in the internal mmap region list. It is only when the
|
||||
user calls the ``init_xlat_tables()`` that the translation tables are populated
|
||||
in memory based on the list of mmap regions registered so far. This is an
|
||||
optimization that allows creation of the initial set of translation tables in
|
||||
one go, rather than having to edit them every time while the MMU is disabled.
|
||||
|
||||
After the ``init_xlat_tables()`` API has been called, only dynamic regions can
|
||||
be added. Changes to the translation tables (as well as the mmap regions list)
|
||||
will take effect immediately.
|
||||
|
||||
The memory mapping algorithm
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The mapping function is implemented as a recursive algorithm. It is however
|
||||
bound by the level of depth of the translation tables (the Armv8-A architecture
|
||||
allows up to 4 lookup levels).
|
||||
|
||||
By default [#granularity]_, the algorithm will attempt to minimize the
|
||||
number of translation tables created to satisfy the user's request. It will
|
||||
favour mapping a region using the biggest possible blocks, only creating a
|
||||
sub-table if it is strictly necessary. This is to reduce the memory footprint of
|
||||
the firmware.
|
||||
|
||||
The most common reason for needing a sub-table is when a specific mapping
|
||||
requires a finer granularity. Misaligned regions also require a finer
|
||||
granularity than what the user may had originally expected, using a lot more
|
||||
memory than expected. The reason is that all levels of translation are
|
||||
restricted to address translations of the same granularity as the size of the
|
||||
blocks of that level. For example, for a 4 KiB page size, a level 2 block entry
|
||||
can only translate up to a granularity of 2 MiB. If the Physical Address is not
|
||||
aligned to 2 MiB then additional level 3 tables are also needed.
|
||||
|
||||
Note that not every translation level allows any type of descriptor. Depending
|
||||
on the page size, levels 0 and 1 of translation may only allow table
|
||||
descriptors. If a block entry could be able to describe a translation, but that
|
||||
level does not allow block descriptors, a table descriptor will have to be used
|
||||
instead, as well as additional tables at the next level.
|
||||
|
||||
|Alignment Example|
|
||||
|
||||
The mmap regions are sorted in a way that simplifies the code that maps
|
||||
them. Even though this ordering is only strictly needed for overlapping static
|
||||
regions, it must also be applied for dynamic regions to maintain a consistent
|
||||
order of all regions at all times. As each new region is mapped, existing
|
||||
entries in the translation tables are checked to ensure consistency. Please
|
||||
refer to the comments in the source code of the core module for more details
|
||||
about the sorting algorithm in use.
|
||||
|
||||
This mapping algorithm does not apply to the MPU library, since the MPU hardware
|
||||
directly maps regions by "base" and "limit" (bottom and top) addresses.
|
||||
|
||||
TLB maintenance operations
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library takes care of performing TLB maintenance operations when required.
|
||||
For example, when the user requests removing a dynamic region, the library
|
||||
invalidates all TLB entries associated to that region to ensure that these
|
||||
changes are visible to subsequent execution, including speculative execution,
|
||||
that uses the changed translation table entries.
|
||||
|
||||
A counter-example is the initialization of translation tables. In this case,
|
||||
explicit TLB maintenance is not required. The Armv8-A architecture guarantees
|
||||
that all TLBs are disabled from reset and their contents have no effect on
|
||||
address translation at reset [#tlb-reset-ref]_. Therefore, the TLBs invalidation
|
||||
is deferred to the ``enable_mmu*()`` family of functions, just before the MMU is
|
||||
turned on.
|
||||
|
||||
Regarding enabling and disabling memory management, for the MPU library, to
|
||||
reduce confusion, calls to enable or disable the MPU use ``mpu`` in their names
|
||||
in place of ``mmu``. For example, the ``enable_mmu_el2()`` call is changed to
|
||||
``enable_mpu_el2()``.
|
||||
|
||||
TLB invalidation is not required when adding dynamic regions either. Dynamic
|
||||
regions are not allowed to overlap existing memory region. Therefore, if the
|
||||
dynamic mapping request is deemed legitimate, it automatically concerns memory
|
||||
that was not mapped in this translation regime and the library will have
|
||||
initialized its corresponding translation table entry to an invalid
|
||||
descriptor. Given that the TLBs are not architecturally permitted to hold any
|
||||
invalid translation table entry [#tlb-no-invalid-entry]_, this means that this
|
||||
mapping cannot be cached in the TLBs.
|
||||
|
||||
.. rubric:: Footnotes
|
||||
|
||||
.. [#granularity] That is, when mmap regions do not enforce their mapping
|
||||
granularity.
|
||||
|
||||
.. [#tlb-reset-ref] See section D4.9 ``Translation Lookaside Buffers (TLBs)``,
|
||||
subsection ``TLB behavior at reset`` in Armv8-A, rev C.a.
|
||||
|
||||
.. [#tlb-no-invalid-entry] See section D4.10.1 ``General TLB maintenance
|
||||
requirements`` in Armv8-A, rev C.a.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. |Alignment Example| image:: ../resources/diagrams/xlat_align.png
|
||||
112
arm-trusted-firmware.t234/docs/conf.py
Normal file
112
arm-trusted-firmware.t234/docs/conf.py
Normal file
@@ -0,0 +1,112 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# Copyright (c) 2019-2024, Arm Limited. All rights reserved.
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
#
|
||||
# Configuration file for the Sphinx documentation builder.
|
||||
#
|
||||
# See the options documentation at http://www.sphinx-doc.org/en/master/config
|
||||
|
||||
|
||||
# -- Project information -----------------------------------------------------
|
||||
|
||||
project = "Trusted Firmware-A"
|
||||
author = "Trusted Firmware-A contributors"
|
||||
version = "2.12.0"
|
||||
release = "2.12.0"
|
||||
|
||||
# -- General configuration ---------------------------------------------------
|
||||
|
||||
# Add any Sphinx extension module names here, as strings. They can be
|
||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||
# ones.
|
||||
extensions = [
|
||||
"myst_parser",
|
||||
"sphinx.ext.autosectionlabel",
|
||||
"sphinxcontrib.plantuml",
|
||||
"sphinxcontrib.rsvgconverter",
|
||||
]
|
||||
|
||||
# Add any paths that contain templates here, relative to this directory.
|
||||
templates_path = ["_templates"]
|
||||
|
||||
# The suffix(es) of source filenames.
|
||||
source_suffix = [".md", ".rst"]
|
||||
|
||||
# The master toctree document.
|
||||
master_doc = "index"
|
||||
|
||||
# The language for content autogenerated by Sphinx. Refer to documentation
|
||||
# for a list of supported languages.
|
||||
#
|
||||
# This is also used if you do content translation via gettext catalogs.
|
||||
# Usually you set "language" from the command line for these cases.
|
||||
language = "en"
|
||||
|
||||
# List of patterns, relative to source directory, that match files and
|
||||
# directories to ignore when looking for source files.
|
||||
# This pattern also affects html_static_path and html_extra_path .
|
||||
# Don't try to build the venv in case it's placed with the sources
|
||||
exclude_patterns = [".env", "env", ".venv", "venv"]
|
||||
|
||||
# The name of the Pygments (syntax highlighting) style to use.
|
||||
pygments_style = "sphinx"
|
||||
|
||||
# Load the contents of the global substitutions file into the 'rst_prolog'
|
||||
# variable. This ensures that the substitutions are all inserted into each
|
||||
# page.
|
||||
with open("global_substitutions.txt", "r") as subs:
|
||||
rst_prolog = subs.read()
|
||||
|
||||
# Minimum version of sphinx required
|
||||
needs_sphinx = "2.0"
|
||||
|
||||
# -- Options for HTML output -------------------------------------------------
|
||||
|
||||
# Don't show the "Built with Sphinx" footer
|
||||
html_show_sphinx = False
|
||||
|
||||
# Don't show copyright info in the footer (we have this content in the page)
|
||||
html_show_copyright = False
|
||||
|
||||
# The theme to use for HTML and HTML Help pages. See the documentation for
|
||||
# a list of builtin themes.
|
||||
html_theme = "sphinx_rtd_theme"
|
||||
|
||||
# The logo to display in the sidebar
|
||||
html_logo = "resources/TrustedFirmware-Logo_standard-white.png"
|
||||
|
||||
# Options for the "sphinx-rtd-theme" theme
|
||||
html_theme_options = {
|
||||
"collapse_navigation": False, # Can expand and collapse sidebar entries
|
||||
"prev_next_buttons_location": "both", # Top and bottom of the page
|
||||
"style_external_links": True, # Display an icon next to external links
|
||||
}
|
||||
|
||||
# Path to _static directory
|
||||
html_static_path = ["_static"]
|
||||
|
||||
# Path to css file relative to html_static_path
|
||||
html_css_files = [
|
||||
"css/custom.css",
|
||||
]
|
||||
|
||||
# -- Options for autosectionlabel --------------------------------------------
|
||||
|
||||
# Only generate automatic section labels for document titles
|
||||
autosectionlabel_maxdepth = 1
|
||||
|
||||
# -- Options for plantuml ----------------------------------------------------
|
||||
|
||||
plantuml_output_format = "svg_img"
|
||||
|
||||
# -- Options for latexmk ----------------------------------------------------
|
||||
|
||||
latex_engine = "xelatex"
|
||||
latex_elements = {
|
||||
"maxlistdepth": "10",
|
||||
"pointsize": "11pt",
|
||||
"extraclassoptions": "openany"
|
||||
}
|
||||
84
arm-trusted-firmware.t234/docs/design/alt-boot-flows.rst
Normal file
84
arm-trusted-firmware.t234/docs/design/alt-boot-flows.rst
Normal file
@@ -0,0 +1,84 @@
|
||||
Alternative Boot Flows
|
||||
======================
|
||||
|
||||
EL3 payloads alternative boot flow
|
||||
----------------------------------
|
||||
|
||||
On a pre-production system, the ability to execute arbitrary, bare-metal code at
|
||||
the highest exception level is required. It allows full, direct access to the
|
||||
hardware, for example to run silicon soak tests.
|
||||
|
||||
Although it is possible to implement some baremetal secure firmware from
|
||||
scratch, this is a complex task on some platforms, depending on the level of
|
||||
configuration required to put the system in the expected state.
|
||||
|
||||
Rather than booting a baremetal application, a possible compromise is to boot
|
||||
``EL3 payloads`` through TF-A instead. This is implemented as an alternative
|
||||
boot flow, where a modified BL2 boots an EL3 payload, instead of loading the
|
||||
other BL images and passing control to BL31. It reduces the complexity of
|
||||
developing EL3 baremetal code by:
|
||||
|
||||
- putting the system into a known architectural state;
|
||||
- taking care of platform secure world initialization;
|
||||
- loading the SCP_BL2 image if required by the platform.
|
||||
|
||||
When booting an EL3 payload on Arm standard platforms, the configuration of the
|
||||
TrustZone controller is simplified such that only region 0 is enabled and is
|
||||
configured to permit secure access only. This gives full access to the whole
|
||||
DRAM to the EL3 payload.
|
||||
|
||||
The system is left in the same state as when entering BL31 in the default boot
|
||||
flow. In particular:
|
||||
|
||||
- Running in EL3;
|
||||
- Current state is AArch64;
|
||||
- Little-endian data access;
|
||||
- All exceptions disabled;
|
||||
- MMU disabled;
|
||||
- Caches disabled.
|
||||
|
||||
.. _alt_boot_flows_el3_payload:
|
||||
|
||||
Booting an EL3 payload
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The EL3 payload image is a standalone image and is not part of the FIP. It is
|
||||
not loaded by TF-A. Therefore, there are 2 possible scenarios:
|
||||
|
||||
- The EL3 payload may reside in non-volatile memory (NVM) and execute in
|
||||
place. In this case, booting it is just a matter of specifying the right
|
||||
address in NVM through ``EL3_PAYLOAD_BASE`` when building TF-A.
|
||||
|
||||
- The EL3 payload needs to be loaded in volatile memory (e.g. DRAM) at
|
||||
run-time.
|
||||
|
||||
To help in the latter scenario, the ``SPIN_ON_BL1_EXIT=1`` build option can be
|
||||
used. The infinite loop that it introduces in BL1 stops execution at the right
|
||||
moment for a debugger to take control of the target and load the payload (for
|
||||
example, over JTAG).
|
||||
|
||||
It is expected that this loading method will work in most cases, as a debugger
|
||||
connection is usually available in a pre-production system. The user is free to
|
||||
use any other platform-specific mechanism to load the EL3 payload, though.
|
||||
|
||||
|
||||
Preloaded BL33 alternative boot flow
|
||||
------------------------------------
|
||||
|
||||
Some platforms have the ability to preload BL33 into memory instead of relying
|
||||
on TF-A to load it. This may simplify packaging of the normal world code and
|
||||
improve performance in a development environment. When secure world cold boot
|
||||
is complete, TF-A simply jumps to a BL33 base address provided at build time.
|
||||
|
||||
For this option to be used, the ``PRELOADED_BL33_BASE`` build option has to be
|
||||
used when compiling TF-A. For example, the following command will create a FIP
|
||||
without a BL33 and prepare to jump to a BL33 image loaded at address
|
||||
0x80000000:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PRELOADED_BL33_BASE=0x80000000 PLAT=fvp all fip
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
1022
arm-trusted-firmware.t234/docs/design/auth-framework.rst
Normal file
1022
arm-trusted-firmware.t234/docs/design/auth-framework.rst
Normal file
File diff suppressed because it is too large
Load Diff
1116
arm-trusted-firmware.t234/docs/design/cpu-specific-build-macros.rst
Normal file
1116
arm-trusted-firmware.t234/docs/design/cpu-specific-build-macros.rst
Normal file
File diff suppressed because it is too large
Load Diff
2961
arm-trusted-firmware.t234/docs/design/firmware-design.rst
Normal file
2961
arm-trusted-firmware.t234/docs/design/firmware-design.rst
Normal file
File diff suppressed because it is too large
Load Diff
20
arm-trusted-firmware.t234/docs/design/index.rst
Normal file
20
arm-trusted-firmware.t234/docs/design/index.rst
Normal file
@@ -0,0 +1,20 @@
|
||||
System Design
|
||||
=============
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
alt-boot-flows
|
||||
auth-framework
|
||||
cpu-specific-build-macros
|
||||
firmware-design
|
||||
interrupt-framework-design
|
||||
psci-pd-tree
|
||||
reset-design
|
||||
trusted-board-boot
|
||||
trusted-board-boot-build
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
1021
arm-trusted-firmware.t234/docs/design/interrupt-framework-design.rst
Normal file
1021
arm-trusted-firmware.t234/docs/design/interrupt-framework-design.rst
Normal file
File diff suppressed because it is too large
Load Diff
304
arm-trusted-firmware.t234/docs/design/psci-pd-tree.rst
Normal file
304
arm-trusted-firmware.t234/docs/design/psci-pd-tree.rst
Normal file
@@ -0,0 +1,304 @@
|
||||
PSCI Power Domain Tree Structure
|
||||
================================
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
#. A platform must export the ``plat_get_aff_count()`` and
|
||||
``plat_get_aff_state()`` APIs to enable the generic PSCI code to
|
||||
populate a tree that describes the hierarchy of power domains in the
|
||||
system. This approach is inflexible because a change to the topology
|
||||
requires a change in the code.
|
||||
|
||||
It would be much simpler for the platform to describe its power domain tree
|
||||
in a data structure.
|
||||
|
||||
#. The generic PSCI code generates MPIDRs in order to populate the power domain
|
||||
tree. It also uses an MPIDR to find a node in the tree. The assumption that
|
||||
a platform will use exactly the same MPIDRs as generated by the generic PSCI
|
||||
code is not scalable. The use of an MPIDR also restricts the number of
|
||||
levels in the power domain tree to four.
|
||||
|
||||
Therefore, there is a need to decouple allocation of MPIDRs from the
|
||||
mechanism used to populate the power domain topology tree.
|
||||
|
||||
#. The current arrangement of the power domain tree requires a binary search
|
||||
over the sibling nodes at a particular level to find a specified power
|
||||
domain node. During a power management operation, the tree is traversed from
|
||||
a 'start' to an 'end' power level. The binary search is required to find the
|
||||
node at each level. The natural way to perform this traversal is to
|
||||
start from a leaf node and follow the parent node pointer to reach the end
|
||||
level.
|
||||
|
||||
Therefore, there is a need to define data structures that implement the tree in
|
||||
a way which facilitates such a traversal.
|
||||
|
||||
#. The attributes of a core power domain differ from the attributes of power
|
||||
domains at higher levels. For example, only a core power domain can be identified
|
||||
using an MPIDR. There is no requirement to perform state coordination while
|
||||
performing a power management operation on the core power domain.
|
||||
|
||||
Therefore, there is a need to implement the tree in a way which facilitates this
|
||||
distinction between a leaf and non-leaf node and any associated
|
||||
optimizations.
|
||||
|
||||
--------------
|
||||
|
||||
Design
|
||||
------
|
||||
|
||||
Describing a power domain tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 1., the existing platform APIs
|
||||
``plat_get_aff_count()`` and ``plat_get_aff_state()`` have been
|
||||
removed. A platform must define an array of unsigned chars such that:
|
||||
|
||||
#. The first entry in the array specifies the number of power domains at the
|
||||
highest power level implemented in the platform. This caters for platforms
|
||||
where the power domain tree does not have a single root node, for example,
|
||||
the FVP has two cluster power domains at the highest level (1).
|
||||
|
||||
#. Each subsequent entry corresponds to a power domain and contains the number
|
||||
of power domains that are its direct children.
|
||||
|
||||
#. The size of the array minus the first entry will be equal to the number of
|
||||
non-leaf power domains.
|
||||
|
||||
#. The value in each entry in the array is used to find the number of entries
|
||||
to consider at the next level. The sum of the values (number of children) of
|
||||
all the entries at a level specifies the number of entries in the array for
|
||||
the next level.
|
||||
|
||||
The following example power domain topology tree will be used to describe the
|
||||
above text further. The leaf and non-leaf nodes in this tree have been numbered
|
||||
separately.
|
||||
|
||||
::
|
||||
|
||||
+-+
|
||||
|0|
|
||||
+-+
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
+-+ +-+
|
||||
|1| |2|
|
||||
+-+ +-+
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
+-+ +-+ +-+ +-+
|
||||
|3| |4| |5| |6|
|
||||
+-+ +-+ +-+ +-+
|
||||
+---+-----+ +----+----| +----+----+ +----+-----+-----+
|
||||
| | | | | | | | | | | | |
|
||||
| | | | | | | | | | | | |
|
||||
v v v v v v v v v v v v v
|
||||
+-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +--+ +--+ +--+
|
||||
|0| |1| |2| |3| |4| |5| |6| |7| |8| |9| |10| |11| |12|
|
||||
+-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +--+ +--+ +--+
|
||||
|
||||
This tree is defined by the platform as the array described above as follows:
|
||||
|
||||
.. code:: c
|
||||
|
||||
#define PLAT_NUM_POWER_DOMAINS 20
|
||||
#define PLATFORM_CORE_COUNT 13
|
||||
#define PSCI_NUM_NON_CPU_PWR_DOMAINS \
|
||||
(PLAT_NUM_POWER_DOMAINS - PLATFORM_CORE_COUNT)
|
||||
|
||||
unsigned char plat_power_domain_tree_desc[] = { 1, 2, 2, 2, 3, 3, 3, 4};
|
||||
|
||||
Removing assumptions about MPIDRs used in a platform
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 2., it is assumed that the platform assigns a
|
||||
unique number (core index) between ``0`` and ``PLAT_CORE_COUNT - 1`` to each core
|
||||
power domain. MPIDRs could be allocated in any manner and will not be used to
|
||||
populate the tree.
|
||||
|
||||
``plat_core_pos_by_mpidr(mpidr)`` will return the core index for the core
|
||||
corresponding to the MPIDR. It will return an error (-1) if an MPIDR is passed
|
||||
which is not allocated or corresponds to an absent core. The semantics of this
|
||||
platform API have changed since it is required to validate the passed MPIDR. It
|
||||
has been made a mandatory API as a result.
|
||||
|
||||
Another mandatory API, ``plat_my_core_pos()`` has been added to return the core
|
||||
index for the calling core. This API provides a more lightweight mechanism to get
|
||||
the index since there is no need to validate the MPIDR of the calling core.
|
||||
|
||||
The platform should assign the core indices (as illustrated in the diagram above)
|
||||
such that, if the core nodes are numbered from left to right, then the index
|
||||
for a core domain will be the same as the index returned by
|
||||
``plat_core_pos_by_mpidr()`` or ``plat_my_core_pos()`` for that core. This
|
||||
relationship allows the core nodes to be allocated in a separate array
|
||||
(requirement 4.) during ``psci_setup()`` in such an order that the index of the
|
||||
core in the array is the same as the return value from these APIs.
|
||||
|
||||
Dealing with holes in MPIDR allocation
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
For platforms where the number of allocated MPIDRs is equal to the number of
|
||||
core power domains, for example, Juno and FVPs, the logic to convert an MPIDR to
|
||||
a core index should remain unchanged. Both Juno and FVP use a simple collision
|
||||
proof hash function to do this.
|
||||
|
||||
It is possible that on some platforms, the allocation of MPIDRs is not
|
||||
contiguous or certain cores have been disabled. This essentially means that the
|
||||
MPIDRs have been sparsely allocated, that is, the size of the range of MPIDRs
|
||||
used by the platform is not equal to the number of core power domains.
|
||||
|
||||
The platform could adopt one of the following approaches to deal with this
|
||||
scenario:
|
||||
|
||||
#. Implement more complex logic to convert a valid MPIDR to a core index while
|
||||
maintaining the relationship described earlier. This means that the power
|
||||
domain tree descriptor will not describe any core power domains which are
|
||||
disabled or absent. Entries will not be allocated in the tree for these
|
||||
domains.
|
||||
|
||||
#. Treat unallocated MPIDRs and disabled cores as absent but still describe them
|
||||
in the power domain descriptor, that is, the number of core nodes described
|
||||
is equal to the size of the range of MPIDRs allocated. This approach will
|
||||
lead to memory wastage since entries will be allocated in the tree but will
|
||||
allow use of a simpler logic to convert an MPIDR to a core index.
|
||||
|
||||
Traversing through and distinguishing between core and non-core power domains
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 3 and 4, separate data structures have been defined
|
||||
to represent leaf and non-leaf power domain nodes in the tree.
|
||||
|
||||
.. code:: c
|
||||
|
||||
/*******************************************************************************
|
||||
* The following two data structures implement the power domain tree. The tree
|
||||
* is used to track the state of all the nodes i.e. power domain instances
|
||||
* described by the platform. The tree consists of nodes that describe CPU power
|
||||
* domains i.e. leaf nodes and all other power domains which are parents of a
|
||||
* CPU power domain i.e. non-leaf nodes.
|
||||
******************************************************************************/
|
||||
typedef struct non_cpu_pwr_domain_node {
|
||||
/*
|
||||
* Index of the first CPU power domain node level 0 which has this node
|
||||
* as its parent.
|
||||
*/
|
||||
unsigned int cpu_start_idx;
|
||||
|
||||
/*
|
||||
* Number of CPU power domains which are siblings of the domain indexed
|
||||
* by 'cpu_start_idx' i.e. all the domains in the range 'cpu_start_idx
|
||||
* -> cpu_start_idx + ncpus' have this node as their parent.
|
||||
*/
|
||||
unsigned int ncpus;
|
||||
|
||||
/* Index of the parent power domain node */
|
||||
unsigned int parent_node;
|
||||
|
||||
-----
|
||||
} non_cpu_pd_node_t;
|
||||
|
||||
typedef struct cpu_pwr_domain_node {
|
||||
u_register_t mpidr;
|
||||
|
||||
/* Index of the parent power domain node */
|
||||
unsigned int parent_node;
|
||||
|
||||
-----
|
||||
} cpu_pd_node_t;
|
||||
|
||||
The power domain tree is implemented as a combination of the following data
|
||||
structures.
|
||||
|
||||
.. code:: c
|
||||
|
||||
non_cpu_pd_node_t psci_non_cpu_pd_nodes[PSCI_NUM_NON_CPU_PWR_DOMAINS];
|
||||
cpu_pd_node_t psci_cpu_pd_nodes[PLATFORM_CORE_COUNT];
|
||||
|
||||
Populating the power domain tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``populate_power_domain_tree()`` function in ``psci_setup.c`` implements the
|
||||
algorithm to parse the power domain descriptor exported by the platform to
|
||||
populate the two arrays. It is essentially a breadth-first-search. The nodes for
|
||||
each level starting from the root are laid out one after another in the
|
||||
``psci_non_cpu_pd_nodes`` and ``psci_cpu_pd_nodes`` arrays as follows:
|
||||
|
||||
::
|
||||
|
||||
psci_non_cpu_pd_nodes -> [[Level 3 nodes][Level 2 nodes][Level 1 nodes]]
|
||||
psci_cpu_pd_nodes -> [Level 0 nodes]
|
||||
|
||||
For the example power domain tree illustrated above, the ``psci_cpu_pd_nodes``
|
||||
will be populated as follows. The value in each entry is the index of the parent
|
||||
node. Other fields have been ignored for simplicity.
|
||||
|
||||
::
|
||||
|
||||
+-------------+ ^
|
||||
CPU0 | 3 | |
|
||||
+-------------+ |
|
||||
CPU1 | 3 | |
|
||||
+-------------+ |
|
||||
CPU2 | 3 | |
|
||||
+-------------+ |
|
||||
CPU3 | 4 | |
|
||||
+-------------+ |
|
||||
CPU4 | 4 | |
|
||||
+-------------+ |
|
||||
CPU5 | 4 | | PLATFORM_CORE_COUNT
|
||||
+-------------+ |
|
||||
CPU6 | 5 | |
|
||||
+-------------+ |
|
||||
CPU7 | 5 | |
|
||||
+-------------+ |
|
||||
CPU8 | 5 | |
|
||||
+-------------+ |
|
||||
CPU9 | 6 | |
|
||||
+-------------+ |
|
||||
CPU10 | 6 | |
|
||||
+-------------+ |
|
||||
CPU11 | 6 | |
|
||||
+-------------+ |
|
||||
CPU12 | 6 | v
|
||||
+-------------+
|
||||
|
||||
The ``psci_non_cpu_pd_nodes`` array will be populated as follows. The value in
|
||||
each entry is the index of the parent node.
|
||||
|
||||
::
|
||||
|
||||
+-------------+ ^
|
||||
PD0 | -1 | |
|
||||
+-------------+ |
|
||||
PD1 | 0 | |
|
||||
+-------------+ |
|
||||
PD2 | 0 | |
|
||||
+-------------+ |
|
||||
PD3 | 1 | | PLAT_NUM_POWER_DOMAINS -
|
||||
+-------------+ | PLATFORM_CORE_COUNT
|
||||
PD4 | 1 | |
|
||||
+-------------+ |
|
||||
PD5 | 2 | |
|
||||
+-------------+ |
|
||||
PD6 | 2 | |
|
||||
+-------------+ v
|
||||
|
||||
Each core can find its node in the ``psci_cpu_pd_nodes`` array using the
|
||||
``plat_my_core_pos()`` function. When a core is turned on, the normal world
|
||||
provides an MPIDR. The ``plat_core_pos_by_mpidr()`` function is used to validate
|
||||
the MPIDR before using it to find the corresponding core node. The non-core power
|
||||
domain nodes do not need to be identified.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2018, Arm Limited and Contributors. All rights reserved.*
|
||||
169
arm-trusted-firmware.t234/docs/design/reset-design.rst
Normal file
169
arm-trusted-firmware.t234/docs/design/reset-design.rst
Normal file
@@ -0,0 +1,169 @@
|
||||
CPU Reset
|
||||
=========
|
||||
|
||||
This document describes the high-level design of the framework to handle CPU
|
||||
resets in Trusted Firmware-A (TF-A). It also describes how the platform
|
||||
integrator can tailor this code to the system configuration to some extent,
|
||||
resulting in a simplified and more optimised boot flow.
|
||||
|
||||
This document should be used in conjunction with the :ref:`Firmware Design`
|
||||
document which provides greater implementation details around the reset code,
|
||||
specifically for the cold boot path.
|
||||
|
||||
General reset code flow
|
||||
-----------------------
|
||||
|
||||
The TF-A reset code is implemented in BL1 by default. The following high-level
|
||||
diagram illustrates this:
|
||||
|
||||
|Default reset code flow|
|
||||
|
||||
This diagram shows the default, unoptimised reset flow. Depending on the system
|
||||
configuration, some of these steps might be unnecessary. The following sections
|
||||
guide the platform integrator by indicating which build options exclude which
|
||||
steps, depending on the capability of the platform.
|
||||
|
||||
.. note::
|
||||
If BL31 is used as the TF-A entry point instead of BL1, the diagram
|
||||
above is still relevant, as all these operations will occur in BL31 in
|
||||
this case. Please refer to section 6 "Using BL31 entrypoint as the reset
|
||||
address" for more information.
|
||||
|
||||
Programmable CPU reset address
|
||||
------------------------------
|
||||
|
||||
By default, TF-A assumes that the CPU reset address is not programmable.
|
||||
Therefore, all CPUs start at the same address (typically address 0) whenever
|
||||
they reset. Further logic is then required to identify whether it is a cold or
|
||||
warm boot to direct CPUs to the right execution path.
|
||||
|
||||
If the reset vector address (reflected in the reset vector base address register
|
||||
``RVBAR_EL3``) is programmable then it is possible to make each CPU start directly
|
||||
at the right address, both on a cold and warm reset. Therefore, the boot type
|
||||
detection can be skipped, resulting in the following boot flow:
|
||||
|
||||
|Reset code flow with programmable reset address|
|
||||
|
||||
To enable this boot flow, compile TF-A with ``PROGRAMMABLE_RESET_ADDRESS=1``.
|
||||
This option only affects the TF-A reset image, which is BL1 by default or BL31 if
|
||||
``RESET_TO_BL31=1``.
|
||||
|
||||
On both the FVP and Juno platforms, the reset vector address is not programmable
|
||||
so both ports use ``PROGRAMMABLE_RESET_ADDRESS=0``.
|
||||
|
||||
Cold boot on a single CPU
|
||||
-------------------------
|
||||
|
||||
By default, TF-A assumes that several CPUs may be released out of reset.
|
||||
Therefore, the cold boot code has to arbitrate access to hardware resources
|
||||
shared amongst CPUs. This is done by nominating one of the CPUs as the primary,
|
||||
which is responsible for initialising shared hardware and coordinating the boot
|
||||
flow with the other CPUs.
|
||||
|
||||
If the platform guarantees that only a single CPU will ever be brought up then
|
||||
no arbitration is required. The notion of primary/secondary CPU itself no longer
|
||||
applies. This results in the following boot flow:
|
||||
|
||||
|Reset code flow with single CPU released out of reset|
|
||||
|
||||
To enable this boot flow, compile TF-A with ``COLD_BOOT_SINGLE_CPU=1``. This
|
||||
option only affects the TF-A reset image, which is BL1 by default or BL31 if
|
||||
``RESET_TO_BL31=1``.
|
||||
|
||||
On both the FVP and Juno platforms, although only one core is powered up by
|
||||
default, there are platform-specific ways to release any number of cores out of
|
||||
reset. Therefore, both platform ports use ``COLD_BOOT_SINGLE_CPU=0``.
|
||||
|
||||
Programmable CPU reset address, Cold boot on a single CPU
|
||||
---------------------------------------------------------
|
||||
|
||||
It is obviously possible to combine both optimisations on platforms that have
|
||||
a programmable CPU reset address and which release a single CPU out of reset.
|
||||
This results in the following boot flow:
|
||||
|
||||
|
||||
|Reset code flow with programmable reset address and single CPU released out of reset|
|
||||
|
||||
To enable this boot flow, compile TF-A with both ``COLD_BOOT_SINGLE_CPU=1``
|
||||
and ``PROGRAMMABLE_RESET_ADDRESS=1``. These options only affect the TF-A reset
|
||||
image, which is BL1 by default or BL31 if ``RESET_TO_BL31=1``.
|
||||
|
||||
Using BL31 entrypoint as the reset address
|
||||
------------------------------------------
|
||||
|
||||
On some platforms the runtime firmware (BL3x images) for the application
|
||||
processors are loaded by some firmware running on a secure system processor
|
||||
on the SoC, rather than by BL1 and BL2 running on the primary application
|
||||
processor. For this type of SoC it is desirable for the application processor
|
||||
to always reset to BL31 which eliminates the need for BL1 and BL2.
|
||||
|
||||
TF-A provides a build-time option ``RESET_TO_BL31`` that includes some additional
|
||||
logic in the BL31 entry point to support this use case.
|
||||
|
||||
In this configuration, the platform's Trusted Boot Firmware must ensure that
|
||||
BL31 is loaded to its runtime address, which must match the CPU's ``RVBAR_EL3``
|
||||
reset vector base address, before the application processor is powered on.
|
||||
Additionally, platform software is responsible for loading the other BL3x images
|
||||
required and providing entry point information for them to BL31. Loading these
|
||||
images might be done by the Trusted Boot Firmware or by platform code in BL31.
|
||||
|
||||
Although the Arm FVP platform does not support programming the reset base
|
||||
address dynamically at run-time, it is possible to set the initial value of the
|
||||
``RVBAR_EL3`` register at start-up. This feature is provided on the Base FVP
|
||||
only.
|
||||
|
||||
It allows the Arm FVP port to support the ``RESET_TO_BL31`` configuration, in
|
||||
which case the ``bl31.bin`` image must be loaded to its run address in Trusted
|
||||
SRAM and all CPU reset vectors be changed from the default ``0x0`` to this run
|
||||
address. See the :ref:`Arm Fixed Virtual Platforms (FVP)` for details of running
|
||||
the FVP models in this way.
|
||||
|
||||
Although technically it would be possible to program the reset base address with
|
||||
the right support in the SCP firmware, this is currently not implemented so the
|
||||
Juno port doesn't support the ``RESET_TO_BL31`` configuration.
|
||||
|
||||
The ``RESET_TO_BL31`` configuration requires some additions and changes in the
|
||||
BL31 functionality:
|
||||
|
||||
Determination of boot path
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In this configuration, BL31 uses the same reset framework and code as the one
|
||||
described for BL1 above. Therefore, it is affected by the
|
||||
``PROGRAMMABLE_RESET_ADDRESS`` and ``COLD_BOOT_SINGLE_CPU`` build options in the
|
||||
same way.
|
||||
|
||||
In the default, unoptimised BL31 reset flow, on a warm boot a CPU is directed
|
||||
to the PSCI implementation via a platform defined mechanism. On a cold boot,
|
||||
the platform must place any secondary CPUs into a safe state while the primary
|
||||
CPU executes a modified BL31 initialization, as described below.
|
||||
|
||||
Platform initialization
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In this configuration, since the CPU resets to BL31, no parameters are expected
|
||||
to be passed to BL31 (see notes below for clarification).
|
||||
Instead, the platform code in BL31 needs to know, or be able to determine, the
|
||||
location of the BL32 (if required) and BL33 images and provide this information
|
||||
in response to the ``bl31_plat_get_next_image_ep_info()`` function.
|
||||
|
||||
Additionally, platform software is responsible for carrying out any security
|
||||
initialisation, for example programming a TrustZone address space controller.
|
||||
This might be done by the Trusted Boot Firmware or by platform code in BL31.
|
||||
|
||||
.. note::
|
||||
Even though RESET_TO_BL31 is designed such that BL31 is the reset BL image,
|
||||
some platforms may wish to pass some arguments to BL31 as per the defined
|
||||
contract between BL31 and previous bootloaders. Previous bootloaders can
|
||||
pass arguments through registers x0 through x3. BL31 will preserve them and
|
||||
propagate them to platform code, which will handle these arguments in an
|
||||
IMPDEF manner.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. |Default reset code flow| image:: ../resources/diagrams/default_reset_code.png
|
||||
.. |Reset code flow with programmable reset address| image:: ../resources/diagrams/reset_code_no_boot_type_check.png
|
||||
.. |Reset code flow with single CPU released out of reset| image:: ../resources/diagrams/reset_code_no_cpu_check.png
|
||||
.. |Reset code flow with programmable reset address and single CPU released out of reset| image:: ../resources/diagrams/reset_code_no_checks.png
|
||||
@@ -0,0 +1,125 @@
|
||||
Building FIP images with support for Trusted Board Boot
|
||||
=======================================================
|
||||
|
||||
Trusted Board Boot primarily consists of the following two features:
|
||||
|
||||
- Image Authentication, described in :ref:`Trusted Board Boot`, and
|
||||
- Firmware Update, described in :ref:`Firmware Update (FWU)`
|
||||
|
||||
The following steps should be followed to build FIP and (optionally) FWU_FIP
|
||||
images with support for these features:
|
||||
|
||||
#. Fulfill the dependencies of the ``mbedtls`` cryptographic and image parser
|
||||
modules by checking out a recent version of the `mbed TLS Repository`_. It
|
||||
is important to use a version that is compatible with TF-A and fixes any
|
||||
known security vulnerabilities. See `mbed TLS Security Center`_ for more
|
||||
information. See the :ref:`Prerequisites` document for the appropriate
|
||||
version of mbed TLS to use.
|
||||
|
||||
The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS
|
||||
source files the modules depend upon.
|
||||
``include/drivers/auth/mbedtls/mbedtls_config.h`` contains the configuration
|
||||
options required to build the mbed TLS sources.
|
||||
|
||||
Note that the mbed TLS library is licensed under the Apache version 2.0
|
||||
license. Using mbed TLS source code will affect the licensing of TF-A
|
||||
binaries that are built using this library.
|
||||
|
||||
#. To build the FIP image, ensure the following command line variables are set
|
||||
while invoking ``make`` to build TF-A:
|
||||
|
||||
- ``MBEDTLS_DIR=<path of the directory containing mbed TLS sources>``
|
||||
- ``TRUSTED_BOARD_BOOT=1``
|
||||
- ``GENERATE_COT=1``
|
||||
|
||||
By default, this will use the Chain of Trust described in the TBBR-client
|
||||
document. To select a different one, use the ``COT`` build option.
|
||||
|
||||
If using a custom build of OpenSSL, set the ``OPENSSL_DIR`` variable
|
||||
accordingly so it points at the OpenSSL installation path, as explained in
|
||||
:ref:`Build Options`. In addition, set the ``LD_LIBRARY_PATH`` variable
|
||||
when running to point at the custom OpenSSL path, so the OpenSSL libraries
|
||||
are loaded from that path instead of the default OS path. Export this
|
||||
variable if necessary.
|
||||
|
||||
In the case of Arm platforms, the location of the ROTPK must also be
|
||||
specified at build time. The following locations are currently supported (see
|
||||
``ARM_ROTPK_LOCATION`` build option):
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=regs``: the ROTPK hash is obtained from the Trusted
|
||||
root-key storage registers present in the platform. On Juno, these
|
||||
registers are read-only. On FVP Base and Cortex models, the registers
|
||||
are also read-only, but the value can be specified using the command line
|
||||
option ``bp.trusted_key_storage.public_key`` when launching the model.
|
||||
On Juno board, the default value corresponds to an ECDSA-SECP256R1 public
|
||||
key hash, whose private part is not currently available.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=devel_rsa``: use the default hash located in
|
||||
``plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin``. Enforce
|
||||
generation of the new hash if ``ROT_KEY`` is specified.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=devel_ecdsa``: use the default hash located in
|
||||
``plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin``. Enforce
|
||||
generation of the new hash if ``ROT_KEY`` is specified.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=devel_full_dev_rsa_key``: use the key located in
|
||||
``plat/arm/board/common/rotpk/arm_full_dev_rsa_rotpk.S``.
|
||||
|
||||
Example of command line using RSA development keys:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
|
||||
make PLAT=<platform> TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=<path-to>/<bl33_image> OPENSSL_DIR=<path-to>/<openssl> \
|
||||
all fip
|
||||
|
||||
The result of this build will be the bl1.bin and the fip.bin binaries. This
|
||||
FIP will include the certificates corresponding to the selected Chain of
|
||||
Trust. These certificates can also be found in the output build directory.
|
||||
|
||||
#. The optional FWU_FIP contains any additional images to be loaded from
|
||||
Non-Volatile storage during the :ref:`Firmware Update (FWU)` process. To build the
|
||||
FWU_FIP, any FWU images required by the platform must be specified on the
|
||||
command line. On Arm development platforms like Juno, these are:
|
||||
|
||||
- NS_BL2U. The AP non-secure Firmware Updater image.
|
||||
- SCP_BL2U. The SCP Firmware Update Configuration image.
|
||||
|
||||
Example of Juno command line for generating both ``fwu`` and ``fwu_fip``
|
||||
targets using RSA development:
|
||||
|
||||
::
|
||||
|
||||
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
|
||||
make PLAT=juno TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=<path-to>/<bl33_image> OPENSSL_DIR=<path-to>/<openssl> \
|
||||
SCP_BL2=<path-to>/<scp_bl2_image> \
|
||||
SCP_BL2U=<path-to>/<scp_bl2u_image> \
|
||||
NS_BL2U=<path-to>/<ns_bl2u_image> \
|
||||
all fip fwu_fip
|
||||
|
||||
.. note::
|
||||
The BL2U image will be built by default and added to the FWU_FIP.
|
||||
The user may override this by adding ``BL2U=<path-to>/<bl2u_image>``
|
||||
to the command line above.
|
||||
|
||||
.. note::
|
||||
Building and installing the non-secure and SCP FWU images (NS_BL1U,
|
||||
NS_BL2U and SCP_BL2U) is outside the scope of this document.
|
||||
|
||||
The result of this build will be bl1.bin, fip.bin and fwu_fip.bin binaries.
|
||||
Both the FIP and FWU_FIP will include the certificates corresponding to the
|
||||
selected Chain of Trust. These certificates can also be found in the output
|
||||
build directory.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _mbed TLS Repository: https://github.com/ARMmbed/mbedtls.git
|
||||
.. _mbed TLS Security Center: https://tls.mbed.org/security
|
||||
336
arm-trusted-firmware.t234/docs/design/trusted-board-boot.rst
Normal file
336
arm-trusted-firmware.t234/docs/design/trusted-board-boot.rst
Normal file
@@ -0,0 +1,336 @@
|
||||
Trusted Board Boot
|
||||
==================
|
||||
|
||||
The `Trusted Board Boot` (TBB) feature prevents malicious firmware from running
|
||||
on the platform by authenticating all firmware images up to and including the
|
||||
normal world bootloader. It does this by establishing a `Chain of Trust` using
|
||||
Public-Key-Cryptography Standards (PKCS).
|
||||
|
||||
This document describes the design of Trusted Firmware-A (TF-A) TBB, which is an
|
||||
implementation of the `Trusted Board Boot Requirements (TBBR)`_ specification,
|
||||
Arm DEN0006D. It should be used in conjunction with the :ref:`Firmware Update
|
||||
(FWU)` design document, which implements a specific aspect of the TBBR.
|
||||
|
||||
Chain of Trust
|
||||
--------------
|
||||
|
||||
A Chain of Trust (CoT) starts with a set of implicitly trusted components, which
|
||||
are used to establish trust in the next layer of components, and so on, in a
|
||||
`chained` manner.
|
||||
|
||||
The chain of trust depends on several factors, including:
|
||||
|
||||
- The set of firmware images in use on this platform.
|
||||
Typically, most platforms share a common set of firmware images (BL1, BL2,
|
||||
BL31, BL33) but extra platform-specific images might be required.
|
||||
|
||||
- The key provisioning scheme: which keys need to programmed into the device
|
||||
and at which stage during the platform's manufacturing lifecycle.
|
||||
|
||||
- The key ownership model: who owns which key.
|
||||
|
||||
As these vary across platforms, chains of trust also vary across
|
||||
platforms. Although each platform is free to define its own CoT based on its
|
||||
needs, TF-A provides a set of "default" CoTs fitting some typical trust models,
|
||||
which platforms may reuse. The rest of this section presents general concepts
|
||||
which apply to all these default CoTs.
|
||||
|
||||
The implicitly trusted components forming the trust anchor are:
|
||||
|
||||
- A Root of Trust Public Key (ROTPK), or a hash of it.
|
||||
|
||||
On Arm development platforms, a SHA-256 hash of the ROTPK is stored in the
|
||||
trusted root-key storage registers. Alternatively, a development ROTPK might
|
||||
be used and its hash embedded into the BL1 and BL2 images (only for
|
||||
development purposes).
|
||||
|
||||
- The BL1 image, on the assumption that it resides in ROM so cannot be
|
||||
tampered with.
|
||||
|
||||
The remaining components in the CoT are either certificates or boot loader
|
||||
images. The certificates follow the `X.509 v3`_ standard. This standard
|
||||
enables adding custom extensions to the certificates, which are used to store
|
||||
essential information to establish the CoT.
|
||||
|
||||
All certificates are self-signed. There is no need for a Certificate Authority
|
||||
(CA) because the CoT is not established by verifying the validity of a
|
||||
certificate's issuer but by the content of the certificate extensions. To sign
|
||||
the certificates, different signature schemes are available, please refer to the
|
||||
:ref:`Build Options` for more details.
|
||||
|
||||
The certificates are categorised as "Key" and "Content" certificates. Key
|
||||
certificates are used to verify public keys which have been used to sign content
|
||||
certificates. Content certificates are used to store the hash of a boot loader
|
||||
image. An image can be authenticated by calculating its hash and matching it
|
||||
with the hash extracted from the content certificate. Various hash algorithms
|
||||
are supported to calculate all hashes, please refer to the :ref:`Build Options`
|
||||
for more details. The public keys and hashes are included as non-standard
|
||||
extension fields in the `X.509 v3`_ certificates.
|
||||
|
||||
The next sections now present specificities of each default CoT provided in
|
||||
TF-A.
|
||||
|
||||
Default CoT #1: TBBR
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The `TBBR` CoT is named after the specification it follows to the letter.
|
||||
|
||||
In the TBBR CoT, all firmware binaries and certificates are (directly or
|
||||
indirectly) linked to the Root of Trust Public Key (ROTPK). Typically, the same
|
||||
vendor owns the ROTPK, the Trusted key and the Non-Trusted Key. Thus, this vendor
|
||||
is involved in signing every BL3x Key Certificate.
|
||||
|
||||
The keys used to establish this CoT are:
|
||||
|
||||
- **Root of trust key**
|
||||
|
||||
The private part of this key is used to sign the trusted boot firmware
|
||||
certificate and the trusted key certificate. The public part is the ROTPK.
|
||||
|
||||
- **Trusted world key**
|
||||
|
||||
The private part is used to sign the key certificates corresponding to the
|
||||
secure world images (SCP_BL2, BL31 and BL32). The public part is stored in
|
||||
one of the extension fields in the trusted key certificate.
|
||||
|
||||
- **Non-trusted world key**
|
||||
|
||||
The private part is used to sign the key certificate corresponding to the
|
||||
non-secure world image (BL33). The public part is stored in one of the
|
||||
extension fields in the trusted key certificate.
|
||||
|
||||
- **BL3X keys**
|
||||
|
||||
For each of SCP_BL2, BL31, BL32 and BL33, the private part is used to
|
||||
sign the content certificate for the BL3X image. The public part is stored
|
||||
in one of the extension fields in the corresponding key certificate.
|
||||
|
||||
The following images are included in the CoT:
|
||||
|
||||
- BL1
|
||||
- BL2
|
||||
- SCP_BL2 (optional)
|
||||
- BL31
|
||||
- BL33
|
||||
- BL32 (optional)
|
||||
|
||||
The following certificates are used to authenticate the images.
|
||||
|
||||
- **Trusted boot firmware certificate**
|
||||
|
||||
It is self-signed with the private part of the ROT key. It contains a hash of
|
||||
the BL2 image and hashes of various firmware configuration files
|
||||
(TB_FW_CONFIG, HW_CONFIG, FW_CONFIG).
|
||||
|
||||
- **Trusted key certificate**
|
||||
|
||||
It is self-signed with the private part of the ROT key. It contains the
|
||||
public part of the trusted world key and the public part of the non-trusted
|
||||
world key.
|
||||
|
||||
- **SCP firmware key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the SCP_BL2 key.
|
||||
|
||||
- **SCP firmware content certificate**
|
||||
|
||||
It is self-signed with the SCP_BL2 key. It contains a hash of the SCP_BL2
|
||||
image.
|
||||
|
||||
- **SoC firmware key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the BL31 key.
|
||||
|
||||
- **SoC firmware content certificate**
|
||||
|
||||
It is self-signed with the BL31 key. It contains hashes of the BL31 image and
|
||||
its configuration file (SOC_FW_CONFIG).
|
||||
|
||||
- **Trusted OS key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the BL32 key.
|
||||
|
||||
- **Trusted OS content certificate**
|
||||
|
||||
It is self-signed with the BL32 key. It contains hashes of the BL32 image(s)
|
||||
and its configuration file(s) (TOS_FW_CONFIG).
|
||||
|
||||
- **Non-trusted firmware key certificate**
|
||||
|
||||
It is self-signed with the non-trusted world key. It contains the public
|
||||
part of the BL33 key.
|
||||
|
||||
- **Non-trusted firmware content certificate**
|
||||
|
||||
It is self-signed with the BL33 key. It contains hashes of the BL33 image and
|
||||
its configuration file (NT_FW_CONFIG).
|
||||
|
||||
The SCP firmware and Trusted OS certificates are optional, but they must be
|
||||
present if the corresponding SCP_BL2 or BL32 images are present.
|
||||
|
||||
The following diagram summarizes the part of the TBBR CoT enforced by BL2. Some
|
||||
images (SCP, debug certificates, secure partitions, configuration files) are not
|
||||
shown here for conciseness:
|
||||
|
||||
.. image:: ../resources/diagrams/cot-tbbr.jpg
|
||||
|
||||
Default CoT #2: Dualroot
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The `dualroot` CoT is targeted at systems where the Normal World firmware is
|
||||
owned by a different entity than the Secure World Firmware, and those 2 entities
|
||||
do not wish to share any keys or have any dependency between each other when it
|
||||
comes to signing their respective images. It establishes 2 separate signing
|
||||
domains, each with its own Root of Trust key. In that sense, this CoT has 2
|
||||
roots of trust, hence the `dualroot` name.
|
||||
|
||||
Although the dualroot CoT reuses some of the TBBR CoT components and concepts,
|
||||
it differs on the BL33 image's chain of trust, which is rooted into a new key,
|
||||
called `Platform ROTPK`, or `PROTPK` for short.
|
||||
|
||||
The following diagram summarizes the part of the dualroot CoT enforced by
|
||||
BL2. Some images (SCP, debug certificates, secure partitions, configuration
|
||||
files) are not shown here for conciseness:
|
||||
|
||||
.. image:: ../resources/diagrams/cot-dualroot.jpg
|
||||
|
||||
Default CoT #3: CCA
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This CoT is targeted at Arm CCA systems. The Arm CCA security model recommends
|
||||
making supply chains for the Arm CCA firmware, the secure world firmware and the
|
||||
platform owner firmware, independent. Hence, this CoT has 3 roots of trust, one
|
||||
for each supply chain.
|
||||
|
||||
Trusted Board Boot Sequence
|
||||
---------------------------
|
||||
|
||||
The CoT is verified through the following sequence of steps. The system panics
|
||||
if any of the steps fail.
|
||||
|
||||
- BL1 loads and verifies the BL2 content certificate. The issuer public key is
|
||||
read from the verified certificate. A hash of that key is calculated and
|
||||
compared with the hash of the ROTPK read from the trusted root-key storage
|
||||
registers. If they match, the BL2 hash is read from the certificate.
|
||||
|
||||
.. note::
|
||||
The matching operation is platform specific and is currently
|
||||
unimplemented on the Arm development platforms.
|
||||
|
||||
- BL1 loads the BL2 image. Its hash is calculated and compared with the hash
|
||||
read from the certificate. Control is transferred to the BL2 image if all
|
||||
the comparisons succeed.
|
||||
|
||||
- BL2 loads and verifies the trusted key certificate. The issuer public key is
|
||||
read from the verified certificate. A hash of that key is calculated and
|
||||
compared with the hash of the ROTPK read from the trusted root-key storage
|
||||
registers. If the comparison succeeds, BL2 reads and saves the trusted and
|
||||
non-trusted world public keys from the verified certificate.
|
||||
|
||||
The next two steps are executed for each of the SCP_BL2, BL31 & BL32 images.
|
||||
The steps for the optional SCP_BL2 and BL32 images are skipped if these images
|
||||
are not present.
|
||||
|
||||
- BL2 loads and verifies the BL3x key certificate. The certificate signature
|
||||
is verified using the trusted world public key. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL3x public key from the
|
||||
certificate.
|
||||
|
||||
- BL2 loads and verifies the BL3x content certificate. The signature is
|
||||
verified using the BL3x public key. If the signature verification succeeds,
|
||||
BL2 reads and saves the BL3x image hash from the certificate.
|
||||
|
||||
The next two steps are executed only for the BL33 image.
|
||||
|
||||
- BL2 loads and verifies the BL33 key certificate. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL33 public key from the
|
||||
certificate.
|
||||
|
||||
- BL2 loads and verifies the BL33 content certificate. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL33 image hash from the
|
||||
certificate.
|
||||
|
||||
The next step is executed for all the boot loader images.
|
||||
|
||||
- BL2 calculates the hash of each image. It compares it with the hash obtained
|
||||
from the corresponding content certificate. The image authentication succeeds
|
||||
if the hashes match.
|
||||
|
||||
The Trusted Board Boot implementation spans both generic and platform-specific
|
||||
BL1 and BL2 code, and in tool code on the host build machine. The feature is
|
||||
enabled through use of specific build flags as described in
|
||||
:ref:`Build Options`.
|
||||
|
||||
On the host machine, a tool generates the certificates, which are included in
|
||||
the FIP along with the boot loader images. These certificates are loaded in
|
||||
Trusted SRAM using the IO storage framework. They are then verified by an
|
||||
Authentication module included in TF-A.
|
||||
|
||||
The mechanism used for generating the FIP and the Authentication module are
|
||||
described in the following sections.
|
||||
|
||||
Authentication Framework
|
||||
------------------------
|
||||
|
||||
The authentication framework included in TF-A provides support to implement
|
||||
the desired trusted boot sequence. Arm platforms use this framework to
|
||||
implement the boot requirements specified in the
|
||||
`Trusted Board Boot Requirements (TBBR)`_ document.
|
||||
|
||||
More information about the authentication framework can be found in the
|
||||
:ref:`Authentication Framework & Chain of Trust` document.
|
||||
|
||||
Certificate Generation Tool
|
||||
---------------------------
|
||||
|
||||
The ``cert_create`` tool is built and runs on the host machine as part of the
|
||||
TF-A build process when ``GENERATE_COT=1``. It takes the boot loader images
|
||||
and keys as inputs and generates the certificates (in DER format) required to
|
||||
establish the CoT. The input keys must either be a file in PEM format or a
|
||||
PKCS11 URI in case a HSM is used. New keys can be generated by the tool in
|
||||
case they are not provided. The certificates are then passed as inputs to
|
||||
the ``fiptool`` utility for creating the FIP.
|
||||
|
||||
The certificates are also stored individually in the output build directory.
|
||||
|
||||
The tool resides in the ``tools/cert_create`` directory. It uses the OpenSSL SSL
|
||||
library version to generate the X.509 certificates. The specific version of the
|
||||
library that is required is given in the :ref:`Prerequisites` document.
|
||||
|
||||
Instructions for building and using the tool can be found at
|
||||
:ref:`tools_build_cert_create`.
|
||||
|
||||
Authenticated Encryption Framework
|
||||
----------------------------------
|
||||
|
||||
The authenticated encryption framework included in TF-A provides support to
|
||||
implement the optional firmware encryption feature. This feature can be
|
||||
optionally enabled on platforms to implement the optional requirement:
|
||||
R060_TBBR_FUNCTION as specified in the `Trusted Board Boot Requirements (TBBR)`_
|
||||
document.
|
||||
|
||||
Firmware Encryption Tool
|
||||
------------------------
|
||||
|
||||
The ``encrypt_fw`` tool is built and runs on the host machine as part of the
|
||||
TF-A build process when ``DECRYPTION_SUPPORT != none``. It takes the plain
|
||||
firmware image as input and generates the encrypted firmware image which can
|
||||
then be passed as input to the ``fiptool`` utility for creating the FIP.
|
||||
|
||||
The encrypted firmwares are also stored individually in the output build
|
||||
directory.
|
||||
|
||||
The tool resides in the ``tools/encrypt_fw`` directory. It uses OpenSSL SSL
|
||||
library version 1.0.1 or later to do authenticated encryption operation.
|
||||
Instructions for building and using the tool can be found in the
|
||||
:ref:`tools_build_enctool`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _X.509 v3: https://tools.ietf.org/rfc/rfc5280.txt
|
||||
.. _Trusted Board Boot Requirements (TBBR): https://developer.arm.com/docs/den0006/latest
|
||||
@@ -0,0 +1,161 @@
|
||||
TF-A CMake buildsystem
|
||||
======================
|
||||
|
||||
:Author: Balint Dobszay
|
||||
:Organization: Arm Limited
|
||||
:Contact: Balint Dobszay <balint.dobszay@arm.com>
|
||||
:Status: Accepted
|
||||
|
||||
.. contents:: Table of Contents
|
||||
|
||||
Abstract
|
||||
--------
|
||||
This document presents a proposal for a new buildsystem for TF-A using CMake,
|
||||
and as part of this a reusable CMake framework for embedded projects.
|
||||
|
||||
Introduction
|
||||
------------
|
||||
The current Makefile based buildsystem of TF-A has become complicated and hard
|
||||
to maintain, there is a need for a new, more flexible solution. The proposal is
|
||||
to use CMake language for the new buildsystem. The main reasons of this decision
|
||||
are the following:
|
||||
|
||||
* It is a well-established, mature tool, widely accepted by open-source
|
||||
projects.
|
||||
* TF-M is already using CMake, reducing fragmentation for tf.org projects can be
|
||||
beneficial.
|
||||
* CMake has various advantages over Make, e.g.:
|
||||
|
||||
* Host and target system agnostic project.
|
||||
* CMake project is scalable, supports project modularization.
|
||||
* Supports software integration.
|
||||
* Out-of-the-box support for integration with several tools (e.g. project
|
||||
generation for various IDEs, integration with cppcheck, etc).
|
||||
|
||||
Of course there are drawbacks too:
|
||||
|
||||
* Language is problematic (e.g. variable scope).
|
||||
* Not embedded approach.
|
||||
|
||||
To overcome these and other problems, we need to create workarounds for some
|
||||
tasks, wrap CMake functions, etc. Since this functionality can be useful in
|
||||
other embedded projects too, it is beneficial to collect the new code into a
|
||||
reusable framework and store this in a separate repository. The following
|
||||
diagram provides an overview of the framework structure:
|
||||
|
||||
|Framework structure|
|
||||
|
||||
Main features
|
||||
-------------
|
||||
|
||||
Structured configuration description
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
In the current Makefile system the build configuration description, validation,
|
||||
processing, and the target creation, source file description are mixed and
|
||||
spread across several files. One of the goals of the framework is to organize
|
||||
this.
|
||||
|
||||
The framework provides a solution to describe the input build parameters, flags,
|
||||
macros, etc. in a structured way. It contains two utilities for this purpose:
|
||||
|
||||
* Map: simple key-value pair implementation.
|
||||
* Group: collection of related maps.
|
||||
|
||||
The related parameters shall be packed into a group (or "setting group"). The
|
||||
setting groups shall be defined and filled with content in config files.
|
||||
Currently the config files are created and edited manually, but later a
|
||||
configuration management tool (e.g. Kconfig) shall be used to generate these
|
||||
files. Therefore, the framework does not contain parameter validation and
|
||||
conflict checking, these shall be handled by the configuration tool.
|
||||
|
||||
Target description
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
The framework provides an API called STGT ('simple target') to describe the
|
||||
targets, i.e. what is the build output, what source files are used, what
|
||||
libraries are linked, etc. The API wraps the CMake target functions, and also
|
||||
extends the built-in functionality, it can use the setting groups described in
|
||||
the previous section. A group can be applied onto a target, i.e. a collection of
|
||||
macros, flags, etc. can be applied onto the given output executable/library.
|
||||
This provides a more granular way than the current Makefile system where most of
|
||||
these are global and applied onto each target.
|
||||
|
||||
Compiler abstraction
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
Apart from the built-in CMake usage of the compiler, there are some common tasks
|
||||
that CMake does not solve (e.g. preprocessing a file). For these tasks the
|
||||
framework uses wrapper functions instead of direct calls to the compiler. This
|
||||
way it is not tied to one specific compiler.
|
||||
|
||||
External tools
|
||||
^^^^^^^^^^^^^^
|
||||
In the TF-A buildsystem some external tools are used, e.g. fiptool for image
|
||||
generation or dtc for device tree compilation. These tools have to be found
|
||||
and/or built by the framework. For this, the CMake find_package functionality is
|
||||
used, any other necessary tools can be added later.
|
||||
|
||||
Workflow
|
||||
--------
|
||||
The following diagram demonstrates the development workflow using the framework:
|
||||
|
||||
|Framework workflow|
|
||||
|
||||
The process can be split into two main phases:
|
||||
|
||||
In the provisioning phase, first we have to obtain the necessary resources, i.e.
|
||||
clone the code repository and other dependencies. Next we have to do the
|
||||
configuration, preferably using a config tool like KConfig.
|
||||
|
||||
In the development phase first we run CMake, which will generate the buildsystem
|
||||
using the selected generator backend (currently only the Makefile generator is
|
||||
supported). After this we run the selected build tool which in turn calls the
|
||||
compiler, linker, packaging tool, etc. Finally we can run and debug the output
|
||||
executables.
|
||||
|
||||
Usually during development only the steps in this second phase have to be
|
||||
repeated, while the provisioning phase needs to be done only once (or rarely).
|
||||
|
||||
Example
|
||||
-------
|
||||
This is a short example for the basic framework usage.
|
||||
|
||||
First, we create a setting group called *mem_conf* and fill it with several
|
||||
parameters. It is worth noting the difference between *CONFIG* and *DEFINE*
|
||||
types: the former is only a CMake domain option, the latter is only a C language
|
||||
macro.
|
||||
|
||||
Next, we create a target called *fw1* and add the *mem_conf* setting group to
|
||||
it. This means that all source and header files used by the target will have all
|
||||
the parameters declared in the setting group. Then we set the target type to
|
||||
executable, and add some source files. Since the target has the parameters from
|
||||
the settings group, we can use it for conditionally adding source files. E.g.
|
||||
*dram_controller.c* will only be added if MEM_TYPE equals dram.
|
||||
|
||||
.. code-block:: cmake
|
||||
|
||||
group_new(NAME mem_conf)
|
||||
group_add(NAME mem_conf TYPE DEFINE KEY MEM_SIZE VAL 1024)
|
||||
group_add(NAME mem_conf TYPE CONFIG DEFINE KEY MEM_TYPE VAL dram)
|
||||
group_add(NAME mem_conf TYPE CFLAG KEY -Os)
|
||||
|
||||
stgt_create(NAME fw1)
|
||||
stgt_add_setting(NAME fw1 GROUPS mem_conf)
|
||||
stgt_set_target(NAME fw1 TYPE exe)
|
||||
|
||||
stgt_add_src(NAME fw1 SRC
|
||||
${CMAKE_SOURCE_DIR}/main.c
|
||||
)
|
||||
|
||||
stgt_add_src_cond(NAME fw1 KEY MEM_TYPE VAL dram SRC
|
||||
${CMAKE_SOURCE_DIR}/dram_controller.c
|
||||
)
|
||||
|
||||
.. |Framework structure| image::
|
||||
../resources/diagrams/cmake_framework_structure.png
|
||||
:width: 75 %
|
||||
|
||||
.. |Framework workflow| image::
|
||||
../resources/diagrams/cmake_framework_workflow.png
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,197 @@
|
||||
Enhance Context Management library for EL3 firmware
|
||||
===================================================
|
||||
|
||||
:Authors: Soby Mathew & Zelalem Aweke
|
||||
:Organization: Arm Limited
|
||||
:Contact: Soby Mathew <soby.mathew@arm.com> & Zelalem Aweke <zelalem.aweke@arm.com>
|
||||
:Status: Implementation is ongoing. Refer to :ref:`Context Management Library` for more details.
|
||||
|
||||
.. contents:: Table of Contents
|
||||
|
||||
Introduction
|
||||
------------
|
||||
The context management library in TF-A provides the basic CPU context
|
||||
initialization and management routines for use by different components
|
||||
in EL3 firmware. The original design of the library was done keeping in
|
||||
mind the 2 world switch and hence this design pattern has been extended to
|
||||
keep up with growing requirements of EL3 firmware. With the introduction
|
||||
of a new Realm world and a separate Root world for EL3 firmware, it is clear
|
||||
that this library needs to be refactored to cater for future enhancements and
|
||||
reduce chances of introducing error in code. This also aligns with the overall
|
||||
goal of reducing EL3 firmware complexity and footprint.
|
||||
|
||||
It is expected that the suggestions below could have legacy implications and
|
||||
hence we are mainly targeting SPM/RMM based systems. It is expected that these
|
||||
legacy issues will need to be sorted out as part of implementation on a case
|
||||
by case basis.
|
||||
|
||||
Design Principles
|
||||
-----------------
|
||||
The below section lays down the design principles for re-factoring the context
|
||||
management library :
|
||||
|
||||
(1) **Decentralized model for context mgmt**
|
||||
|
||||
Both the Secure and Realm worlds have associated dispatcher component in
|
||||
EL3 firmware to allow management of their respective worlds. Allowing the
|
||||
dispatcher to own the context for their respective world and moving away
|
||||
from a centralized policy management by context management library will
|
||||
remove the world differentiation code in the library. This also means that
|
||||
the library will not be responsible for CPU feature enablement for
|
||||
Secure and Realm worlds. See point 3 and 4 for more details.
|
||||
|
||||
The Non Secure world does not have a dispatcher component and hence EL3
|
||||
firmware (BL31)/context management library needs to have routines to help
|
||||
initialize the Non Secure world context.
|
||||
|
||||
(2) **EL3 should only initialize immediate used lower EL**
|
||||
|
||||
Due to the way TF-A evolved, from EL3 interacting with an S-EL1 payload to
|
||||
SPM in S-EL2, there is some code initializing S-EL1 registers which is
|
||||
probably redundant when SPM is present in S-EL2. As a principle, EL3
|
||||
firmware should only initialize the next immediate lower EL in use.
|
||||
If EL2 needs to be skipped and is not to be used at runtime, then
|
||||
EL3 can do the bare minimal EL2 init and init EL1 to prepare for EL3 exit.
|
||||
It is expected that this skip EL2 configuration is only needed for NS
|
||||
world to support legacy Android deployments. It is worth removing this
|
||||
`skip EL2 for Non Secure` config support if this is no longer used.
|
||||
|
||||
(3) **Maintain EL3 sysregs which affect lower EL within CPU context**
|
||||
|
||||
The CPU context contains some EL3 sysregs and gets applied on a per-world
|
||||
basis (eg: cptr_el3, scr_el3, zcr_el3 is part of the context
|
||||
because different settings need to be applied between each world).
|
||||
But this design pattern is not enforced in TF-A. It is possible to directly
|
||||
modify EL3 sysreg dynamically during the transition between NS and Secure
|
||||
worlds. Having multiple ways of manipulating EL3 sysregs for different
|
||||
values between the worlds is flaky and error prone. The proposal is to
|
||||
enforce the rule that any EL3 sysreg which can be different between worlds
|
||||
is maintained in the CPU Context. Once the context is initialized the
|
||||
EL3 sysreg values corresponding to the world being entered will be restored.
|
||||
|
||||
(4) **Allow more flexibility for Dispatchers to select feature set to save and restore**
|
||||
|
||||
The current functions for EL2 CPU context save and restore is a single
|
||||
function which takes care of saving and restoring all the registers for
|
||||
EL2. This method is inflexible and it does not allow to dynamically detect
|
||||
CPU features to select registers to save and restore. It also assumes that
|
||||
both Realm and Secure world will have the same feature set enabled from
|
||||
EL3 at runtime and makes it hard to enable different features for each
|
||||
world. The framework should cater for selective save and restore of CPU
|
||||
registers which can be controlled by the dispatcher.
|
||||
|
||||
For the implementation, this could mean that there is a separate assembly
|
||||
save and restore routine corresponding to Arch feature. The memory allocation
|
||||
within the CPU Context for each set of registers will be controlled by a
|
||||
FEAT_xxx build option. It is a valid configuration to have
|
||||
context memory allocated but not used at runtime based on feature detection
|
||||
at runtime or the platform owner has decided not to enable the feature
|
||||
for the particular world.
|
||||
|
||||
Context Allocation and Initialization
|
||||
-------------------------------------
|
||||
|
||||
|context_mgmt_abs|
|
||||
|
||||
.. |context_mgmt_abs| image::
|
||||
../resources/diagrams/context_management_abs.png
|
||||
|
||||
The above figure shows how the CPU context is allocated within TF-A. The
|
||||
allocation for Secure and Realm world is by the respective dispatcher. In the case
|
||||
of NS world, the context is allocated by the PSCI lib. This scheme allows TF-A
|
||||
to be built in various configurations (with or without Secure/Realm worlds) and
|
||||
will result in optimal memory footprint. The Secure and Realm world contexts are
|
||||
initialized by invoking context management library APIs which then initialize
|
||||
each world based on conditional evaluation of the security state of the
|
||||
context. The proposal here is to move the conditional initialization
|
||||
of context for Secure and Realm worlds to their respective dispatchers and
|
||||
have the library do only the common init needed. The library can export
|
||||
helpers to initialize registers corresponding to certain features but
|
||||
should not try to do different initialization between the worlds. The library
|
||||
can also export helpers for initialization of NS CPU Context since there is no
|
||||
dispatcher for that world.
|
||||
|
||||
This implies that any world specific code in context mgmt lib should now be
|
||||
migrated to the respective "owners". To maintain compatibility with legacy, the
|
||||
current functions can be retained in the lib and perhaps define new ones for
|
||||
use by SPMD and RMMD. The details of this can be worked out during
|
||||
implementation.
|
||||
|
||||
Introducing Root Context
|
||||
------------------------
|
||||
Till now, we have been ignoring the fact that Root world (or EL3) itself could
|
||||
have some settings which are distinct from NS/S/Realm worlds. In this case,
|
||||
Root world itself would need to maintain some sysregs settings for its own
|
||||
execution and would need to use sysregs of lower EL (eg: PAuth, pmcr) to enable
|
||||
some functionalities in EL3. The current sequence for context save and restore
|
||||
in TF-A is as given below:
|
||||
|
||||
|context_mgmt_existing|
|
||||
|
||||
.. |context_mgmt_existing| image::
|
||||
../resources/diagrams/context_mgmt_existing.png
|
||||
|
||||
Note1: The EL3 CPU context is not a homogenous collection of EL3 sysregs but
|
||||
a collection of EL3 and some other lower EL registers. The save and restore
|
||||
is also not done homogenously but based on the objective of using the
|
||||
particular register.
|
||||
|
||||
Note2: The EL1 context save and restore can possibly be removed when switching
|
||||
to S-EL2 as SPM can take care of saving the incoming NS EL1 context.
|
||||
|
||||
It can be seen that the EL3 sysreg values applied while the execution is in Root
|
||||
world corresponds to the world it came from (eg: if entering EL3 from NS world,
|
||||
the sysregs correspond to the values in NS context). There is a case that EL3
|
||||
itself may have some settings to apply for various reasons. A good example for
|
||||
this is the cptr_el3 regsiter. Although FPU traps need to be disabled for
|
||||
Non Secure, Secure and Realm worlds, the EL3 execution itself may keep the trap
|
||||
enabled for the sake of robustness. Another example is, if the MTE feature
|
||||
is enabled for a particular world, this feature will be enabled for Root world
|
||||
as well when entering EL3 from that world. The firmware at EL3 may not
|
||||
be expecting this feature to be enabled and may cause unwanted side-effects
|
||||
which could be problematic. Thus it would be more robust if Root world is not
|
||||
subject to EL3 sysreg values from other worlds but maintains its own values
|
||||
which is stable and predictable throughout root world execution.
|
||||
|
||||
There is also the case that when EL3 would like to make use of some
|
||||
Architectural feature(s) or do some security hardening, it might need
|
||||
programming of some lower EL sysregs. For example, if EL3 needs to make
|
||||
use of Pointer Authentication (PAuth) feature, it needs to program
|
||||
its own PAuth Keys during execution at EL3. Hence EL3 needs its
|
||||
own copy of PAuth registers which needs to be restored on every
|
||||
entry to EL3. A similar case can be made for DIT bit in PSTATE,
|
||||
or use of SP_EL0 for C Runtime Stack at EL3.
|
||||
|
||||
The proposal here is to maintain a separate root world CPU context
|
||||
which gets applied for Root world execution. This is not the full
|
||||
CPU_Context, but subset of EL3 sysregs (`el3_sysreg`) and lower EL
|
||||
sysregs (`root_exc_context`) used by EL3. The save and restore
|
||||
sequence for this Root context would need to be done in
|
||||
an optimal way. The `el3_sysreg` does not need to be saved
|
||||
on EL3 Exit and possibly only some registers in `root_exc_context`
|
||||
of Root world context would need to be saved on EL3 exit (eg: SP_EL0).
|
||||
|
||||
The new sequence for world switch including Root world context would
|
||||
be as given below :
|
||||
|
||||
|context_mgmt_proposed|
|
||||
|
||||
.. |context_mgmt_proposed| image::
|
||||
../resources/diagrams/context_mgmt_proposed.png
|
||||
|
||||
Having this framework in place will allow Root world to make use of lower EL
|
||||
registers easily for its own purposes and also have a fixed EL3 sysreg setting
|
||||
which is not affected by the settings of other worlds. This will unify the
|
||||
Root world register usage pattern for its own execution and remove some
|
||||
of the adhoc usages in code.
|
||||
|
||||
Conclusion
|
||||
----------
|
||||
Of all the proposals, the introduction of Root world context would likely need
|
||||
further prototyping to confirm the design and we will need to measure the
|
||||
performance and memory impact of this change. Other changes are incremental
|
||||
improvements which are thought to have negligible impact on EL3 performance.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2022-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
132
arm-trusted-firmware.t234/docs/design_documents/drtm_poc.rst
Normal file
132
arm-trusted-firmware.t234/docs/design_documents/drtm_poc.rst
Normal file
@@ -0,0 +1,132 @@
|
||||
DRTM Proof of Concept
|
||||
=====================
|
||||
|
||||
Dynamic Root of Trust for Measurement (DRTM) begins a new trust environment
|
||||
by measuring and executing a protected payload.
|
||||
|
||||
Static Root of Trust for Measurement (SRTM)/Measured Boot implementation,
|
||||
currently used by TF-A covers all firmwares, from the boot ROM to the normal
|
||||
world bootloader. As a whole, they make up the system's TCB. These boot
|
||||
measurements allow attesting to what software is running on the system and
|
||||
enable enforcing security policies.
|
||||
|
||||
As the boot chain grows or firmware becomes dynamically extensible,
|
||||
establishing an attestable TCB becomes more challenging. DRTM provides a
|
||||
solution to this problem by allowing measurement chains to be started at
|
||||
any time. As these measurements are stored separately from the boot-time
|
||||
measurements, they reduce the size of the TCB, which helps reduce the attack
|
||||
surface and the risk of untrusted code executing, which could compromise
|
||||
the security of the system.
|
||||
|
||||
Components
|
||||
~~~~~~~~~~
|
||||
|
||||
- **DCE-Preamble**: The DCE Preamble prepares the platform for DRTM by
|
||||
doing any needed configuration, loading the target payload image(DLME),
|
||||
and preparing input parameters needed by DRTM. Finally, it invokes the
|
||||
DL Event to start the dynamic launch.
|
||||
|
||||
- **D-CRTM**: The D-CRTM is the trust anchor (or root of trust) for the
|
||||
DRTM boot sequence and is where the dynamic launch starts. The D-CRTM
|
||||
must be implemented as a trusted agent in the system. The D-CRTM
|
||||
initializes the TPM for DRTM and prepares the environment for the next
|
||||
stage of DRTM, the DCE. The D-CRTM measures the DCE, verifies its
|
||||
signature, and transfers control to it.
|
||||
|
||||
- **DCE**: The DCE executes on an application core. The DCE verifies the
|
||||
system’s state, measures security-critical attributes of the system,
|
||||
prepares the memory region for the target payload, measures the payload,
|
||||
and finally transfers control to the payload.
|
||||
|
||||
- **DLME**: The protected payload is referred to as the Dynamically Launched
|
||||
Measured Environment, or DLME. The DLME begins execution in a safe state,
|
||||
with a single thread of execution, DMA protections, and interrupts
|
||||
disabled. The DCE provides data to the DLME that it can use to verify the
|
||||
configuration of the system.
|
||||
|
||||
In this proof of concept, DCE and D-CRTM are implemented in BL31 and
|
||||
DCE-Preamble and DLME are implemented in UEFI application. A DL Event is
|
||||
triggered as a SMC by DCE-Preamble and handled by D-CRTM, which launches the
|
||||
DLME via DCE.
|
||||
|
||||
This manual provides instructions to build TF-A code with pre-buit EDK2
|
||||
and DRTM UEFI application.
|
||||
|
||||
Building the PoC for the Arm FVP platform
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
(1) Use the below command to clone TF-A source code -
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
|
||||
|
||||
(2) There are prebuilt binaries required to execute the DRTM implementation
|
||||
in the `prebuilts-drtm-bins`_.
|
||||
Download EDK2 *FVP_AARCH64_EFI.fd* and UEFI DRTM application *test-disk.img*
|
||||
binary from `prebuilts-drtm-bins`_.
|
||||
|
||||
(3) Build the TF-A code using below command
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ make CROSS_COMPILE=aarch64-none-elf- ARM_ROTPK_LOCATION=devel_rsa
|
||||
DEBUG=1 V=1 BL33=</path/to/FVP_AARCH64_EFI.fd> DRTM_SUPPORT=1
|
||||
MBEDTLS_DIR=</path/to/mbedTLS-source> USE_ROMLIB=1 all fip
|
||||
|
||||
Running DRTM UEFI application on the Armv8-A AEM FVP
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
To run the DRTM test application along with DRTM implementation in BL31,
|
||||
you need an FVP model. Please use the version of FVP_Base_RevC-2xAEMvA model
|
||||
advertised in the TF-A documentation.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
FVP_Base_RevC-2xAEMvA \
|
||||
--data cluster0.cpu0=</path/to/romlib.bin>@0x03ff2000 \
|
||||
--stat \
|
||||
-C bp.flashloader0.fname=<path/to/fip.bin> \
|
||||
-C bp.secureflashloader.fname=<path/to/bl1.bin> \
|
||||
-C bp.ve_sysregs.exit_on_shutdown=1 \
|
||||
-C bp.virtioblockdevice.image_path=<path/to/test-disk.img> \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.check_memory_attributes=0 \
|
||||
-C cluster0.cpu0.etm-present=0 \
|
||||
-C cluster0.cpu1.etm-present=0 \
|
||||
-C cluster0.cpu2.etm-present=0 \
|
||||
-C cluster0.cpu3.etm-present=0 \
|
||||
-C cluster0.stage12_tlb_size=1024 \
|
||||
-C cluster1.check_memory_attributes=0 \
|
||||
-C cluster1.cpu0.etm-present=0 \
|
||||
-C cluster1.cpu1.etm-present=0 \
|
||||
-C cluster1.cpu2.etm-present=0 \
|
||||
-C cluster1.cpu3.etm-present=0 \
|
||||
-C cluster1.stage12_tlb_size=1024 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-Q 1000 \
|
||||
"$@"
|
||||
|
||||
The bottom of the output from *uart1* should look something like the
|
||||
following to indicate that the last SMC to unprotect memory has been fired
|
||||
successfully.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
...
|
||||
|
||||
INFO: DRTM service handler: version
|
||||
INFO: ++ DRTM service handler: TPM features
|
||||
INFO: ++ DRTM service handler: Min. mem. requirement features
|
||||
INFO: ++ DRTM service handler: DMA protection features
|
||||
INFO: ++ DRTM service handler: Boot PE ID features
|
||||
INFO: ++ DRTM service handler: TCB-hashes features
|
||||
INFO: DRTM service handler: dynamic launch
|
||||
WARNING: DRTM service handler: close locality is not supported
|
||||
INFO: DRTM service handler: unprotect mem
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2022, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _prebuilts-drtm-bins: https://downloads.trustedfirmware.org/tf-a/drtm
|
||||
.. _DRTM-specification: https://developer.arm.com/documentation/den0113/a
|
||||
18
arm-trusted-firmware.t234/docs/design_documents/index.rst
Normal file
18
arm-trusted-firmware.t234/docs/design_documents/index.rst
Normal file
@@ -0,0 +1,18 @@
|
||||
Design Documents
|
||||
================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
cmake_framework
|
||||
context_mgmt_rework
|
||||
measured_boot_poc
|
||||
drtm_poc
|
||||
rse
|
||||
psci_osi_mode
|
||||
measured_boot
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,235 @@
|
||||
Measured Boot Design
|
||||
====================
|
||||
|
||||
This document briefly explains the Measured-Boot design implementation
|
||||
in |TF-A|.
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Measured Boot is the process of computing and securely recording hashes of code
|
||||
and critical data at each stage in the boot chain before the code/data is used.
|
||||
|
||||
These measurements can be leveraged by other components in the system to
|
||||
implement a complete attestation system. For example, they could be used to
|
||||
enforce local attestation policies (such as releasing certain platform keys or
|
||||
not), or they could be securely sent to a remote challenger a.k.a. `verifier`
|
||||
after boot to attest to the state of the code and critical-data.
|
||||
|
||||
Measured Boot does not authenticate the code or critical-data, but simply
|
||||
records what code/critical-data was present on the system during boot.
|
||||
|
||||
It is assumed that BL1 is implicitly trusted (by virtue of immutability) and
|
||||
acts as the root of trust for measurement hence it is not measured.
|
||||
|
||||
The Measured Boot implementation in TF-A supports multiple backends to securely
|
||||
store measurements mentioned below in the :ref:`Measured Boot Backends` section.
|
||||
|
||||
Critical data
|
||||
-------------
|
||||
|
||||
All firmware images - i.e. BLx images and their corresponding configuration
|
||||
files, if any - must be measured. In addition to that, there might be specific
|
||||
pieces of data which needs to be measured as well. These are typically different
|
||||
on each platform. They are referred to as *critical data*.
|
||||
|
||||
Critical data for the platform can be determined using the following criteria:
|
||||
|
||||
#. Data that influence boot flow behaviour such as -
|
||||
|
||||
- Configuration parameters that alter the boot flow path.
|
||||
- Parameters that determine which firmware to load from NV-Storage to
|
||||
SRAM/DRAM to pass the boot process successfully.
|
||||
|
||||
#. Hardware configurations settings, debug settings and security policies
|
||||
that need to be in a valid state for a device to maintain its security
|
||||
posture during boot and runtime.
|
||||
#. Security-sensitive data that is being updated by hardware.
|
||||
|
||||
Examples of Critical data:
|
||||
|
||||
#. The list of errata workarounds being applied at reset.
|
||||
#. State of fuses such as whether an SoC is in secure mode.
|
||||
#. NV counters that determine whether firmware is up-to-date and secure.
|
||||
|
||||
Measurement slot
|
||||
----------------
|
||||
|
||||
The measurement slot resides in a Trusted Module and can be either a secure
|
||||
register or memory.
|
||||
The measurement slot is used to provide a method to cryptographically record
|
||||
(measure) images and critical data on a platform.
|
||||
The measurement slot update calculation, called an **extend** operation, is
|
||||
a one-way hash of all the previous measurements and the new measurement. It
|
||||
is the only way to change the slot value, thus no measurements can ever be
|
||||
removed or overwritten.
|
||||
|
||||
.. _Measured Boot Backends:
|
||||
|
||||
Measured Boot Backends
|
||||
----------------------
|
||||
|
||||
The Measured Boot implementation in TF-A supports:
|
||||
|
||||
#. Event Log
|
||||
|
||||
The TCG Event Log holds a record of measurements made into the Measurement
|
||||
Slot aka PCR (Platform Configuration Register).
|
||||
|
||||
The `TCG EFI Protocol Specification`_ provides details on how to measure
|
||||
components. The Arm document
|
||||
`Arm® Server Base Security Guide`_ provides specific guidance for
|
||||
measurements on an SBSA/SBBR server system. By considering these
|
||||
specifications it is decided that -
|
||||
|
||||
#. Use PCR0 for images measurements.
|
||||
#. Use PCR1 for Critical data measurements.
|
||||
|
||||
TCG has specified the architecture for the structure of this log in the
|
||||
`TCG EFI Protocol Specification`_. The specification describes two event
|
||||
log event records—the legacy, fixed size SHA1 structure called TCG_PCR_EVENT
|
||||
and the variable length crypto agile structure called TCG_PCR_EVENT2. Event
|
||||
Log driver implemented in TF-A covers later part.
|
||||
|
||||
#. |RSE|
|
||||
|
||||
It is one of the physical backends to extend the measurements. Please refer
|
||||
this document :ref:`Runtime Security Engine (RSE)` for more details.
|
||||
|
||||
Platform Interface
|
||||
------------------
|
||||
|
||||
Every image which gets successfully loaded in memory (and authenticated, if
|
||||
trusted boot is enabled) then gets measured. In addition to that, platforms
|
||||
can measure any relevant piece of critical data at any point during the boot.
|
||||
The following diagram outlines the call sequence for Measured Boot platform
|
||||
interfaces invoked from generic code:
|
||||
|
||||
.. image:: ../resources/diagrams/measured_boot_design.png
|
||||
|
||||
These platform interfaces are used by BL1 and BL2 only, and are declared in
|
||||
``include/plat/common/platform.h``.
|
||||
BL31 does not load and thus does not measure any image.
|
||||
|
||||
Responsibilities of these platform interfaces are -
|
||||
|
||||
#. **Function : blx_plat_mboot_init()**
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
void bl1_plat_mboot_init(void);
|
||||
void bl2_plat_mboot_init(void);
|
||||
|
||||
Initialise all Measured Boot backends supported by the platform
|
||||
(e.g. Event Log buffer, |RSE|). As these functions do not return any value,
|
||||
the platform should deal with error management, such as logging the error
|
||||
somewhere, or panicking the system if this is considered a fatal error.
|
||||
|
||||
- On the Arm FVP port -
|
||||
|
||||
- In BL1, this function is used to initialize the Event Log backend
|
||||
driver, and also to write header information in the Event Log
|
||||
buffer.
|
||||
- In BL2, this function is used to initialize the Event Log buffer with
|
||||
the information received from the BL1. It results in panic on
|
||||
error.
|
||||
|
||||
#. **Function : plat_mboot_measure_image()**
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
int plat_mboot_measure_image(unsigned int image_id,
|
||||
image_info_t *image_data);
|
||||
|
||||
- Measure the image using a hash function of the crypto module.
|
||||
|
||||
- Record the measurement in the corresponding backend -
|
||||
|
||||
- If it is Event Log backend, then record the measurement in TCG Event Log
|
||||
format.
|
||||
- If it is a secure crypto-processor (like |RSE|), then extend the
|
||||
designated PCR (or store it in secure on-chip memory) with the given
|
||||
measurement.
|
||||
- This function must return 0 on success, a signed integer error code
|
||||
otherwise.
|
||||
- On the Arm FVP port, this function measures the given image and then
|
||||
records that measurement in the Event Log buffer.
|
||||
The passed id is used to retrieve information about on how to measure
|
||||
the image (e.g. PCR number).
|
||||
|
||||
#. **Function : blx_plat_mboot_finish()**
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
void bl1_plat_mboot_finish(void);
|
||||
void bl2_plat_mboot_finish(void);
|
||||
|
||||
- Do all teardown operations with respect to initialised Measured Boot backends.
|
||||
This could be -
|
||||
|
||||
- Pass the Event Log details (start address and size) to Normal world or to
|
||||
Secure World using any platform implementation way.
|
||||
- Measure all critical data if any.
|
||||
- As these functions do not return any value, the platform should deal with
|
||||
error management, such as logging the error somewhere, or panicking the
|
||||
system if this is considered a fatal error.
|
||||
|
||||
- On the Arm FVP port -
|
||||
|
||||
- In BL1, this function is used to pass the base address of
|
||||
the Event Log buffer and its size to BL2 via tb_fw_config to extend the
|
||||
Event Log buffer with the measurement of various images loaded by BL2.
|
||||
It results in panic on error.
|
||||
- In BL2, this function is used to pass the Event Log buffer information
|
||||
(base address and size) to non-secure(BL33) and trusted OS(BL32) via
|
||||
nt_fw and tos_fw config respectively.
|
||||
See :ref:`DTB binding for Event Log properties` for a description of the
|
||||
bindings used for Event Log properties.
|
||||
|
||||
#. **Function : plat_mboot_measure_critical_data()**
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
int plat_mboot_measure_critical_data(unsigned int critical_data_id,
|
||||
const void *base,
|
||||
size_t size);
|
||||
|
||||
This interface is not invoked by the generic code and it is up to the
|
||||
platform layer to call it where appropriate.
|
||||
|
||||
This function measures the given critical data structure and records its
|
||||
measurement using the Measured Boot backend driver.
|
||||
This function must return 0 on success, a signed integer error code
|
||||
otherwise.
|
||||
|
||||
In FVP, Non volatile counters get measured and recorded as Critical data
|
||||
using the backend via this interface.
|
||||
|
||||
#. **Function : plat_mboot_measure_key()**
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
|
||||
size_t pk_len);
|
||||
|
||||
- This function is used by the platform to measure the passed key and
|
||||
publicise it using any of the supported backends.
|
||||
- The authentication module within the trusted boot framework calls this
|
||||
function for every ROTPK involved in verifying the signature of a root
|
||||
certificate and for every subsidiary key that gets extracted from a key
|
||||
certificate for later authentication of a content certificate.
|
||||
- A cookie, passed as the first argument, serves as a key-OID pointer
|
||||
associated with the public key data, passed as the second argument.
|
||||
- Public key data size is passed as the third argument to this function.
|
||||
- This function must return 0 on success, a signed integer error code
|
||||
otherwise.
|
||||
- In TC2 platform, this function is used to calculate the hash of the given
|
||||
key and forward this hash to |RSE| alongside the measurement of the image
|
||||
which the key signs.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Arm® Server Base Security Guide: https://developer.arm.com/documentation/den0086/latest
|
||||
.. _TCG EFI Protocol Specification: https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
|
||||
@@ -0,0 +1,509 @@
|
||||
Interaction between Measured Boot and an fTPM (PoC)
|
||||
===================================================
|
||||
|
||||
Measured Boot is the process of cryptographically measuring the code and
|
||||
critical data used at boot time, for example using a TPM, so that the
|
||||
security state can be attested later.
|
||||
|
||||
The current implementation of the driver included in |TF-A| supports several
|
||||
backends and each has a different means to store the measurements.
|
||||
This section focuses on the `TCG event log`_ backend, which stores measurements
|
||||
in secure memory.
|
||||
|
||||
See details of :ref:`Measured Boot Design`.
|
||||
|
||||
The driver also provides mechanisms to pass the Event Log to normal world if
|
||||
needed.
|
||||
|
||||
This manual provides instructions to build a proof of concept (PoC) with the
|
||||
sole intention of showing how Measured Boot can be used in conjunction with
|
||||
a firmware TPM (fTPM) service implemented on top of OP-TEE.
|
||||
|
||||
.. note::
|
||||
The instructions given in this document are meant to be used to build
|
||||
a PoC to show how Measured Boot on TF-A can interact with a third
|
||||
party (f)TPM service and they try to be as general as possible. Different
|
||||
platforms might have different needs and configurations (e.g. different
|
||||
SHA algorithms) and they might also use different types of TPM services
|
||||
(or even a different type of service to provide the attestation)
|
||||
and therefore the instructions given here might not apply in such scenarios.
|
||||
|
||||
Components
|
||||
~~~~~~~~~~
|
||||
|
||||
The PoC is built on top of the `OP-TEE Toolkit`_, which has support to build
|
||||
TF-A with support for Measured Boot enabled (and run it on a Foundation Model)
|
||||
since commit cf56848.
|
||||
|
||||
The aforementioned toolkit builds a set of images that contain all the components
|
||||
needed to test that the Event Log was properly created. One of these images will
|
||||
contain a third party fTPM service which in turn will be used to process the
|
||||
Event Log.
|
||||
|
||||
The reason to choose OP-TEE Toolkit to build our PoC around it is mostly
|
||||
for convenience. As the fTPM service used is an OP-TEE TA, it was easy to add
|
||||
build support for it to the toolkit and then build the PoC around it.
|
||||
|
||||
The most relevant components installed in the image that are closely related to
|
||||
Measured Boot/fTPM functionality are:
|
||||
|
||||
- **OP-TEE**: As stated earlier, the fTPM service used in this PoC is built as an
|
||||
OP-TEE TA and therefore we need to include the OP-TEE OS image.
|
||||
Support to interfacing with Measured Boot was added to version 3.9.0 of
|
||||
OP-TEE by implementing the ``PTA_SYSTEM_GET_TPM_EVENT_LOG`` syscall, which
|
||||
allows the former to pass a copy of the Event Log to any TA requesting it.
|
||||
OP-TEE knows the location of the Event Log by reading the DTB bindings
|
||||
received from TF-A. Visit :ref:`DTB binding for Event Log properties`
|
||||
for more details on this.
|
||||
|
||||
- **fTPM Service**: We use a third party fTPM service in order to validate
|
||||
the Measured Boot functionality. The chosen fTPM service is a sample
|
||||
implementation for Aarch32 architecture included on the `ms-tpm-20-ref`_
|
||||
reference implementation from Microsoft. The service was updated in order
|
||||
to extend the Measured Boot Event Log at boot up and it uses the
|
||||
aforementioned ``PTA_SYSTEM_GET_TPM_EVENT_LOG`` call to retrieve a copy
|
||||
of the former.
|
||||
|
||||
.. note::
|
||||
Arm does not provide an fTPM implementation. The fTPM service used here
|
||||
is a third party one which has been updated to support Measured Boot
|
||||
service as provided by TF-A. As such, it is beyond the scope of this
|
||||
manual to test and verify the correctness of the output generated by the
|
||||
fTPM service.
|
||||
|
||||
- **TPM Kernel module**: In order to interact with the fTPM service, we need
|
||||
a kernel module to forward the request from user space to the secure world.
|
||||
|
||||
- `tpm2-tools`_: This is a set of tools that allow to interact with the
|
||||
fTPM service. We use this in order to read the PCRs with the measurements.
|
||||
|
||||
Building the PoC for the Arm FVP platform
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As mentioned before, this PoC is based on the OP-TEE Toolkit with some
|
||||
extensions to enable Measured Boot and an fTPM service. Therefore, we can rely
|
||||
on the instructions to build the original OP-TEE Toolkit. As a general rule,
|
||||
the following steps should suffice:
|
||||
|
||||
(1) Start by following the `Get and build the solution`_ instructions to build
|
||||
the OP-TEE toolkit. On step 3, you need to get the manifest for FVP
|
||||
platform from the main branch:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ repo init -u https://github.com/OP-TEE/manifest.git -m fvp.xml
|
||||
|
||||
Then proceed synching the repos as stated in step 3. Continue following
|
||||
the instructions and stop before step 5.
|
||||
|
||||
(2) Next you should obtain the `Armv8-A Foundation Platform (For Linux Hosts Only)`_.
|
||||
The binary should be untar'ed to the root of the repo tree, i.e., like
|
||||
this: ``<fvp-project>/Foundation_Platformpkg``. In the end, after cloning
|
||||
all source code, getting the toolchains and "installing"
|
||||
Foundation_Platformpkg, you should have a folder structure that looks like
|
||||
this:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ ls -la
|
||||
total 80
|
||||
drwxrwxr-x 20 tf-a_user tf-a_user 4096 Jul 1 12:16 .
|
||||
drwxr-xr-x 23 tf-a_user tf-a_user 4096 Jul 1 10:40 ..
|
||||
drwxrwxr-x 12 tf-a_user tf-a_user 4096 Jul 1 10:45 build
|
||||
drwxrwxr-x 16 tf-a_user tf-a_user 4096 Jul 1 12:16 buildroot
|
||||
drwxrwxr-x 51 tf-a_user tf-a_user 4096 Jul 1 10:45 edk2
|
||||
drwxrwxr-x 6 tf-a_user tf-a_user 4096 Jul 1 12:14 edk2-platforms
|
||||
drwxr-xr-x 7 tf-a_user tf-a_user 4096 Jul 1 10:52 Foundation_Platformpkg
|
||||
drwxrwxr-x 17 tf-a_user tf-a_user 4096 Jul 2 10:40 grub
|
||||
drwxrwxr-x 25 tf-a_user tf-a_user 4096 Jul 2 10:39 linux
|
||||
drwxrwxr-x 15 tf-a_user tf-a_user 4096 Jul 1 10:45 mbedtls
|
||||
drwxrwxr-x 6 tf-a_user tf-a_user 4096 Jul 1 10:45 ms-tpm-20-ref
|
||||
drwxrwxr-x 8 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_client
|
||||
drwxrwxr-x 10 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_examples
|
||||
drwxrwxr-x 12 tf-a_user tf-a_user 4096 Jul 1 12:13 optee_os
|
||||
drwxrwxr-x 8 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_test
|
||||
drwxrwxr-x 7 tf-a_user tf-a_user 4096 Jul 1 10:45 .repo
|
||||
drwxrwxr-x 4 tf-a_user tf-a_user 4096 Jul 1 12:12 toolchains
|
||||
drwxrwxr-x 21 tf-a_user tf-a_user 4096 Jul 1 12:15 trusted-firmware-a
|
||||
|
||||
(3) Now enter into ``ms-tpm-20-ref`` and get its dependencies:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ cd ms-tpm-20-ref
|
||||
$ git submodule init
|
||||
$ git submodule update
|
||||
Submodule path 'external/wolfssl': checked out '9c87f979a7f1d3a6d786b260653d566c1d31a1c4'
|
||||
|
||||
(4) Now, you should be able to continue with step 5 in "`Get and build the solution`_"
|
||||
instructions. In order to enable support for Measured Boot, you need to
|
||||
set the following build options:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ MEASURED_BOOT=y MEASURED_BOOT_FTPM=y make -j `nproc`
|
||||
|
||||
.. note::
|
||||
The build process will likely take a long time. It is strongly recommended to
|
||||
pass the ``-j`` option to make to run the process faster.
|
||||
|
||||
After this step, you should be ready to run the image.
|
||||
|
||||
Running and using the PoC on the Armv8-A Foundation AEM FVP
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
With everything built, you can now run the image:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ make run-only
|
||||
|
||||
.. note::
|
||||
Using ``make run`` will build and run the image and it can be used instead
|
||||
of simply ``make``. However, once the image is built, it is recommended to
|
||||
use ``make run-only`` to avoid re-running all the building rules, which
|
||||
would take time.
|
||||
|
||||
When FVP is launched, two terminal windows will appear. ``FVP terminal_0``
|
||||
is the userspace terminal whereas ``FVP terminal_1`` is the counterpart for
|
||||
the secure world (where TAs will print their logs, for instance).
|
||||
|
||||
Log into the image shell with user ``root``, no password will be required.
|
||||
Then we can issue the ``ftpm`` command, which is an alias that
|
||||
|
||||
(1) loads the ftpm kernel module and
|
||||
|
||||
(2) calls ``tpm2_pcrread``, which will access the fTPM service to read the
|
||||
PCRs.
|
||||
|
||||
When loading the ftpm kernel module, the fTPM TA is loaded into the secure
|
||||
world. This TA then requests a copy of the Event Log generated during the
|
||||
booting process so it can retrieve all the entries on the log and record them
|
||||
first thing.
|
||||
|
||||
.. note::
|
||||
For this PoC, nothing loaded after BL33 and NT_FW_CONFIG is recorded
|
||||
in the Event Log.
|
||||
|
||||
The secure world terminal should show the debug logs for the fTPM service,
|
||||
including all the measurements available in the Event Log as they are being
|
||||
processed:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
M/TA: Preparing to extend the following TPM Event Log:
|
||||
M/TA: TCG_EfiSpecIDEvent:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 3
|
||||
M/TA: Digest : 00
|
||||
M/TA: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: : 00 00 00
|
||||
M/TA: EventSize : 33
|
||||
M/TA: Signature : Spec ID Event03
|
||||
M/TA: PlatformClass : 0
|
||||
M/TA: SpecVersion : 2.0.2
|
||||
M/TA: UintnSize : 1
|
||||
M/TA: NumberOfAlgorithms : 1
|
||||
M/TA: DigestSizes :
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: DigestSize : 32
|
||||
M/TA: VendorInfoSize : 0
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 3
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: EventSize : 17
|
||||
M/TA: Signature : StartupLocality
|
||||
M/TA: StartupLocality : 0
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 58 26 32 6e 64 45 64 da 45 de 35 db 96 fd ed 63
|
||||
M/TA: : 2a 6a d4 0d aa 94 b0 b1 55 e4 72 e7 1f 0a e0 d5
|
||||
M/TA: EventSize : 5
|
||||
M/TA: Event : BL_2
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : cf f9 7d a3 5c 73 ac cb 7b a0 25 80 6a 6e 50 a5
|
||||
M/TA: : 6b 2e d2 8c c9 36 92 7d 46 c5 b9 c3 a4 6c 51 7c
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_31
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 23 b0 a3 5d 54 d9 43 1a 5c b9 89 63 1c da 06 c2
|
||||
M/TA: : e5 de e7 7e 99 17 52 12 7d f7 45 ca 4f 4a 39 c0
|
||||
M/TA: EventSize : 10
|
||||
M/TA: Event : HW_CONFIG
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 4e e4 8e 5a e6 50 ed e0 b5 a3 54 8a 1f d6 0e 8a
|
||||
M/TA: : ea 0e 71 75 0e a4 3f 82 76 ce af cd 7c b0 91 e0
|
||||
M/TA: EventSize : 14
|
||||
M/TA: Event : SOC_FW_CONFIG
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 01 b0 80 47 a1 ce 86 cd df 89 d2 1f 2e fc 6c 22
|
||||
M/TA: : f8 19 ec 6e 1e ec 73 ba 5a be d0 96 e3 5f 6d 75
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_32
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 5d c6 ef 35 5a 90 81 b4 37 e6 3b 52 da 92 ab 8e
|
||||
M/TA: : d9 6e 93 98 2d 40 87 96 1b 5a a7 ee f1 f4 40 63
|
||||
M/TA: EventSize : 18
|
||||
M/TA: Event : BL32_EXTRA1_IMAGE
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 39 b7 13 b9 93 db 32 2f 1b 48 30 eb 2c f2 5c 25
|
||||
M/TA: : 00 0f 38 dc 8e c8 02 cd 79 f2 48 d2 2c 25 ab e2
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_33
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 25 10 60 5d d4 bc 9d 82 7a 16 9f 8a cc 47 95 a6
|
||||
M/TA: : fd ca a0 c1 2b c9 99 8f 51 20 ff c6 ed 74 68 5a
|
||||
M/TA: EventSize : 13
|
||||
M/TA: Event : NT_FW_CONFIG
|
||||
|
||||
These logs correspond to the measurements stored by TF-A during the measured
|
||||
boot process and therefore, they should match the logs dumped by the former
|
||||
during the boot up process. These can be seen on the terminal_0:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
NOTICE: Booting Trusted Firmware
|
||||
NOTICE: BL1: v2.5(release):v2.5
|
||||
NOTICE: BL1: Built : 10:41:20, Jul 2 2021
|
||||
NOTICE: BL1: Booting BL2
|
||||
NOTICE: BL2: v2.5(release):v2.5
|
||||
NOTICE: BL2: Built : 10:41:20, Jul 2 2021
|
||||
NOTICE: TCG_EfiSpecIDEvent:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 3
|
||||
NOTICE: Digest : 00
|
||||
NOTICE: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: : 00 00 00
|
||||
NOTICE: EventSize : 33
|
||||
NOTICE: Signature : Spec ID Event03
|
||||
NOTICE: PlatformClass : 0
|
||||
NOTICE: SpecVersion : 2.0.2
|
||||
NOTICE: UintnSize : 1
|
||||
NOTICE: NumberOfAlgorithms : 1
|
||||
NOTICE: DigestSizes :
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: DigestSize : 32
|
||||
NOTICE: VendorInfoSize : 0
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 3
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: EventSize : 17
|
||||
NOTICE: Signature : StartupLocality
|
||||
NOTICE: StartupLocality : 0
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 58 26 32 6e 64 45 64 da 45 de 35 db 96 fd ed 63
|
||||
NOTICE: : 2a 6a d4 0d aa 94 b0 b1 55 e4 72 e7 1f 0a e0 d5
|
||||
NOTICE: EventSize : 5
|
||||
NOTICE: Event : BL_2
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : cf f9 7d a3 5c 73 ac cb 7b a0 25 80 6a 6e 50 a5
|
||||
NOTICE: : 6b 2e d2 8c c9 36 92 7d 46 c5 b9 c3 a4 6c 51 7c
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_31
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 23 b0 a3 5d 54 d9 43 1a 5c b9 89 63 1c da 06 c2
|
||||
NOTICE: : e5 de e7 7e 99 17 52 12 7d f7 45 ca 4f 4a 39 c0
|
||||
NOTICE: EventSize : 10
|
||||
NOTICE: Event : HW_CONFIG
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 4e e4 8e 5a e6 50 ed e0 b5 a3 54 8a 1f d6 0e 8a
|
||||
NOTICE: : ea 0e 71 75 0e a4 3f 82 76 ce af cd 7c b0 91 e0
|
||||
NOTICE: EventSize : 14
|
||||
NOTICE: Event : SOC_FW_CONFIG
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 01 b0 80 47 a1 ce 86 cd df 89 d2 1f 2e fc 6c 22
|
||||
NOTICE: : f8 19 ec 6e 1e ec 73 ba 5a be d0 96 e3 5f 6d 75
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_32
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 5d c6 ef 35 5a 90 81 b4 37 e6 3b 52 da 92 ab 8e
|
||||
NOTICE: : d9 6e 93 98 2d 40 87 96 1b 5a a7 ee f1 f4 40 63
|
||||
NOTICE: EventSize : 18
|
||||
NOTICE: Event : BL32_EXTRA1_IMAGE
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 39 b7 13 b9 93 db 32 2f 1b 48 30 eb 2c f2 5c 25
|
||||
NOTICE: : 00 0f 38 dc 8e c8 02 cd 79 f2 48 d2 2c 25 ab e2
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_33
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 25 10 60 5d d4 bc 9d 82 7a 16 9f 8a cc 47 95 a6
|
||||
NOTICE: : fd ca a0 c1 2b c9 99 8f 51 20 ff c6 ed 74 68 5a
|
||||
NOTICE: EventSize : 13
|
||||
NOTICE: Event : NT_FW_CONFIG
|
||||
NOTICE: BL1: Booting BL31
|
||||
NOTICE: BL31: v2.5(release):v2.5
|
||||
NOTICE: BL31: Built : 10:41:20, Jul 2 2021
|
||||
|
||||
Following up with the fTPM startup process, we can see that all the
|
||||
measurements in the Event Log are extended and recorded in the appropriate PCR:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: 9 Event logs processed
|
||||
|
||||
After the fTPM TA is loaded, the call to ``insmod`` issued by the ``ftpm``
|
||||
alias to load the ftpm kernel module returns, and then the TPM PCRs are read
|
||||
by means of ``tpm_pcrread`` command. Note that we are only interested in the
|
||||
SHA256 logs here, as this is the algorithm we used on TF-A for the measurements
|
||||
(see the field ``AlgorithmId`` on the logs above):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sha256:
|
||||
0 : 0xA6EB3A7417B8CFA9EBA2E7C22AD5A4C03CDB8F3FBDD7667F9C3EF2EA285A8C9F
|
||||
1 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
2 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
3 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
4 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
5 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
6 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
7 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
8 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
9 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
10: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
11: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
12: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
13: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
14: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
15: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
16: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
23: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
|
||||
In this PoC we are only interested in PCR0, which must be non-null. This is
|
||||
because the boot process records all the images in this PCR (see field ``PCRIndex``
|
||||
on the Event Log above). The rest of the records must be 0 at this point.
|
||||
|
||||
.. note::
|
||||
The fTPM service used has support only for 16 PCRs, therefore the content
|
||||
of PCRs above 15 can be ignored.
|
||||
|
||||
.. note::
|
||||
As stated earlier, Arm does not provide an fTPM implementation and therefore
|
||||
we do not validate here if the content of PCR0 is correct or not. For this
|
||||
PoC, we are only focused on the fact that the event log could be passed to a third
|
||||
party fTPM and its records were properly extended.
|
||||
|
||||
Fine-tuning the fTPM TA
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As stated earlier, the OP-TEE Toolkit includes support to build a third party fTPM
|
||||
service. The build options for this service are tailored for the PoC and defined in
|
||||
the build environment variable ``FTPM_FLAGS`` (see ``<toolkit_home>/build/common.mk``)
|
||||
but they can be modified if needed to better adapt it to a specific scenario.
|
||||
|
||||
The most relevant options for Measured Boot support are:
|
||||
|
||||
- **CFG_TA_DEBUG**: Enables debug logs in the Terminal_1 console.
|
||||
- **CFG_TEE_TA_LOG_LEVEL**: Defines the log level used for the debug messages.
|
||||
- **CFG_TA_MEASURED_BOOT**: Enables support for measured boot on the fTPM.
|
||||
- **CFG_TA_EVENT_LOG_SIZE**: Defines the size, in bytes, of the larger event log that
|
||||
the fTPM is able to store, as this buffer is allocated at build time. This must be at
|
||||
least the same as the size of the event log generated by TF-A. If this build option
|
||||
is not defined, the fTPM falls back to a default value of 1024 bytes, which is enough
|
||||
for this PoC, so this variable is not defined in FTPM_FLAGS.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021-2023, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _OP-TEE Toolkit: https://github.com/OP-TEE/build
|
||||
.. _ms-tpm-20-ref: https://github.com/microsoft/ms-tpm-20-ref
|
||||
.. _Get and build the solution: https://optee.readthedocs.io/en/latest/building/gits/build.html#get-and-build-the-solution
|
||||
.. _Armv8-A Foundation Platform (For Linux Hosts Only): https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
|
||||
.. _tpm2-tools: https://github.com/tpm2-software/tpm2-tools
|
||||
.. _TCG event log: https://trustedcomputinggroup.org/resource/tcg-efi-platform-specification/
|
||||
@@ -0,0 +1,718 @@
|
||||
PSCI OS-initiated mode
|
||||
======================
|
||||
|
||||
:Author: Maulik Shah & Wing Li
|
||||
:Organization: Qualcomm Innovation Center, Inc. & Google LLC
|
||||
:Contact: Maulik Shah <quic_mkshah@quicinc.com> & Wing Li <wingers@google.com>
|
||||
:Status: Accepted
|
||||
|
||||
.. contents:: Table of Contents
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Power state coordination
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
A power domain topology is a logical hierarchy of power domains in a system that
|
||||
arises from the physical dependencies between power domains.
|
||||
|
||||
Local power states describe power states for an individual node, and composite
|
||||
power states describe the combined power states for an individual node and its
|
||||
parent node(s).
|
||||
|
||||
Entry into low-power states for a topology node above the core level requires
|
||||
coordinating its children nodes. For example, in a system with a power domain
|
||||
that encompasses a shared cache, and a separate power domain for each core that
|
||||
uses the shared cache, the core power domains must be powered down before the
|
||||
shared cache power domain can be powered down.
|
||||
|
||||
PSCI supports two modes of power state coordination: platform-coordinated and
|
||||
OS-initiated.
|
||||
|
||||
Platform-coordinated
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Platform-coordinated mode is the default mode of power state coordination, and
|
||||
is currently the only supported mode in TF-A.
|
||||
|
||||
In platform-coordinated mode, the platform is responsible for coordinating power
|
||||
states, and chooses the deepest power state for a topology node that can be
|
||||
tolerated by its children.
|
||||
|
||||
OS-initiated
|
||||
~~~~~~~~~~~~
|
||||
|
||||
OS-initiated mode is optional.
|
||||
|
||||
In OS-initiated mode, the calling OS is responsible for coordinating power
|
||||
states, and may request for a topology node to enter a low-power state when
|
||||
its last child enters the low-power state.
|
||||
|
||||
Motivation
|
||||
----------
|
||||
|
||||
There are two reasons why OS-initiated mode might be a more suitable option than
|
||||
platform-coordinated mode for a platform.
|
||||
|
||||
Scalability
|
||||
^^^^^^^^^^^
|
||||
|
||||
In platform-coordinated mode, each core independently selects their own local
|
||||
power states, and doesn't account for composite power states that are shared
|
||||
between cores.
|
||||
|
||||
In OS-initiated mode, the OS has knowledge of the next wakeup event for each
|
||||
core, and can have more precise control over the entry, exit, and wakeup
|
||||
latencies when deciding if a composite power state (e.g. for a cluster) is
|
||||
appropriate. This is especially important for multi-cluster SMP systems and
|
||||
heterogeneous systems like big.LITTLE, where different processor types can have
|
||||
different power efficiencies.
|
||||
|
||||
Simplicity
|
||||
^^^^^^^^^^
|
||||
|
||||
In platform-coordinated mode, the OS doesn't have visibility when the last core
|
||||
at a power level enters a low-power state. If the OS wants to perform last man
|
||||
activity (e.g. powering off a shared resource when it is no longer needed), it
|
||||
would have to communicate with an API side channel to know when it can do so.
|
||||
This could result in a design smell where the platform is using
|
||||
platform-coordinated mode when it should be using OS-initiated mode instead.
|
||||
|
||||
In OS-initiated mode, the OS can perform last man activity if it selects a
|
||||
composite power state when the last core enters a low-power state. This
|
||||
eliminates the need for a side channel, and uses the well documented API between
|
||||
the OS and the platform.
|
||||
|
||||
Current vendor implementations and workarounds
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
* STMicroelectronics
|
||||
|
||||
* For their ARM32 platforms, they're using OS-initiated mode implemented in
|
||||
OP-TEE.
|
||||
* For their future ARM64 platforms, they are interested in using OS-initiated
|
||||
mode in TF-A.
|
||||
|
||||
* Qualcomm
|
||||
|
||||
* For their mobile platforms, they're using OS-initiated mode implemented in
|
||||
their own custom secure monitor firmware.
|
||||
* For their Chrome OS platforms, they're using platform-coordinated mode in
|
||||
TF-A with custom driver logic to perform last man activity.
|
||||
|
||||
* Google
|
||||
|
||||
* They're using platform-coordinated mode in TF-A with custom driver logic to
|
||||
perform last man activity.
|
||||
|
||||
Both Qualcomm and Google would like to be able to use OS-initiated mode in TF-A
|
||||
in order to simplify custom driver logic.
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
PSCI_FEATURES
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
PSCI_FEATURES is for checking whether or not a PSCI function is implemented and
|
||||
what its properties are.
|
||||
|
||||
.. c:macro:: PSCI_FEATURES
|
||||
|
||||
:param func_id: 0x8400_000A.
|
||||
:param psci_func_id: the function ID of a PSCI function.
|
||||
:retval NOT_SUPPORTED: if the function is not implemented.
|
||||
:retval feature flags associated with the function: if the function is
|
||||
implemented.
|
||||
|
||||
CPU_SUSPEND feature flags
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
* Reserved, bits[31:2]
|
||||
* Power state parameter format, bit[1]
|
||||
|
||||
* A value of 0 indicates the original format is used.
|
||||
* A value of 1 indicates the extended format is used.
|
||||
|
||||
* OS-initiated mode, bit[0]
|
||||
|
||||
* A value of 0 indicates OS-initiated mode is not supported.
|
||||
* A value of 1 indicates OS-initiated mode is supported.
|
||||
|
||||
See sections 5.1.14 and 5.15 of the PSCI spec (DEN0022D.b) for more details.
|
||||
|
||||
PSCI_SET_SUSPEND_MODE
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
PSCI_SET_SUSPEND_MODE is for switching between the two different modes of power
|
||||
state coordination.
|
||||
|
||||
.. c:macro:: PSCI_SET_SUSPEND_MODE
|
||||
|
||||
:param func_id: 0x8400_000F.
|
||||
:param mode: 0 indicates platform-coordinated mode, 1 indicates OS-initiated
|
||||
mode.
|
||||
:retval SUCCESS: if the request is successful.
|
||||
:retval NOT_SUPPORTED: if OS-initiated mode is not supported.
|
||||
:retval INVALID_PARAMETERS: if the requested mode is not a valid value (0 or
|
||||
1).
|
||||
:retval DENIED: if the cores are not in the correct state.
|
||||
|
||||
Switching from platform-coordinated to OS-initiated is only allowed if the
|
||||
following conditions are met:
|
||||
|
||||
* All cores are in one of the following states:
|
||||
|
||||
* Running.
|
||||
* Off, through a call to CPU_OFF or not yet booted.
|
||||
* Suspended, through a call to CPU_DEFAULT_SUSPEND.
|
||||
|
||||
* None of the cores has called CPU_SUSPEND since the last change of mode or
|
||||
boot.
|
||||
|
||||
Switching from OS-initiated to platform-coordinated is only allowed if all cores
|
||||
other than the calling core are off, either through a call to CPU_OFF or not yet
|
||||
booted.
|
||||
|
||||
If these conditions are not met, the PSCI implementation must return DENIED.
|
||||
|
||||
See sections 5.1.19 and 5.20 of the PSCI spec (DEN0022D.b) for more details.
|
||||
|
||||
CPU_SUSPEND
|
||||
^^^^^^^^^^^
|
||||
|
||||
CPU_SUSPEND is for moving a topology node into a low-power state.
|
||||
|
||||
.. c:macro:: CPU_SUSPEND
|
||||
|
||||
:param func_id: 0xC400_0001.
|
||||
:param power_state: the requested low-power state to enter.
|
||||
:param entry_point_address: the address at which the core must resume
|
||||
execution following wakeup from a powerdown state.
|
||||
:param context_id: this field specifies a pointer to the saved context that
|
||||
must be restored on a core following wakeup from a powerdown state.
|
||||
:retval SUCCESS: if the request is successful.
|
||||
:retval INVALID_PARAMETERS: in OS-initiated mode, this error is returned when
|
||||
a low-power state is requested for a topology node above the core level,
|
||||
and at least one of the node's children is in a local low-power state
|
||||
that is incompatible with the request.
|
||||
:retval INVALID_ADDRESS: if the entry_point_address argument is invalid.
|
||||
:retval DENIED: only in OS-initiated mode; this error is returned when a
|
||||
low-power state is requested for a topology node above the core level,
|
||||
and at least one of the node's children is running, i.e. not in a
|
||||
low-power state.
|
||||
|
||||
In platform-coordinated mode, the PSCI implementation coordinates requests from
|
||||
all cores to determine the deepest power state to enter.
|
||||
|
||||
In OS-initiated mode, the calling OS is making an explicit request for a
|
||||
specific power state, as opposed to expressing a vote. The PSCI implementation
|
||||
must comply with the request, unless the request is not consistent with the
|
||||
implementation's view of the system's state, in which case, the implementation
|
||||
must return INVALID_PARAMETERS or DENIED.
|
||||
|
||||
See sections 5.1.2 and 5.4 of the PSCI spec (DEN0022D.b) for more details.
|
||||
|
||||
Power state formats
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Original format
|
||||
|
||||
* Power Level, bits[25:24]
|
||||
|
||||
* The requested level in the power domain topology to enter a low-power
|
||||
state.
|
||||
|
||||
* State Type, bit[16]
|
||||
|
||||
* A value of 0 indicates a standby or retention state.
|
||||
* A value of 1 indicates a powerdown state.
|
||||
|
||||
* State ID, bits[15:0]
|
||||
|
||||
* Field to specify the requested composite power state.
|
||||
* The state ID encodings must uniquely describe every possible composite
|
||||
power state.
|
||||
* In OS-initiated mode, the state ID encoding must allow expressing the
|
||||
power level at which the calling core is the last to enter a powerdown
|
||||
state.
|
||||
|
||||
Extended format
|
||||
|
||||
* State Type, bit[30]
|
||||
* State ID, bits[27:0]
|
||||
|
||||
Races in OS-initiated mode
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In OS-initiated mode, there are race windows where the OS's view and
|
||||
implementation's view of the system's state differ. It is possible for the OS to
|
||||
make requests that are invalid given the implementation's view of the system's
|
||||
state. For example, the OS might request a powerdown state for a node from one
|
||||
core, while at the same time, the implementation observes that another core in
|
||||
that node is powering up.
|
||||
|
||||
To address potential race conditions in power state requests:
|
||||
|
||||
* The calling OS must specify in each CPU_SUSPEND request the deepest power
|
||||
level for which it sees the calling core as the last running core (last man).
|
||||
This is required even if the OS doesn't want the node at that power level to
|
||||
enter a low-power state.
|
||||
* The implementation must validate that the requested power states in the
|
||||
CPU_SUSPEND request are consistent with the system's state, and that the
|
||||
calling core is the last core running at the requested power level, or deny
|
||||
the request otherwise.
|
||||
|
||||
See sections 4.2.3.2, 6.2, and 6.3 of the PSCI spec (DEN0022D.b) for more
|
||||
details.
|
||||
|
||||
Caveats
|
||||
-------
|
||||
|
||||
CPU_OFF
|
||||
^^^^^^^
|
||||
|
||||
CPU_OFF is always platform-coordinated, regardless of whether the power state
|
||||
coordination mode for suspend is platform-coordinated or OS-initiated. If all
|
||||
cores in a topology node call CPU_OFF, the last core will power down the node.
|
||||
|
||||
In OS-initiated mode, if a subset of the cores in a topology node has called
|
||||
CPU_OFF, the last running core may call CPU_SUSPEND to request a powerdown state
|
||||
at or above that node's power level.
|
||||
|
||||
See section 5.5.2 of the PSCI spec (DEN0022D.b) for more details.
|
||||
|
||||
Implementation
|
||||
--------------
|
||||
|
||||
Current implementation of platform-coordinated mode
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Platform-coordinated is currently the only supported power state coordination
|
||||
mode in TF-A.
|
||||
|
||||
The functions of interest in the ``psci_cpu_suspend`` call stack are as follows:
|
||||
|
||||
* ``psci_validate_power_state``
|
||||
|
||||
* This function calls a platform specific ``validate_power_state`` handler,
|
||||
which takes the ``power_state`` parameter, and updates the ``state_info``
|
||||
object with the requested states for each power level.
|
||||
|
||||
* ``psci_find_target_suspend_lvl``
|
||||
|
||||
* This function takes the ``state_info`` object containing the requested power
|
||||
states for each power level, and returns the deepest power level that was
|
||||
requested to enter a low power state, i.e. the target power level.
|
||||
|
||||
* ``psci_do_state_coordination``
|
||||
|
||||
* This function takes the target power level and the ``state_info`` object
|
||||
containing the requested power states for each power level, and updates the
|
||||
``state_info`` object with the coordinated target power state for each
|
||||
level.
|
||||
|
||||
* ``pwr_domain_suspend``
|
||||
|
||||
* This is a platform specific handler that takes the ``state_info`` object
|
||||
containing the target power states for each power level, and transitions
|
||||
each power level to the specified power state.
|
||||
|
||||
Proposed implementation of OS-initiated mode
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
To add support for OS-initiated mode, the following changes are proposed:
|
||||
|
||||
* Add a boolean build option ``PSCI_OS_INIT_MODE`` for a platform to enable
|
||||
optional support for PSCI OS-initiated mode. This build option defaults to 0.
|
||||
|
||||
.. note::
|
||||
|
||||
If ``PSCI_OS_INIT_MODE=0``, the following changes will not be compiled into
|
||||
the build.
|
||||
|
||||
* Update ``psci_features`` to return 1 in bit[0] to indicate support for
|
||||
OS-initiated mode for CPU_SUSPEND.
|
||||
* Define a ``suspend_mode`` enum: ``PLAT_COORD`` and ``OS_INIT``.
|
||||
* Define a ``psci_suspend_mode`` global variable with a default value of
|
||||
``PLAT_COORD``.
|
||||
* Implement a new function handler ``psci_set_suspend_mode`` for
|
||||
PSCI_SET_SUSPEND_MODE.
|
||||
* Since ``psci_validate_power_state`` calls a platform specific
|
||||
``validate_power_state`` handler, the platform implementation should populate
|
||||
the ``state_info`` object based on the state ID from the given ``power_state``
|
||||
parameter.
|
||||
* ``psci_find_target_suspend_lvl`` remains unchanged.
|
||||
* Implement a new function ``psci_validate_state_coordination`` that ensures the
|
||||
request satisfies the following conditions, and denies any requests
|
||||
that don't:
|
||||
|
||||
* The requested power states for each power level are consistent with the
|
||||
system's state
|
||||
* The calling core is the last core running at the requested power level
|
||||
|
||||
This function differs from ``psci_do_state_coordination`` in that:
|
||||
|
||||
* The ``psci_req_local_pwr_states`` map is not modified if the request were to
|
||||
be denied
|
||||
* The ``state_info`` argument is never modified since it contains the power
|
||||
states requested by the calling OS
|
||||
|
||||
* Update ``psci_cpu_suspend_start`` to do the following:
|
||||
|
||||
* If ``PSCI_SUSPEND_MODE`` is ``PLAT_COORD``, call
|
||||
``psci_do_state_coordination``.
|
||||
* If ``PSCI_SUSPEND_MODE`` is ``OS_INIT``, call
|
||||
``psci_validate_state_coordination``. If validation fails, propagate the
|
||||
error up the call stack.
|
||||
|
||||
* Add a new optional member ``pwr_domain_validate_suspend`` to
|
||||
``plat_psci_ops_t`` to allow the platform to optionally perform validations
|
||||
based on hardware states.
|
||||
|
||||
* The platform specific ``pwr_domain_suspend`` handler remains unchanged.
|
||||
|
||||
.. image:: ../resources/diagrams/psci-osi-mode.png
|
||||
|
||||
Testing
|
||||
-------
|
||||
|
||||
The proposed patches can be found at
|
||||
https://review.trustedfirmware.org/q/topic:psci-osi.
|
||||
|
||||
Testing on FVP and Google platforms
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The proposed patches add a new CPU Suspend in OSI mode test suite to TF-A Tests.
|
||||
This has been enabled and verified on the FVP_Base_RevC-2xAEMvA platform and
|
||||
Google platforms, and excluded from all other platforms via the build option
|
||||
``PLAT_TESTS_SKIP_LIST``.
|
||||
|
||||
Testing on STM32MP15
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The proposed patches have been tested and verified on the STM32MP15 platform,
|
||||
which has a single cluster with 2 CPUs, by Gabriel Fernandez
|
||||
<gabriel.fernandez@st.com> from STMicroelectronics with this device tree
|
||||
configuration:
|
||||
|
||||
.. code-block:: devicetree
|
||||
|
||||
cpus {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
cpu0: cpu@0 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,cortex-a7";
|
||||
reg = <0>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD0>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
cpu1: cpu@1 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,cortex-a7";
|
||||
reg = <1>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD1>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
idle-states {
|
||||
cpu_retention: cpu-retention {
|
||||
compatible = "arm,idle-state";
|
||||
arm,psci-suspend-param = <0x00000001>;
|
||||
entry-latency-us = <130>;
|
||||
exit-latency-us = <620>;
|
||||
min-residency-us = <700>;
|
||||
local-timer-stop;
|
||||
};
|
||||
};
|
||||
|
||||
domain-idle-states {
|
||||
CLUSTER_STOP: core-power-domain {
|
||||
compatible = "domain-idle-state";
|
||||
arm,psci-suspend-param = <0x01000001>;
|
||||
entry-latency-us = <230>;
|
||||
exit-latency-us = <720>;
|
||||
min-residency-us = <2000>;
|
||||
local-timer-stop;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
psci {
|
||||
compatible = "arm,psci-1.0";
|
||||
method = "smc";
|
||||
|
||||
CPU_PD0: power-domain-cpu0 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&pd_core>;
|
||||
domain-idle-states = <&cpu_retention>;
|
||||
};
|
||||
|
||||
CPU_PD1: power-domain-cpu1 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&pd_core>;
|
||||
domain-idle-states = <&cpu_retention>;
|
||||
};
|
||||
|
||||
pd_core: power-domain-cluster {
|
||||
#power-domain-cells = <0>;
|
||||
domain-idle-states = <&CLUSTER_STOP>;
|
||||
};
|
||||
};
|
||||
|
||||
Testing on Qualcomm SC7280
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The proposed patches have been tested and verified on the SC7280 platform by
|
||||
Maulik Shah <quic_mkshah@quicinc.com> from Qualcomm with this device tree
|
||||
configuration:
|
||||
|
||||
.. code-block:: devicetree
|
||||
|
||||
cpus {
|
||||
#address-cells = <2>;
|
||||
#size-cells = <0>;
|
||||
|
||||
CPU0: cpu@0 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x0>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD0>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU1: cpu@100 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x100>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD1>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU2: cpu@200 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x200>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD2>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU3: cpu@300 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x300>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD3>;
|
||||
power-domain-names = "psci";
|
||||
}
|
||||
|
||||
CPU4: cpu@400 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x400>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD4>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU5: cpu@500 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x500>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD5>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU6: cpu@600 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x600>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD6>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
CPU7: cpu@700 {
|
||||
device_type = "cpu";
|
||||
compatible = "arm,kryo";
|
||||
reg = <0x0 0x700>;
|
||||
enable-method = "psci";
|
||||
power-domains = <&CPU_PD7>;
|
||||
power-domain-names = "psci";
|
||||
};
|
||||
|
||||
idle-states {
|
||||
entry-method = "psci";
|
||||
|
||||
LITTLE_CPU_SLEEP_0: cpu-sleep-0-0 {
|
||||
compatible = "arm,idle-state";
|
||||
idle-state-name = "little-power-down";
|
||||
arm,psci-suspend-param = <0x40000003>;
|
||||
entry-latency-us = <549>;
|
||||
exit-latency-us = <901>;
|
||||
min-residency-us = <1774>;
|
||||
local-timer-stop;
|
||||
};
|
||||
|
||||
LITTLE_CPU_SLEEP_1: cpu-sleep-0-1 {
|
||||
compatible = "arm,idle-state";
|
||||
idle-state-name = "little-rail-power-down";
|
||||
arm,psci-suspend-param = <0x40000004>;
|
||||
entry-latency-us = <702>;
|
||||
exit-latency-us = <915>;
|
||||
min-residency-us = <4001>;
|
||||
local-timer-stop;
|
||||
};
|
||||
|
||||
BIG_CPU_SLEEP_0: cpu-sleep-1-0 {
|
||||
compatible = "arm,idle-state";
|
||||
idle-state-name = "big-power-down";
|
||||
arm,psci-suspend-param = <0x40000003>;
|
||||
entry-latency-us = <523>;
|
||||
exit-latency-us = <1244>;
|
||||
min-residency-us = <2207>;
|
||||
local-timer-stop;
|
||||
};
|
||||
|
||||
BIG_CPU_SLEEP_1: cpu-sleep-1-1 {
|
||||
compatible = "arm,idle-state";
|
||||
idle-state-name = "big-rail-power-down";
|
||||
arm,psci-suspend-param = <0x40000004>;
|
||||
entry-latency-us = <526>;
|
||||
exit-latency-us = <1854>;
|
||||
min-residency-us = <5555>;
|
||||
local-timer-stop;
|
||||
};
|
||||
};
|
||||
|
||||
domain-idle-states {
|
||||
CLUSTER_SLEEP_0: cluster-sleep-0 {
|
||||
compatible = "arm,idle-state";
|
||||
idle-state-name = "cluster-power-down";
|
||||
arm,psci-suspend-param = <0x40003444>;
|
||||
entry-latency-us = <3263>;
|
||||
exit-latency-us = <6562>;
|
||||
min-residency-us = <9926>;
|
||||
local-timer-stop;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
psci {
|
||||
compatible = "arm,psci-1.0";
|
||||
method = "smc";
|
||||
|
||||
CPU_PD0: cpu0 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&LITTLE_CPU_SLEEP_0 &LITTLE_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD1: cpu1 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&LITTLE_CPU_SLEEP_0 &LITTLE_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD2: cpu2 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&LITTLE_CPU_SLEEP_0 &LITTLE_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD3: cpu3 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&LITTLE_CPU_SLEEP_0 &LITTLE_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD4: cpu4 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&BIG_CPU_SLEEP_0 &BIG_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD5: cpu5 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&BIG_CPU_SLEEP_0 &BIG_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD6: cpu6 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&BIG_CPU_SLEEP_0 &BIG_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CPU_PD7: cpu7 {
|
||||
#power-domain-cells = <0>;
|
||||
power-domains = <&CLUSTER_PD>;
|
||||
domain-idle-states = <&BIG_CPU_SLEEP_0 &BIG_CPU_SLEEP_1>;
|
||||
};
|
||||
|
||||
CLUSTER_PD: cpu-cluster0 {
|
||||
#power-domain-cells = <0>;
|
||||
domain-idle-states = <&CLUSTER_SLEEP_0>;
|
||||
};
|
||||
};
|
||||
|
||||
Comparisons on Qualcomm SC7280
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
CPUIdle states
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
* 8 CPUs, 1 L3 cache
|
||||
* Platform-coordinated mode
|
||||
|
||||
* CPUIdle states
|
||||
|
||||
* State0 - WFI
|
||||
* State1 - Core collapse
|
||||
* State2 - Rail collapse
|
||||
* State3 - L3 cache off and system resources voted off
|
||||
|
||||
* OS-initiated mode
|
||||
|
||||
* CPUIdle states
|
||||
|
||||
* State0 - WFI
|
||||
* State1 - Core collapse
|
||||
* State2 - Rail collapse
|
||||
|
||||
* Cluster domain idle state
|
||||
|
||||
* State3 - L3 cache off and system resources voted off
|
||||
|
||||
.. image:: ../resources/diagrams/psci-flattened-vs-hierarchical-idle-states.png
|
||||
|
||||
Results
|
||||
~~~~~~~
|
||||
|
||||
* The following stats have been captured with fixed CPU frequencies from the use
|
||||
case of 10 seconds of device idle with the display turned on and Wi-Fi and
|
||||
modem turned off.
|
||||
* Count refers to the number of times a CPU or cluster entered power collapse.
|
||||
* Residency refers to the time in seconds a CPU or cluster stayed in power
|
||||
collapse.
|
||||
* The results are an average of 3 iterations of actual counts and residencies.
|
||||
|
||||
.. image:: ../resources/diagrams/psci-pc-mode-vs-osi-mode.png
|
||||
|
||||
OS-initiated mode was able to scale better than platform-coordinated mode for
|
||||
multiple CPUs. The count and residency results for state3 (i.e. a cluster domain
|
||||
idle state) in OS-initiated mode for multiple CPUs were much closer to the
|
||||
results for a single CPU than in platform-coordinated mode.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.*
|
||||
799
arm-trusted-firmware.t234/docs/design_documents/rse.rst
Normal file
799
arm-trusted-firmware.t234/docs/design_documents/rse.rst
Normal file
@@ -0,0 +1,799 @@
|
||||
Runtime Security Engine (RSE)
|
||||
=============================
|
||||
|
||||
This document focuses on the relationship between the Runtime Security Engine
|
||||
(RSE) and the application processor (AP). According to the ARM reference design
|
||||
the RSE is an independent core next to the AP and the SCP on the same die. It
|
||||
provides fundamental security guarantees and runtime services for the rest of
|
||||
the system (e.g.: trusted boot, measured boot, platform attestation,
|
||||
key management, and key derivation).
|
||||
|
||||
At power up RSE boots first from its private ROM code. It validates and loads
|
||||
its own images and the initial images of SCP and AP. When AP and SCP are
|
||||
released from reset and their initial code is loaded then they continue their
|
||||
own boot process, which is the same as on non-RSE systems. Please refer to the
|
||||
``RSE documentation`` [1]_ for more details about the RSE boot flow.
|
||||
|
||||
The last stage of the RSE firmware is a persistent, runtime component. Much
|
||||
like AP_BL31, this is a passive entity which has no periodical task to do and
|
||||
just waits for external requests from other subsystems. RSE and other
|
||||
subsystems can communicate with each other over message exchange. RSE waits
|
||||
in idle for the incoming request, handles them, and sends a response then goes
|
||||
back to idle.
|
||||
|
||||
RSE communication layer
|
||||
-----------------------
|
||||
|
||||
The communication between RSE and other subsystems are primarily relying on the
|
||||
Message Handling Unit (MHU) module. The number of MHU interfaces between RSE
|
||||
and other cores is IMPDEF. Besides MHU other modules also could take part in
|
||||
the communication. RSE is capable of mapping the AP memory to its address space.
|
||||
Thereby either RSE core itself or a DMA engine if it is present, can move the
|
||||
data between memory belonging to RSE or AP. In this way, a bigger amount of data
|
||||
can be transferred in a short time.
|
||||
|
||||
The MHU comes in pairs. There is a sender and receiver side. They are connected
|
||||
to each other. An MHU interface consists of two pairs of MHUs, one sender and
|
||||
one receiver on both sides. Bidirectional communication is possible over an
|
||||
interface. One pair provides message sending from AP to RSE and the other pair
|
||||
from RSE to AP. The sender and receiver are connected via channels. There is an
|
||||
IMPDEF number of channels (e.g: 4-16) between a sender and a receiver module.
|
||||
|
||||
The RSE communication layer provides two ways for message exchange:
|
||||
|
||||
- ``Embedded messaging``: The full message, including header and payload, are
|
||||
exchanged over the MHU channels. A channel is capable of delivering a single
|
||||
word. The sender writes the data to the channel register on its side and the
|
||||
receiver can read the data from the channel on the other side. One dedicated
|
||||
channel is used for signalling. It does not deliver any payload it is just
|
||||
meant for signalling that the sender loaded the data to the channel registers
|
||||
so the receiver can read them. The receiver uses the same channel to signal
|
||||
that data was read. Signalling happens via IRQ. If the message is longer than
|
||||
the data fit to the channel registers then the message is sent over in
|
||||
multiple rounds. Both, sender and receiver allocate a local buffer for the
|
||||
messages. Data is copied from/to these buffers to/from the channel registers.
|
||||
- ``Pointer-access messaging``: The message header and the payload are
|
||||
separated and they are conveyed in different ways. The header is sent
|
||||
over the channels, similar to the embedded messaging but the payload is
|
||||
copied over by RSE core (or by DMA) between the sender and the receiver. This
|
||||
could be useful in the case of long messages because transaction time is less
|
||||
compared to the embedded messaging mode. Small payloads are copied by the RSE
|
||||
core because setting up DMA would require more CPU cycles. The payload is
|
||||
either copied into an internal buffer or directly read-written by RSE. Actual
|
||||
behavior depends on RSE setup, whether the partition supports memory-mapped
|
||||
``iovec``. Therefore, the sender must handle both cases and prevent access to
|
||||
the memory, where payload data lives, while the RSE handles the request.
|
||||
|
||||
The RSE communication layer supports both ways of messaging in parallel. It is
|
||||
decided at runtime based on the message size which way to transfer the message.
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
+----------------------------------------------+ +-------------------+
|
||||
| | | |
|
||||
| AP | | |
|
||||
| | +--->| SRAM |
|
||||
+----------------------------------------------| | | |
|
||||
| BL1 / BL2 / BL31 | | | |
|
||||
+----------------------------------------------+ | +-------------------+
|
||||
| ^ | ^ ^
|
||||
| send IRQ | receive |direct | |
|
||||
V | |access | |
|
||||
+--------------------+ +--------------------+ | | |
|
||||
| MHU sender | | MHU receiver | | | Copy data |
|
||||
+--------------------+ +--------------------+ | | |
|
||||
| | | | | | | | | | |
|
||||
| | channels | | | | channels | | | | |
|
||||
| | e.g: 4-16 | | | | e.g: 4-16 | | | V |
|
||||
+--------------------+ +--------------------+ | +-------+ |
|
||||
| MHU receiver | | MHU sender | | +->| DMA | |
|
||||
+--------------------+ +--------------------+ | | +-------+ |
|
||||
| ^ | | ^ |
|
||||
IRQ | receive | send | | | Copy data |
|
||||
V | | | V V
|
||||
+----------------------------------------------+ | | +-------------------+
|
||||
| |--+-+ | |
|
||||
| RSE | | SRAM |
|
||||
| | | |
|
||||
+----------------------------------------------+ +-------------------+
|
||||
|
||||
.. Note::
|
||||
|
||||
The RSE communication layer is not prepared for concurrent execution. The
|
||||
current use case only requires message exchange during the boot phase. In
|
||||
the boot phase, only a single core is running and the rest of the cores are
|
||||
in reset.
|
||||
|
||||
Message structure
|
||||
^^^^^^^^^^^^^^^^^
|
||||
A description of the message format can be found in the ``RSE communication
|
||||
design`` [2]_ document.
|
||||
|
||||
Source files
|
||||
^^^^^^^^^^^^
|
||||
- RSE comms: ``drivers/arm/rse``
|
||||
- MHU driver: ``drivers/arm/mhu``
|
||||
|
||||
|
||||
API for communication over MHU
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
The API is defined in these header files:
|
||||
|
||||
- ``include/drivers/arm/rse_comms.h``
|
||||
- ``include/drivers/arm/mhu.h``
|
||||
|
||||
RSE provided runtime services
|
||||
-----------------------------
|
||||
|
||||
RSE provides the following runtime services:
|
||||
|
||||
- ``Measured boot``: Securely store the firmware measurements which were
|
||||
computed during the boot process and the associated metadata (image
|
||||
description, measurement algorithm, etc.). More info on measured boot service
|
||||
in RSE can be found in the ``measured_boot_integration_guide`` [3]_ .
|
||||
- ``Delegated attestation``: Query the platform attestation token and derive a
|
||||
delegated attestation key. More info on the delegated attestation service
|
||||
in RSE can be found in the ``delegated_attestation_integration_guide`` [4]_ .
|
||||
- ``OTP assets management``: Public keys used by AP during the trusted boot
|
||||
process can be requested from RSE. Furthermore, AP can request RSE to
|
||||
increase a non-volatile counter. Please refer to the
|
||||
``RSE key management`` [5]_ document for more details.
|
||||
- ``DICE Protection Environment``: Securely store the firmware measurements
|
||||
which were computed during the boot process and the associated metadata. It is
|
||||
also capable of representing the boot measurements in the form of a
|
||||
certificate chain, which is queriable. Please refer to the
|
||||
``DICE Protection Environment (DPE)`` [8]_ document for more details.
|
||||
|
||||
Runtime service API
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
The RSE provided runtime services implement a PSA aligned API. The parameter
|
||||
encoding follows the PSA client protocol described in the
|
||||
``Firmware Framework for M`` [6]_ document in chapter 4.4. The implementation is
|
||||
restricted to the static handle use case therefore only the ``psa_call`` API is
|
||||
implemented.
|
||||
|
||||
|
||||
Software and API layers
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
+----------------+ +---------------------+
|
||||
| BL1 / BL2 | | BL31 |
|
||||
+----------------+ +---------------------+
|
||||
| |
|
||||
| extend_measurement() | get_delegated_key()
|
||||
| | get_platform_token()
|
||||
V V
|
||||
+----------------+ +---------------------+
|
||||
| PSA protocol | | PSA protocol |
|
||||
+----------------+ +---------------------+
|
||||
| |
|
||||
| psa_call() | psa_call()
|
||||
| |
|
||||
V V
|
||||
+------------------------------------------------+
|
||||
| RSE communication protocol |
|
||||
+------------------------------------------------+
|
||||
| ^
|
||||
| mhu_send_data() | mhu_receive_data()
|
||||
| |
|
||||
V |
|
||||
+------------------------------------------------+
|
||||
| MHU driver |
|
||||
+------------------------------------------------+
|
||||
| ^
|
||||
| Register access | IRQ
|
||||
V |
|
||||
+------------------------------------------------+
|
||||
| MHU HW on AP side |
|
||||
+------------------------------------------------+
|
||||
^
|
||||
| Physical wires
|
||||
|
|
||||
V
|
||||
+------------------------------------------------+
|
||||
| MHU HW on RSE side |
|
||||
+------------------------------------------------+
|
||||
| ^
|
||||
| IRQ | Register access
|
||||
V |
|
||||
+------------------------------------------------+
|
||||
| MHU driver |
|
||||
+------------------------------------------------+
|
||||
| |
|
||||
V V
|
||||
+---------------+ +------------------------+
|
||||
| Measured boot | | Delegated attestation |
|
||||
| service | | service |
|
||||
+---------------+ +------------------------+
|
||||
|
||||
|
||||
RSE based Measured Boot
|
||||
-----------------------
|
||||
|
||||
Measured Boot is the process of cryptographically measuring (computing the hash
|
||||
value of a binary) the code and critical data used at boot time. The
|
||||
measurement must be stored in a tamper-resistant way, so the security state
|
||||
of the device can be attested later to an external party. RSE provides a runtime
|
||||
service which is meant to store measurements and associated metadata alongside.
|
||||
|
||||
Data is stored in internal SRAM which is only accessible by the secure runtime
|
||||
firmware of RSE. Data is stored in so-called measurement slots. A platform has
|
||||
IMPDEF number of measurement slots. The measurement storage follows extend
|
||||
semantics. This means that measurements are not stored directly (as it was
|
||||
taken) instead they contribute to the current value of the measurement slot.
|
||||
The extension implements this logic, where ``||`` stands for concatenation:
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
new_value_of_measurement_slot = Hash(old_value_of_measurement_slot || measurement)
|
||||
|
||||
Supported hash algorithms: sha-256, sha-512
|
||||
|
||||
Measured Boot API
|
||||
^^^^^^^^^^^^^^^^^
|
||||
|
||||
Defined here:
|
||||
|
||||
- ``include/lib/psa/measured_boot.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
psa_status_t
|
||||
rse_measured_boot_extend_measurement(uint8_t index,
|
||||
const uint8_t *signer_id,
|
||||
size_t signer_id_size,
|
||||
const uint8_t *version,
|
||||
size_t version_size,
|
||||
uint32_t measurement_algo,
|
||||
const uint8_t *sw_type,
|
||||
size_t sw_type_size,
|
||||
const uint8_t *measurement_value,
|
||||
size_t measurement_value_size,
|
||||
bool lock_measurement);
|
||||
|
||||
Measured Boot Metadata
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following metadata can be stored alongside the measurement:
|
||||
|
||||
- ``Signer-id``: Mandatory. The hash of the firmware image signing public key.
|
||||
- ``Measurement algorithm``: Optional. The hash algorithm which was used to
|
||||
compute the measurement (e.g.: sha-256, etc.).
|
||||
- ``Version info``: Optional. The firmware version info (e.g.: 2.7).
|
||||
- ``SW type``: Optional. Short text description (e.g.: BL1, BL2, BL31, etc.)
|
||||
|
||||
.. Note::
|
||||
Version info is not implemented in TF-A yet.
|
||||
|
||||
|
||||
The caller must specify in which measurement slot to extend a certain
|
||||
measurement and metadata. A measurement slot can be extended by multiple
|
||||
measurements. The default value is IMPDEF. All measurement slot is cleared at
|
||||
reset, there is no other way to clear them. In the reference implementation,
|
||||
the measurement slots are initialized to 0. At the first call to extend the
|
||||
measurement in a slot, the extend operation uses the default value of the
|
||||
measurement slot. All upcoming extend operation on the same slot contributes
|
||||
to the previous value of that measurement slot.
|
||||
|
||||
The following rules are kept when a slot is extended multiple times:
|
||||
|
||||
- ``Signer-id`` must be the same as the previous call(s), otherwise a
|
||||
PSA_ERROR_NOT_PERMITTED error code is returned.
|
||||
|
||||
- ``Measurement algorithm``: must be the same as the previous call(s),
|
||||
otherwise, a PSA_ERROR_NOT_PERMITTED error code is returned.
|
||||
|
||||
In case of error no further action is taken (slot is not locked). If there is
|
||||
a valid data in a sub-sequent call then measurement slot will be extended. The
|
||||
rest of the metadata is handled as follows when a measurement slot is extended
|
||||
multiple times:
|
||||
|
||||
- ``SW type``: Cleared.
|
||||
- ``Version info``: Cleared.
|
||||
|
||||
.. Note::
|
||||
|
||||
Extending multiple measurements in the same slot leads to some metadata
|
||||
information loss. Since RSE is not constrained on special HW resources to
|
||||
store the measurements and metadata, therefore it is worth considering to
|
||||
store all of them one by one in distinct slots. However, they are one-by-one
|
||||
included in the platform attestation token. So, the number of distinct
|
||||
firmware image measurements has an impact on the size of the attestation
|
||||
token.
|
||||
|
||||
The allocation of the measurement slot among RSE, Root and Realm worlds is
|
||||
platform dependent. The platform must provide an allocation of the measurement
|
||||
slot at build time. An example can be found in
|
||||
``tf-a/plat/arm/board/tc/tc_bl1_measured_boot.c``
|
||||
Furthermore, the memory, which holds the metadata is also statically allocated
|
||||
in RSE memory. Some of the fields have a static value (measurement algorithm),
|
||||
and some of the values have a dynamic value (measurement value) which is updated
|
||||
by the bootloaders when the firmware image is loaded and measured. The metadata
|
||||
structure is defined in
|
||||
``include/drivers/measured_boot/rse/rse_measured_boot.h``.
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
struct rse_mboot_metadata {
|
||||
unsigned int id;
|
||||
uint8_t slot;
|
||||
uint8_t signer_id[SIGNER_ID_MAX_SIZE];
|
||||
size_t signer_id_size;
|
||||
uint8_t version[VERSION_MAX_SIZE];
|
||||
size_t version_size;
|
||||
uint8_t sw_type[SW_TYPE_MAX_SIZE];
|
||||
size_t sw_type_size;
|
||||
void *pk_oid;
|
||||
bool lock_measurement;
|
||||
};
|
||||
|
||||
Signer-ID API
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
This function calculates the hash of a public key (signer-ID) using the
|
||||
``Measurement algorithm`` and stores it in the ``rse_mboot_metadata`` field
|
||||
named ``signer_id``.
|
||||
Prior to calling this function, the caller must ensure that the ``signer_id``
|
||||
field points to the zero-filled buffer.
|
||||
|
||||
Defined here:
|
||||
|
||||
- ``include/drivers/measured_boot/rse/rse_measured_boot.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
int rse_mboot_set_signer_id(struct rse_mboot_metadata *metadata_ptr,
|
||||
const void *pk_oid,
|
||||
const void *pk_ptr,
|
||||
size_t pk_len)
|
||||
|
||||
|
||||
- First parameter is the pointer to the ``rse_mboot_metadata`` structure.
|
||||
- Second parameter is the pointer to the key-OID of the public key.
|
||||
- Third parameter is the pointer to the public key buffer.
|
||||
- Fourth parameter is the size of public key buffer.
|
||||
- This function returns 0 on success, a signed integer error code
|
||||
otherwise.
|
||||
|
||||
Build time config options
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- ``MEASURED_BOOT``: Enable measured boot.
|
||||
- ``MBOOT_RSE_HASH_ALG``: Determine the hash algorithm to measure the images.
|
||||
The default value is sha-256.
|
||||
|
||||
Measured boot flow
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
.. figure:: ../resources/diagrams/rse_measured_boot_flow.svg
|
||||
:align: center
|
||||
|
||||
Sample console log
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
INFO: Measured boot extend measurement:
|
||||
INFO: - slot : 6
|
||||
INFO: - signer_id : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
INFO: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
INFO: - version :
|
||||
INFO: - version_size: 0
|
||||
INFO: - sw_type : FW_CONFIG
|
||||
INFO: - sw_type_size: 10
|
||||
INFO: - algorithm : 2000009
|
||||
INFO: - measurement : aa ea d3 a7 a8 e2 ab 7d 13 a6 cb 34 99 10 b9 a1
|
||||
INFO: : 1b 9f a0 52 c5 a8 b1 d7 76 f2 c1 c1 ef ca 1a df
|
||||
INFO: - locking : true
|
||||
INFO: FCONF: Config file with image ID:31 loaded at address = 0x4001010
|
||||
INFO: Loading image id=24 at address 0x4001300
|
||||
INFO: Image id=24 loaded: 0x4001300 - 0x400153a
|
||||
INFO: Measured boot extend measurement:
|
||||
INFO: - slot : 7
|
||||
INFO: - signer_id : b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec 32 73
|
||||
INFO: : e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22 9a da
|
||||
INFO: - version :
|
||||
INFO: - version_size: 0
|
||||
INFO: - sw_type : TB_FW_CONFIG
|
||||
INFO: - sw_type_size: 13
|
||||
INFO: - algorithm : 2000009
|
||||
INFO: - measurement : 05 b9 dc 98 62 26 a7 1c 2d e5 bb af f0 90 52 28
|
||||
INFO: : f2 24 15 8a 3a 56 60 95 d6 51 3a 7a 1a 50 9b b7
|
||||
INFO: - locking : true
|
||||
INFO: FCONF: Config file with image ID:24 loaded at address = 0x4001300
|
||||
INFO: BL1: Loading BL2
|
||||
INFO: Loading image id=1 at address 0x404d000
|
||||
INFO: Image id=1 loaded: 0x404d000 - 0x406412a
|
||||
INFO: Measured boot extend measurement:
|
||||
INFO: - slot : 8
|
||||
INFO: - signer_id : b0 f3 82 09 12 97 d8 3a 37 7a 72 47 1b ec 32 73
|
||||
INFO: : e9 92 32 e2 49 59 f6 5e 8b 4a 4a 46 d8 22 9a da
|
||||
INFO: - version :
|
||||
INFO: - version_size: 0
|
||||
INFO: - sw_type : BL_2
|
||||
INFO: - sw_type_size: 5
|
||||
INFO: - algorithm : 2000009
|
||||
INFO: - measurement : 53 a1 51 75 25 90 fb a1 d9 b8 c8 34 32 3a 01 16
|
||||
INFO: : c9 9e 74 91 7d 28 02 56 3f 5c 40 94 37 58 50 68
|
||||
INFO: - locking : true
|
||||
|
||||
Delegated Attestation
|
||||
---------------------
|
||||
|
||||
Delegated Attestation Service was mainly developed to support the attestation
|
||||
flow on the ``ARM Confidential Compute Architecture`` (ARM CCA) [7]_.
|
||||
The detailed description of the delegated attestation service can be found in
|
||||
the ``Delegated Attestation Service Integration Guide`` [4]_ document.
|
||||
|
||||
In the CCA use case, the Realm Management Monitor (RMM) relies on the delegated
|
||||
attestation service of the RSE to get a realm attestation key and the CCA
|
||||
platform token. BL31 does not use the service for its own purpose, only calls
|
||||
it on behalf of RMM. The access to MHU interface and thereby to RSE is
|
||||
restricted to BL31 only. Therefore, RMM does not have direct access, all calls
|
||||
need to go through BL31. The RMM dispatcher module of the BL31 is responsible
|
||||
for delivering the calls between the two parties.
|
||||
|
||||
Delegated Attestation API
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
Defined here:
|
||||
|
||||
- ``include/lib/psa/delegated_attestation.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
psa_status_t
|
||||
rse_delegated_attest_get_delegated_key(uint8_t ecc_curve,
|
||||
uint32_t key_bits,
|
||||
uint8_t *key_buf,
|
||||
size_t key_buf_size,
|
||||
size_t *key_size,
|
||||
uint32_t hash_algo);
|
||||
|
||||
psa_status_t
|
||||
rse_delegated_attest_get_token(const uint8_t *dak_pub_hash,
|
||||
size_t dak_pub_hash_size,
|
||||
uint8_t *token_buf,
|
||||
size_t token_buf_size,
|
||||
size_t *token_size);
|
||||
|
||||
Attestation flow
|
||||
^^^^^^^^^^^^^^^^
|
||||
|
||||
.. figure:: ../resources/diagrams/rse_attestation_flow.svg
|
||||
:align: center
|
||||
|
||||
Sample attestation token
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Binary format:
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
INFO: DELEGATED ATTEST TEST START
|
||||
INFO: Get delegated attestation key start
|
||||
INFO: Get delegated attest key succeeds, len: 48
|
||||
INFO: Delegated attest key:
|
||||
INFO: 0d 2a 66 61 d4 89 17 e1 70 c6 73 56 df f4 11 fd
|
||||
INFO: 7d 1f 3b 8a a3 30 3d 70 4c d9 06 c3 c7 ef 29 43
|
||||
INFO: 0f ee b5 e7 56 e0 71 74 1b c4 39 39 fd 85 f6 7b
|
||||
INFO: Get platform token start
|
||||
INFO: Get platform token succeeds, len: 1086
|
||||
INFO: Platform attestation token:
|
||||
INFO: d2 84 44 a1 01 38 22 a0 59 05 81 a9 19 01 09 78
|
||||
INFO: 23 74 61 67 3a 61 72 6d 2e 63 6f 6d 2c 32 30 32
|
||||
INFO: 33 3a 63 63 61 5f 70 6c 61 74 66 6f 72 6d 23 31
|
||||
INFO: 2e 30 2e 30 0a 58 20 0d 22 e0 8a 98 46 90 58 48
|
||||
INFO: 63 18 28 34 89 bd b3 6f 09 db ef eb 18 64 df 43
|
||||
INFO: 3f a6 e5 4e a2 d7 11 19 09 5c 58 20 7f 45 4c 46
|
||||
INFO: 02 01 01 00 00 00 00 00 00 00 00 00 03 00 3e 00
|
||||
INFO: 01 00 00 00 50 58 00 00 00 00 00 00 19 01 00 58
|
||||
INFO: 21 01 07 06 05 04 03 02 01 00 0f 0e 0d 0c 0b 0a
|
||||
INFO: 09 08 17 16 15 14 13 12 11 10 1f 1e 1d 1c 1b 1a
|
||||
INFO: 19 18 19 09 61 44 cf cf cf cf 19 09 5b 19 30 03
|
||||
INFO: 19 09 62 67 73 68 61 2d 32 35 36 19 09 60 78 3a
|
||||
INFO: 68 74 74 70 73 3a 2f 2f 76 65 72 61 69 73 6f 6e
|
||||
INFO: 2e 65 78 61 6d 70 6c 65 2f 2e 77 65 6c 6c 2d 6b
|
||||
INFO: 6e 6f 77 6e 2f 76 65 72 61 69 73 6f 6e 2f 76 65
|
||||
INFO: 72 69 66 69 63 61 74 69 6f 6e 19 09 5f 8d a4 01
|
||||
INFO: 69 52 53 45 5f 42 4c 31 5f 32 05 58 20 53 78 79
|
||||
INFO: 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc 56 41 41 9c
|
||||
INFO: 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a a3 02 58 20
|
||||
INFO: 9a 27 1f 2a 91 6b 0b 6e e6 ce cb 24 26 f0 b3 20
|
||||
INFO: 6e f0 74 57 8b e5 5d 9b c9 4f 6f 3f e3 ab 86 aa
|
||||
INFO: 06 67 73 68 61 2d 32 35 36 a4 01 67 52 53 45 5f
|
||||
INFO: 42 4c 32 05 58 20 53 78 79 63 07 53 5d f3 ec 8d
|
||||
INFO: 8b 15 a2 e2 dc 56 41 41 9c 3d 30 60 cf e3 22 38
|
||||
INFO: c0 fa 97 3f 7a a3 02 58 20 53 c2 34 e5 e8 47 2b
|
||||
INFO: 6a c5 1c 1a e1 ca b3 fe 06 fa d0 53 be b8 eb fd
|
||||
INFO: 89 77 b0 10 65 5b fd d3 c3 06 67 73 68 61 2d 32
|
||||
INFO: 35 36 a4 01 65 52 53 45 5f 53 05 58 20 53 78 79
|
||||
INFO: 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc 56 41 41 9c
|
||||
INFO: 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a a3 02 58 20
|
||||
INFO: 11 21 cf cc d5 91 3f 0a 63 fe c4 0a 6f fd 44 ea
|
||||
INFO: 64 f9 dc 13 5c 66 63 4b a0 01 d1 0b cf 43 02 a2
|
||||
INFO: 06 67 73 68 61 2d 32 35 36 a4 01 66 41 50 5f 42
|
||||
INFO: 4c 31 05 58 20 53 78 79 63 07 53 5d f3 ec 8d 8b
|
||||
INFO: 15 a2 e2 dc 56 41 41 9c 3d 30 60 cf e3 22 38 c0
|
||||
INFO: fa 97 3f 7a a3 02 58 20 15 71 b5 ec 78 bd 68 51
|
||||
INFO: 2b f7 83 0b b6 a2 a4 4b 20 47 c7 df 57 bc e7 9e
|
||||
INFO: b8 a1 c0 e5 be a0 a5 01 06 67 73 68 61 2d 32 35
|
||||
INFO: 36 a4 01 66 41 50 5f 42 4c 32 05 58 20 53 78 79
|
||||
INFO: 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc 56 41 41 9c
|
||||
INFO: 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a a3 02 58 20
|
||||
INFO: 10 15 9b af 26 2b 43 a9 2d 95 db 59 da e1 f7 2c
|
||||
INFO: 64 51 27 30 16 61 e0 a3 ce 4e 38 b2 95 a9 7c 58
|
||||
INFO: 06 67 73 68 61 2d 32 35 36 a4 01 67 53 43 50 5f
|
||||
INFO: 42 4c 31 05 58 20 53 78 79 63 07 53 5d f3 ec 8d
|
||||
INFO: 8b 15 a2 e2 dc 56 41 41 9c 3d 30 60 cf e3 22 38
|
||||
INFO: c0 fa 97 3f 7a a3 02 58 20 10 12 2e 85 6b 3f cd
|
||||
INFO: 49 f0 63 63 63 17 47 61 49 cb 73 0a 1a a1 cf aa
|
||||
INFO: d8 18 55 2b 72 f5 6d 6f 68 06 67 73 68 61 2d 32
|
||||
INFO: 35 36 a4 01 67 53 43 50 5f 42 4c 32 05 58 20 f1
|
||||
INFO: 4b 49 87 90 4b cb 58 14 e4 45 9a 05 7e d4 d2 0f
|
||||
INFO: 58 a6 33 15 22 88 a7 61 21 4d cd 28 78 0b 56 02
|
||||
INFO: 58 20 aa 67 a1 69 b0 bb a2 17 aa 0a a8 8a 65 34
|
||||
INFO: 69 20 c8 4c 42 44 7c 36 ba 5f 7e a6 5f 42 2c 1f
|
||||
INFO: e5 d8 06 67 73 68 61 2d 32 35 36 a4 01 67 41 50
|
||||
INFO: 5f 42 4c 33 31 05 58 20 53 78 79 63 07 53 5d f3
|
||||
INFO: ec 8d 8b 15 a2 e2 dc 56 41 41 9c 3d 30 60 cf e3
|
||||
INFO: 22 38 c0 fa 97 3f 7a a3 02 58 20 2e 6d 31 a5 98
|
||||
INFO: 3a 91 25 1b fa e5 ae fa 1c 0a 19 d8 ba 3c f6 01
|
||||
INFO: d0 e8 a7 06 b4 cf a9 66 1a 6b 8a 06 67 73 68 61
|
||||
INFO: 2d 32 35 36 a4 01 63 52 4d 4d 05 58 20 53 78 79
|
||||
INFO: 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc 56 41 41 9c
|
||||
INFO: 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a a3 02 58 20
|
||||
INFO: a1 fb 50 e6 c8 6f ae 16 79 ef 33 51 29 6f d6 71
|
||||
INFO: 34 11 a0 8c f8 dd 17 90 a4 fd 05 fa e8 68 81 64
|
||||
INFO: 06 67 73 68 61 2d 32 35 36 a4 01 69 48 57 5f 43
|
||||
INFO: 4f 4e 46 49 47 05 58 20 53 78 79 63 07 53 5d f3
|
||||
INFO: ec 8d 8b 15 a2 e2 dc 56 41 41 9c 3d 30 60 cf e3
|
||||
INFO: 22 38 c0 fa 97 3f 7a a3 02 58 20 1a 25 24 02 97
|
||||
INFO: 2f 60 57 fa 53 cc 17 2b 52 b9 ff ca 69 8e 18 31
|
||||
INFO: 1f ac d0 f3 b0 6e ca ae f7 9e 17 06 67 73 68 61
|
||||
INFO: 2d 32 35 36 a4 01 69 46 57 5f 43 4f 4e 46 49 47
|
||||
INFO: 05 58 20 53 78 79 63 07 53 5d f3 ec 8d 8b 15 a2
|
||||
INFO: e2 dc 56 41 41 9c 3d 30 60 cf e3 22 38 c0 fa 97
|
||||
INFO: 3f 7a a3 02 58 20 9a 92 ad bc 0c ee 38 ef 65 8c
|
||||
INFO: 71 ce 1b 1b f8 c6 56 68 f1 66 bf b2 13 64 4c 89
|
||||
INFO: 5c cb 1a d0 7a 25 06 67 73 68 61 2d 32 35 36 a4
|
||||
INFO: 01 6c 54 42 5f 46 57 5f 43 4f 4e 46 49 47 05 58
|
||||
INFO: 20 53 78 79 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc
|
||||
INFO: 56 41 41 9c 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a
|
||||
INFO: a3 02 58 20 23 89 03 18 0c c1 04 ec 2c 5d 8b 3f
|
||||
INFO: 20 c5 bc 61 b3 89 ec 0a 96 7d f8 cc 20 8c dc 7c
|
||||
INFO: d4 54 17 4f 06 67 73 68 61 2d 32 35 36 a4 01 6d
|
||||
INFO: 53 4f 43 5f 46 57 5f 43 4f 4e 46 49 47 05 58 20
|
||||
INFO: 53 78 79 63 07 53 5d f3 ec 8d 8b 15 a2 e2 dc 56
|
||||
INFO: 41 41 9c 3d 30 60 cf e3 22 38 c0 fa 97 3f 7a a3
|
||||
INFO: 02 58 20 e6 c2 1e 8d 26 0f e7 18 82 de bd b3 39
|
||||
INFO: d2 40 2a 2c a7 64 85 29 bc 23 03 f4 86 49 bc e0
|
||||
INFO: 38 00 17 06 67 73 68 61 2d 32 35 36 58 60 31 d0
|
||||
INFO: 4d 52 cc de 95 2c 1e 32 cb a1 81 88 5a 40 b8 cc
|
||||
INFO: 38 e0 52 8c 1e 89 58 98 07 64 2a a5 e3 f2 bc 37
|
||||
INFO: f9 53 74 50 6b ff 4d 2e 4b e7 06 3c 4d 72 41 92
|
||||
INFO: 70 c7 22 e8 d4 d9 3e e8 b6 c9 fa ce 3b 43 c9 76
|
||||
INFO: 1a 49 94 1a b6 f3 8f fd ff 49 6a d4 63 b4 cb fa
|
||||
INFO: 11 d8 3e 23 e3 1f 7f 62 32 9d e3 0c 1c c8
|
||||
INFO: DELEGATED ATTEST TEST END
|
||||
|
||||
JSON format:
|
||||
|
||||
.. code-block:: JSON
|
||||
|
||||
{
|
||||
"CCA_ATTESTATION_PROFILE": "tag:arm.com,2023:cca_platform#1.0.0",
|
||||
"CCA_PLATFORM_CHALLENGE": "b'0D22E08A98469058486318283489BDB36F09DBEFEB1864DF433FA6E54EA2D711'",
|
||||
"CCA_PLATFORM_IMPLEMENTATION_ID": "b'7F454C4602010100000000000000000003003E00010000005058000000000000'",
|
||||
"CCA_PLATFORM_INSTANCE_ID": "b'0107060504030201000F0E0D0C0B0A090817161514131211101F1E1D1C1B1A1918'",
|
||||
"CCA_PLATFORM_CONFIG": "b'CFCFCFCF'",
|
||||
"CCA_PLATFORM_LIFECYCLE": "secured_3003",
|
||||
"CCA_PLATFORM_HASH_ALGO_ID": "sha-256",
|
||||
"CCA_PLATFORM_VERIFICATION_SERVICE": "https://veraison.example/.well-known/veraison/verification",
|
||||
"CCA_PLATFORM_SW_COMPONENTS": [
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "RSE_BL1_2",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'9A271F2A916B0B6EE6CECB2426F0B3206EF074578BE55D9BC94F6F3FE3AB86AA'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "RSE_BL2",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'53C234E5E8472B6AC51C1AE1CAB3FE06FAD053BEB8EBFD8977B010655BFDD3C3'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "RSE_S",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'1121CFCCD5913F0A63FEC40A6FFD44EA64F9DC135C66634BA001D10BCF4302A2'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "AP_BL1",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'1571B5EC78BD68512BF7830BB6A2A44B2047C7DF57BCE79EB8A1C0E5BEA0A501'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "AP_BL2",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'10159BAF262B43A92D95DB59DAE1F72C645127301661E0A3CE4E38B295A97C58'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "SCP_BL1",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'10122E856B3FCD49F063636317476149CB730A1AA1CFAAD818552B72F56D6F68'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "SCP_BL2",
|
||||
"SIGNER_ID": "b'F14B4987904BCB5814E4459A057ED4D20F58A633152288A761214DCD28780B56'",
|
||||
"MEASUREMENT_VALUE": "b'AA67A169B0BBA217AA0AA88A65346920C84C42447C36BA5F7EA65F422C1FE5D8'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "AP_BL31",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'2E6D31A5983A91251BFAE5AEFA1C0A19D8BA3CF601D0E8A706B4CFA9661A6B8A'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "RMM",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'A1FB50E6C86FAE1679EF3351296FD6713411A08CF8DD1790A4FD05FAE8688164'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "HW_CONFIG",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'1A252402972F6057FA53CC172B52B9FFCA698E18311FACD0F3B06ECAAEF79E17'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "FW_CONFIG",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'9A92ADBC0CEE38EF658C71CE1B1BF8C65668F166BFB213644C895CCB1AD07A25'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "TB_FW_CONFIG",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'238903180CC104EC2C5D8B3F20C5BC61B389EC0A967DF8CC208CDC7CD454174F'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
},
|
||||
{
|
||||
"SW_COMPONENT_TYPE": "SOC_FW_CONFIG",
|
||||
"SIGNER_ID": "b'5378796307535DF3EC8D8B15A2E2DC5641419C3D3060CFE32238C0FA973F7AA3'",
|
||||
"MEASUREMENT_VALUE": "b'E6C21E8D260FE71882DEBDB339D2402A2CA7648529BC2303F48649BCE0380017'",
|
||||
"CCA_SW_COMPONENT_HASH_ID": "sha-256"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
RSE based DICE Protection Environment
|
||||
-------------------------------------
|
||||
|
||||
The ``DICE Protection Environment (DPE)`` [8]_ service makes it possible to
|
||||
execute |DICE| commands within an isolated execution environment. It provides
|
||||
clients with an interface to send DICE commands, encoded as CBOR objects,
|
||||
that act on opaque context handles. The |DPE| service performs |DICE|
|
||||
derivations and certification on its internal contexts, without exposing the
|
||||
|DICE| secrets (private keys and CDIs) outside of the isolated execution
|
||||
environment.
|
||||
|
||||
|DPE| API
|
||||
^^^^^^^^^
|
||||
|
||||
Defined here:
|
||||
|
||||
- ``include/lib/psa/dice_protection_environment.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
dpe_error_t
|
||||
dpe_derive_context(int context_handle,
|
||||
uint32_t cert_id,
|
||||
bool retain_parent_context,
|
||||
bool allow_new_context_to_derive,
|
||||
bool create_certificate,
|
||||
const DiceInputValues *dice_inputs,
|
||||
int32_t target_locality,
|
||||
bool return_certificate,
|
||||
bool allow_new_context_to_export,
|
||||
bool export_cdi,
|
||||
int *new_context_handle,
|
||||
int *new_parent_context_handle,
|
||||
uint8_t *new_certificate_buf,
|
||||
size_t new_certificate_buf_size,
|
||||
size_t *new_certificate_actual_size,
|
||||
uint8_t *exported_cdi_buf,
|
||||
size_t exported_cdi_buf_size,
|
||||
size_t *exported_cdi_actual_size);
|
||||
|
||||
Build time config options
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- ``MEASURED_BOOT``: Enable measured boot.
|
||||
- ``DICE_PROTECTION_ENVIRONMENT``: Boolean flag to specify the measured boot
|
||||
backend when |RSE| based ``MEASURED_BOOT`` is enabled. The default value is
|
||||
``0``. When set to ``1`` then measurements and additional metadata collected
|
||||
during the measured boot process are sent to the |DPE| for storage and
|
||||
processing.
|
||||
- ``DPE_ALG_ID``: Determine the hash algorithm to measure the images. The
|
||||
default value is sha-256.
|
||||
|
||||
Example certificate chain
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
``plat/arm/board/tc/tc_dpe.h``
|
||||
|
||||
RSE OTP Assets Management
|
||||
-------------------------
|
||||
|
||||
RSE provides access for AP to assets in OTP, which include keys for image
|
||||
signature verification and non-volatile counters for anti-rollback protection.
|
||||
|
||||
Non-Volatile Counter API
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
AP/RSE interface for retrieving and incrementing non-volatile counters API is
|
||||
as follows.
|
||||
|
||||
Defined here:
|
||||
|
||||
- ``include/lib/psa/rse_platform_api.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
psa_status_t rse_platform_nv_counter_increment(uint32_t counter_id)
|
||||
|
||||
psa_status_t rse_platform_nv_counter_read(uint32_t counter_id,
|
||||
uint32_t size, uint8_t *val)
|
||||
|
||||
Through this service, we can read/increment any of the 3 non-volatile
|
||||
counters used on an Arm CCA platform:
|
||||
|
||||
- ``Non-volatile counter for CCA firmware (BL2, BL31, RMM).``
|
||||
- ``Non-volatile counter for secure firmware.``
|
||||
- ``Non-volatile counter for non-secure firmware.``
|
||||
|
||||
Public Key API
|
||||
^^^^^^^^^^^^^^
|
||||
|
||||
AP/RSE interface for reading the ROTPK is as follows.
|
||||
|
||||
Defined here:
|
||||
|
||||
- ``include/lib/psa/rse_platform_api.h``
|
||||
|
||||
.. code-block:: c
|
||||
|
||||
psa_status_t rse_platform_key_read(enum rse_key_id_builtin_t key,
|
||||
uint8_t *data, size_t data_size, size_t *data_length)
|
||||
|
||||
Through this service, we can read any of the 3 ROTPKs used on an
|
||||
Arm CCA platform:
|
||||
|
||||
- ``ROTPK for CCA firmware (BL2, BL31, RMM).``
|
||||
- ``ROTPK for secure firmware.``
|
||||
- ``ROTPK for non-secure firmware.``
|
||||
|
||||
References
|
||||
----------
|
||||
|
||||
.. [1] https://trustedfirmware-m.readthedocs.io/en/latest/platform/arm/rse/index.html
|
||||
.. [2] https://trustedfirmware-m.readthedocs.io/en/latest/platform/arm/rse/rse_comms.html
|
||||
.. [3] https://trustedfirmware-m.readthedocs.io/projects/tf-m-extras/en/latest/partitions/measured_boot_integration_guide.html
|
||||
.. [4] https://trustedfirmware-m.readthedocs.io/projects/tf-m-extras/en/latest/partitions/delegated_attestation/delegated_attest_integration_guide.html
|
||||
.. [5] https://trustedfirmware-m.readthedocs.io/en/latest/platform/arm/rse/rse_key_management.html
|
||||
.. [6] https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4&hash=3BFD6F3E687F324672F18E5BE9F08EDC48087C93
|
||||
.. [7] https://developer.arm.com/documentation/DEN0096/A_a/?lang=en
|
||||
.. [8] https://trustedfirmware-m.readthedocs.io/projects/tf-m-extras/en/latest/partitions/dice_protection_environment/dice_protection_environment.html
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023-2024, Arm Limited. All rights reserved.*
|
||||
*Copyright (c) 2024, Linaro Limited. All rights reserved.*
|
||||
@@ -0,0 +1,29 @@
|
||||
Internal Build Options
|
||||
======================
|
||||
|
||||
|TF-A| internally uses certain options that are not exposed directly through
|
||||
:ref:`build-options <build options>` but enabled or disabled indirectly and
|
||||
depends on certain options to be enabled or disabled.
|
||||
|
||||
.. _build_options_internal:
|
||||
|
||||
- ``CTX_INCLUDE_EL2_REGS``: This boolean option provides context save/restore
|
||||
operations when entering/exiting an EL2 execution context. This is of primary
|
||||
interest when Armv8.4-SecEL2 or RME extension is implemented.
|
||||
Default is 0 (disabled). This option will be set to 1 (enabled) when ``SPD=spmd``
|
||||
and ``SPMD_SPM_AT_SEL2`` is set or when ``ENABLE_RME`` is set to 1 (enabled).
|
||||
|
||||
- ``FFH_SUPPORT``: This boolean option provides support to enable Firmware First
|
||||
handling (FFH) of External aborts and SError interrupts originating from lower
|
||||
ELs which gets trapped in EL3. This option will be set to 1 (enabled) if
|
||||
``HANDLE_EA_EL3_FIRST_NS`` is set. Currently only NS world routes EA to EL3 but
|
||||
in future when Secure/Realm wants to use FFH then they can introduce new macros
|
||||
which will enable this option implicitly.
|
||||
|
||||
- ``OPTEE_SP_FW_CONFIG``: DTC build flag to include OP-TEE as SP in
|
||||
tb_fw_config device tree. This flag is defined only when
|
||||
``ARM_SPMC_MANIFEST_DTS`` manifest file name contains pattern optee_sp.
|
||||
|
||||
- ``TRUSTY_SP_FW_CONFIG``: DTC build flag to include Trusty as SP in
|
||||
tb_fw_config device tree. This flag is defined only when
|
||||
``ARM_SPMC_MANIFEST_DTS`` manifest file name contains pattern trusty_sp.
|
||||
1466
arm-trusted-firmware.t234/docs/getting_started/build-options.rst
Normal file
1466
arm-trusted-firmware.t234/docs/getting_started/build-options.rst
Normal file
File diff suppressed because it is too large
Load Diff
131
arm-trusted-firmware.t234/docs/getting_started/docs-build.rst
Normal file
131
arm-trusted-firmware.t234/docs/getting_started/docs-build.rst
Normal file
@@ -0,0 +1,131 @@
|
||||
Building Documentation
|
||||
======================
|
||||
|
||||
To create a rendered copy of this documentation locally you can use the
|
||||
`Sphinx`_ tool to build and package the plain-text documents into HTML-formatted
|
||||
pages.
|
||||
|
||||
If you are building the documentation for the first time then you will need to
|
||||
check that you have the required software packages, as described in the
|
||||
*Prerequisites* section that follows.
|
||||
|
||||
.. note::
|
||||
An online copy of the documentation is available at
|
||||
https://www.trustedfirmware.org/docs/tf-a, if you want to view a rendered
|
||||
copy without doing a local build.
|
||||
|
||||
Prerequisites
|
||||
-------------
|
||||
|
||||
For building a local copy of the |TF-A| documentation you will need:
|
||||
|
||||
- Python 3 (3.8 or later)
|
||||
- PlantUML (1.2017.15 or later)
|
||||
- `Poetry`_ (Python dependency manager)
|
||||
- Optionally, the `Dia`_ application can be installed if you need to edit
|
||||
existing ``.dia`` diagram files, or create new ones.
|
||||
|
||||
|
||||
Below is an example set of instructions to get a working environment (tested on
|
||||
Ubuntu):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install python3 python3-pip plantuml [dia]
|
||||
curl -sSL https://install.python-poetry.org | python3 -
|
||||
|
||||
Building rendered documentation
|
||||
-------------------------------
|
||||
|
||||
The documentation can be compiled into HTML-formatted pages from the project
|
||||
root directory by running:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
poetry run make doc
|
||||
|
||||
Output from the build process will be placed in: ``docs/build/html``.
|
||||
|
||||
Other Output Formats
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
We also support building documentation in other formats. From the ``docs``
|
||||
directory of the project, run the following command to see the supported
|
||||
formats.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
poetry run make -C docs help
|
||||
|
||||
To build the documentation in PDF format, additionally ensure that the following
|
||||
packages are installed:
|
||||
|
||||
- FreeSerif font
|
||||
- latexmk
|
||||
- librsvg2-bin
|
||||
- xelatex
|
||||
- xindy
|
||||
|
||||
Below is an example set of instructions to install the required packages
|
||||
(tested on Ubuntu):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install fonts-freefont-otf latexmk librsvg2-bin texlive-xetex xindy
|
||||
|
||||
Once all the dependencies are installed, run the command ``poetry run make -C
|
||||
docs latexpdf`` to build the documentation. Output from the build process
|
||||
(``trustedfirmware-a.pdf``) can be found in ``docs/build/latex``.
|
||||
|
||||
Building rendered documentation from Poetry's virtual environment
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The command ``poetry run`` used in the steps above executes the input command
|
||||
from inside the project's virtual environment. The easiest way to activate this
|
||||
virtual environment is with the ``poetry shell`` command.
|
||||
|
||||
Running ``poetry shell`` from the directory containing this project, activates
|
||||
the same virtual environment. This creates a sub-shell through which you can
|
||||
build the documentation directly with ``make``.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
poetry shell
|
||||
make doc
|
||||
|
||||
Type ``exit`` to deactivate the virtual environment and exit this new shell. For
|
||||
other use cases, please see the official `Poetry`_ documentation.
|
||||
|
||||
Building rendered documentation from a container
|
||||
------------------------------------------------
|
||||
|
||||
There may be cases where you can not either install or upgrade required
|
||||
dependencies to generate the documents, so in this case, one way to
|
||||
create the documentation is through a docker container. The first step is
|
||||
to check if `docker`_ is installed in your host, otherwise check main docker
|
||||
page for installation instructions. Once installed, run the following script
|
||||
from project root directory
|
||||
|
||||
.. code:: shell
|
||||
|
||||
docker run --rm -v $PWD:/tf-a sphinxdoc/sphinx \
|
||||
bash -c 'cd /tf-a &&
|
||||
apt-get update && apt-get install -y curl plantuml &&
|
||||
curl -sSL https://install.python-poetry.org | python3 - &&
|
||||
~/.local/bin/poetry run make doc'
|
||||
|
||||
The above command fetches the ``sphinxdoc/sphinx`` container from `docker
|
||||
hub`_, launches the container, installs documentation requirements and finally
|
||||
creates the documentation. Once done, exit the container and output from the
|
||||
build process will be placed in: ``docs/build/html``.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Sphinx: http://www.sphinx-doc.org/en/master/
|
||||
.. _Poetry: https://python-poetry.org/docs/
|
||||
.. _pip homepage: https://pip.pypa.io/en/stable/
|
||||
.. _Dia: https://wiki.gnome.org/Apps/Dia
|
||||
.. _docker: https://www.docker.com/
|
||||
.. _docker hub: https://hub.docker.com/repository/docker/sphinxdoc/sphinx
|
||||
@@ -0,0 +1,192 @@
|
||||
Image Terminology
|
||||
=================
|
||||
|
||||
This page contains the current name, abbreviated name and purpose of the various
|
||||
images referred to in the Trusted Firmware project.
|
||||
|
||||
Common Image Features
|
||||
---------------------
|
||||
|
||||
- Some of the names and abbreviated names have changed to accommodate new
|
||||
requirements. The changed names are as backward compatible as possible to
|
||||
minimize confusion. Where applicable, the previous names are indicated. Some
|
||||
code, documentation and build artefacts may still refer to the previous names;
|
||||
these will inevitably take time to catch up.
|
||||
|
||||
- The main name change is to prefix each image with the processor it corresponds
|
||||
to (for example ``AP_``, ``SCP_``, ...). In situations where there is no
|
||||
ambiguity (for example, within AP specific code/documentation), it is
|
||||
permitted to omit the processor prefix (for example, just BL1 instead of
|
||||
``AP_BL1``).
|
||||
|
||||
- Previously, the format for 3rd level images had 2 forms; ``BL3`` was either
|
||||
suffixed with a dash ("-") followed by a number (for example, ``BL3-1``) or a
|
||||
subscript number, depending on whether rich text formatting was available.
|
||||
This was confusing and often the dash gets omitted in practice. Therefore the
|
||||
new form is to just omit the dash and not use subscript formatting.
|
||||
|
||||
- The names no longer contain dash ("-") characters at all. In some places (for
|
||||
example, function names) it's not possible to use this character. All dashes
|
||||
are either removed or replaced by underscores ("_").
|
||||
|
||||
- The abbreviation BL stands for BootLoader. This is a historical anomaly.
|
||||
Clearly, many of these images are not BootLoaders, they are simply firmware
|
||||
images. However, the BL abbreviation is now widely used and is retained for
|
||||
backwards compatibility.
|
||||
|
||||
- The image names are not case sensitive. For example, ``bl1`` is
|
||||
interchangeable with ``BL1``, although mixed case should be avoided.
|
||||
|
||||
Trusted Firmware Images
|
||||
-----------------------
|
||||
|
||||
Firmware Image Package: ``FIP``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is a packaging format used by TF-A to package firmware images in a single
|
||||
binary. The number and type of images that should be packed in a FIP is
|
||||
platform-specific and may include TF-A images and other firmware images
|
||||
required by the platform. For example, most platforms require a BL33 image
|
||||
which corresponds to the normal world bootloader (e.g. UEFI or U-Boot).
|
||||
|
||||
AP Boot ROM: ``AP_BL1``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first code to execute on the AP and cannot be modified.
|
||||
Its primary purpose is to perform the minimum initialization necessary to load
|
||||
and authenticate an updateable AP firmware image into an executable RAM
|
||||
location, then hand-off control to that image.
|
||||
|
||||
AP RAM Firmware: ``AP_BL2``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage AP firmware. It is currently also known as the "Trusted
|
||||
Boot Firmware". Its primary purpose is to perform any additional initialization
|
||||
required to load and authenticate all 3rd level firmware images into their
|
||||
executable RAM locations, then hand-off control to the EL3 Runtime Firmware.
|
||||
|
||||
EL3 Runtime Firmware: ``AP_BL31``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Also known as "SoC AP firmware" or "EL3 monitor firmware". Its primary purpose
|
||||
is to handle transitions between the normal and secure world.
|
||||
|
||||
Secure-EL1 Payload (SP): ``AP_BL32``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically this is a TEE or Trusted OS, providing runtime secure services to the
|
||||
normal world. However, it may refer to a more abstract Secure-EL1 Payload (SP).
|
||||
Note that this abbreviation should only be used in systems where there is a
|
||||
single or primary image executing at Secure-EL1. In systems where there are
|
||||
potentially multiple SPs and there is no concept of a primary SP, this
|
||||
abbreviation should be avoided; use the recommended **Other AP 3rd level
|
||||
images** abbreviation instead.
|
||||
|
||||
AP Normal World Firmware: ``AP_BL33``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
For example, UEFI or uboot. Its primary purpose is to boot a normal world OS.
|
||||
|
||||
Other AP 3rd level images: ``AP_BL3_XXX``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The abbreviated names of the existing 3rd level images imply a load/execution
|
||||
ordering (for example, ``AP_BL31 -> AP_BL32 -> AP_BL33``). Some systems may
|
||||
have additional images and/or a different load/execution ordering. The
|
||||
abbreviated names of the existing images are retained for backward compatibility
|
||||
but new 3rd level images should be suffixed with an underscore followed by text
|
||||
identifier, not a number.
|
||||
|
||||
In systems where 3rd level images are provided by different vendors, the
|
||||
abbreviated name should identify the vendor as well as the image
|
||||
function. For example, ``AP_BL3_ARM_RAS``.
|
||||
|
||||
Realm Monitor Management Firmware: ``RMM``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the Realm-EL2 firmware. It is required if
|
||||
:ref:`Realm Management Extension (RME)` feature is enabled. If a path to RMM
|
||||
image is not provided, TF-A builds Test Realm Payload (TRP) image by default
|
||||
and uses it as the RMM image.
|
||||
|
||||
SCP Boot ROM: ``SCP_BL1`` (previously ``BL0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first code to execute on the SCP and cannot be modified.
|
||||
Its primary purpose is to perform the minimum initialization necessary to load
|
||||
and authenticate an updateable SCP firmware image into an executable RAM
|
||||
location, then hand-off control to that image. This may be performed in
|
||||
conjunction with other processor firmware (for example, ``AP_BL1`` and
|
||||
``AP_BL2``).
|
||||
|
||||
This image was previously abbreviated as ``BL0`` but in some systems, the SCP
|
||||
may directly load/authenticate its own firmware. In these systems, it doesn't
|
||||
make sense to interleave the image terminology for AP and SCP; both AP and SCP
|
||||
Boot ROMs are ``BL1`` from their own point of view.
|
||||
|
||||
SCP RAM Firmware: ``SCP_BL2`` (previously ``BL3-0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage SCP firmware. It is currently also known as the "SCP
|
||||
runtime firmware" but it could potentially be an intermediate firmware if the
|
||||
SCP needs to load/authenticate multiple 3rd level images in future.
|
||||
|
||||
This image was previously abbreviated as BL3-0 but from the SCP's point of view,
|
||||
this has always been the 2nd stage firmware. The previous name is too
|
||||
AP-centric.
|
||||
|
||||
Firmware Update (FWU) Images
|
||||
----------------------------
|
||||
|
||||
The terminology for these images has not been widely adopted yet but they have
|
||||
to be considered in a production Trusted Board Boot solution.
|
||||
|
||||
AP Firmware Update Boot ROM: ``AP_NS_BL1U``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first normal world code to execute on the AP during a
|
||||
firmware update operation, and cannot be modified. Its primary purpose is to
|
||||
load subsequent firmware update images from an external interface and communicate
|
||||
with ``AP_BL1`` to authenticate those images.
|
||||
|
||||
During firmware update, there are (potentially) multiple transitions between the
|
||||
secure and normal world. The "level" of the BL image is relative to the world
|
||||
it's in so it makes sense to encode "NS" in the normal world images. The absence
|
||||
of "NS" implies a secure world image.
|
||||
|
||||
AP Firmware Update Config: ``AP_BL2U``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This image does the minimum necessary AP secure world configuration required to
|
||||
complete the firmware update operation. It is potentially a subset of ``AP_BL2``
|
||||
functionality.
|
||||
|
||||
SCP Firmware Update Config: ``SCP_BL2U`` (previously ``BL2-U0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This image does the minimum necessary SCP secure world configuration required to
|
||||
complete the firmware update operation. It is potentially a subset of
|
||||
``SCP_BL2`` functionality.
|
||||
|
||||
AP Firmware Updater: ``AP_NS_BL2U`` (previously ``BL3-U``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage AP normal world firmware updater. Its primary purpose is
|
||||
to load a new set of firmware images from an external interface and write them
|
||||
into non-volatile storage.
|
||||
|
||||
Other Processor Firmware Images
|
||||
-------------------------------
|
||||
|
||||
Some systems may have additional processors to the AP and SCP. For example, a
|
||||
Management Control Processor (MCP). Images for these processors should follow
|
||||
the same terminology, with the processor abbreviation prefix, followed by
|
||||
underscore and the level of the firmware image.
|
||||
|
||||
For example,
|
||||
|
||||
MCP Boot ROM: ``MCP_BL1``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
MCP RAM Firmware: ``MCP_BL2``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
20
arm-trusted-firmware.t234/docs/getting_started/index.rst
Normal file
20
arm-trusted-firmware.t234/docs/getting_started/index.rst
Normal file
@@ -0,0 +1,20 @@
|
||||
Getting Started
|
||||
===============
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
prerequisites
|
||||
docs-build
|
||||
initial-build
|
||||
tools-build
|
||||
build-options
|
||||
build-internals
|
||||
image-terminology
|
||||
psci-lib-integration-guide
|
||||
rt-svc-writers-guide
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
|
||||
118
arm-trusted-firmware.t234/docs/getting_started/initial-build.rst
Normal file
118
arm-trusted-firmware.t234/docs/getting_started/initial-build.rst
Normal file
@@ -0,0 +1,118 @@
|
||||
Performing an Initial Build
|
||||
===========================
|
||||
|
||||
- Before building TF-A, the environment variable ``CROSS_COMPILE`` must point
|
||||
to your cross compiler.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch32-gcc>/bin/arm-none-eabi-
|
||||
|
||||
It is possible to build TF-A using Clang or Arm Compiler 6. To do so
|
||||
``CC`` needs to point to the clang or armclang binary, which will
|
||||
also select the clang or armclang assembler. Arm Compiler 6 will be selected
|
||||
when the base name of the path assigned to ``CC`` matches the string
|
||||
'armclang'. GNU binutils are required since the TF-A build system doesn't
|
||||
currently support Arm Scatter files. Meaning the GNU linker is used by
|
||||
default for Arm Compiler 6. Because of this dependency, ``CROSS_COMPILE``
|
||||
should be set as described above.
|
||||
|
||||
For AArch64 using Arm Compiler 6:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
make CC=<path-to-armclang>/bin/armclang PLAT=<platform> all
|
||||
|
||||
On the other hand, Clang uses LLVM linker (LLD) and other LLVM binutils by
|
||||
default instead of GNU utilities (LLVM linker (LLD) 14.0.0 is known to
|
||||
work with TF-A). ``CROSS_COMPILE`` need not be set for Clang. Please note,
|
||||
that the default linker may be manually overridden using the ``LD`` variable.
|
||||
|
||||
Clang will be selected when the base name of the path assigned to ``CC``
|
||||
contains the string 'clang'. This is to allow both clang and clang-X.Y
|
||||
to work.
|
||||
|
||||
For AArch64 using clang:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CC=<path-to-clang>/bin/clang PLAT=<platform> all
|
||||
|
||||
- Change to the root directory of the TF-A source tree and build.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> all
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> ARCH=aarch32 AARCH32_SP=sp_min all
|
||||
|
||||
Notes:
|
||||
|
||||
- If ``PLAT`` is not specified, ``fvp`` is assumed by default. See the
|
||||
:ref:`Build Options` document for more information on available build
|
||||
options.
|
||||
|
||||
- (AArch32 only) Currently only ``PLAT=fvp`` is supported.
|
||||
|
||||
- (AArch32 only) ``AARCH32_SP`` is the AArch32 EL3 Runtime Software and it
|
||||
corresponds to the BL32 image. A minimal ``AARCH32_SP``, sp_min, is
|
||||
provided by TF-A to demonstrate how PSCI Library can be integrated with
|
||||
an AArch32 EL3 Runtime Software. Some AArch32 EL3 Runtime Software may
|
||||
include other runtime services, for example Trusted OS services. A guide
|
||||
to integrate PSCI library with AArch32 EL3 Runtime Software can be found
|
||||
at :ref:`PSCI Library Integration guide for Armv8-A AArch32 systems`.
|
||||
|
||||
- (AArch64 only) The TSP (Test Secure Payload), corresponding to the BL32
|
||||
image, is not compiled in by default. Refer to the
|
||||
:ref:`Test Secure Payload (TSP) and Dispatcher (TSPD)` document for
|
||||
details on building the TSP.
|
||||
|
||||
- By default this produces a release version of the build. To produce a
|
||||
debug version instead, refer to the "Debugging options" section below.
|
||||
|
||||
- The build process creates products in a ``build`` directory tree, building
|
||||
the objects and binaries for each boot loader stage in separate
|
||||
sub-directories. The following boot loader binary files are created
|
||||
from the corresponding ELF files:
|
||||
|
||||
- ``build/<platform>/<build-type>/bl1.bin``
|
||||
- ``build/<platform>/<build-type>/bl2.bin``
|
||||
- ``build/<platform>/<build-type>/bl31.bin`` (AArch64 only)
|
||||
- ``build/<platform>/<build-type>/bl32.bin`` (mandatory for AArch32)
|
||||
|
||||
where ``<platform>`` is the name of the chosen platform and ``<build-type>``
|
||||
is either ``debug`` or ``release``. The actual number of images might differ
|
||||
depending on the platform.
|
||||
|
||||
- Build products for a specific build variant can be removed using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make DEBUG=<D> PLAT=<platform> clean
|
||||
|
||||
... where ``<D>`` is ``0`` or ``1``, as specified when building.
|
||||
|
||||
The build tree can be removed completely using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make realclean
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*
|
||||
196
arm-trusted-firmware.t234/docs/getting_started/prerequisites.rst
Normal file
196
arm-trusted-firmware.t234/docs/getting_started/prerequisites.rst
Normal file
@@ -0,0 +1,196 @@
|
||||
Prerequisites
|
||||
=============
|
||||
|
||||
This document describes the software requirements for building |TF-A| for
|
||||
AArch32 and AArch64 target platforms.
|
||||
|
||||
It may possible to build |TF-A| with combinations of software packages that are
|
||||
different from those listed below, however only the software described in this
|
||||
document can be officially supported.
|
||||
|
||||
Getting the TF-A Source
|
||||
-----------------------
|
||||
|
||||
Source code for |TF-A| is maintained in a Git repository hosted on
|
||||
`TrustedFirmware.org`_. To clone this repository from the server, run the following
|
||||
in your shell:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone "https://review.trustedfirmware.org/TF-A/trusted-firmware-a"
|
||||
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
======================== =====================
|
||||
Program Min supported version
|
||||
======================== =====================
|
||||
Arm Compiler 6.18
|
||||
Arm GNU Compiler 13.3
|
||||
Clang/LLVM 18.1.8
|
||||
Device Tree Compiler 1.6.1
|
||||
GNU make 3.81
|
||||
mbed TLS\ [#f1]_ 3.6.1
|
||||
Node.js [#f2]_ 16
|
||||
OpenSSL 1.0.0
|
||||
Poetry 1.3.2
|
||||
QCBOR\ [#f3]_ 1.2
|
||||
Sphinx\ [#f2]_ 5.3.0
|
||||
======================== =====================
|
||||
|
||||
.. [#f1] Required for Trusted Board Boot and Measured Boot.
|
||||
.. [#f2] Required only for building TF-A documentation.
|
||||
.. [#f3] Required only when enabling DICE Protection Environment support.
|
||||
|
||||
Toolchain
|
||||
^^^^^^^^^
|
||||
|
||||
|TF-A| can be compiled using any cross-compiler toolchain specified in the
|
||||
preceding table that target Armv7-A or Armv8-A. For AArch32 and
|
||||
AArch64 builds, the respective targets required are ``arm-none-eabi`` and
|
||||
``aarch64-none-elf``.
|
||||
|
||||
Testing has been performed with version 13.3.Rel1 (gcc 13.3) of the Arm
|
||||
GNU compiler, which can be installed from the `Arm Developer website`_.
|
||||
|
||||
In addition, a native compiler is required to build supporting tools.
|
||||
|
||||
.. note::
|
||||
Versions greater than the ones specified are likely but not guaranteed to
|
||||
work. This is predominantly because TF-A carries its own copy of compiler-rt,
|
||||
which may be older than the version expected by the compiler. Fixes and bug
|
||||
reports are always welcome.
|
||||
|
||||
.. note::
|
||||
For instructions on how to select the cross compiler refer to
|
||||
:ref:`Performing an Initial Build`.
|
||||
|
||||
OpenSSL
|
||||
^^^^^^^
|
||||
|
||||
OpenSSL is required to build the cert_create, encrypt_fw, and fiptool tools.
|
||||
|
||||
If using OpenSSL 3, older Linux versions may require it to be built from
|
||||
source code, as it may not be available in the default package repositories.
|
||||
Please refer to the OpenSSL project documentation for more information.
|
||||
|
||||
.. warning::
|
||||
Versions 1.0.x and from v3.0.0 up to v3.0.6 are strongly advised against due
|
||||
to concerns regarding security vulnerabilities!
|
||||
|
||||
Device Tree Compiler (DTC)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Needed if you want to rebuild the provided Flattened Device Tree (FDT)
|
||||
source files (``.dts`` files). DTC is available for Linux through the package
|
||||
repositories of most distributions.
|
||||
|
||||
Arm Development Studio (`Arm-DS`_)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The standard software package used for debugging software on Arm development
|
||||
platforms and |FVP| models.
|
||||
|
||||
Node.js
|
||||
^^^^^^^
|
||||
|
||||
Highly recommended, and necessary in order to install and use the packaged
|
||||
Git hooks and helper tools. Without these tools you will need to rely on the
|
||||
CI for feedback on commit message conformance.
|
||||
|
||||
Poetry
|
||||
^^^^^^
|
||||
|
||||
Required for managing Python dependencies, this will allow you to reliably
|
||||
reproduce a Python environment to build documentation and run some of the
|
||||
integrated Python tools. Most importantly, it ensures your system environment
|
||||
will not be affected by dependencies in the Python scripts.
|
||||
|
||||
For installation instructions, see the `official Poetry documentation`_.
|
||||
|
||||
.. _prerequisites_software_and_libraries:
|
||||
|
||||
Package Installation (Linux)
|
||||
----------------------------
|
||||
|
||||
|TF-A| can be compiled on both Linux and Windows-based machines.
|
||||
However, we strongly recommend using a UNIX-compatible build environment.
|
||||
|
||||
Testing is performed using Ubuntu 22.04 LTS (64-bit), but other distributions
|
||||
should also work, provided the necessary tools and libraries are installed.
|
||||
|
||||
The following are steps to install the required packages:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install build-essential
|
||||
|
||||
The optional packages can be installed using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install device-tree-compiler
|
||||
|
||||
Additionally, to install a version of Node.js compatible with TF-A's repository
|
||||
scripts, you can use the `Node Version Manager`_. To install both NVM and an
|
||||
appropriate version of Node.js, run the following **from the root directory of
|
||||
the repository**:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash
|
||||
exec "$SHELL" -ic "nvm install; exec $SHELL"
|
||||
|
||||
.. _Node Version Manager: https://github.com/nvm-sh/nvm#install--update-script
|
||||
|
||||
Supporting Files
|
||||
----------------
|
||||
|
||||
TF-A has been tested with pre-built binaries and file systems from `Linaro
|
||||
Release 20.01`_. Alternatively, you can build the binaries from source using
|
||||
instructions in :ref:`Performing an Initial Build`.
|
||||
|
||||
.. _prerequisites_get_source:
|
||||
|
||||
Additional Steps for Contributors
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
If you are planning on contributing back to TF-A, there are some things you'll
|
||||
want to know.
|
||||
|
||||
TF-A is hosted by a `Gerrit Code Review`_ server. Gerrit requires that all
|
||||
commits include a ``Change-Id`` footer, and this footer is typically
|
||||
automatically generated by a Git hook installed by you, the developer.
|
||||
|
||||
If you have Node.js installed already, you can automatically install this hook,
|
||||
along with any additional hooks and Javascript-based tooling that we use, by
|
||||
running from within your newly-cloned repository:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
npm install --no-save
|
||||
|
||||
If you have opted **not** to install Node.js, you can install the Gerrit hook
|
||||
manually by running:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl -Lo $(git rev-parse --git-dir)/hooks/commit-msg https://review.trustedfirmware.org/tools/hooks/commit-msg
|
||||
chmod +x $(git rev-parse --git-dir)/hooks/commit-msg
|
||||
|
||||
You can read more about Git hooks in the *githooks* page of the Git
|
||||
documentation, available `here <https://git-scm.com/docs/githooks>`_.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Arm Developer website: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads
|
||||
.. _Gerrit Code Review: https://www.gerritcodereview.com/
|
||||
.. _Linaro Release Notes: https://community.arm.com/dev-platforms/w/docs/226/old-release-notes
|
||||
.. _Linaro instructions: https://community.arm.com/dev-platforms/w/docs/304/arm-reference-platforms-deliverables
|
||||
.. _Arm-DS: https://developer.arm.com/Tools%20and%20Software/Arm%20Development%20Studio
|
||||
.. _Linaro Release 20.01: http://releases.linaro.org/members/arm/platforms/20.01
|
||||
.. _TrustedFirmware.org: https://www.trustedfirmware.org/
|
||||
.. _official Poetry documentation: https://python-poetry.org/docs/#installation
|
||||
@@ -0,0 +1,534 @@
|
||||
PSCI Library Integration guide for Armv8-A AArch32 systems
|
||||
==========================================================
|
||||
|
||||
This document describes the PSCI library interface with a focus on how to
|
||||
integrate with a suitable Trusted OS for an Armv8-A AArch32 system. The PSCI
|
||||
Library implements the PSCI Standard as described in `PSCI`_ and is meant
|
||||
to be integrated with EL3 Runtime Software which invokes the PSCI Library
|
||||
interface appropriately. **EL3 Runtime Software** refers to software executing
|
||||
at the highest secure privileged mode, which is EL3 in AArch64 or Secure SVC/
|
||||
Monitor mode in AArch32, and provides runtime services to the non-secure world.
|
||||
The runtime service request is made via SMC (Secure Monitor Call) and the call
|
||||
must adhere to `SMCCC`_. In AArch32, EL3 Runtime Software may additionally
|
||||
include Trusted OS functionality. A minimal AArch32 Secure Payload, SP-MIN, is
|
||||
provided in Trusted Firmware-A (TF-A) to illustrate the usage and integration
|
||||
of the PSCI library. The description of PSCI library interface and its
|
||||
integration with EL3 Runtime Software in this document is targeted towards
|
||||
AArch32 systems.
|
||||
|
||||
Generic call sequence for PSCI Library interface (AArch32)
|
||||
----------------------------------------------------------
|
||||
|
||||
The generic call sequence of PSCI Library interfaces (see
|
||||
`PSCI Library Interface`_) during cold boot in AArch32
|
||||
system is described below:
|
||||
|
||||
#. After cold reset, the EL3 Runtime Software performs its cold boot
|
||||
initialization including the PSCI library pre-requisites mentioned in
|
||||
`PSCI Library Interface`_, and also the necessary platform
|
||||
setup.
|
||||
|
||||
#. Call ``psci_setup()`` in Monitor mode.
|
||||
|
||||
#. Optionally call ``psci_register_spd_pm_hook()`` to register callbacks to
|
||||
do bookkeeping for the EL3 Runtime Software during power management.
|
||||
|
||||
#. Call ``psci_prepare_next_non_secure_ctx()`` to initialize the non-secure CPU
|
||||
context.
|
||||
|
||||
#. Get the non-secure ``cpu_context_t`` for the current CPU by calling
|
||||
``cm_get_context()`` , then programming the registers in the non-secure
|
||||
context and exiting to non-secure world. If the EL3 Runtime Software needs
|
||||
additional configuration to be set for non-secure context, like routing
|
||||
FIQs to the secure world, the values of the registers can be modified prior
|
||||
to programming. See `PSCI CPU context management`_ for more
|
||||
details on CPU context management.
|
||||
|
||||
The generic call sequence of PSCI library interfaces during warm boot in
|
||||
AArch32 systems is described below:
|
||||
|
||||
#. After warm reset, the EL3 Runtime Software performs the necessary warm
|
||||
boot initialization including the PSCI library pre-requisites mentioned in
|
||||
`PSCI Library Interface`_ (Note that the Data cache
|
||||
**must not** be enabled).
|
||||
|
||||
#. Call ``psci_warmboot_entrypoint()`` in Monitor mode. This interface
|
||||
initializes/restores the non-secure CPU context as well.
|
||||
|
||||
#. Do step 5 of the cold boot call sequence described above.
|
||||
|
||||
The generic call sequence of PSCI library interfaces on receipt of a PSCI SMC
|
||||
on an AArch32 system is described below:
|
||||
|
||||
#. On receipt of an SMC, save the register context as per `SMCCC`_.
|
||||
|
||||
#. If the SMC function identifier corresponds to a SMC32 PSCI API, construct
|
||||
the appropriate arguments and call the ``psci_smc_handler()`` interface.
|
||||
The invocation may or may not return back to the caller depending on
|
||||
whether the PSCI API resulted in power down of the CPU.
|
||||
|
||||
#. If ``psci_smc_handler()`` returns, populate the return value in R0 (AArch32)/
|
||||
X0 (AArch64) and restore other registers as per `SMCCC`_.
|
||||
|
||||
PSCI CPU context management
|
||||
---------------------------
|
||||
|
||||
PSCI library is in charge of initializing/restoring the non-secure CPU system
|
||||
registers according to `PSCI`_ during cold/warm boot.
|
||||
This is referred to as ``PSCI CPU Context Management``. Registers that need to
|
||||
be preserved across CPU power down/power up cycles are maintained in
|
||||
``cpu_context_t`` data structure. The initialization of other non-secure CPU
|
||||
system registers which do not require coordination with the EL3 Runtime
|
||||
Software is done directly by the PSCI library (see ``cm_prepare_el3_exit()``).
|
||||
|
||||
The EL3 Runtime Software is responsible for managing register context
|
||||
during switch between Normal and Secure worlds. The register context to be
|
||||
saved and restored depends on the mechanism used to trigger the world switch.
|
||||
For example, if the world switch was triggered by an SMC call, then the
|
||||
registers need to be saved and restored according to `SMCCC`_. In AArch64,
|
||||
due to the tight integration with BL31, both BL31 and PSCI library
|
||||
use the same ``cpu_context_t`` data structure for PSCI CPU context management
|
||||
and register context management during world switch. This cannot be assumed
|
||||
for AArch32 EL3 Runtime Software since most AArch32 Trusted OSes already implement
|
||||
a mechanism for register context management during world switch. Hence, when
|
||||
the PSCI library is integrated with a AArch32 EL3 Runtime Software, the
|
||||
``cpu_context_t`` is stripped down for just PSCI CPU context management.
|
||||
|
||||
During cold/warm boot, after invoking appropriate PSCI library interfaces, it
|
||||
is expected that the EL3 Runtime Software will query the ``cpu_context_t`` and
|
||||
write appropriate values to the corresponding system registers. This mechanism
|
||||
resolves 2 additional problems for AArch32 EL3 Runtime Software:
|
||||
|
||||
#. Values for certain system registers like SCR and SCTLR cannot be
|
||||
unilaterally determined by PSCI library and need inputs from the EL3
|
||||
Runtime Software. Using ``cpu_context_t`` as an intermediary data store
|
||||
allows EL3 Runtime Software to modify the register values appropriately
|
||||
before programming them.
|
||||
|
||||
#. The PSCI library provides appropriate LR and SPSR values (entrypoint
|
||||
information) for exit into non-secure world. Using ``cpu_context_t`` as an
|
||||
intermediary data store allows the EL3 Runtime Software to store these
|
||||
values safely until it is ready for exit to non-secure world.
|
||||
|
||||
Currently the ``cpu_context_t`` data structure for AArch32 stores the following
|
||||
registers: R0 - R3, LR (R14), SCR, SPSR, SCTLR.
|
||||
|
||||
The EL3 Runtime Software must implement accessors to get/set pointers
|
||||
to CPU context ``cpu_context_t`` data and these are described in
|
||||
`CPU Context management API`_.
|
||||
|
||||
PSCI Library Interface
|
||||
----------------------
|
||||
|
||||
The PSCI library implements the `PSCI`_. The interfaces to this library are
|
||||
declared in ``psci_lib.h`` and are as listed below:
|
||||
|
||||
.. code:: c
|
||||
|
||||
u_register_t psci_smc_handler(uint32_t smc_fid, u_register_t x1,
|
||||
u_register_t x2, u_register_t x3,
|
||||
u_register_t x4, void *cookie,
|
||||
void *handle, u_register_t flags);
|
||||
int psci_setup(const psci_lib_args_t *lib_args);
|
||||
void psci_warmboot_entrypoint(void);
|
||||
void psci_register_spd_pm_hook(const spd_pm_ops_t *pm);
|
||||
void psci_prepare_next_non_secure_ctx(entry_point_info_t *next_image_info);
|
||||
|
||||
The CPU context data 'cpu_context_t' is programmed to the registers differently
|
||||
when PSCI is integrated with an AArch32 EL3 Runtime Software compared to
|
||||
when the PSCI is integrated with an AArch64 EL3 Runtime Software (BL31). For
|
||||
example, in the case of AArch64, there is no need to retrieve ``cpu_context_t``
|
||||
data and program the registers as it will done implicitly as part of
|
||||
``el3_exit``. The description below of the PSCI interfaces is targeted at
|
||||
integration with an AArch32 EL3 Runtime Software.
|
||||
|
||||
The PSCI library is responsible for initializing/restoring the non-secure world
|
||||
to an appropriate state after boot and may choose to directly program the
|
||||
non-secure system registers. The PSCI generic code takes care not to directly
|
||||
modify any of the system registers affecting the secure world and instead
|
||||
returns the values to be programmed to these registers via ``cpu_context_t``.
|
||||
The EL3 Runtime Software is responsible for programming those registers and
|
||||
can use the proposed values provided in the ``cpu_context_t``, modifying the
|
||||
values if required.
|
||||
|
||||
PSCI library needs the flexibility to access both secure and non-secure
|
||||
copies of banked registers. Hence it needs to be invoked in Monitor mode
|
||||
for AArch32 and in EL3 for AArch64. The NS bit in SCR (in AArch32) or SCR_EL3
|
||||
(in AArch64) must be set to 0. Additional requirements for the PSCI library
|
||||
interfaces are:
|
||||
|
||||
- Instruction cache must be enabled
|
||||
- Both IRQ and FIQ must be masked for the current CPU
|
||||
- The page tables must be setup and the MMU enabled
|
||||
- The C runtime environment must be setup and stack initialized
|
||||
- The Data cache must be enabled prior to invoking any of the PSCI library
|
||||
interfaces except for ``psci_warmboot_entrypoint()``. For
|
||||
``psci_warmboot_entrypoint()``, if the build option ``HW_ASSISTED_COHERENCY``
|
||||
is enabled however, data caches are expected to be enabled.
|
||||
|
||||
Further requirements for each interface can be found in the interface
|
||||
description.
|
||||
|
||||
Interface : psci_setup()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : const psci_lib_args_t *lib_args
|
||||
Return : void
|
||||
|
||||
This function is to be called by the primary CPU during cold boot before
|
||||
any other interface to the PSCI library. It takes ``lib_args``, a const pointer
|
||||
to ``psci_lib_args_t``, as the argument. The ``psci_lib_args_t`` is a versioned
|
||||
structure and is declared in ``psci_lib.h`` header as follows:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct psci_lib_args {
|
||||
/* The version information of PSCI Library Interface */
|
||||
param_header_t h;
|
||||
/* The warm boot entrypoint function */
|
||||
mailbox_entrypoint_t mailbox_ep;
|
||||
} psci_lib_args_t;
|
||||
|
||||
The first field ``h``, of ``param_header_t`` type, provides the version
|
||||
information. The second field ``mailbox_ep`` is the warm boot entrypoint address
|
||||
and is used to configure the platform mailbox. Helper macros are provided in
|
||||
``psci_lib.h`` to construct the ``lib_args`` argument statically or during
|
||||
runtime. Prior to calling the ``psci_setup()`` interface, the platform setup for
|
||||
cold boot must have completed. Major actions performed by this interface are:
|
||||
|
||||
- Initializes architecture.
|
||||
- Initializes PSCI power domain and state coordination data structures.
|
||||
- Calls ``plat_setup_psci_ops()`` with warm boot entrypoint ``mailbox_ep`` as
|
||||
argument.
|
||||
- Calls ``cm_set_context_by_index()`` (see
|
||||
`CPU Context management API`_) for all the CPUs in the
|
||||
platform
|
||||
|
||||
Interface : psci_prepare_next_non_secure_ctx()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : entry_point_info_t *next_image_info
|
||||
Return : void
|
||||
|
||||
After ``psci_setup()`` and prior to exit to the non-secure world, this function
|
||||
must be called by the EL3 Runtime Software to initialize the non-secure world
|
||||
context. The non-secure world entrypoint information ``next_image_info`` (first
|
||||
argument) will be used to determine the non-secure context. After this function
|
||||
returns, the EL3 Runtime Software must retrieve the ``cpu_context_t`` (using
|
||||
cm_get_context()) for the current CPU and program the registers prior to exit
|
||||
to the non-secure world.
|
||||
|
||||
Interface : psci_register_spd_pm_hook()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : const spd_pm_ops_t *
|
||||
Return : void
|
||||
|
||||
As explained in `Secure payload power management callback`_,
|
||||
the EL3 Runtime Software may want to perform some bookkeeping during power
|
||||
management operations. This function is used to register the ``spd_pm_ops_t``
|
||||
(first argument) callbacks with the PSCI library which will be called
|
||||
appropriately during power management. Calling this function is optional and
|
||||
need to be called by the primary CPU during the cold boot sequence after
|
||||
``psci_setup()`` has completed.
|
||||
|
||||
Interface : psci_smc_handler()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : uint32_t smc_fid, u_register_t x1,
|
||||
u_register_t x2, u_register_t x3,
|
||||
u_register_t x4, void *cookie,
|
||||
void *handle, u_register_t flags
|
||||
Return : u_register_t
|
||||
|
||||
This function is the top level handler for SMCs which fall within the
|
||||
PSCI service range specified in `SMCCC`_. The function ID ``smc_fid`` (first
|
||||
argument) determines the PSCI API to be called. The ``x1`` to ``x4`` (2nd to 5th
|
||||
arguments), are the values of the registers r1 - r4 (in AArch32) or x1 - x4
|
||||
(in AArch64) when the SMC is received. These are the arguments to PSCI API as
|
||||
described in `PSCI`_. The 'flags' (8th argument) is a bit field parameter
|
||||
and is detailed in 'smccc.h' header. It includes whether the call is from the
|
||||
secure or non-secure world. The ``cookie`` (6th argument) and the ``handle``
|
||||
(7th argument) are not used and are reserved for future use.
|
||||
|
||||
The return value from this interface is the return value from the underlying
|
||||
PSCI API corresponding to ``smc_fid``. This function may not return back to the
|
||||
caller if PSCI API causes power down of the CPU. In this case, when the CPU
|
||||
wakes up, it will start execution from the warm reset address.
|
||||
|
||||
Interface : psci_warmboot_entrypoint()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : void
|
||||
Return : void
|
||||
|
||||
This function performs the warm boot initialization/restoration as mandated by
|
||||
`PSCI`_. For AArch32, on wakeup from power down the CPU resets to secure SVC
|
||||
mode and the EL3 Runtime Software must perform the prerequisite initializations
|
||||
mentioned at top of this section. This function must be called with Data cache
|
||||
disabled (unless build option ``HW_ASSISTED_COHERENCY`` is enabled) but with MMU
|
||||
initialized and enabled. The major actions performed by this function are:
|
||||
|
||||
- Invalidates the stack and enables the data cache.
|
||||
- Initializes architecture and PSCI state coordination.
|
||||
- Restores/Initializes the peripheral drivers to the required state via
|
||||
appropriate ``plat_psci_ops_t`` hooks
|
||||
- Restores the EL3 Runtime Software context via appropriate ``spd_pm_ops_t``
|
||||
callbacks.
|
||||
- Restores/Initializes the non-secure context and populates the
|
||||
``cpu_context_t`` for the current CPU.
|
||||
|
||||
Upon the return of this function, the EL3 Runtime Software must retrieve the
|
||||
non-secure ``cpu_context_t`` using ``cm_get_context()`` and program the registers
|
||||
prior to exit to the non-secure world.
|
||||
|
||||
EL3 Runtime Software dependencies
|
||||
---------------------------------
|
||||
|
||||
The PSCI Library includes supporting frameworks like context management,
|
||||
cpu operations (cpu_ops) and per-cpu data framework. Other helper library
|
||||
functions like bakery locks and spin locks are also included in the library.
|
||||
The dependencies which must be fulfilled by the EL3 Runtime Software
|
||||
for integration with PSCI library are described below.
|
||||
|
||||
General dependencies
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The PSCI library being a Multiprocessor (MP) implementation, EL3 Runtime
|
||||
Software must provide an SMC handling framework capable of MP adhering to
|
||||
`SMCCC`_ specification.
|
||||
|
||||
The EL3 Runtime Software must also export cache maintenance primitives
|
||||
and some helper utilities for assert, print and memory operations as listed
|
||||
below. The TF-A source tree provides implementations for all
|
||||
these functions but the EL3 Runtime Software may use its own implementation.
|
||||
|
||||
**Functions : assert(), memcpy(), memset(), printf()**
|
||||
|
||||
These must be implemented as described in ISO C Standard.
|
||||
|
||||
**Function : flush_dcache_range()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uintptr_t addr, size_t size
|
||||
Return : void
|
||||
|
||||
This function cleans and invalidates (flushes) the data cache for memory
|
||||
at address ``addr`` (first argument) address and of size ``size`` (second argument).
|
||||
|
||||
**Function : inv_dcache_range()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uintptr_t addr, size_t size
|
||||
Return : void
|
||||
|
||||
This function invalidates (flushes) the data cache for memory at address
|
||||
``addr`` (first argument) address and of size ``size`` (second argument).
|
||||
|
||||
CPU Context management API
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The CPU context management data memory is statically allocated by PSCI library
|
||||
in BSS section. The PSCI library requires the EL3 Runtime Software to implement
|
||||
APIs to store and retrieve pointers to this CPU context data. SP-MIN
|
||||
demonstrates how these APIs can be implemented but the EL3 Runtime Software can
|
||||
choose a more optimal implementation (like dedicating the secure TPIDRPRW
|
||||
system register (in AArch32) for storing these pointers).
|
||||
|
||||
**Function : cm_set_context_by_index()**
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int cpu_idx, void *context, unsigned int security_state
|
||||
Return : void
|
||||
|
||||
This function is called during cold boot when the ``psci_setup()`` PSCI library
|
||||
interface is called.
|
||||
|
||||
This function must store the pointer to the CPU context data, ``context`` (2nd
|
||||
argument), for the specified ``security_state`` (3rd argument) and CPU identified
|
||||
by ``cpu_idx`` (first argument). The ``security_state`` will always be non-secure
|
||||
when called by PSCI library and this argument is retained for compatibility
|
||||
with BL31. The ``cpu_idx`` will correspond to the index returned by the
|
||||
``plat_core_pos_by_mpidr()`` for ``mpidr`` of the CPU.
|
||||
|
||||
The actual method of storing the ``context`` pointers is implementation specific.
|
||||
For example, SP-MIN stores the pointers in the array ``sp_min_cpu_ctx_ptr``
|
||||
declared in ``sp_min_main.c``.
|
||||
|
||||
**Function : cm_get_context()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uint32_t security_state
|
||||
Return : void *
|
||||
|
||||
This function must return the pointer to the ``cpu_context_t`` structure for
|
||||
the specified ``security_state`` (first argument) for the current CPU. The caller
|
||||
must ensure that ``cm_set_context_by_index`` is called first and the appropriate
|
||||
context pointers are stored prior to invoking this API. The ``security_state``
|
||||
will always be non-secure when called by PSCI library and this argument
|
||||
is retained for compatibility with BL31.
|
||||
|
||||
**Function : cm_get_context_by_index()**
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int cpu_idx, unsigned int security_state
|
||||
Return : void *
|
||||
|
||||
This function must return the pointer to the ``cpu_context_t`` structure for
|
||||
the specified ``security_state`` (second argument) for the CPU identified by
|
||||
``cpu_idx`` (first argument). The caller must ensure that
|
||||
``cm_set_context_by_index`` is called first and the appropriate context
|
||||
pointers are stored prior to invoking this API. The ``security_state`` will
|
||||
always be non-secure when called by PSCI library and this argument is
|
||||
retained for compatibility with BL31. The ``cpu_idx`` will correspond to the
|
||||
index returned by the ``plat_core_pos_by_mpidr()`` for ``mpidr`` of the CPU.
|
||||
|
||||
Platform API
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The platform layer abstracts the platform-specific details from the generic
|
||||
PSCI library. The following platform APIs/macros must be defined by the EL3
|
||||
Runtime Software for integration with the PSCI library.
|
||||
|
||||
The mandatory platform APIs are:
|
||||
|
||||
- plat_my_core_pos
|
||||
- plat_core_pos_by_mpidr
|
||||
- plat_get_syscnt_freq2
|
||||
- plat_get_power_domain_tree_desc
|
||||
- plat_setup_psci_ops
|
||||
- plat_reset_handler
|
||||
- plat_panic_handler
|
||||
- plat_get_my_stack
|
||||
|
||||
The mandatory platform macros are:
|
||||
|
||||
- PLATFORM_CORE_COUNT
|
||||
- PLAT_MAX_PWR_LVL
|
||||
- PLAT_NUM_PWR_DOMAINS
|
||||
- CACHE_WRITEBACK_GRANULE
|
||||
- PLAT_MAX_OFF_STATE
|
||||
- PLAT_MAX_RET_STATE
|
||||
- PLAT_MAX_PWR_LVL_STATES (optional)
|
||||
- PLAT_PCPU_DATA_SIZE (optional)
|
||||
|
||||
The details of these APIs/macros can be found in the :ref:`Porting Guide`.
|
||||
|
||||
All platform specific operations for power management are done via
|
||||
``plat_psci_ops_t`` callbacks registered by the platform when
|
||||
``plat_setup_psci_ops()`` API is called. The description of each of
|
||||
the callbacks in ``plat_psci_ops_t`` can be found in PSCI section of the
|
||||
:ref:`Porting Guide`. If any these callbacks are not registered, then the
|
||||
PSCI API associated with that callback will not be supported by PSCI
|
||||
library.
|
||||
|
||||
Secure payload power management callback
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
During PSCI power management operations, the EL3 Runtime Software may
|
||||
need to perform some bookkeeping, and PSCI library provides
|
||||
``spd_pm_ops_t`` callbacks for this purpose. These hooks must be
|
||||
populated and registered by using ``psci_register_spd_pm_hook()`` PSCI
|
||||
library interface.
|
||||
|
||||
Typical bookkeeping during PSCI power management calls include save/restore
|
||||
of the EL3 Runtime Software context. Also if the EL3 Runtime Software makes
|
||||
use of secure interrupts, then these interrupts must also be managed
|
||||
appropriately during CPU power down/power up. Any secure interrupt targeted
|
||||
to the current CPU must be disabled or re-targeted to other running CPU prior
|
||||
to power down of the current CPU. During power up, these interrupt can be
|
||||
enabled/re-targeted back to the current CPU.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct spd_pm_ops {
|
||||
void (*svc_on)(u_register_t target_cpu);
|
||||
int32_t (*svc_off)(u_register_t __unused);
|
||||
void (*svc_suspend)(u_register_t max_off_pwrlvl);
|
||||
void (*svc_on_finish)(u_register_t __unused);
|
||||
void (*svc_suspend_finish)(u_register_t max_off_pwrlvl);
|
||||
int32_t (*svc_migrate)(u_register_t from_cpu, u_register_t to_cpu);
|
||||
int32_t (*svc_migrate_info)(u_register_t *resident_cpu);
|
||||
void (*svc_system_off)(void);
|
||||
void (*svc_system_reset)(void);
|
||||
} spd_pm_ops_t;
|
||||
|
||||
A brief description of each callback is given below:
|
||||
|
||||
- svc_on, svc_off, svc_on_finish
|
||||
|
||||
The ``svc_on``, ``svc_off`` callbacks are called during PSCI_CPU_ON,
|
||||
PSCI_CPU_OFF APIs respectively. The ``svc_on_finish`` is called when the
|
||||
target CPU of PSCI_CPU_ON API powers up and executes the
|
||||
``psci_warmboot_entrypoint()`` PSCI library interface.
|
||||
|
||||
- svc_suspend, svc_suspend_finish
|
||||
|
||||
The ``svc_suspend`` callback is called during power down bu either
|
||||
PSCI_SUSPEND or PSCI_SYSTEM_SUSPEND APIs. The ``svc_suspend_finish`` is
|
||||
called when the CPU wakes up from suspend and executes the
|
||||
``psci_warmboot_entrypoint()`` PSCI library interface. The ``max_off_pwrlvl``
|
||||
(first parameter) denotes the highest power domain level being powered down
|
||||
to or woken up from suspend.
|
||||
|
||||
- svc_system_off, svc_system_reset
|
||||
|
||||
These callbacks are called during PSCI_SYSTEM_OFF and PSCI_SYSTEM_RESET
|
||||
PSCI APIs respectively.
|
||||
|
||||
- svc_migrate_info
|
||||
|
||||
This callback is called in response to PSCI_MIGRATE_INFO_TYPE or
|
||||
PSCI_MIGRATE_INFO_UP_CPU APIs. The return value of this callback must
|
||||
correspond to the return value of PSCI_MIGRATE_INFO_TYPE API as described
|
||||
in `PSCI`_. If the secure payload is a Uniprocessor (UP)
|
||||
implementation, then it must update the mpidr of the CPU it is resident in
|
||||
via ``resident_cpu`` (first argument). The updates to ``resident_cpu`` is
|
||||
ignored if the secure payload is a multiprocessor (MP) implementation.
|
||||
|
||||
- svc_migrate
|
||||
|
||||
This callback is only relevant if the secure payload in EL3 Runtime
|
||||
Software is a Uniprocessor (UP) implementation and supports migration from
|
||||
the current CPU ``from_cpu`` (first argument) to another CPU ``to_cpu``
|
||||
(second argument). This callback is called in response to PSCI_MIGRATE
|
||||
API. This callback is never called if the secure payload is a
|
||||
Multiprocessor (MP) implementation.
|
||||
|
||||
CPU operations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
The CPU operations (cpu_ops) framework implement power down sequence specific
|
||||
to the CPU and the details of which can be found at
|
||||
:ref:`firmware_design_cpu_ops_fwk`. The TF-A tree implements the ``cpu_ops``
|
||||
for various supported CPUs and the EL3 Runtime Software needs to include the
|
||||
required ``cpu_ops`` in its build. The start and end of the ``cpu_ops``
|
||||
descriptors must be exported by the EL3 Runtime Software via the
|
||||
``__CPU_OPS_START__`` and ``__CPU_OPS_END__`` linker symbols.
|
||||
|
||||
The ``cpu_ops`` descriptors also include reset sequences and may include errata
|
||||
workarounds for the CPU. The EL3 Runtime Software can choose to call this
|
||||
during cold/warm reset if it does not implement its own reset sequence/errata
|
||||
workarounds.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
|
||||
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
|
||||
@@ -0,0 +1,331 @@
|
||||
EL3 Runtime Service Writer's Guide
|
||||
=====================================================
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
This document describes how to add a runtime service to the EL3 Runtime
|
||||
Firmware component of Trusted Firmware-A (TF-A), BL31.
|
||||
|
||||
Software executing in the normal world and in the trusted world at exception
|
||||
levels lower than EL3 will request runtime services using the Secure Monitor
|
||||
Call (SMC) instruction. These requests will follow the convention described in
|
||||
the SMC Calling Convention PDD (`SMCCC`_). The `SMCCC`_ assigns function
|
||||
identifiers to each SMC request and describes how arguments are passed and
|
||||
results are returned.
|
||||
|
||||
SMC Functions are grouped together based on the implementor of the service, for
|
||||
example a subset of the Function IDs are designated as "OEM Calls" (see `SMCCC`_
|
||||
for full details). The EL3 runtime services framework in BL31 enables the
|
||||
independent implementation of services for each group, which are then compiled
|
||||
into the BL31 image. This simplifies the integration of common software from
|
||||
Arm to support `PSCI`_, Secure Monitor for a Trusted OS and SoC specific
|
||||
software. The common runtime services framework ensures that SMC Functions are
|
||||
dispatched to their respective service implementation - the
|
||||
:ref:`Firmware Design` document provides details of how this is achieved.
|
||||
|
||||
The interface and operation of the runtime services depends heavily on the
|
||||
concepts and definitions described in the `SMCCC`_, in particular SMC Function
|
||||
IDs, Owning Entity Numbers (OEN), Fast and Standard calls, and the SMC32 and
|
||||
SMC64 calling conventions. Please refer to that document for a full explanation
|
||||
of these terms.
|
||||
|
||||
Owning Entities, Call Types and Function IDs
|
||||
--------------------------------------------
|
||||
|
||||
The SMC Function Identifier includes a OEN field. These values and their
|
||||
meaning are described in `SMCCC`_ and summarized in table 1 below. Some entities
|
||||
are allocated a range of of OENs. The OEN must be interpreted in conjunction
|
||||
with the SMC call type, which is either *Fast* or *Yielding*. Fast calls are
|
||||
uninterruptible whereas Yielding calls can be pre-empted. The majority of
|
||||
Owning Entities only have allocated ranges for Fast calls: Yielding calls are
|
||||
reserved exclusively for Trusted OS providers or for interoperability with
|
||||
legacy 32-bit software that predates the `SMCCC`_.
|
||||
|
||||
::
|
||||
|
||||
Type OEN Service
|
||||
Fast 0 Arm Architecture calls
|
||||
Fast 1 CPU Service calls
|
||||
Fast 2 SiP Service calls
|
||||
Fast 3 OEM Service calls
|
||||
Fast 4 Standard Secure Service calls
|
||||
Fast 5 Standard Hypervisor Service Calls
|
||||
Fast 6 Vendor Specific Hypervisor Service Calls
|
||||
Fast 7 Vendor Specific EL3 Monitor Calls
|
||||
Fast 8-47 Reserved for future use
|
||||
Fast 48-49 Trusted Application calls
|
||||
Fast 50-63 Trusted OS calls
|
||||
|
||||
Yielding 0- 1 Reserved for existing Armv7-A calls
|
||||
Yielding 2-63 Trusted OS Standard Calls
|
||||
|
||||
*Table 1: Service types and their corresponding Owning Entity Numbers*
|
||||
|
||||
Each individual entity can allocate the valid identifiers within the entity
|
||||
range as they need - it is not necessary to coordinate with other entities of
|
||||
the same type. For example, two SoC providers can use the same Function ID
|
||||
within the SiP Service calls OEN range to mean different things - as these
|
||||
calls should be specific to the SoC. The Standard Runtime Calls OEN is used for
|
||||
services defined by Arm standards, such as `PSCI`_.
|
||||
|
||||
The SMC Function ID also indicates whether the call has followed the SMC32
|
||||
calling convention, where all parameters are 32-bit, or the SMC64 calling
|
||||
convention, where the parameters are 64-bit. The framework identifies and
|
||||
rejects invalid calls that use the SMC64 calling convention but that originate
|
||||
from an AArch32 caller.
|
||||
|
||||
The EL3 runtime services framework uses the call type and OEN to identify a
|
||||
specific handler for each SMC call, but it is expected that an individual
|
||||
handler will be responsible for all SMC Functions within a given service type.
|
||||
|
||||
Getting started
|
||||
---------------
|
||||
|
||||
TF-A has a ``services`` directory in the source tree under which
|
||||
each owning entity can place the implementation of its runtime service. The
|
||||
`PSCI`_ implementation is located here in the ``lib/psci`` directory.
|
||||
|
||||
Runtime service sources will need to include the ``runtime_svc.h`` header file.
|
||||
|
||||
Registering a runtime service
|
||||
-----------------------------
|
||||
|
||||
A runtime service is registered using the ``DECLARE_RT_SVC()`` macro, specifying
|
||||
the name of the service, the range of OENs covered, the type of service and
|
||||
initialization and call handler functions.
|
||||
|
||||
.. code:: c
|
||||
|
||||
#define DECLARE_RT_SVC(_name, _start, _end, _type, _setup, _smch)
|
||||
|
||||
- ``_name`` is used to identify the data structure declared by this macro, and
|
||||
is also used for diagnostic purposes
|
||||
|
||||
- ``_start`` and ``_end`` values must be based on the ``OEN_*`` values defined in
|
||||
``smccc.h``
|
||||
|
||||
- ``_type`` must be one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
|
||||
|
||||
- ``_setup`` is the initialization function with the ``rt_svc_init`` signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int32_t (*rt_svc_init)(void);
|
||||
|
||||
- ``_smch`` is the SMC handler function with the ``rt_svc_handle`` signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
|
||||
u_register_t x1, u_register_t x2,
|
||||
u_register_t x3, u_register_t x4,
|
||||
void *cookie,
|
||||
void *handle,
|
||||
u_register_t flags);
|
||||
|
||||
Details of the requirements and behavior of the two callbacks is provided in
|
||||
the following sections.
|
||||
|
||||
During initialization the services framework validates each declared service
|
||||
to ensure that the following conditions are met:
|
||||
|
||||
#. The ``_start`` OEN is not greater than the ``_end`` OEN
|
||||
#. The ``_end`` OEN does not exceed the maximum OEN value (63)
|
||||
#. The ``_type`` is one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
|
||||
#. ``_setup`` and ``_smch`` routines have been specified
|
||||
|
||||
``std_svc_setup.c`` provides an example of registering a runtime service:
|
||||
|
||||
.. code:: c
|
||||
|
||||
/* Register Standard Service Calls as runtime service */
|
||||
DECLARE_RT_SVC(
|
||||
std_svc,
|
||||
OEN_STD_START,
|
||||
OEN_STD_END,
|
||||
SMC_TYPE_FAST,
|
||||
std_svc_setup,
|
||||
std_svc_smc_handler
|
||||
);
|
||||
|
||||
Initializing a runtime service
|
||||
------------------------------
|
||||
|
||||
Runtime services are initialized once, during cold boot, by the primary CPU
|
||||
after platform and architectural initialization is complete. The framework
|
||||
performs basic validation of the declared service before calling
|
||||
the service initialization function (``_setup`` in the declaration). This
|
||||
function must carry out any essential EL3 initialization prior to receiving a
|
||||
SMC Function call via the handler function.
|
||||
|
||||
On success, the initialization function must return ``0``. Any other return value
|
||||
will cause the framework to issue a diagnostic:
|
||||
|
||||
::
|
||||
|
||||
Error initializing runtime service <name of the service>
|
||||
|
||||
and then ignore the service - the system will continue to boot but SMC calls
|
||||
will not be passed to the service handler and instead return the *Unknown SMC
|
||||
Function ID* result ``0xFFFFFFFF``.
|
||||
|
||||
If the system must not be allowed to proceed without the service, the
|
||||
initialization function must itself cause the firmware boot to be halted.
|
||||
|
||||
If the service uses per-CPU data this must either be initialized for all CPUs
|
||||
during this call, or be done lazily when a CPU first issues an SMC call to that
|
||||
service.
|
||||
|
||||
Handling runtime service requests
|
||||
---------------------------------
|
||||
|
||||
SMC calls for a service are forwarded by the framework to the service's SMC
|
||||
handler function (``_smch`` in the service declaration). This function must have
|
||||
the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
|
||||
u_register_t x1, u_register_t x2,
|
||||
u_register_t x3, u_register_t x4,
|
||||
void *cookie,
|
||||
void *handle,
|
||||
u_register_t flags);
|
||||
|
||||
The handler is responsible for:
|
||||
|
||||
#. Determining that ``smc_fid`` is a valid and supported SMC Function ID,
|
||||
otherwise completing the request with the *Unknown SMC Function ID*:
|
||||
|
||||
.. code:: c
|
||||
|
||||
SMC_RET1(handle, SMC_UNK);
|
||||
|
||||
#. Determining if the requested function is valid for the calling security
|
||||
state. SMC Calls can be made from Non-secure, Secure or Realm worlds and
|
||||
the framework will forward all calls to the service handler.
|
||||
|
||||
The ``flags`` parameter to this function indicates the caller security state
|
||||
in bits 0 and 5. The ``is_caller_secure(flags)``, ``is_caller_non_secure(flags)``
|
||||
and ``is_caller_realm(flags)`` helper functions can be used to determine whether
|
||||
the caller's security state is Secure, Non-secure or Realm respectively.
|
||||
|
||||
If invalid, the request should be completed with:
|
||||
|
||||
.. code:: c
|
||||
|
||||
SMC_RET1(handle, SMC_UNK);
|
||||
|
||||
#. Truncating parameters for calls made using the SMC32 calling convention.
|
||||
Such calls can be determined by checking the CC field in bit[30] of the
|
||||
``smc_fid`` parameter, for example by using:
|
||||
|
||||
::
|
||||
|
||||
if (GET_SMC_CC(smc_fid) == SMC_32) ...
|
||||
|
||||
For such calls, the upper bits of the parameters x1-x4 and the saved
|
||||
parameters X5-X7 are UNDEFINED and must be explicitly ignored by the
|
||||
handler. This can be done by truncating the values to a suitable 32-bit
|
||||
integer type before use, for example by ensuring that functions defined
|
||||
to handle individual SMC Functions use appropriate 32-bit parameters.
|
||||
|
||||
#. Providing the service requested by the SMC Function, utilizing the
|
||||
immediate parameters x1-x4 and/or the additional saved parameters X5-X7.
|
||||
The latter can be retrieved using the ``SMC_GET_GP(handle, ref)`` function,
|
||||
supplying the appropriate ``CTX_GPREG_Xn`` reference, e.g.
|
||||
|
||||
.. code:: c
|
||||
|
||||
uint64_t x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
|
||||
#. Implementing the standard SMC32 Functions that provide information about
|
||||
the implementation of the service. These are the Call Count, Implementor
|
||||
UID and Revision Details for each service documented in section 6 of the
|
||||
`SMCCC`_.
|
||||
|
||||
TF-A expects owning entities to follow this recommendation.
|
||||
|
||||
#. Returning the result to the caller. Based on `SMCCC`_ spec, results are
|
||||
returned in W0-W7(X0-X7) registers for SMC32(SMC64) calls from AArch64
|
||||
state. Results are returned in R0-R7 registers for SMC32 calls from AArch32
|
||||
state. The framework provides a family of macros to set the multi-register
|
||||
return value and complete the handler:
|
||||
|
||||
.. code:: c
|
||||
|
||||
AArch64 state:
|
||||
|
||||
SMC_RET1(handle, x0);
|
||||
SMC_RET2(handle, x0, x1);
|
||||
SMC_RET3(handle, x0, x1, x2);
|
||||
SMC_RET4(handle, x0, x1, x2, x3);
|
||||
SMC_RET5(handle, x0, x1, x2, x3, x4);
|
||||
SMC_RET6(handle, x0, x1, x2, x3, x4, x5);
|
||||
SMC_RET7(handle, x0, x1, x2, x3, x4, x5, x6);
|
||||
SMC_RET8(handle, x0, x1, x2, x3, x4, x5, x6, x7);
|
||||
|
||||
AArch32 state:
|
||||
|
||||
SMC_RET1(handle, r0);
|
||||
SMC_RET2(handle, r0, r1);
|
||||
SMC_RET3(handle, r0, r1, r2);
|
||||
SMC_RET4(handle, r0, r1, r2, r3);
|
||||
SMC_RET5(handle, r0, r1, r2, r3, r4);
|
||||
SMC_RET6(handle, r0, r1, r2, r3, r4, r5);
|
||||
SMC_RET7(handle, r0, r1, r2, r3, r4, r5, r6);
|
||||
SMC_RET8(handle, r0, r1, r2, r3, r4, r5, r6, r7);
|
||||
|
||||
The ``cookie`` parameter to the handler is reserved for future use and can be
|
||||
ignored. The ``handle`` is returned by the SMC handler - completion of the
|
||||
handler function must always be via one of the ``SMC_RETn()`` macros.
|
||||
|
||||
.. note::
|
||||
The PSCI and Test Secure-EL1 Payload Dispatcher services do not follow
|
||||
all of the above requirements yet.
|
||||
|
||||
Services that contain multiple sub-services
|
||||
-------------------------------------------
|
||||
|
||||
It is possible that a single owning entity implements multiple sub-services. For
|
||||
example, the Standard calls service handles ``0x84000000``-``0x8400FFFF`` and
|
||||
``0xC4000000``-``0xC400FFFF`` functions. Within that range, the `PSCI`_ service
|
||||
handles the ``0x84000000``-``0x8400001F`` and ``0xC4000000``-``0xC400001F`` functions.
|
||||
In that respect, `PSCI`_ is a 'sub-service' of the Standard calls service. In
|
||||
future, there could be additional such sub-services in the Standard calls
|
||||
service which perform independent functions.
|
||||
|
||||
In this situation it may be valuable to introduce a second level framework to
|
||||
enable independent implementation of sub-services. Such a framework might look
|
||||
very similar to the current runtime services framework, but using a different
|
||||
part of the SMC Function ID to identify the sub-service. TF-A does not provide
|
||||
such a framework at present.
|
||||
|
||||
Secure-EL1 Payload Dispatcher service (SPD)
|
||||
-------------------------------------------
|
||||
|
||||
Services that handle SMC Functions targeting a Trusted OS, Trusted Application,
|
||||
or other Secure-EL1 Payload are special. These services need to manage the
|
||||
Secure-EL1 context, provide the *Secure Monitor* functionality of switching
|
||||
between the normal and secure worlds, deliver SMC Calls through to Secure-EL1
|
||||
and generally manage the Secure-EL1 Payload through CPU power-state transitions.
|
||||
|
||||
TODO: Provide details of the additional work required to implement a SPD and
|
||||
the BL31 support for these services. Or a reference to the document that will
|
||||
provide this information....
|
||||
|
||||
Additional References:
|
||||
----------------------
|
||||
|
||||
#. :ref:`ARM SiP Services <arm sip services>`
|
||||
#. :ref:`Vendor Specific EL3 Monitor Service Calls`
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
|
||||
.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
|
||||
.. _ARM SiP Services: arm-sip-service.rst
|
||||
.. _Vendor Specific EL3 Monitor Service Calls: ven-el3-service.rst
|
||||
179
arm-trusted-firmware.t234/docs/getting_started/tools-build.rst
Normal file
179
arm-trusted-firmware.t234/docs/getting_started/tools-build.rst
Normal file
@@ -0,0 +1,179 @@
|
||||
Building Supporting Tools
|
||||
=========================
|
||||
|
||||
.. note::
|
||||
|
||||
OpenSSL 3.0 is needed in order to build the tools. A custom installation
|
||||
can be used if not updating the OpenSSL version on the OS. In order to do
|
||||
this, use the ``OPENSSL_DIR`` variable after the ``make`` command to
|
||||
indicate the location of the custom OpenSSL build. Then, to run the tools,
|
||||
use the ``LD_LIBRARY_PATH`` to indicate the location of the built
|
||||
libraries. More info about ``OPENSSL_DIR`` can be found at
|
||||
:ref:`Build Options`.
|
||||
|
||||
Building and using the FIP tool
|
||||
-------------------------------
|
||||
|
||||
The following snippets build a :ref:`FIP<Image Terminology>` for the FVP
|
||||
platform. While it is not an intrinsic part of the FIP format, a BL33 image is
|
||||
required for these examples. For the purposes of experimentation, `Trusted
|
||||
Firmware-A Tests`_ (`tftf.bin``) may be used. Refer to to the `TFTF
|
||||
documentation`_ for instructions on building a TFTF binary.
|
||||
|
||||
The TF-A build system provides the make target ``fip`` to create a FIP file
|
||||
for the specified platform using the FIP creation tool included in the TF-A
|
||||
project. Examples below show how to build a FIP file for FVP, packaging TF-A
|
||||
and BL33 images.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp BL33=<path-to>/bl33.bin fip
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path-to>/bl33.bin fip
|
||||
|
||||
The resulting FIP may be found in:
|
||||
|
||||
::
|
||||
|
||||
build/fvp/<build-type>/fip.bin
|
||||
|
||||
For advanced operations on FIP files, it is also possible to independently build
|
||||
the tool and create or modify FIPs using this tool. To do this, follow these
|
||||
steps:
|
||||
|
||||
It is recommended to remove old artifacts before building the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make -C tools/fiptool clean
|
||||
|
||||
Build the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make [DEBUG=1] [V=1] fiptool
|
||||
|
||||
The tool binary can be located in:
|
||||
|
||||
::
|
||||
|
||||
./tools/fiptool/fiptool
|
||||
|
||||
Invoking the tool with ``help`` will print a help message with all available
|
||||
options.
|
||||
|
||||
Example 1: create a new Firmware package ``fip.bin`` that contains BL2 and BL31:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool create \
|
||||
--tb-fw build/<platform>/<build-type>/bl2.bin \
|
||||
--soc-fw build/<platform>/<build-type>/bl31.bin \
|
||||
fip.bin
|
||||
|
||||
Example 2: view the contents of an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool info <path-to>/fip.bin
|
||||
|
||||
Example 3: update the entries of an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# Change the BL2 from Debug to Release version
|
||||
./tools/fiptool/fiptool update \
|
||||
--tb-fw build/<platform>/release/bl2.bin \
|
||||
build/<platform>/debug/fip.bin
|
||||
|
||||
Example 4: unpack all entries from an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# Images will be unpacked to the working directory
|
||||
./tools/fiptool/fiptool unpack <path-to>/fip.bin
|
||||
|
||||
Example 5: remove an entry from an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool remove \
|
||||
--tb-fw build/<platform>/debug/fip.bin
|
||||
|
||||
Note that if the destination FIP file exists, the create, update and
|
||||
remove operations will automatically overwrite it.
|
||||
|
||||
The unpack operation will fail if the images already exist at the
|
||||
destination. In that case, use -f or --force to continue.
|
||||
|
||||
More information about FIP can be found in the :ref:`Firmware Design` document.
|
||||
|
||||
.. _tools_build_cert_create:
|
||||
|
||||
Building the Certificate Generation Tool
|
||||
----------------------------------------
|
||||
|
||||
The ``cert_create`` tool is built as part of the TF-A build process when the
|
||||
``fip`` make target is specified and TBB is enabled (as described in the
|
||||
previous section), but it can also be built separately with the following
|
||||
command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> [DEBUG=1] [V=1] certtool
|
||||
|
||||
For platforms that require their own IDs in certificate files, the generic
|
||||
'cert_create' tool can be built with the following command. Note that the target
|
||||
platform must define its IDs within a ``platform_oid.h`` header file for the
|
||||
build to succeed.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> USE_TBBR_DEFS=0 [DEBUG=1] [V=1] certtool
|
||||
|
||||
``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
|
||||
verbose. The following command should be used to obtain help about the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/cert_create/cert_create -h
|
||||
|
||||
.. _tools_build_enctool:
|
||||
|
||||
Building the Firmware Encryption Tool
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``encrypt_fw`` tool is built as part of the TF-A build process when the
|
||||
``fip`` make target is specified, DECRYPTION_SUPPORT and TBB are enabled, but
|
||||
it can also be built separately with the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> [DEBUG=1] [V=1] enctool
|
||||
|
||||
``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
|
||||
verbose. The following command should be used to obtain help about the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/encrypt_fw/encrypt_fw -h
|
||||
|
||||
Note that the enctool in its current implementation only supports encryption
|
||||
key to be provided in plain format. A typical implementation can very well
|
||||
extend this tool to support custom techniques to protect encryption key.
|
||||
|
||||
Also, a user may choose to provide encryption key or nonce as an input file
|
||||
via using ``cat <filename>`` instead of a hex string.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Trusted Firmware-A Tests: https://git.trustedfirmware.org/TF-A/tf-a-tests.git/
|
||||
.. _TFTF documentation: https://trustedfirmware-a-tests.readthedocs.io/en/latest/
|
||||
78
arm-trusted-firmware.t234/docs/global_substitutions.txt
Normal file
78
arm-trusted-firmware.t234/docs/global_substitutions.txt
Normal file
@@ -0,0 +1,78 @@
|
||||
.. |AArch32| replace:: :term:`AArch32`
|
||||
.. |AArch64| replace:: :term:`AArch64`
|
||||
.. |AMU| replace:: :term:`AMU`
|
||||
.. |AMUs| replace:: :term:`AMUs <AMU>`
|
||||
.. |API| replace:: :term:`API`
|
||||
.. |BTI| replace:: :term:`BTI`
|
||||
.. |CoT| replace:: :term:`CoT`
|
||||
.. |COT| replace:: :term:`COT`
|
||||
.. |CSS| replace:: :term:`CSS`
|
||||
.. |CVE| replace:: :term:`CVE`
|
||||
.. |DICE| replace:: :term:`DICE`
|
||||
.. |DPE| replace:: :term:`DPE`
|
||||
.. |DTB| replace:: :term:`DTB`
|
||||
.. |DS-5| replace:: :term:`DS-5`
|
||||
.. |DSU| replace:: :term:`DSU`
|
||||
.. |DT| replace:: :term:`DT`
|
||||
.. |EL| replace:: :term:`EL`
|
||||
.. |EHF| replace:: :term:`EHF`
|
||||
.. |FCONF| replace:: :term:`FCONF`
|
||||
.. |FDT| replace:: :term:`FDT`
|
||||
.. |FF-A| replace:: :term:`FF-A`
|
||||
.. |FIP| replace:: :term:`FIP`
|
||||
.. |FVP| replace:: :term:`FVP`
|
||||
.. |FWU| replace:: :term:`FWU`
|
||||
.. |GIC| replace:: :term:`GIC`
|
||||
.. |HES| replace:: :term:`HES`
|
||||
.. |ISA| replace:: :term:`ISA`
|
||||
.. |Linaro| replace:: :term:`Linaro`
|
||||
.. |MMU| replace:: :term:`MMU`
|
||||
.. |MPAM| replace:: :term:`MPAM`
|
||||
.. |MPMM| replace:: :term:`MPMM`
|
||||
.. |MPIDR| replace:: :term:`MPIDR`
|
||||
.. |MTE| replace:: :term:`MTE`
|
||||
.. |OEN| replace:: :term:`OEN`
|
||||
.. |OP-TEE| replace:: :term:`OP-TEE`
|
||||
.. |OTE| replace:: :term:`OTE`
|
||||
.. |PCR| replace:: :term:`PCR`
|
||||
.. |PDD| replace:: :term:`PDD`
|
||||
.. |PAUTH| replace:: :term:`PAUTH`
|
||||
.. |PMF| replace:: :term:`PMF`
|
||||
.. |PSCI| replace:: :term:`PSCI`
|
||||
.. |RAS| replace:: :term:`RAS`
|
||||
.. |ROT| replace:: :term:`ROT`
|
||||
.. |RSE| replace:: :term:`RSE`
|
||||
.. |SCMI| replace:: :term:`SCMI`
|
||||
.. |SCP| replace:: :term:`SCP`
|
||||
.. |SDEI| replace:: :term:`SDEI`
|
||||
.. |SDS| replace:: :term:`SDS`
|
||||
.. |SEA| replace:: :term:`SEA`
|
||||
.. |SiP| replace:: :term:`SiP`
|
||||
.. |SIP| replace:: :term:`SIP`
|
||||
.. |SMC| replace:: :term:`SMC`
|
||||
.. |SMCCC| replace:: :term:`SMCCC`
|
||||
.. |SoC| replace:: :term:`SoC`
|
||||
.. |SP| replace:: :term:`SP`
|
||||
.. |SPD| replace:: :term:`SPD`
|
||||
.. |SPM| replace:: :term:`SPM`
|
||||
.. |SRTM| replace:: :term:`SRTM`
|
||||
.. |SSBS| replace:: :term:`SSBS`
|
||||
.. |SVE| replace:: :term:`SVE`
|
||||
.. |TBB| replace:: :term:`TBB`
|
||||
.. |TBBR| replace:: :term:`TBBR`
|
||||
.. |TCB| replace:: :term:`TCB`
|
||||
.. |TCG| replace:: :term:`TCG`
|
||||
.. |TEE| replace:: :term:`TEE`
|
||||
.. |TF-A| replace:: :term:`TF-A`
|
||||
.. |TF-M| replace:: :term:`TF-M`
|
||||
.. |TLB| replace:: :term:`TLB`
|
||||
.. |TLK| replace:: :term:`TLK`
|
||||
.. |TPM| replace:: :term:`TPM`
|
||||
.. |TRNG| replace:: :term:`TRNG`
|
||||
.. |TSP| replace:: :term:`TSP`
|
||||
.. |TZC| replace:: :term:`TZC`
|
||||
.. |UBSAN| replace:: :term:`UBSAN`
|
||||
.. |UEFI| replace:: :term:`UEFI`
|
||||
.. |WDOG| replace:: :term:`WDOG`
|
||||
.. |XLAT| replace:: :term:`XLAT`
|
||||
.. |ERRATA_ABI| replace:: :term:`ERRATA_ABI`
|
||||
273
arm-trusted-firmware.t234/docs/glossary.rst
Normal file
273
arm-trusted-firmware.t234/docs/glossary.rst
Normal file
@@ -0,0 +1,273 @@
|
||||
Glossary
|
||||
========
|
||||
|
||||
This glossary provides definitions for terms and abbreviations used in the TF-A
|
||||
documentation.
|
||||
|
||||
You can find additional definitions in the `Arm Glossary`_.
|
||||
|
||||
.. glossary::
|
||||
:sorted:
|
||||
|
||||
AArch32
|
||||
32-bit execution state of the ARMv8 ISA
|
||||
|
||||
AArch64
|
||||
64-bit execution state of the ARMv8 ISA
|
||||
|
||||
AMU
|
||||
Activity Monitor Unit, a hardware monitoring unit introduced by FEAT_AMUv1
|
||||
that exposes CPU core runtime metrics as a set of counter registers.
|
||||
|
||||
API
|
||||
Application Programming Interface
|
||||
|
||||
AT
|
||||
Address Translation
|
||||
|
||||
BTI
|
||||
Branch Target Identification. An Armv8.5 extension providing additional
|
||||
control flow integrity around indirect branches and their targets.
|
||||
|
||||
CoT
|
||||
COT
|
||||
Chain of Trust
|
||||
|
||||
CSS
|
||||
Compute Sub-System
|
||||
|
||||
CVE
|
||||
Common Vulnerabilities and Exposures. A CVE document is commonly used to
|
||||
describe a publicly-known security vulnerability.
|
||||
|
||||
DICE
|
||||
Device Identifier Composition Engine
|
||||
|
||||
DCE
|
||||
DRTM Configuration Environment
|
||||
|
||||
D-CRTM
|
||||
Dynamic Code Root of Trust for Measurement
|
||||
|
||||
DLME
|
||||
Dynamically Launched Measured Environment
|
||||
|
||||
DRTM
|
||||
Dynamic Root of Trust for Measurement
|
||||
|
||||
DPE
|
||||
DICE Protection Environment
|
||||
|
||||
DS-5
|
||||
Arm Development Studio 5
|
||||
|
||||
DSU
|
||||
DynamIQ Shared Unit
|
||||
|
||||
DT
|
||||
Device Tree
|
||||
|
||||
DTB
|
||||
Device Tree Blob
|
||||
|
||||
EL
|
||||
Exception Level
|
||||
|
||||
EHF
|
||||
Exception Handling Framework
|
||||
|
||||
ERRATA_ABI
|
||||
Errata management firmware interface
|
||||
|
||||
FCONF
|
||||
Firmware Configuration Framework
|
||||
|
||||
FDT
|
||||
Flattened Device Tree
|
||||
|
||||
FF-A
|
||||
Firmware Framework for Arm A-profile
|
||||
|
||||
FIP
|
||||
Firmware Image Package
|
||||
|
||||
FVP
|
||||
Fixed Virtual Platform
|
||||
|
||||
FWU
|
||||
FirmWare Update
|
||||
|
||||
GIC
|
||||
Generic Interrupt Controller
|
||||
|
||||
HES
|
||||
Arm CCA Hardware Enforced Security
|
||||
|
||||
ISA
|
||||
Instruction Set Architecture
|
||||
|
||||
Linaro
|
||||
A collaborative engineering organization consolidating
|
||||
and optimizing open source software and tools for the Arm architecture.
|
||||
|
||||
LSP
|
||||
A logical secure partition managed by SPM
|
||||
|
||||
MMU
|
||||
Memory Management Unit
|
||||
|
||||
MPAM
|
||||
Memory Partitioning And Monitoring. An optional Armv8.4 extension.
|
||||
|
||||
MPMM
|
||||
Maximum Power Mitigation Mechanism, an optional power management mechanism
|
||||
supported by some Arm Armv9-A cores.
|
||||
|
||||
MPIDR
|
||||
Multiprocessor Affinity Register
|
||||
|
||||
MTE
|
||||
Memory Tagging Extension. An optional Armv8.5 extension that enables
|
||||
hardware-assisted memory tagging.
|
||||
|
||||
OEN
|
||||
Owning Entity Number
|
||||
|
||||
OP-TEE
|
||||
Open Portable Trusted Execution Environment. An example of a :term:`TEE`
|
||||
|
||||
OTE
|
||||
Open-source Trusted Execution Environment
|
||||
|
||||
PCR
|
||||
Platform Configuration Register
|
||||
|
||||
PDD
|
||||
Platform Design Document
|
||||
|
||||
PAUTH
|
||||
Pointer Authentication. An optional extension introduced in Armv8.3.
|
||||
|
||||
PMF
|
||||
Performance Measurement Framework
|
||||
|
||||
PSA
|
||||
Platform Security Architecture
|
||||
|
||||
PSR
|
||||
Platform Security Requirements
|
||||
|
||||
PSCI
|
||||
Power State Coordination Interface
|
||||
|
||||
RAS
|
||||
Reliability, Availability, and Serviceability extensions. A mandatory
|
||||
extension for the Armv8.2 architecture and later. An optional extension to
|
||||
the base Armv8 architecture.
|
||||
|
||||
ROT
|
||||
Root of Trust
|
||||
|
||||
RSE
|
||||
Runtime Security Engine
|
||||
|
||||
SCMI
|
||||
System Control and Management Interface
|
||||
|
||||
SCP
|
||||
System Control Processor
|
||||
|
||||
SDEI
|
||||
Software Delegated Exception Interface
|
||||
|
||||
SDS
|
||||
Shared Data Storage
|
||||
|
||||
SEA
|
||||
Synchronous External Abort
|
||||
|
||||
SiP
|
||||
SIP
|
||||
Silicon Provider
|
||||
|
||||
SMC
|
||||
Secure Monitor Call
|
||||
|
||||
SMCCC
|
||||
:term:`SMC` Calling Convention
|
||||
|
||||
SoC
|
||||
System on Chip
|
||||
|
||||
SP
|
||||
Secure Partition
|
||||
|
||||
SPD
|
||||
Secure Payload Dispatcher
|
||||
|
||||
SPM
|
||||
Secure Partition Manager
|
||||
|
||||
SRTM
|
||||
Static Root of Trust for Measurement
|
||||
|
||||
SSBS
|
||||
Speculative Store Bypass Safe. Introduced in Armv8.5, this configuration
|
||||
bit can be set by software to allow or prevent the hardware from
|
||||
performing speculative operations.
|
||||
|
||||
SVE
|
||||
Scalable Vector Extension
|
||||
|
||||
TBB
|
||||
Trusted Board Boot
|
||||
|
||||
TBBR
|
||||
Trusted Board Boot Requirements
|
||||
|
||||
TCB
|
||||
Trusted Compute Base
|
||||
|
||||
TCG
|
||||
Trusted Computing Group
|
||||
|
||||
TEE
|
||||
Trusted Execution Environment
|
||||
|
||||
TF-A
|
||||
Trusted Firmware-A
|
||||
|
||||
TF-M
|
||||
Trusted Firmware-M
|
||||
|
||||
TLB
|
||||
Translation Lookaside Buffer
|
||||
|
||||
TLK
|
||||
Trusted Little Kernel. A Trusted OS from NVIDIA.
|
||||
|
||||
TPM
|
||||
Trusted Platform Module
|
||||
|
||||
TRNG
|
||||
True Random Number Generator (hardware based)
|
||||
|
||||
TSP
|
||||
Test Secure Payload
|
||||
|
||||
TZC
|
||||
TrustZone Controller
|
||||
|
||||
UBSAN
|
||||
Undefined Behavior Sanitizer
|
||||
|
||||
UEFI
|
||||
Unified Extensible Firmware Interface
|
||||
|
||||
WDOG
|
||||
Watchdog
|
||||
|
||||
XLAT
|
||||
Translation (abbr.). For example, "XLAT table".
|
||||
|
||||
.. _`Arm Glossary`: https://developer.arm.com/support/arm-glossary
|
||||
98
arm-trusted-firmware.t234/docs/index.rst
Normal file
98
arm-trusted-firmware.t234/docs/index.rst
Normal file
@@ -0,0 +1,98 @@
|
||||
Trusted Firmware-A Documentation
|
||||
================================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:numbered:
|
||||
|
||||
Home<self>
|
||||
about/index
|
||||
getting_started/index
|
||||
process/index
|
||||
components/index
|
||||
design/index
|
||||
porting-guide
|
||||
plat/index
|
||||
perf/index
|
||||
security_advisories/index
|
||||
design_documents/index
|
||||
threat_model/index
|
||||
tools/index
|
||||
change-log
|
||||
glossary
|
||||
license
|
||||
|
||||
Trusted Firmware-A (TF-A) provides a reference implementation of secure world
|
||||
software for `Armv7-A and Armv8-A`_, including a `Secure Monitor`_ executing
|
||||
at Exception Level 3 (EL3). It implements various Arm interface standards,
|
||||
such as:
|
||||
|
||||
- The `Power State Coordination Interface (PSCI)`_
|
||||
- `Trusted Board Boot Requirements CLIENT (TBBR-CLIENT)`_
|
||||
- `SMC Calling Convention`_
|
||||
- `System Control and Management Interface (SCMI)`_
|
||||
- `Software Delegated Exception Interface (SDEI)`_
|
||||
- `PSA FW update specification`_
|
||||
|
||||
Where possible, the code is designed for reuse or porting to other Armv7-A and
|
||||
Armv8-A model and hardware platforms.
|
||||
|
||||
This release provides a suitable starting point for productization of secure
|
||||
world boot and runtime firmware, in either the AArch32 or AArch64 execution
|
||||
states.
|
||||
|
||||
Users are encouraged to do their own security validation, including penetration
|
||||
testing, on any secure world code derived from TF-A.
|
||||
|
||||
In collaboration with interested parties, we will continue to enhance |TF-A|
|
||||
with reference implementations of Arm standards to benefit developers working
|
||||
with Armv7-A and Armv8-A TrustZone technology.
|
||||
|
||||
Getting Started
|
||||
---------------
|
||||
|
||||
The |TF-A| documentation contains guidance for obtaining and building the
|
||||
software for existing, supported platforms, as well as supporting information
|
||||
for porting the software to a new platform.
|
||||
|
||||
The **About** chapter gives a high-level overview of |TF-A| features as well as
|
||||
some information on the project and how it is organized.
|
||||
|
||||
Refer to the documents in the **Getting Started** chapter for information about
|
||||
the prerequisites and requirements for building |TF-A|.
|
||||
|
||||
The **Processes & Policies** chapter explains the project's release schedule
|
||||
and process, how security disclosures are handled, and the guidelines for
|
||||
contributing to the project (including the coding style).
|
||||
|
||||
The **Components** chapter holds documents that explain specific components
|
||||
that make up the |TF-A| software, the :ref:`Exception Handling Framework`, for
|
||||
example.
|
||||
|
||||
In the **System Design** chapter you will find documents that explain the
|
||||
design of portions of the software that involve more than one component, such
|
||||
as the :ref:`Trusted Board Boot` process.
|
||||
|
||||
**Platform Ports** provides a list of the supported hardware and software-model
|
||||
platforms that are supported upstream in |TF-A|. Most of these platforms also
|
||||
have additional documentation that has been provided by the maintainers of the
|
||||
platform.
|
||||
|
||||
The results of any performance evaluations are added to the
|
||||
**Performance & Testing** chapter.
|
||||
|
||||
**Security Advisories** holds a list of documents relating to |CVE| entries that
|
||||
have previously been raised against the software.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
|
||||
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
|
||||
.. _Power State Coordination Interface (PSCI): https://developer.arm.com/documentation/den0022/latest/
|
||||
.. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT): https://developer.arm.com/docs/den0006/latest
|
||||
.. _System Control and Management Interface (SCMI): http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
|
||||
.. _Software Delegated Exception Interface (SDEI): http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/latest/
|
||||
119
arm-trusted-firmware.t234/docs/license.rst
Normal file
119
arm-trusted-firmware.t234/docs/license.rst
Normal file
@@ -0,0 +1,119 @@
|
||||
License
|
||||
=======
|
||||
|
||||
The software is provided under a BSD-3-Clause license (below). Contributions to
|
||||
this project are accepted under the same license with developer sign-off as
|
||||
described in the :ref:`Contributor's Guide`.
|
||||
|
||||
::
|
||||
|
||||
Copyright (c) [XXXX-]YYYY, <OWNER>. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
- Redistributions of source code must retain the above copyright notice, this
|
||||
list of conditions and the following disclaimer.
|
||||
|
||||
- Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation
|
||||
and/or other materials provided with the distribution.
|
||||
|
||||
- Neither the name of Arm nor the names of its contributors may be used to
|
||||
endorse or promote products derived from this software without specific
|
||||
prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
|
||||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
||||
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
SPDX Identifiers
|
||||
----------------
|
||||
|
||||
Individual files contain the following tag instead of the full license text.
|
||||
|
||||
::
|
||||
|
||||
SPDX-License-Identifier: BSD-3-Clause
|
||||
|
||||
This enables machine processing of license information based on the SPDX
|
||||
License Identifiers that are here available: http://spdx.org/licenses/
|
||||
|
||||
|
||||
Other Projects
|
||||
--------------
|
||||
|
||||
This project contains code from other projects as listed below. The original
|
||||
license text is included in those source files.
|
||||
|
||||
- The libc source code is derived from `FreeBSD`_ and `SCC`_. FreeBSD uses
|
||||
various BSD licenses, including BSD-3-Clause and BSD-2-Clause. The SCC code
|
||||
is used under the BSD-3-Clause license with the author's permission.
|
||||
|
||||
- The libfdt source code is disjunctively dual licensed
|
||||
(GPL-2.0+ OR BSD-2-Clause). It is used by this project under the terms of
|
||||
the BSD-2-Clause license. Any contributions to this code must be made under
|
||||
the terms of both licenses.
|
||||
|
||||
- The LLVM compiler-rt source code is disjunctively dual licensed
|
||||
(NCSA OR MIT). It is used by this project under the terms of the NCSA
|
||||
license (also known as the University of Illinois/NCSA Open Source License),
|
||||
which is a permissive license compatible with BSD-3-Clause. Any
|
||||
contributions to this code must be made under the terms of both licenses.
|
||||
|
||||
- The zlib source code is licensed under the Zlib license, which is a
|
||||
permissive license compatible with BSD-3-Clause.
|
||||
|
||||
- Some STMicroelectronics platform source code is disjunctively dual licensed
|
||||
(GPL-2.0+ OR BSD-3-Clause). It is used by this project under the terms of the
|
||||
BSD-3-Clause license. Any contributions to this code must be made under the
|
||||
terms of both licenses.
|
||||
|
||||
- Some source files originating from the Linux source tree, which are
|
||||
disjunctively dual licensed (GPL-2.0 OR MIT), are redistributed under the
|
||||
terms of the MIT license. These files are:
|
||||
|
||||
- ``include/dt-bindings/interrupt-controller/arm-gic.h``
|
||||
- ``include/dt-bindings/interrupt-controller/irq.h``
|
||||
|
||||
See the original `Linux MIT license`_.
|
||||
|
||||
- Some source files originating from the `Open Profile for DICE`_ project.
|
||||
These files are licensed under the Apache License, Version 2.0, which is a
|
||||
permissive license compatible with BSD-3-Clause. Any contributions to this
|
||||
code must also be made under the terms of `Apache License 2.0`_.
|
||||
These files are:
|
||||
|
||||
- ``include/lib/dice/dice.h``
|
||||
|
||||
- Some source files originating from the `pydevicetree`_ project.
|
||||
These files are licensed under the Apache License, Version 2.0, which is a
|
||||
permissive license compatible with BSD-3-Clause. Any contributions to this
|
||||
code must also be made under the terms of `Apache License 2.0`_.
|
||||
These files are:
|
||||
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/__init__.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/directive.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/helpers.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/node.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/property.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/ast/reference.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/source/__init__.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/source/grammar.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/source/parser.py``
|
||||
- ``tools/cot_dt2c/cot_dt2c/pydevicetree/__init__.py``
|
||||
|
||||
|
||||
.. _FreeBSD: http://www.freebsd.org
|
||||
.. _Linux MIT license: https://raw.githubusercontent.com/torvalds/linux/master/LICENSES/preferred/MIT
|
||||
.. _SCC: http://www.simple-cc.org/
|
||||
.. _Open Profile for DICE: https://pigweed.googlesource.com/open-dice/
|
||||
.. _Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
|
||||
.. _pydevicetree: https://pypi.org/project/pydevicetree/
|
||||
17
arm-trusted-firmware.t234/docs/perf/index.rst
Normal file
17
arm-trusted-firmware.t234/docs/perf/index.rst
Normal file
@@ -0,0 +1,17 @@
|
||||
Performance & Testing
|
||||
=====================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
psci-performance-instr
|
||||
psci-performance-juno
|
||||
psci-performance-n1sdp
|
||||
psci-performance-methodology
|
||||
tsp
|
||||
performance-monitoring-unit
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,158 @@
|
||||
Performance Monitoring Unit
|
||||
===========================
|
||||
|
||||
The Performance Monitoring Unit (PMU) allows recording of architectural and
|
||||
microarchitectural events for profiling purposes.
|
||||
|
||||
This document gives an overview of the PMU counter configuration to assist with
|
||||
implementation and to complement the PMU security guidelines given in the
|
||||
:ref:`Secure Development Guidelines` document.
|
||||
|
||||
.. note::
|
||||
This section applies to Armv8-A implementations which have version 3
|
||||
of the Performance Monitors Extension (PMUv3).
|
||||
|
||||
PMU Counters
|
||||
------------
|
||||
|
||||
The PMU makes 32 counters available at all privilege levels:
|
||||
|
||||
- 31 programmable event counters: ``PMEVCNTR<n>``, where ``n`` is ``0`` to
|
||||
``30``.
|
||||
- A dedicated cycle counter: ``PMCCNTR``.
|
||||
|
||||
Architectural mappings
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+--------------+---------+----------------------------+
|
||||
| Counters | State | System Register Name |
|
||||
+==============+=========+============================+
|
||||
| | AArch64 | ``PMEVCNTR<n>_EL0[63*:0]`` |
|
||||
| Programmable +---------+----------------------------+
|
||||
| | AArch32 | ``PMEVCNTR<n>[31:0]`` |
|
||||
+--------------+---------+----------------------------+
|
||||
| | AArch64 | ``PMCCNTR_EL0[63:0]`` |
|
||||
| Cycle +---------+----------------------------+
|
||||
| | AArch32 | ``PMCCNTR[63:0]`` |
|
||||
+--------------+---------+----------------------------+
|
||||
|
||||
.. note::
|
||||
Bits [63:32] are only available if ARMv8.5-PMU is implemented. Refer to the
|
||||
`Arm ARM`_ for a detailed description of ARMv8.5-PMU features.
|
||||
|
||||
Configuring the PMU for counting events
|
||||
---------------------------------------
|
||||
|
||||
Each programmable counter has an associated register, ``PMEVTYPER<n>`` which
|
||||
configures it. The cycle counter has the ``PMCCFILTR_EL0`` register, which has
|
||||
an identical function and bit field layout as ``PMEVTYPER<n>``. In addition,
|
||||
the counters are enabled (permitted to increment) via the ``PMCNTENSET`` and
|
||||
``PMCR`` registers. These can be accessed at all privilege levels.
|
||||
|
||||
Architectural mappings
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-----------------------------+------------------------+
|
||||
| AArch64 | AArch32 |
|
||||
+=============================+========================+
|
||||
| ``PMEVTYPER<n>_EL0[63*:0]`` | ``PMEVTYPER<n>[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCCFILTR_EL0[63*:0]`` | ``PMCCFILTR[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCNTENSET_EL0[63*:0]`` | ``PMCNTENSET[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCR_EL0[63*:0]`` | ``PMCR[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
|
||||
.. note::
|
||||
Bits [63:32] are reserved.
|
||||
|
||||
Relevant register fields
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
For ``PMEVTYPER<n>_EL0``/``PMEVTYPER<n>`` and ``PMCCFILTR_EL0/PMCCFILTR``, the
|
||||
most important fields are:
|
||||
|
||||
- ``P``:
|
||||
|
||||
- Bit 31.
|
||||
- If set to ``0``, will increment the associated ``PMEVCNTR<n>`` at EL1.
|
||||
|
||||
- ``NSK``:
|
||||
|
||||
- Bit 29.
|
||||
- If equal to the ``P`` bit it enables the associated ``PMEVCNTR<n>`` at
|
||||
Non-secure EL1.
|
||||
- Reserved if EL3 not implemented.
|
||||
|
||||
- ``NSH``:
|
||||
|
||||
- Bit 27.
|
||||
- If set to ``1``, will increment the associated ``PMEVCNTR<n>`` at EL2.
|
||||
- Reserved if EL2 not implemented.
|
||||
|
||||
- ``SH``:
|
||||
|
||||
- Bit 24.
|
||||
- If different to the ``NSH`` bit it enables the associated ``PMEVCNTR<n>``
|
||||
at Secure EL2.
|
||||
- Reserved if Secure EL2 not implemented.
|
||||
|
||||
- ``M``:
|
||||
|
||||
- Bit 26.
|
||||
- If equal to the ``P`` bit it enables the associated ``PMEVCNTR<n>`` at
|
||||
EL3.
|
||||
|
||||
- ``evtCount[15:10]``:
|
||||
|
||||
- Extension to ``evtCount[9:0]``. Reserved unless ARMv8.1-PMU implemented.
|
||||
|
||||
- ``evtCount[9:0]``:
|
||||
|
||||
- The event number that the associated ``PMEVCNTR<n>`` will count.
|
||||
|
||||
For ``PMCNTENSET_EL0``/``PMCNTENSET``, the most important fields are:
|
||||
|
||||
- ``P[30:0]``:
|
||||
|
||||
- Setting bit ``P[n]`` to ``1`` enables counter ``PMEVCNTR<n>``.
|
||||
- The effects of ``PMEVTYPER<n>`` are applied on top of this.
|
||||
In other words, the counter will not increment at any privilege level or
|
||||
security state unless it is enabled here.
|
||||
|
||||
- ``C``:
|
||||
|
||||
- Bit 31.
|
||||
- If set to ``1`` enables the cycle counter ``PMCCNTR``.
|
||||
|
||||
For ``PMCR``/``PMCR_EL0``, the most important fields are:
|
||||
|
||||
- ``DP``:
|
||||
|
||||
- Bit 5.
|
||||
- If set to ``1`` it disables the cycle counter ``PMCCNTR`` where event
|
||||
counting (by ``PMEVCNTR<n>``) is prohibited (e.g. EL2 and the Secure
|
||||
world).
|
||||
- If set to ``0``, ``PMCCNTR`` will not be affected by this bit and
|
||||
therefore will be able to count where the programmable counters are
|
||||
prohibited.
|
||||
|
||||
- ``E``:
|
||||
|
||||
- Bit 0.
|
||||
- Enables/disables counting altogether.
|
||||
- The effects of ``PMCNTENSET`` and ``PMCR.DP`` are applied on top of this.
|
||||
In other words, if this bit is ``0`` then no counters will increment
|
||||
regardless of how the other PMU system registers or bit fields are
|
||||
configured.
|
||||
|
||||
.. rubric:: References
|
||||
|
||||
- `Arm ARM`_
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Arm ARM: https://developer.arm.com/docs/ddi0487/latest
|
||||
116
arm-trusted-firmware.t234/docs/perf/psci-performance-instr.rst
Normal file
116
arm-trusted-firmware.t234/docs/perf/psci-performance-instr.rst
Normal file
@@ -0,0 +1,116 @@
|
||||
PSCI Performance Measurement
|
||||
============================
|
||||
|
||||
TF-A provides two instrumentation tools for performing analysis of the PSCI
|
||||
implementation:
|
||||
|
||||
* PSCI STAT
|
||||
* Runtime Instrumentation
|
||||
|
||||
This page explains how they may be enabled and used to perform all varieties of
|
||||
analysis.
|
||||
|
||||
Performance Measurement Framework
|
||||
---------------------------------
|
||||
|
||||
The Performance Measurement Framework :ref:`PMF <firmware_design_pmf>`
|
||||
is a framework that provides mechanisms for collecting and retrieving timestamps
|
||||
at runtime from the Performance Measurement Unit
|
||||
(:ref:`PMU <Performance Monitoring Unit>`).
|
||||
The PMU is a generalized abstraction for accessing CPU hardware registers used to
|
||||
measure hardware events. This means, for instance, that the PMU might be used to
|
||||
place instrumentation points at logical locations in code for tracing purposes.
|
||||
|
||||
TF-A utilises the PMF as a backend for the two instrumentation services it
|
||||
provides--PSCI Statistics and Runtime Instrumentation. The PMF is used by
|
||||
these services to facilitate collection and retrieval of timestamps. For
|
||||
instance, the PSCI Statistics service registers the PMF service
|
||||
``psci_svc`` to track its residency statistics.
|
||||
|
||||
This is reserved a unique ID, name, and space in memory by the PMF. The
|
||||
framework provides a convenient interface for PSCI Statistics to retrieve
|
||||
values from ``psci_svc`` at runtime. Alternatively, the service may be
|
||||
configured such that the PMF dumps those values to the console. A platform may
|
||||
choose to expose SMCs that allow retrieval of these timestamps from the
|
||||
service.
|
||||
|
||||
This feature is enabled with the Boolean flag ``ENABLE_PMF``.
|
||||
|
||||
PSCI Statistics
|
||||
---------------
|
||||
|
||||
PSCI Statistics is a runtime service that provides residency statistics for
|
||||
power states used by the platform. The service tracks residency time and
|
||||
entry count. Residency time is the total time spent in a particular power
|
||||
state by a PE. The entry count is the number of times the PE has entered
|
||||
the power state. PSCI Statistics implements the optional functions
|
||||
``PSCI_STAT_RESIDENCY`` and ``PSCI_STAT_COUNT`` from the `PSCI`_
|
||||
specification.
|
||||
|
||||
|
||||
.. c:macro:: PSCI_STAT_RESIDENCY
|
||||
|
||||
:param target_cpu: Contains copy of affinity fields in the MPIDR register
|
||||
for identifying the target core (See section 5.1.4 of `PSCI`_
|
||||
specifications for more details).
|
||||
:param power_state: identifier for a specific local
|
||||
state. Generally, this parameter takes the same form as the power_state
|
||||
parameter described for CPU_SUSPEND in section 5.4.2.
|
||||
|
||||
:returns: Time spent in ``power_state``, in microseconds, by ``target_cpu``
|
||||
and the highest level expressed in ``power_state``.
|
||||
|
||||
|
||||
.. c:macro:: PSCI_STAT_COUNT
|
||||
|
||||
:param target_cpu: follows the same format as ``PSCI_STAT_RESIDENCY``.
|
||||
:param power_state: follows the same format as ``PSCI_STAT_RESIDENCY``.
|
||||
|
||||
:returns: Number of times the state expressed in ``power_state`` has been
|
||||
used by ``target_cpu`` and the highest level expressed in
|
||||
``power_state``.
|
||||
|
||||
The implementation provides residency statistics only for low power states,
|
||||
and does this regardless of the entry mechanism into those states. The
|
||||
statistics it collects are set to 0 during shutdown or reset.
|
||||
|
||||
PSCI Statistics is enabled with the Boolean build flag
|
||||
``ENABLE_PSCI_STAT``. All Arm platforms utilise the PMF unless another
|
||||
collection backend is provided (``ENABLE_PMF`` is implicitly enabled).
|
||||
|
||||
Runtime Instrumentation
|
||||
-----------------------
|
||||
|
||||
The Runtime Instrumentation Service is an instrumentation tool that wraps
|
||||
around the PMF to provide timestamp data. Although the service is not
|
||||
restricted to PSCI, it is used primarily in TF-A to quantify the total time
|
||||
spent in the PSCI implementation. The tool can be used to instrument other
|
||||
components in TF-A as well. It is enabled with the Boolean flag
|
||||
``ENABLE_RUNTIME_INSTRUMENTATION``, and as with PSCI STAT, requires PMF to
|
||||
be enabled.
|
||||
|
||||
In PSCI, this service provides instrumentation points in the
|
||||
following code paths:
|
||||
|
||||
* Entry into the PSCI SMC handler
|
||||
* Exit from the PSCI SMC handler
|
||||
* Entry to low power state
|
||||
* Exit from low power state
|
||||
* Entry into cache maintenance operations in PSCI
|
||||
* Exit from cache maintenance operations in PSCI
|
||||
|
||||
The service captures the cycle count, which allows for the time spent in the
|
||||
implementation to be calculated, given the frequency counter.
|
||||
|
||||
PSCI SMC Handler Instrumentation
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The timestamp during entry into the handler is captured as early as possible
|
||||
during the runtime exception, prior to entry into the handler itself. All
|
||||
timestamps are stored in memory for later retrieval. The exit timestamp is
|
||||
captured after normal return from the PSCI SMC handler, or, if a low power state
|
||||
was requested, it is captured in the warm boot path.
|
||||
|
||||
*Copyright (c) 2023, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
|
||||
534
arm-trusted-firmware.t234/docs/perf/psci-performance-juno.rst
Normal file
534
arm-trusted-firmware.t234/docs/perf/psci-performance-juno.rst
Normal file
@@ -0,0 +1,534 @@
|
||||
PSCI Performance Measurements on Arm Juno Development Platform
|
||||
==============================================================
|
||||
|
||||
This document summarises the findings of performance measurements of key
|
||||
operations in the Trusted Firmware-A Power State Coordination Interface (PSCI)
|
||||
implementation, using the in-built Performance Measurement Framework (PMF) and
|
||||
runtime instrumentation timestamps.
|
||||
|
||||
Method
|
||||
------
|
||||
|
||||
We used the `Juno R1 platform`_ for these tests, which has 4 x Cortex-A53 and 2
|
||||
x Cortex-A57 clusters running at the following frequencies:
|
||||
|
||||
+-----------------+--------------------+
|
||||
| Domain | Frequency (MHz) |
|
||||
+=================+====================+
|
||||
| Cortex-A57 | 900 (nominal) |
|
||||
+-----------------+--------------------+
|
||||
| Cortex-A53 | 650 (underdrive) |
|
||||
+-----------------+--------------------+
|
||||
| AXI subsystem | 533 |
|
||||
+-----------------+--------------------+
|
||||
|
||||
Juno supports CPU, cluster and system power down states, corresponding to power
|
||||
levels 0, 1 and 2 respectively. It does not support any retention states.
|
||||
|
||||
Given that runtime instrumentation using PMF is invasive, there is a small
|
||||
(unquantified) overhead on the results. PMF uses the generic counter for
|
||||
timestamps, which runs at 50MHz on Juno.
|
||||
|
||||
The following source trees and binaries were used:
|
||||
|
||||
- `TF-A v2.12-rc0`_
|
||||
- `TFTF v2.12-rc0`_
|
||||
|
||||
Please see the Runtime Instrumentation :ref:`Testing Methodology
|
||||
<Runtime Instrumentation Methodology>`
|
||||
page for more details.
|
||||
|
||||
Procedure
|
||||
---------
|
||||
|
||||
#. Build TFTF with runtime instrumentation enabled:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=juno \
|
||||
TESTS=runtime-instrumentation all
|
||||
|
||||
#. Fetch Juno's SCP binary from TF-A's archive:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl --fail --connect-timeout 5 --retry 5 -sLS -o scp_bl2.bin \
|
||||
https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/juno/release/juno-bl2.bin
|
||||
|
||||
#. Build TF-A with the following build options:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=juno \
|
||||
BL33="/path/to/tftf.bin" SCP_BL2="scp_bl2.bin" \
|
||||
ENABLE_RUNTIME_INSTRUMENTATION=1 fiptool all fip
|
||||
|
||||
#. Load the following images onto the development board: ``fip.bin``,
|
||||
``scp_bl2.bin``.
|
||||
|
||||
Results
|
||||
-------
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
|
||||
parallel (v2.12)
|
||||
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 0 | 0 | 244.52 (-65.43%) | 26.92 (-32.60%) | 5.54 (-96.70%) |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 0 | 1 | 526.18 (+105.12%) | 416.1 | 138.52 (+2011.59%) |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 1 | 0 | 104.34 | 27.02 (-94.62%) | 5.32 |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 1 | 1 | 384.98 | 23.06 (-85.40%) | 4.48 |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 1 | 2 | 812.44 (+45.94%) | 126.78 | 4.54 |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
| 1 | 3 | 986.84 | 77.22 (+176.58%) | 79.76 |
|
||||
+---------+------+-------------------+------------------+--------------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
|
||||
parallel (v2.11)
|
||||
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 0 | 0 | 112.98 (-53.44%) | 26.16 (-89.33%) | 5.48 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 0 | 1 | 411.18 | 438.88 (+1572.56%) | 138.54 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 1 | 0 | 261.82 (+150.88%) | 474.06 (+1649.30%) | 5.6 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 1 | 1 | 714.76 (+86.84%) | 26.44 | 4.48 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 1 | 2 | 862.66 | 149.34 (-45.00%) | 4.38 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
| 1 | 3 | 1045.12 | 98.12 (-55.76%) | 79.74 |
|
||||
+---------+------+-------------------+--------------------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
|
||||
serial (v2.12)
|
||||
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 0 | 236.36 | 27.94 (-31.52%) | 138.0 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 1 | 236.58 | 27.86 (-31.72%) | 138.2 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 0 | 280.68 | 27.02 | 77.6 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 1 | 101.4 | 22.52 | 4.42 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 2 | 100.92 | 22.68 | 4.4 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 3 | 100.96 | 22.54 | 4.38 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
|
||||
serial (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 244.42 | 27.42 | 138.12 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 1 | 245.02 | 27.34 | 138.08 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 297.66 | 26.2 | 77.68 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 1 | 108.02 | 21.94 | 4.52 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 2 | 107.48 | 21.88 | 4.46 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 3 | 107.52 | 21.86 | 4.46 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
``CPU_SUSPEND`` to power level 0
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in
|
||||
parallel (v2.12)
|
||||
|
||||
+--------------------------------------------------------------------+
|
||||
| test_rt_instr_cpu_susp_parallel |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 0 | 0 | 663.12 | 19.66 (-39.21%) | 8.26 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 0 | 1 | 804.18 | 19.24 (-40.65%) | 8.1 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 1 | 0 | 105.58 (-58.80%) | 19.68 | 7.42 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 1 | 1 | 245.02 (-39.67%) | 19.8 | 6.82 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 1 | 2 | 383.82 (-30.83%) | 18.84 | 7.06 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
| 1 | 3 | 523.36 (+391.23%) | 19.0 | 7.3 |
|
||||
+---------+------+-------------------+-----------------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in
|
||||
parallel (v2.11)
|
||||
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 0 | 0 | 704.46 | 19.28 | 7.86 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 0 | 1 | 853.66 | 18.78 | 7.82 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 1 | 0 | 556.52 (+425.51%) | 19.06 | 7.82 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 1 | 1 | 113.28 (-70.47%) | 19.28 | 7.48 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 1 | 2 | 260.62 (-50.22%) | 19.8 | 7.26 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
| 1 | 3 | 408.16 (+66.94%) | 19.82 | 7.38 |
|
||||
+---------+------+-------------------+--------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial (v2.12)
|
||||
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 0 | 100.04 | 20.32 (-38.50%) | 5.62 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 1 | 99.78 | 20.6 (-36.10%) | 5.42 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 0 | 278.28 | 19.52 | 4.32 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 1 | 97.3 | 19.44 | 4.26 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 2 | 97.56 | 19.52 | 4.32 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 3 | 97.52 | 19.46 | 4.26 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 106.78 | 19.2 | 5.32 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 1 | 107.44 | 19.64 | 5.44 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 295.82 | 19.14 | 4.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 1 | 104.34 | 19.18 | 4.28 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 2 | 103.96 | 19.34 | 4.4 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 3 | 104.32 | 19.18 | 4.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs in sequence then, ``CPU_SUSPEND`` on the lead
|
||||
core to the deepest power level.
|
||||
|
||||
.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs (v2.12)
|
||||
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 0 | 236.3 | 30.88 (-29.30%) | 137.76 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 0 | 1 | 236.66 | 30.5 (-29.23%) | 138.02 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 0 | 175.9 | 27.0 | 77.86 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 1 | 100.96 | 27.56 | 4.26 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 2 | 101.04 | 26.48 | 4.38 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
| 1 | 3 | 101.08 | 26.74 | 4.4 |
|
||||
+---------+------+-----------+-----------------+-------------+
|
||||
|
||||
.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 243.62 | 29.84 | 137.66 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 1 | 243.88 | 29.54 | 137.8 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 183.26 | 26.22 | 77.76 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 1 | 107.64 | 26.74 | 4.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 2 | 107.52 | 25.9 | 4.32 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 3 | 107.74 | 25.8 | 4.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
``CPU_VERSION`` in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores (2.12)
|
||||
|
||||
+-------------+--------+--------------+
|
||||
| Cluster | Core | Latency |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 0 | 1.0 |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 1 | 1.02 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 0 | 0.52 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 1 | 0.94 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 2 | 0.94 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 3 | 0.92 |
|
||||
+-------------+--------+--------------+
|
||||
|
||||
.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores (2.11)
|
||||
|
||||
+-------------+--------+--------------+
|
||||
| Cluster | Core | Latency |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 0 | 1.26 |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 1 | 0.96 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 0 | 0.54 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 1 | 0.94 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 2 | 0.92 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 3 | 1.02 |
|
||||
+-------------+--------+--------------+
|
||||
|
||||
Annotated Historic Results
|
||||
--------------------------
|
||||
|
||||
The following results are based on the upstream `TF master as of 31/01/2017`_.
|
||||
TF-A was built using the same build instructions as detailed in the procedure
|
||||
above.
|
||||
|
||||
In the results below, CPUs 0-3 refer to CPUs in the little cluster (A53) and
|
||||
CPUs 4-5 refer to CPUs in the big cluster (A57). In all cases CPU 4 is the lead
|
||||
CPU.
|
||||
|
||||
``PSCI_ENTRY`` corresponds to the powerdown latency, ``PSCI_EXIT`` the wakeup latency, and
|
||||
``CFLUSH_OVERHEAD`` the latency of the cache flush operation.
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 27 | 20 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 114 | 86 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 202 | 58 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 375 | 29 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 20 | 22 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 290 | 18 | 206 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
A large variance in ``PSCI_ENTRY`` and ``PSCI_EXIT`` times across CPUs is
|
||||
observed due to TF PSCI lock contention. In the worst case, CPU 3 has to wait
|
||||
for the 3 other CPUs in the cluster (0-2) to complete ``PSCI_ENTRY`` and release
|
||||
the lock before proceeding.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for CPUs 3 and 5 are higher because they are the
|
||||
last CPUs in their respective clusters to power down, therefore both the L1 and
|
||||
L2 caches are flushed.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 5 is a lot larger than that for CPU 3
|
||||
because the L2 cache size for the big cluster is lot larger (2MB) compared to
|
||||
the little cluster (1MB).
|
||||
|
||||
``CPU_SUSPEND`` to power level 0 on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 116 | 14 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 204 | 14 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 287 | 13 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 376 | 13 | 9 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 29 | 15 | 7 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 21 | 15 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
There is no lock contention in TF generic code at power level 0 but the large
|
||||
variance in ``PSCI_ENTRY`` times across CPUs is due to lock contention in Juno
|
||||
platform code. The platform lock is used to mediate access to a single SCP
|
||||
communication channel. This is compounded by the SCP firmware waiting for each
|
||||
AP CPU to enter WFI before making the channel available to other CPUs, which
|
||||
effectively serializes the SCP power down commands from all CPUs.
|
||||
|
||||
On platforms with a more efficient CPU power down mechanism, it should be
|
||||
possible to make the ``PSCI_ENTRY`` times smaller and consistent.
|
||||
|
||||
The ``PSCI_EXIT`` times are consistent across all CPUs because TF does not
|
||||
require locks at power level 0.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for all CPUs are small and consistent since only
|
||||
the cache associated with power level 0 is flushed (L1).
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level on all CPUs in sequence
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 195 | 22 | 180 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 21 | 17 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for lead CPU 4 and all CPUs in the non-lead cluster
|
||||
are large because all other CPUs in the cluster are powered down during the
|
||||
test. The ``CPU_SUSPEND`` call powers down to the cluster level, requiring a
|
||||
flush of both L1 and L2 caches.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 4 is a lot larger than those for the little
|
||||
CPUs because the L2 cache size for the big cluster is lot larger (2MB) compared
|
||||
to the little cluster (1MB).
|
||||
|
||||
The ``PSCI_ENTRY`` and ``CFLUSH_OVERHEAD`` times for CPU 5 are low because lead
|
||||
CPU 4 continues to run while CPU 5 is suspended. Hence CPU 5 only powers down to
|
||||
level 0, which only requires L1 cache flush.
|
||||
|
||||
``CPU_SUSPEND`` to power level 0 on all CPUs in sequence
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 21 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 17 | 14 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 18 | 15 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
Here the times are small and consistent since there is no contention and it is
|
||||
only necessary to flush the cache to power level 0 (L1). This is the best case
|
||||
scenario.
|
||||
|
||||
The ``PSCI_ENTRY`` times for CPUs in the big cluster are slightly smaller than
|
||||
for the CPUs in little cluster due to greater CPU performance.
|
||||
|
||||
The ``PSCI_EXIT`` times are generally lower than in the last test because the
|
||||
cluster remains powered on throughout the test and there is less code to execute
|
||||
on power on (for example, no need to enter CCI coherency)
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs in sequence then ``CPU_SUSPEND`` on lead CPU to deepest power level
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The test sequence here is as follows:
|
||||
|
||||
1. Call ``CPU_ON`` and ``CPU_OFF`` on each non-lead CPU in sequence.
|
||||
|
||||
2. Program wake up timer and suspend the lead CPU to the deepest power level.
|
||||
|
||||
3. Call ``CPU_ON`` on non-lead CPU to get the timestamps from each CPU.
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 111 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 195 | 22 | 181 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 20 | 23 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for all little CPUs are large because all other
|
||||
CPUs in that cluster are powerered down during the test. The ``CPU_OFF`` call
|
||||
powers down to the cluster level, requiring a flush of both L1 and L2 caches.
|
||||
|
||||
The ``PSCI_ENTRY`` and ``CFLUSH_OVERHEAD`` times for CPU 5 are small because
|
||||
lead CPU 4 is running and CPU 5 only powers down to level 0, which only requires
|
||||
an L1 cache flush.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 4 is a lot larger than those for the little
|
||||
CPUs because the L2 cache size for the big cluster is lot larger (2MB) compared
|
||||
to the little cluster (1MB).
|
||||
|
||||
The ``PSCI_EXIT`` times for CPUs in the big cluster are slightly smaller than
|
||||
for CPUs in the little cluster due to greater CPU performance. These times
|
||||
generally are greater than the ``PSCI_EXIT`` times in the ``CPU_SUSPEND`` tests
|
||||
because there is more code to execute in the "on finisher" compared to the
|
||||
"suspend finisher" (for example, GIC redistributor register programming).
|
||||
|
||||
``PSCI_VERSION`` on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Since very little code is associated with ``PSCI_VERSION``, this test
|
||||
approximates the round trip latency for handling a fast SMC at EL3 in TF.
|
||||
|
||||
+-------+-------------------+
|
||||
| CPU | TOTAL TIME (ns) |
|
||||
+=======+===================+
|
||||
| 0 | 3020 |
|
||||
+-------+-------------------+
|
||||
| 1 | 2940 |
|
||||
+-------+-------------------+
|
||||
| 2 | 2980 |
|
||||
+-------+-------------------+
|
||||
| 3 | 3060 |
|
||||
+-------+-------------------+
|
||||
| 4 | 520 |
|
||||
+-------+-------------------+
|
||||
| 5 | 720 |
|
||||
+-------+-------------------+
|
||||
|
||||
The times for the big CPUs are less than the little CPUs due to greater CPU
|
||||
performance.
|
||||
|
||||
We suspect the time for lead CPU 4 is shorter than CPU 5 due to subtle cache
|
||||
effects, given that these measurements are at the nano-second level.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Juno R1 platform: https://developer.arm.com/documentation/100122/latest/
|
||||
.. _TF master as of 31/01/2017: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?id=c38b36d
|
||||
.. _TF-A v2.12-rc0: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?h=v2.12-rc0
|
||||
.. _TFTF v2.12-rc0: https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tree/?h=v2.12-rc0
|
||||
@@ -0,0 +1,55 @@
|
||||
Runtime Instrumentation Methodology
|
||||
===================================
|
||||
|
||||
This document outlines steps for undertaking performance measurements of key
|
||||
operations in the Trusted Firmware-A Power State Coordination Interface (PSCI)
|
||||
implementation, using the in-built Performance Measurement Framework (PMF) and
|
||||
runtime instrumentation timestamps.
|
||||
|
||||
Framework
|
||||
~~~~~~~~~
|
||||
|
||||
The tests are based on the ``runtime-instrumentation`` test suite provided by
|
||||
the Trusted Firmware Test Framework (TFTF). The release build of this framework
|
||||
was used because the results in the debug build became skewed; the console
|
||||
output prevented some of the tests from executing in parallel.
|
||||
|
||||
The tests consist of both parallel and sequential tests, which are broadly
|
||||
described as follows:
|
||||
|
||||
- **Parallel Tests** This type of test powers on all the non-lead CPUs and
|
||||
brings them and the lead CPU to a common synchronization point. The lead CPU
|
||||
then initiates the test on all CPUs in parallel.
|
||||
|
||||
- **Sequential Tests** This type of test powers on each non-lead CPU in
|
||||
sequence. The lead CPU initiates the test on a non-lead CPU then waits for the
|
||||
test to complete before proceeding to the next non-lead CPU. The lead CPU then
|
||||
executes the test on itself.
|
||||
|
||||
Note there is very little variance observed in the values given (~1us), although
|
||||
the values for each CPU are sometimes interchanged, depending on the order in
|
||||
which locks are acquired. Also, there is very little variance observed between
|
||||
executing the tests sequentially in a single boot or rebooting between tests.
|
||||
|
||||
Given that runtime instrumentation using PMF is invasive, there is a small
|
||||
(unquantified) overhead on the results. PMF uses the generic counter for
|
||||
timestamps, which runs at 50MHz on Juno.
|
||||
|
||||
Metrics
|
||||
~~~~~~~
|
||||
|
||||
.. glossary::
|
||||
|
||||
Powerdown Latency
|
||||
Time taken from entering the TF PSCI implementation to the point the hardware
|
||||
enters the low power state (WFI). Referring to the TF runtime instrumentation points, this
|
||||
corresponds to: ``(RT_INSTR_ENTER_HW_LOW_PWR - RT_INSTR_ENTER_PSCI)``.
|
||||
|
||||
Wakeup Latency
|
||||
Time taken from the point the hardware exits the low power state to exiting
|
||||
the TF PSCI implementation. This corresponds to: ``(RT_INSTR_EXIT_PSCI -
|
||||
RT_INSTR_EXIT_HW_LOW_PWR)``.
|
||||
|
||||
Cache Flush Latency
|
||||
Time taken to flush the caches during powerdown. This corresponds to:
|
||||
``(RT_INSTR_EXIT_CFLUSH - RT_INSTR_ENTER_CFLUSH)``.
|
||||
283
arm-trusted-firmware.t234/docs/perf/psci-performance-n1sdp.rst
Normal file
283
arm-trusted-firmware.t234/docs/perf/psci-performance-n1sdp.rst
Normal file
@@ -0,0 +1,283 @@
|
||||
Runtime Instrumentation Testing - N1SDP
|
||||
=======================================
|
||||
|
||||
For this test we used the N1 System Development Platform (`N1SDP`_), which
|
||||
contains an SoC consisting of two dual-core Arm N1 clusters.
|
||||
|
||||
The following source trees and binaries were used:
|
||||
|
||||
- `TF-A v2.12-rc0`_
|
||||
- `TFTF v2.12-rc0`_
|
||||
- SCP/MCP `Prebuilt Images`_
|
||||
|
||||
Please see the Runtime Instrumentation :ref:`Testing Methodology
|
||||
<Runtime Instrumentation Methodology>` page for more details.
|
||||
|
||||
Procedure
|
||||
---------
|
||||
|
||||
#. Build TFTF with runtime instrumentation enabled:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
|
||||
TESTS=runtime-instrumentation all
|
||||
|
||||
#. Build TF-A with the following build options:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
|
||||
ENABLE_RUNTIME_INSTRUMENTATION=1 fiptool all
|
||||
|
||||
#. Fetch the SCP firmware images:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl --fail --connect-timeout 5 --retry 5 \
|
||||
-sLS -o build/n1sdp/release/scp_rom.bin \
|
||||
https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-bl1.bin
|
||||
curl --fail --connect-timeout 5 \
|
||||
--retry 5 -sLS -o build/n1sdp/release/scp_ram.bin \
|
||||
https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-bl2.bin
|
||||
|
||||
#. Fetch the MCP firmware images:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl --fail --connect-timeout 5 --retry 5 \
|
||||
-sLS -o build/n1sdp/release/mcp_rom.bin \
|
||||
https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-mcp-bl1.bin
|
||||
curl --fail --connect-timeout 5 --retry 5 \
|
||||
-sLS -o build/n1sdp/release/mcp_ram.bin \
|
||||
https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-mcp-bl2.bin
|
||||
|
||||
#. Using the fiptool, create a new FIP package and append the SCP ram image onto
|
||||
it.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool create --blob \
|
||||
uuid=cfacc2c4-15e8-4668-82be-430a38fad705,file=build/n1sdp/release/bl1.bin \
|
||||
--scp-fw build/n1sdp/release/scp_ram.bin build/n1sdp/release/scp_fw.bin
|
||||
|
||||
#. Append the MCP image to the FIP.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool create \
|
||||
--blob uuid=54464222-a4cf-4bf8-b1b6-cee7dade539e,file=build/n1sdp/release/mcp_ram.bin \
|
||||
build/n1sdp/release/mcp_fw.bin
|
||||
|
||||
#. Then, add TFTF as the Non-Secure workload in the FIP image:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
|
||||
ENABLE_RUNTIME_INSTRUMENTATION=1 SCP_BL2=/dev/null \
|
||||
BL33=<path/to/tftf.bin> fip
|
||||
|
||||
#. Load the following images onto the development board: ``fip.bin``,
|
||||
``scp_rom.bin``, ``scp_ram.bin``, ``mcp_rom.bin``, and ``mcp_ram.bin``.
|
||||
|
||||
.. note::
|
||||
|
||||
These instructions presume you have a complete firmware stack. The N1SDP
|
||||
`user guide`_ provides a detailed explanation on how to get setup from
|
||||
scratch.
|
||||
|
||||
Results
|
||||
-------
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in parallel (v2.12)
|
||||
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 0 | 0 | 2.58 | 24.14 | 0.28 (-69.57%) |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 0 | 0 | 4.24 (-32.27%) | 40.1 | 0.3 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 1 | 0 | 3.58 | 35.54 | 0.28 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 1 | 0 | 3.28 | 42.36 | 0.3 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in parallel (v2.11)
|
||||
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 0 | 0 | 3.0 (+41.51%) | 23.14 | 1.2 (+185.71%) |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 0 | 0 | 4.6 | 35.86 | 0.3 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 1 | 0 | 3.68 (+33.33%) | 33.36 | 0.3 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
| 1 | 0 | 3.7 (+40.15%) | 38.1 | 0.28 |
|
||||
+---------+------+----------------+--------+----------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in serial (v2.12)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 1.9 | 23.8 | 0.36 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 2.26 | 23.86 | 0.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.02 | 23.4 | 0.36 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.24 | 23.84 | 0.36 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in serial (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 1.7 | 22.46 | 0.3 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 2.28 | 22.5 | 0.3 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.14 | 21.5 | 0.32 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.24 | 22.66 | 0.3 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
``CPU_SUSPEND`` to power level 0
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in parallel (v2.12)
|
||||
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 1.46 | 31.7 | 0.32 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 2.06 | 35.5 | 0.48 (+60.00%) |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 1.96 | 35.7 | 0.32 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 2.08 | 23.38 | 0.28 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in parallel (v2.11)
|
||||
|
||||
+---------+------+----------------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+----------------+--------+-------------+
|
||||
| 0 | 0 | 0.94 (-37.33%) | 30.36 | 0.3 |
|
||||
+---------+------+----------------+--------+-------------+
|
||||
| 0 | 0 | 2.12 | 33.12 | 0.28 |
|
||||
+---------+------+----------------+--------+-------------+
|
||||
| 1 | 0 | 2.08 | 32.56 | 0.3 |
|
||||
+---------+------+----------------+--------+-------------+
|
||||
| 1 | 0 | 2.14 | 21.92 | 0.28 |
|
||||
+---------+------+----------------+--------+-------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial (v2.12)
|
||||
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 1.66 | 23.22 | 0.36 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 2.58 | 23.72 | 0.78 (+85.71%) |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 2.02 | 23.84 | 0.38 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 2.16 | 23.92 | 0.34 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
|
||||
.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 1.64 | 21.88 | 0.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 0 | 0 | 2.42 | 21.76 | 0.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.02 | 21.14 | 0.32 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
| 1 | 0 | 2.18 | 22.3 | 0.34 |
|
||||
+---------+------+-----------+--------+-------------+
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs in sequence then, ``CPU_SUSPEND`` on the lead
|
||||
core to the deepest power level.
|
||||
|
||||
.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs (v2.12)
|
||||
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 1.84 | 23.82 | 0.36 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 14.18 | 31.78 | 0.56 (+86.67%) |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 13.64 | 30.54 | 0.36 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 14.18 | 31.82 | 0.68 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
|
||||
.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs (v2.11)
|
||||
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| Cluster | Core | Powerdown | Wakeup | Cache Flush |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 1.96 | 22.44 | 0.38 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 0 | 0 | 13.76 | 30.34 | 0.26 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 13.46 | 28.28 | 0.24 |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
| 1 | 0 | 13.84 | 30.06 | 0.28 (-60.00%) |
|
||||
+---------+------+-----------+--------+----------------+
|
||||
|
||||
``CPU_VERSION`` in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores (v2.12)
|
||||
|
||||
+----------+------+-------------------+
|
||||
| Cluster | Core | Latency |
|
||||
+----------+------+-------------------+
|
||||
| 0 | 0 | 0.14 |
|
||||
+----------+------+-------------------+
|
||||
| 0 | 0 | 0.2 (-28.57%) |
|
||||
+----------+------+-------------------+
|
||||
| 1 | 0 | 0.2 |
|
||||
+----------+------+-------------------+
|
||||
| 1 | 0 | 0.26 |
|
||||
+----------+------+-------------------+
|
||||
|
||||
.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores (v2.11)
|
||||
|
||||
+-------------+--------+--------------+
|
||||
| Cluster | Core | Latency |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 0 | 0.12 |
|
||||
+-------------+--------+--------------+
|
||||
| 0 | 0 | 0.24 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 0 | 0.2 |
|
||||
+-------------+--------+--------------+
|
||||
| 1 | 0 | 0.26 |
|
||||
+-------------+--------+--------------+
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2023-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _TF-A v2.12-rc0: https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.12-rc0
|
||||
.. _TFTF v2.12-rc0: https://review.trustedfirmware.org/plugins/gitiles/TF-A/tf-a-tests/+/refs/tags/v2.12-rc0
|
||||
.. _user guide: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs/-/blob/master/docs/n1sdp/user-guide.rst
|
||||
.. _Prebuilt Images: https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/
|
||||
.. _N1SDP: https://developer.arm.com/documentation/101489/latest
|
||||
27
arm-trusted-firmware.t234/docs/perf/tsp.rst
Normal file
27
arm-trusted-firmware.t234/docs/perf/tsp.rst
Normal file
@@ -0,0 +1,27 @@
|
||||
Test Secure Payload (TSP) and Dispatcher (TSPD)
|
||||
===============================================
|
||||
|
||||
Building the Test Secure Payload
|
||||
--------------------------------
|
||||
|
||||
The TSP is coupled with a companion runtime service in the BL31 firmware,
|
||||
called the TSPD. Therefore, if you intend to use the TSP, the BL31 image
|
||||
must be recompiled as well. For more information on SPs and SPDs, see the
|
||||
:ref:`firmware_design_sel1_spd` section in the :ref:`Firmware Design`.
|
||||
|
||||
First clean the TF-A build directory to get rid of any previous BL31 binary.
|
||||
Then to build the TSP image use:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> SPD=tspd all
|
||||
|
||||
An additional boot loader binary file is created in the ``build`` directory:
|
||||
|
||||
::
|
||||
|
||||
build/<platform>/<build-type>/bl32.bin
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
144
arm-trusted-firmware.t234/docs/plat/allwinner.rst
Normal file
144
arm-trusted-firmware.t234/docs/plat/allwinner.rst
Normal file
@@ -0,0 +1,144 @@
|
||||
Allwinner ARMv8 SoCs
|
||||
====================
|
||||
|
||||
Trusted Firmware-A (TF-A) implements the EL3 firmware layer for Allwinner
|
||||
SoCs with ARMv8 cores. Only BL31 is used to provide proper EL3 setup and
|
||||
PSCI runtime services.
|
||||
|
||||
Building TF-A
|
||||
-------------
|
||||
|
||||
There is one build target per supported SoC:
|
||||
|
||||
+------+-------------------+
|
||||
| SoC | TF-A build target |
|
||||
+======+===================+
|
||||
| A64 | sun50i_a64 |
|
||||
+------+-------------------+
|
||||
| H5 | sun50i_a64 |
|
||||
+------+-------------------+
|
||||
| H6 | sun50i_h6 |
|
||||
+------+-------------------+
|
||||
| H616 | sun50i_h616 |
|
||||
+------+-------------------+
|
||||
| H313 | sun50i_h616 |
|
||||
+------+-------------------+
|
||||
| T507 | sun50i_h616 |
|
||||
+------+-------------------+
|
||||
| R329 | sun50i_r329 |
|
||||
+------+-------------------+
|
||||
|
||||
To build with the default settings for a particular SoC:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- PLAT=<build target> DEBUG=1
|
||||
|
||||
So for instance to build for a board with the Allwinner A64 SoC::
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- PLAT=sun50i_a64 DEBUG=1
|
||||
|
||||
Platform-specific build options
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The default build options should generate a working firmware image. There are
|
||||
some build options that allow to fine-tune the firmware, or to disable support
|
||||
for optional features.
|
||||
|
||||
- ``SUNXI_PSCI_USE_NATIVE`` : Support direct control of the CPU cores powerdown
|
||||
and powerup sequence by BL31. This requires either support for a code snippet
|
||||
to be loaded into the ARISC SCP (A64, H5), or the power sequence control
|
||||
registers to be programmed directly (H6, H616). This supports only basic
|
||||
control, like core on/off and system off/reset.
|
||||
This option defaults to 1. If an active SCP supporting the SCPI protocol
|
||||
is detected at runtime, this control scheme will be ignored, and SCPI
|
||||
will be used instead, unless support has been explicitly disabled.
|
||||
|
||||
- ``SUNXI_PSCI_USE_SCPI`` : Support control of the CPU cores powerdown and
|
||||
powerup sequence by talking to the SCP processor via the SCPI protocol.
|
||||
This allows more advanced power saving techniques, like suspend to RAM.
|
||||
This option defaults to 1 on SoCs that feature an SCP. If no SCP firmware
|
||||
using the SCPI protocol is detected, the native sequence will be used
|
||||
instead. If both native and SCPI methods are included, SCPI will be favoured
|
||||
if SCP support is detected.
|
||||
|
||||
- ``SUNXI_SETUP_REGULATORS`` : On SoCs that typically ship with a PMIC
|
||||
power management controller, BL31 tries to set up all needed power rails,
|
||||
programming them to their respective voltages. That allows bootloader
|
||||
software like U-Boot to ignore power control via the PMIC.
|
||||
This setting defaults to 1. In some situations that enables too many
|
||||
regulators, or some regulators need to be enabled in a very specific
|
||||
sequence. To avoid problems with those boards, ``SUNXI_SETUP_REGULATORS``
|
||||
can bet set to ``0`` on the build command line, to skip the PMIC setup
|
||||
entirely. Any bootloader or OS would need to setup the PMIC on its own then.
|
||||
|
||||
Installation
|
||||
------------
|
||||
|
||||
U-Boot's SPL acts as a loader, loading both BL31 and BL33 (typically U-Boot).
|
||||
Loading is done from SD card, eMMC or SPI flash, also via an USB debug
|
||||
interface (FEL).
|
||||
|
||||
After building bl31.bin, the binary must be fed to the U-Boot build system
|
||||
to include it in the FIT image that the SPL loader will process.
|
||||
bl31.bin can be either copied (or sym-linked) into U-Boot's root directory,
|
||||
or the environment variable BL31 must contain the binary's path.
|
||||
See the respective `U-Boot documentation`_ for more details.
|
||||
|
||||
.. _U-Boot documentation: https://gitlab.denx.de/u-boot/u-boot/-/blob/master/board/sunxi/README.sunxi64
|
||||
|
||||
Memory layout
|
||||
-------------
|
||||
|
||||
A64, H5 and H6 SoCs
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
BL31 lives in SRAM A2, which is documented to be accessible from secure
|
||||
world only. Since this SRAM region is very limited (48 KB), we take
|
||||
several measures to reduce memory consumption. One of them is to confine
|
||||
BL31 to only 28 bits of virtual address space, which reduces the number
|
||||
of required page tables (each occupying 4KB of memory).
|
||||
The mapping we use on those SoCs is as follows:
|
||||
|
||||
::
|
||||
|
||||
0 64K 16M 1GB 1G+160M physical address
|
||||
+-+------+-+---+------+--...---+-------+----+------+----------
|
||||
|B| |S|///| |//...///| |////| |
|
||||
|R| SRAM |C|///| dev |//...///| (sec) |////| BL33 | DRAM ...
|
||||
|O| |P|///| MMIO |//...///| DRAM |////| |
|
||||
|M| | |///| |//...///| (32M) |////| |
|
||||
+-+------+-+---+------+--...---+-------+----+------+----------
|
||||
| | | | | | / / / /
|
||||
| | | | | | / / / /
|
||||
| | | | | | / / / /
|
||||
| | | | | | / // /
|
||||
| | | | | | / / /
|
||||
+-+------+-+---+------+--+-------+------+
|
||||
|B| |S|///| |//| | |
|
||||
|R| SRAM |C|///| dev |//| sec | BL33 |
|
||||
|O| |P|///| MMIO |//| DRAM | |
|
||||
|M| | |///| |//| | |
|
||||
+-+------+-+---+------+--+-------+------+
|
||||
0 64K 16M 160M 192M 256M virtual address
|
||||
|
||||
|
||||
H616 SoC
|
||||
~~~~~~~~
|
||||
|
||||
The H616 lacks the secure SRAM region present on the other SoCs, also
|
||||
lacks the "ARISC" management processor (SCP) we use. BL31 thus needs to
|
||||
run from DRAM, which prevents our compressed virtual memory map described
|
||||
above. Since running in DRAM also lifts the restriction of the limited
|
||||
SRAM size, we use the normal 1:1 mapping with 32 bits worth of virtual
|
||||
address space. So the virtual addresses used in BL31 match the physical
|
||||
addresses as presented above.
|
||||
|
||||
Trusted OS dispatcher
|
||||
---------------------
|
||||
|
||||
One can boot Trusted OS(OP-TEE OS, bl32 image) along side bl31 image on Allwinner A64.
|
||||
|
||||
In order to include the 'opteed' dispatcher in the image, pass 'SPD=opteed' on the command line
|
||||
while compiling the bl31 image and make sure the loader (SPL) loads the Trusted OS binary to
|
||||
the beginning of DRAM (0x40000000).
|
||||
87
arm-trusted-firmware.t234/docs/plat/amd-versal2.rst
Normal file
87
arm-trusted-firmware.t234/docs/plat/amd-versal2.rst
Normal file
@@ -0,0 +1,87 @@
|
||||
AMD Versal Gen 2
|
||||
================
|
||||
|
||||
Trusted Firmware-A implements the EL3 firmware layer for AMD Versal Gen 2.
|
||||
The platform only uses the runtime part of TF-A as AMD Versal Gen 2 already
|
||||
has a BootROM (BL1) and PMC FW (BL2).
|
||||
|
||||
BL31 is TF-A.
|
||||
BL32 is an optional Secure Payload.
|
||||
BL33 is the non-secure world software (U-Boot, Linux etc).
|
||||
|
||||
To build:
|
||||
```bash
|
||||
make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal2 bl31
|
||||
```
|
||||
|
||||
To build TF-A for JTAG DCC console:
|
||||
```bash
|
||||
make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal2 CONSOLE=dcc bl31
|
||||
```
|
||||
|
||||
To build TF-A with Errata management interface
|
||||
```bash
|
||||
make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal2 bl31 ERRATA_ABI_SUPPORT=1
|
||||
```
|
||||
|
||||
To build TF-A with IPI CRC check:
|
||||
```bash
|
||||
make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal2 bl31 IPI_CRC_CHECK=1
|
||||
```
|
||||
|
||||
AMD Versal Gen 2 platform specific build options
|
||||
-------------------------------------------------
|
||||
|
||||
* `MEM_BASE`: Specifies the base address of the bl31 binary.
|
||||
* `MEM_SIZE`: Specifies the size of the memory region of the bl31 binary.
|
||||
* `BL32_MEM_BASE`: Specifies the base address of the bl32 binary.
|
||||
* `BL32_MEM_SIZE`: Specifies the size of the memory region of the bl32 binary.
|
||||
|
||||
* `CONSOLE`: Select the console driver. Options:
|
||||
- `pl011`, `pl011_0`: ARM pl011 UART 0 (default)
|
||||
- `pl011_1` : ARM pl011 UART 1
|
||||
- `dcc` : JTAG Debug Communication Channel(DCC)
|
||||
|
||||
|
||||
Reference DEN0028E SMC calling convention
|
||||
------------------------------------------
|
||||
|
||||
Allocated subranges of Function Identifier to SIP services
|
||||
------------------------------------------------------------
|
||||
|
||||
+-----------------------+-------------------------------------------------------+
|
||||
| SMC Function | Identifier Service type |
|
||||
+-----------------------+-------------------------------------------------------+
|
||||
| 0xC2000000-0xC200FFFF | Fast SMC64 SiP Service Calls as per SMCCC Section 6.1 |
|
||||
+-----------------------+-------------------------------------------------------+
|
||||
|
||||
IPI SMC call ranges
|
||||
-------------------
|
||||
|
||||
+---------------------------+-----------------------------------------------------------+
|
||||
| SMC Function Identifier | Service type |
|
||||
+---------------------------+-----------------------------------------------------------+
|
||||
| 0xc2001000-0xc2001FFF | Fast SMC64 SiP Service call range used for AMD-Xilinx IPI |
|
||||
+---------------------------+-----------------------------------------------------------+
|
||||
|
||||
PM SMC call ranges
|
||||
------------------
|
||||
|
||||
+---------------------------+---------------------------------------------------------------------------+
|
||||
| SMC Function Identifier | Service type |
|
||||
+---------------------------+---------------------------------------------------------------------------+
|
||||
| 0xc2000000-0xc2000FFF | Fast SMC64 SiP Service call range used for AMD-Xilinx Platform Management |
|
||||
+---------------------------+---------------------------------------------------------------------------+
|
||||
|
||||
SMC function IDs for SiP Service queries
|
||||
----------------------------------------
|
||||
|
||||
+--------------+--------------+--------------+
|
||||
| Service | Call UID | Revision |
|
||||
+--------------+--------------+--------------+
|
||||
| SiP Service | 0x8200_FF01 | 0x8200_FF03 |
|
||||
+--------------+--------------+--------------+
|
||||
|
||||
Call UID Query – Returns a unique identifier of the service provider.
|
||||
|
||||
Revision Query – Returns revision details of the service implementor.
|
||||
168
arm-trusted-firmware.t234/docs/plat/arm/arm-build-options.rst
Normal file
168
arm-trusted-firmware.t234/docs/plat/arm/arm-build-options.rst
Normal file
@@ -0,0 +1,168 @@
|
||||
Arm Development Platform Build Options
|
||||
======================================
|
||||
|
||||
Arm Platform Build Options
|
||||
--------------------------
|
||||
|
||||
- ``ARM_BL31_IN_DRAM``: Boolean option to select loading of BL31 in TZC secured
|
||||
DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
|
||||
BL31 in TZC secured DRAM. If TSP is present, then setting this option also
|
||||
sets the TSP location to DRAM and ignores the ``ARM_TSP_RAM_LOCATION`` build
|
||||
flag.
|
||||
|
||||
- ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
|
||||
frame registers by setting the ``CNTCTLBase.CNTACR<N>`` register bits. The
|
||||
frame number ``<N>`` is defined by ``PLAT_ARM_NSTIMER_FRAME_ID``, which
|
||||
should match the frame used by the Non-Secure image (normally the Linux
|
||||
kernel). Default is true (access to the frame is allowed).
|
||||
|
||||
- ``ARM_FW_CONFIG_LOAD_ENABLE``: Boolean option to enable the loading of
|
||||
FW_CONFIG device trees from the Firmware Image Package (FIP). When enabled,
|
||||
BL2 calls the platform specific function `arm_bl2_el3_plat_config_load`.
|
||||
This function is responsible for loading, parsing, and validating the
|
||||
FW_CONFIG device trees from the FIP. The option depends on RESET_TO_BL2.
|
||||
|
||||
- ``ARM_DISABLE_TRUSTED_WDOG``: boolean option to disable the Trusted Watchdog.
|
||||
By default, Arm platforms use a watchdog to trigger a system reset in case
|
||||
an error is encountered during the boot process (for example, when an image
|
||||
could not be loaded or authenticated). The watchdog is enabled in the early
|
||||
platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
|
||||
Trusted Watchdog may be disabled at build time for testing or development
|
||||
purposes.
|
||||
|
||||
- ``ARM_LINUX_KERNEL_AS_BL33``: The Linux kernel expects registers x0-x3 to
|
||||
have specific values at boot. This boolean option allows the Trusted Firmware
|
||||
to have a Linux kernel image as BL33 by preparing the registers to these
|
||||
values before jumping to BL33. This option defaults to 0 (disabled). For
|
||||
AArch64 ``RESET_TO_BL31`` and for AArch32 ``RESET_TO_SP_MIN`` must be 1 when
|
||||
using it. If this option is set to 1, ``ARM_PRELOADED_DTB_BASE`` must be set
|
||||
to the location of a device tree blob (DTB) already loaded in memory. The
|
||||
Linux Image address must be specified using the ``PRELOADED_BL33_BASE``
|
||||
option.
|
||||
|
||||
- ``ARM_PLAT_MT``: This flag determines whether the Arm platform layer has to
|
||||
cater for the multi-threading ``MT`` bit when accessing MPIDR. When this flag
|
||||
is set, the functions which deal with MPIDR assume that the ``MT`` bit in
|
||||
MPIDR is set and access the bit-fields in MPIDR accordingly. Default value of
|
||||
this flag is 0. Note that this option is not used on FVP platforms.
|
||||
|
||||
- ``ARM_RECOM_STATE_ID_ENC``: The PSCI1.0 specification recommends an encoding
|
||||
for the construction of composite state-ID in the power-state parameter.
|
||||
The existing PSCI clients currently do not support this encoding of
|
||||
State-ID yet. Hence this flag is used to configure whether to use the
|
||||
recommended State-ID encoding or not. The default value of this flag is 0,
|
||||
in which case the platform is configured to expect NULL in the State-ID
|
||||
field of power-state parameter.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
|
||||
location of the ROTPK returned by the function ``plat_get_rotpk_info()``
|
||||
for Arm platforms. Depending on the selected option, the proper private key
|
||||
must be specified using the ``ROT_KEY`` option when building the Trusted
|
||||
Firmware. This private key will be used by the certificate generation tool
|
||||
to sign the BL2 and Trusted Key certificates. Available options for
|
||||
``ARM_ROTPK_LOCATION`` are:
|
||||
|
||||
- ``regs`` : return the ROTPK hash stored in the Trusted root-key storage
|
||||
registers.
|
||||
- ``devel_rsa`` : return a development public key hash embedded in the BL1
|
||||
and BL2 binaries. This hash has been obtained from the RSA public key
|
||||
``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
|
||||
this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY``
|
||||
when creating the certificates.
|
||||
- ``devel_ecdsa`` : return a development public key hash embedded in the BL1
|
||||
and BL2 binaries. This hash has been obtained from the ECDSA public key
|
||||
``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To
|
||||
use this option, ``arm_rotprivk_ecdsa.pem`` must be specified as
|
||||
``ROT_KEY`` when creating the certificates.
|
||||
- ``devel_full_dev_rsa_key`` : returns a development public key embedded in
|
||||
the BL1 and BL2 binaries. This key has been obtained from the RSA public
|
||||
key ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``.
|
||||
|
||||
- ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``, excluding
|
||||
``devel_full_dev_rsa_key``. Specifies the location of the ROTPK hash. Not
|
||||
expected to be a build option. This defaults to
|
||||
``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified
|
||||
algorithm. Providing ``ROT_KEY`` enforces generation of the hash from the
|
||||
``ROT_KEY`` and overwrites the default hash file.
|
||||
|
||||
- ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
|
||||
|
||||
- ``tsram`` : Trusted SRAM (default option when TBB is not enabled)
|
||||
- ``tdram`` : Trusted DRAM (if available)
|
||||
- ``dram`` : Secure region in DRAM (default option when TBB is enabled,
|
||||
configured by the TrustZone controller)
|
||||
|
||||
- ``ARM_XLAT_TABLES_LIB_V1``: boolean option to compile TF-A with version 1
|
||||
of the translation tables library instead of version 2. It is set to 0 by
|
||||
default, which selects version 2.
|
||||
|
||||
- ``ARM_GPT_SUPPORT``: Enable GPT parser to get the entry address and length of
|
||||
the various partitions present in the GPT image. This support is available
|
||||
only for the BL2 component, and it is disabled by default.
|
||||
The following diagram shows the view of the FIP partition inside the GPT
|
||||
image:
|
||||
|
||||
|FIP in a GPT image|
|
||||
|
||||
For a better understanding of these options, the Arm development platform memory
|
||||
map is explained in the :ref:`Firmware Design`.
|
||||
|
||||
.. _build_options_arm_css_platform:
|
||||
|
||||
Arm CSS Platform-Specific Build Options
|
||||
---------------------------------------
|
||||
|
||||
- ``CSS_DETECT_PRE_1_7_0_SCP``: Boolean flag to detect SCP version
|
||||
incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
|
||||
compatible change to the MTL protocol, used for AP/SCP communication.
|
||||
TF-A no longer supports earlier SCP versions. If this option is set to 1
|
||||
then TF-A will detect if an earlier version is in use. Default is 1.
|
||||
|
||||
- ``CSS_LOAD_SCP_IMAGES``: Boolean flag, which when set, adds SCP_BL2 and
|
||||
SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
|
||||
during boot. Default is 1.
|
||||
|
||||
- ``CSS_USE_SCMI_SDS_DRIVER``: Boolean flag which selects SCMI/SDS drivers
|
||||
instead of SCPI/BOM driver for communicating with the SCP during power
|
||||
management operations and for SCP RAM Firmware transfer. If this option
|
||||
is set to 1, then SCMI/SDS drivers will be used. Default is 0.
|
||||
|
||||
- ``CSS_SYSTEM_GRACEFUL_RESET``: Build option to enable graceful powerdown of
|
||||
CPU core on reset. This build option can be used on CSS platforms that
|
||||
require all the CPUs to execute the CPU specific power down sequence to
|
||||
complete a warm reboot sequence in which only the CPUs are power cycled.
|
||||
|
||||
Arm FVP Build Options
|
||||
---------------------
|
||||
|
||||
- ``FVP_TRUSTED_SRAM_SIZE``: Size (in kilobytes) of the Trusted SRAM region to
|
||||
utilize when building for the FVP platform. This option defaults to 256.
|
||||
|
||||
Arm Juno Build Options
|
||||
----------------------
|
||||
|
||||
- ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
|
||||
runtime software in AArch32 mode, which is required to run AArch32 on Juno.
|
||||
By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
|
||||
AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
|
||||
images.
|
||||
|
||||
Arm Neoverse RD Platform Build Options
|
||||
--------------------------------------
|
||||
|
||||
- ``NRD_CHIP_COUNT``: Configures the number of chips on a Neoverse RD platform
|
||||
which supports multi-chip operation. If ``NRD_CHIP_COUNT`` is set to any
|
||||
valid value greater than 1, the platform code performs required configuration
|
||||
to support multi-chip operation.
|
||||
|
||||
- ``NRD_PLATFORM_VARIANT``: Selects the variant of a Neoverse RD platform. A
|
||||
particular Neoverse RD platform may have multiple variants which may differ in
|
||||
core count, cluster count or other peripherals. This build option is used to
|
||||
select the appropriate platform variant for the build. The range of valid
|
||||
values is platform specific.
|
||||
|
||||
--------------
|
||||
|
||||
.. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
97
arm-trusted-firmware.t234/docs/plat/arm/arm_fpga/index.rst
Normal file
97
arm-trusted-firmware.t234/docs/plat/arm/arm_fpga/index.rst
Normal file
@@ -0,0 +1,97 @@
|
||||
Arm FPGA Platform
|
||||
=================
|
||||
|
||||
This platform supports FPGA images used internally in Arm Ltd., for
|
||||
testing and bringup of new cores. With that focus, peripheral support is
|
||||
minimal: there is no mass storage or display output, for instance. Also
|
||||
this port ignores any power management features of the platform.
|
||||
Some interconnect setup is done internally by the platform, so the TF-A code
|
||||
just needs to setup UART and GIC.
|
||||
|
||||
The FPGA platform requires to pass on a DTB for the non-secure payload
|
||||
(mostly Linux), so we let TF-A use information from the DTB for dynamic
|
||||
configuration: the UART and GIC base addresses are read from there.
|
||||
|
||||
As a result this port is a fairly generic BL31-only port, which can serve
|
||||
as a template for a minimal new (and possibly DT-based) platform port.
|
||||
|
||||
The aim of this port is to support as many FPGA images as possible with
|
||||
a single build. Image specific data must be described in the DTB or should
|
||||
be auto-detected at runtime.
|
||||
|
||||
As the number and topology layout of the CPU cores differs significantly
|
||||
across the various images, this is detected at runtime by BL31.
|
||||
The /cpus node in the DT will be added and filled accordingly, as long as
|
||||
it does not exist already.
|
||||
|
||||
Platform-specific build options
|
||||
-------------------------------
|
||||
|
||||
- ``SUPPORT_UNKNOWN_MPID`` : Boolean option to allow unknown MPIDR registers.
|
||||
Normally TF-A panics if it encounters a MPID value not matched to its
|
||||
internal list, but for new or experimental cores this creates a lot of
|
||||
churn. With this option, the code will fall back to some basic CPU support
|
||||
code (only architectural system registers, and no errata).
|
||||
Default value of this flag is 1.
|
||||
|
||||
- ``PRELOADED_BL33_BASE`` : Physical address of the BL33 non-secure payload.
|
||||
It must have been loaded into DRAM already, typically this is done by
|
||||
the script that also loads BL31 and the DTB.
|
||||
It defaults to 0x80080000, which is the traditional load address for an
|
||||
arm64 Linux kernel.
|
||||
|
||||
- ``FPGA_PRELOADED_DTB_BASE`` : Physical address of the flattened device
|
||||
tree blob (DTB). This DT will be used by TF-A for dynamic configuration,
|
||||
so it must describe at least the UART and a GICv3 interrupt controller.
|
||||
The DT gets amended by the code, to potentially add a command line and
|
||||
fill the CPU topology nodes. It will also be passed on to BL33, by
|
||||
putting its address into the x0 register before jumping to the entry
|
||||
point (following the Linux kernel boot protocol).
|
||||
It defaults to 0x80070000, which is 64KB before the BL33 load address.
|
||||
|
||||
- ``FPGA_PRELOADED_CMD_LINE`` : Physical address of the command line to
|
||||
put into the devicetree blob. Due to the lack of a proper bootloader,
|
||||
a command line can be put somewhere into memory, so that BL31 will
|
||||
detect it and copy it into the DTB passed on to BL33.
|
||||
To avoid random garbage, there needs to be a "CMD:" signature before the
|
||||
actual command line.
|
||||
Defaults to 0x1000, which is normally in the "ROM" space of the typical
|
||||
FPGA image (which can be written by the FPGA payload uploader, but is
|
||||
read-only to the CPU). The FPGA payload tool should be given a text file
|
||||
containing the desired command line, prefixed by the "CMD:" signature.
|
||||
|
||||
Building the TF-A image
|
||||
-----------------------
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=arm_fgpa DEBUG=1
|
||||
|
||||
This will use the default load addresses as described above. When those
|
||||
addresses need to differ for a certain setup, they can be passed on the
|
||||
make command line:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=arm_fgpa DEBUG=1 PRELOADED_BL33_BASE=0x80200000 FPGA_PRELOADED_DTB_BASE=0x80180000 bl31
|
||||
|
||||
Running the TF-A image
|
||||
----------------------
|
||||
|
||||
After building TF-A, the actual TF-A code will be located in ``bl31.bin`` in
|
||||
the build directory.
|
||||
Additionally there is a ``bl31.axf`` ELF file, which contains BL31, as well
|
||||
as some simple ROM trampoline code (required by the Arm FPGA boot flow) and
|
||||
a generic DTB to support most of the FPGA images. This can be simply handed
|
||||
over to the FPGA payload uploader, which will take care of loading the
|
||||
components at their respective load addresses. In addition to this file
|
||||
you need at least a BL33 payload (typically a Linux kernel image), optionally
|
||||
a Linux initrd image file and possibly a command line:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
fpga-run ... -m bl31.axf -l auto -m Image -l 0x80080000 -m initrd.gz -l 0x84000000 -m cmdline.txt -l 0x1000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,50 @@
|
||||
RD-1 AE (Kronos) Platform
|
||||
=========================
|
||||
|
||||
Some of the features of the RD-1 AE platform referenced in TF-A include:
|
||||
|
||||
- Neoverse-V3AE, Arm9.2-A application processor (64-bit mode)
|
||||
- A GICv4-compatible GIC-720AE
|
||||
|
||||
Further information on RD1-AE is available at `rd1ae`_
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
BL2 –> BL31 –> BL33
|
||||
|
||||
The boot process starts from RSE (Runtime Security Engine) that loads the BL2 image
|
||||
and signals the System Control Processor (SCP) to power up the Application Processor (AP).
|
||||
The AP then runs BL2, which loads the rest of the images, including the runtime firmware
|
||||
BL31, and proceeds to execute it. Finally, it passes control to the non-secure world
|
||||
BL33 (u-boot).
|
||||
|
||||
BL2 performs the actions described in the `Trusted Board Boot (TBB)`_ document.
|
||||
|
||||
Build Procedure (TF-A only)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain `Arm toolchain`_ and set the CROSS_COMPILE environment variable to
|
||||
point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make \
|
||||
PLAT=rd1ae \
|
||||
MBEDTLS_DIR=<mbedtls_dir> \
|
||||
ARCH=aarch64 \
|
||||
CREATE_KEYS=1 \
|
||||
GENERATE_COT=1 \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
COT=tbbr \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=<path to u-boot binary> \
|
||||
|
||||
*Copyright (c) 2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Arm Toolchain: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads
|
||||
.. _rd1ae: https://developer.arm.com/Tools%20and%20Software/Arm%20Reference%20Design-1%20AE
|
||||
.. _Trusted Board Boot (TBB): https://trustedfirmware-a.readthedocs.io/en/latest/design/trusted-board-boot.html
|
||||
@@ -0,0 +1,61 @@
|
||||
Corstone1000 Platform
|
||||
==========================
|
||||
|
||||
Some of the features of the Corstone1000 platform referenced in TF-A include:
|
||||
|
||||
- Cortex-A35 application processor (64-bit mode)
|
||||
- Secure Enclave
|
||||
- GIC-400
|
||||
- Trusted Board Boot
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
The board boot relies on CoT (chain of trust). The trusted-firmware-a
|
||||
BL2 is extracted from the FIP and verified by the Secure Enclave
|
||||
processor. BL2 verification relies on the signature area at the
|
||||
beginning of the BL2 image. This area is needed by the SecureEnclave
|
||||
bootloader.
|
||||
|
||||
Then, the application processor is released from reset and starts by
|
||||
executing BL2.
|
||||
|
||||
BL2 performs the actions described in the trusted-firmware-a TBB design
|
||||
document.
|
||||
|
||||
Build Procedure (TF-A only)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain AArch64 ELF bare-metal target `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make LD=aarch64-none-elf-ld \
|
||||
CC=aarch64-none-elf-gcc \
|
||||
V=1 \
|
||||
BUILD_BASE=<path to the build folder> \
|
||||
PLAT=corstone1000 \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
DEBUG=1 \
|
||||
MBEDTLS_DIR=mbedtls \
|
||||
OPENSSL_DIR=<path to openssl usr folder> \
|
||||
RUNTIME_SYSROOT=<path to the sysroot> \
|
||||
ARCH=aarch64 \
|
||||
TARGET_PLATFORM=<fpga or fvp> \
|
||||
ENABLE_PIE=1 \
|
||||
RESET_TO_BL2=1 \
|
||||
CREATE_KEYS=1 \
|
||||
GENERATE_COT=1 \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
COT=tbbr \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL32=<path to optee binary> \
|
||||
BL33=<path to u-boot binary> \
|
||||
bl2
|
||||
|
||||
*Copyright (c) 2021-2023, Arm Limited. All rights reserved.*
|
||||
84
arm-trusted-firmware.t234/docs/plat/arm/fvp-ve/index.rst
Normal file
84
arm-trusted-firmware.t234/docs/plat/arm/fvp-ve/index.rst
Normal file
@@ -0,0 +1,84 @@
|
||||
Arm Versatile Express
|
||||
=====================
|
||||
|
||||
Versatile Express (VE) family development platform provides an ultra fast
|
||||
environment for prototyping Armv7 System-on-Chip designs. VE Fixed Virtual
|
||||
Platforms (FVP) are simulations of Versatile Express boards. The platform in
|
||||
Trusted Firmware-A has been verified with Arm Cortex-A5 and Cortex-A7 VE FVP's.
|
||||
This platform is tested on and only expected to work with single core models.
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
BL1 --> BL2 --> BL32(sp_min) --> BL33(u-boot) --> Linux kernel
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
- `U-boot <https://git.linaro.org/landing-teams/working/arm/u-boot.git>`__
|
||||
|
||||
- `Trusted Firmware-A <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm toolchain. The software stack has been verified with linaro 6.2
|
||||
`arm-linux-gnueabihf <https://releases.linaro.org/components/toolchain/binaries/6.2-2016.11/arm-linux-gnueabihf/>`__.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Fetch and build u-boot.
|
||||
Make the .config file using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm vexpress_aemv8a_aarch32_config
|
||||
|
||||
Make the u-boot binary for Cortex-A5 using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm SUPPORT_ARCH_TIMER=no
|
||||
|
||||
Make the u-boot binary for Cortex-A7 using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm
|
||||
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
The make command for Cortex-A5 is:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_ve ARCH=aarch32 ARM_ARCH_MAJOR=7 ARM_CORTEX_A5=yes \
|
||||
AARCH32_SP=sp_min FVP_HW_CONFIG_DTS=fdts/fvp-ve-Cortex-A5x1.dts \
|
||||
ARM_XLAT_TABLES_LIB_V1=1 BL33=<path_to_u-boot.bin> all fip
|
||||
|
||||
The make command for Cortex-A7 is:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_ve ARCH=aarch32 ARM_ARCH_MAJOR=7 ARM_CORTEX_A7=yes \
|
||||
AARCH32_SP=sp_min FVP_HW_CONFIG_DTS=fdts/fvp-ve-Cortex-A7x1.dts \
|
||||
BL33=<path_to_u-boot.bin> all fip
|
||||
|
||||
Run Procedure
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
The following model parameters should be used to boot Linux using the build of
|
||||
Trusted Firmware-A made using the above make commands:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./<path_to_model> <path_to_bl1.elf> \
|
||||
-C motherboard.flashloader1.fname=<path_to_fip.bin> \
|
||||
--data cluster.cpu0=<path_to_zImage>@0x80080000 \
|
||||
--data cluster.cpu0=<path_to_ramdisk>@0x84000000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
154
arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-aemv8-base.rst
Normal file
154
arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-aemv8-base.rst
Normal file
@@ -0,0 +1,154 @@
|
||||
Running on the AEMv8 Base FVP
|
||||
=============================
|
||||
|
||||
AArch64 with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_RevC-2xAEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_RevC-2xAEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
.. note::
|
||||
The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires
|
||||
a specific DTS for all the CPUs to be loaded.
|
||||
|
||||
AArch32 with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.CONFIG64=0 \
|
||||
-C cluster0.cpu1.CONFIG64=0 \
|
||||
-C cluster0.cpu2.CONFIG64=0 \
|
||||
-C cluster0.cpu3.CONFIG64=0 \
|
||||
-C cluster1.cpu0.CONFIG64=0 \
|
||||
-C cluster1.cpu1.CONFIG64=0 \
|
||||
-C cluster1.cpu2.CONFIG64=0 \
|
||||
-C cluster1.cpu3.CONFIG64=0 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
AArch64 with reset to BL31 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_RevC-2xAEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_RevC-2xAEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0xff000000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
Notes:
|
||||
|
||||
- Position Independent Executable (PIE) support is enabled in this
|
||||
config allowing BL31 to be loaded at any valid address for execution.
|
||||
|
||||
- Since a FIP is not loaded when using BL31 as reset entrypoint, the
|
||||
``--data="<path-to><bl31|bl32|bl33-binary>"@<base-address-of-binary>``
|
||||
parameter is needed to load the individual bootloader images in memory.
|
||||
BL32 image is only needed if BL31 has been built to expect a Secure-EL1
|
||||
Payload. For the same reason, the FDT needs to be compiled from the DT source
|
||||
and loaded via the ``--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000``
|
||||
parameter.
|
||||
|
||||
- The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires a
|
||||
specific DTS for all the CPUs to be loaded.
|
||||
|
||||
- The ``-C cluster<X>.cpu<Y>.RVBAR=@<base-address-of-bl31>`` parameter, where
|
||||
X and Y are the cluster and CPU numbers respectively, is used to set the
|
||||
reset vector for each core.
|
||||
|
||||
- Changing the default value of ``ARM_TSP_RAM_LOCATION`` will also require
|
||||
changing the value of
|
||||
``--data="<path-to><bl32-binary>"@<base-address-of-bl32>`` to the new value of
|
||||
``BL32_BASE``.
|
||||
|
||||
AArch32 with reset to SP_MIN entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.CONFIG64=0 \
|
||||
-C cluster0.cpu1.CONFIG64=0 \
|
||||
-C cluster0.cpu2.CONFIG64=0 \
|
||||
-C cluster0.cpu3.CONFIG64=0 \
|
||||
-C cluster1.cpu0.CONFIG64=0 \
|
||||
-C cluster1.cpu1.CONFIG64=0 \
|
||||
-C cluster1.cpu2.CONFIG64=0 \
|
||||
-C cluster1.cpu3.CONFIG64=0 \
|
||||
-C cluster0.cpu0.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
.. note::
|
||||
Position Independent Executable (PIE) support is enabled in this
|
||||
config allowing SP_MIN to be loaded at any valid address for execution.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,51 @@
|
||||
.. _build_options_arm_fvp_platform:
|
||||
|
||||
Arm FVP Platform Specific Build Options
|
||||
---------------------------------------
|
||||
|
||||
- ``FVP_CLUSTER_COUNT`` : Configures the cluster count to be used to
|
||||
build the topology tree within TF-A. By default TF-A is configured for dual
|
||||
cluster topology and this option can be used to override the default value.
|
||||
|
||||
- ``FVP_INTERCONNECT_DRIVER``: Selects the interconnect driver to be built. The
|
||||
default interconnect driver depends on the value of ``FVP_CLUSTER_COUNT`` as
|
||||
explained in the options below:
|
||||
|
||||
- ``FVP_CCI`` : The CCI driver is selected. This is the default
|
||||
if 0 < ``FVP_CLUSTER_COUNT`` <= 2.
|
||||
- ``FVP_CCN`` : The CCN driver is selected. This is the default
|
||||
if ``FVP_CLUSTER_COUNT`` > 2.
|
||||
|
||||
- ``FVP_MAX_CPUS_PER_CLUSTER``: Sets the maximum number of CPUs implemented in
|
||||
a single cluster. This option defaults to 4.
|
||||
|
||||
- ``FVP_MAX_PE_PER_CPU``: Sets the maximum number of PEs implemented on any CPU
|
||||
in the system. This option defaults to 1. Note that the build option
|
||||
``ARM_PLAT_MT`` doesn't have any effect on FVP platforms.
|
||||
|
||||
- ``FVP_USE_GIC_DRIVER`` : Selects the GIC driver to be built. Options:
|
||||
|
||||
- ``FVP_GICV2`` : The GICv2 only driver is selected
|
||||
- ``FVP_GICV3`` : The GICv3 only driver is selected (default option)
|
||||
|
||||
- ``FVP_HW_CONFIG_DTS`` : Specify the path to the DTS file to be compiled
|
||||
to DTB and packaged in FIP as the HW_CONFIG. See :ref:`Firmware Design` for
|
||||
details on HW_CONFIG. By default, this is initialized to a sensible DTS
|
||||
file in ``fdts/`` folder depending on other build options. But some cases,
|
||||
like shifted affinity format for MPIDR, cannot be detected at build time
|
||||
and this option is needed to specify the appropriate DTS file.
|
||||
|
||||
- ``FVP_HW_CONFIG`` : Specify the path to the HW_CONFIG blob to be packaged in
|
||||
FIP. See :ref:`Firmware Design` for details on HW_CONFIG. This option is
|
||||
similar to the ``FVP_HW_CONFIG_DTS`` option, but it directly specifies the
|
||||
HW_CONFIG blob instead of the DTS file. This option is useful to override
|
||||
the default HW_CONFIG selected by the build system.
|
||||
|
||||
- ``FVP_GICR_REGION_PROTECTION``: Mark the redistributor pages of
|
||||
inactive/fused CPU cores as read-only. The default value of this option
|
||||
is ``0``, which means the redistributor pages of all CPU cores are marked
|
||||
as read and write.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,47 @@
|
||||
Running on the Cortex-A32 Base FVP (AArch32)
|
||||
============================================
|
||||
|
||||
With reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
|
||||
boot Linux with 4 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A32x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
With reset to SP_MIN entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
|
||||
boot Linux with 4 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A32x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu1.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu2.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu3.RVBARADDR=0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,52 @@
|
||||
Running on the Cortex-A57-A53 Base FVP
|
||||
======================================
|
||||
|
||||
With reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
|
||||
boot Linux with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
With reset to BL31 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
|
||||
boot Linux with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu1.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu2.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu3.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu0.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu1.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu2.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu3.RVBARADDR=0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0xff000000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
@@ -0,0 +1,42 @@
|
||||
Running on the Foundation FVP
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``Foundation_Platform`` parameters should be used to boot Linux with
|
||||
4 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/Foundation_Platform \
|
||||
--cores=4 \
|
||||
--arm-v8.0 \
|
||||
--secure-memory \
|
||||
--visualization \
|
||||
--gicv3 \
|
||||
--data="<path-to>/<bl1-binary>"@0x0 \
|
||||
--data="<path-to>/<FIP-binary>"@0x08000000 \
|
||||
--data="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data="<path-to>/<ramdisk-binary>"@0x84000000
|
||||
|
||||
Notes:
|
||||
|
||||
- BL1 is loaded at the start of the Trusted ROM.
|
||||
- The Firmware Image Package is loaded at the start of NOR FLASH0.
|
||||
- The firmware loads the FDT packaged in FIP to the DRAM. The FDT load address
|
||||
is specified via the ``load-address`` property in the ``hw-config`` node of
|
||||
`FW_CONFIG for FVP`_.
|
||||
- The default use-case for the Foundation FVP is to use the ``--gicv3`` option
|
||||
and enable the GICv3 device in the model. Note that without this option,
|
||||
the Foundation FVP defaults to legacy (Versatile Express) memory map which
|
||||
is not supported by TF-A.
|
||||
- In order for TF-A to run correctly on the Foundation FVP, the architecture
|
||||
versions must match. The Foundation FVP defaults to the highest v8.x
|
||||
version it supports but the default build for TF-A is for v8.0. To avoid
|
||||
issues either start the Foundation FVP to use v8.0 architecture using the
|
||||
``--arm-v8.0`` option, or build TF-A with an appropriate value for
|
||||
``ARM_ARCH_MINOR``.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _FW_CONFIG for FVP: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fdts/fvp_fw_config.dts
|
||||
@@ -0,0 +1,209 @@
|
||||
Booting Firmware Update images
|
||||
------------------------------
|
||||
|
||||
When Firmware Update (FWU) is enabled there are at least 2 new images
|
||||
that have to be loaded, the Non-Secure FWU ROM (NS-BL1U), and the
|
||||
FWU FIP.
|
||||
|
||||
The additional fip images must be loaded with:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0="<path_to>/ns_bl1u.bin"@0x0beb8000 [ns_bl1u_base_address]
|
||||
--data cluster0.cpu0="<path_to>/fwu_fip.bin"@0x08400000 [ns_bl2u_base_address]
|
||||
|
||||
The address ns_bl1u_base_address is the value of NS_BL1U_BASE.
|
||||
In the same way, the address ns_bl2u_base_address is the value of
|
||||
NS_BL2U_BASE.
|
||||
|
||||
Booting an EL3 payload
|
||||
----------------------
|
||||
|
||||
The EL3 payloads boot flow requires the CPU's mailbox to be cleared at reset for
|
||||
the secondary CPUs holding pen to work properly. Unfortunately, its reset value
|
||||
is undefined on the FVP platform and the FVP platform code doesn't clear it.
|
||||
Therefore, one must modify the way the model is normally invoked in order to
|
||||
clear the mailbox at start-up.
|
||||
|
||||
One way to do that is to create an 8-byte file containing all zero bytes using
|
||||
the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
dd if=/dev/zero of=mailbox.dat bs=1 count=8
|
||||
|
||||
and pre-load it into the FVP memory at the mailbox address (i.e. ``0x04000000``)
|
||||
using the following model parameters:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0=mailbox.dat@0x04000000 [Base FVPs]
|
||||
--data=mailbox.dat@0x04000000 [Foundation FVP]
|
||||
|
||||
To provide the model with the EL3 payload image, the following methods may be
|
||||
used:
|
||||
|
||||
#. If the EL3 payload is able to execute in place, it may be programmed into
|
||||
flash memory. On Base Cortex and AEM FVPs, the following model parameter
|
||||
loads it at the base address of the NOR FLASH1 (the NOR FLASH0 is already
|
||||
used for the FIP):
|
||||
|
||||
::
|
||||
|
||||
-C bp.flashloader1.fname="<path-to>/<el3-payload>"
|
||||
|
||||
On Foundation FVP, there is no flash loader component and the EL3 payload
|
||||
may be programmed anywhere in flash using method 3 below.
|
||||
|
||||
#. When using the ``SPIN_ON_BL1_EXIT=1`` loading method, the following DS-5
|
||||
command may be used to load the EL3 payload ELF image over JTAG:
|
||||
|
||||
::
|
||||
|
||||
load <path-to>/el3-payload.elf
|
||||
|
||||
#. The EL3 payload may be pre-loaded in volatile memory using the following
|
||||
model parameters:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0="<path-to>/el3-payload>"@address [Base FVPs]
|
||||
--data="<path-to>/<el3-payload>"@address [Foundation FVP]
|
||||
|
||||
The address provided to the FVP must match the ``EL3_PAYLOAD_BASE`` address
|
||||
used when building TF-A.
|
||||
|
||||
Booting a preloaded kernel image (Base FVP)
|
||||
-------------------------------------------
|
||||
|
||||
The following example uses a simplified boot flow by directly jumping from the
|
||||
TF-A to the Linux kernel, which will use a ramdisk as filesystem. This can be
|
||||
useful if both the kernel and the device tree blob (DTB) are already present in
|
||||
memory (like in FVP).
|
||||
|
||||
For example, if the kernel is loaded at ``0x80080000`` and the DTB is loaded at
|
||||
address ``0x82000000``, the firmware can be built like this:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
make PLAT=fvp DEBUG=1 \
|
||||
RESET_TO_BL31=1 \
|
||||
ARM_LINUX_KERNEL_AS_BL33=1 \
|
||||
PRELOADED_BL33_BASE=0x80080000 \
|
||||
ARM_PRELOADED_DTB_BASE=0x82000000 \
|
||||
all fip
|
||||
|
||||
Now, it is needed to modify the DTB so that the kernel knows the address of the
|
||||
ramdisk. The following script generates a patched DTB from the provided one,
|
||||
assuming that the ramdisk is loaded at address ``0x84000000``. Note that this
|
||||
script assumes that the user is using a ramdisk image prepared for U-Boot, like
|
||||
the ones provided by Linaro. If using a ramdisk without this header,the ``0x40``
|
||||
offset in ``INITRD_START`` has to be removed.
|
||||
|
||||
.. code:: bash
|
||||
|
||||
#!/bin/bash
|
||||
|
||||
# Path to the input DTB
|
||||
KERNEL_DTB=<path-to>/<fdt>
|
||||
# Path to the output DTB
|
||||
PATCHED_KERNEL_DTB=<path-to>/<patched-fdt>
|
||||
# Base address of the ramdisk
|
||||
INITRD_BASE=0x84000000
|
||||
# Path to the ramdisk
|
||||
INITRD=<path-to>/<ramdisk.img>
|
||||
|
||||
# Skip uboot header (64 bytes)
|
||||
INITRD_START=$(printf "0x%x" $((${INITRD_BASE} + 0x40)) )
|
||||
INITRD_SIZE=$(stat -Lc %s ${INITRD})
|
||||
INITRD_END=$(printf "0x%x" $((${INITRD_BASE} + ${INITRD_SIZE})) )
|
||||
|
||||
CHOSEN_NODE=$(echo \
|
||||
"/ { \
|
||||
chosen { \
|
||||
linux,initrd-start = <${INITRD_START}>; \
|
||||
linux,initrd-end = <${INITRD_END}>; \
|
||||
}; \
|
||||
};")
|
||||
|
||||
echo $(dtc -O dts -I dtb ${KERNEL_DTB}) ${CHOSEN_NODE} | \
|
||||
dtc -O dtb -o ${PATCHED_KERNEL_DTB} -
|
||||
|
||||
And the FVP binary can be run with the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04001000 \
|
||||
--data cluster0.cpu0="<path-to>/bl31.bin"@0x04001000 \
|
||||
--data cluster0.cpu0="<path-to>/<patched-fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk.img>"@0x84000000
|
||||
|
||||
Obtaining the Flattened Device Trees
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Depending on the FVP configuration and Linux configuration used, different
|
||||
FDT files are required. FDT source files for the Foundation and Base FVPs can
|
||||
be found in the TF-A source directory under ``fdts/``. The Foundation FVP has
|
||||
a subset of the Base FVP components. For example, the Foundation FVP lacks
|
||||
CLCD and MMC support, and has only one CPU cluster.
|
||||
|
||||
.. note::
|
||||
It is not recommended to use the FDTs built along the kernel because not
|
||||
all FDTs are available from there.
|
||||
|
||||
The dynamic configuration capability is enabled in the firmware for FVPs.
|
||||
This means that the firmware can authenticate and load the FDT if present in
|
||||
FIP. A default FDT is packaged into FIP during the build based on
|
||||
the build configuration. This can be overridden by using the ``FVP_HW_CONFIG``
|
||||
or ``FVP_HW_CONFIG_DTS`` build options (refer to
|
||||
:ref:`build_options_arm_fvp_platform` for details on the options).
|
||||
|
||||
- ``fvp-base-gicv2-psci.dts``
|
||||
|
||||
For use with models such as the Cortex-A57-A53 or Cortex-A32 Base FVPs
|
||||
without shifted affinities and with Base memory map configuration.
|
||||
|
||||
- ``fvp-base-gicv3-psci.dts``
|
||||
|
||||
For use with models such as the Cortex-A57-A53 or Cortex-A32 Base FVPs
|
||||
without shifted affinities and with Base memory map configuration and
|
||||
Linux GICv3 support.
|
||||
|
||||
- ``fvp-base-gicv3-psci-1t.dts``
|
||||
|
||||
For use with models such as the AEMv8-RevC Base FVP with shifted affinities,
|
||||
single threaded CPUs, Base memory map configuration and Linux GICv3 support.
|
||||
|
||||
- ``fvp-base-gicv3-psci-dynamiq.dts``
|
||||
|
||||
For use with models as the Cortex-A55-A75 Base FVPs with shifted affinities,
|
||||
single cluster, single threaded CPUs, Base memory map configuration and Linux
|
||||
GICv3 support.
|
||||
|
||||
- ``fvp-foundation-gicv2-psci.dts``
|
||||
|
||||
For use with Foundation FVP with Base memory map configuration.
|
||||
|
||||
- ``fvp-foundation-gicv3-psci.dts``
|
||||
|
||||
(Default) For use with Foundation FVP with Base memory map configuration
|
||||
and Linux GICv3 support.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
102
arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-support.rst
Normal file
102
arm-trusted-firmware.t234/docs/plat/arm/fvp/fvp-support.rst
Normal file
@@ -0,0 +1,102 @@
|
||||
Fixed Virtual Platform (FVP) Support
|
||||
------------------------------------
|
||||
|
||||
This section lists the supported Arm |FVP| platforms. Please refer to the FVP
|
||||
documentation for a detailed description of the model parameter options.
|
||||
|
||||
The latest version of the AArch64 build of TF-A has been tested on the following
|
||||
Arm FVPs without shifted affinities, and that do not support threaded CPU cores
|
||||
(64-bit host machine only).
|
||||
|
||||
.. note::
|
||||
The FVP models used are Version 11.26 Build 11, unless otherwise stated.
|
||||
|
||||
- ``FVP_Base_AEMvA-AEMvA``
|
||||
- ``FVP_Base_RevC-2xAEMvA``
|
||||
- ``FVP_Base_Cortex-A32x4``
|
||||
- ``FVP_Base_Cortex-A35x4``
|
||||
- ``FVP_Base_Cortex-A53x4``
|
||||
- ``FVP_Base_Cortex-A55``
|
||||
- ``FVP_Base_Cortex-A57x1-A53x1``
|
||||
- ``FVP_Base_Cortex-A57x2-A53x4``
|
||||
- ``FVP_Base_Cortex-A57x4``
|
||||
- ``FVP_Base_Cortex-A57x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A65`` (Version 11.24/24)
|
||||
- ``FVP_Base_Cortex-A65AE`` (Version 11.24/24)
|
||||
- ``FVP_Base_Cortex-A710``
|
||||
- ``FVP_Base_Cortex-A72x4``
|
||||
- ``FVP_Base_Cortex-A72x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A73x4``
|
||||
- ``FVP_Base_Cortex-A73x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A75``
|
||||
- ``FVP_Base_Cortex-A76``
|
||||
- ``FVP_Base_Cortex-A76AE``
|
||||
- ``FVP_Base_Cortex-A77``
|
||||
- ``FVP_Base_Cortex-A78``
|
||||
- ``FVP_Base_Cortex-A78AE``
|
||||
- ``FVP_Base_Cortex-A78C``
|
||||
- ``FVP_Base_Cortex-X2``
|
||||
- ``FVP_Base_Neoverse-E1`` (Version 11.24/24)
|
||||
- ``FVP_Base_Neoverse-N1``
|
||||
- ``FVP_Base_Neoverse-N2``
|
||||
- ``FVP_Base_Neoverse-V1``
|
||||
- ``FVP_BaseR_AEMv8R``
|
||||
- ``FVP_Morello`` (Version 0.11/33)
|
||||
- ``FVP_RD_V1``
|
||||
- ``FVP_RD_1_AE`` (Version 11.27/20)
|
||||
- ``FVP_TC3`` (Version 11.26/16)
|
||||
- ``FVP_TC4`` (Version 0.0/8404)
|
||||
|
||||
The latest version of the AArch32 build of TF-A has been tested on the
|
||||
following Arm FVPs without shifted affinities, and that do not support threaded
|
||||
CPU cores (64-bit host machine only).
|
||||
|
||||
- ``FVP_Base_AEMvA``
|
||||
- ``FVP_Base_AEMvA-AEMvA``
|
||||
- ``FVP_Base_Cortex-A32x4``
|
||||
|
||||
.. note::
|
||||
The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which
|
||||
is not compatible with legacy GIC configurations. Therefore this FVP does not
|
||||
support these legacy GIC configurations.
|
||||
|
||||
The *Foundation* and *Base* FVPs can be downloaded free of charge. See the `Arm
|
||||
FVP website`_. The Cortex-A models listed above are also available to download
|
||||
from `Arm's website`_.
|
||||
|
||||
.. note::
|
||||
The build numbers quoted above are those reported by launching the FVP
|
||||
with the ``--version`` parameter.
|
||||
|
||||
.. note::
|
||||
Linaro provides a ramdisk image in prebuilt FVP configurations and full
|
||||
file systems that can be downloaded separately. To run an FVP with a virtio
|
||||
file system image an additional FVP configuration option
|
||||
``-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>`` can be
|
||||
used.
|
||||
|
||||
.. note::
|
||||
The software will not work on Version 1.0 of the Foundation FVP.
|
||||
The commands below would report an ``unhandled argument`` error in this case.
|
||||
|
||||
.. note::
|
||||
FVPs can be launched with ``--cadi-server`` option such that a
|
||||
CADI-compliant debugger (for example, Arm DS-5) can connect to and control
|
||||
its execution.
|
||||
|
||||
.. warning::
|
||||
Since FVP model Version 11.0 Build 11.0.34 and Version 8.5 Build 0.8.5202
|
||||
the internal synchronisation timings changed compared to older versions of
|
||||
the models. The models can be launched with ``-Q 100`` option if they are
|
||||
required to match the run time characteristics of the older versions.
|
||||
|
||||
All the above platforms have been tested with `Linaro Release 20.01`_.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Arm's website: `FVP models`_
|
||||
.. _FVP models: https://developer.arm.com/products/system-design/fixed-virtual-platforms
|
||||
.. _Linaro Release 20.01: http://releases.linaro.org/members/arm/platforms/20.01
|
||||
.. _Arm FVP website: https://developer.arm.com/products/system-design/fixed-virtual-platforms
|
||||
31
arm-trusted-firmware.t234/docs/plat/arm/fvp/index.rst
Normal file
31
arm-trusted-firmware.t234/docs/plat/arm/fvp/index.rst
Normal file
@@ -0,0 +1,31 @@
|
||||
Arm Fixed Virtual Platforms (FVP)
|
||||
=================================
|
||||
|
||||
Arm |FVP|\s are complete simulations of an Arm system, including processor,
|
||||
memory and peripherals. They enable software development without the need for
|
||||
real hardware.
|
||||
|
||||
There exists many types of FVPs. This page provides details on how to build and
|
||||
run TF-A on some of these FVPs.
|
||||
|
||||
Please also refer to the TF-A CI scripts under the `model/`_ directory for an
|
||||
exhaustive list of |FVP|\s which TF-A is regularly tested on as part of our
|
||||
continuous integration strategy.
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
fvp-support
|
||||
fvp-build-options
|
||||
fvp-foundation
|
||||
fvp-aemv8-base
|
||||
fvp-cortex-a57-a53
|
||||
fvp-cortex-a32
|
||||
fvp-specific-configs
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2024, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _model/: https://git.trustedfirmware.org/ci/tf-a-ci-scripts.git/tree/model
|
||||
46
arm-trusted-firmware.t234/docs/plat/arm/fvp_r/index.rst
Normal file
46
arm-trusted-firmware.t234/docs/plat/arm/fvp_r/index.rst
Normal file
@@ -0,0 +1,46 @@
|
||||
ARM V8-R64 Fixed Virtual Platform (FVP)
|
||||
=======================================
|
||||
|
||||
Some of the features of Armv8-R AArch64 FVP platform referenced in Trusted
|
||||
Boot R-class include:
|
||||
|
||||
- Secure World Support Only
|
||||
- EL2 as Maximum EL support (No EL3)
|
||||
- MPU Support only at EL2
|
||||
- MPU or MMU Support at EL0/EL1
|
||||
- AArch64 Support Only
|
||||
- Trusted Board Boot
|
||||
|
||||
Further information on v8-R64 FVP is available at `info <https://developer.arm.com/documentation/ddi0600/latest/>`_
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
BL1 –> BL33
|
||||
|
||||
The execution begins from BL1 which loads the BL33 image, a boot-wrapped (bootloader + Operating System)
|
||||
Operating System, from FIP to DRAM.
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_r BL33=<path_to_os.bin> all fip
|
||||
|
||||
Enable TBBR by adding the following options to the make command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
MBEDTLS_DIR=<path_to_mbedtls_directory> \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user