mirror of
git://nv-tegra.nvidia.com/tegra/optee-src/atf.git
synced 2025-12-22 09:21:26 +03:00
Updating prebuilts and/or headers
aa0710c98a36daa5f4516ee8ee39209d05e4c255 - nvbuild.sh d15f50688485e11293e0d0bd66d73655e79f7718 - nvcommon_build.sh 1156a747abe8e5f2a639fe82c7e9b4b8c128428c - arm-trusted-firmware/package-lock.json d2180c4f81067554a4fa86baaebf7cd7722d0706 - arm-trusted-firmware/Makefile 7f3fadaf80e3c4745d24cb1a5881c7c5f4d898ba - arm-trusted-firmware/.checkpatch.conf 2b66445d7d00314222c238ee2f233a099ac6d838 - arm-trusted-firmware/.commitlintrc.js da14c19baefee3959f7c02f68db6cbe8c25d408e - arm-trusted-firmware/readme.rst 2da4fc2430e852f43b1ec376e4783a1d4658c039 - arm-trusted-firmware/package.json 2d62a7583b85631859c4143f08e0dc332e1cb87e - arm-trusted-firmware/.gitreview 5f8311228df51d284e4efc6c89e9d193dde99d11 - arm-trusted-firmware/.editorconfig d8da3627085908a5f974b45528b85dc0a41a8b75 - arm-trusted-firmware/license.rst 55bcfa0a03639a375c3f87b1d3286f526c41b207 - arm-trusted-firmware/.versionrc.js c10d9e3662b48b6da5c81ce00879a16fd8cf3d60 - arm-trusted-firmware/.cz.json 1684b8fa062fcf155fb678c6e112cf5436423ba2 - arm-trusted-firmware/changelog.yaml c16e3571ab87b0ea9f8067989a5b0f97251ff8cb - arm-trusted-firmware/lib/libfdt/fdt_wip.c c3bed95f695f7f9780ea064580ce245fa8dc6611 - arm-trusted-firmware/lib/libfdt/fdt_ro.c d63d474ccc4d93be45267b9c0a32c3c88c4f42cf - arm-trusted-firmware/lib/libfdt/fdt_overlay.c 3af779f4c2869b4f4f96ca46039bbe9311cfefa4 - arm-trusted-firmware/lib/libfdt/fdt_rw.c c7bf913dd7eabfba85f363d7a05851e84c786828 - arm-trusted-firmware/lib/libfdt/fdt.c e01b7a0052b837a4650f2c9ac75ad38c40edc583 - arm-trusted-firmware/lib/libfdt/fdt_empty_tree.c 6db863ac215fcf8880798469701f80b2fc197bcc - arm-trusted-firmware/lib/libfdt/fdt_strerror.c e6ac4a37689f70dd9fd01a67cabe4439d66dc4ea - arm-trusted-firmware/lib/libfdt/fdt_sw.c 3aae059b21ecd4f923c8f399d4c2dd101ce03502 - arm-trusted-firmware/lib/libfdt/libfdt_internal.h 55fc5d2ffcba07e29948822d0b12e4bf5546b8b8 - arm-trusted-firmware/lib/libfdt/fdt_addresses.c bc4f07448420d9d32b327b6516b618223272961e - arm-trusted-firmware/lib/pmf/pmf_main.c 7643d09d9577c6232b14eccb6e1fc3a1c8acc0d9 - arm-trusted-firmware/lib/pmf/pmf_smc.c 8102f862edb5ab07783993999c8781385e261628 - arm-trusted-firmware/lib/debugfs/dev.c 78982645d4d3008984c9307ee68bfa8eeb1a43a7 - arm-trusted-firmware/lib/debugfs/blobs.h db9f0e301c7178c315a1c6e72358bae572ce85db - arm-trusted-firmware/lib/debugfs/devfip.c 758f3be3354709a4f69ee89cacf0db10dd68c75c - arm-trusted-firmware/lib/debugfs/debugfs_smc.c 9802d55cbbaff09010b37afad6d494d8e755eae2 - arm-trusted-firmware/lib/debugfs/devroot.c 5260672b27f35a4368d3be1f6ee66ec91d4beb26 - arm-trusted-firmware/lib/debugfs/dev.h 7c85c537adcb24f5e03d6c71424a2618815086e3 - arm-trusted-firmware/lib/debugfs/devc.c 3a7bca01cf9d3b67b9d93fec625c4591ad106379 - arm-trusted-firmware/lib/romlib/Makefile a9efa4120656b54bbfaf91befd1a82dafb8640a0 - arm-trusted-firmware/lib/romlib/romlib_generator.py 0b4fe827956659566fa763cd1b1e15b1cdb505b6 - arm-trusted-firmware/lib/romlib/jmptbl.i 1a7d8adbdd571058f2d7cdf2dad5d51e735dfe8d - arm-trusted-firmware/lib/romlib/romlib.ld.S bc8857833413ad776fefee7b3a4fe3ad74c7cd04 - arm-trusted-firmware/lib/romlib/gen_combined_bl1_romlib.sh aca0167af243d551e7068e10251ccc62e1b800ea - arm-trusted-firmware/lib/romlib/init.s b022feb15f3e84d4eefd318657af38a3a523e363 - arm-trusted-firmware/lib/romlib/templates/jmptbl_entry_function_bti.S 56fc8c8a2950a0303783ced6bd0e388176043a47 - arm-trusted-firmware/lib/romlib/templates/jmptbl_entry_function.S e0406a34add19465d2ace2d60bc6c5048bf0a9ff - arm-trusted-firmware/lib/romlib/templates/wrapper_bti.S 91d0e6f060cd659ba73d0db8886497a823814c65 - arm-trusted-firmware/lib/romlib/templates/jmptbl_entry_reserved_bti.S fa26b89e848f7affd6fd3be71153b55961fbf971 - arm-trusted-firmware/lib/romlib/templates/jmptbl_glob_var.S 8bd9f16af17fc4a81e921654d50217d6ba334d4f - arm-trusted-firmware/lib/romlib/templates/jmptbl_header.S f9c9050fd5c89b246d718f406a9d9a13f3388a5e - arm-trusted-firmware/lib/romlib/templates/jmptbl_entry_reserved.S 5c8a013e889e7653f0cbff1346cd13128ff2fd69 - arm-trusted-firmware/lib/romlib/templates/wrapper.S 18fdfde595d6c7a6409f3d91382d81f736bf775d - arm-trusted-firmware/lib/fconf/fconf_mpmm_getter.c 1720429b89e9cc8c7b5f6bde6381dcd8f1e4bf0b - arm-trusted-firmware/lib/fconf/fconf_dyn_cfg_getter.c 06052beb76737879a3430c42f32068e7630ce940 - arm-trusted-firmware/lib/fconf/fconf_cot_getter.c fd4c5030299c6c43d7dcde650254301c4a185c84 - arm-trusted-firmware/lib/fconf/fconf.c bcf80bf32003cb4ebf4b71fd3b62b2ec5210ba95 - arm-trusted-firmware/lib/fconf/fconf_tbbr_getter.c 3567bc768ff2f143e4933244eb221b010bd91f80 - arm-trusted-firmware/lib/fconf/fconf_amu_getter.c 70011c90369b5b9a9d55faec233e60b90b31801e - arm-trusted-firmware/lib/locks/exclusive/aarch64/spinlock.S edf2b7a02784eccffa70a8f06817929dd1a8f993 - arm-trusted-firmware/lib/locks/exclusive/aarch32/spinlock.S b3453819b2250ed7f47a81d57ce565f8d644ddaa - arm-trusted-firmware/lib/locks/bakery/bakery_lock_normal.c cf339f00e977a47612e93384a6a0b8e73d731c21 - arm-trusted-firmware/lib/locks/bakery/bakery_lock_coherent.c 672dc9ce8ca19e9bad297552bb38f03725d544b2 - arm-trusted-firmware/lib/extensions/mpam/mpam.c ba76ca96162e88bc6bc13591b4dbe2d955320a45 - arm-trusted-firmware/lib/extensions/sys_reg_trace/aarch64/sys_reg_trace.c ecb8e335fe4a2681e714ea9d5c5f2b8f5e1a8e07 - arm-trusted-firmware/lib/extensions/sys_reg_trace/aarch32/sys_reg_trace.c da13fbd30292be6162a14bb7866fc3da5fce2c10 - arm-trusted-firmware/lib/extensions/sve/sve.c 1acd16a1b33cf990f1093d8f0ba9c0ebd7a6f719 - arm-trusted-firmware/lib/extensions/trbe/trbe.c 4125c51fd3f075d4d291f56b53175ca0683e12eb - arm-trusted-firmware/lib/extensions/spe/spe.c ebe5066f50de32f019ea11419b6ef11da4604812 - arm-trusted-firmware/lib/extensions/pauth/pauth_helpers.S 1e8ea4b9d81a41c874fd1c0e7b3915a5337cf966 - arm-trusted-firmware/lib/extensions/mtpmu/aarch64/mtpmu.S aee505d9d1071c6c819d07bc02c1e963cf8c6025 - arm-trusted-firmware/lib/extensions/mtpmu/aarch32/mtpmu.S 20945ff7a4f02b5797f9043d0dd1dcb655476c0b - arm-trusted-firmware/lib/extensions/sme/sme.c e3dc484cb8d981ceb0cdc03a7bdb8f24e2f9ae85 - arm-trusted-firmware/lib/extensions/trf/aarch64/trf.c 5ccbd178b5c5eb953d97ca519229837a0537e821 - arm-trusted-firmware/lib/extensions/trf/aarch32/trf.c afd6141e2e07c1fd692c8e845ce6e65899fbbb7d - arm-trusted-firmware/lib/extensions/amu/amu_private.h 896aead96745f721f995de07ec7a83fc77ffc33f - arm-trusted-firmware/lib/extensions/amu/aarch64/amu.c 7f3f609a1bb0c4b5287f43cd817a535c4e497353 - arm-trusted-firmware/lib/extensions/amu/aarch64/amu_helpers.S 21d2bec3b0a822561dc68c9dab32b97d35ea848a - arm-trusted-firmware/lib/extensions/amu/aarch32/amu.c 3dbb067dc92b40dd63f5ee3b50d0e88978e7e528 - arm-trusted-firmware/lib/extensions/amu/aarch32/amu_helpers.S 9b56d2cedbd5417e75959a7c83b6361dc3c48f6e - arm-trusted-firmware/lib/extensions/ras/std_err_record.c 785751601e97ed8f6b006cbe5a6e26dac81addf3 - arm-trusted-firmware/lib/extensions/ras/ras_common.c ccbf0a74a73d6eb9563cb282272e41c9decadde5 - arm-trusted-firmware/lib/el3_runtime/cpu_data_array.c 0407aded26aa40484ccde01e8562c2db1c2ff939 - arm-trusted-firmware/lib/el3_runtime/aarch64/context.S 648e98ef419ac30a1fdfe6e9fdef5a45f6fb8926 - arm-trusted-firmware/lib/el3_runtime/aarch64/context_mgmt.c a748c18c9c1bed5bfa7ad7bc2d42f1241b4eeb59 - arm-trusted-firmware/lib/el3_runtime/aarch64/cpu_data.S 72331f73e0f3f6540837815f472f78059a7fe275 - arm-trusted-firmware/lib/el3_runtime/aarch32/context_mgmt.c c16b6a90e04aa66123dde223fa202f33ab70aa51 - arm-trusted-firmware/lib/el3_runtime/aarch32/cpu_data.S 3c63f678cd78b3c4c10b6d13ffb32f245deb8ef6 - arm-trusted-firmware/lib/stack_protector/stack_protector.c 7c77f07a1d4fda36a4af38ed18da2e22607b53e9 - arm-trusted-firmware/lib/stack_protector/aarch64/asm_stack_protector.S c50c9ce39f46bbbfebd47c8645445585727f5b7d - arm-trusted-firmware/lib/stack_protector/aarch32/asm_stack_protector.S 57633f55f011eec32b09f4867a18db8725ad24d4 - arm-trusted-firmware/lib/xlat_tables/xlat_tables_common.c 489fa8c2a31654d4ab05e281acbabb0f8a64608d - arm-trusted-firmware/lib/xlat_tables/xlat_tables_private.h 83fd34388e89c93efcad1998551854558c28ad99 - arm-trusted-firmware/lib/xlat_tables/aarch64/xlat_tables.c bb710f3b156b87d08faaffa4bfdb60074c5bf5b0 - arm-trusted-firmware/lib/xlat_tables/aarch32/xlat_tables.c 08dd595ae97e585c165a02faaeecbc5c0615ecca - arm-trusted-firmware/lib/xlat_tables/aarch32/nonlpae_tables.c 886c1e8212ddafb0663811837c76ce60a9afb42a - arm-trusted-firmware/lib/bl_aux_params/bl_aux_params.c 7b5870894878b452bb2f89fe98f1e15591a599b9 - arm-trusted-firmware/lib/semihosting/semihosting.c 79d2f0e3c6477c7632a9d7b9d01b42625bf0cbb3 - arm-trusted-firmware/lib/semihosting/aarch64/semihosting_call.S bed75bc5da772504027fb7c033a1c918acc82c48 - arm-trusted-firmware/lib/semihosting/aarch32/semihosting_call.S 7185228489bf2c4e562f37a9f927cbc31c18ced1 - arm-trusted-firmware/lib/aarch64/cache_helpers.S da63c15641cb6cf532770db54efc30b3f8122a7c - arm-trusted-firmware/lib/aarch64/misc_helpers.S 96718b39d24ee4ca5fd1eb4f87d53c45c9e4f079 - arm-trusted-firmware/lib/aarch64/armclang_printf.S 0e2d7fd7063f4e253b3719a95edcfeb99d34044d - arm-trusted-firmware/lib/libc/putchar.c e99c723c3292973758d597558fd929976df82eff - arm-trusted-firmware/lib/libc/strlen.c 57ac7674f717f57cdd099f4ac2b3be174f71bdda - arm-trusted-firmware/lib/libc/assert.c 315e4d792f50e1a2f37ec14616fb2aaeaa866ae8 - arm-trusted-firmware/lib/libc/strncmp.c 44c32455e06c8ee38e1d4774fa8f70de1d9e3f00 - arm-trusted-firmware/lib/libc/memcmp.c 76e2ba1d1196be96fef786c3d7c5130fdac79ca7 - arm-trusted-firmware/lib/libc/snprintf.c be9487ae2df331c4b6d1e8eb831fe36f80300829 - arm-trusted-firmware/lib/libc/strlcpy.c cf851bb6ce469797f295f4789ce50110b175893f - arm-trusted-firmware/lib/libc/memcpy.c f5fe2af7f4f0cad25866aa2422d946f47a11943e - arm-trusted-firmware/lib/libc/abort.c c72f1f1842a78fb427805c7447d370fc148dc89f - arm-trusted-firmware/lib/libc/strtoul.c 1a98830ccfe805a879a87ff7eb90306cb197e72d - arm-trusted-firmware/lib/libc/strcmp.c 0e11c2ba3c9318cdcc4c28e3e3663337046128b8 - arm-trusted-firmware/lib/libc/memchr.c a1876df5c0fef0a62bc57d6a13bab2234ad7b1ea - arm-trusted-firmware/lib/libc/memmove.c 8c9668a348c3ffbe4509aa2246941450a7b0de00 - arm-trusted-firmware/lib/libc/strtoll.c 0a99e4e59337ea7c2c2fe6dd428552019fc1f053 - arm-trusted-firmware/lib/libc/memset.c 2e041624618747b95a70ac92007814f04d42907c - arm-trusted-firmware/lib/libc/strchr.c 07dbfb512cae53c03504d60ec4b02bfc74c2af8a - arm-trusted-firmware/lib/libc/strtol.c 82032c79de7b24a84341c8bd5d72baba75337f1e - arm-trusted-firmware/lib/libc/strtoull.c 6d62f8972d334e9b7016abfa5fd60039fd045392 - arm-trusted-firmware/lib/libc/strlcat.c c64e54b9d37e79c6a5ddf5440518980b4d8023d6 - arm-trusted-firmware/lib/libc/strrchr.c 06782e2bb8b5e2b70cd089f061be9c1a08621523 - arm-trusted-firmware/lib/libc/memrchr.c e7eb31dbd9893d98f8ab6cbef6a11143aa052581 - arm-trusted-firmware/lib/libc/strtok.c 8cd93cb80d43bbeeabb3a74bdc1e89d4e0821e6e - arm-trusted-firmware/lib/libc/printf.c e68d6a0053ae9810517f220d26386a2ae6290766 - arm-trusted-firmware/lib/libc/exit.c a13fb76d1efd1532d6265ca7e3753be123c5fbef - arm-trusted-firmware/lib/libc/strnlen.c 045917a873ae9e6ad3f96e3d127eb474b0f0baf9 - arm-trusted-firmware/lib/libc/puts.c 02977fbcda3d55ed39cafa721d2bd2a901f0c637 - arm-trusted-firmware/lib/libc/aarch64/memset.S fd7697000146d99611e6aaf57e0f3856602daf6b - arm-trusted-firmware/lib/libc/aarch64/setjmp.S 75786d0b78f57474b1c6f960b2c8ecbc07ba830b - arm-trusted-firmware/lib/libc/aarch32/memset.S 14efe65532640ad904e16c0fcfdf2a0aa8ef7892 - arm-trusted-firmware/lib/aarch32/cache_helpers.S 8a00fe14195497b3dfb4323af7775b79c89a645c - arm-trusted-firmware/lib/aarch32/misc_helpers.S 50b2fea23411834a7cdb5cb61cc8559bcfd872b1 - arm-trusted-firmware/lib/aarch32/armclang_printf.S 00169552baea8da03759257b44162edf097abcd0 - arm-trusted-firmware/lib/aarch32/arm32_aeabi_divmod.c c975d8abfe42e48d68e0e592ba3989ae3f7f0853 - arm-trusted-firmware/lib/aarch32/arm32_aeabi_divmod_a32.S 3ac2e5a07791e75f8ed81d0c1088a639a14142de - arm-trusted-firmware/lib/cpus/errata_report.c 006dee1e8ead4bf3e5c48a7374813cd8b78ae362 - arm-trusted-firmware/lib/cpus/aarch64/cortex_x2.S 814012a88912a712842aaaf04053a1a8fc46c29c - arm-trusted-firmware/lib/cpus/aarch64/cortex_hayes.S 7cd2af73210355f0e23d3b78612b61f25b37cc87 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a710.S d16bad3d9e6b6ed0a164467a3b25e5174c38de83 - arm-trusted-firmware/lib/cpus/aarch64/neoverse_demeter.S 08801af78758ca580f3619f48f0d2b72b843b8b3 - arm-trusted-firmware/lib/cpus/aarch64/neoverse_v1.S fd801851b71a05fbc5920f6815d5ab8025a7f156 - arm-trusted-firmware/lib/cpus/aarch64/cpuamu.c 527f0453b6bcc1e3cdbc68d25c5949e9c6d90d21 - arm-trusted-firmware/lib/cpus/aarch64/denver.S c2e3731d8a04eb0fe71b450fe59df2cca99da824 - arm-trusted-firmware/lib/cpus/aarch64/cortex_makalu.S 62e253dfa61bf57bc7c8af97146dc643070630b6 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a75_pubsub.c 9745ddbfe3bad71ac283cf7afe3f3a58848729fe - arm-trusted-firmware/lib/cpus/aarch64/generic.S 7ff21ebdc83ea3c05558a7c0798f1424648d5a34 - arm-trusted-firmware/lib/cpus/aarch64/qemu_max.S 23b71740924a2f46a4a3766dc7863240494c0c3e - arm-trusted-firmware/lib/cpus/aarch64/cortex_a78c.S 6256de3b0f8cb82f4629e83dce1ebf3f3d101147 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a510.S e0dbf2ba5bb288d057c7b39ac8c9217a8e9ef501 - arm-trusted-firmware/lib/cpus/aarch64/dsu_helpers.S b6f5469c320d8cea71ed93f0779eb1706255e014 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a78.S b6caa69a2838b35a3268cac6784f7f42060028c3 - arm-trusted-firmware/lib/cpus/aarch64/cortex_makalu_elp_arm.S 4076b184f1c8b586d8b7e9c16daffa08e81812c6 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a73.S bb044127b0f5b6908597c1915659ebabb4b9d8ff - arm-trusted-firmware/lib/cpus/aarch64/neoverse_e1.S 5f3bf45f19baa196f8537ea9fa6db1c00692c35f - arm-trusted-firmware/lib/cpus/aarch64/aem_generic.S e448fa0b2d060a91a00ce5b1747f0bb4963d83e4 - arm-trusted-firmware/lib/cpus/aarch64/neoverse_n1.S 0dc9a7f3f035cf6c322da9c77eacf5cdfd5be43b - arm-trusted-firmware/lib/cpus/aarch64/wa_cve_2017_5715_bpiall.S 50d6608eb167f02f6eef1948d919c767b8687797 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a76.S 3a0842db6538fada52fd0764e2942e9edcfa61e5 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a65ae.S 516e5e5482ec47fb50a91b19c7c8d86572bd9844 - arm-trusted-firmware/lib/cpus/aarch64/wa_cve_2017_5715_mmu.S 6c59fcd106e14d7120f6a715ba57542d71f097d9 - arm-trusted-firmware/lib/cpus/aarch64/rainier.S 8753b581e7bd70b0612f529761cb2e2f789d26ce - arm-trusted-firmware/lib/cpus/aarch64/cortex_a75.S ce5deaffb5280914ff04e13a3c1e8d5e0a12e9b0 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a78_ae.S f382f5af3fd88a0d159f0fc27bf3ff89e6e6517b - arm-trusted-firmware/lib/cpus/aarch64/neoverse_n_common.S 67a71ce51804d2c0c43d0c5b928b429383691702 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a55.S dd46ea61bba696867fb1ab60d0f54a5955c1f181 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a65.S edb24154359f6a874c199325c9d7072c4dedba3b - arm-trusted-firmware/lib/cpus/aarch64/neoverse_n1_pubsub.c 5e64126fe122470b5f906cbd26adc7b19c2b1cbd - arm-trusted-firmware/lib/cpus/aarch64/wa_cve_2022_23960_bhb_vector.S f751bc5c9ebc637d2973b137fe4020a9d2b49ef6 - arm-trusted-firmware/lib/cpus/aarch64/cortex_hunter.S 366cfe2c271409694f391a9092ce58f0d69d8eec - arm-trusted-firmware/lib/cpus/aarch64/neoverse_poseidon.S f245d765bc664b16acec02a6040885c8a59f9a54 - arm-trusted-firmware/lib/cpus/aarch64/cpu_helpers.S e314809e018d3bcc1cb805e4412443d918934828 - arm-trusted-firmware/lib/cpus/aarch64/cpuamu_helpers.S 6c5232d349afaa099b1de4b8274de771a075d0ce - arm-trusted-firmware/lib/cpus/aarch64/cortex_a57.S 4605a62d489dd9762cd96aedcfc0fe6101c14072 - arm-trusted-firmware/lib/cpus/aarch64/neoverse_n2.S 87817fd4d0f4db7bb9527cfe0b1107c39d33bd8b - arm-trusted-firmware/lib/cpus/aarch64/cortex_a72.S 2395220984e4ebe2e10ec3658f908b7a208fb99a - arm-trusted-firmware/lib/cpus/aarch64/cortex_a35.S 27cb3501d1a82bf7a2962df5e632ceddc6099479 - arm-trusted-firmware/lib/cpus/aarch64/wa_cve_2022_23960_bhb.S 4a3f95b9caa66e146e1a7057c238ce166bc17ae0 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a77.S 03c0a2d3e033df508520b527dd03c5487d139556 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a76ae.S 0183572f056c98431e9ee40e1ca22f149c8d1995 - arm-trusted-firmware/lib/cpus/aarch64/cortex_a53.S 70588b0d27cc22a3c28dcf235cb80cb80658e875 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a5.S dd4d708971e42cb6726bd6bcaeaaeb1ea62cc302 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a7.S bbcb12f3afb37a6763f26ed91a5859a16a9185f6 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a12.S 4bd6136e7c566e86577b42f173af618fff3ec5ce - arm-trusted-firmware/lib/cpus/aarch32/cortex_a17.S 504aecaaa931ada33617064d0c95d4514d583971 - arm-trusted-firmware/lib/cpus/aarch32/aem_generic.S 531b8790149c59c6d2a7528e480dc52235a0b5f3 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a32.S 698a71205b1dfcca91b0dc7e75cd8633685859b4 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a9.S dcc4327691c3788d4ca00df40256542be520f4a6 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a15.S 33d1e02fb1f40c2b2147fdf1911b9f6d0de2592d - arm-trusted-firmware/lib/cpus/aarch32/cpu_helpers.S 28602f5410ff8b383fbca1c3d420dd85e9e2e12c - arm-trusted-firmware/lib/cpus/aarch32/cortex_a57.S d132a84afe31b0339e4451e7df450856572fd2fa - arm-trusted-firmware/lib/cpus/aarch32/cortex_a72.S 0011de1efcc751a018cb652d35bf6dfb77ee5da5 - arm-trusted-firmware/lib/cpus/aarch32/cortex_a53.S 4ef2e504a667d7529f6e9f0629c04db77435a28a - arm-trusted-firmware/lib/utils/mem_region.c 499b3843cd918ded79d9b4067c70be77235a831e - arm-trusted-firmware/lib/xlat_tables_v2/xlat_tables_context.c c56014f913bcddf7eb4618bc48a2d7e188df93e8 - arm-trusted-firmware/lib/xlat_tables_v2/xlat_tables_utils.c c3816ecbb18ec120734f1bea8e79ea2ce6e4f631 - arm-trusted-firmware/lib/xlat_tables_v2/xlat_tables_core.c eaf23114b5279a2e5177c2d4a103265159f839d9 - arm-trusted-firmware/lib/xlat_tables_v2/xlat_tables_private.h 21604c58893e3fda032bac4d88417fff189d89ca - arm-trusted-firmware/lib/xlat_tables_v2/aarch64/enable_mmu.S 48fbcd0295e7c9d2581d235e6c80eced4a10a422 - arm-trusted-firmware/lib/xlat_tables_v2/aarch64/xlat_tables_arch.c ade75a712dde9020d79686a61994595c14f73163 - arm-trusted-firmware/lib/xlat_tables_v2/aarch32/enable_mmu.S 990536d736898528cf4565171fb83f57604dd3d8 - arm-trusted-firmware/lib/xlat_tables_v2/aarch32/xlat_tables_arch.c 35242ceafb8e7c1ac58158cde6672b601b1a88f9 - arm-trusted-firmware/lib/mpmm/mpmm.c 6d8e14259a3bddae74927623e68b6e95a578b3a2 - arm-trusted-firmware/lib/xlat_mpu/xlat_mpu_private.h 655c16e59bc70c4782c58f76a458853aeb35f2f1 - arm-trusted-firmware/lib/xlat_mpu/xlat_mpu_utils.c c8e552a0ec8c6fbc0008de98e8cc7e6ac08f1980 - arm-trusted-firmware/lib/xlat_mpu/xlat_mpu_context.c 3da3d4c987ce40660bb10580236ee870f603a567 - arm-trusted-firmware/lib/xlat_mpu/xlat_mpu_core.c 97a06786c9d53286c3d0d861d9e6578551650e5e - arm-trusted-firmware/lib/xlat_mpu/aarch64/enable_mpu.S 250ce42c1d1df6103d9a7eb84f739a52570e85c9 - arm-trusted-firmware/lib/xlat_mpu/aarch64/xlat_mpu_arch.c dfe9d1459f2afc808df76389971581e7cd156c05 - arm-trusted-firmware/lib/compiler-rt/LICENSE.TXT abf726b9d10381fc90d5c11654d391de96b8d950 - arm-trusted-firmware/lib/compiler-rt/builtins/int_types.h 46a423cd744769dbf4c8a9bace21b176a9e737df - arm-trusted-firmware/lib/compiler-rt/builtins/lshrdi3.c eb176115541305cb488d2be70cf8c519c16b494e - arm-trusted-firmware/lib/compiler-rt/builtins/int_math.h 58b4cf2c8174eb2d106886b7cb8a016d40b2d753 - arm-trusted-firmware/lib/compiler-rt/builtins/udivmoddi4.c 0740d888a28b420885866b396a4b4c3787fa5d9b - arm-trusted-firmware/lib/compiler-rt/builtins/int_endianness.h 3a299c5cc089640cd5a4723e9f7ef8eb172386e0 - arm-trusted-firmware/lib/compiler-rt/builtins/popcountdi2.c dd068590d2ed1fd41f248aa09a898df9da988c07 - arm-trusted-firmware/lib/compiler-rt/builtins/divmoddi4.c 35e2f5c84e2e03c6a63abe1dcf1494fcf8ef9d7d - arm-trusted-firmware/lib/compiler-rt/builtins/divdi3.c 32a243925b1b44cce203fbb02b0a15210edf2c34 - arm-trusted-firmware/lib/compiler-rt/builtins/popcountsi2.c e6b7517bd52e7cd7c50262aa9efbd0f8ae19a1c5 - arm-trusted-firmware/lib/compiler-rt/builtins/assembly.h f0a970815c4d8d2aac30a5da63d63cc4c5ad824f - arm-trusted-firmware/lib/compiler-rt/builtins/int_lib.h 393af562fe70f1bc9366014f2afdaa0318c8e72a - arm-trusted-firmware/lib/compiler-rt/builtins/ctzdi2.c 534e0612fc60e5acdbd99194724c762a645b1a4c - arm-trusted-firmware/lib/compiler-rt/builtins/arm/aeabi_ldivmod.S fa64ca197ba53f0e818a0f087349634fbd54640f - arm-trusted-firmware/lib/compiler-rt/builtins/arm/aeabi_uldivmod.S 2e63b0dd99041f913d992fc557f39d47f05937cc - arm-trusted-firmware/lib/coreboot/coreboot_table.c 6c1114794db137af50f9b060aaade1a1a35ed784 - arm-trusted-firmware/lib/zlib/adler32.c f32dab3880d47eca1b71c308cf6542b32941b23c - arm-trusted-firmware/lib/zlib/zutil.h 0ef05b0d12bf2cfbbf1aa84cff0e8dcf4fc5b731 - arm-trusted-firmware/lib/zlib/zconf.h fe2fdfb8f51d9f84881cc453ba64f60e3d7c9cbc - arm-trusted-firmware/lib/zlib/inffast.c 628d8395fc7f67e6d7a9a6cecba64f6594d64eb9 - arm-trusted-firmware/lib/zlib/inflate.h 4fc803c43a562b2b92a97e22300754ddfe44c603 - arm-trusted-firmware/lib/zlib/inffast.h 8770ab43c9050b824c646f6e6cee8b3c0628cbda - arm-trusted-firmware/lib/zlib/inffixed.h 2f1fcc93488ac84acf984415b6ea0bd63c72aa49 - arm-trusted-firmware/lib/zlib/zutil.c a152b76b78f9245ca67db2729de72d51ecc234b0 - arm-trusted-firmware/lib/zlib/inftrees.c d5cfffd5a037697867a78566d583e73f6d0f91b9 - arm-trusted-firmware/lib/zlib/inflate.c 473b29ab06e2be461fe4aa74952fcb9bd08d9fa0 - arm-trusted-firmware/lib/zlib/zlib.h 88ea76a1b42bfc247680dd50b450923858f945fe - arm-trusted-firmware/lib/zlib/crc32.c 3c63a7707d83991f3e074391c047b3136ff3e558 - arm-trusted-firmware/lib/zlib/inftrees.h db9e88b8332953972c9120c73389fa2ce03dd8f8 - arm-trusted-firmware/lib/zlib/crc32.h 8bb206723f10a7635c07f3e77abad21e4e47f520 - arm-trusted-firmware/lib/zlib/tf_gunzip.c 5c1fdfd96d90cc2df42b24e37dc31a193219049b - arm-trusted-firmware/lib/optee/optee_utils.c 3228f5a13a7d7e5e75f0da8ce95514eef5ddfebb - arm-trusted-firmware/lib/psci/psci_stat.c 70484461d77679b66812b09dd8b56cb0c17acaf9 - arm-trusted-firmware/lib/psci/psci_mem_protect.c 625e86be37b34f7914dcf99045481150bb86ea12 - arm-trusted-firmware/lib/psci/psci_on.c c11c8a604cc3adda245850ae823cd62da6b6f761 - arm-trusted-firmware/lib/psci/psci_main.c 9570832fd44a1d6b99ba837f8092d976a4219e92 - arm-trusted-firmware/lib/psci/psci_private.h 741cb1ca4722a4062052f5ec8cbb9d6f1d4ee468 - arm-trusted-firmware/lib/psci/psci_setup.c 085c5b5748106a6969e32bb08e645f14f2d564b3 - arm-trusted-firmware/lib/psci/psci_common.c ddcc3c9570f910954693aa27a5b355d4a84f2ac5 - arm-trusted-firmware/lib/psci/psci_off.c 829a7e8232b3efde8c6ad84aff7745c16582da77 - arm-trusted-firmware/lib/psci/psci_system_off.c bb2c6a22fccb6b37506ba1b0bc6ca6db53f60051 - arm-trusted-firmware/lib/psci/psci_suspend.c 2c7b752ae78666bc171dbc6858abbe2c9cff4013 - arm-trusted-firmware/lib/psci/aarch64/psci_helpers.S e3019770bfa11512ec7d2d6785e37d28c72cd2c9 - arm-trusted-firmware/lib/psci/aarch32/psci_helpers.S edbe27a26695b90b039ea42ae87e3756c047631a - arm-trusted-firmware/lib/gpt_rme/gpt_rme_private.h ecf8ba50075277e075334d8bf2192d3a03b4d713 - arm-trusted-firmware/lib/gpt_rme/gpt_rme.c f9227b30f6aa21bbf4a178697c37fa714ec54eb7 - arm-trusted-firmware/bl32/tsp/tsp_private.h bf48b15b9f75300c1f11366746538bd62a99a5ef - arm-trusted-firmware/bl32/tsp/tsp.ld.S 227ccd758b1cf98d27e14ac1ebd5e3b21275d6a1 - arm-trusted-firmware/bl32/tsp/tsp_interrupt.c 6727eccb78b649034342ffa087bb189e40734608 - arm-trusted-firmware/bl32/tsp/tsp_timer.c f2cd83bdbfed353fb47e384608fd41f7b78fc98c - arm-trusted-firmware/bl32/tsp/tsp_main.c 8d77cc1453037a319f4a5da2e5b77b37bb406277 - arm-trusted-firmware/bl32/tsp/aarch64/tsp_request.S e94cc0b80bb21c55fc68026d8a981988414ab611 - arm-trusted-firmware/bl32/tsp/aarch64/tsp_exceptions.S 18772624eeb332566bd8dfe2279187bec9b89fe0 - arm-trusted-firmware/bl32/tsp/aarch64/tsp_entrypoint.S b224dca2e5ea95c46e1062767709b1bb1d7d766c - arm-trusted-firmware/bl32/sp_min/sp_min.ld.S abbd0cb6ee3ce9ca8584fa872468754316b868ce - arm-trusted-firmware/bl32/sp_min/sp_min_private.h 333a280c5264ca6c42b06d977d15e2fd4809f2d9 - arm-trusted-firmware/bl32/sp_min/sp_min_main.c 5ef0dab419f42df9935d7fbc4e30baa8ea83d75e - arm-trusted-firmware/bl32/sp_min/wa_cve_2017_5715_bpiall.S 68e3f9565c5bf338271a1445ca22507fb2afc5af - arm-trusted-firmware/bl32/sp_min/wa_cve_2017_5715_icache_inv.S c1854f51280eb002548e763a01a8af613c615ee2 - arm-trusted-firmware/bl32/sp_min/aarch32/entrypoint.S 11dae66f5031e4fc368d8b20d11916dbcc90b1c0 - arm-trusted-firmware/.husky/prepare-commit-msg 201f68ff32e77e6400dc5624a726bb46fafe1ac3 - arm-trusted-firmware/.husky/commit-msg.gerrit edf09f8f672ed108a22d57c3be9c64c542957347 - arm-trusted-firmware/.husky/commit-msg.commitlint d04e79c7e2d1ff0546074efcfda2290f20c1c923 - arm-trusted-firmware/.husky/commit-msg fd32ceb86780ba4682d238401c5bdc6c51f6652f - arm-trusted-firmware/.husky/prepare-commit-msg.cz 9082edd5658eb851151f8944760e3c2741fea749 - arm-trusted-firmware/fdts/rtsm_ve-motherboard.dtsi c028d02d6d68dfd3c16c8ea9c6e247c72a911abc - arm-trusted-firmware/fdts/fvp-foundation-motherboard.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157c-ed1-fw-config.dts c1a285215a44ab5a76667a51c9a7d2ce06e50659 - arm-trusted-firmware/fdts/morello.dtsi abbe0e5a7c63995c207b1995649e3a6ed6b4221a - arm-trusted-firmware/fdts/stm32mp15xc.dtsi 0e25cc4f38da64563038297dac19b2cc042284f8 - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-common.dtsi 7b3fc7115bcdc0c82b7a2cf02a4089f67d2402b9 - arm-trusted-firmware/fdts/stm32mp13-pinctrl.dtsi 841830f5b4fb33dd8e11325e65d3e1ba854144f9 - arm-trusted-firmware/fdts/fvp-ve-Cortex-A7x1.dts a2179d252faf4859c7a7e68d3ba75a0955f53d37 - arm-trusted-firmware/fdts/stm32mp157c-odyssey.dts ee1bb06de6ee0eba0fe695f5c7f9dbc12abb6f3e - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-dynamiq-common.dtsi 4d121467e71a4bd15241201c1c23fbb169901959 - arm-trusted-firmware/fdts/a5ds.dts 59f777f521b3de55f482d1b9623951a1dc5c0046 - arm-trusted-firmware/fdts/stm32mp157c-ev1.dts 3340a6810424caf1eeec960dce9e7f673eca4150 - arm-trusted-firmware/fdts/stm32mp157a-avenger96.dts 9ba3e2b8e2ffe38d252977d731187a52eac72c6b - arm-trusted-firmware/fdts/stm32mp133.dtsi f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware/fdts/stm32mp157c-dk2-fw-config.dts f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware/fdts/stm32mp157f-dk2-fw-config.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157f-ed1-fw-config.dts dd88ca9bc617b6bb318f6b74c35655db6ecff39d - arm-trusted-firmware/fdts/stm32mp135f-dk.dts 910ac0ace6638b52d04843f12c3f0f521eb4f4e5 - arm-trusted-firmware/fdts/corstone700_fpga.dts 10bae29f18be4785b789ca4c08398643163c76be - arm-trusted-firmware/fdts/cot_descriptors.dtsi f99071420aca4da5f493b73afa3d3777206e23d7 - arm-trusted-firmware/fdts/n1sdp-single-chip.dts 44c1cab21fcc9907b2d084dbac303eff0dfa00b3 - arm-trusted-firmware/fdts/fvp-ve-Cortex-A5x1.dts 3ebcaa602aafc62742776533b737f3eafdbcbeea - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-aarch32-common.dtsi d6f0de7f00f3c5d3fc07703cda887ee3d8ea1d2e - arm-trusted-firmware/fdts/tc.dts a61a77e18f14a9ba0916b5d0c1d4c7b0e07d1441 - arm-trusted-firmware/fdts/stm32mp15xxac-pinctrl.dtsi 0fec14d4dc8c75bbdea73be1457f5ed47458cb9a - arm-trusted-firmware/fdts/fvp-foundation-gicv2-psci.dts dbed6c5c0e011af658818b570feee9c093e65a26 - arm-trusted-firmware/fdts/stm32mp135f-dk-fw-config.dts 708bcdeda398c49482ebc2c3bf4b25f2c71a1e3a - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-dynamiq.dts 394dc09a932c8f74fe7aff7d429da06d4bd07878 - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-aarch32-1t.dts c551d6d75e35b8e119cd5b31bb7d421eb5007e04 - arm-trusted-firmware/fdts/rtsm_ve-motherboard-aarch32.dtsi 4fa3b6d4bddfb09bf8b8ac8f78bc5806a1063cf6 - arm-trusted-firmware/fdts/stm32mp157c-dk2.dts f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware/fdts/stm32mp157a-dk1-fw-config.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157c-ev1-fw-config.dts fec2d89a3727359109737596ca7c4c1165b7de38 - arm-trusted-firmware/fdts/n1sdp-multi-chip.dts f7ba40a101d1f02c70445a0d783a347ed212cf03 - arm-trusted-firmware/fdts/stm32mp157d-dk1-fw-config.dts 2f05be7afa52d4db4c62e213a91e5efc3908193a - arm-trusted-firmware/fdts/stm32mp157c-lxa-mc1.dts fb6d607b811f2e027c9859345cf86eb565d31c20 - arm-trusted-firmware/fdts/stm32mp15xx-osd32.dtsi 2d9983ae7b41417977f671f99eec7d6c8f5a99be - arm-trusted-firmware/fdts/stm32mp15xxaa-pinctrl.dtsi 79d8f41f2a5afa474094fe763ef4ee39909d283b - arm-trusted-firmware/fdts/stm32mp157c-odyssey-fw-config.dts 3b4d8cfb55f06ed3418c0539f4d5d2bc33168635 - arm-trusted-firmware/fdts/stm32mp131.dtsi 5d5ddb74e5499f300b5d1800520a4651078d347b - arm-trusted-firmware/fdts/fvp-foundation-gicv3-psci.dts c49dfbfab50db6d0014130e8d213b6a8113c9525 - arm-trusted-firmware/fdts/stm32mp153.dtsi fdc05334cd630b63cf2fd11add62d6580489d832 - arm-trusted-firmware/fdts/stm32mp13-ddr.dtsi ec214ebb9287a791def27fb1b8d74fceb843657f - arm-trusted-firmware/fdts/stm32mp135.dtsi 901a3c633890935dc0ef5dda27689fe471371d5b - arm-trusted-firmware/fdts/stm32mp15-bl32.dtsi 7afa8c643fcfe1d0d506c90c0ab7ced868c73040 - arm-trusted-firmware/fdts/stm32mp15xx-dkx.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157a-avenger96-fw-config.dts d9fadc7223cf3f5db0bfb1f4830e0bf0fbf138ad - arm-trusted-firmware/fdts/stm32mp15-pinctrl.dtsi 094f752c659ba4c70dae4bfdd3041ffdc45d6451 - arm-trusted-firmware/fdts/corstone700.dtsi 992348633a6518e2d0464e4afe90c22c87a617a6 - arm-trusted-firmware/fdts/stm32mp13-ddr3-1x4Gb-1066-binF.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157f-ev1-fw-config.dts f92cb32ea29e10232721e9d596972e82444c21d2 - arm-trusted-firmware/fdts/stm32mp15xxad-pinctrl.dtsi fafc1a46bd195774df21a32f1e87a087f14e2c67 - arm-trusted-firmware/fdts/stm32mp15-ddr3-2x4Gb-1066-binG.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157d-ev1-fw-config.dts 38c31e8b06ea5253a26b8393737ad72d81e1757d - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-1t.dts 3cafe4429688d04735324b0c1ac24d6fd6df075c - arm-trusted-firmware/fdts/fvp-base-gicv2-psci-aarch32.dts 44c646e57eb44bcfd7927514911f6cefb465cb23 - arm-trusted-firmware/fdts/fvp-base-gicv3-psci.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157a-ed1-fw-config.dts 397204dbf3a8d4f16b213cdf8810bb0c8409a3ea - arm-trusted-firmware/fdts/stm32mp151.dtsi ae59f1caa51f25a19cb7bc925c819f7b663c9ccf - arm-trusted-firmware/fdts/stm32mp157c-odyssey-som.dtsi ddb3d9266ce77ac3e0746820b562a07f35eafb01 - arm-trusted-firmware/fdts/n1sdp.dtsi 79d8f41f2a5afa474094fe763ef4ee39909d283b - arm-trusted-firmware/fdts/stm32mp157c-lxa-mc1-fw-config.dts d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157d-ed1-fw-config.dts 6c3fed10148b793fe9f9c4f44b878ccc12d99c3e - arm-trusted-firmware/fdts/morello-soc.dts 6b86a9e9c6c06841937a884fcc7b91e67ce3b81c - arm-trusted-firmware/fdts/stm32mp13xd.dtsi 195376b3fa6a4af6db8e90af65ae62d649d506c1 - arm-trusted-firmware/fdts/fvp-defs-dynamiq.dtsi a6ef63af22c25465b4276c77535b30d8baaa1ea4 - arm-trusted-firmware/fdts/arm_fpga.dts d72046fed6d7327744da75b395f335791022bfc4 - arm-trusted-firmware/fdts/morello-fvp.dts c078bf1220e11a54b0ae9d20bf948f1f4cb30d37 - arm-trusted-firmware/fdts/stm32mp15-ddr.dtsi e61da20036fff26e3a39b09bcb92733e6c4c3743 - arm-trusted-firmware/fdts/fvp-base-gicv2-psci.dts ee5b8fc8401ffbd14d01f615b14a1bc2c6bc90ba - arm-trusted-firmware/fdts/stm32mp13xc.dtsi d49435eb3b8dae9e0f687d74ac1343c3f6931d7b - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-aarch32.dts 6b86a9e9c6c06841937a884fcc7b91e67ce3b81c - arm-trusted-firmware/fdts/stm32mp13xa.dtsi bbe441adbb4706bbc2d792a33b888f441d489177 - arm-trusted-firmware/fdts/juno.dts 60954c960886d3c55a4f3e819b0ad2411afe194c - arm-trusted-firmware/fdts/stm32mp15-fw-config.dtsi b724eb6fc96a68bbfe8f165c465341bbbf27bb27 - arm-trusted-firmware/fdts/stm32mp13-bl2.dtsi d317228143780c8f627a6814a3ca1ab9f1a0d69b - arm-trusted-firmware/fdts/stm32mp13-fw-config.dtsi 122430dfffc3d549a6991bc3154850d76b80c2bb - arm-trusted-firmware/fdts/stm32mp157a-dk1.dts 2a8ccec8476f0d4af01036dc6ecb636d1f2a1387 - arm-trusted-firmware/fdts/stm32mp13xf.dtsi c67b47c8582f0a092e22ed701f7ad5d9469dd6b4 - arm-trusted-firmware/fdts/fvp-defs.dtsi 20769b04e4fa588ef10d7460a5b4a9061c70ebfa - arm-trusted-firmware/fdts/corstone700_fvp.dts dc0b8b61bededc06878dfb1e763b36611ea2382a - arm-trusted-firmware/fdts/stm32mp15-bl2.dtsi 390a6cef77d9095a9c98b9abe19eaaa6eedbdb73 - arm-trusted-firmware/fdts/stm32mp15-ddr3-1x4Gb-1066-binG.dtsi dc880b2cbd39cde08860e8ebf3cb4b92bbb21748 - arm-trusted-firmware/fdts/stm32mp15xxab-pinctrl.dtsi c1d24ce6492d52d78484c4b3cf9d2466dbf9c0b0 - arm-trusted-firmware/fdts/stm32mp157.dtsi 09fc90f32545b712b63ea42e925122cabd78c262 - arm-trusted-firmware/fdts/fvp-base-gicv3-psci-dynamiq-2t.dts 5061d53c21f2dec61bb9fb74fac882b6142d8931 - arm-trusted-firmware/fdts/juno-ethosn.dtsi d0ca311ee090d9d69c82273e0e6f4d65bb330554 - arm-trusted-firmware/fdts/stm32mp157a-ev1-fw-config.dts 721faf693f101ff246d85ebc2d1772b555d84f20 - arm-trusted-firmware/fdts/stm32mp157c-ed1.dts d1831078ebc7756a3c141537c4f33b00ce2ffca0 - arm-trusted-firmware/common/fdt_fixup.c 54620aa80f910434a484672d917861106ecc2df1 - arm-trusted-firmware/common/runtime_svc.c bb6318e6a4526a2e75ed8f74f629b22fad67317e - arm-trusted-firmware/common/fdt_wrappers.c 4e8e81d22968abbb440726d3094bc3a5bbab94c6 - arm-trusted-firmware/common/tf_crc32.c 91cec99e37b1e7e986e62eb3474f5b0d63516507 - arm-trusted-firmware/common/image_decompress.c 358ff3e13baa8507b20744e31468185b03077531 - arm-trusted-firmware/common/bl_common.c f4efa0610d34dd7e2935e65e54d8226cf36f94ff - arm-trusted-firmware/common/desc_image_load.c 567e84803ece6e7ea1401d347ecba84600dea543 - arm-trusted-firmware/common/uuid.c 3ccdb5028aa976066c06527a27303c4a0db57ead - arm-trusted-firmware/common/tf_log.c e1451e78efe19651d81b93634da02b524c4ebcab - arm-trusted-firmware/common/backtrace/backtrace.c 5354886f2c074fe74f50056321be3516724c7536 - arm-trusted-firmware/common/aarch64/debug.S b21d0924c4f52357b3815446ebd25cc4f58ad622 - arm-trusted-firmware/common/aarch64/early_exceptions.S 8ce1f388b3852351c1fa8d8001d14910363ee672 - arm-trusted-firmware/common/aarch32/debug.S cf5f556d440245d73b0f784be4662e7cd634f39b - arm-trusted-firmware/include/lib/coreboot.h 7ffbca071dbd690b9d0ac30e6b388a848c55cc16 - arm-trusted-firmware/include/lib/semihosting.h 0b8f22e03d35106f8213bb63f81feeefe40d0675 - arm-trusted-firmware/include/lib/bakery_lock.h 06aee725316857addfb02415a55463647ed20701 - arm-trusted-firmware/include/lib/object_pool.h 1f698e99c775d463461fd358a896217604420ef6 - arm-trusted-firmware/include/lib/runtime_instr.h f68ef15137b41ae5e5fd646d5b7624ff9843b770 - arm-trusted-firmware/include/lib/smccc.h 90db5a8e9962b61142ef6eed7165cb5967d686be - arm-trusted-firmware/include/lib/optee_utils.h 73dc3acb5868e207313dcdae4f6884d5c179faaa - arm-trusted-firmware/include/lib/utils.h 94cb452f38b47933f36d4af26e71b749a5ce2efc - arm-trusted-firmware/include/lib/utils_def.h b1522d52a6103e87ea31e7207f54208dd2c5a6af - arm-trusted-firmware/include/lib/debugfs.h ed4976b8261e1ee44f4a2b7952563b6db8e63406 - arm-trusted-firmware/include/lib/spinlock.h 9637b2573e1df004bff5258027eee07e6d532cf9 - arm-trusted-firmware/include/lib/cassert.h de7b34ae4f5c2aa97efbb717d681f3f79f6b3a80 - arm-trusted-firmware/include/lib/mmio.h 26e37a910f19c0fe0293821c838312e998579df1 - arm-trusted-firmware/include/lib/libfdt/fdt.h c90d25bb7b217171ad9437ee0bc8d4e0c5c7f4d3 - arm-trusted-firmware/include/lib/libfdt/libfdt_env.h ec87fea0386b1dcc840a14b66f68bb20746774d2 - arm-trusted-firmware/include/lib/libfdt/libfdt.h bf81e2d1db65ed903ef83af8c902a2c570f7d8d7 - arm-trusted-firmware/include/lib/pmf/pmf_helpers.h 9b838f7bd9f2c4493efedef614f584d30c32546d - arm-trusted-firmware/include/lib/pmf/pmf.h 2e8bf007844002145509b02185c1cfb380c086c7 - arm-trusted-firmware/include/lib/pmf/aarch64/pmf_asm_macros.S be45471818b5fb856ed0fc1c303a3439ac749d6c - arm-trusted-firmware/include/lib/pmf/aarch32/pmf_asm_macros.S fad98eab51c54e641e9db5451eceb044f426276c - arm-trusted-firmware/include/lib/fconf/fconf_tbbr_getter.h b61fcbdcf35b00e7cf2a5c7feff04fc5d28e7e6c - arm-trusted-firmware/include/lib/fconf/fconf_dyn_cfg_getter.h 531877858c00a04ba41ba7d211235fcad2bf2f77 - arm-trusted-firmware/include/lib/fconf/fconf_mpmm_getter.h 1cc2ff30d9d45589c3c7fa34a79ab141314e4974 - arm-trusted-firmware/include/lib/fconf/fconf_amu_getter.h d152cc84bd5ddb5c62bb91fe605ebd55b28b2585 - arm-trusted-firmware/include/lib/fconf/fconf.h cc7362066d33e226e7e9996002c683aeb7291017 - arm-trusted-firmware/include/lib/extensions/trf.h b60784e6b65f97973b6399350a6bb41d508cb993 - arm-trusted-firmware/include/lib/extensions/ras_arch.h 802b885838cc683c33d5bdf0db010936d1d60c40 - arm-trusted-firmware/include/lib/extensions/sys_reg_trace.h d9ddc757d1632d6d25a30937684cae6ef3ee6a50 - arm-trusted-firmware/include/lib/extensions/spe.h 84ebabfad9a6aea5b36eca181ecacd9f81feaf8b - arm-trusted-firmware/include/lib/extensions/sve.h 49864e971e8571d9d0cb63bce06594f6c8b5d684 - arm-trusted-firmware/include/lib/extensions/mpam.h fcc42874d57314ab77ad7f2a2c1b2eb3862a576b - arm-trusted-firmware/include/lib/extensions/amu.h 08342ec02a973e05865c7a200258f0949f7e0948 - arm-trusted-firmware/include/lib/extensions/trbe.h 46afc6f495640a910a40703306195c7a6c3a0833 - arm-trusted-firmware/include/lib/extensions/twed.h a3c002de51adf7dd52647cf5c6e3f6e119634fc9 - arm-trusted-firmware/include/lib/extensions/pauth.h 09511d96743a49bd6a8ce53a10a7a63f66fa69eb - arm-trusted-firmware/include/lib/extensions/ras.h 5e43959b0322424d6c58374b9bf52ca3435e88c1 - arm-trusted-firmware/include/lib/extensions/sme.h cfcb8f035cda18f894c8ee194d3136fc61406fe0 - arm-trusted-firmware/include/lib/el3_runtime/pubsub_events.h 926a8f99c7871413aa6c48ee91bcacf8ea07e438 - arm-trusted-firmware/include/lib/el3_runtime/cpu_data.h df57266f0878fdff7b3180dfc258dae3ca1859cc - arm-trusted-firmware/include/lib/el3_runtime/context_mgmt.h db010d01a2298bde5d192dc8ca42d487ad8023ac - arm-trusted-firmware/include/lib/el3_runtime/pubsub.h 38bab004d095d8c31cc1bb191af9e3c4ee45ca02 - arm-trusted-firmware/include/lib/el3_runtime/aarch64/context.h 9c3df6c4d9ecf03368ef7a5cd150157123c12ed1 - arm-trusted-firmware/include/lib/el3_runtime/aarch32/context.h a5b742f0a88671c56d4acb2c9f41a2859ccfe63c - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables_v2_helpers.h ffd6aa77c205ba28fc3cdedfdf92ad949a1d2c4e - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables_compat.h d096d2c939939ac7e3ce5358c63127a2e48fc66d - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables_arch.h 147505a24c5c0680f8c21cd8b77aaa1ed3d9af0f - arm-trusted-firmware/include/lib/xlat_tables/xlat_mmu_helpers.h 0ea4285dd4504af01f2379c11c6b04292b5224d0 - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables.h 748f4763c6956e3a05b07a06f88394f925375806 - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables_v2.h 64b082be684d2e9aac73592fc4658c81ded65fcc - arm-trusted-firmware/include/lib/xlat_tables/xlat_tables_defs.h 135853a26b41e70bb03df6feaa46157020f24f43 - arm-trusted-firmware/include/lib/xlat_tables/aarch64/xlat_tables_aarch64.h ef0a81e88f09c2c6ce252f01c0405fa13cf09822 - arm-trusted-firmware/include/lib/xlat_tables/aarch32/xlat_tables_aarch32.h 72f4645c807c6915c0628b0d200b18fba404f91c - arm-trusted-firmware/include/lib/bl_aux_params/bl_aux_params.h 3ad9051758ee29a3d96abe5881f5a7740eb10550 - arm-trusted-firmware/include/lib/libc/cdefs.h 5e084e86fa5e4b5fdac774d1aa00b279f68d3c40 - arm-trusted-firmware/include/lib/libc/inttypes.h 83a3b49d103b8453fb98b0625c759bf39c09803e - arm-trusted-firmware/include/lib/libc/assert.h b37dff6a9fa0fe100e6e204676f60358dfde29eb - arm-trusted-firmware/include/lib/libc/stdlib.h 0d835510f380ad8267995f98edca212d0c2d8f72 - arm-trusted-firmware/include/lib/libc/errno.h fec91d22fe696952ba93c2d1ed6cedfa714a5a7e - arm-trusted-firmware/include/lib/libc/stdint.h 28d598da1ead2bf6ee9fd764635deb7d1a082fc9 - arm-trusted-firmware/include/lib/libc/stdbool.h 81fc18b0518ed12942398f24157b26767f2b5d58 - arm-trusted-firmware/include/lib/libc/stdio.h 2f17e8f91531cbdb0dcb5638ffe35b4fc35169f4 - arm-trusted-firmware/include/lib/libc/endian.h 1f519accd161baa49f478a735728f1b81dd9a443 - arm-trusted-firmware/include/lib/libc/stdarg.h 05293dcd9dcd66e6fbc14019807633a277c3a53f - arm-trusted-firmware/include/lib/libc/time.h de263df3e964aac45b0a9be4096eb2a12c63d72b - arm-trusted-firmware/include/lib/libc/arm_acle.h d0d4318e609c76661d8f0144b559d4c7e5c43cce - arm-trusted-firmware/include/lib/libc/limits.h 96064295890c1e484dfcf96039b0cf5c4babd361 - arm-trusted-firmware/include/lib/libc/setjmp.h 38027460aea214583844c4cb07db44077673acc5 - arm-trusted-firmware/include/lib/libc/string.h 167e84c7f69dda6dbee48fff38839436941dfe1c - arm-trusted-firmware/include/lib/libc/stddef.h c881950de56de06d14e10e06d219c0ad40613034 - arm-trusted-firmware/include/lib/libc/aarch64/setjmp_.h e3ba7ed7d41ae3a8c9dd07d94f7bbef48adf165a - arm-trusted-firmware/include/lib/libc/aarch64/limits_.h 8741dd9ddf232520a7e68bd21382fd53539b8c5b - arm-trusted-firmware/include/lib/libc/aarch64/stdio_.h 81dc661e625cc7228b67c09aea60df34e729c283 - arm-trusted-firmware/include/lib/libc/aarch64/stdint_.h dec49d90238a3dc066022d9268b1172c93e6bd29 - arm-trusted-firmware/include/lib/libc/aarch64/inttypes_.h a0ec98e34e93c55ac6fc9241cbaed06bc372bb39 - arm-trusted-firmware/include/lib/libc/aarch64/stddef_.h 94f633f89b9ae70068fb70432456057bd04bb750 - arm-trusted-firmware/include/lib/libc/aarch64/endian_.h c6119d73104bf3ae1d27bac47db49a0fbbdcd112 - arm-trusted-firmware/include/lib/libc/aarch32/limits_.h 8eaba3f90b7b124e01dd67a505f4e8dac6d42826 - arm-trusted-firmware/include/lib/libc/aarch32/stdio_.h 99fb55bd4f7021bebc906bdfbf7f2e0a32e198f9 - arm-trusted-firmware/include/lib/libc/aarch32/stdint_.h 5504c60845bc40c22309d19ad3a370854542606b - arm-trusted-firmware/include/lib/libc/aarch32/inttypes_.h 4ffa8f28ee204e4445f86ee9e68903c66fb5487d - arm-trusted-firmware/include/lib/libc/aarch32/stddef_.h 5d60818c76a8f8d0645d40e13fb9c6bba183e2ac - arm-trusted-firmware/include/lib/libc/aarch32/endian_.h 7a7b59a035c26b0ced83b40114b596358f1bd2c4 - arm-trusted-firmware/include/lib/cpus/errata_report.h 58569d6f8289cc5c665cc6dd3455a31057e6209f - arm-trusted-firmware/include/lib/cpus/wa_cve_2018_3639.h d44192225758ac451b1c5bc5111f98c453327523 - arm-trusted-firmware/include/lib/cpus/wa_cve_2017_5715.h 55da8ccc24cdd5cabba3e346f04694958ca9b84a - arm-trusted-firmware/include/lib/cpus/wa_cve_2022_23960.h 42b29f7ea79198fbf5aa69a3aa080de56572fa3a - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_demeter.h efc8411aa80d03690795c5caab5213f739c3dae2 - arm-trusted-firmware/include/lib/cpus/aarch64/generic.h 309db7cc6a48f2dfc2fc82dad3300ad2825efae6 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a75.h 32b8e77c476293848bb5884355c7faf95069f8c8 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a78c.h 7f4a54bf5113ee54ee16d5400921730610b81a5f - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a78_ae.h fe7e88bb537bded4caa68969291e0f7582e7abe1 - arm-trusted-firmware/include/lib/cpus/aarch64/qemu_max.h 44559a7bdfb73f25458f7ca2b0e8c8785ef8827f - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a35.h 055e82d4e76261ce1a2108d14cea7176cf18c0a9 - arm-trusted-firmware/include/lib/cpus/aarch64/dsu_def.h e762cbd4ef8859eb8d8ebd03899ec10c085ce1b5 - arm-trusted-firmware/include/lib/cpus/aarch64/cpuamu.h 43952567938e0452e6f1cd65b6fab276d3b628e0 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_hunter.h cecb6b77ddae233e9012f44da229b0f25904b481 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a65ae.h 4f1b3a7c5699c6ae409698b593edbc6ac8d2a861 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a73.h fb525a4bddf12d5307fdd7d77fe2c90783b76d85 - arm-trusted-firmware/include/lib/cpus/aarch64/aem_generic.h 7de432330be3e8f54c1e573f4ab59d51806e7365 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_hayes.h e67d118e55ce590ff3f6428280713a78b8eed58a - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_n2.h 82d90eaba5c3e4a0d0d67cdc9bb41cf9f9d2aa35 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a710.h 6f80e2ceb55f9179c0e8b9d91d249e62d6b1face - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_n_common.h fee71b3ac82a2185c4d87e46ee0883cd51017f0f - arm-trusted-firmware/include/lib/cpus/aarch64/denver.h 84e558d38ecba4e5f4d2f894a9291c5037ce66ed - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a57.h e7bf4db6f79577db296e4c8444c731b2e3af4822 - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_poseidon.h b9a6a19c148f0fb9ef9b3e03b113a48c319f50ed - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a78.h 3c127123c7f793221554840dbafc9aecc3acb322 - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_v1.h 80bf6905c50e6839862d8fc71c9406f081533252 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_x2.h 22958de97bf4027cc040fc0ac360db1706c214e9 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_makalu_elp_arm.h 31b87fd75812c21215587c76fc574207c546b735 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a77.h 7c2b1650f6c338afe9ce5b81aaf9c15b6c358c98 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_makalu.h 316e8929890c4678843eeb9c9f055e3d7b37419b - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a53.h 3f7b45d32e48e60ee32229b7e8f5860b6e67747e - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a72.h b58c922be5d4bad0866dbb86570d6f9e94310f89 - arm-trusted-firmware/include/lib/cpus/aarch64/rainier.h b5de08d6bad3b4fa6d103de5fdccbe1dd027b1e2 - arm-trusted-firmware/include/lib/cpus/aarch64/cpu_macros.S 26f966576d1ba5fe1e871578dea3ea004be5ee67 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a76ae.h 9a1b5aa467e9d2d3b68dbfdc3d96397743562185 - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_e1.h ed260f8199efb4c6b1d32218c83039568c4ef425 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a65.h 70560b6cca33e37badb4f0e52e2781166227184c - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a55.h b2ba28f5ae615b85d1e4f9417e53743767f749e5 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a510.h 03c06290a053bfb539077f235d6cbd00efa9839f - arm-trusted-firmware/include/lib/cpus/aarch64/neoverse_n1.h e06ae7d94772d2e7df59aaed91759743f3614979 - arm-trusted-firmware/include/lib/cpus/aarch64/cortex_a76.h f05e12dd19967571232d263c83c6898dc9f9c9b1 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a17.h 964ef94b44f29b27af9693592b55d5e045c68898 - arm-trusted-firmware/include/lib/cpus/aarch32/aem_generic.h b3f572f2b6af62ea012727754cd52c72ab76a8cb - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a9.h 4f2016b0ee0a27a62e127a3e9e49889a8cb0d63e - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a57.h ab3b500c80e0bf48a6fa1b8aa0cedb3451312f73 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a53.h 7c549b2ab4e1d1d0e0a845e601e8778c8c5016d1 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a72.h b28242a3c70922add954edac6ef6a6cc27eef33f - arm-trusted-firmware/include/lib/cpus/aarch32/cpu_macros.S b4398b2cbe8c44396c14071dd547d3b4ae231f11 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a15.h 7246c771a29d42ce8df39025143fedec1f1d22ea - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a12.h bb26a1dad2c7e0bc860a422313a21fe96c5818e7 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a7.h 4f8e78fb1d10bb5da1ae6792f2775a2e3d34e739 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a5.h a90685421214c1862d537af563def9b63894e740 - arm-trusted-firmware/include/lib/cpus/aarch32/cortex_a32.h 0f9c6bddf555b127d0deea955abd911c85bc89b9 - arm-trusted-firmware/include/lib/mpmm/mpmm.h a9be03deeaf86090c4056f6844a1dafec0a14683 - arm-trusted-firmware/include/lib/xlat_mpu/xlat_mpu.h ff1f378cc136ea5bf58c5fe0df726e1d809c7efb - arm-trusted-firmware/include/lib/zlib/tf_gunzip.h 03fe8d1844f9117cf59adf7bb69cbcef990c16c3 - arm-trusted-firmware/include/lib/psci/psci_lib.h 1c0e9271a240a44ae26fe23c9d0bf4f2aefdbaa8 - arm-trusted-firmware/include/lib/psci/psci.h 84b28157b2cc81f5a9aa46c6edf2de6083f696bd - arm-trusted-firmware/include/lib/gpt_rme/gpt_rme.h 7efe8c0a3fbb4e9b29850fac16b475c45925c6e3 - arm-trusted-firmware/include/dt-bindings/pinctrl/stm32-pinfunc.h b7307a0a106f93b2429fa105547d42bc65f8afc2 - arm-trusted-firmware/include/dt-bindings/reset/stm32mp15-resets.h c5098c5b107f74cd689ca039a39721bc1ecb7523 - arm-trusted-firmware/include/dt-bindings/reset/stm32mp1-resets.h 0ca59c4b41f2264bcc0d4b45550b8a587211aece - arm-trusted-firmware/include/dt-bindings/reset/stm32mp13-resets.h 3a4737826d5e90e262be765553886dc9b2cad966 - arm-trusted-firmware/include/dt-bindings/interrupt-controller/irq.h 56af3734637f9dcf2f75c88aad9614e515be1570 - arm-trusted-firmware/include/dt-bindings/interrupt-controller/arm-gic.h 080c331a370bfcf9f9ce11ccdc89838ea7fd401c - arm-trusted-firmware/include/dt-bindings/clock/stm32mp1-clksrc.h f28db646c8bdd11bb9593e0d241d924482a7d3ad - arm-trusted-firmware/include/dt-bindings/clock/stm32mp15-clks.h bd297c8c069baf4894e271462ecd0387ca142d2b - arm-trusted-firmware/include/dt-bindings/clock/stm32mp15-clksrc.h f8dfb28848429d1ddd93107a95f47d8c6701e359 - arm-trusted-firmware/include/dt-bindings/clock/stm32mp13-clks.h fd1e043f322c708de5aa529250ef0ca7430cc508 - arm-trusted-firmware/include/dt-bindings/clock/stm32mp13-clksrc.h e0d1075d19bd35b9bf189dad00ef6b45991c1bf0 - arm-trusted-firmware/include/dt-bindings/clock/stm32mp1-clks.h 5c7d53dffc9e4dbe1b29a7a3f2c66a36954dd32d - arm-trusted-firmware/include/dt-bindings/soc/stm32mp13-tzc400.h f237c837e7f3ca6eb78a837961cc378136eb56a4 - arm-trusted-firmware/include/dt-bindings/soc/stm32mp15-tzc400.h 4b89cad3c01b7767a5a3a13de49705b2cb3e7f9e - arm-trusted-firmware/include/dt-bindings/soc/st,stm32-etzpc.h cb4a166015b83acf19a78617be8e774abc6e1798 - arm-trusted-firmware/include/bl32/payloads/tlk.h dc1975b639c5dc6b8eee34ada66bffcbd10d3047 - arm-trusted-firmware/include/bl32/tsp/tsp.h 61531a0b7ca81943d7aebe7d3183f30c4b6b42b7 - arm-trusted-firmware/include/bl32/tsp/platform_tsp.h 0978d63d1beeeb3f432496ea56acf6f3cf4d2072 - arm-trusted-firmware/include/bl32/sp_min/platform_sp_min.h ad144423428ec92ff7791f7e65475d8179b74ef7 - arm-trusted-firmware/include/arch/aarch64/el3_common_macros.S d35ee46e0adae54b398a7fca1dfb048e883b5ad1 - arm-trusted-firmware/include/arch/aarch64/el2_common_macros.S 87e9fceb27f38ccf307b534c37594e96103b391f - arm-trusted-firmware/include/arch/aarch64/arch.h 3b667906d524c05d363bb8341f5241bbe7d80fe4 - arm-trusted-firmware/include/arch/aarch64/arch_helpers.h 40e8dcbc93cae746d0a5db7109f8c2d55204cc36 - arm-trusted-firmware/include/arch/aarch64/asm_macros.S 04b3308044a6768acf0bad187fc2b69cb69a1fe4 - arm-trusted-firmware/include/arch/aarch64/assert_macros.S ed984eb0f0ed8079b711d378fe82a35a98c45803 - arm-trusted-firmware/include/arch/aarch64/smccc_helpers.h 1d2a96df860280e160ab95e4e51e622a5f546aba - arm-trusted-firmware/include/arch/aarch64/arch_features.h 82b34ecc6637bf3745fec6a4d1cbc29e06e8e19e - arm-trusted-firmware/include/arch/aarch64/console_macros.S 19edcf9b1fb1a08230c93e3bfa026e7b33cd3ac9 - arm-trusted-firmware/include/arch/aarch32/el3_common_macros.S 1ac6bbd72fd5efcdea46d665f3b42539e55d19af - arm-trusted-firmware/include/arch/aarch32/smccc_macros.S e2b5aa5f3ed136a6b09905c047bcd4bba696b753 - arm-trusted-firmware/include/arch/aarch32/arch.h 68d3700bd1027d9b9ce6280954972329e2653b9e - arm-trusted-firmware/include/arch/aarch32/arch_helpers.h c2be1c93cd54c4e39aaf2aaa3a0efde1a237ae5d - arm-trusted-firmware/include/arch/aarch32/asm_macros.S 7473145f94c25355b413a071f083825a5bbf2ce8 - arm-trusted-firmware/include/arch/aarch32/assert_macros.S 0e8c93e8e2069b7b80576b88757ad99a54dabc15 - arm-trusted-firmware/include/arch/aarch32/smccc_helpers.h 6a8e3ed67bce468bf878dee9e257722a13c705de - arm-trusted-firmware/include/arch/aarch32/arch_features.h 707cddbbe6226e2efc883af7013f08afced5a708 - arm-trusted-firmware/include/arch/aarch32/console_macros.S b46a10bce55c312c93a16f506296f5642158a823 - arm-trusted-firmware/include/common/asm_macros_common.S 1d8edfcfadd6f5b8724ad6ef3530f09bac04d2b9 - arm-trusted-firmware/include/common/fdt_fixup.h 561b168245611d5de641a636b5d632f02dcab868 - arm-trusted-firmware/include/common/debug.h cbf9eec4b4cde89881d2efe44be1dde85d9b6b0d - arm-trusted-firmware/include/common/bl_common.ld.h b0aadb059bd035c38b54ce8f2f7690b49b417e5a - arm-trusted-firmware/include/common/param_header.h 0adc1932137e9f09ebf8948f60d0bb0258ad0249 - arm-trusted-firmware/include/common/tf_crc32.h 3061ebcc5cc39e9b66461188d5eccd5bef4173d0 - arm-trusted-firmware/include/common/image_decompress.h 816190a2de110539cf90ed91f279563c0bca9a18 - arm-trusted-firmware/include/common/uuid.h 5afd89832d7eb27979b6864884c4c5564a60279d - arm-trusted-firmware/include/common/romlib.h 9398e9281edb3916d9f8b25e4ac909538f93d5da - arm-trusted-firmware/include/common/interrupt_props.h dc31b12d8e0fe348d049aab169721695d6414bc2 - arm-trusted-firmware/include/common/bl_common.h 835fd8c82abcfae1bf3c5dceb1123a8b2bfd587d - arm-trusted-firmware/include/common/ep_info.h 9acd7a0a005acdb9eb6ee122677ee9528b36b6e0 - arm-trusted-firmware/include/common/nv_cntr_ids.h 718add17082d7b0f4631c4aa87879e2dbc634426 - arm-trusted-firmware/include/common/fdt_wrappers.h f3ec87cdd303cc80ab1975ee4c970c1d72f2a1d9 - arm-trusted-firmware/include/common/desc_image_load.h 1fb3546ddcbbdb34f1bd8c5532fde531ed03e4fd - arm-trusted-firmware/include/common/runtime_svc.h b1bbf25afc02647d5cf3c2de70985599ed6bf6ea - arm-trusted-firmware/include/common/tbbr/cot_def.h 22b063584c188624815fe5a57f199b9bde282c6a - arm-trusted-firmware/include/common/tbbr/tbbr_img_def.h 9148c938d74351967390c1286566f167d1915b59 - arm-trusted-firmware/include/drivers/ufs.h 80ffbe42c480534b02989a02a37fe24a316746dc - arm-trusted-firmware/include/drivers/spi_nand.h 3d13f3cbff61918c53bb0a76876155dc82337fe5 - arm-trusted-firmware/include/drivers/console_assertions.h 42c0f53bb57374cb007e6d5c3d4d536db4069f15 - arm-trusted-firmware/include/drivers/nand.h d73de0ba3c3a5f28ea6d778b2dcb3ccc7d76c74e - arm-trusted-firmware/include/drivers/mmc.h 1e85ce64c0bc0c37f1c87dab8859540aadd4d842 - arm-trusted-firmware/include/drivers/raw_nand.h c8f57a02330fc21d063cbfa19b558cbd20de2787 - arm-trusted-firmware/include/drivers/generic_delay_timer.h beb3e629b953dd33bc44df27d3f0b251af4a75e5 - arm-trusted-firmware/include/drivers/scmi.h 8709de3c5655138d78511772539fb29a8b660364 - arm-trusted-firmware/include/drivers/scmi-msg.h 32b681b12e18f054ea32d70a554e9c07ff59e4f5 - arm-trusted-firmware/include/drivers/spi_nor.h bb163896fcf9655f45d24b8676ea0a79a6c28272 - arm-trusted-firmware/include/drivers/dw_ufs.h 3fdd5f2bbd8585722f7176499884e963fcc1806f - arm-trusted-firmware/include/drivers/console.h 58d9040bd23a07f657047c01fbc92a62b9b04d45 - arm-trusted-firmware/include/drivers/clk.h 061a6a5d58a19fa40602dcb1c9d1042a206ad73e - arm-trusted-firmware/include/drivers/spi_mem.h e52b9017a122dbf25d5764491104335c6a166dd2 - arm-trusted-firmware/include/drivers/usb_device.h c6f581c377a1a1670d1dd54c360deded41593d6f - arm-trusted-firmware/include/drivers/delay_timer.h b11f7ad45072a13e91bd01040adca94742f7cff1 - arm-trusted-firmware/include/drivers/gpio.h 95f57bdb58eaa0c98d1495b69af4481368294101 - arm-trusted-firmware/include/drivers/synopsys/dw_mmc.h 41a9e785cff8ee17c58544900ad2cf351862fb31 - arm-trusted-firmware/include/drivers/cadence/cdns_uart.h f255bd6542ce1b5d70e6f1e8d795bf29367099a7 - arm-trusted-firmware/include/drivers/io/io_memmap.h d44cfbded1853f569ae63d99598504a959d6be61 - arm-trusted-firmware/include/drivers/io/io_fip.h e65ada86295c449ba40e5e0d4d1558b8c57e24c5 - arm-trusted-firmware/include/drivers/io/io_mtd.h ea2dcfb76c08ec6fec8d8a369642b152753b0780 - arm-trusted-firmware/include/drivers/io/io_driver.h 53a57c8d46bdf6e3119f7da34bfab0df1ea5be9c - arm-trusted-firmware/include/drivers/io/io_storage.h 37187b6d387c4c5065ca5fcf7fb76e54527943c2 - arm-trusted-firmware/include/drivers/io/io_dummy.h 10532a6db736e62308718e7ed4602bcdad21e3e0 - arm-trusted-firmware/include/drivers/io/io_block.h 65ea10cb954a4eafbc5c1b0e1f4118cece4ff74b - arm-trusted-firmware/include/drivers/io/io_semihosting.h fe49b84f7431a3680d29420770e6c5a8e81abd5c - arm-trusted-firmware/include/drivers/io/io_encrypted.h 4b9518a5dba55fc1c78dc216a36ce0bb0e045155 - arm-trusted-firmware/include/drivers/st/stm32_uart.h 1b6f5d6f48fb0ceab8d15c6308e31e78e85bddba - arm-trusted-firmware/include/drivers/st/stm32_uart_regs.h 51b50b86f5dea96ef59764df60f2d64a45d54bf1 - arm-trusted-firmware/include/drivers/st/stm32mp1_ddr.h eae4fb4ef015039f57a757e732fbfa815bc9aeb1 - arm-trusted-firmware/include/drivers/st/bsec2_reg.h 91bfb605e20bff6aead18279afab90eed7856ddd - arm-trusted-firmware/include/drivers/st/stm32mp1_pwr.h ae8d33f6e04e5baf46e8b00b1613dca79c462e1b - arm-trusted-firmware/include/drivers/st/stm32mp_pmic.h a832f792f5fc9564b02d96f85430f190c3f57417 - arm-trusted-firmware/include/drivers/st/stm32mp_clkfunc.h 16d36c74e72bc40e7ba15ea25ce38621a3dc3a9e - arm-trusted-firmware/include/drivers/st/stm32_console.h e545051ef77d33ec66036fa94f2d53b51253d436 - arm-trusted-firmware/include/drivers/st/stm32mp1_ddr_helpers.h cacf83dd6e129df0a9ffedbd38bfb757074d1240 - arm-trusted-firmware/include/drivers/st/etzpc.h 173981f3ca549df6d0e56fd0a16e4a055b9151eb - arm-trusted-firmware/include/drivers/st/stm32mp15_rcc.h eaf998cd31b2112d0a61198a5a7f14d484217251 - arm-trusted-firmware/include/drivers/st/regulator.h b0e57331d216261ea6ec7814666ae64bd884dc05 - arm-trusted-firmware/include/drivers/st/io_mmc.h cfbc99b7bba5966e33409c31f9f47cb7de63f66f - arm-trusted-firmware/include/drivers/st/stm32_hash.h b6caa41ecb428bd2e6752e1a1f5a0c2ef3fcc953 - arm-trusted-firmware/include/drivers/st/io_stm32image.h ff21abb6526ad91314e2f7cc58fa6fd6546c926f - arm-trusted-firmware/include/drivers/st/stm32_sdmmc2.h 86a1ad6cd3ce837f820ba6c1b9f6ee7182e74956 - arm-trusted-firmware/include/drivers/st/stm32_fmc2_nand.h c13f39e45ffdff80cfe87c12423322a15b959794 - arm-trusted-firmware/include/drivers/st/stm32mp1_ddr_regs.h 58a87d375953ce331a480d18ecbe92da88b221df - arm-trusted-firmware/include/drivers/st/bsec.h e86b4fde780cfae34213629b58ff8e1efd1eed73 - arm-trusted-firmware/include/drivers/st/stm32mp_ddrctrl_regs.h 431e908bb797e10b7839fe28a0ace7d8a9e7bf99 - arm-trusted-firmware/include/drivers/st/stm32mp1_ram.h b6eb16d19f62ff88852eab346d51d719944f14ed - arm-trusted-firmware/include/drivers/st/stm32_i2c.h 4cdb146eb6fe5439dec2c5039a903ed5baee6aa6 - arm-trusted-firmware/include/drivers/st/stm32mp_reset.h 967e02371bf07f76cf015635f5a50c0956176296 - arm-trusted-firmware/include/drivers/st/stm32mp1_usb.h 6c00673ea5fb61808caf3b77e422043972ecafc7 - arm-trusted-firmware/include/drivers/st/stm32_qspi.h 45a56579470aa4ad7e007373a068f3285f046de0 - arm-trusted-firmware/include/drivers/st/stpmic1.h e6aa4130f95dc7da0f3a94482c2ee3325afdf0a0 - arm-trusted-firmware/include/drivers/st/stm32mp_ddr.h bcfc65cd26c42c404b6482da16cdacf6e95c5733 - arm-trusted-firmware/include/drivers/st/stm32_iwdg.h 1735a240af4b99862e6cb202fc034231abeb53bd - arm-trusted-firmware/include/drivers/st/stm32mp_ddr_test.h 156ba43b85065027d400a1287fa794a828df162b - arm-trusted-firmware/include/drivers/st/stm32mp1_clk.h ac1cd6d311e2280721ba62f9e82c10322f6dad41 - arm-trusted-firmware/include/drivers/st/stm32mp_ram.h 7574c3687634e56e414a47e0fb3f5a5d7b1fc708 - arm-trusted-firmware/include/drivers/st/stm32_gpio.h e02eff807301ff7775369975495cad2a2082972f - arm-trusted-firmware/include/drivers/st/stm32mp13_rcc.h ec0355e035856ac49891ebbbfb6b249439fe6bc2 - arm-trusted-firmware/include/drivers/st/stm32mp1_rcc.h f2ca7edf66b0d71fec9b893659707c7675f9d0a6 - arm-trusted-firmware/include/drivers/st/regulator_fixed.h 1c35b8d1dd99e2556585b97e6c5f472b95565fd0 - arm-trusted-firmware/include/drivers/amlogic/meson_console.h 598adf21c9089a664c913fb3faf852fa36dddef8 - arm-trusted-firmware/include/drivers/amlogic/crypto/sha_dma.h 89a898543325d24449f04f9b4f73ab80fe43615a - arm-trusted-firmware/include/drivers/fwu/fwu_metadata.h bd8eab4d0a2394ab277d17b70d1de2839a83ce04 - arm-trusted-firmware/include/drivers/fwu/fwu.h 907603dcc9f90f3393201ab4a2a5c8ce32f61543 - arm-trusted-firmware/include/drivers/brcm/sotp.h 5632d0130d0787f77618a2ca64d09d7bc3d2433b - arm-trusted-firmware/include/drivers/brcm/usbh_xhci_regs.h 5afc35a13cf962ad7cd0f15b0532bbe11c7ad17a - arm-trusted-firmware/include/drivers/brcm/ocotp.h 2dedb1c6a08bb98fab574fbb49becf23a0a40b3d - arm-trusted-firmware/include/drivers/brcm/dmu.h 67ec9883d9b0ac3959b68dcf32dbf8d8fbc84bc8 - arm-trusted-firmware/include/drivers/brcm/scp.h 3b8d411ed511e8d5f5cd285a04229eb0779c2609 - arm-trusted-firmware/include/drivers/brcm/iproc_gpio.h 8c4e00a589a41eac59a1e3f7743e362f874b80cd - arm-trusted-firmware/include/drivers/brcm/fru.h 542f2f80df9c9b264f0bfc9387e38e99ad2a9e7b - arm-trusted-firmware/include/drivers/brcm/spi_flash.h 2a62cccb75603f1abe573a211d9b149826e87356 - arm-trusted-firmware/include/drivers/brcm/chimp_nv_defs.h 823fbabdd578bbfbf92d8a2d68e8d7d2c3f652cd - arm-trusted-firmware/include/drivers/brcm/spi.h 04cc0e519d24a6729fbf6f89e981eaf992fe19d5 - arm-trusted-firmware/include/drivers/brcm/sf.h f1e9babc3d5e854ba472c64f889f2fb01138cff0 - arm-trusted-firmware/include/drivers/brcm/chimp.h 40a4365490452d1db063c69f305c46be1d20e9f5 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_chal_sd.h c3be01e418a0c44f650529178aabc99c5fdbef33 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_api.h 5657b1337210a575a742026dfa31f3136b5bb625 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_chal_types.h d6123ce1d15ed92eb457d0e0d13d66841deb34ea - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_pboot_hal_memory_drv.h af14073522c90e3d69b0abc31fd3a2820dc54d47 - arm-trusted-firmware/include/drivers/brcm/emmc/bcm_emmc.h 38ad4c8652f178df916a5a1622fad23851187ba2 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_csl_sd.h 5e1781b653944c224e65bec032fae482c1925591 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_csl_sdprot.h eafab2881a9d078ab544df13644c4b47b0670003 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_csl_sdcmd.h 869edd881664c3e2332d5b2e6765e7dacbb0afb7 - arm-trusted-firmware/include/drivers/brcm/emmc/emmc_brcm_rdb_sd4_top.h 829056e15314b731c22b87d62a2c8606e72e1fb8 - arm-trusted-firmware/include/drivers/brcm/i2c/i2c.h ba4c82c4f42cf7c6060c7266d23de675e741a191 - arm-trusted-firmware/include/drivers/brcm/i2c/i2c_regs.h 281ab6dc0343aa92cc689456d9b8b56e7e853961 - arm-trusted-firmware/include/drivers/brcm/mdio/mdio.h d9fee9976962b8d9daffbf4d4cb1e7400e14c745 - arm-trusted-firmware/include/drivers/ti/uart/uart_16550.h b5e8788fcbe8f7e5a29ea20b0496f5b331fe6b4b - arm-trusted-firmware/include/drivers/measured_boot/event_log/tcg.h bf12d4c88947dab864a8f411bd8b3d752bcece3f - arm-trusted-firmware/include/drivers/measured_boot/event_log/event_log.h 0601d762e1bfda8d93d085ea44202fdbff2d1ad9 - arm-trusted-firmware/include/drivers/allwinner/sunxi_rsb.h 1fad8ad24347aab9e6da6d46f5cf581f938d2ab8 - arm-trusted-firmware/include/drivers/allwinner/axp.h 490bae640af8d15a10cc4a530a23cd51226ca709 - arm-trusted-firmware/include/drivers/mentor/mi2cv.h 898f43097b2545ca29358b143d6e97761f1dbce4 - arm-trusted-firmware/include/drivers/rpi3/rng/rpi3_rng.h 8865e3a5b086a9f57937f94373c1488796422a75 - arm-trusted-firmware/include/drivers/rpi3/mailbox/rpi3_mbox.h d3887ee8e4681e5e21d22c78756f8bb537359ef0 - arm-trusted-firmware/include/drivers/rpi3/sdhost/rpi3_sdhost.h affa2c8404660a48bcd956f29a50e79120b1cc3b - arm-trusted-firmware/include/drivers/rpi3/gpio/rpi3_gpio.h 5c2e0ca868faae2060e6a9f3bf20896783564942 - arm-trusted-firmware/include/drivers/marvell/ccu.h a3de98e4cc085d3cf7d5d52931b5b3623d0a619f - arm-trusted-firmware/include/drivers/marvell/mci.h d7bc8fa93e6253a8b9ef6c39613ea88489703b1f - arm-trusted-firmware/include/drivers/marvell/gwin.h 000c88b50b95ab8b54fed58ab9f840b9bb69e06c - arm-trusted-firmware/include/drivers/marvell/i2c.h 15475b1e40e5c5bddbfabed61f7f24162136b1f7 - arm-trusted-firmware/include/drivers/marvell/amb_adec.h 69f49992d9c55ee0e777a11643d0b52001cb7622 - arm-trusted-firmware/include/drivers/marvell/aro.h 02710fe143b7937c1b4fad8c1e757146513ac135 - arm-trusted-firmware/include/drivers/marvell/io_win.h 2a16f04ed2b2358e61aa3683ec3d1f2b3960dd2b - arm-trusted-firmware/include/drivers/marvell/cache_llc.h fd4a5e7af241c3b0572f5c9e81decf1868f17fb4 - arm-trusted-firmware/include/drivers/marvell/thermal.h 9b00b75ebe2ac0600a4eb5f6e9b76c2c77e19a94 - arm-trusted-firmware/include/drivers/marvell/ap807_clocks_init.h 7f1222ae6a5838bc830b1300ab199a3d42290790 - arm-trusted-firmware/include/drivers/marvell/addr_map.h 6fb4915c93922ffd80c2b7082f5219b13d64a4a9 - arm-trusted-firmware/include/drivers/marvell/iob.h 9fe146fde5aec71f5cc47d07590e1f76602bc9cc - arm-trusted-firmware/include/drivers/marvell/mochi/ap_setup.h 80057d817a90e75ad1e4eab0e4c81c6a62aa3911 - arm-trusted-firmware/include/drivers/marvell/mochi/cp110_setup.h 1bd923068f35229b4648825afdbe2d5ee74ba4fe - arm-trusted-firmware/include/drivers/marvell/uart/a3700_console.h c269f40255323bed655d0c076e5fc771bee91550 - arm-trusted-firmware/include/drivers/arm/cci.h 3c63f525fa4ab772695c59df263364d15f606582 - arm-trusted-firmware/include/drivers/arm/sp804_delay_timer.h 8d3c051e8ba42150549dab299eca67bf73caf21d - arm-trusted-firmware/include/drivers/arm/tzc_common.h 7ca64097543e0475ded88ff1b0c756ea3e68dce4 - arm-trusted-firmware/include/drivers/arm/tzc400.h be5093d8f8d48610060e70ed9a8ee5602ad6739b - arm-trusted-firmware/include/drivers/arm/tzc_dmc620.h cd54a5c35b74beeacb16c618204bb31eaa33126b - arm-trusted-firmware/include/drivers/arm/gic_common.h 93e88fa1b74eaf244a0d0a7346c849ee43adbfee - arm-trusted-firmware/include/drivers/arm/smmu_v3.h cad3fc32b992ec321fb47398d69df28d800ddfda - arm-trusted-firmware/include/drivers/arm/gic600_multichip.h 0f5d3819208e8ad3ef2356f332aceaa4239dd8b3 - arm-trusted-firmware/include/drivers/arm/arm_gicv3_common.h 84502e34dabd2a899d93664cb540910ed8183f7a - arm-trusted-firmware/include/drivers/arm/gicv2.h 23cae352c3c5ae2fd377288763e52e1e46e9903b - arm-trusted-firmware/include/drivers/arm/gicv3.h eb064e58fc5aaf99768b3c9f167e6a369c5d51b2 - arm-trusted-firmware/include/drivers/arm/pl011.h 742d685c4e3046c1a64e99c18d00be7f1f9066fa - arm-trusted-firmware/include/drivers/arm/ethosn.h 2fa5a8cfd7f005b8d48960df0fa9dab5568d8059 - arm-trusted-firmware/include/drivers/arm/dcc.h 1f2f3ae5b2636732d8a2b76e04392deacdc51203 - arm-trusted-firmware/include/drivers/arm/ccn.h c313d8aea2aa56300528293ebb42d4b35d46b18c - arm-trusted-firmware/include/drivers/arm/nic_400.h ea5359158383d2c575b976cf638b586aa030cc49 - arm-trusted-firmware/include/drivers/arm/gic600ae_fmu.h 0282c52c2cf6a737b53c9bcebcd089c5bf35ab24 - arm-trusted-firmware/include/drivers/arm/tzc_dmc500.h 8971a6e6b857b7b1e6544d6c3c9a52ca567a9e11 - arm-trusted-firmware/include/drivers/arm/scu.h ea619e78dc1630857e7bca57a8fb64b7d45583ba - arm-trusted-firmware/include/drivers/arm/pl061_gpio.h dcca36bec1c965c6413ab49729c23a771108058e - arm-trusted-firmware/include/drivers/arm/sbsa.h abaea50a4f3861dfaa3f55cba235dc00114b68f4 - arm-trusted-firmware/include/drivers/arm/sp805.h 3d28678861c6be73909a9fafa1e03dc8bed75dd5 - arm-trusted-firmware/include/drivers/arm/dsu.h f18d30ed876fb854340d329c32144778921ba136 - arm-trusted-firmware/include/drivers/arm/tzc380.h 749ed7a2a602879315a2a407faa53d9fcc6f4242 - arm-trusted-firmware/include/drivers/arm/fvp/fvp_pwrc.h 7d87f35690f4d41b9739eb995465900a8070b7d9 - arm-trusted-firmware/include/drivers/arm/cryptocell/cc_rotpk.h bf88a456fd40edb9bb68b2450d6251cda06f2465 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_sec_defs.h a8d2ea546937a35c7f822dd9e1a7e8eb3fd4438f - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_boot_defs.h 93088698293330d0f56eaabb73e01615b19fed64 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_pka_hw_plat_defs.h b69f3dd73cff9fd442b44ed25f2edbb0bc3baa5f - arm-trusted-firmware/include/drivers/arm/cryptocell/713/bsv_api.h 5ff025817e96abd32dab9c26c2d10d5116b211f8 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/bsv_crypto_api.h fb12a0265111fe6f1b941f06d20f54b9439c689a - arm-trusted-firmware/include/drivers/arm/cryptocell/713/bsv_error.h a182cb9bf34d396f46abd93062d06ce6ee8889c1 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_address_defs.h f48f4abf712cac68d01844cb146aa3c6e787e97c - arm-trusted-firmware/include/drivers/arm/cryptocell/713/bsv_crypto_defs.h a9419e34fbc18ae5da0ef1566f5febc0cf829211 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_pal_types.h 513b5a19f2f0b580cf670eca60e57e793cac539f - arm-trusted-firmware/include/drivers/arm/cryptocell/713/bsv_crypto_asym_api.h 13f5321936540bd85461ffa7ef611ca5d4082977 - arm-trusted-firmware/include/drivers/arm/cryptocell/713/cc_pal_types_plat.h 5d04efda071e5940b11e2d270b3dae82a55dc93d - arm-trusted-firmware/include/drivers/arm/cryptocell/712/cc_sec_defs.h 49417191c51d1d9274572285c8ba5a8c8146e57f - arm-trusted-firmware/include/drivers/arm/cryptocell/712/nvm.h 6e4f8a88b84a4ce3b762b6c7f14ac5fec8744012 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/secureboot_gen_defs.h d82ceff72eee2f6f805404b84357273d1eb09561 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/sbrom_bsv_api.h 3ffecadd4db08d4069780170baac205025ed7194 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/rsa.h 10652996fa07e69877d9fb73449f7ab46d59ffa3 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/util.h c55427770d64593e3cf15b3ed93e6488363b575d - arm-trusted-firmware/include/drivers/arm/cryptocell/712/cc_pal_types.h e610cb68e48f78caf111024d142af863b6398636 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/crypto_driver.h e14a50e8d5c68b36920485b6db04f106817437e3 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/cc_crypto_boot_defs.h 4639b7108f03bef1a92e980f8ee8eff03be1d869 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/secureboot_base_func.h d73a1ca5bfea93a55e5c13b2b3f2051e3c0d7c12 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/cc_pal_types_plat.h fc07b65f9cc014a0b1524b0068e8beccf88374cc - arm-trusted-firmware/include/drivers/arm/cryptocell/712/cc_pal_sb_plat.h 260990d658ffc91bafbece3081bb60c30618fa38 - arm-trusted-firmware/include/drivers/arm/cryptocell/712/nvm_otp.h fdc34a2731639423ad5caeb5261f3207a4183cb1 - arm-trusted-firmware/include/drivers/arm/css/css_mhu.h faa54f13bf1956078c447ae298b4696adc11ec16 - arm-trusted-firmware/include/drivers/arm/css/css_mhu_doorbell.h 644885f6d536f0b9fecf9b19db5324cebdb1cd00 - arm-trusted-firmware/include/drivers/arm/css/scmi.h 2199dceebbe76121f35942566cde95a239340491 - arm-trusted-firmware/include/drivers/arm/css/sds.h c4e97cf187b8de349d494ab89ca4f5c1a83aadc7 - arm-trusted-firmware/include/drivers/arm/css/css_scpi.h cb3a4608dbc689332bbeee2134f523d78ea6fcb8 - arm-trusted-firmware/include/drivers/arm/css/css_scp.h bd4bb47e71397b065ce00f2af2e6c24b3a8e1d45 - arm-trusted-firmware/include/drivers/partition/efi.h 53d9f7bd2b149b510835abe889d7520b7f40b916 - arm-trusted-firmware/include/drivers/partition/gpt.h 1c27aa6ecf64d9c63f2e200bb4b4f34c1493e6b4 - arm-trusted-firmware/include/drivers/partition/mbr.h 526e7a59fda5b797d17357c6594325b695dae294 - arm-trusted-firmware/include/drivers/partition/partition.h 21f2b4221f273c0afed79420c75126131f6cbd5a - arm-trusted-firmware/include/drivers/auth/tbbr_cot_common.h 487e2e7025ad4207cb2dc1e52045c91796c5f00d - arm-trusted-firmware/include/drivers/auth/auth_mod.h 125b1a75a3651ff04f7dd19ba665ccb6846f3a0b - arm-trusted-firmware/include/drivers/auth/auth_common.h 2a6f91687b0799d7e9d7d79ea9480d7b0f57c185 - arm-trusted-firmware/include/drivers/auth/crypto_mod.h c7235a5c0dc2db938ba5586b4a94294d0c1cef98 - arm-trusted-firmware/include/drivers/auth/img_parser_mod.h 8990234b68caadc3262242514364a5e4326b0c2f - arm-trusted-firmware/include/drivers/auth/mbedtls/mbedtls_common.h 317b0bab814dd8e2cce909a57a2c8be90b0f5273 - arm-trusted-firmware/include/drivers/auth/mbedtls/mbedtls_config.h 8d5bb836b8836f486476f20753a83ca09d64567e - arm-trusted-firmware/include/drivers/coreboot/cbmem_console.h 04830d2bd9eaac4d5ab2cf414e66ae7439c3832d - arm-trusted-firmware/include/drivers/cfi/v2m_flash.h 6092827f0eb5f3c784b6a1da04df8d26918b01c5 - arm-trusted-firmware/include/drivers/renesas/rcar/console/console.h 56618eda200d872addc06447897a8b7ec619ffb8 - arm-trusted-firmware/include/drivers/nxp/pmu/pmu.h 69289264b7a28a5ce23aa04ce828d8b4af255860 - arm-trusted-firmware/include/drivers/nxp/flexspi/xspi_error_codes.h 7989591e2a2162069486ebab7e2728208c51b5c2 - arm-trusted-firmware/include/drivers/nxp/flexspi/fspi_api.h ce837ddd809c0d8f381cefc82d212e9a1a20209b - arm-trusted-firmware/include/drivers/nxp/flexspi/flash_info.h d0fc8c7cc714365c4b36dc3b12083432b0173dd3 - arm-trusted-firmware/include/drivers/nxp/ddr/immap.h 190e1845f17fd2f9c9e7fdcb31f62f22735c2401 - arm-trusted-firmware/include/drivers/nxp/ddr/ddr.h 2b66abb34254db06ee8c88f5e0596c908b2d2026 - arm-trusted-firmware/include/drivers/nxp/ddr/utility.h 90e8213c057c2449b5ba645b49e85458c0dc2e43 - arm-trusted-firmware/include/drivers/nxp/ddr/dimm.h f76687e9c42877c6684b9f0f42809be11e898f2e - arm-trusted-firmware/include/drivers/nxp/ddr/opts.h a38ba636dc7402ba5f0f12fac9db9813190a8c39 - arm-trusted-firmware/include/drivers/nxp/ddr/regs.h 3b20fa259fde3f160db7996e9571edfc5ab34bc5 - arm-trusted-firmware/include/drivers/nxp/ddr/ddr_io.h d8d9fce57d178fdfd41f5be63879bfa85d2e2e15 - arm-trusted-firmware/include/drivers/nxp/ddr/fsl-mmdc/fsl_mmdc.h b0e9643a90314ef89452944214806403f53b7b54 - arm-trusted-firmware/include/drivers/nxp/tzc/plat_tzc400.h 225ffbb6a71c970da33f40390a7828768770c824 - arm-trusted-firmware/include/drivers/nxp/tzc/plat_tzc380.h cd9ce08e3ca357e9ac083fd384e2ffd154288032 - arm-trusted-firmware/include/drivers/nxp/ifc/ifc_nand.h 7f0601b767be7522d2b3b053924b860224900737 - arm-trusted-firmware/include/drivers/nxp/ifc/ifc_nor.h 46896393ac73e49d174031ad9db2b897a5a53cd5 - arm-trusted-firmware/include/drivers/nxp/timer/nxp_timer.h e81281948e932f6635309e0cc817672144dd5cc1 - arm-trusted-firmware/include/drivers/nxp/dcfg/scfg.h 95b4d87dfcfc29bdf2b6cd0bbb06749112243507 - arm-trusted-firmware/include/drivers/nxp/dcfg/dcfg_lsch3.h 060901911b3564bae52c8476be0a91ea019b2283 - arm-trusted-firmware/include/drivers/nxp/dcfg/dcfg_lsch2.h 99694a5f2e9c541d163aa4fc3bae8f07cdd32b4c - arm-trusted-firmware/include/drivers/nxp/dcfg/dcfg.h 2388bdc4442c2695122e844d49738f95b18a84cf - arm-trusted-firmware/include/drivers/nxp/csu/csu.h 3d4947f956585eb9cfe3b8245ad4c1749cdc72b1 - arm-trusted-firmware/include/drivers/nxp/sec_mon/snvs.h be8a6b00a6db26fef151d90020cd12c856e4cacd - arm-trusted-firmware/include/drivers/nxp/i2c/i2c.h ccb0701fec1000c00375edbf0318bdce6617b109 - arm-trusted-firmware/include/drivers/nxp/smmu/nxp_smmu.h 4453a2af06ed170ae6c69f42b415c69314fd3d9b - arm-trusted-firmware/include/drivers/nxp/auth/csf_hdr_parser/csf_hdr.h 3584254639e10b77ffd6ccf07f7a59923b337ffe - arm-trusted-firmware/include/drivers/nxp/sfp/sfp_error_codes.h f75c54f08edcc8069804184e40a6d8a74d3d1b42 - arm-trusted-firmware/include/drivers/nxp/sfp/sfp.h b6baa4f2facaae8fcb1873db219796f86e62cbbf - arm-trusted-firmware/include/drivers/nxp/sfp/fuse_prov.h 07aabe0c38fbe8ae82313542589e8b6013f0a704 - arm-trusted-firmware/include/drivers/nxp/qspi/qspi.h 26748e486ff05a3ed33d842cba65e4fecc362aae - arm-trusted-firmware/include/drivers/nxp/gpio/nxp_gpio.h 91adf35b394ad394248624343b9c5b19fa0c2b09 - arm-trusted-firmware/include/drivers/nxp/crypto/caam/jobdesc.h 460f93da77ff4c52f61d06eca41dc83c56a92b6d - arm-trusted-firmware/include/drivers/nxp/crypto/caam/rsa.h fc12ffe1d77603728f2c875a296218ae6cddb095 - arm-trusted-firmware/include/drivers/nxp/crypto/caam/caam_io.h 2c95c38a7f65a3ef7eb3992c7136879ef75e4c7a - arm-trusted-firmware/include/drivers/nxp/crypto/caam/caam.h bf836adf23266f3749b5e68af59a31d0ac0ea00a - arm-trusted-firmware/include/drivers/nxp/crypto/caam/jr_driver_config.h 66189a3d70ccfb57441e34458abfc9cd72c29d19 - arm-trusted-firmware/include/drivers/nxp/crypto/caam/sec_hw_specific.h 57d421cf90453e8aa05285508bc43ed0e325a7a7 - arm-trusted-firmware/include/drivers/nxp/crypto/caam/hash.h 8308e3c4607508799254cc82d52ec5d4aba905e2 - arm-trusted-firmware/include/drivers/nxp/crypto/caam/sec_jr_driver.h 141c6ec9750c86044338eb19ee622331b9a6c0d8 - arm-trusted-firmware/include/drivers/nxp/gic/gicv2/plat_gic.h 3e33fa498602a762c87ce6d18b27e00fd4d9e153 - arm-trusted-firmware/include/drivers/nxp/gic/gicv3/plat_gic.h eb200bcc06472d689f3a7419f0710c4c3d8ce0c5 - arm-trusted-firmware/include/drivers/nxp/interconnect/ls_interconnect.h 4229b536f33d8f4775076953d8c91ea47ad378a5 - arm-trusted-firmware/include/drivers/nxp/console/plat_console.h aabedc9062342279b677c72861038190cfa65939 - arm-trusted-firmware/include/drivers/nxp/sd/sd_mmc.h ddd09be972db2607bb424326a6c8fbb441dbfec2 - arm-trusted-firmware/include/drivers/rambus/trng_ip_76.h 53e733abf11ec08954e5e64474973896323d428b - arm-trusted-firmware/include/services/arm_arch_svc.h d02d80eef605a92cc293597811496a9801e4761b - arm-trusted-firmware/include/services/rmmd_svc.h 30872b92c4859ac9f8e3a28f996c947b74edbb61 - arm-trusted-firmware/include/services/spmd_svc.h eda413e9067c54fd7cb0718642eb3cb770fb5c79 - arm-trusted-firmware/include/services/ffa_svc.h 583482e243ae52386041c084650c8579a1f113ab - arm-trusted-firmware/include/services/std_svc.h 18b02402ab43e28399a4a595544148f960b65c9c - arm-trusted-firmware/include/services/sdei.h 3b7a4c6d6c8ce3c42694e589dd7dd5d4ed7a4ced - arm-trusted-firmware/include/services/spm_mm_svc.h bd59ae9370224873185cfa4dfc1459db223f86d3 - arm-trusted-firmware/include/services/spm_core_manifest.h d3bd4cf8e1c91ab4b8019456b7e19c3fd4675567 - arm-trusted-firmware/include/services/spm_mm_partition.h f9e8e6beb1285dc1b188488dc9a217ba805b04e1 - arm-trusted-firmware/include/services/pci_svc.h 6b3525de0de5c707191677733b6c49dba80eed96 - arm-trusted-firmware/include/services/sdei_flags.h 5d3f25945b7e037c8732ee7c4702366e6ceef5a0 - arm-trusted-firmware/include/services/trng_svc.h 1f0f251429978e8646a05d91d3f3263364aac596 - arm-trusted-firmware/include/services/trp/platform_trp.h e1699b761cd12de148f701d78db5c24eb3aa7251 - arm-trusted-firmware/include/export/README 5091c9e14c49f9799bc9985442295e882a14d3b0 - arm-trusted-firmware/include/export/lib/utils_def_exp.h 72b925e2450734e1991799db8cc30f6a8609462a - arm-trusted-firmware/include/export/lib/bl_aux_params/bl_aux_params_exp.h 60669a2cabdf40b63773d538d47861c1a584f800 - arm-trusted-firmware/include/export/common/param_header_exp.h 91e15bef63bb89bfd921b4d01d17b37dbeff291b - arm-trusted-firmware/include/export/common/bl_common_exp.h 45ecabce41da084db92b27dd88e6e89f30506036 - arm-trusted-firmware/include/export/common/ep_info_exp.h c2a9a69314ba3b3f2369c8c876b39d8acda1b018 - arm-trusted-firmware/include/export/common/tbbr/tbbr_img_def_exp.h 9367cefce0520648ccdaad1fe3a402422becdf55 - arm-trusted-firmware/include/export/drivers/gpio_exp.h dcd0ca426668c19ab921df2fefbf2d83ca5afdd8 - arm-trusted-firmware/include/export/plat/rockchip/common/plat_params_exp.h 9bb9fdc2ec0963a6cbbd0188ae70e368e67755f2 - arm-trusted-firmware/include/export/plat/mediatek/common/plat_params_exp.h 6d533c4b5b87dfa62fc19f93ea9a2a7d91fa7e0a - arm-trusted-firmware/include/bl31/interrupt_mgmt.h b296aa0c1c6575bc1a961fcbf21420aa5e6c0d3b - arm-trusted-firmware/include/bl31/bl31.h 40a0dcdf3add2805bf312c4548d2ee377fc8e4db - arm-trusted-firmware/include/bl31/ehf.h 89971e627f1aaad3902b29c72eef83520766be40 - arm-trusted-firmware/include/bl31/ea_handle.h d7f8e1c595627094eb1807e5f15cbb7674cb02d5 - arm-trusted-firmware/include/plat/brcm/common/bcm_console.h 5d91bb2b767050d467d072d4e6d7036d8c71d06a - arm-trusted-firmware/include/plat/brcm/common/bcm_elog.h 0ad5bfa2837c10aafe72e696c238db4ebd82794f - arm-trusted-firmware/include/plat/brcm/common/plat_brcm.h e639b2614ce8c77a52995ee2da45fe54fbb8dc2e - arm-trusted-firmware/include/plat/brcm/common/brcm_def.h c53ee85e00ac16a676b82b8903e11ab23a0818cd - arm-trusted-firmware/include/plat/common/platform.h ec1ba9f6e5e5199a8174963440c8673120fd65e0 - arm-trusted-firmware/include/plat/common/common_def.h 9cd1950e6a5ff8b2dcd0143c1dfe498c7804a1f0 - arm-trusted-firmware/include/plat/common/plat_trng.h 9dd486928223e599a25bc6f13b414fc57c242b36 - arm-trusted-firmware/include/plat/marvell/armada/common/marvell_pm.h 8cdfa6f8ca1d681ba760da2fe49c8f365ef0dcbe - arm-trusted-firmware/include/plat/marvell/armada/common/marvell_plat_priv.h dc4318dff472842b4c63c7b87f23c3688def3c5a - arm-trusted-firmware/include/plat/marvell/armada/common/mvebu.h b7faf2c71aa5d9ab793eadfeb28cd9effe284930 - arm-trusted-firmware/include/plat/marvell/armada/common/aarch64/marvell_macros.S e2d034b7bbecdf28360fcf107159eae0bf87de48 - arm-trusted-firmware/include/plat/marvell/armada/common/aarch64/cci_macros.S 48923d6fcb9d9e02790b158b5eaf6edb34db109d - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/efuse_def.h 36e0657b50b40ad54b3ef6b8b6848377fa423ee2 - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/marvell_def.h 79fec062b150f074e53c3a4b1987aea42e5a4eff - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/board_marvell_def.h 6e72bb219cdd7c32b97b3df3a2fd695dab5d6fc4 - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/plat_pm_trace.h 8d91b9ddc816f6cc8b89cdde08ef32b86e76f779 - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/plat_marvell.h 5eb5b60a95f1d5821d119a38a870719cd6345ca8 - arm-trusted-firmware/include/plat/marvell/armada/a8k/common/armada_common.h 98c1515593c3e784076edd107c7aa20f26d00900 - arm-trusted-firmware/include/plat/marvell/armada/a3k/common/marvell_def.h 71dfe89c5f0b7453c5e1af8a81c440aea8ecb34b - arm-trusted-firmware/include/plat/marvell/armada/a3k/common/board_marvell_def.h 618289fd2c98548dbc401a283df9d3c6386ce002 - arm-trusted-firmware/include/plat/marvell/armada/a3k/common/plat_marvell.h e6b0db0b8079bfb25c6c3257a0bc6403591a354f - arm-trusted-firmware/include/plat/marvell/armada/a3k/common/armada_common.h b6516d7703c189ab60f935aae9db8c643bb2d84b - arm-trusted-firmware/include/plat/arm/common/plat_arm.h eb2f94f2fc7e75343b6ebf27607b356ad90cdb7f - arm-trusted-firmware/include/plat/arm/common/arm_fconf_getter.h 9437b8c5d8cf84ec02a69c03b1658cfe00ce9a70 - arm-trusted-firmware/include/plat/arm/common/arm_tzc_dram.ld.S 62a021ac07cc197af73c3a77f81b2e3c269b7cb0 - arm-trusted-firmware/include/plat/arm/common/fconf_ethosn_getter.h 76e5f8f29adea5aef863105a24eb9d29d8be3952 - arm-trusted-firmware/include/plat/arm/common/arm_def.h 971368d067997c8cf7b990346646cedab7fb9189 - arm-trusted-firmware/include/plat/arm/common/fconf_nv_cntr_getter.h 1fd41daca5740b134bd9df3d981f66ab2fea4f52 - arm-trusted-firmware/include/plat/arm/common/arm_reclaim_init.ld.S 44ce8058a0b197c5c89e419bcebc0ddcd8434c36 - arm-trusted-firmware/include/plat/arm/common/arm_spm_def.h bcb4189176bf949ae7ccbb1fb72c9d29b366f7e4 - arm-trusted-firmware/include/plat/arm/common/arm_pas_def.h 36a2614776249ab76e9c86d1f08fd0057bab8263 - arm-trusted-firmware/include/plat/arm/common/arm_config.h 32a205b639eaf056873e852af9f2f925782878ef - arm-trusted-firmware/include/plat/arm/common/fconf_arm_sp_getter.h 0afd9c0926d88821488dcd5686914fd1ccee3763 - arm-trusted-firmware/include/plat/arm/common/fconf_sdei_getter.h b9070936733be0fa95be33772381b15e63ef79b2 - arm-trusted-firmware/include/plat/arm/common/arm_sip_svc.h fdc727288dd453b4dcf18b744fc052a039bed405 - arm-trusted-firmware/include/plat/arm/common/arm_dyn_cfg_helpers.h 88fe915ca8ec7f1f3499a57f534e1396c6b7c98e - arm-trusted-firmware/include/plat/arm/common/smccc_def.h f0fb541bb623a169168129c94b788f2a409ffb5b - arm-trusted-firmware/include/plat/arm/common/fconf_sec_intr_config.h 85db4d68c709e11a4b63da0a434f5aeeef2aadec - arm-trusted-firmware/include/plat/arm/common/arm_fconf_io_storage.h 3bb163e8411b70a5b6f5913631e64392b3154151 - arm-trusted-firmware/include/plat/arm/common/aarch64/arm_macros.S 657f1176fd4f82dc1155d86438b6fbf624d2747a - arm-trusted-firmware/include/plat/arm/common/aarch64/cci_macros.S fe0efb2292b7b971908fcd44d634894276a51f1c - arm-trusted-firmware/include/plat/arm/board/common/v2m_def.h 81ed90e8c99ac6343426728d9299d8ad48305d39 - arm-trusted-firmware/include/plat/arm/board/common/board_css_def.h 40577c7bc2464cf873f1f2708e2db8112b51374f - arm-trusted-firmware/include/plat/arm/board/fvp_r/fvp_r_bl1.h 68405ab09471b8d13fcf6f7e2b8f07a8012d11b8 - arm-trusted-firmware/include/plat/arm/css/common/css_pm.h 0081d14a9dd87bdab5919da6391eb2275fa7e94a - arm-trusted-firmware/include/plat/arm/css/common/css_def.h 406bbb095f6bf7f140e7814e98b0ea99062ad767 - arm-trusted-firmware/include/plat/arm/css/common/aarch64/css_macros.S a4c302b222e019205abf65fd01745d571d810ce7 - arm-trusted-firmware/include/plat/arm/soc/common/soc_css_def.h 64f1e7c2408515cbabe2321cf6584901213dcf2b - arm-trusted-firmware/include/plat/arm/soc/common/soc_css.h 1fda7d8e566efd28aaedd2f5d1ae43b5bf4d2705 - arm-trusted-firmware/include/tools_share/tbbr_oid.h 5219a8b9ae1ae1722063974c9bedee960cfa351f - arm-trusted-firmware/include/tools_share/sptool.h a628d4b48c67b17cc32449aacf6052a52eea1705 - arm-trusted-firmware/include/tools_share/uuid.h 3e0251958205aa29f860e4627e7f29098e266f1d - arm-trusted-firmware/include/tools_share/firmware_image_package.h b279cf845b5ea6ce93f6563029c2dfbe6f85a541 - arm-trusted-firmware/include/tools_share/firmware_encrypted.h 58d6bf8cd75f220139c010d1d5fb6e0a96d4564a - arm-trusted-firmware/include/tools_share/dualroot_oid.h 11335e71ce700055225b4223bb4218122db63853 - arm-trusted-firmware/include/bl2u/bl2u.h 2953c9cd650429f472333ef0f7cb9ab6c69488c0 - arm-trusted-firmware/include/bl1/bl1.h f3d565fadbf6176b3034b8359d22fa8c03772f95 - arm-trusted-firmware/include/bl1/tbbr/tbbr_img_desc.h 76f24b5df32a33ff953257acc268f140bef007d8 - arm-trusted-firmware/include/bl2/bl2.h 0fc051c6d2c2e54cfe39b37cf1a1f85f883f31e3 - arm-trusted-firmware/drivers/usb/usb_device.c 8e0afaebcd5d1ed41d30457bdb8543f3617640eb - arm-trusted-firmware/drivers/synopsys/emmc/dw_mmc.c 1d5e94fb3b734e7c9eb7b1628230f3d140a8e958 - arm-trusted-firmware/drivers/synopsys/ufs/dw_ufs.c f1d5a7ca46b231b4291d715aa7312bc93c8c8d3c - arm-trusted-firmware/drivers/cadence/uart/aarch64/cdns_console.S bb264060cf147f5fd4feae216d66ad8c9c66f891 - arm-trusted-firmware/drivers/io/io_fip.c 88a6a7b48a8b3da04a2a2bb9d5bcb70f03c372d3 - arm-trusted-firmware/drivers/io/io_encrypted.c 78ab979470824d9703736ca6da3735d7c11fcba1 - arm-trusted-firmware/drivers/io/io_mtd.c 78d0bb21fe92f684f28119691c173b36006dbbb5 - arm-trusted-firmware/drivers/io/io_semihosting.c fe0286bc53aeb4cae686fb9d63d9ffe2283cf119 - arm-trusted-firmware/drivers/io/io_dummy.c a28c85766eedc583fd38c5f1cb94aa9d5caf8935 - arm-trusted-firmware/drivers/io/io_block.c 858e3130488ef425faa5341098347a0cd446a49d - arm-trusted-firmware/drivers/io/io_memmap.c 2975f82e852f74ac877b00bfa9bcaa8c3baec7e2 - arm-trusted-firmware/drivers/io/io_storage.c 07bb0b5fe46d4ebca6c6e1feee9d8a9e7d83d6a5 - arm-trusted-firmware/drivers/st/usb/stm32mp1_usb.c 27adf1000d6bd7ce04979d79256995a5fbb83b5f - arm-trusted-firmware/drivers/st/io/io_stm32image.c baededfb86b8f337d27173f84b9cc1bac0556f62 - arm-trusted-firmware/drivers/st/io/io_mmc.c a9d894b2465b17dff1217d99ed6752861aadc069 - arm-trusted-firmware/drivers/st/iwdg/stm32_iwdg.c f01b87c2b668e9cc15338565f21d115dbeaf62cc - arm-trusted-firmware/drivers/st/regulator/regulator_fixed.c 1c77b842fc094c883b8e6abc3522e2a5ed4ebb3d - arm-trusted-firmware/drivers/st/regulator/regulator_core.c 6b50346722811da8d96bca6f539f0d5e772d467e - arm-trusted-firmware/drivers/st/reset/stm32mp1_reset.c d45d152334200ea2acdee930619eff5f1fbbfb5a - arm-trusted-firmware/drivers/st/ddr/stm32mp1_ddr.c 5ed9e1be8f844737db535ecd2e049e7d820af601 - arm-trusted-firmware/drivers/st/ddr/stm32mp_ddr_test.c 9e30ea137b7c1d34dfae32a3c5180396f6fa8bb1 - arm-trusted-firmware/drivers/st/ddr/stm32mp1_ram.c f5e59973fc84a601316882610f6aa00a70ec8e1f - arm-trusted-firmware/drivers/st/ddr/stm32mp_ram.c 88fb79719982f0a2687d7f693109e940e3cdba9f - arm-trusted-firmware/drivers/st/ddr/stm32mp1_ddr_helpers.c 4a37a23560ebb26a66cba83a6a77aafee65a783a - arm-trusted-firmware/drivers/st/ddr/stm32mp_ddr.c 76ef733f3d1d7b8a934c301f2e05724663827f36 - arm-trusted-firmware/drivers/st/etzpc/etzpc.c 67125c1a18a170ed78552d01772ae577463e506a - arm-trusted-firmware/drivers/st/uart/stm32_uart.c ab1a40e17764664876964683ffac32bd86def125 - arm-trusted-firmware/drivers/st/uart/aarch32/stm32_console.S 6bf9357dbb7589b0078e1896de5a58f760761979 - arm-trusted-firmware/drivers/st/clk/stm32mp1_clk.c f0d5a528ed1a6d54f39bc84a21586d25029d60b2 - arm-trusted-firmware/drivers/st/clk/clk-stm32mp13.c 09b3e4f32ad36ab93f598fd53971e18cdb4eed9f - arm-trusted-firmware/drivers/st/clk/stm32mp_clkfunc.c abd5092c485b60d2dc6d910618e64227d766ff87 - arm-trusted-firmware/drivers/st/clk/clk-stm32-core.c c8a2a84e6453323aa9b1b1cd2a29c6ad56036b5e - arm-trusted-firmware/drivers/st/clk/clk-stm32-core.h 2f6084a9d8f84bf599746cd3288b02a0d4755d3c - arm-trusted-firmware/drivers/st/bsec/bsec2.c 9d7512560e4e1f8767fd18a115db9ee7ff100448 - arm-trusted-firmware/drivers/st/i2c/stm32_i2c.c 943095f905fcfc655c86f6aca5d3287192546feb - arm-trusted-firmware/drivers/st/spi/stm32_qspi.c 5324162d65037588a526042c0e40fab08cab0e73 - arm-trusted-firmware/drivers/st/gpio/stm32_gpio.c f71262877fdd2511c5cd086021c2af9d763f9ec1 - arm-trusted-firmware/drivers/st/crypto/stm32_hash.c def00bc3c52b54611ea6f11a6f5206cf0b3cc08a - arm-trusted-firmware/drivers/st/fmc/stm32_fmc2_nand.c 31f2612aff5d24d64b3826cbe5c7a9f93ff7eb70 - arm-trusted-firmware/drivers/st/pmic/stm32mp_pmic.c dc5909c790f8267bcb9bbc047b904810550cb78b - arm-trusted-firmware/drivers/st/pmic/stpmic1.c f73a865d9abd49d6a37720d4000b86bc1f6b362c - arm-trusted-firmware/drivers/st/mmc/stm32_sdmmc2.c 53e86084002c599472f206bebfee855f6de44547 - arm-trusted-firmware/drivers/amlogic/crypto/sha_dma.c 4e52ca94a347a31cef85fc1cbbd480490ff065b1 - arm-trusted-firmware/drivers/amlogic/console/aarch64/meson_console.S 366c422651f720b64f0d606e537b12713c405d8e - arm-trusted-firmware/drivers/fwu/fwu.c 9b9a1876a8dd35bdd34baeedd3e531617f4b2e03 - arm-trusted-firmware/drivers/brcm/iproc_gpio.c 99056505e9afb98d0bf6b55cbc9c64814734d610 - arm-trusted-firmware/drivers/brcm/sotp.c 2f55d6018c61491a206aef1e089af2001db52b87 - arm-trusted-firmware/drivers/brcm/rng.c 340b2a1703f14c42abdade167ac06919ec7deed5 - arm-trusted-firmware/drivers/brcm/chimp.c 490663a4660be758e46f4878a43d7cb947b072e0 - arm-trusted-firmware/drivers/brcm/spi_sf.c e8c6d05d166788f91925b45e27853f92f98251e5 - arm-trusted-firmware/drivers/brcm/scp.c df0910b2680c7694f0b75737fda7682a8712fb64 - arm-trusted-firmware/drivers/brcm/spi_flash.c 9156a544c31c11073920be56fe54eb346a8b018b - arm-trusted-firmware/drivers/brcm/ocotp.c 1e16b849ee30029570c17198cc65dd8c232fbd53 - arm-trusted-firmware/drivers/brcm/emmc/emmc_csl_sdcard.c d89024f769cfa2a2d90ab6fb83691b494227d848 - arm-trusted-firmware/drivers/brcm/emmc/emmc_pboot_hal_memory_drv.c a70c96d7324a040b39217a657625b8b369ed65f9 - arm-trusted-firmware/drivers/brcm/emmc/emmc_csl_sdcmd.c f9de2aeddc61d9a8b63a2bb3d10edd5e5459ac61 - arm-trusted-firmware/drivers/brcm/emmc/emmc_chal_sd.c 26f0937fbff1f7b2effe7d035d4e6d2c2a9c463f - arm-trusted-firmware/drivers/brcm/i2c/i2c.c de63fe21caac7ce499c3a244965fca77766a1d19 - arm-trusted-firmware/drivers/brcm/spi/iproc_qspi.h 2dc1c9032a1e64aa390c69bcdf0a42359e402b5a - arm-trusted-firmware/drivers/brcm/spi/iproc_spi.c 653b6a961a19436e1cdba80c2b3b153c1d89a954 - arm-trusted-firmware/drivers/brcm/spi/iproc_qspi.c c9c8847417d95e3ba03ff5c005edbe8a088cee14 - arm-trusted-firmware/drivers/brcm/mdio/mdio.c eefd56420faeb9d836077b23eea175eb7e022871 - arm-trusted-firmware/drivers/mtd/nor/spi_nor.c 47003ec4d5650ecd811ae9fe4404621c369f61c6 - arm-trusted-firmware/drivers/mtd/nand/raw_nand.c 010e3cc7bf5be7ac20119f77ab261bdf528f2d2d - arm-trusted-firmware/drivers/mtd/nand/core.c 122bf5d15d1cdbcad5bee82566c57049e3fc5bb5 - arm-trusted-firmware/drivers/mtd/nand/spi_nand.c 46c3bb0a303498f1a79fd2bc48b1becffddbfd71 - arm-trusted-firmware/drivers/mtd/spi-mem/spi_mem.c b98ff0dbd7f6535bc154869089df5f242b23f799 - arm-trusted-firmware/drivers/ti/uart/aarch64/16550_console.S cf240f037fbcd65fb3db19fb6994d2f4aaaa52f9 - arm-trusted-firmware/drivers/ti/uart/aarch32/16550_console.S 2e8560e1fee7e0d9ba844f802772a8be3e6be7ad - arm-trusted-firmware/drivers/measured_boot/event_log/event_log.c 150bd08bfbcc1de20e05b6d07950021df0a46322 - arm-trusted-firmware/drivers/measured_boot/event_log/event_print.c 5dda361745c9b337192dcd67fc63865e04a3a8a5 - arm-trusted-firmware/drivers/allwinner/sunxi_rsb.c c841aaad58e92f728c90bb7cab1771d2578be18a - arm-trusted-firmware/drivers/allwinner/sunxi_msgbox.c f3f36bb92d56df7e9785cc98f6b13594df6404c0 - arm-trusted-firmware/drivers/allwinner/axp/axp803.c 956dadae6d826687fecfa1b522fd8b5c4fdfc764 - arm-trusted-firmware/drivers/allwinner/axp/axp805.c 304398c75526a767b8b3caaeb5722e41955e9803 - arm-trusted-firmware/drivers/allwinner/axp/common.c 7ff3e84af33c3fcf6ee55936d6400a52d52203b4 - arm-trusted-firmware/drivers/mentor/i2c/mi2cv.c d53b18f9aba437cc5d23117338ddac6edd9ba447 - arm-trusted-firmware/drivers/clk/clk.c 5506b6895fb8d1c468b2bcaeb55a18fba8ecdcff - arm-trusted-firmware/drivers/rpi3/rng/rpi3_rng.c 1529e10e42582df4a41e7632598e85d97dd59ebb - arm-trusted-firmware/drivers/rpi3/mailbox/rpi3_mbox.c ecd654f25b5590f6fd4dfb3c349577da03a78337 - arm-trusted-firmware/drivers/rpi3/sdhost/rpi3_sdhost.c 9383db5e25bb3e3bb240d302eb1e2c81b067f1fd - arm-trusted-firmware/drivers/rpi3/gpio/rpi3_gpio.c e352b30931747ba506a85329d7c6fe69935dd5b0 - arm-trusted-firmware/drivers/marvell/ccu.c d0ef41df34b7a9ed1d587f10727ba0ee57d04c83 - arm-trusted-firmware/drivers/marvell/ddr_phy_access.h c523b2dcff8e39c5cacc416584d42aa530a93315 - arm-trusted-firmware/drivers/marvell/mci.c f00e9719e8be0259cb5e171298f2ffb0d09c4fef - arm-trusted-firmware/drivers/marvell/gwin.c 6dc9f5af1b3c165888d4faae36b6da72adb6faf0 - arm-trusted-firmware/drivers/marvell/cache_llc.c e082e89bfcb90fcea87099285d6eb142fff1f589 - arm-trusted-firmware/drivers/marvell/io_win.c 77e98f136f88749eb01cf7092f9d086cae652384 - arm-trusted-firmware/drivers/marvell/thermal.c b724830f0762dc7701cc9fd88c863c7b53f405c5 - arm-trusted-firmware/drivers/marvell/iob.c a275b56587e6c0c05df6a7985ad0cf0e2216e4f8 - arm-trusted-firmware/drivers/marvell/comphy.h 6256615787b3a1bb1f9b4fc3d64794006722b859 - arm-trusted-firmware/drivers/marvell/ap807_clocks_init.c c8524aa6f76d32913ffaffda10350b753e429b5b - arm-trusted-firmware/drivers/marvell/ddr_phy_access.c 857ba1731ec174905f4cccd68d02bdd3abf08b6e - arm-trusted-firmware/drivers/marvell/amb_adec.c 5a1bf4459a810008901d22e77f2e66c2af4ca7f9 - arm-trusted-firmware/drivers/marvell/secure_dfx_access/dfx.h 12a1ccf32210f9e1106d8d27942f264ab96f58fd - arm-trusted-firmware/drivers/marvell/secure_dfx_access/armada_thermal.c e586fb95d55e301bd75a1db9d6ac7b843f45984f - arm-trusted-firmware/drivers/marvell/secure_dfx_access/misc_dfx.c bb5f60fb041d3fbc6812ce56b8976c686be8105a - arm-trusted-firmware/drivers/marvell/mochi/ap807_setup.c 9a1f55dbc2fc4e8ca97f9af3e7d435f1bddfd83c - arm-trusted-firmware/drivers/marvell/mochi/cp110_setup.c cd9af6970ea49226ec63b2b04d0b06b86d503eae - arm-trusted-firmware/drivers/marvell/mochi/apn806_setup.c 02f2c79a0efffc643c301848b83a26b232291cec - arm-trusted-firmware/drivers/marvell/uart/a3700_console.S 6426cc04f9e4ae36d19a6624130d17fd035ba491 - arm-trusted-firmware/drivers/marvell/mc_trustzone/mc_trustzone.h 282cbabd8ee584e3d6c2657cd202c11bbbf31685 - arm-trusted-firmware/drivers/marvell/mc_trustzone/mc_trustzone.c 1ceb9ca7a78559ee70cb2833d391d99c2ccb3334 - arm-trusted-firmware/drivers/marvell/comphy/phy-comphy-common.h 52740dfd3574268d954c81e6a708c55188bca7e1 - arm-trusted-firmware/drivers/marvell/comphy/comphy-cp110.h 6b20ef2ea4fdeded083ed64a100d2e10cc8c4fdb - arm-trusted-firmware/drivers/marvell/comphy/phy-comphy-3700.c dc409874b01f2f616b65f4f9e8497ba172fb2535 - arm-trusted-firmware/drivers/marvell/comphy/phy-comphy-cp110.c 4fc44238fa459de070b3ffae100986f736c5e3d2 - arm-trusted-firmware/drivers/marvell/comphy/phy-default-porting-layer.h 041d0631d9cb0fe39ee3d1f8d20629d3d2225f86 - arm-trusted-firmware/drivers/marvell/comphy/phy-comphy-3700.h db0bb43d5c002bc3633403571c9e8c06da7c0ead - arm-trusted-firmware/drivers/marvell/comphy/phy-comphy-cp110.h 10ce6fa5d5bbc4205013818f591e235cbcadccd1 - arm-trusted-firmware/drivers/marvell/mg_conf_cm3/mg_conf_cm3.h f89de6e4fae5d6f6d1778f6c5a92d7f25ab403b9 - arm-trusted-firmware/drivers/marvell/mg_conf_cm3/mg_conf_cm3.c 57712978c67a02cb381ba1e9203dc26e762d8b43 - arm-trusted-firmware/drivers/arm/dsu/ppu.c 9cb6b217ac9499219fd1bb05530709e1ed53c3ff - arm-trusted-firmware/drivers/arm/ccn/ccn.c 79f4ef16ca7e0a07b86de03a9a04dcb9c6c3673d - arm-trusted-firmware/drivers/arm/ccn/ccn_private.h a9cab74a3aa9f59289ec4dac11558cb1e6e3c2a4 - arm-trusted-firmware/drivers/arm/cci/cci.c 64e24a32626429bd2dad6a02c91a123b79fe7528 - arm-trusted-firmware/drivers/arm/dcc/dcc_console.c 9697dd84615aa7c7da7ffe22eb0e3a38c6ace390 - arm-trusted-firmware/drivers/arm/sbsa/sbsa.c 668315548e4d6f930b744983a6542e01f81caae2 - arm-trusted-firmware/drivers/arm/fvp/fvp_pwrc.c b2e58e1a761614ee8bb95e48797500fcd9f66c4c - arm-trusted-firmware/drivers/arm/tzc/tzc_dmc500.c 73c05b4fdb011d3783f2f3f3ed7285ca58a63cc9 - arm-trusted-firmware/drivers/arm/tzc/tzc400.c d0a784c19a578becbc821a36080372d78af9b3b5 - arm-trusted-firmware/drivers/arm/tzc/tzc380.c ed924dc3ed7f91ecff8a2e441fa5152d9fe2b9de - arm-trusted-firmware/drivers/arm/tzc/tzc_common_private.h 0e845129705069d3fce0df742ab8d56a7966edbc - arm-trusted-firmware/drivers/arm/tzc/tzc_dmc620.c 1c897f5bd19b9a4c18e905afda282375cbf4f5ba - arm-trusted-firmware/drivers/arm/sp804/sp804_delay_timer.c 9fdd5749ba87bd5ded91306fd6826fa2cf990806 - arm-trusted-firmware/drivers/arm/css/sds/sds_private.h 595853f3864138408a5e5b51034dd366cc9a3b7a - arm-trusted-firmware/drivers/arm/css/sds/sds.c e609accbdf6501d2f83400b84b7690aaa2bca38a - arm-trusted-firmware/drivers/arm/css/sds/aarch64/sds_helpers.S f55aeff6049754049ad1b23958094a7dd255200f - arm-trusted-firmware/drivers/arm/css/sds/aarch32/sds_helpers.S 4faf8ddbac2e8bfc4ab77ba7365ff0c50187a2d4 - arm-trusted-firmware/drivers/arm/css/scp/css_sds.c 80686a47331e2b609be783462ef53eb0ad73279e - arm-trusted-firmware/drivers/arm/css/scp/css_pm_scpi.c cd0ed71ff125804ccf8f2d187005ce075bc2b8e6 - arm-trusted-firmware/drivers/arm/css/scp/css_pm_scmi.c 7aaa9f31ec7c9d36e48fb2d95a6b3895cbef43ae - arm-trusted-firmware/drivers/arm/css/scp/css_bom_bootloader.c 9b45f1ebc9a189e59d1fdade91bde81f2ea110c0 - arm-trusted-firmware/drivers/arm/css/scpi/css_scpi.c 6dfee94cccd0efeaeda770f83e1d10227886d137 - arm-trusted-firmware/drivers/arm/css/mhu/css_mhu.c 4f259f1ca4437445346bfd338702c7c257c31470 - arm-trusted-firmware/drivers/arm/css/mhu/css_mhu_doorbell.c b81d931e597cde97768e39fdad4325133c31b76d - arm-trusted-firmware/drivers/arm/css/scmi/scmi_ap_core_proto.c 50defd7dfa4e38cf230f830fa7e03358ccfcdbb0 - arm-trusted-firmware/drivers/arm/css/scmi/scmi_sys_pwr_proto.c 12e2ef4efff1bfd584d3424cee31bbcbaf0f9a1c - arm-trusted-firmware/drivers/arm/css/scmi/scmi_private.h e76c3b0b1252232e7854b8af9db8a9ce94192cd1 - arm-trusted-firmware/drivers/arm/css/scmi/scmi_pwr_dmn_proto.c 1530ff134d89ce18b2380b7d03828ec84c8eca25 - arm-trusted-firmware/drivers/arm/css/scmi/scmi_common.c e4a68362e5109d4e46f1d720d9b02c8fb20a88c1 - arm-trusted-firmware/drivers/arm/css/scmi/vendor/scmi_sq.h 13cf0f0a02adf3ae0f9e2bdbe493ba7c9b58ddf5 - arm-trusted-firmware/drivers/arm/css/scmi/vendor/scmi_sq.c fcdbc7d1ba6dd59840b82ac787ebf67cf36fe4eb - arm-trusted-firmware/drivers/arm/sp805/sp805.c 1c35b7e5adf1b63d6732729e7c2113d1ea1a74fe - arm-trusted-firmware/drivers/arm/smmu/smmu_v3.c 960e4d083c1d4f31df54f443dbe23554889af0de - arm-trusted-firmware/drivers/arm/pl061/pl061_gpio.c 4d212a96f8ab9a54d15002b53f16df7bcd046e6c - arm-trusted-firmware/drivers/arm/ethosn/ethosn_smc.c 3777989a45b625cf209fc89bcf8a91a468f52a3a - arm-trusted-firmware/drivers/arm/scu/scu.c c0c5af62081f2d6628a6de94cd6a9507723228e3 - arm-trusted-firmware/drivers/arm/pl011/aarch64/pl011_console.S 91c557c46edc8be3bd2e4c2efcf9ef8693a9fc0e - arm-trusted-firmware/drivers/arm/pl011/aarch32/pl011_console.S 28b6eb0d5d5856997722ea707dd42c5ad7448dd1 - arm-trusted-firmware/drivers/arm/gic/common/gic_common_private.h 47db01b738865c987fa5dbb3656b6b1dab2df5d7 - arm-trusted-firmware/drivers/arm/gic/common/gic_common.c 20000ccb435ae8423c5a2294ecb47fd7961e90f2 - arm-trusted-firmware/drivers/arm/gic/v2/gicv2_helpers.c 8f83171e122be92a8d5e4b0c5ecb35e4918ead83 - arm-trusted-firmware/drivers/arm/gic/v2/gicv2_private.h ff4e151fab3e5a027139f8ccb78ada694380998a - arm-trusted-firmware/drivers/arm/gic/v2/gicv2_main.c 0325f0421798955c9df7f963bd6f917152f3f9fc - arm-trusted-firmware/drivers/arm/gic/v2/gicdv2_helpers.c 73bb04bd3b4d9fbaec23c129c93b2e89e276c7d5 - arm-trusted-firmware/drivers/arm/gic/v3/gicrv3_helpers.c 702d95a03697ab01bc50559d686681042cec6d16 - arm-trusted-firmware/drivers/arm/gic/v3/gic600_multichip.c 209b5b0ef79ee3104941281500febec4c3fa7e19 - arm-trusted-firmware/drivers/arm/gic/v3/gic600_multichip_private.h 1b9888584629f7d2bc9379be5294ff21dd7cf240 - arm-trusted-firmware/drivers/arm/gic/v3/gic600ae_fmu_helpers.c 40a6d56cd9675136db1659b7b45c5ff8c919793e - arm-trusted-firmware/drivers/arm/gic/v3/gicv3_private.h dce046c95b41b14df9edd7678263c9ffc64f6697 - arm-trusted-firmware/drivers/arm/gic/v3/gic-x00.c d6c6dda421cd11c62d7cca73f2b76e30ca21d37a - arm-trusted-firmware/drivers/arm/gic/v3/gicv3_helpers.c 0cdfd59744b1db36c123258d6ed80a21b369e0cc - arm-trusted-firmware/drivers/arm/gic/v3/arm_gicv3_common.c 2f6133c16287ae451bd19aacf3a49e086d8fb119 - arm-trusted-firmware/drivers/arm/gic/v3/gicv3_main.c 736cd9f59b4b2ae65ddc093bd132bea8ace60805 - arm-trusted-firmware/drivers/arm/gic/v3/gicdv3_helpers.c 457472881d1edadb4da2a64ec3252636e576b054 - arm-trusted-firmware/drivers/arm/gic/v3/gic600ae_fmu.c 20129a454f6019ae086f0fc760ccbe6441c75105 - arm-trusted-firmware/drivers/scmi-msg/clock.c 51f712caca20f1532dbd7a569fab515695f574f9 - arm-trusted-firmware/drivers/scmi-msg/reset_domain.c 0f8a382f7d1dc362cfb9bf7d2a7189987b1bd9f4 - arm-trusted-firmware/drivers/scmi-msg/entry.c 6854b6e16a5d00e32471a842ac82a42307f4fd25 - arm-trusted-firmware/drivers/scmi-msg/reset_domain.h 5d761434daa9ee97981a3e3264d4196b1b9710f7 - arm-trusted-firmware/drivers/scmi-msg/base.c 9a06fcf18608dead4701ec10a63da3ace748fe3d - arm-trusted-firmware/drivers/scmi-msg/smt.c ed00d8b9bd19e5b6e1f8ecd2721a613d1a9043ef - arm-trusted-firmware/drivers/scmi-msg/power_domain.c d0830b0dd0dcad2627d7e25042e0b04f9172507d - arm-trusted-firmware/drivers/scmi-msg/common.h 6494de9c4e6d28e03514a090db2224f8b96327ba - arm-trusted-firmware/drivers/scmi-msg/power_domain.h 3793e73034176c719a8160e57d2216f834867aea - arm-trusted-firmware/drivers/scmi-msg/base.h a9219fa6261f43e472c7b1655189ae66022de0e2 - arm-trusted-firmware/drivers/scmi-msg/clock.h 05e51189eff0f94ffa7616efa4a5cd4c11a90a81 - arm-trusted-firmware/drivers/partition/gpt.c e5c3d888d354f7edd20c09b85d55293a3302d4ad - arm-trusted-firmware/drivers/partition/partition.c bf6cd6123996ffba448042a934561a9845514132 - arm-trusted-firmware/drivers/imx/uart/imx_uart.h 2b9b4163928ad22b375942df6a419ac25791d15b - arm-trusted-firmware/drivers/imx/uart/imx_crash_uart.S 30ead9b9f8c8e8a0d0443291726c90dcc10f24ef - arm-trusted-firmware/drivers/imx/uart/imx_uart.c e7fdf9ac8aa8e62e2b82e935887ea9fa71277e50 - arm-trusted-firmware/drivers/imx/timer/imx_gpt.c b0d5b078d9666eb577b6d96327526056a9c5ff46 - arm-trusted-firmware/drivers/imx/timer/imx_gpt.h 11d6bed45c0c1633f53d1a14e935db95a494322d - arm-trusted-firmware/drivers/imx/usdhc/imx_usdhc.h d92351086a1b0b0b82cfa7bab9e352d5725339d7 - arm-trusted-firmware/drivers/imx/usdhc/imx_usdhc.c 639d42262958e84f1bd83a574ec62649802513a1 - arm-trusted-firmware/drivers/auth/img_parser_mod.c a7feb170a20eb5ee10c9d197dc0097785f67943b - arm-trusted-firmware/drivers/auth/crypto_mod.c c16134fe5a7698bda76781fff2f959b23e9effe3 - arm-trusted-firmware/drivers/auth/auth_mod.c bb94b0069937941cd0d158f609df28bc66e7f7df - arm-trusted-firmware/drivers/auth/mbedtls/mbedtls_crypto.c aa57938a1ca87b1c2d69b27e2cb210dd52b72f92 - arm-trusted-firmware/drivers/auth/mbedtls/mbedtls_common.c ca516c7a1c11d4ea7d2a36636ad140645e6b3ef0 - arm-trusted-firmware/drivers/auth/mbedtls/mbedtls_x509_parser.c 6e817c6fdbf62d3e636fe69752f1f0bb9281c3a8 - arm-trusted-firmware/drivers/auth/cryptocell/713/cryptocell_plat_helpers.c 07632d2568b5990250c7539319c93e9b64c05004 - arm-trusted-firmware/drivers/auth/cryptocell/713/cryptocell_crypto.c 0931c7209af239bcc95387de431d932bf01175ec - arm-trusted-firmware/drivers/auth/cryptocell/712/cryptocell_plat_helpers.c 1527e9ad692eabc3e379a8f7f0a4eecc68b9f9bb - arm-trusted-firmware/drivers/auth/cryptocell/712/cryptocell_crypto.c fbcbbd0aa417147f5e544e91c47edef162f6aa41 - arm-trusted-firmware/drivers/auth/tbbr/tbbr_cot_common.c 62b38ec608a3b1763bbd31827be93360dc10c4d3 - arm-trusted-firmware/drivers/auth/tbbr/tbbr_cot_bl2.c 98690b7915852b4a6a1950623e848b467186a09e - arm-trusted-firmware/drivers/auth/tbbr/tbbr_cot_bl1_r64.c efedb0eaa10e440edf6b73b4b2df6a6d164066da - arm-trusted-firmware/drivers/auth/tbbr/tbbr_cot_bl1.c ea1ff4dd6466dd5bba2280092f7ad0037f0e3791 - arm-trusted-firmware/drivers/auth/dualroot/cot.c c83fb1312ae05c6e624572806f085c6919f189af - arm-trusted-firmware/drivers/coreboot/cbmem_console/aarch64/cbmem_console.S 5bf3028d91229a2bab7d9be2fbf3db5b63dbdac5 - arm-trusted-firmware/drivers/cfi/v2m/v2m_flash.c d4b40e69b2bea69f35d8d12ed25d623c4bafc89e - arm-trusted-firmware/drivers/renesas/common/pfc_regs.h 96023687d119cdc2a88f0f96847b71070be44d0e - arm-trusted-firmware/drivers/renesas/common/common.c eb5eaa562bc901bbcea6e5e722e629a4ffe14fa3 - arm-trusted-firmware/drivers/renesas/common/ddr_regs.h b31c95edffddbecf9d51e7ba6d57f59b07381718 - arm-trusted-firmware/drivers/renesas/common/qos_reg.h 197394f4b9c3387bbbe8ade40aed6fd5ba67cd49 - arm-trusted-firmware/drivers/renesas/common/iic_dvfs/iic_dvfs.c 81389d507ab4f6c15c8302b9d4a550e929350170 - arm-trusted-firmware/drivers/renesas/common/iic_dvfs/iic_dvfs.h cc69cc1cdbf38f685bfb8c4e843841fc12c17072 - arm-trusted-firmware/drivers/renesas/common/io/io_private.h ff8a273a7c0157436d3d58824bb0822c1e4c8880 - arm-trusted-firmware/drivers/renesas/common/io/io_emmcdrv.c 94592c6b00d8f46906214144913018912da2cdb1 - arm-trusted-firmware/drivers/renesas/common/io/io_emmcdrv.h 7c0cd66835bf24e2086572d390e9e42847b2cc7c - arm-trusted-firmware/drivers/renesas/common/io/io_rcar.h 4c9c3edfff804648e78fdb6173511fedc8d655c9 - arm-trusted-firmware/drivers/renesas/common/io/io_rcar.c 2a9a321a7d2d3f302f63914ea61c0b24ef77ae46 - arm-trusted-firmware/drivers/renesas/common/io/io_memdrv.c 7e6776a062962247d7356aa2a4e3db30e8ec9a35 - arm-trusted-firmware/drivers/renesas/common/io/io_common.h d954a56fdaa915b42433e7f02b933ff5a7f4d553 - arm-trusted-firmware/drivers/renesas/common/io/io_memdrv.h 9c78d4764ec4942f586af7e70fa2906b79718e72 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_def.h e38e56acce60e8f8ba79bf52ebdccbfbb84e60e7 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_utility.c 7526f3b1661670d99bae978d76b826697f8eafcc - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_registers.h d18f211fb0f471b7b72797133ccf3a89ff3fe561 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_mount.c 53d888462033b6fd9f510352b7ef5a997db98215 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_std.h e3d0fe455add19648ab1dab17abbf8a036851187 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_read.c ae1066faf4581bdf2b74fc79c6880b4541c50262 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_hal.h b95edfb86992c01b146085a6a3a6fa260f62cfb1 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_config.h da6c00a918a45fb21f34a94a1153a619126f856e - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_init.c 1f0175831d01e9a83091abf339b764707fa15732 - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_interrupt.c 1806c4fed1e8009245193be345f42a0bc99a88ff - arm-trusted-firmware/drivers/renesas/common/emmc/emmc_cmd.c 3567bb0ce5e977a1fe4ee5a8fed4db8dc67ccca3 - arm-trusted-firmware/drivers/renesas/common/ddr/dram_sub_func.h bbe9ec354aa9a66731a4a68b1214e7c88433e78e - arm-trusted-firmware/drivers/renesas/common/ddr/boot_init_dram.h f6092db4bdf15b55332ebf36fb13af42ee1b8f8e - arm-trusted-firmware/drivers/renesas/common/ddr/dram_sub_func.c b5212a79f0a8c1abb0c5088b5730968747253bd9 - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_a/ddr_init_v3m.c 55a51a3127d0a24e084fc5ad73c0ddc5d5b2fe3b - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_a/boot_init_dram_regdef.h 24c58c71c66617770ef83cfba554a31128de8f35 - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_a/ddr_init_d3.c f5798c0927729a362f779e583438e52a2da51faf - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_a/ddr_init_e3.c 178140849c7796c20b8a14ef9af086d4ffb485f1 - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/boot_init_dram_regdef.h 94ab11fdbe4c8a942cb23f6604e8a013e0c6c083 - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/boot_init_dram_config.c e40feff18e0868d48c4bdcc23024fa824eb612ad - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_h3ver2.h d8448100b460ddc591a2eefae6d2d0abecab166a - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_m3.h fe75f352b6a7e1643f0857f578e85a4c301d504f - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/boot_init_dram.c 1f8f7c4a456ce374f80860dcefeb3a1eed7e1b7d - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_m3n.h 56a16c8b12428935f7d194f7bdbda33ebc432e4f - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/init_dram_tbl_h3.h b014a41cf8b77ed434dc0aaeae7efd1a154065c4 - arm-trusted-firmware/drivers/renesas/common/ddr/ddr_b/ddr_regdef.h db6311bc705a8c1d60a616425947adcee84d1063 - arm-trusted-firmware/drivers/renesas/common/delay/micro_delay.h 724917ae7e24d07722880d4b74d6a9730336be06 - arm-trusted-firmware/drivers/renesas/common/delay/micro_delay.c 08b9d46b2389e6316b27218e1e80071e3891915b - arm-trusted-firmware/drivers/renesas/common/rom/rom_api.h fe518460e8298941fd3ff47df2330afba56085ca - arm-trusted-firmware/drivers/renesas/common/rom/rom_api.c f6c548f6ac120c9eae0551d5ca111a654a28e241 - arm-trusted-firmware/drivers/renesas/common/avs/avs_driver.c 04d76f4dff98e3290cc3b56689eea7eae6973401 - arm-trusted-firmware/drivers/renesas/common/avs/avs_driver.h 8e9c2ed157c641c0bec372759c5f0d1a29495392 - arm-trusted-firmware/drivers/renesas/common/watchdog/swdt.c 6173062885150750f1c102edb35796e50d6a012a - arm-trusted-firmware/drivers/renesas/common/pwrc/pwrc.h 11290dbdcaf0fc67e9947d59e3177ac503f1276c - arm-trusted-firmware/drivers/renesas/common/pwrc/pwrc.c c11df9b69a5d8144823fe6b09c8aee8c6dac3579 - arm-trusted-firmware/drivers/renesas/common/pwrc/call_sram.S 23d0235cda981605fc638d9031316ff71003ea9f - arm-trusted-firmware/drivers/renesas/common/rpc/rpc_driver.c 5737620466366563b17443ac716f582a4a0e1e8b - arm-trusted-firmware/drivers/renesas/common/rpc/rpc_registers.h 3a2172abc0cd0c826ca5c1f958e47c616e2d0c2c - arm-trusted-firmware/drivers/renesas/common/auth/auth_mod.c 26bba8a723b7f85d907e8da853e41cb0ec1bc46c - arm-trusted-firmware/drivers/renesas/common/console/rcar_console.S e285ce8fb65a4579da74f1406d12000d292f45ad - arm-trusted-firmware/drivers/renesas/common/console/rcar_printf.c f81a020bdd63ac732719bf014ffb749bc0f35bba - arm-trusted-firmware/drivers/renesas/common/console/rcar_printf.h ba0424f1fb02f541d26148c808ee8576203fae19 - arm-trusted-firmware/drivers/renesas/common/dma/dma_driver.c 648595ebf99d157ff5bec437919b34a18258b411 - arm-trusted-firmware/drivers/renesas/common/scif/scif.S 8ae500671f7227739bb3b389ee74418bae4974ee - arm-trusted-firmware/drivers/renesas/rzg/board/board.h fe1e1e2a68a2409c85008f78bb7f4048be6dc1c9 - arm-trusted-firmware/drivers/renesas/rzg/board/board.c 2802b6fb340525ddb96baca00341a6a25f703c74 - arm-trusted-firmware/drivers/renesas/rzg/qos/qos_init.h 4186c27c3850565f08118234f39f3224a0094fb6 - arm-trusted-firmware/drivers/renesas/rzg/qos/qos_common.h fa11d997720f3e8e38a41e393a485385f56a4981 - arm-trusted-firmware/drivers/renesas/rzg/qos/qos_init.c d1016ddc5354d7e63a3ef654ae6899c8c078ce00 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10_mstat390.h d0a732f21ab78828c622303f2eb7f2ab8e85c92a - arm-trusted-firmware/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10_mstat780.h 98bd2a7be1d0dcdf1cc534ac4dfa0adf7b3bd752 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10.c 635fa9d52596ee34cf2cbf85617657684fb653c1 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2E/qos_init_g2e_v10.h 2e4f2532cb1b9aee27f82677a76fc8598ae3e720 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_qoswt195.h 0d2a4685c4bd34d6ec121270bc38ec212c7b1e0a - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_qoswt390.h a084e9fcbfdc195d063eee7f1561a5b311238aa2 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_v30.c 6bfed6bf0d3eb45780762fbb929d5d57eaeaaedd - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_mstat390.h 05c9d8b400726b0d87a72783f40f17a2a061c31b - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_v30.h 6a2add07f71f904a80881847adbb4576860c245d - arm-trusted-firmware/drivers/renesas/rzg/qos/G2H/qos_init_g2h_mstat195.h 8146506bb0d47e4499b692d8a0b0d168c697db9a - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11.c 7262dc7de38f8216be32a2cf973c4077da6a5ced - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11.h 49c7e8143b952aa89509efb296f2a3d848f1fcf1 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10.h d1c7d38c66ff34e537261485132cb0beb3ab4765 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_mstat195.h 4fc3b8212dd33e6a33a9bbf4b96d0ffdb7032083 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_qoswt390.h ae6bc783ddb0cb6feec22e234a5383965ad75a8b - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30.h 1ebeec74f28d94d33ad88f9e3cb8abeb2ff4462b - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_mstat390.h 046e1d3b18c291d99e7f1f95658f5a6bb9f7c207 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_mstat390.h 17c66fa0e8ef76563d00547c6c281d4fcd025dbf - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10_mstat.h e074216ecbdf97f24cb3e12cc7f5d8e5c99721b5 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_qoswt390.h 5cf260b6fef6d9a6c0ddbe6c45bed9d54daf027e - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30.c c9bbbceaf55fd9cdcf0943b427f8b302c902199f - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_qoswt195.h 3ebe3831af51ff6dd31f04c19ed726ea47d12ffb - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v11_qoswt195.h ba3202740e2551524bc86abc295cc82374fea770 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v30_mstat195.h 4120c27434066995e75487d1311e78e2dcf57cb3 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2M/qos_init_g2m_v10.c 7c37eb45f9f11ee9f370e775f741dd1075944a69 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10.h 3ca890e94b8943ef7719c09f20c3a71ad9e60295 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_qoswt195.h 330b138c5e24e14484fbdcc38db468c06168918a - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_mstat390.h 282efe9d196e496f3be41e3be701e9dc02c1bfc5 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_qoswt390.h 80605fd39dfaf3536b1da46e80b450127a5ac723 - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10.c 33416277d7d82e170d6f1d7ef205870c003c8aff - arm-trusted-firmware/drivers/renesas/rzg/qos/G2N/qos_init_g2n_v10_mstat195.h 45854b76c28a405b83a3ad2f7975038a6a8a34c1 - arm-trusted-firmware/drivers/renesas/rzg/pfc/pfc_init.c 987d099de106542df3c8adb7613b27edcfd5cb76 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2E/pfc_init_g2e.c fa65175525fa82bac340b43f6d95f68574a6cd59 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2E/pfc_init_g2e.h 08bed1ad3f35993a6b63c3a553c0cd1f817cdf72 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2H/pfc_init_g2h.h 313d480f7fd9b09de41195d3fe75df7e06b8fad2 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2H/pfc_init_g2h.c fb75fabcb7a5cccd23dafcb83996362d131b28e4 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2M/pfc_init_g2m.c 3e16dde8ddd77df4368ed97df8dedfcd363f2195 - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2M/pfc_init_g2m.h 9850cfe7fffb94712b5526ba4dd947a9cec6efbf - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2N/pfc_init_g2n.c 42cec83a589b1e8282a06dc496c09fa4d8019bdf - arm-trusted-firmware/drivers/renesas/rzg/pfc/G2N/pfc_init_g2n.h c2b1735bd5896fe759c99cc8b22c392af5bb841b - arm-trusted-firmware/drivers/renesas/rcar/cpld/ulcb_cpld.c ba3873513a76a74ceff9f6818187870191d1faba - arm-trusted-firmware/drivers/renesas/rcar/cpld/ulcb_cpld.h ef114d85e930b49c92bef6398031e37cb6afcbb3 - arm-trusted-firmware/drivers/renesas/rcar/board/board.h cf8b9626df3b3f81ae4674acc1f379aaf9eea1b5 - arm-trusted-firmware/drivers/renesas/rcar/board/board.c 50775f0e3315375d2b392a52b57df2e19834d985 - arm-trusted-firmware/drivers/renesas/rcar/qos/qos_init.h cb0d0e4e929b276e850cc30884ddfd8846a9048f - arm-trusted-firmware/drivers/renesas/rcar/qos/qos_common.h bab2ef59fc4f4088c90466ebb4823889a1bf3996 - arm-trusted-firmware/drivers/renesas/rcar/qos/qos_init.c 4c577e5e3e00506da4ab89990b8dae561786e20a - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_qoswt390.h 60944cd086bb0354e4747ae185b5149ae3f85f72 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10.h 96354da81a56cb6373ff756124b8eee42409bfca - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_mstat390.h 3d6b988f34914a47bf479526f1f10849a2ae3ae5 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10.c 2bb5c4f7c8795b5aeecf3a8997f515c4890514ae - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_mstat195.h aa7f8d7b49fdee6efbfc48acf8e8bddb01fd52a4 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3N/qos_init_m3n_v10_qoswt195.h 824a3717d01b009cea509c61015e64d1722fc212 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v10_mstat.h bd60292a364659d7f11eeecac384213969357c04 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_mstat195.h 8eea8028ec6b2cd4e6e1c5e0a8d8fd9af01ff4fd - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_mstat390.h 59c0f7639b01b8af843d8142eb013348e6a1ba18 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_qoswt195.h bc682493eeddc9cec3b24b5dd37418a00e0c064a - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_qoswt390.h 12e645da3e7fc81893eb36796412a928fc06e57e - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30.c dae17d610957cce3799fa9c9946c0196c67d46ac - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v11_mstat.h 7c805660400d6f609148f8124439843b39232355 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30.c 811eb1fecd60de207e7c92a5986acb80e7ecf0f3 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_qoswt195.h 6ea58175e376d869ac3c2a4f103d934df3c2c465 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_mstat195.h 630b48fd35a697ed4d1daa03bfc67d0d299a2776 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v11.h 504bd76520d259ea03e8b93380c763a3c17ffeb0 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_qoswt390.h 8b5287985d180436c31df99d29c586fa8ddf0f26 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20.c 23507b41fbfc9c3a39c4c3f5daf7562d67d10b1b - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_mstat390.h b7890473a9576eca8081825037d037349512add5 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v10.c 700940ac5d64f4902064fbf6670e6e59150d9fd0 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30.h 8623a6e816d06c37ce20ab1b6e410fc23c052d43 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v30_mstat390.h 7131d3227d06785258892fe7a42df3c91cc8c9f9 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20.h f5fd4a9a5d50b214bc6ebdebed3c35ae0f1f2be4 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v20_qoswt195.h a6934a3af85414d49cca5e5d99e162bbe9ca133b - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v10.h 8dbbe234d937dcc1acc85648ecf831824fb5fa48 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3_v11.c f0db0106cc97b359f7a0ab316784658b79e9d544 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_qoswt390.h f8c08f7eee854de735ce3c60a3e23d3f74fd73f8 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30_mstat195.h 7329eefcfc343e2cafffcbc3a208b34789e57968 - arm-trusted-firmware/drivers/renesas/rcar/qos/H3/qos_init_h3n_v30.h d50c2a6a6c4e4910f4fabd7c774ce1986b97ea19 - arm-trusted-firmware/drivers/renesas/rcar/qos/V3M/qos_init_v3m.c 70405034a321bd4ced206115508ab438f2f536f6 - arm-trusted-firmware/drivers/renesas/rcar/qos/V3M/qos_init_v3m.h 21ada158d24d4473b1e20f73c499f4d5600e3c8b - arm-trusted-firmware/drivers/renesas/rcar/qos/V3M/qos_init_v3m_mstat.h 6dea13df81dd5a2913039ff42dcb9216eb922586 - arm-trusted-firmware/drivers/renesas/rcar/qos/E3/qos_init_e3_v10_mstat390.h 48f7ee0d258f661040d23d898a98d0bc9c066613 - arm-trusted-firmware/drivers/renesas/rcar/qos/E3/qos_init_e3_v10.h 114cb09f888b76f0b1356fb126a483be754d2cd6 - arm-trusted-firmware/drivers/renesas/rcar/qos/E3/qos_init_e3_v10.c 81d4efe56b1d9f4c44c942700d01a9ede1677bae - arm-trusted-firmware/drivers/renesas/rcar/qos/E3/qos_init_e3_v10_mstat780.h c2f5bcbfd3751341e871e36cd4d2f278b2a4150d - arm-trusted-firmware/drivers/renesas/rcar/qos/D3/qos_init_d3.h fb1b1122066b12b184582d53d643246b1a414b3b - arm-trusted-firmware/drivers/renesas/rcar/qos/D3/qos_init_d3.c b8ba25ef62d360d72dd17d26934062bc0eeea376 - arm-trusted-firmware/drivers/renesas/rcar/qos/D3/qos_init_d3_mstat.h a6126e66f35f584f38379a6ee5529fed08edf8d8 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_mstat195.h 2717b8ac46d4da69ba6b99a7f25097f9e314aad3 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_mstat390.h bf20ed2160ab9535cba30cc680a7bf881b5a442a - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_qoswt390.h 7cbcad70fd46dc5761bb14b31f104d6806752af8 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_qoswt195.h 8aa68f57355243a72231c3848caec899565cf5da - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11.h f1b2a6505d48a1a6566f88c1e80b4f27cb09896e - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_mstat195.h a3a502f90241a6c8f8be7ed9af2e0b6cfe9e59e5 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30_qoswt390.h ec016158b5c3b5502240e5835181cf7929e6fb5e - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v10.h 2a066b2fcd7583651082fa57bbf12dfe4352326f - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v10_mstat.h 7e2114420402542982a251fc6b54152f32b0dd88 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11.c 77f8e84524f8a31cd4e5261eca8974eec4bd131a - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_mstat390.h 8c12bb78bc33032ca8926351b3eedbe5b2b4c81b - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v10.c 6b699b1443429c5428b8a7056804ed3da10f02f8 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v11_qoswt195.h 10f2fc91f336438e4f2073ea1a665d5d67fb79c7 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30.c 758dc7396c31d1186836e5ed6c7cafd0a678b4f6 - arm-trusted-firmware/drivers/renesas/rcar/qos/M3/qos_init_m3_v30.h 3ae8c8947fe42e322d70fb7903ada181bfd006ed - arm-trusted-firmware/drivers/renesas/rcar/pfc/pfc_init.c 1a2dd6951973faf90ec734331605c3fb336bde9f - arm-trusted-firmware/drivers/renesas/rcar/pfc/M3N/pfc_init_m3n.h ed9b151f951387e31b4a9fc5a26f0d4621beaf13 - arm-trusted-firmware/drivers/renesas/rcar/pfc/M3N/pfc_init_m3n.c 83dad15a244674be1d30dc0200428aa0e82090e6 - arm-trusted-firmware/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v1.c 7a112959b420ec60382c2d5688ddced8ca0affd4 - arm-trusted-firmware/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v2.c 5eda21c234b108bb6ed5b65d5e58825ec9ac0210 - arm-trusted-firmware/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v1.h 8472797f3f7c7a334dd21719d4dd718c5df01e47 - arm-trusted-firmware/drivers/renesas/rcar/pfc/H3/pfc_init_h3_v2.h cc2f31ac87f68592bc44f9d3435c79d99e7dc0e6 - arm-trusted-firmware/drivers/renesas/rcar/pfc/V3M/pfc_init_v3m.c b9d9644305cbbf1e06e176a46903dd18819761a4 - arm-trusted-firmware/drivers/renesas/rcar/pfc/V3M/pfc_init_v3m.h c7dfaadbc4d96d1fceadc4fae5536b1e1a9cdd59 - arm-trusted-firmware/drivers/renesas/rcar/pfc/E3/pfc_init_e3.c c248864592a61213518c8881be85e4f65fe0a3a2 - arm-trusted-firmware/drivers/renesas/rcar/pfc/E3/pfc_init_e3.h 6465a6a55c524b8ffb1dca351757b9d96e79d203 - arm-trusted-firmware/drivers/renesas/rcar/pfc/D3/pfc_init_d3.c a7f9c2cb5010e2bfe1f501830a449d314d447ce7 - arm-trusted-firmware/drivers/renesas/rcar/pfc/D3/pfc_init_d3.h 6fb897befbc4164b71d8975b2d5322b9e77412b4 - arm-trusted-firmware/drivers/renesas/rcar/pfc/M3/pfc_init_m3.c 3802b683cd17e49eba932611e33205446291cde4 - arm-trusted-firmware/drivers/renesas/rcar/pfc/M3/pfc_init_m3.h 627856de3e6c6e4ff2ba2bf3dc3803a13f08d1bb - arm-trusted-firmware/drivers/gpio/gpio.c 1c9fa968ab5e023d06dcdbe0d3d12847d4e13273 - arm-trusted-firmware/drivers/nxp/pmu/pmu.c 396f26a188a6fb1077b280cdc459ee52ac4dec89 - arm-trusted-firmware/drivers/nxp/flexspi/nor/test_fspi.c ce75912d66d9d45c7fb5514c2d883363346b1a48 - arm-trusted-firmware/drivers/nxp/flexspi/nor/fspi.c af21526870ded933cf4e5455fdd2935a82cea61b - arm-trusted-firmware/drivers/nxp/flexspi/nor/flexspi_nor.c 0c3739bdd3d04953083299f803b7c30e40e3fa93 - arm-trusted-firmware/drivers/nxp/flexspi/nor/fspi.h d354d19d9f42611b3ad0f293660bac71ee3a801c - arm-trusted-firmware/drivers/nxp/flexspi/nor/flexspi_nor.h 6ba34d8cf6a1e66a6b8781b632305c8192f8c47f - arm-trusted-firmware/drivers/nxp/ddr/phy-gen1/phy.c 7c05bf68f35c9cbbeb751db67f075cc1bc864b72 - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/messages.h aac92f8b51eb5a99b8c6c1b861b65d8ed56c92b9 - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/csr.h 7547f7a2396ef42e0140f69a68424c714c210b19 - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/phy.c 9c36d85b72ea62f1b3e6d8df34efe02d50c468ca - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/pie.h 8ced20b50814e640a734b45571534428a03235aa - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/input.h f222d8d69c33519c4908bafaaeb6a2482f35bb20 - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/phy.h ac55bbcc1387d5092bdce1d236686694d82f2a87 - arm-trusted-firmware/drivers/nxp/ddr/phy-gen2/ddr4fw.h e083ea048179544e9c8e52f7a48d7c315f03a475 - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/README.odt 442cb1d00ad113cbdc5ce076abc56124655dbe2d - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/regs.c fed7a4d64f892002dd30f1e1bf50d5fbf537281d - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/dimm.c 59117917987eb057fe4003d4da4c3125ea76dbc9 - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/ddr.c eaefee9029f7ccfd854a5813aae54ad816808645 - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/utility.c 33929846548a6a6731c652caf6050b64dea2f9d7 - arm-trusted-firmware/drivers/nxp/ddr/nxp-ddr/ddrc.c d9b4015568e26bddf900e57b2034588011dc76fe - arm-trusted-firmware/drivers/nxp/ddr/fsl-mmdc/fsl_mmdc.c 73a87390ee3b46e2b5587087457d8a10a6f4cd35 - arm-trusted-firmware/drivers/nxp/tzc/plat_tzc400.c 06049b8071d1258dcc7829e02727d935c561fa1a - arm-trusted-firmware/drivers/nxp/tzc/plat_tzc380.c 85860d4c7284e5f15ce31d18787f687d6bde61b8 - arm-trusted-firmware/drivers/nxp/ifc/nor/ifc_nor.c c7adb94bca0f7e2a86394a503007aacd278de299 - arm-trusted-firmware/drivers/nxp/ifc/nand/ifc_nand.c 3976af866b0f1353ade3d95b9d4ef92a7a2169ea - arm-trusted-firmware/drivers/nxp/ifc/nand/ifc.h bf7712fb75e6373abf6791b46d9a4563fd00feb7 - arm-trusted-firmware/drivers/nxp/timer/nxp_timer.c 1d31a2492e42b2087d68ef756a91274f671987c7 - arm-trusted-firmware/drivers/nxp/dcfg/dcfg.c f29d54b17cb5dd1f602641d092227c883cb6a57b - arm-trusted-firmware/drivers/nxp/csu/csu.c 5579fdab0db3121aceafcaf39eab316e0253aee3 - arm-trusted-firmware/drivers/nxp/sec_mon/snvs.c 3a182ddb4f6fa33eaf8b5ae0c60f6bdf113f4fcc - arm-trusted-firmware/drivers/nxp/i2c/i2c.c e9bddb61157fc79a6db73771f3abc44b0fa2180e - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_pbi_ch3_2 9489f5c75aa894fc166bb99b848883d0413170cb - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch3_2 8b7ec36599206f1c121cf2a9565bc043b6049dba - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/csf_hdr_parser.c 58bff9b3422ffad20520362a80a6f322da632da3 - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch2 aaaf596468de0e2b0f1fd9df798408ccae3ec67c - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/cot.c dd7d454c97e1855bb1c228cacfecb6238f4e487d - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_bl2_ch3 bc6fe6b33a974e9a9e2ae522e3ac00b9f7ff4967 - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_pbi_ch3 cb8400c786b03ab4685825c49454f7915622e629 - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/plat_img_parser.c 753107ce7c270d602a0018c1cabb0ef8e7d3c54a - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_blx_ch3 9b849f025149e6cf51b2500c8f70b38703ed5078 - arm-trusted-firmware/drivers/nxp/auth/csf_hdr_parser/input_blx_ch2 5a7943b124da3fea7995adb004eff6a0b928e921 - arm-trusted-firmware/drivers/nxp/auth/tbbr/tbbr_cot.c e87ea077dcc89cfad504b38c454094873eb4bbae - arm-trusted-firmware/drivers/nxp/sfp/sfp.c 904d53ac1f2e9c98f1e176eae19be267e985db33 - arm-trusted-firmware/drivers/nxp/sfp/fuse_prov.c 7e7c03a074969dc0547afeb5dbe289ae008dae93 - arm-trusted-firmware/drivers/nxp/qspi/qspi.c 45cce82acdd1f75c2e31f56de0a27738ec712b09 - arm-trusted-firmware/drivers/nxp/gpio/nxp_gpio.c d4cf1b07b3a081078c4e7da1e354adc42f41f7ca - arm-trusted-firmware/drivers/nxp/crypto/caam/src/sec_hw_specific.c e4343fd48fd3beed200fd430ec2f84482e7171bf - arm-trusted-firmware/drivers/nxp/crypto/caam/src/hw_key_blob.c 32d20982227d5346d95e069f256ec3556d52ecfe - arm-trusted-firmware/drivers/nxp/crypto/caam/src/rng.c ba408ad853e9ef0e53ce8319419a8b3d8a3da7ed - arm-trusted-firmware/drivers/nxp/crypto/caam/src/jobdesc.c eeaa299335bd10e0531ff65d6a24c6a4da294057 - arm-trusted-firmware/drivers/nxp/crypto/caam/src/caam.c bb9ccbfadb1dba83a0035f9bf7b3d22a48fa01ff - arm-trusted-firmware/drivers/nxp/crypto/caam/src/sec_jr_driver.c 02475a8e210c6615aa5138943337551fc8b9087f - arm-trusted-firmware/drivers/nxp/crypto/caam/src/auth/hash.c ff23fd02b2c8ce84423f099d2b1bea12faf82aec - arm-trusted-firmware/drivers/nxp/crypto/caam/src/auth/nxp_crypto.c eb5515126eb5fa4bef2f7976e79e3f9fd0944afa - arm-trusted-firmware/drivers/nxp/crypto/caam/src/auth/rsa.c cbb35d75dea21db6209d5ab41ce216af0acbd5f3 - arm-trusted-firmware/drivers/nxp/gic/ls_gicv2.c a8b2be0d9781815f941f3b5c54c06d66869ebbb8 - arm-trusted-firmware/drivers/nxp/gic/ls_gicv3.c fa805a963aca474eb7b99d376fc23bf898fe4457 - arm-trusted-firmware/drivers/nxp/interconnect/ls_ccn.c a4736e2e943ff2c95ee55ab5550d95dbf4e9fae5 - arm-trusted-firmware/drivers/nxp/interconnect/ls_cci.c d3e9bd0226d74dffd59af6ef1c8f029ca195db90 - arm-trusted-firmware/drivers/nxp/console/console_16550.c f15b111b5f8ec4a947c36b642e6c6331bb5331a4 - arm-trusted-firmware/drivers/nxp/console/console_pl011.c 5128d83df7b28a2a4bd817b834e17b74206a84d7 - arm-trusted-firmware/drivers/nxp/console/16550_console.S 7da82df0c542d1d8ae8e69affe9e30ba233590a2 - arm-trusted-firmware/drivers/nxp/sd/sd_mmc.c b601addd7e20d9e7f019014eac336024a1e57b8f - arm-trusted-firmware/drivers/ufs/ufs.c 1fa3c347f937895d6e5869cff641faf35158d0e0 - arm-trusted-firmware/drivers/intel/soc/stratix10/io/s10_memmap_qspi.c 1a38fc90bd2ad3b33e7c09de2e338d2f993efe99 - arm-trusted-firmware/drivers/console/multi_console.c 48cb55cb2ee35cd09c7a0759acecc0e5facfe576 - arm-trusted-firmware/drivers/console/aarch64/skeleton_console.S b837201998c7093cf24c9131e39734b99ab455be - arm-trusted-firmware/drivers/console/aarch32/skeleton_console.S 3325b2a520df18fb8bd8859eafba82aa1c89eec1 - arm-trusted-firmware/drivers/rambus/trng_ip_76.c 0d32873988a7299902bc11961218f9034c494f5b - arm-trusted-firmware/drivers/delay_timer/generic_delay_timer.c a5328f6dfd065a9ddc6acad1d5ea28176f33e623 - arm-trusted-firmware/drivers/delay_timer/delay_timer.c 279f67f2161b938ba13883aeab4439e24b76eaf2 - arm-trusted-firmware/drivers/mmc/mmc.c 12473d63d565d1782e4e3273a27c29c04adaf86f - arm-trusted-firmware/tools/amlogic/doimage.c 58ef2523c26b02365fb70cb1cebc29cba026be23 - arm-trusted-firmware/tools/amlogic/Makefile 1474476f05acda23a8bb1e859fcc314baf5a4fda - arm-trusted-firmware/tools/stm32image/Makefile 75e7e633ff5fcf6dca970eef0c2acd786d23f188 - arm-trusted-firmware/tools/stm32image/stm32image.c 495a7786c563fdb9134410b75a95c3e1c3149eb3 - arm-trusted-firmware/tools/memory/print_memory_map.py 6a4752c84a78127a0b99ece7396ae317661ac61a - arm-trusted-firmware/tools/sptool/sp_mk_generator.py 4a137ea4eb638729bda39a72491cc6519fc26da5 - arm-trusted-firmware/tools/sptool/Makefile ee49dbe19d032c60cf3e963764253c2d808b9de5 - arm-trusted-firmware/tools/sptool/sptool.c 37ff8b0160a90437e9b84efce7ef73833b96eb39 - arm-trusted-firmware/tools/sptool/Makefile.tmk 158eb04fba82028aacc8b3cc3884314b37d8a862 - arm-trusted-firmware/tools/fiptool/fiptool.c 022ce17862a03fb1b68881c15cc964cd56706532 - arm-trusted-firmware/tools/fiptool/Makefile 6dcc9e2c01e4d8e4c0b531154c0598192ba190c7 - arm-trusted-firmware/tools/fiptool/fiptool_platform.h 12207fca29ab69b8fccc71ef7a95f9d551ec744f - arm-trusted-firmware/tools/fiptool/win_posix.c 323e507fdf87c7d4a94d0bbbaa72bd905c2d641d - arm-trusted-firmware/tools/fiptool/win_posix.h 30931543e94deea26c28007433bf6d837f1839aa - arm-trusted-firmware/tools/fiptool/tbbr_config.h 2b824a81f75e43fe0eb8f52e822974093ad0f246 - arm-trusted-firmware/tools/fiptool/fiptool 02dcc44205d31ccd5e69fd5008848cebfa14b775 - arm-trusted-firmware/tools/fiptool/tbbr_config.c ff33081f63178813dd9c9235d17538954c29d7c6 - arm-trusted-firmware/tools/fiptool/fiptool.h d47913d50cdf551a4f0677629c59c1464b96f606 - arm-trusted-firmware/tools/fiptool/Makefile.msvc 0ec11eeb14668d925e198fc42145f8b0fd3d02d8 - arm-trusted-firmware/tools/marvell/doimage/doimage.c 2bbefb66f05e50612c3b0d215f0bd185e076cf20 - arm-trusted-firmware/tools/marvell/doimage/Makefile f35a6333e76f3fb2bed05bad996a131317f5ac9d - arm-trusted-firmware/tools/marvell/doimage/secure/csk_priv_pem3.key 8602871bb27d59d5b5ce180448e1ceb232027bad - arm-trusted-firmware/tools/marvell/doimage/secure/csk_priv_pem1.key 954bc6cdf269e0eaa9581057657a1e2bf9621f38 - arm-trusted-firmware/tools/marvell/doimage/secure/csk_priv_pem0.key 8fc012a12a4398216ad6fd4b97199ccd159711e5 - arm-trusted-firmware/tools/marvell/doimage/secure/sec_img_7K.cfg f848ecb51058182d4c908f7c9a88561dbdce34bd - arm-trusted-firmware/tools/marvell/doimage/secure/kak_priv_pem.key c8f9244b21f28bb382b1befed8dce13e4eae06f9 - arm-trusted-firmware/tools/marvell/doimage/secure/csk_priv_pem2.key 5b6535dd6c94832d3113588ea938b9526b06b0fc - arm-trusted-firmware/tools/marvell/doimage/secure/sec_img_8K.cfg 105f766aba0c8abdca2e88e258a34b28a656edd4 - arm-trusted-firmware/tools/encrypt_fw/Makefile 843248736f6bce43a9ac3f11f9bfa6a094face5a - arm-trusted-firmware/tools/encrypt_fw/include/debug.h 08dcc81abf0dd5a951f1d7cb36e2d05628055bec - arm-trusted-firmware/tools/encrypt_fw/include/cmd_opt.h f37ed62897799b6165569c0842904eb6fe5d21d5 - arm-trusted-firmware/tools/encrypt_fw/include/encrypt.h 29f5f62fba8f9c0fb9e528df8a7c5f9a264d9bad - arm-trusted-firmware/tools/encrypt_fw/src/cmd_opt.c 93d36734d229d79068472d13bb173cb9b1537d9d - arm-trusted-firmware/tools/encrypt_fw/src/encrypt.c 5093ed93e150e683b735ad26979460536e2419f3 - arm-trusted-firmware/tools/encrypt_fw/src/main.c 638ff14128d59a95756979954071615bb74eb3c4 - arm-trusted-firmware/tools/cert_create/Makefile 843248736f6bce43a9ac3f11f9bfa6a094face5a - arm-trusted-firmware/tools/cert_create/include/debug.h 491ae06a09039151d3d2fbccaf89bf4de779dd5a - arm-trusted-firmware/tools/cert_create/include/ext.h 0a307fbdd842fe9ae8212a2362b356addf0a38df - arm-trusted-firmware/tools/cert_create/include/sha.h 134c6c14b6a384f0e036827b128d4adf08612d9a - arm-trusted-firmware/tools/cert_create/include/cmd_opt.h 26baf6654b744217670bc74a0372533b7a9347d9 - arm-trusted-firmware/tools/cert_create/include/key.h f5c9fe91b01c2e36483376d6f0ef0c2794343406 - arm-trusted-firmware/tools/cert_create/include/cert.h a015fcfd89d3e63781911e5134884343975d6284 - arm-trusted-firmware/tools/cert_create/include/tbbr/tbb_cert.h 728ba9b1bbfe33e0ca3e33eb166f04922947e3e3 - arm-trusted-firmware/tools/cert_create/include/tbbr/tbb_key.h 0c696ba78f7d568469b58576262a035b3074ae67 - arm-trusted-firmware/tools/cert_create/include/tbbr/tbb_ext.h 596785e69869c848d5fdb306b8084f282876abe7 - arm-trusted-firmware/tools/cert_create/include/dualroot/cot.h 82813403f6e7250a54d55d8c1409be0c9c3538e0 - arm-trusted-firmware/tools/cert_create/src/ext.c 718afca8b5d04a3f76605646abacc1e597be801b - arm-trusted-firmware/tools/cert_create/src/key.c 29f5f62fba8f9c0fb9e528df8a7c5f9a264d9bad - arm-trusted-firmware/tools/cert_create/src/cmd_opt.c 1188485867e47cb5d105325c1736aafc8f6b0073 - arm-trusted-firmware/tools/cert_create/src/sha.c ba404574148313fc2ff134ae8bf798150a5cd0d5 - arm-trusted-firmware/tools/cert_create/src/cert.c a485a01a7aa89b241a4a2b28b2fbe50c469d51c4 - arm-trusted-firmware/tools/cert_create/src/main.c 11fe1d417bcbf3a47d588f48d738d47a156b9c49 - arm-trusted-firmware/tools/cert_create/src/tbbr/tbb_ext.c c5571efb1999abfd481ddccdf9cfa8db65d5e440 - arm-trusted-firmware/tools/cert_create/src/tbbr/tbb_key.c a71f6edc951824d84282d7f0262e1ebd260a5a38 - arm-trusted-firmware/tools/cert_create/src/tbbr/tbb_cert.c 87b7868a92308d1b74bbf003f8fb00f89c405d2c - arm-trusted-firmware/tools/cert_create/src/dualroot/cot.c 01000b7d50599a58601322b9a12174d81bd80571 - arm-trusted-firmware/tools/renesas/rzg_layout_create/sa0.ld.S 3d9335fb1238d08df68e2770f69a0e1bec960069 - arm-trusted-firmware/tools/renesas/rzg_layout_create/makefile f51f929a6294d60d681b03dbf0f3f1fe0835fa3a - arm-trusted-firmware/tools/renesas/rzg_layout_create/sa0.c 8c2b63db003e2e330f2af95b94c2132bc2fc9725 - arm-trusted-firmware/tools/renesas/rzg_layout_create/sa6.ld.S 4085a8d4104eac744977d5ec6feacf08b8a1283a - arm-trusted-firmware/tools/renesas/rzg_layout_create/sa6.c a728eb1898ea80778d60fcf57b727f977c29ec98 - arm-trusted-firmware/tools/renesas/rcar_layout_create/sa0.ld.S ba6ab775fd9474718d717b35f4220e716f7b7ae6 - arm-trusted-firmware/tools/renesas/rcar_layout_create/makefile 213e1746ba029a55b6baf19ac0d8863713811b64 - arm-trusted-firmware/tools/renesas/rcar_layout_create/sa0.c c6acebe37afdaba95dbaf9f814eb4bba5dd989a9 - arm-trusted-firmware/tools/renesas/rcar_layout_create/sa6.ld.S b4ecd67c81a19d47e59f9a72dd81fc392fff3aea - arm-trusted-firmware/tools/renesas/rcar_layout_create/sa6.c e9b252cbfa9bd844023146ac38470829ac72342a - arm-trusted-firmware/tools/conventional-changelog-tf-a/package.json 9bdff25d946a2c61d8312e1f53c49802d66d3577 - arm-trusted-firmware/tools/conventional-changelog-tf-a/index.js 65198bc7a494eba7c91745808f3ada1e3034659a - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/note.hbs 5e9ebb4c1ffaf478200ddbd8bd5bbef2b0f2d2f6 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/commit-section.hbs da39a3ee5e6b4b0d3255bfef95601890afd80709 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/footer.hbs 99f27ae0dfb07952b2130a819e32599cfc2d78c6 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/header.hbs bdd671375b10dbdabd4f1f87941d3071e275ff64 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/commit.hbs 1d1032e5160d84f70af7f7ab6dddaf003244f768 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/note-section.hbs 85453d72f48122ba14bd00512fac19ef0fc42d07 - arm-trusted-firmware/tools/conventional-changelog-tf-a/templates/template.hbs 294a1e169dc8c2e940e56cad57a08e5d4adb3b9f - arm-trusted-firmware/tools/nxp/create_pbl/Makefile 2ec990b299f9fd69d0e0a85e98faba9055f56bab - arm-trusted-firmware/tools/nxp/create_pbl/README 6883483605723caec745103ffaafc790ec284c8d - arm-trusted-firmware/tools/nxp/create_pbl/create_pbl.c d66ad3c8e97d38face17234980203ac71836e11f - arm-trusted-firmware/tools/nxp/create_pbl/byte_swap.c ee87af83d314b14a8d8a41acb7fa47c97f7dda56 - arm-trusted-firmware/tools/nxp/plat_fiptool/plat_def_uuid_config.c 621d8ec57a445f0149ebb8b216ef913ed05f8754 - arm-trusted-firmware/tools/nxp/cert_create_helper/include/pdef_tbb_key.h 3d16696dce452bf99b18bdd1a964fe7ad191477b - arm-trusted-firmware/tools/nxp/cert_create_helper/include/pdef_tbb_ext.h 46fb0f5a24245e631af2a4690c0d7202204c0e54 - arm-trusted-firmware/tools/nxp/cert_create_helper/include/pdef_tbb_cert.h f328e450c8ae941e8109578f1721860acbfafbbe - arm-trusted-firmware/tools/nxp/cert_create_helper/src/pdef_tbb_cert.c 4065b3a492865b1f4525586a648df384bf7c961a - arm-trusted-firmware/tools/nxp/cert_create_helper/src/pdef_tbb_ext.c 506a53ab2e813a5ce578765b25e1e3fe0f1e643e - arm-trusted-firmware/tools/nxp/cert_create_helper/src/pdef_tbb_key.c bc64867c51e6a4f26dc11e07d3be01304f8b78e3 - arm-trusted-firmware/services/std_svc/std_svc_setup.c 250540ab4306221c494658c2239ffed65aa3fbd9 - arm-trusted-firmware/services/std_svc/pci_svc.c 9f72d160e0732ed98d19b7f82e62c8434b043846 - arm-trusted-firmware/services/std_svc/spm_mm/spm_mm_private.h e3e6228d6ff51d8d1940c9d13b884a9699bc1a6e - arm-trusted-firmware/services/std_svc/spm_mm/spm_mm_shim_private.h 5ddc8c374ed249405453ffb9dd8519ddc8a7a34b - arm-trusted-firmware/services/std_svc/spm_mm/spm_mm_xlat.c 79d13846ac86474d81cf97529b0dcb9876156531 - arm-trusted-firmware/services/std_svc/spm_mm/spm_mm_main.c 27e07360421aaf616722735cfdc19c90d91af4a0 - arm-trusted-firmware/services/std_svc/spm_mm/spm_mm_setup.c 92bbf065b55bbb16728230902e84c1ae124cdd26 - arm-trusted-firmware/services/std_svc/spm_mm/aarch64/spm_mm_shim_exceptions.S f3b6abb1b262ca29c81fe896193453e05ae2fd50 - arm-trusted-firmware/services/std_svc/spm_mm/aarch64/spm_mm_helpers.S c53e4b9cdb4eaee27196d9759c484c4faeaf7d06 - arm-trusted-firmware/services/std_svc/trng/trng_entropy_pool.h 0f3a50749094ad519b427c0a9c94db4f8dd32988 - arm-trusted-firmware/services/std_svc/trng/trng_entropy_pool.c 99c265f55fed0f586d388c5654338897d9e296e6 - arm-trusted-firmware/services/std_svc/trng/trng_main.c 45b49532e2610460e0fba1e6cbf18573f216da9e - arm-trusted-firmware/services/std_svc/rmmd/rmmd_attest.c 5d93ba8b111b69b7ef12b9a1ce621d9740284e41 - arm-trusted-firmware/services/std_svc/rmmd/rmmd_main.c 26be0a6e880962cffc338be91ad0f344e8aee9ef - arm-trusted-firmware/services/std_svc/rmmd/rmmd_initial_context.h 4268337ed8b89db9b3ad75537a8f1e2a008fc949 - arm-trusted-firmware/services/std_svc/rmmd/rmmd_private.h 51c4bc5d5a6c9b18e2f3f2c951d3f8abe0869ba2 - arm-trusted-firmware/services/std_svc/rmmd/aarch64/rmmd_helpers.S 83a9c2e476136e139d80cac740c65fee111c0ba6 - arm-trusted-firmware/services/std_svc/rmmd/trp/trp_private.h 6b1ef22efba95bff3270de056f0a4e2484528dee - arm-trusted-firmware/services/std_svc/rmmd/trp/linker.lds 06bef6d6d25e76eef2278253f480a4afbaebabf3 - arm-trusted-firmware/services/std_svc/rmmd/trp/trp_entry.S ca2e1ed2396b9c004b00095f04cbe848e743043d - arm-trusted-firmware/services/std_svc/rmmd/trp/trp_main.c 6da223d4cbc8ff07b002a40446860274397aa283 - arm-trusted-firmware/services/std_svc/spmd/spmd_main.c 3e424bb10206165d477d92627a1a6d8955152b74 - arm-trusted-firmware/services/std_svc/spmd/spmd_private.h eb2fb622fab718a44678ea1273fb7df9d3dd49be - arm-trusted-firmware/services/std_svc/spmd/spmd_pm.c eb5c9e4113243964f83a249807ed07711dc6f145 - arm-trusted-firmware/services/std_svc/spmd/aarch64/spmd_helpers.S e020a86b0568edbbb8e8a93f2cee43fc4812d475 - arm-trusted-firmware/services/std_svc/sdei/sdei_intr_mgmt.c 2fd31858f771c3fa2d49ac883b8e3bb8486cebae - arm-trusted-firmware/services/std_svc/sdei/sdei_event.c ed3a4e16186524a88ed19aa95176bc233b0928fe - arm-trusted-firmware/services/std_svc/sdei/sdei_dispatch.S b8207b17922c0b2192565df4c3bc9e1e9e726afa - arm-trusted-firmware/services/std_svc/sdei/sdei_state.c 36f054958b6c01f03eed070113b49903ce936a5d - arm-trusted-firmware/services/std_svc/sdei/sdei_private.h 1e4e0e78fee886b98de1d70b344442002fd6344a - arm-trusted-firmware/services/std_svc/sdei/sdei_main.c 55c35f079c4fec17128f7c644425b13fd516f2e8 - arm-trusted-firmware/services/spd/trusty/smcall.h 2bbaae4a856f5eba1f98688458729049af38a448 - arm-trusted-firmware/services/spd/trusty/generic-arm64-smcall.h 405a4e398e27192766391869719c952a77d4e789 - arm-trusted-firmware/services/spd/trusty/generic-arm64-smcall.c 912f672668f3beed13a6a55a3fab7666e147ea6c - arm-trusted-firmware/services/spd/trusty/sm_err.h cb38cd65497ea7679a3c5ced33d2e833c2f82797 - arm-trusted-firmware/services/spd/trusty/trusty.c ba437dffc2a576e12cd8b8b5e8331a43244754b0 - arm-trusted-firmware/services/spd/trusty/trusty_helpers.S 36db67e2b644b85662e0440abdf6bb464032dfb1 - arm-trusted-firmware/services/spd/tspd/tspd_main.c c41250dd18f5502066bab243f1a2f33acf9079f5 - arm-trusted-firmware/services/spd/tspd/tspd_private.h f9cf95e919ab4903bc80205e402547ddebe078a8 - arm-trusted-firmware/services/spd/tspd/tspd_helpers.S 45855bd72493c075e03c590cfade6075e5656654 - arm-trusted-firmware/services/spd/tspd/tspd_common.c d68051c573aae1f65601f9c9307d095259f8de63 - arm-trusted-firmware/services/spd/tspd/tspd_pm.c 176e5bf39535fbb39c81b2deb17ee470cac87159 - arm-trusted-firmware/services/spd/tlkd/tlkd_pm.c e4543798b8feb237167dc8c495b7aeb079d1b290 - arm-trusted-firmware/services/spd/tlkd/tlkd_private.h 61ff410fd8dae3d3ecffc63595125321444d53c7 - arm-trusted-firmware/services/spd/tlkd/tlkd_main.c c213fbde43c8075e8fe28297dd6934f2f7c5f6fa - arm-trusted-firmware/services/spd/tlkd/tlkd_common.c 14bc8b1de264fc27498c195073dcf7c1dd736c4d - arm-trusted-firmware/services/spd/tlkd/tlkd_helpers.S 04de846e914d22f5925ba665f709fd3b0793ea5c - arm-trusted-firmware/services/spd/opteed/teesmc_opteed.h e6df3878f8d4759c9f52ea98cbd0d6303bd2983b - arm-trusted-firmware/services/spd/opteed/teesmc_opteed_macros.h 4577f90d8a829f8cb934271e6991bd34844e1854 - arm-trusted-firmware/services/spd/opteed/opteed_common.c 8887d0d62a1b5248423fbc54ee536be3e5131d91 - arm-trusted-firmware/services/spd/opteed/opteed_private.h b4e16e85997824311dd82861c4c22d6ed046b817 - arm-trusted-firmware/services/spd/opteed/opteed_main.c c7af1a7de6cb5d79bf42271e846f04a18df96b63 - arm-trusted-firmware/services/spd/opteed/opteed_pm.c c8ea87fefa1ecd86c162a85206e9427be8c93afb - arm-trusted-firmware/services/spd/opteed/opteed_helpers.S 32f05b17684cd616a34fd51c98e75162d384217a - arm-trusted-firmware/services/arm_arch_svc/arm_arch_svc_setup.c 0b30444600f51212f5be53588f4f68cba0bf92fe - arm-trusted-firmware/docs/glossary.rst cdd7c87e02f5cae26200b35f5869f20aa1a526cc - arm-trusted-firmware/docs/Makefile d2e89e46ca5ae89064b0a9b0d7983272a60e60a6 - arm-trusted-firmware/docs/conf.py 4e66ff242f442cdfb5239bef53026c402990b912 - arm-trusted-firmware/docs/change-log.md 0b02d28e0d9881fab1b08360d2d9bbef021685c0 - arm-trusted-firmware/docs/license.rst 0677c6b28a895fccae194309f759b9f4e0f4c9f5 - arm-trusted-firmware/docs/requirements.in ea9ab85da5d526fc32f3436878dc80c33fbbe334 - arm-trusted-firmware/docs/index.rst add0156b84b7d9f7760db313170bf81a672a66a6 - arm-trusted-firmware/docs/resources/TrustedFirmware-Logo_standard-white.png 19e287ff6d7c25917fd56356da40bee3e5ef120e - arm-trusted-firmware/docs/resources/diagrams/sec-int-handling.png 165d02fd6baf4c31ce0c1b034477b6596c724abe - arm-trusted-firmware/docs/resources/diagrams/Makefile 10d343a1dfde1e76a19cfc7a0f8a9ca28710ee17 - arm-trusted-firmware/docs/resources/diagrams/reset_code_no_cpu_check.png 40dca2e6d5cf7cdc88398bf5e2df39f3fce31bab - arm-trusted-firmware/docs/resources/diagrams/spm-threat-model-trust-boundaries.png 66f1f1fd09b5146cb2a5e1c538de29ea7f88ed7e - arm-trusted-firmware/docs/resources/diagrams/fwu_states.png a68fd21bb442987ce7a67e0eb08d150b81bfe901 - arm-trusted-firmware/docs/resources/diagrams/secure_sw_stack_tos.png d2522911e613a4005eb1e10931779a1bb350a363 - arm-trusted-firmware/docs/resources/diagrams/FIP_in_a_GPT_image.png aacd72a3c084647a884d67147510a1b0c26d8359 - arm-trusted-firmware/docs/resources/diagrams/reset_code_flow.dia 77da82b847d9c9a0cecaa2e43e40dac166a66399 - arm-trusted-firmware/docs/resources/diagrams/cmake_framework_structure.png d10eb3ff6f8cf071330205ec0d59126d79f939f4 - arm-trusted-firmware/docs/resources/diagrams/non-sec-int-handling.png 08ebe00cb9823cd55d80c05b4aaaa64c103093ce - arm-trusted-firmware/docs/resources/diagrams/xlat_align.dia ada526023821d5e57e3e1aa979b38d2c8708227e - arm-trusted-firmware/docs/resources/diagrams/ff-a-spm-sel2.png 02a0166ec0c907a8725efa2ff467ea4d5984a35c - arm-trusted-firmware/docs/resources/diagrams/secure_sw_stack_sp.png 17e11d01f23f073cec01fb44acaa3c976495e982 - arm-trusted-firmware/docs/resources/diagrams/cmake_framework_workflow.png 80b81639bb1aa78723d3635f0359764c595e38c8 - arm-trusted-firmware/docs/resources/diagrams/romlib_design.png 7c4678ac4952c496df4536445b336d96139b0066 - arm-trusted-firmware/docs/resources/diagrams/ffa-secure-interrupt-handling-swd.png 84f99bb590f5c8748bc6e47f3e7bd4bf5890447d - arm-trusted-firmware/docs/resources/diagrams/xlat_align.png 4ab0332c836fdf5e5596c2b7ecc6ea4bccb62b8c - arm-trusted-firmware/docs/resources/diagrams/reset_code_no_checks.png 40ffa83fe202970879802b809b75c10ed360c7d4 - arm-trusted-firmware/docs/resources/diagrams/romlib_wrapper.png 2417a250f3f2552f5e881830e947024a92e55adf - arm-trusted-firmware/docs/resources/diagrams/arm-cca-software-arch.png d9a6dc06e1a28c0235940539e527ac285c179342 - arm-trusted-firmware/docs/resources/diagrams/reset_code_no_boot_type_check.png c05984305daded35b5f3a14ea3c5ac88319f4292 - arm-trusted-firmware/docs/resources/diagrams/romlib_design.dia 763017cfa85171acb7422b0f8ef1c40ba69443a3 - arm-trusted-firmware/docs/resources/diagrams/rt-svc-descs-layout.png 2e886fd02f6b39a545824f0819608260e0671c14 - arm-trusted-firmware/docs/resources/diagrams/context_mgmt_existing.png c279d33545695cac4327bf14a8d84b4237dc8387 - arm-trusted-firmware/docs/resources/diagrams/MMU-600.png 04a65e98eceabb17ea534a6dea187021477a1fb2 - arm-trusted-firmware/docs/resources/diagrams/int_handling.dia a6a4256584fddbb776f1e274748edeff4289cf4a - arm-trusted-firmware/docs/resources/diagrams/psci-suspend-sequence.png 1586bdc989b8698512851e436d39fed8ad375030 - arm-trusted-firmware/docs/resources/diagrams/romlib_wrapper.dia 64d840596ae8dbdfb803bfdd471e3d4e7955ca82 - arm-trusted-firmware/docs/resources/diagrams/fwu_flow.png 9bd9241452f165fcc7e5018bf8a24204767fa036 - arm-trusted-firmware/docs/resources/diagrams/ffa-ns-interrupt-handling-sp-preemption.png 4d2668ab5814fb9b799f65b69b427db29952658b - arm-trusted-firmware/docs/resources/diagrams/ffa-secure-interrupt-handling-nwd.png a0ca882a9a47bf5642759780b006f69f3c667fff - arm-trusted-firmware/docs/resources/diagrams/context_management_abs.png d5775195107610d6a67d5d7f8af6590e4e53e570 - arm-trusted-firmware/docs/resources/diagrams/default_reset_code.png 961fd0fc52b27792b27c6cc8b9f210be8959e285 - arm-trusted-firmware/docs/resources/diagrams/ffa-ns-interrupt-handling-managed-exit.png b42c9e2672802e26c9137df29eff6a1c68652ea6 - arm-trusted-firmware/docs/resources/diagrams/context_mgmt_proposed.png ad73cbcd10b1b5e45ca3a01df6c435b345686322 - arm-trusted-firmware/docs/resources/diagrams/draw.io/ehf.svg a2eed4587b5987e97e3f8207a2c9783c5e322c90 - arm-trusted-firmware/docs/resources/diagrams/draw.io/ras.svg 2c5f1b895b01d75ebe2fd874d61f728fe18fca4a - arm-trusted-firmware/docs/resources/diagrams/draw.io/ras.xml 4eb0b99548ee5cdbff9d0e01b3455c7c1e1af275 - arm-trusted-firmware/docs/resources/diagrams/draw.io/ehf.xml 732ce8b12943c9ca218e89a1aa3eae1379952d12 - arm-trusted-firmware/docs/resources/diagrams/plantuml/fip-secure-partitions.puml 0130e90e98cac66f9ac28a56d8fa17af801ead7a - arm-trusted-firmware/docs/resources/diagrams/plantuml/io_dev_init_and_check.puml cde708741ffdd39f92d8670aea4a93ef451cd611 - arm-trusted-firmware/docs/resources/diagrams/plantuml/spm_dfd.puml 7ca50157b91a940fdcd61fed7da54e93501b2c3e - arm-trusted-firmware/docs/resources/diagrams/plantuml/io_framework_usage_overview.puml e357fbb8d83445182b61abea380d1885e484c4cb - arm-trusted-firmware/docs/resources/diagrams/plantuml/tfa_dfd.puml 0cbedd3989e3d4fc11c3401d7b250d8b14411c50 - arm-trusted-firmware/docs/resources/diagrams/plantuml/sdei_explicit_dispatch.puml 2c516abafcee77f3889360526590d0764a35d61c - arm-trusted-firmware/docs/resources/diagrams/plantuml/bl2-loading-sp.puml 89429fb35fc54ad81b4aab0c9d5860b228aab347 - arm-trusted-firmware/docs/resources/diagrams/plantuml/fconf_bl2_populate.puml 7eb6ecf49d5ec8a975cccdc3aeb0d994e07362a0 - arm-trusted-firmware/docs/resources/diagrams/plantuml/fconf_bl1_load_config.puml 9e7994a98a6d3531ff8f3c7e16b9e27ae0240805 - arm-trusted-firmware/docs/resources/diagrams/plantuml/io_arm_class_diagram.puml 853a892ccba3dedfcb4491b7ad449b46d6a4d47c - arm-trusted-firmware/docs/resources/diagrams/plantuml/sdei_general.puml 695a4bfc3f0c50586104d10e16a8527c37f3541f - arm-trusted-firmware/docs/resources/diagrams/plantuml/io_dev_registration.puml 125013620e921736b4b48b912f62657eb06ae363 - arm-trusted-firmware/docs/threat_model/threat_model_spm.rst 6370cee0ae902a8040401edd8f2ce7aa0d67a170 - arm-trusted-firmware/docs/threat_model/threat_model.rst c39c2e4ba3f12fbad74aac5304a27e5b3c3fc272 - arm-trusted-firmware/docs/threat_model/index.rst 6fd5a13007e2c86b56b83ed08af9e4343890c44d - arm-trusted-firmware/docs/threat_model/threat_model_fvp_r.rst 3c9105f13eb03be1b0c0035eb88daafdd219f4a1 - arm-trusted-firmware/docs/design_documents/context_mgmt_rework.rst 1cf19041279928d9215bdd8c91a1559b37e426b4 - arm-trusted-firmware/docs/design_documents/measured_boot_poc.rst b5585102476dfaccde6a472ab5485236468a4d14 - arm-trusted-firmware/docs/design_documents/cmake_framework.rst 458dad419f00db20225a3987ea193db385391688 - arm-trusted-firmware/docs/design_documents/index.rst d0aa75e869685b4dadea831588e9175113411e43 - arm-trusted-firmware/docs/about/features.rst 3d4d6eeef77d8e11c9b5da38bf3008531d4cdff8 - arm-trusted-firmware/docs/about/acknowledgements.rst bd485ae1fd78b7134ac1b633b73d320c4de37262 - arm-trusted-firmware/docs/about/index.rst b797ee1a8501bb526a8f4e22f7bf644d83ffc96d - arm-trusted-firmware/docs/about/maintainers.rst 4717f5ce955ade54d71c40eb4edc26c2ae63540a - arm-trusted-firmware/docs/about/release-information.rst 15453cf4faa84e1c067c1b9125f90e625547f47d - arm-trusted-firmware/docs/about/contact.rst a928b648d0677930c926401b40e335f052e97be5 - arm-trusted-firmware/docs/plat/mt8195.rst 9085fb1504d30c5d3e75304a86dfa8a1225967b3 - arm-trusted-firmware/docs/plat/qemu.rst 45f03fd73a50f2fe124a2bd1d70fb40243ba0e82 - arm-trusted-firmware/docs/plat/warp7.rst 53f0692ccc04d5d659e88ac1dc1080af6dcda94d - arm-trusted-firmware/docs/plat/qti.rst f2bbe77ac618ba9be663de2bba3cee62eaf17f60 - arm-trusted-firmware/docs/plat/mt8186.rst 0db6c8e13659db1d29238baa7d8a870a4e821546 - arm-trusted-firmware/docs/plat/stm32mp1.rst a970558632482b93ee96aba756982061d20ea4e8 - arm-trusted-firmware/docs/plat/intel-agilex.rst 556090a5f980031e56bccbb5c6d93f41384aad09 - arm-trusted-firmware/docs/plat/intel-stratix10.rst 1fb07134c685f21246757d77653a8c6bb12d949c - arm-trusted-firmware/docs/plat/socionext-uniphier.rst a80443b8a04209092463f6005843be7eb0dc832d - arm-trusted-firmware/docs/plat/rpi3.rst de25efbc7acce27ba0385c2c51a59fbc0f7f7124 - arm-trusted-firmware/docs/plat/brcm-stingray.rst 84cb8ce1de6f042d0693d8a1a4bb2265ef8a7ed0 - arm-trusted-firmware/docs/plat/meson-axg.rst 4905e051c0a996867dcc2389b8bd5430b0741699 - arm-trusted-firmware/docs/plat/imx8.rst 8b88e9d6cfe72a03efd7e226122d5cd33334fe66 - arm-trusted-firmware/docs/plat/ti-k3.rst a06622efc4dca7ce03e6ea2e305e8a0b8d422bef - arm-trusted-firmware/docs/plat/deprecated.rst 12b7c2db7722b49705438fabf8b96c0943d163bd - arm-trusted-firmware/docs/plat/meson-g12a.rst df909307e45e07ec88f455e8ef27abedd18e3592 - arm-trusted-firmware/docs/plat/rockchip.rst b54be1ac4f13d0a724629f301e245bbcc4379d44 - arm-trusted-firmware/docs/plat/nvidia-tegra.rst 15d03048959cdd154b540a3b91f7aa6b48f7a7ef - arm-trusted-firmware/docs/plat/allwinner.rst 2ed0c805bd3cba59619101f0918aeac59d4e6fd3 - arm-trusted-firmware/docs/plat/rcar-gen3.rst ddffb1cc078fd2d3c58ed8cde2b32388ccd532c9 - arm-trusted-firmware/docs/plat/meson-gxl.rst 9bfeb07c04a47aacac6ae649f75799c894e74067 - arm-trusted-firmware/docs/plat/mt8183.rst 01b97fb19ab7a8e8baa5a1a96d35f2cb5dc0a05c - arm-trusted-firmware/docs/plat/rpi4.rst 3cefd2238957aeadfec4d578846bb38b56ca5c26 - arm-trusted-firmware/docs/plat/hikey960.rst ed1a65471d042b402028616f2e38ed56b42dc891 - arm-trusted-firmware/docs/plat/qti-msm8916.rst 9e85f6fbc5306c4b0604e98de5fcbddb385c4ce1 - arm-trusted-firmware/docs/plat/mt8192.rst f8d9d0b4336229fecb1a12937b0f1a9b6060aa0b - arm-trusted-firmware/docs/plat/xilinx-versal.rst d714f1279de4aa5eb4519255578a2718fc8e3a1e - arm-trusted-firmware/docs/plat/imx8m.rst 05664e895ce6375be6ad98e9576013d1209cb012 - arm-trusted-firmware/docs/plat/hikey.rst a6c4746123e21eba44253912da4e92f0fd31a6cc - arm-trusted-firmware/docs/plat/rz-g2.rst 028d90ceedfb507b0ee1532f28cb8842f1f5b19f - arm-trusted-firmware/docs/plat/index.rst d0ad3f088b7307bd002023c2fcda2de07a36f40f - arm-trusted-firmware/docs/plat/synquacer.rst 25ec8ee5167ea3d60afe26566de20782ee6aa44c - arm-trusted-firmware/docs/plat/qemu-sbsa.rst 080191f60f9e441f7527257b977a2c8f6d8c5533 - arm-trusted-firmware/docs/plat/poplar.rst 2a492964dd82db785e381f828fae2b2a729f6749 - arm-trusted-firmware/docs/plat/meson-gxbb.rst 4b9ecd5b7418c0a333435d823205f0569bf5e668 - arm-trusted-firmware/docs/plat/xilinx-zynqmp.rst e5e2720a56dd4b68568aae99f664a7478121e8cf - arm-trusted-firmware/docs/plat/marvell/index.rst 5315af3195d5a7c46ec750dccbf4f684c0df4e81 - arm-trusted-firmware/docs/plat/marvell/armada/porting.rst c143e2ca6a4cf9f94d9017f083b9d5dac2a5167d - arm-trusted-firmware/docs/plat/marvell/armada/build.rst bcb055e4f5b81eda0adb88f8b79f78b72b1332b9 - arm-trusted-firmware/docs/plat/marvell/armada/misc/mvebu-amb.rst 30afe5cabdcd30362317ee05e9fc4203912e1e30 - arm-trusted-firmware/docs/plat/marvell/armada/misc/mvebu-a8k-addr-map.rst 3b71f880342eddec219418df7f6e6034cce505b5 - arm-trusted-firmware/docs/plat/marvell/armada/misc/mvebu-ccu.rst 0af03a25bc9938840be478afe1f0c3375e852dc7 - arm-trusted-firmware/docs/plat/marvell/armada/misc/mvebu-iob.rst 4496a36f12db50b8075c93550ad2b7a23c24e490 - arm-trusted-firmware/docs/plat/marvell/armada/misc/mvebu-io-win.rst aa2be0dce19adf3702025c84d42587a8d1febeb0 - arm-trusted-firmware/docs/plat/arm/index.rst 3abb2d351f8ba63685ce15c862339db9da2d3ce2 - arm-trusted-firmware/docs/plat/arm/arm-build-options.rst dc03d6c732257847d92bd05db0e2b93163870fd7 - arm-trusted-firmware/docs/plat/arm/corstone1000/index.rst 46e0aef67518d4e85f7b3f9dc17b5e3a36fc9640 - arm-trusted-firmware/docs/plat/arm/morello/index.rst e2a46aa8e82f95847753a68a0be016142edd63d4 - arm-trusted-firmware/docs/plat/arm/juno/index.rst b2ee822aa3f35f04c12fdc9ab44cd66e70b96f38 - arm-trusted-firmware/docs/plat/arm/fvp/index.rst b10bad88c8647f9ecfe8b3bad163830573cfbdc0 - arm-trusted-firmware/docs/plat/arm/arm_fpga/index.rst a845be9736fc1cfcd3cefda5b6a0bde2419f9bc0 - arm-trusted-firmware/docs/plat/arm/fvp_r/index.rst 09ec3654ccddcc7942d92d28d1cf1ccc973ba893 - arm-trusted-firmware/docs/plat/arm/tc/index.rst 839b91011a0ebdde7ac9b056ab0a3b087ef11114 - arm-trusted-firmware/docs/plat/arm/fvp-ve/index.rst 7b3072f9759a1fe276a22dcb70d936006608d299 - arm-trusted-firmware/docs/plat/nxp/nxp-layerscape.rst ed3ec7c6e5baceda79c359ce661ac80dbf660d61 - arm-trusted-firmware/docs/plat/nxp/nxp-ls-tbbr.rst 231fc05a0b2de9270bfe513d92b37243b1cc9601 - arm-trusted-firmware/docs/plat/nxp/nxp-ls-fuse-prov.rst 5d7bd6f5908ace2c36015e0535f2deacac9a2956 - arm-trusted-firmware/docs/plat/nxp/index.rst af63c8f1c70b2c589dba26872e3ba5244236722f - arm-trusted-firmware/docs/design/reset-design.rst 6e60dedac282498dc34de3ebcecd6f0119e7348d - arm-trusted-firmware/docs/design/trusted-board-boot.rst b15afee5cbc5225a2ef2f709e9761fa2cd73d65e - arm-trusted-firmware/docs/design/psci-pd-tree.rst ffda28459589a0ec22cacc12c5b92103ed64fbbc - arm-trusted-firmware/docs/design/auth-framework.rst f880dd25cbf380065e9d345752376e40bc756664 - arm-trusted-firmware/docs/design/interrupt-framework-design.rst ff4749d1e71cf1665bbc340e11787c971b395fbc - arm-trusted-firmware/docs/design/trusted-board-boot-build.rst a3f0b5a39e2120fdbcad8de599b7c1a18345cfcc - arm-trusted-firmware/docs/design/alt-boot-flows.rst c090c0207efbf2dd33e604231ac981d68aeef308 - arm-trusted-firmware/docs/design/cpu-specific-build-macros.rst d789165adbc9c0e0ace7d7326f1cf7512fa63c88 - arm-trusted-firmware/docs/design/index.rst b5b729e65177f7baad24fd693c9b5a9993c50776 - arm-trusted-firmware/docs/design/firmware-design.rst 3fe053ce17752ae01f7d815a5df51f4887d2749f - arm-trusted-firmware/docs/_static/css/custom.css ff8ad4850057cbaba3caddae15b9429bb9c42b66 - arm-trusted-firmware/docs/perf/tsp.rst 3e1557ac89eff3ea7cb96e090dcc6cd147117008 - arm-trusted-firmware/docs/perf/psci-performance-juno.rst a19b41fb4dbff6144a8b5f04eb7c296b63c442d6 - arm-trusted-firmware/docs/perf/index.rst 840dcafe1996d0299a5922474d7980b6d2eb779c - arm-trusted-firmware/docs/perf/performance-monitoring-unit.rst 939eb2b8d82c68d6c9a4e8c1271bd83151818553 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-1.rst 1b8c8e49a1eac7ac65f01b730ef3d22dee6de50f - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-5.rst b748a01e82c3ad35dacc68ae9295e4553d57beab - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-3.rst e03dee87868096ffa7982026e20837ddfc9a6aa3 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-4.rst 266a8326bc618859a7a18572589b40f197ed1a82 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-6.rst fab06483aeca0f68846039c9146a6d828ab12518 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-7.rst 5a8ee89be8b54261b0e207ca882fab66cb4db5b9 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-2.rst 63e67342811855c2803be11bca43aa4c60543575 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-8.rst 48c2d42e738237365f9158ca022d56408ef538e9 - arm-trusted-firmware/docs/security_advisories/index.rst 1441246fa837376cb589e45510656ca210e18bb6 - arm-trusted-firmware/docs/security_advisories/security-advisory-tfv-9.rst 32237d53d0db21dee6eedd6143e60e46dec6d79e - arm-trusted-firmware/docs/getting_started/docs-build.rst 9c961219684a654a9367ffdf4856dd21080cfc97 - arm-trusted-firmware/docs/getting_started/porting-guide.rst da2d29864297e0b06dc8f7ac1d17288a078ae5c6 - arm-trusted-firmware/docs/getting_started/psci-lib-integration-guide.rst 6cc854b04d58541fc0e9043f88c7ece6a68c925d - arm-trusted-firmware/docs/getting_started/tools-build.rst 6ea980565b00e400d102f63072c110d6471b0818 - arm-trusted-firmware/docs/getting_started/initial-build.rst 6914f4b323e042c91ae58018d9217b08f655997d - arm-trusted-firmware/docs/getting_started/image-terminology.rst 97122206fcc716ab5581232da8de4685ba9e7df9 - arm-trusted-firmware/docs/getting_started/rt-svc-writers-guide.rst e95ba49d1a46a2db605b69f5425a6bc6069d9a41 - arm-trusted-firmware/docs/getting_started/prerequisites.rst 34beaf5d32a409eabaabd8b492f4ffb95daf2b70 - arm-trusted-firmware/docs/getting_started/index.rst 96e5d7607dc9d3c5db2cc3e15eb9b771a429b761 - arm-trusted-firmware/docs/getting_started/build-options.rst 9fcde12a65498faac5c43825aec87d7fd0f2ecb2 - arm-trusted-firmware/docs/process/security-hardening.rst 3f4a6d7ff70fb05d5b604632a17c4f84f8c5ab3a - arm-trusted-firmware/docs/process/faq.rst 2e72ba549eae51afb536d262d8daa4d81aa9a18a - arm-trusted-firmware/docs/process/coding-guidelines.rst 947dfc47181528100c27204431008074dead97a4 - arm-trusted-firmware/docs/process/commit-style.rst 642d7817092741083f4726c2c178f0c3d0e9bba2 - arm-trusted-firmware/docs/process/security.rst 5d47110e0bea04401c509ac372927b21ea650e12 - arm-trusted-firmware/docs/process/contributing.rst 0f5d2a3f45d1b5b5a634ea677c87983ab7a5e769 - arm-trusted-firmware/docs/process/platform-compatibility-policy.rst 3a4d85651ee64cc9eeb924af2325478bcf1f71e2 - arm-trusted-firmware/docs/process/coding-style.rst bfb4f8dc9ec952cc5582f0a704de50db89072cf8 - arm-trusted-firmware/docs/process/code-review-guidelines.rst b69510d5984b9f3bc4ecb789acab9ba5308eb6b6 - arm-trusted-firmware/docs/process/index.rst 9db58fa601138b8e16c395f19913a1f106be570c - arm-trusted-firmware/docs/components/realm-management-extension.rst 164b5be074959cef709b8de7cd264d2b720e0386 - arm-trusted-firmware/docs/components/secure-partition-manager.rst 5064b1a7d15e72b127c8fbacf8f11b087446958a - arm-trusted-firmware/docs/components/secure-partition-manager-mm.rst d2201aab60e237cccd20ad636c8ad4224d7f0571 - arm-trusted-firmware/docs/components/romlib-design.rst a4af3a93464aafab3bb5428082fa9dec58ed73b5 - arm-trusted-firmware/docs/components/ras.rst ca2c86b55376dc70e6bbbb76058286ac38e35ba0 - arm-trusted-firmware/docs/components/sdei.rst 963a2ee9d3bf60564d3ab545fed12694fec33fff - arm-trusted-firmware/docs/components/cot-binding.rst 3018701b7ef2e5eca172d3608726f506c4b22909 - arm-trusted-firmware/docs/components/debugfs-design.rst ec0ac249385853eeb84cc0e4151f612b9d23cadf - arm-trusted-firmware/docs/components/ffa-manifest-binding.rst b8d62ed8d8e52992c481b3f032a11c132ddc32ca - arm-trusted-firmware/docs/components/mpmm.rst aca3aea7df00338e307623d4735b027b76f48985 - arm-trusted-firmware/docs/components/platform-interrupt-controller-API.rst 75d075c879040f97f06e2a7b3b6bd34df86b48ac - arm-trusted-firmware/docs/components/activity-monitors.rst 193002dc879b3270f34cff05228d20d88d099fce - arm-trusted-firmware/docs/components/index.rst 8a1dffa8292f295ef5014ac04a74011b4aeea398 - arm-trusted-firmware/docs/components/exception-handling.rst 11abe92eab64d997319223639ad2693b7f7c8535 - arm-trusted-firmware/docs/components/arm-sip-service.rst 602d20bd46337be44a23550620a7a1f748130fb9 - arm-trusted-firmware/docs/components/xlat-tables-lib-v2-design.rst 72ac59432a0693df36a09334d6f57a6f9491189f - arm-trusted-firmware/docs/components/granule-protection-tables-design.rst e267bb8c86ec7cc1d683daacbb53bd387881178d - arm-trusted-firmware/docs/components/firmware-update.rst d795da44f403a2a0bc4010ba95915fcabbef3c31 - arm-trusted-firmware/docs/components/fconf/amu-bindings.rst 10529cbd50c1b2a10d7bf7669a515a30f564db2c - arm-trusted-firmware/docs/components/fconf/mpmm-bindings.rst 1d91355dae9ce87dd6d332bfe96019333abb6da0 - arm-trusted-firmware/docs/components/fconf/fconf_properties.rst c3411adb08049c0735f5b9be29bc976bbcde69c8 - arm-trusted-firmware/docs/components/fconf/index.rst 68d992f28a446b0ffe6adad209b6189f9f0dd6a9 - arm-trusted-firmware/docs/components/spd/trusty-dispatcher.rst e583074d9e81fffee8804f560b145fa486f1aba8 - arm-trusted-firmware/docs/components/spd/optee-dispatcher.rst 5d7421fde74010efb451e6e515079f37ec3227e2 - arm-trusted-firmware/docs/components/spd/tlk-dispatcher.rst ee5cface9280894c7d9860dccb78eda3849c9cab - arm-trusted-firmware/docs/components/spd/index.rst e289a8345f0c801d0e1d079b94c6752a31a28396 - arm-trusted-firmware/docs/components/measured_boot/event_log.rst f39c4c5b080cb5537f0260d9f3e477e02aa63bfa - arm-trusted-firmware/docs/components/measured_boot/index.rst ae44163001e4ade4c2e29f6afb43316e7584ee41 - arm-trusted-firmware/bl31/interrupt_mgmt.c 5c6a4c08a854ddd3d464e6d96f605ff5e28fcf28 - arm-trusted-firmware/bl31/ehf.c ccc40b094b337f6e60b8a4f2a7470ab4c1264f4f - arm-trusted-firmware/bl31/bl31_main.c 75c196ade8ef57a9775c286e3c2f88b52c492e67 - arm-trusted-firmware/bl31/bl31_context_mgmt.c 57600ae63b254bd5341c3728038049d1e9526b9a - arm-trusted-firmware/bl31/bl31.ld.S 64b21af0df86a3f591cbf9889b0990e313980048 - arm-trusted-firmware/bl31/aarch64/ea_delegate.S 86ee5f1020a1ae3e8788204817e6b6fcb0da5922 - arm-trusted-firmware/bl31/aarch64/bl31_entrypoint.S 7c846b0cc5af2d57b0a9ccac7bb940b95f682bce - arm-trusted-firmware/bl31/aarch64/crash_reporting.S a6aee212d05e2c649a137adf37160a8d24360040 - arm-trusted-firmware/bl31/aarch64/runtime_exceptions.S edb672bfa3c76059c60544793fb08658398cb3b2 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_fip_def.h c7727e6a5eb36a39432103f9641b5d1c522fb1a7 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_def.h d0b4272a97d261d88b6bff05bd2162e0d939ffbb - arm-trusted-firmware/plat/st/stm32mp1/plat_bl2_mem_params_desc.c dacc55b49253b5d86f120fe7e2ed1de0aaadadcc - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_private.c 71c56ab2e235cc9495de74461f1e2035229c09c0 - arm-trusted-firmware/plat/st/stm32mp1/plat_image_load.c 58a5d9c283fcb21c6328e65dda44190d07fe6bb2 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_syscfg.c b900c2f6ef836a0f77c00c851815a09220d8c5e3 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_fconf_firewall.c 4ee1c481f43d2f2b9798ffc1f9c6cafa4d1cc371 - arm-trusted-firmware/plat/st/stm32mp1/plat_bl2_stm32_mem_params_desc.c 10b1e53e6d0c0b259d531d284d6b2f64978ff33d - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_boot_device.c 0f0baced38fb65393cd300bdc024b68e707f5f4b - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_topology.c ec9fe0a8eec79fee1d3dd34bf1a969b8f0b93f4a - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_shared_resources.c f171c1cd88d3ea2070a747ca519f7d6b9e8257f5 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_usb_dfu.c 3cdcc47dcc28c6e6de2c940df01b5c91d95af92c - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_helper.S 9ad0a2f43f8a0c69c26073e06425579f59986e7b - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_pm.c 7b00ed042c247bac94b4766cb42dddc0e21764fc - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_scmi.c 77c94644e0ef95316e08e0a339fb16a856ae5d97 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_dbgmcu.c 3139c2b0c93ae17696224f59b5486f65e1649dc7 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_gic.c 43753b990fdb953ffc38ef29474ef4af453444b7 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_stack_protector.c 743906eebddff48371349626564704fa54fcdd27 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1.ld.S e53bc6a3ed66be157fcca494d961241c4a067815 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_security.c c0910ed9fa547ff95728b0592ee3be13b3615d98 - arm-trusted-firmware/plat/st/stm32mp1/bl2_plat_setup.c 82d557ad976b6dfd8dcdce69b68986e9be70cd5a - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1.S 6a49ad3765ad1a5c42b66eea4f7aeed6c721fdc2 - arm-trusted-firmware/plat/st/stm32mp1/stm32mp1_stm32image_def.h 7eaf59b974175885a0dfccf0b42c774580444f92 - arm-trusted-firmware/plat/st/stm32mp1/include/stm32mp1_smc.h 6d6391c62306978263be31d559221680ed9b6025 - arm-trusted-firmware/plat/st/stm32mp1/include/stm32mp1_shared_resources.h 0cbf680fead56b073a247b36589a06e814bf8995 - arm-trusted-firmware/plat/st/stm32mp1/include/boot_api.h d12872b893bf8db2b51b7243dd638bf34e9d6cfa - arm-trusted-firmware/plat/st/stm32mp1/include/stm32mp1_dbgmcu.h 6a9fdf66f28b06f20ed4b08bed769e38d88e5995 - arm-trusted-firmware/plat/st/stm32mp1/include/platform_def.h 34bda94b3b92d9b971e0e52f26c98293f35800df - arm-trusted-firmware/plat/st/stm32mp1/include/stm32mp1_private.h 86477b53739886930268a20a1950ef8cb2a1c279 - arm-trusted-firmware/plat/st/stm32mp1/sp_min/sp_min_setup.c 406790007d4d597b108faf9871360acfa7cdcf23 - arm-trusted-firmware/plat/st/stm32mp1/services/stm32mp1_svc_setup.c 3b882920ab056c9bbc38be63b2715e1d796109c4 - arm-trusted-firmware/plat/st/stm32mp1/services/bsec_svc.h 89ab811529f632c51fa5e732be395bac1ea89887 - arm-trusted-firmware/plat/st/stm32mp1/services/bsec_svc.c 356f823bccc7081e026233c6fb511c0602208101 - arm-trusted-firmware/plat/st/common/usb_dfu.c 278442fbef0471df0addfc2b3ce1b10552541e65 - arm-trusted-firmware/plat/st/common/stm32cubeprogrammer_uart.c 79d69f4be6d9e1fc494884f41f92bede1b67c8ff - arm-trusted-firmware/plat/st/common/stm32mp_dt.c 46faa99b227394b11051186b86a163d67c081adc - arm-trusted-firmware/plat/st/common/stm32cubeprogrammer_usb.c ad3aca5d4f9af9d21c376f972399e2cbbb7102e8 - arm-trusted-firmware/plat/st/common/bl2_stm32_io_storage.c 0d0e487dbff201564fae2a5f2e0bc45059a3ad3d - arm-trusted-firmware/plat/st/common/stm32mp_common.c b6a6f8374d7f3eadc9cd9b6ad93f62ed12f6851f - arm-trusted-firmware/plat/st/common/stm32mp_fconf_io.c 7a33a3419c93c0bbb21a2c8df792965674477cbf - arm-trusted-firmware/plat/st/common/bl2_io_storage.c a0bc3acc4ac585d95f9023d8859733edb1ff9c9a - arm-trusted-firmware/plat/st/common/stm32mp_auth.c dd7ae18098736e737a0482a59de65f64d5edd503 - arm-trusted-firmware/plat/st/common/include/stm32cubeprogrammer.h b270dbb723f5c002dbf393eb752ccb946afc5baf - arm-trusted-firmware/plat/st/common/include/stm32mp_shared_resources.h 8bb1550cf77c8680e05ba46ad44ab77ff26bb8f3 - arm-trusted-firmware/plat/st/common/include/usb_dfu.h 4ca9fb0296b649411cecd45263ecadb41540d6e4 - arm-trusted-firmware/plat/st/common/include/stm32mp_fconf_getter.h a48402444da4bcb7bce60d2e3f9972f07bebc8a4 - arm-trusted-firmware/plat/st/common/include/stm32mp_dt.h 1125720a4a5573b7f8197d2dabdf308f51407896 - arm-trusted-firmware/plat/st/common/include/stm32mp_efi.h af93ef4188fb3950141bc4c2a6e971e965e5c071 - arm-trusted-firmware/plat/st/common/include/stm32mp_auth.h 2a0d6172df32ead3a019d2cbc33e260c3aeba294 - arm-trusted-firmware/plat/st/common/include/stm32mp_common.h 8c442ea195baf9461f2165bae528286c5a71e7ca - arm-trusted-firmware/plat/st/common/include/stm32mp_io_storage.h 3bb10820f3cac4793d72ccd0dbaa9513b9945d80 - arm-trusted-firmware/plat/rockchip/common/rockchip_gicv3.c 4a1355d1645ef943a89aa54999041bd5a970c764 - arm-trusted-firmware/plat/rockchip/common/rockchip_stack_protector.c 9213c21ad6f4d071ef85303d7f16f295b02bc212 - arm-trusted-firmware/plat/rockchip/common/rockchip_gicv2.c 32f9de1c486103a42cf6a9d291f42989b42a98e4 - arm-trusted-firmware/plat/rockchip/common/plat_topology.c 1f63c15382d48351f3d1c1709e7428545ce2cb72 - arm-trusted-firmware/plat/rockchip/common/rockchip_sip_svc.c d30876af46d1b3b1d2c18f43fa7894f8fda3c5f8 - arm-trusted-firmware/plat/rockchip/common/bl31_plat_setup.c 91be87581dcd25681be045b39eb7934ec59a6fa9 - arm-trusted-firmware/plat/rockchip/common/sp_min_plat_setup.c 4761873c26add12f8bff6e22a79c209ce1923023 - arm-trusted-firmware/plat/rockchip/common/params_setup.c 85d08d7cf74717daed56a0770f3c79bca90280dc - arm-trusted-firmware/plat/rockchip/common/plat_pm.c 4db0b70aecaf5352c4deda76075a44c7ed772f91 - arm-trusted-firmware/plat/rockchip/common/pmusram/cpus_on_fixed_addr.S 23b124a5b49de1ae84aecc76669a8e76f9579f93 - arm-trusted-firmware/plat/rockchip/common/pmusram/cpus_on_fixed_addr.h 2360baef8c09eed0a7d7ca2b2f97f9405c9bfd92 - arm-trusted-firmware/plat/rockchip/common/include/plat_macros.S e0b9109d2e15ba78290c67b35d231cc82990137e - arm-trusted-firmware/plat/rockchip/common/include/plat_params.h 5c6218088ea95aa4cdcffbabdfabcf2054405b9a - arm-trusted-firmware/plat/rockchip/common/include/plat_private.h c08e0dba86277197d207590daf335b7a863f4f32 - arm-trusted-firmware/plat/rockchip/common/include/rockchip_sip_svc.h 5b690165e56aee2f4e71841059154598362ce876 - arm-trusted-firmware/plat/rockchip/common/drivers/pmu/pmu_com.h 5c96dda447934109fef22dbfc20108fea56100fe - arm-trusted-firmware/plat/rockchip/common/drivers/parameter/ddr_parameter.c e40967392bea64496e752401f887b55eae946bf3 - arm-trusted-firmware/plat/rockchip/common/drivers/parameter/ddr_parameter.h aceb5792fbe22f18f421f2a754469db4f6f62cac - arm-trusted-firmware/plat/rockchip/common/aarch64/plat_helpers.S 258f177b9b9412883f714cff3406818288eca04f - arm-trusted-firmware/plat/rockchip/common/aarch64/pmu_sram_cpus_on.S 47fca1d947e59a046afce81911f7f552c72c6ab5 - arm-trusted-firmware/plat/rockchip/common/aarch64/platform_common.c 63a3ba51a470fe12e6026880ee67d6de178f8590 - arm-trusted-firmware/plat/rockchip/common/aarch32/plat_helpers.S ba0fb41c4b6e827fc3092feb1e41d096daa7e77c - arm-trusted-firmware/plat/rockchip/common/aarch32/pmu_sram_cpus_on.S 505eeb07bdc39ad3e19a4f6676774af764d3c300 - arm-trusted-firmware/plat/rockchip/common/aarch32/platform_common.c 0b8ef1037611c38ba89966b1da4ef153e47b4fb4 - arm-trusted-firmware/plat/rockchip/rk3368/rk3368_def.h 524ab6d6a8a79e76857af71a8c36886929a16243 - arm-trusted-firmware/plat/rockchip/rk3368/plat_sip_calls.c c03dbe37ab69ed71bbbc9100b47ff77d3c1f19e9 - arm-trusted-firmware/plat/rockchip/rk3368/include/plat.ld.S 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware/plat/rockchip/rk3368/include/plat_sip_calls.h 5817c26932930a69f20037fcfd33b6f700e518a0 - arm-trusted-firmware/plat/rockchip/rk3368/include/platform_def.h 0ea97dd2ed72ec48826e4668463b1067b1e3e91a - arm-trusted-firmware/plat/rockchip/rk3368/drivers/pmu/plat_pmu_macros.S 859692a896bf24f76093c6cc1a923f3bd7f06c49 - arm-trusted-firmware/plat/rockchip/rk3368/drivers/pmu/pmu.c 985e72c79b58499d32fbf6ef6f46a741c6356e9d - arm-trusted-firmware/plat/rockchip/rk3368/drivers/pmu/pmu.h a4fe0b238351912e5a3b7e1de16ea4b470dbcfe0 - arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/ddr_rk3368.h edac1a959247a82db5f820097a9f8ded6c4665b4 - arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/ddr_rk3368.c 7a2d810a3f11780033972a9b1f3f2eb09adddfc5 - arm-trusted-firmware/plat/rockchip/rk3368/drivers/ddr/rk3368_ddr_reg_resume_V1.05.bin 22974ca90d72fb96f260417ace863c692dad5cdc - arm-trusted-firmware/plat/rockchip/rk3368/drivers/soc/soc.c cb622b7fdee1e5387ed783d371b6cfdd0400df92 - arm-trusted-firmware/plat/rockchip/rk3368/drivers/soc/soc.h 524ab6d6a8a79e76857af71a8c36886929a16243 - arm-trusted-firmware/plat/rockchip/rk3288/plat_sip_calls.c 7d9851bfe1b3a6bff1b3fe3a5a42152bdbbdd641 - arm-trusted-firmware/plat/rockchip/rk3288/rk3288_def.h 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware/plat/rockchip/rk3288/include/plat_sip_calls.h 0a2a001f434d83ab306c453b6d60f886a0b59a96 - arm-trusted-firmware/plat/rockchip/rk3288/include/platform_def.h 58f0ccc10fae70932566781c7c34457a239e027c - arm-trusted-firmware/plat/rockchip/rk3288/include/plat_sp_min.ld.S 1321792bce42c44c3fed91fea86cceca52486ffa - arm-trusted-firmware/plat/rockchip/rk3288/include/shared/bl32_param.h 70ecc34e2c4236edbd52a088d6dc72300d1038e0 - arm-trusted-firmware/plat/rockchip/rk3288/drivers/secure/secure.h 90e4b5914845f3238bde4617bcf04acabfc52406 - arm-trusted-firmware/plat/rockchip/rk3288/drivers/secure/secure.c db1ef060ee221e9b61acbb781c42ed42e926b26e - arm-trusted-firmware/plat/rockchip/rk3288/drivers/pmu/plat_pmu_macros.S bcf5a24d5d284bc2b87c3b5299a9f548df4bc95f - arm-trusted-firmware/plat/rockchip/rk3288/drivers/pmu/pmu.c 53d9e3936b39e758560745d492d1473ac9c98278 - arm-trusted-firmware/plat/rockchip/rk3288/drivers/pmu/pmu.h 408d92dc22d97bff7148a2338e91746328b4bb4f - arm-trusted-firmware/plat/rockchip/rk3288/drivers/soc/soc.c 00a800ecdcad577d80ed2968cfee8abc2ff260d0 - arm-trusted-firmware/plat/rockchip/rk3288/drivers/soc/soc.h 80988c6b4c1d5c128f556b4704d2a13dca1b94ac - arm-trusted-firmware/plat/rockchip/rk3399/plat_sip_calls.c 07fcff2e4785739f2818730be2df2798395d6dd0 - arm-trusted-firmware/plat/rockchip/rk3399/rk3399_def.h 735db5fedc39c83875dd50d345431e840a75ce95 - arm-trusted-firmware/plat/rockchip/rk3399/include/addressmap.h 33691c33d59c3cbf5321efb5e9cf1ce6f908b1b3 - arm-trusted-firmware/plat/rockchip/rk3399/include/plat.ld.S 0454e2aefd623a64760090a825f3cb0c26b0a3ca - arm-trusted-firmware/plat/rockchip/rk3399/include/plat_sip_calls.h d037385198294976c392eaac15722c2bc43171e6 - arm-trusted-firmware/plat/rockchip/rk3399/include/platform_def.h f61d8134dfdbc2de01b130177e3623bfc96e582b - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/dram_regs.h 37de06dae36b2c9133dfa3db58b9403eca97534e - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/m0_param.h a3ec096942a7038a658d2de2da28c8d7772e2601 - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/pmu_bits.h dffb716056a5cfe4289bde5769bacd0a9c517467 - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/bl31_param.h d3a8c566b07530d947493f642a829c2173e7eb3c - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/addressmap_shared.h 514bb50a35bc277734414a501833d9cf9103b613 - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/misc_regs.h e27f9ab0eb7cc700bac4af81ef063675ddea3d16 - arm-trusted-firmware/plat/rockchip/rk3399/include/shared/pmu_regs.h 34cef331645617d77f27ee050065b2678b021605 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/secure/secure.h 12d0e498bcf7645b6d17eda0b6c88f9c68345720 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/secure/secure.c fdf96b7b34ebbd88b6c053c20c493dfcd5d2eec6 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/m0_ctl.h 4f34aa4fe829a116338b7c8cb363091b98b1df1c - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/plat_pmu_macros.S 21c19d18b927a98e453d2dd32fa075e1556c8d10 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c a203f9155033bc4a154799d63ebe669baadb7c82 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu_fw.c 26f96f6bfc5d8cd2811341eaa144693019daa5cf - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.h 8080df60a96f3ccb59e64a8c4468c29298a40160 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/m0_ctl.c 2f72933afb37b859ea9a98d233ab11f81301c9db - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/Makefile 98a096aced18ab4c9a4b3ab325773ed273acd4cd - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/include/addressmap.h 222366fd88fa37c34896b96be4724020febaf122 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/include/rk3399_mcu.h 9cfa6b80558dac90724c830c7c2b792099232962 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/src/rk3399m0.ld.S 249a2bba707f4aae60e76e4d2ca07180426f3657 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/src/stopwatch.c 3832f35bf0192ab6299ed6f72d97ea798c64ec01 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/src/dram.c c651d2e10f915a285792aa7e66836e66a3fb3b68 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/src/startup.c 15ccafa1fb201c2bdc50eb32beb4d9331e95424b - arm-trusted-firmware/plat/rockchip/rk3399/drivers/m0/src/suspend.c 912b3ac53149ee0912cdc571503cbe6f5d9e5e31 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pwm/pwm.h 81bb90565c30ebb1d2a2074e665099c5df4b3f16 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/pwm/pwm.c e4ba052fe71c1dbb0fd712a9e23751995fa17236 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dp/hdcp.bin 8af098c906ff4222b7fb1b8a8e528a842931e11a - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dp/cdn_dp.c 0e0164a1fd25ccd71404f643551fc197b6d3545f - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dp/cdn_dp.h 1761d34cf2fa35e5eaf8e4707cde5f3fec7345ce - arm-trusted-firmware/plat/rockchip/rk3399/drivers/gpio/rk3399_gpio.c fde45271c5e9a03975a13a19aa58f7ce1627247b - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dfs.c cc96ce897ce3dfd398d571f73d60df020e312a7f - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dram.h d4edbc276d8a41ceabeabd135ee44750077267fb - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dram_spec_timing.h 1a0ef7b5013eea98c8892cc73f9acf7aadc6542b - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dram.c 91fa17de464bf17060f5d782d3addc2d250f2bcf - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dfs.h 8bb28c62f323cba1149703071fa6c9cd723e7681 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/suspend.h 341cf7780e76c0eed9bb587ced84821148eaeba4 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/dram_spec_timing.c 455f3ca45423a7d3a17a25fa9a199ee6f33accdf - arm-trusted-firmware/plat/rockchip/rk3399/drivers/dram/suspend.c f10fc723b4f781fa92f52d189e12ab2599f2be33 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/soc/soc.c d6f6a92953b02dda92949d05699b4a8c09ec1ab6 - arm-trusted-firmware/plat/rockchip/rk3399/drivers/soc/soc.h ef5a8ce281d95041b91f8f165ef782642d022de2 - arm-trusted-firmware/plat/rockchip/px30/px30_def.h 6fd13eff5a2d17a6f2e651b3eba6211a93d3522f - arm-trusted-firmware/plat/rockchip/px30/plat_sip_calls.c be822c3b60a3f8f4215925d9c6aa8ff3d90ab56b - arm-trusted-firmware/plat/rockchip/px30/include/plat.ld.S 4abb3f49d90cc7242ff9d366432f9423ed190c44 - arm-trusted-firmware/plat/rockchip/px30/include/plat_sip_calls.h 8b1c4b26a5cf109ec97a2bd711e46dc76c20891c - arm-trusted-firmware/plat/rockchip/px30/include/platform_def.h 7129bd0759914b2bdbe0af12743e79277b990a3d - arm-trusted-firmware/plat/rockchip/px30/drivers/secure/secure.h e5df7e7476f59e23d9c3c1097c64bad93fb273ca - arm-trusted-firmware/plat/rockchip/px30/drivers/secure/secure.c 4661321c301694bb1cfb029693c60d50387885d6 - arm-trusted-firmware/plat/rockchip/px30/drivers/pmu/plat_pmu_macros.S 338871ee4d601414cf6ab0c718cb19938c37c7b5 - arm-trusted-firmware/plat/rockchip/px30/drivers/pmu/pmu.c 6940e4242af969ec608caab6d93dd03364b78580 - arm-trusted-firmware/plat/rockchip/px30/drivers/pmu/pmu.h 288f8f52c9a5423576d1fd403f776da8e5906395 - arm-trusted-firmware/plat/rockchip/px30/drivers/soc/soc.c dbc0dd67905cb60b55ff82d4f1d8bf96a7ec2514 - arm-trusted-firmware/plat/rockchip/px30/drivers/soc/soc.h 9eb41f0b086d93dd52f10cd88c871e9f872da485 - arm-trusted-firmware/plat/rockchip/rk3328/rk3328_def.h c03dbe37ab69ed71bbbc9100b47ff77d3c1f19e9 - arm-trusted-firmware/plat/rockchip/rk3328/include/plat.ld.S d0cf327dcd15f8fc85f2c3c93e82fd6199973f0b - arm-trusted-firmware/plat/rockchip/rk3328/include/platform_def.h 74e69a5d06c7c10f8fd04052bfd92c89a6b685c2 - arm-trusted-firmware/plat/rockchip/rk3328/drivers/pmu/plat_pmu_macros.S d6fb6002e2f08bc736d1fbcfef5f7d518331e24a - arm-trusted-firmware/plat/rockchip/rk3328/drivers/pmu/pmu.c 75d3fb351c1418d28d1be951921dde7cac623d53 - arm-trusted-firmware/plat/rockchip/rk3328/drivers/pmu/pmu.h aa37703bdb16d2d93c4cb6a1c3f5740f10400717 - arm-trusted-firmware/plat/rockchip/rk3328/drivers/soc/soc.c 888b9ca7b2dca798b061df341269bb1bf0cdc6a2 - arm-trusted-firmware/plat/rockchip/rk3328/drivers/soc/soc.h 1b86970e6e211ba1548f3469a4682db7c31577f1 - arm-trusted-firmware/plat/amlogic/common/aml_mhu.c 1c810633809eed169ef7ae47da01b6326b111a64 - arm-trusted-firmware/plat/amlogic/common/aml_console.c f1168dcf0c90f4d7a3456d82b909e287a16875ed - arm-trusted-firmware/plat/amlogic/common/aml_topology.c fa91c2d51bbe34be89ba41e055f4e78eba6ac67e - arm-trusted-firmware/plat/amlogic/common/aml_efuse.c 2321fbf75d8e96d90a1b6f6a14160c91b949cabc - arm-trusted-firmware/plat/amlogic/common/aml_scpi.c 22fc306f5f9b6613312023233481baaf99493614 - arm-trusted-firmware/plat/amlogic/common/aml_sip_svc.c 887d16c962bbfdec5ddb366c33ffec0ad5697447 - arm-trusted-firmware/plat/amlogic/common/aml_thermal.c 74bc476713af13ff5ee94c7bdad6c5763f99e9af - arm-trusted-firmware/plat/amlogic/common/include/plat_macros.S 5240bdc42061a821a089cae1eeca3fb799e6aa1c - arm-trusted-firmware/plat/amlogic/common/include/aml_private.h 61752908966c74b637938d2fa11e73c5d5373d9d - arm-trusted-firmware/plat/amlogic/common/aarch64/aml_helpers.S 28726387d3750ce4724f9147e5e173131ee7164f - arm-trusted-firmware/plat/amlogic/g12a/g12a_common.c 03a70925292deabd473bf5ffcd0d0d95dd70456e - arm-trusted-firmware/plat/amlogic/g12a/g12a_pm.c fe8712d8d4a3787c6c2456ffcc2cc468b12bfd7e - arm-trusted-firmware/plat/amlogic/g12a/g12a_bl31_setup.c 495f096204283e82b03abed56414e3d1a29f9b6f - arm-trusted-firmware/plat/amlogic/g12a/g12a_def.h 8e1154709ae343cd8d783739b29005ea2b9a7c7f - arm-trusted-firmware/plat/amlogic/g12a/include/platform_def.h 3667781fa0058dcdd1cff5587b45c798978c7966 - arm-trusted-firmware/plat/amlogic/axg/axg_bl31_setup.c d3c822e681ab6d5016ae06adb88ca9aeb6073aba - arm-trusted-firmware/plat/amlogic/axg/axg_common.c 7fdb79ffddbe1ee7f1b2c543a1eaa07f2671a2ca - arm-trusted-firmware/plat/amlogic/axg/axg_pm.c c60f26b9eb14d703065a758062f9c76e4e70f8ed - arm-trusted-firmware/plat/amlogic/axg/axg_def.h faf31bdcea206b83c40fbe2d878c14fa8327a37a - arm-trusted-firmware/plat/amlogic/axg/include/platform_def.h 3389361e87f5cd5e4f7e606599032c3aa3a41b72 - arm-trusted-firmware/plat/amlogic/gxbb/gxbb_def.h 25d4db1b1e385a2e45f4ffea43edbfc8bf4fef89 - arm-trusted-firmware/plat/amlogic/gxbb/gxbb_common.c 704885551348b4b44d9b7b092aafc3c54533b7e0 - arm-trusted-firmware/plat/amlogic/gxbb/gxbb_bl31_setup.c 80fbc4757d8f389dc885b90a5eef8c0c4f6e23c2 - arm-trusted-firmware/plat/amlogic/gxbb/gxbb_pm.c d558f98c64955249d21b9227149b68808cb3e358 - arm-trusted-firmware/plat/amlogic/gxbb/include/platform_def.h 8b93edbe34b51b737299797607de4e6ff0003917 - arm-trusted-firmware/plat/amlogic/gxl/gxl_common.c 550ec6753c2e8a5f41a920ea9bfffec47ae78dc8 - arm-trusted-firmware/plat/amlogic/gxl/gxl_bl31_setup.c 5ce07f2865d514a3a8979c638337a338fa110f74 - arm-trusted-firmware/plat/amlogic/gxl/gxl_pm.c 68a18488494ea52a108462ec30b6833447e75e62 - arm-trusted-firmware/plat/amlogic/gxl/gxl_def.h 22603b51918b7c1f721eee33d26629b16cff6683 - arm-trusted-firmware/plat/amlogic/gxl/include/platform_def.h 46c13e3cff3d9c29a733d01629589bd31b37eb5e - arm-trusted-firmware/plat/rpi/common/rpi3_stack_protector.c dc79372e77a81c53ff2886832f206db2f63873b7 - arm-trusted-firmware/plat/rpi/common/rpi3_topology.c d2d1fd0fffc8a200fd42f1b74c8c7d54c483f219 - arm-trusted-firmware/plat/rpi/common/rpi3_trusted_boot.c 11c87bf8a084123bf9a431cc289a66e23112bade - arm-trusted-firmware/plat/rpi/common/rpi3_rotpk.S 2880e20e8241800797f95dadcd5a206d82ba45ed - arm-trusted-firmware/plat/rpi/common/rpi3_pm.c e621f46501a2d1856f297145947d1c8d89d5f990 - arm-trusted-firmware/plat/rpi/common/rpi3_image_load.c 41feb9d914df818ac88209ee1569e1701d794248 - arm-trusted-firmware/plat/rpi/common/rpi3_common.c 854bc00d3c5fce60726920c1e5b1b7cd9352568a - arm-trusted-firmware/plat/rpi/common/rpi3_io_storage.c c3a79cfd4e400e0a2dfa7ee5e27e50f1bcd8464b - arm-trusted-firmware/plat/rpi/common/include/rpi_shared.h d2456dd752e5376ca6049639fe93ef04bd5aa04f - arm-trusted-firmware/plat/rpi/common/aarch64/plat_helpers.S 052815ff6a9d47f47e57d320313a74f10c8a34d3 - arm-trusted-firmware/plat/rpi/rpi3/rpi3_bl31_setup.c 20b2e08539e950f86d86538ed688408f90574454 - arm-trusted-firmware/plat/rpi/rpi3/rpi3_bl2_setup.c d9b070fbdda2cab75cc45e6dddd9a31f84baf594 - arm-trusted-firmware/plat/rpi/rpi3/rpi3_bl1_setup.c fd5000ab9d2eac8341e267b879e1ef29eaebf5d7 - arm-trusted-firmware/plat/rpi/rpi3/rpi_mbox_board.c 64987d2484ce3d48cc4431fee2de9e375235bb5a - arm-trusted-firmware/plat/rpi/rpi3/include/plat_macros.S 7aeb3415e697151619997c1c184f380eb310be78 - arm-trusted-firmware/plat/rpi/rpi3/include/platform_def.h 94001fd4bfa1b8e08f4d51f437c7b006362f24fd - arm-trusted-firmware/plat/rpi/rpi3/include/rpi_hw.h 5a79ec05194636d3850044f358b4673a3f0b9fa0 - arm-trusted-firmware/plat/rpi/rpi3/aarch64/rpi3_bl2_mem_params_desc.c 793e163b5e60486c53f3ff36c98ab1c8f144a1bd - arm-trusted-firmware/plat/rpi/rpi4/rpi4_bl31_setup.c 54eb696ef592336053f52bc556f47122b4e94fdc - arm-trusted-firmware/plat/rpi/rpi4/rpi4_pci_svc.c b1c50f058d68ea165b6dd5f45af97d2b1dd33e64 - arm-trusted-firmware/plat/rpi/rpi4/include/plat_macros.S 4d8d91a23a19a15ff7c18f8e6e523c26cd453f2f - arm-trusted-firmware/plat/rpi/rpi4/include/plat.ld.S 6a73f5496572d65332bbf4a50c3c9d4faa9af438 - arm-trusted-firmware/plat/rpi/rpi4/include/platform_def.h e2412e3cbdcc8daaecfab85f295ee3456cf1f98d - arm-trusted-firmware/plat/rpi/rpi4/include/rpi_hw.h 5e76d520f8ea85f6710a605e2c9a4db0d1a66640 - arm-trusted-firmware/plat/rpi/rpi4/aarch64/armstub8_header.S 9b8db7387e47af68fc183fe909d3060d65438cb2 - arm-trusted-firmware/plat/brcm/common/brcm_io_storage.c 6d6865834cfc5ce82506bf1ef6df2e3cb196e028 - arm-trusted-firmware/plat/brcm/common/brcm_scpi.c d083c67e189d3cd3712a827a23e28d0aaf2964d1 - arm-trusted-firmware/plat/brcm/common/brcm_bl31_setup.c 389238486613bb86c6032f788a4605c782e7475c - arm-trusted-firmware/plat/brcm/common/brcm_gicv3.c 7c0af43209d486bb7d9b76b244d3fc5ec97b4328 - arm-trusted-firmware/plat/brcm/common/brcm_bl2_mem_params_desc.c 02ea7c4006c2910720bf4a85c3766c293d4cb8e5 - arm-trusted-firmware/plat/brcm/common/brcm_mhu.h 43da4a7bd6435c6cc7d733e6363a59cacabb9ef5 - arm-trusted-firmware/plat/brcm/common/brcm_mhu.c 43088754fcc9a1fcbb6308988d79eca0c2771d5a - arm-trusted-firmware/plat/brcm/common/brcm_ccn.c 48faf64df1848d8493a3f273494ea883a4aafb0c - arm-trusted-firmware/plat/brcm/common/brcm_common.c 303c81103a6ebbdf9e4afc16b17d17195a5b9238 - arm-trusted-firmware/plat/brcm/common/brcm_scpi.h c02bbae941528cbae0665016d62e54bfffb74444 - arm-trusted-firmware/plat/brcm/common/brcm_bl2_setup.c 2ef6d891873792dd5af17cc1091f369c0865c70d - arm-trusted-firmware/plat/brcm/common/brcm_image_load.c 4573848f39ea4bfceb55e0932f0494af8b890d1d - arm-trusted-firmware/plat/brcm/board/stingray/driver/sr_usb.h 1071f5589a11aaf7354868d034e149b27d48adc6 - arm-trusted-firmware/plat/brcm/board/stingray/driver/swreg.c 13bbb4dc261e840997a59d4e914f071835d33fab - arm-trusted-firmware/plat/brcm/board/stingray/driver/usb_phy.c 7cc68c731d1d4e967a6b258c94afef74800e2c27 - arm-trusted-firmware/plat/brcm/board/stingray/driver/usb.c 483849480279e54ca28e4177fea05d6bd3cd36d7 - arm-trusted-firmware/plat/brcm/board/stingray/driver/ihost_pll_config.c b4637f982a40118b9d83d3908d0b189d3524bce0 - arm-trusted-firmware/plat/brcm/board/stingray/driver/plat_emmc.c 46e832c20411ea4d2bcbcf1cc8968149375047f4 - arm-trusted-firmware/plat/brcm/board/stingray/driver/ext_sram_init/ext_sram_init.h d0dacd8fc79f78cee10bd8513550abf93624afe2 - arm-trusted-firmware/plat/brcm/board/stingray/driver/ext_sram_init/ext_sram_init.c eed068af90592502021f8e15b556ae302cd8db87 - arm-trusted-firmware/plat/brcm/board/stingray/driver/ddr/soc/include/board_family.h 2ef5c016a1130291e30fb58c1e1b397bb15a531c - arm-trusted-firmware/plat/brcm/board/stingray/include/platform_sotp.h 491a5116f054df365b530dc8b09613f1178c2d8a - arm-trusted-firmware/plat/brcm/board/stingray/include/sr_def.h 10104d7d5d9eeeb545dea9ac306deb2c5cf46036 - arm-trusted-firmware/plat/brcm/board/stingray/include/plat_macros.S e7629876236e444ee69e40c96440f3f24b16fefe - arm-trusted-firmware/plat/brcm/board/stingray/include/usb_phy.h 8c57e437d9f4b2b49f005f899624af9b47121102 - arm-trusted-firmware/plat/brcm/board/stingray/include/crmu_def.h 9765542d155d4fc37ee167eda672c6a33030ca8c - arm-trusted-firmware/plat/brcm/board/stingray/include/iommu.h 90c98d478915f89433c419b06613a52965aeeef6 - arm-trusted-firmware/plat/brcm/board/stingray/include/sr_utils.h a6bea74c09e847241ba6a156aff89b12670cc98b - arm-trusted-firmware/plat/brcm/board/stingray/include/scp_cmd.h 2817bede11ad2da4d5612a155f5a76e30b62de62 - arm-trusted-firmware/plat/brcm/board/stingray/include/paxc.h bbaec5f331d8cf8f24898a8d172190c5f7940b6a - arm-trusted-firmware/plat/brcm/board/stingray/include/ihost_pm.h d823df9c59408673229302e557a65ad1c404e047 - arm-trusted-firmware/plat/brcm/board/stingray/include/platform_def.h 4bc4735b9e7c2a5eab8ae91a28d110dd24a42d75 - arm-trusted-firmware/plat/brcm/board/stingray/include/sdio.h 0228e24fbe8ff775ac7a709f272d375a8e7aa3bf - arm-trusted-firmware/plat/brcm/board/stingray/include/scp_utils.h 1dea9a2af71a56fe60929b854a2c73220603d2be - arm-trusted-firmware/plat/brcm/board/stingray/include/timer_sync.h cc26d153c04427651e12bf00d19497e5bd8cb7a3 - arm-trusted-firmware/plat/brcm/board/stingray/include/platform_usb.h 76dbcdb10f12f01d94b3c70d2f8562b0cc8b233a - arm-trusted-firmware/plat/brcm/board/stingray/include/paxb.h b0a1c672d4d7095f6e7ec5305e084cb3a29a790e - arm-trusted-firmware/plat/brcm/board/stingray/include/bl33_info.h 0ef862af40a95d70feda6b8367e6e7452e90099b - arm-trusted-firmware/plat/brcm/board/stingray/include/board_info.h eeabf0e8e4cda99b503b2ea41298aff2d87e1278 - arm-trusted-firmware/plat/brcm/board/stingray/include/ddr_init.h 2c4acf78dfd7c25c281471b6717273ff7920fea8 - arm-trusted-firmware/plat/brcm/board/stingray/include/ncsi.h bd25c5d9d7605649bc1d1dee9a734ccb130101c3 - arm-trusted-firmware/plat/brcm/board/stingray/include/fsx.h 1e67ee0873eb29816b418096b514d39c3aeb7d27 - arm-trusted-firmware/plat/brcm/board/stingray/include/swreg.h ac2b64132debec3b54ae614c64dac69067b39291 - arm-trusted-firmware/plat/brcm/board/stingray/aarch64/plat_helpers.S 78d2915d5c3a6c4b75eb97c897cd4e58b4d5b962 - arm-trusted-firmware/plat/brcm/board/stingray/src/topology.c f89deabe82fe9129f1dde3fb24e57c940e008913 - arm-trusted-firmware/plat/brcm/board/stingray/src/bl2_setup.c 52a5e5247c12940390abe486ab490a1d8929feb4 - arm-trusted-firmware/plat/brcm/board/stingray/src/paxb.c 863c6f32899af28cd9a60fb273bdc02a29100114 - arm-trusted-firmware/plat/brcm/board/stingray/src/sr_paxb_phy.c c01d8b9f9c48a1185129c492ab1f8ce1134ed892 - arm-trusted-firmware/plat/brcm/board/stingray/src/scp_utils.c d746f7070f366ac250b3766606d2de76a6192436 - arm-trusted-firmware/plat/brcm/board/stingray/src/fsx.c 75de08bf7cc548fc88463a459efa719ce9dae276 - arm-trusted-firmware/plat/brcm/board/stingray/src/pm.c 085cb8e4f6dd01efc01f633680e7db315718c304 - arm-trusted-firmware/plat/brcm/board/stingray/src/ihost_pm.c d15b82eea2aaa023805036e829ee46cd08ea72ed - arm-trusted-firmware/plat/brcm/board/stingray/src/iommu.c e9f5650def0bf0c03c50ad69056cf6ff9d71a715 - arm-trusted-firmware/plat/brcm/board/stingray/src/tz_sec.c 062b1d173f23bc015ebb5c790f890e5f2a6934e1 - arm-trusted-firmware/plat/brcm/board/stingray/src/paxc.c 0283858faf5651d4db16f0e4b8bcaadd40bcabe1 - arm-trusted-firmware/plat/brcm/board/stingray/src/scp_cmd.c 9b0afdae90ec3159bd428d4b9f586d84a0cb55b3 - arm-trusted-firmware/plat/brcm/board/stingray/src/sdio.c 77916c4c9e55da373b1b66dba19dfed0034cde48 - arm-trusted-firmware/plat/brcm/board/stingray/src/bl31_setup.c 072e5bc5c72a860c50c3413898b60dd18931b100 - arm-trusted-firmware/plat/brcm/board/stingray/src/ncsi.c 1fd2e7122a0c63a14a64215ae5750097f050841b - arm-trusted-firmware/plat/brcm/board/stingray/src/brcm_pm_ops.c 500e36754a0240001fe7b400bf8d4806a06de6ee - arm-trusted-firmware/plat/brcm/board/common/timer_sync.c 2d3a08ac4729a455bffd5c4c70365350fec69e23 - arm-trusted-firmware/plat/brcm/board/common/bcm_elog_ddr.h eeff346a4c2b6893ad0fa417570e747058627c11 - arm-trusted-firmware/plat/brcm/board/common/cmn_sec.h 801bb1cdab4baf3440ac23728e6190881af4264f - arm-trusted-firmware/plat/brcm/board/common/bcm_elog_ddr.c b2a5352558dc92001c80e614a9b293a1eb19573a - arm-trusted-firmware/plat/brcm/board/common/plat_setup.c 9635661f5e56e9ab172dcec943257465bf36e634 - arm-trusted-firmware/plat/brcm/board/common/bcm_elog.c c0ecc823e4de1814edd6bf48321b6317c448b16d - arm-trusted-firmware/plat/brcm/board/common/sbl_util.c 5f45cc70d813bf16880f4f1f4a246ad6114fbb78 - arm-trusted-firmware/plat/brcm/board/common/cmn_plat_util.h 9eda9f547bdfb6e83ef3c8d82d849e1e4cb68252 - arm-trusted-firmware/plat/brcm/board/common/brcm_mbedtls.c aaa8593ded989c77280d5a16f541eefd45c62067 - arm-trusted-firmware/plat/brcm/board/common/cmn_plat_def.h dfc2e7fae9dd66b664758412e1f4c06762246ed6 - arm-trusted-firmware/plat/brcm/board/common/cmn_sec.c 515e3aecc5237dcc8197e4e8ed7fd7d15765d808 - arm-trusted-firmware/plat/brcm/board/common/bcm_console.c eca89f1edcb0c3fc702ac123a55821cde16106bb - arm-trusted-firmware/plat/brcm/board/common/err.c 779be799404c9562032c8c586f3a3b23835ad722 - arm-trusted-firmware/plat/brcm/board/common/board_arm_trusted_boot.c c124ba5ec6d9fc3e8f1f0b72d3852473ab67e998 - arm-trusted-firmware/plat/brcm/board/common/board_common.c a731b4badf1cf5a90a0ab197b39a2723e4c85dd9 - arm-trusted-firmware/plat/brcm/board/common/platform_common.c a794cd95a890c951acc5192426abc008b4213a8f - arm-trusted-firmware/plat/brcm/board/common/chip_id.h 2cf7d5accbb22d89a3c89c768604f667a23bef52 - arm-trusted-firmware/plat/brcm/board/common/sbl_util.h fc6886e5619aabaff7153e268ba005d385a73e3a - arm-trusted-firmware/plat/xilinx/zynqmp/zynqmp_ipi.c 614b7c2d4fab5909e7df0076f873699e84b1737a - arm-trusted-firmware/plat/xilinx/zynqmp/sip_svc_setup.c fdef05d43dd39fc9b4d18e7933fadc3d7b388c0b - arm-trusted-firmware/plat/xilinx/zynqmp/plat_topology.c 91da7e2e2aedb93811b290946f5b62a4b99a6e6e - arm-trusted-firmware/plat/xilinx/zynqmp/bl31_zynqmp_setup.c e5c72cd4f7db3ba2c52afa5ea2a6f81048fa8876 - arm-trusted-firmware/plat/xilinx/zynqmp/plat_psci.c eed49df98140b8681bbbff7a1c514734c884b8aa - arm-trusted-firmware/plat/xilinx/zynqmp/plat_zynqmp.c 9eafad8129f35d9d02d9cc93d60e653c41e3b321 - arm-trusted-firmware/plat/xilinx/zynqmp/zynqmp_ehf.c 4018dd905c37ab4e205c88450ef0d6b0a1d45041 - arm-trusted-firmware/plat/xilinx/zynqmp/zynqmp_sdei.c f82a0ba91d921f8782dbacd326cf93f93d406ff3 - arm-trusted-firmware/plat/xilinx/zynqmp/tsp/tsp_plat_setup.c 8ede155c56692751835019579474fd5fbda5ba26 - arm-trusted-firmware/plat/xilinx/zynqmp/include/plat_macros.S 719fc3fa9d14be22cfb4a79dd8838b27fef9f247 - arm-trusted-firmware/plat/xilinx/zynqmp/include/plat_ipi.h 04358429a766678c1ea60bc976430714db3fac40 - arm-trusted-firmware/plat/xilinx/zynqmp/include/plat_private.h 6d98421b38c7e24ec53977e85b4776275af5d9c5 - arm-trusted-firmware/plat/xilinx/zynqmp/include/zynqmp_def.h 606bd0aedd3a81bf175ef81f028eae35e7511725 - arm-trusted-firmware/plat/xilinx/zynqmp/include/platform_def.h fcc8c8052c715326e932fd7e210fe0beefa2d175 - arm-trusted-firmware/plat/xilinx/zynqmp/include/plat_pm_common.h bca57ae928a46e00c62d44205c7238c103d89723 - arm-trusted-firmware/plat/xilinx/zynqmp/aarch64/zynqmp_helpers.S e9430970a771c9add648211e2c05e63b0b2bf71b - arm-trusted-firmware/plat/xilinx/zynqmp/aarch64/zynqmp_common.c 4a69759072ab900e304081d6a5542761b628115d - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.h d55e25c027a7950b3a7d34551ba2af0a05e70ac4 - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_svc_main.c 620a7d35e7cfe3a416c79ab84094934f41b3821e - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_sys.c d6d44bea498c26d61f58d11284635f45c0d747fa - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_sys.h 63045bc978271095cfdd4cb91e9d2c3d416cdb6b - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_defs.h e1e42c17e346cb2bdd9bcedf9491e65dcf5a101f - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_svc_main.h 4b8489810a7c5bd8524f87d7c37edf02b747ab48 - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_ioctl.c 4cadaaf7eb5f5f047bac44095d19052727b55a02 - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.c 4738dfbb7a3a9789e0e520c2d4c7f83b635e3e9b - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_pinctrl.h 6a34f58d5ec913711c12c58c945dfa18659b999a - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_clock.h cd3edf132c54e7b51bf04235b10d9de35394acda - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_api_clock.c 7bfba4ae2b47e068f8f5ed8aeed42daad00743c8 - arm-trusted-firmware/plat/xilinx/zynqmp/pm_service/pm_client.c f241ecfc0ce4c6677cbaca2991578232a4c20ad7 - arm-trusted-firmware/plat/xilinx/versal/sip_svc_setup.c d959b29c70b303c44eca6045c664945b0fe74852 - arm-trusted-firmware/plat/xilinx/versal/plat_topology.c 04dac5fd40da85ec2a19ccf681ff7f4b708b31bc - arm-trusted-firmware/plat/xilinx/versal/plat_versal.c d25ef41e434700921c3427ff0dac7aba4b81e1ba - arm-trusted-firmware/plat/xilinx/versal/versal_ipi.c b01dcfd7b061210199bce3d5632bc39be25a89fb - arm-trusted-firmware/plat/xilinx/versal/plat_psci.c 0f5013cb9f4dd7864aec9fdc3febb4a88c603b5f - arm-trusted-firmware/plat/xilinx/versal/versal_gicv3.c 415d7b76162c6a447101507b3181aa7434887756 - arm-trusted-firmware/plat/xilinx/versal/bl31_versal_setup.c d43cd481e9d0acc960fc0f51fbeb274b0ec28712 - arm-trusted-firmware/plat/xilinx/versal/include/plat_macros.S 50268618a09434af24c4a339c20a1b7b4a2e4901 - arm-trusted-firmware/plat/xilinx/versal/include/plat_ipi.h 34e333d135956229875de69051e5d541a789cb2d - arm-trusted-firmware/plat/xilinx/versal/include/plat_private.h 23d939fae06d7a162821162cec379264613379ad - arm-trusted-firmware/plat/xilinx/versal/include/platform_def.h 3efa1f0d849fb9568699ae3cc5e7cf111f1b8158 - arm-trusted-firmware/plat/xilinx/versal/include/versal_def.h f22539e2e0c54efb87ad926699ecb40a60fb024d - arm-trusted-firmware/plat/xilinx/versal/include/plat_pm_common.h 6b87bc415258116316a3b89d124ff4be9d5fd944 - arm-trusted-firmware/plat/xilinx/versal/aarch64/versal_helpers.S 14340733608cc8031286a97ddc48222bc0ae7bb5 - arm-trusted-firmware/plat/xilinx/versal/aarch64/versal_common.c 6aca4366f91416b1541836b7a999ff0873c61e53 - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_svc_main.c 939082dd0654e1c9d5097e4b088ada2eefc3cc46 - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_api_sys.c 06ac8403ef4a152a6d5257c08766c878afc2c3e2 - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_api_sys.h a984b65e29e3ddb17d3c124890861519e0a53788 - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_defs.h cb6dce6031f613ae2ad69be266bc3eb2a5095a0d - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_svc_main.h 67797b5d7b79d4fe75c894faa289f6d4deac5929 - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_node.h cfb673b998f65ad17832a2c1f376daa4ab836ebd - arm-trusted-firmware/plat/xilinx/versal/pm_service/pm_client.c 7c0bab3200267e448b5ee45b83104d2923cc17c8 - arm-trusted-firmware/plat/xilinx/common/ipi.c 05d21184a6dd62749ada768285e6b39b3dc5a1d4 - arm-trusted-firmware/plat/xilinx/common/plat_startup.c e7cc80e40c4b2aff0799c9db4c351cf1179cf347 - arm-trusted-firmware/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c 453e987cd3b0c17b8ae79a6a0794d4fb44adcc3f - arm-trusted-firmware/plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.h c879e06a73baec6538ce2dece09ae7a976f972df - arm-trusted-firmware/plat/xilinx/common/include/pm_ipi.h 3946a8e5b6578610dbcd1b1c9bb2ac02e357fd1a - arm-trusted-firmware/plat/xilinx/common/include/ipi.h 3f5242b1d910a45ff664bc128a6e749aa019592c - arm-trusted-firmware/plat/xilinx/common/include/pm_common.h 604b0f5de53a36f974ce1926152c895a54796482 - arm-trusted-firmware/plat/xilinx/common/include/pm_client.h 8ccd5942908d27505a9e0d68679df731210d75ca - arm-trusted-firmware/plat/xilinx/common/include/plat_startup.h f5cda3dcfb0f4452e442cc526b8178b413b5a17a - arm-trusted-firmware/plat/xilinx/common/pm_service/pm_ipi.c dd38f3a1079a17328d48c8cb719713d4de7361a6 - arm-trusted-firmware/plat/common/ubsan.c cd74e2d1ac7f09f4ced54eecf4bed38f973bbdfb - arm-trusted-firmware/plat/common/plat_gicv3.c c7afb73f40f0759cd775aec59723f92f7dd54435 - arm-trusted-firmware/plat/common/plat_bl1_common.c ebb8418a3c0ba1d0d9362005c17fc4a3fb03cf1f - arm-trusted-firmware/plat/common/plat_gicv2.c ca3750949173b2315d20907e7c6da4a66f32a5cf - arm-trusted-firmware/plat/common/plat_bl_common.c ec9195d2ba3b66b6f4258c18a36b14a5cf41ac55 - arm-trusted-firmware/plat/common/plat_psci_common.c 8020a28923a271101b29516f4997bb7a1b8a6708 - arm-trusted-firmware/plat/common/plat_spmd_manifest.c 5e22516412e81af7bbc52e0e460447cf2d1d63f3 - arm-trusted-firmware/plat/common/plat_log_common.c 8bf3a22931bb5a18034f1275429068834943cb9e - arm-trusted-firmware/plat/common/aarch64/plat_ehf.c 6ae1755d17b7040c038dd8b2e6c6880e2bb60394 - arm-trusted-firmware/plat/common/aarch64/plat_common.c 785a7be686f124f8b30c5f96bbdc9670988f49c2 - arm-trusted-firmware/plat/common/aarch64/platform_mp_stack.S 53568d8d4a43005d8a1be8a379cf0f4b7ddc5637 - arm-trusted-firmware/plat/common/aarch64/platform_helpers.S 8be9392135f6389b22910a9e22011c2e5abc6708 - arm-trusted-firmware/plat/common/aarch64/crash_console_helpers.S 1fe60996e262523b671b678aa41a510a2cfa2ce9 - arm-trusted-firmware/plat/common/aarch64/platform_up_stack.S 05ebeff6ee2416ab2697799fb338367a03b0ba75 - arm-trusted-firmware/plat/common/aarch32/plat_common.c f742befce701fed79ec16b324c92409b36838226 - arm-trusted-firmware/plat/common/aarch32/plat_sp_min_common.c 578b46ce0ccf74ba18ce1747df871537294d4ddf - arm-trusted-firmware/plat/common/aarch32/platform_mp_stack.S 01fc909940aee253c9e140248811b8c4fc5d25b4 - arm-trusted-firmware/plat/common/aarch32/platform_helpers.S c8eab49f9d5326ffc974d2ba7c05bd411df90eb1 - arm-trusted-firmware/plat/common/aarch32/crash_console_helpers.S 79f7a0e7df796600cfad4b11f4bf7dbafb65a4ea - arm-trusted-firmware/plat/common/aarch32/platform_up_stack.S 36144ebe1637da9185e2256593f8aa7307d0cccb - arm-trusted-firmware/plat/common/tbbr/plat_tbbr.c 2154f29a91decb99dc45f21e790dd6e0d1da88e1 - arm-trusted-firmware/plat/qemu/common/qemu_private.h a58c658f18083c55761b946dd01b034df662dada - arm-trusted-firmware/plat/qemu/common/topology.c 16002a1a28f7ec581aae95aba10964655f89c5dc - arm-trusted-firmware/plat/qemu/common/qemu_pm.c 00fcc8b29bf97f9ede1c2dfbe40db7ef83c72695 - arm-trusted-firmware/plat/qemu/common/qemu_spmd_manifest.c 8ebb840a06cb6dddf6c0fd5fe4a612f832842576 - arm-trusted-firmware/plat/qemu/common/qemu_bl2_mem_params_desc.c 51d8305f79f4736a224811e549fd92ffee6e2134 - arm-trusted-firmware/plat/qemu/common/qemu_spm.c 21efcb8ca3eeadb04af0ad8b5dbff0a548221482 - arm-trusted-firmware/plat/qemu/common/qemu_bl2_setup.c c154631e1880ac14882cbb7ec28846bcac331126 - arm-trusted-firmware/plat/qemu/common/qemu_bl31_setup.c 95a9e39672a85b16243df6db511e352e068b90ee - arm-trusted-firmware/plat/qemu/common/qemu_bl1_setup.c 854064daf74a72113baf3004985576f30ed85540 - arm-trusted-firmware/plat/qemu/common/qemu_image_load.c 3a64a36aaab153d084cd63cb8041cb8e4554c206 - arm-trusted-firmware/plat/qemu/common/qemu_common.c 3ca3d10548276087940fd7af8f274b1b68378322 - arm-trusted-firmware/plat/qemu/common/qemu_stack_protector.c 2085009221c46e8e62ac297e819084f4b6087615 - arm-trusted-firmware/plat/qemu/common/qemu_rotpk.S b70358ad6ace724f6125a704a64bd882bb7e5e13 - arm-trusted-firmware/plat/qemu/common/qemu_trusted_boot.c ec654aff1a7a4e282bbbe2dc13b2042b9534eb61 - arm-trusted-firmware/plat/qemu/common/qemu_gicv3.c d78bd11a3e46b66140586c01d9f834a788316251 - arm-trusted-firmware/plat/qemu/common/qemu_gicv2.c ce499ea5552f0a580d2d730cd86b20a544fb4759 - arm-trusted-firmware/plat/qemu/common/qemu_console.c fcbaa96813c363c3db4933b80039d532e1252dc7 - arm-trusted-firmware/plat/qemu/common/qemu_io_storage.c f58716f140fa8f450f8073fca6f98a8eda79bbc2 - arm-trusted-firmware/plat/qemu/common/include/plat_macros.S 553cd30299445b034280689989176963a39f2b4d - arm-trusted-firmware/plat/qemu/common/sp_min/sp_min_setup.c fe635c884df368ae689c259f9ac0787b17064bb4 - arm-trusted-firmware/plat/qemu/common/aarch64/plat_helpers.S 674a4514924db14c06277e39651b46250347d7a4 - arm-trusted-firmware/plat/qemu/common/aarch32/plat_helpers.S dc0cb18de3dee5963f78466b58e002bc816d526b - arm-trusted-firmware/plat/qemu/qemu/include/platform_def.h a3366d3ea9b4a5a823b365b0a4fe16dd24af7388 - arm-trusted-firmware/plat/qemu/qemu_sbsa/sbsa_private.h f2efe87ffe7cd41bf5ac442c75b40fb2593a8fbb - arm-trusted-firmware/plat/qemu/qemu_sbsa/sbsa_topology.c 151cea63605746875bff4fceaa296485033aa280 - arm-trusted-firmware/plat/qemu/qemu_sbsa/sbsa_pm.c 46b611bd4d5b4370f104fdcc62cf5da040ec7970 - arm-trusted-firmware/plat/qemu/qemu_sbsa/include/platform_def.h fbecdf95d5fb90503336b712a6955a36a635aac0 - arm-trusted-firmware/plat/nvidia/tegra/lib/debug/profiler.c c7104ef4a0ccb4a2ceb01951a0c8442349cf4ca7 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_delay_timer.c 9a23652352c01545d80c980df50b0d1965df8131 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_gicv3.c 348ad39495b7209e9858421f7bd1a02f9712a410 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_pauth.c ab066b0f80239a20f5613a9c2bf4862d9c02e2c2 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_bl31_setup.c c97649b9bd33d9e7f4268f6ddc79d603a3a317f2 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_fiq_glue.c e531e11712693e6095f810484cb2f8332646c1dc - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_pm.c bbb547cc93729fd63ae5da22480a94dc84ad6fbf - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_sip_calls.c 0c5a65d7362595eff6d472ba23ccde7af61d9ce8 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_io_storage.c 97542646c951833f68e49c013c2d309b885aab65 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_gicv2.c 6356a0b128a435ef5faa1bb6922a5fcc571926ea - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_platform.c 8617ceef396a9a7f9b5e9e1a4866cede187f6ba6 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_sdei.c 7832f9e627bdeb224b72a22840b7b4cd3354b962 - arm-trusted-firmware/plat/nvidia/tegra/common/tegra_stack_protector.c e73b702494b764ebb0f546aae9de484a69c968f3 - arm-trusted-firmware/plat/nvidia/tegra/common/aarch64/tegra_helpers.S 61343b0647173b58eec236e5f6781f95ee64f5d2 - arm-trusted-firmware/plat/nvidia/tegra/include/tegra_platform.h 949736009adf4b730b592ef786e3d66eaf769d8c - arm-trusted-firmware/plat/nvidia/tegra/include/plat_macros.S 11b45c0f4e3d96795a403b588930c354305a52d1 - arm-trusted-firmware/plat/nvidia/tegra/include/platform_def.h e8e7dbe2842bffabc62ef459d5f4b037b5fc122a - arm-trusted-firmware/plat/nvidia/tegra/include/tegra_private.h 2aec61855e1e16a88683b573ae88e337484a01cb - arm-trusted-firmware/plat/nvidia/tegra/include/t234/tegra234_ras_private.h 21b9ecfaf14f5a5aed16e18cf1643f78e890a096 - arm-trusted-firmware/plat/nvidia/tegra/include/t234/tegra234_private.h 636ab4e191d38378a5706fc275a02ff1ce01519c - arm-trusted-firmware/plat/nvidia/tegra/include/t234/tegra_def.h b76d085fd8bf62b29b2651fb2baafb167bbb3f37 - arm-trusted-firmware/plat/nvidia/tegra/include/t234/tegra_mc_def.h 412a883e42794de7909b0a3076864c06874a0764 - arm-trusted-firmware/plat/nvidia/tegra/include/t210/tegra_def.h fc8ce0bab3e269ab289babbc37c5ffea6c1105c1 - arm-trusted-firmware/plat/nvidia/tegra/include/lib/profiler.h 68ec103aabc7cf1ba96e9f802589f232bf63e8fb - arm-trusted-firmware/plat/nvidia/tegra/include/t186/tegra186_private.h 00ba4a09814b790749853248a68f57c1bf5d8a77 - arm-trusted-firmware/plat/nvidia/tegra/include/t186/tegra_def.h 80ba76cba14e63964ee35830536886c24581020c - arm-trusted-firmware/plat/nvidia/tegra/include/t186/tegra_mc_def.h 65dcb16996ba6f5480b25b088c00618a8401e2b0 - arm-trusted-firmware/plat/nvidia/tegra/include/t194/tegra194_ras_private.h 0770b19832587bf494cdf6a16cf0af55ef4e3eba - arm-trusted-firmware/plat/nvidia/tegra/include/t194/tegra194_private.h 249831518e8554837fb8750d200cb4b786c2d683 - arm-trusted-firmware/plat/nvidia/tegra/include/t194/tegra_def.h b01b1d6699848ec430ef6c7ff1fa536c611ac8d8 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/bpmp.h eccbd7dbdb2b149abd38a48ddd5f6b0f292373b7 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/memctrl_v2.h fa073698981deb8685410d390184a2fea2477d8d - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/smmu.h 1ad3acb2c35dab529632e51cfd8a1977d0a3e495 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/pmc.h 7eee98bf96c4e615e71244fad2270fe3ac7bca96 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/spe.h 97366374236e04da0a203c6df1ed7e93325e40f5 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/memctrl.h 2693485a6a4c24984696bab65e09494c4af953a6 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/psc_mailbox.h 0005633528a5228ce544a5fe3fc8b984d26eff95 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/gpcdma.h d6acbb5f1eb851fbab413c7209bfba21509b4d31 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/memctrl_v1.h dd094069cb1a5bb53cf55c4e87b2364925c1e25c - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/mce.h d99d1382679e0a53fedf1afb4781358524154b54 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/bpmp_ipc.h 4aa146b81da8a061bda6540907c37d5ec6569962 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/tegra_gic.h ecb6bb2512f5f946927baadc3238cacaf9e9c42f - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/flowctrl.h e4e77bfcd8d045ecce243b060298bf229cbf3941 - arm-trusted-firmware/plat/nvidia/tegra/include/drivers/security_engine.h 6f1dca2fba8be7758cfe4395226b2e4be820e3f1 - arm-trusted-firmware/plat/nvidia/tegra/drivers/pmc/pmc.c fb218e655fd6a3d77f969fce9cd6cb5dd0a6c5b2 - arm-trusted-firmware/plat/nvidia/tegra/drivers/gpcdma/gpcdma.c 2a6016cc527d04ca332373c0d14542d5176aebf8 - arm-trusted-firmware/plat/nvidia/tegra/drivers/psc/psc_mailbox.c 8d9b8ebe2f8407dfc849bee6942b55d0a9c76d41 - arm-trusted-firmware/plat/nvidia/tegra/drivers/bpmp/bpmp.c bbc86d9dee6c505651fa862133b686ea1e1af43e - arm-trusted-firmware/plat/nvidia/tegra/drivers/bpmp_ipc/intf.c 91900a1e10f18554bc4c6b9f13d0e247da31062d - arm-trusted-firmware/plat/nvidia/tegra/drivers/bpmp_ipc/intf.h 458bed9c52c48caaa9c30822f0d20359e56e044f - arm-trusted-firmware/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.h ecf2d932f335bc64d226c7d6502806590af552b6 - arm-trusted-firmware/plat/nvidia/tegra/drivers/bpmp_ipc/ivc.c 4d04fd613146842b18904061da84f5958c44b16b - arm-trusted-firmware/plat/nvidia/tegra/drivers/flowctrl/flowctrl.c 58fc3b165ee7a61397eef3e9f2065858876ce9de - arm-trusted-firmware/plat/nvidia/tegra/drivers/spe/shared_console.S 0f53c08fb6e10d933fd28d9f021ccfb0e48212fe - arm-trusted-firmware/plat/nvidia/tegra/drivers/memctrl/memctrl_v2.c 4dbec584881036aa37e59b66185d958a695a455d - arm-trusted-firmware/plat/nvidia/tegra/drivers/memctrl/memctrl_v1.c d25c56f572cf7b3618f7567d502c1ee11dec2bae - arm-trusted-firmware/plat/nvidia/tegra/drivers/smmu/smmu.c ce1df43aa2a9700b9c00f14be842646284b3ee3d - arm-trusted-firmware/plat/nvidia/tegra/scat/bl31.scat 3d01d365783ad5b2ce0f76df72a4a10db3d9a10d - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_memctrl.c ebc6300715a6b77d2d608328795265bf605b16ea - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_ras.c c2cd522ab9668274cd7bf26fde63e9dbc9a94f28 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_secondary.c b0c855a9e2b50bbe03f42d79ccd6a555853cfefa - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_setup.c e6ee29b4c786d6d279e82a4066d13703168bd28e - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_sip_calls.c 4597342fc7f0ad8d99af644fbdc636abdee5edd3 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/plat_psci_handlers.c cc8a8d368611f86cdf1901163b06c0975be5ad93 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/se/se.c 7641a42485d020517c692c523a29fe5be4136651 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/se/se_private.h 81037a214c1511f91f65b5793f9d5fc3668f3c79 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/mce/ari.c ed3d0d97c20ace9c41ddac5ef51f81f75d2e7d59 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/mce/mce.c 46decb1b646ffba87d49eb22447f8e56ed5e0d44 - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/include/t234_ari.h 08aec0d0be276f69ddac5a77363f59f1ef42d88b - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/include/se.h 78e0e7699170ceb53b16257c0ef0c15fe08ba4ea - arm-trusted-firmware/plat/nvidia/tegra/soc/t234/drivers/include/mce_private.h 1ac68857bdb8a88c7770c006dfd2be48670a7011 - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/plat_secondary.c bee19a74bce67a4d58e2f4deecb801e1a65bf631 - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/plat_setup.c ec24a0077b010c615c5e3a083e901d444aae2f20 - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/plat_sip_calls.c 89808197706a2d7c9eedc24ca7666ded83f0e84a - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/plat_psci_handlers.c 17ad1d9d60e3f6debc0329a42e28178fdd497e1f - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/drivers/se/se_private.h 3b606d0fba33a0ea6729510a467dcb03e9750140 - arm-trusted-firmware/plat/nvidia/tegra/soc/t210/drivers/se/security_engine.c c7611d91a504dd3fe52ee769f9fa2d4f469010a8 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_memctrl.c bf02f90c1795b9e26f314ab310c0ba4e389257e4 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_secondary.c d4052416878640cdb19e93edd44e4a7413289b6c - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_setup.c 106e68f73e09c8f51c620c0dd840b42ea6dbd67f - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_sip_calls.c 5b9c61a07970be31ce559c1b2c78acc41d5223e3 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_smmu.c 0dd6e3b7ed73b5e77f6ebc89320058cde70900c2 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_trampoline.S 1cd4aab41ecfa796a41aecfc70e543cd82e2da72 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/plat_psci_handlers.c 326d37fa1c2f92a2e56baf3391479c3dd1365396 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/se/se.c d96974438f18123824bf23413d2d0d75452fb4da - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/se/se_private.h cde1d7e2f8c3e1513d4828b37df69223bfb780be - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/mce/ari.c 4588d011d8dbc1073379954dcdfb1c437cf9d4ce - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/mce/nvg.c 0a76eef9a0cb2d3c1fffc2a886eab6fdabb34997 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/mce/mce.c 015badf34dbdf2955bc1dc9f4b22627bde8f9f9c - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/mce/aarch64/nvg_helpers.S 34e8d1c4e060805a3f55969aabbd211dc6b08fbd - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/include/mce_private.h 34309aaec4559a7c2094873802490b96b9cf9dc1 - arm-trusted-firmware/plat/nvidia/tegra/soc/t186/drivers/include/t18x_ari.h 595bafd552b05d81a25e9916fe91779e18beddda - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_memctrl.c c55c5c502ca4117b327d32cc3fef8203d3c64731 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_ras.c 6d0c46a965f769a08b399225be6c77aa18f3a773 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_secondary.c 84d20d5a07d53e649a1b8d130f5d4fdf6ba8f65a - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_setup.c d5aef4c8d30794a496c1c3bd18d000991bbae988 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_sip_calls.c ba0a312824b0782a438e265e86a6e9d7638032db - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_smmu.c d893793283c93ce6c488a51940c01574780f7333 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_trampoline.S d1917ee3fc59b85d699e80636d7ddd7d4c99320d - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/plat_psci_handlers.c b3fb31a094585eeb27ecc82ba69416ca4d66b171 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/se/se.c fa7909d4e0ccdeee6f0765cf68a95899ac8aec1f - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/se/se_private.h 0cdfadd153db5ee7d515adb01dd35d62e546226a - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/mce/nvg.c ccebfe25a0f4bc54b5d08685ce74082118f713e4 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/mce/mce.c 99d5d980ae032fa2dfb6e9da5fe48dd600b2a896 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/mce/aarch64/nvg_helpers.S ee3f4b7a69c6c3dd475a88c55076077415fc76b7 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/include/t194_nvg.h 298abb9097e851023b914f09fe36c8cdaf367e22 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/include/se.h 8cec2a63b748c24a5fab3c7c47f114b8147894c4 - arm-trusted-firmware/plat/nvidia/tegra/soc/t194/drivers/include/mce_private.h 170634ac25c995303394743ee26ab4f2265800ca - arm-trusted-firmware/plat/ti/k3/common/k3_topology.c 96d874b239805cfedc0fadfd9f07eed0e423a919 - arm-trusted-firmware/plat/ti/k3/common/k3_helpers.S 55b3083cc472c5a3e1808d642b6c6516d19c34be - arm-trusted-firmware/plat/ti/k3/common/k3_psci.c a5a361643c76bc6ad4e5bf4bef498e6de89c4065 - arm-trusted-firmware/plat/ti/k3/common/k3_gicv3.c 4677f1e48833ef10dc9d9ed492dfe849c8466b05 - arm-trusted-firmware/plat/ti/k3/common/k3_console.c fd1bbe596ff44d2104431c2924e172d0ef4c5b34 - arm-trusted-firmware/plat/ti/k3/common/k3_bl31_setup.c 55f8380907084a69006d5211123aef60fc51400d - arm-trusted-firmware/plat/ti/k3/common/drivers/ti_sci/ti_sci_protocol.h 3ebfed887a97b672cad608bc064e08075f4e2a29 - arm-trusted-firmware/plat/ti/k3/common/drivers/ti_sci/ti_sci.h e81feb55a2328c2ec32fadd561eaf24eb58ae202 - arm-trusted-firmware/plat/ti/k3/common/drivers/ti_sci/ti_sci.c 27b2ba24623a62aa30daea138411571e17aeb579 - arm-trusted-firmware/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.h d3624f3dc097829d1b9f6b277bd1aebe77963d97 - arm-trusted-firmware/plat/ti/k3/common/drivers/sec_proxy/sec_proxy.c da89ff4506058f3e90a127f4e7d79a7d86057bfd - arm-trusted-firmware/plat/ti/k3/include/plat_macros.S 015fe87701fa82cd48501c2915505c611e20e933 - arm-trusted-firmware/plat/ti/k3/include/k3_gicv3.h 33ec06e0674715932071745b37498c738414ee8f - arm-trusted-firmware/plat/ti/k3/include/platform_def.h f2111ae0b834107dddf37cb4846a7065472db0fe - arm-trusted-firmware/plat/ti/k3/include/k3_console.h 85bfc710f2f6c79b7c0e025f6f6e653d16f39bb7 - arm-trusted-firmware/plat/ti/k3/board/generic/include/board_def.h c82ee96d8fb1841fd3068f489a697625a217aebe - arm-trusted-firmware/plat/ti/k3/board/lite/include/board_def.h a38730b258e2c37f114fdb3c923369bade8e7a1a - arm-trusted-firmware/plat/allwinner/sun50i_a64/sunxi_power.c a462f612d127344fc711a68e3751b31b2b7ce938 - arm-trusted-firmware/plat/allwinner/sun50i_a64/include/sunxi_cpucfg.h 54ee3b911a552e2cd6e3802820f5cf3e09575a01 - arm-trusted-firmware/plat/allwinner/sun50i_a64/include/core_off_arisc.h 3f4f908a2f0a6a7660d40d79215077ee248f740e - arm-trusted-firmware/plat/allwinner/sun50i_a64/include/sunxi_mmap.h 2c5ad97e48086e62d1d58d1d8289ac4ab3153179 - arm-trusted-firmware/plat/allwinner/sun50i_a64/include/sunxi_spc.h 65eec287284371a887adc4c9aa1952c26be66df7 - arm-trusted-firmware/plat/allwinner/sun50i_a64/include/sunxi_ccu.h c2785b4c0937862f1abb7251642a4028a913504d - arm-trusted-firmware/plat/allwinner/sun50i_h6/sunxi_power.c 0b8b7ce5f06e24ad7b853125e17507934dfc45e5 - arm-trusted-firmware/plat/allwinner/sun50i_h6/include/sunxi_cpucfg.h 2514153e63bbcc5513712db8766fd278fa3b0d44 - arm-trusted-firmware/plat/allwinner/sun50i_h6/include/sunxi_mmap.h 3dde76eb498c889851714b3d8e6749211c62bbec - arm-trusted-firmware/plat/allwinner/sun50i_h6/include/sunxi_spc.h 1590f260f1febbedf931a1596cea2d2e437ea92b - arm-trusted-firmware/plat/allwinner/sun50i_h6/include/sunxi_ccu.h 786942614a650ccd6930f2bd19bb42b2b539e1f9 - arm-trusted-firmware/plat/allwinner/sun50i_h616/sunxi_power.c d9eff8a29c53d38215c1d261922df8494c88d5aa - arm-trusted-firmware/plat/allwinner/sun50i_h616/prepare_dtb.c 0ba24eb82465b3d3ad4e293692984b972663d57c - arm-trusted-firmware/plat/allwinner/sun50i_h616/include/sunxi_cpucfg.h 2b80f35aa1746d608c2eac4eec351c292e0298f0 - arm-trusted-firmware/plat/allwinner/sun50i_h616/include/sunxi_mmap.h 3dde76eb498c889851714b3d8e6749211c62bbec - arm-trusted-firmware/plat/allwinner/sun50i_h616/include/sunxi_spc.h 1590f260f1febbedf931a1596cea2d2e437ea92b - arm-trusted-firmware/plat/allwinner/sun50i_h616/include/sunxi_ccu.h a9a0eca6a5cca079ee8007e0afa7f0ffd7a0cf1c - arm-trusted-firmware/plat/allwinner/common/sunxi_scpi_pm.c a7dce777afe91e3a8d68aaa84d55530a9b3b66b4 - arm-trusted-firmware/plat/allwinner/common/sunxi_bl31_setup.c 385e3bbf7c85ef4e96b553e0f9760bfef1e94a3a - arm-trusted-firmware/plat/allwinner/common/sunxi_pm.c a44feb979fffb71189cf9943a6d99946305122e2 - arm-trusted-firmware/plat/allwinner/common/sunxi_security.c e602a60b0fabfe8e91ecf654c16701712b20c3f1 - arm-trusted-firmware/plat/allwinner/common/sunxi_native_pm.c 704da3ea1b61d5106a6172712ecf6a80b1528bf0 - arm-trusted-firmware/plat/allwinner/common/arisc_off.S a5e148901e32cb7feaef9ffbd00f43a2a661ea0c - arm-trusted-firmware/plat/allwinner/common/sunxi_common.c 0ded87657ff47f0fe5896f1ab1d6d2f9b34f0429 - arm-trusted-firmware/plat/allwinner/common/plat_helpers.S f2bc1957fa87b9880744d070c964b7803c7bf295 - arm-trusted-firmware/plat/allwinner/common/sunxi_topology.c b832fd1c1d7bc307d2c3698bf00ee15b93de8cb8 - arm-trusted-firmware/plat/allwinner/common/sunxi_cpu_ops.c cc00c1c7f46a2a8af976c1c0fb59681803b68d1c - arm-trusted-firmware/plat/allwinner/common/include/sunxi_private.h 7d746a44b6a3bbaa1c3e923de0abdfc40393712e - arm-trusted-firmware/plat/allwinner/common/include/plat_macros.S 711ef06aa592d857ab47ecd0a9b7870c6fa1a5da - arm-trusted-firmware/plat/allwinner/common/include/sunxi_def.h 4333584318d0a967851853f5fcd6c5287277246c - arm-trusted-firmware/plat/allwinner/common/include/platform_def.h 77455765d6d80bf4a48d7744bf6f4770b7369215 - arm-trusted-firmware/plat/allwinner/common/include/mentor_i2c_plat.h 3fa3a563994fcf2710324634950265fc8f9d7850 - arm-trusted-firmware/plat/allwinner/sun50i_r329/sunxi_power.c f8fae43c9902bbf818480c6633e05fc6b751aabd - arm-trusted-firmware/plat/allwinner/sun50i_r329/include/sunxi_cpucfg.h d430caf710295e9e77a240b785740fdde6705e26 - arm-trusted-firmware/plat/allwinner/sun50i_r329/include/sunxi_mmap.h 1acbdb220cff8edffa7cc7fd4808f71574b90966 - arm-trusted-firmware/plat/allwinner/sun50i_r329/include/sunxi_spc.h 2870bd5728ae0e5857fadde22b048a6fcf6ee2d3 - arm-trusted-firmware/plat/allwinner/sun50i_r329/include/sunxi_ccu.h 33f9c2d61b7aa3242f22100ba2694ba2709f7a1b - arm-trusted-firmware/plat/hisilicon/hikey/hikey_topology.c bca37120bec0db88310c0e711220bd8301c8b932 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_pm.c 1b333e35df79afc9319c45ded87fe22b1e5547fc - arm-trusted-firmware/plat/hisilicon/hikey/hikey_security.c 8b11d0569d254ee10c03b8e7dfaebf823b7b1746 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_bl_common.c 1dc25162c504805b378176ceb2a1fac39b8fa3e2 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_ddr.c e5479e33302a43e627013dbe10bbcca8ccdbf8b5 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_bl31_setup.c 1975a45f73616d0ceb03dab4a9397cbabc1e66ce - arm-trusted-firmware/plat/hisilicon/hikey/hisi_pwrc.c 132b89dc419b19bfabb3eb2450a5e74317faea11 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_io_storage.c b8ddcea3e66690f3932ae009921566fe249feccd - arm-trusted-firmware/plat/hisilicon/hikey/hisi_pwrc_sram.S 126933334b9ebdde11859016f3bbcc6ac9bbef88 - arm-trusted-firmware/plat/hisilicon/hikey/hisi_mcu.c 0071214b6af7f5e24aa92d4e7849c79c3818ed05 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_bl2_setup.c b0603f49d7b1252e6774be83ed95232695f1f263 - arm-trusted-firmware/plat/hisilicon/hikey/hisi_ipc.c e90b7c0a59b785560e233605f2968b642d26fcdb - arm-trusted-firmware/plat/hisilicon/hikey/hisi_sip_svc.c 030496606ff67ba16f47be9282a04338261e38ea - arm-trusted-firmware/plat/hisilicon/hikey/hikey_bl2_mem_params_desc.c 0472150350a0f6a23e8750e0fe14991d176d1a04 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_bl1_setup.c a68989337ee4c06cf76f89d69cfc5c3aca210b00 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_private.h cfc7af573fbb40bb702a616d8f0bf02b017a3e0b - arm-trusted-firmware/plat/hisilicon/hikey/hisi_dvfs.c 5366b77beffc310cab412735a4e4f43185e171c6 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_image_load.c 0aace28e8f75168d13d7274d81f1f906cc1b2cae - arm-trusted-firmware/plat/hisilicon/hikey/hikey_rotpk.S 3f90b73f27ba47848db784621dd350e6a5ec54d9 - arm-trusted-firmware/plat/hisilicon/hikey/hikey_tbbr.c e0f40190a4d2a13086e9b7c951d5301f744dd767 - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220.h 31f012031e8dec3fe5dab7afc9ab89deffb7fe7c - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220_regs_pmctrl.h 98509207554ab836b38f580d203793668061ce40 - arm-trusted-firmware/plat/hisilicon/hikey/include/hisi_sip_svc.h ee2004c34a377b43d61f3fde4201ea86e1834fc7 - arm-trusted-firmware/plat/hisilicon/hikey/include/hisi_pwrc.h 4619ff482dfa91c976c3d58153ac694dd92a0abf - arm-trusted-firmware/plat/hisilicon/hikey/include/plat_macros.S 95b6af34fbda29b2cef5ecaa3ecf9deb1f7a48cb - arm-trusted-firmware/plat/hisilicon/hikey/include/hisi_mcu.h 42137e1b1e1f31a2b92b351765982cc8bcf28601 - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220_regs_peri.h 5da379773f07f291d897ea36a13ac008c78bbbe4 - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220_regs_pin.h b9c87b1b0f989e816c65163d00ead7cd68b4b6bc - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6553.h e2fd2bbe14a506ac8ab6eb8f4c65dd34827b33a8 - arm-trusted-firmware/plat/hisilicon/hikey/include/hikey_def.h fff863e589a15845fe768ee9bd16a482d5946db7 - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220_regs_ao.h 79f261b3e512eb92ef04e1b172276ba95108b6ac - arm-trusted-firmware/plat/hisilicon/hikey/include/hisi_ipc.h eb1ee8f26e0a9e1d174893e2a80e0ea2be070df3 - arm-trusted-firmware/plat/hisilicon/hikey/include/platform_def.h 379cc0fd2c6486a2bfc850d19190835961783f16 - arm-trusted-firmware/plat/hisilicon/hikey/include/hisi_sram_map.h c54b714045ab12cfcff4363f00ce94952a40e2d6 - arm-trusted-firmware/plat/hisilicon/hikey/include/hikey_layout.h 659dfae8f25d18bef4e2ac3c9b2cc07bbd255dd4 - arm-trusted-firmware/plat/hisilicon/hikey/include/hi6220_regs_acpu.h f3431f5300aefc0065b1e6ad9f3e996878027bff - arm-trusted-firmware/plat/hisilicon/hikey/aarch64/hikey_common.c f4fe9f99f519b213b8d23015c37b2e4013ebb066 - arm-trusted-firmware/plat/hisilicon/hikey/aarch64/hikey_helpers.S 077745456537a78c6a462ecaf23835c3ac381a92 - arm-trusted-firmware/plat/hisilicon/poplar/bl2_plat_mem_params_desc.c 166469bcfd5bac8ca50e33d23d40607d532f7a9f - arm-trusted-firmware/plat/hisilicon/poplar/bl1_plat_setup.c 942f440e430db3a0fb9bafcb2877fa0f2b2b2206 - arm-trusted-firmware/plat/hisilicon/poplar/plat_topology.c 575e7801ee2435ca3d3bc588117235189cba8fa2 - arm-trusted-firmware/plat/hisilicon/poplar/bl31_plat_setup.c 706af98521027fbfb3cb50742e9203904186ccfb - arm-trusted-firmware/plat/hisilicon/poplar/poplar_gicv2.c 43b6cb88b4528db3610c0591b417afee9f8e086f - arm-trusted-firmware/plat/hisilicon/poplar/plat_storage.c 5366b77beffc310cab412735a4e4f43185e171c6 - arm-trusted-firmware/plat/hisilicon/poplar/poplar_image_load.c 4df6d997a517a03b7120733e3ff6f1a2634caa47 - arm-trusted-firmware/plat/hisilicon/poplar/bl2_plat_setup.c 09dd0d32acc68693a9cc4e6edda975b30b997a7d - arm-trusted-firmware/plat/hisilicon/poplar/plat_pm.c 7309b02ef23609fb839b029b295bffaf714cdc1a - arm-trusted-firmware/plat/hisilicon/poplar/include/plat_macros.S 2bc481728aac66acbe669f76aa6dd84c3f4e88a7 - arm-trusted-firmware/plat/hisilicon/poplar/include/plat_private.h e8d837174e3274ddbcd923af88d3e19e1af8c06a - arm-trusted-firmware/plat/hisilicon/poplar/include/platform_def.h 5333986fb9d6df5ca3e50aad616e8c1422eafdd2 - arm-trusted-firmware/plat/hisilicon/poplar/include/hi3798cv200.h 54bc2fcf8fb31777a2eee36c5b61246cc0fa0a17 - arm-trusted-firmware/plat/hisilicon/poplar/include/poplar_layout.h 5b726e62a784d7660009ac2235ebf2d76dc809ad - arm-trusted-firmware/plat/hisilicon/poplar/aarch64/poplar_helpers.S ef034cd3245b78dec24c714d8ffbb7e9b490427c - arm-trusted-firmware/plat/hisilicon/poplar/aarch64/platform_common.c 1178b52937b1f59d49a4b24807fedf6800893f18 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_io_storage.c 39568f02d9e541a653aaa3d8503e9976203e27b5 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_bl2_setup.c 9921f6f68c3b333297fb84f0c74626e02e31182e - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_bl2_mem_params_desc.c e521b7127c97a6dc50d62a6fb23613467dfa5c91 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_boardid.c e7130fd49b764ab203b1f70d8c04929b17c338a1 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_tbbr.c b4ec4794171dff334edac55b287dbba42365301a - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_bl_common.c 92c35daf2b450ff28a8d64da226b020489472149 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_def.h 0cd271eb1db1372ebacbc89a1ab7e6b858522177 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_topology.c 3b43870e172a97e6682dc9e7adeb7ee54b219ce1 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_mcu_load.c a012da0cb3423fd96bd536ca33852c8fba58ac2d - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_private.h 755c811030252ea484722f83c6773b03bcd1aecf - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_image_load.c 6c598ab11230d9af7684a342f64de0ef3aafd2e7 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_bl31_setup.c df960717d8f3e8b3111b85c464d02214767ffe67 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_rotpk.S 19471da73d6d6e0316b89091e8034b65252676ea - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_bl1_setup.c e5d1ee45233d19ae915b7dcde9d177ac30ff3c59 - arm-trusted-firmware/plat/hisilicon/hikey960/hikey960_pm.c 930c77f84c5ef2c7971e52015e58fd9c314fbba5 - arm-trusted-firmware/plat/hisilicon/hikey960/include/plat_macros.S b1be891afebf5d255da6f6dcb865725241f566b9 - arm-trusted-firmware/plat/hisilicon/hikey960/include/hi3660_crg.h 201bc8884be1cfb9b4f87f3fcc6ccf3aeec268d8 - arm-trusted-firmware/plat/hisilicon/hikey960/include/hi3660_hkadc.h 9b6172a308464c71e87f1f420cb1df10ceb7bfb4 - arm-trusted-firmware/plat/hisilicon/hikey960/include/hisi_ipc.h ce594eaab37f132b152875858c98ea6a8cf2f005 - arm-trusted-firmware/plat/hisilicon/hikey960/include/platform_def.h 390e28e24c8915a9f956b1a1de0cafa7306bf9ed - arm-trusted-firmware/plat/hisilicon/hikey960/include/hi3660.h d8da79f1ebd9b100b4d3dc915552f3d086d5eda9 - arm-trusted-firmware/plat/hisilicon/hikey960/include/hi3660_mem_map.h 4a0475ff7dac46ea547e623a9a83071f69b5a4b7 - arm-trusted-firmware/plat/hisilicon/hikey960/drivers/pwrc/hisi_pwrc.h 168bc920b2828c8478a977c1e6b9e597791c0e45 - arm-trusted-firmware/plat/hisilicon/hikey960/drivers/pwrc/hisi_pwrc.c 4abee183dc860ea0fe600bb9b19e3c4a0a3d6773 - arm-trusted-firmware/plat/hisilicon/hikey960/drivers/ipc/hisi_ipc.c 00786f6204973e7255b3183326d7e2fb8a54f0a2 - arm-trusted-firmware/plat/hisilicon/hikey960/aarch64/hikey960_common.c 33e4f92c8882961c556666d4e463a0cd932589bb - arm-trusted-firmware/plat/hisilicon/hikey960/aarch64/hikey960_helpers.S 9b1262ca8c6950227a294b789fb3e53dfa2086b1 - arm-trusted-firmware/plat/socionext/synquacer/sq_topology.c 3db81e971dc630ca534efcd02840b2ee0fc01794 - arm-trusted-firmware/plat/socionext/synquacer/sq_psci.c b60ee8850906f76ada82b2db19c8656ed9c12d9a - arm-trusted-firmware/plat/socionext/synquacer/sq_gicv3.c 8286dff95425dddb9a5b25ffda50460831781793 - arm-trusted-firmware/plat/socionext/synquacer/sq_xlat_setup.c 72b5553a5bdc53509ecf17a4d93cbfa1e3d06c8c - arm-trusted-firmware/plat/socionext/synquacer/sq_helpers.S f9ac11a5c154783dbbb6fbdf6485867b754f511e - arm-trusted-firmware/plat/socionext/synquacer/sq_bl31_setup.c a32f17d7db01cfb7a14811a914ba2066581d29a1 - arm-trusted-firmware/plat/socionext/synquacer/sq_spm.c f43a62ef3a99346a097b8813441539c5354436fc - arm-trusted-firmware/plat/socionext/synquacer/sq_ccn.c 09ba9cfb7c8be52484c3cff427668fc7d2524219 - arm-trusted-firmware/plat/socionext/synquacer/include/sq_common.h 9f24e8fcbc08c61f43c8041c0464cae65fe01ce8 - arm-trusted-firmware/plat/socionext/synquacer/include/plat_macros.S ef74e9cda94f07bf3061b037195287d609c0c6b4 - arm-trusted-firmware/plat/socionext/synquacer/include/plat.ld.S 25666183a169e48e144659003b018f40881b4590 - arm-trusted-firmware/plat/socionext/synquacer/include/platform_def.h f57f50699d6a8f3902d4673f01ec3ff0d6931d29 - arm-trusted-firmware/plat/socionext/synquacer/drivers/scp/sq_scp.c e431465e90b8b68ce2922ff400c2e6953eaeea9d - arm-trusted-firmware/plat/socionext/synquacer/drivers/scp/sq_scmi.c b6784404cec981a185e6f44ef689f28b7d9513e3 - arm-trusted-firmware/plat/socionext/synquacer/drivers/scpi/sq_scpi.c f8fe95fbe1e35e8c328ec5a197b76c329feda4bd - arm-trusted-firmware/plat/socionext/synquacer/drivers/scpi/sq_scpi.h ebfc7926ca7e342e5cec3fed564e68be76a80fdd - arm-trusted-firmware/plat/socionext/synquacer/drivers/mhu/sq_mhu.h 961c660b9e7a5641523d5d23b5396c2a2a67746e - arm-trusted-firmware/plat/socionext/synquacer/drivers/mhu/sq_mhu.c 05b8fac4f5d6b8cee9465b541e992f27f071fe8f - arm-trusted-firmware/plat/socionext/uniphier/uniphier_console.S 30d16489f342eed522b276128737ad41acb82ba9 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_helpers.S 456820f5853d3f1676ee19bf63b9c360ed9a80a8 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_io_storage.c ab09cd5d8d3222857a607791bee8b31359314aa9 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_bl31_setup.c 98c1438c270db5db7bd6f971cb928420df53c1b7 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_image_desc.c d94b79f813abf374eef409d04968fce943a3ef84 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_boot_device.c 8a0a08bd7b9292bd5b334bc91ad422838eb83118 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_cci.c 2b022afd58ed2221e8abc99099867eab0c42c326 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_emmc.c 26621302eaceca62d3b0e8224c6c14d5ea08df38 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_xlat_setup.c 516680ab29649a33ea07ffa922f3b18448e61e55 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_psci.c 5fa3e198d6ad7a764cb058e6e88fa12a0d8ffe85 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_nand.c b445ddffd2167b6758d19874673ec99f3f2a1d30 - arm-trusted-firmware/plat/socionext/uniphier/uniphier.h d342acec84b75ea4f64204404f0a54b4158920e1 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_usb.c 21ef9559c64415fef54f3373f28fde4fa86d92d3 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_topology.c eca523ec19dc113ddd19b9427a6651cd6ebe6bb3 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_soc_info.c ad344a675d5f4bf3287a6e32451b462c3ea7d29c - arm-trusted-firmware/plat/socionext/uniphier/uniphier_rotpk.S 91e3ef5fbfd42b725b57f2608d1934a5c717de3b - arm-trusted-firmware/plat/socionext/uniphier/uniphier_tbbr.c e4e4584414cea9a632b613da62b76c3999974c0c - arm-trusted-firmware/plat/socionext/uniphier/uniphier_console.h 30db57b3d947cfae86d4cb1fbd7d79f7365fe01d - arm-trusted-firmware/plat/socionext/uniphier/uniphier_smp.S 7518b6009c736b543504a3f84be4cbd20e8d9f0c - arm-trusted-firmware/plat/socionext/uniphier/uniphier_scp.c dd16d7be9af0988718096ec4af552732207ad390 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_console_setup.c 69a2371870f65a855d9ff7c728f2e9c32882aa2c - arm-trusted-firmware/plat/socionext/uniphier/uniphier_bl2_setup.c 7cb14fc4ccfe79fe8ffb080b91337e263775111d - arm-trusted-firmware/plat/socionext/uniphier/uniphier_syscnt.c 006db753e22b1119a67d4f76bd213bf3de08be09 - arm-trusted-firmware/plat/socionext/uniphier/uniphier_gicv3.c d181839ef722d36e8a51c126deb67a2eae64c527 - arm-trusted-firmware/plat/socionext/uniphier/tsp/uniphier_tsp_setup.c 8bea3f2da202b83b97d9b86e32cb50d5c17cae7e - arm-trusted-firmware/plat/socionext/uniphier/include/plat_macros.S e35ee40c042c15de97496be4f1d9c81b960cc3da - arm-trusted-firmware/plat/socionext/uniphier/include/platform_def.h 60baba93a9e38f989d8f3fdfb045849d1edc2d69 - arm-trusted-firmware/plat/marvell/octeontx/otx2/t91/t9130_cex7_eval/board/marvell_plat_config.c 65b77a7dbb8e28f892af2bf3b76eff17c87a9cbd - arm-trusted-firmware/plat/marvell/octeontx/otx2/t91/t9130/mvebu_def.h 2311f962795291fdd649a3acb3d3fcee85e19d11 - arm-trusted-firmware/plat/marvell/octeontx/otx2/t91/t9130/board/phy-porting-layer.h a1f884a99e9e14ac83551e73429b0cf7a2c5aa0d - arm-trusted-firmware/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c 147f2e7e737cb6a5eb1dd98a0deed8c0462d2041 - arm-trusted-firmware/plat/marvell/octeontx/otx2/t91/t9130/board/marvell_plat_config.c 2c689ed8bfb3abf1dc9ea37ffaa8aa9479649eac - arm-trusted-firmware/plat/marvell/armada/common/marvell_bl31_setup.c 1a879218f61e83b5068e40a2b093fdb4ab851a4d - arm-trusted-firmware/plat/marvell/armada/common/marvell_ddr_info.c e8797c2639ec349e76fc1946c984275c010e4cc0 - arm-trusted-firmware/plat/marvell/armada/common/marvell_console.c 9fa0f4b8209945eb39ccee90bcc305efbe10f211 - arm-trusted-firmware/plat/marvell/armada/common/marvell_gicv2.c c785e8c07a0fa5d01b9ecf8eee873f7a18697e3a - arm-trusted-firmware/plat/marvell/armada/common/mrvl_sip_svc.c 79f7407103c1059afb212382689fff9c6a4f4350 - arm-trusted-firmware/plat/marvell/armada/common/marvell_io_storage.c 5f97ccaef3ab26b2710ad26fb0fdbd9facfd0b7d - arm-trusted-firmware/plat/marvell/armada/common/marvell_gicv3.c 0ff28a152c1c0997120e1e3a5fe654f1ae19ac60 - arm-trusted-firmware/plat/marvell/armada/common/marvell_cci.c 6ea11f2ef3d7978e714cdf621aeb7c8719c7edf3 - arm-trusted-firmware/plat/marvell/armada/common/marvell_bl1_setup.c db23baf6374a79472a4b930f1fd68144d4f314a1 - arm-trusted-firmware/plat/marvell/armada/common/marvell_bl2_setup.c c6e2fab47d050265fe94d5ce57fd1a3a684da2c9 - arm-trusted-firmware/plat/marvell/armada/common/marvell_topology.c ea896d0f1d011e14c4411020d73d083c22eac783 - arm-trusted-firmware/plat/marvell/armada/common/plat_delay_timer.c 59510c739cc2d9619a9a5c21e1cbf1bb05094867 - arm-trusted-firmware/plat/marvell/armada/common/marvell_pm.c 69ee13cde36accbde0f355f89f9cc2b5d1aa2cb9 - arm-trusted-firmware/plat/marvell/armada/common/marvell_image_load.c 44573513efade3da9aa2ca94c3d4069a8af646fd - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_mem.h 872e517062b5b548f6de42424dfb8290309f6773 - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_scp_bootloader.h 0bb02e303d4c696fe34379bc2d5dd9f2fe16229d - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_scp_bootloader.c 42d2fb2461687118d1f9e79ed2ae2a274cc91c45 - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_ipc_drv.h 5cecfb1042c66b79c4c4c9bc5961fd91b34c880f - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_scp_bl2_format.h 56e5fda520a793a37c7e8daa1ecfe2354b26e99e - arm-trusted-firmware/plat/marvell/armada/common/mss/mss_ipc_drv.c daa5b1a54bfa63c73acf8429940662cd450f1eb9 - arm-trusted-firmware/plat/marvell/armada/common/aarch64/marvell_bl2_mem_params_desc.c 0842c4cae12a7c22367b83357a2c824d060dee67 - arm-trusted-firmware/plat/marvell/armada/common/aarch64/marvell_common.c a71cc21b90eb5b1d29b125e9c98c3e50f9a145bc - arm-trusted-firmware/plat/marvell/armada/common/aarch64/marvell_helpers.S 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_mcbin/mvebu_def.h 25524fffee705cfc27dd670e05523c5de9ef0ed6 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_mcbin/board/dram_port.c 586996360a2bcce38bf90fa0b1b7a20a45c6e26b - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_mcbin/board/marvell_plat_config.c 29e2e91f84a20d0c2f220e0eba6c447909e5aab4 - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_mochabin/mvebu_def.h 99aea1bcabb4f6d0d7452ad42116629d21bb2b61 - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_mochabin/board/phy-porting-layer.h 8211399dfbf7994faafa28d85d5d232265c000fe - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_mochabin/board/dram_port.c e26cc9cf2cffd853101d24b0e6cade82ff5f5cbe - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_mochabin/board/marvell_plat_config.c 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_puzzle/mvebu_def.h 4d33d263a3f05c3d8f3400a45afc2dd7f1792669 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_puzzle/board/dram_port.c 7bdf0ea1da45eaab8f21dca700b29582ccc57d0a - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_puzzle/board/system_power.c f1c6500edd19c1540f562c4ea2dba8443a7cd419 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0_puzzle/board/marvell_plat_config.c 9a52294343831155772b4411f11af6c989dbd182 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0/mvebu_def.h 80de920eee6f0214b1cfb2cf104cd6d295bb478b - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0/board/phy-porting-layer.h c0c43ed673f4f38bd78a3d145c4ff0f553bf3032 - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0/board/dram_port.c 027eab15e763f75779fca4721b6612e1cef0f74a - arm-trusted-firmware/plat/marvell/armada/a8k/a80x0/board/marvell_plat_config.c bc3edb20ef2a7baebacce2c631f800cb6d206bbc - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_bl1_setup.c 4f7afd096359c9aad1f7852029a643db033fe7c7 - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_ble_setup.c c96d4c2fac061ca1e3be3600ee8748de11d20ed0 - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_pm_trace.c f1e7a83b618d37eb2df8dcc4cff814b934a4ab74 - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_thermal.c 3f6403fd39850e34f4c3bd674ccf8170f74af43d - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_bl31_setup.c 266ed9c2a714504a190f6bdd10db0d40815a428a - arm-trusted-firmware/plat/marvell/armada/a8k/common/plat_pm.c 86c5d3b710ba9b63aaf82c0f9dc1606c22176f45 - arm-trusted-firmware/plat/marvell/armada/a8k/common/include/plat_macros.S eb840b0d5bb6e8cbd42b1ab32b72baec165926e7 - arm-trusted-firmware/plat/marvell/armada/a8k/common/include/platform_def.h 9fe71c8db281a9fc253c959e2bf8d7ed5b59f658 - arm-trusted-firmware/plat/marvell/armada/a8k/common/include/ddr_info.h 0f1625972d53fdedca61514318bdfd1ca806ac51 - arm-trusted-firmware/plat/marvell/armada/a8k/common/include/a8k_plat_def.h 3145664e80460f27bc2fd8cda127e916e518678f - arm-trusted-firmware/plat/marvell/armada/a8k/common/include/mentor_i2c_plat.h cc11d9f29f29d9c9366f3e6c66183d38e3031ab7 - arm-trusted-firmware/plat/marvell/armada/a8k/common/mss/mss_pm_ipc.c 392f1834ac5b4679e9ae724c7cf1f3a20c0e566a - arm-trusted-firmware/plat/marvell/armada/a8k/common/mss/mss_bl31_setup.c 97ae958df0c9d8f54ff36a7803fe0ba27434e45c - arm-trusted-firmware/plat/marvell/armada/a8k/common/mss/mss_pm_ipc.h f83bec0cc962f915447a4582455414387713f7ac - arm-trusted-firmware/plat/marvell/armada/a8k/common/mss/mss_defs.h 9acdf9fa5a506b13c376584f49b42a4f437af6c5 - arm-trusted-firmware/plat/marvell/armada/a8k/common/mss/mss_bl2_setup.c 4b2131b48e6b858b49e7e4d819172c5bc729f213 - arm-trusted-firmware/plat/marvell/armada/a8k/common/aarch64/plat_arch_config.c 919f5232edc5f6c3ec1670dedf5bf25fbb59356f - arm-trusted-firmware/plat/marvell/armada/a8k/common/aarch64/plat_helpers.S 01f390bd22a88039e1fc5f2d062ca126dae34478 - arm-trusted-firmware/plat/marvell/armada/a8k/common/aarch64/a8k_common.c 04e2455b39d088cb56ccb73dac9c842fb6f6b7eb - arm-trusted-firmware/plat/marvell/armada/a8k/common/ble/ble.ld.S 8d8ccf9d72fb421744052b95f2dc698844542a67 - arm-trusted-firmware/plat/marvell/armada/a8k/common/ble/ble_mem.S 29b7013d6e080d93a60b3780f10310e29aaa6bbb - arm-trusted-firmware/plat/marvell/armada/a8k/common/ble/ble_main.c b79710e67347483f51ba3aa8fcb25a7f7dbb5083 - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0/mvebu_def.h e0382b98cbf2ae3613453ec924646d5af8b1f11e - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0/board/dram_port.c a3184b54f314a3880b11bd80e9ace2a825e4e251 - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0/board/marvell_plat_config.c c7d9738b5d030b72c12bb9649d2dfb58e180b5b8 - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_amc/mvebu_def.h eecb4e28621a6ea2bbe58371406ef5f58590424c - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_amc/board/dram_port.c 8eca9aa01df9af91fe07386e941d7557eae7d0ce - arm-trusted-firmware/plat/marvell/armada/a8k/a70x0_amc/board/marvell_plat_config.c 1b64a7198143a5ec5cbe075762bfc0f47e7eded0 - arm-trusted-firmware/plat/marvell/armada/a3k/common/cm3_system_reset.c 4e66aa51fabafab21b8e01fa4f3d49fc8fe6a97e - arm-trusted-firmware/plat/marvell/armada/a3k/common/a3700_sip_svc.c f0aaac82be8c1b465622b1b82d8514de62c2e937 - arm-trusted-firmware/plat/marvell/armada/a3k/common/dram_win.c f1d76afaec515fb65236190a9aced6e0ae2b4d8b - arm-trusted-firmware/plat/marvell/armada/a3k/common/a3700_ea.c 40c2d9f804ed183a8befa38d61bdd2164d711b34 - arm-trusted-firmware/plat/marvell/armada/a3k/common/plat_pm.c a8ca841fb42e9bb5a9c071732f25138003b82d96 - arm-trusted-firmware/plat/marvell/armada/a3k/common/plat_cci.c 344f94187e37e08b2f532eb66281e7e28e7702c5 - arm-trusted-firmware/plat/marvell/armada/a3k/common/io_addr_dec.c d00c0cf869839d6cd370b5b6c58e8d066705e2e1 - arm-trusted-firmware/plat/marvell/armada/a3k/common/marvell_plat_config.c 71cc1316bcad08255d76ad0ad858f47d681be60d - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/a3700_plat_def.h 58c7ff47a2230af870313a655dcab4f22dd64957 - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/dram_win.h 12bd9050e1d74b888a3866cf8ff79d17103fd0f2 - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/plat_macros.S 6a269296c2d98fb8f6f4c1736696c4e6081cbc88 - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/a3700_pm.h 61ab3a7cf4de99459f74b40ee4aa7c4c063f92ab - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/platform_def.h 6c89be0e3e7e102687ce8d216227785edce4db33 - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/ddr_info.h 0e8b8f431e24f28a92fcd4fb9d46eb87a1113db4 - arm-trusted-firmware/plat/marvell/armada/a3k/common/include/io_addr_dec.h 6a97369a4a693cf002e5f5f6ece32516e5978068 - arm-trusted-firmware/plat/marvell/armada/a3k/common/aarch64/a3700_common.c 965bc32da1f0ff9aa830bcede48eaca19cbe3b29 - arm-trusted-firmware/plat/marvell/armada/a3k/common/aarch64/plat_helpers.S 80f0ae31f4c2b57b330b01be44b293f6aa2cef72 - arm-trusted-firmware/plat/marvell/armada/a3k/common/aarch64/a3700_clock.S 716620282caf3210c15f6795e996035311a8ddd8 - arm-trusted-firmware/plat/marvell/armada/a3k/a3700/plat_bl31_setup.c 2cecd73b6df5a49196420939a6810672640ce165 - arm-trusted-firmware/plat/marvell/armada/a3k/a3700/mvebu_def.h 8f4af50a0df849dd31970be55e943ee4302b0472 - arm-trusted-firmware/plat/marvell/armada/a3k/a3700/board/pm_src.c dd2c481628c54d07d905a85f08e527943473d31b - arm-trusted-firmware/plat/arm/common/arm_nor_psci_mem_protect.c d663fd87f45498acaee1a4325d0e44e561dd102a - arm-trusted-firmware/plat/arm/common/arm_image_load.c e58481ddddf7e4632598a6ca543bfc9fcb6a7c48 - arm-trusted-firmware/plat/arm/common/arm_dyn_cfg.c 3b628c17fd98697338a0997a380df8a81c7d2e66 - arm-trusted-firmware/plat/arm/common/arm_bl2u_setup.c f2f3b9e0893c37d6ecae1332b3df925e9ab4d30f - arm-trusted-firmware/plat/arm/common/arm_console.c 53d385569ada7ff06030853184930078d8a2e4d8 - arm-trusted-firmware/plat/arm/common/arm_cci.c 842368bd1a44c1ece633a1254dc3cdaa4983c6ae - arm-trusted-firmware/plat/arm/common/arm_topology.c 9ac215f26148ab94b630463319c086d3e8b88c31 - arm-trusted-firmware/plat/arm/common/arm_bl2_el3_setup.c 6e9da80beed8b267a6c15c88f8b25e81d8b7bda4 - arm-trusted-firmware/plat/arm/common/arm_bl1_setup.c bb20b499eb4fed681f076d21eeabaaf686b1c7fe - arm-trusted-firmware/plat/arm/common/arm_bl2_setup.c d2c7c17798553c8d4e29f9b1bcad9e2754c97e6d - arm-trusted-firmware/plat/arm/common/arm_err.c 667de698f76e8d0b6d6f1b85f8012f3bed27e925 - arm-trusted-firmware/plat/arm/common/arm_ccn.c e460d7f371f1102e3c39114a43c606937f3c9f92 - arm-trusted-firmware/plat/arm/common/arm_common.c 9b812991736d46b06d462799a31eb49ffae96260 - arm-trusted-firmware/plat/arm/common/arm_gicv2.c 1f2643d0dcc34c7b46895a5dd300de2674cc1274 - arm-trusted-firmware/plat/arm/common/arm_dyn_cfg_helpers.c 61b4b6215ec4cf4e050d7a14359bfdc2b64e2d8e - arm-trusted-firmware/plat/arm/common/arm_sip_svc.c 5f8fb896e304dbb204531641566de21b2e53a426 - arm-trusted-firmware/plat/arm/common/arm_tzc400.c 420e2c07ae07c6152cc914a3b464ec17f2f92843 - arm-trusted-firmware/plat/arm/common/arm_bl31_setup.c c3c969f538ef3f3853d867a2c9c020723e5adc66 - arm-trusted-firmware/plat/arm/common/arm_tzc_dmc500.c 845db666afafcf708e365edd5461d9071f72c738 - arm-trusted-firmware/plat/arm/common/arm_gicv3.c abdb20c16e5bae6df0e447b4a356eb5b9ed3eda0 - arm-trusted-firmware/plat/arm/common/arm_bl1_fwu.c 70afb2dd0a66c2a2b6eb5bfaf16df448d90e029d - arm-trusted-firmware/plat/arm/common/arm_io_storage.c 8d5a41b0cad025e83538d4508b8de54c96dd6be8 - arm-trusted-firmware/plat/arm/common/arm_pm.c a666a9d920e0637f17e51eff519cc94c115b1ef7 - arm-trusted-firmware/plat/arm/common/fconf/arm_fconf_io.c 361186531a919bdc7825945fec639bf0db44800f - arm-trusted-firmware/plat/arm/common/fconf/fconf_nv_cntr_getter.c ac62b3ab6e132e1747dbd2ffd6f40a72b4270235 - arm-trusted-firmware/plat/arm/common/fconf/fconf_sec_intr_config.c fc971d9e587662fd23f35aa2dfbf0abf23c9da74 - arm-trusted-firmware/plat/arm/common/fconf/fconf_ethosn_getter.c 3ddfbb8ae3448f315371d7a3a814bea1d055cd3a - arm-trusted-firmware/plat/arm/common/fconf/arm_fconf_sp.c dce55e77a6a4b9da7a42be37f5bba717d0c353e0 - arm-trusted-firmware/plat/arm/common/fconf/fconf_sdei_getter.c cacda44b3716b65a5c30eedd17ed5a1335b8597b - arm-trusted-firmware/plat/arm/common/tsp/arm_tsp_setup.c 3237cf84bb44f0cc5b45b74d69d2934525543135 - arm-trusted-firmware/plat/arm/common/sp_min/arm_sp_min_setup.c cc6a2551546758984d250e491c5c077149044f98 - arm-trusted-firmware/plat/arm/common/aarch64/arm_helpers.S 425d4b8c29564ce790babb9ea3fcc7ad80224fc6 - arm-trusted-firmware/plat/arm/common/aarch64/arm_bl2_mem_params_desc.c 1177013eddcf476b6a6d1f3367ae319363663450 - arm-trusted-firmware/plat/arm/common/aarch64/arm_pauth.c 6ee204b0e2a5012ad4dcef1cfe9fe884590bfb8c - arm-trusted-firmware/plat/arm/common/aarch64/execution_state_switch.c 8543903cea745c6c6709fd524622d3d5d3fd8df2 - arm-trusted-firmware/plat/arm/common/aarch64/arm_sdei.c 8c6171b381cfc6eca906ce2f7e2e6658895380ca - arm-trusted-firmware/plat/arm/common/aarch32/arm_helpers.S 43a64183c368a80bc24e370c93889989a49bfca3 - arm-trusted-firmware/plat/arm/common/aarch32/arm_bl2_mem_params_desc.c 17e3af5dfebbe4a8933589c7b3c67e14faa7dc12 - arm-trusted-firmware/plat/arm/common/trp/arm_trp_setup.c 5562bd387d6506e0db4a62fe23b24cd1c5046754 - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_stack_protector.c 810d8a4c9a7dff63b504d43fa4691f19cdf86b3b - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_bl2_mem_params_desc.c 1e7fe4ccc25d366dfe5f6a14851dab68001bdb13 - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_topology.c c10b97a1764fe4c02c0a7ae81b0a75313edeed05 - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_helpers.S 0e3644e6d15833cfd15ee928af181e156ec27e8a - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_trusted_boot.c fbb932100f4228bb8fe153a58d84898837188f8b - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_err.c dd206cc4d7ea74d0dcace11dc6c64faf0d687b8a - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_plat.c 7bc7cf637e9751cbed26e48c65722c070a0f9d36 - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_pm.c b9f80852b169e9c137876fadebe0782792162fe4 - arm-trusted-firmware/plat/arm/board/corstone1000/common/corstone1000_security.c 16e3686521725b2e8cf355c2d990811fc260a02c - arm-trusted-firmware/plat/arm/board/corstone1000/common/fdts/corstone1000_spmc_manifest.dts a5086b67555acbdb3f4c3b25f837cbb372b0102a - arm-trusted-firmware/plat/arm/board/corstone1000/common/include/platform_def.h 70913ecf05a6e846d99d63213b643de746a371e8 - arm-trusted-firmware/plat/arm/board/corstone1000/include/plat_macros.S d115cd145587e366c9c6d02d47cc7ea610f7791f - arm-trusted-firmware/plat/arm/board/morello/morello_security.c 846d7f92ffe6c368d0d0b85ffa36409b0dd04caf - arm-trusted-firmware/plat/arm/board/morello/morello_trusted_boot.c 710e4ce5fe08ed123d1977361a4bbf49dff07ba9 - arm-trusted-firmware/plat/arm/board/morello/morello_def.h eae232f83e8fef4997f24f4cce1d598178a8eab0 - arm-trusted-firmware/plat/arm/board/morello/morello_plat.c c855687b5adb537f1a56e37496a708864bd72650 - arm-trusted-firmware/plat/arm/board/morello/morello_bl1_setup.c 021dca0ec2928f72c45e98a602338d8a2bb08cc2 - arm-trusted-firmware/plat/arm/board/morello/morello_err.c 9e616a8e89120ae9b614d9bae16f0de9aa886778 - arm-trusted-firmware/plat/arm/board/morello/morello_bl2_setup.c 275ff8fd1cb66a02cc8ca9b9494035d3aa7f8ebf - arm-trusted-firmware/plat/arm/board/morello/morello_image_load.c 0105670429d8a205bc698cf69de09044501a55a1 - arm-trusted-firmware/plat/arm/board/morello/morello_topology.c ab6ec67031b519490edd2bdd7efb973f91af2453 - arm-trusted-firmware/plat/arm/board/morello/morello_bl31_setup.c 59b5177c9b302f117bea58642d758d747224eaed - arm-trusted-firmware/plat/arm/board/morello/morello_interconnect.c 9c4c899115425303ba08c836c2a6ca740418160b - arm-trusted-firmware/plat/arm/board/morello/fdts/morello_fw_config.dts bf30791c97940cf78bee90bb458a53b2480a4154 - arm-trusted-firmware/plat/arm/board/morello/fdts/morello_nt_fw_config.dts a95b1476c52a6213400f2402811d15e5d82d7d83 - arm-trusted-firmware/plat/arm/board/morello/fdts/morello_tb_fw_config.dts 5361abb465b0253014c38facafec374dd284699a - arm-trusted-firmware/plat/arm/board/morello/include/plat_macros.S e1eb7e2194a62fcfa63e0d92da3567386d98a24d - arm-trusted-firmware/plat/arm/board/morello/include/platform_def.h 1c3ff5d4d35a2aa211380dea2b252236f3dae0b1 - arm-trusted-firmware/plat/arm/board/morello/aarch64/morello_helper.S ae7769a5c9c26af057b45ea638e7d3e8f7905d63 - arm-trusted-firmware/plat/arm/board/sgm775/sgm775_err.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/sgm775/sgm775_trusted_boot.c 77c37592e064ebc47319196a2468d4a75a6ff7de - arm-trusted-firmware/plat/arm/board/sgm775/fdts/sgm775_tb_fw_config.dts 673d2aca63b2cddcb1fc087b3849b8459c60178a - arm-trusted-firmware/plat/arm/board/sgm775/fdts/sgm775_fw_config.dts 20df07965dd541c0c14b55f71c827c0b992b608c - arm-trusted-firmware/plat/arm/board/sgm775/include/platform_def.h 8908fa02b1140f0d45e9bdcc3d5552190eb3af41 - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_security.c ed51f976efc9644368dd64840ed3d158c086650e - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_stack_protector.c 3d1a55d785180dd11beb8473207268d04543695a - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_helpers.S 5f0ac09b373c85fd1d635fb4f06ea45011389b19 - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_topology.c df9742f665da99900fe4a3fdc0b6fbcc02209a0f - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_pm.c 90dbd482aecd4e6be49f62fed93a4b38e4d79784 - arm-trusted-firmware/plat/arm/board/corstone700/common/corstone700_plat.c 3c1fd619c9a1da90f7af84b9c6e1b8eceb5e7a20 - arm-trusted-firmware/plat/arm/board/corstone700/common/include/platform_def.h 688520959b3077ac47e6c17fd87614f5400ec96f - arm-trusted-firmware/plat/arm/board/corstone700/common/drivers/mhu/mhu.c 9f9f59bab890a50e0444edf12481248060aa9c1b - arm-trusted-firmware/plat/arm/board/corstone700/common/drivers/mhu/mhu.h d2cf1d7868d3a048734caa91b018fb43f56c36dd - arm-trusted-firmware/plat/arm/board/corstone700/sp_min/corstone700_sp_min_setup.c 1cc6a4959dd00202735100b426201a00f18764ec - arm-trusted-firmware/plat/arm/board/rdn2/rdn2_plat.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/rdn2/rdn2_trusted_boot.c 73d0e620495671f0ffa9cfdd536e8f3c97f6e384 - arm-trusted-firmware/plat/arm/board/rdn2/rdn2_err.c 3693a7e757b2541552b2c91c91a0dba2d6a0a8de - arm-trusted-firmware/plat/arm/board/rdn2/rdn2_security.c 795d97596b09631253539c8a66fa49d5d422d01d - arm-trusted-firmware/plat/arm/board/rdn2/rdn2_topology.c ed25350e5c803bac231eea3f950d3e7e5aee01d2 - arm-trusted-firmware/plat/arm/board/rdn2/fdts/rdn2_nt_fw_config.dts 77c37592e064ebc47319196a2468d4a75a6ff7de - arm-trusted-firmware/plat/arm/board/rdn2/fdts/rdn2_tb_fw_config.dts 3fa6109549ac24e3e9727ec6cfc9c34111cf53c9 - arm-trusted-firmware/plat/arm/board/rdn2/fdts/rdn2_fw_config.dts f8bee970c03b0a4da0d79dcc8895e970ff34ffa1 - arm-trusted-firmware/plat/arm/board/rdn2/include/platform_def.h 7d80d6700188f44364662e46113af9036afedcbc - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_topology.c e902fc33536870bb2460962782828919e301f53a - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_plat.c 7104250da7bca258ddb0bf081570d32f8900092b - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_interconnect.c e3d086dd3e36ff5fd58f3282c011f6394739185c - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_def.h 4497a7586471f072a94ff5a066931c86dcb6fd2d - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_security.c 5a64604c368489c4585ba4e01e129b3687e5d8ff - arm-trusted-firmware/plat/arm/board/n1sdp/n1sdp_bl31_setup.c b45c063aa1fdf9280c52020500ae6e83d71244c5 - arm-trusted-firmware/plat/arm/board/n1sdp/include/plat_macros.S eaeab6f905d711a8fa04d0ce9d2c2ec485934eaf - arm-trusted-firmware/plat/arm/board/n1sdp/include/platform_def.h 4b16feb977654bc82a89a104dc5b31b167bf17d1 - arm-trusted-firmware/plat/arm/board/n1sdp/aarch64/n1sdp_helper.S 0b886935846ab1d278829932851b6cc492f106cc - arm-trusted-firmware/plat/arm/board/juno/juno_bl31_setup.c 0ff3d7a6c51d9752cc2a86bb19e800a94245eea2 - arm-trusted-firmware/plat/arm/board/juno/juno_stack_protector.c 49553a7fbab54730a1b3de994aa92810c35025da - arm-trusted-firmware/plat/arm/board/juno/jmptbl.i 07f098d234d16533d40b505e91dbb1aae1712650 - arm-trusted-firmware/plat/arm/board/juno/juno_security.c 6cea3743018f1d02cac51c8d78a92561ea46ce14 - arm-trusted-firmware/plat/arm/board/juno/juno_bl2_setup.c 50963e02933b9165b4b2c2a4b8ce7f8cc758df7d - arm-trusted-firmware/plat/arm/board/juno/juno_trusted_boot.c 8a5716ff7852804effaf5810a335e69d3a788a50 - arm-trusted-firmware/plat/arm/board/juno/juno_trng.c ebbb9c3ccbc5ea001a213d0ba5a9b7744bd561dc - arm-trusted-firmware/plat/arm/board/juno/juno_tzmp1_def.h d784833f267d4a24f2a529767e8892a4aa11df9d - arm-trusted-firmware/plat/arm/board/juno/juno_common.c bef868e2dcb239da5ba7d1787c2f790e1f31d33a - arm-trusted-firmware/plat/arm/board/juno/juno_err.c 17d854b860806d6ad8af6ee63952524a3bcbd9e9 - arm-trusted-firmware/plat/arm/board/juno/juno_pm.c 419b6382a2607911be10024a6287e69289234326 - arm-trusted-firmware/plat/arm/board/juno/juno_topology.c 905aac590f6fdf10096fd3e0f4bb661a2953acfb - arm-trusted-firmware/plat/arm/board/juno/juno_bl1_setup.c 53c5a79a63bf1f5551016da97e29bf8702e32ad3 - arm-trusted-firmware/plat/arm/board/juno/juno_def.h dfc9edcda0daf49b40451e94c30405aa901ef204 - arm-trusted-firmware/plat/arm/board/juno/fdts/juno_fw_config.dts 805360ecd38e071b1f2e9b60704130be813557e2 - arm-trusted-firmware/plat/arm/board/juno/fdts/juno_tb_fw_config.dts 53f8c45c8436fb9bb4378cd8782a0b7d8037e5d2 - arm-trusted-firmware/plat/arm/board/juno/include/plat_macros.S 821681f18e15e60a3d540f06924deb6c691c2d7b - arm-trusted-firmware/plat/arm/board/juno/include/platform_def.h 4780ddabb988fa673f07503011a00242d2ea9faa - arm-trusted-firmware/plat/arm/board/juno/aarch64/juno_helpers.S 319dfb0515299119770970eb5953825ab7abd95c - arm-trusted-firmware/plat/arm/board/juno/aarch32/juno_helpers.S 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/rdv1mc/rdv1mc_trusted_boot.c 584cb4b05aeec673c6c04da7c3885037b079afa4 - arm-trusted-firmware/plat/arm/board/rdv1mc/rdv1mc_err.c 3f70fab8ee8fcd7926df2c977d9380f53cbbb9f6 - arm-trusted-firmware/plat/arm/board/rdv1mc/rdv1mc_security.c 04538cf26382d09d8e2c07c0b46f13a5b099236a - arm-trusted-firmware/plat/arm/board/rdv1mc/rdv1mc_topology.c d4a49ec110e03192903aeabeae1df36bca1cae8a - arm-trusted-firmware/plat/arm/board/rdv1mc/rdv1mc_plat.c c139b0b044ff0f3122d7f6e5b65703bc3fbee8d2 - arm-trusted-firmware/plat/arm/board/rdv1mc/fdts/rdv1mc_nt_fw_config.dts 77c37592e064ebc47319196a2468d4a75a6ff7de - arm-trusted-firmware/plat/arm/board/rdv1mc/fdts/rdv1mc_tb_fw_config.dts 3fa6109549ac24e3e9727ec6cfc9c34111cf53c9 - arm-trusted-firmware/plat/arm/board/rdv1mc/fdts/rdv1mc_fw_config.dts 05ecf6ab819a6a6ca826e872d3c1fa6a21c7e7ef - arm-trusted-firmware/plat/arm/board/rdv1mc/include/platform_def.h 86c2465abfadc0a5dfe9b561b0f5675db8fee013 - arm-trusted-firmware/plat/arm/board/fvp/fvp_stack_protector.c a1e4c883f6912bad1724268901a148f96250854a - arm-trusted-firmware/plat/arm/board/fvp/fvp_realm_attest_key.c 394a425b1d229fbbad1173c1371edc737857d5f2 - arm-trusted-firmware/plat/arm/board/fvp/jmptbl.i 19591a34444effbe25bc3245bb68e6462bda0024 - arm-trusted-firmware/plat/arm/board/fvp/fvp_pm.c 20e8179e5c61147fc2d627dbb503babac430603c - arm-trusted-firmware/plat/arm/board/fvp/fvp_def.h 0c3494f4c7e2590865b69abf91d4b49be1ea469d - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl31_setup.c a6d08d07ea1ba1184a912ed5ef6a6287291ff743 - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl2_setup.c 10c7154aeb64129154f13657841ad8f9aee6af85 - arm-trusted-firmware/plat/arm/board/fvp/fvp_trusted_boot.c aed35e7aa732be73eef26face244c3acdee67640 - arm-trusted-firmware/plat/arm/board/fvp/fvp_console.c 0a86ad28b6ae96f93bdbcc32be32335d3e8250e9 - arm-trusted-firmware/plat/arm/board/fvp/fvp_err.c 6f76c4d8ae1abb640a62785bfc535bcb485f9511 - arm-trusted-firmware/plat/arm/board/fvp/fvp_topology.c b4b38f929ba25c093b95fc92938eb9b58213a4b8 - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl1_measured_boot.c fa75b4ccee6e6d8604b819da30a1ed892db70b15 - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl1_setup.c d25e9c719859733739581faecd38cfa80443aa83 - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl2_measured_boot.c 87220bf30d58a155c2f10f38418d094db212e5b6 - arm-trusted-firmware/plat/arm/board/fvp/fvp_private.h 223e1339e343160feab72cff7621103ada50dbc9 - arm-trusted-firmware/plat/arm/board/fvp/fvp_common_measured_boot.c 1570105ddfc280d36e64641b556bc2da9a0529dc - arm-trusted-firmware/plat/arm/board/fvp/fvp_security.c d62b302ac0bf1976ed0084160aeba061e325a6c3 - arm-trusted-firmware/plat/arm/board/fvp/fvp_plat_attest_token.c df0b10a5b65cf57a485f5eb846e0cfa7e64c429b - arm-trusted-firmware/plat/arm/board/fvp/fvp_io_storage.c 71418933f8bb76fa971723d4cb9bc6748a009f33 - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl2_el3_setup.c 39be04c7a0d7f7559902b8813b1ded035b592985 - arm-trusted-firmware/plat/arm/board/fvp/fvp_gicv3.c a3147836e6e11bb9b651753fee98a99b2f81062b - arm-trusted-firmware/plat/arm/board/fvp/fvp_common.c 1924351967826f1ad9898254b30419ba2e7fb9cc - arm-trusted-firmware/plat/arm/board/fvp/fvp_bl2u_setup.c 83e404fdd5bc4dda0b68b92d365d6e9b047f13d3 - arm-trusted-firmware/plat/arm/board/fvp/fconf/fconf_nt_config_getter.c 10fc5531e7b7d5ac9ffba191f525b64179843eae - arm-trusted-firmware/plat/arm/board/fvp/fconf/fconf_hw_config_getter.c 5601a00daf6c8ba481f1addc03652d97efe84a3c - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_soc_fw_config.dts 43a2362473fca426e3a62517552c20c2a629a563 - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b1406e98f75e782442a0fdfe50c8aad26cf5aeb5 - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_spmc_manifest.dts 33a1a8c0c5e1f8f806d0dbe69adab509f55301be - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_nt_fw_config.dts aba68daa32f394274fa0c7b3ebb2d77514e105da - arm-trusted-firmware/plat/arm/board/fvp/fdts/event_log.dtsi 7dd67253d1f53292fbdd750b1360cace93220e02 - arm-trusted-firmware/plat/arm/board/fvp/fdts/optee_sp_manifest.dts b8ba7eb0ce440dedebafa08a9e3ffde066832d0a - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_fw_config.dts 26761d08528feec31bb15a854b65dd46629135fe - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_tsp_fw_config.dts df9f20c998402fb612824aeec7d618e97e023cb8 - arm-trusted-firmware/plat/arm/board/fvp/fdts/fvp_spmc_optee_sp_manifest.dts b59b8589b390aaea5c26a9621713fe3d78e47e8b - arm-trusted-firmware/plat/arm/board/fvp/tsp/fvp_tsp_setup.c aed581dcf8acf86f277ecf028cc1eec4f0c081fc - arm-trusted-firmware/plat/arm/board/fvp/include/plat_macros.S aaff5cd1241ce58ab9627da89fb4860390a0864b - arm-trusted-firmware/plat/arm/board/fvp/include/fconf_nt_config_getter.h 1f6772f1b9358e6acc890bc4475a57f68cebc72d - arm-trusted-firmware/plat/arm/board/fvp/include/plat.ld.S 84180022623ad574044b9436e62202ee5635c6ae - arm-trusted-firmware/plat/arm/board/fvp/include/fconf_hw_config_getter.h 12b7439bee5ead5da71eb5a42a9c5cc493f9c7fc - arm-trusted-firmware/plat/arm/board/fvp/include/fvp_critical_data.h c7af81d092cd74c1eba0402a02368b53f801c235 - arm-trusted-firmware/plat/arm/board/fvp/include/platform_def.h 6adce62f756dc0792fb3a4d6aa6cec60e0b54117 - arm-trusted-firmware/plat/arm/board/fvp/sp_min/fvp_sp_min_setup.c 3f4bcd29ccbf7cd09dfe8275846469b38db62e2f - arm-trusted-firmware/plat/arm/board/fvp/aarch64/fvp_ras.c d5a6187ffa8ab68518e9d896c2d50bbf600d68cd - arm-trusted-firmware/plat/arm/board/fvp/aarch64/fvp_helpers.S 2c7ccf1e47b4fdac9dc7745e506f4194cce2e498 - arm-trusted-firmware/plat/arm/board/fvp/aarch32/fvp_helpers.S 851570d1add4283d5a01ff4893f1558decb2d6e9 - arm-trusted-firmware/plat/arm/board/rdn1edge/rdn1edge_topology.c 7d37a6f29bbe666c9db7538d4d7a123d1ab40b17 - arm-trusted-firmware/plat/arm/board/rdn1edge/rdn1edge_err.c ba9b8a6b4b36804eb8c8aee5b17845c85db8a845 - arm-trusted-firmware/plat/arm/board/rdn1edge/rdn1edge_plat.c 561594e99d3e16d7826006d518e141e9a58eadec - arm-trusted-firmware/plat/arm/board/rdn1edge/rdn1edge_security.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/rdn1edge/rdn1edge_trusted_boot.c 5d0744ed59fc75ba7204d9d0083fbc0cd64e74d6 - arm-trusted-firmware/plat/arm/board/rdn1edge/fdts/rdn1edge_fw_config.dts 869fa43b401d5d394651f9d1bd9eb784b7ebb14d - arm-trusted-firmware/plat/arm/board/rdn1edge/fdts/rdn1edge_tb_fw_config.dts a87583e95c695a2bf6af550cd6fbbffb3eae3961 - arm-trusted-firmware/plat/arm/board/rdn1edge/fdts/rdn1edge_nt_fw_config.dts 97f84a745ae8fccb804dc7e0ba50b85d46ed4198 - arm-trusted-firmware/plat/arm/board/rdn1edge/include/platform_def.h 0edacdd0dc4a2af6f50c21ccdf98244fe72c6730 - arm-trusted-firmware/plat/arm/board/common/board_arm_trusted_boot.c aa5febfe9cf8a923785e2509c54c7e03032167e7 - arm-trusted-firmware/plat/arm/board/common/protpk/README cdb90754cb9118d6571aad9c3846b2c410f708d1 - arm-trusted-firmware/plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin a819075a49fd85dede74b56ddededf2f4c046f07 - arm-trusted-firmware/plat/arm/board/common/protpk/arm_protprivk_rsa.pem ce90ae54534188e8ed455e84da4ee7656807dc45 - arm-trusted-firmware/plat/arm/board/common/protpk/arm_dev_protpk.S 885dbc360b97a82697b2978ae8f5665ba4878080 - arm-trusted-firmware/plat/arm/board/common/aarch64/board_arm_helpers.S d7941a7e9ec8fa11c4dd7580b57e1543e335d61b - arm-trusted-firmware/plat/arm/board/common/aarch32/board_arm_helpers.S c4cd605f9796351468c8e3427ec60a3ab5966a93 - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_dev_rotpk.S f63762c7a16038a4bc3a046a89d815cf9ae9089b - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem 99b2edcf01ed68e8e25f2687d31ef61f0531f26f - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotpk_rsa.der b48500f3591ea941f29e3cb482855cd947d886c3 - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin 64194de14ee2424df1ca72d388c407f3d0c16184 - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem 2b0cf90adf32af769b93e85764f195737286be65 - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin b22a3e04b7c492d96f48978250bd02b1de04304b - arm-trusted-firmware/plat/arm/board/common/rotpk/arm_rotpk_ecdsa.der bdf16498e248d1d87d012aca5001940fb8328395 - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_private.h 89a8aeb02e2a9467d783383e96d830647443b99d - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_bl31_setup.c 86553039cac69d2003776608e4a3172af5f6263d - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_console.c 1cfbd3237d5138875eda5a3f57ebd08f452c4992 - arm-trusted-firmware/plat/arm/board/arm_fpga/kernel_trampoline.S 78391ad4c170cb70d2db6ad5639108f4f6020dc6 - arm-trusted-firmware/plat/arm/board/arm_fpga/rom_trampoline.S 0ca4a4d2749cd227831e57d361b8c16ee0f3cf03 - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_gicv3.c fe445cbd11196fc3c69cdcbc6be5cdbc4354026b - arm-trusted-firmware/plat/arm/board/arm_fpga/build_axf.ld.S ef779e5f985f2ebef6d66a83442695603c463465 - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_def.h 70fd1afdd7b31d55ddd95d7018ba66095315083e - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_topology.c 15269f87cab6dfa65ce9cbaacbb13ee9cf2af583 - arm-trusted-firmware/plat/arm/board/arm_fpga/fpga_pm.c 87820ef2083d1576c3d29546b46fb922eafa3737 - arm-trusted-firmware/plat/arm/board/arm_fpga/include/plat_macros.S 6631f2221faec011381242d2e2011d9eda3e9780 - arm-trusted-firmware/plat/arm/board/arm_fpga/include/platform_def.h 205b5febc22c83179a2fc6c9005499ef61e8f347 - arm-trusted-firmware/plat/arm/board/arm_fpga/aarch64/fpga_helpers.S 3aff6d693c63d2b2dc58205e075552c4f14e24c2 - arm-trusted-firmware/plat/arm/board/sgi575/sgi575_security.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/sgi575/sgi575_trusted_boot.c 95aa905a5aa0734b8993eaf65aa91924c6ba1ccd - arm-trusted-firmware/plat/arm/board/sgi575/sgi575_topology.c 4bcbaa1f0a092433b2d017ed4941be94943fa552 - arm-trusted-firmware/plat/arm/board/sgi575/sgi575_err.c e717578fd539b138146efa385134192a8aa4055c - arm-trusted-firmware/plat/arm/board/sgi575/sgi575_plat.c a19b040188761f8bccb0937f9f397e3b191c143e - arm-trusted-firmware/plat/arm/board/sgi575/fdts/sgi575_nt_fw_config.dts 77c37592e064ebc47319196a2468d4a75a6ff7de - arm-trusted-firmware/plat/arm/board/sgi575/fdts/sgi575_tb_fw_config.dts 9f8fd7d90d63ffe6d71473664ec09b7aa4cdf607 - arm-trusted-firmware/plat/arm/board/sgi575/fdts/sgi575_fw_config.dts 127adaf6d9d5f7353a1893a6f2904417a96def85 - arm-trusted-firmware/plat/arm/board/sgi575/include/platform_def.h db240cab0da9aaf6298ede4c8418abd28744a258 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_err.c deb3a6a31fba479e597c0ae722532692996e2372 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_common.c 1f85fcf3a3d2c0bd5a8c5e848a4841400b54f9fe - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_private.h 2ce9cd0a5ef399a537316089ff1451da165bdd42 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_bl1_entrypoint.S b5fe2445bbd4cfd3d360d2d930d9358c4eed5555 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_trusted_boot.c 486d3021b7aeeb557efb82cafa7337d3d3041fb7 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_bl1_main.c efd5139ee502cdc5570d9ec338ee84b3410067fd - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_misc_helpers.S 8e7bab3de835fbccc87f8d20b8acecc011d4fcaa - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_debug.S e985480b9d1aa1426a500f3c4869a1f32bb8b422 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_io_storage.c 181e66fa9c41732917a323ee0fe465da3b5ce36d - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_stack_protector.c 61fa6bbfd2f41f1cc6fe1c4caacb1fa09461692c - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_helpers.S 5f78d5ae0c4547371279bfc19196f01fb454e3b6 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_bl1_arch_setup.c 93cd93fd9277603c0a72cf1c730d6486a6247262 - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_bl1_setup.c b1777d180724d85711393cf136ad5b34e80ce86a - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_def.h b20640f66687a9edf5c361b2cf32bf1244777ecd - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_context_mgmt.c 860f2b3b1633322a3865add4e226f457c1a7237d - arm-trusted-firmware/plat/arm/board/fvp_r/fvp_r_bl1_exceptions.S 5356ccdf1172f23b213522e8c204e511fd9b8841 - arm-trusted-firmware/plat/arm/board/fvp_r/include/platform_def.h e9c7e8c62f6a1ac8f4b8f79ebb080765f9244fbe - arm-trusted-firmware/plat/arm/board/fvp_r/include/fvp_r_arch_helpers.h daecdf40f28b13596b217b424164a59b35baa192 - arm-trusted-firmware/plat/arm/board/rdv1/rdv1_plat.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/rdv1/rdv1_trusted_boot.c 39dd88b06678aa7f03906487a206a758c69bb621 - arm-trusted-firmware/plat/arm/board/rdv1/rdv1_security.c 1c209493074be7ae85b1aafe237784f10e2b7093 - arm-trusted-firmware/plat/arm/board/rdv1/rdv1_topology.c 07a42e98f0211f264decd0d40369a5a22999a7a4 - arm-trusted-firmware/plat/arm/board/rdv1/rdv1_err.c 4eee465e298e33cc2776504ed671b987022fb333 - arm-trusted-firmware/plat/arm/board/rdv1/fdts/rdv1_nt_fw_config.dts 77c37592e064ebc47319196a2468d4a75a6ff7de - arm-trusted-firmware/plat/arm/board/rdv1/fdts/rdv1_tb_fw_config.dts 3fa6109549ac24e3e9727ec6cfc9c34111cf53c9 - arm-trusted-firmware/plat/arm/board/rdv1/fdts/rdv1_fw_config.dts 5a4591bc131dd662dddfaa201c233dc2e6f0a9a0 - arm-trusted-firmware/plat/arm/board/rdv1/include/platform_def.h af1f8d5af2ee91ba0dd180c42a7b8f73b7543474 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_security.c 4a175994a02eeb79a8ccc76f0b3be5ac2d45771d - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_private.h 103c2c1d17da9dfaab63bca2f61e6bd21aa82c19 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_bl2_setup.c b370460e14d8e464d9f852b0e3f18cf2dca4950b - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_pm.c 87d9fc22d1228a7faf0c17443f9d5afd194e4334 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_err.c 6733f3383940d86208b8239c1d08d9221c2c2929 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_common.c a924444b8053fdd6d907961d26d25ef0d3a207f7 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_topology.c 300e69aa5df2f362bc3ddf1c430fe3fab03f11da - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_def.h b0261bd454617bc33a79aa98dcfa987149992300 - arm-trusted-firmware/plat/arm/board/fvp_ve/fvp_ve_bl1_setup.c 996afef966d673534a7502180616ba362cdb0d9c - arm-trusted-firmware/plat/arm/board/fvp_ve/fdts/fvp_ve_tb_fw_config.dts a857b4f74c6a05502271795dcd7a71f24a024b41 - arm-trusted-firmware/plat/arm/board/fvp_ve/fdts/fvp_ve_fw_config.dts 19f1b6fffc9b7e4d8a55730d5dc6740b06415c71 - arm-trusted-firmware/plat/arm/board/fvp_ve/include/platform_def.h d56cac77b62eee0ed50166d2264e0a00c8fe4ffa - arm-trusted-firmware/plat/arm/board/fvp_ve/sp_min/fvp_ve_sp_min_setup.c 2ff5ebca71b32318bae21e3dbb7699236b9cbe61 - arm-trusted-firmware/plat/arm/board/fvp_ve/aarch32/fvp_ve_helpers.S 1f68f4b41cf660f6aecbd9c91cffd25b5da791a9 - arm-trusted-firmware/plat/arm/board/tc/tc_err.c ded1714043a17b1985c18754683ddcc8a2954d2a - arm-trusted-firmware/plat/arm/board/tc/tc_bl2_setup.c e359fea3cdefe52d1384eaf4e3657d1a8639ce5c - arm-trusted-firmware/plat/arm/board/tc/tc_trusted_boot.c 4335b9a6f68fb49824b223397621a29f3d1030c9 - arm-trusted-firmware/plat/arm/board/tc/tc_interconnect.c 868cf0c3ac2a02db664b5bb1dc788646d79823a0 - arm-trusted-firmware/plat/arm/board/tc/tc_plat.c e12be214b71705c426b59f867e2c1e12d74eb660 - arm-trusted-firmware/plat/arm/board/tc/tc_topology.c ae19b2b5534ecfc11125374e36d9e8f859a89eda - arm-trusted-firmware/plat/arm/board/tc/tc_security.c 28488a6123a3f6e963e45167297c24b033c4ea20 - arm-trusted-firmware/plat/arm/board/tc/tc_bl31_setup.c b6a0718fcdad5e07263ed41c89641a47d843eb14 - arm-trusted-firmware/plat/arm/board/tc/fdts/tc_tb_fw_config.dts dd7dfe59caab52d2698deda4e52c6508f481ea7a - arm-trusted-firmware/plat/arm/board/tc/fdts/tc_spmc_manifest.dts 6d8e682b0e92f3c4b0317af9db0cf378942f0637 - arm-trusted-firmware/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts 46c4eb5b1105e6fcf9a5ebc8bb219b4f6250ef79 - arm-trusted-firmware/plat/arm/board/tc/fdts/tc_fw_config.dts 12e15891d91866e073604872dd843da7a55ab1ca - arm-trusted-firmware/plat/arm/board/tc/include/plat_macros.S 9660ea0d565256c4b8a124a3b15c393be1d5f9b0 - arm-trusted-firmware/plat/arm/board/tc/include/tc_plat.h 8ad72d03b3ba43d1683a1303fee28ea1c7be281d - arm-trusted-firmware/plat/arm/board/tc/include/tc_helpers.S fbb9a21e701abf6a427a0a7a4f52bdfac2d65ae5 - arm-trusted-firmware/plat/arm/board/tc/include/platform_def.h 4e3d6ef9cbb8925d20f8946cbf6f998ea3c4eb8f - arm-trusted-firmware/plat/arm/board/rde1edge/rde1edge_err.c bb5bde77d451942a4effe8cd36463c1dfc1df462 - arm-trusted-firmware/plat/arm/board/rde1edge/rde1edge_plat.c 79e40d92dcde7f9d17195a4a63d0608730af9c4b - arm-trusted-firmware/plat/arm/board/rde1edge/rde1edge_topology.c 866a21334d0661b2dde96c9ea5c2e2c99e649ab3 - arm-trusted-firmware/plat/arm/board/rde1edge/rde1edge_trusted_boot.c aa3d4b5a511124fc6ae5cd9244633af5ae0ab4a9 - arm-trusted-firmware/plat/arm/board/rde1edge/rde1edge_security.c e5b638c1ab3d0ee37ca9b8702ee4262358c3559b - arm-trusted-firmware/plat/arm/board/rde1edge/fdts/rde1edge_fw_config.dts 0397a242841f6193faacaba41c8326032a1e7729 - arm-trusted-firmware/plat/arm/board/rde1edge/fdts/rde1edge_tb_fw_config.dts 1477905828689906107808c1098cccb0a22dc73b - arm-trusted-firmware/plat/arm/board/rde1edge/fdts/rde1edge_nt_fw_config.dts 7be90ba89049185165cc3d60d523a66fd7a1a0bf - arm-trusted-firmware/plat/arm/board/rde1edge/include/platform_def.h cdf2af8fe7e5ba8b9ff36e04a33ebff2cf20f79b - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_bl2_setup.c 007839db0f0e5c02b3362ce770b02771a47faa27 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_topology.c f2a71185ac9189cbe4310e27a7ead8d40c23c377 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_pm.c fabc6650d0d7860d4d615e5e997c72bed71aecb3 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_bl1_setup.c c6fdde231ff1fe0ddb8f585bd3fead2a7f2f0f46 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_security.c c8bea252a67bd4f3ad0910e3dadd0b76dc62c7f3 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_private.h be0cd4f5f48b5eb3a64885536643645036173809 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_common.c 7d714f8f2b3f7274c9d2e73eaa5d46215c7d3911 - arm-trusted-firmware/plat/arm/board/a5ds/a5ds_err.c 996afef966d673534a7502180616ba362cdb0d9c - arm-trusted-firmware/plat/arm/board/a5ds/fdts/a5ds_tb_fw_config.dts adc821bdac8aebcefb26e3f8cd54497b3b8dfab4 - arm-trusted-firmware/plat/arm/board/a5ds/fdts/a5ds_fw_config.dts 189ef1e9d436f631711b2a4bd2e75efb635a322a - arm-trusted-firmware/plat/arm/board/a5ds/include/platform_def.h a8eb0724c2056ed80453ea31aa3ebc822e93ffa2 - arm-trusted-firmware/plat/arm/board/a5ds/sp_min/a5ds_sp_min_setup.c 142d4bce7860550461e2498ba8c9f4ebb17d902d - arm-trusted-firmware/plat/arm/board/a5ds/aarch32/a5ds_helpers.S c788e65cad1a1e84654d127315052a3bcbd35225 - arm-trusted-firmware/plat/arm/css/common/css_pm.c 75cc05419580aa9e613157ed0cacf5e0447c7d7b - arm-trusted-firmware/plat/arm/css/common/css_bl2u_setup.c 3bc7caa521ce87bd672c20940f330d81613afdc1 - arm-trusted-firmware/plat/arm/css/common/css_topology.c e35946648a3f4e38af67096b19e7cbe49324a3e2 - arm-trusted-firmware/plat/arm/css/common/css_bl2_setup.c f00b456e46701cc6a1e2b31fdd93091805ab0809 - arm-trusted-firmware/plat/arm/css/common/css_bl1_setup.c 3ddcf64aa2f7a53edf4016ea4d4c636a371f4516 - arm-trusted-firmware/plat/arm/css/common/aarch64/css_helpers.S 29476751ce928c5170b93c840f4fd925619fb9f9 - arm-trusted-firmware/plat/arm/css/common/aarch32/css_helpers.S fb1634b97815fe2a2d9fcc807b394bdf1a034423 - arm-trusted-firmware/plat/arm/css/sgm/sgm_bl31_setup.c 6a32e8055bf1477d80b315a472542bc3c28106d5 - arm-trusted-firmware/plat/arm/css/sgm/sgm_plat_config.c 5072fa161b5fff3742a05eb8b9def551087be013 - arm-trusted-firmware/plat/arm/css/sgm/sgm_interconnect.c 6986ea7e2525388afa6171359d9f0c71de119e6e - arm-trusted-firmware/plat/arm/css/sgm/sgm_bl1_setup.c fc6ffe0f853fbf9871294d23c034cf4eb00a0b99 - arm-trusted-firmware/plat/arm/css/sgm/sgm_mmap_config.c bf1abf676327ef4b5c2fbe971bf5c59f9eea2511 - arm-trusted-firmware/plat/arm/css/sgm/sgm_security.c 408a01ed446d78cc578fa633ca47d7068ede3735 - arm-trusted-firmware/plat/arm/css/sgm/sgm_topology.c 00d4810ce12b4356434c80bbf98203811ee07a32 - arm-trusted-firmware/plat/arm/css/sgm/fdts/sgm_tb_fw_config.dts 5e82b47a941edb5ba37196b7aefe2a54e3bd2f81 - arm-trusted-firmware/plat/arm/css/sgm/tsp/sgm_tsp_setup.c 21772c91952bd2813284b444505fc85183bed867 - arm-trusted-firmware/plat/arm/css/sgm/include/plat_macros.S c9020cce76399dabf8d4bf04257761ee38ea4d60 - arm-trusted-firmware/plat/arm/css/sgm/include/sgm_variant.h 6c95a3344c3a15036b1db884d62a972e802699ed - arm-trusted-firmware/plat/arm/css/sgm/include/sgm_base_platform_def.h 883fce52c6e023b9718833ef01eff53d740f4b22 - arm-trusted-firmware/plat/arm/css/sgm/include/sgm_plat_config.h d55a2717a5f47927531e46527bd40fb912dd16f2 - arm-trusted-firmware/plat/arm/css/sgm/aarch64/css_sgm_helpers.S 5c168081100ace91d38be064d9d21551630d21c0 - arm-trusted-firmware/plat/arm/css/sgi/sgi_image_load.c b33a69c22fcc5e0d8abd886b78b557633834d721 - arm-trusted-firmware/plat/arm/css/sgi/sgi_plat.c da446db6b40b974a31d66ba55f23047f28d3f748 - arm-trusted-firmware/plat/arm/css/sgi/sgi_interconnect.c c6341f0f666b8a901520e32310b18a323af9f925 - arm-trusted-firmware/plat/arm/css/sgi/sgi_topology.c 31824343e1235090b12b73c827b8cbf02ba4d0e4 - arm-trusted-firmware/plat/arm/css/sgi/sgi_plat_v2.c a12ad9fe2e578f1c9186976a41033a398307aba6 - arm-trusted-firmware/plat/arm/css/sgi/sgi_ras.c 7a79c4c409726322831974860de49b71547d6feb - arm-trusted-firmware/plat/arm/css/sgi/sgi_bl31_setup.c 5972e7acb9e93b201406ff9cf0cbab522f942eb3 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_ras.h 468e61508695c6dc9df856865e295b59c32a54e3 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_soc_platform_def.h b30c67527c7802085733426c8c113a7ab2492ce8 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_plat.h b45c063aa1fdf9280c52020500ae6e83d71244c5 - arm-trusted-firmware/plat/arm/css/sgi/include/plat_macros.S 138c1bc36bb3c91d2b2d9f5ac1702aa0975c850c - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_soc_platform_def_v2.h f340bb1f1f4dcfde1ab65f3d67e26a33025f37a6 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_sdei.h 3bb8192919eea022c0cfa99a7d87f8ecd4588256 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_base_platform_def.h 4e4ddcdd110f807b8dcbd6b440a4b4f5c2f9e83b - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_variant.h 7617a0e9164a7f90465861eedd913dabf15379f8 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_soc_css_def_v2.h c388d0822e5ef0bf97db4c66ab46d4088421f0e6 - arm-trusted-firmware/plat/arm/css/sgi/include/sgi_dmc620_tzc_regions.h aeb8a1b51452a7c1b9088cd2cc5f0c6ab2590b45 - arm-trusted-firmware/plat/arm/css/sgi/aarch64/sgi_helper.S 08fffa1ca580eaca04a26cfc974edd901c2997b1 - arm-trusted-firmware/plat/arm/soc/common/soc_css_security.c 399d2117be7573ef7ddc5afb0364b90fc66d9bb6 - arm-trusted-firmware/plat/imx/imx8qx/imx8qx_bl31_setup.c b9316c7a608b29b530aaf325e401e06f62647525 - arm-trusted-firmware/plat/imx/imx8qx/imx8qx_psci.c 5f45eb6e98ea9c90548afd5ee153f8d14c105e48 - arm-trusted-firmware/plat/imx/imx8qx/include/platform_def.h 06458d5a3b748df586e9ba2064614354842c162f - arm-trusted-firmware/plat/imx/imx8qx/include/sec_rsrc.h 08a0687e7c3b77de90198dc7e5d8ca2ec448ae90 - arm-trusted-firmware/plat/imx/imx8qm/imx8qm_psci.c 9561f3046a19b5489e0aa9025135c8bb6a7d2582 - arm-trusted-firmware/plat/imx/imx8qm/imx8qm_bl31_setup.c 1fdf9dd0a1e00cee360596ce35842f77598cbf1e - arm-trusted-firmware/plat/imx/imx8qm/include/platform_def.h 6beb54a392291f2d54d207842b2620c7c344af8e - arm-trusted-firmware/plat/imx/imx8qm/include/sec_rsrc.h 1b219401b9b5eb5bd8c83fa92fc68c591d48a3da - arm-trusted-firmware/plat/imx/common/imx_io_mux.c 1901b0c4a5e19926a9e1b5ae437ebbeb0dc0d181 - arm-trusted-firmware/plat/imx/common/imx7_clock.c 829a4463f8628c61fcb335a0dbd747a6050c8192 - arm-trusted-firmware/plat/imx/common/imx_sip_svc.c c014188b6f4a48f9dc6d6fed678081f02f8d8e86 - arm-trusted-firmware/plat/imx/common/plat_imx8_gic.c 97029bcef11b7a8598834c9717cec7a5655b895a - arm-trusted-firmware/plat/imx/common/imx8_helpers.S 561b0822ac98206dceac588b536d745fc70829d9 - arm-trusted-firmware/plat/imx/common/imx_ehf.c 5225b741c941cba9f489d347aae2707d99896d7d - arm-trusted-firmware/plat/imx/common/imx_csu.c 83187f1c90615deae51e2febc0506394e8d4d444 - arm-trusted-firmware/plat/imx/common/imx_sip_handler.c b26cdffd75a0ba04b4a312520443d0c77b388242 - arm-trusted-firmware/plat/imx/common/imx8_topology.c e03b60801f58711597b0bb457ecf6e3e84c9f44e - arm-trusted-firmware/plat/imx/common/imx8_psci.c ac923dd7af0d3485eceae86115ea73150575ac4f - arm-trusted-firmware/plat/imx/common/imx_wdog.c 9026b30dd1244e0fa2416dac0e9f2b92c11bc83e - arm-trusted-firmware/plat/imx/common/lpuart_console.S ad339798ed1c81b2dfda72cc1cefaae7acb622d9 - arm-trusted-firmware/plat/imx/common/imx_io_storage.c 03ff82e03dc9eb60e02c6e23f0c199fdd1753c9c - arm-trusted-firmware/plat/imx/common/imx_aips.c e7ef15bdf83a7d4e3ca78dd0d0e9daf56414e55e - arm-trusted-firmware/plat/imx/common/imx_caam.c 6ac985911e7e26d13c75d48a04457fbcb209b62f - arm-trusted-firmware/plat/imx/common/imx_sdei.c f30799014ffd50a32b0d021473b50cf5c4a28634 - arm-trusted-firmware/plat/imx/common/imx_clock.c d93d2cf3c9aafc65833374f51376f03bc2387ecd - arm-trusted-firmware/plat/imx/common/imx_uart_console.S da4b81f475ec53f2578ba031cd1f30f759bc5dde - arm-trusted-firmware/plat/imx/common/imx_snvs.c 8ae002187ace1e1358c7af1e06ef7957179939f5 - arm-trusted-firmware/plat/imx/common/include/plat_macros.S 0b633d6b19c3fd7cb43c433d74b84ede423bab4f - arm-trusted-firmware/plat/imx/common/include/imx_hab.h 8830c18819f942388c5badcb2c19eaea2ae058dd - arm-trusted-firmware/plat/imx/common/include/imx_caam.h 36d5f07566aad340b6ec06b01cfbe631023ca7f5 - arm-trusted-firmware/plat/imx/common/include/imx_wdog.h bddfe7c6dc079e9f45c4a41601888d27f5d29c48 - arm-trusted-firmware/plat/imx/common/include/imx_csu.h 6f89a14dc12ddacabad367a7e69d8bf469274ec4 - arm-trusted-firmware/plat/imx/common/include/imx_uart.h a3a14f38cbc846da3bc2498cf8e07b62479aa62a - arm-trusted-firmware/plat/imx/common/include/imx_snvs.h 24f8d34fd7865c2235d12e87791c7ae77d55d281 - arm-trusted-firmware/plat/imx/common/include/imx_io_mux.h 2e84528c7d6b12beb2c64505a14d73bcfb03ef87 - arm-trusted-firmware/plat/imx/common/include/imx_aips.h b9d688fac07189d434ac636324a632e9bf78825c - arm-trusted-firmware/plat/imx/common/include/imx_clock.h a5fcaffa0e69f234b0620f32d3556bf79ace50f1 - arm-trusted-firmware/plat/imx/common/include/imx8_iomux.h efda9e3617b99df89057880a566725ab2a7be20d - arm-trusted-firmware/plat/imx/common/include/imx_sip_svc.h 28b31b74552131c2ba5875fb7db44b22ca16b722 - arm-trusted-firmware/plat/imx/common/include/imx8qx_pads.h 816bfc02478ff083b5f3557753a4d0d4f2f32c9e - arm-trusted-firmware/plat/imx/common/include/imx8_lpuart.h 1d847530cd83143e4a50b94c5499ee8c11f9d3e1 - arm-trusted-firmware/plat/imx/common/include/imx8qm_pads.h f5724b26de0d68b4b37e1d580c6e30842eacd6c0 - arm-trusted-firmware/plat/imx/common/include/plat_imx8.h daeb14deb7c4f498330bb44186346cd1ac4eef92 - arm-trusted-firmware/plat/imx/common/include/sci/sci_types.h 8a65436d5e0b335e9003a30f2da5f7892d23dc05 - arm-trusted-firmware/plat/imx/common/include/sci/sci_scfw.h 19674e70669fa3f7fb7e509377e445f7fd4c7be4 - arm-trusted-firmware/plat/imx/common/include/sci/sci.h cc9366b07e946d7946bdfeae628f8a6c7ac3bed3 - arm-trusted-firmware/plat/imx/common/include/sci/sci_ipc.h f6e6cd4d5b145f5abd0aa4d840fd7757d4b02c04 - arm-trusted-firmware/plat/imx/common/include/sci/sci_rpc.h d3b138328cc81b7fe0a830b3cec8bd87f7d62835 - arm-trusted-firmware/plat/imx/common/include/sci/svc/pm/sci_pm_api.h 70210ef96ff1f0ccd4e790bb79a148f1bf02efcc - arm-trusted-firmware/plat/imx/common/include/sci/svc/rm/sci_rm_api.h 2507eeb7a0cd662322ea96553146f0f0dc8c6e45 - arm-trusted-firmware/plat/imx/common/include/sci/svc/timer/sci_timer_api.h 4be7f4400810802474258ed3e4b8f7a73170db33 - arm-trusted-firmware/plat/imx/common/include/sci/svc/pad/sci_pad_api.h cf9e73e1a62f99ecb17abeeda5efbdad0f7b1c21 - arm-trusted-firmware/plat/imx/common/include/sci/svc/misc/sci_misc_api.h 8c98c79db7801610b0bf01e1ea680ec8347be4f2 - arm-trusted-firmware/plat/imx/common/sci/ipc.c f2ab11050d68bdc711e7c18f9437fba728ab77bb - arm-trusted-firmware/plat/imx/common/sci/imx8_mu.h 985fca791927ad8088399ab8840bcbcfb8277a6e - arm-trusted-firmware/plat/imx/common/sci/imx8_mu.c ada89ab08a1bfb90ad5b0e5ffb325268ddbc837e - arm-trusted-firmware/plat/imx/common/sci/svc/pm/pm_rpc_clnt.c 99d10095088dddbbe81826dbf7827bdc9c6bffb8 - arm-trusted-firmware/plat/imx/common/sci/svc/pm/sci_pm_rpc.h fdc0fc24ee38df2fd92f2f039664af39724513e7 - arm-trusted-firmware/plat/imx/common/sci/svc/rm/rm_rpc_clnt.c 9162637c3ad8ef97f19a264c504c58d5886f9d7c - arm-trusted-firmware/plat/imx/common/sci/svc/rm/sci_rm_rpc.h 3f381087336a847b53323f6828aa61478b46a2cc - arm-trusted-firmware/plat/imx/common/sci/svc/timer/sci_timer_rpc.h 30cf1dfdd48ef57921bbd93789aaedbebd754c55 - arm-trusted-firmware/plat/imx/common/sci/svc/timer/timer_rpc_clnt.c 53b961e268ec00956cf3635d8561601e5c5bf70b - arm-trusted-firmware/plat/imx/common/sci/svc/pad/sci_pad_rpc.h a593348ba8dcf5a3577bb48cd9d9ab7fe88c6df7 - arm-trusted-firmware/plat/imx/common/sci/svc/pad/pad_rpc_clnt.c 65f1e12aab1c7815ccb98973525d32d30e635a1d - arm-trusted-firmware/plat/imx/common/sci/svc/misc/misc_rpc_clnt.c 1dc0e610322825b6f58ac08670b99a4598bc01f1 - arm-trusted-firmware/plat/imx/common/sci/svc/misc/sci_misc_rpc.h 8169135849017c45a81b2c0447e940e3e5396145 - arm-trusted-firmware/plat/imx/common/aarch32/imx_uart_console.S 1e1f92bc6f801c91fde3bbe4ce99b62beb0eb7d2 - arm-trusted-firmware/plat/imx/imx7/warp7/warp7_bl2_el3_setup.c 42143dbacac34a118b7b86673774e843e7e84fd8 - arm-trusted-firmware/plat/imx/imx7/warp7/include/platform_def.h 1e876f487cd25f4a6cd08d0a21926f5405676a07 - arm-trusted-firmware/plat/imx/imx7/picopi/picopi_bl2_el3_setup.c 1b13f9e313e75353b45d6528629485488b180345 - arm-trusted-firmware/plat/imx/imx7/picopi/include/platform_def.h bffe5bd7851f8d028c92d9d68dba7806be5bd662 - arm-trusted-firmware/plat/imx/imx7/common/imx7_image_load.c 7b5d73ec9d9c7e14fd48653c6e018d432654101d - arm-trusted-firmware/plat/imx/imx7/common/imx7_bl2_mem_params_desc.c 3bba3282b340c9896990c2ffcbf10d5bfb0070b2 - arm-trusted-firmware/plat/imx/imx7/common/imx7_rotpk.S 8403135be33e11a4b696e90b5b253465b6838682 - arm-trusted-firmware/plat/imx/imx7/common/imx7_helpers.S 4d406209e8b278e9730968baee57f5106d424aef - arm-trusted-firmware/plat/imx/imx7/common/imx7_trusted_boot.c 81ea2015e04bbc53b7d42589a21821a183fc1c8a - arm-trusted-firmware/plat/imx/imx7/common/imx7_bl2_el3_common.c 10003f2e608d5073c076ab1a446f4ba07c06086d - arm-trusted-firmware/plat/imx/imx7/include/imx7_def.h d4e968db5e699bc36032dfe35d7fada27142c699 - arm-trusted-firmware/plat/imx/imx7/include/imx_hab_arch.h 1027e5173d316fd6d9dd6588b9666b53ed9d1116 - arm-trusted-firmware/plat/imx/imx7/include/imx_regs.h 10fb6753c1ece21522f45f372d0cbf3b416b5190 - arm-trusted-firmware/plat/imx/imx8m/imx_aipstz.c 996e00079997c54373e5acb4a6f39bfe8cbe346e - arm-trusted-firmware/plat/imx/imx8m/imx8m_image_load.c ceb0518eca09618b3b642b96d4fb43d950bdfabb - arm-trusted-firmware/plat/imx/imx8m/imx8m_psci_common.c 7bd8d4e39f1f3905630b08a16be851097fa5ab67 - arm-trusted-firmware/plat/imx/imx8m/imx_rdc.c 6253f7542bd4e5a6244779068845d717f8eca3f6 - arm-trusted-firmware/plat/imx/imx8m/imx8m_measured_boot.c 3065b6071ec153725ca0d9782a393ffd3f24745d - arm-trusted-firmware/plat/imx/imx8m/imx8m_caam.c ee448951c5f07c67e8c374cb6a4077c505070081 - arm-trusted-firmware/plat/imx/imx8m/imx8m_dyn_cfg_helpers.c 51949e20cb7aee1a68f0cc5eaa46f0eb3012c2dc - arm-trusted-firmware/plat/imx/imx8m/gpc_common.c 461d439b6ee554e1dce2786de8e131e60083bca6 - arm-trusted-firmware/plat/imx/imx8m/imx8mq/imx8mq_bl31_setup.c a2af87335b959f57d6de74f40740b48de27a802e - arm-trusted-firmware/plat/imx/imx8m/imx8mq/imx8mq_psci.c ff7748fc70a67a41bd452b895f531d103d0b3cfa - arm-trusted-firmware/plat/imx/imx8m/imx8mq/gpc.c d1fa70b45e2971a3e4103d0b2ff864ec706c5af5 - arm-trusted-firmware/plat/imx/imx8m/imx8mq/include/gpc_reg.h 2db42326b731e92225ca5c389557d0b944e8d3a7 - arm-trusted-firmware/plat/imx/imx8m/imx8mq/include/platform_def.h a70728dd56a39269eebea0b5d96e9e82765e1e7a - arm-trusted-firmware/plat/imx/imx8m/include/gpc.h 4bc0eb69bf40f2ac07200a788f79ad6e9ec8b3f2 - arm-trusted-firmware/plat/imx/imx8m/include/imx8m_psci.h 3bc736f072705dfa2d00383fe60d8497b3676fcc - arm-trusted-firmware/plat/imx/imx8m/include/imx8m_caam.h 47de7cdf356158f2b651bafb8659187db3a13e65 - arm-trusted-firmware/plat/imx/imx8m/include/imx8m_measured_boot.h dbc9dbdd5e6269f4f08553a771a33f13a1fa884a - arm-trusted-firmware/plat/imx/imx8m/include/imx_rdc.h 5ec5413514abe79264b0bed81c75f811d2621d46 - arm-trusted-firmware/plat/imx/imx8m/include/imx_aipstz.h 0efee336c964d1973fec201980455aee08396081 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_trusted_boot.c 169ab98f3d4cd7620ffef0d78f7c2329be9c1586 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_psci.c 97a556f1fc780240a2ad81127c295bd39a0c6512 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_rotpk.S f822b4b589b5d418d0ea960b764bd311a32466ea - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_bl31_setup.c be1935709a939c0480bc4cc27058482508f2596b - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_bl2_mem_params_desc.c 49f3d2caa5e653fc6cdd99c140ff61ad9d83c9c0 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/gpc.c 3d38c99169530f67aeba8526bd7cd4559981a349 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/imx8mp_bl2_el3_setup.c df0e3b50430ac47d2263ca8e0a4b83d46c8c0193 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/include/gpc_reg.h c65d55a5e1a73f615b9fe213427e4605f4b3806c - arm-trusted-firmware/plat/imx/imx8m/imx8mp/include/imx8mp_private.h f7d6a1f75a510179a6e4a7084b3d70dd9bba5734 - arm-trusted-firmware/plat/imx/imx8m/imx8mp/include/platform_def.h 3fcc366713e1667476479363fd2d0fb74144e491 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_bl2_mem_params_desc.c 0e0933de6793e323f4c77e12a89455776a0dfe57 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_psci.c 060756d07ff95fa2e15ef2cab742c6f6fdfdc5e3 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_rotpk.S 5e7971c14f77e2f2450badad4a156ca33a9eb89f - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_bl2_el3_setup.c 1bb0ea0358213dbd45eb953fdbb45234606078d0 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/gpc.c a3afe5951fdd7ba0d6e5b64214a2183800a80132 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_bl31_setup.c f9007785b7de40f327bd11a83c710c297b45e4ab - arm-trusted-firmware/plat/imx/imx8m/imx8mm/imx8mm_trusted_boot.c 4a704d5f5cc4958ad509fe9771d30d6632cb1a0a - arm-trusted-firmware/plat/imx/imx8m/imx8mm/include/gpc_reg.h 0f9e1a9d6497a3ad4e415d483905f2ef16aaa423 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/include/imx8mm_private.h c81f2809571226d121ea1917bdbfe06afcd9b523 - arm-trusted-firmware/plat/imx/imx8m/imx8mm/include/platform_def.h 629b2fa411eef0f016ff98ec22caee2012cdf650 - arm-trusted-firmware/plat/imx/imx8m/imx8mn/imx8mn_bl31_setup.c e7ded5d1571dcf2246b5480dea7517bbc0e45a87 - arm-trusted-firmware/plat/imx/imx8m/imx8mn/imx8mn_psci.c d50646f42ed68bca258b692593812b18c635dbb0 - arm-trusted-firmware/plat/imx/imx8m/imx8mn/gpc.c 82259d3c2b7d974ad94a42c37f37e0a8f0ce576f - arm-trusted-firmware/plat/imx/imx8m/imx8mn/include/gpc_reg.h a6e3b2e69300fabcd3a505525cc5d48d88345f7a - arm-trusted-firmware/plat/imx/imx8m/imx8mn/include/platform_def.h 2f1976dda894f28a35f0cc50623e070a354d044c - arm-trusted-firmware/plat/mediatek/mt8183/scu.c 03b9e95dd87fe5cdd436743fb8f5f59d4b2f2de3 - arm-trusted-firmware/plat/mediatek/mt8183/plat_topology.c e9bb8f5dfe42b8cfdd770db2301155ad00d93617 - arm-trusted-firmware/plat/mediatek/mt8183/plat_mt_gic.c 9065f62c97422538ddfd15c89806f2869ffb98c5 - arm-trusted-firmware/plat/mediatek/mt8183/bl31_plat_setup.c 7a7fbf6ac91e6e9ff86ac7350e8de64f834b5997 - arm-trusted-firmware/plat/mediatek/mt8183/plat_dcm.c 3cb5ee19a3d0915879c602a240e4affb4a0d7c94 - arm-trusted-firmware/plat/mediatek/mt8183/plat_debug.c 8274c219bcba2090fe7e6e628abe65c7c3780d33 - arm-trusted-firmware/plat/mediatek/mt8183/plat_pm.c f7b9354cce893182c4203079dc774a9b048d05d7 - arm-trusted-firmware/plat/mediatek/mt8183/include/plat_macros.S a52a6337e1e29bc64b0d301f31d88c42981a1105 - arm-trusted-firmware/plat/mediatek/mt8183/include/sspm_reg.h a4d241e1fe6a38acfd38a895dc29d0d3762c185f - arm-trusted-firmware/plat/mediatek/mt8183/include/plat_private.h 447f690a22efc00539cd931fc1d9aba592997a19 - arm-trusted-firmware/plat/mediatek/mt8183/include/plat_dcm.h 387e06d0f2e4f36818ebd660cd1c4d429222a6fa - arm-trusted-firmware/plat/mediatek/mt8183/include/platform_def.h 58b0e33d4a7460c72049a50f5cb8e8af5a5260d9 - arm-trusted-firmware/plat/mediatek/mt8183/include/plat_debug.h 01e8de6953d79923463ea639e7d8e218ecdbc8e6 - arm-trusted-firmware/plat/mediatek/mt8183/include/power_tracer.h 9ff5bdd1f6610dc5e442304399c97ab95361e3a3 - arm-trusted-firmware/plat/mediatek/mt8183/include/scu.h 97a99a4b4542d549efbe9122362e0ee8fcac89fa - arm-trusted-firmware/plat/mediatek/mt8183/include/mt_gic_v3.h 16b7a7f8d62f9bc9d06c01d5e72b2ef5653e7455 - arm-trusted-firmware/plat/mediatek/mt8183/include/mcucfg.h 23040542c3bf819fe42a45ea51427b1a39edfab5 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/timer/mt_timer.c 1f21078b5dce77d5939c39ae046fcf15cf1bcc4d - arm-trusted-firmware/plat/mediatek/mt8183/drivers/timer/mt_timer.h e92a0c648e09b96cd906a5e008c418d7d61fd577 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm.h fe16bd5deb42a8c0e902c3a7547e11d7d5afa0bd - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm_suspend.c fdbc0bcded1a96ceeb994c74a3a48eec3af06df3 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm.c b26d910796c32c24b2519666922a9991a16d3562 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm_pmic_wrap.c f1a812bc872a1ac1c695c5485fba1a135307986c - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm_suspend.h 8156e8c4b7f219c9590cfcb2338d845c2b0c71b6 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spm/spm_pmic_wrap.h 7ac4fd4d1072962002d4b4a7439a7fc6fea85b48 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/mcdi/mtk_mcdi.c 0bae9ef296eeb3bf9ed2342aa58b2d505dc8f04f - arm-trusted-firmware/plat/mediatek/mt8183/drivers/mcdi/mtk_mcdi.h 4ab8cc9c4d3ff197639f9b78f7b860ebb8879967 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/mcsi/mcsi.c 51b89484342a85c2ee1e944fbbfc08a8bc663f63 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/mcsi/mcsi.h fb3c91bb75b7fe6fff5323ead8dc73efc07f1289 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/sspm/sspm.c 645f76b92e2714b452ae24edcd6a40cfa879ea61 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/sspm/sspm.h 62325eff3c956aa9ca90b298e958e8ed5941a8a4 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/emi_mpu/emi_mpu.c 88c148094b3fac4149258b8fe4786fe4ac3f8f3a - arm-trusted-firmware/plat/mediatek/mt8183/drivers/emi_mpu/emi_mpu.h 96ac9c853839aff7b9c19b8ce2bdd09ffee2c87d - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spmc/mtspmc_private.h 316277d91acd7098ec6ac153e95c932aca46d3c5 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spmc/mtspmc.h 2e1849b9de23cbd064f9e90e4c83cd761e284e18 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/spmc/mtspmc.c 94b038f0c7b76069f4f85185a375d4d2aa61a74f - arm-trusted-firmware/plat/mediatek/mt8183/drivers/gpio/mtgpio_cfg.h 3a86fc89605145b3faa5aa385e8f7a11851b424a - arm-trusted-firmware/plat/mediatek/mt8183/drivers/gpio/mtgpio.h 346960934a0779649e0412ae87abde963086ff8a - arm-trusted-firmware/plat/mediatek/mt8183/drivers/gpio/mtgpio.c 888e5c6480da8cc9f0dd6d5febc12f7d0a8a16fd - arm-trusted-firmware/plat/mediatek/mt8183/drivers/rtc/rtc.c edd71b3e0aaea146cfadebca131cd7e6ee13d303 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/rtc/rtc.h 1d535ab7f8d2fb5131a0ce0e6a7b11c4a188a009 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/pmic/pmic.c 214f922545d6899c3e5621df156f1712ebb3c009 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/pmic/pmic_wrap_init.h ddd6d454dc5e0a1dead801b5cb856c7f27a8065e - arm-trusted-firmware/plat/mediatek/mt8183/drivers/pmic/pmic.h 264db153102d726c6a9455244b40d552d0960af2 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/devapc/devapc.h ed39e8ba2090c26070e12def3287c0ff46721987 - arm-trusted-firmware/plat/mediatek/mt8183/drivers/devapc/devapc.c c5295d987eeadbc7fa82ddedb5266f20e7dd3cec - arm-trusted-firmware/plat/mediatek/mt8183/aarch64/plat_helpers.S c7ae3ce6e37f4d27b8733d9c3b1bafa8add40a8b - arm-trusted-firmware/plat/mediatek/mt8183/aarch64/platform_common.c 7858c40d5378047a8869189376fb70d934ed6f9b - arm-trusted-firmware/plat/mediatek/common/plat_params.h 9d567134def757007ff0196e1a84e96ff6772d7b - arm-trusted-firmware/plat/mediatek/common/mtk_sip_svc.h ffdbbcc522937a13b7f658754005673d0257f6dc - arm-trusted-firmware/plat/mediatek/common/mtk_sip_svc.c 561bde7d3dcce4eb570c0798866c49ac31db4cec - arm-trusted-firmware/plat/mediatek/common/mtk_plat_common.c 4f1e69980b6fa0691ac24f320f777fa5f690c987 - arm-trusted-firmware/plat/mediatek/common/params_setup.c 91005aeae3d9de06561b65ab2fcbec18472bcdd3 - arm-trusted-firmware/plat/mediatek/common/mtk_plat_common.h 4fc10ec9bb95247b13ba3d9b9edeafbb42ba4037 - arm-trusted-firmware/plat/mediatek/common/mtk_cirq.c 311eaf7d7a3b040aee08231328317674a1db9975 - arm-trusted-firmware/plat/mediatek/common/mtk_cirq.h 32e5d4c9af02cbaf4603a45ee6ecc742ae4e1a0c - arm-trusted-firmware/plat/mediatek/common/lpm/mt_lp_rm.h c272dea0838b85718c51563a46b3274a684e1b83 - arm-trusted-firmware/plat/mediatek/common/lpm/mt_lp_rm.c a183db6162649664bca3e1e3a7650f0c641ce3d0 - arm-trusted-firmware/plat/mediatek/common/drivers/pmic_wrap/pmic_wrap_init_v2.c a439bfc1e0a18de64b665a1f9f1612c6c723b298 - arm-trusted-firmware/plat/mediatek/common/drivers/pmic_wrap/pmic_wrap_init.c bcc701f742bbbd6ccfbbc58e60fc17bd7ea2743d - arm-trusted-firmware/plat/mediatek/common/drivers/uart/uart.h db4a5136746026996b722adcae43bef2530ca8bf - arm-trusted-firmware/plat/mediatek/common/drivers/uart/8250_console.S 72586b214f5212b1d0cb120063c07e8eca22b38a - arm-trusted-firmware/plat/mediatek/common/drivers/uart/uart.c 13f55b9e347d50eacc00a183d743c28419be6dea - arm-trusted-firmware/plat/mediatek/common/drivers/uart/uart8250.h 8cd2ff88ff29bd0f9f3b205a057f4c9bd9601adf - arm-trusted-firmware/plat/mediatek/common/drivers/timer/mt_timer.c 7370797acadbb4e47f7b8f407834dbb4c932cc16 - arm-trusted-firmware/plat/mediatek/common/drivers/timer/mt_timer.h ea57c5163cb9ad847760738ed46363d3b3e03dd0 - arm-trusted-firmware/plat/mediatek/common/drivers/gic600/mt_gic_v3.c c78b2291f89f3cb41916e636890a3b8263cb6250 - arm-trusted-firmware/plat/mediatek/common/drivers/gic600/mt_gic_v3.h 7203181ede278ce1fd73cf8b9f9204b6cd508282 - arm-trusted-firmware/plat/mediatek/common/drivers/gpio/mtgpio_common.h 990b19477486a12883414d383890f2bebcebbd2a - arm-trusted-firmware/plat/mediatek/common/drivers/gpio/mtgpio_common.c 47b4f5bd98692841b45386f4ac1971904a86e5ef - arm-trusted-firmware/plat/mediatek/common/drivers/rtc/rtc_mt6359p.h 126307a49e31392042c3224d14fd15ba85a79b43 - arm-trusted-firmware/plat/mediatek/common/drivers/rtc/rtc_common.c eca4fbb32aaba0013f15b702c44892eef43998c1 - arm-trusted-firmware/plat/mediatek/common/drivers/rtc/rtc_mt6359p.c 37f3112de6efd829353735288a329458891db6f4 - arm-trusted-firmware/plat/mediatek/common/custom/oem_svc.h dbff628762b596a369e7a96908226677ec6143ce - arm-trusted-firmware/plat/mediatek/common/custom/oem_svc.c 02f0daaeeb8c59d391a631dd2f7624e598748e99 - arm-trusted-firmware/plat/mediatek/mt8195/plat_topology.c f6cbc785839b2fde5bb8c3d87190641b45997d2b - arm-trusted-firmware/plat/mediatek/mt8195/bl31_plat_setup.c 94708cfb8fd54fdc9e58c01699e1e9e8c26341e5 - arm-trusted-firmware/plat/mediatek/mt8195/plat_sip_calls.c 6bf419a65264c179e6faecb78b2c7f31faccfa6d - arm-trusted-firmware/plat/mediatek/mt8195/plat_pm.c 1244ea062e485744ad8d59bf66ba3a455bec7f13 - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_mtk_lpm.h 4b7558ac17d450a33285d28478f8d8596edbb1b5 - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_macros.S 97ba7557af145fe931feafea204357431b957299 - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_sip_calls.h 5fdb5614708d12a66d8b58741f2e38c49b7690aa - arm-trusted-firmware/plat/mediatek/mt8195/include/rtc.h 9ba9b4651c7e04ead5846597f6564fab10d8de4a - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_helpers.h d923270912bbaad8959a73f39f933db6c98a49ce - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_private.h cfc60d518acd24b2043bf29a48105110ad3068aa - arm-trusted-firmware/plat/mediatek/mt8195/include/plat_pm.h de6346b18cb5bf3c6727a99f6cc0d9a62be9f071 - arm-trusted-firmware/plat/mediatek/mt8195/include/platform_def.h af49cf4a43c7cf77fcfa20fe09d7197390bf3969 - arm-trusted-firmware/plat/mediatek/mt8195/include/mcucfg.h b1174b8477d0e126d9a35147161079391bf09ab0 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dcm/mtk_dcm.h b6ba63645f7269f8d27b087a36b742340630864b - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dcm/mtk_dcm.c d83f926ab5ef0f16323281a34f12b358f3af50be - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dcm/mtk_dcm_utils.h 79890abe09ae9210d94ce3c0f27c8e1d61ed6fae - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dcm/mtk_dcm_utils.c 4168e0d14bbe98c0b575d2e572fdb4b73586f8c7 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dfd/plat_dfd.h 17199f9bb411ca8735cf2bc4b22e8baa7bc2d152 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dfd/plat_dfd.c c925ae2549008a58fda62b34de221dd620c70d96 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/mtk_apusys.c e37292ff38e07fc925308e8d725c49e48fa0a085 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl_def.h 5785dfb24000631b8d3ec2c8363f0de46908d763 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/apupll.c 98090ad034ce904969ba1583467f8e5ef565d2d8 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl.c fb86370251784e4a48a2bfe74baf2d7c56f3701b - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/apupwr_clkctl.h dace58b25824fbc880b58670389d47358981547f - arm-trusted-firmware/plat/mediatek/mt8195/drivers/apusys/mtk_apusys.h 79676f45e5439628bef50912dcfdb60c2ab34e8a - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dp/mt_dp.c 9aafb1c8544431a32f3d664beca24b47d9489f1f - arm-trusted-firmware/plat/mediatek/mt8195/drivers/dp/mt_dp.h 1209a457ffc9d4ceeebf3f3e24300146fecbd276 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_constraint.h 0a4ed6a9c901c1bc5b75371aa26917fe6d9b243e - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_vcorefs.h f438fe8befd240fc23c7cc48c7e77e1e1a3cc0c8 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm.c 6ef0f4493d19b357c77df1b5cd49696a5263d102 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_vcorefs.c 1c5969bf63da110696877497bf7bb035238af2c3 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_resource_req.h 28a7ecc5d35653b1b3e42ad19c1d1526f8b4ba13 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_cond.c d655b93e0b18efc8d5ac80ceae4a282c70d79c8a - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_cond.h 709be723f3bb2b8be34dabc19ffec007a928b060 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/sleep_def.h c5542e49f5d3326418606d161d9490c9dc3c7bcf - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_reg.h 33b92edafecacba8aed5f6b12c0b051740d4aa8e - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_pmic_wrap.c 2516c5016c27a7706bfb86cea698a6741d845eef - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.c d21496a22308580c07df11ebe7adf41f274bfd59 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_idle.h c13822b4c2268325ef4398fbd0d28eacdfb59602 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_idle.c c997c26d9a441b3b550fa191f122a33d669d38b4 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_internal.c 445db7752ab6359cd4ddfebded67f1dc59603220 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/pcm_def.h 3e3b62df98d3d83eb2016c9d8dd1f67a641e95e4 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_conservation.h 416b58dbb44fb50ec9cbdda2b4af6cc04bd48d20 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm.h 618680bf1155ee1bdf7f67df15cfeefeded70e66 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_pmic_wrap.h 1e9fb5aa9c1bd6bfedf0be53b9f529290a141a9e - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_internal.h a2ab35d6915d2ac73d85c1068d973a0d3514da41 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_suspend.h b24e7e4ca2cd9b25fdbad93fed94631f347b78f8 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/mt_spm_conservation.c 872b3910dfca5bff8749f70e72fba760cf6289c7 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c 6b5af500b6156d7283e6f315ae2fd1c33e95eeab - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_bus26m.c c24f82eb4ee80d7945922eac27dac514db2a49ac - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_dram.c a3456911635f8af4f989688a8a1ae80de5256fb3 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_syspll.c 98f55522313c18575ac3b999f71ef98dd128d004 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/constraints/mt_spm_rc_internal.h e3e6596065738a8b19bfde088f92c7a4bf51b851 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_notifier.h 73de5db2e94313670371f83a648fe95de097e7f7 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_sspm_intc.h 85497a05edddd868fbe7322a3621d2b7c88c9814 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spm/notifier/mt_spm_sspm_notifier.c 31705f56afab7b0bfb866eaec7cd621c05f6004e - arm-trusted-firmware/plat/mediatek/mt8195/drivers/ptp3/mtk_ptp3_common.h 1616d5f796bb92042ec501e01ff39403df39936e - arm-trusted-firmware/plat/mediatek/mt8195/drivers/ptp3/mtk_ptp3_main.c f8540b0d0f9d75dd733f6683d68945b2408cb0be - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm_cpc.h 77b795f3ba595013340ed1473935df13b18992f0 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.c 670e89ed3e54a8fcab5f9bdc69b0710229d556a7 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_lp_irqremain.h c4e2a5509c4bbef64807d58ddfea984f66031f26 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm.c 368d6d264c555843d3708e20700f8851e215df63 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_cpu_pm_cpc.c 73a75da66496e41636460ff121095c03a41ba9a7 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_mcdi.h 3940dbadf2f6737dbe71207e2be2245fc24a2cf8 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/mcdi/mt_lp_irqremain.c 1a8e74d1db7ceb847a8217c94620d6a73c28e8ba - arm-trusted-firmware/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.c 35dc8ecb34f8b16c7fc40797709568394bfa2700 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/emi_mpu/emi_mpu.h f70563982bec81cd15b17e693da41e7d1f469c6d - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spmc/mtspmc_private.h e1b4cce4c465228019f6128073e4634dce0d2986 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spmc/mtspmc.h cb6cde28e9dcb269b456216c0e1b8d55c8ea996f - arm-trusted-firmware/plat/mediatek/mt8195/drivers/spmc/mtspmc.c cd5607156fa9256dbf860561db48d3e74c800295 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/gpio/mtgpio.h 49758ae69918fd8c1b52c54bc298f1f3e80fe1b9 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/gpio/mtgpio.c b4f867a53f8b97e3d04d472c2edbbcadc2c85240 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/pmic/pmic.c 79002203788efcbfc1db666914278df3cae585a4 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/pmic/pmic_wrap_init.h 71ca46ab2b7ecd281fc67a339d97f4e58be53669 - arm-trusted-firmware/plat/mediatek/mt8195/drivers/pmic/pmic.h 1e5bead24560b23256aa9e306e5a4ece724bd6af - arm-trusted-firmware/plat/mediatek/mt8195/aarch64/plat_helpers.S 343bb93fce6c58d4c3497e7f662303320ea1ac83 - arm-trusted-firmware/plat/mediatek/mt8195/aarch64/platform_common.c 02f0daaeeb8c59d391a631dd2f7624e598748e99 - arm-trusted-firmware/plat/mediatek/mt8186/plat_topology.c e30b233c6a0d10cb0d058f63a7d68bced2033d08 - arm-trusted-firmware/plat/mediatek/mt8186/bl31_plat_setup.c 5317d798df3fa15f8fa7b2c33ba670b0a1ecfe42 - arm-trusted-firmware/plat/mediatek/mt8186/plat_sip_calls.c 98b250fb48fc293e489948124f342093ba6dd423 - arm-trusted-firmware/plat/mediatek/mt8186/plat_pm.c 80a7b771023f421a796b8da96a4d42a7672cb817 - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_mtk_lpm.h 9d9e1a21208cd3b5491a40bacb421776e8c1b680 - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_uart.h 4b7558ac17d450a33285d28478f8d8596edbb1b5 - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_macros.S 85515b62d8aa7cf44ac7f0b5a705f9507bc7da21 - arm-trusted-firmware/plat/mediatek/mt8186/include/mt_spm_resource_req.h 567114b72dbc9398566aaf0389041fb7e12ecb12 - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_sip_calls.h 9ba9b4651c7e04ead5846597f6564fab10d8de4a - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_helpers.h b7a9f887a8578d015d21dcfd1b009adab66f1f2b - arm-trusted-firmware/plat/mediatek/mt8186/include/sspm_reg.h d923270912bbaad8959a73f39f933db6c98a49ce - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_private.h c02f1fbfaf33a5bbf3351dff53710e6e70a59e74 - arm-trusted-firmware/plat/mediatek/mt8186/include/plat_pm.h e4b12c87945362986c13896e2349ab872d556c61 - arm-trusted-firmware/plat/mediatek/mt8186/include/platform_def.h f3091cf7bfc468b69812a8ad31b9b5d768775e88 - arm-trusted-firmware/plat/mediatek/mt8186/include/mcucfg.h 8836e6535eaf80d79c28bc7e61f796c61f019c9a - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dcm/mtk_dcm.h 3880fbedb01ad739666ead858ff32c11692d7ab0 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dcm/mtk_dcm.c 982ba0c3e5b8772dbcb65fe9ec04f07cd66c03e3 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dcm/mtk_dcm_utils.h 26687de903046dca0b5e9750e8a59b9355a29ec0 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dcm/mtk_dcm_utils.c f0e1185e7fac539c5d2edbf5893678d2ca131f70 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dfd/plat_dfd.h d2b7ae5854f6cb1abfe5c55f52385c86fe6752f0 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/dfd/plat_dfd.c 8d4291524d054f1b355580fb4254843ee94015f3 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_extern.h d252e68c77c34429d934422da1ce46e64553c23d - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_constraint.h 6fad70943b4e7bc9042ec608eca4905531b622d8 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_vcorefs.h c6cd4eccdc73fc94fe1d36f9c0d24adf82f6b762 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm.c 8e4cded7b48b70c4d63171d01619ea77582a15d8 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_vcorefs.c c493de6825dedbe205476271578675f186aad0a2 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_resource_req.h 6afbc58701e19d1e4b949615eca0a6fee5c0eec7 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_cond.c 23822f16c7741b8a82e6c1b2bf37723c9b661d23 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_cond.h 302fea6e0fc2351dbc6ccda1ed9190941f2c0250 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/sleep_def.h 85a883d9102bcbda2f8b172b3428fa270a259858 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_reg.h 5ff4457e67f619c9e7562f12b5fd4772a6d34ada - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_pmic_wrap.c b196a520bf04181913710fa0ad6c7e98df814be6 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_suspend.c 0c0e64bb4e502f8b06cddf4f5701a2004dae88bb - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_idle.h ed2f1e43ce8ff9065b95a274256a78d34d08b184 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_idle.c be59b0efd4cc9ca4eb6570a3a2fe1d3f0f812fc6 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_internal.c 2f14e2189e22b58a7f814523923a82b761565793 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_extern.c 1b4a0d65fcaaccb28afc897aef9a76972b99b9f2 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/pcm_def.h ff8ca308a59e802f869d16233f792ae0e6d19a52 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_conservation.h 9842a9ba9c2a948191518a1dcac7efa316141dd3 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm.h c3913ece4d63b48d8aaa43aaaa4f7c5927073b30 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_pmic_wrap.h 2915d56fef4019217f23aeab0ebcf0ff98b2818d - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_internal.h 714e06306174609b86f6dfecb362e5d307815984 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_suspend.h a6cfe8969863b9001520ec912315467a2b1213e8 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/mt_spm_conservation.c 97b36bd56cf9603b43fd2acace9ae94457d14776 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c 3035aa1efec0b288548d3a91426946653dc24b80 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_bus26m.c d7be908565309c39ef0e37d464011c7340c16d6d - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_dram.c 6dd95a8f29a4eb734a92736d768d92a35ce910f8 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_syspll.c 6dea64a1dcb62407a4021b892e2da1cdc50af221 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/constraints/mt_spm_rc_internal.h 3b25bdf185a1377c793c31e212d50a0027fda91d - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_notifier.h ec1e10ba1585046d426fcca0c8d6a0452015786a - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_sspm_intc.h 27ef52baeedbc36413879fd421b276824b21ad58 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spm/notifier/mt_spm_sspm_notifier.c 68d0d1df925010bde7b53a36dd82ab05a0cc23dc - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm_cpc.h 0950b022f226cf400c633b938956424ef62156a9 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.c 680305a5142d3cda1b9ccc1bba0d1ca8dbf42b0e - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_lp_irqremain.h 63bd27946e361d2e05b681e47abfc894e0b23e88 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm.c 3de0a5c82b6c6679381b6c8887a23b11e1ee49e5 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm_cpc.c 63d1221a97ab18b30010ef6dd666592c84488052 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_cpu_pm.h 391c8bd0413603fab7961273368ae142ef2e605d - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_mcdi.h b5dccfb4fbab4600a1576c8b74b6e2062cd13c6c - arm-trusted-firmware/plat/mediatek/mt8186/drivers/mcdi/mt_lp_irqremain.c a0e2a71a095891a57e56e7e285c8f94dc9d312be - arm-trusted-firmware/plat/mediatek/mt8186/drivers/emi_mpu/emi_mpu.c 35dc8ecb34f8b16c7fc40797709568394bfa2700 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/emi_mpu/emi_mpu.h acd408521525ea61a78ab71ab790b33f6c8835a5 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spmc/mtspmc_private.h 514a984bcec8f805fbc3fc8b0213b8603009b717 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spmc/mtspmc.h 97a67051462aa2dc020abb4c615ec1b8d55798dc - arm-trusted-firmware/plat/mediatek/mt8186/drivers/spmc/mtspmc.c 175403c002e2bae8b4b5f15356300cbbf3a37aac - arm-trusted-firmware/plat/mediatek/mt8186/drivers/gpio/mtgpio.h 1cd2b844b96d5646b2f021f2b7a50358af7908a1 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/gpio/mtgpio.c 0bf3be2cc82c84d28437a838ec18ee32b52448a2 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/rtc/rtc.c 9114133093483da052525a109b5ca5242a14cdc7 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/rtc/rtc.h 8fdeee52467e248a082f45d92512e951f2611360 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/pmic/pmic.c 1e1932554b5dee8b5c9f6e42584b440f694fe206 - arm-trusted-firmware/plat/mediatek/mt8186/drivers/pmic/pmic_wrap_init.h 60b16e786121e9076be12c5a78ec91c7e33801be - arm-trusted-firmware/plat/mediatek/mt8186/drivers/pmic/pmic.h 2c9ea17eea925548d393c14f7f51d8bc2fbccdcf - arm-trusted-firmware/plat/mediatek/mt8186/aarch64/plat_helpers.S e55a87f7c47f362fafe9a61204603c0aacd71ab9 - arm-trusted-firmware/plat/mediatek/mt8186/aarch64/platform_common.c 975fa62263fb56cfc6d4832599aa8a421fbef3ea - arm-trusted-firmware/plat/mediatek/mt6795/scu.c 2e61bf89860dc6368d6608e4d8447e685d7d88ce - arm-trusted-firmware/plat/mediatek/mt6795/plat_topology.c 9a2cc2f4d94dcff8028cd56e4bcd01da0dbd4a6e - arm-trusted-firmware/plat/mediatek/mt6795/plat_mt_gic.c f42fa6a617844b8c56879c8b1f3c34ae4b77aa8d - arm-trusted-firmware/plat/mediatek/mt6795/bl31_plat_setup.c c9da62c4ac9c51366c26ca27dccdc85fb8840e6e - arm-trusted-firmware/plat/mediatek/mt6795/power_tracer.c e957b0cc082fc56d3b25fafcedf71e23b8fffcdb - arm-trusted-firmware/plat/mediatek/mt6795/plat_delay_timer.c cdd4db5d5ea83958ff89700a430e1c54729bbe76 - arm-trusted-firmware/plat/mediatek/mt6795/plat_pm.c 41b33f806ea4e94c4dc6f91cf13b8fe2dd08272b - arm-trusted-firmware/plat/mediatek/mt6795/bl31.ld.S c585fe19743e984a106c899e16d61ef97416376c - arm-trusted-firmware/plat/mediatek/mt6795/include/spm.h 46009c0467b0d5f5a2b78837653ac6c1d8154100 - arm-trusted-firmware/plat/mediatek/mt6795/include/plat_macros.S f2440de976c6c344fcd2cb08353d0bbcf16d8e98 - arm-trusted-firmware/plat/mediatek/mt6795/include/plat_sip_calls.h 817e6a410e02d0889f5f69f3da13113cfb9648b7 - arm-trusted-firmware/plat/mediatek/mt6795/include/plat_private.h 948df1ebf0176a6b28197dd1f5a96ef7b3407200 - arm-trusted-firmware/plat/mediatek/mt6795/include/platform_def.h 524f765609b42d6239efa9fbe9d123e031c011b2 - arm-trusted-firmware/plat/mediatek/mt6795/include/power_tracer.h dd9bcb0a34eb0f2806dd3d2764341217a12fca53 - arm-trusted-firmware/plat/mediatek/mt6795/include/scu.h 9f36f3e719ea61b6f45d4f3e36e813e42cdac8e6 - arm-trusted-firmware/plat/mediatek/mt6795/include/mcucfg.h b9ba707119860e36bdab2e1517f34832022480ec - arm-trusted-firmware/plat/mediatek/mt6795/drivers/timer/mt_cpuxgpt.c affbb4d9599159566bd93871905eb54cfd7075d7 - arm-trusted-firmware/plat/mediatek/mt6795/drivers/timer/mt_cpuxgpt.h 5c5ff1370ff35d42d3c4d77b913247276a4bde02 - arm-trusted-firmware/plat/mediatek/mt6795/aarch64/plat_helpers.S 653b82370d0b1ad6cebef8b6d7072051e934caa0 - arm-trusted-firmware/plat/mediatek/mt8192/plat_topology.c 5d84153e66efa37728948b5b1fe281913f5ea657 - arm-trusted-firmware/plat/mediatek/mt8192/bl31_plat_setup.c 0aaf3b723ed86200d3e2c0e83641074ae213c44c - arm-trusted-firmware/plat/mediatek/mt8192/plat_sip_calls.c e1863524c093ea2e6d043b9f6c7dc1e219f08467 - arm-trusted-firmware/plat/mediatek/mt8192/plat_pm.c c080e0d9285c2d3fd252d1b5d80f857f7b5f7ca5 - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_mtk_lpm.h 166890efce4ba83ab0783f4b56821c8576731a31 - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_macros.S 5a59b5db38b291cdbebf71aa758859f99c35a751 - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_sip_calls.h 5fdb5614708d12a66d8b58741f2e38c49b7690aa - arm-trusted-firmware/plat/mediatek/mt8192/include/rtc.h d3155938568a3ee3a31e1df08de79e5bf68dc877 - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_helpers.h a6ce0baf4ebd3c81556e0945c2649f2efae6c879 - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_private.h cfc60d518acd24b2043bf29a48105110ad3068aa - arm-trusted-firmware/plat/mediatek/mt8192/include/plat_pm.h 555f92b188335e740adcafa8f411f751f8aa9102 - arm-trusted-firmware/plat/mediatek/mt8192/include/platform_def.h af49cf4a43c7cf77fcfa20fe09d7197390bf3969 - arm-trusted-firmware/plat/mediatek/mt8192/include/mcucfg.h a84fa1ee247e2005166d9018df2bcc75e63deaab - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dcm/mtk_dcm.h 0652a5c416f4dd969f772d9774e55501993af032 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dcm/mtk_dcm.c 6710f6e1dfa15b331f9d813a5003b5198af81c04 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dcm/mtk_dcm_utils.h 51222b809151abb01db2556abfba262c93f7f0e1 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dcm/mtk_dcm_utils.c 89fce0253e363a84cec3e3957ac8d951a80ebe74 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dfd/plat_dfd.h 9b42c233c5ba1e6b8a384b28424da455c27a53a6 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/dfd/plat_dfd.c 1b68266c3c155960dc03cba027a4d430c74473bf - arm-trusted-firmware/plat/mediatek/mt8192/drivers/apusys/mtk_apusys.c cb930a7db51e4c8871ab7fcfa242466c2a8b36df - arm-trusted-firmware/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc.h 45377afc42584fa85f873fca2cd0e157c1a16b37 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/apusys/mtk_apusys.h f5cfe3883759a648f72458b1bd84bf01d3bb1657 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc.c f7c1784f7532b244fe2bbca846d710d03061bed6 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/apusys/mtk_apusys_apc_def.h a65ccd601ba3861f13ec19d1ec6cc79d4295961d - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_constraint.h e5e46ff7c9820b84c61e6bf2afdad854e42c6985 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_vcorefs.h 4b3e251e2f0c0e4796105e6d25927067e14a2a6f - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm.c 9858935fcdc71e5145d69b0d6b65410dfc4c6dd0 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_vcorefs.c 6c9c6446695fbbb9ef086f4f783aae57f24ff6af - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_resource_req.h bb750dd896f8785a87ba62867b0e862dbb4199c2 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_cond.c e3a261adfa46ae2657a455b7d25b7af56bb62a37 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_cond.h 9479c40f7955d1b8da21fece7877b3f970886a62 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/sleep_def.h aa2819aa55d76d63f05809805f6ebf6f84fb8f71 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_reg.h b2f984f7c8707ce9470fc25ae8af0f7a041f1602 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_pmic_wrap.c ab677ba0b11817e784f6008456b3501b7438cfbf - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_suspend.c ec2b85d104ef0ad52faf88881e864e93c37e0ffa - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_idle.h 9bd59c04a5dabacf5a9ce010eefebd393e814115 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_idle.c 1637cf9d86b35aef31283240a30095022c0476cf - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_internal.c 26edcaa081665198f705a5d6e4a606c0b4e00689 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/pcm_def.h 1f598d0b85f3b211c05adb41726664e4a2bbddc5 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_conservation.h dd32e9eb6d0e8f5083df2bf5abfe28fcaf6f2c5c - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm.h c7e5e4cde0a05fa756e3fc6cd32654be3343cecb - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_pmic_wrap.h 905a72478cd919c732be2d3f3c066d27f34b489e - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_internal.h 0f8fcf83ec923d192f61376370dd90635259a378 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_suspend.h 9fc0480b22dccdbb2dad940666ba124a785ed285 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/mt_spm_conservation.c eefb0e4293a309d3eae668a9f4fff6b9d45d3597 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_cpu_buck_ldo.c 8a1fe395632b1a162c7b9e75d46be042d64f5230 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_bus26m.c 345b11fdc0c85e312ed8e6a8643339d691fadf6f - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_dram.c 1e038ef0b716c1ba013366f2d656026ff4bacd71 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_syspll.c b656247e4733dfab4d7db4f7361cd1b15a0c14bf - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/constraints/mt_spm_rc_internal.h 067d8c516f8ce37edb7c8228d9d7fc4ba15ad7ed - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_notifier.h d2d41012d692a8857c6f842bcf2eb065142a90c2 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_sspm_intc.h ca56b6a499c7e44f09c1f020859f9e7d51b014a3 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spm/notifier/mt_spm_sspm_notifier.c 2dd99ac3ceb6063e89c9c016bf2e965abd2636c0 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/ptp3/mtk_ptp3_common.h 30341bebf59f92502ed0e0f772ffd6ff3f4691aa - arm-trusted-firmware/plat/mediatek/mt8192/drivers/ptp3/mtk_ptp3_main.c f8540b0d0f9d75dd733f6683d68945b2408cb0be - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm_cpc.h 965dec0900511bac7618f812c33f95620e3b1068 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.c 6158a4631af76550355215276ddfb61772f11c91 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_lp_irqremain.h c42e69a4b160aed3d646987f867de63fd6542f09 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm.c 368d6d264c555843d3708e20700f8851e215df63 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_cpu_pm_cpc.c 73a75da66496e41636460ff121095c03a41ba9a7 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_mcdi.h 0d3626281b65260b4b2e49cac33cf6bece32999f - arm-trusted-firmware/plat/mediatek/mt8192/drivers/mcdi/mt_lp_irqremain.c 7494ace1b19166bbf26931bbcce0c574629ee2ab - arm-trusted-firmware/plat/mediatek/mt8192/drivers/emi_mpu/emi_mpu.c a0c85124251b9cdae75734966ce95891397ca477 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/emi_mpu/emi_mpu.h d42c9ba8c699033bed7f64376149e25aaf0ba27b - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spmc/mtspmc_private.h b434a3c4454f2c705b0f3b7c565d85e147e7a7dc - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spmc/mtspmc.h cc63207972ae473d6a68bc41f3aa23093730183f - arm-trusted-firmware/plat/mediatek/mt8192/drivers/spmc/mtspmc.c 319ec69ebc8189c0b9500805069cb9eab1288242 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/gpio/mtgpio.h fa7a5c1599cac3c19ca4cd64215b1938313806c5 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/gpio/mtgpio.c b4f867a53f8b97e3d04d472c2edbbcadc2c85240 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/pmic/pmic.c 9d5ed44c58a8c942270d1e8cd54ff65f463b2336 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/pmic/pmic_wrap_init.h 71ca46ab2b7ecd281fc67a339d97f4e58be53669 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/pmic/pmic.h 31d2ee83370c6c53704ab1a6ef9b905297491333 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/devapc/devapc.h f1eb5fa4f4de22b769d0667ea9bea00613216cf9 - arm-trusted-firmware/plat/mediatek/mt8192/drivers/devapc/devapc.c 4a2ec93e8013a56c39ca18d0e283fc9cccb43b1c - arm-trusted-firmware/plat/mediatek/mt8192/aarch64/plat_helpers.S 5c6677206ac7ea4573dbb96868e106a55445d4f9 - arm-trusted-firmware/plat/mediatek/mt8192/aarch64/platform_common.c 9b148285683f9f62babcdd92b4cbb3edf8d47275 - arm-trusted-firmware/plat/mediatek/mt8173/scu.c 322049a08a3981e4c34fb6991314537e02662946 - arm-trusted-firmware/plat/mediatek/mt8173/plat_topology.c 6a2d3a421c077dcc608a94317ecf55a80c640d76 - arm-trusted-firmware/plat/mediatek/mt8173/plat_mt_gic.c b49fda8c23d477e92d842bb950e93962c77a82cd - arm-trusted-firmware/plat/mediatek/mt8173/bl31_plat_setup.c abe0c66165b32a2f3dee830062f153c3c29738ce - arm-trusted-firmware/plat/mediatek/mt8173/plat_sip_calls.c 5b0d461df0d4936d87d5a3b87846da17b5bffdcd - arm-trusted-firmware/plat/mediatek/mt8173/power_tracer.c e90649554240f75d20e82bcaf1d5fc7f72308d84 - arm-trusted-firmware/plat/mediatek/mt8173/plat_pm.c 95875d234df9d7f7a86bfda389367f298611eb38 - arm-trusted-firmware/plat/mediatek/mt8173/include/plat_macros.S 12c0bb5878f5671aeb4bc9ea733ddd80cdb960da - arm-trusted-firmware/plat/mediatek/mt8173/include/plat_sip_calls.h 755906af584459bc7964059a3022e624d4743b62 - arm-trusted-firmware/plat/mediatek/mt8173/include/mt8173_def.h 3d43facf8bc958241dcaddfa4cd6f9e61362c87e - arm-trusted-firmware/plat/mediatek/mt8173/include/plat_private.h 2bd6a37616bcda8ee48aa9917c65801ceeea804e - arm-trusted-firmware/plat/mediatek/mt8173/include/platform_def.h fb0128ee719cdbc40fa546319e2635e3e19f1e11 - arm-trusted-firmware/plat/mediatek/mt8173/include/power_tracer.h 89bb4015a4309bd60ed5dc2f32033dd0a4f603cc - arm-trusted-firmware/plat/mediatek/mt8173/include/scu.h 7848197b715dc7fd355b6bc2d2232123facb9994 - arm-trusted-firmware/plat/mediatek/mt8173/include/mcucfg.h 3160163c493937b3bb0298d50d918627d0d0e4e4 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/wdt/wdt.h 27287e7e69b6a6be66a87cf9e294f25a682e92fe - arm-trusted-firmware/plat/mediatek/mt8173/drivers/wdt/wdt.c 0f16bd582feb0391ddd3b4685fab51a7e11667ca - arm-trusted-firmware/plat/mediatek/mt8173/drivers/crypt/crypt.c 4535129d635202f3bf1b447e411bd1c7eda5f7db - arm-trusted-firmware/plat/mediatek/mt8173/drivers/crypt/crypt.h d86950fce5e4e2f48f1efc48472289033367e47e - arm-trusted-firmware/plat/mediatek/mt8173/drivers/timer/mt_cpuxgpt.c bb6c45f6edb308171b205123bd682e3db84ec58f - arm-trusted-firmware/plat/mediatek/mt8173/drivers/timer/mt_cpuxgpt.h f6fe2ef42009b0fa69b3957d63488b6192072275 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.h 0f38df7cc1b225ffb568e7df5c4981b0d29ee7ae - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm.h 4398c8e27acb0bc2b28771ed5c1a0689971fac4f - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.c f3ba2dabf2cabb2644ae09476c62fee2023d6abc - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm.c d73f4f2080ec7098103c5209a4c302f80535dc77 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_hotplug.c 8ffb063b98ca22c66f9f96260216a31b1de20519 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.h 9623b67d4f2dfac8dcc78ed711172fcb5f85511d - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_suspend.h b18c4af2e0471a0d5de267ac5c1e4a52b1c94ea6 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/spm/spm_mcdi.c b7e2ebfeb39fa655c846358a6439c708fba4b6d5 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/rtc/rtc.c 42adaa32fd22643561c090086db64c635fd6d686 - arm-trusted-firmware/plat/mediatek/mt8173/drivers/rtc/rtc.h 27cbf1f064da3e18b5cd7c0e83fb1c9da349e00e - arm-trusted-firmware/plat/mediatek/mt8173/drivers/pmic/pmic_wrap_init.h 9e687cd54be9aa08265355e1079ba5f6cd2a93cc - arm-trusted-firmware/plat/mediatek/mt8173/drivers/mtcmos/mtcmos.h 4af6a675f41b6d5566fcc13863c1507f5fe28f7f - arm-trusted-firmware/plat/mediatek/mt8173/drivers/mtcmos/mtcmos.c fefea9a047dc27fa97fc660c62bc2a4b68539b35 - arm-trusted-firmware/plat/mediatek/mt8173/aarch64/plat_helpers.S 314689d0bbe7b2567ccd667c6f70815679729e1f - arm-trusted-firmware/plat/mediatek/mt8173/aarch64/platform_common.c 455f78881f3e452bc906dd8e2dd74d7e668f33dd - arm-trusted-firmware/plat/qti/msm8916/msm8916_gicv2.c 2cfbd336aca6ffd917aac7811b326bc53c734d1c - arm-trusted-firmware/plat/qti/msm8916/msm8916_bl31_setup.c e08f230adb59004c64e07444599554c275f1643a - arm-trusted-firmware/plat/qti/msm8916/msm8916_pm.h 3b21be43300990b373aae5fc9fe86650293e6465 - arm-trusted-firmware/plat/qti/msm8916/msm8916_gicv2.h 180bf4b2deb975b6753f7b845e0055ea91a2aa13 - arm-trusted-firmware/plat/qti/msm8916/msm8916_topology.c 6e7e984a8e5dfab7008759c759d8244470f3dae2 - arm-trusted-firmware/plat/qti/msm8916/msm8916_cpu_boot.c ec2741df6c60880f2d8d7c157dcda59d0c50eacd - arm-trusted-firmware/plat/qti/msm8916/msm8916_pm.c 8150ca146a9314d5192e1e394975bb932029bd0b - arm-trusted-firmware/plat/qti/msm8916/include/uartdm_console.h e1247a97415e84032dab91e8daa6df51645413ac - arm-trusted-firmware/plat/qti/msm8916/include/plat_macros.S 07c3221b9d62d08349ed7bc9f4f1e779f524ec32 - arm-trusted-firmware/plat/qti/msm8916/include/msm8916_mmap.h d2d25cc01ae69fbf7368f681a6be32083570007e - arm-trusted-firmware/plat/qti/msm8916/include/platform_def.h 91be000247752e30dfd222eef60029b13936f320 - arm-trusted-firmware/plat/qti/msm8916/aarch64/msm8916_helpers.S fd14d1c817b69bd4a42046e3a208b999bffc7e36 - arm-trusted-firmware/plat/qti/msm8916/aarch64/uartdm_console.S 3030765ef51687943e02ca761d6d518826a6c438 - arm-trusted-firmware/plat/qti/common/inc/qti_plat.h 1d172cb4df58b173035b99b5855545b25fd764be - arm-trusted-firmware/plat/qti/common/inc/qti_uart_console.h f00660ee7d40d5826515fe5266e50d2172c12bc1 - arm-trusted-firmware/plat/qti/common/inc/spmi_arb.h a492ca7a1a6a0dc9b988c09a6838be72f3a00cc3 - arm-trusted-firmware/plat/qti/common/inc/qti_board_def.h 2c7d5721030a2353cd649ad2cf4da49242ed3195 - arm-trusted-firmware/plat/qti/common/inc/qti_cpu.h af87d6c46e8e3304b92c90ed0111bb3066bac8e1 - arm-trusted-firmware/plat/qti/common/inc/qti_interrupt_svc.h 0b01452153b97f032c89b81698730bd0211ee4cf - arm-trusted-firmware/plat/qti/common/inc/qti_rng.h 5901fe33e7d63a4a03e1b95469b48c8299d178f6 - arm-trusted-firmware/plat/qti/common/inc/aarch64/plat_macros.S bea1c249fdc7e365ba7e5d773a7e312de9345fb8 - arm-trusted-firmware/plat/qti/common/src/spmi_arb.c f3b7fa7c62db7248cf8b50316244b8239596f267 - arm-trusted-firmware/plat/qti/common/src/qti_rng.c a78d1e23bb28b3815e1e4ed90be36d9a18730edc - arm-trusted-firmware/plat/qti/common/src/qti_bl31_setup.c 7fc1d5b81ce41fbda7e5fda0ba2e22acdf4d5934 - arm-trusted-firmware/plat/qti/common/src/qti_pm.c f12c8a79f6141094db1aac3d48ac6ea34800ff6d - arm-trusted-firmware/plat/qti/common/src/qti_stack_protector.c 26a9cbddd8b9a236e5d0f3550807554e23563f18 - arm-trusted-firmware/plat/qti/common/src/qti_gic_v3.c aeecda36338ac151632b50ce13795833a9f6ce3b - arm-trusted-firmware/plat/qti/common/src/pm_ps_hold.c ac89500a8d77a91b9b24a426b3394744bf74efb5 - arm-trusted-firmware/plat/qti/common/src/qti_topology.c d3fde1360e9da45d7d4f06fa00208544d41ad202 - arm-trusted-firmware/plat/qti/common/src/qti_common.c e6926afd75dc641585601bff95a258034095c6e1 - arm-trusted-firmware/plat/qti/common/src/qti_interrupt_svc.c 825f74a7f38dc32847afc499110e74db3937935f - arm-trusted-firmware/plat/qti/common/src/qti_syscall.c 35b43eea9fc4e1679a0349180b49fa1bb96e59b7 - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_kryo4_gold.S 7547a5ef92ec4ac40eed5a73041ef25902042bf2 - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_uart_console.S a32c3f1d46d7c6cdcb2fa977d2899c8ff2bebb7a - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_kryo6_gold.S 3d127b0f585eb4f2bfaaccd2f04f814fca7770c4 - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_kryo6_silver.S b6f69f64118c04b6b54e760cf7005ec1594689fc - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_kryo4_silver.S b6ee5b136c1d386d21bdb0c3944363930ea1c5d2 - arm-trusted-firmware/plat/qti/common/src/aarch64/qti_helpers.S 5db76531814dda261416dc016b511d807c3a4ba5 - arm-trusted-firmware/plat/qti/qtiseclib/inc/qtiseclib_defs.h a28527a439c34c2ff37a3bd1ace46fb9ddb4f357 - arm-trusted-firmware/plat/qti/qtiseclib/inc/qtiseclib_cb_interface.h 186065ea9c6a4a2d16c200d4d07466514f5a1c29 - arm-trusted-firmware/plat/qti/qtiseclib/inc/qtiseclib_interface.h 885aa0bbda57cb30366ac8f9ea09f3f8e7ad31da - arm-trusted-firmware/plat/qti/qtiseclib/inc/sc7180/qtiseclib_defs_plat.h 3e4d34962a59227a5d8d494f35e80b77fdf8d61e - arm-trusted-firmware/plat/qti/qtiseclib/inc/sc7280/qtiseclib_defs_plat.h 0c6b7067545771534db6e2eae7bdf7694a939d12 - arm-trusted-firmware/plat/qti/qtiseclib/src/qtiseclib_interface_stub.c 4e66aa575523181fefb5720d798a257e98a26003 - arm-trusted-firmware/plat/qti/qtiseclib/src/qtiseclib_cb_interface.c ce8e6c97e3af86cafccb6b9ffe857b9c1ec62598 - arm-trusted-firmware/plat/qti/sc7180/inc/qti_secure_io_cfg.h 576c57f662c322a2eac3565e848ea0179d7290a1 - arm-trusted-firmware/plat/qti/sc7180/inc/qti_rng_io.h 3591e68af17680a9c8b78bffb866c93838cc5b18 - arm-trusted-firmware/plat/qti/sc7180/inc/platform_def.h d99874d76998c7025371fc6e19def1521bfacc2d - arm-trusted-firmware/plat/qti/sc7280/inc/qti_secure_io_cfg.h 8b0399819af138f97f2f4270408c66b5d23b6052 - arm-trusted-firmware/plat/qti/sc7280/inc/qti_rng_io.h a0b63dda5b240d0c16799712543a79c70bd462d0 - arm-trusted-firmware/plat/qti/sc7280/inc/platform_def.h ea086669ab75f559b2e65b291fea3af158c18bd2 - arm-trusted-firmware/plat/renesas/common/bl2_plat_mem_params_desc.c ffd1e457886f1089d9c344f701ec17dc97f8f074 - arm-trusted-firmware/plat/renesas/common/rcar_common.c a977937122b0a3096d2974c21e1d01713d54ef5b - arm-trusted-firmware/plat/renesas/common/plat_topology.c 5f9406be82d4cf619e442556228de3e2d1283e39 - arm-trusted-firmware/plat/renesas/common/plat_image_load.c d414d4d769295e5a493cf3e77c9c51626ee0e6fb - arm-trusted-firmware/plat/renesas/common/bl2_interrupt_error.c 9e2b414041c35052396135ebdc28539af32c2593 - arm-trusted-firmware/plat/renesas/common/bl31_plat_setup.c ae71ad3a55f0e9c013697f9775e6c12c0ff7bd74 - arm-trusted-firmware/plat/renesas/common/bl2_cpg_init.c 12b42e58567a9ecd3d1d63318cb5ec7011a41573 - arm-trusted-firmware/plat/renesas/common/plat_storage.c 514484b073de3f03a0c25885d1947529d0863273 - arm-trusted-firmware/plat/renesas/common/bl2_secure_setting.c 716e1c7c79baa403b9c5d0ef120f23d8cac8e802 - arm-trusted-firmware/plat/renesas/common/plat_pm.c 72226e12e556432cb547181aa73e0d55c5c8777f - arm-trusted-firmware/plat/renesas/common/include/plat_macros.S aa601d2e26e65cab57efac1579ef07d5a4966f23 - arm-trusted-firmware/plat/renesas/common/include/rcar_version.h 2f021b7dce5115d413267052dd5b471ceff900cf - arm-trusted-firmware/plat/renesas/common/include/rcar_private.h f4aa97332efbbc8e20e48e338443fd3b9c208830 - arm-trusted-firmware/plat/renesas/common/include/plat.ld.S f99514b828a7a7fe6f0063a291c023d74a2c9bd2 - arm-trusted-firmware/plat/renesas/common/include/rcar_def.h 939b904cc911a51e5bfd33fc817d5c5b22e55400 - arm-trusted-firmware/plat/renesas/common/include/platform_def.h f5943232ea7fe8a4717cdaa5d1f371ec634c8074 - arm-trusted-firmware/plat/renesas/common/include/registers/cpg_registers.h 64ef91e2bf3528ac94c8eb79c5c3f80113257721 - arm-trusted-firmware/plat/renesas/common/include/registers/lifec_registers.h f773e9cbe28c8c27bd7013b66cd612cd63f790fc - arm-trusted-firmware/plat/renesas/common/include/registers/axi_registers.h 2b4770445484da2ea7c1061c5e772905f5f9eda9 - arm-trusted-firmware/plat/renesas/common/aarch64/plat_helpers.S 3c4b66c3e0e2ea740399f2ac87b9c61af5c45031 - arm-trusted-firmware/plat/renesas/common/aarch64/platform_common.c d9c373f0351531965e8097178bbc13ede3af7485 - arm-trusted-firmware/plat/renesas/rzg/bl2_plat_setup.c 954d720bbb952517040ea8c1648e94dcd01de552 - arm-trusted-firmware/plat/renesas/rcar/bl2_plat_setup.c 8539e94b825c242859fa5c4a3c03901703c386f0 - arm-trusted-firmware/plat/nxp/soc-ls1046a/soc.c 1e814209bd02d7457755dcf4493b05a3794c811c - arm-trusted-firmware/plat/nxp/soc-ls1046a/soc.def bfdacfdea0aa10e1ece5ae2925625ce34328672a - arm-trusted-firmware/plat/nxp/soc-ls1046a/include/ns_access.h 9ed3d544ff5ab2cfa0ea13d1fb3b59534eb90e14 - arm-trusted-firmware/plat/nxp/soc-ls1046a/include/soc.h 8cc150d9e1c9199572b24d0af559c82e4db71320 - arm-trusted-firmware/plat/nxp/soc-ls1046a/aarch64/ls1046a.S 06d4dda248389e306ea0cf1688bc9944d1511d03 - arm-trusted-firmware/plat/nxp/soc-ls1046a/aarch64/ls1046a_helpers.S 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046afrwy/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046afrwy/platform_def.h 945ec23ee2ba0c79a5e6140d043290e9afde9b2c - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046afrwy/ddr_init.c dc407d2ead98e6d20e59ac0b6c5e75116a82ddd3 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046afrwy/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046afrwy/policy.h 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046ardb/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046ardb/platform_def.h 2ea7db20f6633e1dbecd9a70ed4cac89d97c2a76 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046ardb/ddr_init.c 686ad098c68cbf424bb3e89e451ab64b8183a91c - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046ardb/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046ardb/policy.h 5da46b775851344c65928890c699d7ff047606b2 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046aqds/platform.c 0f38703d163bd042c7827eaddb04ea092b30a478 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046aqds/platform_def.h 60e78557693ed12515227f051b8f55baf47ce8ae - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046aqds/ddr_init.c 39ce8f1f0afc76a2d1a98e86df076ef84d185da3 - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046aqds/plat_def.h 0fb5432862f668e38f9bbce3af181371cdecf0cd - arm-trusted-firmware/plat/nxp/soc-ls1046a/ls1046aqds/policy.h 07fb6c57566e19aa44ef34559874dfd995b582b6 - arm-trusted-firmware/plat/nxp/soc-ls1043a/soc.c 059b1c4ea6e6b540b7b01bdeb7153b4dfcacdb1b - arm-trusted-firmware/plat/nxp/soc-ls1043a/soc.def 859878633110369cd34a10f6683227f6b49d0006 - arm-trusted-firmware/plat/nxp/soc-ls1043a/ls1043ardb/platform.c 802c1d23237eb5cc83388950a75fa13d076b0dbf - arm-trusted-firmware/plat/nxp/soc-ls1043a/ls1043ardb/platform_def.h 2d532dcfca962bd50e2721dc90a3c5e8f3ef4c00 - arm-trusted-firmware/plat/nxp/soc-ls1043a/ls1043ardb/ddr_init.c 60033abedd63947cfda10bf00d77951046e244c2 - arm-trusted-firmware/plat/nxp/soc-ls1043a/ls1043ardb/plat_def.h 2e5c9db35f0a8446aa2a2a08f75f1488255df745 - arm-trusted-firmware/plat/nxp/soc-ls1043a/ls1043ardb/policy.h 69427e6f64ce96dfa6842364a758359b8fa821c6 - arm-trusted-firmware/plat/nxp/soc-ls1043a/include/ns_access.h 9b815992ca7df805a51a7cdece2e7c074a0958fb - arm-trusted-firmware/plat/nxp/soc-ls1043a/include/soc.h b132e33ac02b41bfdd0b2ba27b1e5432e0f7ef08 - arm-trusted-firmware/plat/nxp/soc-ls1043a/aarch64/ls1043a_helpers.S 18db50ef3d11821179318d84b45c532d3b107226 - arm-trusted-firmware/plat/nxp/soc-ls1043a/aarch64/ls1043a.S 7101b940d392636f546086caa2626d9a940d9eac - arm-trusted-firmware/plat/nxp/soc-ls1028a/soc.c 490b7dbb3b819d5251283d9069f177092c665489 - arm-trusted-firmware/plat/nxp/soc-ls1028a/soc.def d78024dda44030bb2c60a6c6f0f31b0cdf79c510 - arm-trusted-firmware/plat/nxp/soc-ls1028a/include/soc.h 859878633110369cd34a10f6683227f6b49d0006 - arm-trusted-firmware/plat/nxp/soc-ls1028a/ls1028ardb/platform.c daffee032773c1420ec3c8da52a5bc9db4610aaa - arm-trusted-firmware/plat/nxp/soc-ls1028a/ls1028ardb/platform_def.h 3268f346c7eb1578007b13a160c4c3d08efe2c0b - arm-trusted-firmware/plat/nxp/soc-ls1028a/ls1028ardb/ddr_init.c 264c5f8c566b8945850048aceba967dd8fd1e72b - arm-trusted-firmware/plat/nxp/soc-ls1028a/ls1028ardb/plat_def.h b435bed7113e72930be88bfe8f61e7da61994418 - arm-trusted-firmware/plat/nxp/soc-ls1028a/ls1028ardb/policy.h 033fd89d203e44c446aba6134e51e46a7d9cf324 - arm-trusted-firmware/plat/nxp/soc-ls1028a/aarch64/ls1028a_helpers.S e436d0bfcc7b7c83db0242b6ffefad0a2985a81e - arm-trusted-firmware/plat/nxp/soc-ls1028a/aarch64/ls1028a.S 6edca4ab32d5c19db4706b176997f9bc4f085702 - arm-trusted-firmware/plat/nxp/common/img_loadr/load_img.h ac50f0a2929a3c77c87203013245a30bab6a20b2 - arm-trusted-firmware/plat/nxp/common/img_loadr/load_img.c e41af019a383e1c29f6cfe79b98e6812ee9e71e8 - arm-trusted-firmware/plat/nxp/common/fip_handler/fuse_fip/fuse_io_storage.c 0f0ae89b60dfac27f5f00ac6c76a3c1fbbf30e8c - arm-trusted-firmware/plat/nxp/common/fip_handler/fuse_fip/fuse_io.h 5898658243b0a5f981f4c051061be8d7f7ff3a7f - arm-trusted-firmware/plat/nxp/common/fip_handler/common/plat_def_fip_uuid.h fc286a6d896799156121d56095076ee1765cdd18 - arm-trusted-firmware/plat/nxp/common/fip_handler/common/plat_tbbr_img_def.h 9670a30b894318a795c85e5ee63edbe979b023b6 - arm-trusted-firmware/plat/nxp/common/fip_handler/common/platform_oid.h 97667263a954ff77c695a93ec98b767bccf035cd - arm-trusted-firmware/plat/nxp/common/fip_handler/ddr_fip/ddr_io_storage.c 96bd522ef14fb5ff8a4247a028501ef7c4367f3a - arm-trusted-firmware/plat/nxp/common/fip_handler/ddr_fip/ddr_io_storage.h 9c72b3ecd5d5982e63db876f7dfefb7cbac10bea - arm-trusted-firmware/plat/nxp/common/sip_svc/sip_svc.c 27f86d14fd5ce72d0aaa417b4c893049acc97e1c - arm-trusted-firmware/plat/nxp/common/sip_svc/include/sipsvc.h be62a5510efe4bb10130935015fc6c12d3b02ed4 - arm-trusted-firmware/plat/nxp/common/sip_svc/aarch64/sipsvc.S dcfd794664af1da07e241e7f44705b02a86955bb - arm-trusted-firmware/plat/nxp/common/include/default/plat_default_def.h 2941f6674d8de1d2b22c22b91db3b63996c45d80 - arm-trusted-firmware/plat/nxp/common/include/default/ch_2/soc_default_base_addr.h 764ceec06291ed492b81348c85ad37e77f32eb3a - arm-trusted-firmware/plat/nxp/common/include/default/ch_2/soc_default_helper_macros.h 3b4e4e380dbab1bf4ad037c20f705b6e42b5d992 - arm-trusted-firmware/plat/nxp/common/include/default/ch_3/soc_default_base_addr.h 9fecb13f267ce5c792719b3969ef19e96064d75a - arm-trusted-firmware/plat/nxp/common/include/default/ch_3/soc_default_helper_macros.h 1c0daba5be7bb7055a56df067ffc86d62af94382 - arm-trusted-firmware/plat/nxp/common/include/default/ch_3_2/soc_default_base_addr.h 962eb919fbdac8edf23f3cca5303772adc4690b0 - arm-trusted-firmware/plat/nxp/common/include/default/ch_3_2/soc_default_helper_macros.h f71b1c56189f5904469d9e69c7b5206a4bd12454 - arm-trusted-firmware/plat/nxp/common/warm_reset/plat_warm_reset.c 48b1c6e031a18037fbc338e8d3f6d0efbe6c0eca - arm-trusted-firmware/plat/nxp/common/warm_reset/plat_warm_rst.h 08360ed6a8b3d051a5cad1cb6e001cf1600b7ac8 - arm-trusted-firmware/plat/nxp/common/ocram/ocram.h 5e45989256d4cb803eb129882666969d3d952ac6 - arm-trusted-firmware/plat/nxp/common/ocram/aarch64/ocram.S fdb986fc3069c5b8c185c58c199bc5e56a6d1655 - arm-trusted-firmware/plat/nxp/common/aarch64/bl31_data.S 2c5220969ad934f5e3904f8b72774332826fb89d - arm-trusted-firmware/plat/nxp/common/aarch64/ls_helpers.S 5f62419793539e6fbda55df6e2b3fa9e0b21b776 - arm-trusted-firmware/plat/nxp/common/soc_errata/errata.h 2e0e20e6baddb412ce97b52be66cd32d6f8f367f - arm-trusted-firmware/plat/nxp/common/soc_errata/errata_a010539.c f925bc09cf5f24b92110d8e7eb81b6948bc855b7 - arm-trusted-firmware/plat/nxp/common/soc_errata/errata.c 254c94ec21e9680a13a88c1c24d884bfb8b9479c - arm-trusted-firmware/plat/nxp/common/soc_errata/errata_a008850.c 492965693fd60a384d16d12de2ecd89c7f522702 - arm-trusted-firmware/plat/nxp/common/soc_errata/errata_list.h 0b417a1d9881a05757a25db89aa6739867cc6cff - arm-trusted-firmware/plat/nxp/common/soc_errata/errata_a009660.c c693c689d519e4697e033a4df6e7da75ecaca5b7 - arm-trusted-firmware/plat/nxp/common/soc_errata/errata_a050426.c 98e57da5931c557522da93cce9fe3bfb911d2cb0 - arm-trusted-firmware/plat/nxp/common/setup/ls_err.c 7159132c839b1d3568d7b7b03da30f6d03e5336e - arm-trusted-firmware/plat/nxp/common/setup/ls_interrupt_mgmt.c cb4accb6830f44fe050021fd6e32cca1a8acf7ee - arm-trusted-firmware/plat/nxp/common/setup/ls_bl31_setup.c e0dfec4c8847e15aeb7a774844188ab382bdd027 - arm-trusted-firmware/plat/nxp/common/setup/ls_stack_protector.c 91c2c52722651995a236e3f10e11504b1d87e098 - arm-trusted-firmware/plat/nxp/common/setup/ls_common.c 6694d9cc9520a800f00a344d9cc1c534b6e88d91 - arm-trusted-firmware/plat/nxp/common/setup/ls_bl2_el3_setup.c d736c2075e7e15a400e61a1db310a4d1b43bffd2 - arm-trusted-firmware/plat/nxp/common/setup/ls_image_load.c 475644583f7d46ef814913dcdcfddfa706f9f9bb - arm-trusted-firmware/plat/nxp/common/setup/ls_io_storage.c 9e4c6090807eed8550b5e6acaf048f870d04011b - arm-trusted-firmware/plat/nxp/common/setup/include/bl31_data.h c8d60b0a7cea607dac9dc88673f41a4be9285d2e - arm-trusted-firmware/plat/nxp/common/setup/include/plat_macros.S 4f9b26944e2ce37da586a62bdec3d03549edca60 - arm-trusted-firmware/plat/nxp/common/setup/include/mmu_def.h 7deb5f8e4cedbb8f2f2faed66426dac4607d7f04 - arm-trusted-firmware/plat/nxp/common/setup/include/ls_interrupt_mgmt.h 52c5991d0ead354cd375910f00aefc81953d5681 - arm-trusted-firmware/plat/nxp/common/setup/include/plat_common.h 8094976b2b7aa5bbc113bbc852215f8e0513c202 - arm-trusted-firmware/plat/nxp/common/setup/aarch64/ls_bl2_mem_params_desc.c 99de11a8e1d6aa0d67bff400dc27222a3f67bda3 - arm-trusted-firmware/plat/nxp/common/tbbr/x509_tbbr.c 9b61ef7f7b42a7a2448ff56ef3a4dde77d0a3c6a - arm-trusted-firmware/plat/nxp/common/tbbr/csf_tbbr.c 003b4e0c6ab04fb9bd51037a2c976e8e9a1e90dc - arm-trusted-firmware/plat/nxp/common/tbbr/nxp_rotpk.S 193a96b82a70ef052d501107a7358ccca4890c12 - arm-trusted-firmware/plat/nxp/common/nv_storage/plat_nv_storage.c 3a09baff31a554c63552bd51f6adea91aa05d3c1 - arm-trusted-firmware/plat/nxp/common/nv_storage/plat_nv_storage.h 3b5918338beab36f0f06c2b7e82c7f49a7b351bf - arm-trusted-firmware/plat/nxp/common/psci/plat_psci.c 187a0bff6625818b129b5ab42039158f8126ddb3 - arm-trusted-firmware/plat/nxp/common/psci/include/plat_psci.h 11b25502ea937dd88b3986d358aad3eff9f39c71 - arm-trusted-firmware/plat/nxp/common/psci/aarch64/psci_utils.S b971fa529d2080fd471b3ef7ec4466a972529aee - arm-trusted-firmware/plat/nxp/soc-lx2160a/soc.c 189fa51ba04371ccab55ac105b7dfe77c07f3552 - arm-trusted-firmware/plat/nxp/soc-lx2160a/soc.def b52ff38c67c39f3dc4731b38d094152cb31b4ccd - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160aqds/platform.c c515220a4c8200d4212a8d951e49a9022e7bef2f - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160aqds/platform_def.h d07e54f7cdb54922dac5c758dd79b5adb4d9e93f - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160aqds/ddr_init.c 2881529cc073176412af0c380690bab77add20c5 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160aqds/plat_def.h 353f72fa699efe7dc63602a04a220dd43adb85ba - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160aqds/policy.h f856b32032e096e20ae0a454ad54d4fd64dfca0c - arm-trusted-firmware/plat/nxp/soc-lx2160a/include/soc.h 63c93614b627d3a013d8176aa4248010115eecf0 - arm-trusted-firmware/plat/nxp/soc-lx2160a/aarch64/lx2160a_warm_rst.S ed1f52b1a3d4ce48135556f32d8667c7367494d8 - arm-trusted-firmware/plat/nxp/soc-lx2160a/aarch64/lx2160a_helpers.S 3e9660b08500144943aee803a37816f45307d66b - arm-trusted-firmware/plat/nxp/soc-lx2160a/aarch64/lx2160a.S b52ff38c67c39f3dc4731b38d094152cb31b4ccd - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160ardb/platform.c 0fe0002fb83ef9fcbbed68caa9cea3b775bfc529 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160ardb/platform_def.h 764850c7f4814c83fc8b48d4a353c5ae2836edf6 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160ardb/ddr_init.c f53ad9b2677286b07fdbc25c8c257e4891f15607 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160ardb/plat_def.h e7b379eaa610c82050a0e57c194b10a794f23d91 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2160ardb/policy.h 85eb1ecc310643c5e3edb3761897745f5f4eaa6a - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2162aqds/platform.c c515220a4c8200d4212a8d951e49a9022e7bef2f - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2162aqds/platform_def.h e8ecd59dc257f4918515a132b0c4787bc1890021 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2162aqds/ddr_init.c 6701efe4878d9b4a7d1035d7d747426951d04e8b - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2162aqds/plat_def.h ab191a3fce41d791a52ed732c81fa4c127537b13 - arm-trusted-firmware/plat/nxp/soc-lx2160a/lx2162aqds/policy.h 1fc45a1f2166ae38c534bcf389857b89c441c5af - arm-trusted-firmware/plat/nxp/soc-ls1088a/soc.c 0f6a22f1e28fcb385608a72a297b0cbd67935113 - arm-trusted-firmware/plat/nxp/soc-ls1088a/soc.def d1bd24409a0956382d617f97af627e582ec04d5c - arm-trusted-firmware/plat/nxp/soc-ls1088a/include/soc.h 764c8c04a6189e6992612672f9e41abde5000248 - arm-trusted-firmware/plat/nxp/soc-ls1088a/aarch64/ls1088a_helpers.S 492d3f0900343c093e718ba1816eb94bfc3931e9 - arm-trusted-firmware/plat/nxp/soc-ls1088a/aarch64/ls1088a.S 344959df5ba88c1bf9ce847e6735395045c1253c - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088aqds/platform.c 11e2d32b094714041c63cf972054b12b7c0db04e - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088aqds/platform_def.h e9f8a604d5a2d30bd7a467c0b5624df132c867ee - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088aqds/ddr_init.c 3328578a5401038f068eded4991d6a403c5276b7 - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088aqds/plat_def.h a7f75b9047c373fb59a317bd6d2995d70aa0aefa - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088aqds/policy.h 344959df5ba88c1bf9ce847e6735395045c1253c - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088ardb/platform.c 11e2d32b094714041c63cf972054b12b7c0db04e - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088ardb/platform_def.h 30d19335e7872d98487de84b2cc1cfad32bc26ad - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088ardb/ddr_init.c 9c8add03dd402a33b546ebe338030483a6e30892 - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088ardb/plat_def.h 992637daa6e8a443c6f0a176079ce731d593f699 - arm-trusted-firmware/plat/nxp/soc-ls1088a/ls1088ardb/policy.h 66cbb2ab82f32d934dc4d303b958c70750303ca6 - arm-trusted-firmware/plat/intel/soc/stratix10/bl31_plat_setup.c 2f22a31fb6bf835c01bd19bb362bba1c8a3e4918 - arm-trusted-firmware/plat/intel/soc/stratix10/bl2_plat_setup.c fbf4ab727479f904a0ae30ca600e339277fc9c11 - arm-trusted-firmware/plat/intel/soc/stratix10/include/s10_pinmux.h db28b2738f48c2d2751af6dee5456298ec578706 - arm-trusted-firmware/plat/intel/soc/stratix10/include/s10_memory_controller.h 05acb6f9fd3967467369875212f706741e9434c3 - arm-trusted-firmware/plat/intel/soc/stratix10/include/socfpga_plat_def.h 327e01f2a345b7d3b00f949c0785a60e4c03889f - arm-trusted-firmware/plat/intel/soc/stratix10/include/s10_noc.h 2a726cacb7d9a01adbb5c593a0bf7a6f0e9d2c18 - arm-trusted-firmware/plat/intel/soc/stratix10/include/s10_clock_manager.h 70667783807950b851233233349f9cadef62b70d - arm-trusted-firmware/plat/intel/soc/stratix10/soc/s10_memory_controller.c 4f2d7ac1b88723a36765c17fe3b6b524622ee49d - arm-trusted-firmware/plat/intel/soc/stratix10/soc/s10_clock_manager.c 5a527e1803e29b659091fe8cf586adaf527a55dd - arm-trusted-firmware/plat/intel/soc/stratix10/soc/s10_pinmux.c 23e53289a40f4fdd5705ffc560d18e9e3086e32e - arm-trusted-firmware/plat/intel/soc/common/socfpga_sip_svc.c b1605e3612529c3ef25860a30a92276b1762eff8 - arm-trusted-firmware/plat/intel/soc/common/socfpga_delay_timer.c a73994ba0863a0c9119b3e80c2f95fd3a67881de - arm-trusted-firmware/plat/intel/soc/common/bl2_plat_mem_params_desc.c cc4b0a911ae0f00cfc94310c6a9d60716e9a1064 - arm-trusted-firmware/plat/intel/soc/common/socfpga_topology.c 98e7e0c1e8b661cfd05aacfbfc969aea710cf145 - arm-trusted-firmware/plat/intel/soc/common/socfpga_psci.c 659bce34ee85d1001adb313d9a639d66d3a89deb - arm-trusted-firmware/plat/intel/soc/common/socfpga_image_load.c 0c8169624b733658b1eee7afa553ac38e2f2660d - arm-trusted-firmware/plat/intel/soc/common/socfpga_storage.c 3eb20b0d72778ce95cdd02e0732ff2485fdcbe49 - arm-trusted-firmware/plat/intel/soc/common/include/plat_macros.S 55418579bc9725e40a61a81af232a46218f27291 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_private.h f10900dcc55350c0601a0fcddce82a8d8faeb902 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_sip_svc.h 3886a4a113d64631d91373640cc1e9d6ad0f9de5 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_handoff.h ffac73fe826ff46223b2ddaebd9e7206528dfe33 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_emac.h 987353d4fcf33b0589d816a77ed534bd4b0ee784 - arm-trusted-firmware/plat/intel/soc/common/include/platform_def.h 04e0e1415877c38b1d5b29fd0db73a6ec1bbc63c - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_system_manager.h c02cf900011574561e4a40f32b4328ee9b4fc2dc - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_fcs.h b117623bbdd5a56a0ff191770082cd80e5b860e4 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_mailbox.h 90cc387dc45aa325c65a5f792054dbf87337d0c0 - arm-trusted-firmware/plat/intel/soc/common/include/socfpga_reset_manager.h c72a5bba918c6067f6a77a639c42bc477c71de2c - arm-trusted-firmware/plat/intel/soc/common/drivers/wdt/watchdog.c 5c64677609f95ebafb78a49847ca9c07c1a3aa87 - arm-trusted-firmware/plat/intel/soc/common/drivers/wdt/watchdog.h 5e8868245cddc9cd3bff4ded0c90d2f8b356920d - arm-trusted-firmware/plat/intel/soc/common/drivers/ccu/ncore_ccu.h 4a2ceded30ce0c9be27082dc3e0a0f646e41c555 - arm-trusted-firmware/plat/intel/soc/common/drivers/ccu/ncore_ccu.c c9354b6d74c4a24fae2207b5b999882056d88e91 - arm-trusted-firmware/plat/intel/soc/common/drivers/qspi/cadence_qspi.h 41479908d06f853d367898b86dda07763652f4c7 - arm-trusted-firmware/plat/intel/soc/common/drivers/qspi/cadence_qspi.c ee464010f7478ad28450e239244175a97360cef4 - arm-trusted-firmware/plat/intel/soc/common/aarch64/plat_helpers.S c93b1e05180647b1752b51838d7b935bf554e073 - arm-trusted-firmware/plat/intel/soc/common/aarch64/platform_common.c 8b1c7bd1975b587b7b972a8471ba45698080074c - arm-trusted-firmware/plat/intel/soc/common/sip/socfpga_sip_ecc.c def81ce5e821eeb00d79cf3474f11987dd6f1d5a - arm-trusted-firmware/plat/intel/soc/common/sip/socfpga_sip_fcs.c dbb5c27c52afd2347aa5d78b423a051d694a5c1e - arm-trusted-firmware/plat/intel/soc/common/soc/socfpga_emac.c 30326906ea4956c9a459d8a32363b2ca3de50733 - arm-trusted-firmware/plat/intel/soc/common/soc/socfpga_mailbox.c 6a4cfd87ff051f635d35973a9d14d941e0dc377e - arm-trusted-firmware/plat/intel/soc/common/soc/socfpga_system_manager.c 23d9dff6e9c23385b4ccea7791e18d709f29f6d0 - arm-trusted-firmware/plat/intel/soc/common/soc/socfpga_handoff.c 46033ef6c11ee3af5452b7fdf9b90c20050c0be8 - arm-trusted-firmware/plat/intel/soc/common/soc/socfpga_reset_manager.c f1e4a10f906499fc859ce623d4571dc63e7d5273 - arm-trusted-firmware/plat/intel/soc/agilex/bl31_plat_setup.c 4bbfc2267980533e77f9d529ab7d174d48d90403 - arm-trusted-firmware/plat/intel/soc/agilex/bl2_plat_setup.c e61cd2fc029895773c3e7781028ff30b7d863cb7 - arm-trusted-firmware/plat/intel/soc/agilex/include/agilex_pinmux.h fc798b0a8b41f3e6053be0d0669917e2a704807e - arm-trusted-firmware/plat/intel/soc/agilex/include/agilex_clock_manager.h a86635994a276adad357b7b9a9408af38860c61c - arm-trusted-firmware/plat/intel/soc/agilex/include/agilex_memory_controller.h c3fe6580aad543effa72713fb4d54e4fdcd7f76e - arm-trusted-firmware/plat/intel/soc/agilex/include/agilex_noc.h 592af310a2153553607e67158a137e3b7d297c79 - arm-trusted-firmware/plat/intel/soc/agilex/include/socfpga_plat_def.h 2cbef8a830bfec6a533910d7a00ca01de32629c3 - arm-trusted-firmware/plat/intel/soc/agilex/include/agilex_mmc.h 3a9e2ef84999f167350febae7da7117e414fdaaf - arm-trusted-firmware/plat/intel/soc/agilex/soc/agilex_clock_manager.c 0701baf6d3a2c6d67485a189fa41e9c33fd20ca4 - arm-trusted-firmware/plat/intel/soc/agilex/soc/agilex_memory_controller.c 3c317104013baa1af66596ba8f1eef175f48843d - arm-trusted-firmware/plat/intel/soc/agilex/soc/agilex_mmc.c f28f931b63cba463d5ec189bc42550444729edad - arm-trusted-firmware/plat/intel/soc/agilex/soc/agilex_pinmux.c 1e8b5a5e05d44ab9f8f3bcbdc873885fc49c39de - arm-trusted-firmware/plat/intel/soc/n5x/bl31_plat_setup.c 956551e3f043e449ce36fb1696d99d2ae5b925d3 - arm-trusted-firmware/plat/intel/soc/n5x/include/socfpga_plat_def.h 2d32dba27247198d6cd35d150dc8eeba3c8ed8ff - arm-trusted-firmware/bl2u/bl2u.ld.S 0cd1ab24947e0ea5ce307a171756d88683d36cde - arm-trusted-firmware/bl2u/bl2u_main.c 1df1aad13ba7e2ed5cb1ae4a6200d169a1715578 - arm-trusted-firmware/bl2u/aarch64/bl2u_entrypoint.S 738660771364acfab975427664536a581abb78df - arm-trusted-firmware/bl2u/aarch32/bl2u_entrypoint.S 20113f49289a58e42b03525ea9427f94e093f58f - arm-trusted-firmware/bl1/bl1_private.h 653f6de57d95cb1d74a23acc6389ab9292ef0451 - arm-trusted-firmware/bl1/bl1_fwu.c d006178768f88929b34ddd8b6f7caf6ffb1577b4 - arm-trusted-firmware/bl1/bl1_main.c f34fa7c71b4b146c22d99ea5e88650c232833b2b - arm-trusted-firmware/bl1/bl1.ld.S 587ecb158bf5940ddc7f95250a8802df39806ef0 - arm-trusted-firmware/bl1/aarch64/bl1_context_mgmt.c 5c5e2355ca375fa98ae30f56bcf2f57ea7056c71 - arm-trusted-firmware/bl1/aarch64/bl1_entrypoint.S d6181e93a353f492a54a5222fe53d793cc6d46d7 - arm-trusted-firmware/bl1/aarch64/bl1_exceptions.S 284a0afe619de982f2bd1d4b1c625831ef7b3b5e - arm-trusted-firmware/bl1/aarch64/bl1_arch_setup.c 095ac3b2483b968f263618a4bd6cdd8d6f66d321 - arm-trusted-firmware/bl1/aarch32/bl1_context_mgmt.c 6ef2d19cb4ab43cba39eb87d49604192b1f3b2bd - arm-trusted-firmware/bl1/aarch32/bl1_entrypoint.S 32bd99d2c29b908009a4aea495162f0bb76949db - arm-trusted-firmware/bl1/aarch32/bl1_exceptions.S 8d6e2008e280f848fb14017ba5ba559a10724421 - arm-trusted-firmware/bl1/aarch32/bl1_arch_setup.c 85b2afc44851dc57e79c264641730d0e2eca3016 - arm-trusted-firmware/bl1/tbbr/tbbr_img_desc.c 2c87153926f8a458cffc9a435e15571ba721c2fa - arm-trusted-firmware/licenses/LICENSE.MIT 3a094362be710094e9435bc1e4d7eebfa468338d - arm-trusted-firmware/bl2/bl2_el3.ld.S 88bbfcb3f9b827bdab7f16cdfe892b2aa1470576 - arm-trusted-firmware/bl2/bl2_image_load_v2.c 991c05cee7a30247e2edcade94405aef95480121 - arm-trusted-firmware/bl2/bl2_private.h 0b07a71ab893d39e7884f11f46b95245ab0cf303 - arm-trusted-firmware/bl2/bl2.ld.S d8756b1a7295709e6757c7dbfc53741267823e2a - arm-trusted-firmware/bl2/bl2_main.c 62ef4221f56feaf0907dbe17cad47a9bab86bf03 - arm-trusted-firmware/bl2/aarch64/bl2_el3_exceptions.S 777576955f2ae3959035c33791a33835fe6578f4 - arm-trusted-firmware/bl2/aarch64/bl2_rme_entrypoint.S a34048b4cc67bca14b7594e2c1a53b4c0376d779 - arm-trusted-firmware/bl2/aarch64/bl2_el3_entrypoint.S c426fa02b617581d2495667828e9430110cf713a - arm-trusted-firmware/bl2/aarch64/bl2_entrypoint.S 247751d71fb2863f439cc217ac18c219dbf15453 - arm-trusted-firmware/bl2/aarch64/bl2_run_next_image.S 776c1699268eee43ba9230cb7e785e298e56a233 - arm-trusted-firmware/bl2/aarch64/bl2_arch_setup.c e514ace46685e16066700af9ec41ffbfa825b369 - arm-trusted-firmware/bl2/aarch32/bl2_el3_exceptions.S aac463ba1d35408d94f960ade6d2db95d68455ab - arm-trusted-firmware/bl2/aarch32/bl2_el3_entrypoint.S e7ec4f132c5a2ca9bb5f999f47079e4d473e77d9 - arm-trusted-firmware/bl2/aarch32/bl2_entrypoint.S f64693060b1ef904b4abfc04b8480a0f458494c5 - arm-trusted-firmware/bl2/aarch32/bl2_run_next_image.S 2534665e628b7612c3896fed4e659f3351601296 - arm-trusted-firmware/bl2/aarch32/bl2_arch_setup.c Change-Id: I31d99229f74adf7acea6637c27a2aba88e7caf82
This commit is contained in:
svcmobrel-release
25
arm-trusted-firmware/docs/Makefile
Normal file
25
arm-trusted-firmware/docs/Makefile
Normal file
@@ -0,0 +1,25 @@
|
||||
#
|
||||
# Copyright (c) 2019-2020, ARM Limited. All rights reserved.
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Minimal makefile for Sphinx documentation
|
||||
#
|
||||
|
||||
# You can set these variables from the command line.
|
||||
SPHINXOPTS = -W
|
||||
SPHINXBUILD = sphinx-build
|
||||
SPHINXPROJ = TrustedFirmware-A
|
||||
SOURCEDIR = .
|
||||
BUILDDIR = build
|
||||
|
||||
# Put it first so that "make" without argument is like "make help".
|
||||
help:
|
||||
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
|
||||
|
||||
.PHONY: help Makefile
|
||||
|
||||
# Catch-all target: route all unknown targets to Sphinx using the new
|
||||
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
|
||||
%: Makefile
|
||||
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
|
||||
15
arm-trusted-firmware/docs/_static/css/custom.css
vendored
Normal file
15
arm-trusted-firmware/docs/_static/css/custom.css
vendored
Normal file
@@ -0,0 +1,15 @@
|
||||
/*
|
||||
* Copyright (c) 2021, Arm Limited. All rights reserved.
|
||||
*
|
||||
* SPDX-License-Identifier: BSD-3-Clause
|
||||
*/
|
||||
|
||||
/*
|
||||
* Set the white-space property of tables to normal.
|
||||
* With this setting sequences of whitespace inside
|
||||
* a table will collapse into a single whitespace,
|
||||
* and text will wrap when necessary.
|
||||
*/
|
||||
.wy-table-responsive table td {
|
||||
white-space: normal;
|
||||
}
|
||||
22
arm-trusted-firmware/docs/about/acknowledgements.rst
Normal file
22
arm-trusted-firmware/docs/about/acknowledgements.rst
Normal file
@@ -0,0 +1,22 @@
|
||||
Contributor Acknowledgements
|
||||
============================
|
||||
|
||||
.. note::
|
||||
This file is only relevant for legacy contributions, to acknowledge the
|
||||
specific contributors referred to in "Arm Limited and Contributors" copyright
|
||||
notices. As contributors are now encouraged to put their name or company name
|
||||
directly into the copyright notices, this file is not relevant for new
|
||||
contributions. See the :ref:`License` document for the correct template to
|
||||
use for new contributions.
|
||||
|
||||
- Linaro Limited
|
||||
- Marvell International Ltd.
|
||||
- NVIDIA Corporation
|
||||
- NXP Semiconductors
|
||||
- Socionext Inc.
|
||||
- STMicroelectronics
|
||||
- Xilinx, Inc.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
56
arm-trusted-firmware/docs/about/contact.rst
Normal file
56
arm-trusted-firmware/docs/about/contact.rst
Normal file
@@ -0,0 +1,56 @@
|
||||
Support & Contact
|
||||
-----------------
|
||||
|
||||
We welcome any feedback on |TF-A| and there are several methods for providing
|
||||
it or for obtaining support.
|
||||
|
||||
.. warning::
|
||||
If you think you have found a security vulnerability, please report this using
|
||||
the process defined in the :ref:`Security Handling` document.
|
||||
|
||||
Mailing Lists
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Public mailing lists for TF-A and the wider Trusted Firmware project are
|
||||
hosted on TrustedFirmware.org. The mailing lists can be used for general
|
||||
enquiries, enhancement requests and issue reports, or to follow and participate
|
||||
in technical or organizational discussions around the project. These discussions
|
||||
include design proposals, advance notice of changes and upcoming events.
|
||||
|
||||
The relevant lists for the TF-A project are:
|
||||
|
||||
- `TF-A development`_
|
||||
- `TF-A-Tests development`_
|
||||
|
||||
You can see a `summary of all the lists`_ on the TrustedFirmware.org website.
|
||||
|
||||
Open Tech Forum Call
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Every other week, we organize a call with all interested TF-A contributors.
|
||||
Anyone is welcome to join. This is an opportunity to discuss any technical
|
||||
topic within the community. More details can be found `here`_.
|
||||
|
||||
.. _here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
|
||||
|
||||
Issue Tracker
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Bug reports may be filed on the `issue tracker`_ on the TrustedFirmware.org
|
||||
website. Using this tracker gives everyone visibility of the known issues in
|
||||
TF-A.
|
||||
|
||||
Arm Licensees
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
Arm licensees have an additional support conduit - they may contact Arm directly
|
||||
via their partner managers.
|
||||
|
||||
.. _`issue tracker`: https://developer.trustedfirmware.org
|
||||
.. _`TF-A development`: https://lists.trustedfirmware.org/pipermail/tf-a/
|
||||
.. _`TF-A-Tests development`: https://lists.trustedfirmware.org/pipermail/tf-a-tests/
|
||||
.. _`summary of all the lists`: https://lists.trustedfirmware.org
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
|
||||
127
arm-trusted-firmware/docs/about/features.rst
Normal file
127
arm-trusted-firmware/docs/about/features.rst
Normal file
@@ -0,0 +1,127 @@
|
||||
Feature Overview
|
||||
================
|
||||
|
||||
This page provides an overview of the current |TF-A| feature set. For a full
|
||||
description of these features and their implementation details, please see
|
||||
the documents that are part of the *Components* and *System Design* chapters.
|
||||
|
||||
The :ref:`Change Log & Release Notes` provides details of changes made since the
|
||||
last release.
|
||||
|
||||
Current features
|
||||
----------------
|
||||
|
||||
- Initialization of the secure world, for example exception vectors, control
|
||||
registers and interrupts for the platform.
|
||||
|
||||
- Library support for CPU specific reset and power down sequences. This
|
||||
includes support for errata workarounds and the latest Arm DynamIQ CPUs.
|
||||
|
||||
- Drivers to enable standard initialization of Arm System IP, for example
|
||||
Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI),
|
||||
Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone
|
||||
Controller (TZC).
|
||||
|
||||
- A generic |SCMI| driver to interface with conforming power controllers, for
|
||||
example the Arm System Control Processor (SCP).
|
||||
|
||||
- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
|
||||
Convention`_ using an EL3 runtime services framework.
|
||||
|
||||
- |PSCI| library support for CPU, cluster and system power management
|
||||
use-cases.
|
||||
This library is pre-integrated with the AArch64 EL3 Runtime Software, and
|
||||
is also suitable for integration with other AArch32 EL3 Runtime Software,
|
||||
for example an AArch32 Secure OS.
|
||||
|
||||
- A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library
|
||||
integration with AArch32 EL3 Runtime Software.
|
||||
|
||||
- Secure Monitor library code such as world switching, EL1 context management
|
||||
and interrupt routing.
|
||||
When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the
|
||||
AArch64 EL3 Runtime Software must be integrated with a Secure Payload
|
||||
Dispatcher (SPD) component to customize the interaction with the SP.
|
||||
|
||||
- A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP
|
||||
interaction with PSCI.
|
||||
|
||||
- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_
|
||||
and `Trusty Secure OS`_.
|
||||
|
||||
- A Trusted Board Boot implementation, conforming to all mandatory TBBR
|
||||
requirements. This includes image authentication, Firmware Update (or
|
||||
recovery mode), and packaging of the various firmware images into a
|
||||
Firmware Image Package (FIP).
|
||||
|
||||
- Pre-integration of TBB with the Arm CryptoCell product, to take advantage of
|
||||
its hardware Root of Trust and crypto acceleration services.
|
||||
|
||||
- Reliability, Availability, and Serviceability (RAS) functionality, including
|
||||
|
||||
- A Secure Partition Manager (SPM) to manage Secure Partitions in
|
||||
Secure-EL0, which can be used to implement simple management and
|
||||
security services.
|
||||
|
||||
- An |SDEI| dispatcher to route interrupt-based |SDEI| events.
|
||||
|
||||
- An Exception Handling Framework (EHF) that allows dispatching of EL3
|
||||
interrupts to their registered handlers, to facilitate firmware-first
|
||||
error handling.
|
||||
|
||||
- A dynamic configuration framework that enables each of the firmware images
|
||||
to be configured at runtime if required by the platform. It also enables
|
||||
loading of a hardware configuration (for example, a kernel device tree)
|
||||
as part of the FIP, to be passed through the firmware stages.
|
||||
This feature is now incorporated inside the firmware configuration framework
|
||||
(fconf).
|
||||
|
||||
- Support for alternative boot flows, for example to support platforms where
|
||||
the EL3 Runtime Software is loaded using other firmware or a separate
|
||||
secure system processor, or where a non-TF-A ROM expects BL2 to be loaded
|
||||
at EL3.
|
||||
|
||||
- Support for the GCC, LLVM and Arm Compiler 6 toolchains.
|
||||
|
||||
- Support for combining several libraries into a "romlib" image that may be
|
||||
shared across images to reduce memory footprint. The romlib image is stored
|
||||
in ROM but is accessed through a jump-table that may be stored
|
||||
in read-write memory, allowing for the library code to be patched.
|
||||
|
||||
- Support for the Secure Partition Manager Dispatcher (SPMD) component as a
|
||||
new standard service.
|
||||
|
||||
- Support for ARMv8.3 pointer authentication in the normal and secure worlds.
|
||||
The use of pointer authentication in the normal world is enabled whenever
|
||||
architectural support is available, without the need for additional build
|
||||
flags.
|
||||
|
||||
- Position-Independent Executable (PIE) support. Currently for BL2, BL31, and
|
||||
TSP, with further support to be added in a future release.
|
||||
|
||||
Still to come
|
||||
-------------
|
||||
|
||||
- Support for additional platforms.
|
||||
|
||||
- Refinements to Position Independent Executable (PIE) support.
|
||||
|
||||
- Continued support for the FF-A v1.0 (formally known as SPCI) specification, to enable the
|
||||
use of secure partition management in the secure world.
|
||||
|
||||
- Documentation enhancements.
|
||||
|
||||
- Ongoing support for new architectural features, CPUs and System IP.
|
||||
|
||||
- Ongoing support for new Arm system architecture specifications.
|
||||
|
||||
- Ongoing security hardening, optimization and quality improvements.
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
|
||||
.. _NVIDIA Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
|
||||
.. _Trusty Secure OS: https://source.android.com/security/trusty
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|
||||
13
arm-trusted-firmware/docs/about/index.rst
Normal file
13
arm-trusted-firmware/docs/about/index.rst
Normal file
@@ -0,0 +1,13 @@
|
||||
About
|
||||
=====
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
features
|
||||
release-information
|
||||
maintainers
|
||||
contact
|
||||
acknowledgements
|
||||
865
arm-trusted-firmware/docs/about/maintainers.rst
Normal file
865
arm-trusted-firmware/docs/about/maintainers.rst
Normal file
@@ -0,0 +1,865 @@
|
||||
Project Maintenance
|
||||
===================
|
||||
|
||||
Trusted Firmware-A (TF-A) is an open governance community project. All
|
||||
contributions are ultimately merged by the maintainers listed below. Technical
|
||||
ownership of most parts of the codebase falls on the code owners listed
|
||||
below. An acknowledgement from these code owners is required before the
|
||||
maintainers merge a contribution.
|
||||
|
||||
More details may be found in the `Project Maintenance Process`_ document.
|
||||
|
||||
.. |M| replace:: **Mail**
|
||||
.. |G| replace:: **GitHub ID**
|
||||
.. |F| replace:: **Files**
|
||||
|
||||
.. _maintainers:
|
||||
|
||||
Maintainers
|
||||
-----------
|
||||
|
||||
:|M|: Dan Handley <dan.handley@arm.com>
|
||||
:|G|: `danh-arm`_
|
||||
:|M|: Soby Mathew <soby.mathew@arm.com>
|
||||
:|G|: `soby-mathew`_
|
||||
:|M|: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
||||
:|G|: `sandrine-bailleux-arm`_
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Mark Dykes <mark.dykes@arm.com>
|
||||
:|G|: `mardyk01`_
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|M|: Bipin Ravi <bipin.ravi@arm.com>
|
||||
:|G|: `bipinravi-arm`_
|
||||
:|M|: Joanna Farley <joanna.farley@arm.com>
|
||||
:|G|: `joannafarley-arm`_
|
||||
:|M|: Julius Werner <jwerner@chromium.org>
|
||||
:|G|: `jwerner-chromium`_
|
||||
:|M|: Varun Wadekar <vwadekar@nvidia.com>
|
||||
:|G|: `vwadekar`_
|
||||
:|M|: Andre Przywara <andre.przywara@arm.com>
|
||||
:|G|: `Andre-ARM`_
|
||||
:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com>
|
||||
:|G|: `laurenw-arm`_
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|M|: Raghu Krishnamurthy <raghu.ncstate@icloud.com>
|
||||
:|G|: `raghuncstate`_
|
||||
|
||||
|
||||
.. _code owners:
|
||||
|
||||
Code owners
|
||||
-----------
|
||||
|
||||
Common Code
|
||||
~~~~~~~~~~~
|
||||
|
||||
Armv7-A architecture port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Etienne Carriere <etienne.carriere@linaro.org>
|
||||
:|G|: `etienne-lms`_
|
||||
|
||||
Build Definitions for CMake Build System
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com>
|
||||
:|G|: `javieralso-arm`_
|
||||
:|M|: Chris Kay <chris.kay@arm.com>
|
||||
:|G|: `CJKay`_
|
||||
:|F|: /
|
||||
|
||||
Software Delegated Exception Interface (SDEI)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Mark Dykes <mark.dykes@arm.com>
|
||||
:|G|: `mardyk01`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|F|: services/std_svc/sdei/
|
||||
|
||||
Trusted Boot
|
||||
^^^^^^^^^^^^
|
||||
:|M|: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
||||
:|G|: `sandrine-bailleux-arm`_
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
|
||||
:|G|: `ManishVB-Arm`_
|
||||
:|F|: drivers/auth/
|
||||
|
||||
Secure Partition Manager (SPM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Maksims Svecovs <maksims.svecovs@arm.com>
|
||||
:|G|: `max-shvetsov`_
|
||||
:|M|: Joao Alves <Joao.Alves@arm.com>
|
||||
:|G|: `J-Alves`_
|
||||
:|F|: services/std_svc/spm\*
|
||||
|
||||
Exception Handling Framework (EHF)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
|
||||
:|G|: `ManishVB-Arm`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|F|: bl31/ehf.c
|
||||
|
||||
Realm Management Extension (RME)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Bipin Ravi <bipin.ravi@arm.com>
|
||||
:|G|: `bipinravi-arm`_
|
||||
:|M|: Mark Dykes <mark.dykes@arm.com>
|
||||
:|G|: `mardyk01`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
|
||||
Drivers, Libraries and Framework Code
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Console API framework
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Julius Werner <jwerner@chromium.org>
|
||||
:|G|: `jwerner-chromium`_
|
||||
:|F|: drivers/console/
|
||||
:|F|: include/drivers/console.h
|
||||
:|F|: plat/common/aarch64/crash_console_helpers.S
|
||||
|
||||
coreboot support libraries
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Julius Werner <jwerner@chromium.org>
|
||||
:|G|: `jwerner-chromium`_
|
||||
:|F|: drivers/coreboot/
|
||||
:|F|: include/drivers/coreboot/
|
||||
:|F|: include/lib/coreboot.h
|
||||
:|F|: lib/coreboot/
|
||||
|
||||
eMMC/UFS drivers
|
||||
^^^^^^^^^^^^^^^^
|
||||
:|M|: Haojian Zhuang <haojian.zhuang@linaro.org>
|
||||
:|G|: `hzhuang1`_
|
||||
:|F|: drivers/partition/
|
||||
:|F|: drivers/synopsys/emmc/
|
||||
:|F|: drivers/synopsys/ufs/
|
||||
:|F|: drivers/ufs/
|
||||
:|F|: include/drivers/dw_ufs.h
|
||||
:|F|: include/drivers/ufs.h
|
||||
:|F|: include/drivers/synopsys/dw_mmc.h
|
||||
|
||||
JTAG DCC console driver
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:M: Michal Simek <michal.simek@xilinx.com>
|
||||
:G: `michalsimek`_
|
||||
:M: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
|
||||
:G: `venkatesh`_
|
||||
:F: drivers/arm/dcc/
|
||||
:F: include/drivers/arm/dcc.h
|
||||
|
||||
Power State Coordination Interface (PSCI)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com>
|
||||
:|G|: `javieralso-arm`_
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com>
|
||||
:|G|: `laurenw-arm`_
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
:|F|: lib/psci/
|
||||
|
||||
DebugFS
|
||||
^^^^^^^
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|F|: lib/debugfs/
|
||||
|
||||
Firmware Configuration Framework (FCONF)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
|
||||
:|G|: `ManishVB-Arm`_
|
||||
:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com>
|
||||
:|G|: `laurenw-arm`_
|
||||
:|F|: lib/fconf/
|
||||
|
||||
Performance Measurement Framework (PMF)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Joao Alves <Joao.Alves@arm.com>
|
||||
:|G|: `J-Alves`_
|
||||
:|M|: Jimmy Brisson <Jimmy.Brisson@arm.com>
|
||||
:|G|: `theotherjimmy`_
|
||||
:|F|: lib/pmf/
|
||||
|
||||
Arm CPU libraries
|
||||
^^^^^^^^^^^^^^^^^
|
||||
:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com>
|
||||
:|G|: `laurenw-arm`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|F|: lib/cpus/
|
||||
|
||||
Reliability Availability Serviceabilty (RAS) framework
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|F|: lib/extensions/ras/
|
||||
|
||||
Activity Monitors Unit (AMU) extensions
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: Chris Kay <chris.kay@arm.com>
|
||||
:|G|: `CJKay`_
|
||||
:|F|: lib/extensions/amu/
|
||||
|
||||
Memory Partitioning And Monitoring (MPAM) extensions
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
:|M|: Jimmy Brisson <Jimmy.Brisson@arm.com>
|
||||
:|G|: `theotherjimmy`_
|
||||
:|F|: lib/extensions/mpam/
|
||||
|
||||
Pointer Authentication (PAuth) and Branch Target Identification (BTI) extensions
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
:|F|: lib/extensions/pauth/
|
||||
|
||||
Statistical Profiling Extension (SPE)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
:|M|: Jimmy Brisson <Jimmy.Brisson@arm.com>
|
||||
:|G|: `theotherjimmy`_
|
||||
:|F|: lib/extensions/spe/
|
||||
|
||||
Scalable Vector Extension (SVE)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jimmy Brisson <Jimmy.Brisson@arm.com>
|
||||
:|G|: `theotherjimmy`_
|
||||
:|F|: lib/extensions/sve/
|
||||
|
||||
Standard C library
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|F|: lib/libc/
|
||||
|
||||
Library At ROM (ROMlib)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|F|: lib/romlib/
|
||||
|
||||
Translation tables (``xlat_tables``) library
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com>
|
||||
:|G|: `javieralso-arm`_
|
||||
:|M|: Joao Alves <Joao.Alves@arm.com>
|
||||
:|G|: `J-Alves`_
|
||||
:|F|: lib/xlat\_tables_\*/
|
||||
|
||||
IO abstraction layer
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|F|: drivers/io/
|
||||
|
||||
GIC driver
|
||||
^^^^^^^^^^
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|M|: Olivier Deprez <olivier.deprez@arm.com>
|
||||
:|G|: `odeprez`_
|
||||
:|F|: drivers/arm/gic/
|
||||
|
||||
Libfdt wrappers
|
||||
^^^^^^^^^^^^^^^
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
|
||||
:|G|: `ManishVB-Arm`_
|
||||
:|F|: common/fdt_wrappers.c
|
||||
|
||||
Firmware Encryption Framework
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Sumit Garg <sumit.garg@linaro.org>
|
||||
:|G|: `b49020`_
|
||||
:|F|: drivers/io/io_encrypted.c
|
||||
:|F|: include/drivers/io/io_encrypted.h
|
||||
:|F|: include/tools_share/firmware_encrypted.h
|
||||
|
||||
Measured Boot
|
||||
^^^^^^^^^^^^^
|
||||
:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com>
|
||||
:|G|: `AlexeiFedorov`_
|
||||
:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com>
|
||||
:|G|: `javieralso-arm`_
|
||||
:|F|: drivers/measured_boot
|
||||
:|F|: include/drivers/measured_boot
|
||||
:|F|: plat/arm/board/fvp/fvp_measured_boot.c
|
||||
|
||||
System Control and Management Interface (SCMI) Server
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Etienne Carriere <etienne.carriere@st.com>
|
||||
:|G|: `etienne-lms`_
|
||||
:|M|: Peng Fan <peng.fan@nxp.com>
|
||||
:|G|: `MrVan`_
|
||||
:|F|: drivers/scmi-msg
|
||||
:|F|: include/drivers/scmi\*
|
||||
|
||||
Max Power Mitigation Mechanism (MPMM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Chris Kay <chris.kay@arm.com>
|
||||
:|G|: `CJKay`_
|
||||
:|F|: include/lib/mpmm/
|
||||
:|F|: lib/mpmm/
|
||||
|
||||
Granule Protection Tables Library (GPT-RME)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Mark Dykes <mark.dykes@arm.com>
|
||||
:|G|: `mardyk01`_
|
||||
:|M|: John Powell <john.powell@arm.com>
|
||||
:|G|: `john-powell-arm`_
|
||||
:|F|: lib/gpt_rme
|
||||
:|F|: include/lib/gpt_rme
|
||||
|
||||
Platform Ports
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
Allwinner ARMv8 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Andre Przywara <andre.przywara@arm.com>
|
||||
:|G|: `Andre-ARM`_
|
||||
:|M|: Samuel Holland <samuel@sholland.org>
|
||||
:|G|: `smaeul`_
|
||||
:|F|: docs/plat/allwinner.rst
|
||||
:|F|: plat/allwinner/
|
||||
:|F|: drivers/allwinner/
|
||||
|
||||
Amlogic Meson S905 (GXBB) platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Andre Przywara <andre.przywara@arm.com>
|
||||
:|G|: `Andre-ARM`_
|
||||
:|F|: docs/plat/meson-gxbb.rst
|
||||
:|F|: drivers/amlogic/
|
||||
:|F|: plat/amlogic/gxbb/
|
||||
|
||||
Amlogic Meson S905x (GXL) platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Remi Pommarel <repk@triplefau.lt>
|
||||
:|G|: `remi-triplefault`_
|
||||
:|F|: docs/plat/meson-gxl.rst
|
||||
:|F|: plat/amlogic/gxl/
|
||||
|
||||
Amlogic Meson S905X2 (G12A) platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Carlo Caione <ccaione@baylibre.com>
|
||||
:|G|: `carlocaione`_
|
||||
:|F|: docs/plat/meson-g12a.rst
|
||||
:|F|: plat/amlogic/g12a/
|
||||
|
||||
Amlogic Meson A113D (AXG) platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Carlo Caione <ccaione@baylibre.com>
|
||||
:|G|: `carlocaione`_
|
||||
:|F|: docs/plat/meson-axg.rst
|
||||
:|F|: plat/amlogic/axg/
|
||||
|
||||
Arm FPGA platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Andre Przywara <andre.przywara@arm.com>
|
||||
:|G|: `Andre-ARM`_
|
||||
:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com>
|
||||
:|G|: `javieralso-arm`_
|
||||
:|F|: plat/arm/board/arm_fpga
|
||||
|
||||
Arm FVP Platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com>
|
||||
:|G|: `madhukar-Arm`_
|
||||
:|F|: plat/arm/board/fvp
|
||||
|
||||
Arm Juno Platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|M|: Chris Kay <chris.kay@arm.com>
|
||||
:|G|: `CJKay`_
|
||||
:|F|: plat/arm/board/juno
|
||||
|
||||
Arm Morello and N1SDP Platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manoj Kumar <manoj.kumar3@arm.com>
|
||||
:|G|: `manojkumar-arm`_
|
||||
:|M|: Chandni Cherukuri <chandni.cherukuri@arm.com>
|
||||
:|G|: `chandnich`_
|
||||
:|F|: plat/arm/board/morello
|
||||
:|F|: plat/arm/board/n1sdp
|
||||
|
||||
Arm Rich IoT Platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
|
||||
:|G|: `abdellatif-elkhlifi`_
|
||||
:|M|: Vishnu Banavath <vishnu.banavath@arm.com>
|
||||
:|G|: `vishnu-banavath`_
|
||||
:|F|: plat/arm/board/corstone700
|
||||
:|F|: plat/arm/board/a5ds
|
||||
:|F|: plat/arm/board/corstone1000
|
||||
|
||||
Arm Reference Design platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Thomas Abraham <thomas.abraham@arm.com>
|
||||
:|G|: `thomas-arm`_
|
||||
:|M|: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
|
||||
:|G|: `vijayenthiran-arm`_
|
||||
:|F|: plat/arm/css/sgi/
|
||||
:|F|: plat/arm/board/rde1edge/
|
||||
:|F|: plat/arm/board/rdn1edge/
|
||||
:|F|: plat/arm/board/rdn2/
|
||||
:|F|: plat/arm/board/rdv1/
|
||||
:|F|: plat/arm/board/rdv1mc/
|
||||
:|F|: plat/arm/board/sgi575/
|
||||
|
||||
Arm Total Compute platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
|
||||
:|G|: `arugan02`_
|
||||
:|M|: Usama Arif <usama.arif@arm.com>
|
||||
:|G|: `uarif1`_
|
||||
:|F|: plat/arm/board/tc
|
||||
|
||||
HiSilicon HiKey and HiKey960 platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Haojian Zhuang <haojian.zhuang@linaro.org>
|
||||
:|G|: `hzhuang1`_
|
||||
:|F|: docs/plat/hikey.rst
|
||||
:|F|: docs/plat/hikey960.rst
|
||||
:|F|: plat/hisilicon/hikey/
|
||||
:|F|: plat/hisilicon/hikey960/
|
||||
|
||||
HiSilicon Poplar platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Shawn Guo <shawn.guo@linaro.org>
|
||||
:|G|: `shawnguo2`_
|
||||
:|F|: docs/plat/poplar.rst
|
||||
:|F|: plat/hisilicon/poplar/
|
||||
|
||||
Intel SocFPGA platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Tien Hock Loh <tien.hock.loh@intel.com>
|
||||
:|G|: `thloh85-intel`_
|
||||
:|M|: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
|
||||
:|G|: mabdulha
|
||||
:|F|: plat/intel/soc
|
||||
:|F|: drivers/intel/soc/
|
||||
|
||||
MediaTek platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Rex-BC Chen <rex-bc.chen@mediatek.com>
|
||||
:|G|: `mtk-rex-bc-chen`_
|
||||
:|M|: Leon Chen <leon.chen@mediatek.com>
|
||||
:|G|: `leon-chen-mtk`_
|
||||
:|F|: docs/plat/mt\*.rst
|
||||
:|F|: plat/mediatek/
|
||||
|
||||
Marvell platform ports and SoC drivers
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Konstantin Porotchkin <kostap@marvell.com>
|
||||
:|G|: `kostapr`_
|
||||
:|F|: docs/plat/marvell/
|
||||
:|F|: plat/marvell/
|
||||
:|F|: drivers/marvell/
|
||||
:|F|: tools/marvell/
|
||||
|
||||
NVidia platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Varun Wadekar <vwadekar@nvidia.com>
|
||||
:|G|: `vwadekar`_
|
||||
:|F|: docs/plat/nvidia-tegra.rst
|
||||
:|F|: include/lib/cpus/aarch64/denver.h
|
||||
:|F|: lib/cpus/aarch64/denver.S
|
||||
:|F|: plat/nvidia/
|
||||
|
||||
NXP i.MX 7 WaRP7 platform port and SoC drivers
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
|
||||
:|G|: `bryanodonoghue`_
|
||||
:|M|: Jun Nie <jun.nie@linaro.org>
|
||||
:|G|: `niej`_
|
||||
:|F|: docs/plat/warp7.rst
|
||||
:|F|: plat/imx/common/
|
||||
:|F|: plat/imx/imx7/
|
||||
:|F|: drivers/imx/timer/
|
||||
:|F|: drivers/imx/uart/
|
||||
:|F|: drivers/imx/usdhc/
|
||||
|
||||
NXP i.MX 8 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Peng Fan <peng.fan@nxp.com>
|
||||
:|G|: `MrVan`_
|
||||
:|F|: docs/plat/imx8.rst
|
||||
:|F|: plat/imx/
|
||||
|
||||
NXP i.MX8M platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jacky Bai <ping.bai@nxp.com>
|
||||
:|G|: `JackyBai`_
|
||||
:|F|: docs/plat/imx8m.rst
|
||||
:|F|: plat/imx/imx8m/
|
||||
|
||||
NXP QorIQ Layerscape common code for platform ports
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Pankaj Gupta <pankaj.gupta@nxp.com>
|
||||
:|G|: `pangupta`_
|
||||
:|M|: Jiafei Pan <jiafei.pan@nxp.com>
|
||||
:|G|: `JiafeiPan`_
|
||||
:|F|: docs/plat/nxp/
|
||||
:|F|: plat/nxp/
|
||||
:|F|: drivers/nxp/
|
||||
:|F|: tools/nxp/
|
||||
|
||||
NXP SoC Part LX2160A and its platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Pankaj Gupta <pankaj.gupta@nxp.com>
|
||||
:|G|: `pangupta`_
|
||||
:|F|: plat/nxp/soc-lx2160a
|
||||
:|F|: plat/nxp/soc-lx2160a/lx2162aqds
|
||||
:|F|: plat/nxp/soc-lx2160a/lx2160aqds
|
||||
:|F|: plat/nxp/soc-lx2160a/lx2160ardb
|
||||
|
||||
NXP SoC Part LS1028A and its platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jiafei Pan <jiafei.pan@nxp.com>
|
||||
:|G|: `JiafeiPan`_
|
||||
:|F|: plat/nxp/soc-ls1028a
|
||||
:|F|: plat/nxp/soc-ls1028a/ls1028ardb
|
||||
|
||||
NXP SoC Part LS1043A and its platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jiafei Pan <jiafei.pan@nxp.com>
|
||||
:|G|: `JiafeiPan`_
|
||||
:|F|: plat/nxp/soc-ls1043a
|
||||
:|F|: plat/nxp/soc-ls1043a/ls1043ardb
|
||||
|
||||
NXP SoC Part LS1046A and its platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jiafei Pan <jiafei.pan@nxp.com>
|
||||
:|G|: `JiafeiPan`_
|
||||
:|F|: plat/nxp/soc-ls1046a
|
||||
:|F|: plat/nxp/soc-ls1046a/ls1046ardb
|
||||
:|F|: plat/nxp/soc-ls1046a/ls1046afrwy
|
||||
:|F|: plat/nxp/soc-ls1046a/ls1046aqds
|
||||
|
||||
NXP SoC Part LS1088A and its platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jiafei Pan <jiafei.pan@nxp.com>
|
||||
:|G|: `JiafeiPan`_
|
||||
:|F|: plat/nxp/soc-ls1088a
|
||||
:|F|: plat/nxp/soc-ls1088a/ls1088ardb
|
||||
:|F|: plat/nxp/soc-ls1088a/ls1088aqds
|
||||
|
||||
QEMU platform port
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
:|G|: `jenswi-linaro`_
|
||||
:|F|: docs/plat/qemu.rst
|
||||
:|F|: plat/qemu/
|
||||
|
||||
QTI platform port
|
||||
^^^^^^^^^^^^^^^^^
|
||||
:|M|: Saurabh Gorecha <sgorecha@codeaurora.org>
|
||||
:|G|: `sgorecha`_
|
||||
:|M|: Lachit Patel <lpatel@codeaurora.org>
|
||||
:|G|: `lachitp`_
|
||||
:|M|: Sreevyshanavi Kare <skare@codeaurora.org>
|
||||
:|G|: `sreekare`_
|
||||
:|M|: QTI TF Maintainers <qti.trustedfirmware.maintainers@codeaurora.org>
|
||||
:|F|: docs/plat/qti.rst
|
||||
:|F|: plat/qti/
|
||||
|
||||
QTI MSM8916 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Stephan Gerhold <stephan@gerhold.net>
|
||||
:|G|: `stephan-gh`_
|
||||
:|M|: Nikita Travkin <nikita@trvn.ru>
|
||||
:|G|: `TravMurav`_
|
||||
:|F|: docs/plat/qti-msm8916.rst
|
||||
:|F|: plat/qti/msm8916/
|
||||
|
||||
Raspberry Pi 3 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
|
||||
:|G|: `grandpaul`_
|
||||
:|F|: docs/plat/rpi3.rst
|
||||
:|F|: plat/rpi/rpi3/
|
||||
:|F|: plat/rpi/common/
|
||||
:|F|: drivers/rpi3/
|
||||
:|F|: include/drivers/rpi3/
|
||||
|
||||
Raspberry Pi 4 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Andre Przywara <andre.przywara@arm.com>
|
||||
:|G|: `Andre-ARM`_
|
||||
:|F|: docs/plat/rpi4.rst
|
||||
:|F|: plat/rpi/rpi4/
|
||||
:|F|: plat/rpi/common/
|
||||
:|F|: drivers/rpi3/
|
||||
:|F|: include/drivers/rpi3/
|
||||
|
||||
Renesas rcar-gen3 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jorge Ramirez-Ortiz <jramirez@baylibre.com>
|
||||
:|G|: `ldts`_
|
||||
:|M|: Marek Vasut <marek.vasut@gmail.com>
|
||||
:|G|: `marex`_
|
||||
:|F|: docs/plat/rcar-gen3.rst
|
||||
:|F|: plat/renesas/common
|
||||
:|F|: plat/renesas/rcar
|
||||
:|F|: drivers/renesas/common
|
||||
:|F|: drivers/renesas/rcar
|
||||
:|F|: tools/renesas/rcar_layout_create
|
||||
|
||||
Renesas RZ/G2 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Biju Das <biju.das.jz@bp.renesas.com>
|
||||
:|G|: `bijucdas`_
|
||||
:|M|: Marek Vasut <marek.vasut@gmail.com>
|
||||
:|G|: `marex`_
|
||||
:|M|: Lad Prabhakar <prabhakar.mahadev-lad.rj@bp.renesas.com>
|
||||
:|G|: `prabhakarlad`_
|
||||
:|F|: docs/plat/rz-g2.rst
|
||||
:|F|: plat/renesas/common
|
||||
:|F|: plat/renesas/rzg
|
||||
:|F|: drivers/renesas/common
|
||||
:|F|: drivers/renesas/rzg
|
||||
:|F|: tools/renesas/rzg_layout_create
|
||||
|
||||
RockChip platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Tony Xie <tony.xie@rock-chips.com>
|
||||
:|G|: `TonyXie06`_
|
||||
:|G|: `rockchip-linux`_
|
||||
:|M|: Heiko Stuebner <heiko@sntech.de>
|
||||
:|G|: `mmind`_
|
||||
:|M|: Julius Werner <jwerner@chromium.org>
|
||||
:|G|: `jwerner-chromium`_
|
||||
:|F|: plat/rockchip/
|
||||
|
||||
STM32MP1 platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Yann Gautier <yann.gautier@st.com>
|
||||
:|G|: `Yann-lms`_
|
||||
:|F|: docs/plat/stm32mp1.rst
|
||||
:|F|: drivers/st/
|
||||
:|F|: fdts/stm32\*
|
||||
:|F|: include/drivers/st/
|
||||
:|F|: include/dt-bindings/\*/stm32\*
|
||||
:|F|: plat/st/
|
||||
:|F|: tools/stm32image/
|
||||
|
||||
Synquacer platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Sumit Garg <sumit.garg@linaro.org>
|
||||
:|G|: `b49020`_
|
||||
:|F|: docs/plat/synquacer.rst
|
||||
:|F|: plat/socionext/synquacer/
|
||||
|
||||
Texas Instruments platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Nishanth Menon <nm@ti.com>
|
||||
:|G|: `nmenon`_
|
||||
:|F|: docs/plat/ti-k3.rst
|
||||
:|F|: plat/ti/
|
||||
|
||||
UniPhier platform port
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Orphan
|
||||
:|F|: docs/plat/socionext-uniphier.rst
|
||||
:|F|: plat/socionext/uniphier/
|
||||
|
||||
Xilinx platform port
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Michal Simek <michal.simek@xilinx.com>
|
||||
:|G|: `michalsimek`_
|
||||
:|M|: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
|
||||
:|G|: `venkatesh`_
|
||||
:|F|: docs/plat/xilinx-zynqmp.rst
|
||||
:|F|: plat/xilinx/
|
||||
|
||||
|
||||
Secure Payloads and Dispatchers
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
OP-TEE dispatcher
|
||||
^^^^^^^^^^^^^^^^^
|
||||
:|M|: Jens Wiklander <jens.wiklander@linaro.org>
|
||||
:|G|: `jenswi-linaro`_
|
||||
:|F|: docs/components/spd/optee-dispatcher.rst
|
||||
:|F|: services/spd/opteed/
|
||||
|
||||
TLK/Trusty secure payloads
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Varun Wadekar <vwadekar@nvidia.com>
|
||||
:|G|: `vwadekar`_
|
||||
:|F|: docs/components/spd/tlk-dispatcher.rst
|
||||
:|F|: docs/components/spd/trusty-dispatcher.rst
|
||||
:|F|: include/bl32/payloads/tlk.h
|
||||
:|F|: services/spd/tlkd/
|
||||
:|F|: services/spd/trusty/
|
||||
|
||||
Test Secure Payload (TSP)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
|
||||
:|G|: `ManishVB-Arm`_
|
||||
:|F|: bl32/tsp/
|
||||
:|F|: services/spd/tspd/
|
||||
|
||||
Tools
|
||||
~~~~~
|
||||
|
||||
Fiptool
|
||||
^^^^^^^
|
||||
:|M|: Joao Alves <Joao.Alves@arm.com>
|
||||
:|G|: `J-Alves`_
|
||||
:|F|: tools/fiptool/
|
||||
|
||||
Cert_create tool
|
||||
^^^^^^^^^^^^^^^^
|
||||
:|M|: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
||||
:|G|: `sandrine-bailleux-arm`_
|
||||
:|F|: tools/cert_create/
|
||||
|
||||
Encrypt_fw tool
|
||||
^^^^^^^^^^^^^^^
|
||||
:|M|: Sumit Garg <sumit.garg@linaro.org>
|
||||
:|G|: `b49020`_
|
||||
:|F|: tools/encrypt_fw/
|
||||
|
||||
Sptool
|
||||
^^^^^^
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|F|: tools/sptool/
|
||||
|
||||
Build system
|
||||
^^^^^^^^^^^^
|
||||
:|M|: Manish Pandey <manish.pandey2@arm.com>
|
||||
:|G|: `manish-pandey-arm`_
|
||||
:|F|: Makefile
|
||||
:|F|: make_helpers/
|
||||
|
||||
Threat Model
|
||||
~~~~~~~~~~~~~
|
||||
:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com>
|
||||
:|G|: `zelalem-aweke`_
|
||||
:|M|: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
||||
:|G|: `sandrine-bailleux-arm`_
|
||||
:|M|: Joanna Farley <joanna.farley@arm.com>
|
||||
:|G|: `joannafarley-arm`_
|
||||
:|M|: Raghu Krishnamurthy <raghu.ncstate@icloud.com>
|
||||
:|G|: `raghuncstate`_
|
||||
:|M|: Varun Wadekar <vwadekar@nvidia.com>
|
||||
:|G|: `vwadekar`_
|
||||
:|F|: docs/threat_model/
|
||||
|
||||
Conventional Changelog Extensions
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
:|M|: Chris Kay <chris.kay@arm.com>
|
||||
:|G|: `CJKay`_
|
||||
:|F|: tools/conventional-changelog-tf-a
|
||||
|
||||
.. _AlexeiFedorov: https://github.com/AlexeiFedorov
|
||||
.. _Andre-ARM: https://github.com/Andre-ARM
|
||||
.. _Anson-Huang: https://github.com/Anson-Huang
|
||||
.. _bijucdas: https://github.com/bijucdas
|
||||
.. _bryanodonoghue: https://github.com/bryanodonoghue
|
||||
.. _b49020: https://github.com/b49020
|
||||
.. _carlocaione: https://github.com/carlocaione
|
||||
.. _danh-arm: https://github.com/danh-arm
|
||||
.. _etienne-lms: https://github.com/etienne-lms
|
||||
.. _glneo: https://github.com/glneo
|
||||
.. _grandpaul: https://github.com/grandpaul
|
||||
.. _hzhuang1: https://github.com/hzhuang1
|
||||
.. _JackyBai: https://github.com/JackyBai
|
||||
.. _jenswi-linaro: https://github.com/jenswi-linaro
|
||||
.. _jwerner-chromium: https://github.com/jwerner-chromium
|
||||
.. _kostapr: https://github.com/kostapr
|
||||
.. _lachitp: https://github.com/lachitp
|
||||
.. _ldts: https://github.com/ldts
|
||||
.. _marex: https://github.com/marex
|
||||
.. _masahir0y: https://github.com/masahir0y
|
||||
.. _michalsimek: https://github.com/michalsimek
|
||||
.. _mmind: https://github.com/mmind
|
||||
.. _MrVan: https://github.com/MrVan
|
||||
.. _mtk-rex-bc-chen: https://github.com/mtk-rex-bc-chen
|
||||
.. _leon-chen-mtk: https://github.com/leon-chen-mtk
|
||||
.. _niej: https://github.com/niej
|
||||
.. _npoushin: https://github.com/npoushin
|
||||
.. _prabhakarlad: https://github.com/prabhakarlad
|
||||
.. _remi-triplefault: https://github.com/repk
|
||||
.. _rockchip-linux: https://github.com/rockchip-linux
|
||||
.. _sandrine-bailleux-arm: https://github.com/sandrine-bailleux-arm
|
||||
.. _sgorecha: https://github.com/sgorecha
|
||||
.. _shawnguo2: https://github.com/shawnguo2
|
||||
.. _smaeul: https://github.com/smaeul
|
||||
.. _soby-mathew: https://github.com/soby-mathew
|
||||
.. _sreekare: https://github.com/sreekare
|
||||
.. _stephan-gh: https://github.com/stephan-gh
|
||||
.. _thloh85-intel: https://github.com/thloh85-intel
|
||||
.. _thomas-arm: https://github.com/thomas-arm
|
||||
.. _TonyXie06: https://github.com/TonyXie06
|
||||
.. _TravMurav: https://github.com/TravMurav
|
||||
.. _vwadekar: https://github.com/vwadekar
|
||||
.. _venkatesh: https://github.com/vabbarap
|
||||
.. _Yann-lms: https://github.com/Yann-lms
|
||||
.. _manish-pandey-arm: https://github.com/manish-pandey-arm
|
||||
.. _mardyk01: https://github.com/mardyk01
|
||||
.. _odeprez: https://github.com/odeprez
|
||||
.. _bipinravi-arm: https://github.com/bipinravi-arm
|
||||
.. _joannafarley-arm: https://github.com/joannafarley-arm
|
||||
.. _ManishVB-Arm: https://github.com/ManishVB-Arm
|
||||
.. _max-shvetsov: https://github.com/max-shvetsov
|
||||
.. _javieralso-arm: https://github.com/javieralso-arm
|
||||
.. _laurenw-arm: https://github.com/laurenw-arm
|
||||
.. _zelalem-aweke: https://github.com/zelalem-aweke
|
||||
.. _theotherjimmy: https://github.com/theotherjimmy
|
||||
.. _J-Alves: https://github.com/J-Alves
|
||||
.. _madhukar-Arm: https://github.com/madhukar-Arm
|
||||
.. _john-powell-arm: https://github.com/john-powell-arm
|
||||
.. _raghuncstate: https://github.com/raghuncstate
|
||||
.. _CJKay: https://github.com/cjkay
|
||||
.. _nmenon: https://github.com/nmenon
|
||||
.. _manojkumar-arm: https://github.com/manojkumar-arm
|
||||
.. _chandnich: https://github.com/chandnich
|
||||
.. _abdellatif-elkhlifi: https://github.com/abdellatif-elkhlifi
|
||||
.. _vishnu-banavath: https://github.com/vishnu-banavath
|
||||
.. _vijayenthiran-arm: https://github.com/vijayenthiran-arm
|
||||
.. _arugan02: https://github.com/arugan02
|
||||
.. _uarif1: https://github.com/uarif1
|
||||
.. _pangupta: https://github.com/pangupta
|
||||
.. _JiafeiPan: https://github.com/JiafeiPan
|
||||
|
||||
.. _Project Maintenance Process: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
|
||||
71
arm-trusted-firmware/docs/about/release-information.rst
Normal file
71
arm-trusted-firmware/docs/about/release-information.rst
Normal file
@@ -0,0 +1,71 @@
|
||||
Release Processes
|
||||
=================
|
||||
|
||||
Project Release Cadence
|
||||
-----------------------
|
||||
|
||||
The project currently aims to do a release once every 6 months which will be
|
||||
tagged on the master branch. There will be a code freeze (stop merging
|
||||
non-essential changes) up to 4 weeks prior to the target release date. The release
|
||||
candidates will start appearing after this and only bug fixes or updates
|
||||
required for the release will be merged. The maintainers are free to use their
|
||||
judgement on what changes are essential for the release. A release branch may be
|
||||
created after code freeze if there are significant changes that need merging onto
|
||||
the integration branch during the merge window.
|
||||
|
||||
The release testing will be performed on release candidates and depending on
|
||||
issues found, additional release candidates may be created to fix the issues.
|
||||
|
||||
::
|
||||
|
||||
|<----------6 months---------->|
|
||||
|<---4 weeks--->| |<---4 weeks--->|
|
||||
+-----------------------------------------------------------> time
|
||||
| | | |
|
||||
code freeze ver w.x code freeze ver y.z
|
||||
|
||||
|
||||
Upcoming Releases
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
These are the estimated dates for the upcoming release. These may change
|
||||
depending on project requirement and partner feedback.
|
||||
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| Release Version | Target Date | Expected Code Freeze |
|
||||
+=================+===========================+==============================+
|
||||
| v2.0 | 1st week of Oct '18 | 1st week of Sep '18 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.1 | 5th week of Mar '19 | 1st week of Mar '19 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.2 | 4th week of Oct '19 | 1st week of Oct '19 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.3 | 4th week of Apr '20 | 1st week of Apr '20 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.4 | 2nd week of Nov '20 | 4th week of Oct '20 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.5 | 3rd week of May '21 | 5th week of Apr '21 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.6 | 4th week of Nov '21 | 2nd week of Nov '21 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
| v2.7 | 2nd week of May '22 | 4th week of Apr '22 |
|
||||
+-----------------+---------------------------+------------------------------+
|
||||
|
||||
Removal of Deprecated Interfaces
|
||||
--------------------------------
|
||||
|
||||
As mentioned in the :ref:`Platform Compatibility Policy`, this is a live
|
||||
document cataloging all the deprecated interfaces in TF-A project and the
|
||||
Release version after which it will be removed.
|
||||
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
| Interface | Deprecation | Removed | Comments |
|
||||
| | Date | after | |
|
||||
| | | Release | |
|
||||
+================================+=============+=========+=========================================================+
|
||||
| STM32MP_USE_STM32IMAGE macro | Dec '21 | 2.7 | FIP is the recommended boot method for STM32MP |
|
||||
+--------------------------------+-------------+---------+---------------------------------------------------------+
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
4746
arm-trusted-firmware/docs/change-log.md
Normal file
4746
arm-trusted-firmware/docs/change-log.md
Normal file
File diff suppressed because it is too large
Load Diff
34
arm-trusted-firmware/docs/components/activity-monitors.rst
Normal file
34
arm-trusted-firmware/docs/components/activity-monitors.rst
Normal file
@@ -0,0 +1,34 @@
|
||||
Activity Monitors
|
||||
=================
|
||||
|
||||
FEAT_AMUv1 of the Armv8-A architecture introduces the Activity Monitors
|
||||
extension. This extension describes the architecture for the Activity Monitor
|
||||
Unit (|AMU|), an optional non-invasive component for monitoring core events
|
||||
through a set of 64-bit counters.
|
||||
|
||||
When the ``ENABLE_AMU=1`` build option is provided, Trusted Firmware-A sets up
|
||||
the |AMU| prior to its exit from EL3, and will save and restore architected
|
||||
|AMU| counters as necessary upon suspend and resume.
|
||||
|
||||
.. _Activity Monitor Auxiliary Counters:
|
||||
|
||||
Auxiliary counters
|
||||
------------------
|
||||
|
||||
FEAT_AMUv1 describes a set of implementation-defined auxiliary counters (also
|
||||
known as group 1 counters), controlled by the ``ENABLE_AMU_AUXILIARY_COUNTERS``
|
||||
build option.
|
||||
|
||||
As a security precaution, Trusted Firmware-A does not enable these by default.
|
||||
Instead, platforms may configure their auxiliary counters through one of two
|
||||
possible mechanisms:
|
||||
|
||||
- |FCONF|, controlled by the ``ENABLE_AMU_FCONF`` build option.
|
||||
- A platform implementation of the ``plat_amu_topology`` function (the default).
|
||||
|
||||
See :ref:`Activity Monitor Unit (AMU) Bindings` for documentation on the |FCONF|
|
||||
device tree bindings.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
435
arm-trusted-firmware/docs/components/arm-sip-service.rst
Normal file
435
arm-trusted-firmware/docs/components/arm-sip-service.rst
Normal file
@@ -0,0 +1,435 @@
|
||||
Arm SiP Services
|
||||
================
|
||||
|
||||
This document enumerates and describes the Arm SiP (Silicon Provider) services.
|
||||
|
||||
SiP services are non-standard, platform-specific services offered by the silicon
|
||||
implementer or platform provider. They are accessed via ``SMC`` ("SMC calls")
|
||||
instruction executed from Exception Levels below EL3. SMC calls for SiP
|
||||
services:
|
||||
|
||||
- Follow `SMC Calling Convention`_;
|
||||
- Use SMC function IDs that fall in the SiP range, which are ``0xc2000000`` -
|
||||
``0xc200ffff`` for 64-bit calls, and ``0x82000000`` - ``0x8200ffff`` for 32-bit
|
||||
calls.
|
||||
|
||||
The Arm SiP implementation offers the following services:
|
||||
|
||||
- Performance Measurement Framework (PMF)
|
||||
- Execution State Switching service
|
||||
- DebugFS interface
|
||||
|
||||
Source definitions for Arm SiP service are located in the ``arm_sip_svc.h`` header
|
||||
file.
|
||||
|
||||
Performance Measurement Framework (PMF)
|
||||
---------------------------------------
|
||||
|
||||
The :ref:`Performance Measurement Framework <firmware_design_pmf>`
|
||||
allows callers to retrieve timestamps captured at various paths in TF-A
|
||||
execution.
|
||||
|
||||
Execution State Switching service
|
||||
---------------------------------
|
||||
|
||||
Execution State Switching service provides a mechanism for a non-secure lower
|
||||
Exception Level (either EL2, or NS EL1 if EL2 isn't implemented) to request to
|
||||
switch its execution state (a.k.a. Register Width), either from AArch64 to
|
||||
AArch32, or from AArch32 to AArch64, for the calling CPU. This service is only
|
||||
available when Trusted Firmware-A (TF-A) is built for AArch64 (i.e. when build
|
||||
option ``ARCH`` is set to ``aarch64``).
|
||||
|
||||
``ARM_SIP_SVC_EXE_STATE_SWITCH``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t Function ID
|
||||
uint32_t PC hi
|
||||
uint32_t PC lo
|
||||
uint32_t Cookie hi
|
||||
uint32_t Cookie lo
|
||||
|
||||
Return:
|
||||
uint32_t
|
||||
|
||||
The function ID parameter must be ``0x82000020``. It uniquely identifies the
|
||||
Execution State Switching service being requested.
|
||||
|
||||
The parameters *PC hi* and *PC lo* defines upper and lower words, respectively,
|
||||
of the entry point (physical address) at which execution should start, after
|
||||
Execution State has been switched. When calling from AArch64, *PC hi* must be 0.
|
||||
|
||||
When execution starts at the supplied entry point after Execution State has been
|
||||
switched, the parameters *Cookie hi* and *Cookie lo* are passed in CPU registers
|
||||
0 and 1, respectively. When calling from AArch64, *Cookie hi* must be 0.
|
||||
|
||||
This call can only be made on the primary CPU, before any secondaries were
|
||||
brought up with ``CPU_ON`` PSCI call. Otherwise, the call will always fail.
|
||||
|
||||
The effect of switching execution state is as if the Exception Level were
|
||||
entered for the first time, following power on. This means CPU registers that
|
||||
have a defined reset value by the Architecture will assume that value. Other
|
||||
registers should not be expected to hold their values before the call was made.
|
||||
CPU endianness, however, is preserved from the previous execution state. Note
|
||||
that this switches the execution state of the calling CPU only. This is not a
|
||||
substitute for PSCI ``SYSTEM_RESET``.
|
||||
|
||||
The service may return the following error codes:
|
||||
|
||||
- ``STATE_SW_E_PARAM``: If any of the parameters were deemed invalid for
|
||||
a specific request.
|
||||
- ``STATE_SW_E_DENIED``: If the call is not successful, or when TF-A is
|
||||
built for AArch32.
|
||||
|
||||
If the call is successful, the caller wouldn't observe the SMC returning.
|
||||
Instead, execution starts at the supplied entry point, with the CPU registers 0
|
||||
and 1 populated with the supplied *Cookie hi* and *Cookie lo* values,
|
||||
respectively.
|
||||
|
||||
DebugFS interface
|
||||
-----------------
|
||||
|
||||
The optional DebugFS interface is accessed through an SMC SiP service. Refer
|
||||
to the component documentation for details.
|
||||
|
||||
String parameters are passed through a shared buffer using a specific union:
|
||||
|
||||
.. code:: c
|
||||
|
||||
union debugfs_parms {
|
||||
struct {
|
||||
char fname[MAX_PATH_LEN];
|
||||
} open;
|
||||
|
||||
struct mount {
|
||||
char srv[MAX_PATH_LEN];
|
||||
char where[MAX_PATH_LEN];
|
||||
char spec[MAX_PATH_LEN];
|
||||
} mount;
|
||||
|
||||
struct {
|
||||
char path[MAX_PATH_LEN];
|
||||
dir_t dir;
|
||||
} stat;
|
||||
|
||||
struct {
|
||||
char oldpath[MAX_PATH_LEN];
|
||||
char newpath[MAX_PATH_LEN];
|
||||
} bind;
|
||||
};
|
||||
|
||||
Format of the dir_t structure as such:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct {
|
||||
char name[NAMELEN];
|
||||
long length;
|
||||
unsigned char mode;
|
||||
unsigned char index;
|
||||
unsigned char dev;
|
||||
qid_t qid;
|
||||
} dir_t;
|
||||
|
||||
|
||||
* Identifiers
|
||||
|
||||
======================== =============================================
|
||||
SMC_OK 0
|
||||
SMC_UNK -1
|
||||
DEBUGFS_E_INVALID_PARAMS -2
|
||||
======================== =============================================
|
||||
|
||||
======================== =============================================
|
||||
MOUNT 0
|
||||
CREATE 1
|
||||
OPEN 2
|
||||
CLOSE 3
|
||||
READ 4
|
||||
WRITE 5
|
||||
SEEK 6
|
||||
BIND 7
|
||||
STAT 8
|
||||
INIT 10
|
||||
VERSION 11
|
||||
======================== =============================================
|
||||
|
||||
MOUNT
|
||||
~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
This operation mounts a blob of data pointed to by path stored in `src`, at
|
||||
filesystem location pointed to by path stored in `where`, using driver pointed
|
||||
to by path in `spec`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``MOUNT``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if mount operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
OPEN
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
This operation opens the file path pointed to by `fname`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``OPEN``
|
||||
uint32_t mode
|
||||
======== ============================================================
|
||||
|
||||
mode can be one of:
|
||||
|
||||
.. code:: c
|
||||
|
||||
enum mode {
|
||||
O_READ = 1 << 0,
|
||||
O_WRITE = 1 << 1,
|
||||
O_RDWR = 1 << 2,
|
||||
O_BIND = 1 << 3,
|
||||
O_DIR = 1 << 4,
|
||||
O_STAT = 1 << 5
|
||||
};
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if open operation failed
|
||||
|
||||
uint32_t w1: file descriptor id on success.
|
||||
=============== ==========================================================
|
||||
|
||||
CLOSE
|
||||
~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
This operation closes a file described by a file descriptor obtained by a
|
||||
previous call to OPEN.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``CLOSE``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if close operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
READ
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
This operation reads a number of bytes from a file descriptor obtained by
|
||||
a previous call to OPEN.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``READ``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
uint32_t Number of bytes to read
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
On success, the read data is retrieved from the shared buffer after the
|
||||
operation.
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if read operation failed
|
||||
|
||||
uint32_t w1: number of bytes read on success.
|
||||
=============== ==========================================================
|
||||
|
||||
SEEK
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Move file pointer for file described by given `file descriptor` of given
|
||||
`offset` related to `whence`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``SEEK``
|
||||
uint32_t File descriptor id returned by OPEN
|
||||
sint32_t offset in the file relative to whence
|
||||
uint32_t whence
|
||||
======== ============================================================
|
||||
|
||||
whence can be one of:
|
||||
|
||||
========= ============================================================
|
||||
KSEEK_SET 0
|
||||
KSEEK_CUR 1
|
||||
KSEEK_END 2
|
||||
========= ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if seek operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
BIND
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Create a link from `oldpath` to `newpath`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``BIND``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if bind operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
STAT
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
|
||||
Perform a stat operation on provided file `name` and returns the directory
|
||||
entry statistics into `dir`.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``STAT``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ==========================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if stat operation failed
|
||||
=============== ==========================================================
|
||||
|
||||
INIT
|
||||
~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
Initial call to setup the shared exchange buffer. Notice if successful once,
|
||||
subsequent calls fail after a first initialization. The caller maps the same
|
||||
page frame in its virtual space and uses this buffer to exchange string
|
||||
parameters with filesystem primitives.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``INIT``
|
||||
uint64_t Physical address of the shared buffer.
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ======================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == DEBUGFS_E_INVALID_PARAMS if already initialized,
|
||||
or internal error occurred.
|
||||
=============== ======================================================
|
||||
|
||||
VERSION
|
||||
~~~~~~~
|
||||
|
||||
Description
|
||||
^^^^^^^^^^^
|
||||
Returns the debugfs interface version if implemented in TF-A.
|
||||
|
||||
Parameters
|
||||
^^^^^^^^^^
|
||||
|
||||
======== ============================================================
|
||||
uint32_t FunctionID (0x82000030 / 0xC2000030)
|
||||
uint32_t ``VERSION``
|
||||
======== ============================================================
|
||||
|
||||
Return values
|
||||
^^^^^^^^^^^^^
|
||||
|
||||
=============== ======================================================
|
||||
int32_t w0 == SMC_OK on success
|
||||
|
||||
w0 == SMC_UNK if interface is not implemented
|
||||
|
||||
uint32_t w1: On success, debugfs interface version, 32 bits
|
||||
value with major version number in upper 16 bits and
|
||||
minor version in lower 16 bits.
|
||||
=============== ======================================================
|
||||
|
||||
* CREATE(1) and WRITE (5) command identifiers are unimplemented and
|
||||
return `SMC_UNK`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
332
arm-trusted-firmware/docs/components/cot-binding.rst
Normal file
332
arm-trusted-firmware/docs/components/cot-binding.rst
Normal file
@@ -0,0 +1,332 @@
|
||||
Chain of trust bindings
|
||||
=======================
|
||||
|
||||
The device tree allows to describe the chain of trust with the help of
|
||||
'cot' node which contain 'manifests' and 'images' as sub-nodes.
|
||||
'manifests' and 'images' nodes contains number of sub-nodes (i.e. 'certificate'
|
||||
and 'image' nodes) mentioning properties of the certificate and image respectively.
|
||||
|
||||
Also, device tree describes 'non-volatile-counters' node which contains number of
|
||||
sub-nodes mentioning properties of all non-volatile-counters used in the chain of trust.
|
||||
|
||||
cot
|
||||
------------------------------------------------------------------
|
||||
This is root node which contains 'manifests' and 'images' as sub-nodes
|
||||
|
||||
|
||||
Manifests and Certificate node bindings definition
|
||||
----------------------------------------------------------------
|
||||
|
||||
- Manifests node
|
||||
Description: Container of certificate nodes.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, cert-descs"
|
||||
|
||||
- Certificate node
|
||||
Description:
|
||||
|
||||
Describes certificate properties which are used
|
||||
during the authentication process.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- root-certificate
|
||||
Usage:
|
||||
|
||||
Required for the certificate with no parent.
|
||||
In other words, certificates which are validated
|
||||
using root of trust public key.
|
||||
|
||||
Value type: <boolean>
|
||||
|
||||
- image-id
|
||||
Usage: Required for every certificate with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- parent
|
||||
Usage:
|
||||
|
||||
It refers to their parent image, which typically contains
|
||||
information to authenticate the certificate.
|
||||
This property is required for all non-root certificates.
|
||||
|
||||
This property is not required for root-certificates
|
||||
as root-certificates are validated using root of trust
|
||||
public key provided by platform.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- signing-key
|
||||
Usage:
|
||||
|
||||
This property is used to refer public key node present in
|
||||
parent certificate node and it is required property for all
|
||||
non-root certificates which are authenticated using public-key
|
||||
present in parent certificate.
|
||||
|
||||
This property is not required for root-certificates
|
||||
as root-certificates are validated using root of trust
|
||||
public key provided by platform.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- antirollback-counter
|
||||
Usage:
|
||||
|
||||
This property is used by all certificates which are
|
||||
protected against rollback attacks using a non-volatile
|
||||
counter and it is an optional property.
|
||||
|
||||
This property is used to refer one of the non-volatile
|
||||
counter sub-node present in 'non-volatile counters' node.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
|
||||
SUBNODES
|
||||
- Description:
|
||||
|
||||
Hash and public key information present in the certificate
|
||||
are shown by these nodes.
|
||||
|
||||
- public key node
|
||||
Description: Provide public key information in the certificate.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of public key
|
||||
provided in the certificate which the help of which
|
||||
public key information can be extracted.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
- hash node
|
||||
Description: Provide the hash information in the certificate.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of hash provided in
|
||||
the certificate which the help of which hash information
|
||||
can be extracted.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Example:
|
||||
|
||||
.. code:: c
|
||||
|
||||
cot {
|
||||
manifests {
|
||||
compatible = "arm, cert-descs”
|
||||
|
||||
trusted-key-cert: trusted-key-cert {
|
||||
root-certificate;
|
||||
image-id = <TRUSTED_KEY_CERT_ID>;
|
||||
antirollback-counter = <&trusted_nv_counter>;
|
||||
|
||||
trusted-world-pk: trusted-world-pk {
|
||||
oid = TRUSTED_WORLD_PK_OID;
|
||||
};
|
||||
non-trusted-world-pk: non-trusted-world-pk {
|
||||
oid = NON_TRUSTED_WORLD_PK_OID;
|
||||
};
|
||||
};
|
||||
|
||||
scp_fw_key_cert: scp_fw_key_cert {
|
||||
image-id = <SCP_FW_KEY_CERT_ID>;
|
||||
parent = <&trusted-key-cert>;
|
||||
signing-key = <&trusted_world_pk>;
|
||||
antirollback-counter = <&trusted_nv_counter>;
|
||||
|
||||
scp_fw_content_pk: scp_fw_content_pk {
|
||||
oid = SCP_FW_CONTENT_CERT_PK_OID;
|
||||
};
|
||||
};
|
||||
.
|
||||
.
|
||||
.
|
||||
|
||||
next-certificate {
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
Images and Image node bindings definition
|
||||
-----------------------------------------
|
||||
|
||||
- Images node
|
||||
Description: Container of image nodes
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, img-descs"
|
||||
|
||||
- Image node
|
||||
Description:
|
||||
|
||||
Describes image properties which will be used during
|
||||
authentication process.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- image-id
|
||||
Usage: Required for every image with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- parent
|
||||
Usage:
|
||||
|
||||
Required for every image to provide a reference to
|
||||
its parent image, which contains the necessary information
|
||||
to authenticate it.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
- hash
|
||||
Usage:
|
||||
|
||||
Required for all images which are validated using
|
||||
hash method. This property is used to refer hash
|
||||
node present in parent certificate node.
|
||||
|
||||
Value type: <phandle>
|
||||
|
||||
Note:
|
||||
|
||||
Currently, all images are validated using 'hash'
|
||||
method. In future, there may be multiple methods can
|
||||
be used to validate the image.
|
||||
|
||||
Example:
|
||||
|
||||
.. code:: c
|
||||
|
||||
cot {
|
||||
images {
|
||||
compatible = "arm, img-descs";
|
||||
|
||||
scp_bl2_image {
|
||||
image-id = <SCP_BL2_IMAGE_ID>;
|
||||
parent = <&scp_fw_content_cert>;
|
||||
hash = <&scp_fw_hash>;
|
||||
};
|
||||
|
||||
.
|
||||
.
|
||||
.
|
||||
|
||||
next-img {
|
||||
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
non-volatile counter node binding definition
|
||||
--------------------------------------------
|
||||
|
||||
- non-volatile counters node
|
||||
Description: Contains properties for non-volatile counters.
|
||||
|
||||
PROPERTIES
|
||||
|
||||
- compatible:
|
||||
Usage: required
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Definition: must be "arm, non-volatile-counter"
|
||||
|
||||
- #address-cells
|
||||
Usage: required
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
Definition:
|
||||
|
||||
Must be set according to address size
|
||||
of non-volatile counter register
|
||||
|
||||
- #size-cells
|
||||
Usage: required
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
Definition: must be set to 0
|
||||
|
||||
SUBNODE
|
||||
- counters node
|
||||
Description: Contains various non-volatile counters present in the platform.
|
||||
|
||||
PROPERTIES
|
||||
- id
|
||||
Usage: Required for every nv-counter with unique id.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- reg
|
||||
Usage:
|
||||
|
||||
Register base address of non-volatile counter and it is required
|
||||
property.
|
||||
|
||||
Value type: <u32>
|
||||
|
||||
- oid
|
||||
Usage:
|
||||
|
||||
This property provides the Object ID of non-volatile counter
|
||||
provided in the certificate and it is required property.
|
||||
|
||||
Value type: <string>
|
||||
|
||||
Example:
|
||||
Below is non-volatile counters example for ARM platform
|
||||
|
||||
.. code:: c
|
||||
|
||||
non_volatile_counters: non_volatile_counters {
|
||||
compatible = "arm, non-volatile-counter";
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
trusted-nv-counter: trusted_nv_counter {
|
||||
id = <TRUSTED_NV_CTR_ID>;
|
||||
reg = <TFW_NVCTR_BASE>;
|
||||
oid = TRUSTED_FW_NVCOUNTER_OID;
|
||||
};
|
||||
|
||||
non_trusted_nv_counter: non_trusted_nv_counter {
|
||||
id = <NON_TRUSTED_NV_CTR_ID>;
|
||||
reg = <NTFW_CTR_BASE>;
|
||||
oid = NON_TRUSTED_FW_NVCOUNTER_OID;
|
||||
};
|
||||
};
|
||||
|
||||
Future update to chain of trust binding
|
||||
---------------------------------------
|
||||
|
||||
This binding document needs to be revisited to generalise some terminologies
|
||||
which are currently specific to X.509 certificates for e.g. Object IDs.
|
||||
|
||||
*Copyright (c) 2020, Arm Limited. All rights reserved.*
|
||||
125
arm-trusted-firmware/docs/components/debugfs-design.rst
Normal file
125
arm-trusted-firmware/docs/components/debugfs-design.rst
Normal file
@@ -0,0 +1,125 @@
|
||||
========
|
||||
Debug FS
|
||||
========
|
||||
|
||||
.. contents::
|
||||
|
||||
Overview
|
||||
--------
|
||||
|
||||
The *DebugFS* feature is primarily aimed at exposing firmware debug data to
|
||||
higher SW layers such as a non-secure component. Such component can be the
|
||||
TFTF test payload or a Linux kernel module.
|
||||
|
||||
Virtual filesystem
|
||||
------------------
|
||||
|
||||
The core functionality lies in a virtual file system based on a 9p file server
|
||||
interface (`Notes on the Plan 9 Kernel Source`_ and
|
||||
`Linux 9p remote filesystem protocol`_).
|
||||
The implementation permits exposing virtual files, firmware drivers, and file blobs.
|
||||
|
||||
Namespace
|
||||
~~~~~~~~~
|
||||
|
||||
Two namespaces are exposed:
|
||||
|
||||
- # is used as root for drivers (e.g. #t0 is the first uart)
|
||||
- / is used as root for virtual "files" (e.g. /fip, or /dev/uart)
|
||||
|
||||
9p interface
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The associated primitives are:
|
||||
|
||||
- Unix-like:
|
||||
|
||||
- open(): create a file descriptor that acts as a handle to the file passed as
|
||||
an argument.
|
||||
- close(): close the file descriptor created by open().
|
||||
- read(): read from a file to a buffer.
|
||||
- write(): write from a buffer to a file.
|
||||
- seek(): set the file position indicator of a file descriptor either to a
|
||||
relative or an absolute offset.
|
||||
- stat(): get information about a file (type, mode, size, ...).
|
||||
|
||||
.. code:: c
|
||||
|
||||
int open(const char *name, int flags);
|
||||
int close(int fd);
|
||||
int read(int fd, void *buf, int n);
|
||||
int write(int fd, void *buf, int n);
|
||||
int seek(int fd, long off, int whence);
|
||||
int stat(char *path, dir_t *dir);
|
||||
|
||||
- Specific primitives :
|
||||
|
||||
- mount(): create a link between a driver and spec.
|
||||
- create(): create a file in a specific location.
|
||||
- bind(): expose the content of a directory to another directory.
|
||||
|
||||
.. code:: c
|
||||
|
||||
int mount(char *srv, char *mnt, char *spec);
|
||||
int create(const char *name, int flags);
|
||||
int bind(char *path, char *where);
|
||||
|
||||
This interface is embedded into the BL31 run-time payload when selected by build
|
||||
options. The interface multiplexes drivers or emulated "files":
|
||||
|
||||
- Debug data can be partitioned into different virtual files e.g. expose PMF
|
||||
measurements through a file, and internal firmware state counters through
|
||||
another file.
|
||||
- This permits direct access to a firmware driver, mainly for test purposes
|
||||
(e.g. a hardware device that may not be accessible to non-privileged/
|
||||
non-secure layers, or for which no support exists in the NS side).
|
||||
|
||||
SMC interface
|
||||
-------------
|
||||
|
||||
The communication with the 9p layer in BL31 is made through an SMC conduit
|
||||
(`SMC Calling Convention`_), using a specific SiP Function Id. An NS
|
||||
shared buffer is used to pass path string parameters, or e.g. to exchange
|
||||
data on a read operation. Refer to :ref:`ARM SiP Services <arm sip services>`
|
||||
for a description of the SMC interface.
|
||||
|
||||
Security considerations
|
||||
-----------------------
|
||||
|
||||
- Due to the nature of the exposed data, the feature is considered experimental
|
||||
and importantly **shall only be used in debug builds**.
|
||||
- Several primitive imply string manipulations and usage of string formats.
|
||||
- Special care is taken with the shared buffer to avoid TOCTOU attacks.
|
||||
|
||||
Limitations
|
||||
-----------
|
||||
|
||||
- In order to setup the shared buffer, the component consuming the interface
|
||||
needs to allocate a physical page frame and transmit its address.
|
||||
- In order to map the shared buffer, BL31 requires enabling the dynamic xlat
|
||||
table option.
|
||||
- Data exchange is limited by the shared buffer length. A large read operation
|
||||
might be split into multiple read operations of smaller chunks.
|
||||
- On concurrent access, a spinlock is implemented in the BL31 service to protect
|
||||
the internal work buffer, and re-entrancy into the filesystem layers.
|
||||
- Notice, a physical device driver if exposed by the firmware may conflict with
|
||||
the higher level OS if the latter implements its own driver for the same
|
||||
physical device.
|
||||
|
||||
Applications
|
||||
------------
|
||||
|
||||
The SMC interface is accessible from an NS environment, that is:
|
||||
|
||||
- a test payload, bootloader or hypervisor running at NS-EL2
|
||||
- a Linux kernel driver running at NS-EL1
|
||||
- a Linux userspace application through the kernel driver
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _Notes on the Plan 9 Kernel Source: http://lsub.org/who/nemo/9.pdf
|
||||
.. _Linux 9p remote filesystem protocol: https://www.kernel.org/doc/Documentation/filesystems/9p.txt
|
||||
.. _ARM SiP Services: arm-sip-service.rst
|
||||
619
arm-trusted-firmware/docs/components/exception-handling.rst
Normal file
619
arm-trusted-firmware/docs/components/exception-handling.rst
Normal file
@@ -0,0 +1,619 @@
|
||||
Exception Handling Framework
|
||||
============================
|
||||
|
||||
This document describes various aspects of handling exceptions by Runtime
|
||||
Firmware (BL31) that are targeted at EL3, other than SMCs. The |EHF| takes care
|
||||
of the following exceptions when targeted at EL3:
|
||||
|
||||
- Interrupts
|
||||
- Synchronous External Aborts
|
||||
- Asynchronous External Aborts
|
||||
|
||||
|TF-A|'s handling of synchronous ``SMC`` exceptions raised from lower ELs is
|
||||
described in the :ref:`Firmware Design document <handling-an-smc>`. However, the
|
||||
|EHF| changes the semantics of `Interrupt handling`_ and :ref:`synchronous
|
||||
exceptions <Effect on SMC calls>` other than SMCs.
|
||||
|
||||
The |EHF| is selected by setting the build option ``EL3_EXCEPTION_HANDLING`` to
|
||||
``1``, and is only available for AArch64 systems.
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Through various control bits in the ``SCR_EL3`` register, the Arm architecture
|
||||
allows for asynchronous exceptions to be routed to EL3. As described in the
|
||||
:ref:`Interrupt Management Framework` document, depending on the chosen
|
||||
interrupt routing model, TF-A appropriately sets the ``FIQ`` and ``IRQ`` bits of
|
||||
``SCR_EL3`` register to effect this routing. For most use cases, other than for
|
||||
the purpose of facilitating context switch between Normal and Secure worlds,
|
||||
FIQs and IRQs routed to EL3 are not required to be handled in EL3.
|
||||
|
||||
However, the evolving system and standards landscape demands that various
|
||||
exceptions are targeted at and handled in EL3. For instance:
|
||||
|
||||
- Starting with ARMv8.2 architecture extension, many RAS features have been
|
||||
introduced to the Arm architecture. With RAS features implemented, various
|
||||
components of the system may use one of the asynchronous exceptions to signal
|
||||
error conditions to PEs. These error conditions are of critical nature, and
|
||||
it's imperative that corrective or remedial actions are taken at the earliest
|
||||
opportunity. Therefore, a *Firmware-first Handling* approach is generally
|
||||
followed in response to RAS events in the system.
|
||||
|
||||
- The Arm `SDEI specification`_ defines interfaces through which Normal world
|
||||
interacts with the Runtime Firmware in order to request notification of
|
||||
system events. The |SDEI| specification requires that these events are
|
||||
notified even when the Normal world executes with the exceptions masked. This
|
||||
too implies that firmware-first handling is required, where the events are
|
||||
first received by the EL3 firmware, and then dispatched to Normal world
|
||||
through purely software mechanism.
|
||||
|
||||
For |TF-A|, firmware-first handling means that asynchronous exceptions are
|
||||
suitably routed to EL3, and the Runtime Firmware (BL31) is extended to include
|
||||
software components that are capable of handling those exceptions that target
|
||||
EL3. These components—referred to as *dispatchers* [#spd]_ in general—may
|
||||
choose to:
|
||||
|
||||
.. _delegation-use-cases:
|
||||
|
||||
- Receive and handle exceptions entirely in EL3, meaning the exceptions
|
||||
handling terminates in EL3.
|
||||
|
||||
- Receive exceptions, but handle part of the exception in EL3, and delegate the
|
||||
rest of the handling to a dedicated software stack running at lower Secure
|
||||
ELs. In this scheme, the handling spans various secure ELs.
|
||||
|
||||
- Receive exceptions, but handle part of the exception in EL3, and delegate
|
||||
processing of the error to dedicated software stack running at lower secure
|
||||
ELs (as above); additionally, the Normal world may also be required to
|
||||
participate in the handling, or be notified of such events (for example, as
|
||||
an |SDEI| event). In this scheme, exception handling potentially and
|
||||
maximally spans all ELs in both Secure and Normal worlds.
|
||||
|
||||
On any given system, all of the above handling models may be employed
|
||||
independently depending on platform choice and the nature of the exception
|
||||
received.
|
||||
|
||||
.. [#spd] Not to be confused with :ref:`Secure Payload Dispatcher
|
||||
<firmware_design_sel1_spd>`, which is an EL3 component that operates in EL3
|
||||
on behalf of Secure OS.
|
||||
|
||||
The role of Exception Handling Framework
|
||||
----------------------------------------
|
||||
|
||||
Corollary to the use cases cited above, the primary role of the |EHF| is to
|
||||
facilitate firmware-first handling of exceptions on Arm systems. The |EHF| thus
|
||||
enables multiple exception dispatchers in runtime firmware to co-exist, register
|
||||
for, and handle exceptions targeted at EL3. This section outlines the basics,
|
||||
and the rest of this document expands the various aspects of the |EHF|.
|
||||
|
||||
In order to arbitrate exception handling among dispatchers, the |EHF| operation
|
||||
is based on a priority scheme. This priority scheme is closely tied to how the
|
||||
Arm GIC architecture defines it, although it's applied to non-interrupt
|
||||
exceptions too (SErrors, for example).
|
||||
|
||||
The platform is required to `partition`__ the Secure priority space into
|
||||
priority levels as applicable for the Secure software stack. It then assigns the
|
||||
dispatchers to one or more priority levels. The dispatchers then register
|
||||
handlers for the priority levels at runtime. A dispatcher can register handlers
|
||||
for more than one priority level.
|
||||
|
||||
.. __: `Partitioning priority levels`_
|
||||
|
||||
|
||||
.. _ehf-figure:
|
||||
|
||||
.. image:: ../resources/diagrams/draw.io/ehf.svg
|
||||
|
||||
A priority level is *active* when a handler at that priority level is currently
|
||||
executing in EL3, or has delegated the execution to a lower EL. For interrupts,
|
||||
this is implicit when an interrupt is targeted and acknowledged at EL3, and the
|
||||
priority of the acknowledged interrupt is used to match its registered handler.
|
||||
The priority level is likewise implicitly deactivated when the interrupt
|
||||
handling concludes by EOIing the interrupt.
|
||||
|
||||
Non-interrupt exceptions (SErrors, for example) don't have a notion of priority.
|
||||
In order for the priority arbitration to work, the |EHF| provides APIs in order
|
||||
for these non-interrupt exceptions to assume a priority, and to interwork with
|
||||
interrupts. Dispatchers handling such exceptions must therefore explicitly
|
||||
activate and deactivate the respective priority level as and when they're
|
||||
handled or delegated.
|
||||
|
||||
Because priority activation and deactivation for interrupt handling is implicit
|
||||
and involves GIC priority masking, it's impossible for a lower priority
|
||||
interrupt to preempt a higher priority one. By extension, this means that a
|
||||
lower priority dispatcher cannot preempt a higher-priority one. Priority
|
||||
activation and deactivation for non-interrupt exceptions, however, has to be
|
||||
explicit. The |EHF| therefore disallows for lower priority level to be activated
|
||||
whilst a higher priority level is active, and would result in a panic.
|
||||
Likewise, a panic would result if it's attempted to deactivate a lower priority
|
||||
level when a higher priority level is active.
|
||||
|
||||
In essence, priority level activation and deactivation conceptually works like a
|
||||
stack—priority levels stack up in strictly increasing fashion, and need to be
|
||||
unstacked in strictly the reverse order. For interrupts, the GIC ensures this is
|
||||
the case; for non-interrupts, the |EHF| monitors and asserts this. See
|
||||
`Transition of priority levels`_.
|
||||
|
||||
.. _interrupt-handling:
|
||||
|
||||
Interrupt handling
|
||||
------------------
|
||||
|
||||
The |EHF| is a client of *Interrupt Management Framework*, and registers the
|
||||
top-level handler for interrupts that target EL3, as described in the
|
||||
:ref:`Interrupt Management Framework` document. This has the following
|
||||
implications:
|
||||
|
||||
- On GICv3 systems, when executing in S-EL1, pending Non-secure interrupts of
|
||||
sufficient priority are signalled as FIQs, and therefore will be routed to
|
||||
EL3. As a result, S-EL1 software cannot expect to handle Non-secure
|
||||
interrupts at S-EL1. Essentially, this deprecates the routing mode described
|
||||
as :ref:`CSS=0, TEL3=0 <EL3 interrupts>`.
|
||||
|
||||
In order for S-EL1 software to handle Non-secure interrupts while having
|
||||
|EHF| enabled, the dispatcher must adopt a model where Non-secure interrupts
|
||||
are received at EL3, but are then :ref:`synchronously <sp-synchronous-int>`
|
||||
handled over to S-EL1.
|
||||
|
||||
- On GICv2 systems, it's required that the build option ``GICV2_G0_FOR_EL3`` is
|
||||
set to ``1`` so that *Group 0* interrupts target EL3.
|
||||
|
||||
- While executing in Secure world, |EHF| sets GIC Priority Mask Register to the
|
||||
lowest Secure priority. This means that no Non-secure interrupts can preempt
|
||||
Secure execution. See `Effect on SMC calls`_ for more details.
|
||||
|
||||
As mentioned above, with |EHF|, the platform is required to partition *Group 0*
|
||||
interrupts into distinct priority levels. A dispatcher that chooses to receive
|
||||
interrupts can then *own* one or more priority levels, and register interrupt
|
||||
handlers for them. A given priority level can be assigned to only one handler. A
|
||||
dispatcher may register more than one priority level.
|
||||
|
||||
Dispatchers are assigned interrupt priority levels in two steps:
|
||||
|
||||
.. _Partitioning priority levels:
|
||||
|
||||
Partitioning priority levels
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Interrupts are associated to dispatchers by way of grouping and assigning
|
||||
interrupts to a priority level. In other words, all interrupts that are to
|
||||
target a particular dispatcher should fall in a particular priority level. For
|
||||
priority assignment:
|
||||
|
||||
- Of the 8 bits of priority that Arm GIC architecture permits, bit 7 must be 0
|
||||
(secure space).
|
||||
|
||||
- Depending on the number of dispatchers to support, the platform must choose
|
||||
to use the top *n* of the 7 remaining bits to identify and assign interrupts
|
||||
to individual dispatchers. Choosing *n* bits supports up to 2\ :sup:`n`
|
||||
distinct dispatchers. For example, by choosing 2 additional bits (i.e., bits
|
||||
6 and 5), the platform can partition into 4 secure priority ranges: ``0x0``,
|
||||
``0x20``, ``0x40``, and ``0x60``. See `Interrupt handling example`_.
|
||||
|
||||
.. note::
|
||||
|
||||
The Arm GIC architecture requires that a GIC implementation that supports two
|
||||
security states must implement at least 32 priority levels; i.e., at least 5
|
||||
upper bits of the 8 bits are writeable. In the scheme described above, when
|
||||
choosing *n* bits for priority range assignment, the platform must ensure
|
||||
that at least ``n+1`` top bits of GIC priority are writeable.
|
||||
|
||||
The priority thus assigned to an interrupt is also used to determine the
|
||||
priority of delegated execution in lower ELs. Delegated execution in lower EL is
|
||||
associated with a priority level chosen with ``ehf_activate_priority()`` API
|
||||
(described `later`__). The chosen priority level also determines the interrupts
|
||||
masked while executing in a lower EL, therefore controls preemption of delegated
|
||||
execution.
|
||||
|
||||
.. __: `ehf-apis`_
|
||||
|
||||
The platform expresses the chosen priority levels by declaring an array of
|
||||
priority level descriptors. Each entry in the array is of type
|
||||
``ehf_pri_desc_t``, and declares a priority level, and shall be populated by the
|
||||
``EHF_PRI_DESC()`` macro.
|
||||
|
||||
.. warning::
|
||||
|
||||
The macro ``EHF_PRI_DESC()`` installs the descriptors in the array at a
|
||||
computed index, and not necessarily where the macro is placed in the array.
|
||||
The size of the array might therefore be larger than what it appears to be.
|
||||
The ``ARRAY_SIZE()`` macro therefore should be used to determine the size of
|
||||
array.
|
||||
|
||||
Finally, this array of descriptors is exposed to |EHF| via the
|
||||
``EHF_REGISTER_PRIORITIES()`` macro.
|
||||
|
||||
Refer to the `Interrupt handling example`_ for usage. See also: `Interrupt
|
||||
Prioritisation Considerations`_.
|
||||
|
||||
Programming priority
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The text in `Partitioning priority levels`_ only describes how the platform
|
||||
expresses the required levels of priority. It however doesn't choose interrupts
|
||||
nor program the required priority in GIC.
|
||||
|
||||
The :ref:`Firmware Design guide<configuring-secure-interrupts>` explains methods
|
||||
for configuring secure interrupts. |EHF| requires the platform to enumerate
|
||||
interrupt properties (as opposed to just numbers) of Secure interrupts. The
|
||||
priority of secure interrupts must match that as determined in the
|
||||
`Partitioning priority levels`_ section above.
|
||||
|
||||
See `Limitations`_, and also refer to `Interrupt handling example`_ for
|
||||
illustration.
|
||||
|
||||
Registering handler
|
||||
-------------------
|
||||
|
||||
Dispatchers register handlers for their priority levels through the following
|
||||
API:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int ehf_register_priority_handler(int pri, ehf_handler_t handler)
|
||||
|
||||
The API takes two arguments:
|
||||
|
||||
- The priority level for which the handler is being registered;
|
||||
|
||||
- The handler to be registered. The handler must be aligned to 4 bytes.
|
||||
|
||||
If a dispatcher owns more than one priority levels, it has to call the API for
|
||||
each of them.
|
||||
|
||||
The API will succeed, and return ``0``, only if:
|
||||
|
||||
- There exists a descriptor with the priority level requested.
|
||||
|
||||
- There are no handlers already registered by a previous call to the API.
|
||||
|
||||
Otherwise, the API returns ``-1``.
|
||||
|
||||
The interrupt handler should have the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*ehf_handler_t)(uint32_t intr_raw, uint32_t flags, void *handle,
|
||||
void *cookie);
|
||||
|
||||
The parameters are as obtained from the top-level :ref:`EL3 interrupt handler
|
||||
<el3-runtime-firmware>`.
|
||||
|
||||
The :ref:`SDEI dispatcher<SDEI: Software Delegated Exception Interface>`, for
|
||||
example, expects the platform to allocate two different priority levels—
|
||||
``PLAT_SDEI_CRITICAL_PRI``, and ``PLAT_SDEI_NORMAL_PRI`` —and registers the
|
||||
same handler to handle both levels.
|
||||
|
||||
Interrupt handling example
|
||||
--------------------------
|
||||
|
||||
The following annotated snippet demonstrates how a platform might choose to
|
||||
assign interrupts to fictitious dispatchers:
|
||||
|
||||
.. code:: c
|
||||
|
||||
#include <common/interrupt_props.h>
|
||||
#include <drivers/arm/gic_common.h>
|
||||
#include <exception_mgmt.h>
|
||||
|
||||
...
|
||||
|
||||
/*
|
||||
* This platform uses 2 bits for interrupt association. In total, 3 upper
|
||||
* bits are in use.
|
||||
*
|
||||
* 7 6 5 3 0
|
||||
* .-.-.-.----------.
|
||||
* |0|b|b| ..0.. |
|
||||
* '-'-'-'----------'
|
||||
*/
|
||||
#define PLAT_PRI_BITS 2
|
||||
|
||||
/* Priorities for individual dispatchers */
|
||||
#define DISP0_PRIO 0x00 /* Not used */
|
||||
#define DISP1_PRIO 0x20
|
||||
#define DISP2_PRIO 0x40
|
||||
#define DISP3_PRIO 0x60
|
||||
|
||||
/* Install priority level descriptors for each dispatcher */
|
||||
ehf_pri_desc_t plat_exceptions[] = {
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP1_PRIO),
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP2_PRIO),
|
||||
EHF_PRI_DESC(PLAT_PRI_BITS, DISP3_PRIO),
|
||||
};
|
||||
|
||||
/* Expose priority descriptors to Exception Handling Framework */
|
||||
EHF_REGISTER_PRIORITIES(plat_exceptions, ARRAY_SIZE(plat_exceptions),
|
||||
PLAT_PRI_BITS);
|
||||
|
||||
...
|
||||
|
||||
/* List interrupt properties for GIC driver. All interrupts target EL3 */
|
||||
const interrupt_prop_t plat_interrupts[] = {
|
||||
/* Dispatcher 1 owns interrupts d1_0 and d1_1, so assigns priority DISP1_PRIO */
|
||||
INTR_PROP_DESC(d1_0, DISP1_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d1_1, DISP1_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
|
||||
/* Dispatcher 2 owns interrupts d2_0 and d2_1, so assigns priority DISP2_PRIO */
|
||||
INTR_PROP_DESC(d2_0, DISP2_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d2_1, DISP2_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
|
||||
/* Dispatcher 3 owns interrupts d3_0 and d3_1, so assigns priority DISP3_PRIO */
|
||||
INTR_PROP_DESC(d3_0, DISP3_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
INTR_PROP_DESC(d3_1, DISP3_PRIO, INTR_TYPE_EL3, GIC_INTR_CFG_LEVEL),
|
||||
};
|
||||
|
||||
...
|
||||
|
||||
/* Dispatcher 1 registers its handler */
|
||||
ehf_register_priority_handler(DISP1_PRIO, disp1_handler);
|
||||
|
||||
/* Dispatcher 2 registers its handler */
|
||||
ehf_register_priority_handler(DISP2_PRIO, disp2_handler);
|
||||
|
||||
/* Dispatcher 3 registers its handler */
|
||||
ehf_register_priority_handler(DISP3_PRIO, disp3_handler);
|
||||
|
||||
...
|
||||
|
||||
See also the `Build-time flow`_ and the `Run-time flow`_.
|
||||
|
||||
.. _Activating and Deactivating priorities:
|
||||
|
||||
Activating and Deactivating priorities
|
||||
--------------------------------------
|
||||
|
||||
A priority level is said to be *active* when an exception of that priority is
|
||||
being handled: for interrupts, this is implied when the interrupt is
|
||||
acknowledged; for non-interrupt exceptions, such as SErrors or :ref:`SDEI
|
||||
explicit dispatches <explicit-dispatch-of-events>`, this has to be done via
|
||||
calling ``ehf_activate_priority()``. See `Run-time flow`_.
|
||||
|
||||
Conversely, when the dispatcher has reached a logical resolution for the cause
|
||||
of the exception, the corresponding priority level ought to be deactivated. As
|
||||
above, for interrupts, this is implied when the interrupt is EOId in the GIC;
|
||||
for other exceptions, this has to be done via calling
|
||||
``ehf_deactivate_priority()``.
|
||||
|
||||
Thanks to `different provisions`__ for exception delegation, there are
|
||||
potentially more than one work flow for deactivation:
|
||||
|
||||
.. __: `delegation-use-cases`_
|
||||
|
||||
.. _deactivation workflows:
|
||||
|
||||
- The dispatcher has addressed the cause of the exception, and decided to take
|
||||
no further action. In this case, the dispatcher's handler deactivates the
|
||||
priority level before returning to the |EHF|. Runtime firmware, upon exit
|
||||
through an ``ERET``, resumes execution before the interrupt occurred.
|
||||
|
||||
- The dispatcher has to delegate the execution to lower ELs, and the cause of
|
||||
the exception can be considered resolved only when the lower EL returns
|
||||
signals complete (via an ``SMC``) at a future point in time. The following
|
||||
sequence ensues:
|
||||
|
||||
#. The dispatcher calls ``setjmp()`` to setup a jump point, and arranges to
|
||||
enter a lower EL upon the next ``ERET``.
|
||||
|
||||
#. Through the ensuing ``ERET`` from runtime firmware, execution is delegated
|
||||
to a lower EL.
|
||||
|
||||
#. The lower EL completes its execution, and signals completion via an
|
||||
``SMC``.
|
||||
|
||||
#. The ``SMC`` is handled by the same dispatcher that handled the exception
|
||||
previously. Noticing the conclusion of exception handling, the dispatcher
|
||||
does ``longjmp()`` to resume beyond the previous jump point.
|
||||
|
||||
As mentioned above, the |EHF| provides the following APIs for activating and
|
||||
deactivating interrupt:
|
||||
|
||||
.. _ehf-apis:
|
||||
|
||||
- ``ehf_activate_priority()`` activates the supplied priority level, but only
|
||||
if the current active priority is higher than the given one; otherwise
|
||||
panics. Also, to prevent interruption by physical interrupts of lower
|
||||
priority, the |EHF| programs the *Priority Mask Register* corresponding to
|
||||
the PE to the priority being activated. Dispatchers typically only need to
|
||||
call this when handling exceptions other than interrupts, and it needs to
|
||||
delegate execution to a lower EL at a desired priority level.
|
||||
|
||||
- ``ehf_deactivate_priority()`` deactivates a given priority, but only if the
|
||||
current active priority is equal to the given one; otherwise panics. |EHF|
|
||||
also restores the *Priority Mask Register* corresponding to the PE to the
|
||||
priority before the call to ``ehf_activate_priority()``. Dispatchers
|
||||
typically only need to call this after handling exceptions other than
|
||||
interrupts.
|
||||
|
||||
The calling of APIs are subject to allowed `transitions`__. See also the
|
||||
`Run-time flow`_.
|
||||
|
||||
.. __: `Transition of priority levels`_
|
||||
|
||||
Transition of priority levels
|
||||
-----------------------------
|
||||
|
||||
The |EHF| APIs ``ehf_activate_priority()`` and ``ehf_deactivate_priority()`` can
|
||||
be called to transition the current priority level on a PE. A given sequence of
|
||||
calls to these APIs are subject to the following conditions:
|
||||
|
||||
- For activation, the |EHF| only allows for the priority to increase (i.e.
|
||||
numeric value decreases);
|
||||
|
||||
- For deactivation, the |EHF| only allows for the priority to decrease (i.e.
|
||||
numeric value increases). Additionally, the priority being deactivated is
|
||||
required to be the current priority.
|
||||
|
||||
If these are violated, a panic will result.
|
||||
|
||||
.. _Effect on SMC calls:
|
||||
|
||||
Effect on SMC calls
|
||||
-------------------
|
||||
|
||||
In general, Secure execution is regarded as more important than Non-secure
|
||||
execution. As discussed elsewhere in this document, EL3 execution, and any
|
||||
delegated execution thereafter, has the effect of raising GIC's priority
|
||||
mask—either implicitly by acknowledging Secure interrupts, or when dispatchers
|
||||
call ``ehf_activate_priority()``. As a result, Non-secure interrupts cannot
|
||||
preempt any Secure execution.
|
||||
|
||||
SMCs from Non-secure world are synchronous exceptions, and are mechanisms for
|
||||
Non-secure world to request Secure services. They're broadly classified as
|
||||
*Fast* or *Yielding* (see `SMCCC`__).
|
||||
|
||||
.. __: https://developer.arm.com/docs/den0028/latest
|
||||
|
||||
- *Fast* SMCs are atomic from the caller's point of view. I.e., they return
|
||||
to the caller only when the Secure world has finished serving the request.
|
||||
Any Non-secure interrupts that become pending meanwhile cannot preempt Secure
|
||||
execution.
|
||||
|
||||
- *Yielding* SMCs carry the semantics of a preemptible, lower-priority request.
|
||||
A pending Non-secure interrupt can preempt Secure execution handling a
|
||||
Yielding SMC. I.e., the caller might observe a Yielding SMC returning when
|
||||
either:
|
||||
|
||||
#. Secure world completes the request, and the caller would find ``SMC_OK``
|
||||
as the return code.
|
||||
|
||||
#. A Non-secure interrupt preempts Secure execution. Non-secure interrupt is
|
||||
handled, and Non-secure execution resumes after ``SMC`` instruction.
|
||||
|
||||
The dispatcher handling a Yielding SMC must provide a different return code
|
||||
to the Non-secure caller to distinguish the latter case. This return code,
|
||||
however, is not standardised (unlike ``SMC_UNKNOWN`` or ``SMC_OK``, for
|
||||
example), so will vary across dispatchers that handle the request.
|
||||
|
||||
For the latter case above, dispatchers before |EHF| expect Non-secure interrupts
|
||||
to be taken to S-EL1 [#irq]_, so would get a chance to populate the designated
|
||||
preempted error code before yielding to Non-secure world.
|
||||
|
||||
The introduction of |EHF| changes the behaviour as described in `Interrupt
|
||||
handling`_.
|
||||
|
||||
When |EHF| is enabled, in order to allow Non-secure interrupts to preempt
|
||||
Yielding SMC handling, the dispatcher must call ``ehf_allow_ns_preemption()``
|
||||
API. The API takes one argument, the error code to be returned to the Non-secure
|
||||
world upon getting preempted.
|
||||
|
||||
.. [#irq] In case of GICv2, Non-secure interrupts while in S-EL1 were signalled
|
||||
as IRQs, and in case of GICv3, FIQs.
|
||||
|
||||
Build-time flow
|
||||
---------------
|
||||
|
||||
Please refer to the `figure`__ above.
|
||||
|
||||
.. __: `ehf-figure`_
|
||||
|
||||
The build-time flow involves the following steps:
|
||||
|
||||
#. Platform assigns priorities by installing priority level descriptors for
|
||||
individual dispatchers, as described in `Partitioning priority levels`_.
|
||||
|
||||
#. Platform provides interrupt properties to GIC driver, as described in
|
||||
`Programming priority`_.
|
||||
|
||||
#. Dispatcher calling ``ehf_register_priority_handler()`` to register an
|
||||
interrupt handler.
|
||||
|
||||
Also refer to the `Interrupt handling example`_.
|
||||
|
||||
Run-time flow
|
||||
-------------
|
||||
|
||||
.. _interrupt-flow:
|
||||
|
||||
The following is an example flow for interrupts:
|
||||
|
||||
#. The GIC driver, during initialization, iterates through the platform-supplied
|
||||
interrupt properties (see `Programming priority`_), and configures the
|
||||
interrupts. This programs the appropriate priority and group (Group 0) on
|
||||
interrupts belonging to different dispatchers.
|
||||
|
||||
#. The |EHF|, during its initialisation, registers a top-level interrupt handler
|
||||
with the :ref:`Interrupt Management Framework<el3-runtime-firmware>` for EL3
|
||||
interrupts. This also results in setting the routing bits in ``SCR_EL3``.
|
||||
|
||||
#. When an interrupt belonging to a dispatcher fires, GIC raises an EL3/Group 0
|
||||
interrupt, and is taken to EL3.
|
||||
|
||||
#. The top-level EL3 interrupt handler executes. The handler acknowledges the
|
||||
interrupt, reads its *Running Priority*, and from that, determines the
|
||||
dispatcher handler.
|
||||
|
||||
#. The |EHF| programs the *Priority Mask Register* of the PE to the priority of
|
||||
the interrupt received.
|
||||
|
||||
#. The |EHF| marks that priority level *active*, and jumps to the dispatcher
|
||||
handler.
|
||||
|
||||
#. Once the dispatcher handler finishes its job, it has to immediately
|
||||
*deactivate* the priority level before returning to the |EHF|. See
|
||||
`deactivation workflows`_.
|
||||
|
||||
.. _non-interrupt-flow:
|
||||
|
||||
The following is an example flow for exceptions that targets EL3 other than
|
||||
interrupt:
|
||||
|
||||
#. The platform provides handlers for the specific kind of exception.
|
||||
|
||||
#. The exception arrives, and the corresponding handler is executed.
|
||||
|
||||
#. The handler calls ``ehf_activate_priority()`` to activate the required
|
||||
priority level. This also has the effect of raising GIC priority mask, thus
|
||||
preventing interrupts of lower priority from preempting the handling. The
|
||||
handler may choose to do the handling entirely in EL3 or delegate to a lower
|
||||
EL.
|
||||
|
||||
#. Once exception handling concludes, the handler calls
|
||||
``ehf_deactivate_priority()`` to deactivate the priority level activated
|
||||
earlier. This also has the effect of lowering GIC priority mask to what it
|
||||
was before.
|
||||
|
||||
Interrupt Prioritisation Considerations
|
||||
---------------------------------------
|
||||
|
||||
The GIC priority scheme, by design, prioritises Secure interrupts over Normal
|
||||
world ones. The platform further assigns relative priorities amongst Secure
|
||||
dispatchers through |EHF|.
|
||||
|
||||
As mentioned in `Partitioning priority levels`_, interrupts targeting distinct
|
||||
dispatchers fall in distinct priority levels. Because they're routed via the
|
||||
GIC, interrupt delivery to the PE is subject to GIC prioritisation rules. In
|
||||
particular, when an interrupt is being handled by the PE (i.e., the interrupt is
|
||||
in *Active* state), only interrupts of higher priority are signalled to the PE,
|
||||
even if interrupts of same or lower priority are pending. This has the side
|
||||
effect of one dispatcher being starved of interrupts by virtue of another
|
||||
dispatcher handling its (higher priority) interrupts.
|
||||
|
||||
The |EHF| doesn't enforce a particular prioritisation policy, but the platform
|
||||
should carefully consider the assignment of priorities to dispatchers integrated
|
||||
into runtime firmware. The platform should sensibly delineate priority to
|
||||
various dispatchers according to their nature. In particular, dispatchers of
|
||||
critical nature (RAS, for example) should be assigned higher priority than
|
||||
others (|SDEI|, for example); and within |SDEI|, Critical priority
|
||||
|SDEI| should be assigned higher priority than Normal ones.
|
||||
|
||||
Limitations
|
||||
-----------
|
||||
|
||||
The |EHF| has the following limitations:
|
||||
|
||||
- Although there could be up to 128 Secure dispatchers supported by the GIC
|
||||
priority scheme, the size of descriptor array exposed with
|
||||
``EHF_REGISTER_PRIORITIES()`` macro is currently limited to 32. This serves most
|
||||
expected use cases. This may be expanded in the future, should use cases
|
||||
demand so.
|
||||
|
||||
- The platform must ensure that the priority assigned to the dispatcher in the
|
||||
exception descriptor and the programmed priority of interrupts handled by the
|
||||
dispatcher match. The |EHF| cannot verify that this has been followed.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SDEI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
142
arm-trusted-firmware/docs/components/fconf/amu-bindings.rst
Normal file
142
arm-trusted-firmware/docs/components/fconf/amu-bindings.rst
Normal file
@@ -0,0 +1,142 @@
|
||||
Activity Monitor Unit (AMU) Bindings
|
||||
====================================
|
||||
|
||||
To support platform-defined Activity Monitor Unit (|AMU|) auxiliary counters
|
||||
through FCONF, the ``HW_CONFIG`` device tree accepts several |AMU|-specific
|
||||
nodes and properties.
|
||||
|
||||
Bindings
|
||||
^^^^^^^^
|
||||
|
||||
.. contents::
|
||||
:local:
|
||||
|
||||
``/cpus/cpus/cpu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
The ``cpu`` node has been augmented to support a handle to an associated |AMU|
|
||||
view, which should describe the counters offered by the core.
|
||||
|
||||
+---------------+-------+---------------+-------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===============+=======+===============+=====================================+
|
||||
| ``amu`` | O | ``<phandle>`` | If present, indicates that an |AMU| |
|
||||
| | | | is available and its counters are |
|
||||
| | | | described by the node provided. |
|
||||
+---------------+-------+---------------+-------------------------------------+
|
||||
|
||||
``/cpus/amus`` node properties
|
||||
""""""""""""""""""""""""""""""
|
||||
|
||||
The ``amus`` node describes the |AMUs| implemented by the cores in the system.
|
||||
This node does not have any properties.
|
||||
|
||||
``/cpus/amus/amu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
An ``amu`` node describes the layout and meaning of the auxiliary counter
|
||||
registers of one or more |AMUs|, and may be shared by multiple cores.
|
||||
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+====================+=======+============+====================================+
|
||||
| ``#address-cells`` | R | ``<u32>`` | Value shall be 1. Specifies that |
|
||||
| | | | the ``reg`` property array of |
|
||||
| | | | children of this node uses a |
|
||||
| | | | single cell. |
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
| ``#size-cells`` | R | ``<u32>`` | Value shall be 0. Specifies that |
|
||||
| | | | no size is required in the ``reg`` |
|
||||
| | | | property in children of this node. |
|
||||
+--------------------+-------+------------+------------------------------------+
|
||||
|
||||
``/cpus/amus/amu*/counter*`` node properties
|
||||
""""""""""""""""""""""""""""""""""""""""""""
|
||||
|
||||
A ``counter`` node describes an auxiliary counter belonging to the parent |AMU|
|
||||
view.
|
||||
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===================+=======+=============+====================================+
|
||||
| ``reg`` | R | array | Represents the counter register |
|
||||
| | | | index, and must be a single cell. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| ``enable-at-el3`` | O | ``<empty>`` | The presence of this property |
|
||||
| | | | indicates that this counter should |
|
||||
| | | | be enabled prior to EL3 exit. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
|
||||
Example
|
||||
^^^^^^^
|
||||
|
||||
An example system offering four cores made up of two clusters, where the cores
|
||||
of each cluster share different |AMUs|, may use something like the following:
|
||||
|
||||
.. code-block::
|
||||
|
||||
cpus {
|
||||
#address-cells = <2>;
|
||||
#size-cells = <0>;
|
||||
|
||||
amus {
|
||||
amu0: amu-0 {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
counterX: counter@0 {
|
||||
reg = <0>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
|
||||
counterY: counter@1 {
|
||||
reg = <1>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
};
|
||||
|
||||
amu1: amu-1 {
|
||||
#address-cells = <1>;
|
||||
#size-cells = <0>;
|
||||
|
||||
counterZ: counter@0 {
|
||||
reg = <0>;
|
||||
|
||||
enable-at-el3;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
cpu0@00000 {
|
||||
...
|
||||
|
||||
amu = <&amu0>;
|
||||
};
|
||||
|
||||
cpu1@00100 {
|
||||
...
|
||||
|
||||
amu = <&amu0>;
|
||||
};
|
||||
|
||||
cpu2@10000 {
|
||||
...
|
||||
|
||||
amu = <&amu1>;
|
||||
};
|
||||
|
||||
cpu3@10100 {
|
||||
...
|
||||
|
||||
amu = <&amu1>;
|
||||
};
|
||||
}
|
||||
|
||||
In this situation, ``cpu0`` and ``cpu1`` (the two cores in the first cluster),
|
||||
share the view of their AMUs defined by ``amu0``. Likewise, ``cpu2`` and
|
||||
``cpu3`` (the two cores in the second cluster), share the view of their |AMUs|
|
||||
defined by ``amu1``. This will cause ``counterX`` and ``counterY`` to be enabled
|
||||
for both ``cpu0`` and ``cpu1``, and ``counterZ`` to be enabled for both ``cpu2``
|
||||
and ``cpu3``.
|
||||
@@ -0,0 +1,32 @@
|
||||
DTB binding for FCONF properties
|
||||
================================
|
||||
|
||||
This document describes the device tree format of |FCONF| properties. These
|
||||
properties are not related to a specific platform and can be queried from
|
||||
common code.
|
||||
|
||||
Dynamic configuration
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The |FCONF| framework expects a *dtb-registry* node with the following field:
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "fconf,dyn_cfg-dtb_registry".
|
||||
|
||||
Then a list of subnodes representing a configuration |DTB|, which can be used
|
||||
by |FCONF|. Each subnode should be named according to the information it
|
||||
contains, and must be formed with the following fields:
|
||||
|
||||
- load-address [mandatory]
|
||||
- value type: <u64>
|
||||
- Physical loading base address of the configuration.
|
||||
|
||||
- max-size [mandatory]
|
||||
- value type: <u32>
|
||||
- Maximum size of the configuration.
|
||||
|
||||
- id [mandatory]
|
||||
- value type: <u32>
|
||||
- Image ID of the configuration.
|
||||
|
||||
149
arm-trusted-firmware/docs/components/fconf/index.rst
Normal file
149
arm-trusted-firmware/docs/components/fconf/index.rst
Normal file
@@ -0,0 +1,149 @@
|
||||
Firmware Configuration Framework
|
||||
================================
|
||||
|
||||
This document provides an overview of the |FCONF| framework.
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The Firmware CONfiguration Framework (|FCONF|) is an abstraction layer for
|
||||
platform specific data, allowing a "property" to be queried and a value
|
||||
retrieved without the requesting entity knowing what backing store is being used
|
||||
to hold the data.
|
||||
|
||||
It is used to bridge new and old ways of providing platform-specific data.
|
||||
Today, information like the Chain of Trust is held within several, nested
|
||||
platform-defined tables. In the future, it may be provided as part of a device
|
||||
blob, along with the rest of the information about images to load.
|
||||
Introducing this abstraction layer will make migration easier and will preserve
|
||||
functionality for platforms that cannot / don't want to use device tree.
|
||||
|
||||
Accessing properties
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Properties defined in the |FCONF| are grouped around namespaces and
|
||||
sub-namespaces: a.b.property.
|
||||
Examples namespace can be:
|
||||
|
||||
- (|TBBR|) Chain of Trust data: tbbr.cot.trusted_boot_fw_cert
|
||||
- (|TBBR|) dynamic configuration info: tbbr.dyn_config.disable_auth
|
||||
- Arm io policies: arm.io_policies.bl2_image
|
||||
- GICv3 properties: hw_config.gicv3_config.gicr_base
|
||||
|
||||
Properties can be accessed with the ``FCONF_GET_PROPERTY(a,b,property)`` macro.
|
||||
|
||||
Defining properties
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Properties composing the |FCONF| have to be stored in C structures. If
|
||||
properties originate from a different backend source such as a device tree,
|
||||
then the platform has to provide a ``populate()`` function which essentially
|
||||
captures the property and stores them into a corresponding |FCONF| based C
|
||||
structure.
|
||||
|
||||
Such a ``populate()`` function is usually platform specific and is associated
|
||||
with a specific backend source. For example, a populator function which
|
||||
captures the hardware topology of the platform from the HW_CONFIG device tree.
|
||||
Hence each ``populate()`` function must be registered with a specific
|
||||
``config_type`` identifier. It broadly represents a logical grouping of
|
||||
configuration properties which is usually a device tree file.
|
||||
|
||||
Example:
|
||||
- FW_CONFIG: properties related to base address, maximum size and image id
|
||||
of other DTBs etc.
|
||||
- TB_FW: properties related to trusted firmware such as IO policies,
|
||||
mbedtls heap info etc.
|
||||
- HW_CONFIG: properties related to hardware configuration of the SoC
|
||||
such as topology, GIC controller, PSCI hooks, CPU ID etc.
|
||||
|
||||
Hence the ``populate()`` callback must be registered to the (|FCONF|) framework
|
||||
with the ``FCONF_REGISTER_POPULATOR()`` macro. This ensures that the function
|
||||
would be called inside the generic ``fconf_populate()`` function during
|
||||
initialization.
|
||||
|
||||
::
|
||||
|
||||
int fconf_populate_topology(uintptr_t config)
|
||||
{
|
||||
/* read hw config dtb and fill soc_topology struct */
|
||||
}
|
||||
|
||||
FCONF_REGISTER_POPULATOR(HW_CONFIG, topology, fconf_populate_topology);
|
||||
|
||||
Then, a wrapper has to be provided to match the ``FCONF_GET_PROPERTY()`` macro:
|
||||
|
||||
::
|
||||
|
||||
/* generic getter */
|
||||
#define FCONF_GET_PROPERTY(a,b,property) a##__##b##_getter(property)
|
||||
|
||||
/* my specific getter */
|
||||
#define hw_config__topology_getter(prop) soc_topology.prop
|
||||
|
||||
This second level wrapper can be used to remap the ``FCONF_GET_PROPERTY()`` to
|
||||
anything appropriate: structure, array, function, etc..
|
||||
|
||||
To ensure a good interpretation of the properties, this documentation must
|
||||
explain how the properties are described for a specific backend. Refer to the
|
||||
:ref:`binding-document` section for more information and example.
|
||||
|
||||
Loading the property device tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``fconf_load_config(image_id)`` must be called to load fw_config and
|
||||
tb_fw_config devices tree containing the properties' values. This must be done
|
||||
after the io layer is initialized, as the |DTB| is stored on an external
|
||||
device (FIP).
|
||||
|
||||
.. uml:: ../../resources/diagrams/plantuml/fconf_bl1_load_config.puml
|
||||
|
||||
Populating the properties
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Once a valid device tree is available, the ``fconf_populate(config)`` function
|
||||
can be used to fill the C data structure with the data from the config |DTB|.
|
||||
This function will call all the ``populate()`` callbacks which have been
|
||||
registered with ``FCONF_REGISTER_POPULATOR()`` as described above.
|
||||
|
||||
.. uml:: ../../resources/diagrams/plantuml/fconf_bl2_populate.puml
|
||||
|
||||
Namespace guidance
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As mentioned above, properties are logically grouped around namespaces and
|
||||
sub-namespaces. The following concepts should be considered when adding new
|
||||
properties/namespaces.
|
||||
The framework differentiates two types of properties:
|
||||
|
||||
- Properties used inside common code.
|
||||
- Properties used inside platform specific code.
|
||||
|
||||
The first category applies to properties being part of the firmware and shared
|
||||
across multiple platforms. They should be globally accessible and defined
|
||||
inside the ``lib/fconf`` directory. The namespace must be chosen to reflect the
|
||||
feature/data abstracted.
|
||||
|
||||
Example:
|
||||
- |TBBR| related properties: tbbr.cot.bl2_id
|
||||
- Dynamic configuration information: dyn_cfg.dtb_info.hw_config_id
|
||||
|
||||
The second category should represent the majority of the properties defined
|
||||
within the framework: Platform specific properties. They must be accessed only
|
||||
within the platform API and are defined only inside the platform scope. The
|
||||
namespace must contain the platform name under which the properties defined
|
||||
belong.
|
||||
|
||||
Example:
|
||||
- Arm io framework: arm.io_policies.bl31_id
|
||||
|
||||
.. _binding-document:
|
||||
|
||||
Properties binding information
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
fconf_properties
|
||||
amu-bindings
|
||||
mpmm-bindings
|
||||
48
arm-trusted-firmware/docs/components/fconf/mpmm-bindings.rst
Normal file
48
arm-trusted-firmware/docs/components/fconf/mpmm-bindings.rst
Normal file
@@ -0,0 +1,48 @@
|
||||
Maximum Power Mitigation Mechanism (MPMM) Bindings
|
||||
==================================================
|
||||
|
||||
|MPMM| support cannot be determined at runtime by the firmware. Instead, these
|
||||
DTB bindings allow the platform to communicate per-core support for |MPMM| via
|
||||
the ``HW_CONFIG`` device tree blob.
|
||||
|
||||
Bindings
|
||||
^^^^^^^^
|
||||
|
||||
.. contents::
|
||||
:local:
|
||||
|
||||
``/cpus/cpus/cpu*`` node properties
|
||||
"""""""""""""""""""""""""""""""""""
|
||||
|
||||
The ``cpu`` node has been augmented to allow the platform to indicate support
|
||||
for |MPMM| on a given core.
|
||||
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
| Property name | Usage | Value type | Description |
|
||||
+===================+=======+=============+====================================+
|
||||
| ``supports-mpmm`` | O | ``<empty>`` | If present, indicates that |MPMM| |
|
||||
| | | | is available on this core. |
|
||||
+-------------------+-------+-------------+------------------------------------+
|
||||
|
||||
Example
|
||||
^^^^^^^
|
||||
|
||||
An example system offering two cores, one with support for |MPMM| and one
|
||||
without, can be described as follows:
|
||||
|
||||
.. code-block::
|
||||
|
||||
cpus {
|
||||
#address-cells = <2>;
|
||||
#size-cells = <0>;
|
||||
|
||||
cpu0@00000 {
|
||||
...
|
||||
|
||||
supports-mpmm;
|
||||
};
|
||||
|
||||
cpu1@00100 {
|
||||
...
|
||||
};
|
||||
}
|
||||
252
arm-trusted-firmware/docs/components/ffa-manifest-binding.rst
Normal file
252
arm-trusted-firmware/docs/components/ffa-manifest-binding.rst
Normal file
@@ -0,0 +1,252 @@
|
||||
FF-A manifest binding to device tree
|
||||
========================================
|
||||
|
||||
This document defines the nodes and properties used to define a partition,
|
||||
according to the FF-A specification.
|
||||
|
||||
Version 1.0
|
||||
-----------
|
||||
|
||||
Partition Properties
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-X.Y" which specifies the major and
|
||||
minor versions of the device tree binding for the FFA manifest represented
|
||||
by this node. The minor number is incremented if the binding changes in a
|
||||
backwards compatible manner.
|
||||
|
||||
- X is an integer representing the major version number of this document.
|
||||
- Y is an integer representing the minor version number of this document.
|
||||
|
||||
- ffa-version [mandatory]
|
||||
- value type: <u32>
|
||||
- Must be two 16 bits values (X, Y), concatenated as 31:16 -> X,
|
||||
15:0 -> Y, where:
|
||||
|
||||
- X is the major version of FF-A expected by the partition at the FFA
|
||||
instance it will execute.
|
||||
- Y is the minor version of FF-A expected by the partition at the FFA
|
||||
instance it will execute.
|
||||
|
||||
- uuid [mandatory]
|
||||
- value type: <prop-encoded-array>
|
||||
- An array consisting of 4 <u32> values, identifying the UUID of the service
|
||||
implemented by this partition. The UUID format is described in RFC 4122.
|
||||
|
||||
- id
|
||||
- value type: <u32>
|
||||
- Pre-allocated partition ID.
|
||||
|
||||
- auxiliary-id
|
||||
- value type: <u32>
|
||||
- Pre-allocated ID that could be used in memory management transactions.
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the partition e.g. for debugging purposes.
|
||||
|
||||
- execution-ctx-count [mandatory]
|
||||
- value type: <u32>
|
||||
- Number of vCPUs that a VM or SP wants to instantiate.
|
||||
|
||||
- In the absence of virtualization, this is the number of execution
|
||||
contexts that a partition implements.
|
||||
- If value of this field = 1 and number of PEs > 1 then the partition is
|
||||
treated as UP & migrate capable.
|
||||
- If the value of this field > 1 then the partition is treated as a MP
|
||||
capable partition irrespective of the number of PEs.
|
||||
|
||||
- exception-level [mandatory]
|
||||
- value type: <u32>
|
||||
- The target exception level for the partition:
|
||||
|
||||
- 0x0: EL1
|
||||
- 0x1: S_EL0
|
||||
- 0x2: S_EL1
|
||||
|
||||
- execution-state [mandatory]
|
||||
- value type: <u32>
|
||||
- The target execution state of the partition:
|
||||
|
||||
- 0: AArch64
|
||||
- 1: AArch32
|
||||
|
||||
- load-address
|
||||
- value type: <u64>
|
||||
- Physical base address of the partition in memory. Absence of this field
|
||||
indicates that the partition is position independent and can be loaded at
|
||||
any address chosen at boot time.
|
||||
|
||||
- entrypoint-offset
|
||||
- value type: <u64>
|
||||
- Offset from the base of the partition's binary image to the entry point of
|
||||
the partition. Absence of this field indicates that the entry point is at
|
||||
offset 0x0 from the base of the partition's binary.
|
||||
|
||||
- xlat-granule [mandatory]
|
||||
- value type: <u32>
|
||||
- Translation granule used with the partition:
|
||||
|
||||
- 0x0: 4k
|
||||
- 0x1: 16k
|
||||
- 0x2: 64k
|
||||
|
||||
- boot-order
|
||||
- value type: <u32>
|
||||
- A unique number amongst all partitions that specifies if this partition
|
||||
must be booted before others. The partition with the smaller number will be
|
||||
booted first.
|
||||
|
||||
- rx-tx-buffer
|
||||
- value type: "memory-regions" node
|
||||
- Specific "memory-regions" nodes that describe the RX/TX buffers expected
|
||||
by the partition.
|
||||
The "compatible" must be the string "arm,ffa-manifest-rx_tx-buffer".
|
||||
|
||||
- messaging-method [mandatory]
|
||||
- value type: <u8>
|
||||
- Specifies which messaging methods are supported by the partition, set bit
|
||||
means the feature is supported, clear bit - not supported:
|
||||
|
||||
- Bit[0]: partition can receive direct requests if set
|
||||
- Bit[1]: partition can send direct requests if set
|
||||
- Bit[2]: partition can send and receive indirect messages
|
||||
|
||||
- managed-exit
|
||||
- value type: <empty>
|
||||
- Specifies if managed exit is supported.
|
||||
|
||||
- has-primary-scheduler
|
||||
- value type: <empty>
|
||||
- Presence of this field indicates that the partition implements the primary
|
||||
scheduler. If so, run-time EL must be EL1.
|
||||
|
||||
- run-time-model
|
||||
- value type: <u32>
|
||||
- Run time model that the SPM must enforce for this SP:
|
||||
|
||||
- 0x0: Run to completion
|
||||
- 0x1: Preemptible
|
||||
|
||||
- time-slice-mem
|
||||
- value type: <empty>
|
||||
- Presence of this field indicates that the partition doesn't expect the
|
||||
partition manager to time slice long running memory management functions.
|
||||
|
||||
- gp-register-num
|
||||
- value type: <u32>
|
||||
- Presence of this field indicates that the partition expects the
|
||||
ffa_init_info structure to be passed in via the specified general purpose
|
||||
register.
|
||||
The field specifies the general purpose register number but not its width.
|
||||
The width is derived from the partition's execution state, as specified in
|
||||
the partition properties. For example, if the number value is 1 then the
|
||||
general-purpose register used will be x1 in AArch64 state and w1 in AArch32
|
||||
state.
|
||||
|
||||
- stream-endpoint-ids
|
||||
- value type: <prop-encoded-array>
|
||||
- List of <u32> tuples, identifying the IDs this partition is acting as
|
||||
proxy for.
|
||||
|
||||
Memory Regions
|
||||
--------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-memory-regions".
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the memory region e.g. for debugging purposes.
|
||||
|
||||
- pages-count [mandatory]
|
||||
- value type: <u32>
|
||||
- Count of pages of memory region as a multiple of the translation granule
|
||||
size
|
||||
|
||||
- attributes [mandatory]
|
||||
- value type: <u32>
|
||||
- Mapping modes: ORed to get required permission
|
||||
|
||||
- 0x1: Read
|
||||
- 0x2: Write
|
||||
- 0x4: Execute
|
||||
|
||||
- base-address
|
||||
- value type: <u64>
|
||||
- Base address of the region. The address must be aligned to the translation
|
||||
granule size.
|
||||
The address given may be a Physical Address (PA), Virtual Address (VA), or
|
||||
Intermediate Physical Address (IPA). Refer to the FFA specification for
|
||||
more information on the restrictions around the address type.
|
||||
If the base address is omitted then the partition manager must map a memory
|
||||
region of the specified size into the partition's translation regime and
|
||||
then communicate the region properties (including the base address chosen
|
||||
by the partition manager) to the partition.
|
||||
|
||||
Device Regions
|
||||
--------------
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,ffa-manifest-device-regions".
|
||||
|
||||
- description
|
||||
- value type: <string>
|
||||
- Name of the device region e.g. for debugging purposes.
|
||||
|
||||
- reg [mandatory]
|
||||
- value type: <prop-encoded-array>
|
||||
- A (address, num-pages) pair describing the device, where:
|
||||
|
||||
- address: The physical base address <u64> value of the device MMIO
|
||||
region.
|
||||
- num-pages: The <u32> number of pages of the region. The total size of
|
||||
the region is this value multiplied by the translation granule size.
|
||||
|
||||
- attributes [mandatory]
|
||||
- value type: <u32>
|
||||
- Mapping modes: ORed to get required permission
|
||||
|
||||
- 0x1: Read
|
||||
- 0x2: Write
|
||||
- 0x4: Execute
|
||||
|
||||
- smmu-id
|
||||
- value type: <u32>
|
||||
- On systems with multiple System Memory Management Units (SMMUs) this
|
||||
identifier is used to inform the partition manager which SMMU the device is
|
||||
upstream of. If the field is omitted then it is assumed that the device is
|
||||
not upstream of any SMMU.
|
||||
|
||||
- stream-ids
|
||||
- value type: <prop-encoded-array>
|
||||
- A list of (id, mem-manage) pair, where:
|
||||
|
||||
- id: A unique <u32> value amongst all devices assigned to the partition.
|
||||
|
||||
- interrupts [mandatory]
|
||||
- value type: <prop-encoded-array>
|
||||
- A list of (id, attributes) pair describing the device interrupts, where:
|
||||
|
||||
- id: The <u32> interrupt IDs.
|
||||
- attributes: A <u32> value,
|
||||
containing the attributes for each interrupt ID:
|
||||
|
||||
- Interrupt type: SPI, PPI, SGI
|
||||
- Interrupt configuration: Edge triggered, Level triggered
|
||||
- Interrupt security state: Secure, Non-secure
|
||||
- Interrupt priority value
|
||||
- Target execution context/vCPU for each SPI
|
||||
|
||||
- exclusive-access
|
||||
- value type: <empty>
|
||||
- Presence of this field implies that this endpoint must be granted exclusive
|
||||
access and ownership of this device's MMIO region.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
400
arm-trusted-firmware/docs/components/firmware-update.rst
Normal file
400
arm-trusted-firmware/docs/components/firmware-update.rst
Normal file
@@ -0,0 +1,400 @@
|
||||
Firmware Update (FWU)
|
||||
=====================
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
This document describes the design of the Firmware Update (FWU) feature, which
|
||||
enables authenticated firmware to update firmware images from external
|
||||
interfaces such as USB, UART, SD-eMMC, NAND, NOR or Ethernet to SoC Non-Volatile
|
||||
memories such as NAND Flash, LPDDR2-NVM or any memory determined by the
|
||||
platform. This feature functions even when the current firmware in the system
|
||||
is corrupt or missing; it therefore may be used as a recovery mode. It may also
|
||||
be complemented by other, higher level firmware update software.
|
||||
|
||||
FWU implements a specific part of the Trusted Board Boot Requirements (TBBR)
|
||||
specification, Arm DEN0006C-1. It should be used in conjunction with the
|
||||
:ref:`Trusted Board Boot` design document, which describes the image
|
||||
authentication parts of the Trusted Firmware-A (TF-A) TBBR implementation.
|
||||
|
||||
Scope
|
||||
~~~~~
|
||||
|
||||
This document describes the secure world FWU design. It is beyond its scope to
|
||||
describe how normal world FWU images should operate. To implement normal world
|
||||
FWU images, please refer to the "Non-Trusted Firmware Updater" requirements in
|
||||
the TBBR.
|
||||
|
||||
FWU Overview
|
||||
------------
|
||||
|
||||
The FWU boot flow is primarily mediated by BL1. Since BL1 executes in ROM, and
|
||||
it is usually desirable to minimize the amount of ROM code, the design allows
|
||||
some parts of FWU to be implemented in other secure and normal world images.
|
||||
Platform code may choose which parts are implemented in which images but the
|
||||
general expectation is:
|
||||
|
||||
- BL1 handles:
|
||||
|
||||
- Detection and initiation of the FWU boot flow.
|
||||
- Copying images from non-secure to secure memory
|
||||
- FWU image authentication
|
||||
- Context switching between the normal and secure world during the FWU
|
||||
process.
|
||||
|
||||
- Other secure world FWU images handle platform initialization required by
|
||||
the FWU process.
|
||||
- Normal world FWU images handle loading of firmware images from external
|
||||
interfaces to non-secure memory.
|
||||
|
||||
The primary requirements of the FWU feature are:
|
||||
|
||||
#. Export a BL1 SMC interface to interoperate with other FWU images executing
|
||||
at other Exception Levels.
|
||||
#. Export a platform interface to provide FWU common code with the information
|
||||
it needs, and to enable platform specific FWU functionality. See the
|
||||
:ref:`Porting Guide` for details of this interface.
|
||||
|
||||
TF-A uses abbreviated image terminology for FWU images like for other TF-A
|
||||
images. See the :ref:`Image Terminology` document for an explanation of these
|
||||
terms.
|
||||
|
||||
The following diagram shows the FWU boot flow for Arm development platforms.
|
||||
Arm CSS platforms like Juno have a System Control Processor (SCP), and these
|
||||
use all defined FWU images. Other platforms may use a subset of these.
|
||||
|
||||
|Flow Diagram|
|
||||
|
||||
Image Identification
|
||||
--------------------
|
||||
|
||||
Each FWU image and certificate is identified by a unique ID, defined by the
|
||||
platform, which BL1 uses to fetch an image descriptor (``image_desc_t``) via a
|
||||
call to ``bl1_plat_get_image_desc()``. The same ID is also used to prepare the
|
||||
Chain of Trust (Refer to the :ref:`Authentication Framework & Chain of Trust`
|
||||
document for more information).
|
||||
|
||||
The image descriptor includes the following information:
|
||||
|
||||
- Executable or non-executable image. This indicates whether the normal world
|
||||
is permitted to request execution of a secure world FWU image (after
|
||||
authentication). Secure world certificates and non-AP images are examples
|
||||
of non-executable images.
|
||||
- Secure or non-secure image. This indicates whether the image is
|
||||
authenticated/executed in secure or non-secure memory.
|
||||
- Image base address and size.
|
||||
- Image entry point configuration (an ``entry_point_info_t``).
|
||||
- FWU image state.
|
||||
|
||||
BL1 uses the FWU image descriptors to:
|
||||
|
||||
- Validate the arguments of FWU SMCs
|
||||
- Manage the state of the FWU process
|
||||
- Initialize the execution state of the next FWU image.
|
||||
|
||||
FWU State Machine
|
||||
-----------------
|
||||
|
||||
BL1 maintains state for each FWU image during FWU execution. FWU images at lower
|
||||
Exception Levels raise SMCs to invoke FWU functionality in BL1, which causes
|
||||
BL1 to update its FWU image state. The BL1 image states and valid state
|
||||
transitions are shown in the diagram below. Note that secure images have a more
|
||||
complex state machine than non-secure images.
|
||||
|
||||
|FWU state machine|
|
||||
|
||||
The following is a brief description of the supported states:
|
||||
|
||||
- RESET: This is the initial state of every image at the start of FWU.
|
||||
Authentication failure also leads to this state. A secure
|
||||
image may yield to this state if it has completed execution.
|
||||
It can also be reached by using ``FWU_SMC_IMAGE_RESET``.
|
||||
|
||||
- COPYING: This is the state of a secure image while BL1 is copying it
|
||||
in blocks from non-secure to secure memory.
|
||||
|
||||
- COPIED: This is the state of a secure image when BL1 has completed
|
||||
copying it to secure memory.
|
||||
|
||||
- AUTHENTICATED: This is the state of an image when BL1 has successfully
|
||||
authenticated it.
|
||||
|
||||
- EXECUTED: This is the state of a secure, executable image when BL1 has
|
||||
passed execution control to it.
|
||||
|
||||
- INTERRUPTED: This is the state of a secure, executable image after it has
|
||||
requested BL1 to resume normal world execution.
|
||||
|
||||
BL1 SMC Interface
|
||||
-----------------
|
||||
|
||||
BL1_SMC_CALL_COUNT
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x0
|
||||
|
||||
Return:
|
||||
uint32_t
|
||||
|
||||
This SMC returns the number of SMCs supported by BL1.
|
||||
|
||||
BL1_SMC_UID
|
||||
~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x1
|
||||
|
||||
Return:
|
||||
UUID : 32 bits in each of w0-w3 (or r0-r3 for AArch32 callers)
|
||||
|
||||
This SMC returns the 128-bit `Universally Unique Identifier`_ for the
|
||||
BL1 SMC service.
|
||||
|
||||
BL1_SMC_VERSION
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument:
|
||||
uint32_t function ID : 0x3
|
||||
|
||||
Return:
|
||||
uint32_t : Bits [31:16] Major Version
|
||||
Bits [15:0] Minor Version
|
||||
|
||||
This SMC returns the current version of the BL1 SMC service.
|
||||
|
||||
BL1_SMC_RUN_IMAGE
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x4
|
||||
entry_point_info_t *ep_info
|
||||
|
||||
Return:
|
||||
void
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller) synchronous exception
|
||||
if (ep_info not EL3) synchronous exception
|
||||
|
||||
This SMC passes execution control to an EL3 image described by the provided
|
||||
``entry_point_info_t`` structure. In the normal TF-A boot flow, BL2 invokes
|
||||
this SMC for BL1 to pass execution control to BL31.
|
||||
|
||||
FWU_SMC_IMAGE_COPY
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x10
|
||||
unsigned int image_id
|
||||
uintptr_t image_addr
|
||||
unsigned int block_size
|
||||
unsigned int image_size
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -ENOMEM
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (image_id is non-secure image) return -EPERM
|
||||
if (image_id state is not (RESET or COPYING)) return -EPERM
|
||||
if (secure world caller) return -EPERM
|
||||
if (image_addr + block_size overflows) return -ENOMEM
|
||||
if (image destination address + image_size overflows) return -ENOMEM
|
||||
if (source block is in secure memory) return -ENOMEM
|
||||
if (source block is not mapped into BL1) return -ENOMEM
|
||||
if (image_size > free secure memory) return -ENOMEM
|
||||
if (image overlaps another image) return -EPERM
|
||||
|
||||
This SMC copies the secure image indicated by ``image_id`` from non-secure memory
|
||||
to secure memory for later authentication. The image may be copied in a single
|
||||
block or multiple blocks. In either case, the total size of the image must be
|
||||
provided in ``image_size`` when invoking this SMC for the first time for each
|
||||
image; it is ignored in subsequent calls (if any) for the same image.
|
||||
|
||||
The ``image_addr`` and ``block_size`` specify the source memory block to copy from.
|
||||
The destination address is provided by the platform code.
|
||||
|
||||
If ``block_size`` is greater than the amount of remaining bytes to copy for this
|
||||
image then the former is truncated to the latter. The copy operation is then
|
||||
considered as complete and the FWU state machine transitions to the "COPIED"
|
||||
state. If there is still more to copy, the FWU state machine stays in or
|
||||
transitions to the COPYING state (depending on the previous state).
|
||||
|
||||
When using multiple blocks, the source blocks do not necessarily need to be in
|
||||
contiguous memory.
|
||||
|
||||
Once the SMC is handled, BL1 returns from exception to the normal world caller.
|
||||
|
||||
FWU_SMC_IMAGE_AUTH
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x11
|
||||
unsigned int image_id
|
||||
uintptr_t image_addr
|
||||
unsigned int image_size
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -ENOMEM
|
||||
: -EPERM
|
||||
: -EAUTH
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (secure world caller)
|
||||
if (image_id state is not RESET) return -EPERM
|
||||
if (image_addr/image_size is not mapped into BL1) return -ENOMEM
|
||||
else // normal world caller
|
||||
if (image_id is secure image)
|
||||
if (image_id state is not COPIED) return -EPERM
|
||||
else // image_id is non-secure image
|
||||
if (image_id state is not RESET) return -EPERM
|
||||
if (image_addr/image_size is in secure memory) return -ENOMEM
|
||||
if (image_addr/image_size not mapped into BL1) return -ENOMEM
|
||||
|
||||
This SMC authenticates the image specified by ``image_id``. If the image is in the
|
||||
RESET state, BL1 authenticates the image in place using the provided
|
||||
``image_addr`` and ``image_size``. If the image is a secure image in the COPIED
|
||||
state, BL1 authenticates the image from the secure memory that BL1 previously
|
||||
copied the image into.
|
||||
|
||||
BL1 returns from exception to the caller. If authentication succeeds then BL1
|
||||
sets the image state to AUTHENTICATED. If authentication fails then BL1 returns
|
||||
the -EAUTH error and sets the image state back to RESET.
|
||||
|
||||
FWU_SMC_IMAGE_EXECUTE
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x12
|
||||
unsigned int image_id
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (image_id is invalid) return -EPERM
|
||||
if (secure world caller) return -EPERM
|
||||
if (image_id is non-secure image) return -EPERM
|
||||
if (image_id is non-executable image) return -EPERM
|
||||
if (image_id state is not AUTHENTICATED) return -EPERM
|
||||
|
||||
This SMC initiates execution of a previously authenticated image specified by
|
||||
``image_id``, in the other security world to the caller. The current
|
||||
implementation only supports normal world callers initiating execution of a
|
||||
secure world image.
|
||||
|
||||
BL1 saves the normal world caller's context, sets the secure image state to
|
||||
EXECUTED, and returns from exception to the secure image.
|
||||
|
||||
FWU_SMC_IMAGE_RESUME
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x13
|
||||
register_t image_param
|
||||
|
||||
Return:
|
||||
register_t : image_param (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller and no INTERRUPTED secure image) return -EPERM
|
||||
|
||||
This SMC resumes execution in the other security world while there is a secure
|
||||
image in the EXECUTED/INTERRUPTED state.
|
||||
|
||||
For normal world callers, BL1 sets the previously interrupted secure image state
|
||||
to EXECUTED. For secure world callers, BL1 sets the previously executing secure
|
||||
image state to INTERRUPTED. In either case, BL1 saves the calling world's
|
||||
context, restores the resuming world's context and returns from exception into
|
||||
the resuming world. If the call is successful then the caller provided
|
||||
``image_param`` is returned to the resumed world, otherwise an error code is
|
||||
returned to the caller.
|
||||
|
||||
FWU_SMC_SEC_IMAGE_DONE
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x14
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (normal world caller) return -EPERM
|
||||
|
||||
This SMC indicates completion of a previously executing secure image.
|
||||
|
||||
BL1 sets the previously executing secure image state to the RESET state,
|
||||
restores the normal world context and returns from exception into the normal
|
||||
world.
|
||||
|
||||
FWU_SMC_UPDATE_DONE
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x15
|
||||
register_t client_cookie
|
||||
|
||||
Return:
|
||||
N/A
|
||||
|
||||
This SMC completes the firmware update process. BL1 calls the platform specific
|
||||
function ``bl1_plat_fwu_done``, passing the optional argument ``client_cookie`` as
|
||||
a ``void *``. The SMC does not return.
|
||||
|
||||
FWU_SMC_IMAGE_RESET
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Arguments:
|
||||
uint32_t function ID : 0x16
|
||||
unsigned int image_id
|
||||
|
||||
Return:
|
||||
int : 0 (Success)
|
||||
: -EPERM
|
||||
|
||||
Pre-conditions:
|
||||
if (secure world caller) return -EPERM
|
||||
if (image in EXECUTED) return -EPERM
|
||||
|
||||
This SMC sets the state of an image to RESET and zeroes the memory used by it.
|
||||
|
||||
This is only allowed if the image is not being executed.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Universally Unique Identifier: https://tools.ietf.org/rfc/rfc4122.txt
|
||||
.. |Flow Diagram| image:: ../resources/diagrams/fwu_flow.png
|
||||
.. |FWU state machine| image:: ../resources/diagrams/fwu_states.png
|
||||
@@ -0,0 +1,235 @@
|
||||
Granule Protection Tables Library
|
||||
=================================
|
||||
|
||||
This document describes the design of the granule protection tables (GPT)
|
||||
library used by Trusted Firmware-A (TF-A). This library provides the APIs needed
|
||||
to initialize the GPTs based on a data structure containing information about
|
||||
the systems memory layout, configure the system registers to enable granule
|
||||
protection checks based on these tables, and transition granules between
|
||||
different PAS (physical address spaces) at runtime.
|
||||
|
||||
Arm CCA adds two new security states for a total of four: root, realm, secure, and
|
||||
non-secure. In addition to new security states, corresponding physical address
|
||||
spaces have been added to control memory access for each state. The PAS access
|
||||
allowed to each security state can be seen in the table below.
|
||||
|
||||
.. list-table:: Security states and PAS access rights
|
||||
:widths: 25 25 25 25 25
|
||||
:header-rows: 1
|
||||
|
||||
* -
|
||||
- Root state
|
||||
- Realm state
|
||||
- Secure state
|
||||
- Non-secure state
|
||||
* - Root PAS
|
||||
- yes
|
||||
- no
|
||||
- no
|
||||
- no
|
||||
* - Realm PAS
|
||||
- yes
|
||||
- yes
|
||||
- no
|
||||
- no
|
||||
* - Secure PAS
|
||||
- yes
|
||||
- no
|
||||
- yes
|
||||
- no
|
||||
* - Non-secure PAS
|
||||
- yes
|
||||
- yes
|
||||
- yes
|
||||
- yes
|
||||
|
||||
The GPT can function as either a 1 level or 2 level lookup depending on how a
|
||||
PAS region is configured. The first step is the level 0 table, each entry in the
|
||||
level 0 table controls access to a relatively large region in memory (block
|
||||
descriptor), and the entire region can belong to a single PAS when a one step
|
||||
mapping is used, or a level 0 entry can link to a level 1 table where relatively
|
||||
small regions (granules) of memory can be assigned to different PAS with a 2
|
||||
step mapping. The type of mapping used for each PAS is determined by the user
|
||||
when setting up the configuration structure.
|
||||
|
||||
Design Concepts and Interfaces
|
||||
------------------------------
|
||||
|
||||
This section covers some important concepts and data structures used in the GPT
|
||||
library.
|
||||
|
||||
There are three main parameters that determine how the tables are organized and
|
||||
function: the PPS (protected physical space) which is the total amount of
|
||||
protected physical address space in the system, PGS (physical granule size)
|
||||
which is how large each level 1 granule is, and L0GPTSZ (level 0 GPT size) which
|
||||
determines how much physical memory is governed by each level 0 entry. A granule
|
||||
is the smallest unit of memory that can be independently assigned to a PAS.
|
||||
|
||||
L0GPTSZ is determined by the hardware and is read from the GPCCR_EL3 register.
|
||||
PPS and PGS are passed into the APIs at runtime and can be determined in
|
||||
whatever way is best for a given platform, either through some algorithm or hard
|
||||
coded in the firmware.
|
||||
|
||||
GPT setup is split into two parts: table creation and runtime initialization. In
|
||||
the table creation step, a data structure containing information about the
|
||||
desired PAS regions is passed into the library which validates the mappings,
|
||||
creates the tables in memory, and enables granule protection checks. In the
|
||||
runtime initialization step, the runtime firmware locates the existing tables in
|
||||
memory using the GPT register configuration and saves important data to a
|
||||
structure used by the granule transition service which will be covered more
|
||||
below.
|
||||
|
||||
In the reference implementation for FVP models, you can find an example of PAS
|
||||
region definitions in the file ``include/plat/arm/common/arm_pas_def.h``. Table
|
||||
creation API calls can be found in ``plat/arm/common/arm_bl2_setup.c`` and
|
||||
runtime initialization API calls can be seen in
|
||||
``plat/arm/common/arm_bl31_setup.c``.
|
||||
|
||||
Defining PAS regions
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
A ``pas_region_t`` structure is a way to represent a physical address space and
|
||||
its attributes that can be used by the GPT library to initialize the tables.
|
||||
|
||||
This structure is composed of the following:
|
||||
|
||||
#. The base physical address
|
||||
#. The region size
|
||||
#. The desired attributes of this memory region (mapping type, PAS type)
|
||||
|
||||
See the ``pas_region_t`` type in ``include/lib/gpt_rme/gpt_rme.h``.
|
||||
|
||||
The programmer should provide the API with an array containing ``pas_region_t``
|
||||
structures, then the library will check the desired memory access layout for
|
||||
validity and create tables to implement it.
|
||||
|
||||
``pas_region_t`` is a public type, however it is recommended that the macros
|
||||
``GPT_MAP_REGION_BLOCK`` and ``GPT_MAP_REGION_GRANULE`` be used to populate
|
||||
these structures instead of doing it manually to reduce the risk of future
|
||||
compatibility issues. These macros take the base physical address, region size,
|
||||
and PAS type as arguments to generate the pas_region_t structure. As the names
|
||||
imply, ``GPT_MAP_REGION_BLOCK`` creates a region using only L0 mapping while
|
||||
``GPT_MAP_REGION_GRANULE`` creates a region using L0 and L1 mappings.
|
||||
|
||||
Level 0 and Level 1 Tables
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The GPT initialization APIs require memory to be passed in for the tables to be
|
||||
constructed, ``gpt_init_l0_tables`` takes a memory address and size for building
|
||||
the level 0 tables and ``gpt_init_pas_l1_tables`` takes an address and size for
|
||||
building the level 1 tables which are linked from level 0 descriptors. The
|
||||
tables should have PAS type ``GPT_GPI_ROOT`` and a typical system might place
|
||||
its level 0 table in SRAM and its level 1 table(s) in DRAM.
|
||||
|
||||
Granule Transition Service
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The Granule Transition Service allows memory mapped with GPT_MAP_REGION_GRANULE
|
||||
ownership to be changed using SMC calls. Non-secure granules can be transitioned
|
||||
to either realm or secure space, and realm and secure granules can be
|
||||
transitioned back to non-secure. This library only allows memory mapped as
|
||||
granules to be transitioned, memory mapped as blocks have their GPIs fixed after
|
||||
table creation.
|
||||
|
||||
Library APIs
|
||||
------------
|
||||
|
||||
The public APIs and types can be found in ``include/lib/gpt_rme/gpt_rme.h`` and this
|
||||
section is intended to provide additional details and clarifications.
|
||||
|
||||
To create the GPTs and enable granule protection checks the APIs need to be
|
||||
called in the correct order and at the correct time during the system boot
|
||||
process.
|
||||
|
||||
#. Firmware must enable the MMU.
|
||||
#. Firmware must call ``gpt_init_l0_tables`` to initialize the level 0 tables to
|
||||
a default state, that is, initializing all of the L0 descriptors to allow all
|
||||
accesses to all memory. The PPS is provided to this function as an argument.
|
||||
#. DDR discovery and initialization by the system, the discovered DDR region(s)
|
||||
are then added to the L1 PAS regions to be initialized in the next step and
|
||||
used by the GTSI at runtime.
|
||||
#. Firmware must call ``gpt_init_pas_l1_tables`` with a pointer to an array of
|
||||
``pas_region_t`` structures containing the desired memory access layout. The
|
||||
PGS is provided to this function as an argument.
|
||||
#. Firmware must call ``gpt_enable`` to enable granule protection checks by
|
||||
setting the correct register values.
|
||||
#. In systems that make use of the granule transition service, runtime
|
||||
firmware must call ``gpt_runtime_init`` to set up the data structures needed
|
||||
by the GTSI to find the tables and transition granules between PAS types.
|
||||
|
||||
API Constraints
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
The values allowed by the API for PPS and PGS are enumerated types
|
||||
defined in the file ``include/lib/gpt_rme/gpt_rme.h``.
|
||||
|
||||
Allowable values for PPS along with their corresponding size.
|
||||
|
||||
* ``GPCCR_PPS_4GB`` (4GB protected space, 0x100000000 bytes)
|
||||
* ``GPCCR_PPS_64GB`` (64GB protected space, 0x1000000000 bytes)
|
||||
* ``GPCCR_PPS_1TB`` (1TB protected space, 0x10000000000 bytes)
|
||||
* ``GPCCR_PPS_4TB`` (4TB protected space, 0x40000000000 bytes)
|
||||
* ``GPCCR_PPS_16TB`` (16TB protected space, 0x100000000000 bytes)
|
||||
* ``GPCCR_PPS_256TB`` (256TB protected space, 0x1000000000000 bytes)
|
||||
* ``GPCCR_PPS_4PB`` (4PB protected space, 0x10000000000000 bytes)
|
||||
|
||||
Allowable values for PGS along with their corresponding size.
|
||||
|
||||
* ``GPCCR_PGS_4K`` (4KB granules, 0x1000 bytes)
|
||||
* ``GPCCR_PGS_16K`` (16KB granules, 0x4000 bytes)
|
||||
* ``GPCCR_PGS_64K`` (64KB granules, 0x10000 bytes)
|
||||
|
||||
Allowable values for L0GPTSZ along with the corresponding size.
|
||||
|
||||
* ``GPCCR_L0GPTSZ_30BITS`` (1GB regions, 0x40000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_34BITS`` (16GB regions, 0x400000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_36BITS`` (64GB regions, 0x1000000000 bytes)
|
||||
* ``GPCCR_L0GPTSZ_39BITS`` (512GB regions, 0x8000000000 bytes)
|
||||
|
||||
Note that the value of the PPS, PGS, and L0GPTSZ definitions is an encoded value
|
||||
corresponding to the size, not the size itself. The decoded hex representations
|
||||
of the sizes have been provided for convenience.
|
||||
|
||||
The L0 table memory has some constraints that must be taken into account.
|
||||
|
||||
* The L0 table must be aligned to either the table size or 4096 bytes, whichever
|
||||
is greater. L0 table size is the total protected space (PPS) divided by the
|
||||
size of each L0 region (L0GPTSZ) multiplied by the size of each L0 descriptor
|
||||
(8 bytes). ((PPS / L0GPTSZ) * 8)
|
||||
* The L0 memory size must be greater than or equal to the table size.
|
||||
* The L0 memory must fall within a PAS of type GPT_GPI_ROOT.
|
||||
|
||||
The L1 memory also has some constraints.
|
||||
|
||||
* The L1 tables must be aligned to their size. The size of each L1 table is the
|
||||
size of each L0 region (L0GPTSZ) divided by the granule size (PGS) divided by
|
||||
the granules controlled in each byte (2). ((L0GPTSZ / PGS) / 2)
|
||||
* There must be enough L1 memory supplied to build all requested L1 tables.
|
||||
* The L1 memory must fall within a PAS of type GPT_GPI_ROOT.
|
||||
|
||||
If an invalid combination of parameters is supplied, the APIs will print an
|
||||
error message and return a negative value. The return values of APIs should be
|
||||
checked to ensure successful configuration.
|
||||
|
||||
Sample Calculation for L0 memory size and alignment
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Let PPS=GPCCR_PPS_4GB and L0GPTSZ=GPCCR_L0GPTSZ_30BITS
|
||||
|
||||
We can find the total L0 table size with ((PPS / L0GPTSZ) * 8)
|
||||
|
||||
Substitute values to get this: ((0x100000000 / 0x40000000) * 8)
|
||||
|
||||
And solve to get 32 bytes. In this case, 4096 is greater than 32, so the L0
|
||||
tables must be aligned to 4096 bytes.
|
||||
|
||||
Sample calculation for L1 table size and alignment
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Let PGS=GPCCR_PGS_4K and L0GPTSZ=GPCCR_L0GPTSZ_30BITS
|
||||
|
||||
We can find the size of each L1 table with ((L0GPTSZ / PGS) / 2).
|
||||
|
||||
Substitute values: ((0x40000000 / 0x1000) / 2)
|
||||
|
||||
And solve to get 0x20000 bytes per L1 table.
|
||||
28
arm-trusted-firmware/docs/components/index.rst
Normal file
28
arm-trusted-firmware/docs/components/index.rst
Normal file
@@ -0,0 +1,28 @@
|
||||
Components
|
||||
==========
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
spd/index
|
||||
activity-monitors
|
||||
arm-sip-service
|
||||
debugfs-design
|
||||
exception-handling
|
||||
fconf/index
|
||||
firmware-update
|
||||
measured_boot/index
|
||||
mpmm
|
||||
platform-interrupt-controller-API
|
||||
ras
|
||||
romlib-design
|
||||
sdei
|
||||
secure-partition-manager
|
||||
secure-partition-manager-mm
|
||||
ffa-manifest-binding
|
||||
xlat-tables-lib-v2-design
|
||||
cot-binding
|
||||
realm-management-extension
|
||||
granule-protection-tables-design
|
||||
@@ -0,0 +1,35 @@
|
||||
DTB binding for Event Log properties
|
||||
====================================
|
||||
|
||||
This document describes the device tree format of Event Log properties.
|
||||
These properties are not related to a specific platform and can be queried
|
||||
from common code.
|
||||
|
||||
Dynamic configuration for Event Log
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Measured Boot driver expects a *tpm_event_log* node with the following field
|
||||
in 'tb_fw_config', 'nt_fw_config' and 'tsp_fw_config' DTS files:
|
||||
|
||||
- compatible [mandatory]
|
||||
- value type: <string>
|
||||
- Must be the string "arm,tpm_event_log".
|
||||
|
||||
Then a list of properties representing Event Log configuration, which
|
||||
can be used by Measured Boot driver. Each property is named according
|
||||
to the information it contains:
|
||||
|
||||
- tpm_event_log_sm_addr [fvp_nt_fw_config.dts with OP-TEE]
|
||||
- value type: <u64>
|
||||
- Event Log base address in secure memory.
|
||||
|
||||
Note. Currently OP-TEE does not support reading DTBs from Secure memory
|
||||
and this property should be removed when this feature is supported.
|
||||
|
||||
- tpm_event_log_addr [mandatory]
|
||||
- value type: <u64>
|
||||
- Event Log base address in non-secure memory.
|
||||
|
||||
- tpm_event_log_size [mandatory]
|
||||
- value type: <u32>
|
||||
- Event Log size.
|
||||
12
arm-trusted-firmware/docs/components/measured_boot/index.rst
Normal file
12
arm-trusted-firmware/docs/components/measured_boot/index.rst
Normal file
@@ -0,0 +1,12 @@
|
||||
Measured Boot Driver (MBD)
|
||||
==========================
|
||||
|
||||
.. _measured-boot-document:
|
||||
|
||||
Properties binding information
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
event_log
|
||||
30
arm-trusted-firmware/docs/components/mpmm.rst
Normal file
30
arm-trusted-firmware/docs/components/mpmm.rst
Normal file
@@ -0,0 +1,30 @@
|
||||
Maximum Power Mitigation Mechanism (MPMM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
|MPMM| is an optional microarchitectural power management mechanism supported by
|
||||
some Arm Armv9-A cores, beginning with the Cortex-X2, Cortex-A710 and
|
||||
Cortex-A510 cores. This mechanism detects and limits high-activity events to
|
||||
assist in |SoC| processor power domain dynamic power budgeting and limit the
|
||||
triggering of whole-rail (i.e. clock chopping) responses to overcurrent
|
||||
conditions.
|
||||
|
||||
|MPMM| is enabled on a per-core basis by the EL3 runtime firmware. The presence
|
||||
of |MPMM| cannot be determined at runtime by the firmware, and therefore the
|
||||
platform must expose this information through one of two possible mechanisms:
|
||||
|
||||
- |FCONF|, controlled by the ``ENABLE_MPMM_FCONF`` build option.
|
||||
- A platform implementation of the ``plat_mpmm_topology`` function (the
|
||||
default).
|
||||
|
||||
See :ref:`Maximum Power Mitigation Mechanism (MPMM) Bindings` for documentation
|
||||
on the |FCONF| device tree bindings.
|
||||
|
||||
.. warning::
|
||||
|
||||
|MPMM| exposes gear metrics through the auxiliary |AMU| counters. An
|
||||
external power controller can use these metrics to budget SoC power by
|
||||
limiting the number of cores that can execute higher-activity workloads or
|
||||
switching to a different DVFS operating point. When this is the case, the
|
||||
|AMU| counters that make up the |MPMM| gears must be enabled by the EL3
|
||||
runtime firmware - please see :ref:`Activity Monitor Auxiliary Counters` for
|
||||
documentation on enabling auxiliary |AMU| counters.
|
||||
@@ -0,0 +1,309 @@
|
||||
Platform Interrupt Controller API
|
||||
=================================
|
||||
|
||||
This document lists the optional platform interrupt controller API that
|
||||
abstracts the runtime configuration and control of interrupt controller from the
|
||||
generic code. The mandatory APIs are described in the
|
||||
:ref:`Porting Guide <porting_guide_imf_in_bl31>`.
|
||||
|
||||
Function: unsigned int plat_ic_get_running_priority(void); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : void
|
||||
Return : unsigned int
|
||||
|
||||
This API should return the priority of the interrupt the PE is currently
|
||||
servicing. This must be be called only after an interrupt has already been
|
||||
acknowledged via ``plat_ic_acknowledge_interrupt``.
|
||||
|
||||
In the case of Arm standard platforms using GIC, the *Running Priority Register*
|
||||
is read to determine the priority of the interrupt.
|
||||
|
||||
Function: int plat_ic_is_spi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Shared Peripheral Interrupt. Shared Peripheral Interrupts are typically
|
||||
associated to system-wide peripherals, and these interrupts can target any PE in
|
||||
the system.
|
||||
|
||||
Function: int plat_ic_is_ppi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Private Peripheral Interrupt. Private Peripheral Interrupts are typically
|
||||
associated with peripherals that are private to each PE. Interrupts from private
|
||||
peripherals target to that PE only.
|
||||
|
||||
Function: int plat_ic_is_sgi(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
The API should return whether the interrupt ID (first parameter) is categorized
|
||||
as a Software Generated Interrupt. Software Generated Interrupts are raised by
|
||||
explicit programming by software, and are typically used in inter-PE
|
||||
communication. Secure SGIs are reserved for use by Secure world software.
|
||||
|
||||
Function: unsigned int plat_ic_get_interrupt_active(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API should return the *active* status of the interrupt ID specified by the
|
||||
first parameter, ``id``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API reads
|
||||
the GIC *Set Active Register* to read and return the active status of the
|
||||
interrupt.
|
||||
|
||||
Function: void plat_ic_enable_interrupt(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should enable the interrupt ID specified by the first parameter,
|
||||
``id``. PEs in the system are expected to receive only enabled interrupts.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before enabling interrupt, and
|
||||
then writes to GIC *Set Enable Register* to enable the interrupt.
|
||||
|
||||
Function: void plat_ic_disable_interrupt(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should disable the interrupt ID specified by the first parameter,
|
||||
``id``. PEs in the system are not expected to receive disabled interrupts.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to GIC *Clear Enable Register* to disable the interrupt, and inserts
|
||||
barrier to make memory updates visible afterwards.
|
||||
|
||||
Function: void plat_ic_set_interrupt_priority(unsigned int id, unsigned int priority); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the priority of the interrupt specified by first parameter
|
||||
``id`` to the value set by the second parameter ``priority``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to GIC *Priority Register* set interrupt priority.
|
||||
|
||||
Function: int plat_ic_has_interrupt_type(unsigned int type); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API should return whether the platform supports a given interrupt type. The
|
||||
parameter ``type`` shall be one of ``INTR_TYPE_EL3``, ``INTR_TYPE_S_EL1``, or
|
||||
``INTR_TYPE_NS``.
|
||||
|
||||
In case of Arm standard platforms using GICv3, the implementation of the API
|
||||
returns ``1`` for all interrupt types.
|
||||
|
||||
In case of Arm standard platforms using GICv2, the API always return ``1`` for
|
||||
``INTR_TYPE_NS``. Return value for other types depends on the value of build
|
||||
option ``GICV2_G0_FOR_EL3``:
|
||||
|
||||
- For interrupt type ``INTR_TYPE_EL3``:
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``0``, it returns ``0``, indicating no support
|
||||
for EL3 interrupts.
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``1``, it returns ``1``, indicating support for
|
||||
EL3 interrupts.
|
||||
|
||||
- For interrupt type ``INTR_TYPE_S_EL1``:
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``0``, it returns ``1``, indicating support for
|
||||
Secure EL1 interrupts.
|
||||
|
||||
- When ``GICV2_G0_FOR_EL3`` is ``1``, it returns ``0``, indicating no support
|
||||
for Secure EL1 interrupts.
|
||||
|
||||
Function: void plat_ic_set_interrupt_type(unsigned int id, unsigned int type); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the interrupt specified by first parameter ``id`` to the
|
||||
type specified by second parameter ``type``. The ``type`` parameter can be
|
||||
one of:
|
||||
|
||||
- ``INTR_TYPE_NS``: interrupt is meant to be consumed by the Non-secure world.
|
||||
|
||||
- ``INTR_TYPE_S_EL1``: interrupt is meant to be consumed by Secure EL1.
|
||||
|
||||
- ``INTR_TYPE_EL3``: interrupt is meant to be consumed by EL3.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Group Register* and *Group Modifier Register* (only GICv3) to
|
||||
assign the interrupt to the right group.
|
||||
|
||||
For GICv3:
|
||||
|
||||
- ``INTR_TYPE_NS`` maps to Group 1 interrupt.
|
||||
|
||||
- ``INTR_TYPE_S_EL1`` maps to Secure Group 1 interrupt.
|
||||
|
||||
- ``INTR_TYPE_EL3`` maps to Secure Group 0 interrupt.
|
||||
|
||||
For GICv2:
|
||||
|
||||
- ``INTR_TYPE_NS`` maps to Group 1 interrupt.
|
||||
|
||||
- When the build option ``GICV2_G0_FOR_EL3`` is set to ``0`` (the default),
|
||||
``INTR_TYPE_S_EL1`` maps to Group 0. Otherwise, ``INTR_TYPE_EL3`` maps to
|
||||
Group 0 interrupt.
|
||||
|
||||
Function: void plat_ic_raise_el3_sgi(int sgi_num, u_register_t target); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : int
|
||||
Argument : u_register_t
|
||||
Return : void
|
||||
|
||||
This API should raise an EL3 SGI. The first parameter, ``sgi_num``, specifies
|
||||
the ID of the SGI. The second parameter, ``target``, must be the MPIDR of the
|
||||
target PE.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before raising SGI, then writes
|
||||
to appropriate *SGI Register* in order to raise the EL3 SGI.
|
||||
|
||||
Function: void plat_ic_set_spi_routing(unsigned int id, unsigned int routing_mode, u_register_t mpidr); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Argument : unsigned int
|
||||
Argument : u_register_t
|
||||
Return : void
|
||||
|
||||
This API should set the routing mode of Share Peripheral Interrupt (SPI)
|
||||
specified by first parameter ``id`` to that specified by the second parameter
|
||||
``routing_mode``.
|
||||
|
||||
The ``routing_mode`` parameter can be one of:
|
||||
|
||||
- ``INTR_ROUTING_MODE_ANY`` means the interrupt can be routed to any PE in the
|
||||
system. The ``mpidr`` parameter is ignored in this case.
|
||||
|
||||
- ``INTR_ROUTING_MODE_PE`` means the interrupt is routed to the PE whose MPIDR
|
||||
value is specified by the parameter ``mpidr``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Target Register* (GICv2) or *Route Register* (GICv3) to set
|
||||
the routing.
|
||||
|
||||
Function: void plat_ic_set_interrupt_pending(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should set the interrupt specified by first parameter ``id`` to
|
||||
*Pending*.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts barrier to make memory updates visible before setting interrupt pending,
|
||||
and writes to the GIC *Set Pending Register* to set the interrupt pending
|
||||
status.
|
||||
|
||||
Function: void plat_ic_clear_interrupt_pending(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : void
|
||||
|
||||
This API should clear the *Pending* status of the interrupt specified by first
|
||||
parameter ``id``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
writes to the GIC *Clear Pending Register* to clear the interrupt pending
|
||||
status, and inserts barrier to make memory updates visible afterwards.
|
||||
|
||||
Function: unsigned int plat_ic_set_priority_mask(unsigned int id); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : int
|
||||
|
||||
This API should set the priority mask (first parameter) in the interrupt
|
||||
controller such that only interrupts of higher priority than the supplied one
|
||||
may be signalled to the PE. The API should return the current priority value
|
||||
that it's overwriting.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
inserts to order memory updates before updating mask, then writes to the GIC
|
||||
*Priority Mask Register*, and make sure memory updates are visible before
|
||||
potential trigger due to mask update.
|
||||
|
||||
.. _plat_ic_get_interrupt_id:
|
||||
|
||||
Function: unsigned int plat_ic_get_interrupt_id(unsigned int raw); [optional]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int
|
||||
Return : unsigned int
|
||||
|
||||
This API should extract and return the interrupt number from the raw value
|
||||
obtained by the acknowledging the interrupt (read using
|
||||
``plat_ic_acknowledge_interrupt()``). If the interrupt ID is invalid, this API
|
||||
should return ``INTR_ID_UNAVAILABLE``.
|
||||
|
||||
In case of Arm standard platforms using GIC, the implementation of the API
|
||||
masks out the interrupt ID field from the acknowledged value from GIC.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2019, Arm Limited and Contributors. All rights reserved.*
|
||||
241
arm-trusted-firmware/docs/components/ras.rst
Normal file
241
arm-trusted-firmware/docs/components/ras.rst
Normal file
@@ -0,0 +1,241 @@
|
||||
Reliability, Availability, and Serviceability (RAS) Extensions
|
||||
==============================================================
|
||||
|
||||
This document describes |TF-A| support for Arm Reliability, Availability, and
|
||||
Serviceability (RAS) extensions. RAS is a mandatory extension for Armv8.2 and
|
||||
later CPUs, and also an optional extension to the base Armv8.0 architecture.
|
||||
|
||||
In conjunction with the |EHF|, support for RAS extension enables firmware-first
|
||||
paradigm for handling platform errors: exceptions resulting from errors are
|
||||
routed to and handled in EL3. Said errors are Synchronous External Abort (SEA),
|
||||
Asynchronous External Abort (signalled as SErrors), Fault Handling and Error
|
||||
Recovery interrupts. The |EHF| document mentions various :ref:`error handling
|
||||
use-cases <delegation-use-cases>` .
|
||||
|
||||
For the description of Arm RAS extensions, Standard Error Records, and the
|
||||
precise definition of RAS terminology, please refer to the Arm Architecture
|
||||
Reference Manual. The rest of this document assumes familiarity with
|
||||
architecture and terminology.
|
||||
|
||||
Overview
|
||||
--------
|
||||
|
||||
As mentioned above, the RAS support in |TF-A| enables routing to and handling of
|
||||
exceptions resulting from platform errors in EL3. It allows the platform to
|
||||
define an External Abort handler, and to register RAS nodes and interrupts. RAS
|
||||
framework also provides `helpers`__ for accessing Standard Error Records as
|
||||
introduced by the RAS extensions.
|
||||
|
||||
.. __: `Standard Error Record helpers`_
|
||||
|
||||
The build option ``RAS_EXTENSION`` when set to ``1`` includes the RAS in run
|
||||
time firmware; ``EL3_EXCEPTION_HANDLING`` and ``HANDLE_EA_EL3_FIRST`` must also
|
||||
be set ``1``. ``RAS_TRAP_LOWER_EL_ERR_ACCESS`` controls the access to the RAS
|
||||
error record registers from lower ELs.
|
||||
|
||||
.. _ras-figure:
|
||||
|
||||
.. image:: ../resources/diagrams/draw.io/ras.svg
|
||||
|
||||
See more on `Engaging the RAS framework`_.
|
||||
|
||||
Platform APIs
|
||||
-------------
|
||||
|
||||
The RAS framework allows the platform to define handlers for External Abort,
|
||||
Uncontainable Errors, Double Fault, and errors rising from EL3 execution. Please
|
||||
refer to :ref:`RAS Porting Guide <External Abort handling and RAS Support>`.
|
||||
|
||||
Registering RAS error records
|
||||
-----------------------------
|
||||
|
||||
RAS nodes are components in the system capable of signalling errors to PEs
|
||||
through one one of the notification mechanisms—SEAs, SErrors, or interrupts. RAS
|
||||
nodes contain one or more error records, which are registers through which the
|
||||
nodes advertise various properties of the signalled error. Arm recommends that
|
||||
error records are implemented in the Standard Error Record format. The RAS
|
||||
architecture allows for error records to be accessible via system or
|
||||
memory-mapped registers.
|
||||
|
||||
The platform should enumerate the error records providing for each of them:
|
||||
|
||||
- A handler to probe error records for errors;
|
||||
- When the probing identifies an error, a handler to handle it;
|
||||
- For memory-mapped error record, its base address and size in KB; for a system
|
||||
register-accessed record, the start index of the record and number of
|
||||
continuous records from that index;
|
||||
- Any node-specific auxiliary data.
|
||||
|
||||
With this information supplied, when the run time firmware receives one of the
|
||||
notification mechanisms, the RAS framework can iterate through and probe error
|
||||
records for error, and invoke the appropriate handler to handle it.
|
||||
|
||||
The RAS framework provides the macros to populate error record information. The
|
||||
macros are versioned, and the latest version as of this writing is 1. These
|
||||
macros create a structure of type ``struct err_record_info`` from its arguments,
|
||||
which are later passed to probe and error handlers.
|
||||
|
||||
For memory-mapped error records:
|
||||
|
||||
.. code:: c
|
||||
|
||||
ERR_RECORD_MEMMAP_V1(base_addr, size_num_k, probe, handler, aux)
|
||||
|
||||
And, for system register ones:
|
||||
|
||||
.. code:: c
|
||||
|
||||
ERR_RECORD_SYSREG_V1(idx_start, num_idx, probe, handler, aux)
|
||||
|
||||
The probe handler must have the following prototype:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*err_record_probe_t)(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
The probe handler must return a non-zero value if an error was detected, or 0
|
||||
otherwise. The ``probe_data`` output parameter can be used to pass any useful
|
||||
information resulting from probe to the error handler (see `below`__). For
|
||||
example, it could return the index of the record.
|
||||
|
||||
.. __: `Standard Error Record helpers`_
|
||||
|
||||
The error handler must have the following prototype:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int (*err_record_handler_t)(const struct err_record_info *info,
|
||||
int probe_data, const struct err_handler_data *const data);
|
||||
|
||||
The ``data`` constant parameter describes the various properties of the error,
|
||||
including the reason for the error, exception syndrome, and also ``flags``,
|
||||
``cookie``, and ``handle`` parameters from the :ref:`top-level exception handler
|
||||
<EL3 interrupts>`.
|
||||
|
||||
The platform is expected populate an array using the macros above, and register
|
||||
the it with the RAS framework using the macro ``REGISTER_ERR_RECORD_INFO()``,
|
||||
passing it the name of the array describing the records. Note that the macro
|
||||
must be used in the same file where the array is defined.
|
||||
|
||||
Standard Error Record helpers
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The |TF-A| RAS framework provides probe handlers for Standard Error Records, for
|
||||
both memory-mapped and System Register accesses:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int ras_err_ser_probe_memmap(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
int ras_err_ser_probe_sysreg(const struct err_record_info *info,
|
||||
int *probe_data);
|
||||
|
||||
When the platform enumerates error records, for those records in the Standard
|
||||
Error Record format, these helpers maybe used instead of rolling out their own.
|
||||
Both helpers above:
|
||||
|
||||
- Return non-zero value when an error is detected in a Standard Error Record;
|
||||
- Set ``probe_data`` to the index of the error record upon detecting an error.
|
||||
|
||||
Registering RAS interrupts
|
||||
--------------------------
|
||||
|
||||
RAS nodes can signal errors to the PE by raising Fault Handling and/or Error
|
||||
Recovery interrupts. For the firmware-first handling paradigm for interrupts to
|
||||
work, the platform must setup and register with |EHF|. See `Interaction with
|
||||
Exception Handling Framework`_.
|
||||
|
||||
For each RAS interrupt, the platform has to provide structure of type ``struct
|
||||
ras_interrupt``:
|
||||
|
||||
- Interrupt number;
|
||||
- The associated error record information (pointer to the corresponding
|
||||
``struct err_record_info``);
|
||||
- Optionally, a cookie.
|
||||
|
||||
The platform is expected to define an array of ``struct ras_interrupt``, and
|
||||
register it with the RAS framework using the macro
|
||||
``REGISTER_RAS_INTERRUPTS()``, passing it the name of the array. Note that the
|
||||
macro must be used in the same file where the array is defined.
|
||||
|
||||
The array of ``struct ras_interrupt`` must be sorted in the increasing order of
|
||||
interrupt number. This allows for fast look of handlers in order to service RAS
|
||||
interrupts.
|
||||
|
||||
Double-fault handling
|
||||
---------------------
|
||||
|
||||
A Double Fault condition arises when an error is signalled to the PE while
|
||||
handling of a previously signalled error is still underway. When a Double Fault
|
||||
condition arises, the Arm RAS extensions only require for handler to perform
|
||||
orderly shutdown of the system, as recovery may be impossible.
|
||||
|
||||
The RAS extensions part of Armv8.4 introduced new architectural features to deal
|
||||
with Double Fault conditions, specifically, the introduction of ``NMEA`` and
|
||||
``EASE`` bits to ``SCR_EL3`` register. These were introduced to assist EL3
|
||||
software which runs part of its entry/exit routines with exceptions momentarily
|
||||
masked—meaning, in such systems, External Aborts/SErrors are not immediately
|
||||
handled when they occur, but only after the exceptions are unmasked again.
|
||||
|
||||
|TF-A|, for legacy reasons, executes entire EL3 with all exceptions unmasked.
|
||||
This means that all exceptions routed to EL3 are handled immediately. |TF-A|
|
||||
thus is able to detect a Double Fault conditions in software, without needing
|
||||
the intended advantages of Armv8.4 Double Fault architecture extensions.
|
||||
|
||||
Double faults are fatal, and terminate at the platform double fault handler, and
|
||||
doesn't return.
|
||||
|
||||
Engaging the RAS framework
|
||||
--------------------------
|
||||
|
||||
Enabling RAS support is a platform choice constructed from three distinct, but
|
||||
related, build options:
|
||||
|
||||
- ``RAS_EXTENSION=1`` includes the RAS framework in the run time firmware;
|
||||
|
||||
- ``EL3_EXCEPTION_HANDLING=1`` enables handling of exceptions at EL3. See
|
||||
`Interaction with Exception Handling Framework`_;
|
||||
|
||||
- ``HANDLE_EA_EL3_FIRST=1`` enables routing of External Aborts and SErrors to
|
||||
EL3.
|
||||
|
||||
The RAS support in |TF-A| introduces a default implementation of
|
||||
``plat_ea_handler``, the External Abort handler in EL3. When ``RAS_EXTENSION``
|
||||
is set to ``1``, it'll first call ``ras_ea_handler()`` function, which is the
|
||||
top-level RAS exception handler. ``ras_ea_handler`` is responsible for iterating
|
||||
to through platform-supplied error records, probe them, and when an error is
|
||||
identified, look up and invoke the corresponding error handler.
|
||||
|
||||
Note that, if the platform chooses to override the ``plat_ea_handler`` function
|
||||
and intend to use the RAS framework, it must explicitly call
|
||||
``ras_ea_handler()`` from within.
|
||||
|
||||
Similarly, for RAS interrupts, the framework defines
|
||||
``ras_interrupt_handler()``. The RAS framework arranges for it to be invoked
|
||||
when a RAS interrupt taken at EL3. The function bisects the platform-supplied
|
||||
sorted array of interrupts to look up the error record information associated
|
||||
with the interrupt number. That error handler for that record is then invoked to
|
||||
handle the error.
|
||||
|
||||
Interaction with Exception Handling Framework
|
||||
---------------------------------------------
|
||||
|
||||
As mentioned in earlier sections, RAS framework interacts with the |EHF| to
|
||||
arbitrate handling of RAS exceptions with others that are routed to EL3. This
|
||||
means that the platform must partition a :ref:`priority level <Partitioning
|
||||
priority levels>` for handling RAS exceptions. The platform must then define
|
||||
the macro ``PLAT_RAS_PRI`` to the priority level used for RAS exceptions.
|
||||
Platforms would typically want to allocate the highest secure priority for
|
||||
RAS handling.
|
||||
|
||||
Handling of both :ref:`interrupt <interrupt-flow>` and :ref:`non-interrupt
|
||||
<non-interrupt-flow>` exceptions follow the sequences outlined in the |EHF|
|
||||
documentation. I.e., for interrupts, the priority management is implicit; but
|
||||
for non-interrupt exceptions, they're explicit using :ref:`EHF APIs
|
||||
<Activating and Deactivating priorities>`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,267 @@
|
||||
|
||||
Realm Management Extension (RME)
|
||||
====================================
|
||||
|
||||
FEAT_RME (or RME for short) is an Armv9-A extension and is one component of the
|
||||
`Arm Confidential Compute Architecture (Arm CCA)`_. TF-A supports RME starting
|
||||
from version 2.6. This chapter discusses the changes to TF-A to support RME and
|
||||
provides instructions on how to build and run TF-A with RME.
|
||||
|
||||
RME support in TF-A
|
||||
---------------------
|
||||
|
||||
The following diagram shows an Arm CCA software architecture with TF-A as the
|
||||
EL3 firmware. In the Arm CCA architecture there are two additional security
|
||||
states and address spaces: ``Root`` and ``Realm``. TF-A firmware runs in the
|
||||
Root world. In the realm world, a Realm Management Monitor firmware (RMM)
|
||||
manages the execution of Realm VMs and their interaction with the hypervisor.
|
||||
|
||||
.. image:: ../resources/diagrams/arm-cca-software-arch.png
|
||||
|
||||
RME is the hardware extension to support Arm CCA. To support RME, various
|
||||
changes have been introduced to TF-A. We discuss those changes below.
|
||||
|
||||
Changes to translation tables library
|
||||
***************************************
|
||||
RME adds Root and Realm Physical address spaces. To support this, two new
|
||||
memory type macros, ``MT_ROOT`` and ``MT_REALM``, have been added to the
|
||||
:ref:`Translation (XLAT) Tables Library`. These macros are used to configure
|
||||
memory regions as Root or Realm respectively.
|
||||
|
||||
.. note::
|
||||
|
||||
Only version 2 of the translation tables library supports the new memory
|
||||
types.
|
||||
|
||||
Changes to context management
|
||||
*******************************
|
||||
A new CPU context for the Realm world has been added. The existing
|
||||
:ref:`CPU context management API<PSCI Library Integration guide for Armv8-A
|
||||
AArch32 systems>` can be used to manage Realm context.
|
||||
|
||||
Boot flow changes
|
||||
*******************
|
||||
In a typical TF-A boot flow, BL2 runs at Secure-EL1. However when RME is
|
||||
enabled, TF-A runs in the Root world at EL3. Therefore, the boot flow is
|
||||
modified to run BL2 at EL3 when RME is enabled. In addition to this, a
|
||||
Realm-world firmware (RMM) is loaded by BL2 in the Realm physical address
|
||||
space.
|
||||
|
||||
The boot flow when RME is enabled looks like the following:
|
||||
|
||||
1. BL1 loads and executes BL2 at EL3
|
||||
2. BL2 loads images including RMM
|
||||
3. BL2 transfers control to BL31
|
||||
4. BL31 initializes SPM (if SPM is enabled)
|
||||
5. BL31 initializes RMM
|
||||
6. BL31 transfers control to Normal-world software
|
||||
|
||||
Granule Protection Tables (GPT) library
|
||||
*****************************************
|
||||
Isolation between the four physical address spaces is enforced by a process
|
||||
called Granule Protection Check (GPC) performed by the MMU downstream any
|
||||
address translation. GPC makes use of Granule Protection Table (GPT) in the
|
||||
Root world that describes the physical address space assignment of every
|
||||
page (granule). A GPT library that provides APIs to initialize GPTs and to
|
||||
transition granules between different physical address spaces has been added.
|
||||
More information about the GPT library can be found in the
|
||||
:ref:`Granule Protection Tables Library` chapter.
|
||||
|
||||
RMM Dispatcher (RMMD)
|
||||
************************
|
||||
RMMD is a new standard runtime service that handles the switch to the Realm
|
||||
world. It initializes the RMM and handles Realm Management Interface (RMI)
|
||||
SMC calls from Non-secure and Realm worlds.
|
||||
|
||||
Test Realm Payload (TRP)
|
||||
*************************
|
||||
TRP is a small test payload that runs at R-EL2 and implements a subset of
|
||||
the Realm Management Interface (RMI) commands to primarily test EL3 firmware
|
||||
and the interface between R-EL2 and EL3. When building TF-A with RME enabled,
|
||||
if a path to an RMM image is not provided, TF-A builds the TRP by default
|
||||
and uses it as RMM image.
|
||||
|
||||
Building and running TF-A with RME
|
||||
------------------------------------
|
||||
|
||||
This section describes how you can build and run TF-A with RME enabled.
|
||||
We assume you have all the :ref:`Prerequisites` to build TF-A.
|
||||
|
||||
To enable RME, you need to set the ENABLE_RME build flag when building
|
||||
TF-A. Currently, this feature is only supported for the FVP platform.
|
||||
|
||||
The following instructions show you how to build and run TF-A with RME
|
||||
for two scenarios: TF-A with TF-A Tests, and four-world execution with
|
||||
Hafnium and TF-A Tests. The instructions assume you have already obtained
|
||||
TF-A. You can use the following command to clone TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
|
||||
|
||||
To run the tests, you need an FVP model. Please use the :ref:`latest version
|
||||
<Arm Fixed Virtual Platforms (FVP)>` of *FVP_Base_RevC-2xAEMvA* model.
|
||||
|
||||
.. note::
|
||||
|
||||
ENABLE_RME build option is currently experimental.
|
||||
|
||||
Building TF-A with TF-A Tests
|
||||
********************************************
|
||||
Use the following instructions to build TF-A with `TF-A Tests`_ as the
|
||||
non-secure payload (BL33).
|
||||
|
||||
**1. Obtain and build TF-A Tests**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git
|
||||
cd tf-a-tests
|
||||
make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1
|
||||
|
||||
This produces a TF-A Tests binary (*tftf.bin*) in the *build/fvp/debug* directory.
|
||||
|
||||
**2. Build TF-A**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
cd trusted-firmware-a
|
||||
make CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
ENABLE_RME=1 \
|
||||
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
|
||||
DEBUG=1 \
|
||||
BL33=<path/to/tftf.bin> \
|
||||
all fip
|
||||
|
||||
This produces *bl1.bin* and *fip.bin* binaries in the *build/fvp/debug* directory.
|
||||
The above command also builds TRP. The TRP binary is packaged in *fip.bin*.
|
||||
|
||||
Four-world execution with Hafnium and TF-A Tests
|
||||
****************************************************
|
||||
Four-world execution involves software components at each security state: root,
|
||||
secure, realm and non-secure. This section describes how to build TF-A
|
||||
with four-world support. We use TF-A as the root firmware, `Hafnium`_ as the
|
||||
secure component, TRP as the realm-world firmware and TF-A Tests as the
|
||||
non-secure payload.
|
||||
|
||||
Before building TF-A, you first need to build the other software components.
|
||||
You can find instructions on how to get and build TF-A Tests above.
|
||||
|
||||
**1. Obtain and build Hafnium**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone --recurse-submodules https://git.trustedfirmware.org/hafnium/hafnium.git
|
||||
cd hafnium
|
||||
# Use the default prebuilt LLVM/clang toolchain
|
||||
PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH
|
||||
make PROJECT=reference
|
||||
|
||||
The Hafnium binary should be located at
|
||||
*out/reference/secure_aem_v8a_fvp_clang/hafnium.bin*
|
||||
|
||||
**2. Build TF-A**
|
||||
|
||||
Build TF-A with RME as well as SPM enabled.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-none-elf- \
|
||||
PLAT=fvp \
|
||||
ENABLE_RME=1 \
|
||||
FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=1 \
|
||||
BRANCH_PROTECTION=1 \
|
||||
CTX_INCLUDE_PAUTH_REGS=1 \
|
||||
DEBUG=1 \
|
||||
SP_LAYOUT_FILE=<path/to/tf-a-tests>/build/fvp/debug/sp_layout.json> \
|
||||
BL32=<path/to/hafnium.bin> \
|
||||
BL33=<path/to/tftf.bin> \
|
||||
all fip
|
||||
|
||||
Running the tests
|
||||
*********************
|
||||
Use the following command to run the tests on FVP. TF-A Tests should boot
|
||||
and run the default tests including RME tests.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
FVP_Base_RevC-2xAEMvA \
|
||||
-C bp.flashloader0.fname=<path/to/fip.bin> \
|
||||
-C bp.secureflashloader.fname=<path/to/bl1.bin> \
|
||||
-C bp.refcounter.non_arch_start_at_default=1 \
|
||||
-C bp.refcounter.use_real_time=0 \
|
||||
-C bp.ve_sysregs.exit_on_shutdown=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster0.PA_SIZE=48 \
|
||||
-C cluster0.ecv_support_level=2 \
|
||||
-C cluster0.gicv3.cpuintf-mmap-access-level=2 \
|
||||
-C cluster0.gicv3.without-DS-support=1 \
|
||||
-C cluster0.gicv4.mask-virtual-interrupt=1 \
|
||||
-C cluster0.has_arm_v8-6=1 \
|
||||
-C cluster0.has_branch_target_exception=1 \
|
||||
-C cluster0.has_rme=1 \
|
||||
-C cluster0.has_rndr=1 \
|
||||
-C cluster0.has_amu=1 \
|
||||
-C cluster0.has_v8_7_pmu_extension=2 \
|
||||
-C cluster0.max_32bit_el=-1 \
|
||||
-C cluster0.restriction_on_speculative_execution=2 \
|
||||
-C cluster0.restriction_on_speculative_execution_aarch32=2 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cluster1.PA_SIZE=48 \
|
||||
-C cluster1.ecv_support_level=2 \
|
||||
-C cluster1.gicv3.cpuintf-mmap-access-level=2 \
|
||||
-C cluster1.gicv3.without-DS-support=1 \
|
||||
-C cluster1.gicv4.mask-virtual-interrupt=1 \
|
||||
-C cluster1.has_arm_v8-6=1 \
|
||||
-C cluster1.has_branch_target_exception=1 \
|
||||
-C cluster1.has_rme=1 \
|
||||
-C cluster1.has_rndr=1 \
|
||||
-C cluster1.has_amu=1 \
|
||||
-C cluster1.has_v8_7_pmu_extension=2 \
|
||||
-C cluster1.max_32bit_el=-1 \
|
||||
-C cluster1.restriction_on_speculative_execution=2 \
|
||||
-C cluster1.restriction_on_speculative_execution_aarch32=2 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \
|
||||
-C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 \
|
||||
-C bp.pl011_uart0.out_file=uart0.log \
|
||||
-C bp.pl011_uart1.out_file=uart1.log \
|
||||
-C bp.pl011_uart2.out_file=uart2.log \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-Q 1000 \
|
||||
"$@"
|
||||
|
||||
The bottom of the output from *uart0* should look something like the following.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
...
|
||||
|
||||
> Test suite 'FF-A Interrupt'
|
||||
Passed
|
||||
> Test suite 'SMMUv3 tests'
|
||||
Passed
|
||||
> Test suite 'PMU Leakage'
|
||||
Passed
|
||||
> Test suite 'DebugFS'
|
||||
Passed
|
||||
> Test suite 'Realm payload tests'
|
||||
Passed
|
||||
> Test suite 'Invalid memory access'
|
||||
Passed
|
||||
...
|
||||
|
||||
|
||||
.. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture
|
||||
.. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
|
||||
.. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest
|
||||
.. _Hafnium: https://www.trustedfirmware.org/projects/hafnium
|
||||
155
arm-trusted-firmware/docs/components/romlib-design.rst
Normal file
155
arm-trusted-firmware/docs/components/romlib-design.rst
Normal file
@@ -0,0 +1,155 @@
|
||||
Library at ROM
|
||||
==============
|
||||
|
||||
This document provides an overview of the "library at ROM" implementation in
|
||||
Trusted Firmware-A (TF-A).
|
||||
|
||||
Introduction
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The "library at ROM" feature allows platforms to build a library of functions to
|
||||
be placed in ROM. This reduces SRAM usage by utilising the available space in
|
||||
ROM. The "library at ROM" contains a jump table with the list of functions that
|
||||
are placed in ROM. The capabilities of the "library at ROM" are:
|
||||
|
||||
1. Functions can be from one or several libraries.
|
||||
|
||||
2. Functions can be patched after they have been programmed into ROM.
|
||||
|
||||
3. Platform-specific libraries can be placed in ROM.
|
||||
|
||||
4. Functions can be accessed by one or more BL images.
|
||||
|
||||
Index file
|
||||
~~~~~~~~~~
|
||||
|
||||
.. image:: ../resources/diagrams/romlib_design.png
|
||||
:width: 600
|
||||
|
||||
Library at ROM is described by an index file with the list of functions to be
|
||||
placed in ROM. The index file is platform specific and its format is:
|
||||
|
||||
::
|
||||
|
||||
lib function [patch]
|
||||
|
||||
lib -- Name of the library the function belongs to
|
||||
function -- Name of the function to be placed in library at ROM
|
||||
[patch] -- Option to patch the function
|
||||
|
||||
It is also possible to insert reserved spaces in the list by using the keyword
|
||||
"reserved" rather than the "lib" and "function" names as shown below:
|
||||
|
||||
::
|
||||
|
||||
reserved
|
||||
|
||||
The reserved spaces can be used to add more functions in the future without
|
||||
affecting the order and location of functions already existing in the jump
|
||||
table. Also, for additional flexibility and modularity, the index file can
|
||||
include other index files.
|
||||
|
||||
For an index file example, refer to ``lib/romlib/jmptbl.i``.
|
||||
|
||||
Wrapper functions
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
.. image:: ../resources/diagrams/romlib_wrapper.png
|
||||
:width: 600
|
||||
|
||||
When invoking a function of the "library at ROM", the calling sequence is as
|
||||
follows:
|
||||
|
||||
BL image --> wrapper function --> jump table entry --> library at ROM
|
||||
|
||||
The index file is used to create a jump table which is placed in ROM. Then, the
|
||||
wrappers refer to the jump table to call the "library at ROM" functions. The
|
||||
wrappers essentially contain a branch instruction to the jump table entry
|
||||
corresponding to the original function. Finally, the original function in the BL
|
||||
image(s) is replaced with the wrapper function.
|
||||
|
||||
The "library at ROM" contains a necessary init function that initialises the
|
||||
global variables defined by the functions inside "library at ROM".
|
||||
|
||||
Script
|
||||
~~~~~~
|
||||
|
||||
There is a ``romlib_generate.py`` Python script that generates the necessary
|
||||
files for the "library at ROM" to work. It implements multiple functions:
|
||||
|
||||
1. ``romlib_generate.py gentbl [args]`` - Generates the jump table by parsing
|
||||
the index file.
|
||||
|
||||
2. ``romlib_generator.py genvar [args]`` - Generates the jump table global
|
||||
variable (**not** the jump table itself) with the absolute address in ROM.
|
||||
This global variable is, basically, a pointer to the jump table.
|
||||
|
||||
3. ``romlib_generator.py genwrappers [args]`` - Generates a wrapper function for
|
||||
each entry in the index file except for the ones that contain the keyword
|
||||
``patch``. The generated wrapper file is called ``<fn_name>.s``.
|
||||
|
||||
4. ``romlib_generator.py pre [args]`` - Preprocesses the index file which means
|
||||
it resolves all the include commands in the file recursively. It can also
|
||||
generate a dependency file of the included index files which can be directly
|
||||
used in makefiles.
|
||||
|
||||
Each ``romlib_generate.py`` function has its own manual which is accessible by
|
||||
runing ``romlib_generator.py [function] --help``.
|
||||
|
||||
``romlib_generate.py`` requires Python 3 environment.
|
||||
|
||||
|
||||
Patching of functions in library at ROM
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``romlib_generator.py genwrappers`` does not generate wrappers for the
|
||||
entries in the index file that contain the keyword ``patch``. Thus, it allows
|
||||
calling the function from the actual library by breaking the link to the
|
||||
"library at ROM" version of this function.
|
||||
|
||||
The calling sequence for a patched function is as follows:
|
||||
|
||||
BL image --> function
|
||||
|
||||
Memory impact
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
Using library at ROM will modify the memory layout of the BL images:
|
||||
|
||||
- The ROM library needs a page aligned RAM section to hold the RW data. This
|
||||
section is defined by the ROMLIB_RW_BASE and ROMLIB_RW_END macros.
|
||||
On Arm platforms a section of 1 page (0x1000) is allocated at the top of SRAM.
|
||||
This will have for effect to shift down all the BL images by 1 page.
|
||||
|
||||
- Depending on the functions moved to the ROM library, the size of the BL images
|
||||
will be reduced.
|
||||
For example: moving MbedTLS function into the ROM library reduces BL1 and
|
||||
BL2, but not BL31.
|
||||
|
||||
- This change in BL images size can be taken into consideration to optimize the
|
||||
memory layout when defining the BLx_BASE macros.
|
||||
|
||||
Build library at ROM
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The environment variable ``CROSS_COMPILE`` must be set appropriately. Refer to
|
||||
:ref:`Performing an Initial Build` for more information about setting this
|
||||
variable.
|
||||
|
||||
In the below example the usage of ROMLIB together with mbed TLS is demonstrated
|
||||
to showcase the benefits of library at ROM - it's not mandatory.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp \
|
||||
MBEDTLS_DIR=</path/to/mbedtls/> \
|
||||
TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=</path/to/bl33.bin> \
|
||||
USE_ROMLIB=1 \
|
||||
all fip
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
369
arm-trusted-firmware/docs/components/sdei.rst
Normal file
369
arm-trusted-firmware/docs/components/sdei.rst
Normal file
@@ -0,0 +1,369 @@
|
||||
SDEI: Software Delegated Exception Interface
|
||||
============================================
|
||||
|
||||
This document provides an overview of the SDEI dispatcher implementation in
|
||||
Trusted Firmware-A (TF-A).
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
Software Delegated Exception Interface (|SDEI|) is an Arm specification for
|
||||
Non-secure world to register handlers with firmware to receive notifications
|
||||
about system events. Firmware will first receive the system events by way of
|
||||
asynchronous exceptions and, in response, arranges for the registered handler to
|
||||
execute in the Non-secure EL.
|
||||
|
||||
Normal world software that interacts with the SDEI dispatcher (makes SDEI
|
||||
requests and receives notifications) is referred to as the *SDEI Client*. A
|
||||
client receives the event notification at the registered handler even when it
|
||||
was executing with exceptions masked. The list of SDEI events available to the
|
||||
client are specific to the platform [#std-event]_. See also `Determining client
|
||||
EL`_.
|
||||
|
||||
.. _general SDEI dispatch:
|
||||
|
||||
The following figure depicts a general sequence involving SDEI client executing
|
||||
at EL2 and an event dispatch resulting from the triggering of a bound interrupt.
|
||||
A commentary is provided below:
|
||||
|
||||
.. uml:: ../resources/diagrams/plantuml/sdei_general.puml
|
||||
|
||||
As part of initialisation, the SDEI client binds a Non-secure interrupt [1], and
|
||||
the SDEI dispatcher returns a platform dynamic event number [2]. The client then
|
||||
registers a handler for that event [3], enables the event [5], and unmasks all
|
||||
events on the current PE [7]. This sequence is typical of an SDEI client, but it
|
||||
may involve additional SDEI calls.
|
||||
|
||||
At a later point in time, when the bound interrupt triggers [9], it's trapped to
|
||||
EL3. The interrupt is handed over to the SDEI dispatcher, which then arranges to
|
||||
execute the registered handler [10]. The client terminates its execution with
|
||||
``SDEI_EVENT_COMPLETE`` [11], following which the dispatcher resumes the
|
||||
original EL2 execution [13]. Note that the SDEI interrupt remains active until
|
||||
the client handler completes, at which point EL3 does EOI [12].
|
||||
|
||||
Other than events bound to interrupts, as depicted in the sequence above, SDEI
|
||||
events can be explicitly dispatched in response to other exceptions, for
|
||||
example, upon receiving an *SError* or *Synchronous External Abort*. See
|
||||
`Explicit dispatch of events`_.
|
||||
|
||||
The remainder of this document only discusses the design and implementation of
|
||||
SDEI dispatcher in TF-A, and assumes that the reader is familiar with the SDEI
|
||||
specification, the interfaces, and their requirements.
|
||||
|
||||
Defining events
|
||||
---------------
|
||||
|
||||
A platform choosing to include the SDEI dispatcher must also define the events
|
||||
available on the platform, along with their attributes.
|
||||
|
||||
The platform is expected to provide two arrays of event descriptors: one for
|
||||
private events, and another for shared events. The SDEI dispatcher provides
|
||||
``SDEI_PRIVATE_EVENT()`` and ``SDEI_SHARED_EVENT()`` macros to populate the
|
||||
event descriptors. Both macros take 3 arguments:
|
||||
|
||||
- The event number: this must be a positive 32-bit integer.
|
||||
|
||||
- For an event that has a backing interrupt, the interrupt number the event is
|
||||
bound to:
|
||||
|
||||
- If it's not applicable to an event, this shall be left as ``0``.
|
||||
|
||||
- If the event is dynamic, this should be specified as ``SDEI_DYN_IRQ``.
|
||||
|
||||
- A bit map of `Event flags`_.
|
||||
|
||||
To define event 0, the macro ``SDEI_DEFINE_EVENT_0()`` should be used. This
|
||||
macro takes only one parameter: an SGI number to signal other PEs.
|
||||
|
||||
To define an event that's meant to be explicitly dispatched (i.e., not as a
|
||||
result of receiving an SDEI interrupt), the macro ``SDEI_EXPLICIT_EVENT()``
|
||||
should be used. It accepts two parameters:
|
||||
|
||||
- The event number (as above);
|
||||
|
||||
- Event priority: ``SDEI_MAPF_CRITICAL`` or ``SDEI_MAPF_NORMAL``, as described
|
||||
below.
|
||||
|
||||
Once the event descriptor arrays are defined, they should be exported to the
|
||||
SDEI dispatcher using the ``REGISTER_SDEI_MAP()`` macro, passing it the pointers
|
||||
to the private and shared event descriptor arrays, respectively. Note that the
|
||||
``REGISTER_SDEI_MAP()`` macro must be used in the same file where the arrays are
|
||||
defined.
|
||||
|
||||
Regarding event descriptors:
|
||||
|
||||
- For Event 0:
|
||||
|
||||
- There must be exactly one descriptor in the private array, and none in the
|
||||
shared array.
|
||||
|
||||
- The event should be defined using ``SDEI_DEFINE_EVENT_0()``.
|
||||
|
||||
- Must be bound to a Secure SGI on the platform.
|
||||
|
||||
- Explicit events should only be used in the private array.
|
||||
|
||||
- Statically bound shared and private interrupts must be bound to shared and
|
||||
private interrupts on the platform, respectively. See the section on
|
||||
`Configuration within Exception Handling Framework`_.
|
||||
|
||||
- Both arrays should be one-dimensional. The ``REGISTER_SDEI_MAP()`` macro
|
||||
takes care of replicating private events for each PE on the platform.
|
||||
|
||||
- Both arrays must be sorted in the increasing order of event number.
|
||||
|
||||
The SDEI specification doesn't have provisions for discovery of available events
|
||||
on the platform. The list of events made available to the client, along with
|
||||
their semantics, have to be communicated out of band; for example, through
|
||||
Device Trees or firmware configuration tables.
|
||||
|
||||
See also `Event definition example`_.
|
||||
|
||||
Event flags
|
||||
~~~~~~~~~~~
|
||||
|
||||
Event flags describe the properties of the event. They are bit maps that can be
|
||||
``OR``\ ed to form parameters to macros that define events (see
|
||||
`Defining events`_).
|
||||
|
||||
- ``SDEI_MAPF_DYNAMIC``: Marks the event as dynamic. Dynamic events can be
|
||||
bound to (or released from) any Non-secure interrupt at runtime via the
|
||||
``SDEI_INTERRUPT_BIND`` and ``SDEI_INTERRUPT_RELEASE`` calls.
|
||||
|
||||
- ``SDEI_MAPF_BOUND``: Marks the event as statically bound to an interrupt.
|
||||
These events cannot be re-bound at runtime.
|
||||
|
||||
- ``SDEI_MAPF_NORMAL``: Marks the event as having *Normal* priority. This is
|
||||
the default priority.
|
||||
|
||||
- ``SDEI_MAPF_CRITICAL``: Marks the event as having *Critical* priority.
|
||||
|
||||
Event definition example
|
||||
------------------------
|
||||
|
||||
.. code:: c
|
||||
|
||||
static sdei_ev_map_t plat_private_sdei[] = {
|
||||
/* Event 0 definition */
|
||||
SDEI_DEFINE_EVENT_0(8),
|
||||
|
||||
/* PPI */
|
||||
SDEI_PRIVATE_EVENT(8, 23, SDEI_MAPF_BOUND),
|
||||
|
||||
/* Dynamic private events */
|
||||
SDEI_PRIVATE_EVENT(100, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
|
||||
SDEI_PRIVATE_EVENT(101, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC)
|
||||
|
||||
/* Events for explicit dispatch */
|
||||
SDEI_EXPLICIT_EVENT(2000, SDEI_MAPF_NORMAL);
|
||||
SDEI_EXPLICIT_EVENT(2000, SDEI_MAPF_CRITICAL);
|
||||
};
|
||||
|
||||
/* Shared event mappings */
|
||||
static sdei_ev_map_t plat_shared_sdei[] = {
|
||||
SDEI_SHARED_EVENT(804, 0, SDEI_MAPF_DYNAMIC),
|
||||
|
||||
/* Dynamic shared events */
|
||||
SDEI_SHARED_EVENT(3000, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC),
|
||||
SDEI_SHARED_EVENT(3001, SDEI_DYN_IRQ, SDEI_MAPF_DYNAMIC)
|
||||
};
|
||||
|
||||
/* Export SDEI events */
|
||||
REGISTER_SDEI_MAP(plat_private_sdei, plat_shared_sdei);
|
||||
|
||||
Configuration within Exception Handling Framework
|
||||
-------------------------------------------------
|
||||
|
||||
The SDEI dispatcher functions alongside the Exception Handling Framework. This
|
||||
means that the platform must assign priorities to both Normal and Critical SDEI
|
||||
interrupts for the platform:
|
||||
|
||||
- Install priority descriptors for Normal and Critical SDEI interrupts.
|
||||
|
||||
- For those interrupts that are statically bound (i.e. events defined as having
|
||||
the ``SDEI_MAPF_BOUND`` property), enumerate their properties for the GIC
|
||||
driver to configure interrupts accordingly.
|
||||
|
||||
The interrupts must be configured to target EL3. This means that they should
|
||||
be configured as *Group 0*. Additionally, on GICv2 systems, the build option
|
||||
``GICV2_G0_FOR_EL3`` must be set to ``1``.
|
||||
|
||||
See also :ref:`porting_guide_sdei_requirements`.
|
||||
|
||||
Determining client EL
|
||||
---------------------
|
||||
|
||||
The SDEI specification requires that the *physical* SDEI client executes in the
|
||||
highest Non-secure EL implemented on the system. This means that the dispatcher
|
||||
will only allow SDEI calls to be made from:
|
||||
|
||||
- EL2, if EL2 is implemented. The Hypervisor is expected to implement a
|
||||
*virtual* SDEI dispatcher to support SDEI clients in Guest Operating Systems
|
||||
executing in Non-secure EL1.
|
||||
|
||||
- Non-secure EL1, if EL2 is not implemented or disabled.
|
||||
|
||||
See the function ``sdei_client_el()`` in ``sdei_private.h``.
|
||||
|
||||
.. _explicit-dispatch-of-events:
|
||||
|
||||
Explicit dispatch of events
|
||||
---------------------------
|
||||
|
||||
Typically, an SDEI event dispatch is caused by the PE receiving interrupts that
|
||||
are bound to an SDEI event. However, there are cases where the Secure world
|
||||
requires dispatch of an SDEI event as a direct or indirect result of a past
|
||||
activity, such as receiving a Secure interrupt or an exception.
|
||||
|
||||
The SDEI dispatcher implementation provides ``sdei_dispatch_event()`` API for
|
||||
this purpose. The API has the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
int sdei_dispatch_event(int ev_num);
|
||||
|
||||
The parameter ``ev_num`` is the event number to dispatch. The API returns ``0``
|
||||
on success, or ``-1`` on failure.
|
||||
|
||||
The following figure depicts a scenario involving explicit dispatch of SDEI
|
||||
event. A commentary is provided below:
|
||||
|
||||
.. uml:: ../resources/diagrams/plantuml/sdei_explicit_dispatch.puml
|
||||
|
||||
As part of initialisation, the SDEI client registers a handler for a platform
|
||||
event [1], enables the event [3], and unmasks the current PE [5]. Note that,
|
||||
unlike in `general SDEI dispatch`_, this doesn't involve interrupt binding, as
|
||||
bound or dynamic events can't be explicitly dispatched (see the section below).
|
||||
|
||||
At a later point in time, a critical event [#critical-event]_ is trapped into
|
||||
EL3 [7]. EL3 performs a first-level triage of the event, and a RAS component
|
||||
assumes further handling [8]. The dispatch completes, but intends to involve
|
||||
Non-secure world in further handling, and therefore decides to explicitly
|
||||
dispatch an event [10] (which the client had already registered for [1]). The
|
||||
rest of the sequence is similar to that in the `general SDEI dispatch`_: the
|
||||
requested event is dispatched to the client (assuming all the conditions are
|
||||
met), and when the handler completes, the preempted execution resumes.
|
||||
|
||||
Conditions for event dispatch
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
All of the following requirements must be met for the API to return ``0`` and
|
||||
event to be dispatched:
|
||||
|
||||
- SDEI events must be unmasked on the PE. I.e. the client must have called
|
||||
``PE_UNMASK`` beforehand.
|
||||
|
||||
- Event 0 can't be dispatched.
|
||||
|
||||
- The event must be declared using the ``SDEI_EXPLICIT_EVENT()`` macro
|
||||
described above.
|
||||
|
||||
- The event must be private to the PE.
|
||||
|
||||
- The event must have been registered for and enabled.
|
||||
|
||||
- A dispatch for the same event must not be outstanding. I.e. it hasn't already
|
||||
been dispatched and is yet to be completed.
|
||||
|
||||
- The priority of the event (either Critical or Normal, as configured by the
|
||||
platform at build-time) shouldn't cause priority inversion. This means:
|
||||
|
||||
- If it's of Normal priority, neither Normal nor Critical priority dispatch
|
||||
must be outstanding on the PE.
|
||||
|
||||
- If it's of a Critical priority, no Critical priority dispatch must be
|
||||
outstanding on the PE.
|
||||
|
||||
Further, the caller should be aware of the following assumptions made by the
|
||||
dispatcher:
|
||||
|
||||
- The caller of the API is a component running in EL3; for example, a RAS
|
||||
driver.
|
||||
|
||||
- The requested dispatch will be permitted by the Exception Handling Framework.
|
||||
I.e. the caller must make sure that the requested dispatch has sufficient
|
||||
priority so as not to cause priority level inversion within Exception
|
||||
Handling Framework.
|
||||
|
||||
- The caller must be prepared for the SDEI dispatcher to restore the Non-secure
|
||||
context, and mark that the active context.
|
||||
|
||||
- The call will block until the SDEI client completes the event (i.e. when the
|
||||
client calls either ``SDEI_EVENT_COMPLETE`` or ``SDEI_COMPLETE_AND_RESUME``).
|
||||
|
||||
- The caller must be prepared for this API to return failure and handle
|
||||
accordingly.
|
||||
|
||||
Porting requirements
|
||||
--------------------
|
||||
|
||||
The porting requirements of the SDEI dispatcher are outlined in the
|
||||
:ref:`Porting Guide <porting_guide_sdei_requirements>`.
|
||||
|
||||
Note on writing SDEI event handlers
|
||||
-----------------------------------
|
||||
|
||||
*This section pertains to SDEI event handlers in general, not just when using
|
||||
the TF-A SDEI dispatcher.*
|
||||
|
||||
The SDEI specification requires that event handlers preserve the contents of all
|
||||
registers except ``x0`` to ``x17``. This has significance if event handler is
|
||||
written in C: compilers typically adjust the stack frame at the beginning and
|
||||
end of C functions. For example, AArch64 GCC typically produces the following
|
||||
function prologue and epilogue:
|
||||
|
||||
::
|
||||
|
||||
c_event_handler:
|
||||
stp x29, x30, [sp,#-32]!
|
||||
mov x29, sp
|
||||
|
||||
...
|
||||
|
||||
bl ...
|
||||
|
||||
...
|
||||
|
||||
ldp x29, x30, [sp],#32
|
||||
ret
|
||||
|
||||
The register ``x29`` is used as frame pointer in the prologue. Because neither a
|
||||
valid ``SDEI_EVENT_COMPLETE`` nor ``SDEI_EVENT_COMPLETE_AND_RESUME`` calls
|
||||
return to the handler, the epilogue never gets executed, and registers ``x29``
|
||||
and ``x30`` (in the case above) are inadvertently corrupted. This violates the
|
||||
SDEI specification, and the normal execution thereafter will result in
|
||||
unexpected behaviour.
|
||||
|
||||
To work this around, it's advised that the top-level event handlers are
|
||||
implemented in assembly, following a similar pattern as below:
|
||||
|
||||
::
|
||||
|
||||
asm_event_handler:
|
||||
/* Save link register whilst maintaining stack alignment */
|
||||
stp xzr, x30, [sp, #-16]!
|
||||
bl c_event_handler
|
||||
|
||||
/* Restore link register */
|
||||
ldp xzr, x30, [sp], #16
|
||||
|
||||
/* Complete call */
|
||||
ldr x0, =SDEI_EVENT_COMPLETE
|
||||
smc #0
|
||||
b .
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2019, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. rubric:: Footnotes
|
||||
|
||||
.. [#std-event] Except event 0, which is defined by the SDEI specification as a
|
||||
standard event.
|
||||
|
||||
.. [#critical-event] Examples of critical events are *SError*, *Synchronous
|
||||
External Abort*, *Fault Handling interrupt* or *Error
|
||||
Recovery interrupt* from one of RAS nodes in the system.
|
||||
|
||||
.. _SDEI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _Software Delegated Exception Interface: `SDEI specification`_
|
||||
@@ -0,0 +1,834 @@
|
||||
Secure Partition Manager (MM)
|
||||
*****************************
|
||||
|
||||
Foreword
|
||||
========
|
||||
|
||||
Two implementations of a Secure Partition Manager co-exist in the TF-A codebase:
|
||||
|
||||
- SPM based on the FF-A specification (:ref:`Secure Partition Manager`).
|
||||
- SPM based on the MM interface.
|
||||
|
||||
Both implementations differ in their architectures and only one can be selected
|
||||
at build time.
|
||||
|
||||
This document describes the latter implementation where the Secure Partition Manager
|
||||
resides at EL3 and management services run from isolated Secure Partitions at S-EL0.
|
||||
The communication protocol is established through the Management Mode (MM) interface.
|
||||
|
||||
Background
|
||||
==========
|
||||
|
||||
In some market segments that primarily deal with client-side devices like mobile
|
||||
phones, tablets, STBs and embedded devices, a Trusted OS instantiates trusted
|
||||
applications to provide security services like DRM, secure payment and
|
||||
authentication. The Global Platform TEE Client API specification defines the API
|
||||
used by Non-secure world applications to access these services. A Trusted OS
|
||||
fulfils the requirements of a security service as described above.
|
||||
|
||||
Management services are typically implemented at the highest level of privilege
|
||||
in the system, i.e. EL3 in Trusted Firmware-A (TF-A). The service requirements are
|
||||
fulfilled by the execution environment provided by TF-A.
|
||||
|
||||
The following diagram illustrates the corresponding software stack:
|
||||
|
||||
|Image 1|
|
||||
|
||||
In other market segments that primarily deal with server-side devices (e.g. data
|
||||
centres and enterprise servers) the secure software stack typically does not
|
||||
include a Global Platform Trusted OS. Security functions are accessed through
|
||||
other interfaces (e.g. ACPI TCG TPM interface, UEFI runtime variable service).
|
||||
|
||||
Placement of management and security functions with diverse requirements in a
|
||||
privileged Exception Level (i.e. EL3 or S-EL1) makes security auditing of
|
||||
firmware more difficult and does not allow isolation of unrelated services from
|
||||
each other either.
|
||||
|
||||
Introduction
|
||||
============
|
||||
|
||||
A **Secure Partition** is a software execution environment instantiated in
|
||||
S-EL0 that can be used to implement simple management and security services.
|
||||
Since S-EL0 is an unprivileged Exception Level, a Secure Partition relies on
|
||||
privileged firmware (i.e. TF-A) to be granted access to system and processor
|
||||
resources. Essentially, it is a software sandbox in the Secure world that runs
|
||||
under the control of privileged software, provides one or more services and
|
||||
accesses the following system resources:
|
||||
|
||||
- Memory and device regions in the system address map.
|
||||
|
||||
- PE system registers.
|
||||
|
||||
- A range of synchronous exceptions (e.g. SMC function identifiers).
|
||||
|
||||
Note that currently TF-A only supports handling one Secure Partition.
|
||||
|
||||
A Secure Partition enables TF-A to implement only the essential secure
|
||||
services in EL3 and instantiate the rest in a partition in S-EL0.
|
||||
Furthermore, multiple Secure Partitions can be used to isolate unrelated
|
||||
services from each other.
|
||||
|
||||
The following diagram illustrates the place of a Secure Partition in a typical
|
||||
Armv8-A software stack. A single or multiple Secure Partitions provide secure
|
||||
services to software components in the Non-secure world and other Secure
|
||||
Partitions.
|
||||
|
||||
|Image 2|
|
||||
|
||||
The TF-A build system is responsible for including the Secure Partition image
|
||||
in the FIP. During boot, BL2 includes support to authenticate and load the
|
||||
Secure Partition image. A BL31 component called **Secure Partition Manager
|
||||
(SPM)** is responsible for managing the partition. This is semantically
|
||||
similar to a hypervisor managing a virtual machine.
|
||||
|
||||
The SPM is responsible for the following actions during boot:
|
||||
|
||||
- Allocate resources requested by the Secure Partition.
|
||||
|
||||
- Perform architectural and system setup required by the Secure Partition to
|
||||
fulfil a service request.
|
||||
|
||||
- Implement a standard interface that is used for initialising a Secure
|
||||
Partition.
|
||||
|
||||
The SPM is responsible for the following actions during runtime:
|
||||
|
||||
- Implement a standard interface that is used by a Secure Partition to fulfil
|
||||
service requests.
|
||||
|
||||
- Implement a standard interface that is used by the Non-secure world for
|
||||
accessing the services exported by a Secure Partition. A service can be
|
||||
invoked through a SMC.
|
||||
|
||||
Alternatively, a partition can be viewed as a thread of execution running under
|
||||
the control of the SPM. Hence common programming concepts described below are
|
||||
applicable to a partition.
|
||||
|
||||
Description
|
||||
===========
|
||||
|
||||
The previous section introduced some general aspects of the software
|
||||
architecture of a Secure Partition. This section describes the specific choices
|
||||
made in the current implementation of this software architecture. Subsequent
|
||||
revisions of the implementation will include a richer set of features that
|
||||
enable a more flexible architecture.
|
||||
|
||||
Building TF-A with Secure Partition support
|
||||
-------------------------------------------
|
||||
|
||||
SPM is supported on the Arm FVP exclusively at the moment. The current
|
||||
implementation supports inclusion of only a single Secure Partition in which a
|
||||
service always runs to completion (e.g. the requested services cannot be
|
||||
preempted to give control back to the Normal world).
|
||||
|
||||
It is not currently possible for BL31 to integrate SPM support and a Secure
|
||||
Payload Dispatcher (SPD) at the same time; they are mutually exclusive. In the
|
||||
SPM bootflow, a Secure Partition image executing at S-EL0 replaces the Secure
|
||||
Payload image executing at S-EL1 (e.g. a Trusted OS). Both are referred to as
|
||||
BL32.
|
||||
|
||||
A working prototype of a SP has been implemented by re-purposing the EDK2 code
|
||||
and tools, leveraging the concept of the *Standalone Management Mode (MM)* in
|
||||
the UEFI specification (see the PI v1.6 Volume 4: Management Mode Core
|
||||
Interface). This will be referred to as the *Standalone MM Secure Partition* in
|
||||
the rest of this document.
|
||||
|
||||
To enable SPM support in TF-A, the source code must be compiled with the build
|
||||
flag ``SPM_MM=1``, along with ``EL3_EXCEPTION_HANDLING=1`` and ``ENABLE_SVE_FOR_NS=0``.
|
||||
On Arm platforms the build option ``ARM_BL31_IN_DRAM`` must be set to 1. Also, the
|
||||
location of the binary that contains the BL32 image
|
||||
(``BL32=path/to/image.bin``) must be specified.
|
||||
|
||||
First, build the Standalone MM Secure Partition. To build it, refer to the
|
||||
`instructions in the EDK2 repository`_.
|
||||
|
||||
Then build TF-A with SPM support and include the Standalone MM Secure Partition
|
||||
image in the FIP:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
BL32=path/to/standalone/mm/sp BL33=path/to/bl33.bin \
|
||||
make PLAT=fvp SPM_MM=1 EL3_EXCEPTION_HANDLING=1 ENABLE_SVE_FOR_NS=0 ARM_BL31_IN_DRAM=1 all fip
|
||||
|
||||
Describing Secure Partition resources
|
||||
-------------------------------------
|
||||
|
||||
TF-A exports a porting interface that enables a platform to specify the system
|
||||
resources required by the Secure Partition. Some instructions are given below.
|
||||
However, this interface is under development and it may change as new features
|
||||
are implemented.
|
||||
|
||||
- A Secure Partition is considered a BL32 image, so the same defines that apply
|
||||
to BL32 images apply to a Secure Partition: ``BL32_BASE`` and ``BL32_LIMIT``.
|
||||
|
||||
- The following defines are needed to allocate space for the translation tables
|
||||
used by the Secure Partition: ``PLAT_SP_IMAGE_MMAP_REGIONS`` and
|
||||
``PLAT_SP_IMAGE_MAX_XLAT_TABLES``.
|
||||
|
||||
- The functions ``plat_get_secure_partition_mmap()`` and
|
||||
``plat_get_secure_partition_boot_info()`` have to be implemented. The file
|
||||
``plat/arm/board/fvp/fvp_common.c`` can be used as an example. It uses the
|
||||
defines in ``include/plat/arm/common/arm_spm_def.h``.
|
||||
|
||||
- ``plat_get_secure_partition_mmap()`` returns an array of mmap regions that
|
||||
describe the memory regions that the SPM needs to allocate for a Secure
|
||||
Partition.
|
||||
|
||||
- ``plat_get_secure_partition_boot_info()`` returns a
|
||||
``spm_mm_boot_info_t`` struct that is populated by the platform
|
||||
with information about the memory map of the Secure Partition.
|
||||
|
||||
For an example of all the changes in context, you may refer to commit
|
||||
``e29efeb1b4``, in which the port for FVP was introduced.
|
||||
|
||||
Accessing Secure Partition services
|
||||
-----------------------------------
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) describes SMCs as a conduit for
|
||||
accessing services implemented in the Secure world. The ``MM_COMMUNICATE``
|
||||
interface defined in the `Management Mode Interface Specification`_ (*Arm DEN
|
||||
0060A*) is used to invoke a Secure Partition service as a Fast Call.
|
||||
|
||||
The mechanism used to identify a service within the partition depends on the
|
||||
service implementation. It is assumed that the caller of the service will be
|
||||
able to discover this mechanism through standard platform discovery mechanisms
|
||||
like ACPI and Device Trees. For example, *Volume 4: Platform Initialisation
|
||||
Specification v1.6. Management Mode Core Interface* specifies that a GUID is
|
||||
used to identify a management mode service. A client populates the GUID in the
|
||||
``EFI_MM_COMMUNICATE_HEADER``. The header is populated in the communication
|
||||
buffer shared with the Secure Partition.
|
||||
|
||||
A Fast Call appears to be atomic from the perspective of the caller and returns
|
||||
when the requested operation has completed. A service invoked through the
|
||||
``MM_COMMUNICATE`` SMC will run to completion in the partition on a given CPU.
|
||||
The SPM is responsible for guaranteeing this behaviour. This means that there
|
||||
can only be a single outstanding Fast Call in a partition on a given CPU.
|
||||
|
||||
Exchanging data with the Secure Partition
|
||||
-----------------------------------------
|
||||
|
||||
The exchange of data between the Non-secure world and the partition takes place
|
||||
through a shared memory region. The location of data in the shared memory area
|
||||
is passed as a parameter to the ``MM_COMMUNICATE`` SMC. The shared memory area
|
||||
is statically allocated by the SPM and is expected to be either implicitly known
|
||||
to the Non-secure world or discovered through a platform discovery mechanism
|
||||
e.g. ACPI table or device tree. It is possible for the Non-secure world to
|
||||
exchange data with a partition only if it has been populated in this shared
|
||||
memory area. The shared memory area is implemented as per the guidelines
|
||||
specified in Section 3.2.3 of the `Management Mode Interface Specification`_
|
||||
(*Arm DEN 0060A*).
|
||||
|
||||
The format of data structures used to encapsulate data in the shared memory is
|
||||
agreed between the Non-secure world and the Secure Partition. For example, in
|
||||
the `Management Mode Interface specification`_ (*Arm DEN 0060A*), Section 4
|
||||
describes that the communication buffer shared between the Non-secure world and
|
||||
the Management Mode (MM) in the Secure world must be of the type
|
||||
``EFI_MM_COMMUNICATE_HEADER``. This data structure is defined in *Volume 4:
|
||||
Platform Initialisation Specification v1.6. Management Mode Core Interface*.
|
||||
Any caller of a MM service will have to use the ``EFI_MM_COMMUNICATE_HEADER``
|
||||
data structure.
|
||||
|
||||
Runtime model of the Secure Partition
|
||||
=====================================
|
||||
|
||||
This section describes how the Secure Partition interfaces with the SPM.
|
||||
|
||||
Interface with SPM
|
||||
------------------
|
||||
|
||||
In order to instantiate one or more secure services in the Secure Partition in
|
||||
S-EL0, the SPM should define the following types of interfaces:
|
||||
|
||||
- Interfaces that enable access to privileged operations from S-EL0. These
|
||||
operations typically require access to system resources that are either shared
|
||||
amongst multiple software components in the Secure world or cannot be directly
|
||||
accessed from an unprivileged Exception Level.
|
||||
|
||||
- Interfaces that establish the control path between the SPM and the Secure
|
||||
Partition.
|
||||
|
||||
This section describes the APIs currently exported by the SPM that enable a
|
||||
Secure Partition to initialise itself and export its services in S-EL0. These
|
||||
interfaces are not accessible from the Non-secure world.
|
||||
|
||||
Conduit
|
||||
^^^^^^^
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) specification describes the SMC
|
||||
and HVC conduits for accessing firmware services and their availability
|
||||
depending on the implemented Exception levels. In S-EL0, the Supervisor Call
|
||||
exception (SVC) is the only architectural mechanism available for unprivileged
|
||||
software to make a request for an operation implemented in privileged software.
|
||||
Hence, the SVC conduit must be used by the Secure Partition to access interfaces
|
||||
implemented by the SPM.
|
||||
|
||||
A SVC causes an exception to be taken to S-EL1. TF-A assumes ownership of S-EL1
|
||||
and installs a simple exception vector table in S-EL1 that relays a SVC request
|
||||
from a Secure Partition as a SMC request to the SPM in EL3. Upon servicing the
|
||||
SMC request, Trusted Firmware-A returns control directly to S-EL0 through an
|
||||
ERET instruction.
|
||||
|
||||
Calling conventions
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The `SMC Calling Convention`_ (*Arm DEN 0028B*) specification describes the
|
||||
32-bit and 64-bit calling conventions for the SMC and HVC conduits. The SVC
|
||||
conduit introduces the concept of SVC32 and SVC64 calling conventions. The SVC32
|
||||
and SVC64 calling conventions are equivalent to the 32-bit (SMC32) and the
|
||||
64-bit (SMC64) calling conventions respectively.
|
||||
|
||||
Communication initiated by SPM
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
A service request is initiated from the SPM through an exception return
|
||||
instruction (ERET) to S-EL0. Later, the Secure Partition issues an SVC
|
||||
instruction to signal completion of the request. Some example use cases are
|
||||
given below:
|
||||
|
||||
- A request to initialise the Secure Partition during system boot.
|
||||
|
||||
- A request to handle a runtime service request.
|
||||
|
||||
Communication initiated by Secure Partition
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
A request is initiated from the Secure Partition by executing a SVC instruction.
|
||||
An ERET instruction is used by TF-A to return to S-EL0 with the result of the
|
||||
request.
|
||||
|
||||
For instance, a request to perform privileged operations on behalf of a
|
||||
partition (e.g. management of memory attributes in the translation tables for
|
||||
the Secure EL1&0 translation regime).
|
||||
|
||||
Interfaces
|
||||
^^^^^^^^^^
|
||||
|
||||
The current implementation reserves function IDs for Fast Calls in the Standard
|
||||
Secure Service calls range (see `SMC Calling Convention`_ (*Arm DEN 0028B*)
|
||||
specification) for each API exported by the SPM. This section defines the
|
||||
function prototypes for each function ID. The function IDs specify whether one
|
||||
or both of the SVC32 and SVC64 calling conventions can be used to invoke the
|
||||
corresponding interface.
|
||||
|
||||
Secure Partition Event Management
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The Secure Partition provides an Event Management interface that is used by the
|
||||
SPM to delegate service requests to the Secure Partition. The interface also
|
||||
allows the Secure Partition to:
|
||||
|
||||
- Register with the SPM a service that it provides.
|
||||
- Indicate completion of a service request delegated by the SPM
|
||||
|
||||
Miscellaneous interfaces
|
||||
------------------------
|
||||
|
||||
``SPM_MM_VERSION_AARCH32``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Returns the version of the interface exported by SPM.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC32 Version: **0x84000060**
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Status
|
||||
|
||||
On success, the format of the value is as follows:
|
||||
|
||||
- Bit [31]: Must be 0
|
||||
- Bits [30:16]: Major Version. Must be 0 for this revision of the SPM
|
||||
interface.
|
||||
- Bits [15:0]: Minor Version. Must be 1 for this revision of the SPM
|
||||
interface.
|
||||
|
||||
On error, the format of the value is as follows:
|
||||
|
||||
- ``NOT_SUPPORTED``: SPM interface is not supported or not available for the
|
||||
client.
|
||||
|
||||
- Usage
|
||||
|
||||
This function returns the version of the Secure Partition Manager
|
||||
implementation. The major version is 0 and the minor version is 1. The version
|
||||
number is a 31-bit unsigned integer, with the upper 15 bits denoting the major
|
||||
revision, and the lower 16 bits denoting the minor revision. The following
|
||||
rules apply to the version numbering:
|
||||
|
||||
- Different major revision values indicate possibly incompatible functions.
|
||||
|
||||
- For two revisions, A and B, for which the major revision values are
|
||||
identical, if the minor revision value of revision B is greater than the
|
||||
minor revision value of revision A, then every function in revision A must
|
||||
work in a compatible way with revision B. However, it is possible for
|
||||
revision B to have a higher function count than revision A.
|
||||
|
||||
- Implementation responsibilities
|
||||
|
||||
If this function returns a valid version number, all the functions that are
|
||||
described subsequently must be implemented, unless it is explicitly stated
|
||||
that a function is optional.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
Secure Partition Initialisation
|
||||
-------------------------------
|
||||
|
||||
The SPM is responsible for initialising the architectural execution context to
|
||||
enable initialisation of a service in S-EL0. The responsibilities of the SPM are
|
||||
listed below. At the end of initialisation, the partition issues a
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64`` call (described later) to signal readiness for
|
||||
handling requests for services implemented by the Secure Partition. The
|
||||
initialisation event is executed as a Fast Call.
|
||||
|
||||
Entry point invocation
|
||||
^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The entry point for service requests that should be handled as Fast Calls is
|
||||
used as the target of the ERET instruction to start initialisation of the Secure
|
||||
Partition.
|
||||
|
||||
Architectural Setup
|
||||
^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
At cold boot, system registers accessible from S-EL0 will be in their reset
|
||||
state unless otherwise specified. The SPM will perform the following
|
||||
architectural setup to enable execution in S-EL0
|
||||
|
||||
MMU setup
|
||||
^^^^^^^^^
|
||||
|
||||
The platform port of a Secure Partition specifies to the SPM a list of regions
|
||||
that it needs access to and their attributes. The SPM validates this resource
|
||||
description and initialises the Secure EL1&0 translation regime as follows.
|
||||
|
||||
1. Device regions are mapped with nGnRE attributes and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
2. Code memory regions are mapped with RO data and Executable instruction access
|
||||
permissions.
|
||||
|
||||
3. Read Only data memory regions are mapped with RO data and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
4. Read Write data memory regions are mapped with RW data and Execute Never
|
||||
instruction access permissions.
|
||||
|
||||
5. If the resource description does not explicitly describe the type of memory
|
||||
regions then all memory regions will be marked with Code memory region
|
||||
attributes.
|
||||
|
||||
6. The ``UXN`` and ``PXN`` bits are set for regions that are not executable by
|
||||
S-EL0 or S-EL1.
|
||||
|
||||
System Register Setup
|
||||
^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
System registers that influence software execution in S-EL0 are setup by the SPM
|
||||
as follows:
|
||||
|
||||
1. ``SCTLR_EL1``
|
||||
|
||||
- ``UCI=1``
|
||||
- ``EOE=0``
|
||||
- ``WXN=1``
|
||||
- ``nTWE=1``
|
||||
- ``nTWI=1``
|
||||
- ``UCT=1``
|
||||
- ``DZE=1``
|
||||
- ``I=1``
|
||||
- ``UMA=0``
|
||||
- ``SA0=1``
|
||||
- ``C=1``
|
||||
- ``A=1``
|
||||
- ``M=1``
|
||||
|
||||
2. ``CPACR_EL1``
|
||||
|
||||
- ``FPEN=b'11``
|
||||
|
||||
3. ``PSTATE``
|
||||
|
||||
- ``D,A,I,F=1``
|
||||
- ``CurrentEL=0`` (EL0)
|
||||
- ``SpSel=0`` (Thread mode)
|
||||
- ``NRW=0`` (AArch64)
|
||||
|
||||
General Purpose Register Setup
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
SPM will invoke the entry point of a service by executing an ERET instruction.
|
||||
This transition into S-EL0 is special since it is not in response to a previous
|
||||
request through a SVC instruction. This is the first entry into S-EL0. The
|
||||
general purpose register usage at the time of entry will be as specified in the
|
||||
"Return State" column of Table 3-1 in Section 3.1 "Register use in AArch64 SMC
|
||||
calls" of the `SMC Calling Convention`_ (*Arm DEN 0028B*) specification. In
|
||||
addition, certain other restrictions will be applied as described below.
|
||||
|
||||
1. ``SP_EL0``
|
||||
|
||||
A non-zero value will indicate that the SPM has initialised the stack pointer
|
||||
for the current CPU.
|
||||
|
||||
The value will be 0 otherwise.
|
||||
|
||||
2. ``X4-X30``
|
||||
|
||||
The values of these registers will be 0.
|
||||
|
||||
3. ``X0-X3``
|
||||
|
||||
Parameters passed by the SPM.
|
||||
|
||||
- ``X0``: Virtual address of a buffer shared between EL3 and S-EL0. The
|
||||
buffer will be mapped in the Secure EL1&0 translation regime with read-only
|
||||
memory attributes described earlier.
|
||||
|
||||
- ``X1``: Size of the buffer in bytes.
|
||||
|
||||
- ``X2``: Cookie value (*IMPLEMENTATION DEFINED*).
|
||||
|
||||
- ``X3``: Cookie value (*IMPLEMENTATION DEFINED*).
|
||||
|
||||
Runtime Event Delegation
|
||||
------------------------
|
||||
|
||||
The SPM receives requests for Secure Partition services through a synchronous
|
||||
invocation (i.e. a SMC from the Non-secure world). These requests are delegated
|
||||
to the partition by programming a return from the last
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64`` call received from the partition. The last call
|
||||
was made to signal either completion of Secure Partition initialisation or
|
||||
completion of a partition service request.
|
||||
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Signal completion of the last SP service request.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000061**
|
||||
|
||||
- **int32** - Event Status Code
|
||||
|
||||
Zero or a positive value indicates that the event was handled successfully.
|
||||
The values depend upon the original event that was delegated to the Secure
|
||||
partition. They are described as follows.
|
||||
|
||||
- ``SUCCESS`` : Used to indicate that the Secure Partition was initialised
|
||||
or a runtime request was handled successfully.
|
||||
|
||||
- Any other value greater than 0 is used to pass a specific Event Status
|
||||
code in response to a runtime event.
|
||||
|
||||
A negative value indicates an error. The values of Event Status code depend
|
||||
on the original event.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Event ID/Return Code
|
||||
|
||||
Zero or a positive value specifies the unique ID of the event being
|
||||
delegated to the partition by the SPM.
|
||||
|
||||
In the current implementation, this parameter contains the function ID of
|
||||
the ``MM_COMMUNICATE`` SMC. This value indicates to the partition that an
|
||||
event has been delegated to it in response to an ``MM_COMMUNICATE`` request
|
||||
from the Non-secure world.
|
||||
|
||||
A negative value indicates an error. The format of the value is as follows:
|
||||
|
||||
- ``NOT_SUPPORTED``: Function was called from the Non-secure world.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- **uint32** - Event Context Address
|
||||
|
||||
Address of a buffer shared between the SPM and Secure Partition to pass
|
||||
event specific information. The format of the data populated in the buffer
|
||||
is implementation defined.
|
||||
|
||||
The buffer is mapped in the Secure EL1&0 translation regime with read-only
|
||||
memory attributes described earlier.
|
||||
|
||||
For the SVC64 version, this parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
For the SVC32 version, this parameter is a 32-bit Virtual Address (VA).
|
||||
|
||||
- **uint32** - Event context size
|
||||
|
||||
Size of the memory starting at Event Address.
|
||||
|
||||
- **uint32/uint64** - Event Cookie
|
||||
|
||||
This is an optional parameter. If unused its value is SBZ.
|
||||
|
||||
- Usage
|
||||
|
||||
This function signals to the SPM that the handling of the last event delegated
|
||||
to a partition has completed. The partition is ready to handle its next event.
|
||||
A return from this function is in response to the next event that will be
|
||||
delegated to the partition. The return parameters describe the next event.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
A Secure Partition must only call ``MM_SP_EVENT_COMPLETE_AARCH64`` to signal
|
||||
completion of a request that was delegated to it by the SPM.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
When the SPM receives this call from a Secure Partition, the corresponding
|
||||
syndrome information can be used to return control through an ERET
|
||||
instruction, to the instruction immediately after the call in the Secure
|
||||
Partition context. This syndrome information comprises of general purpose and
|
||||
system register values when the call was made.
|
||||
|
||||
The SPM must save this syndrome information and use it to delegate the next
|
||||
event to the Secure Partition. The return parameters of this interface must
|
||||
specify the properties of the event and be populated in ``X0-X3/W0-W3``
|
||||
registers.
|
||||
|
||||
Secure Partition Memory Management
|
||||
----------------------------------
|
||||
|
||||
A Secure Partition executes at S-EL0, which is an unprivileged Exception Level.
|
||||
The SPM is responsible for enabling access to regions of memory in the system
|
||||
address map from a Secure Partition. This is done by mapping these regions in
|
||||
the Secure EL1&0 Translation regime with appropriate memory attributes.
|
||||
Attributes refer to memory type, permission, cacheability and shareability
|
||||
attributes used in the Translation tables. The definitions of these attributes
|
||||
and their usage can be found in the `Armv8-A ARM`_ (*Arm DDI 0487*).
|
||||
|
||||
All memory required by the Secure Partition is allocated upfront in the SPM,
|
||||
even before handing over to the Secure Partition for the first time. The initial
|
||||
access permissions of the memory regions are statically provided by the platform
|
||||
port and should allow the Secure Partition to run its initialisation code.
|
||||
|
||||
However, they might not suit the final needs of the Secure Partition because its
|
||||
final memory layout might not be known until the Secure Partition initialises
|
||||
itself. As the Secure Partition initialises its runtime environment it might,
|
||||
for example, load dynamically some modules. For instance, a Secure Partition
|
||||
could implement a loader for a standard executable file format (e.g. an PE-COFF
|
||||
loader for loading executable files at runtime). These executable files will be
|
||||
a part of the Secure Partition image. The location of various sections in an
|
||||
executable file and their permission attributes (e.g. read-write data, read-only
|
||||
data and code) will be known only when the file is loaded into memory.
|
||||
|
||||
In this case, the Secure Partition needs a way to change the access permissions
|
||||
of its memory regions. The SPM provides this feature through the
|
||||
``MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64`` SVC interface. This interface is
|
||||
available to the Secure Partition during a specific time window: from the first
|
||||
entry into the Secure Partition up to the first ``SP_EVENT_COMPLETE`` call that
|
||||
signals the Secure Partition has finished its initialisation. Once the
|
||||
initialisation is complete, the SPM does not allow changes to the memory
|
||||
attributes.
|
||||
|
||||
This section describes the standard SVC interface that is implemented by the SPM
|
||||
to determine and change permission attributes of memory regions that belong to a
|
||||
Secure Partition.
|
||||
|
||||
``MM_SP_MEMORY_ATTRIBUTES_GET_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Request the permission attributes of a memory region from S-EL0.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000064**
|
||||
|
||||
- **uint64** Base Address
|
||||
|
||||
This parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
There are no alignment restrictions on the Base Address. The permission
|
||||
attributes of the translation granule it lies in are returned.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Memory Attributes/Return Code
|
||||
|
||||
On success the format of the Return Code is as follows:
|
||||
|
||||
- Bits[1:0] : Data access permission
|
||||
|
||||
- b'00 : No access
|
||||
- b'01 : Read-Write access
|
||||
- b'10 : Reserved
|
||||
- b'11 : Read-only access
|
||||
|
||||
- Bit[2]: Instruction access permission
|
||||
|
||||
- b'0 : Executable
|
||||
- b'1 : Non-executable
|
||||
|
||||
- Bit[30:3] : Reserved. SBZ.
|
||||
|
||||
- Bit[31] : Must be 0
|
||||
|
||||
On failure the following error codes are returned:
|
||||
|
||||
- ``INVALID_PARAMETERS``: The Secure Partition is not allowed to access the
|
||||
memory region the Base Address lies in.
|
||||
|
||||
- ``NOT_SUPPORTED`` : The SPM does not support retrieval of attributes of
|
||||
any memory page that is accessible by the Secure Partition, or the
|
||||
function was called from the Non-secure world. Also returned if it is
|
||||
used after ``MM_SP_EVENT_COMPLETE_AARCH64``.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- Usage
|
||||
|
||||
This function is used to request the permission attributes for S-EL0 on a
|
||||
memory region accessible from a Secure Partition. The size of the memory
|
||||
region is equal to the Translation Granule size used in the Secure EL1&0
|
||||
translation regime. Requests to retrieve other memory region attributes are
|
||||
not currently supported.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
The caller must obtain the Translation Granule Size of the Secure EL1&0
|
||||
translation regime from the SPM through an implementation defined method.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
The SPM must not return the memory access controls for a page of memory that
|
||||
is not accessible from a Secure Partition.
|
||||
|
||||
``MM_SP_MEMORY_ATTRIBUTES_SET_AARCH64``
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
- Description
|
||||
|
||||
Set the permission attributes of a memory region from S-EL0.
|
||||
|
||||
- Parameters
|
||||
|
||||
- **uint32** - Function ID
|
||||
|
||||
- SVC64 Version: **0xC4000065**
|
||||
|
||||
- **uint64** - Base Address
|
||||
|
||||
This parameter is a 64-bit Virtual Address (VA).
|
||||
|
||||
The alignment of the Base Address must be greater than or equal to the size
|
||||
of the Translation Granule Size used in the Secure EL1&0 translation
|
||||
regime.
|
||||
|
||||
- **uint32** - Page count
|
||||
|
||||
Number of pages starting from the Base Address whose memory attributes
|
||||
should be changed. The page size is equal to the Translation Granule Size.
|
||||
|
||||
- **uint32** - Memory Access Controls
|
||||
|
||||
- Bits[1:0] : Data access permission
|
||||
|
||||
- b'00 : No access
|
||||
- b'01 : Read-Write access
|
||||
- b'10 : Reserved
|
||||
- b'11 : Read-only access
|
||||
|
||||
- Bit[2] : Instruction access permission
|
||||
|
||||
- b'0 : Executable
|
||||
- b'1 : Non-executable
|
||||
|
||||
- Bits[31:3] : Reserved. SBZ.
|
||||
|
||||
A combination of attributes that mark the region with RW and Executable
|
||||
permissions is prohibited. A request to mark a device memory region with
|
||||
Executable permissions is prohibited.
|
||||
|
||||
- Return parameters
|
||||
|
||||
- **int32** - Return Code
|
||||
|
||||
- ``SUCCESS``: The Memory Access Controls were changed successfully.
|
||||
|
||||
- ``DENIED``: The SPM is servicing a request to change the attributes of a
|
||||
memory region that overlaps with the region specified in this request.
|
||||
|
||||
- ``INVALID_PARAMETER``: An invalid combination of Memory Access Controls
|
||||
has been specified. The Base Address is not correctly aligned. The Secure
|
||||
Partition is not allowed to access part or all of the memory region
|
||||
specified in the call.
|
||||
|
||||
- ``NO_MEMORY``: The SPM does not have memory resources to change the
|
||||
attributes of the memory region in the translation tables.
|
||||
|
||||
- ``NOT_SUPPORTED``: The SPM does not permit change of attributes of any
|
||||
memory region that is accessible by the Secure Partition. Function was
|
||||
called from the Non-secure world. Also returned if it is used after
|
||||
``MM_SP_EVENT_COMPLETE_AARCH64``.
|
||||
|
||||
See `Error Codes`_ for integer values that are associated with each return
|
||||
code.
|
||||
|
||||
- Usage
|
||||
|
||||
This function is used to change the permission attributes for S-EL0 on a
|
||||
memory region accessible from a Secure Partition. The size of the memory
|
||||
region is equal to the Translation Granule size used in the Secure EL1&0
|
||||
translation regime. Requests to change other memory region attributes are not
|
||||
currently supported.
|
||||
|
||||
This function is only available at boot time. This interface is revoked after
|
||||
the Secure Partition sends the first ``MM_SP_EVENT_COMPLETE_AARCH64`` to
|
||||
signal that it is initialised and ready to receive run-time requests.
|
||||
|
||||
- Caller responsibilities
|
||||
|
||||
The caller must obtain the Translation Granule Size of the Secure EL1&0
|
||||
translation regime from the SPM through an implementation defined method.
|
||||
|
||||
- Callee responsibilities
|
||||
|
||||
The SPM must preserve the original memory access controls of the region of
|
||||
memory in case of an unsuccessful call. The SPM must preserve the consistency
|
||||
of the S-EL1 translation regime if this function is called on different PEs
|
||||
concurrently and the memory regions specified overlap.
|
||||
|
||||
Error Codes
|
||||
-----------
|
||||
|
||||
.. csv-table::
|
||||
:header: "Name", "Value"
|
||||
|
||||
``SUCCESS``,0
|
||||
``NOT_SUPPORTED``,-1
|
||||
``INVALID_PARAMETER``,-2
|
||||
``DENIED``,-3
|
||||
``NO_MEMORY``,-5
|
||||
``NOT_PRESENT``,-7
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Armv8-A ARM: https://developer.arm.com/docs/ddi0487/latest/arm-architecture-reference-manual-armv8-for-armv8-a-architecture-profile
|
||||
.. _instructions in the EDK2 repository: https://github.com/tianocore/edk2-staging/blob/AArch64StandaloneMm/HowtoBuild.MD
|
||||
.. _Management Mode Interface Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0060a/DEN0060A_ARM_MM_Interface_Specification.pdf
|
||||
.. _SDEI Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
|
||||
.. |Image 1| image:: ../resources/diagrams/secure_sw_stack_tos.png
|
||||
.. |Image 2| image:: ../resources/diagrams/secure_sw_stack_sp.png
|
||||
1291
arm-trusted-firmware/docs/components/secure-partition-manager.rst
Normal file
1291
arm-trusted-firmware/docs/components/secure-partition-manager.rst
Normal file
File diff suppressed because it is too large
Load Diff
10
arm-trusted-firmware/docs/components/spd/index.rst
Normal file
10
arm-trusted-firmware/docs/components/spd/index.rst
Normal file
@@ -0,0 +1,10 @@
|
||||
Secure Payload Dispatcher (SPD)
|
||||
===============================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
optee-dispatcher
|
||||
tlk-dispatcher
|
||||
trusty-dispatcher
|
||||
@@ -0,0 +1,14 @@
|
||||
OP-TEE Dispatcher
|
||||
=================
|
||||
|
||||
`OP-TEE OS`_ is a Trusted OS running as Secure EL1.
|
||||
|
||||
To build and execute OP-TEE follow the instructions at
|
||||
`OP-TEE build.git`_
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2014-2018, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _OP-TEE OS: https://github.com/OP-TEE/build
|
||||
.. _OP-TEE build.git: https://github.com/OP-TEE/build
|
||||
76
arm-trusted-firmware/docs/components/spd/tlk-dispatcher.rst
Normal file
76
arm-trusted-firmware/docs/components/spd/tlk-dispatcher.rst
Normal file
@@ -0,0 +1,76 @@
|
||||
Trusted Little Kernel (TLK) Dispatcher
|
||||
======================================
|
||||
|
||||
TLK dispatcher (TLK-D) adds support for NVIDIA's Trusted Little Kernel (TLK)
|
||||
to work with Trusted Firmware-A (TF-A). TLK-D can be compiled by including it
|
||||
in the platform's makefile. TLK is primarily meant to work with Tegra SoCs,
|
||||
so while TF-A only supports TLK on Tegra, the dispatcher code can only be
|
||||
compiled for other platforms.
|
||||
|
||||
In order to compile TLK-D, we need a BL32 image to be present. Since, TLKD
|
||||
just needs to compile, any BL32 image would do. To use TLK as the BL32, please
|
||||
refer to the "Build TLK" section.
|
||||
|
||||
Once a BL32 is ready, TLKD can be included in the image by adding "SPD=tlkd"
|
||||
to the build command.
|
||||
|
||||
Trusted Little Kernel (TLK)
|
||||
---------------------------
|
||||
|
||||
TLK is a Trusted OS running as Secure EL1. It is a Free Open Source Software
|
||||
(FOSS) release of the NVIDIA® Trusted Little Kernel (TLK) technology, which
|
||||
extends technology made available with the development of the Little Kernel (LK).
|
||||
You can download the LK modular embedded preemptive kernel for use on Arm,
|
||||
x86, and AVR32 systems from https://github.com/travisg/lk
|
||||
|
||||
NVIDIA implemented its Trusted Little Kernel (TLK) technology, designed as a
|
||||
free and open-source trusted execution environment (OTE).
|
||||
|
||||
TLK features include:
|
||||
|
||||
• Small, pre-emptive kernel
|
||||
• Supports multi-threading, IPCs, and thread scheduling
|
||||
• Added TrustZone features
|
||||
• Added Secure Storage
|
||||
• Under MIT/FreeBSD license
|
||||
|
||||
NVIDIA extensions to Little Kernel (LK) include:
|
||||
|
||||
• User mode
|
||||
• Address-space separation for TAs
|
||||
• TLK Client Application (CA) library
|
||||
• TLK TA library
|
||||
• Crypto library (encrypt/decrypt, key handling) via OpenSSL
|
||||
• Linux kernel driver
|
||||
• Cortex A9/A15 support
|
||||
• Power Management
|
||||
• TrustZone memory carve-out (reconfigurable)
|
||||
• Page table management
|
||||
• Debugging support over UART (USB planned)
|
||||
|
||||
TLK is hosted by NVIDIA on http://nv-tegra.nvidia.com under the
|
||||
3rdparty/ote\_partner/tlk.git repository. Detailed information about
|
||||
TLK and OTE can be found in the Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf
|
||||
manual located under the "documentation" directory\_.
|
||||
|
||||
Build TLK
|
||||
---------
|
||||
|
||||
To build and execute TLK, follow the instructions from "Building a TLK Device"
|
||||
section from Tegra\_BSP\_for\_Android\_TLK\_FOSS\_Reference.pdf manual.
|
||||
|
||||
Input parameters to TLK
|
||||
-----------------------
|
||||
|
||||
TLK expects the TZDRAM size and a structure containing the boot arguments. BL2
|
||||
passes this information to the EL3 software as members of the bl32\_ep\_info
|
||||
struct, where bl32\_ep\_info is part of bl31\_params\_t (passed by BL2 in X0)
|
||||
|
||||
Example
|
||||
~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
bl32_ep_info->args.arg0 = TZDRAM size available for BL32
|
||||
bl32_ep_info->args.arg1 = unused (used only on Armv7-A)
|
||||
bl32_ep_info->args.arg2 = pointer to boot args
|
||||
@@ -0,0 +1,32 @@
|
||||
Trusty Dispatcher
|
||||
=================
|
||||
|
||||
Trusty is a a set of software components, supporting a Trusted Execution
|
||||
Environment (TEE) on mobile devices, published and maintained by Google.
|
||||
|
||||
Detailed information and build instructions can be found on the Android
|
||||
Open Source Project (AOSP) webpage for Trusty hosted at
|
||||
https://source.android.com/security/trusty
|
||||
|
||||
Boot parameters
|
||||
---------------
|
||||
|
||||
Custom boot parameters can be passed to Trusty by providing a platform
|
||||
specific function:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void plat_trusty_set_boot_args(aapcs64_params_t *args)
|
||||
|
||||
If this function is provided ``args->arg0`` must be set to the memory
|
||||
size allocated to trusty. If the platform does not provide this
|
||||
function, but defines ``TSP_SEC_MEM_SIZE``, a default implementation
|
||||
will pass the memory size from ``TSP_SEC_MEM_SIZE``. ``args->arg1``
|
||||
can be set to a platform specific parameter block, and ``args->arg2``
|
||||
should then be set to the size of that block.
|
||||
|
||||
Supported platforms
|
||||
-------------------
|
||||
|
||||
Out of all the platforms supported by Trusted Firmware-A, Trusty is only
|
||||
verified and supported by NVIDIA's Tegra SoCs.
|
||||
@@ -0,0 +1,442 @@
|
||||
Translation (XLAT) Tables Library
|
||||
=================================
|
||||
|
||||
This document describes the design of the translation tables library (version 2)
|
||||
used by Trusted Firmware-A (TF-A). This library provides APIs to create page
|
||||
tables based on a description of the memory layout, as well as setting up system
|
||||
registers related to the Memory Management Unit (MMU) and performing the
|
||||
required Translation Lookaside Buffer (TLB) maintenance operations.
|
||||
|
||||
More specifically, some use cases that this library aims to support are:
|
||||
|
||||
#. Statically allocate translation tables and populate them (at run-time) based
|
||||
upon a description of the memory layout. The memory layout is typically
|
||||
provided by the platform port as a list of memory regions;
|
||||
|
||||
#. Support for generating translation tables pertaining to a different
|
||||
translation regime than the exception level the library code is executing at;
|
||||
|
||||
#. Support for dynamic mapping and unmapping of regions, even while the MMU is
|
||||
on. This can be used to temporarily map some memory regions and unmap them
|
||||
later on when no longer needed;
|
||||
|
||||
#. Support for non-identity virtual to physical mappings to compress the virtual
|
||||
address space;
|
||||
|
||||
#. Support for changing memory attributes of memory regions at run-time.
|
||||
|
||||
|
||||
About version 1, version 2 and MPU libraries
|
||||
--------------------------------------------
|
||||
|
||||
This document focuses on version 2 of the library, whose sources are available
|
||||
in the ``lib/xlat_tables_v2`` directory. Version 1 of the library can still be
|
||||
found in ``lib/xlat_tables`` directory but it is less flexible and doesn't
|
||||
support dynamic mapping. ``lib/xlat_mpu``, which configures Arm's MPU
|
||||
equivalently, is also addressed here. The ``lib/xlat_mpu`` is experimental,
|
||||
meaning that its API may change. It currently strives for consistency and
|
||||
code-reuse with xlat_tables_v2. Future versions may be more MPU-specific (e.g.,
|
||||
removing all mentions of virtual addresses). Although potential bug fixes will
|
||||
be applied to all versions of the xlat_* libs, future feature enhancements will
|
||||
focus on version 2 and might not be back-ported to version 1 and MPU versions.
|
||||
Therefore, it is recommended to use version 2, especially for new platform
|
||||
ports (unless the platform uses an MPU).
|
||||
|
||||
However, please note that version 2 and the MPU version are still in active
|
||||
development and is not considered stable yet. Hence, compatibility breaks might
|
||||
be introduced.
|
||||
|
||||
From this point onwards, this document will implicitly refer to version 2 of the
|
||||
library, unless stated otherwise.
|
||||
|
||||
|
||||
Design concepts and interfaces
|
||||
------------------------------
|
||||
|
||||
This section presents some of the key concepts and data structures used in the
|
||||
translation tables library.
|
||||
|
||||
`mmap` regions
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
An ``mmap_region`` is an abstract, concise way to represent a memory region to
|
||||
map. It is one of the key interfaces to the library. It is identified by:
|
||||
|
||||
- its physical base address;
|
||||
- its virtual base address;
|
||||
- its size;
|
||||
- its attributes;
|
||||
- its mapping granularity (optional).
|
||||
|
||||
See the ``struct mmap_region`` type in ``xlat_tables_v2.h``.
|
||||
|
||||
The user usually provides a list of such mmap regions to map and lets the
|
||||
library transpose that in a set of translation tables. As a result, the library
|
||||
might create new translation tables, update or split existing ones.
|
||||
|
||||
The region attributes specify the type of memory (for example device or cached
|
||||
normal memory) as well as the memory access permissions (read-only or
|
||||
read-write, executable or not, secure or non-secure, and so on). In the case of
|
||||
the EL1&0 translation regime, the attributes also specify whether the region is
|
||||
a User region (EL0) or Privileged region (EL1). See the ``MT_xxx`` definitions
|
||||
in ``xlat_tables_v2.h``. Note that for the EL1&0 translation regime the Execute
|
||||
Never attribute is set simultaneously for both EL1 and EL0.
|
||||
|
||||
The granularity controls the translation table level to go down to when mapping
|
||||
the region. For example, assuming the MMU has been configured to use a 4KB
|
||||
granule size, the library might map a 2MB memory region using either of the two
|
||||
following options:
|
||||
|
||||
- using a single level-2 translation table entry;
|
||||
- using a level-2 intermediate entry to a level-3 translation table (which
|
||||
contains 512 entries, each mapping 4KB).
|
||||
|
||||
The first solution potentially requires less translation tables, hence
|
||||
potentially less memory. However, if part of this 2MB region is later remapped
|
||||
with different memory attributes, the library might need to split the existing
|
||||
page tables to refine the mappings. If a single level-2 entry has been used
|
||||
here, a level-3 table will need to be allocated on the fly and the level-2
|
||||
modified to point to this new level-3 table. This has a performance cost at
|
||||
run-time.
|
||||
|
||||
If the user knows upfront that such a remapping operation is likely to happen
|
||||
then they might enforce a 4KB mapping granularity for this 2MB region from the
|
||||
beginning; remapping some of these 4KB pages on the fly then becomes a
|
||||
lightweight operation.
|
||||
|
||||
The region's granularity is an optional field; if it is not specified the
|
||||
library will choose the mapping granularity for this region as it sees fit (more
|
||||
details can be found in `The memory mapping algorithm`_ section below).
|
||||
|
||||
The MPU library also uses ``struct mmap_region`` to specify translations, but
|
||||
the MPU's translations are limited to specification of valid addresses and
|
||||
access permissions. If the requested virtual and physical addresses mismatch
|
||||
the system will panic. Being register-based for deterministic memory-reference
|
||||
timing, the MPU hardware does not involve memory-resident translation tables.
|
||||
|
||||
Currently, the MPU library is also limited to MPU translation at EL2 with no
|
||||
MMU translation at other ELs. These limitations, however, are expected to be
|
||||
overcome in future library versions.
|
||||
|
||||
Translation Context
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library can create or modify translation tables pertaining to a different
|
||||
translation regime than the exception level the library code is executing at.
|
||||
For example, the library might be used by EL3 software (for instance BL31) to
|
||||
create translation tables pertaining to the S-EL1&0 translation regime.
|
||||
|
||||
This flexibility comes from the use of *translation contexts*. A *translation
|
||||
context* constitutes the superset of information used by the library to track
|
||||
the status of a set of translation tables for a given translation regime.
|
||||
|
||||
The library internally allocates a default translation context, which pertains
|
||||
to the translation regime of the current exception level. Additional contexts
|
||||
may be explicitly allocated and initialized using the
|
||||
``REGISTER_XLAT_CONTEXT()`` macro. Separate APIs are provided to act either on
|
||||
the default translation context or on an alternative one.
|
||||
|
||||
To register a translation context, the user must provide the library with the
|
||||
following information:
|
||||
|
||||
* A name.
|
||||
|
||||
The resulting translation context variable will be called after this name, to
|
||||
which ``_xlat_ctx`` is appended. For example, if the macro name parameter is
|
||||
``foo``, the context variable name will be ``foo_xlat_ctx``.
|
||||
|
||||
* The maximum number of `mmap` regions to map.
|
||||
|
||||
Should account for both static and dynamic regions, if applicable.
|
||||
|
||||
* The number of sub-translation tables to allocate.
|
||||
|
||||
Number of translation tables to statically allocate for this context,
|
||||
excluding the initial lookup level translation table, which is always
|
||||
allocated. For example, if the initial lookup level is 1, this parameter would
|
||||
specify the number of level-2 and level-3 translation tables to pre-allocate
|
||||
for this context.
|
||||
|
||||
* The size of the virtual address space.
|
||||
|
||||
Size in bytes of the virtual address space to map using this context. This
|
||||
will incidentally determine the number of entries in the initial lookup level
|
||||
translation table : the library will allocate as many entries as is required
|
||||
to map the entire virtual address space.
|
||||
|
||||
* The size of the physical address space.
|
||||
|
||||
Size in bytes of the physical address space to map using this context.
|
||||
|
||||
The default translation context is internally initialized using information
|
||||
coming (for the most part) from platform-specific defines:
|
||||
|
||||
- name: hard-coded to ``tf`` ; hence the name of the default context variable is
|
||||
``tf_xlat_ctx``;
|
||||
- number of `mmap` regions: ``MAX_MMAP_REGIONS``;
|
||||
- number of sub-translation tables: ``MAX_XLAT_TABLES``;
|
||||
- size of the virtual address space: ``PLAT_VIRT_ADDR_SPACE_SIZE``;
|
||||
- size of the physical address space: ``PLAT_PHY_ADDR_SPACE_SIZE``.
|
||||
|
||||
Please refer to the :ref:`Porting Guide` for more details about these macros.
|
||||
|
||||
|
||||
Static and dynamic memory regions
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library optionally supports dynamic memory mapping. This feature may be
|
||||
enabled using the ``PLAT_XLAT_TABLES_DYNAMIC`` platform build flag.
|
||||
|
||||
When dynamic memory mapping is enabled, the library categorises mmap regions as
|
||||
*static* or *dynamic*.
|
||||
|
||||
- *Static regions* are fixed for the lifetime of the system. They can only be
|
||||
added early on, before the translation tables are created and populated. They
|
||||
cannot be removed afterwards.
|
||||
|
||||
- *Dynamic regions* can be added or removed any time.
|
||||
|
||||
When the dynamic memory mapping feature is disabled, only static regions exist.
|
||||
|
||||
The dynamic memory mapping feature may be used to map and unmap transient memory
|
||||
areas. This is useful when the user needs to access some memory for a fixed
|
||||
period of time, after which the memory may be discarded and reclaimed. For
|
||||
example, a memory region that is only required at boot time while the system is
|
||||
initializing, or to temporarily share a memory buffer between the normal world
|
||||
and trusted world. Note that it is up to the caller to ensure that these regions
|
||||
are not accessed concurrently while the regions are being added or removed.
|
||||
|
||||
Although this feature provides some level of dynamic memory allocation, this
|
||||
does not allow dynamically allocating an arbitrary amount of memory at an
|
||||
arbitrary memory location. The user is still required to declare at compile-time
|
||||
the limits of these allocations ; the library will deny any mapping request that
|
||||
does not fit within this pre-allocated pool of memory.
|
||||
|
||||
|
||||
Library APIs
|
||||
------------
|
||||
|
||||
The external APIs exposed by this library are declared and documented in the
|
||||
``xlat_tables_v2.h`` header file. This should be the reference point for
|
||||
getting information about the usage of the different APIs this library
|
||||
provides. This section just provides some extra details and clarifications.
|
||||
|
||||
Although the ``mmap_region`` structure is a publicly visible type, it is not
|
||||
recommended to populate these structures by hand. Instead, wherever APIs expect
|
||||
function arguments of type ``mmap_region_t``, these should be constructed using
|
||||
the ``MAP_REGION*()`` family of helper macros. This is to limit the risk of
|
||||
compatibility breaks, should the ``mmap_region`` structure type evolve in the
|
||||
future.
|
||||
|
||||
The ``MAP_REGION()`` and ``MAP_REGION_FLAT()`` macros do not allow specifying a
|
||||
mapping granularity, which leaves the library implementation free to choose
|
||||
it. However, in cases where a specific granularity is required, the
|
||||
``MAP_REGION2()`` macro might be used instead. Using ``MAP_REGION_FLAT()`` only
|
||||
to define regions for the MPU library is strongly recommended.
|
||||
|
||||
As explained earlier in this document, when the dynamic mapping feature is
|
||||
disabled, there is no notion of dynamic regions. Conceptually, there are only
|
||||
static regions. For this reason (and to retain backward compatibility with the
|
||||
version 1 of the library), the APIs that map static regions do not embed the
|
||||
word *static* in their functions names (for example ``mmap_add_region()``), in
|
||||
contrast with the dynamic regions APIs (for example
|
||||
``mmap_add_dynamic_region()``).
|
||||
|
||||
Although the definition of static and dynamic regions is not based on the state
|
||||
of the MMU, the two are still related in some way. Static regions can only be
|
||||
added before ``init_xlat_tables()`` is called and ``init_xlat_tables()`` must be
|
||||
called while the MMU is still off. As a result, static regions cannot be added
|
||||
once the MMU has been enabled. Dynamic regions can be added with the MMU on or
|
||||
off. In practice, the usual call flow would look like this:
|
||||
|
||||
#. The MMU is initially off.
|
||||
|
||||
#. Add some static regions, add some dynamic regions.
|
||||
|
||||
#. Initialize translation tables based on the list of mmap regions (using one of
|
||||
the ``init_xlat_tables*()`` APIs).
|
||||
|
||||
#. At this point, it is no longer possible to add static regions. Dynamic
|
||||
regions can still be added or removed.
|
||||
|
||||
#. Enable the MMU.
|
||||
|
||||
#. Dynamic regions can continue to be added or removed.
|
||||
|
||||
Because static regions are added early on at boot time and are all in the
|
||||
control of the platform initialization code, the ``mmap_add*()`` family of APIs
|
||||
are not expected to fail. They do not return any error code.
|
||||
|
||||
Nonetheless, these APIs will check upfront whether the region can be
|
||||
successfully added before updating the translation context structure. If the
|
||||
library detects that there is insufficient memory to meet the request, or that
|
||||
the new region will overlap another one in an invalid way, or if any other
|
||||
unexpected error is encountered, they will print an error message on the UART.
|
||||
Additionally, when asserts are enabled (typically in debug builds), an assertion
|
||||
will be triggered. Otherwise, the function call will just return straight away,
|
||||
without adding the offending memory region.
|
||||
|
||||
|
||||
Library limitations
|
||||
-------------------
|
||||
|
||||
Dynamic regions are not allowed to overlap each other. Static regions are
|
||||
allowed to overlap as long as one of them is fully contained inside the other
|
||||
one. This is allowed for backwards compatibility with the previous behaviour in
|
||||
the version 1 of the library.
|
||||
|
||||
|
||||
Implementation details
|
||||
----------------------
|
||||
|
||||
Code structure
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
The library is divided into 4 modules:
|
||||
|
||||
- **Core module**
|
||||
|
||||
Provides the main functionality of the library, such as the initialization of
|
||||
translation tables contexts and mapping/unmapping memory regions. This module
|
||||
provides functions such as ``mmap_add_region_ctx`` that let the caller specify
|
||||
the translation tables context affected by them.
|
||||
|
||||
See ``xlat_tables_core.c``.
|
||||
|
||||
- **Active context module**
|
||||
|
||||
Instantiates the context that is used by the current BL image and provides
|
||||
helpers to manipulate it, abstracting it from the rest of the code.
|
||||
This module provides functions such as ``mmap_add_region``, that directly
|
||||
affect the BL image using them.
|
||||
|
||||
See ``xlat_tables_context.c``.
|
||||
|
||||
- **Utilities module**
|
||||
|
||||
Provides additional functionality like debug print of the current state of the
|
||||
translation tables and helpers to query memory attributes and to modify them.
|
||||
|
||||
See ``xlat_tables_utils.c``.
|
||||
|
||||
- **Architectural module**
|
||||
|
||||
Provides functions that are dependent on the current execution state
|
||||
(AArch32/AArch64), such as the functions used for TLB invalidation, setup the
|
||||
MMU, or calculate the Physical Address Space size. They do not need a
|
||||
translation context to work on.
|
||||
|
||||
See ``aarch32/xlat_tables_arch.c`` and ``aarch64/xlat_tables_arch.c``.
|
||||
|
||||
From mmap regions to translation tables
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
A translation context contains a list of ``mmap_region_t``, which holds the
|
||||
information of all the regions that are mapped at any given time. Whenever there
|
||||
is a request to map (resp. unmap) a memory region, it is added to (resp. removed
|
||||
from) the ``mmap_region_t`` list.
|
||||
|
||||
The mmap regions list is a conceptual way to represent the memory layout. At
|
||||
some point, the library has to convert this information into actual translation
|
||||
tables to program into the MMU.
|
||||
|
||||
Before the ``init_xlat_tables()`` API is called, the library only acts on the
|
||||
mmap regions list. Adding a static or dynamic region at this point through one
|
||||
of the ``mmap_add*()`` APIs does not affect the translation tables in any way,
|
||||
they only get registered in the internal mmap region list. It is only when the
|
||||
user calls the ``init_xlat_tables()`` that the translation tables are populated
|
||||
in memory based on the list of mmap regions registered so far. This is an
|
||||
optimization that allows creation of the initial set of translation tables in
|
||||
one go, rather than having to edit them every time while the MMU is disabled.
|
||||
|
||||
After the ``init_xlat_tables()`` API has been called, only dynamic regions can
|
||||
be added. Changes to the translation tables (as well as the mmap regions list)
|
||||
will take effect immediately.
|
||||
|
||||
The memory mapping algorithm
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The mapping function is implemented as a recursive algorithm. It is however
|
||||
bound by the level of depth of the translation tables (the Armv8-A architecture
|
||||
allows up to 4 lookup levels).
|
||||
|
||||
By default [#granularity]_, the algorithm will attempt to minimize the
|
||||
number of translation tables created to satisfy the user's request. It will
|
||||
favour mapping a region using the biggest possible blocks, only creating a
|
||||
sub-table if it is strictly necessary. This is to reduce the memory footprint of
|
||||
the firmware.
|
||||
|
||||
The most common reason for needing a sub-table is when a specific mapping
|
||||
requires a finer granularity. Misaligned regions also require a finer
|
||||
granularity than what the user may had originally expected, using a lot more
|
||||
memory than expected. The reason is that all levels of translation are
|
||||
restricted to address translations of the same granularity as the size of the
|
||||
blocks of that level. For example, for a 4 KiB page size, a level 2 block entry
|
||||
can only translate up to a granularity of 2 MiB. If the Physical Address is not
|
||||
aligned to 2 MiB then additional level 3 tables are also needed.
|
||||
|
||||
Note that not every translation level allows any type of descriptor. Depending
|
||||
on the page size, levels 0 and 1 of translation may only allow table
|
||||
descriptors. If a block entry could be able to describe a translation, but that
|
||||
level does not allow block descriptors, a table descriptor will have to be used
|
||||
instead, as well as additional tables at the next level.
|
||||
|
||||
|Alignment Example|
|
||||
|
||||
The mmap regions are sorted in a way that simplifies the code that maps
|
||||
them. Even though this ordering is only strictly needed for overlapping static
|
||||
regions, it must also be applied for dynamic regions to maintain a consistent
|
||||
order of all regions at all times. As each new region is mapped, existing
|
||||
entries in the translation tables are checked to ensure consistency. Please
|
||||
refer to the comments in the source code of the core module for more details
|
||||
about the sorting algorithm in use.
|
||||
|
||||
This mapping algorithm does not apply to the MPU library, since the MPU hardware
|
||||
directly maps regions by "base" and "limit" (bottom and top) addresses.
|
||||
|
||||
TLB maintenance operations
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The library takes care of performing TLB maintenance operations when required.
|
||||
For example, when the user requests removing a dynamic region, the library
|
||||
invalidates all TLB entries associated to that region to ensure that these
|
||||
changes are visible to subsequent execution, including speculative execution,
|
||||
that uses the changed translation table entries.
|
||||
|
||||
A counter-example is the initialization of translation tables. In this case,
|
||||
explicit TLB maintenance is not required. The Armv8-A architecture guarantees
|
||||
that all TLBs are disabled from reset and their contents have no effect on
|
||||
address translation at reset [#tlb-reset-ref]_. Therefore, the TLBs invalidation
|
||||
is deferred to the ``enable_mmu*()`` family of functions, just before the MMU is
|
||||
turned on.
|
||||
|
||||
Regarding enabling and disabling memory management, for the MPU library, to
|
||||
reduce confusion, calls to enable or disable the MPU use ``mpu`` in their names
|
||||
in place of ``mmu``. For example, the ``enable_mmu_el2()`` call is changed to
|
||||
``enable_mpu_el2()``.
|
||||
|
||||
TLB invalidation is not required when adding dynamic regions either. Dynamic
|
||||
regions are not allowed to overlap existing memory region. Therefore, if the
|
||||
dynamic mapping request is deemed legitimate, it automatically concerns memory
|
||||
that was not mapped in this translation regime and the library will have
|
||||
initialized its corresponding translation table entry to an invalid
|
||||
descriptor. Given that the TLBs are not architecturally permitted to hold any
|
||||
invalid translation table entry [#tlb-no-invalid-entry]_, this means that this
|
||||
mapping cannot be cached in the TLBs.
|
||||
|
||||
.. rubric:: Footnotes
|
||||
|
||||
.. [#granularity] That is, when mmap regions do not enforce their mapping
|
||||
granularity.
|
||||
|
||||
.. [#tlb-reset-ref] See section D4.9 ``Translation Lookaside Buffers (TLBs)``,
|
||||
subsection ``TLB behavior at reset`` in Armv8-A, rev C.a.
|
||||
|
||||
.. [#tlb-no-invalid-entry] See section D4.10.1 ``General TLB maintenance
|
||||
requirements`` in Armv8-A, rev C.a.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. |Alignment Example| image:: ../resources/diagrams/xlat_align.png
|
||||
94
arm-trusted-firmware/docs/conf.py
Normal file
94
arm-trusted-firmware/docs/conf.py
Normal file
@@ -0,0 +1,94 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# Copyright (c) 2019-2021, Arm Limited. All rights reserved.
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
#
|
||||
# Configuration file for the Sphinx documentation builder.
|
||||
#
|
||||
# See the options documentation at http://www.sphinx-doc.org/en/master/config
|
||||
|
||||
import os
|
||||
|
||||
# -- Project information -----------------------------------------------------
|
||||
|
||||
project = 'Trusted Firmware-A'
|
||||
|
||||
# -- General configuration ---------------------------------------------------
|
||||
|
||||
# Add any Sphinx extension module names here, as strings. They can be
|
||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||
# ones.
|
||||
extensions = ['myst_parser', 'sphinx.ext.autosectionlabel', 'sphinxcontrib.plantuml']
|
||||
|
||||
# Add any paths that contain templates here, relative to this directory.
|
||||
templates_path = ['_templates']
|
||||
|
||||
# The suffix(es) of source filenames.
|
||||
source_suffix = ['.md', '.rst']
|
||||
|
||||
# The master toctree document.
|
||||
master_doc = 'index'
|
||||
|
||||
# The language for content autogenerated by Sphinx. Refer to documentation
|
||||
# for a list of supported languages.
|
||||
#
|
||||
# This is also used if you do content translation via gettext catalogs.
|
||||
# Usually you set "language" from the command line for these cases.
|
||||
language = None
|
||||
|
||||
# List of patterns, relative to source directory, that match files and
|
||||
# directories to ignore when looking for source files.
|
||||
# This pattern also affects html_static_path and html_extra_path .
|
||||
exclude_patterns = []
|
||||
|
||||
# The name of the Pygments (syntax highlighting) style to use.
|
||||
pygments_style = 'sphinx'
|
||||
|
||||
# Load the contents of the global substitutions file into the 'rst_prolog'
|
||||
# variable. This ensures that the substitutions are all inserted into each page.
|
||||
with open('global_substitutions.txt', 'r') as subs:
|
||||
rst_prolog = subs.read()
|
||||
|
||||
# Minimum version of sphinx required
|
||||
needs_sphinx = '2.0'
|
||||
|
||||
# -- Options for HTML output -------------------------------------------------
|
||||
|
||||
# Don't show the "Built with Sphinx" footer
|
||||
html_show_sphinx = False
|
||||
|
||||
# Don't show copyright info in the footer (we have this content in the page)
|
||||
html_show_copyright = False
|
||||
|
||||
# The theme to use for HTML and HTML Help pages. See the documentation for
|
||||
# a list of builtin themes.
|
||||
html_theme = "sphinx_rtd_theme"
|
||||
|
||||
# The logo to display in the sidebar
|
||||
html_logo = 'resources/TrustedFirmware-Logo_standard-white.png'
|
||||
|
||||
# Options for the "sphinx-rtd-theme" theme
|
||||
html_theme_options = {
|
||||
'collapse_navigation': False, # Can expand and collapse sidebar entries
|
||||
'prev_next_buttons_location': 'both', # Top and bottom of the page
|
||||
'style_external_links': True # Display an icon next to external links
|
||||
}
|
||||
|
||||
# Path to _static directory
|
||||
html_static_path = ['_static']
|
||||
|
||||
# Path to css file relative to html_static_path
|
||||
html_css_files = [
|
||||
'css/custom.css',
|
||||
]
|
||||
|
||||
# -- Options for autosectionlabel --------------------------------------------
|
||||
|
||||
# Only generate automatic section labels for document titles
|
||||
autosectionlabel_maxdepth = 1
|
||||
|
||||
# -- Options for plantuml ----------------------------------------------------
|
||||
|
||||
plantuml_output_format = 'svg_img'
|
||||
84
arm-trusted-firmware/docs/design/alt-boot-flows.rst
Normal file
84
arm-trusted-firmware/docs/design/alt-boot-flows.rst
Normal file
@@ -0,0 +1,84 @@
|
||||
Alternative Boot Flows
|
||||
======================
|
||||
|
||||
EL3 payloads alternative boot flow
|
||||
----------------------------------
|
||||
|
||||
On a pre-production system, the ability to execute arbitrary, bare-metal code at
|
||||
the highest exception level is required. It allows full, direct access to the
|
||||
hardware, for example to run silicon soak tests.
|
||||
|
||||
Although it is possible to implement some baremetal secure firmware from
|
||||
scratch, this is a complex task on some platforms, depending on the level of
|
||||
configuration required to put the system in the expected state.
|
||||
|
||||
Rather than booting a baremetal application, a possible compromise is to boot
|
||||
``EL3 payloads`` through TF-A instead. This is implemented as an alternative
|
||||
boot flow, where a modified BL2 boots an EL3 payload, instead of loading the
|
||||
other BL images and passing control to BL31. It reduces the complexity of
|
||||
developing EL3 baremetal code by:
|
||||
|
||||
- putting the system into a known architectural state;
|
||||
- taking care of platform secure world initialization;
|
||||
- loading the SCP_BL2 image if required by the platform.
|
||||
|
||||
When booting an EL3 payload on Arm standard platforms, the configuration of the
|
||||
TrustZone controller is simplified such that only region 0 is enabled and is
|
||||
configured to permit secure access only. This gives full access to the whole
|
||||
DRAM to the EL3 payload.
|
||||
|
||||
The system is left in the same state as when entering BL31 in the default boot
|
||||
flow. In particular:
|
||||
|
||||
- Running in EL3;
|
||||
- Current state is AArch64;
|
||||
- Little-endian data access;
|
||||
- All exceptions disabled;
|
||||
- MMU disabled;
|
||||
- Caches disabled.
|
||||
|
||||
.. _alt_boot_flows_el3_payload:
|
||||
|
||||
Booting an EL3 payload
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The EL3 payload image is a standalone image and is not part of the FIP. It is
|
||||
not loaded by TF-A. Therefore, there are 2 possible scenarios:
|
||||
|
||||
- The EL3 payload may reside in non-volatile memory (NVM) and execute in
|
||||
place. In this case, booting it is just a matter of specifying the right
|
||||
address in NVM through ``EL3_PAYLOAD_BASE`` when building TF-A.
|
||||
|
||||
- The EL3 payload needs to be loaded in volatile memory (e.g. DRAM) at
|
||||
run-time.
|
||||
|
||||
To help in the latter scenario, the ``SPIN_ON_BL1_EXIT=1`` build option can be
|
||||
used. The infinite loop that it introduces in BL1 stops execution at the right
|
||||
moment for a debugger to take control of the target and load the payload (for
|
||||
example, over JTAG).
|
||||
|
||||
It is expected that this loading method will work in most cases, as a debugger
|
||||
connection is usually available in a pre-production system. The user is free to
|
||||
use any other platform-specific mechanism to load the EL3 payload, though.
|
||||
|
||||
|
||||
Preloaded BL33 alternative boot flow
|
||||
------------------------------------
|
||||
|
||||
Some platforms have the ability to preload BL33 into memory instead of relying
|
||||
on TF-A to load it. This may simplify packaging of the normal world code and
|
||||
improve performance in a development environment. When secure world cold boot
|
||||
is complete, TF-A simply jumps to a BL33 base address provided at build time.
|
||||
|
||||
For this option to be used, the ``PRELOADED_BL33_BASE`` build option has to be
|
||||
used when compiling TF-A. For example, the following command will create a FIP
|
||||
without a BL33 and prepare to jump to a BL33 image loaded at address
|
||||
0x80000000:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PRELOADED_BL33_BASE=0x80000000 PLAT=fvp all fip
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
980
arm-trusted-firmware/docs/design/auth-framework.rst
Normal file
980
arm-trusted-firmware/docs/design/auth-framework.rst
Normal file
@@ -0,0 +1,980 @@
|
||||
Authentication Framework & Chain of Trust
|
||||
=========================================
|
||||
|
||||
The aim of this document is to describe the authentication framework
|
||||
implemented in Trusted Firmware-A (TF-A). This framework fulfills the
|
||||
following requirements:
|
||||
|
||||
#. It should be possible for a platform port to specify the Chain of Trust in
|
||||
terms of certificate hierarchy and the mechanisms used to verify a
|
||||
particular image/certificate.
|
||||
|
||||
#. The framework should distinguish between:
|
||||
|
||||
- The mechanism used to encode and transport information, e.g. DER encoded
|
||||
X.509v3 certificates to ferry Subject Public Keys, hashes and non-volatile
|
||||
counters.
|
||||
|
||||
- The mechanism used to verify the transported information i.e. the
|
||||
cryptographic libraries.
|
||||
|
||||
The framework has been designed following a modular approach illustrated in the
|
||||
next diagram:
|
||||
|
||||
::
|
||||
|
||||
+---------------+---------------+------------+
|
||||
| Trusted | Trusted | Trusted |
|
||||
| Firmware | Firmware | Firmware |
|
||||
| Generic | IO Framework | Platform |
|
||||
| Code i.e. | (IO) | Port |
|
||||
| BL1/BL2 (GEN) | | (PP) |
|
||||
+---------------+---------------+------------+
|
||||
^ ^ ^
|
||||
| | |
|
||||
v v v
|
||||
+-----------+ +-----------+ +-----------+
|
||||
| | | | | Image |
|
||||
| Crypto | | Auth | | Parser |
|
||||
| Module |<->| Module |<->| Module |
|
||||
| (CM) | | (AM) | | (IPM) |
|
||||
| | | | | |
|
||||
+-----------+ +-----------+ +-----------+
|
||||
^ ^
|
||||
| |
|
||||
v v
|
||||
+----------------+ +-----------------+
|
||||
| Cryptographic | | Image Parser |
|
||||
| Libraries (CL) | | Libraries (IPL) |
|
||||
+----------------+ +-----------------+
|
||||
| |
|
||||
| |
|
||||
| |
|
||||
v v
|
||||
+-----------------+
|
||||
| Misc. Libs e.g. |
|
||||
| ASN.1 decoder |
|
||||
| |
|
||||
+-----------------+
|
||||
|
||||
DIAGRAM 1.
|
||||
|
||||
This document describes the inner details of the authentication framework and
|
||||
the abstraction mechanisms available to specify a Chain of Trust.
|
||||
|
||||
Framework design
|
||||
----------------
|
||||
|
||||
This section describes some aspects of the framework design and the rationale
|
||||
behind them. These aspects are key to verify a Chain of Trust.
|
||||
|
||||
Chain of Trust
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
A CoT is basically a sequence of authentication images which usually starts with
|
||||
a root of trust and culminates in a single data image. The following diagram
|
||||
illustrates how this maps to a CoT for the BL31 image described in the
|
||||
`TBBR-Client specification`_.
|
||||
|
||||
::
|
||||
|
||||
+------------------+ +-------------------+
|
||||
| ROTPK/ROTPK Hash |------>| Trusted Key |
|
||||
+------------------+ | Certificate |
|
||||
| (Auth Image) |
|
||||
/+-------------------+
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
L v
|
||||
+------------------+ +-------------------+
|
||||
| Trusted World |------>| BL31 Key |
|
||||
| Public Key | | Certificate |
|
||||
+------------------+ | (Auth Image) |
|
||||
+-------------------+
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
/ v
|
||||
+------------------+ L +-------------------+
|
||||
| BL31 Content |------>| BL31 Content |
|
||||
| Certificate PK | | Certificate |
|
||||
+------------------+ | (Auth Image) |
|
||||
+-------------------+
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
/ |
|
||||
/ v
|
||||
+------------------+ L +-------------------+
|
||||
| BL31 Hash |------>| BL31 Image |
|
||||
| | | (Data Image) |
|
||||
+------------------+ | |
|
||||
+-------------------+
|
||||
|
||||
DIAGRAM 2.
|
||||
|
||||
The root of trust is usually a public key (ROTPK) that has been burnt in the
|
||||
platform and cannot be modified.
|
||||
|
||||
Image types
|
||||
~~~~~~~~~~~
|
||||
|
||||
Images in a CoT are categorised as authentication and data images. An
|
||||
authentication image contains information to authenticate a data image or
|
||||
another authentication image. A data image is usually a boot loader binary, but
|
||||
it could be any other data that requires authentication.
|
||||
|
||||
Component responsibilities
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
For every image in a Chain of Trust, the following high level operations are
|
||||
performed to verify it:
|
||||
|
||||
#. Allocate memory for the image either statically or at runtime.
|
||||
|
||||
#. Identify the image and load it in the allocated memory.
|
||||
|
||||
#. Check the integrity of the image as per its type.
|
||||
|
||||
#. Authenticate the image as per the cryptographic algorithms used.
|
||||
|
||||
#. If the image is an authentication image, extract the information that will
|
||||
be used to authenticate the next image in the CoT.
|
||||
|
||||
In Diagram 1, each component is responsible for one or more of these operations.
|
||||
The responsibilities are briefly described below.
|
||||
|
||||
TF-A Generic code and IO framework (GEN/IO)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
These components are responsible for initiating the authentication process for a
|
||||
particular image in BL1 or BL2. For each BL image that requires authentication,
|
||||
the Generic code asks recursively the Authentication module what is the parent
|
||||
image until either an authenticated image or the ROT is reached. Then the
|
||||
Generic code calls the IO framework to load the image and calls the
|
||||
Authentication module to authenticate it, following the CoT from ROT to Image.
|
||||
|
||||
TF-A Platform Port (PP)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The platform is responsible for:
|
||||
|
||||
#. Specifying the CoT for each image that needs to be authenticated. Details of
|
||||
how a CoT can be specified by the platform are explained later. The platform
|
||||
also specifies the authentication methods and the parsing method used for
|
||||
each image.
|
||||
|
||||
#. Statically allocating memory for each parameter in each image which is
|
||||
used for verifying the CoT, e.g. memory for public keys, hashes etc.
|
||||
|
||||
#. Providing the ROTPK or a hash of it.
|
||||
|
||||
#. Providing additional information to the IPM to enable it to identify and
|
||||
extract authentication parameters contained in an image, e.g. if the
|
||||
parameters are stored as X509v3 extensions, the corresponding OID must be
|
||||
provided.
|
||||
|
||||
#. Fulfill any other memory requirements of the IPM and the CM (not currently
|
||||
described in this document).
|
||||
|
||||
#. Export functions to verify an image which uses an authentication method that
|
||||
cannot be interpreted by the CM, e.g. if an image has to be verified using a
|
||||
NV counter, then the value of the counter to compare with can only be
|
||||
provided by the platform.
|
||||
|
||||
#. Export a custom IPM if a proprietary image format is being used (described
|
||||
later).
|
||||
|
||||
Authentication Module (AM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
It is responsible for:
|
||||
|
||||
#. Providing the necessary abstraction mechanisms to describe a CoT. Amongst
|
||||
other things, the authentication and image parsing methods must be specified
|
||||
by the PP in the CoT.
|
||||
|
||||
#. Verifying the CoT passed by GEN by utilising functionality exported by the
|
||||
PP, IPM and CM.
|
||||
|
||||
#. Tracking which images have been verified. In case an image is a part of
|
||||
multiple CoTs then it should be verified only once e.g. the Trusted World
|
||||
Key Certificate in the TBBR-Client spec. contains information to verify
|
||||
SCP_BL2, BL31, BL32 each of which have a separate CoT. (This
|
||||
responsibility has not been described in this document but should be
|
||||
trivial to implement).
|
||||
|
||||
#. Reusing memory meant for a data image to verify authentication images e.g.
|
||||
in the CoT described in Diagram 2, each certificate can be loaded and
|
||||
verified in the memory reserved by the platform for the BL31 image. By the
|
||||
time BL31 (the data image) is loaded, all information to authenticate it
|
||||
will have been extracted from the parent image i.e. BL31 content
|
||||
certificate. It is assumed that the size of an authentication image will
|
||||
never exceed the size of a data image. It should be possible to verify this
|
||||
at build time using asserts.
|
||||
|
||||
Cryptographic Module (CM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The CM is responsible for providing an API to:
|
||||
|
||||
#. Verify a digital signature.
|
||||
#. Verify a hash.
|
||||
|
||||
The CM does not include any cryptography related code, but it relies on an
|
||||
external library to perform the cryptographic operations. A Crypto-Library (CL)
|
||||
linking the CM and the external library must be implemented. The following
|
||||
functions must be provided by the CL:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void (*init)(void);
|
||||
int (*verify_signature)(void *data_ptr, unsigned int data_len,
|
||||
void *sig_ptr, unsigned int sig_len,
|
||||
void *sig_alg, unsigned int sig_alg_len,
|
||||
void *pk_ptr, unsigned int pk_len);
|
||||
int (*verify_hash)(void *data_ptr, unsigned int data_len,
|
||||
void *digest_info_ptr, unsigned int digest_info_len);
|
||||
|
||||
These functions are registered in the CM using the macro:
|
||||
|
||||
.. code:: c
|
||||
|
||||
REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash);
|
||||
|
||||
``_name`` must be a string containing the name of the CL. This name is used for
|
||||
debugging purposes.
|
||||
|
||||
Image Parser Module (IPM)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The IPM is responsible for:
|
||||
|
||||
#. Checking the integrity of each image loaded by the IO framework.
|
||||
#. Extracting parameters used for authenticating an image based upon a
|
||||
description provided by the platform in the CoT descriptor.
|
||||
|
||||
Images may have different formats (for example, authentication images could be
|
||||
x509v3 certificates, signed ELF files or any other platform specific format).
|
||||
The IPM allows to register an Image Parser Library (IPL) for every image format
|
||||
used in the CoT. This library must implement the specific methods to parse the
|
||||
image. The IPM obtains the image format from the CoT and calls the right IPL to
|
||||
check the image integrity and extract the authentication parameters.
|
||||
|
||||
See Section "Describing the image parsing methods" for more details about the
|
||||
mechanism the IPM provides to define and register IPLs.
|
||||
|
||||
Authentication methods
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The AM supports the following authentication methods:
|
||||
|
||||
#. Hash
|
||||
#. Digital signature
|
||||
|
||||
The platform may specify these methods in the CoT in case it decides to define
|
||||
a custom CoT instead of reusing a predefined one.
|
||||
|
||||
If a data image uses multiple methods, then all the methods must be a part of
|
||||
the same CoT. The number and type of parameters are method specific. These
|
||||
parameters should be obtained from the parent image using the IPM.
|
||||
|
||||
#. Hash
|
||||
|
||||
Parameters:
|
||||
|
||||
#. A pointer to data to hash
|
||||
#. Length of the data
|
||||
#. A pointer to the hash
|
||||
#. Length of the hash
|
||||
|
||||
The hash will be represented by the DER encoding of the following ASN.1
|
||||
type:
|
||||
|
||||
::
|
||||
|
||||
DigestInfo ::= SEQUENCE {
|
||||
digestAlgorithm DigestAlgorithmIdentifier,
|
||||
digest Digest
|
||||
}
|
||||
|
||||
This ASN.1 structure makes it possible to remove any assumption about the
|
||||
type of hash algorithm used as this information accompanies the hash. This
|
||||
should allow the Cryptography Library (CL) to support multiple hash
|
||||
algorithm implementations.
|
||||
|
||||
#. Digital Signature
|
||||
|
||||
Parameters:
|
||||
|
||||
#. A pointer to data to sign
|
||||
#. Length of the data
|
||||
#. Public Key Algorithm
|
||||
#. Public Key value
|
||||
#. Digital Signature Algorithm
|
||||
#. Digital Signature value
|
||||
|
||||
The Public Key parameters will be represented by the DER encoding of the
|
||||
following ASN.1 type:
|
||||
|
||||
::
|
||||
|
||||
SubjectPublicKeyInfo ::= SEQUENCE {
|
||||
algorithm AlgorithmIdentifier{PUBLIC-KEY,{PublicKeyAlgorithms}},
|
||||
subjectPublicKey BIT STRING }
|
||||
|
||||
The Digital Signature Algorithm will be represented by the DER encoding of
|
||||
the following ASN.1 types.
|
||||
|
||||
::
|
||||
|
||||
AlgorithmIdentifier {ALGORITHM:IOSet } ::= SEQUENCE {
|
||||
algorithm ALGORITHM.&id({IOSet}),
|
||||
parameters ALGORITHM.&Type({IOSet}{@algorithm}) OPTIONAL
|
||||
}
|
||||
|
||||
The digital signature will be represented by:
|
||||
|
||||
::
|
||||
|
||||
signature ::= BIT STRING
|
||||
|
||||
The authentication framework will use the image descriptor to extract all the
|
||||
information related to authentication.
|
||||
|
||||
Specifying a Chain of Trust
|
||||
---------------------------
|
||||
|
||||
A CoT can be described as a set of image descriptors linked together in a
|
||||
particular order. The order dictates the sequence in which they must be
|
||||
verified. Each image has a set of properties which allow the AM to verify it.
|
||||
These properties are described below.
|
||||
|
||||
The PP is responsible for defining a single or multiple CoTs for a data image.
|
||||
Unless otherwise specified, the data structures described in the following
|
||||
sections are populated by the PP statically.
|
||||
|
||||
Describing the image parsing methods
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The parsing method refers to the format of a particular image. For example, an
|
||||
authentication image that represents a certificate could be in the X.509v3
|
||||
format. A data image that represents a boot loader stage could be in raw binary
|
||||
or ELF format. The IPM supports three parsing methods. An image has to use one
|
||||
of the three methods described below. An IPL is responsible for interpreting a
|
||||
single parsing method. There has to be one IPL for every method used by the
|
||||
platform.
|
||||
|
||||
#. Raw format: This format is effectively a nop as an image using this method
|
||||
is treated as being in raw binary format e.g. boot loader images used by
|
||||
TF-A. This method should only be used by data images.
|
||||
|
||||
#. X509V3 method: This method uses industry standards like X.509 to represent
|
||||
PKI certificates (authentication images). It is expected that open source
|
||||
libraries will be available which can be used to parse an image represented
|
||||
by this method. Such libraries can be used to write the corresponding IPL
|
||||
e.g. the X.509 parsing library code in mbed TLS.
|
||||
|
||||
#. Platform defined method: This method caters for platform specific
|
||||
proprietary standards to represent authentication or data images. For
|
||||
example, The signature of a data image could be appended to the data image
|
||||
raw binary. A header could be prepended to the combined blob to specify the
|
||||
extents of each component. The platform will have to implement the
|
||||
corresponding IPL to interpret such a format.
|
||||
|
||||
The following enum can be used to define these three methods.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef enum img_type_enum {
|
||||
IMG_RAW, /* Binary image */
|
||||
IMG_PLAT, /* Platform specific format */
|
||||
IMG_CERT, /* X509v3 certificate */
|
||||
IMG_MAX_TYPES,
|
||||
} img_type_t;
|
||||
|
||||
An IPL must provide functions with the following prototypes:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void init(void);
|
||||
int check_integrity(void *img, unsigned int img_len);
|
||||
int get_auth_param(const auth_param_type_desc_t *type_desc,
|
||||
void *img, unsigned int img_len,
|
||||
void **param, unsigned int *param_len);
|
||||
|
||||
An IPL for each type must be registered using the following macro:
|
||||
|
||||
.. code:: c
|
||||
|
||||
REGISTER_IMG_PARSER_LIB(_type, _name, _init, _check_int, _get_param)
|
||||
|
||||
- ``_type``: one of the types described above.
|
||||
- ``_name``: a string containing the IPL name for debugging purposes.
|
||||
- ``_init``: initialization function pointer.
|
||||
- ``_check_int``: check image integrity function pointer.
|
||||
- ``_get_param``: extract authentication parameter function pointer.
|
||||
|
||||
The ``init()`` function will be used to initialize the IPL.
|
||||
|
||||
The ``check_integrity()`` function is passed a pointer to the memory where the
|
||||
image has been loaded by the IO framework and the image length. It should ensure
|
||||
that the image is in the format corresponding to the parsing method and has not
|
||||
been tampered with. For example, RFC-2459 describes a validation sequence for an
|
||||
X.509 certificate.
|
||||
|
||||
The ``get_auth_param()`` function is passed a parameter descriptor containing
|
||||
information about the parameter (``type_desc`` and ``cookie``) to identify and
|
||||
extract the data corresponding to that parameter from an image. This data will
|
||||
be used to verify either the current or the next image in the CoT sequence.
|
||||
|
||||
Each image in the CoT will specify the parsing method it uses. This information
|
||||
will be used by the IPM to find the right parser descriptor for the image.
|
||||
|
||||
Describing the authentication method(s)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As part of the CoT, each image has to specify one or more authentication methods
|
||||
which will be used to verify it. As described in the Section "Authentication
|
||||
methods", there are three methods supported by the AM.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef enum {
|
||||
AUTH_METHOD_NONE,
|
||||
AUTH_METHOD_HASH,
|
||||
AUTH_METHOD_SIG,
|
||||
AUTH_METHOD_NUM
|
||||
} auth_method_type_t;
|
||||
|
||||
The AM defines the type of each parameter used by an authentication method. It
|
||||
uses this information to:
|
||||
|
||||
#. Specify to the ``get_auth_param()`` function exported by the IPM, which
|
||||
parameter should be extracted from an image.
|
||||
|
||||
#. Correctly marshall the parameters while calling the verification function
|
||||
exported by the CM and PP.
|
||||
|
||||
#. Extract authentication parameters from a parent image in order to verify a
|
||||
child image e.g. to verify the certificate image, the public key has to be
|
||||
obtained from the parent image.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef enum {
|
||||
AUTH_PARAM_NONE,
|
||||
AUTH_PARAM_RAW_DATA, /* Raw image data */
|
||||
AUTH_PARAM_SIG, /* The image signature */
|
||||
AUTH_PARAM_SIG_ALG, /* The image signature algorithm */
|
||||
AUTH_PARAM_HASH, /* A hash (including the algorithm) */
|
||||
AUTH_PARAM_PUB_KEY, /* A public key */
|
||||
} auth_param_type_t;
|
||||
|
||||
The AM defines the following structure to identify an authentication parameter
|
||||
required to verify an image.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct auth_param_type_desc_s {
|
||||
auth_param_type_t type;
|
||||
void *cookie;
|
||||
} auth_param_type_desc_t;
|
||||
|
||||
``cookie`` is used by the platform to specify additional information to the IPM
|
||||
which enables it to uniquely identify the parameter that should be extracted
|
||||
from an image. For example, the hash of a BL3x image in its corresponding
|
||||
content certificate is stored in an X509v3 custom extension field. An extension
|
||||
field can only be identified using an OID. In this case, the ``cookie`` could
|
||||
contain the pointer to the OID defined by the platform for the hash extension
|
||||
field while the ``type`` field could be set to ``AUTH_PARAM_HASH``. A value of 0 for
|
||||
the ``cookie`` field means that it is not used.
|
||||
|
||||
For each method, the AM defines a structure with the parameters required to
|
||||
verify the image.
|
||||
|
||||
.. code:: c
|
||||
|
||||
/*
|
||||
* Parameters for authentication by hash matching
|
||||
*/
|
||||
typedef struct auth_method_param_hash_s {
|
||||
auth_param_type_desc_t *data; /* Data to hash */
|
||||
auth_param_type_desc_t *hash; /* Hash to match with */
|
||||
} auth_method_param_hash_t;
|
||||
|
||||
/*
|
||||
* Parameters for authentication by signature
|
||||
*/
|
||||
typedef struct auth_method_param_sig_s {
|
||||
auth_param_type_desc_t *pk; /* Public key */
|
||||
auth_param_type_desc_t *sig; /* Signature to check */
|
||||
auth_param_type_desc_t *alg; /* Signature algorithm */
|
||||
auth_param_type_desc_t *tbs; /* Data signed */
|
||||
} auth_method_param_sig_t;
|
||||
|
||||
The AM defines the following structure to describe an authentication method for
|
||||
verifying an image
|
||||
|
||||
.. code:: c
|
||||
|
||||
/*
|
||||
* Authentication method descriptor
|
||||
*/
|
||||
typedef struct auth_method_desc_s {
|
||||
auth_method_type_t type;
|
||||
union {
|
||||
auth_method_param_hash_t hash;
|
||||
auth_method_param_sig_t sig;
|
||||
} param;
|
||||
} auth_method_desc_t;
|
||||
|
||||
Using the method type specified in the ``type`` field, the AM finds out what field
|
||||
needs to access within the ``param`` union.
|
||||
|
||||
Storing Authentication parameters
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
A parameter described by ``auth_param_type_desc_t`` to verify an image could be
|
||||
obtained from either the image itself or its parent image. The memory allocated
|
||||
for loading the parent image will be reused for loading the child image. Hence
|
||||
parameters which are obtained from the parent for verifying a child image need
|
||||
to have memory allocated for them separately where they can be stored. This
|
||||
memory must be statically allocated by the platform port.
|
||||
|
||||
The AM defines the following structure to store the data corresponding to an
|
||||
authentication parameter.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct auth_param_data_desc_s {
|
||||
void *auth_param_ptr;
|
||||
unsigned int auth_param_len;
|
||||
} auth_param_data_desc_t;
|
||||
|
||||
The ``auth_param_ptr`` field is initialized by the platform. The ``auth_param_len``
|
||||
field is used to specify the length of the data in the memory.
|
||||
|
||||
For parameters that can be obtained from the child image itself, the IPM is
|
||||
responsible for populating the ``auth_param_ptr`` and ``auth_param_len`` fields
|
||||
while executing the ``img_get_auth_param()`` function.
|
||||
|
||||
The AM defines the following structure to enable an image to describe the
|
||||
parameters that should be extracted from it and used to verify the next image
|
||||
(child) in a CoT.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct auth_param_desc_s {
|
||||
auth_param_type_desc_t type_desc;
|
||||
auth_param_data_desc_t data;
|
||||
} auth_param_desc_t;
|
||||
|
||||
Describing an image in a CoT
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
An image in a CoT is a consolidation of the following aspects of a CoT described
|
||||
above.
|
||||
|
||||
#. A unique identifier specified by the platform which allows the IO framework
|
||||
to locate the image in a FIP and load it in the memory reserved for the data
|
||||
image in the CoT.
|
||||
|
||||
#. A parsing method which is used by the AM to find the appropriate IPM.
|
||||
|
||||
#. Authentication methods and their parameters as described in the previous
|
||||
section. These are used to verify the current image.
|
||||
|
||||
#. Parameters which are used to verify the next image in the current CoT. These
|
||||
parameters are specified only by authentication images and can be extracted
|
||||
from the current image once it has been verified.
|
||||
|
||||
The following data structure describes an image in a CoT.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct auth_img_desc_s {
|
||||
unsigned int img_id;
|
||||
const struct auth_img_desc_s *parent;
|
||||
img_type_t img_type;
|
||||
const auth_method_desc_t *const img_auth_methods;
|
||||
const auth_param_desc_t *const authenticated_data;
|
||||
} auth_img_desc_t;
|
||||
|
||||
A CoT is defined as an array of pointers to ``auth_image_desc_t`` structures
|
||||
linked together by the ``parent`` field. Those nodes with no parent must be
|
||||
authenticated using the ROTPK stored in the platform.
|
||||
|
||||
Implementation example
|
||||
----------------------
|
||||
|
||||
This section is a detailed guide explaining a trusted boot implementation using
|
||||
the authentication framework. This example corresponds to the Applicative
|
||||
Functional Mode (AFM) as specified in the TBBR-Client document. It is
|
||||
recommended to read this guide along with the source code.
|
||||
|
||||
The TBBR CoT
|
||||
~~~~~~~~~~~~
|
||||
|
||||
CoT specific to BL1 and BL2 can be found in ``drivers/auth/tbbr/tbbr_cot_bl1.c``
|
||||
and ``drivers/auth/tbbr/tbbr_cot_bl2.c`` respectively. The common CoT used across
|
||||
BL1 and BL2 can be found in ``drivers/auth/tbbr/tbbr_cot_common.c``.
|
||||
This CoT consists of an array of pointers to image descriptors and it is
|
||||
registered in the framework using the macro ``REGISTER_COT(cot_desc)``, where
|
||||
``cot_desc`` must be the name of the array (passing a pointer or any other
|
||||
type of indirection will cause the registration process to fail).
|
||||
|
||||
The number of images participating in the boot process depends on the CoT.
|
||||
There is, however, a minimum set of images that are mandatory in TF-A and thus
|
||||
all CoTs must present:
|
||||
|
||||
- ``BL2``
|
||||
- ``SCP_BL2`` (platform specific)
|
||||
- ``BL31``
|
||||
- ``BL32`` (optional)
|
||||
- ``BL33``
|
||||
|
||||
The TBBR specifies the additional certificates that must accompany these images
|
||||
for a proper authentication. Details about the TBBR CoT may be found in the
|
||||
:ref:`Trusted Board Boot` document.
|
||||
|
||||
Following the :ref:`Porting Guide`, a platform must provide unique
|
||||
identifiers for all the images and certificates that will be loaded during the
|
||||
boot process. If a platform is using the TBBR as a reference for trusted boot,
|
||||
these identifiers can be obtained from ``include/common/tbbr/tbbr_img_def.h``.
|
||||
Arm platforms include this file in ``include/plat/arm/common/arm_def.h``. Other
|
||||
platforms may also include this file or provide their own identifiers.
|
||||
|
||||
**Important**: the authentication module uses these identifiers to index the
|
||||
CoT array, so the descriptors location in the array must match the identifiers.
|
||||
|
||||
Each image descriptor must specify:
|
||||
|
||||
- ``img_id``: the corresponding image unique identifier defined by the platform.
|
||||
- ``img_type``: the image parser module uses the image type to call the proper
|
||||
parsing library to check the image integrity and extract the required
|
||||
authentication parameters. Three types of images are currently supported:
|
||||
|
||||
- ``IMG_RAW``: image is a raw binary. No parsing functions are available,
|
||||
other than reading the whole image.
|
||||
- ``IMG_PLAT``: image format is platform specific. The platform may use this
|
||||
type for custom images not directly supported by the authentication
|
||||
framework.
|
||||
- ``IMG_CERT``: image is an x509v3 certificate.
|
||||
|
||||
- ``parent``: pointer to the parent image descriptor. The parent will contain
|
||||
the information required to authenticate the current image. If the parent
|
||||
is NULL, the authentication parameters will be obtained from the platform
|
||||
(i.e. the BL2 and Trusted Key certificates are signed with the ROT private
|
||||
key, whose public part is stored in the platform).
|
||||
- ``img_auth_methods``: this points to an array which defines the
|
||||
authentication methods that must be checked to consider an image
|
||||
authenticated. Each method consists of a type and a list of parameter
|
||||
descriptors. A parameter descriptor consists of a type and a cookie which
|
||||
will point to specific information required to extract that parameter from
|
||||
the image (i.e. if the parameter is stored in an x509v3 extension, the
|
||||
cookie will point to the extension OID). Depending on the method type, a
|
||||
different number of parameters must be specified. This pointer should not be
|
||||
NULL.
|
||||
Supported methods are:
|
||||
|
||||
- ``AUTH_METHOD_HASH``: the hash of the image must match the hash extracted
|
||||
from the parent image. The following parameter descriptors must be
|
||||
specified:
|
||||
|
||||
- ``data``: data to be hashed (obtained from current image)
|
||||
- ``hash``: reference hash (obtained from parent image)
|
||||
|
||||
- ``AUTH_METHOD_SIG``: the image (usually a certificate) must be signed with
|
||||
the private key whose public part is extracted from the parent image (or
|
||||
the platform if the parent is NULL). The following parameter descriptors
|
||||
must be specified:
|
||||
|
||||
- ``pk``: the public key (obtained from parent image)
|
||||
- ``sig``: the digital signature (obtained from current image)
|
||||
- ``alg``: the signature algorithm used (obtained from current image)
|
||||
- ``data``: the data to be signed (obtained from current image)
|
||||
|
||||
- ``authenticated_data``: this array pointer indicates what authentication
|
||||
parameters must be extracted from an image once it has been authenticated.
|
||||
Each parameter consists of a parameter descriptor and the buffer
|
||||
address/size to store the parameter. The CoT is responsible for allocating
|
||||
the required memory to store the parameters. This pointer may be NULL.
|
||||
|
||||
In the ``tbbr_cot*.c`` file, a set of buffers are allocated to store the parameters
|
||||
extracted from the certificates. In the case of the TBBR CoT, these parameters
|
||||
are hashes and public keys. In DER format, an RSA-4096 public key requires 550
|
||||
bytes, and a hash requires 51 bytes. Depending on the CoT and the authentication
|
||||
process, some of the buffers may be reused at different stages during the boot.
|
||||
|
||||
Next in that file, the parameter descriptors are defined. These descriptors will
|
||||
be used to extract the parameter data from the corresponding image.
|
||||
|
||||
Example: the BL31 Chain of Trust
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Four image descriptors form the BL31 Chain of Trust:
|
||||
|
||||
.. code:: c
|
||||
|
||||
static const auth_img_desc_t trusted_key_cert = {
|
||||
.img_id = TRUSTED_KEY_CERT_ID,
|
||||
.img_type = IMG_CERT,
|
||||
.parent = NULL,
|
||||
.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
|
||||
[0] = {
|
||||
.type = AUTH_METHOD_SIG,
|
||||
.param.sig = {
|
||||
.pk = &subject_pk,
|
||||
.sig = &sig,
|
||||
.alg = &sig_alg,
|
||||
.data = &raw_data
|
||||
}
|
||||
},
|
||||
[1] = {
|
||||
.type = AUTH_METHOD_NV_CTR,
|
||||
.param.nv_ctr = {
|
||||
.cert_nv_ctr = &trusted_nv_ctr,
|
||||
.plat_nv_ctr = &trusted_nv_ctr
|
||||
}
|
||||
}
|
||||
},
|
||||
.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
|
||||
[0] = {
|
||||
.type_desc = &trusted_world_pk,
|
||||
.data = {
|
||||
.ptr = (void *)trusted_world_pk_buf,
|
||||
.len = (unsigned int)PK_DER_LEN
|
||||
}
|
||||
},
|
||||
[1] = {
|
||||
.type_desc = &non_trusted_world_pk,
|
||||
.data = {
|
||||
.ptr = (void *)non_trusted_world_pk_buf,
|
||||
.len = (unsigned int)PK_DER_LEN
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
static const auth_img_desc_t soc_fw_key_cert = {
|
||||
.img_id = SOC_FW_KEY_CERT_ID,
|
||||
.img_type = IMG_CERT,
|
||||
.parent = &trusted_key_cert,
|
||||
.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
|
||||
[0] = {
|
||||
.type = AUTH_METHOD_SIG,
|
||||
.param.sig = {
|
||||
.pk = &trusted_world_pk,
|
||||
.sig = &sig,
|
||||
.alg = &sig_alg,
|
||||
.data = &raw_data
|
||||
}
|
||||
},
|
||||
[1] = {
|
||||
.type = AUTH_METHOD_NV_CTR,
|
||||
.param.nv_ctr = {
|
||||
.cert_nv_ctr = &trusted_nv_ctr,
|
||||
.plat_nv_ctr = &trusted_nv_ctr
|
||||
}
|
||||
}
|
||||
},
|
||||
.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
|
||||
[0] = {
|
||||
.type_desc = &soc_fw_content_pk,
|
||||
.data = {
|
||||
.ptr = (void *)content_pk_buf,
|
||||
.len = (unsigned int)PK_DER_LEN
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
static const auth_img_desc_t soc_fw_content_cert = {
|
||||
.img_id = SOC_FW_CONTENT_CERT_ID,
|
||||
.img_type = IMG_CERT,
|
||||
.parent = &soc_fw_key_cert,
|
||||
.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
|
||||
[0] = {
|
||||
.type = AUTH_METHOD_SIG,
|
||||
.param.sig = {
|
||||
.pk = &soc_fw_content_pk,
|
||||
.sig = &sig,
|
||||
.alg = &sig_alg,
|
||||
.data = &raw_data
|
||||
}
|
||||
},
|
||||
[1] = {
|
||||
.type = AUTH_METHOD_NV_CTR,
|
||||
.param.nv_ctr = {
|
||||
.cert_nv_ctr = &trusted_nv_ctr,
|
||||
.plat_nv_ctr = &trusted_nv_ctr
|
||||
}
|
||||
}
|
||||
},
|
||||
.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
|
||||
[0] = {
|
||||
.type_desc = &soc_fw_hash,
|
||||
.data = {
|
||||
.ptr = (void *)soc_fw_hash_buf,
|
||||
.len = (unsigned int)HASH_DER_LEN
|
||||
}
|
||||
},
|
||||
[1] = {
|
||||
.type_desc = &soc_fw_config_hash,
|
||||
.data = {
|
||||
.ptr = (void *)soc_fw_config_hash_buf,
|
||||
.len = (unsigned int)HASH_DER_LEN
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
static const auth_img_desc_t bl31_image = {
|
||||
.img_id = BL31_IMAGE_ID,
|
||||
.img_type = IMG_RAW,
|
||||
.parent = &soc_fw_content_cert,
|
||||
.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
|
||||
[0] = {
|
||||
.type = AUTH_METHOD_HASH,
|
||||
.param.hash = {
|
||||
.data = &raw_data,
|
||||
.hash = &soc_fw_hash
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
The **Trusted Key certificate** is signed with the ROT private key and contains
|
||||
the Trusted World public key and the Non-Trusted World public key as x509v3
|
||||
extensions. This must be specified in the image descriptor using the
|
||||
``img_auth_methods`` and ``authenticated_data`` arrays, respectively.
|
||||
|
||||
The Trusted Key certificate is authenticated by checking its digital signature
|
||||
using the ROTPK. Four parameters are required to check a signature: the public
|
||||
key, the algorithm, the signature and the data that has been signed. Therefore,
|
||||
four parameter descriptors must be specified with the authentication method:
|
||||
|
||||
- ``subject_pk``: parameter descriptor of type ``AUTH_PARAM_PUB_KEY``. This type
|
||||
is used to extract a public key from the parent image. If the cookie is an
|
||||
OID, the key is extracted from the corresponding x509v3 extension. If the
|
||||
cookie is NULL, the subject public key is retrieved. In this case, because
|
||||
the parent image is NULL, the public key is obtained from the platform
|
||||
(this key will be the ROTPK).
|
||||
- ``sig``: parameter descriptor of type ``AUTH_PARAM_SIG``. It is used to extract
|
||||
the signature from the certificate.
|
||||
- ``sig_alg``: parameter descriptor of type ``AUTH_PARAM_SIG``. It is used to
|
||||
extract the signature algorithm from the certificate.
|
||||
- ``raw_data``: parameter descriptor of type ``AUTH_PARAM_RAW_DATA``. It is used
|
||||
to extract the data to be signed from the certificate.
|
||||
|
||||
Once the signature has been checked and the certificate authenticated, the
|
||||
Trusted World public key needs to be extracted from the certificate. A new entry
|
||||
is created in the ``authenticated_data`` array for that purpose. In that entry,
|
||||
the corresponding parameter descriptor must be specified along with the buffer
|
||||
address to store the parameter value. In this case, the ``trusted_world_pk``
|
||||
descriptor is used to extract the public key from an x509v3 extension with OID
|
||||
``TRUSTED_WORLD_PK_OID``. The BL31 key certificate will use this descriptor as
|
||||
parameter in the signature authentication method. The key is stored in the
|
||||
``trusted_world_pk_buf`` buffer.
|
||||
|
||||
The **BL31 Key certificate** is authenticated by checking its digital signature
|
||||
using the Trusted World public key obtained previously from the Trusted Key
|
||||
certificate. In the image descriptor, we specify a single authentication method
|
||||
by signature whose public key is the ``trusted_world_pk``. Once this certificate
|
||||
has been authenticated, we have to extract the BL31 public key, stored in the
|
||||
extension specified by ``soc_fw_content_pk``. This key will be copied to the
|
||||
``content_pk_buf`` buffer.
|
||||
|
||||
The **BL31 certificate** is authenticated by checking its digital signature
|
||||
using the BL31 public key obtained previously from the BL31 Key certificate.
|
||||
We specify the authentication method using ``soc_fw_content_pk`` as public key.
|
||||
After authentication, we need to extract the BL31 hash, stored in the extension
|
||||
specified by ``soc_fw_hash``. This hash will be copied to the
|
||||
``soc_fw_hash_buf`` buffer.
|
||||
|
||||
The **BL31 image** is authenticated by calculating its hash and matching it
|
||||
with the hash obtained from the BL31 certificate. The image descriptor contains
|
||||
a single authentication method by hash. The parameters to the hash method are
|
||||
the reference hash, ``soc_fw_hash``, and the data to be hashed. In this case,
|
||||
it is the whole image, so we specify ``raw_data``.
|
||||
|
||||
The image parser library
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The image parser module relies on libraries to check the image integrity and
|
||||
extract the authentication parameters. The number and type of parser libraries
|
||||
depend on the images used in the CoT. Raw images do not need a library, so
|
||||
only an x509v3 library is required for the TBBR CoT.
|
||||
|
||||
Arm platforms will use an x509v3 library based on mbed TLS. This library may be
|
||||
found in ``drivers/auth/mbedtls/mbedtls_x509_parser.c``. It exports three
|
||||
functions:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void init(void);
|
||||
int check_integrity(void *img, unsigned int img_len);
|
||||
int get_auth_param(const auth_param_type_desc_t *type_desc,
|
||||
void *img, unsigned int img_len,
|
||||
void **param, unsigned int *param_len);
|
||||
|
||||
The library is registered in the framework using the macro
|
||||
``REGISTER_IMG_PARSER_LIB()``. Each time the image parser module needs to access
|
||||
an image of type ``IMG_CERT``, it will call the corresponding function exported
|
||||
in this file.
|
||||
|
||||
The build system must be updated to include the corresponding library and
|
||||
mbed TLS sources. Arm platforms use the ``arm_common.mk`` file to pull the
|
||||
sources.
|
||||
|
||||
The cryptographic library
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The cryptographic module relies on a library to perform the required operations,
|
||||
i.e. verify a hash or a digital signature. Arm platforms will use a library
|
||||
based on mbed TLS, which can be found in
|
||||
``drivers/auth/mbedtls/mbedtls_crypto.c``. This library is registered in the
|
||||
authentication framework using the macro ``REGISTER_CRYPTO_LIB()`` and exports
|
||||
four functions:
|
||||
|
||||
.. code:: c
|
||||
|
||||
void init(void);
|
||||
int verify_signature(void *data_ptr, unsigned int data_len,
|
||||
void *sig_ptr, unsigned int sig_len,
|
||||
void *sig_alg, unsigned int sig_alg_len,
|
||||
void *pk_ptr, unsigned int pk_len);
|
||||
int verify_hash(void *data_ptr, unsigned int data_len,
|
||||
void *digest_info_ptr, unsigned int digest_info_len);
|
||||
int auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr,
|
||||
size_t len, const void *key, unsigned int key_len,
|
||||
unsigned int key_flags, const void *iv,
|
||||
unsigned int iv_len, const void *tag,
|
||||
unsigned int tag_len)
|
||||
|
||||
The mbedTLS library algorithm support is configured by both the
|
||||
``TF_MBEDTLS_KEY_ALG`` and ``TF_MBEDTLS_KEY_SIZE`` variables.
|
||||
|
||||
- ``TF_MBEDTLS_KEY_ALG`` can take in 3 values: `rsa`, `ecdsa` or `rsa+ecdsa`.
|
||||
This variable allows the Makefile to include the corresponding sources in
|
||||
the build for the various algorithms. Setting the variable to `rsa+ecdsa`
|
||||
enables support for both rsa and ecdsa algorithms in the mbedTLS library.
|
||||
|
||||
- ``TF_MBEDTLS_KEY_SIZE`` sets the supported RSA key size for TFA. Valid values
|
||||
include 1024, 2048, 3072 and 4096.
|
||||
|
||||
- ``TF_MBEDTLS_USE_AES_GCM`` enables the authenticated decryption support based
|
||||
on AES-GCM algorithm. Valid values are 0 and 1.
|
||||
|
||||
.. note::
|
||||
If code size is a concern, the build option ``MBEDTLS_SHA256_SMALLER`` can
|
||||
be defined in the platform Makefile. It will make mbed TLS use an
|
||||
implementation of SHA-256 with smaller memory footprint (~1.5 KB less) but
|
||||
slower (~30%).
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _TBBR-Client specification: https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
|
||||
631
arm-trusted-firmware/docs/design/cpu-specific-build-macros.rst
Normal file
631
arm-trusted-firmware/docs/design/cpu-specific-build-macros.rst
Normal file
@@ -0,0 +1,631 @@
|
||||
Arm CPU Specific Build Macros
|
||||
=============================
|
||||
|
||||
This document describes the various build options present in the CPU specific
|
||||
operations framework to enable errata workarounds and to enable optimizations
|
||||
for a specific CPU on a platform.
|
||||
|
||||
Security Vulnerability Workarounds
|
||||
----------------------------------
|
||||
|
||||
TF-A exports a series of build flags which control which security
|
||||
vulnerability workarounds should be applied at runtime.
|
||||
|
||||
- ``WORKAROUND_CVE_2017_5715``: Enables the security workaround for
|
||||
`CVE-2017-5715`_. This flag can be set to 0 by the platform if none
|
||||
of the PEs in the system need the workaround. Setting this flag to 0 provides
|
||||
no performance benefit for non-affected platforms, it just helps to comply
|
||||
with the recommendation in the spec regarding workaround discovery.
|
||||
Defaults to 1.
|
||||
|
||||
- ``WORKAROUND_CVE_2018_3639``: Enables the security workaround for
|
||||
`CVE-2018-3639`_. Defaults to 1. The TF-A project recommends to keep
|
||||
the default value of 1 even on platforms that are unaffected by
|
||||
CVE-2018-3639, in order to comply with the recommendation in the spec
|
||||
regarding workaround discovery.
|
||||
|
||||
- ``DYNAMIC_WORKAROUND_CVE_2018_3639``: Enables dynamic mitigation for
|
||||
`CVE-2018-3639`_. This build option should be set to 1 if the target
|
||||
platform contains at least 1 CPU that requires dynamic mitigation.
|
||||
Defaults to 0.
|
||||
|
||||
- ``WORKAROUND_CVE_2022_23960``: Enables mitigation for `CVE-2022-23960`_.
|
||||
This build option should be set to 1 if the target platform contains at
|
||||
least 1 CPU that requires this mitigation. Defaults to 1.
|
||||
|
||||
.. _arm_cpu_macros_errata_workarounds:
|
||||
|
||||
CPU Errata Workarounds
|
||||
----------------------
|
||||
|
||||
TF-A exports a series of build flags which control the errata workarounds that
|
||||
are applied to each CPU by the reset handler. The errata details can be found
|
||||
in the CPU specific errata documents published by Arm:
|
||||
|
||||
- `Cortex-A53 MPCore Software Developers Errata Notice`_
|
||||
- `Cortex-A57 MPCore Software Developers Errata Notice`_
|
||||
- `Cortex-A72 MPCore Software Developers Errata Notice`_
|
||||
|
||||
The errata workarounds are implemented for a particular revision or a set of
|
||||
processor revisions. This is checked by the reset handler at runtime. Each
|
||||
errata workaround is identified by its ``ID`` as specified in the processor's
|
||||
errata notice document. The format of the define used to enable/disable the
|
||||
errata workaround is ``ERRATA_<Processor name>_<ID>``, where the ``Processor name``
|
||||
is for example ``A57`` for the ``Cortex_A57`` CPU.
|
||||
|
||||
Refer to :ref:`firmware_design_cpu_errata_reporting` for information on how to
|
||||
write errata workaround functions.
|
||||
|
||||
All workarounds are disabled by default. The platform is responsible for
|
||||
enabling these workarounds according to its requirement by defining the
|
||||
errata workaround build flags in the platform specific makefile. In case
|
||||
these workarounds are enabled for the wrong CPU revision then the errata
|
||||
workaround is not applied. In the DEBUG build, this is indicated by
|
||||
printing a warning to the crash console.
|
||||
|
||||
In the current implementation, a platform which has more than 1 variant
|
||||
with different revisions of a processor has no runtime mechanism available
|
||||
for it to specify which errata workarounds should be enabled or not.
|
||||
|
||||
The value of the build flags is 0 by default, that is, disabled. A value of 1
|
||||
will enable it.
|
||||
|
||||
For Cortex-A9, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A9_794073``: This applies errata 794073 workaround to Cortex-A9
|
||||
CPU. This needs to be enabled for all revisions of the CPU.
|
||||
|
||||
For Cortex-A15, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A15_816470``: This applies errata 816470 workaround to Cortex-A15
|
||||
CPU. This needs to be enabled only for revision >= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A15_827671``: This applies errata 827671 workaround to Cortex-A15
|
||||
CPU. This needs to be enabled only for revision >= r3p0 of the CPU.
|
||||
|
||||
For Cortex-A17, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A17_852421``: This applies errata 852421 workaround to Cortex-A17
|
||||
CPU. This needs to be enabled only for revision <= r1p2 of the CPU.
|
||||
|
||||
- ``ERRATA_A17_852423``: This applies errata 852423 workaround to Cortex-A17
|
||||
CPU. This needs to be enabled only for revision <= r1p2 of the CPU.
|
||||
|
||||
For Cortex-A35, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A35_855472``: This applies errata 855472 workaround to Cortex-A35
|
||||
CPUs. This needs to be enabled only for revision r0p0 of Cortex-A35.
|
||||
|
||||
For Cortex-A53, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A53_819472``: This applies errata 819472 workaround to all
|
||||
CPUs. This needs to be enabled only for revision <= r0p1 of Cortex-A53.
|
||||
|
||||
- ``ERRATA_A53_824069``: This applies errata 824069 workaround to all
|
||||
CPUs. This needs to be enabled only for revision <= r0p2 of Cortex-A53.
|
||||
|
||||
- ``ERRATA_A53_826319``: This applies errata 826319 workaround to Cortex-A53
|
||||
CPU. This needs to be enabled only for revision <= r0p2 of the CPU.
|
||||
|
||||
- ``ERRATA_A53_827319``: This applies errata 827319 workaround to all
|
||||
CPUs. This needs to be enabled only for revision <= r0p2 of Cortex-A53.
|
||||
|
||||
- ``ERRATA_A53_835769``: This applies erratum 835769 workaround at compile and
|
||||
link time to Cortex-A53 CPU. This needs to be enabled for some variants of
|
||||
revision <= r0p4. This workaround can lead the linker to create ``*.stub``
|
||||
sections.
|
||||
|
||||
- ``ERRATA_A53_836870``: This applies errata 836870 workaround to Cortex-A53
|
||||
CPU. This needs to be enabled only for revision <= r0p3 of the CPU. From
|
||||
r0p4 and onwards, this errata is enabled by default in hardware.
|
||||
|
||||
- ``ERRATA_A53_843419``: This applies erratum 843419 workaround at link time
|
||||
to Cortex-A53 CPU. This needs to be enabled for some variants of revision
|
||||
<= r0p4. This workaround can lead the linker to emit ``*.stub`` sections
|
||||
which are 4kB aligned.
|
||||
|
||||
- ``ERRATA_A53_855873``: This applies errata 855873 workaround to Cortex-A53
|
||||
CPUs. Though the erratum is present in every revision of the CPU,
|
||||
this workaround is only applied to CPUs from r0p3 onwards, which feature
|
||||
a chicken bit in CPUACTLR_EL1 to enable a hardware workaround.
|
||||
Earlier revisions of the CPU have other errata which require the same
|
||||
workaround in software, so they should be covered anyway.
|
||||
|
||||
- ``ERRATA_A53_1530924``: This applies errata 1530924 workaround to all
|
||||
revisions of Cortex-A53 CPU.
|
||||
|
||||
For Cortex-A55, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A55_768277``: This applies errata 768277 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_778703``: This applies errata 778703 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_798797``: This applies errata 798797 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_846532``: This applies errata 846532 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision <= r0p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_903758``: This applies errata 903758 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision <= r0p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_1221012``: This applies errata 1221012 workaround to Cortex-A55
|
||||
CPU. This needs to be enabled only for revision <= r1p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A55_1530923``: This applies errata 1530923 workaround to all
|
||||
revisions of Cortex-A55 CPU.
|
||||
|
||||
For Cortex-A57, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A57_806969``: This applies errata 806969 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_813419``: This applies errata 813419 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_813420``: This applies errata 813420 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_814670``: This applies errata 814670 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_817169``: This applies errata 817169 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r0p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_826974``: This applies errata 826974 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_826977``: This applies errata 826977 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_828024``: This applies errata 828024 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_829520``: This applies errata 829520 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p2 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_833471``: This applies errata 833471 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p2 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_859972``: This applies errata 859972 workaround to Cortex-A57
|
||||
CPU. This needs to be enabled only for revision <= r1p3 of the CPU.
|
||||
|
||||
- ``ERRATA_A57_1319537``: This applies errata 1319537 workaround to all
|
||||
revisions of Cortex-A57 CPU.
|
||||
|
||||
For Cortex-A72, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A72_859971``: This applies errata 859971 workaround to Cortex-A72
|
||||
CPU. This needs to be enabled only for revision <= r0p3 of the CPU.
|
||||
|
||||
- ``ERRATA_A72_1319367``: This applies errata 1319367 workaround to all
|
||||
revisions of Cortex-A72 CPU.
|
||||
|
||||
For Cortex-A73, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A73_852427``: This applies errata 852427 workaround to Cortex-A73
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A73_855423``: This applies errata 855423 workaround to Cortex-A73
|
||||
CPU. This needs to be enabled only for revision <= r0p1 of the CPU.
|
||||
|
||||
For Cortex-A75, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A75_764081``: This applies errata 764081 workaround to Cortex-A75
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A75_790748``: This applies errata 790748 workaround to Cortex-A75
|
||||
CPU. This needs to be enabled only for revision r0p0 of the CPU.
|
||||
|
||||
For Cortex-A76, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A76_1073348``: This applies errata 1073348 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r1p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1130799``: This applies errata 1130799 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1220197``: This applies errata 1220197 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1257314``: This applies errata 1257314 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1262606``: This applies errata 1262606 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1262888``: This applies errata 1262888 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1275112``: This applies errata 1275112 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1791580``: This applies errata 1791580 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r4p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1165522``: This applies errata 1165522 workaround to all
|
||||
revisions of Cortex-A76 CPU. This errata is fixed in r3p0 but due to
|
||||
limitation of errata framework this errata is applied to all revisions
|
||||
of Cortex-A76 CPU.
|
||||
|
||||
- ``ERRATA_A76_1868343``: This applies errata 1868343 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revision <= r4p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A76_1946160``: This applies errata 1946160 workaround to Cortex-A76
|
||||
CPU. This needs to be enabled only for revisions r3p0 - r4p1 of the CPU.
|
||||
|
||||
For Cortex-A77, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A77_1508412``: This applies errata 1508412 workaround to Cortex-A77
|
||||
CPU. This needs to be enabled only for revision <= r1p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A77_1925769``: This applies errata 1925769 workaround to Cortex-A77
|
||||
CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A77_1946167``: This applies errata 1946167 workaround to Cortex-A77
|
||||
CPU. This needs to be enabled only for revision <= r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A77_1791578``: This applies errata 1791578 workaround to Cortex-A77
|
||||
CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open.
|
||||
|
||||
For Cortex-A78, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A78_1688305``: This applies errata 1688305 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled only for revision r0p0 - r1p0 of the CPU.
|
||||
|
||||
- ``ERRATA_A78_1941498``: This applies errata 1941498 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the CPU.
|
||||
|
||||
- ``ERRATA_A78_1951500``: This applies errata 1951500 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revisions r1p0 and r1p1, r0p0 has the same
|
||||
issue but there is no workaround for that revision.
|
||||
|
||||
- ``ERRATA_A78_1821534``: This applies errata 1821534 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revisions r0p0 and r1p0.
|
||||
|
||||
- ``ERRATA_A78_1952683``: This applies errata 1952683 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revision r0p0, it is fixed in r1p0.
|
||||
|
||||
- ``ERRATA_A78_2132060``: This applies errata 2132060 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, r1p1, and r1p2. It
|
||||
is still open.
|
||||
|
||||
- ``ERRATA_A78_2242635``: This applies errata 2242635 workaround to Cortex-A78
|
||||
CPU. This needs to be enabled for revisions r1p0, r1p1, and r1p2. The issue
|
||||
is present in r0p0 but there is no workaround. It is still open.
|
||||
|
||||
For Cortex-A78 AE, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A78_AE_1941500`` : This applies errata 1941500 workaround to
|
||||
Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1.
|
||||
This erratum is still open.
|
||||
|
||||
- ``ERRATA_A78_AE_1951502`` : This applies errata 1951502 workaround to
|
||||
Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
|
||||
erratum is still open.
|
||||
|
||||
- ``ERRATA_A78_AE_2376748`` : This applies errata 2376748 workaround to
|
||||
Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
|
||||
erratum is still open.
|
||||
|
||||
- ``ERRATA_A78_AE_2395408`` : This applies errata 2395408 workaround to
|
||||
Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This
|
||||
erratum is still open.
|
||||
|
||||
- ``ERRATA_A78_AE_2743093``: This applies errata 2743093 workaround to Cortex-A78 AE
|
||||
CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2.
|
||||
|
||||
- ``ERRATA_A78_AE_2743229`` : This applies errata 2743229 workaround to
|
||||
Cortex-A78 AE CPU. This needs to be enabled for revisions <= r0p2.
|
||||
|
||||
For Neoverse N1, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_N1_1073348``: This applies errata 1073348 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision r0p0 and r1p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1130799``: This applies errata 1130799 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1165347``: This applies errata 1165347 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1207823``: This applies errata 1207823 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1220197``: This applies errata 1220197 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r2p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1257314``: This applies errata 1257314 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1262606``: This applies errata 1262606 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1262888``: This applies errata 1262888 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1275112``: This applies errata 1275112 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1315703``: This applies errata 1315703 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r3p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1542419``: This applies errata 1542419 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revisions r3p0 - r4p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1868343``: This applies errata 1868343 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled only for revision <= r4p0 of the CPU.
|
||||
|
||||
- ``ERRATA_N1_1946160``: This applies errata 1946160 workaround to Neoverse-N1
|
||||
CPU. This needs to be enabled for revisions r3p0, r3p1, r4p0, and r4p1, for
|
||||
revisions r0p0, r1p0, and r2p0 there is no workaround.
|
||||
|
||||
For Neoverse V1, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_V1_1774420``: This applies errata 1774420 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled only for revisions r0p0 and r1p0, it is fixed
|
||||
in r1p1.
|
||||
|
||||
- ``ERRATA_V1_1791573``: This applies errata 1791573 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled only for revisions r0p0 and r1p0, it is fixed
|
||||
in r1p1.
|
||||
|
||||
- ``ERRATA_V1_1852267``: This applies errata 1852267 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled only for revisions r0p0 and r1p0, it is fixed
|
||||
in r1p1.
|
||||
|
||||
- ``ERRATA_V1_1925756``: This applies errata 1925756 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open.
|
||||
|
||||
- ``ERRATA_V1_1940577``: This applies errata 1940577 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled only for revision r1p0 and r1p1 of the
|
||||
CPU.
|
||||
|
||||
- ``ERRATA_V1_1966096``: This applies errata 1966096 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled for revisions r1p0 and r1p1 of the CPU, the
|
||||
issue is present in r0p0 as well but there is no workaround for that
|
||||
revision. It is still open.
|
||||
|
||||
- ``ERRATA_V1_2139242``: This applies errata 2139242 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the
|
||||
CPU. It is still open.
|
||||
|
||||
- ``ERRATA_V1_2108267``: This applies errata 2108267 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the CPU.
|
||||
It is still open.
|
||||
|
||||
- ``ERRATA_V1_2216392``: This applies errata 2216392 workaround to Neoverse-V1
|
||||
CPU. This needs to be enabled for revisions r1p0 and r1p1 of the CPU, the
|
||||
issue is present in r0p0 as well but there is no workaround for that
|
||||
revision. It is still open.
|
||||
|
||||
For Cortex-A710, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A710_1987031``: This applies errata 1987031 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
|
||||
r2p0 of the CPU. It is still open.
|
||||
|
||||
- ``ERRATA_A710_2081180``: This applies errata 2081180 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
|
||||
r2p0 of the CPU. It is still open.
|
||||
|
||||
- ``ERRATA_A710_2055002``: This applies errata 2055002 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r1p0, r2p0 of the CPU
|
||||
and is still open.
|
||||
|
||||
- ``ERRATA_A710_2017096``: This applies errata 2017096 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
|
||||
of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_A710_2083908``: This applies errata 2083908 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revision r2p0 of the CPU and
|
||||
is still open.
|
||||
|
||||
- ``ERRATA_A710_2058056``: This applies errata 2058056 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
|
||||
of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_A710_2267065``: This applies errata 2267065 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
|
||||
of the CPU and is fixed in r2p1.
|
||||
|
||||
- ``ERRATA_A710_2136059``: This applies errata 2136059 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
|
||||
of the CPU and is fixed in r2p1.
|
||||
|
||||
- ``ERRATA_A710_2282622``: This applies errata 2282622 workaround to
|
||||
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0
|
||||
of the CPU and is fixed in r2p1.
|
||||
|
||||
For Neoverse N2, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_N2_2002655``: This applies errata 2002655 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU, it is still open.
|
||||
|
||||
- ``ERRATA_N2_2067956``: This applies errata 2067956 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2025414``: This applies errata 2025414 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2189731``: This applies errata 2189731 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2138956``: This applies errata 2138956 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2138953``: This applies errata 2138953 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2242415``: This applies errata 2242415 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2138958``: This applies errata 2138958 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2242400``: This applies errata 2242400 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
- ``ERRATA_N2_2280757``: This applies errata 2280757 workaround to Neoverse-N2
|
||||
CPU. This needs to be enabled for revision r0p0 of the CPU and is still open.
|
||||
|
||||
For Cortex-X2, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_X2_2002765``: This applies errata 2002765 workaround to Cortex-X2
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, and r2p0 of the CPU,
|
||||
it is still open.
|
||||
|
||||
- ``ERRATA_X2_2058056``: This applies errata 2058056 workaround to Cortex-X2
|
||||
CPU. This needs to be enabled for revisions r0p0, r1p0, and r2p0 of the CPU,
|
||||
it is still open.
|
||||
|
||||
- ``ERRATA_X2_2083908``: This applies errata 2083908 workaround to Cortex-X2
|
||||
CPU. This needs to be enabled for revision r2p0 of the CPU, it is still open.
|
||||
|
||||
- ``ERRATA_X2_2017096``: This applies errata 2017096 workaround to
|
||||
Cortex-X2 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
|
||||
r2p0 of the CPU, it is fixed in r2p1.
|
||||
|
||||
- ``ERRATA_X2_2081180``: This applies errata 2081180 workaround to
|
||||
Cortex-X2 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
|
||||
r2p0 of the CPU, it is fixed in r2p1.
|
||||
|
||||
- ``ERRATA_X2_2216384``: This applies errata 2216384 workaround to
|
||||
Cortex-X2 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
|
||||
r2p0 of the CPU, it is fixed in r2p1.
|
||||
|
||||
For Cortex-A510, the following errata build flags are defined :
|
||||
|
||||
- ``ERRATA_A510_1922240``: This applies errata 1922240 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled only for revision r0p0, it is
|
||||
fixed in r0p1.
|
||||
|
||||
- ``ERRATA_A510_2288014``: This applies errata 2288014 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled only for revisions r0p0, r0p1,
|
||||
r0p2, r0p3 and r1p0, it is fixed in r1p1.
|
||||
|
||||
- ``ERRATA_A510_2042739``: This applies errata 2042739 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled only for revisions r0p0, r0p1 and
|
||||
r0p2, it is fixed in r0p3.
|
||||
|
||||
- ``ERRATA_A510_2041909``: This applies errata 2041909 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled only for revision r0p2 and is fixed
|
||||
in r0p3. The issue is also present in r0p0 and r0p1 but there is no
|
||||
workaround for those revisions.
|
||||
|
||||
- ``ERRATA_A510_2250311``: This applies errata 2250311 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2,
|
||||
r0p3 and r1p0, it is fixed in r1p1. This workaround disables MPMM even if
|
||||
ENABLE_MPMM=1.
|
||||
|
||||
- ``ERRATA_A510_2218950``: This applies errata 2218950 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2,
|
||||
r0p3 and r1p0, it is fixed in r1p1.
|
||||
|
||||
- ``ERRATA_A510_2172148``: This applies errata 2172148 workaround to
|
||||
Cortex-A510 CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2,
|
||||
r0p3 and r1p0, it is fixed in r1p1.
|
||||
|
||||
DSU Errata Workarounds
|
||||
----------------------
|
||||
|
||||
Similar to CPU errata, TF-A also implements workarounds for DSU (DynamIQ
|
||||
Shared Unit) errata. The DSU errata details can be found in the respective Arm
|
||||
documentation:
|
||||
|
||||
- `Arm DSU Software Developers Errata Notice`_.
|
||||
|
||||
Each erratum is identified by an ``ID``, as defined in the DSU errata notice
|
||||
document. Thus, the build flags which enable/disable the errata workarounds
|
||||
have the format ``ERRATA_DSU_<ID>``. The implementation and application logic
|
||||
of DSU errata workarounds are similar to `CPU errata workarounds`_.
|
||||
|
||||
For DSU errata, the following build flags are defined:
|
||||
|
||||
- ``ERRATA_DSU_798953``: This applies errata 798953 workaround for the
|
||||
affected DSU configurations. This errata applies only for those DSUs that
|
||||
revision is r0p0 (on r0p1 it is fixed). However, please note that this
|
||||
workaround results in increased DSU power consumption on idle.
|
||||
|
||||
- ``ERRATA_DSU_936184``: This applies errata 936184 workaround for the
|
||||
affected DSU configurations. This errata applies only for those DSUs that
|
||||
contain the ACP interface **and** the DSU revision is older than r2p0 (on
|
||||
r2p0 it is fixed). However, please note that this workaround results in
|
||||
increased DSU power consumption on idle.
|
||||
|
||||
CPU Specific optimizations
|
||||
--------------------------
|
||||
|
||||
This section describes some of the optimizations allowed by the CPU micro
|
||||
architecture that can be enabled by the platform as desired.
|
||||
|
||||
- ``SKIP_A57_L1_FLUSH_PWR_DWN``: This flag enables an optimization in the
|
||||
Cortex-A57 cluster power down sequence by not flushing the Level 1 data
|
||||
cache. The L1 data cache and the L2 unified cache are inclusive. A flush
|
||||
of the L2 by set/way flushes any dirty lines from the L1 as well. This
|
||||
is a known safe deviation from the Cortex-A57 TRM defined power down
|
||||
sequence. Each Cortex-A57 based platform must make its own decision on
|
||||
whether to use the optimization.
|
||||
|
||||
- ``A53_DISABLE_NON_TEMPORAL_HINT``: This flag disables the cache non-temporal
|
||||
hint. The LDNP/STNP instructions as implemented on Cortex-A53 do not behave
|
||||
in a way most programmers expect, and will most probably result in a
|
||||
significant speed degradation to any code that employs them. The Armv8-A
|
||||
architecture (see Arm DDI 0487A.h, section D3.4.3) allows cores to ignore
|
||||
the non-temporal hint and treat LDNP/STNP as LDP/STP instead. Enabling this
|
||||
flag enforces this behaviour. This needs to be enabled only for revisions
|
||||
<= r0p3 of the CPU and is enabled by default.
|
||||
|
||||
- ``A57_DISABLE_NON_TEMPORAL_HINT``: This flag has the same behaviour as
|
||||
``A53_DISABLE_NON_TEMPORAL_HINT`` but for Cortex-A57. This needs to be
|
||||
enabled only for revisions <= r1p2 of the CPU and is enabled by default,
|
||||
as recommended in section "4.7 Non-Temporal Loads/Stores" of the
|
||||
`Cortex-A57 Software Optimization Guide`_.
|
||||
|
||||
- ''A57_ENABLE_NON_CACHEABLE_LOAD_FWD'': This flag enables non-cacheable
|
||||
streaming enhancement feature for Cortex-A57 CPUs. Platforms can set
|
||||
this bit only if their memory system meets the requirement that cache
|
||||
line fill requests from the Cortex-A57 processor are atomic. Each
|
||||
Cortex-A57 based platform must make its own decision on whether to use
|
||||
the optimization. This flag is disabled by default.
|
||||
|
||||
- ``NEOVERSE_Nx_EXTERNAL_LLC``: This flag indicates that an external last
|
||||
level cache(LLC) is present in the system, and that the DataSource field
|
||||
on the master CHI interface indicates when data is returned from the LLC.
|
||||
This is used to control how the LL_CACHE* PMU events count.
|
||||
Default value is 0 (Disabled).
|
||||
|
||||
GIC Errata Workarounds
|
||||
----------------------
|
||||
- ``GIC600_ERRATA_WA_2384374``: This flag applies part 2 of errata 2384374
|
||||
workaround for the affected GIC600 and GIC600-AE implementations. It applies
|
||||
to implementations of GIC600 and GIC600-AE with revisions less than or equal
|
||||
to r1p6 and r0p2 respectively. If the platform sets GICV3_SUPPORT_GIC600,
|
||||
then this flag is enabled; otherwise, it is 0 (Disabled).
|
||||
|
||||
- ``GIC600AE_ERRATA_WA_1568841``: This flag applies errata 1568841 workaround
|
||||
for the affected GIC600-AE implementations. It applies to implementations of
|
||||
GIC600-AE with revisions less than or equal to r0p2. If the platform sets
|
||||
GICV3_SUPPORT_GIC600, then this flag is enabled; otherwise, it is 0
|
||||
(Disabled).
|
||||
|
||||
- ''GIC600AE_ERRATA_WA_2079287'': This flag applies errata 2079287 workaround
|
||||
for the affected GIC600-AE implementations. It applies to implementations of
|
||||
GIC600-AE with revisions less than or equal to r0p2. If the platform sets
|
||||
GICV3_SUPPORT_GIC600, then this flag is enabled; otherwise, it is 0
|
||||
(Disabled).
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _CVE-2017-5715: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
|
||||
.. _CVE-2018-3639: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
|
||||
.. _CVE-2022-23960: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960
|
||||
.. _Cortex-A53 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm048406/index.html
|
||||
.. _Cortex-A57 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm049219/index.html
|
||||
.. _Cortex-A72 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm012079/index.html
|
||||
.. _Cortex-A57 Software Optimization Guide: http://infocenter.arm.com/help/topic/com.arm.doc.uan0015b/Cortex_A57_Software_Optimization_Guide_external.pdf
|
||||
.. _Arm DSU Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm138168/index.html
|
||||
2743
arm-trusted-firmware/docs/design/firmware-design.rst
Normal file
2743
arm-trusted-firmware/docs/design/firmware-design.rst
Normal file
File diff suppressed because it is too large
Load Diff
21
arm-trusted-firmware/docs/design/index.rst
Normal file
21
arm-trusted-firmware/docs/design/index.rst
Normal file
@@ -0,0 +1,21 @@
|
||||
System Design
|
||||
=============
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
alt-boot-flows
|
||||
auth-framework
|
||||
cpu-specific-build-macros
|
||||
firmware-design
|
||||
interrupt-framework-design
|
||||
psci-pd-tree
|
||||
reset-design
|
||||
trusted-board-boot
|
||||
trusted-board-boot-build
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
1021
arm-trusted-firmware/docs/design/interrupt-framework-design.rst
Normal file
1021
arm-trusted-firmware/docs/design/interrupt-framework-design.rst
Normal file
File diff suppressed because it is too large
Load Diff
304
arm-trusted-firmware/docs/design/psci-pd-tree.rst
Normal file
304
arm-trusted-firmware/docs/design/psci-pd-tree.rst
Normal file
@@ -0,0 +1,304 @@
|
||||
PSCI Power Domain Tree Structure
|
||||
================================
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
#. A platform must export the ``plat_get_aff_count()`` and
|
||||
``plat_get_aff_state()`` APIs to enable the generic PSCI code to
|
||||
populate a tree that describes the hierarchy of power domains in the
|
||||
system. This approach is inflexible because a change to the topology
|
||||
requires a change in the code.
|
||||
|
||||
It would be much simpler for the platform to describe its power domain tree
|
||||
in a data structure.
|
||||
|
||||
#. The generic PSCI code generates MPIDRs in order to populate the power domain
|
||||
tree. It also uses an MPIDR to find a node in the tree. The assumption that
|
||||
a platform will use exactly the same MPIDRs as generated by the generic PSCI
|
||||
code is not scalable. The use of an MPIDR also restricts the number of
|
||||
levels in the power domain tree to four.
|
||||
|
||||
Therefore, there is a need to decouple allocation of MPIDRs from the
|
||||
mechanism used to populate the power domain topology tree.
|
||||
|
||||
#. The current arrangement of the power domain tree requires a binary search
|
||||
over the sibling nodes at a particular level to find a specified power
|
||||
domain node. During a power management operation, the tree is traversed from
|
||||
a 'start' to an 'end' power level. The binary search is required to find the
|
||||
node at each level. The natural way to perform this traversal is to
|
||||
start from a leaf node and follow the parent node pointer to reach the end
|
||||
level.
|
||||
|
||||
Therefore, there is a need to define data structures that implement the tree in
|
||||
a way which facilitates such a traversal.
|
||||
|
||||
#. The attributes of a core power domain differ from the attributes of power
|
||||
domains at higher levels. For example, only a core power domain can be identified
|
||||
using an MPIDR. There is no requirement to perform state coordination while
|
||||
performing a power management operation on the core power domain.
|
||||
|
||||
Therefore, there is a need to implement the tree in a way which facilitates this
|
||||
distinction between a leaf and non-leaf node and any associated
|
||||
optimizations.
|
||||
|
||||
--------------
|
||||
|
||||
Design
|
||||
------
|
||||
|
||||
Describing a power domain tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 1., the existing platform APIs
|
||||
``plat_get_aff_count()`` and ``plat_get_aff_state()`` have been
|
||||
removed. A platform must define an array of unsigned chars such that:
|
||||
|
||||
#. The first entry in the array specifies the number of power domains at the
|
||||
highest power level implemented in the platform. This caters for platforms
|
||||
where the power domain tree does not have a single root node, for example,
|
||||
the FVP has two cluster power domains at the highest level (1).
|
||||
|
||||
#. Each subsequent entry corresponds to a power domain and contains the number
|
||||
of power domains that are its direct children.
|
||||
|
||||
#. The size of the array minus the first entry will be equal to the number of
|
||||
non-leaf power domains.
|
||||
|
||||
#. The value in each entry in the array is used to find the number of entries
|
||||
to consider at the next level. The sum of the values (number of children) of
|
||||
all the entries at a level specifies the number of entries in the array for
|
||||
the next level.
|
||||
|
||||
The following example power domain topology tree will be used to describe the
|
||||
above text further. The leaf and non-leaf nodes in this tree have been numbered
|
||||
separately.
|
||||
|
||||
::
|
||||
|
||||
+-+
|
||||
|0|
|
||||
+-+
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
/ \
|
||||
+-+ +-+
|
||||
|1| |2|
|
||||
+-+ +-+
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
/ \ / \
|
||||
+-+ +-+ +-+ +-+
|
||||
|3| |4| |5| |6|
|
||||
+-+ +-+ +-+ +-+
|
||||
+---+-----+ +----+----| +----+----+ +----+-----+-----+
|
||||
| | | | | | | | | | | | |
|
||||
| | | | | | | | | | | | |
|
||||
v v v v v v v v v v v v v
|
||||
+-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +--+ +--+ +--+
|
||||
|0| |1| |2| |3| |4| |5| |6| |7| |8| |9| |10| |11| |12|
|
||||
+-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +-+ +--+ +--+ +--+
|
||||
|
||||
This tree is defined by the platform as the array described above as follows:
|
||||
|
||||
.. code:: c
|
||||
|
||||
#define PLAT_NUM_POWER_DOMAINS 20
|
||||
#define PLATFORM_CORE_COUNT 13
|
||||
#define PSCI_NUM_NON_CPU_PWR_DOMAINS \
|
||||
(PLAT_NUM_POWER_DOMAINS - PLATFORM_CORE_COUNT)
|
||||
|
||||
unsigned char plat_power_domain_tree_desc[] = { 1, 2, 2, 2, 3, 3, 3, 4};
|
||||
|
||||
Removing assumptions about MPIDRs used in a platform
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 2., it is assumed that the platform assigns a
|
||||
unique number (core index) between ``0`` and ``PLAT_CORE_COUNT - 1`` to each core
|
||||
power domain. MPIDRs could be allocated in any manner and will not be used to
|
||||
populate the tree.
|
||||
|
||||
``plat_core_pos_by_mpidr(mpidr)`` will return the core index for the core
|
||||
corresponding to the MPIDR. It will return an error (-1) if an MPIDR is passed
|
||||
which is not allocated or corresponds to an absent core. The semantics of this
|
||||
platform API have changed since it is required to validate the passed MPIDR. It
|
||||
has been made a mandatory API as a result.
|
||||
|
||||
Another mandatory API, ``plat_my_core_pos()`` has been added to return the core
|
||||
index for the calling core. This API provides a more lightweight mechanism to get
|
||||
the index since there is no need to validate the MPIDR of the calling core.
|
||||
|
||||
The platform should assign the core indices (as illustrated in the diagram above)
|
||||
such that, if the core nodes are numbered from left to right, then the index
|
||||
for a core domain will be the same as the index returned by
|
||||
``plat_core_pos_by_mpidr()`` or ``plat_my_core_pos()`` for that core. This
|
||||
relationship allows the core nodes to be allocated in a separate array
|
||||
(requirement 4.) during ``psci_setup()`` in such an order that the index of the
|
||||
core in the array is the same as the return value from these APIs.
|
||||
|
||||
Dealing with holes in MPIDR allocation
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
For platforms where the number of allocated MPIDRs is equal to the number of
|
||||
core power domains, for example, Juno and FVPs, the logic to convert an MPIDR to
|
||||
a core index should remain unchanged. Both Juno and FVP use a simple collision
|
||||
proof hash function to do this.
|
||||
|
||||
It is possible that on some platforms, the allocation of MPIDRs is not
|
||||
contiguous or certain cores have been disabled. This essentially means that the
|
||||
MPIDRs have been sparsely allocated, that is, the size of the range of MPIDRs
|
||||
used by the platform is not equal to the number of core power domains.
|
||||
|
||||
The platform could adopt one of the following approaches to deal with this
|
||||
scenario:
|
||||
|
||||
#. Implement more complex logic to convert a valid MPIDR to a core index while
|
||||
maintaining the relationship described earlier. This means that the power
|
||||
domain tree descriptor will not describe any core power domains which are
|
||||
disabled or absent. Entries will not be allocated in the tree for these
|
||||
domains.
|
||||
|
||||
#. Treat unallocated MPIDRs and disabled cores as absent but still describe them
|
||||
in the power domain descriptor, that is, the number of core nodes described
|
||||
is equal to the size of the range of MPIDRs allocated. This approach will
|
||||
lead to memory wastage since entries will be allocated in the tree but will
|
||||
allow use of a simpler logic to convert an MPIDR to a core index.
|
||||
|
||||
Traversing through and distinguishing between core and non-core power domains
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
To fulfill requirement 3 and 4, separate data structures have been defined
|
||||
to represent leaf and non-leaf power domain nodes in the tree.
|
||||
|
||||
.. code:: c
|
||||
|
||||
/*******************************************************************************
|
||||
* The following two data structures implement the power domain tree. The tree
|
||||
* is used to track the state of all the nodes i.e. power domain instances
|
||||
* described by the platform. The tree consists of nodes that describe CPU power
|
||||
* domains i.e. leaf nodes and all other power domains which are parents of a
|
||||
* CPU power domain i.e. non-leaf nodes.
|
||||
******************************************************************************/
|
||||
typedef struct non_cpu_pwr_domain_node {
|
||||
/*
|
||||
* Index of the first CPU power domain node level 0 which has this node
|
||||
* as its parent.
|
||||
*/
|
||||
unsigned int cpu_start_idx;
|
||||
|
||||
/*
|
||||
* Number of CPU power domains which are siblings of the domain indexed
|
||||
* by 'cpu_start_idx' i.e. all the domains in the range 'cpu_start_idx
|
||||
* -> cpu_start_idx + ncpus' have this node as their parent.
|
||||
*/
|
||||
unsigned int ncpus;
|
||||
|
||||
/* Index of the parent power domain node */
|
||||
unsigned int parent_node;
|
||||
|
||||
-----
|
||||
} non_cpu_pd_node_t;
|
||||
|
||||
typedef struct cpu_pwr_domain_node {
|
||||
u_register_t mpidr;
|
||||
|
||||
/* Index of the parent power domain node */
|
||||
unsigned int parent_node;
|
||||
|
||||
-----
|
||||
} cpu_pd_node_t;
|
||||
|
||||
The power domain tree is implemented as a combination of the following data
|
||||
structures.
|
||||
|
||||
.. code:: c
|
||||
|
||||
non_cpu_pd_node_t psci_non_cpu_pd_nodes[PSCI_NUM_NON_CPU_PWR_DOMAINS];
|
||||
cpu_pd_node_t psci_cpu_pd_nodes[PLATFORM_CORE_COUNT];
|
||||
|
||||
Populating the power domain tree
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``populate_power_domain_tree()`` function in ``psci_setup.c`` implements the
|
||||
algorithm to parse the power domain descriptor exported by the platform to
|
||||
populate the two arrays. It is essentially a breadth-first-search. The nodes for
|
||||
each level starting from the root are laid out one after another in the
|
||||
``psci_non_cpu_pd_nodes`` and ``psci_cpu_pd_nodes`` arrays as follows:
|
||||
|
||||
::
|
||||
|
||||
psci_non_cpu_pd_nodes -> [[Level 3 nodes][Level 2 nodes][Level 1 nodes]]
|
||||
psci_cpu_pd_nodes -> [Level 0 nodes]
|
||||
|
||||
For the example power domain tree illustrated above, the ``psci_cpu_pd_nodes``
|
||||
will be populated as follows. The value in each entry is the index of the parent
|
||||
node. Other fields have been ignored for simplicity.
|
||||
|
||||
::
|
||||
|
||||
+-------------+ ^
|
||||
CPU0 | 3 | |
|
||||
+-------------+ |
|
||||
CPU1 | 3 | |
|
||||
+-------------+ |
|
||||
CPU2 | 3 | |
|
||||
+-------------+ |
|
||||
CPU3 | 4 | |
|
||||
+-------------+ |
|
||||
CPU4 | 4 | |
|
||||
+-------------+ |
|
||||
CPU5 | 4 | | PLATFORM_CORE_COUNT
|
||||
+-------------+ |
|
||||
CPU6 | 5 | |
|
||||
+-------------+ |
|
||||
CPU7 | 5 | |
|
||||
+-------------+ |
|
||||
CPU8 | 5 | |
|
||||
+-------------+ |
|
||||
CPU9 | 6 | |
|
||||
+-------------+ |
|
||||
CPU10 | 6 | |
|
||||
+-------------+ |
|
||||
CPU11 | 6 | |
|
||||
+-------------+ |
|
||||
CPU12 | 6 | v
|
||||
+-------------+
|
||||
|
||||
The ``psci_non_cpu_pd_nodes`` array will be populated as follows. The value in
|
||||
each entry is the index of the parent node.
|
||||
|
||||
::
|
||||
|
||||
+-------------+ ^
|
||||
PD0 | -1 | |
|
||||
+-------------+ |
|
||||
PD1 | 0 | |
|
||||
+-------------+ |
|
||||
PD2 | 0 | |
|
||||
+-------------+ |
|
||||
PD3 | 1 | | PLAT_NUM_POWER_DOMAINS -
|
||||
+-------------+ | PLATFORM_CORE_COUNT
|
||||
PD4 | 1 | |
|
||||
+-------------+ |
|
||||
PD5 | 2 | |
|
||||
+-------------+ |
|
||||
PD6 | 2 | |
|
||||
+-------------+ v
|
||||
|
||||
Each core can find its node in the ``psci_cpu_pd_nodes`` array using the
|
||||
``plat_my_core_pos()`` function. When a core is turned on, the normal world
|
||||
provides an MPIDR. The ``plat_core_pos_by_mpidr()`` function is used to validate
|
||||
the MPIDR before using it to find the corresponding core node. The non-core power
|
||||
domain nodes do not need to be identified.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2017-2018, Arm Limited and Contributors. All rights reserved.*
|
||||
161
arm-trusted-firmware/docs/design/reset-design.rst
Normal file
161
arm-trusted-firmware/docs/design/reset-design.rst
Normal file
@@ -0,0 +1,161 @@
|
||||
CPU Reset
|
||||
=========
|
||||
|
||||
This document describes the high-level design of the framework to handle CPU
|
||||
resets in Trusted Firmware-A (TF-A). It also describes how the platform
|
||||
integrator can tailor this code to the system configuration to some extent,
|
||||
resulting in a simplified and more optimised boot flow.
|
||||
|
||||
This document should be used in conjunction with the :ref:`Firmware Design`
|
||||
document which provides greater implementation details around the reset code,
|
||||
specifically for the cold boot path.
|
||||
|
||||
General reset code flow
|
||||
-----------------------
|
||||
|
||||
The TF-A reset code is implemented in BL1 by default. The following high-level
|
||||
diagram illustrates this:
|
||||
|
||||
|Default reset code flow|
|
||||
|
||||
This diagram shows the default, unoptimised reset flow. Depending on the system
|
||||
configuration, some of these steps might be unnecessary. The following sections
|
||||
guide the platform integrator by indicating which build options exclude which
|
||||
steps, depending on the capability of the platform.
|
||||
|
||||
.. note::
|
||||
If BL31 is used as the TF-A entry point instead of BL1, the diagram
|
||||
above is still relevant, as all these operations will occur in BL31 in
|
||||
this case. Please refer to section 6 "Using BL31 entrypoint as the reset
|
||||
address" for more information.
|
||||
|
||||
Programmable CPU reset address
|
||||
------------------------------
|
||||
|
||||
By default, TF-A assumes that the CPU reset address is not programmable.
|
||||
Therefore, all CPUs start at the same address (typically address 0) whenever
|
||||
they reset. Further logic is then required to identify whether it is a cold or
|
||||
warm boot to direct CPUs to the right execution path.
|
||||
|
||||
If the reset vector address (reflected in the reset vector base address register
|
||||
``RVBAR_EL3``) is programmable then it is possible to make each CPU start directly
|
||||
at the right address, both on a cold and warm reset. Therefore, the boot type
|
||||
detection can be skipped, resulting in the following boot flow:
|
||||
|
||||
|Reset code flow with programmable reset address|
|
||||
|
||||
To enable this boot flow, compile TF-A with ``PROGRAMMABLE_RESET_ADDRESS=1``.
|
||||
This option only affects the TF-A reset image, which is BL1 by default or BL31 if
|
||||
``RESET_TO_BL31=1``.
|
||||
|
||||
On both the FVP and Juno platforms, the reset vector address is not programmable
|
||||
so both ports use ``PROGRAMMABLE_RESET_ADDRESS=0``.
|
||||
|
||||
Cold boot on a single CPU
|
||||
-------------------------
|
||||
|
||||
By default, TF-A assumes that several CPUs may be released out of reset.
|
||||
Therefore, the cold boot code has to arbitrate access to hardware resources
|
||||
shared amongst CPUs. This is done by nominating one of the CPUs as the primary,
|
||||
which is responsible for initialising shared hardware and coordinating the boot
|
||||
flow with the other CPUs.
|
||||
|
||||
If the platform guarantees that only a single CPU will ever be brought up then
|
||||
no arbitration is required. The notion of primary/secondary CPU itself no longer
|
||||
applies. This results in the following boot flow:
|
||||
|
||||
|Reset code flow with single CPU released out of reset|
|
||||
|
||||
To enable this boot flow, compile TF-A with ``COLD_BOOT_SINGLE_CPU=1``. This
|
||||
option only affects the TF-A reset image, which is BL1 by default or BL31 if
|
||||
``RESET_TO_BL31=1``.
|
||||
|
||||
On both the FVP and Juno platforms, although only one core is powered up by
|
||||
default, there are platform-specific ways to release any number of cores out of
|
||||
reset. Therefore, both platform ports use ``COLD_BOOT_SINGLE_CPU=0``.
|
||||
|
||||
Programmable CPU reset address, Cold boot on a single CPU
|
||||
---------------------------------------------------------
|
||||
|
||||
It is obviously possible to combine both optimisations on platforms that have
|
||||
a programmable CPU reset address and which release a single CPU out of reset.
|
||||
This results in the following boot flow:
|
||||
|
||||
|
||||
|Reset code flow with programmable reset address and single CPU released out of reset|
|
||||
|
||||
To enable this boot flow, compile TF-A with both ``COLD_BOOT_SINGLE_CPU=1``
|
||||
and ``PROGRAMMABLE_RESET_ADDRESS=1``. These options only affect the TF-A reset
|
||||
image, which is BL1 by default or BL31 if ``RESET_TO_BL31=1``.
|
||||
|
||||
Using BL31 entrypoint as the reset address
|
||||
------------------------------------------
|
||||
|
||||
On some platforms the runtime firmware (BL3x images) for the application
|
||||
processors are loaded by some firmware running on a secure system processor
|
||||
on the SoC, rather than by BL1 and BL2 running on the primary application
|
||||
processor. For this type of SoC it is desirable for the application processor
|
||||
to always reset to BL31 which eliminates the need for BL1 and BL2.
|
||||
|
||||
TF-A provides a build-time option ``RESET_TO_BL31`` that includes some additional
|
||||
logic in the BL31 entry point to support this use case.
|
||||
|
||||
In this configuration, the platform's Trusted Boot Firmware must ensure that
|
||||
BL31 is loaded to its runtime address, which must match the CPU's ``RVBAR_EL3``
|
||||
reset vector base address, before the application processor is powered on.
|
||||
Additionally, platform software is responsible for loading the other BL3x images
|
||||
required and providing entry point information for them to BL31. Loading these
|
||||
images might be done by the Trusted Boot Firmware or by platform code in BL31.
|
||||
|
||||
Although the Arm FVP platform does not support programming the reset base
|
||||
address dynamically at run-time, it is possible to set the initial value of the
|
||||
``RVBAR_EL3`` register at start-up. This feature is provided on the Base FVP
|
||||
only.
|
||||
|
||||
It allows the Arm FVP port to support the ``RESET_TO_BL31`` configuration, in
|
||||
which case the ``bl31.bin`` image must be loaded to its run address in Trusted
|
||||
SRAM and all CPU reset vectors be changed from the default ``0x0`` to this run
|
||||
address. See the :ref:`Arm Fixed Virtual Platforms (FVP)` for details of running
|
||||
the FVP models in this way.
|
||||
|
||||
Although technically it would be possible to program the reset base address with
|
||||
the right support in the SCP firmware, this is currently not implemented so the
|
||||
Juno port doesn't support the ``RESET_TO_BL31`` configuration.
|
||||
|
||||
The ``RESET_TO_BL31`` configuration requires some additions and changes in the
|
||||
BL31 functionality:
|
||||
|
||||
Determination of boot path
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In this configuration, BL31 uses the same reset framework and code as the one
|
||||
described for BL1 above. Therefore, it is affected by the
|
||||
``PROGRAMMABLE_RESET_ADDRESS`` and ``COLD_BOOT_SINGLE_CPU`` build options in the
|
||||
same way.
|
||||
|
||||
In the default, unoptimised BL31 reset flow, on a warm boot a CPU is directed
|
||||
to the PSCI implementation via a platform defined mechanism. On a cold boot,
|
||||
the platform must place any secondary CPUs into a safe state while the primary
|
||||
CPU executes a modified BL31 initialization, as described below.
|
||||
|
||||
Platform initialization
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In this configuration, when the CPU resets to BL31 there are no parameters that
|
||||
can be passed in registers by previous boot stages. Instead, the platform code
|
||||
in BL31 needs to know, or be able to determine, the location of the BL32 (if
|
||||
required) and BL33 images and provide this information in response to the
|
||||
``bl31_plat_get_next_image_ep_info()`` function.
|
||||
|
||||
Additionally, platform software is responsible for carrying out any security
|
||||
initialisation, for example programming a TrustZone address space controller.
|
||||
This might be done by the Trusted Boot Firmware or by platform code in BL31.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. |Default reset code flow| image:: ../resources/diagrams/default_reset_code.png
|
||||
.. |Reset code flow with programmable reset address| image:: ../resources/diagrams/reset_code_no_boot_type_check.png
|
||||
.. |Reset code flow with single CPU released out of reset| image:: ../resources/diagrams/reset_code_no_cpu_check.png
|
||||
.. |Reset code flow with programmable reset address and single CPU released out of reset| image:: ../resources/diagrams/reset_code_no_checks.png
|
||||
115
arm-trusted-firmware/docs/design/trusted-board-boot-build.rst
Normal file
115
arm-trusted-firmware/docs/design/trusted-board-boot-build.rst
Normal file
@@ -0,0 +1,115 @@
|
||||
Building FIP images with support for Trusted Board Boot
|
||||
=======================================================
|
||||
|
||||
Trusted Board Boot primarily consists of the following two features:
|
||||
|
||||
- Image Authentication, described in :ref:`Trusted Board Boot`, and
|
||||
- Firmware Update, described in :ref:`Firmware Update (FWU)`
|
||||
|
||||
The following steps should be followed to build FIP and (optionally) FWU_FIP
|
||||
images with support for these features:
|
||||
|
||||
#. Fulfill the dependencies of the ``mbedtls`` cryptographic and image parser
|
||||
modules by checking out a recent version of the `mbed TLS Repository`_. It
|
||||
is important to use a version that is compatible with TF-A and fixes any
|
||||
known security vulnerabilities. See `mbed TLS Security Center`_ for more
|
||||
information. See the :ref:`Prerequisites` document for the appropriate
|
||||
version of mbed TLS to use.
|
||||
|
||||
The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS
|
||||
source files the modules depend upon.
|
||||
``include/drivers/auth/mbedtls/mbedtls_config.h`` contains the configuration
|
||||
options required to build the mbed TLS sources.
|
||||
|
||||
Note that the mbed TLS library is licensed under the Apache version 2.0
|
||||
license. Using mbed TLS source code will affect the licensing of TF-A
|
||||
binaries that are built using this library.
|
||||
|
||||
#. To build the FIP image, ensure the following command line variables are set
|
||||
while invoking ``make`` to build TF-A:
|
||||
|
||||
- ``MBEDTLS_DIR=<path of the directory containing mbed TLS sources>``
|
||||
- ``TRUSTED_BOARD_BOOT=1``
|
||||
- ``GENERATE_COT=1``
|
||||
|
||||
By default, this will use the Chain of Trust described in the TBBR-client
|
||||
document. To select a different one, use the ``COT`` build option.
|
||||
|
||||
In the case of Arm platforms, the location of the ROTPK hash must also be
|
||||
specified at build time. The following locations are currently supported (see
|
||||
``ARM_ROTPK_LOCATION`` build option):
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=regs``: the ROTPK hash is obtained from the Trusted
|
||||
root-key storage registers present in the platform. On Juno, these
|
||||
registers are read-only. On FVP Base and Cortex models, the registers
|
||||
are also read-only, but the value can be specified using the command line
|
||||
option ``bp.trusted_key_storage.public_key`` when launching the model.
|
||||
On Juno board, the default value corresponds to an ECDSA-SECP256R1 public
|
||||
key hash, whose private part is not currently available.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=devel_rsa``: use the default hash located in
|
||||
``plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin``. Enforce
|
||||
generation of the new hash if ``ROT_KEY`` is specified.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION=devel_ecdsa``: use the default hash located in
|
||||
``plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin``. Enforce
|
||||
generation of the new hash if ``ROT_KEY`` is specified.
|
||||
|
||||
Example of command line using RSA development keys:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
|
||||
make PLAT=<platform> TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=<path-to>/<bl33_image> \
|
||||
all fip
|
||||
|
||||
The result of this build will be the bl1.bin and the fip.bin binaries. This
|
||||
FIP will include the certificates corresponding to the selected Chain of
|
||||
Trust. These certificates can also be found in the output build directory.
|
||||
|
||||
#. The optional FWU_FIP contains any additional images to be loaded from
|
||||
Non-Volatile storage during the :ref:`Firmware Update (FWU)` process. To build the
|
||||
FWU_FIP, any FWU images required by the platform must be specified on the
|
||||
command line. On Arm development platforms like Juno, these are:
|
||||
|
||||
- NS_BL2U. The AP non-secure Firmware Updater image.
|
||||
- SCP_BL2U. The SCP Firmware Update Configuration image.
|
||||
|
||||
Example of Juno command line for generating both ``fwu`` and ``fwu_fip``
|
||||
targets using RSA development:
|
||||
|
||||
::
|
||||
|
||||
MBEDTLS_DIR=<path of the directory containing mbed TLS sources> \
|
||||
make PLAT=juno TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL33=<path-to>/<bl33_image> \
|
||||
SCP_BL2=<path-to>/<scp_bl2_image> \
|
||||
SCP_BL2U=<path-to>/<scp_bl2u_image> \
|
||||
NS_BL2U=<path-to>/<ns_bl2u_image> \
|
||||
all fip fwu_fip
|
||||
|
||||
.. note::
|
||||
The BL2U image will be built by default and added to the FWU_FIP.
|
||||
The user may override this by adding ``BL2U=<path-to>/<bl2u_image>``
|
||||
to the command line above.
|
||||
|
||||
.. note::
|
||||
Building and installing the non-secure and SCP FWU images (NS_BL1U,
|
||||
NS_BL2U and SCP_BL2U) is outside the scope of this document.
|
||||
|
||||
The result of this build will be bl1.bin, fip.bin and fwu_fip.bin binaries.
|
||||
Both the FIP and FWU_FIP will include the certificates corresponding to the
|
||||
selected Chain of Trust. These certificates can also be found in the output
|
||||
build directory.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _mbed TLS Repository: https://github.com/ARMmbed/mbedtls.git
|
||||
.. _mbed TLS Security Center: https://tls.mbed.org/security
|
||||
263
arm-trusted-firmware/docs/design/trusted-board-boot.rst
Normal file
263
arm-trusted-firmware/docs/design/trusted-board-boot.rst
Normal file
@@ -0,0 +1,263 @@
|
||||
Trusted Board Boot
|
||||
==================
|
||||
|
||||
The Trusted Board Boot (TBB) feature prevents malicious firmware from running on
|
||||
the platform by authenticating all firmware images up to and including the
|
||||
normal world bootloader. It does this by establishing a Chain of Trust using
|
||||
Public-Key-Cryptography Standards (PKCS).
|
||||
|
||||
This document describes the design of Trusted Firmware-A (TF-A) TBB, which is an
|
||||
implementation of the `Trusted Board Boot Requirements (TBBR)`_ specification,
|
||||
Arm DEN0006D. It should be used in conjunction with the
|
||||
:ref:`Firmware Update (FWU)` design document, which implements a specific aspect
|
||||
of the TBBR.
|
||||
|
||||
Chain of Trust
|
||||
--------------
|
||||
|
||||
A Chain of Trust (CoT) starts with a set of implicitly trusted components. On
|
||||
the Arm development platforms, these components are:
|
||||
|
||||
- A SHA-256 hash of the Root of Trust Public Key (ROTPK). It is stored in the
|
||||
trusted root-key storage registers. Alternatively, a development ROTPK might
|
||||
be used and its hash embedded into the BL1 and BL2 images (only for
|
||||
development purposes).
|
||||
|
||||
- The BL1 image, on the assumption that it resides in ROM so cannot be
|
||||
tampered with.
|
||||
|
||||
The remaining components in the CoT are either certificates or boot loader
|
||||
images. The certificates follow the `X.509 v3`_ standard. This standard
|
||||
enables adding custom extensions to the certificates, which are used to store
|
||||
essential information to establish the CoT.
|
||||
|
||||
In the TBB CoT all certificates are self-signed. There is no need for a
|
||||
Certificate Authority (CA) because the CoT is not established by verifying the
|
||||
validity of a certificate's issuer but by the content of the certificate
|
||||
extensions. To sign the certificates, different signature schemes are available,
|
||||
please refer to the :ref:`Build Options` for more details.
|
||||
|
||||
The certificates are categorised as "Key" and "Content" certificates. Key
|
||||
certificates are used to verify public keys which have been used to sign content
|
||||
certificates. Content certificates are used to store the hash of a boot loader
|
||||
image. An image can be authenticated by calculating its hash and matching it
|
||||
with the hash extracted from the content certificate. Various hash algorithms
|
||||
are supported to calculate all hashes, please refer to the :ref:`Build Options`
|
||||
for more details.. The public keys and hashes are included as non-standard
|
||||
extension fields in the `X.509 v3`_ certificates.
|
||||
|
||||
The keys used to establish the CoT are:
|
||||
|
||||
- **Root of trust key**
|
||||
|
||||
The private part of this key is used to sign the BL2 content certificate and
|
||||
the trusted key certificate. The public part is the ROTPK.
|
||||
|
||||
- **Trusted world key**
|
||||
|
||||
The private part is used to sign the key certificates corresponding to the
|
||||
secure world images (SCP_BL2, BL31 and BL32). The public part is stored in
|
||||
one of the extension fields in the trusted world certificate.
|
||||
|
||||
- **Non-trusted world key**
|
||||
|
||||
The private part is used to sign the key certificate corresponding to the
|
||||
non secure world image (BL33). The public part is stored in one of the
|
||||
extension fields in the trusted world certificate.
|
||||
|
||||
- **BL3X keys**
|
||||
|
||||
For each of SCP_BL2, BL31, BL32 and BL33, the private part is used to
|
||||
sign the content certificate for the BL3X image. The public part is stored
|
||||
in one of the extension fields in the corresponding key certificate.
|
||||
|
||||
The following images are included in the CoT:
|
||||
|
||||
- BL1
|
||||
- BL2
|
||||
- SCP_BL2 (optional)
|
||||
- BL31
|
||||
- BL33
|
||||
- BL32 (optional)
|
||||
|
||||
The following certificates are used to authenticate the images.
|
||||
|
||||
- **BL2 content certificate**
|
||||
|
||||
It is self-signed with the private part of the ROT key. It contains a hash
|
||||
of the BL2 image.
|
||||
|
||||
- **Trusted key certificate**
|
||||
|
||||
It is self-signed with the private part of the ROT key. It contains the
|
||||
public part of the trusted world key and the public part of the non-trusted
|
||||
world key.
|
||||
|
||||
- **SCP_BL2 key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the SCP_BL2 key.
|
||||
|
||||
- **SCP_BL2 content certificate**
|
||||
|
||||
It is self-signed with the SCP_BL2 key. It contains a hash of the SCP_BL2
|
||||
image.
|
||||
|
||||
- **BL31 key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the BL31 key.
|
||||
|
||||
- **BL31 content certificate**
|
||||
|
||||
It is self-signed with the BL31 key. It contains a hash of the BL31 image.
|
||||
|
||||
- **BL32 key certificate**
|
||||
|
||||
It is self-signed with the trusted world key. It contains the public part of
|
||||
the BL32 key.
|
||||
|
||||
- **BL32 content certificate**
|
||||
|
||||
It is self-signed with the BL32 key. It contains a hash of the BL32 image.
|
||||
|
||||
- **BL33 key certificate**
|
||||
|
||||
It is self-signed with the non-trusted world key. It contains the public
|
||||
part of the BL33 key.
|
||||
|
||||
- **BL33 content certificate**
|
||||
|
||||
It is self-signed with the BL33 key. It contains a hash of the BL33 image.
|
||||
|
||||
The SCP_BL2 and BL32 certificates are optional, but they must be present if the
|
||||
corresponding SCP_BL2 or BL32 images are present.
|
||||
|
||||
Trusted Board Boot Sequence
|
||||
---------------------------
|
||||
|
||||
The CoT is verified through the following sequence of steps. The system panics
|
||||
if any of the steps fail.
|
||||
|
||||
- BL1 loads and verifies the BL2 content certificate. The issuer public key is
|
||||
read from the verified certificate. A hash of that key is calculated and
|
||||
compared with the hash of the ROTPK read from the trusted root-key storage
|
||||
registers. If they match, the BL2 hash is read from the certificate.
|
||||
|
||||
.. note::
|
||||
The matching operation is platform specific and is currently
|
||||
unimplemented on the Arm development platforms.
|
||||
|
||||
- BL1 loads the BL2 image. Its hash is calculated and compared with the hash
|
||||
read from the certificate. Control is transferred to the BL2 image if all
|
||||
the comparisons succeed.
|
||||
|
||||
- BL2 loads and verifies the trusted key certificate. The issuer public key is
|
||||
read from the verified certificate. A hash of that key is calculated and
|
||||
compared with the hash of the ROTPK read from the trusted root-key storage
|
||||
registers. If the comparison succeeds, BL2 reads and saves the trusted and
|
||||
non-trusted world public keys from the verified certificate.
|
||||
|
||||
The next two steps are executed for each of the SCP_BL2, BL31 & BL32 images.
|
||||
The steps for the optional SCP_BL2 and BL32 images are skipped if these images
|
||||
are not present.
|
||||
|
||||
- BL2 loads and verifies the BL3x key certificate. The certificate signature
|
||||
is verified using the trusted world public key. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL3x public key from the
|
||||
certificate.
|
||||
|
||||
- BL2 loads and verifies the BL3x content certificate. The signature is
|
||||
verified using the BL3x public key. If the signature verification succeeds,
|
||||
BL2 reads and saves the BL3x image hash from the certificate.
|
||||
|
||||
The next two steps are executed only for the BL33 image.
|
||||
|
||||
- BL2 loads and verifies the BL33 key certificate. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL33 public key from the
|
||||
certificate.
|
||||
|
||||
- BL2 loads and verifies the BL33 content certificate. If the signature
|
||||
verification succeeds, BL2 reads and saves the BL33 image hash from the
|
||||
certificate.
|
||||
|
||||
The next step is executed for all the boot loader images.
|
||||
|
||||
- BL2 calculates the hash of each image. It compares it with the hash obtained
|
||||
from the corresponding content certificate. The image authentication succeeds
|
||||
if the hashes match.
|
||||
|
||||
The Trusted Board Boot implementation spans both generic and platform-specific
|
||||
BL1 and BL2 code, and in tool code on the host build machine. The feature is
|
||||
enabled through use of specific build flags as described in
|
||||
:ref:`Build Options`.
|
||||
|
||||
On the host machine, a tool generates the certificates, which are included in
|
||||
the FIP along with the boot loader images. These certificates are loaded in
|
||||
Trusted SRAM using the IO storage framework. They are then verified by an
|
||||
Authentication module included in TF-A.
|
||||
|
||||
The mechanism used for generating the FIP and the Authentication module are
|
||||
described in the following sections.
|
||||
|
||||
Authentication Framework
|
||||
------------------------
|
||||
|
||||
The authentication framework included in TF-A provides support to implement
|
||||
the desired trusted boot sequence. Arm platforms use this framework to
|
||||
implement the boot requirements specified in the
|
||||
`Trusted Board Boot Requirements (TBBR)`_ document.
|
||||
|
||||
More information about the authentication framework can be found in the
|
||||
:ref:`Authentication Framework & Chain of Trust` document.
|
||||
|
||||
Certificate Generation Tool
|
||||
---------------------------
|
||||
|
||||
The ``cert_create`` tool is built and runs on the host machine as part of the
|
||||
TF-A build process when ``GENERATE_COT=1``. It takes the boot loader images
|
||||
and keys as inputs (keys must be in PEM format) and generates the
|
||||
certificates (in DER format) required to establish the CoT. New keys can be
|
||||
generated by the tool in case they are not provided. The certificates are then
|
||||
passed as inputs to the ``fiptool`` utility for creating the FIP.
|
||||
|
||||
The certificates are also stored individually in the output build directory.
|
||||
|
||||
The tool resides in the ``tools/cert_create`` directory. It uses the OpenSSL SSL
|
||||
library version to generate the X.509 certificates. The specific version of the
|
||||
library that is required is given in the :ref:`Prerequisites` document.
|
||||
|
||||
Instructions for building and using the tool can be found at
|
||||
:ref:`tools_build_cert_create`.
|
||||
|
||||
Authenticated Encryption Framework
|
||||
----------------------------------
|
||||
|
||||
The authenticated encryption framework included in TF-A provides support to
|
||||
implement the optional firmware encryption feature. This feature can be
|
||||
optionally enabled on platforms to implement the optional requirement:
|
||||
R060_TBBR_FUNCTION as specified in the `Trusted Board Boot Requirements (TBBR)`_
|
||||
document.
|
||||
|
||||
Firmware Encryption Tool
|
||||
------------------------
|
||||
|
||||
The ``encrypt_fw`` tool is built and runs on the host machine as part of the
|
||||
TF-A build process when ``DECRYPTION_SUPPORT != none``. It takes the plain
|
||||
firmware image as input and generates the encrypted firmware image which can
|
||||
then be passed as input to the ``fiptool`` utility for creating the FIP.
|
||||
|
||||
The encrypted firmwares are also stored individually in the output build
|
||||
directory.
|
||||
|
||||
The tool resides in the ``tools/encrypt_fw`` directory. It uses OpenSSL SSL
|
||||
library version 1.0.1 or later to do authenticated encryption operation.
|
||||
Instructions for building and using the tool can be found in the
|
||||
:ref:`tools_build_enctool`.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2015-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _X.509 v3: https://tools.ietf.org/rfc/rfc5280.txt
|
||||
.. _Trusted Board Boot Requirements (TBBR): https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
|
||||
165
arm-trusted-firmware/docs/design_documents/cmake_framework.rst
Normal file
165
arm-trusted-firmware/docs/design_documents/cmake_framework.rst
Normal file
@@ -0,0 +1,165 @@
|
||||
TF-A CMake buildsystem
|
||||
======================
|
||||
|
||||
:Author: Balint Dobszay
|
||||
:Organization: Arm Limited
|
||||
:Contact: Balint Dobszay <balint.dobszay@arm.com>
|
||||
:Status: Accepted
|
||||
|
||||
.. contents:: Table of Contents
|
||||
|
||||
Abstract
|
||||
--------
|
||||
This document presents a proposal for a new buildsystem for TF-A using CMake,
|
||||
and as part of this a reusable CMake framework for embedded projects. For a
|
||||
summary about the proposal, please see the `Phabricator wiki page
|
||||
<https://developer.trustedfirmware.org/w/tf_a/cmake-buildsystem-proposal/>`_. As
|
||||
mentioned there, the proposal consists of two phases. The subject of this
|
||||
document is the first phase only.
|
||||
|
||||
Introduction
|
||||
------------
|
||||
The current Makefile based buildsystem of TF-A has become complicated and hard
|
||||
to maintain, there is a need for a new, more flexible solution. The proposal is
|
||||
to use CMake language for the new buildsystem. The main reasons of this decision
|
||||
are the following:
|
||||
|
||||
* It is a well-established, mature tool, widely accepted by open-source
|
||||
projects.
|
||||
* TF-M is already using CMake, reducing fragmentation for tf.org projects can be
|
||||
beneficial.
|
||||
* CMake has various advantages over Make, e.g.:
|
||||
|
||||
* Host and target system agnostic project.
|
||||
* CMake project is scalable, supports project modularization.
|
||||
* Supports software integration.
|
||||
* Out-of-the-box support for integration with several tools (e.g. project
|
||||
generation for various IDEs, integration with cppcheck, etc).
|
||||
|
||||
Of course there are drawbacks too:
|
||||
|
||||
* Language is problematic (e.g. variable scope).
|
||||
* Not embedded approach.
|
||||
|
||||
To overcome these and other problems, we need to create workarounds for some
|
||||
tasks, wrap CMake functions, etc. Since this functionality can be useful in
|
||||
other embedded projects too, it is beneficial to collect the new code into a
|
||||
reusable framework and store this in a separate repository. The following
|
||||
diagram provides an overview of the framework structure:
|
||||
|
||||
|Framework structure|
|
||||
|
||||
Main features
|
||||
-------------
|
||||
|
||||
Structured configuration description
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
In the current Makefile system the build configuration description, validation,
|
||||
processing, and the target creation, source file description are mixed and
|
||||
spread across several files. One of the goals of the framework is to organize
|
||||
this.
|
||||
|
||||
The framework provides a solution to describe the input build parameters, flags,
|
||||
macros, etc. in a structured way. It contains two utilities for this purpose:
|
||||
|
||||
* Map: simple key-value pair implementation.
|
||||
* Group: collection of related maps.
|
||||
|
||||
The related parameters shall be packed into a group (or "setting group"). The
|
||||
setting groups shall be defined and filled with content in config files.
|
||||
Currently the config files are created and edited manually, but later a
|
||||
configuration management tool (e.g. Kconfig) shall be used to generate these
|
||||
files. Therefore, the framework does not contain parameter validation and
|
||||
conflict checking, these shall be handled by the configuration tool.
|
||||
|
||||
Target description
|
||||
^^^^^^^^^^^^^^^^^^
|
||||
The framework provides an API called STGT ('simple target') to describe the
|
||||
targets, i.e. what is the build output, what source files are used, what
|
||||
libraries are linked, etc. The API wraps the CMake target functions, and also
|
||||
extends the built-in functionality, it can use the setting groups described in
|
||||
the previous section. A group can be applied onto a target, i.e. a collection of
|
||||
macros, flags, etc. can be applied onto the given output executable/library.
|
||||
This provides a more granular way than the current Makefile system where most of
|
||||
these are global and applied onto each target.
|
||||
|
||||
Compiler abstraction
|
||||
^^^^^^^^^^^^^^^^^^^^
|
||||
Apart from the built-in CMake usage of the compiler, there are some common tasks
|
||||
that CMake does not solve (e.g. preprocessing a file). For these tasks the
|
||||
framework uses wrapper functions instead of direct calls to the compiler. This
|
||||
way it is not tied to one specific compiler.
|
||||
|
||||
External tools
|
||||
^^^^^^^^^^^^^^
|
||||
In the TF-A buildsystem some external tools are used, e.g. fiptool for image
|
||||
generation or dtc for device tree compilation. These tools have to be found
|
||||
and/or built by the framework. For this, the CMake find_package functionality is
|
||||
used, any other necessary tools can be added later.
|
||||
|
||||
Workflow
|
||||
--------
|
||||
The following diagram demonstrates the development workflow using the framework:
|
||||
|
||||
|Framework workflow|
|
||||
|
||||
The process can be split into two main phases:
|
||||
|
||||
In the provisioning phase, first we have to obtain the necessary resources, i.e.
|
||||
clone the code repository and other dependencies. Next we have to do the
|
||||
configuration, preferably using a config tool like KConfig.
|
||||
|
||||
In the development phase first we run CMake, which will generate the buildsystem
|
||||
using the selected generator backend (currently only the Makefile generator is
|
||||
supported). After this we run the selected build tool which in turn calls the
|
||||
compiler, linker, packaging tool, etc. Finally we can run and debug the output
|
||||
executables.
|
||||
|
||||
Usually during development only the steps in this second phase have to be
|
||||
repeated, while the provisioning phase needs to be done only once (or rarely).
|
||||
|
||||
Example
|
||||
-------
|
||||
This is a short example for the basic framework usage.
|
||||
|
||||
First, we create a setting group called *mem_conf* and fill it with several
|
||||
parameters. It is worth noting the difference between *CONFIG* and *DEFINE*
|
||||
types: the former is only a CMake domain option, the latter is only a C language
|
||||
macro.
|
||||
|
||||
Next, we create a target called *fw1* and add the *mem_conf* setting group to
|
||||
it. This means that all source and header files used by the target will have all
|
||||
the parameters declared in the setting group. Then we set the target type to
|
||||
executable, and add some source files. Since the target has the parameters from
|
||||
the settings group, we can use it for conditionally adding source files. E.g.
|
||||
*dram_controller.c* will only be added if MEM_TYPE equals dram.
|
||||
|
||||
.. code-block:: cmake
|
||||
|
||||
group_new(NAME mem_conf)
|
||||
group_add(NAME mem_conf TYPE DEFINE KEY MEM_SIZE VAL 1024)
|
||||
group_add(NAME mem_conf TYPE CONFIG DEFINE KEY MEM_TYPE VAL dram)
|
||||
group_add(NAME mem_conf TYPE CFLAG KEY -Os)
|
||||
|
||||
stgt_create(NAME fw1)
|
||||
stgt_add_setting(NAME fw1 GROUPS mem_conf)
|
||||
stgt_set_target(NAME fw1 TYPE exe)
|
||||
|
||||
stgt_add_src(NAME fw1 SRC
|
||||
${CMAKE_SOURCE_DIR}/main.c
|
||||
)
|
||||
|
||||
stgt_add_src_cond(NAME fw1 KEY MEM_TYPE VAL dram SRC
|
||||
${CMAKE_SOURCE_DIR}/dram_controller.c
|
||||
)
|
||||
|
||||
.. |Framework structure| image::
|
||||
../resources/diagrams/cmake_framework_structure.png
|
||||
:width: 75 %
|
||||
|
||||
.. |Framework workflow| image::
|
||||
../resources/diagrams/cmake_framework_workflow.png
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
@@ -0,0 +1,197 @@
|
||||
Enhance Context Management library for EL3 firmware
|
||||
===================================================
|
||||
|
||||
:Authors: Soby Mathew & Zelalem Aweke
|
||||
:Organization: Arm Limited
|
||||
:Contact: Soby Mathew <soby.mathew@arm.com> & Zelalem Aweke <zelalem.aweke@arm.com>
|
||||
:Status: RFC
|
||||
|
||||
.. contents:: Table of Contents
|
||||
|
||||
Introduction
|
||||
------------
|
||||
The context management library in TF-A provides the basic CPU context
|
||||
initialization and management routines for use by different components
|
||||
in EL3 firmware. The original design of the library was done keeping in
|
||||
mind the 2 world switch and hence this design pattern has been extended to
|
||||
keep up with growing requirements of EL3 firmware. With the introduction
|
||||
of a new Realm world and a separate Root world for EL3 firmware, it is clear
|
||||
that this library needs to be refactored to cater for future enhancements and
|
||||
reduce chances of introducing error in code. This also aligns with the overall
|
||||
goal of reducing EL3 firmware complexity and footprint.
|
||||
|
||||
It is expected that the suggestions below could have legacy implications and
|
||||
hence we are mainly targeting SPM/RMM based systems. It is expected that these
|
||||
legacy issues will need to be sorted out as part of implementation on a case
|
||||
by case basis.
|
||||
|
||||
Design Principles
|
||||
-----------------
|
||||
The below section lays down the design principles for re-factoring the context
|
||||
management library :
|
||||
|
||||
(1) **Decentralized model for context mgmt**
|
||||
|
||||
Both the Secure and Realm worlds have associated dispatcher component in
|
||||
EL3 firmware to allow management of their respective worlds. Allowing the
|
||||
dispatcher to own the context for their respective world and moving away
|
||||
from a centralized policy management by context management library will
|
||||
remove the world differentiation code in the library. This also means that
|
||||
the library will not be responsible for CPU feature enablement for
|
||||
Secure and Realm worlds. See point 3 and 4 for more details.
|
||||
|
||||
The Non Secure world does not have a dispatcher component and hence EL3
|
||||
firmware (BL31)/context management library needs to have routines to help
|
||||
initialize the Non Secure world context.
|
||||
|
||||
(2) **EL3 should only initialize immediate used lower EL**
|
||||
|
||||
Due to the way TF-A evolved, from EL3 interacting with an S-EL1 payload to
|
||||
SPM in S-EL2, there is some code initializing S-EL1 registers which is
|
||||
probably redundant when SPM is present in S-EL2. As a principle, EL3
|
||||
firmware should only initialize the next immediate lower EL in use.
|
||||
If EL2 needs to be skipped and is not to be used at runtime, then
|
||||
EL3 can do the bare minimal EL2 init and init EL1 to prepare for EL3 exit.
|
||||
It is expected that this skip EL2 configuration is only needed for NS
|
||||
world to support legacy Android deployments. It is worth removing this
|
||||
`skip EL2 for Non Secure` config support if this is no longer used.
|
||||
|
||||
(3) **Maintain EL3 sysregs which affect lower EL within CPU context**
|
||||
|
||||
The CPU context contains some EL3 sysregs and gets applied on a per-world
|
||||
basis (eg: cptr_el3, scr_el3, zcr_el3 is part of the context
|
||||
because different settings need to be applied between each world).
|
||||
But this design pattern is not enforced in TF-A. It is possible to directly
|
||||
modify EL3 sysreg dynamically during the transition between NS and Secure
|
||||
worlds. Having multiple ways of manipulating EL3 sysregs for different
|
||||
values between the worlds is flaky and error prone. The proposal is to
|
||||
enforce the rule that any EL3 sysreg which can be different between worlds
|
||||
is maintained in the CPU Context. Once the context is initialized the
|
||||
EL3 sysreg values corresponding to the world being entered will be restored.
|
||||
|
||||
(4) **Allow more flexibility for Dispatchers to select feature set to save and restore**
|
||||
|
||||
The current functions for EL2 CPU context save and restore is a single
|
||||
function which takes care of saving and restoring all the registers for
|
||||
EL2. This method is inflexible and it does not allow to dynamically detect
|
||||
CPU features to select registers to save and restore. It also assumes that
|
||||
both Realm and Secure world will have the same feature set enabled from
|
||||
EL3 at runtime and makes it hard to enable different features for each
|
||||
world. The framework should cater for selective save and restore of CPU
|
||||
registers which can be controlled by the dispatcher.
|
||||
|
||||
For the implementation, this could mean that there is a separate assembly
|
||||
save and restore routine corresponding to Arch feature. The memory allocation
|
||||
within the CPU Context for each set of registers will be controlled by a
|
||||
FEAT_xxx build option. It is a valid configuration to have
|
||||
context memory allocated but not used at runtime based on feature detection
|
||||
at runtime or the platform owner has decided not to enable the feature
|
||||
for the particular world.
|
||||
|
||||
Context Allocation and Initialization
|
||||
-------------------------------------
|
||||
|
||||
|context_mgmt_abs|
|
||||
|
||||
.. |context_mgmt_abs| image::
|
||||
../resources/diagrams/context_management_abs.png
|
||||
|
||||
The above figure shows how the CPU context is allocated within TF-A. The
|
||||
allocation for Secure and Realm world is by the respective dispatcher. In the case
|
||||
of NS world, the context is allocated by the PSCI lib. This scheme allows TF-A
|
||||
to be built in various configurations (with or without Secure/Realm worlds) and
|
||||
will result in optimal memory footprint. The Secure and Realm world contexts are
|
||||
initialized by invoking context management library APIs which then initialize
|
||||
each world based on conditional evaluation of the security state of the
|
||||
context. The proposal here is to move the conditional initialization
|
||||
of context for Secure and Realm worlds to their respective dispatchers and
|
||||
have the library do only the common init needed. The library can export
|
||||
helpers to initialize registers corresponding to certain features but
|
||||
should not try to do different initialization between the worlds. The library
|
||||
can also export helpers for initialization of NS CPU Context since there is no
|
||||
dispatcher for that world.
|
||||
|
||||
This implies that any world specific code in context mgmt lib should now be
|
||||
migrated to the respective "owners". To maintain compatibility with legacy, the
|
||||
current functions can be retained in the lib and perhaps define new ones for
|
||||
use by SPMD and RMMD. The details of this can be worked out during
|
||||
implementation.
|
||||
|
||||
Introducing Root Context
|
||||
------------------------
|
||||
Till now, we have been ignoring the fact that Root world (or EL3) itself could
|
||||
have some settings which are distinct from NS/S/Realm worlds. In this case,
|
||||
Root world itself would need to maintain some sysregs settings for its own
|
||||
execution and would need to use sysregs of lower EL (eg: PAuth, pmcr) to enable
|
||||
some functionalities in EL3. The current sequence for context save and restore
|
||||
in TF-A is as given below:
|
||||
|
||||
|context_mgmt_existing|
|
||||
|
||||
.. |context_mgmt_existing| image::
|
||||
../resources/diagrams/context_mgmt_existing.png
|
||||
|
||||
Note1: The EL3 CPU context is not a homogenous collection of EL3 sysregs but
|
||||
a collection of EL3 and some other lower EL registers. The save and restore
|
||||
is also not done homogenously but based on the objective of using the
|
||||
particular register.
|
||||
|
||||
Note2: The EL1 context save and restore can possibly be removed when switching
|
||||
to S-EL2 as SPM can take care of saving the incoming NS EL1 context.
|
||||
|
||||
It can be seen that the EL3 sysreg values applied while the execution is in Root
|
||||
world corresponds to the world it came from (eg: if entering EL3 from NS world,
|
||||
the sysregs correspond to the values in NS context). There is a case that EL3
|
||||
itself may have some settings to apply for various reasons. A good example for
|
||||
this is the cptr_el3 regsiter. Although FPU traps need to be disabled for
|
||||
Non Secure, Secure and Realm worlds, the EL3 execution itself may keep the trap
|
||||
enabled for the sake of robustness. Another example is, if the MTE feature
|
||||
is enabled for a particular world, this feature will be enabled for Root world
|
||||
as well when entering EL3 from that world. The firmware at EL3 may not
|
||||
be expecting this feature to be enabled and may cause unwanted side-effects
|
||||
which could be problematic. Thus it would be more robust if Root world is not
|
||||
subject to EL3 sysreg values from other worlds but maintains its own values
|
||||
which is stable and predictable throughout root world execution.
|
||||
|
||||
There is also the case that when EL3 would like to make use of some
|
||||
Architectural feature(s) or do some security hardening, it might need
|
||||
programming of some lower EL sysregs. For example, if EL3 needs to make
|
||||
use of Pointer Authentication (PAuth) feature, it needs to program
|
||||
its own PAuth Keys during execution at EL3. Hence EL3 needs its
|
||||
own copy of PAuth registers which needs to be restored on every
|
||||
entry to EL3. A similar case can be made for DIT bit in PSTATE,
|
||||
or use of SP_EL0 for C Runtime Stack at EL3.
|
||||
|
||||
The proposal here is to maintain a separate root world CPU context
|
||||
which gets applied for Root world execution. This is not the full
|
||||
CPU_Context, but subset of EL3 sysregs (`el3_sysreg`) and lower EL
|
||||
sysregs (`root_exc_context`) used by EL3. The save and restore
|
||||
sequence for this Root context would need to be done in
|
||||
an optimal way. The `el3_sysreg` does not need to be saved
|
||||
on EL3 Exit and possibly only some registers in `root_exc_context`
|
||||
of Root world context would need to be saved on EL3 exit (eg: SP_EL0).
|
||||
|
||||
The new sequence for world switch including Root world context would
|
||||
be as given below :
|
||||
|
||||
|context_mgmt_proposed|
|
||||
|
||||
.. |context_mgmt_proposed| image::
|
||||
../resources/diagrams/context_mgmt_proposed.png
|
||||
|
||||
Having this framework in place will allow Root world to make use of lower EL
|
||||
registers easily for its own purposes and also have a fixed EL3 sysreg setting
|
||||
which is not affected by the settings of other worlds. This will unify the
|
||||
Root world register usage pattern for its own execution and remove some
|
||||
of the adhoc usages in code.
|
||||
|
||||
Conclusion
|
||||
----------
|
||||
Of all the proposals, the introduction of Root world context would likely need
|
||||
further prototyping to confirm the design and we will need to measure the
|
||||
performance and memory impact of this change. Other changes are incremental
|
||||
improvements which are thought to have negligible impact on EL3 performance.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.*
|
||||
15
arm-trusted-firmware/docs/design_documents/index.rst
Normal file
15
arm-trusted-firmware/docs/design_documents/index.rst
Normal file
@@ -0,0 +1,15 @@
|
||||
Design Documents
|
||||
================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
cmake_framework
|
||||
context_mgmt_rework
|
||||
measured_boot_poc
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.*
|
||||
507
arm-trusted-firmware/docs/design_documents/measured_boot_poc.rst
Normal file
507
arm-trusted-firmware/docs/design_documents/measured_boot_poc.rst
Normal file
@@ -0,0 +1,507 @@
|
||||
Interaction between Measured Boot and an fTPM (PoC)
|
||||
===================================================
|
||||
|
||||
Measured Boot is the process of cryptographically measuring the code and
|
||||
critical data used at boot time, for example using a TPM, so that the
|
||||
security state can be attested later.
|
||||
|
||||
The current implementation of the driver included in Trusted Firmware-A
|
||||
(TF-A) stores the measurements into a `TGC event log`_ in secure
|
||||
memory. No other means of recording measurements (such as a discrete TPM) is
|
||||
supported right now.
|
||||
|
||||
The driver also provides mechanisms to pass the Event Log to normal world if
|
||||
needed.
|
||||
|
||||
This manual provides instructions to build a proof of concept (PoC) with the
|
||||
sole intention of showing how Measured Boot can be used in conjunction with
|
||||
a firmware TPM (fTPM) service implemented on top of OP-TEE.
|
||||
|
||||
.. note::
|
||||
The instructions given in this document are meant to be used to build
|
||||
a PoC to show how Measured Boot on TF-A can interact with a third
|
||||
party (f)TPM service and they try to be as general as possible. Different
|
||||
platforms might have different needs and configurations (e.g. different
|
||||
SHA algorithms) and they might also use different types of TPM services
|
||||
(or even a different type of service to provide the attestation)
|
||||
and therefore the instuctions given here might not apply in such scenarios.
|
||||
|
||||
Components
|
||||
~~~~~~~~~~
|
||||
|
||||
The PoC is built on top of the `OP-TEE Toolkit`_, which has support to build
|
||||
TF-A with support for Measured Boot enabled (and run it on a Foundation Model)
|
||||
since commit cf56848.
|
||||
|
||||
The aforementioned toolkit builds a set of images that contain all the components
|
||||
needed to test that the Event Log was properly created. One of these images will
|
||||
contain a third party fTPM service which in turn will be used to process the
|
||||
Event Log.
|
||||
|
||||
The reason to choose OP-TEE Toolkit to build our PoC around it is mostly
|
||||
for convenience. As the fTPM service used is an OP-TEE TA, it was easy to add
|
||||
build support for it to the toolkit and then build the PoC around it.
|
||||
|
||||
The most relevant components installed in the image that are closely related to
|
||||
Measured Boot/fTPM functionality are:
|
||||
|
||||
- **OP-TEE**: As stated earlier, the fTPM service used in this PoC is built as an
|
||||
OP-TEE TA and therefore we need to include the OP-TEE OS image.
|
||||
Support to interfacing with Measured Boot was added to version 3.9.0 of
|
||||
OP-TEE by implementing the ``PTA_SYSTEM_GET_TPM_EVENT_LOG`` syscall, which
|
||||
allows the former to pass a copy of the Event Log to any TA requesting it.
|
||||
OP-TEE knows the location of the Event Log by reading the DTB bindings
|
||||
received from TF-A. Visit :ref:`DTB binding for Event Log properties`
|
||||
for more details on this.
|
||||
|
||||
- **fTPM Service**: We use a third party fTPM service in order to validate
|
||||
the Measured Boot functionality. The chosen fTPM service is a sample
|
||||
implementation for Aarch32 architecture included on the `ms-tpm-20-ref`_
|
||||
reference implementation from Microsoft. The service was updated in order
|
||||
to extend the Measured Boot Event Log at boot up and it uses the
|
||||
aforementioned ``PTA_SYSTEM_GET_TPM_EVENT_LOG`` call to retrieve a copy
|
||||
of the former.
|
||||
|
||||
.. note::
|
||||
Arm does not provide an fTPM implementation. The fTPM service used here
|
||||
is a third party one which has been updated to support Measured Boot
|
||||
service as provided by TF-A. As such, it is beyond the scope of this
|
||||
manual to test and verify the correctness of the output generated by the
|
||||
fTPM service.
|
||||
|
||||
- **TPM Kernel module**: In order to interact with the fTPM service, we need
|
||||
a kernel module to forward the request from user space to the secure world.
|
||||
|
||||
- `tpm2-tools`_: This is a set of tools that allow to interact with the
|
||||
fTPM service. We use this in order to read the PCRs with the measurements.
|
||||
|
||||
Building the PoC for the Arm FVP platform
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As mentioned before, this PoC is based on the OP-TEE Toolkit with some
|
||||
extensions to enable Measured Boot and an fTPM service. Therefore, we can rely
|
||||
on the instructions to build the original OP-TEE Toolkit. As a general rule,
|
||||
the following steps should suffice:
|
||||
|
||||
(1) Start by following the `Get and build the solution`_ instructions to build
|
||||
the OP-TEE toolkit. On step 3, you need to get the manifest for FVP
|
||||
platform from the main branch:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ repo init -u https://github.com/OP-TEE/manifest.git -m fvp.xml
|
||||
|
||||
Then proceed synching the repos as stated in step 3. Continue following
|
||||
the instructions and stop before step 5.
|
||||
|
||||
(2) Next you should obtain the `Armv8-A Foundation Platform (For Linux Hosts Only)`_.
|
||||
The binary should be untar'ed to the root of the repo tree, i.e., like
|
||||
this: ``<fvp-project>/Foundation_Platformpkg``. In the end, after cloning
|
||||
all source code, getting the toolchains and "installing"
|
||||
Foundation_Platformpkg, you should have a folder structure that looks like
|
||||
this:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ ls -la
|
||||
total 80
|
||||
drwxrwxr-x 20 tf-a_user tf-a_user 4096 Jul 1 12:16 .
|
||||
drwxr-xr-x 23 tf-a_user tf-a_user 4096 Jul 1 10:40 ..
|
||||
drwxrwxr-x 12 tf-a_user tf-a_user 4096 Jul 1 10:45 build
|
||||
drwxrwxr-x 16 tf-a_user tf-a_user 4096 Jul 1 12:16 buildroot
|
||||
drwxrwxr-x 51 tf-a_user tf-a_user 4096 Jul 1 10:45 edk2
|
||||
drwxrwxr-x 6 tf-a_user tf-a_user 4096 Jul 1 12:14 edk2-platforms
|
||||
drwxr-xr-x 7 tf-a_user tf-a_user 4096 Jul 1 10:52 Foundation_Platformpkg
|
||||
drwxrwxr-x 17 tf-a_user tf-a_user 4096 Jul 2 10:40 grub
|
||||
drwxrwxr-x 25 tf-a_user tf-a_user 4096 Jul 2 10:39 linux
|
||||
drwxrwxr-x 15 tf-a_user tf-a_user 4096 Jul 1 10:45 mbedtls
|
||||
drwxrwxr-x 6 tf-a_user tf-a_user 4096 Jul 1 10:45 ms-tpm-20-ref
|
||||
drwxrwxr-x 8 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_client
|
||||
drwxrwxr-x 10 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_examples
|
||||
drwxrwxr-x 12 tf-a_user tf-a_user 4096 Jul 1 12:13 optee_os
|
||||
drwxrwxr-x 8 tf-a_user tf-a_user 4096 Jul 1 10:45 optee_test
|
||||
drwxrwxr-x 7 tf-a_user tf-a_user 4096 Jul 1 10:45 .repo
|
||||
drwxrwxr-x 4 tf-a_user tf-a_user 4096 Jul 1 12:12 toolchains
|
||||
drwxrwxr-x 21 tf-a_user tf-a_user 4096 Jul 1 12:15 trusted-firmware-a
|
||||
|
||||
(3) Now enter into ``ms-tpm-20-ref`` and get its dependencies:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ cd ms-tpm-20-ref
|
||||
$ git submodule init
|
||||
$ git submodule update
|
||||
Submodule path 'external/wolfssl': checked out '9c87f979a7f1d3a6d786b260653d566c1d31a1c4'
|
||||
|
||||
(4) Now, you should be able to continue with step 5 in "`Get and build the solution`_"
|
||||
instructions. In order to enable support for Measured Boot, you need to
|
||||
set the ``MEASURED_BOOT`` build option:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ MEASURED_BOOT=y make -j `nproc`
|
||||
|
||||
.. note::
|
||||
The build process will likely take a long time. It is strongly recommended to
|
||||
pass the ``-j`` option to make to run the process faster.
|
||||
|
||||
After this step, you should be ready to run the image.
|
||||
|
||||
Running and using the PoC on the Armv8-A Foundation AEM FVP
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
With everything built, you can now run the image:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$ make run-only
|
||||
|
||||
.. note::
|
||||
Using ``make run`` will build and run the image and it can be used instead
|
||||
of simply ``make``. However, once the image is built, it is recommended to
|
||||
use ``make run-only`` to avoid re-running all the building rules, which
|
||||
would take time.
|
||||
|
||||
When FVP is launched, two terminal windows will appear. ``FVP terminal_0``
|
||||
is the userspace terminal whereas ``FVP terminal_1`` is the counterpart for
|
||||
the secure world (where TAs will print their logs, for instance).
|
||||
|
||||
Log into the image shell with user ``root``, no password will be required.
|
||||
Then we can issue the ``ftpm`` command, which is an alias that
|
||||
|
||||
(1) loads the ftpm kernel module and
|
||||
|
||||
(2) calls ``tpm2_pcrread``, which will access the fTPM service to read the
|
||||
PCRs.
|
||||
|
||||
When loading the ftpm kernel module, the fTPM TA is loaded into the secure
|
||||
world. This TA then requests a copy of the Event Log generated during the
|
||||
booting process so it can retrieve all the entries on the log and record them
|
||||
first thing.
|
||||
|
||||
.. note::
|
||||
For this PoC, nothing loaded after BL33 and NT_FW_CONFIG is recorded
|
||||
in the Event Log.
|
||||
|
||||
The secure world terminal should show the debug logs for the fTPM service,
|
||||
including all the measurements available in the Event Log as they are being
|
||||
processed:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
M/TA: Preparing to extend the following TPM Event Log:
|
||||
M/TA: TCG_EfiSpecIDEvent:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 3
|
||||
M/TA: Digest : 00
|
||||
M/TA: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: : 00 00 00
|
||||
M/TA: EventSize : 33
|
||||
M/TA: Signature : Spec ID Event03
|
||||
M/TA: PlatformClass : 0
|
||||
M/TA: SpecVersion : 2.0.2
|
||||
M/TA: UintnSize : 1
|
||||
M/TA: NumberOfAlgorithms : 1
|
||||
M/TA: DigestSizes :
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: DigestSize : 32
|
||||
M/TA: VendorInfoSize : 0
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 3
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
M/TA: EventSize : 17
|
||||
M/TA: Signature : StartupLocality
|
||||
M/TA: StartupLocality : 0
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 58 26 32 6e 64 45 64 da 45 de 35 db 96 fd ed 63
|
||||
M/TA: : 2a 6a d4 0d aa 94 b0 b1 55 e4 72 e7 1f 0a e0 d5
|
||||
M/TA: EventSize : 5
|
||||
M/TA: Event : BL_2
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : cf f9 7d a3 5c 73 ac cb 7b a0 25 80 6a 6e 50 a5
|
||||
M/TA: : 6b 2e d2 8c c9 36 92 7d 46 c5 b9 c3 a4 6c 51 7c
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_31
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 23 b0 a3 5d 54 d9 43 1a 5c b9 89 63 1c da 06 c2
|
||||
M/TA: : e5 de e7 7e 99 17 52 12 7d f7 45 ca 4f 4a 39 c0
|
||||
M/TA: EventSize : 10
|
||||
M/TA: Event : HW_CONFIG
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 4e e4 8e 5a e6 50 ed e0 b5 a3 54 8a 1f d6 0e 8a
|
||||
M/TA: : ea 0e 71 75 0e a4 3f 82 76 ce af cd 7c b0 91 e0
|
||||
M/TA: EventSize : 14
|
||||
M/TA: Event : SOC_FW_CONFIG
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 01 b0 80 47 a1 ce 86 cd df 89 d2 1f 2e fc 6c 22
|
||||
M/TA: : f8 19 ec 6e 1e ec 73 ba 5a be d0 96 e3 5f 6d 75
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_32
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 5d c6 ef 35 5a 90 81 b4 37 e6 3b 52 da 92 ab 8e
|
||||
M/TA: : d9 6e 93 98 2d 40 87 96 1b 5a a7 ee f1 f4 40 63
|
||||
M/TA: EventSize : 18
|
||||
M/TA: Event : BL32_EXTRA1_IMAGE
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 39 b7 13 b9 93 db 32 2f 1b 48 30 eb 2c f2 5c 25
|
||||
M/TA: : 00 0f 38 dc 8e c8 02 cd 79 f2 48 d2 2c 25 ab e2
|
||||
M/TA: EventSize : 6
|
||||
M/TA: Event : BL_33
|
||||
M/TA: PCR_Event2:
|
||||
M/TA: PCRIndex : 0
|
||||
M/TA: EventType : 1
|
||||
M/TA: Digests Count : 1
|
||||
M/TA: #0 AlgorithmId : SHA256
|
||||
M/TA: Digest : 25 10 60 5d d4 bc 9d 82 7a 16 9f 8a cc 47 95 a6
|
||||
M/TA: : fd ca a0 c1 2b c9 99 8f 51 20 ff c6 ed 74 68 5a
|
||||
M/TA: EventSize : 13
|
||||
M/TA: Event : NT_FW_CONFIG
|
||||
|
||||
These logs correspond to the measurements stored by TF-A during the measured
|
||||
boot process and therefore, they should match the logs dumped by the former
|
||||
during the boot up process. These can be seen on the terminal_0:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
NOTICE: Booting Trusted Firmware
|
||||
NOTICE: BL1: v2.5(release):v2.5
|
||||
NOTICE: BL1: Built : 10:41:20, Jul 2 2021
|
||||
NOTICE: BL1: Booting BL2
|
||||
NOTICE: BL2: v2.5(release):v2.5
|
||||
NOTICE: BL2: Built : 10:41:20, Jul 2 2021
|
||||
NOTICE: TCG_EfiSpecIDEvent:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 3
|
||||
NOTICE: Digest : 00
|
||||
NOTICE: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: : 00 00 00
|
||||
NOTICE: EventSize : 33
|
||||
NOTICE: Signature : Spec ID Event03
|
||||
NOTICE: PlatformClass : 0
|
||||
NOTICE: SpecVersion : 2.0.2
|
||||
NOTICE: UintnSize : 1
|
||||
NOTICE: NumberOfAlgorithms : 1
|
||||
NOTICE: DigestSizes :
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: DigestSize : 32
|
||||
NOTICE: VendorInfoSize : 0
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 3
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
||||
NOTICE: EventSize : 17
|
||||
NOTICE: Signature : StartupLocality
|
||||
NOTICE: StartupLocality : 0
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 58 26 32 6e 64 45 64 da 45 de 35 db 96 fd ed 63
|
||||
NOTICE: : 2a 6a d4 0d aa 94 b0 b1 55 e4 72 e7 1f 0a e0 d5
|
||||
NOTICE: EventSize : 5
|
||||
NOTICE: Event : BL_2
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : cf f9 7d a3 5c 73 ac cb 7b a0 25 80 6a 6e 50 a5
|
||||
NOTICE: : 6b 2e d2 8c c9 36 92 7d 46 c5 b9 c3 a4 6c 51 7c
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_31
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 23 b0 a3 5d 54 d9 43 1a 5c b9 89 63 1c da 06 c2
|
||||
NOTICE: : e5 de e7 7e 99 17 52 12 7d f7 45 ca 4f 4a 39 c0
|
||||
NOTICE: EventSize : 10
|
||||
NOTICE: Event : HW_CONFIG
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 4e e4 8e 5a e6 50 ed e0 b5 a3 54 8a 1f d6 0e 8a
|
||||
NOTICE: : ea 0e 71 75 0e a4 3f 82 76 ce af cd 7c b0 91 e0
|
||||
NOTICE: EventSize : 14
|
||||
NOTICE: Event : SOC_FW_CONFIG
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 01 b0 80 47 a1 ce 86 cd df 89 d2 1f 2e fc 6c 22
|
||||
NOTICE: : f8 19 ec 6e 1e ec 73 ba 5a be d0 96 e3 5f 6d 75
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_32
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 5d c6 ef 35 5a 90 81 b4 37 e6 3b 52 da 92 ab 8e
|
||||
NOTICE: : d9 6e 93 98 2d 40 87 96 1b 5a a7 ee f1 f4 40 63
|
||||
NOTICE: EventSize : 18
|
||||
NOTICE: Event : BL32_EXTRA1_IMAGE
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 39 b7 13 b9 93 db 32 2f 1b 48 30 eb 2c f2 5c 25
|
||||
NOTICE: : 00 0f 38 dc 8e c8 02 cd 79 f2 48 d2 2c 25 ab e2
|
||||
NOTICE: EventSize : 6
|
||||
NOTICE: Event : BL_33
|
||||
NOTICE: PCR_Event2:
|
||||
NOTICE: PCRIndex : 0
|
||||
NOTICE: EventType : 1
|
||||
NOTICE: Digests Count : 1
|
||||
NOTICE: #0 AlgorithmId : SHA256
|
||||
NOTICE: Digest : 25 10 60 5d d4 bc 9d 82 7a 16 9f 8a cc 47 95 a6
|
||||
NOTICE: : fd ca a0 c1 2b c9 99 8f 51 20 ff c6 ed 74 68 5a
|
||||
NOTICE: EventSize : 13
|
||||
NOTICE: Event : NT_FW_CONFIG
|
||||
NOTICE: BL1: Booting BL31
|
||||
NOTICE: BL31: v2.5(release):v2.5
|
||||
NOTICE: BL31: Built : 10:41:20, Jul 2 2021
|
||||
|
||||
Following up with the fTPM startup process, we can see that all the
|
||||
measurements in the Event Log are extended and recorded in the appropriate PCR:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: TPM2_PCR_EXTEND_COMMAND returned value:
|
||||
M/TA: ret_tag = 0x8002, size = 0x00000013, rc = 0x00000000
|
||||
M/TA: 9 Event logs processed
|
||||
|
||||
After the fTPM TA is loaded, the call to ``insmod`` issued by the ``ftpm``
|
||||
alias to load the ftpm kernel module returns, and then the TPM PCRs are read
|
||||
by means of ``tpm_pcrread`` command. Note that we are only interested in the
|
||||
SHA256 logs here, as this is the algorithm we used on TF-A for the measurements
|
||||
(see the field ``AlgorithmId`` on the logs above):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sha256:
|
||||
0 : 0xA6EB3A7417B8CFA9EBA2E7C22AD5A4C03CDB8F3FBDD7667F9C3EF2EA285A8C9F
|
||||
1 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
2 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
3 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
4 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
5 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
6 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
7 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
8 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
9 : 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
10: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
11: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
12: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
13: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
14: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
15: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
16: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|
||||
23: 0x0000000000000000000000000000000000000000000000000000000000000000
|
||||
|
||||
In this PoC we are only interested in PCR0, which must be non-null. This is
|
||||
because the boot process records all the images in this PCR (see field ``PCRIndex``
|
||||
on the Event Log above). The rest of the records must be 0 at this point.
|
||||
|
||||
.. note::
|
||||
The fTPM service used has support only for 16 PCRs, therefore the content
|
||||
of PCRs above 15 can be ignored.
|
||||
|
||||
.. note::
|
||||
As stated earlier, Arm does not provide an fTPM implementation and therefore
|
||||
we do not validate here if the content of PCR0 is correct or not. For this
|
||||
PoC, we are only focused on the fact that the event log could be passed to a third
|
||||
party fTPM and its records were properly extended.
|
||||
|
||||
Fine-tuning the fTPM TA
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
As stated earlier, the OP-TEE Toolkit includes support to build a third party fTPM
|
||||
service. The build options for this service are tailored for the PoC and defined in
|
||||
the build environment variable ``FTPM_FLAGS`` (see ``<toolkit_home>/build/common.mk``)
|
||||
but they can be modified if needed to better adapt it to a specific scenario.
|
||||
|
||||
The most relevant options for Measured Boot support are:
|
||||
|
||||
- **CFG_TA_DEBUG**: Enables debug logs in the Terminal_1 console.
|
||||
- **CFG_TEE_TA_LOG_LEVEL**: Defines the log level used for the debug messages.
|
||||
- **CFG_TA_MEASURED_BOOT**: Enables support for measured boot on the fTPM.
|
||||
- **CFG_TA_EVENT_LOG_SIZE**: Defines the size, in bytes, of the larger event log that
|
||||
the fTPM is able to store, as this buffer is allocated at build time. This must be at
|
||||
least the same as the size of the event log generated by TF-A. If this build option
|
||||
is not defined, the fTPM falls back to a default value of 1024 bytes, which is enough
|
||||
for this PoC, so this variable is not defined in FTPM_FLAGS.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _OP-TEE Toolkit: https://github.com/OP-TEE/build
|
||||
.. _ms-tpm-20-ref: https://github.com/microsoft/ms-tpm-20-ref
|
||||
.. _Get and build the solution: https://optee.readthedocs.io/en/latest/building/gits/build.html#get-and-build-the-solution
|
||||
.. _Armv8-A Foundation Platform (For Linux Hosts Only): https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
|
||||
.. _tpm2-tools: https://github.com/tpm2-software/tpm2-tools
|
||||
.. _TGC event log: https://trustedcomputinggroup.org/resource/tcg-efi-platform-specification/
|
||||
974
arm-trusted-firmware/docs/getting_started/build-options.rst
Normal file
974
arm-trusted-firmware/docs/getting_started/build-options.rst
Normal file
@@ -0,0 +1,974 @@
|
||||
Build Options
|
||||
=============
|
||||
|
||||
The TF-A build system supports the following build options. Unless mentioned
|
||||
otherwise, these options are expected to be specified at the build command
|
||||
line and are not to be modified in any component makefiles. Note that the
|
||||
build system doesn't track dependency for build options. Therefore, if any of
|
||||
the build options are changed from a previous build, a clean build must be
|
||||
performed.
|
||||
|
||||
.. _build_options_common:
|
||||
|
||||
Common build options
|
||||
--------------------
|
||||
|
||||
- ``AARCH32_INSTRUCTION_SET``: Choose the AArch32 instruction set that the
|
||||
compiler should use. Valid values are T32 and A32. It defaults to T32 due to
|
||||
code having a smaller resulting size.
|
||||
|
||||
- ``AARCH32_SP`` : Choose the AArch32 Secure Payload component to be built as
|
||||
as the BL32 image when ``ARCH=aarch32``. The value should be the path to the
|
||||
directory containing the SP source, relative to the ``bl32/``; the directory
|
||||
is expected to contain a makefile called ``<aarch32_sp-value>.mk``.
|
||||
|
||||
- ``AMU_RESTRICT_COUNTERS``: Register reads to the group 1 counters will return
|
||||
zero at all but the highest implemented exception level. Reads from the
|
||||
memory mapped view are unaffected by this control.
|
||||
|
||||
- ``ARCH`` : Choose the target build architecture for TF-A. It can take either
|
||||
``aarch64`` or ``aarch32`` as values. By default, it is defined to
|
||||
``aarch64``.
|
||||
|
||||
- ``ARM_ARCH_FEATURE``: Optional Arm Architecture build option which specifies
|
||||
one or more feature modifiers. This option has the form ``[no]feature+...``
|
||||
and defaults to ``none``. It translates into compiler option
|
||||
``-march=armvX[.Y]-a+[no]feature+...``. See compiler's documentation for the
|
||||
list of supported feature modifiers.
|
||||
|
||||
- ``ARM_ARCH_MAJOR``: The major version of Arm Architecture to target when
|
||||
compiling TF-A. Its value must be numeric, and defaults to 8 . See also,
|
||||
*Armv8 Architecture Extensions* and *Armv7 Architecture Extensions* in
|
||||
:ref:`Firmware Design`.
|
||||
|
||||
- ``ARM_ARCH_MINOR``: The minor version of Arm Architecture to target when
|
||||
compiling TF-A. Its value must be a numeric, and defaults to 0. See also,
|
||||
*Armv8 Architecture Extensions* in :ref:`Firmware Design`.
|
||||
|
||||
- ``BL2``: This is an optional build option which specifies the path to BL2
|
||||
image for the ``fip`` target. In this case, the BL2 in the TF-A will not be
|
||||
built.
|
||||
|
||||
- ``BL2U``: This is an optional build option which specifies the path to
|
||||
BL2U image. In this case, the BL2U in TF-A will not be built.
|
||||
|
||||
- ``BL2_AT_EL3``: This is an optional build option that enables the use of
|
||||
BL2 at EL3 execution level.
|
||||
|
||||
- ``BL2_ENABLE_SP_LOAD``: Boolean option to enable loading SP packages from the
|
||||
FIP. Automatically enabled if ``SP_LAYOUT_FILE`` is provided.
|
||||
|
||||
- ``BL2_IN_XIP_MEM``: In some use-cases BL2 will be stored in eXecute In Place
|
||||
(XIP) memory, like BL1. In these use-cases, it is necessary to initialize
|
||||
the RW sections in RAM, while leaving the RO sections in place. This option
|
||||
enable this use-case. For now, this option is only supported when BL2_AT_EL3
|
||||
is set to '1'.
|
||||
|
||||
- ``BL31``: This is an optional build option which specifies the path to
|
||||
BL31 image for the ``fip`` target. In this case, the BL31 in TF-A will not
|
||||
be built.
|
||||
|
||||
- ``BL31_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
|
||||
file that contains the BL31 private key in PEM format. If ``SAVE_KEYS=1``,
|
||||
this file name will be used to save the key.
|
||||
|
||||
- ``BL32``: This is an optional build option which specifies the path to
|
||||
BL32 image for the ``fip`` target. In this case, the BL32 in TF-A will not
|
||||
be built.
|
||||
|
||||
- ``BL32_EXTRA1``: This is an optional build option which specifies the path to
|
||||
Trusted OS Extra1 image for the ``fip`` target.
|
||||
|
||||
- ``BL32_EXTRA2``: This is an optional build option which specifies the path to
|
||||
Trusted OS Extra2 image for the ``fip`` target.
|
||||
|
||||
- ``BL32_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
|
||||
file that contains the BL32 private key in PEM format. If ``SAVE_KEYS=1``,
|
||||
this file name will be used to save the key.
|
||||
|
||||
- ``BL33``: Path to BL33 image in the host file system. This is mandatory for
|
||||
``fip`` target in case TF-A BL2 is used.
|
||||
|
||||
- ``BL33_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
|
||||
file that contains the BL33 private key in PEM format. If ``SAVE_KEYS=1``,
|
||||
this file name will be used to save the key.
|
||||
|
||||
- ``BRANCH_PROTECTION``: Numeric value to enable ARMv8.3 Pointer Authentication
|
||||
and ARMv8.5 Branch Target Identification support for TF-A BL images themselves.
|
||||
If enabled, it is needed to use a compiler that supports the option
|
||||
``-mbranch-protection``. Selects the branch protection features to use:
|
||||
- 0: Default value turns off all types of branch protection
|
||||
- 1: Enables all types of branch protection features
|
||||
- 2: Return address signing to its standard level
|
||||
- 3: Extend the signing to include leaf functions
|
||||
- 4: Turn on branch target identification mechanism
|
||||
|
||||
The table below summarizes ``BRANCH_PROTECTION`` values, GCC compilation options
|
||||
and resulting PAuth/BTI features.
|
||||
|
||||
+-------+--------------+-------+-----+
|
||||
| Value | GCC option | PAuth | BTI |
|
||||
+=======+==============+=======+=====+
|
||||
| 0 | none | N | N |
|
||||
+-------+--------------+-------+-----+
|
||||
| 1 | standard | Y | Y |
|
||||
+-------+--------------+-------+-----+
|
||||
| 2 | pac-ret | Y | N |
|
||||
+-------+--------------+-------+-----+
|
||||
| 3 | pac-ret+leaf | Y | N |
|
||||
+-------+--------------+-------+-----+
|
||||
| 4 | bti | N | Y |
|
||||
+-------+--------------+-------+-----+
|
||||
|
||||
This option defaults to 0.
|
||||
Note that Pointer Authentication is enabled for Non-secure world
|
||||
irrespective of the value of this option if the CPU supports it.
|
||||
|
||||
- ``BUILD_MESSAGE_TIMESTAMP``: String used to identify the time and date of the
|
||||
compilation of each build. It must be set to a C string (including quotes
|
||||
where applicable). Defaults to a string that contains the time and date of
|
||||
the compilation.
|
||||
|
||||
- ``BUILD_STRING``: Input string for VERSION_STRING, which allows the TF-A
|
||||
build to be uniquely identified. Defaults to the current git commit id.
|
||||
|
||||
- ``BUILD_BASE``: Output directory for the build. Defaults to ``./build``
|
||||
|
||||
- ``CFLAGS``: Extra user options appended on the compiler's command line in
|
||||
addition to the options set by the build system.
|
||||
|
||||
- ``COLD_BOOT_SINGLE_CPU``: This option indicates whether the platform may
|
||||
release several CPUs out of reset. It can take either 0 (several CPUs may be
|
||||
brought up) or 1 (only one CPU will ever be brought up during cold reset).
|
||||
Default is 0. If the platform always brings up a single CPU, there is no
|
||||
need to distinguish between primary and secondary CPUs and the boot path can
|
||||
be optimised. The ``plat_is_my_cpu_primary()`` and
|
||||
``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
|
||||
to be implemented in this case.
|
||||
|
||||
- ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
|
||||
Defaults to ``tbbr``.
|
||||
|
||||
- ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
|
||||
register state when an unexpected exception occurs during execution of
|
||||
BL31. This option defaults to the value of ``DEBUG`` - i.e. by default
|
||||
this is only enabled for a debug build of the firmware.
|
||||
|
||||
- ``CREATE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
|
||||
certificate generation tool to create new keys in case no valid keys are
|
||||
present or specified. Allowed options are '0' or '1'. Default is '1'.
|
||||
|
||||
- ``CTX_INCLUDE_AARCH32_REGS`` : Boolean option that, when set to 1, will cause
|
||||
the AArch32 system registers to be included when saving and restoring the
|
||||
CPU context. The option must be set to 0 for AArch64-only platforms (that
|
||||
is on hardware that does not implement AArch32, or at least not at EL1 and
|
||||
higher ELs). Default value is 1.
|
||||
|
||||
- ``CTX_INCLUDE_EL2_REGS`` : This boolean option provides context save/restore
|
||||
operations when entering/exiting an EL2 execution context. This is of primary
|
||||
interest when Armv8.4-SecEL2 extension is implemented. Default is 0 (disabled).
|
||||
This option must be equal to 1 (enabled) when ``SPD=spmd`` and
|
||||
``SPMD_SPM_AT_SEL2`` is set.
|
||||
|
||||
- ``CTX_INCLUDE_FPREGS``: Boolean option that, when set to 1, will cause the FP
|
||||
registers to be included when saving and restoring the CPU context. Default
|
||||
is 0.
|
||||
|
||||
- ``CTX_INCLUDE_NEVE_REGS``: Boolean option that, when set to 1, will cause the
|
||||
Armv8.4-NV registers to be saved/restored when entering/exiting an EL2
|
||||
execution context. Default value is 0.
|
||||
|
||||
- ``CTX_INCLUDE_PAUTH_REGS``: Boolean option that, when set to 1, enables
|
||||
Pointer Authentication for Secure world. This will cause the ARMv8.3-PAuth
|
||||
registers to be included when saving and restoring the CPU context as
|
||||
part of world switch. Default value is 0.
|
||||
Note that Pointer Authentication is enabled for Non-secure world irrespective
|
||||
of the value of this flag if the CPU supports it.
|
||||
|
||||
- ``DEBUG``: Chooses between a debug and release build. It can take either 0
|
||||
(release) or 1 (debug) as values. 0 is the default.
|
||||
|
||||
- ``DECRYPTION_SUPPORT``: This build flag enables the user to select the
|
||||
authenticated decryption algorithm to be used to decrypt firmware/s during
|
||||
boot. It accepts 2 values: ``aes_gcm`` and ``none``. The default value of
|
||||
this flag is ``none`` to disable firmware decryption which is an optional
|
||||
feature as per TBBR.
|
||||
|
||||
- ``DISABLE_BIN_GENERATION``: Boolean option to disable the generation
|
||||
of the binary image. If set to 1, then only the ELF image is built.
|
||||
0 is the default.
|
||||
|
||||
- ``DISABLE_MTPMU``: Boolean option to disable FEAT_MTPMU if implemented
|
||||
(Armv8.6 onwards). Its default value is 0 to keep consistency with platforms
|
||||
that do not implement FEAT_MTPMU. For more information on FEAT_MTPMU,
|
||||
check the latest Arm ARM.
|
||||
|
||||
- ``DYN_DISABLE_AUTH``: Provides the capability to dynamically disable Trusted
|
||||
Board Boot authentication at runtime. This option is meant to be enabled only
|
||||
for development platforms. ``TRUSTED_BOARD_BOOT`` flag must be set if this
|
||||
flag has to be enabled. 0 is the default.
|
||||
|
||||
- ``E``: Boolean option to make warnings into errors. Default is 1.
|
||||
|
||||
- ``EL3_PAYLOAD_BASE``: This option enables booting an EL3 payload instead of
|
||||
the normal boot flow. It must specify the entry point address of the EL3
|
||||
payload. Please refer to the "Booting an EL3 payload" section for more
|
||||
details.
|
||||
|
||||
- ``ENABLE_AMU``: Boolean option to enable Activity Monitor Unit extensions.
|
||||
This is an optional architectural feature available on v8.4 onwards. Some
|
||||
v8.2 implementations also implement an AMU and this option can be used to
|
||||
enable this feature on those systems as well. Default is 0.
|
||||
|
||||
- ``ENABLE_AMU_AUXILIARY_COUNTERS``: Enables support for AMU auxiliary counters
|
||||
(also known as group 1 counters). These are implementation-defined counters,
|
||||
and as such require additional platform configuration. Default is 0.
|
||||
|
||||
- ``ENABLE_AMU_FCONF``: Enables configuration of the AMU through FCONF, which
|
||||
allows platforms with auxiliary counters to describe them via the
|
||||
``HW_CONFIG`` device tree blob. Default is 0.
|
||||
|
||||
- ``ENABLE_ASSERTIONS``: This option controls whether or not calls to ``assert()``
|
||||
are compiled out. For debug builds, this option defaults to 1, and calls to
|
||||
``assert()`` are left in place. For release builds, this option defaults to 0
|
||||
and calls to ``assert()`` function are compiled out. This option can be set
|
||||
independently of ``DEBUG``. It can also be used to hide any auxiliary code
|
||||
that is only required for the assertion and does not fit in the assertion
|
||||
itself.
|
||||
|
||||
- ``ENABLE_BACKTRACE``: This option controls whether to enable backtrace
|
||||
dumps or not. It is supported in both AArch64 and AArch32. However, in
|
||||
AArch32 the format of the frame records are not defined in the AAPCS and they
|
||||
are defined by the implementation. This implementation of backtrace only
|
||||
supports the format used by GCC when T32 interworking is disabled. For this
|
||||
reason enabling this option in AArch32 will force the compiler to only
|
||||
generate A32 code. This option is enabled by default only in AArch64 debug
|
||||
builds, but this behaviour can be overridden in each platform's Makefile or
|
||||
in the build command line.
|
||||
|
||||
- ``ENABLE_FEAT_AMUv1``: Boolean option to enable access to the HAFGRTR_EL2
|
||||
(Hypervisor Activity Monitors Fine-Grained Read Trap Register) during EL2
|
||||
to EL3 context save/restore operations. It is an optional feature available
|
||||
on v8.4 and onwards and must be set to 1 alongside ``ENABLE_FEAT_FGT``, to
|
||||
access the HAFGRTR_EL2 register. Defaults to ``0``.
|
||||
|
||||
- ``ENABLE_FEAT_ECV``: Boolean option to enable support for the Enhanced Counter
|
||||
Virtualization feature, allowing for access to the CNTPOFF_EL2 (Counter-timer
|
||||
Physical Offset register) during EL2 to EL3 context save/restore operations.
|
||||
Its a mandatory architectural feature in Armv8.6 and defaults to ``1`` for
|
||||
v8.6 or later CPUs.
|
||||
|
||||
- ``ENABLE_FEAT_FGT``: Boolean option to enable support for FGT (Fine Grain Traps)
|
||||
feature allowing for access to the HDFGRTR_EL2 (Hypervisor Debug Fine-Grained
|
||||
Read Trap Register) during EL2 to EL3 context save/restore operations.
|
||||
Its a mandatory architectural feature in Armv8.6 and defaults to ``1`` for
|
||||
v8.6 or later CPUs.
|
||||
|
||||
- ``ENABLE_FEAT_HCX``: This option sets the bit SCR_EL3.HXEn in EL3 to allow
|
||||
access to HCRX_EL2 (extended hypervisor control register) from EL2 as well as
|
||||
adding HCRX_EL2 to the EL2 context save/restore operations.
|
||||
|
||||
- ``ENABLE_LTO``: Boolean option to enable Link Time Optimization (LTO)
|
||||
support in GCC for TF-A. This option is currently only supported for
|
||||
AArch64. Default is 0.
|
||||
|
||||
- ``ENABLE_MPAM_FOR_LOWER_ELS``: Boolean option to enable lower ELs to use MPAM
|
||||
feature. MPAM is an optional Armv8.4 extension that enables various memory
|
||||
system components and resources to define partitions; software running at
|
||||
various ELs can assign themselves to desired partition to control their
|
||||
performance aspects.
|
||||
|
||||
When this option is set to ``1``, EL3 allows lower ELs to access their own
|
||||
MPAM registers without trapping into EL3. This option doesn't make use of
|
||||
partitioning in EL3, however. Platform initialisation code should configure
|
||||
and use partitions in EL3 as required. This option defaults to ``0``.
|
||||
|
||||
- ``ENABLE_MPMM``: Boolean option to enable support for the Maximum Power
|
||||
Mitigation Mechanism supported by certain Arm cores, which allows the SoC
|
||||
firmware to detect and limit high activity events to assist in SoC processor
|
||||
power domain dynamic power budgeting and limit the triggering of whole-rail
|
||||
(i.e. clock chopping) responses to overcurrent conditions. Defaults to ``0``.
|
||||
|
||||
- ``ENABLE_MPMM_FCONF``: Enables configuration of MPMM through FCONF, which
|
||||
allows platforms with cores supporting MPMM to describe them via the
|
||||
``HW_CONFIG`` device tree blob. Default is 0.
|
||||
|
||||
- ``ENABLE_PIE``: Boolean option to enable Position Independent Executable(PIE)
|
||||
support within generic code in TF-A. This option is currently only supported
|
||||
in BL2_AT_EL3, BL31, and BL32 (TSP) for AARCH64 binaries, and in BL32
|
||||
(SP_min) for AARCH32. Default is 0.
|
||||
|
||||
- ``ENABLE_PMF``: Boolean option to enable support for optional Performance
|
||||
Measurement Framework(PMF). Default is 0.
|
||||
|
||||
- ``ENABLE_PSCI_STAT``: Boolean option to enable support for optional PSCI
|
||||
functions ``PSCI_STAT_RESIDENCY`` and ``PSCI_STAT_COUNT``. Default is 0.
|
||||
In the absence of an alternate stat collection backend, ``ENABLE_PMF`` must
|
||||
be enabled. If ``ENABLE_PMF`` is set, the residency statistics are tracked in
|
||||
software.
|
||||
|
||||
- ``ENABLE_RME``: Boolean option to enable support for the ARMv9 Realm
|
||||
Management Extension. Default value is 0. This is currently an experimental
|
||||
feature.
|
||||
|
||||
- ``ENABLE_RUNTIME_INSTRUMENTATION``: Boolean option to enable runtime
|
||||
instrumentation which injects timestamp collection points into TF-A to
|
||||
allow runtime performance to be measured. Currently, only PSCI is
|
||||
instrumented. Enabling this option enables the ``ENABLE_PMF`` build option
|
||||
as well. Default is 0.
|
||||
|
||||
- ``ENABLE_SME_FOR_NS``: Boolean option to enable Scalable Matrix Extension
|
||||
(SME), SVE, and FPU/SIMD for the non-secure world only. These features share
|
||||
registers so are enabled together. Using this option without
|
||||
ENABLE_SME_FOR_SWD=1 will cause SME, SVE, and FPU/SIMD instructions in secure
|
||||
world to trap to EL3. SME is an optional architectural feature for AArch64
|
||||
and TF-A support is experimental. At this time, this build option cannot be
|
||||
used on systems that have SPD=spmd/SPM_MM or ENABLE_RME, and attempting to
|
||||
build with these options will fail. Default is 0.
|
||||
|
||||
- ``ENABLE_SME_FOR_SWD``: Boolean option to enable the Scalable Matrix
|
||||
Extension for secure world use along with SVE and FPU/SIMD, ENABLE_SME_FOR_NS
|
||||
must also be set to use this. If enabling this, the secure world MUST
|
||||
handle context switching for SME, SVE, and FPU/SIMD registers to ensure that
|
||||
no data is leaked to non-secure world. This is experimental. Default is 0.
|
||||
|
||||
- ``ENABLE_SPE_FOR_LOWER_ELS`` : Boolean option to enable Statistical Profiling
|
||||
extensions. This is an optional architectural feature for AArch64.
|
||||
The default is 1 but is automatically disabled when the target architecture
|
||||
is AArch32.
|
||||
|
||||
- ``ENABLE_SVE_FOR_NS``: Boolean option to enable Scalable Vector Extension
|
||||
(SVE) for the Non-secure world only. SVE is an optional architectural feature
|
||||
for AArch64. Note that when SVE is enabled for the Non-secure world, access
|
||||
to SIMD and floating-point functionality from the Secure world is disabled by
|
||||
default and controlled with ENABLE_SVE_FOR_SWD.
|
||||
This is to avoid corruption of the Non-secure world data in the Z-registers
|
||||
which are aliased by the SIMD and FP registers. The build option is not
|
||||
compatible with the ``CTX_INCLUDE_FPREGS`` build option, and will raise an
|
||||
assert on platforms where SVE is implemented and ``ENABLE_SVE_FOR_NS`` set to
|
||||
1. The default is 1 but is automatically disabled when ENABLE_SME_FOR_NS=1
|
||||
since SME encompasses SVE. At this time, this build option cannot be used on
|
||||
systems that have SPM_MM enabled.
|
||||
|
||||
- ``ENABLE_SVE_FOR_SWD``: Boolean option to enable SVE for the Secure world.
|
||||
SVE is an optional architectural feature for AArch64. Note that this option
|
||||
requires ENABLE_SVE_FOR_NS to be enabled. The default is 0 and it is
|
||||
automatically disabled when the target architecture is AArch32.
|
||||
|
||||
- ``ENABLE_STACK_PROTECTOR``: String option to enable the stack protection
|
||||
checks in GCC. Allowed values are "all", "strong", "default" and "none". The
|
||||
default value is set to "none". "strong" is the recommended stack protection
|
||||
level if this feature is desired. "none" disables the stack protection. For
|
||||
all values other than "none", the ``plat_get_stack_protector_canary()``
|
||||
platform hook needs to be implemented. The value is passed as the last
|
||||
component of the option ``-fstack-protector-$ENABLE_STACK_PROTECTOR``.
|
||||
|
||||
- ``ENCRYPT_BL31``: Binary flag to enable encryption of BL31 firmware. This
|
||||
flag depends on ``DECRYPTION_SUPPORT`` build flag.
|
||||
|
||||
- ``ENCRYPT_BL32``: Binary flag to enable encryption of Secure BL32 payload.
|
||||
This flag depends on ``DECRYPTION_SUPPORT`` build flag.
|
||||
|
||||
- ``ENC_KEY``: A 32-byte (256-bit) symmetric key in hex string format. It could
|
||||
either be SSK or BSSK depending on ``FW_ENC_STATUS`` flag. This value depends
|
||||
on ``DECRYPTION_SUPPORT`` build flag.
|
||||
|
||||
- ``ENC_NONCE``: A 12-byte (96-bit) encryption nonce or Initialization Vector
|
||||
(IV) in hex string format. This value depends on ``DECRYPTION_SUPPORT``
|
||||
build flag.
|
||||
|
||||
- ``ERROR_DEPRECATED``: This option decides whether to treat the usage of
|
||||
deprecated platform APIs, helper functions or drivers within Trusted
|
||||
Firmware as error. It can take the value 1 (flag the use of deprecated
|
||||
APIs as error) or 0. The default is 0.
|
||||
|
||||
- ``EL3_EXCEPTION_HANDLING``: When set to ``1``, enable handling of exceptions
|
||||
targeted at EL3. When set ``0`` (default), no exceptions are expected or
|
||||
handled at EL3, and a panic will result. This is supported only for AArch64
|
||||
builds.
|
||||
|
||||
- ``EVENT_LOG_LEVEL``: Chooses the log level to use for Measured Boot when
|
||||
``MEASURED_BOOT`` is enabled. For a list of valid values, see ``LOG_LEVEL``.
|
||||
Default value is 40 (LOG_LEVEL_INFO).
|
||||
|
||||
- ``FAULT_INJECTION_SUPPORT``: ARMv8.4 extensions introduced support for fault
|
||||
injection from lower ELs, and this build option enables lower ELs to use
|
||||
Error Records accessed via System Registers to inject faults. This is
|
||||
applicable only to AArch64 builds.
|
||||
|
||||
This feature is intended for testing purposes only, and is advisable to keep
|
||||
disabled for production images.
|
||||
|
||||
- ``FIP_NAME``: This is an optional build option which specifies the FIP
|
||||
filename for the ``fip`` target. Default is ``fip.bin``.
|
||||
|
||||
- ``FWU_FIP_NAME``: This is an optional build option which specifies the FWU
|
||||
FIP filename for the ``fwu_fip`` target. Default is ``fwu_fip.bin``.
|
||||
|
||||
- ``FW_ENC_STATUS``: Top level firmware's encryption numeric flag, values:
|
||||
|
||||
::
|
||||
|
||||
0: Encryption is done with Secret Symmetric Key (SSK) which is common
|
||||
for a class of devices.
|
||||
1: Encryption is done with Binding Secret Symmetric Key (BSSK) which is
|
||||
unique per device.
|
||||
|
||||
This flag depends on ``DECRYPTION_SUPPORT`` build flag.
|
||||
|
||||
- ``GENERATE_COT``: Boolean flag used to build and execute the ``cert_create``
|
||||
tool to create certificates as per the Chain of Trust described in
|
||||
:ref:`Trusted Board Boot`. The build system then calls ``fiptool`` to
|
||||
include the certificates in the FIP and FWU_FIP. Default value is '0'.
|
||||
|
||||
Specify both ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=1`` to include support
|
||||
for the Trusted Board Boot feature in the BL1 and BL2 images, to generate
|
||||
the corresponding certificates, and to include those certificates in the
|
||||
FIP and FWU_FIP.
|
||||
|
||||
Note that if ``TRUSTED_BOARD_BOOT=0`` and ``GENERATE_COT=1``, the BL1 and BL2
|
||||
images will not include support for Trusted Board Boot. The FIP will still
|
||||
include the corresponding certificates. This FIP can be used to verify the
|
||||
Chain of Trust on the host machine through other mechanisms.
|
||||
|
||||
Note that if ``TRUSTED_BOARD_BOOT=1`` and ``GENERATE_COT=0``, the BL1 and BL2
|
||||
images will include support for Trusted Board Boot, but the FIP and FWU_FIP
|
||||
will not include the corresponding certificates, causing a boot failure.
|
||||
|
||||
- ``GICV2_G0_FOR_EL3``: Unlike GICv3, the GICv2 architecture doesn't have
|
||||
inherent support for specific EL3 type interrupts. Setting this build option
|
||||
to ``1`` assumes GICv2 *Group 0* interrupts are expected to target EL3, both
|
||||
by :ref:`platform abstraction layer<platform Interrupt Controller API>` and
|
||||
:ref:`Interrupt Management Framework<Interrupt Management Framework>`.
|
||||
This allows GICv2 platforms to enable features requiring EL3 interrupt type.
|
||||
This also means that all GICv2 Group 0 interrupts are delivered to EL3, and
|
||||
the Secure Payload interrupts needs to be synchronously handed over to Secure
|
||||
EL1 for handling. The default value of this option is ``0``, which means the
|
||||
Group 0 interrupts are assumed to be handled by Secure EL1.
|
||||
|
||||
- ``HANDLE_EA_EL3_FIRST``: When set to ``1``, External Aborts and SError
|
||||
Interrupts will be always trapped in EL3 i.e. in BL31 at runtime. When set to
|
||||
``0`` (default), these exceptions will be trapped in the current exception
|
||||
level (or in EL1 if the current exception level is EL0).
|
||||
|
||||
- ``HW_ASSISTED_COHERENCY``: On most Arm systems to-date, platform-specific
|
||||
software operations are required for CPUs to enter and exit coherency.
|
||||
However, newer systems exist where CPUs' entry to and exit from coherency
|
||||
is managed in hardware. Such systems require software to only initiate these
|
||||
operations, and the rest is managed in hardware, minimizing active software
|
||||
management. In such systems, this boolean option enables TF-A to carry out
|
||||
build and run-time optimizations during boot and power management operations.
|
||||
This option defaults to 0 and if it is enabled, then it implies
|
||||
``WARMBOOT_ENABLE_DCACHE_EARLY`` is also enabled.
|
||||
|
||||
If this flag is disabled while the platform which TF-A is compiled for
|
||||
includes cores that manage coherency in hardware, then a compilation error is
|
||||
generated. This is based on the fact that a system cannot have, at the same
|
||||
time, cores that manage coherency in hardware and cores that don't. In other
|
||||
words, a platform cannot have, at the same time, cores that require
|
||||
``HW_ASSISTED_COHERENCY=1`` and cores that require
|
||||
``HW_ASSISTED_COHERENCY=0``.
|
||||
|
||||
Note that, when ``HW_ASSISTED_COHERENCY`` is enabled, version 2 of
|
||||
translation library (xlat tables v2) must be used; version 1 of translation
|
||||
library is not supported.
|
||||
|
||||
- ``INVERTED_MEMMAP``: memmap tool print by default lower addresses at the
|
||||
bottom, higher addresses at the top. This build flag can be set to '1' to
|
||||
invert this behavior. Lower addresses will be printed at the top and higher
|
||||
addresses at the bottom.
|
||||
|
||||
- ``JUNO_AARCH32_EL3_RUNTIME``: This build flag enables you to execute EL3
|
||||
runtime software in AArch32 mode, which is required to run AArch32 on Juno.
|
||||
By default this flag is set to '0'. Enabling this flag builds BL1 and BL2 in
|
||||
AArch64 and facilitates the loading of ``SP_MIN`` and BL33 as AArch32 executable
|
||||
images.
|
||||
|
||||
- ``KEY_ALG``: This build flag enables the user to select the algorithm to be
|
||||
used for generating the PKCS keys and subsequent signing of the certificate.
|
||||
It accepts 3 values: ``rsa``, ``rsa_1_5`` and ``ecdsa``. The option
|
||||
``rsa_1_5`` is the legacy PKCS#1 RSA 1.5 algorithm which is not TBBR
|
||||
compliant and is retained only for compatibility. The default value of this
|
||||
flag is ``rsa`` which is the TBBR compliant PKCS#1 RSA 2.1 scheme.
|
||||
|
||||
- ``KEY_SIZE``: This build flag enables the user to select the key size for
|
||||
the algorithm specified by ``KEY_ALG``. The valid values for ``KEY_SIZE``
|
||||
depend on the chosen algorithm and the cryptographic module.
|
||||
|
||||
+-----------+------------------------------------+
|
||||
| KEY_ALG | Possible key sizes |
|
||||
+===========+====================================+
|
||||
| rsa | 1024 , 2048 (default), 3072, 4096* |
|
||||
+-----------+------------------------------------+
|
||||
| ecdsa | unavailable |
|
||||
+-----------+------------------------------------+
|
||||
|
||||
* Only 2048 bits size is available with CryptoCell 712 SBROM release 1.
|
||||
Only 3072 bits size is available with CryptoCell 712 SBROM release 2.
|
||||
|
||||
- ``HASH_ALG``: This build flag enables the user to select the secure hash
|
||||
algorithm. It accepts 3 values: ``sha256``, ``sha384`` and ``sha512``.
|
||||
The default value of this flag is ``sha256``.
|
||||
|
||||
- ``LDFLAGS``: Extra user options appended to the linkers' command line in
|
||||
addition to the one set by the build system.
|
||||
|
||||
- ``LOG_LEVEL``: Chooses the log level, which controls the amount of console log
|
||||
output compiled into the build. This should be one of the following:
|
||||
|
||||
::
|
||||
|
||||
0 (LOG_LEVEL_NONE)
|
||||
10 (LOG_LEVEL_ERROR)
|
||||
20 (LOG_LEVEL_NOTICE)
|
||||
30 (LOG_LEVEL_WARNING)
|
||||
40 (LOG_LEVEL_INFO)
|
||||
50 (LOG_LEVEL_VERBOSE)
|
||||
|
||||
All log output up to and including the selected log level is compiled into
|
||||
the build. The default value is 40 in debug builds and 20 in release builds.
|
||||
|
||||
- ``MEASURED_BOOT``: Boolean flag to include support for the Measured Boot
|
||||
feature. This flag can be enabled with ``TRUSTED_BOARD_BOOT`` in order to
|
||||
provide trust that the code taking the measurements and recording them has
|
||||
not been tampered with.
|
||||
|
||||
This option defaults to 0.
|
||||
|
||||
- ``NON_TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
|
||||
specifies the file that contains the Non-Trusted World private key in PEM
|
||||
format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
|
||||
|
||||
- ``NS_BL2U``: Path to NS_BL2U image in the host file system. This image is
|
||||
optional. It is only needed if the platform makefile specifies that it
|
||||
is required in order to build the ``fwu_fip`` target.
|
||||
|
||||
- ``NS_TIMER_SWITCH``: Enable save and restore for non-secure timer register
|
||||
contents upon world switch. It can take either 0 (don't save and restore) or
|
||||
1 (do save and restore). 0 is the default. An SPD may set this to 1 if it
|
||||
wants the timer registers to be saved and restored.
|
||||
|
||||
- ``OVERRIDE_LIBC``: This option allows platforms to override the default libc
|
||||
for the BL image. It can be either 0 (include) or 1 (remove). The default
|
||||
value is 0.
|
||||
|
||||
- ``PL011_GENERIC_UART``: Boolean option to indicate the PL011 driver that
|
||||
the underlying hardware is not a full PL011 UART but a minimally compliant
|
||||
generic UART, which is a subset of the PL011. The driver will not access
|
||||
any register that is not part of the SBSA generic UART specification.
|
||||
Default value is 0 (a full PL011 compliant UART is present).
|
||||
|
||||
- ``PLAT``: Choose a platform to build TF-A for. The chosen platform name
|
||||
must be subdirectory of any depth under ``plat/``, and must contain a
|
||||
platform makefile named ``platform.mk``. For example, to build TF-A for the
|
||||
Arm Juno board, select PLAT=juno.
|
||||
|
||||
- ``PRELOADED_BL33_BASE``: This option enables booting a preloaded BL33 image
|
||||
instead of the normal boot flow. When defined, it must specify the entry
|
||||
point address for the preloaded BL33 image. This option is incompatible with
|
||||
``EL3_PAYLOAD_BASE``. If both are defined, ``EL3_PAYLOAD_BASE`` has priority
|
||||
over ``PRELOADED_BL33_BASE``.
|
||||
|
||||
- ``PROGRAMMABLE_RESET_ADDRESS``: This option indicates whether the reset
|
||||
vector address can be programmed or is fixed on the platform. It can take
|
||||
either 0 (fixed) or 1 (programmable). Default is 0. If the platform has a
|
||||
programmable reset address, it is expected that a CPU will start executing
|
||||
code directly at the right address, both on a cold and warm reset. In this
|
||||
case, there is no need to identify the entrypoint on boot and the boot path
|
||||
can be optimised. The ``plat_get_my_entrypoint()`` platform porting interface
|
||||
does not need to be implemented in this case.
|
||||
|
||||
- ``PSCI_EXTENDED_STATE_ID``: As per PSCI1.0 Specification, there are 2 formats
|
||||
possible for the PSCI power-state parameter: original and extended State-ID
|
||||
formats. This flag if set to 1, configures the generic PSCI layer to use the
|
||||
extended format. The default value of this flag is 0, which means by default
|
||||
the original power-state format is used by the PSCI implementation. This flag
|
||||
should be specified by the platform makefile and it governs the return value
|
||||
of PSCI_FEATURES API for CPU_SUSPEND smc function id. When this option is
|
||||
enabled on Arm platforms, the option ``ARM_RECOM_STATE_ID_ENC`` needs to be
|
||||
set to 1 as well.
|
||||
|
||||
- ``RAS_EXTENSION``: When set to ``1``, enable Armv8.2 RAS features. RAS features
|
||||
are an optional extension for pre-Armv8.2 CPUs, but are mandatory for Armv8.2
|
||||
or later CPUs.
|
||||
|
||||
When ``RAS_EXTENSION`` is set to ``1``, ``HANDLE_EA_EL3_FIRST`` must also be
|
||||
set to ``1``.
|
||||
|
||||
This option is disabled by default.
|
||||
|
||||
- ``RESET_TO_BL31``: Enable BL31 entrypoint as the CPU reset vector instead
|
||||
of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
|
||||
entrypoint) or 1 (CPU reset to BL31 entrypoint).
|
||||
The default value is 0.
|
||||
|
||||
- ``RESET_TO_SP_MIN``: SP_MIN is the minimal AArch32 Secure Payload provided
|
||||
in TF-A. This flag configures SP_MIN entrypoint as the CPU reset vector
|
||||
instead of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
|
||||
entrypoint) or 1 (CPU reset to SP_MIN entrypoint). The default value is 0.
|
||||
|
||||
- ``ROT_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
|
||||
file that contains the ROT private key in PEM format and enforces public key
|
||||
hash generation. If ``SAVE_KEYS=1``, this
|
||||
file name will be used to save the key.
|
||||
|
||||
- ``SAVE_KEYS``: This option is used when ``GENERATE_COT=1``. It tells the
|
||||
certificate generation tool to save the keys used to establish the Chain of
|
||||
Trust. Allowed options are '0' or '1'. Default is '0' (do not save).
|
||||
|
||||
- ``SCP_BL2``: Path to SCP_BL2 image in the host file system. This image is optional.
|
||||
If a SCP_BL2 image is present then this option must be passed for the ``fip``
|
||||
target.
|
||||
|
||||
- ``SCP_BL2_KEY``: This option is used when ``GENERATE_COT=1``. It specifies the
|
||||
file that contains the SCP_BL2 private key in PEM format. If ``SAVE_KEYS=1``,
|
||||
this file name will be used to save the key.
|
||||
|
||||
- ``SCP_BL2U``: Path to SCP_BL2U image in the host file system. This image is
|
||||
optional. It is only needed if the platform makefile specifies that it
|
||||
is required in order to build the ``fwu_fip`` target.
|
||||
|
||||
- ``SDEI_SUPPORT``: Setting this to ``1`` enables support for Software
|
||||
Delegated Exception Interface to BL31 image. This defaults to ``0``.
|
||||
|
||||
When set to ``1``, the build option ``EL3_EXCEPTION_HANDLING`` must also be
|
||||
set to ``1``.
|
||||
|
||||
- ``SEPARATE_CODE_AND_RODATA``: Whether code and read-only data should be
|
||||
isolated on separate memory pages. This is a trade-off between security and
|
||||
memory usage. See "Isolating code and read-only data on separate memory
|
||||
pages" section in :ref:`Firmware Design`. This flag is disabled by default
|
||||
and affects all BL images.
|
||||
|
||||
- ``SEPARATE_NOBITS_REGION``: Setting this option to ``1`` allows the NOBITS
|
||||
sections of BL31 (.bss, stacks, page tables, and coherent memory) to be
|
||||
allocated in RAM discontiguous from the loaded firmware image. When set, the
|
||||
platform is expected to provide definitions for ``BL31_NOBITS_BASE`` and
|
||||
``BL31_NOBITS_LIMIT``. When the option is ``0`` (the default), NOBITS
|
||||
sections are placed in RAM immediately following the loaded firmware image.
|
||||
|
||||
- ``SEPARATE_BL2_NOLOAD_REGION``: Setting this option to ``1`` allows the
|
||||
NOLOAD sections of BL2 (.bss, stacks, page tables) to be allocated in RAM
|
||||
discontiguous from loaded firmware images. When set, the platform need to
|
||||
provide definitions of ``BL2_NOLOAD_START`` and ``BL2_NOLOAD_LIMIT``. This
|
||||
flag is disabled by default and NOLOAD sections are placed in RAM immediately
|
||||
following the loaded firmware image.
|
||||
|
||||
- ``SMC_PCI_SUPPORT``: This option allows platforms to handle PCI configuration
|
||||
access requests via a standard SMCCC defined in `DEN0115`_. When combined with
|
||||
UEFI+ACPI this can provide a certain amount of OS forward compatibility
|
||||
with newer platforms that aren't ECAM compliant.
|
||||
|
||||
- ``SPD``: Choose a Secure Payload Dispatcher component to be built into TF-A.
|
||||
This build option is only valid if ``ARCH=aarch64``. The value should be
|
||||
the path to the directory containing the SPD source, relative to
|
||||
``services/spd/``; the directory is expected to contain a makefile called
|
||||
``<spd-value>.mk``. The SPM Dispatcher standard service is located in
|
||||
services/std_svc/spmd and enabled by ``SPD=spmd``. The SPM Dispatcher
|
||||
cannot be enabled when the ``SPM_MM`` option is enabled.
|
||||
|
||||
- ``SPIN_ON_BL1_EXIT``: This option introduces an infinite loop in BL1. It can
|
||||
take either 0 (no loop) or 1 (add a loop). 0 is the default. This loop stops
|
||||
execution in BL1 just before handing over to BL31. At this point, all
|
||||
firmware images have been loaded in memory, and the MMU and caches are
|
||||
turned off. Refer to the "Debugging options" section for more details.
|
||||
|
||||
- ``SPMD_SPM_AT_SEL2`` : this boolean option is used jointly with the SPM
|
||||
Dispatcher option (``SPD=spmd``). When enabled (1) it indicates the SPMC
|
||||
component runs at the S-EL2 execution state provided by the Armv8.4-SecEL2
|
||||
extension. This is the default when enabling the SPM Dispatcher. When
|
||||
disabled (0) it indicates the SPMC component runs at the S-EL1 execution
|
||||
state. This latter configuration supports pre-Armv8.4 platforms (aka not
|
||||
implementing the Armv8.4-SecEL2 extension).
|
||||
|
||||
- ``SPM_MM`` : Boolean option to enable the Management Mode (MM)-based Secure
|
||||
Partition Manager (SPM) implementation. The default value is ``0``
|
||||
(disabled). This option cannot be enabled (``1``) when SPM Dispatcher is
|
||||
enabled (``SPD=spmd``).
|
||||
|
||||
- ``SP_LAYOUT_FILE``: Platform provided path to JSON file containing the
|
||||
description of secure partitions. The build system will parse this file and
|
||||
package all secure partition blobs into the FIP. This file is not
|
||||
necessarily part of TF-A tree. Only available when ``SPD=spmd``.
|
||||
|
||||
- ``SP_MIN_WITH_SECURE_FIQ``: Boolean flag to indicate the SP_MIN handles
|
||||
secure interrupts (caught through the FIQ line). Platforms can enable
|
||||
this directive if they need to handle such interruption. When enabled,
|
||||
the FIQ are handled in monitor mode and non secure world is not allowed
|
||||
to mask these events. Platforms that enable FIQ handling in SP_MIN shall
|
||||
implement the api ``sp_min_plat_fiq_handler()``. The default value is 0.
|
||||
|
||||
- ``TRUSTED_BOARD_BOOT``: Boolean flag to include support for the Trusted Board
|
||||
Boot feature. When set to '1', BL1 and BL2 images include support to load
|
||||
and verify the certificates and images in a FIP, and BL1 includes support
|
||||
for the Firmware Update. The default value is '0'. Generation and inclusion
|
||||
of certificates in the FIP and FWU_FIP depends upon the value of the
|
||||
``GENERATE_COT`` option.
|
||||
|
||||
.. warning::
|
||||
This option depends on ``CREATE_KEYS`` to be enabled. If the keys
|
||||
already exist in disk, they will be overwritten without further notice.
|
||||
|
||||
- ``TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
|
||||
specifies the file that contains the Trusted World private key in PEM
|
||||
format. If ``SAVE_KEYS=1``, this file name will be used to save the key.
|
||||
|
||||
- ``TSP_INIT_ASYNC``: Choose BL32 initialization method as asynchronous or
|
||||
synchronous, (see "Initializing a BL32 Image" section in
|
||||
:ref:`Firmware Design`). It can take the value 0 (BL32 is initialized using
|
||||
synchronous method) or 1 (BL32 is initialized using asynchronous method).
|
||||
Default is 0.
|
||||
|
||||
- ``TSP_NS_INTR_ASYNC_PREEMPT``: A non zero value enables the interrupt
|
||||
routing model which routes non-secure interrupts asynchronously from TSP
|
||||
to EL3 causing immediate preemption of TSP. The EL3 is responsible
|
||||
for saving and restoring the TSP context in this routing model. The
|
||||
default routing model (when the value is 0) is to route non-secure
|
||||
interrupts to TSP allowing it to save its context and hand over
|
||||
synchronously to EL3 via an SMC.
|
||||
|
||||
.. note::
|
||||
When ``EL3_EXCEPTION_HANDLING`` is ``1``, ``TSP_NS_INTR_ASYNC_PREEMPT``
|
||||
must also be set to ``1``.
|
||||
|
||||
- ``USE_ARM_LINK``: This flag determines whether to enable support for ARM
|
||||
linker. When the ``LINKER`` build variable points to the armlink linker,
|
||||
this flag is enabled automatically. To enable support for armlink, platforms
|
||||
will have to provide a scatter file for the BL image. Currently, Tegra
|
||||
platforms use the armlink support to compile BL3-1 images.
|
||||
|
||||
- ``USE_COHERENT_MEM``: This flag determines whether to include the coherent
|
||||
memory region in the BL memory map or not (see "Use of Coherent memory in
|
||||
TF-A" section in :ref:`Firmware Design`). It can take the value 1
|
||||
(Coherent memory region is included) or 0 (Coherent memory region is
|
||||
excluded). Default is 1.
|
||||
|
||||
- ``USE_DEBUGFS``: When set to 1 this option activates an EXPERIMENTAL feature
|
||||
exposing a virtual filesystem interface through BL31 as a SiP SMC function.
|
||||
Default is 0.
|
||||
|
||||
- ``ARM_IO_IN_DTB``: This flag determines whether to use IO based on the
|
||||
firmware configuration framework. This will move the io_policies into a
|
||||
configuration device tree, instead of static structure in the code base.
|
||||
|
||||
- ``COT_DESC_IN_DTB``: This flag determines whether to create COT descriptors
|
||||
at runtime using fconf. If this flag is enabled, COT descriptors are
|
||||
statically captured in tb_fw_config file in the form of device tree nodes
|
||||
and properties. Currently, COT descriptors used by BL2 are moved to the
|
||||
device tree and COT descriptors used by BL1 are retained in the code
|
||||
base statically.
|
||||
|
||||
- ``SDEI_IN_FCONF``: This flag determines whether to configure SDEI setup in
|
||||
runtime using firmware configuration framework. The platform specific SDEI
|
||||
shared and private events configuration is retrieved from device tree rather
|
||||
than static C structures at compile time. This is only supported if
|
||||
SDEI_SUPPORT build flag is enabled.
|
||||
|
||||
- ``SEC_INT_DESC_IN_FCONF``: This flag determines whether to configure Group 0
|
||||
and Group1 secure interrupts using the firmware configuration framework. The
|
||||
platform specific secure interrupt property descriptor is retrieved from
|
||||
device tree in runtime rather than depending on static C structure at compile
|
||||
time.
|
||||
|
||||
- ``USE_ROMLIB``: This flag determines whether library at ROM will be used.
|
||||
This feature creates a library of functions to be placed in ROM and thus
|
||||
reduces SRAM usage. Refer to :ref:`Library at ROM` for further details. Default
|
||||
is 0.
|
||||
|
||||
- ``V``: Verbose build. If assigned anything other than 0, the build commands
|
||||
are printed. Default is 0.
|
||||
|
||||
- ``VERSION_STRING``: String used in the log output for each TF-A image.
|
||||
Defaults to a string formed by concatenating the version number, build type
|
||||
and build string.
|
||||
|
||||
- ``W``: Warning level. Some compiler warning options of interest have been
|
||||
regrouped and put in the root Makefile. This flag can take the values 0 to 3,
|
||||
each level enabling more warning options. Default is 0.
|
||||
|
||||
- ``WARMBOOT_ENABLE_DCACHE_EARLY`` : Boolean option to enable D-cache early on
|
||||
the CPU after warm boot. This is applicable for platforms which do not
|
||||
require interconnect programming to enable cache coherency (eg: single
|
||||
cluster platforms). If this option is enabled, then warm boot path
|
||||
enables D-caches immediately after enabling MMU. This option defaults to 0.
|
||||
|
||||
- ``SUPPORT_STACK_MEMTAG``: This flag determines whether to enable memory
|
||||
tagging for stack or not. It accepts 2 values: ``yes`` and ``no``. The
|
||||
default value of this flag is ``no``. Note this option must be enabled only
|
||||
for ARM architecture greater than Armv8.5-A.
|
||||
|
||||
- ``ERRATA_SPECULATIVE_AT``: This flag determines whether to enable ``AT``
|
||||
speculative errata workaround or not. It accepts 2 values: ``1`` and ``0``.
|
||||
The default value of this flag is ``0``.
|
||||
|
||||
``AT`` speculative errata workaround disables stage1 page table walk for
|
||||
lower ELs (EL1 and EL0) in EL3 so that ``AT`` speculative fetch at any point
|
||||
produces either the correct result or failure without TLB allocation.
|
||||
|
||||
This boolean option enables errata for all below CPUs.
|
||||
|
||||
+---------+--------------+-------------------------+
|
||||
| Errata | CPU | Workaround Define |
|
||||
+=========+==============+=========================+
|
||||
| 1165522 | Cortex-A76 | ``ERRATA_A76_1165522`` |
|
||||
+---------+--------------+-------------------------+
|
||||
| 1319367 | Cortex-A72 | ``ERRATA_A72_1319367`` |
|
||||
+---------+--------------+-------------------------+
|
||||
| 1319537 | Cortex-A57 | ``ERRATA_A57_1319537`` |
|
||||
+---------+--------------+-------------------------+
|
||||
| 1530923 | Cortex-A55 | ``ERRATA_A55_1530923`` |
|
||||
+---------+--------------+-------------------------+
|
||||
| 1530924 | Cortex-A53 | ``ERRATA_A53_1530924`` |
|
||||
+---------+--------------+-------------------------+
|
||||
|
||||
.. note::
|
||||
This option is enabled by build only if platform sets any of above defines
|
||||
mentioned in ’Workaround Define' column in the table.
|
||||
If this option is enabled for the EL3 software then EL2 software also must
|
||||
implement this workaround due to the behaviour of the errata mentioned
|
||||
in new SDEN document which will get published soon.
|
||||
|
||||
- ``RAS_TRAP_LOWER_EL_ERR_ACCESS``: This flag enables/disables the SCR_EL3.TERR
|
||||
bit, to trap access to the RAS ERR and RAS ERX registers from lower ELs.
|
||||
This flag is disabled by default.
|
||||
|
||||
- ``OPENSSL_DIR``: This flag is used to provide the installed openssl directory
|
||||
path on the host machine which is used to build certificate generation and
|
||||
firmware encryption tool.
|
||||
|
||||
- ``USE_SP804_TIMER``: Use the SP804 timer instead of the Generic Timer for
|
||||
functions that wait for an arbitrary time length (udelay and mdelay). The
|
||||
default value is 0.
|
||||
|
||||
- ``ENABLE_TRBE_FOR_NS``: This flag is used to enable access of trace buffer
|
||||
control registers from NS ELs, NS-EL2 or NS-EL1(when NS-EL2 is implemented
|
||||
but unused) when FEAT_TRBE is implemented. TRBE is an optional architectural
|
||||
feature for AArch64. The default is 0 and it is automatically disabled when
|
||||
the target architecture is AArch32.
|
||||
|
||||
- ``ENABLE_SYS_REG_TRACE_FOR_NS``: Boolean option to enable trace system
|
||||
registers access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented
|
||||
but unused). This feature is available if trace unit such as ETMv4.x, and
|
||||
ETE(extending ETM feature) is implemented. This flag is disabled by default.
|
||||
|
||||
- ``ENABLE_TRF_FOR_NS``: Boolean option to enable trace filter control registers
|
||||
access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented but unused),
|
||||
if FEAT_TRF is implemented. This flag is disabled by default.
|
||||
|
||||
GICv3 driver options
|
||||
--------------------
|
||||
|
||||
GICv3 driver files are included using directive:
|
||||
|
||||
``include drivers/arm/gic/v3/gicv3.mk``
|
||||
|
||||
The driver can be configured with the following options set in the platform
|
||||
makefile:
|
||||
|
||||
- ``GICV3_SUPPORT_GIC600``: Add support for the GIC-600 variants of GICv3.
|
||||
Enabling this option will add runtime detection support for the
|
||||
GIC-600, so is safe to select even for a GIC500 implementation.
|
||||
This option defaults to 0.
|
||||
|
||||
- ``GICV3_SUPPORT_GIC600AE_FMU``: Add support for the Fault Management Unit
|
||||
for GIC-600 AE. Enabling this option will introduce support to initialize
|
||||
the FMU. Platforms should call the init function during boot to enable the
|
||||
FMU and its safety mechanisms. This option defaults to 0.
|
||||
|
||||
- ``GICV3_IMPL_GIC600_MULTICHIP``: Selects GIC-600 variant with multichip
|
||||
functionality. This option defaults to 0
|
||||
|
||||
- ``GICV3_OVERRIDE_DISTIF_PWR_OPS``: Allows override of default implementation
|
||||
of ``arm_gicv3_distif_pre_save`` and ``arm_gicv3_distif_post_restore``
|
||||
functions. This is required for FVP platform which need to simulate GIC save
|
||||
and restore during SYSTEM_SUSPEND without powering down GIC. Default is 0.
|
||||
|
||||
- ``GIC_ENABLE_V4_EXTN`` : Enables GICv4 related changes in GICv3 driver.
|
||||
This option defaults to 0.
|
||||
|
||||
- ``GIC_EXT_INTID``: When set to ``1``, GICv3 driver will support extended
|
||||
PPI (1056-1119) and SPI (4096-5119) range. This option defaults to 0.
|
||||
|
||||
Debugging options
|
||||
-----------------
|
||||
|
||||
To compile a debug version and make the build more verbose use
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> DEBUG=1 V=1 all
|
||||
|
||||
AArch64 GCC uses DWARF version 4 debugging symbols by default. Some tools (for
|
||||
example DS-5) might not support this and may need an older version of DWARF
|
||||
symbols to be emitted by GCC. This can be achieved by using the
|
||||
``-gdwarf-<version>`` flag, with the version being set to 2 or 3. Setting the
|
||||
version to 2 is recommended for DS-5 versions older than 5.16.
|
||||
|
||||
When debugging logic problems it might also be useful to disable all compiler
|
||||
optimizations by using ``-O0``.
|
||||
|
||||
.. warning::
|
||||
Using ``-O0`` could cause output images to be larger and base addresses
|
||||
might need to be recalculated (see the **Memory layout on Arm development
|
||||
platforms** section in the :ref:`Firmware Design`).
|
||||
|
||||
Extra debug options can be passed to the build system by setting ``CFLAGS`` or
|
||||
``LDFLAGS``:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CFLAGS='-O0 -gdwarf-2' \
|
||||
make PLAT=<platform> DEBUG=1 V=1 all
|
||||
|
||||
Note that using ``-Wl,`` style compilation driver options in ``CFLAGS`` will be
|
||||
ignored as the linker is called directly.
|
||||
|
||||
It is also possible to introduce an infinite loop to help in debugging the
|
||||
post-BL2 phase of TF-A. This can be done by rebuilding BL1 with the
|
||||
``SPIN_ON_BL1_EXIT=1`` build flag. Refer to the :ref:`build_options_common`
|
||||
section. In this case, the developer may take control of the target using a
|
||||
debugger when indicated by the console output. When using DS-5, the following
|
||||
commands can be used:
|
||||
|
||||
::
|
||||
|
||||
# Stop target execution
|
||||
interrupt
|
||||
|
||||
#
|
||||
# Prepare your debugging environment, e.g. set breakpoints
|
||||
#
|
||||
|
||||
# Jump over the debug loop
|
||||
set var $AARCH64::$Core::$PC = $AARCH64::$Core::$PC + 4
|
||||
|
||||
# Resume execution
|
||||
continue
|
||||
|
||||
Firmware update options
|
||||
-----------------------
|
||||
|
||||
- ``NR_OF_FW_BANKS``: Define the number of firmware banks. This flag is used
|
||||
in defining the firmware update metadata structure. This flag is by default
|
||||
set to '2'.
|
||||
|
||||
- ``NR_OF_IMAGES_IN_FW_BANK``: Define the number of firmware images in each
|
||||
firmware bank. Each firmware bank must have the same number of images as per
|
||||
the `PSA FW update specification`_.
|
||||
This flag is used in defining the firmware update metadata structure. This
|
||||
flag is by default set to '1'.
|
||||
|
||||
- ``PSA_FWU_SUPPORT``: Enable the firmware update mechanism as per the
|
||||
`PSA FW update specification`_. The default value is 0, and this is an
|
||||
experimental feature.
|
||||
PSA firmware update implementation has some limitations, such as BL2 is
|
||||
not part of the protocol-updatable images, if BL2 needs to be updated, then
|
||||
it should be done through another platform-defined mechanism, and it assumes
|
||||
that the platform's hardware supports CRC32 instructions.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _DEN0115: https://developer.arm.com/docs/den0115/latest
|
||||
.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/a/
|
||||
115
arm-trusted-firmware/docs/getting_started/docs-build.rst
Normal file
115
arm-trusted-firmware/docs/getting_started/docs-build.rst
Normal file
@@ -0,0 +1,115 @@
|
||||
Building Documentation
|
||||
======================
|
||||
|
||||
To create a rendered copy of this documentation locally you can use the
|
||||
`Sphinx`_ tool to build and package the plain-text documents into HTML-formatted
|
||||
pages.
|
||||
|
||||
If you are building the documentation for the first time then you will need to
|
||||
check that you have the required software packages, as described in the
|
||||
*Prerequisites* section that follows.
|
||||
|
||||
.. note::
|
||||
An online copy of the documentation is available at
|
||||
https://www.trustedfirmware.org/docs/tf-a, if you want to view a rendered
|
||||
copy without doing a local build.
|
||||
|
||||
Prerequisites
|
||||
-------------
|
||||
|
||||
For building a local copy of the |TF-A| documentation you will need, at minimum:
|
||||
|
||||
- Python 3 (3.5 or later)
|
||||
- PlantUML (1.2017.15 or later)
|
||||
|
||||
Optionally, the `Dia`_ application can be installed if you need to edit
|
||||
existing ``.dia`` diagram files, or create new ones.
|
||||
|
||||
You must also install the Python modules that are specified in the
|
||||
``requirements.txt`` file in the root of the ``docs`` directory. These modules
|
||||
can be installed using ``pip3`` (the Python Package Installer). Passing this
|
||||
requirements file as an argument to ``pip3`` automatically installs the specific
|
||||
module versions required by |TF-A|.
|
||||
|
||||
An example set of installation commands for Ubuntu 18.04 LTS follows, assuming
|
||||
that the working directory is ``docs``:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install python3 python3-pip plantuml [dia]
|
||||
pip3 install [--user] -r requirements.txt
|
||||
|
||||
.. note::
|
||||
Several other modules will be installed as dependencies. Please review
|
||||
the list to ensure that there will be no conflicts with other modules already
|
||||
installed in your environment.
|
||||
|
||||
Passing the optional ``--user`` argument to ``pip3`` will install the Python
|
||||
packages only for the current user. Omitting this argument will attempt to
|
||||
install the packages globally and this will likely require the command to be run
|
||||
as root or using ``sudo``.
|
||||
|
||||
.. note::
|
||||
More advanced usage instructions for *pip* are beyond the scope of this
|
||||
document but you can refer to the `pip homepage`_ for detailed guides.
|
||||
|
||||
Building rendered documentation
|
||||
-------------------------------
|
||||
|
||||
Documents can be built into HTML-formatted pages from project root directory by
|
||||
running the following command.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make doc
|
||||
|
||||
Output from the build process will be placed in:
|
||||
|
||||
::
|
||||
|
||||
docs/build/html
|
||||
|
||||
We also support building documentation in other formats. From the ``docs``
|
||||
directory of the project, run the following command to see the supported
|
||||
formats. It is important to note that you will not get the correct result if
|
||||
the command is run from the project root directory, as that would invoke the
|
||||
top-level Makefile for |TF-A| itself.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make help
|
||||
|
||||
Building rendered documentation from a container
|
||||
------------------------------------------------
|
||||
|
||||
There may be cases where you can not either install or upgrade required
|
||||
dependencies to generate the documents, so in this case, one way to
|
||||
create the documentation is through a docker container. The first step is
|
||||
to check if `docker`_ is installed in your host, otherwise check main docker
|
||||
page for installation instructions. Once installed, run the following script
|
||||
from project root directory
|
||||
|
||||
.. code:: shell
|
||||
|
||||
docker run --rm -v $PWD:/TF sphinxdoc/sphinx \
|
||||
bash -c 'cd /TF && \
|
||||
pip3 install plantuml -r ./docs/requirements.txt && make doc'
|
||||
|
||||
The above command fetches the ``sphinxdoc/sphinx`` container from `docker
|
||||
hub`_, launches the container, installs documentation requirements and finally
|
||||
creates the documentation. Once done, exit the container and output from the
|
||||
build process will be placed in:
|
||||
|
||||
::
|
||||
|
||||
docs/build/html
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Sphinx: http://www.sphinx-doc.org/en/master/
|
||||
.. _pip homepage: https://pip.pypa.io/en/stable/
|
||||
.. _Dia: https://wiki.gnome.org/Apps/Dia
|
||||
.. _docker: https://www.docker.com/
|
||||
.. _docker hub: https://hub.docker.com/repository/docker/sphinxdoc/sphinx
|
||||
183
arm-trusted-firmware/docs/getting_started/image-terminology.rst
Normal file
183
arm-trusted-firmware/docs/getting_started/image-terminology.rst
Normal file
@@ -0,0 +1,183 @@
|
||||
Image Terminology
|
||||
=================
|
||||
|
||||
This page contains the current name, abbreviated name and purpose of the various
|
||||
images referred to in the Trusted Firmware project.
|
||||
|
||||
General Notes
|
||||
-------------
|
||||
|
||||
- Some of the names and abbreviated names have changed to accommodate new
|
||||
requirements. The changed names are as backward compatible as possible to
|
||||
minimize confusion. Where applicable, the previous names are indicated. Some
|
||||
code, documentation and build artefacts may still refer to the previous names;
|
||||
these will inevitably take time to catch up.
|
||||
|
||||
- The main name change is to prefix each image with the processor it corresponds
|
||||
to (for example ``AP_``, ``SCP_``, ...). In situations where there is no
|
||||
ambiguity (for example, within AP specific code/documentation), it is
|
||||
permitted to omit the processor prefix (for example, just BL1 instead of
|
||||
``AP_BL1``).
|
||||
|
||||
- Previously, the format for 3rd level images had 2 forms; ``BL3`` was either
|
||||
suffixed with a dash ("-") followed by a number (for example, ``BL3-1``) or a
|
||||
subscript number, depending on whether rich text formatting was available.
|
||||
This was confusing and often the dash gets omitted in practice. Therefore the
|
||||
new form is to just omit the dash and not use subscript formatting.
|
||||
|
||||
- The names no longer contain dash ("-") characters at all. In some places (for
|
||||
example, function names) it's not possible to use this character. All dashes
|
||||
are either removed or replaced by underscores ("_").
|
||||
|
||||
- The abbreviation BL stands for BootLoader. This is a historical anomaly.
|
||||
Clearly, many of these images are not BootLoaders, they are simply firmware
|
||||
images. However, the BL abbreviation is now widely used and is retained for
|
||||
backwards compatibility.
|
||||
|
||||
- The image names are not case sensitive. For example, ``bl1`` is
|
||||
interchangeable with ``BL1``, although mixed case should be avoided.
|
||||
|
||||
Trusted Firmware Images
|
||||
-----------------------
|
||||
|
||||
AP Boot ROM: ``AP_BL1``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first code to execute on the AP and cannot be modified.
|
||||
Its primary purpose is to perform the minimum initialization necessary to load
|
||||
and authenticate an updateable AP firmware image into an executable RAM
|
||||
location, then hand-off control to that image.
|
||||
|
||||
AP RAM Firmware: ``AP_BL2``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage AP firmware. It is currently also known as the "Trusted
|
||||
Boot Firmware". Its primary purpose is to perform any additional initialization
|
||||
required to load and authenticate all 3rd level firmware images into their
|
||||
executable RAM locations, then hand-off control to the EL3 Runtime Firmware.
|
||||
|
||||
EL3 Runtime Firmware: ``AP_BL31``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Also known as "SoC AP firmware" or "EL3 monitor firmware". Its primary purpose
|
||||
is to handle transitions between the normal and secure world.
|
||||
|
||||
Secure-EL1 Payload (SP): ``AP_BL32``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically this is a TEE or Trusted OS, providing runtime secure services to the
|
||||
normal world. However, it may refer to a more abstract Secure-EL1 Payload (SP).
|
||||
Note that this abbreviation should only be used in systems where there is a
|
||||
single or primary image executing at Secure-EL1. In systems where there are
|
||||
potentially multiple SPs and there is no concept of a primary SP, this
|
||||
abbreviation should be avoided; use the recommended **Other AP 3rd level
|
||||
images** abbreviation instead.
|
||||
|
||||
AP Normal World Firmware: ``AP_BL33``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
For example, UEFI or uboot. Its primary purpose is to boot a normal world OS.
|
||||
|
||||
Other AP 3rd level images: ``AP_BL3_XXX``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The abbreviated names of the existing 3rd level images imply a load/execution
|
||||
ordering (for example, ``AP_BL31 -> AP_BL32 -> AP_BL33``). Some systems may
|
||||
have additional images and/or a different load/execution ordering. The
|
||||
abbreviated names of the existing images are retained for backward compatibility
|
||||
but new 3rd level images should be suffixed with an underscore followed by text
|
||||
identifier, not a number.
|
||||
|
||||
In systems where 3rd level images are provided by different vendors, the
|
||||
abbreviated name should identify the vendor as well as the image
|
||||
function. For example, ``AP_BL3_ARM_RAS``.
|
||||
|
||||
Realm Monitor Management Firmware: ``RMM``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the Realm-EL2 firmware. It is required if
|
||||
:ref:`Realm Management Extension (RME)` feature is enabled. If a path to RMM
|
||||
image is not provided, TF-A builds Test Realm Payload (TRP) image by default
|
||||
and uses it as the RMM image.
|
||||
|
||||
SCP Boot ROM: ``SCP_BL1`` (previously ``BL0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first code to execute on the SCP and cannot be modified.
|
||||
Its primary purpose is to perform the minimum initialization necessary to load
|
||||
and authenticate an updateable SCP firmware image into an executable RAM
|
||||
location, then hand-off control to that image. This may be performed in
|
||||
conjunction with other processor firmware (for example, ``AP_BL1`` and
|
||||
``AP_BL2``).
|
||||
|
||||
This image was previously abbreviated as ``BL0`` but in some systems, the SCP
|
||||
may directly load/authenticate its own firmware. In these systems, it doesn't
|
||||
make sense to interleave the image terminology for AP and SCP; both AP and SCP
|
||||
Boot ROMs are ``BL1`` from their own point of view.
|
||||
|
||||
SCP RAM Firmware: ``SCP_BL2`` (previously ``BL3-0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage SCP firmware. It is currently also known as the "SCP
|
||||
runtime firmware" but it could potentially be an intermediate firmware if the
|
||||
SCP needs to load/authenticate multiple 3rd level images in future.
|
||||
|
||||
This image was previously abbreviated as BL3-0 but from the SCP's point of view,
|
||||
this has always been the 2nd stage firmware. The previous name is too
|
||||
AP-centric.
|
||||
|
||||
Firmware Update (FWU) Images
|
||||
----------------------------
|
||||
|
||||
The terminology for these images has not been widely adopted yet but they have
|
||||
to be considered in a production Trusted Board Boot solution.
|
||||
|
||||
AP Firmware Update Boot ROM: ``AP_NS_BL1U``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Typically, this is the first normal world code to execute on the AP during a
|
||||
firmware update operation, and cannot be modified. Its primary purpose is to
|
||||
load subsequent firmware update images from an external interface and communicate
|
||||
with ``AP_BL1`` to authenticate those images.
|
||||
|
||||
During firmware update, there are (potentially) multiple transitions between the
|
||||
secure and normal world. The "level" of the BL image is relative to the world
|
||||
it's in so it makes sense to encode "NS" in the normal world images. The absence
|
||||
of "NS" implies a secure world image.
|
||||
|
||||
AP Firmware Update Config: ``AP_BL2U``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This image does the minimum necessary AP secure world configuration required to
|
||||
complete the firmware update operation. It is potentially a subset of ``AP_BL2``
|
||||
functionality.
|
||||
|
||||
SCP Firmware Update Config: ``SCP_BL2U`` (previously ``BL2-U0``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This image does the minimum necessary SCP secure world configuration required to
|
||||
complete the firmware update operation. It is potentially a subset of
|
||||
``SCP_BL2`` functionality.
|
||||
|
||||
AP Firmware Updater: ``AP_NS_BL2U`` (previously ``BL3-U``)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This is the 2nd stage AP normal world firmware updater. Its primary purpose is
|
||||
to load a new set of firmware images from an external interface and write them
|
||||
into non-volatile storage.
|
||||
|
||||
Other Processor Firmware Images
|
||||
-------------------------------
|
||||
|
||||
Some systems may have additional processors to the AP and SCP. For example, a
|
||||
Management Control Processor (MCP). Images for these processors should follow
|
||||
the same terminology, with the processor abbreviation prefix, followed by
|
||||
underscore and the level of the firmware image.
|
||||
|
||||
For example,
|
||||
|
||||
MCP Boot ROM: ``MCP_BL1``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
MCP RAM Firmware: ``MCP_BL2``
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
21
arm-trusted-firmware/docs/getting_started/index.rst
Normal file
21
arm-trusted-firmware/docs/getting_started/index.rst
Normal file
@@ -0,0 +1,21 @@
|
||||
Getting Started
|
||||
===============
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
prerequisites
|
||||
docs-build
|
||||
tools-build
|
||||
initial-build
|
||||
build-options
|
||||
image-terminology
|
||||
porting-guide
|
||||
psci-lib-integration-guide
|
||||
rt-svc-writers-guide
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
118
arm-trusted-firmware/docs/getting_started/initial-build.rst
Normal file
118
arm-trusted-firmware/docs/getting_started/initial-build.rst
Normal file
@@ -0,0 +1,118 @@
|
||||
Performing an Initial Build
|
||||
===========================
|
||||
|
||||
- Before building TF-A, the environment variable ``CROSS_COMPILE`` must point
|
||||
to the Linaro cross compiler.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch32-gcc>/bin/arm-none-eabi-
|
||||
|
||||
It is possible to build TF-A using Clang or Arm Compiler 6. To do so
|
||||
``CC`` needs to point to the clang or armclang binary, which will
|
||||
also select the clang or armclang assembler. Be aware that for Arm Compiler,
|
||||
the GNU linker is used by default. However for Clang LLVM linker (LLD)
|
||||
is used by default. In case of being needed the linker can be overridden
|
||||
using the ``LD`` variable. LLVM linker (LLD) version 9 is
|
||||
known to work with TF-A.
|
||||
|
||||
In both cases ``CROSS_COMPILE`` should be set as described above.
|
||||
|
||||
Arm Compiler 6 will be selected when the base name of the path assigned
|
||||
to ``CC`` matches the string 'armclang'.
|
||||
|
||||
For AArch64 using Arm Compiler 6:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
make CC=<path-to-armclang>/bin/armclang PLAT=<platform> all
|
||||
|
||||
Clang will be selected when the base name of the path assigned to ``CC``
|
||||
contains the string 'clang'. This is to allow both clang and clang-X.Y
|
||||
to work.
|
||||
|
||||
For AArch64 using clang:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
make CC=<path-to-clang>/bin/clang PLAT=<platform> all
|
||||
|
||||
- Change to the root directory of the TF-A source tree and build.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> all
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> ARCH=aarch32 AARCH32_SP=sp_min all
|
||||
|
||||
Notes:
|
||||
|
||||
- If ``PLAT`` is not specified, ``fvp`` is assumed by default. See the
|
||||
:ref:`Build Options` document for more information on available build
|
||||
options.
|
||||
|
||||
- (AArch32 only) Currently only ``PLAT=fvp`` is supported.
|
||||
|
||||
- (AArch32 only) ``AARCH32_SP`` is the AArch32 EL3 Runtime Software and it
|
||||
corresponds to the BL32 image. A minimal ``AARCH32_SP``, sp_min, is
|
||||
provided by TF-A to demonstrate how PSCI Library can be integrated with
|
||||
an AArch32 EL3 Runtime Software. Some AArch32 EL3 Runtime Software may
|
||||
include other runtime services, for example Trusted OS services. A guide
|
||||
to integrate PSCI library with AArch32 EL3 Runtime Software can be found
|
||||
at :ref:`PSCI Library Integration guide for Armv8-A AArch32 systems`.
|
||||
|
||||
- (AArch64 only) The TSP (Test Secure Payload), corresponding to the BL32
|
||||
image, is not compiled in by default. Refer to the
|
||||
:ref:`Test Secure Payload (TSP) and Dispatcher (TSPD)` document for
|
||||
details on building the TSP.
|
||||
|
||||
- By default this produces a release version of the build. To produce a
|
||||
debug version instead, refer to the "Debugging options" section below.
|
||||
|
||||
- The build process creates products in a ``build`` directory tree, building
|
||||
the objects and binaries for each boot loader stage in separate
|
||||
sub-directories. The following boot loader binary files are created
|
||||
from the corresponding ELF files:
|
||||
|
||||
- ``build/<platform>/<build-type>/bl1.bin``
|
||||
- ``build/<platform>/<build-type>/bl2.bin``
|
||||
- ``build/<platform>/<build-type>/bl31.bin`` (AArch64 only)
|
||||
- ``build/<platform>/<build-type>/bl32.bin`` (mandatory for AArch32)
|
||||
|
||||
where ``<platform>`` is the name of the chosen platform and ``<build-type>``
|
||||
is either ``debug`` or ``release``. The actual number of images might differ
|
||||
depending on the platform.
|
||||
|
||||
- Build products for a specific build variant can be removed using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make DEBUG=<D> PLAT=<platform> clean
|
||||
|
||||
... where ``<D>`` is ``0`` or ``1``, as specified when building.
|
||||
|
||||
The build tree can be removed completely using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make realclean
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020, Arm Limited. All rights reserved.*
|
||||
3215
arm-trusted-firmware/docs/getting_started/porting-guide.rst
Normal file
3215
arm-trusted-firmware/docs/getting_started/porting-guide.rst
Normal file
File diff suppressed because it is too large
Load Diff
169
arm-trusted-firmware/docs/getting_started/prerequisites.rst
Normal file
169
arm-trusted-firmware/docs/getting_started/prerequisites.rst
Normal file
@@ -0,0 +1,169 @@
|
||||
Prerequisites
|
||||
=============
|
||||
|
||||
This document describes the software requirements for building |TF-A| for
|
||||
AArch32 and AArch64 target platforms.
|
||||
|
||||
It may possible to build |TF-A| with combinations of software packages that are
|
||||
different from those listed below, however only the software described in this
|
||||
document can be officially supported.
|
||||
|
||||
Build Host
|
||||
----------
|
||||
|
||||
|TF-A| can be built using either a Linux or a Windows machine as the build host.
|
||||
|
||||
A relatively recent Linux distribution is recommended for building |TF-A|. We
|
||||
have performed tests using Ubuntu 16.04 LTS (64-bit) but other distributions
|
||||
should also work fine as a base, provided that the necessary tools and libraries
|
||||
can be installed.
|
||||
|
||||
.. _prerequisites_toolchain:
|
||||
|
||||
Toolchain
|
||||
---------
|
||||
|
||||
|TF-A| can be built with any of the following *cross-compiler* toolchains that
|
||||
target the Armv7-A or Armv8-A architectures:
|
||||
|
||||
- GCC >= 10.3-2021.07 (from the `Arm Developer website`_)
|
||||
- Clang >= 4.0
|
||||
- Arm Compiler >= 6.0
|
||||
|
||||
In addition, a native compiler is required to build the supporting tools.
|
||||
|
||||
.. note::
|
||||
The software has also been built on Windows 7 Enterprise SP1, using CMD.EXE,
|
||||
Cygwin, and Msys (MinGW) shells, using version 5.3.1 of the GNU toolchain.
|
||||
|
||||
.. note::
|
||||
For instructions on how to select the cross compiler refer to
|
||||
:ref:`Performing an Initial Build`.
|
||||
|
||||
.. _prerequisites_software_and_libraries:
|
||||
|
||||
Software and Libraries
|
||||
----------------------
|
||||
|
||||
The following tools are required to obtain and build |TF-A|:
|
||||
|
||||
- An appropriate toolchain (see :ref:`prerequisites_toolchain`)
|
||||
- GNU Make
|
||||
- Git
|
||||
|
||||
The following libraries must be available to build one or more components or
|
||||
supporting tools:
|
||||
|
||||
- OpenSSL >= 1.0.1
|
||||
|
||||
Required to build the cert_create tool.
|
||||
|
||||
The following libraries are required for Trusted Board Boot support:
|
||||
|
||||
- mbed TLS == 2.26.0 (tag: ``mbedtls-2.26.0``)
|
||||
|
||||
These tools are optional:
|
||||
|
||||
- Device Tree Compiler (DTC) >= 1.4.6
|
||||
|
||||
Needed if you want to rebuild the provided Flattened Device Tree (FDT)
|
||||
source files (``.dts`` files). DTC is available for Linux through the package
|
||||
repositories of most distributions.
|
||||
|
||||
- Arm `Development Studio 5 (DS-5)`_
|
||||
|
||||
The standard software package used for debugging software on Arm development
|
||||
platforms and |FVP| models.
|
||||
|
||||
- Node.js >= 16
|
||||
|
||||
Highly recommended, and necessary in order to install and use the packaged
|
||||
Git hooks and helper tools. Without these tools you will need to rely on the
|
||||
CI for feedback on commit message conformance.
|
||||
|
||||
Package Installation (Linux)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
If you are using the recommended Ubuntu distribution then you can install the
|
||||
required packages with the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install build-essential git libssl-dev
|
||||
|
||||
The optional packages can be installed using:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
sudo apt install device-tree-compiler
|
||||
|
||||
Additionally, to install an up-to-date version of Node.js, you can use the `Node
|
||||
Version Manager`_ to install a version of your choosing (we recommend 16, but
|
||||
later LTS versions might offer a more stable experience):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | "$SHELL"
|
||||
exec "$SHELL" -ic "nvm install 16; exec $SHELL"
|
||||
|
||||
.. _Node Version Manager: https://github.com/nvm-sh/nvm#install--update-script
|
||||
|
||||
Supporting Files
|
||||
----------------
|
||||
|
||||
TF-A has been tested with pre-built binaries and file systems from `Linaro
|
||||
Release 20.01`_. Alternatively, you can build the binaries from source using
|
||||
instructions in :ref:`Performing an Initial Build`.
|
||||
|
||||
.. _prerequisites_get_source:
|
||||
|
||||
Getting the TF-A Source
|
||||
-----------------------
|
||||
|
||||
Source code for |TF-A| is maintained in a Git repository hosted on
|
||||
TrustedFirmware.org. To clone this repository from the server, run the following
|
||||
in your shell:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone "https://review.trustedfirmware.org/TF-A/trusted-firmware-a"
|
||||
|
||||
Additional Steps for Contributors
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
If you are planning on contributing back to TF-A, there are some things you'll
|
||||
want to know.
|
||||
|
||||
TF-A is hosted by a `Gerrit Code Review`_ server. Gerrit requires that all
|
||||
commits include a ``Change-Id`` footer, and this footer is typically
|
||||
automatically generated by a Git hook installed by you, the developer.
|
||||
|
||||
If you have Node.js installed already, you can automatically install this hook,
|
||||
along with any additional hooks and Javascript-based tooling that we use, by
|
||||
running from within your newly-cloned repository:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
npm install --no-save
|
||||
|
||||
If you have opted **not** to install Node.js, you can install the Gerrit hook
|
||||
manually by running:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
curl -Lo $(git rev-parse --git-dir)/hooks/commit-msg https://review.trustedfirmware.org/tools/hooks/commit-msg
|
||||
chmod +x $(git rev-parse --git-dir)/hooks/commit-msg
|
||||
|
||||
You can read more about Git hooks in the *githooks* page of the Git
|
||||
documentation, available `here <https://git-scm.com/docs/githooks>`_.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Arm Developer website: https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads
|
||||
.. _Gerrit Code Review: https://www.gerritcodereview.com/
|
||||
.. _Linaro Release Notes: https://community.arm.com/dev-platforms/w/docs/226/old-release-notes
|
||||
.. _Linaro instructions: https://community.arm.com/dev-platforms/w/docs/304/arm-reference-platforms-deliverables
|
||||
.. _Development Studio 5 (DS-5): https://developer.arm.com/products/software-development-tools/ds-5-development-studio
|
||||
.. _Linaro Release 20.01: http://releases.linaro.org/members/arm/platforms/20.01
|
||||
@@ -0,0 +1,546 @@
|
||||
PSCI Library Integration guide for Armv8-A AArch32 systems
|
||||
==========================================================
|
||||
|
||||
This document describes the PSCI library interface with a focus on how to
|
||||
integrate with a suitable Trusted OS for an Armv8-A AArch32 system. The PSCI
|
||||
Library implements the PSCI Standard as described in `PSCI spec`_ and is meant
|
||||
to be integrated with EL3 Runtime Software which invokes the PSCI Library
|
||||
interface appropriately. **EL3 Runtime Software** refers to software executing
|
||||
at the highest secure privileged mode, which is EL3 in AArch64 or Secure SVC/
|
||||
Monitor mode in AArch32, and provides runtime services to the non-secure world.
|
||||
The runtime service request is made via SMC (Secure Monitor Call) and the call
|
||||
must adhere to `SMCCC`_. In AArch32, EL3 Runtime Software may additionally
|
||||
include Trusted OS functionality. A minimal AArch32 Secure Payload, SP-MIN, is
|
||||
provided in Trusted Firmware-A (TF-A) to illustrate the usage and integration
|
||||
of the PSCI library. The description of PSCI library interface and its
|
||||
integration with EL3 Runtime Software in this document is targeted towards
|
||||
AArch32 systems.
|
||||
|
||||
Generic call sequence for PSCI Library interface (AArch32)
|
||||
----------------------------------------------------------
|
||||
|
||||
The generic call sequence of PSCI Library interfaces (see
|
||||
`PSCI Library Interface`_) during cold boot in AArch32
|
||||
system is described below:
|
||||
|
||||
#. After cold reset, the EL3 Runtime Software performs its cold boot
|
||||
initialization including the PSCI library pre-requisites mentioned in
|
||||
`PSCI Library Interface`_, and also the necessary platform
|
||||
setup.
|
||||
|
||||
#. Call ``psci_setup()`` in Monitor mode.
|
||||
|
||||
#. Optionally call ``psci_register_spd_pm_hook()`` to register callbacks to
|
||||
do bookkeeping for the EL3 Runtime Software during power management.
|
||||
|
||||
#. Call ``psci_prepare_next_non_secure_ctx()`` to initialize the non-secure CPU
|
||||
context.
|
||||
|
||||
#. Get the non-secure ``cpu_context_t`` for the current CPU by calling
|
||||
``cm_get_context()`` , then programming the registers in the non-secure
|
||||
context and exiting to non-secure world. If the EL3 Runtime Software needs
|
||||
additional configuration to be set for non-secure context, like routing
|
||||
FIQs to the secure world, the values of the registers can be modified prior
|
||||
to programming. See `PSCI CPU context management`_ for more
|
||||
details on CPU context management.
|
||||
|
||||
The generic call sequence of PSCI library interfaces during warm boot in
|
||||
AArch32 systems is described below:
|
||||
|
||||
#. After warm reset, the EL3 Runtime Software performs the necessary warm
|
||||
boot initialization including the PSCI library pre-requisites mentioned in
|
||||
`PSCI Library Interface`_ (Note that the Data cache
|
||||
**must not** be enabled).
|
||||
|
||||
#. Call ``psci_warmboot_entrypoint()`` in Monitor mode. This interface
|
||||
initializes/restores the non-secure CPU context as well.
|
||||
|
||||
#. Do step 5 of the cold boot call sequence described above.
|
||||
|
||||
The generic call sequence of PSCI library interfaces on receipt of a PSCI SMC
|
||||
on an AArch32 system is described below:
|
||||
|
||||
#. On receipt of an SMC, save the register context as per `SMCCC`_.
|
||||
|
||||
#. If the SMC function identifier corresponds to a SMC32 PSCI API, construct
|
||||
the appropriate arguments and call the ``psci_smc_handler()`` interface.
|
||||
The invocation may or may not return back to the caller depending on
|
||||
whether the PSCI API resulted in power down of the CPU.
|
||||
|
||||
#. If ``psci_smc_handler()`` returns, populate the return value in R0 (AArch32)/
|
||||
X0 (AArch64) and restore other registers as per `SMCCC`_.
|
||||
|
||||
PSCI CPU context management
|
||||
---------------------------
|
||||
|
||||
PSCI library is in charge of initializing/restoring the non-secure CPU system
|
||||
registers according to `PSCI specification`_ during cold/warm boot.
|
||||
This is referred to as ``PSCI CPU Context Management``. Registers that need to
|
||||
be preserved across CPU power down/power up cycles are maintained in
|
||||
``cpu_context_t`` data structure. The initialization of other non-secure CPU
|
||||
system registers which do not require coordination with the EL3 Runtime
|
||||
Software is done directly by the PSCI library (see ``cm_prepare_el3_exit()``).
|
||||
|
||||
The EL3 Runtime Software is responsible for managing register context
|
||||
during switch between Normal and Secure worlds. The register context to be
|
||||
saved and restored depends on the mechanism used to trigger the world switch.
|
||||
For example, if the world switch was triggered by an SMC call, then the
|
||||
registers need to be saved and restored according to `SMCCC`_. In AArch64,
|
||||
due to the tight integration with BL31, both BL31 and PSCI library
|
||||
use the same ``cpu_context_t`` data structure for PSCI CPU context management
|
||||
and register context management during world switch. This cannot be assumed
|
||||
for AArch32 EL3 Runtime Software since most AArch32 Trusted OSes already implement
|
||||
a mechanism for register context management during world switch. Hence, when
|
||||
the PSCI library is integrated with a AArch32 EL3 Runtime Software, the
|
||||
``cpu_context_t`` is stripped down for just PSCI CPU context management.
|
||||
|
||||
During cold/warm boot, after invoking appropriate PSCI library interfaces, it
|
||||
is expected that the EL3 Runtime Software will query the ``cpu_context_t`` and
|
||||
write appropriate values to the corresponding system registers. This mechanism
|
||||
resolves 2 additional problems for AArch32 EL3 Runtime Software:
|
||||
|
||||
#. Values for certain system registers like SCR and SCTLR cannot be
|
||||
unilaterally determined by PSCI library and need inputs from the EL3
|
||||
Runtime Software. Using ``cpu_context_t`` as an intermediary data store
|
||||
allows EL3 Runtime Software to modify the register values appropriately
|
||||
before programming them.
|
||||
|
||||
#. The PSCI library provides appropriate LR and SPSR values (entrypoint
|
||||
information) for exit into non-secure world. Using ``cpu_context_t`` as an
|
||||
intermediary data store allows the EL3 Runtime Software to store these
|
||||
values safely until it is ready for exit to non-secure world.
|
||||
|
||||
Currently the ``cpu_context_t`` data structure for AArch32 stores the following
|
||||
registers: R0 - R3, LR (R14), SCR, SPSR, SCTLR.
|
||||
|
||||
The EL3 Runtime Software must implement accessors to get/set pointers
|
||||
to CPU context ``cpu_context_t`` data and these are described in
|
||||
`CPU Context management API`_.
|
||||
|
||||
PSCI Library Interface
|
||||
----------------------
|
||||
|
||||
The PSCI library implements the `PSCI Specification`_. The interfaces
|
||||
to this library are declared in ``psci_lib.h`` and are as listed below:
|
||||
|
||||
.. code:: c
|
||||
|
||||
u_register_t psci_smc_handler(uint32_t smc_fid, u_register_t x1,
|
||||
u_register_t x2, u_register_t x3,
|
||||
u_register_t x4, void *cookie,
|
||||
void *handle, u_register_t flags);
|
||||
int psci_setup(const psci_lib_args_t *lib_args);
|
||||
void psci_warmboot_entrypoint(void);
|
||||
void psci_register_spd_pm_hook(const spd_pm_ops_t *pm);
|
||||
void psci_prepare_next_non_secure_ctx(entry_point_info_t *next_image_info);
|
||||
|
||||
The CPU context data 'cpu_context_t' is programmed to the registers differently
|
||||
when PSCI is integrated with an AArch32 EL3 Runtime Software compared to
|
||||
when the PSCI is integrated with an AArch64 EL3 Runtime Software (BL31). For
|
||||
example, in the case of AArch64, there is no need to retrieve ``cpu_context_t``
|
||||
data and program the registers as it will done implicitly as part of
|
||||
``el3_exit``. The description below of the PSCI interfaces is targeted at
|
||||
integration with an AArch32 EL3 Runtime Software.
|
||||
|
||||
The PSCI library is responsible for initializing/restoring the non-secure world
|
||||
to an appropriate state after boot and may choose to directly program the
|
||||
non-secure system registers. The PSCI generic code takes care not to directly
|
||||
modify any of the system registers affecting the secure world and instead
|
||||
returns the values to be programmed to these registers via ``cpu_context_t``.
|
||||
The EL3 Runtime Software is responsible for programming those registers and
|
||||
can use the proposed values provided in the ``cpu_context_t``, modifying the
|
||||
values if required.
|
||||
|
||||
PSCI library needs the flexibility to access both secure and non-secure
|
||||
copies of banked registers. Hence it needs to be invoked in Monitor mode
|
||||
for AArch32 and in EL3 for AArch64. The NS bit in SCR (in AArch32) or SCR_EL3
|
||||
(in AArch64) must be set to 0. Additional requirements for the PSCI library
|
||||
interfaces are:
|
||||
|
||||
- Instruction cache must be enabled
|
||||
- Both IRQ and FIQ must be masked for the current CPU
|
||||
- The page tables must be setup and the MMU enabled
|
||||
- The C runtime environment must be setup and stack initialized
|
||||
- The Data cache must be enabled prior to invoking any of the PSCI library
|
||||
interfaces except for ``psci_warmboot_entrypoint()``. For
|
||||
``psci_warmboot_entrypoint()``, if the build option ``HW_ASSISTED_COHERENCY``
|
||||
is enabled however, data caches are expected to be enabled.
|
||||
|
||||
Further requirements for each interface can be found in the interface
|
||||
description.
|
||||
|
||||
Interface : psci_setup()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : const psci_lib_args_t *lib_args
|
||||
Return : void
|
||||
|
||||
This function is to be called by the primary CPU during cold boot before
|
||||
any other interface to the PSCI library. It takes ``lib_args``, a const pointer
|
||||
to ``psci_lib_args_t``, as the argument. The ``psci_lib_args_t`` is a versioned
|
||||
structure and is declared in ``psci_lib.h`` header as follows:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct psci_lib_args {
|
||||
/* The version information of PSCI Library Interface */
|
||||
param_header_t h;
|
||||
/* The warm boot entrypoint function */
|
||||
mailbox_entrypoint_t mailbox_ep;
|
||||
} psci_lib_args_t;
|
||||
|
||||
The first field ``h``, of ``param_header_t`` type, provides the version
|
||||
information. The second field ``mailbox_ep`` is the warm boot entrypoint address
|
||||
and is used to configure the platform mailbox. Helper macros are provided in
|
||||
``psci_lib.h`` to construct the ``lib_args`` argument statically or during
|
||||
runtime. Prior to calling the ``psci_setup()`` interface, the platform setup for
|
||||
cold boot must have completed. Major actions performed by this interface are:
|
||||
|
||||
- Initializes architecture.
|
||||
- Initializes PSCI power domain and state coordination data structures.
|
||||
- Calls ``plat_setup_psci_ops()`` with warm boot entrypoint ``mailbox_ep`` as
|
||||
argument.
|
||||
- Calls ``cm_set_context_by_index()`` (see
|
||||
`CPU Context management API`_) for all the CPUs in the
|
||||
platform
|
||||
|
||||
Interface : psci_prepare_next_non_secure_ctx()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : entry_point_info_t *next_image_info
|
||||
Return : void
|
||||
|
||||
After ``psci_setup()`` and prior to exit to the non-secure world, this function
|
||||
must be called by the EL3 Runtime Software to initialize the non-secure world
|
||||
context. The non-secure world entrypoint information ``next_image_info`` (first
|
||||
argument) will be used to determine the non-secure context. After this function
|
||||
returns, the EL3 Runtime Software must retrieve the ``cpu_context_t`` (using
|
||||
cm_get_context()) for the current CPU and program the registers prior to exit
|
||||
to the non-secure world.
|
||||
|
||||
Interface : psci_register_spd_pm_hook()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : const spd_pm_ops_t *
|
||||
Return : void
|
||||
|
||||
As explained in `Secure payload power management callback`_,
|
||||
the EL3 Runtime Software may want to perform some bookkeeping during power
|
||||
management operations. This function is used to register the ``spd_pm_ops_t``
|
||||
(first argument) callbacks with the PSCI library which will be called
|
||||
appropriately during power management. Calling this function is optional and
|
||||
need to be called by the primary CPU during the cold boot sequence after
|
||||
``psci_setup()`` has completed.
|
||||
|
||||
Interface : psci_smc_handler()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : uint32_t smc_fid, u_register_t x1,
|
||||
u_register_t x2, u_register_t x3,
|
||||
u_register_t x4, void *cookie,
|
||||
void *handle, u_register_t flags
|
||||
Return : u_register_t
|
||||
|
||||
This function is the top level handler for SMCs which fall within the
|
||||
PSCI service range specified in `SMCCC`_. The function ID ``smc_fid`` (first
|
||||
argument) determines the PSCI API to be called. The ``x1`` to ``x4`` (2nd to 5th
|
||||
arguments), are the values of the registers r1 - r4 (in AArch32) or x1 - x4
|
||||
(in AArch64) when the SMC is received. These are the arguments to PSCI API as
|
||||
described in `PSCI spec`_. The 'flags' (8th argument) is a bit field parameter
|
||||
and is detailed in 'smccc.h' header. It includes whether the call is from the
|
||||
secure or non-secure world. The ``cookie`` (6th argument) and the ``handle``
|
||||
(7th argument) are not used and are reserved for future use.
|
||||
|
||||
The return value from this interface is the return value from the underlying
|
||||
PSCI API corresponding to ``smc_fid``. This function may not return back to the
|
||||
caller if PSCI API causes power down of the CPU. In this case, when the CPU
|
||||
wakes up, it will start execution from the warm reset address.
|
||||
|
||||
Interface : psci_warmboot_entrypoint()
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
::
|
||||
|
||||
Argument : void
|
||||
Return : void
|
||||
|
||||
This function performs the warm boot initialization/restoration as mandated by
|
||||
`PSCI spec`_. For AArch32, on wakeup from power down the CPU resets to secure SVC
|
||||
mode and the EL3 Runtime Software must perform the prerequisite initializations
|
||||
mentioned at top of this section. This function must be called with Data cache
|
||||
disabled (unless build option ``HW_ASSISTED_COHERENCY`` is enabled) but with MMU
|
||||
initialized and enabled. The major actions performed by this function are:
|
||||
|
||||
- Invalidates the stack and enables the data cache.
|
||||
- Initializes architecture and PSCI state coordination.
|
||||
- Restores/Initializes the peripheral drivers to the required state via
|
||||
appropriate ``plat_psci_ops_t`` hooks
|
||||
- Restores the EL3 Runtime Software context via appropriate ``spd_pm_ops_t``
|
||||
callbacks.
|
||||
- Restores/Initializes the non-secure context and populates the
|
||||
``cpu_context_t`` for the current CPU.
|
||||
|
||||
Upon the return of this function, the EL3 Runtime Software must retrieve the
|
||||
non-secure ``cpu_context_t`` using ``cm_get_context()`` and program the registers
|
||||
prior to exit to the non-secure world.
|
||||
|
||||
EL3 Runtime Software dependencies
|
||||
---------------------------------
|
||||
|
||||
The PSCI Library includes supporting frameworks like context management,
|
||||
cpu operations (cpu_ops) and per-cpu data framework. Other helper library
|
||||
functions like bakery locks and spin locks are also included in the library.
|
||||
The dependencies which must be fulfilled by the EL3 Runtime Software
|
||||
for integration with PSCI library are described below.
|
||||
|
||||
General dependencies
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The PSCI library being a Multiprocessor (MP) implementation, EL3 Runtime
|
||||
Software must provide an SMC handling framework capable of MP adhering to
|
||||
`SMCCC`_ specification.
|
||||
|
||||
The EL3 Runtime Software must also export cache maintenance primitives
|
||||
and some helper utilities for assert, print and memory operations as listed
|
||||
below. The TF-A source tree provides implementations for all
|
||||
these functions but the EL3 Runtime Software may use its own implementation.
|
||||
|
||||
**Functions : assert(), memcpy(), memset(), printf()**
|
||||
|
||||
These must be implemented as described in ISO C Standard.
|
||||
|
||||
**Function : flush_dcache_range()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uintptr_t addr, size_t size
|
||||
Return : void
|
||||
|
||||
This function cleans and invalidates (flushes) the data cache for memory
|
||||
at address ``addr`` (first argument) address and of size ``size`` (second argument).
|
||||
|
||||
**Function : inv_dcache_range()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uintptr_t addr, size_t size
|
||||
Return : void
|
||||
|
||||
This function invalidates (flushes) the data cache for memory at address
|
||||
``addr`` (first argument) address and of size ``size`` (second argument).
|
||||
|
||||
**Function : do_panic()**
|
||||
|
||||
::
|
||||
|
||||
Argument : void
|
||||
Return : void
|
||||
|
||||
This function will be called by the PSCI library on encountering a critical
|
||||
failure that cannot be recovered from. This function **must not** return.
|
||||
|
||||
CPU Context management API
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The CPU context management data memory is statically allocated by PSCI library
|
||||
in BSS section. The PSCI library requires the EL3 Runtime Software to implement
|
||||
APIs to store and retrieve pointers to this CPU context data. SP-MIN
|
||||
demonstrates how these APIs can be implemented but the EL3 Runtime Software can
|
||||
choose a more optimal implementation (like dedicating the secure TPIDRPRW
|
||||
system register (in AArch32) for storing these pointers).
|
||||
|
||||
**Function : cm_set_context_by_index()**
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int cpu_idx, void *context, unsigned int security_state
|
||||
Return : void
|
||||
|
||||
This function is called during cold boot when the ``psci_setup()`` PSCI library
|
||||
interface is called.
|
||||
|
||||
This function must store the pointer to the CPU context data, ``context`` (2nd
|
||||
argument), for the specified ``security_state`` (3rd argument) and CPU identified
|
||||
by ``cpu_idx`` (first argument). The ``security_state`` will always be non-secure
|
||||
when called by PSCI library and this argument is retained for compatibility
|
||||
with BL31. The ``cpu_idx`` will correspond to the index returned by the
|
||||
``plat_core_pos_by_mpidr()`` for ``mpidr`` of the CPU.
|
||||
|
||||
The actual method of storing the ``context`` pointers is implementation specific.
|
||||
For example, SP-MIN stores the pointers in the array ``sp_min_cpu_ctx_ptr``
|
||||
declared in ``sp_min_main.c``.
|
||||
|
||||
**Function : cm_get_context()**
|
||||
|
||||
::
|
||||
|
||||
Argument : uint32_t security_state
|
||||
Return : void *
|
||||
|
||||
This function must return the pointer to the ``cpu_context_t`` structure for
|
||||
the specified ``security_state`` (first argument) for the current CPU. The caller
|
||||
must ensure that ``cm_set_context_by_index`` is called first and the appropriate
|
||||
context pointers are stored prior to invoking this API. The ``security_state``
|
||||
will always be non-secure when called by PSCI library and this argument
|
||||
is retained for compatibility with BL31.
|
||||
|
||||
**Function : cm_get_context_by_index()**
|
||||
|
||||
::
|
||||
|
||||
Argument : unsigned int cpu_idx, unsigned int security_state
|
||||
Return : void *
|
||||
|
||||
This function must return the pointer to the ``cpu_context_t`` structure for
|
||||
the specified ``security_state`` (second argument) for the CPU identified by
|
||||
``cpu_idx`` (first argument). The caller must ensure that
|
||||
``cm_set_context_by_index`` is called first and the appropriate context
|
||||
pointers are stored prior to invoking this API. The ``security_state`` will
|
||||
always be non-secure when called by PSCI library and this argument is
|
||||
retained for compatibility with BL31. The ``cpu_idx`` will correspond to the
|
||||
index returned by the ``plat_core_pos_by_mpidr()`` for ``mpidr`` of the CPU.
|
||||
|
||||
Platform API
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The platform layer abstracts the platform-specific details from the generic
|
||||
PSCI library. The following platform APIs/macros must be defined by the EL3
|
||||
Runtime Software for integration with the PSCI library.
|
||||
|
||||
The mandatory platform APIs are:
|
||||
|
||||
- plat_my_core_pos
|
||||
- plat_core_pos_by_mpidr
|
||||
- plat_get_syscnt_freq2
|
||||
- plat_get_power_domain_tree_desc
|
||||
- plat_setup_psci_ops
|
||||
- plat_reset_handler
|
||||
- plat_panic_handler
|
||||
- plat_get_my_stack
|
||||
|
||||
The mandatory platform macros are:
|
||||
|
||||
- PLATFORM_CORE_COUNT
|
||||
- PLAT_MAX_PWR_LVL
|
||||
- PLAT_NUM_PWR_DOMAINS
|
||||
- CACHE_WRITEBACK_GRANULE
|
||||
- PLAT_MAX_OFF_STATE
|
||||
- PLAT_MAX_RET_STATE
|
||||
- PLAT_MAX_PWR_LVL_STATES (optional)
|
||||
- PLAT_PCPU_DATA_SIZE (optional)
|
||||
|
||||
The details of these APIs/macros can be found in the :ref:`Porting Guide`.
|
||||
|
||||
All platform specific operations for power management are done via
|
||||
``plat_psci_ops_t`` callbacks registered by the platform when
|
||||
``plat_setup_psci_ops()`` API is called. The description of each of
|
||||
the callbacks in ``plat_psci_ops_t`` can be found in PSCI section of the
|
||||
:ref:`Porting Guide`. If any these callbacks are not registered, then the
|
||||
PSCI API associated with that callback will not be supported by PSCI
|
||||
library.
|
||||
|
||||
Secure payload power management callback
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
During PSCI power management operations, the EL3 Runtime Software may
|
||||
need to perform some bookkeeping, and PSCI library provides
|
||||
``spd_pm_ops_t`` callbacks for this purpose. These hooks must be
|
||||
populated and registered by using ``psci_register_spd_pm_hook()`` PSCI
|
||||
library interface.
|
||||
|
||||
Typical bookkeeping during PSCI power management calls include save/restore
|
||||
of the EL3 Runtime Software context. Also if the EL3 Runtime Software makes
|
||||
use of secure interrupts, then these interrupts must also be managed
|
||||
appropriately during CPU power down/power up. Any secure interrupt targeted
|
||||
to the current CPU must be disabled or re-targeted to other running CPU prior
|
||||
to power down of the current CPU. During power up, these interrupt can be
|
||||
enabled/re-targeted back to the current CPU.
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef struct spd_pm_ops {
|
||||
void (*svc_on)(u_register_t target_cpu);
|
||||
int32_t (*svc_off)(u_register_t __unused);
|
||||
void (*svc_suspend)(u_register_t max_off_pwrlvl);
|
||||
void (*svc_on_finish)(u_register_t __unused);
|
||||
void (*svc_suspend_finish)(u_register_t max_off_pwrlvl);
|
||||
int32_t (*svc_migrate)(u_register_t from_cpu, u_register_t to_cpu);
|
||||
int32_t (*svc_migrate_info)(u_register_t *resident_cpu);
|
||||
void (*svc_system_off)(void);
|
||||
void (*svc_system_reset)(void);
|
||||
} spd_pm_ops_t;
|
||||
|
||||
A brief description of each callback is given below:
|
||||
|
||||
- svc_on, svc_off, svc_on_finish
|
||||
|
||||
The ``svc_on``, ``svc_off`` callbacks are called during PSCI_CPU_ON,
|
||||
PSCI_CPU_OFF APIs respectively. The ``svc_on_finish`` is called when the
|
||||
target CPU of PSCI_CPU_ON API powers up and executes the
|
||||
``psci_warmboot_entrypoint()`` PSCI library interface.
|
||||
|
||||
- svc_suspend, svc_suspend_finish
|
||||
|
||||
The ``svc_suspend`` callback is called during power down bu either
|
||||
PSCI_SUSPEND or PSCI_SYSTEM_SUSPEND APIs. The ``svc_suspend_finish`` is
|
||||
called when the CPU wakes up from suspend and executes the
|
||||
``psci_warmboot_entrypoint()`` PSCI library interface. The ``max_off_pwrlvl``
|
||||
(first parameter) denotes the highest power domain level being powered down
|
||||
to or woken up from suspend.
|
||||
|
||||
- svc_system_off, svc_system_reset
|
||||
|
||||
These callbacks are called during PSCI_SYSTEM_OFF and PSCI_SYSTEM_RESET
|
||||
PSCI APIs respectively.
|
||||
|
||||
- svc_migrate_info
|
||||
|
||||
This callback is called in response to PSCI_MIGRATE_INFO_TYPE or
|
||||
PSCI_MIGRATE_INFO_UP_CPU APIs. The return value of this callback must
|
||||
correspond to the return value of PSCI_MIGRATE_INFO_TYPE API as described
|
||||
in `PSCI spec`_. If the secure payload is a Uniprocessor (UP)
|
||||
implementation, then it must update the mpidr of the CPU it is resident in
|
||||
via ``resident_cpu`` (first argument). The updates to ``resident_cpu`` is
|
||||
ignored if the secure payload is a multiprocessor (MP) implementation.
|
||||
|
||||
- svc_migrate
|
||||
|
||||
This callback is only relevant if the secure payload in EL3 Runtime
|
||||
Software is a Uniprocessor (UP) implementation and supports migration from
|
||||
the current CPU ``from_cpu`` (first argument) to another CPU ``to_cpu``
|
||||
(second argument). This callback is called in response to PSCI_MIGRATE
|
||||
API. This callback is never called if the secure payload is a
|
||||
Multiprocessor (MP) implementation.
|
||||
|
||||
CPU operations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
The CPU operations (cpu_ops) framework implement power down sequence specific
|
||||
to the CPU and the details of which can be found at
|
||||
:ref:`firmware_design_cpu_ops_fwk`. The TF-A tree implements the ``cpu_ops``
|
||||
for various supported CPUs and the EL3 Runtime Software needs to include the
|
||||
required ``cpu_ops`` in its build. The start and end of the ``cpu_ops``
|
||||
descriptors must be exported by the EL3 Runtime Software via the
|
||||
``__CPU_OPS_START__`` and ``__CPU_OPS_END__`` linker symbols.
|
||||
|
||||
The ``cpu_ops`` descriptors also include reset sequences and may include errata
|
||||
workarounds for the CPU. The EL3 Runtime Software can choose to call this
|
||||
during cold/warm reset if it does not implement its own reset sequence/errata
|
||||
workarounds.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2016-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _PSCI spec: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
|
||||
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
|
||||
.. _PSCI specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
|
||||
.. _PSCI Specification: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
|
||||
@@ -0,0 +1,320 @@
|
||||
EL3 Runtime Service Writer's Guide
|
||||
=====================================================
|
||||
|
||||
Introduction
|
||||
------------
|
||||
|
||||
This document describes how to add a runtime service to the EL3 Runtime
|
||||
Firmware component of Trusted Firmware-A (TF-A), BL31.
|
||||
|
||||
Software executing in the normal world and in the trusted world at exception
|
||||
levels lower than EL3 will request runtime services using the Secure Monitor
|
||||
Call (SMC) instruction. These requests will follow the convention described in
|
||||
the SMC Calling Convention PDD (`SMCCC`_). The `SMCCC`_ assigns function
|
||||
identifiers to each SMC request and describes how arguments are passed and
|
||||
results are returned.
|
||||
|
||||
SMC Functions are grouped together based on the implementor of the service, for
|
||||
example a subset of the Function IDs are designated as "OEM Calls" (see `SMCCC`_
|
||||
for full details). The EL3 runtime services framework in BL31 enables the
|
||||
independent implementation of services for each group, which are then compiled
|
||||
into the BL31 image. This simplifies the integration of common software from
|
||||
Arm to support `PSCI`_, Secure Monitor for a Trusted OS and SoC specific
|
||||
software. The common runtime services framework ensures that SMC Functions are
|
||||
dispatched to their respective service implementation - the
|
||||
:ref:`Firmware Design` document provides details of how this is achieved.
|
||||
|
||||
The interface and operation of the runtime services depends heavily on the
|
||||
concepts and definitions described in the `SMCCC`_, in particular SMC Function
|
||||
IDs, Owning Entity Numbers (OEN), Fast and Standard calls, and the SMC32 and
|
||||
SMC64 calling conventions. Please refer to that document for a full explanation
|
||||
of these terms.
|
||||
|
||||
Owning Entities, Call Types and Function IDs
|
||||
--------------------------------------------
|
||||
|
||||
The SMC Function Identifier includes a OEN field. These values and their
|
||||
meaning are described in `SMCCC`_ and summarized in table 1 below. Some entities
|
||||
are allocated a range of of OENs. The OEN must be interpreted in conjunction
|
||||
with the SMC call type, which is either *Fast* or *Yielding*. Fast calls are
|
||||
uninterruptible whereas Yielding calls can be pre-empted. The majority of
|
||||
Owning Entities only have allocated ranges for Fast calls: Yielding calls are
|
||||
reserved exclusively for Trusted OS providers or for interoperability with
|
||||
legacy 32-bit software that predates the `SMCCC`_.
|
||||
|
||||
::
|
||||
|
||||
Type OEN Service
|
||||
Fast 0 Arm Architecture calls
|
||||
Fast 1 CPU Service calls
|
||||
Fast 2 SiP Service calls
|
||||
Fast 3 OEM Service calls
|
||||
Fast 4 Standard Service calls
|
||||
Fast 5-47 Reserved for future use
|
||||
Fast 48-49 Trusted Application calls
|
||||
Fast 50-63 Trusted OS calls
|
||||
|
||||
Yielding 0- 1 Reserved for existing Armv7-A calls
|
||||
Yielding 2-63 Trusted OS Standard Calls
|
||||
|
||||
*Table 1: Service types and their corresponding Owning Entity Numbers*
|
||||
|
||||
Each individual entity can allocate the valid identifiers within the entity
|
||||
range as they need - it is not necessary to coordinate with other entities of
|
||||
the same type. For example, two SoC providers can use the same Function ID
|
||||
within the SiP Service calls OEN range to mean different things - as these
|
||||
calls should be specific to the SoC. The Standard Runtime Calls OEN is used for
|
||||
services defined by Arm standards, such as `PSCI`_.
|
||||
|
||||
The SMC Function ID also indicates whether the call has followed the SMC32
|
||||
calling convention, where all parameters are 32-bit, or the SMC64 calling
|
||||
convention, where the parameters are 64-bit. The framework identifies and
|
||||
rejects invalid calls that use the SMC64 calling convention but that originate
|
||||
from an AArch32 caller.
|
||||
|
||||
The EL3 runtime services framework uses the call type and OEN to identify a
|
||||
specific handler for each SMC call, but it is expected that an individual
|
||||
handler will be responsible for all SMC Functions within a given service type.
|
||||
|
||||
Getting started
|
||||
---------------
|
||||
|
||||
TF-A has a ``services`` directory in the source tree under which
|
||||
each owning entity can place the implementation of its runtime service. The
|
||||
`PSCI`_ implementation is located here in the ``lib/psci`` directory.
|
||||
|
||||
Runtime service sources will need to include the ``runtime_svc.h`` header file.
|
||||
|
||||
Registering a runtime service
|
||||
-----------------------------
|
||||
|
||||
A runtime service is registered using the ``DECLARE_RT_SVC()`` macro, specifying
|
||||
the name of the service, the range of OENs covered, the type of service and
|
||||
initialization and call handler functions.
|
||||
|
||||
.. code:: c
|
||||
|
||||
#define DECLARE_RT_SVC(_name, _start, _end, _type, _setup, _smch)
|
||||
|
||||
- ``_name`` is used to identify the data structure declared by this macro, and
|
||||
is also used for diagnostic purposes
|
||||
|
||||
- ``_start`` and ``_end`` values must be based on the ``OEN_*`` values defined in
|
||||
``smccc.h``
|
||||
|
||||
- ``_type`` must be one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
|
||||
|
||||
- ``_setup`` is the initialization function with the ``rt_svc_init`` signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef int32_t (*rt_svc_init)(void);
|
||||
|
||||
- ``_smch`` is the SMC handler function with the ``rt_svc_handle`` signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
|
||||
u_register_t x1, u_register_t x2,
|
||||
u_register_t x3, u_register_t x4,
|
||||
void *cookie,
|
||||
void *handle,
|
||||
u_register_t flags);
|
||||
|
||||
Details of the requirements and behavior of the two callbacks is provided in
|
||||
the following sections.
|
||||
|
||||
During initialization the services framework validates each declared service
|
||||
to ensure that the following conditions are met:
|
||||
|
||||
#. The ``_start`` OEN is not greater than the ``_end`` OEN
|
||||
#. The ``_end`` OEN does not exceed the maximum OEN value (63)
|
||||
#. The ``_type`` is one of ``SMC_TYPE_FAST`` or ``SMC_TYPE_YIELD``
|
||||
#. ``_setup`` and ``_smch`` routines have been specified
|
||||
|
||||
``std_svc_setup.c`` provides an example of registering a runtime service:
|
||||
|
||||
.. code:: c
|
||||
|
||||
/* Register Standard Service Calls as runtime service */
|
||||
DECLARE_RT_SVC(
|
||||
std_svc,
|
||||
OEN_STD_START,
|
||||
OEN_STD_END,
|
||||
SMC_TYPE_FAST,
|
||||
std_svc_setup,
|
||||
std_svc_smc_handler
|
||||
);
|
||||
|
||||
Initializing a runtime service
|
||||
------------------------------
|
||||
|
||||
Runtime services are initialized once, during cold boot, by the primary CPU
|
||||
after platform and architectural initialization is complete. The framework
|
||||
performs basic validation of the declared service before calling
|
||||
the service initialization function (``_setup`` in the declaration). This
|
||||
function must carry out any essential EL3 initialization prior to receiving a
|
||||
SMC Function call via the handler function.
|
||||
|
||||
On success, the initialization function must return ``0``. Any other return value
|
||||
will cause the framework to issue a diagnostic:
|
||||
|
||||
::
|
||||
|
||||
Error initializing runtime service <name of the service>
|
||||
|
||||
and then ignore the service - the system will continue to boot but SMC calls
|
||||
will not be passed to the service handler and instead return the *Unknown SMC
|
||||
Function ID* result ``0xFFFFFFFF``.
|
||||
|
||||
If the system must not be allowed to proceed without the service, the
|
||||
initialization function must itself cause the firmware boot to be halted.
|
||||
|
||||
If the service uses per-CPU data this must either be initialized for all CPUs
|
||||
during this call, or be done lazily when a CPU first issues an SMC call to that
|
||||
service.
|
||||
|
||||
Handling runtime service requests
|
||||
---------------------------------
|
||||
|
||||
SMC calls for a service are forwarded by the framework to the service's SMC
|
||||
handler function (``_smch`` in the service declaration). This function must have
|
||||
the following signature:
|
||||
|
||||
.. code:: c
|
||||
|
||||
typedef uintptr_t (*rt_svc_handle_t)(uint32_t smc_fid,
|
||||
u_register_t x1, u_register_t x2,
|
||||
u_register_t x3, u_register_t x4,
|
||||
void *cookie,
|
||||
void *handle,
|
||||
u_register_t flags);
|
||||
|
||||
The handler is responsible for:
|
||||
|
||||
#. Determining that ``smc_fid`` is a valid and supported SMC Function ID,
|
||||
otherwise completing the request with the *Unknown SMC Function ID*:
|
||||
|
||||
.. code:: c
|
||||
|
||||
SMC_RET1(handle, SMC_UNK);
|
||||
|
||||
#. Determining if the requested function is valid for the calling security
|
||||
state. SMC Calls can be made from Non-secure, Secure or Realm worlds and
|
||||
the framework will forward all calls to the service handler.
|
||||
|
||||
The ``flags`` parameter to this function indicates the caller security state
|
||||
in bits 0 and 5. The ``is_caller_secure(flags)``, ``is_caller_non_secure(flags)``
|
||||
and ``is_caller_realm(flags)`` helper functions can be used to determine whether
|
||||
the caller's security state is Secure, Non-secure or Realm respectively.
|
||||
|
||||
If invalid, the request should be completed with:
|
||||
|
||||
.. code:: c
|
||||
|
||||
SMC_RET1(handle, SMC_UNK);
|
||||
|
||||
#. Truncating parameters for calls made using the SMC32 calling convention.
|
||||
Such calls can be determined by checking the CC field in bit[30] of the
|
||||
``smc_fid`` parameter, for example by using:
|
||||
|
||||
::
|
||||
|
||||
if (GET_SMC_CC(smc_fid) == SMC_32) ...
|
||||
|
||||
For such calls, the upper bits of the parameters x1-x4 and the saved
|
||||
parameters X5-X7 are UNDEFINED and must be explicitly ignored by the
|
||||
handler. This can be done by truncating the values to a suitable 32-bit
|
||||
integer type before use, for example by ensuring that functions defined
|
||||
to handle individual SMC Functions use appropriate 32-bit parameters.
|
||||
|
||||
#. Providing the service requested by the SMC Function, utilizing the
|
||||
immediate parameters x1-x4 and/or the additional saved parameters X5-X7.
|
||||
The latter can be retrieved using the ``SMC_GET_GP(handle, ref)`` function,
|
||||
supplying the appropriate ``CTX_GPREG_Xn`` reference, e.g.
|
||||
|
||||
.. code:: c
|
||||
|
||||
uint64_t x6 = SMC_GET_GP(handle, CTX_GPREG_X6);
|
||||
|
||||
#. Implementing the standard SMC32 Functions that provide information about
|
||||
the implementation of the service. These are the Call Count, Implementor
|
||||
UID and Revision Details for each service documented in section 6 of the
|
||||
`SMCCC`_.
|
||||
|
||||
TF-A expects owning entities to follow this recommendation.
|
||||
|
||||
#. Returning the result to the caller. Based on `SMCCC`_ spec, results are
|
||||
returned in W0-W7(X0-X7) registers for SMC32(SMC64) calls from AArch64
|
||||
state. Results are returned in R0-R7 registers for SMC32 calls from AArch32
|
||||
state. The framework provides a family of macros to set the multi-register
|
||||
return value and complete the handler:
|
||||
|
||||
.. code:: c
|
||||
|
||||
AArch64 state:
|
||||
|
||||
SMC_RET1(handle, x0);
|
||||
SMC_RET2(handle, x0, x1);
|
||||
SMC_RET3(handle, x0, x1, x2);
|
||||
SMC_RET4(handle, x0, x1, x2, x3);
|
||||
SMC_RET5(handle, x0, x1, x2, x3, x4);
|
||||
SMC_RET6(handle, x0, x1, x2, x3, x4, x5);
|
||||
SMC_RET7(handle, x0, x1, x2, x3, x4, x5, x6);
|
||||
SMC_RET8(handle, x0, x1, x2, x3, x4, x5, x6, x7);
|
||||
|
||||
AArch32 state:
|
||||
|
||||
SMC_RET1(handle, r0);
|
||||
SMC_RET2(handle, r0, r1);
|
||||
SMC_RET3(handle, r0, r1, r2);
|
||||
SMC_RET4(handle, r0, r1, r2, r3);
|
||||
SMC_RET5(handle, r0, r1, r2, r3, r4);
|
||||
SMC_RET6(handle, r0, r1, r2, r3, r4, r5);
|
||||
SMC_RET7(handle, r0, r1, r2, r3, r4, r5, r6);
|
||||
SMC_RET8(handle, r0, r1, r2, r3, r4, r5, r6, r7);
|
||||
|
||||
The ``cookie`` parameter to the handler is reserved for future use and can be
|
||||
ignored. The ``handle`` is returned by the SMC handler - completion of the
|
||||
handler function must always be via one of the ``SMC_RETn()`` macros.
|
||||
|
||||
.. note::
|
||||
The PSCI and Test Secure-EL1 Payload Dispatcher services do not follow
|
||||
all of the above requirements yet.
|
||||
|
||||
Services that contain multiple sub-services
|
||||
-------------------------------------------
|
||||
|
||||
It is possible that a single owning entity implements multiple sub-services. For
|
||||
example, the Standard calls service handles ``0x84000000``-``0x8400FFFF`` and
|
||||
``0xC4000000``-``0xC400FFFF`` functions. Within that range, the `PSCI`_ service
|
||||
handles the ``0x84000000``-``0x8400001F`` and ``0xC4000000``-``0xC400001F`` functions.
|
||||
In that respect, `PSCI`_ is a 'sub-service' of the Standard calls service. In
|
||||
future, there could be additional such sub-services in the Standard calls
|
||||
service which perform independent functions.
|
||||
|
||||
In this situation it may be valuable to introduce a second level framework to
|
||||
enable independent implementation of sub-services. Such a framework might look
|
||||
very similar to the current runtime services framework, but using a different
|
||||
part of the SMC Function ID to identify the sub-service. TF-A does not provide
|
||||
such a framework at present.
|
||||
|
||||
Secure-EL1 Payload Dispatcher service (SPD)
|
||||
-------------------------------------------
|
||||
|
||||
Services that handle SMC Functions targeting a Trusted OS, Trusted Application,
|
||||
or other Secure-EL1 Payload are special. These services need to manage the
|
||||
Secure-EL1 context, provide the *Secure Monitor* functionality of switching
|
||||
between the normal and secure worlds, deliver SMC Calls through to Secure-EL1
|
||||
and generally manage the Secure-EL1 Payload through CPU power-state transitions.
|
||||
|
||||
TODO: Provide details of the additional work required to implement a SPD and
|
||||
the BL31 support for these services. Or a reference to the document that will
|
||||
provide this information....
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2014-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _SMCCC: https://developer.arm.com/docs/den0028/latest
|
||||
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
|
||||
167
arm-trusted-firmware/docs/getting_started/tools-build.rst
Normal file
167
arm-trusted-firmware/docs/getting_started/tools-build.rst
Normal file
@@ -0,0 +1,167 @@
|
||||
Building Supporting Tools
|
||||
=========================
|
||||
|
||||
Building and using the FIP tool
|
||||
-------------------------------
|
||||
|
||||
Firmware Image Package (FIP) is a packaging format used by TF-A to package
|
||||
firmware images in a single binary. The number and type of images that should
|
||||
be packed in a FIP is platform specific and may include TF-A images and other
|
||||
firmware images required by the platform. For example, most platforms require
|
||||
a BL33 image which corresponds to the normal world bootloader (e.g. UEFI or
|
||||
U-Boot).
|
||||
|
||||
The TF-A build system provides the make target ``fip`` to create a FIP file
|
||||
for the specified platform using the FIP creation tool included in the TF-A
|
||||
project. Examples below show how to build a FIP file for FVP, packaging TF-A
|
||||
and BL33 images.
|
||||
|
||||
For AArch64:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp BL33=<path-to>/bl33.bin fip
|
||||
|
||||
For AArch32:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=<path-to>/bl33.bin fip
|
||||
|
||||
The resulting FIP may be found in:
|
||||
|
||||
::
|
||||
|
||||
build/fvp/<build-type>/fip.bin
|
||||
|
||||
For advanced operations on FIP files, it is also possible to independently build
|
||||
the tool and create or modify FIPs using this tool. To do this, follow these
|
||||
steps:
|
||||
|
||||
It is recommended to remove old artifacts before building the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make -C tools/fiptool clean
|
||||
|
||||
Build the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make [DEBUG=1] [V=1] fiptool
|
||||
|
||||
The tool binary can be located in:
|
||||
|
||||
::
|
||||
|
||||
./tools/fiptool/fiptool
|
||||
|
||||
Invoking the tool with ``help`` will print a help message with all available
|
||||
options.
|
||||
|
||||
Example 1: create a new Firmware package ``fip.bin`` that contains BL2 and BL31:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool create \
|
||||
--tb-fw build/<platform>/<build-type>/bl2.bin \
|
||||
--soc-fw build/<platform>/<build-type>/bl31.bin \
|
||||
fip.bin
|
||||
|
||||
Example 2: view the contents of an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool info <path-to>/fip.bin
|
||||
|
||||
Example 3: update the entries of an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# Change the BL2 from Debug to Release version
|
||||
./tools/fiptool/fiptool update \
|
||||
--tb-fw build/<platform>/release/bl2.bin \
|
||||
build/<platform>/debug/fip.bin
|
||||
|
||||
Example 4: unpack all entries from an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# Images will be unpacked to the working directory
|
||||
./tools/fiptool/fiptool unpack <path-to>/fip.bin
|
||||
|
||||
Example 5: remove an entry from an existing Firmware package:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/fiptool/fiptool remove \
|
||||
--tb-fw build/<platform>/debug/fip.bin
|
||||
|
||||
Note that if the destination FIP file exists, the create, update and
|
||||
remove operations will automatically overwrite it.
|
||||
|
||||
The unpack operation will fail if the images already exist at the
|
||||
destination. In that case, use -f or --force to continue.
|
||||
|
||||
More information about FIP can be found in the :ref:`Firmware Design` document.
|
||||
|
||||
.. _tools_build_cert_create:
|
||||
|
||||
Building the Certificate Generation Tool
|
||||
----------------------------------------
|
||||
|
||||
The ``cert_create`` tool is built as part of the TF-A build process when the
|
||||
``fip`` make target is specified and TBB is enabled (as described in the
|
||||
previous section), but it can also be built separately with the following
|
||||
command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> [DEBUG=1] [V=1] certtool
|
||||
|
||||
For platforms that require their own IDs in certificate files, the generic
|
||||
'cert_create' tool can be built with the following command. Note that the target
|
||||
platform must define its IDs within a ``platform_oid.h`` header file for the
|
||||
build to succeed.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> USE_TBBR_DEFS=0 [DEBUG=1] [V=1] certtool
|
||||
|
||||
``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
|
||||
verbose. The following command should be used to obtain help about the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/cert_create/cert_create -h
|
||||
|
||||
.. _tools_build_enctool:
|
||||
|
||||
Building the Firmware Encryption Tool
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The ``encrypt_fw`` tool is built as part of the TF-A build process when the
|
||||
``fip`` make target is specified, DECRYPTION_SUPPORT and TBB are enabled, but
|
||||
it can also be built separately with the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> [DEBUG=1] [V=1] enctool
|
||||
|
||||
``DEBUG=1`` builds the tool in debug mode. ``V=1`` makes the build process more
|
||||
verbose. The following command should be used to obtain help about the tool:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./tools/encrypt_fw/encrypt_fw -h
|
||||
|
||||
Note that the enctool in its current implementation only supports encryption
|
||||
key to be provided in plain format. A typical implementation can very well
|
||||
extend this tool to support custom techniques to protect encryption key.
|
||||
|
||||
Also, a user may choose to provide encryption key or nonce as an input file
|
||||
via using ``cat <filename>`` instead of a hex string.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
68
arm-trusted-firmware/docs/global_substitutions.txt
Normal file
68
arm-trusted-firmware/docs/global_substitutions.txt
Normal file
@@ -0,0 +1,68 @@
|
||||
.. |AArch32| replace:: :term:`AArch32`
|
||||
.. |AArch64| replace:: :term:`AArch64`
|
||||
.. |AMU| replace:: :term:`AMU`
|
||||
.. |AMUs| replace:: :term:`AMUs <AMU>`
|
||||
.. |API| replace:: :term:`API`
|
||||
.. |BTI| replace:: :term:`BTI`
|
||||
.. |CoT| replace:: :term:`CoT`
|
||||
.. |COT| replace:: :term:`COT`
|
||||
.. |CSS| replace:: :term:`CSS`
|
||||
.. |CVE| replace:: :term:`CVE`
|
||||
.. |DTB| replace:: :term:`DTB`
|
||||
.. |DS-5| replace:: :term:`DS-5`
|
||||
.. |DSU| replace:: :term:`DSU`
|
||||
.. |DT| replace:: :term:`DT`
|
||||
.. |EL| replace:: :term:`EL`
|
||||
.. |EHF| replace:: :term:`EHF`
|
||||
.. |FCONF| replace:: :term:`FCONF`
|
||||
.. |FDT| replace:: :term:`FDT`
|
||||
.. |FF-A| replace:: :term:`FF-A`
|
||||
.. |FIP| replace:: :term:`FIP`
|
||||
.. |FVP| replace:: :term:`FVP`
|
||||
.. |FWU| replace:: :term:`FWU`
|
||||
.. |GIC| replace:: :term:`GIC`
|
||||
.. |ISA| replace:: :term:`ISA`
|
||||
.. |Linaro| replace:: :term:`Linaro`
|
||||
.. |MMU| replace:: :term:`MMU`
|
||||
.. |MPAM| replace:: :term:`MPAM`
|
||||
.. |MPMM| replace:: :term:`MPMM`
|
||||
.. |MPIDR| replace:: :term:`MPIDR`
|
||||
.. |MTE| replace:: :term:`MTE`
|
||||
.. |OEN| replace:: :term:`OEN`
|
||||
.. |OP-TEE| replace:: :term:`OP-TEE`
|
||||
.. |OTE| replace:: :term:`OTE`
|
||||
.. |PDD| replace:: :term:`PDD`
|
||||
.. |PAUTH| replace:: :term:`PAUTH`
|
||||
.. |PMF| replace:: :term:`PMF`
|
||||
.. |PSCI| replace:: :term:`PSCI`
|
||||
.. |RAS| replace:: :term:`RAS`
|
||||
.. |ROT| replace:: :term:`ROT`
|
||||
.. |SCMI| replace:: :term:`SCMI`
|
||||
.. |SCP| replace:: :term:`SCP`
|
||||
.. |SDEI| replace:: :term:`SDEI`
|
||||
.. |SDS| replace:: :term:`SDS`
|
||||
.. |SEA| replace:: :term:`SEA`
|
||||
.. |SiP| replace:: :term:`SiP`
|
||||
.. |SIP| replace:: :term:`SIP`
|
||||
.. |SMC| replace:: :term:`SMC`
|
||||
.. |SMCCC| replace:: :term:`SMCCC`
|
||||
.. |SoC| replace:: :term:`SoC`
|
||||
.. |SP| replace:: :term:`SP`
|
||||
.. |SPD| replace:: :term:`SPD`
|
||||
.. |SPM| replace:: :term:`SPM`
|
||||
.. |SSBS| replace:: :term:`SSBS`
|
||||
.. |SVE| replace:: :term:`SVE`
|
||||
.. |TBB| replace:: :term:`TBB`
|
||||
.. |TBBR| replace:: :term:`TBBR`
|
||||
.. |TEE| replace:: :term:`TEE`
|
||||
.. |TF-A| replace:: :term:`TF-A`
|
||||
.. |TF-M| replace:: :term:`TF-M`
|
||||
.. |TLB| replace:: :term:`TLB`
|
||||
.. |TLK| replace:: :term:`TLK`
|
||||
.. |TRNG| replace:: :term:`TRNG`
|
||||
.. |TSP| replace:: :term:`TSP`
|
||||
.. |TZC| replace:: :term:`TZC`
|
||||
.. |UBSAN| replace:: :term:`UBSAN`
|
||||
.. |UEFI| replace:: :term:`UEFI`
|
||||
.. |WDOG| replace:: :term:`WDOG`
|
||||
.. |XLAT| replace:: :term:`XLAT`
|
||||
225
arm-trusted-firmware/docs/glossary.rst
Normal file
225
arm-trusted-firmware/docs/glossary.rst
Normal file
@@ -0,0 +1,225 @@
|
||||
Glossary
|
||||
========
|
||||
|
||||
This glossary provides definitions for terms and abbreviations used in the TF-A
|
||||
documentation.
|
||||
|
||||
You can find additional definitions in the `Arm Glossary`_.
|
||||
|
||||
.. glossary::
|
||||
:sorted:
|
||||
|
||||
AArch32
|
||||
32-bit execution state of the ARMv8 ISA
|
||||
|
||||
AArch64
|
||||
64-bit execution state of the ARMv8 ISA
|
||||
|
||||
AMU
|
||||
Activity Monitor Unit, a hardware monitoring unit introduced by FEAT_AMUv1
|
||||
that exposes CPU core runtime metrics as a set of counter registers.
|
||||
|
||||
API
|
||||
Application Programming Interface
|
||||
|
||||
AT
|
||||
Address Translation
|
||||
|
||||
BTI
|
||||
Branch Target Identification. An Armv8.5 extension providing additional
|
||||
control flow integrity around indirect branches and their targets.
|
||||
|
||||
CoT
|
||||
COT
|
||||
Chain of Trust
|
||||
|
||||
CSS
|
||||
Compute Sub-System
|
||||
|
||||
CVE
|
||||
Common Vulnerabilities and Exposures. A CVE document is commonly used to
|
||||
describe a publicly-known security vulnerability.
|
||||
|
||||
DS-5
|
||||
Arm Development Studio 5
|
||||
|
||||
DSU
|
||||
DynamIQ Shared Unit
|
||||
|
||||
DT
|
||||
Device Tree
|
||||
|
||||
DTB
|
||||
Device Tree Blob
|
||||
|
||||
EL
|
||||
Exception Level
|
||||
|
||||
EHF
|
||||
Exception Handling Framework
|
||||
|
||||
FCONF
|
||||
Firmware Configuration Framework
|
||||
|
||||
FDT
|
||||
Flattened Device Tree
|
||||
|
||||
FF-A
|
||||
Firmware Framework for Arm A-profile
|
||||
|
||||
FIP
|
||||
Firmware Image Package
|
||||
|
||||
FVP
|
||||
Fixed Virtual Platform
|
||||
|
||||
FWU
|
||||
FirmWare Update
|
||||
|
||||
GIC
|
||||
Generic Interrupt Controller
|
||||
|
||||
ISA
|
||||
Instruction Set Architecture
|
||||
|
||||
Linaro
|
||||
A collaborative engineering organization consolidating
|
||||
and optimizing open source software and tools for the Arm architecture.
|
||||
|
||||
MMU
|
||||
Memory Management Unit
|
||||
|
||||
MPAM
|
||||
Memory Partitioning And Monitoring. An optional Armv8.4 extension.
|
||||
|
||||
MPMM
|
||||
Maximum Power Mitigation Mechanism, an optional power management mechanism
|
||||
supported by some Arm Armv9-A cores.
|
||||
|
||||
MPIDR
|
||||
Multiprocessor Affinity Register
|
||||
|
||||
MTE
|
||||
Memory Tagging Extension. An optional Armv8.5 extension that enables
|
||||
hardware-assisted memory tagging.
|
||||
|
||||
OEN
|
||||
Owning Entity Number
|
||||
|
||||
OP-TEE
|
||||
Open Portable Trusted Execution Environment. An example of a :term:`TEE`
|
||||
|
||||
OTE
|
||||
Open-source Trusted Execution Environment
|
||||
|
||||
PDD
|
||||
Platform Design Document
|
||||
|
||||
PAUTH
|
||||
Pointer Authentication. An optional extension introduced in Armv8.3.
|
||||
|
||||
PMF
|
||||
Performance Measurement Framework
|
||||
|
||||
PSA
|
||||
Platform Security Architecture
|
||||
|
||||
PSCI
|
||||
Power State Coordination Interface
|
||||
|
||||
RAS
|
||||
Reliability, Availability, and Serviceability extensions. A mandatory
|
||||
extension for the Armv8.2 architecture and later. An optional extension to
|
||||
the base Armv8 architecture.
|
||||
|
||||
ROT
|
||||
Root of Trust
|
||||
|
||||
SCMI
|
||||
System Control and Management Interface
|
||||
|
||||
SCP
|
||||
System Control Processor
|
||||
|
||||
SDEI
|
||||
Software Delegated Exception Interface
|
||||
|
||||
SDS
|
||||
Shared Data Storage
|
||||
|
||||
SEA
|
||||
Synchronous External Abort
|
||||
|
||||
SiP
|
||||
SIP
|
||||
Silicon Provider
|
||||
|
||||
SMC
|
||||
Secure Monitor Call
|
||||
|
||||
SMCCC
|
||||
:term:`SMC` Calling Convention
|
||||
|
||||
SoC
|
||||
System on Chip
|
||||
|
||||
SP
|
||||
Secure Partition
|
||||
|
||||
SPD
|
||||
Secure Payload Dispatcher
|
||||
|
||||
SPM
|
||||
Secure Partition Manager
|
||||
|
||||
SSBS
|
||||
Speculative Store Bypass Safe. Introduced in Armv8.5, this configuration
|
||||
bit can be set by software to allow or prevent the hardware from
|
||||
performing speculative operations.
|
||||
|
||||
SVE
|
||||
Scalable Vector Extension
|
||||
|
||||
TBB
|
||||
Trusted Board Boot
|
||||
|
||||
TBBR
|
||||
Trusted Board Boot Requirements
|
||||
|
||||
TEE
|
||||
Trusted Execution Environment
|
||||
|
||||
TF-A
|
||||
Trusted Firmware-A
|
||||
|
||||
TF-M
|
||||
Trusted Firmware-M
|
||||
|
||||
TLB
|
||||
Translation Lookaside Buffer
|
||||
|
||||
TLK
|
||||
Trusted Little Kernel. A Trusted OS from NVIDIA.
|
||||
|
||||
TRNG
|
||||
True Randon Number Generator (hardware based)
|
||||
|
||||
TSP
|
||||
Test Secure Payload
|
||||
|
||||
TZC
|
||||
TrustZone Controller
|
||||
|
||||
UBSAN
|
||||
Undefined Behavior Sanitizer
|
||||
|
||||
UEFI
|
||||
Unified Extensible Firmware Interface
|
||||
|
||||
WDOG
|
||||
Watchdog
|
||||
|
||||
XLAT
|
||||
Translation (abbr.). For example, "XLAT table".
|
||||
|
||||
.. _`Arm Glossary`: https://developer.arm.com/support/arm-glossary
|
||||
96
arm-trusted-firmware/docs/index.rst
Normal file
96
arm-trusted-firmware/docs/index.rst
Normal file
@@ -0,0 +1,96 @@
|
||||
Trusted Firmware-A Documentation
|
||||
================================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:hidden:
|
||||
|
||||
Home<self>
|
||||
about/index
|
||||
getting_started/index
|
||||
process/index
|
||||
components/index
|
||||
design/index
|
||||
plat/index
|
||||
perf/index
|
||||
security_advisories/index
|
||||
design_documents/index
|
||||
threat_model/index
|
||||
change-log
|
||||
glossary
|
||||
license
|
||||
|
||||
Trusted Firmware-A (TF-A) provides a reference implementation of secure world
|
||||
software for `Armv7-A and Armv8-A`_, including a `Secure Monitor`_ executing
|
||||
at Exception Level 3 (EL3). It implements various Arm interface standards,
|
||||
such as:
|
||||
|
||||
- The `Power State Coordination Interface (PSCI)`_
|
||||
- `Trusted Board Boot Requirements CLIENT (TBBR-CLIENT)`_
|
||||
- `SMC Calling Convention`_
|
||||
- `System Control and Management Interface (SCMI)`_
|
||||
- `Software Delegated Exception Interface (SDEI)`_
|
||||
- `PSA FW update specification`_
|
||||
|
||||
Where possible, the code is designed for reuse or porting to other Armv7-A and
|
||||
Armv8-A model and hardware platforms.
|
||||
|
||||
This release provides a suitable starting point for productization of secure
|
||||
world boot and runtime firmware, in either the AArch32 or AArch64 execution
|
||||
states.
|
||||
|
||||
Users are encouraged to do their own security validation, including penetration
|
||||
testing, on any secure world code derived from TF-A.
|
||||
|
||||
In collaboration with interested parties, we will continue to enhance |TF-A|
|
||||
with reference implementations of Arm standards to benefit developers working
|
||||
with Armv7-A and Armv8-A TrustZone technology.
|
||||
|
||||
Getting Started
|
||||
---------------
|
||||
|
||||
The |TF-A| documentation contains guidance for obtaining and building the
|
||||
software for existing, supported platforms, as well as supporting information
|
||||
for porting the software to a new platform.
|
||||
|
||||
The **About** chapter gives a high-level overview of |TF-A| features as well as
|
||||
some information on the project and how it is organized.
|
||||
|
||||
Refer to the documents in the **Getting Started** chapter for information about
|
||||
the prerequisites and requirements for building |TF-A|.
|
||||
|
||||
The **Processes & Policies** chapter explains the project's release schedule
|
||||
and process, how security disclosures are handled, and the guidelines for
|
||||
contributing to the project (including the coding style).
|
||||
|
||||
The **Components** chapter holds documents that explain specific components
|
||||
that make up the |TF-A| software, the :ref:`Exception Handling Framework`, for
|
||||
example.
|
||||
|
||||
In the **System Design** chapter you will find documents that explain the
|
||||
design of portions of the software that involve more than one component, such
|
||||
as the :ref:`Trusted Board Boot` process.
|
||||
|
||||
**Platform Ports** provides a list of the supported hardware and software-model
|
||||
platforms that are supported upstream in |TF-A|. Most of these platforms also
|
||||
have additional documentation that has been provided by the maintainers of the
|
||||
platform.
|
||||
|
||||
The results of any performance evaluations are added to the
|
||||
**Performance & Testing** chapter.
|
||||
|
||||
**Security Advisories** holds a list of documents relating to |CVE| entries that
|
||||
have previously been raised against the software.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2013-2021, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
|
||||
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
|
||||
.. _Power State Coordination Interface (PSCI): http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
|
||||
.. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT): https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
|
||||
.. _System Control and Management Interface (SCMI): http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
|
||||
.. _Software Delegated Exception Interface (SDEI): http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
|
||||
.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
|
||||
.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/a/
|
||||
90
arm-trusted-firmware/docs/license.rst
Normal file
90
arm-trusted-firmware/docs/license.rst
Normal file
@@ -0,0 +1,90 @@
|
||||
License
|
||||
=======
|
||||
|
||||
The software is provided under a BSD-3-Clause license (below). Contributions to
|
||||
this project are accepted under the same license with developer sign-off as
|
||||
described in the :ref:`Contributor's Guide`.
|
||||
|
||||
::
|
||||
|
||||
Copyright (c) [XXXX-]YYYY, <OWNER>. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
- Redistributions of source code must retain the above copyright notice, this
|
||||
list of conditions and the following disclaimer.
|
||||
|
||||
- Redistributions in binary form must reproduce the above copyright notice,
|
||||
this list of conditions and the following disclaimer in the documentation
|
||||
and/or other materials provided with the distribution.
|
||||
|
||||
- Neither the name of Arm nor the names of its contributors may be used to
|
||||
endorse or promote products derived from this software without specific
|
||||
prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
|
||||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
||||
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
SPDX Identifiers
|
||||
----------------
|
||||
|
||||
Individual files contain the following tag instead of the full license text.
|
||||
|
||||
::
|
||||
|
||||
SPDX-License-Identifier: BSD-3-Clause
|
||||
|
||||
This enables machine processing of license information based on the SPDX
|
||||
License Identifiers that are here available: http://spdx.org/licenses/
|
||||
|
||||
|
||||
Other Projects
|
||||
--------------
|
||||
|
||||
This project contains code from other projects as listed below. The original
|
||||
license text is included in those source files.
|
||||
|
||||
- The libc source code is derived from `FreeBSD`_ and `SCC`_. FreeBSD uses
|
||||
various BSD licenses, including BSD-3-Clause and BSD-2-Clause. The SCC code
|
||||
is used under the BSD-3-Clause license with the author's permission.
|
||||
|
||||
- The libfdt source code is disjunctively dual licensed
|
||||
(GPL-2.0+ OR BSD-2-Clause). It is used by this project under the terms of
|
||||
the BSD-2-Clause license. Any contributions to this code must be made under
|
||||
the terms of both licenses.
|
||||
|
||||
- The LLVM compiler-rt source code is disjunctively dual licensed
|
||||
(NCSA OR MIT). It is used by this project under the terms of the NCSA
|
||||
license (also known as the University of Illinois/NCSA Open Source License),
|
||||
which is a permissive license compatible with BSD-3-Clause. Any
|
||||
contributions to this code must be made under the terms of both licenses.
|
||||
|
||||
- The zlib source code is licensed under the Zlib license, which is a
|
||||
permissive license compatible with BSD-3-Clause.
|
||||
|
||||
- Some STMicroelectronics platform source code is disjunctively dual licensed
|
||||
(GPL-2.0+ OR BSD-3-Clause). It is used by this project under the terms of the
|
||||
BSD-3-Clause license. Any contributions to this code must be made under the
|
||||
terms of both licenses.
|
||||
|
||||
- Some source files originating from the Linux source tree, which are
|
||||
disjunctively dual licensed (GPL-2.0 OR MIT), are redistributed under the
|
||||
terms of the MIT license. These files are:
|
||||
|
||||
- ``include/dt-bindings/interrupt-controller/arm-gic.h``
|
||||
- ``include/dt-bindings/interrupt-controller/irq.h``
|
||||
|
||||
See the original `Linux MIT license`_.
|
||||
|
||||
.. _FreeBSD: http://www.freebsd.org
|
||||
.. _Linux MIT license: https://raw.githubusercontent.com/torvalds/linux/master/LICENSES/preferred/MIT
|
||||
.. _SCC: http://www.simple-cc.org/
|
||||
15
arm-trusted-firmware/docs/perf/index.rst
Normal file
15
arm-trusted-firmware/docs/perf/index.rst
Normal file
@@ -0,0 +1,15 @@
|
||||
Performance & Testing
|
||||
=====================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
|
||||
psci-performance-juno
|
||||
tsp
|
||||
performance-monitoring-unit
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
|
||||
158
arm-trusted-firmware/docs/perf/performance-monitoring-unit.rst
Normal file
158
arm-trusted-firmware/docs/perf/performance-monitoring-unit.rst
Normal file
@@ -0,0 +1,158 @@
|
||||
Performance Monitoring Unit
|
||||
===========================
|
||||
|
||||
The Performance Monitoring Unit (PMU) allows recording of architectural and
|
||||
microarchitectural events for profiling purposes.
|
||||
|
||||
This document gives an overview of the PMU counter configuration to assist with
|
||||
implementation and to complement the PMU security guidelines given in the
|
||||
:ref:`Secure Development Guidelines` document.
|
||||
|
||||
.. note::
|
||||
This section applies to Armv8-A implementations which have version 3
|
||||
of the Performance Monitors Extension (PMUv3).
|
||||
|
||||
PMU Counters
|
||||
------------
|
||||
|
||||
The PMU makes 32 counters available at all privilege levels:
|
||||
|
||||
- 31 programmable event counters: ``PMEVCNTR<n>``, where ``n`` is ``0`` to
|
||||
``30``.
|
||||
- A dedicated cycle counter: ``PMCCNTR``.
|
||||
|
||||
Architectural mappings
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+--------------+---------+----------------------------+
|
||||
| Counters | State | System Register Name |
|
||||
+==============+=========+============================+
|
||||
| | AArch64 | ``PMEVCNTR<n>_EL0[63*:0]`` |
|
||||
| Programmable +---------+----------------------------+
|
||||
| | AArch32 | ``PMEVCNTR<n>[31:0]`` |
|
||||
+--------------+---------+----------------------------+
|
||||
| | AArch64 | ``PMCCNTR_EL0[63:0]`` |
|
||||
| Cycle +---------+----------------------------+
|
||||
| | AArch32 | ``PMCCNTR[63:0]`` |
|
||||
+--------------+---------+----------------------------+
|
||||
|
||||
.. note::
|
||||
Bits [63:32] are only available if ARMv8.5-PMU is implemented. Refer to the
|
||||
`Arm ARM`_ for a detailed description of ARMv8.5-PMU features.
|
||||
|
||||
Configuring the PMU for counting events
|
||||
---------------------------------------
|
||||
|
||||
Each programmable counter has an associated register, ``PMEVTYPER<n>`` which
|
||||
configures it. The cycle counter has the ``PMCCFILTR_EL0`` register, which has
|
||||
an identical function and bit field layout as ``PMEVTYPER<n>``. In addition,
|
||||
the counters are enabled (permitted to increment) via the ``PMCNTENSET`` and
|
||||
``PMCR`` registers. These can be accessed at all privilege levels.
|
||||
|
||||
Architectural mappings
|
||||
~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-----------------------------+------------------------+
|
||||
| AArch64 | AArch32 |
|
||||
+=============================+========================+
|
||||
| ``PMEVTYPER<n>_EL0[63*:0]`` | ``PMEVTYPER<n>[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCCFILTR_EL0[63*:0]`` | ``PMCCFILTR[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCNTENSET_EL0[63*:0]`` | ``PMCNTENSET[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
| ``PMCR_EL0[63*:0]`` | ``PMCR[31:0]`` |
|
||||
+-----------------------------+------------------------+
|
||||
|
||||
.. note::
|
||||
Bits [63:32] are reserved.
|
||||
|
||||
Relevant register fields
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
For ``PMEVTYPER<n>_EL0``/``PMEVTYPER<n>`` and ``PMCCFILTR_EL0/PMCCFILTR``, the
|
||||
most important fields are:
|
||||
|
||||
- ``P``:
|
||||
|
||||
- Bit 31.
|
||||
- If set to ``0``, will increment the associated ``PMEVCNTR<n>`` at EL1.
|
||||
|
||||
- ``NSK``:
|
||||
|
||||
- Bit 29.
|
||||
- If equal to the ``P`` bit it enables the associated ``PMEVCNTR<n>`` at
|
||||
Non-secure EL1.
|
||||
- Reserved if EL3 not implemented.
|
||||
|
||||
- ``NSH``:
|
||||
|
||||
- Bit 27.
|
||||
- If set to ``1``, will increment the associated ``PMEVCNTR<n>`` at EL2.
|
||||
- Reserved if EL2 not implemented.
|
||||
|
||||
- ``SH``:
|
||||
|
||||
- Bit 24.
|
||||
- If different to the ``NSH`` bit it enables the associated ``PMEVCNTR<n>``
|
||||
at Secure EL2.
|
||||
- Reserved if Secure EL2 not implemented.
|
||||
|
||||
- ``M``:
|
||||
|
||||
- Bit 26.
|
||||
- If equal to the ``P`` bit it enables the associated ``PMEVCNTR<n>`` at
|
||||
EL3.
|
||||
|
||||
- ``evtCount[15:10]``:
|
||||
|
||||
- Extension to ``evtCount[9:0]``. Reserved unless ARMv8.1-PMU implemented.
|
||||
|
||||
- ``evtCount[9:0]``:
|
||||
|
||||
- The event number that the associated ``PMEVCNTR<n>`` will count.
|
||||
|
||||
For ``PMCNTENSET_EL0``/``PMCNTENSET``, the most important fields are:
|
||||
|
||||
- ``P[30:0]``:
|
||||
|
||||
- Setting bit ``P[n]`` to ``1`` enables counter ``PMEVCNTR<n>``.
|
||||
- The effects of ``PMEVTYPER<n>`` are applied on top of this.
|
||||
In other words, the counter will not increment at any privilege level or
|
||||
security state unless it is enabled here.
|
||||
|
||||
- ``C``:
|
||||
|
||||
- Bit 31.
|
||||
- If set to ``1`` enables the cycle counter ``PMCCNTR``.
|
||||
|
||||
For ``PMCR``/``PMCR_EL0``, the most important fields are:
|
||||
|
||||
- ``DP``:
|
||||
|
||||
- Bit 5.
|
||||
- If set to ``1`` it disables the cycle counter ``PMCCNTR`` where event
|
||||
counting (by ``PMEVCNTR<n>``) is prohibited (e.g. EL2 and the Secure
|
||||
world).
|
||||
- If set to ``0``, ``PMCCNTR`` will not be affected by this bit and
|
||||
therefore will be able to count where the programmable counters are
|
||||
prohibited.
|
||||
|
||||
- ``E``:
|
||||
|
||||
- Bit 0.
|
||||
- Enables/disables counting altogether.
|
||||
- The effects of ``PMCNTENSET`` and ``PMCR.DP`` are applied on top of this.
|
||||
In other words, if this bit is ``0`` then no counters will increment
|
||||
regardless of how the other PMU system registers or bit fields are
|
||||
configured.
|
||||
|
||||
.. rubric:: References
|
||||
|
||||
- `Arm ARM`_
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Arm ARM: https://developer.arm.com/docs/ddi0487/latest
|
||||
292
arm-trusted-firmware/docs/perf/psci-performance-juno.rst
Normal file
292
arm-trusted-firmware/docs/perf/psci-performance-juno.rst
Normal file
@@ -0,0 +1,292 @@
|
||||
PSCI Performance Measurements on Arm Juno Development Platform
|
||||
==============================================================
|
||||
|
||||
This document summarises the findings of performance measurements of key
|
||||
operations in the Trusted Firmware-A Power State Coordination Interface (PSCI)
|
||||
implementation, using the in-built Performance Measurement Framework (PMF) and
|
||||
runtime instrumentation timestamps.
|
||||
|
||||
Method
|
||||
------
|
||||
|
||||
We used the `Juno R1 platform`_ for these tests, which has 4 x Cortex-A53 and 2
|
||||
x Cortex-A57 clusters running at the following frequencies:
|
||||
|
||||
+-----------------+--------------------+
|
||||
| Domain | Frequency (MHz) |
|
||||
+=================+====================+
|
||||
| Cortex-A57 | 900 (nominal) |
|
||||
+-----------------+--------------------+
|
||||
| Cortex-A53 | 650 (underdrive) |
|
||||
+-----------------+--------------------+
|
||||
| AXI subsystem | 533 |
|
||||
+-----------------+--------------------+
|
||||
|
||||
Juno supports CPU, cluster and system power down states, corresponding to power
|
||||
levels 0, 1 and 2 respectively. It does not support any retention states.
|
||||
|
||||
We used the upstream `TF master as of 31/01/2017`_, building the platform using
|
||||
the ``ENABLE_RUNTIME_INSTRUMENTATION`` option:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=juno ENABLE_RUNTIME_INSTRUMENTATION=1 \
|
||||
SCP_BL2=<path/to/scp-fw.bin> \
|
||||
BL33=<path/to/test-fw.bin> \
|
||||
all fip
|
||||
|
||||
When using the debug build of TF, there was no noticeable difference in the
|
||||
results.
|
||||
|
||||
The tests are based on an ARM-internal test framework. The release build of this
|
||||
framework was used because the results in the debug build became skewed; the
|
||||
console output prevented some of the tests from executing in parallel.
|
||||
|
||||
The tests consist of both parallel and sequential tests, which are broadly
|
||||
described as follows:
|
||||
|
||||
- **Parallel Tests** This type of test powers on all the non-lead CPUs and
|
||||
brings them and the lead CPU to a common synchronization point. The lead CPU
|
||||
then initiates the test on all CPUs in parallel.
|
||||
|
||||
- **Sequential Tests** This type of test powers on each non-lead CPU in
|
||||
sequence. The lead CPU initiates the test on a non-lead CPU then waits for the
|
||||
test to complete before proceeding to the next non-lead CPU. The lead CPU then
|
||||
executes the test on itself.
|
||||
|
||||
In the results below, CPUs 0-3 refer to CPUs in the little cluster (A53) and
|
||||
CPUs 4-5 refer to CPUs in the big cluster (A57). In all cases CPU 4 is the lead
|
||||
CPU.
|
||||
|
||||
``PSCI_ENTRY`` refers to the time taken from entering the TF PSCI implementation
|
||||
to the point the hardware enters the low power state (WFI). Referring to the TF
|
||||
runtime instrumentation points, this corresponds to:
|
||||
``(RT_INSTR_ENTER_HW_LOW_PWR - RT_INSTR_ENTER_PSCI)``.
|
||||
|
||||
``PSCI_EXIT`` refers to the time taken from the point the hardware exits the low
|
||||
power state to exiting the TF PSCI implementation. This corresponds to:
|
||||
``(RT_INSTR_EXIT_PSCI - RT_INSTR_EXIT_HW_LOW_PWR)``.
|
||||
|
||||
``CFLUSH_OVERHEAD`` refers to the part of ``PSCI_ENTRY`` taken to flush the
|
||||
caches. This corresponds to: ``(RT_INSTR_EXIT_CFLUSH - RT_INSTR_ENTER_CFLUSH)``.
|
||||
|
||||
Note there is very little variance observed in the values given (~1us), although
|
||||
the values for each CPU are sometimes interchanged, depending on the order in
|
||||
which locks are acquired. Also, there is very little variance observed between
|
||||
executing the tests sequentially in a single boot or rebooting between tests.
|
||||
|
||||
Given that runtime instrumentation using PMF is invasive, there is a small
|
||||
(unquantified) overhead on the results. PMF uses the generic counter for
|
||||
timestamps, which runs at 50MHz on Juno.
|
||||
|
||||
Results and Commentary
|
||||
----------------------
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 27 | 20 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 114 | 86 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 202 | 58 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 375 | 29 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 20 | 22 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 290 | 18 | 206 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
A large variance in ``PSCI_ENTRY`` and ``PSCI_EXIT`` times across CPUs is
|
||||
observed due to TF PSCI lock contention. In the worst case, CPU 3 has to wait
|
||||
for the 3 other CPUs in the cluster (0-2) to complete ``PSCI_ENTRY`` and release
|
||||
the lock before proceeding.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for CPUs 3 and 5 are higher because they are the
|
||||
last CPUs in their respective clusters to power down, therefore both the L1 and
|
||||
L2 caches are flushed.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 5 is a lot larger than that for CPU 3
|
||||
because the L2 cache size for the big cluster is lot larger (2MB) compared to
|
||||
the little cluster (1MB).
|
||||
|
||||
``CPU_SUSPEND`` to power level 0 on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 116 | 14 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 204 | 14 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 287 | 13 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 376 | 13 | 9 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 29 | 15 | 7 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 21 | 15 | 8 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
There is no lock contention in TF generic code at power level 0 but the large
|
||||
variance in ``PSCI_ENTRY`` times across CPUs is due to lock contention in Juno
|
||||
platform code. The platform lock is used to mediate access to a single SCP
|
||||
communication channel. This is compounded by the SCP firmware waiting for each
|
||||
AP CPU to enter WFI before making the channel available to other CPUs, which
|
||||
effectively serializes the SCP power down commands from all CPUs.
|
||||
|
||||
On platforms with a more efficient CPU power down mechanism, it should be
|
||||
possible to make the ``PSCI_ENTRY`` times smaller and consistent.
|
||||
|
||||
The ``PSCI_EXIT`` times are consistent across all CPUs because TF does not
|
||||
require locks at power level 0.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for all CPUs are small and consistent since only
|
||||
the cache associated with power level 0 is flushed (L1).
|
||||
|
||||
``CPU_SUSPEND`` to deepest power level on all CPUs in sequence
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 114 | 20 | 94 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 195 | 22 | 180 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 21 | 17 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for lead CPU 4 and all CPUs in the non-lead cluster
|
||||
are large because all other CPUs in the cluster are powered down during the
|
||||
test. The ``CPU_SUSPEND`` call powers down to the cluster level, requiring a
|
||||
flush of both L1 and L2 caches.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 4 is a lot larger than those for the little
|
||||
CPUs because the L2 cache size for the big cluster is lot larger (2MB) compared
|
||||
to the little cluster (1MB).
|
||||
|
||||
The ``PSCI_ENTRY`` and ``CFLUSH_OVERHEAD`` times for CPU 5 are low because lead
|
||||
CPU 4 continues to run while CPU 5 is suspended. Hence CPU 5 only powers down to
|
||||
level 0, which only requires L1 cache flush.
|
||||
|
||||
``CPU_SUSPEND`` to power level 0 on all CPUs in sequence
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 21 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 22 | 14 | 5 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 17 | 14 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 18 | 15 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
Here the times are small and consistent since there is no contention and it is
|
||||
only necessary to flush the cache to power level 0 (L1). This is the best case
|
||||
scenario.
|
||||
|
||||
The ``PSCI_ENTRY`` times for CPUs in the big cluster are slightly smaller than
|
||||
for the CPUs in little cluster due to greater CPU performance.
|
||||
|
||||
The ``PSCI_EXIT`` times are generally lower than in the last test because the
|
||||
cluster remains powered on throughout the test and there is less code to execute
|
||||
on power on (for example, no need to enter CCI coherency)
|
||||
|
||||
``CPU_OFF`` on all non-lead CPUs in sequence then ``CPU_SUSPEND`` on lead CPU to deepest power level
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The test sequence here is as follows:
|
||||
|
||||
1. Call ``CPU_ON`` and ``CPU_OFF`` on each non-lead CPU in sequence.
|
||||
|
||||
2. Program wake up timer and suspend the lead CPU to the deepest power level.
|
||||
|
||||
3. Call ``CPU_ON`` on non-lead CPU to get the timestamps from each CPU.
|
||||
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| CPU | ``PSCI_ENTRY`` (us) | ``PSCI_EXIT`` (us) | ``CFLUSH_OVERHEAD`` (us) |
|
||||
+=======+=====================+====================+==========================+
|
||||
| 0 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 1 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 2 | 110 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 3 | 111 | 28 | 93 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 4 | 195 | 22 | 181 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
| 5 | 20 | 23 | 6 |
|
||||
+-------+---------------------+--------------------+--------------------------+
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` times for all little CPUs are large because all other
|
||||
CPUs in that cluster are powerered down during the test. The ``CPU_OFF`` call
|
||||
powers down to the cluster level, requiring a flush of both L1 and L2 caches.
|
||||
|
||||
The ``PSCI_ENTRY`` and ``CFLUSH_OVERHEAD`` times for CPU 5 are small because
|
||||
lead CPU 4 is running and CPU 5 only powers down to level 0, which only requires
|
||||
an L1 cache flush.
|
||||
|
||||
The ``CFLUSH_OVERHEAD`` time for CPU 4 is a lot larger than those for the little
|
||||
CPUs because the L2 cache size for the big cluster is lot larger (2MB) compared
|
||||
to the little cluster (1MB).
|
||||
|
||||
The ``PSCI_EXIT`` times for CPUs in the big cluster are slightly smaller than
|
||||
for CPUs in the little cluster due to greater CPU performance. These times
|
||||
generally are greater than the ``PSCI_EXIT`` times in the ``CPU_SUSPEND`` tests
|
||||
because there is more code to execute in the "on finisher" compared to the
|
||||
"suspend finisher" (for example, GIC redistributor register programming).
|
||||
|
||||
``PSCI_VERSION`` on all CPUs in parallel
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Since very little code is associated with ``PSCI_VERSION``, this test
|
||||
approximates the round trip latency for handling a fast SMC at EL3 in TF.
|
||||
|
||||
+-------+-------------------+
|
||||
| CPU | TOTAL TIME (ns) |
|
||||
+=======+===================+
|
||||
| 0 | 3020 |
|
||||
+-------+-------------------+
|
||||
| 1 | 2940 |
|
||||
+-------+-------------------+
|
||||
| 2 | 2980 |
|
||||
+-------+-------------------+
|
||||
| 3 | 3060 |
|
||||
+-------+-------------------+
|
||||
| 4 | 520 |
|
||||
+-------+-------------------+
|
||||
| 5 | 720 |
|
||||
+-------+-------------------+
|
||||
|
||||
The times for the big CPUs are less than the little CPUs due to greater CPU
|
||||
performance.
|
||||
|
||||
We suspect the time for lead CPU 4 is shorter than CPU 5 due to subtle cache
|
||||
effects, given that these measurements are at the nano-second level.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited and Contributors. All rights reserved.*
|
||||
|
||||
.. _Juno R1 platform: https://static.docs.arm.com/100122/0100/arm_versatile_express_juno_r1_development_platform_(v2m_juno_r1)_technical_reference_manual_100122_0100_05_en.pdf
|
||||
.. _TF master as of 31/01/2017: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?id=c38b36d
|
||||
27
arm-trusted-firmware/docs/perf/tsp.rst
Normal file
27
arm-trusted-firmware/docs/perf/tsp.rst
Normal file
@@ -0,0 +1,27 @@
|
||||
Test Secure Payload (TSP) and Dispatcher (TSPD)
|
||||
===============================================
|
||||
|
||||
Building the Test Secure Payload
|
||||
--------------------------------
|
||||
|
||||
The TSP is coupled with a companion runtime service in the BL31 firmware,
|
||||
called the TSPD. Therefore, if you intend to use the TSP, the BL31 image
|
||||
must be recompiled as well. For more information on SPs and SPDs, see the
|
||||
:ref:`firmware_design_sel1_spd` section in the :ref:`Firmware Design`.
|
||||
|
||||
First clean the TF-A build directory to get rid of any previous BL31 binary.
|
||||
Then to build the TSP image use:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=<platform> SPD=tspd all
|
||||
|
||||
An additional boot loader binary file is created in the ``build`` directory:
|
||||
|
||||
::
|
||||
|
||||
build/<platform>/<build-type>/bl32.bin
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
142
arm-trusted-firmware/docs/plat/allwinner.rst
Normal file
142
arm-trusted-firmware/docs/plat/allwinner.rst
Normal file
@@ -0,0 +1,142 @@
|
||||
Allwinner ARMv8 SoCs
|
||||
====================
|
||||
|
||||
Trusted Firmware-A (TF-A) implements the EL3 firmware layer for Allwinner
|
||||
SoCs with ARMv8 cores. Only BL31 is used to provide proper EL3 setup and
|
||||
PSCI runtime services.
|
||||
|
||||
Building TF-A
|
||||
-------------
|
||||
|
||||
There is one build target per supported SoC:
|
||||
|
||||
+------+-------------------+
|
||||
| SoC | TF-A build target |
|
||||
+======+===================+
|
||||
| A64 | sun50i_a64 |
|
||||
+------+-------------------+
|
||||
| H5 | sun50i_a64 |
|
||||
+------+-------------------+
|
||||
| H6 | sun50i_h6 |
|
||||
+------+-------------------+
|
||||
| H616 | sun50i_h616 |
|
||||
+------+-------------------+
|
||||
| H313 | sun50i_h616 |
|
||||
+------+-------------------+
|
||||
| R329 | sun50i_r329 |
|
||||
+------+-------------------+
|
||||
|
||||
To build with the default settings for a particular SoC:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- PLAT=<build target> DEBUG=1
|
||||
|
||||
So for instance to build for a board with the Allwinner A64 SoC::
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- PLAT=sun50i_a64 DEBUG=1
|
||||
|
||||
Platform-specific build options
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
The default build options should generate a working firmware image. There are
|
||||
some build options that allow to fine-tune the firmware, or to disable support
|
||||
for optional features.
|
||||
|
||||
- ``SUNXI_PSCI_USE_NATIVE`` : Support direct control of the CPU cores powerdown
|
||||
and powerup sequence by BL31. This requires either support for a code snippet
|
||||
to be loaded into the ARISC SCP (A64, H5), or the power sequence control
|
||||
registers to be programmed directly (H6, H616). This supports only basic
|
||||
control, like core on/off and system off/reset.
|
||||
This option defaults to 1. If an active SCP supporting the SCPI protocol
|
||||
is detected at runtime, this control scheme will be ignored, and SCPI
|
||||
will be used instead, unless support has been explicitly disabled.
|
||||
|
||||
- ``SUNXI_PSCI_USE_SCPI`` : Support control of the CPU cores powerdown and
|
||||
powerup sequence by talking to the SCP processor via the SCPI protocol.
|
||||
This allows more advanced power saving techniques, like suspend to RAM.
|
||||
This option defaults to 1 on SoCs that feature an SCP. If no SCP firmware
|
||||
using the SCPI protocol is detected, the native sequence will be used
|
||||
instead. If both native and SCPI methods are included, SCPI will be favoured
|
||||
if SCP support is detected.
|
||||
|
||||
- ``SUNXI_SETUP_REGULATORS`` : On SoCs that typically ship with a PMIC
|
||||
power management controller, BL31 tries to set up all needed power rails,
|
||||
programming them to their respective voltages. That allows bootloader
|
||||
software like U-Boot to ignore power control via the PMIC.
|
||||
This setting defaults to 1. In some situations that enables too many
|
||||
regulators, or some regulators need to be enabled in a very specific
|
||||
sequence. To avoid problems with those boards, ``SUNXI_SETUP_REGULATORS``
|
||||
can bet set to ``0`` on the build command line, to skip the PMIC setup
|
||||
entirely. Any bootloader or OS would need to setup the PMIC on its own then.
|
||||
|
||||
Installation
|
||||
------------
|
||||
|
||||
U-Boot's SPL acts as a loader, loading both BL31 and BL33 (typically U-Boot).
|
||||
Loading is done from SD card, eMMC or SPI flash, also via an USB debug
|
||||
interface (FEL).
|
||||
|
||||
After building bl31.bin, the binary must be fed to the U-Boot build system
|
||||
to include it in the FIT image that the SPL loader will process.
|
||||
bl31.bin can be either copied (or sym-linked) into U-Boot's root directory,
|
||||
or the environment variable BL31 must contain the binary's path.
|
||||
See the respective `U-Boot documentation`_ for more details.
|
||||
|
||||
.. _U-Boot documentation: https://gitlab.denx.de/u-boot/u-boot/-/blob/master/board/sunxi/README.sunxi64
|
||||
|
||||
Memory layout
|
||||
-------------
|
||||
|
||||
A64, H5 and H6 SoCs
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
BL31 lives in SRAM A2, which is documented to be accessible from secure
|
||||
world only. Since this SRAM region is very limited (48 KB), we take
|
||||
several measures to reduce memory consumption. One of them is to confine
|
||||
BL31 to only 28 bits of virtual address space, which reduces the number
|
||||
of required page tables (each occupying 4KB of memory).
|
||||
The mapping we use on those SoCs is as follows:
|
||||
|
||||
::
|
||||
|
||||
0 64K 16M 1GB 1G+160M physical address
|
||||
+-+------+-+---+------+--...---+-------+----+------+----------
|
||||
|B| |S|///| |//...///| |////| |
|
||||
|R| SRAM |C|///| dev |//...///| (sec) |////| BL33 | DRAM ...
|
||||
|O| |P|///| MMIO |//...///| DRAM |////| |
|
||||
|M| | |///| |//...///| (32M) |////| |
|
||||
+-+------+-+---+------+--...---+-------+----+------+----------
|
||||
| | | | | | / / / /
|
||||
| | | | | | / / / /
|
||||
| | | | | | / / / /
|
||||
| | | | | | / // /
|
||||
| | | | | | / / /
|
||||
+-+------+-+---+------+--+-------+------+
|
||||
|B| |S|///| |//| | |
|
||||
|R| SRAM |C|///| dev |//| sec | BL33 |
|
||||
|O| |P|///| MMIO |//| DRAM | |
|
||||
|M| | |///| |//| | |
|
||||
+-+------+-+---+------+--+-------+------+
|
||||
0 64K 16M 160M 192M 256M virtual address
|
||||
|
||||
|
||||
H616 SoC
|
||||
~~~~~~~~
|
||||
|
||||
The H616 lacks the secure SRAM region present on the other SoCs, also
|
||||
lacks the "ARISC" management processor (SCP) we use. BL31 thus needs to
|
||||
run from DRAM, which prevents our compressed virtual memory map described
|
||||
above. Since running in DRAM also lifts the restriction of the limited
|
||||
SRAM size, we use the normal 1:1 mapping with 32 bits worth of virtual
|
||||
address space. So the virtual addresses used in BL31 match the physical
|
||||
addresses as presented above.
|
||||
|
||||
Trusted OS dispatcher
|
||||
---------------------
|
||||
|
||||
One can boot Trusted OS(OP-TEE OS, bl32 image) along side bl31 image on Allwinner A64.
|
||||
|
||||
In order to include the 'opteed' dispatcher in the image, pass 'SPD=opteed' on the command line
|
||||
while compiling the bl31 image and make sure the loader (SPL) loads the Trusted OS binary to
|
||||
the beginning of DRAM (0x40000000).
|
||||
159
arm-trusted-firmware/docs/plat/arm/arm-build-options.rst
Normal file
159
arm-trusted-firmware/docs/plat/arm/arm-build-options.rst
Normal file
@@ -0,0 +1,159 @@
|
||||
Arm Development Platform Build Options
|
||||
======================================
|
||||
|
||||
Arm Platform Build Options
|
||||
--------------------------
|
||||
|
||||
- ``ARM_BL31_IN_DRAM``: Boolean option to select loading of BL31 in TZC secured
|
||||
DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
|
||||
BL31 in TZC secured DRAM. If TSP is present, then setting this option also
|
||||
sets the TSP location to DRAM and ignores the ``ARM_TSP_RAM_LOCATION`` build
|
||||
flag.
|
||||
|
||||
- ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
|
||||
frame registers by setting the ``CNTCTLBase.CNTACR<N>`` register bits. The
|
||||
frame number ``<N>`` is defined by ``PLAT_ARM_NSTIMER_FRAME_ID``, which
|
||||
should match the frame used by the Non-Secure image (normally the Linux
|
||||
kernel). Default is true (access to the frame is allowed).
|
||||
|
||||
- ``ARM_DISABLE_TRUSTED_WDOG``: boolean option to disable the Trusted Watchdog.
|
||||
By default, Arm platforms use a watchdog to trigger a system reset in case
|
||||
an error is encountered during the boot process (for example, when an image
|
||||
could not be loaded or authenticated). The watchdog is enabled in the early
|
||||
platform setup hook at BL1 and disabled in the BL1 prepare exit hook. The
|
||||
Trusted Watchdog may be disabled at build time for testing or development
|
||||
purposes.
|
||||
|
||||
- ``ARM_LINUX_KERNEL_AS_BL33``: The Linux kernel expects registers x0-x3 to
|
||||
have specific values at boot. This boolean option allows the Trusted Firmware
|
||||
to have a Linux kernel image as BL33 by preparing the registers to these
|
||||
values before jumping to BL33. This option defaults to 0 (disabled). For
|
||||
AArch64 ``RESET_TO_BL31`` and for AArch32 ``RESET_TO_SP_MIN`` must be 1 when
|
||||
using it. If this option is set to 1, ``ARM_PRELOADED_DTB_BASE`` must be set
|
||||
to the location of a device tree blob (DTB) already loaded in memory. The
|
||||
Linux Image address must be specified using the ``PRELOADED_BL33_BASE``
|
||||
option.
|
||||
|
||||
- ``ARM_PLAT_MT``: This flag determines whether the Arm platform layer has to
|
||||
cater for the multi-threading ``MT`` bit when accessing MPIDR. When this flag
|
||||
is set, the functions which deal with MPIDR assume that the ``MT`` bit in
|
||||
MPIDR is set and access the bit-fields in MPIDR accordingly. Default value of
|
||||
this flag is 0. Note that this option is not used on FVP platforms.
|
||||
|
||||
- ``ARM_RECOM_STATE_ID_ENC``: The PSCI1.0 specification recommends an encoding
|
||||
for the construction of composite state-ID in the power-state parameter.
|
||||
The existing PSCI clients currently do not support this encoding of
|
||||
State-ID yet. Hence this flag is used to configure whether to use the
|
||||
recommended State-ID encoding or not. The default value of this flag is 0,
|
||||
in which case the platform is configured to expect NULL in the State-ID
|
||||
field of power-state parameter.
|
||||
|
||||
- ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
|
||||
location of the ROTPK hash returned by the function ``plat_get_rotpk_info()``
|
||||
for Arm platforms. Depending on the selected option, the proper private key
|
||||
must be specified using the ``ROT_KEY`` option when building the Trusted
|
||||
Firmware. This private key will be used by the certificate generation tool
|
||||
to sign the BL2 and Trusted Key certificates. Available options for
|
||||
``ARM_ROTPK_LOCATION`` are:
|
||||
|
||||
- ``regs`` : return the ROTPK hash stored in the Trusted root-key storage
|
||||
registers.
|
||||
- ``devel_rsa`` : return a development public key hash embedded in the BL1
|
||||
and BL2 binaries. This hash has been obtained from the RSA public key
|
||||
``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``. To use
|
||||
this option, ``arm_rotprivk_rsa.pem`` must be specified as ``ROT_KEY``
|
||||
when creating the certificates.
|
||||
- ``devel_ecdsa`` : return a development public key hash embedded in the BL1
|
||||
and BL2 binaries. This hash has been obtained from the ECDSA public key
|
||||
``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To
|
||||
use this option, ``arm_rotprivk_ecdsa.pem`` must be specified as
|
||||
``ROT_KEY`` when creating the certificates.
|
||||
|
||||
- ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``. Specifies the
|
||||
location of the ROTPK hash. Not expected to be a build option. This defaults to
|
||||
``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified algorithm.
|
||||
Providing ``ROT_KEY`` enforces generation of the hash from the ``ROT_KEY`` and
|
||||
overwrites the default hash file.
|
||||
|
||||
- ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options:
|
||||
|
||||
- ``tsram`` : Trusted SRAM (default option when TBB is not enabled)
|
||||
- ``tdram`` : Trusted DRAM (if available)
|
||||
- ``dram`` : Secure region in DRAM (default option when TBB is enabled,
|
||||
configured by the TrustZone controller)
|
||||
|
||||
- ``ARM_XLAT_TABLES_LIB_V1``: boolean option to compile TF-A with version 1
|
||||
of the translation tables library instead of version 2. It is set to 0 by
|
||||
default, which selects version 2.
|
||||
|
||||
- ``ARM_CRYPTOCELL_INTEG`` : bool option to enable TF-A to invoke Arm®
|
||||
TrustZone® CryptoCell functionality for Trusted Board Boot on capable Arm
|
||||
platforms. If this option is specified, then the path to the CryptoCell
|
||||
SBROM library must be specified via ``CCSBROM_LIB_PATH`` flag.
|
||||
|
||||
- ``ARM_ETHOSN_NPU_DRIVER``: boolean option to enable a SiP service that can
|
||||
configure an Arm Ethos-N NPU. To use this service the target platform's
|
||||
``HW_CONFIG`` must include the device tree nodes for the NPU. Currently, only
|
||||
the Arm Juno platform has this included in its ``HW_CONFIG`` and the platform
|
||||
only loads the ``HW_CONFIG`` in AArch64 builds. Default is 0.
|
||||
|
||||
- ``ARM_SPMC_MANIFEST_DTS`` : path to an alternate manifest file used as the
|
||||
SPMC Core manifest. Valid when ``SPD=spmd`` is selected.
|
||||
|
||||
- ``ARM_BL2_SP_LIST_DTS``: Path to DTS file snippet to override the hardcoded
|
||||
SP nodes in tb_fw_config.
|
||||
|
||||
- ``OPTEE_SP_FW_CONFIG``: DTC build flag to include OP-TEE as SP in tb_fw_config
|
||||
device tree. This flag is defined only when ``ARM_SPMC_MANIFEST_DTS`` manifest
|
||||
file name contains pattern optee_sp.
|
||||
|
||||
- ``TS_SP_FW_CONFIG``: DTC build flag to include Trusted Services (Crypto and
|
||||
internal-trusted-storage) as SP in tb_fw_config device tree.
|
||||
|
||||
- ``ARM_GPT_SUPPORT``: Enable GPT parser to get the entry address and length of
|
||||
the various partitions present in the GPT image. This support is available
|
||||
only for the BL2 component, and it is disabled by default.
|
||||
The following diagram shows the view of the FIP partition inside the GPT
|
||||
image:
|
||||
|
||||
|FIP in a GPT image|
|
||||
|
||||
For a better understanding of these options, the Arm development platform memory
|
||||
map is explained in the :ref:`Firmware Design`.
|
||||
|
||||
.. _build_options_arm_css_platform:
|
||||
|
||||
Arm CSS Platform-Specific Build Options
|
||||
---------------------------------------
|
||||
|
||||
- ``CSS_DETECT_PRE_1_7_0_SCP``: Boolean flag to detect SCP version
|
||||
incompatibility. Version 1.7.0 of the SCP firmware made a non-backwards
|
||||
compatible change to the MTL protocol, used for AP/SCP communication.
|
||||
TF-A no longer supports earlier SCP versions. If this option is set to 1
|
||||
then TF-A will detect if an earlier version is in use. Default is 1.
|
||||
|
||||
- ``CSS_LOAD_SCP_IMAGES``: Boolean flag, which when set, adds SCP_BL2 and
|
||||
SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
|
||||
during boot. Default is 1.
|
||||
|
||||
- ``CSS_USE_SCMI_SDS_DRIVER``: Boolean flag which selects SCMI/SDS drivers
|
||||
instead of SCPI/BOM driver for communicating with the SCP during power
|
||||
management operations and for SCP RAM Firmware transfer. If this option
|
||||
is set to 1, then SCMI/SDS drivers will be used. Default is 0.
|
||||
|
||||
- ``CSS_SGI_CHIP_COUNT``: Configures the number of chips on a SGI/RD platform
|
||||
which supports multi-chip operation. If ``CSS_SGI_CHIP_COUNT`` is set to any
|
||||
valid value greater than 1, the platform code performs required configuration
|
||||
to support multi-chip operation.
|
||||
|
||||
- ``CSS_SGI_PLATFORM_VARIANT``: Selects the variant of a SGI/RD platform. A
|
||||
particular SGI/RD platform may have multiple variants which may differ in
|
||||
core count, cluster count or other peripherals. This build option is used
|
||||
to select the appropriate platform variant for the build. The range of
|
||||
valid values is platform specific.
|
||||
|
||||
--------------
|
||||
|
||||
.. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|
||||
97
arm-trusted-firmware/docs/plat/arm/arm_fpga/index.rst
Normal file
97
arm-trusted-firmware/docs/plat/arm/arm_fpga/index.rst
Normal file
@@ -0,0 +1,97 @@
|
||||
Arm FPGA Platform
|
||||
=================
|
||||
|
||||
This platform supports FPGA images used internally in Arm Ltd., for
|
||||
testing and bringup of new cores. With that focus, peripheral support is
|
||||
minimal: there is no mass storage or display output, for instance. Also
|
||||
this port ignores any power management features of the platform.
|
||||
Some interconnect setup is done internally by the platform, so the TF-A code
|
||||
just needs to setup UART and GIC.
|
||||
|
||||
The FPGA platform requires to pass on a DTB for the non-secure payload
|
||||
(mostly Linux), so we let TF-A use information from the DTB for dynamic
|
||||
configuration: the UART and GIC base addresses are read from there.
|
||||
|
||||
As a result this port is a fairly generic BL31-only port, which can serve
|
||||
as a template for a minimal new (and possibly DT-based) platform port.
|
||||
|
||||
The aim of this port is to support as many FPGA images as possible with
|
||||
a single build. Image specific data must be described in the DTB or should
|
||||
be auto-detected at runtime.
|
||||
|
||||
As the number and topology layout of the CPU cores differs significantly
|
||||
across the various images, this is detected at runtime by BL31.
|
||||
The /cpus node in the DT will be added and filled accordingly, as long as
|
||||
it does not exist already.
|
||||
|
||||
Platform-specific build options
|
||||
-------------------------------
|
||||
|
||||
- ``SUPPORT_UNKNOWN_MPID`` : Boolean option to allow unknown MPIDR registers.
|
||||
Normally TF-A panics if it encounters a MPID value not matched to its
|
||||
internal list, but for new or experimental cores this creates a lot of
|
||||
churn. With this option, the code will fall back to some basic CPU support
|
||||
code (only architectural system registers, and no errata).
|
||||
Default value of this flag is 1.
|
||||
|
||||
- ``PRELOADED_BL33_BASE`` : Physical address of the BL33 non-secure payload.
|
||||
It must have been loaded into DRAM already, typically this is done by
|
||||
the script that also loads BL31 and the DTB.
|
||||
It defaults to 0x80080000, which is the traditional load address for an
|
||||
arm64 Linux kernel.
|
||||
|
||||
- ``FPGA_PRELOADED_DTB_BASE`` : Physical address of the flattened device
|
||||
tree blob (DTB). This DT will be used by TF-A for dynamic configuration,
|
||||
so it must describe at least the UART and a GICv3 interrupt controller.
|
||||
The DT gets amended by the code, to potentially add a command line and
|
||||
fill the CPU topology nodes. It will also be passed on to BL33, by
|
||||
putting its address into the x0 register before jumping to the entry
|
||||
point (following the Linux kernel boot protocol).
|
||||
It defaults to 0x80070000, which is 64KB before the BL33 load address.
|
||||
|
||||
- ``FPGA_PRELOADED_CMD_LINE`` : Physical address of the command line to
|
||||
put into the devicetree blob. Due to the lack of a proper bootloader,
|
||||
a command line can be put somewhere into memory, so that BL31 will
|
||||
detect it and copy it into the DTB passed on to BL33.
|
||||
To avoid random garbage, there needs to be a "CMD:" signature before the
|
||||
actual command line.
|
||||
Defaults to 0x1000, which is normally in the "ROM" space of the typical
|
||||
FPGA image (which can be written by the FPGA payload uploader, but is
|
||||
read-only to the CPU). The FPGA payload tool should be given a text file
|
||||
containing the desired command line, prefixed by the "CMD:" signature.
|
||||
|
||||
Building the TF-A image
|
||||
-----------------------
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=arm_fgpa DEBUG=1
|
||||
|
||||
This will use the default load addresses as described above. When those
|
||||
addresses need to differ for a certain setup, they can be passed on the
|
||||
make command line:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=arm_fgpa DEBUG=1 PRELOADED_BL33_BASE=0x80200000 FPGA_PRELOADED_DTB_BASE=0x80180000 bl31
|
||||
|
||||
Running the TF-A image
|
||||
----------------------
|
||||
|
||||
After building TF-A, the actual TF-A code will be located in ``bl31.bin`` in
|
||||
the build directory.
|
||||
Additionally there is a ``bl31.axf`` ELF file, which contains BL31, as well
|
||||
as some simple ROM trampoline code (required by the Arm FPGA boot flow) and
|
||||
a generic DTB to support most of the FPGA images. This can be simply handed
|
||||
over to the FPGA payload uploader, which will take care of loading the
|
||||
components at their respective load addresses. In addition to this file
|
||||
you need at least a BL33 payload (typically a Linux kernel image), optionally
|
||||
a Linux initrd image file and possibly a command line:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
fpga-run ... -m bl31.axf -l auto -m Image -l 0x80080000 -m initrd.gz -l 0x84000000 -m cmdline.txt -l 0x1000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2020, Arm Limited. All rights reserved.*
|
||||
61
arm-trusted-firmware/docs/plat/arm/corstone1000/index.rst
Normal file
61
arm-trusted-firmware/docs/plat/arm/corstone1000/index.rst
Normal file
@@ -0,0 +1,61 @@
|
||||
Corstone1000 Platform
|
||||
==========================
|
||||
|
||||
Some of the features of the Corstone1000 platform referenced in TF-A include:
|
||||
|
||||
- Cortex-A35 application processor (64-bit mode)
|
||||
- Secure Enclave
|
||||
- GIC-400
|
||||
- Trusted Board Boot
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
The board boot relies on CoT (chain of trust). The trusted-firmware-a
|
||||
BL2 is extracted from the FIP and verified by the Secure Enclave
|
||||
processor. BL2 verification relies on the signature area at the
|
||||
beginning of the BL2 image. This area is needed by the SecureEnclave
|
||||
bootloader.
|
||||
|
||||
Then, the application processor is released from reset and starts by
|
||||
executing BL2.
|
||||
|
||||
BL2 performs the actions described in the trusted-firmware-a TBB design
|
||||
document.
|
||||
|
||||
Build Procedure (TF-A only)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain AArch64 ELF bare-metal target `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make LD=aarch64-none-elf-ld \
|
||||
CC=aarch64-none-elf-gcc \
|
||||
V=1 \
|
||||
BUILD_BASE=<path to the build folder> \
|
||||
PLAT=corstone1000 \
|
||||
SPD=spmd \
|
||||
SPMD_SPM_AT_SEL2=0 \
|
||||
DEBUG=1 \
|
||||
MBEDTLS_DIR=mbedtls \
|
||||
OPENSSL_DIR=<path to openssl usr folder> \
|
||||
RUNTIME_SYSROOT=<path to the sysroot> \
|
||||
ARCH=aarch64 \
|
||||
TARGET_PLATFORM=<fpga or fvp> \
|
||||
ENABLE_PIE=1 \
|
||||
BL2_AT_EL3=1 \
|
||||
CREATE_KEYS=1 \
|
||||
GENERATE_COT=1 \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
COT=tbbr \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \
|
||||
BL32=<path to optee binary> \
|
||||
BL33=<path to u-boot binary> \
|
||||
bl2
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
84
arm-trusted-firmware/docs/plat/arm/fvp-ve/index.rst
Normal file
84
arm-trusted-firmware/docs/plat/arm/fvp-ve/index.rst
Normal file
@@ -0,0 +1,84 @@
|
||||
Arm Versatile Express
|
||||
=====================
|
||||
|
||||
Versatile Express (VE) family development platform provides an ultra fast
|
||||
environment for prototyping Armv7 System-on-Chip designs. VE Fixed Virtual
|
||||
Platforms (FVP) are simulations of Versatile Express boards. The platform in
|
||||
Trusted Firmware-A has been verified with Arm Cortex-A5 and Cortex-A7 VE FVP's.
|
||||
This platform is tested on and only expected to work with single core models.
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
BL1 --> BL2 --> BL32(sp_min) --> BL33(u-boot) --> Linux kernel
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
- `U-boot <https://git.linaro.org/landing-teams/working/arm/u-boot.git>`__
|
||||
|
||||
- `Trusted Firmware-A <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm toolchain. The software stack has been verified with linaro 6.2
|
||||
`arm-linux-gnueabihf <https://releases.linaro.org/components/toolchain/binaries/6.2-2016.11/arm-linux-gnueabihf/>`__.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Fetch and build u-boot.
|
||||
Make the .config file using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm vexpress_aemv8a_aarch32_config
|
||||
|
||||
Make the u-boot binary for Cortex-A5 using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm SUPPORT_ARCH_TIMER=no
|
||||
|
||||
Make the u-boot binary for Cortex-A7 using the command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=arm
|
||||
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
The make command for Cortex-A5 is:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_ve ARCH=aarch32 ARM_ARCH_MAJOR=7 ARM_CORTEX_A5=yes \
|
||||
AARCH32_SP=sp_min FVP_HW_CONFIG_DTS=fdts/fvp-ve-Cortex-A5x1.dts \
|
||||
ARM_XLAT_TABLES_LIB_V1=1 BL33=<path_to_u-boot.bin> all fip
|
||||
|
||||
The make command for Cortex-A7 is:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_ve ARCH=aarch32 ARM_ARCH_MAJOR=7 ARM_CORTEX_A7=yes \
|
||||
AARCH32_SP=sp_min FVP_HW_CONFIG_DTS=fdts/fvp-ve-Cortex-A7x1.dts \
|
||||
BL33=<path_to_u-boot.bin> all fip
|
||||
|
||||
Run Procedure
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
The following model parameters should be used to boot Linux using the build of
|
||||
Trusted Firmware-A made using the above make commands:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
./<path_to_model> <path_to_bl1.elf> \
|
||||
-C motherboard.flashloader1.fname=<path_to_fip.bin> \
|
||||
--data cluster.cpu0=<path_to_zImage>@0x80080000 \
|
||||
--data cluster.cpu0=<path_to_ramdisk>@0x84000000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019, Arm Limited. All rights reserved.*
|
||||
652
arm-trusted-firmware/docs/plat/arm/fvp/index.rst
Normal file
652
arm-trusted-firmware/docs/plat/arm/fvp/index.rst
Normal file
@@ -0,0 +1,652 @@
|
||||
Arm Fixed Virtual Platforms (FVP)
|
||||
=================================
|
||||
|
||||
Fixed Virtual Platform (FVP) Support
|
||||
------------------------------------
|
||||
|
||||
This section lists the supported Arm |FVP| platforms. Please refer to the FVP
|
||||
documentation for a detailed description of the model parameter options.
|
||||
|
||||
The latest version of the AArch64 build of TF-A has been tested on the following
|
||||
Arm FVPs without shifted affinities, and that do not support threaded CPU cores
|
||||
(64-bit host machine only).
|
||||
|
||||
.. note::
|
||||
The FVP models used are Version 11.16 Build 16, unless otherwise stated.
|
||||
|
||||
- ``Foundation_Platform``
|
||||
- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502``
|
||||
- ``FVP_Base_AEMv8A-AEMv8A`` (For certain configurations also uses 11.14/21)
|
||||
- ``FVP_Base_AEMv8A-GIC600AE``
|
||||
- ``FVP_Base_AEMvA`` (For certain configurations also uses 0.0/6684)
|
||||
- ``FVP_Base_Cortex-A32x4`` (Version 11.12/38)
|
||||
- ``FVP_Base_Cortex-A35x4``
|
||||
- ``FVP_Base_Cortex-A53x4``
|
||||
- ``FVP_Base_Cortex-A55x4``
|
||||
- ``FVP_Base_Cortex-A55x4+Cortex-A75x4``
|
||||
- ``FVP_Base_Cortex-A57x1-A53x1``
|
||||
- ``FVP_Base_Cortex-A57x2-A53x4``
|
||||
- ``FVP_Base_Cortex-A57x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A57x4``
|
||||
- ``FVP_Base_Cortex-A65AEx8``
|
||||
- ``FVP_Base_Cortex-A65x4``
|
||||
- ``FVP_Base_Cortex-A710x4``
|
||||
- ``FVP_Base_Cortex-A72x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A72x4``
|
||||
- ``FVP_Base_Cortex-A73x4-A53x4``
|
||||
- ``FVP_Base_Cortex-A73x4``
|
||||
- ``FVP_Base_Cortex-A75x4``
|
||||
- ``FVP_Base_Cortex-A76AEx4``
|
||||
- ``FVP_Base_Cortex-A76AEx8``
|
||||
- ``FVP_Base_Cortex-A76x4``
|
||||
- ``FVP_Base_Cortex-A77x4``
|
||||
- ``FVP_Base_Cortex-A78x4``
|
||||
- ``FVP_Base_Neoverse-E1x1``
|
||||
- ``FVP_Base_Neoverse-E1x2``
|
||||
- ``FVP_Base_Neoverse-E1x4``
|
||||
- ``FVP_Base_Neoverse-N1x4``
|
||||
- ``FVP_Base_Neoverse-N2x4`` (Version 11.12 build 38)
|
||||
- ``FVP_Base_Neoverse-V1x4``
|
||||
- ``FVP_Base_RevC-2xAEMvA`` (For certain configurations also uses 0.0/6557)
|
||||
- ``FVP_CSS_SGI-575`` (Version 11.15/26)
|
||||
- ``FVP_Morello`` (Version 0.11/19)
|
||||
- ``FVP_RD_E1_edge`` (Version 11.15/26)
|
||||
- ``FVP_RD_N1_edge_dual`` (Version 11.15/26)
|
||||
- ``FVP_RD_N1_edge`` (Version 11.15/26)
|
||||
- ``FVP_RD_V1`` (Version 11.15/26)
|
||||
- ``FVP_TC0``
|
||||
- ``FVP_TC1``
|
||||
|
||||
The latest version of the AArch32 build of TF-A has been tested on the
|
||||
following Arm FVPs without shifted affinities, and that do not support threaded
|
||||
CPU cores (64-bit host machine only).
|
||||
|
||||
- ``FVP_Base_AEMvA``
|
||||
- ``FVP_Base_AEMv8A-AEMv8A``
|
||||
- ``FVP_Base_Cortex-A32x4``
|
||||
|
||||
.. note::
|
||||
The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which
|
||||
is not compatible with legacy GIC configurations. Therefore this FVP does not
|
||||
support these legacy GIC configurations.
|
||||
|
||||
The *Foundation* and *Base* FVPs can be downloaded free of charge. See the `Arm
|
||||
FVP website`_. The Cortex-A models listed above are also available to download
|
||||
from `Arm's website`_.
|
||||
|
||||
.. note::
|
||||
The build numbers quoted above are those reported by launching the FVP
|
||||
with the ``--version`` parameter.
|
||||
|
||||
.. note::
|
||||
Linaro provides a ramdisk image in prebuilt FVP configurations and full
|
||||
file systems that can be downloaded separately. To run an FVP with a virtio
|
||||
file system image an additional FVP configuration option
|
||||
``-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>`` can be
|
||||
used.
|
||||
|
||||
.. note::
|
||||
The software will not work on Version 1.0 of the Foundation FVP.
|
||||
The commands below would report an ``unhandled argument`` error in this case.
|
||||
|
||||
.. note::
|
||||
FVPs can be launched with ``--cadi-server`` option such that a
|
||||
CADI-compliant debugger (for example, Arm DS-5) can connect to and control
|
||||
its execution.
|
||||
|
||||
.. warning::
|
||||
Since FVP model Version 11.0 Build 11.0.34 and Version 8.5 Build 0.8.5202
|
||||
the internal synchronisation timings changed compared to older versions of
|
||||
the models. The models can be launched with ``-Q 100`` option if they are
|
||||
required to match the run time characteristics of the older versions.
|
||||
|
||||
All the above platforms have been tested with `Linaro Release 20.01`_.
|
||||
|
||||
.. _build_options_arm_fvp_platform:
|
||||
|
||||
Arm FVP Platform Specific Build Options
|
||||
---------------------------------------
|
||||
|
||||
- ``FVP_CLUSTER_COUNT`` : Configures the cluster count to be used to
|
||||
build the topology tree within TF-A. By default TF-A is configured for dual
|
||||
cluster topology and this option can be used to override the default value.
|
||||
|
||||
- ``FVP_INTERCONNECT_DRIVER``: Selects the interconnect driver to be built. The
|
||||
default interconnect driver depends on the value of ``FVP_CLUSTER_COUNT`` as
|
||||
explained in the options below:
|
||||
|
||||
- ``FVP_CCI`` : The CCI driver is selected. This is the default
|
||||
if 0 < ``FVP_CLUSTER_COUNT`` <= 2.
|
||||
- ``FVP_CCN`` : The CCN driver is selected. This is the default
|
||||
if ``FVP_CLUSTER_COUNT`` > 2.
|
||||
|
||||
- ``FVP_MAX_CPUS_PER_CLUSTER``: Sets the maximum number of CPUs implemented in
|
||||
a single cluster. This option defaults to 4.
|
||||
|
||||
- ``FVP_MAX_PE_PER_CPU``: Sets the maximum number of PEs implemented on any CPU
|
||||
in the system. This option defaults to 1. Note that the build option
|
||||
``ARM_PLAT_MT`` doesn't have any effect on FVP platforms.
|
||||
|
||||
- ``FVP_USE_GIC_DRIVER`` : Selects the GIC driver to be built. Options:
|
||||
|
||||
- ``FVP_GICV2`` : The GICv2 only driver is selected
|
||||
- ``FVP_GICV3`` : The GICv3 only driver is selected (default option)
|
||||
|
||||
- ``FVP_HW_CONFIG_DTS`` : Specify the path to the DTS file to be compiled
|
||||
to DTB and packaged in FIP as the HW_CONFIG. See :ref:`Firmware Design` for
|
||||
details on HW_CONFIG. By default, this is initialized to a sensible DTS
|
||||
file in ``fdts/`` folder depending on other build options. But some cases,
|
||||
like shifted affinity format for MPIDR, cannot be detected at build time
|
||||
and this option is needed to specify the appropriate DTS file.
|
||||
|
||||
- ``FVP_HW_CONFIG`` : Specify the path to the HW_CONFIG blob to be packaged in
|
||||
FIP. See :ref:`Firmware Design` for details on HW_CONFIG. This option is
|
||||
similar to the ``FVP_HW_CONFIG_DTS`` option, but it directly specifies the
|
||||
HW_CONFIG blob instead of the DTS file. This option is useful to override
|
||||
the default HW_CONFIG selected by the build system.
|
||||
|
||||
- ``FVP_GICR_REGION_PROTECTION``: Mark the redistributor pages of
|
||||
inactive/fused CPU cores as read-only. The default value of this option
|
||||
is ``0``, which means the redistributor pages of all CPU cores are marked
|
||||
as read and write.
|
||||
|
||||
Booting Firmware Update images
|
||||
------------------------------
|
||||
|
||||
When Firmware Update (FWU) is enabled there are at least 2 new images
|
||||
that have to be loaded, the Non-Secure FWU ROM (NS-BL1U), and the
|
||||
FWU FIP.
|
||||
|
||||
The additional fip images must be loaded with:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0="<path_to>/ns_bl1u.bin"@0x0beb8000 [ns_bl1u_base_address]
|
||||
--data cluster0.cpu0="<path_to>/fwu_fip.bin"@0x08400000 [ns_bl2u_base_address]
|
||||
|
||||
The address ns_bl1u_base_address is the value of NS_BL1U_BASE.
|
||||
In the same way, the address ns_bl2u_base_address is the value of
|
||||
NS_BL2U_BASE.
|
||||
|
||||
Booting an EL3 payload
|
||||
----------------------
|
||||
|
||||
The EL3 payloads boot flow requires the CPU's mailbox to be cleared at reset for
|
||||
the secondary CPUs holding pen to work properly. Unfortunately, its reset value
|
||||
is undefined on the FVP platform and the FVP platform code doesn't clear it.
|
||||
Therefore, one must modify the way the model is normally invoked in order to
|
||||
clear the mailbox at start-up.
|
||||
|
||||
One way to do that is to create an 8-byte file containing all zero bytes using
|
||||
the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
dd if=/dev/zero of=mailbox.dat bs=1 count=8
|
||||
|
||||
and pre-load it into the FVP memory at the mailbox address (i.e. ``0x04000000``)
|
||||
using the following model parameters:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0=mailbox.dat@0x04000000 [Base FVPs]
|
||||
--data=mailbox.dat@0x04000000 [Foundation FVP]
|
||||
|
||||
To provide the model with the EL3 payload image, the following methods may be
|
||||
used:
|
||||
|
||||
#. If the EL3 payload is able to execute in place, it may be programmed into
|
||||
flash memory. On Base Cortex and AEM FVPs, the following model parameter
|
||||
loads it at the base address of the NOR FLASH1 (the NOR FLASH0 is already
|
||||
used for the FIP):
|
||||
|
||||
::
|
||||
|
||||
-C bp.flashloader1.fname="<path-to>/<el3-payload>"
|
||||
|
||||
On Foundation FVP, there is no flash loader component and the EL3 payload
|
||||
may be programmed anywhere in flash using method 3 below.
|
||||
|
||||
#. When using the ``SPIN_ON_BL1_EXIT=1`` loading method, the following DS-5
|
||||
command may be used to load the EL3 payload ELF image over JTAG:
|
||||
|
||||
::
|
||||
|
||||
load <path-to>/el3-payload.elf
|
||||
|
||||
#. The EL3 payload may be pre-loaded in volatile memory using the following
|
||||
model parameters:
|
||||
|
||||
::
|
||||
|
||||
--data cluster0.cpu0="<path-to>/el3-payload>"@address [Base FVPs]
|
||||
--data="<path-to>/<el3-payload>"@address [Foundation FVP]
|
||||
|
||||
The address provided to the FVP must match the ``EL3_PAYLOAD_BASE`` address
|
||||
used when building TF-A.
|
||||
|
||||
Booting a preloaded kernel image (Base FVP)
|
||||
-------------------------------------------
|
||||
|
||||
The following example uses a simplified boot flow by directly jumping from the
|
||||
TF-A to the Linux kernel, which will use a ramdisk as filesystem. This can be
|
||||
useful if both the kernel and the device tree blob (DTB) are already present in
|
||||
memory (like in FVP).
|
||||
|
||||
For example, if the kernel is loaded at ``0x80080000`` and the DTB is loaded at
|
||||
address ``0x82000000``, the firmware can be built like this:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-none-elf- \
|
||||
make PLAT=fvp DEBUG=1 \
|
||||
RESET_TO_BL31=1 \
|
||||
ARM_LINUX_KERNEL_AS_BL33=1 \
|
||||
PRELOADED_BL33_BASE=0x80080000 \
|
||||
ARM_PRELOADED_DTB_BASE=0x82000000 \
|
||||
all fip
|
||||
|
||||
Now, it is needed to modify the DTB so that the kernel knows the address of the
|
||||
ramdisk. The following script generates a patched DTB from the provided one,
|
||||
assuming that the ramdisk is loaded at address ``0x84000000``. Note that this
|
||||
script assumes that the user is using a ramdisk image prepared for U-Boot, like
|
||||
the ones provided by Linaro. If using a ramdisk without this header,the ``0x40``
|
||||
offset in ``INITRD_START`` has to be removed.
|
||||
|
||||
.. code:: bash
|
||||
|
||||
#!/bin/bash
|
||||
|
||||
# Path to the input DTB
|
||||
KERNEL_DTB=<path-to>/<fdt>
|
||||
# Path to the output DTB
|
||||
PATCHED_KERNEL_DTB=<path-to>/<patched-fdt>
|
||||
# Base address of the ramdisk
|
||||
INITRD_BASE=0x84000000
|
||||
# Path to the ramdisk
|
||||
INITRD=<path-to>/<ramdisk.img>
|
||||
|
||||
# Skip uboot header (64 bytes)
|
||||
INITRD_START=$(printf "0x%x" $((${INITRD_BASE} + 0x40)) )
|
||||
INITRD_SIZE=$(stat -Lc %s ${INITRD})
|
||||
INITRD_END=$(printf "0x%x" $((${INITRD_BASE} + ${INITRD_SIZE})) )
|
||||
|
||||
CHOSEN_NODE=$(echo \
|
||||
"/ { \
|
||||
chosen { \
|
||||
linux,initrd-start = <${INITRD_START}>; \
|
||||
linux,initrd-end = <${INITRD_END}>; \
|
||||
}; \
|
||||
};")
|
||||
|
||||
echo $(dtc -O dts -I dtb ${KERNEL_DTB}) ${CHOSEN_NODE} | \
|
||||
dtc -O dtb -o ${PATCHED_KERNEL_DTB} -
|
||||
|
||||
And the FVP binary can be run with the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04001000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04001000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04001000 \
|
||||
--data cluster0.cpu0="<path-to>/bl31.bin"@0x04001000 \
|
||||
--data cluster0.cpu0="<path-to>/<patched-fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk.img>"@0x84000000
|
||||
|
||||
Obtaining the Flattened Device Trees
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
Depending on the FVP configuration and Linux configuration used, different
|
||||
FDT files are required. FDT source files for the Foundation and Base FVPs can
|
||||
be found in the TF-A source directory under ``fdts/``. The Foundation FVP has
|
||||
a subset of the Base FVP components. For example, the Foundation FVP lacks
|
||||
CLCD and MMC support, and has only one CPU cluster.
|
||||
|
||||
.. note::
|
||||
It is not recommended to use the FDTs built along the kernel because not
|
||||
all FDTs are available from there.
|
||||
|
||||
The dynamic configuration capability is enabled in the firmware for FVPs.
|
||||
This means that the firmware can authenticate and load the FDT if present in
|
||||
FIP. A default FDT is packaged into FIP during the build based on
|
||||
the build configuration. This can be overridden by using the ``FVP_HW_CONFIG``
|
||||
or ``FVP_HW_CONFIG_DTS`` build options (refer to
|
||||
:ref:`build_options_arm_fvp_platform` for details on the options).
|
||||
|
||||
- ``fvp-base-gicv2-psci.dts``
|
||||
|
||||
For use with models such as the Cortex-A57-A53 Base FVPs without shifted
|
||||
affinities and with Base memory map configuration.
|
||||
|
||||
- ``fvp-base-gicv2-psci-aarch32.dts``
|
||||
|
||||
For use with models such as the Cortex-A32 Base FVPs without shifted
|
||||
affinities and running Linux in AArch32 state with Base memory map
|
||||
configuration.
|
||||
|
||||
- ``fvp-base-gicv3-psci.dts``
|
||||
|
||||
For use with models such as the Cortex-A57-A53 Base FVPs without shifted
|
||||
affinities and with Base memory map configuration and Linux GICv3 support.
|
||||
|
||||
- ``fvp-base-gicv3-psci-1t.dts``
|
||||
|
||||
For use with models such as the AEMv8-RevC Base FVP with shifted affinities,
|
||||
single threaded CPUs, Base memory map configuration and Linux GICv3 support.
|
||||
|
||||
- ``fvp-base-gicv3-psci-dynamiq.dts``
|
||||
|
||||
For use with models as the Cortex-A55-A75 Base FVPs with shifted affinities,
|
||||
single cluster, single threaded CPUs, Base memory map configuration and Linux
|
||||
GICv3 support.
|
||||
|
||||
- ``fvp-base-gicv3-psci-aarch32.dts``
|
||||
|
||||
For use with models such as the Cortex-A32 Base FVPs without shifted
|
||||
affinities and running Linux in AArch32 state with Base memory map
|
||||
configuration and Linux GICv3 support.
|
||||
|
||||
- ``fvp-foundation-gicv2-psci.dts``
|
||||
|
||||
For use with Foundation FVP with Base memory map configuration.
|
||||
|
||||
- ``fvp-foundation-gicv3-psci.dts``
|
||||
|
||||
(Default) For use with Foundation FVP with Base memory map configuration
|
||||
and Linux GICv3 support.
|
||||
|
||||
|
||||
Running on the Foundation FVP with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``Foundation_Platform`` parameters should be used to boot Linux with
|
||||
4 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/Foundation_Platform \
|
||||
--cores=4 \
|
||||
--arm-v8.0 \
|
||||
--secure-memory \
|
||||
--visualization \
|
||||
--gicv3 \
|
||||
--data="<path-to>/<bl1-binary>"@0x0 \
|
||||
--data="<path-to>/<FIP-binary>"@0x08000000 \
|
||||
--data="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data="<path-to>/<ramdisk-binary>"@0x84000000
|
||||
|
||||
Notes:
|
||||
|
||||
- BL1 is loaded at the start of the Trusted ROM.
|
||||
- The Firmware Image Package is loaded at the start of NOR FLASH0.
|
||||
- The firmware loads the FDT packaged in FIP to the DRAM. The FDT load address
|
||||
is specified via the ``hw_config_addr`` property in `TB_FW_CONFIG for FVP`_.
|
||||
- The default use-case for the Foundation FVP is to use the ``--gicv3`` option
|
||||
and enable the GICv3 device in the model. Note that without this option,
|
||||
the Foundation FVP defaults to legacy (Versatile Express) memory map which
|
||||
is not supported by TF-A.
|
||||
- In order for TF-A to run correctly on the Foundation FVP, the architecture
|
||||
versions must match. The Foundation FVP defaults to the highest v8.x
|
||||
version it supports but the default build for TF-A is for v8.0. To avoid
|
||||
issues either start the Foundation FVP to use v8.0 architecture using the
|
||||
``--arm-v8.0`` option, or build TF-A with an appropriate value for
|
||||
``ARM_ARCH_MINOR``.
|
||||
|
||||
Running on the AEMv8 Base FVP with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_RevC-2xAEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_RevC-2xAEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
.. note::
|
||||
The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires
|
||||
a specific DTS for all the CPUs to be loaded.
|
||||
|
||||
Running on the AEMv8 Base FVP (AArch32) with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.CONFIG64=0 \
|
||||
-C cluster0.cpu1.CONFIG64=0 \
|
||||
-C cluster0.cpu2.CONFIG64=0 \
|
||||
-C cluster0.cpu3.CONFIG64=0 \
|
||||
-C cluster1.cpu0.CONFIG64=0 \
|
||||
-C cluster1.cpu1.CONFIG64=0 \
|
||||
-C cluster1.cpu2.CONFIG64=0 \
|
||||
-C cluster1.cpu3.CONFIG64=0 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
Running on the Cortex-A57-A53 Base FVP with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
|
||||
boot Linux with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
Running on the Cortex-A32 Base FVP (AArch32) with reset to BL1 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
|
||||
boot Linux with 4 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A32x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C bp.secureflashloader.fname="<path-to>/<bl1-binary>" \
|
||||
-C bp.flashloader0.fname="<path-to>/<FIP-binary>" \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
|
||||
Running on the AEMv8 Base FVP with reset to BL31 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_RevC-2xAEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_RevC-2xAEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04010000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04010000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0xff000000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
Notes:
|
||||
|
||||
- Position Independent Executable (PIE) support is enabled in this
|
||||
config allowing BL31 to be loaded at any valid address for execution.
|
||||
|
||||
- Since a FIP is not loaded when using BL31 as reset entrypoint, the
|
||||
``--data="<path-to><bl31|bl32|bl33-binary>"@<base-address-of-binary>``
|
||||
parameter is needed to load the individual bootloader images in memory.
|
||||
BL32 image is only needed if BL31 has been built to expect a Secure-EL1
|
||||
Payload. For the same reason, the FDT needs to be compiled from the DT source
|
||||
and loaded via the ``--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000``
|
||||
parameter.
|
||||
|
||||
- The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires a
|
||||
specific DTS for all the CPUs to be loaded.
|
||||
|
||||
- The ``-C cluster<X>.cpu<Y>.RVBAR=@<base-address-of-bl31>`` parameter, where
|
||||
X and Y are the cluster and CPU numbers respectively, is used to set the
|
||||
reset vector for each core.
|
||||
|
||||
- Changing the default value of ``ARM_TSP_RAM_LOCATION`` will also require
|
||||
changing the value of
|
||||
``--data="<path-to><bl32-binary>"@<base-address-of-bl32>`` to the new value of
|
||||
``BL32_BASE``.
|
||||
|
||||
|
||||
Running on the AEMv8 Base FVP (AArch32) with reset to SP_MIN entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_AEMv8A-AEMv8A`` parameters should be used to boot Linux
|
||||
with 8 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_AEMv8A-AEMv8A \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cluster0.NUM_CORES=4 \
|
||||
-C cluster1.NUM_CORES=4 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.CONFIG64=0 \
|
||||
-C cluster0.cpu1.CONFIG64=0 \
|
||||
-C cluster0.cpu2.CONFIG64=0 \
|
||||
-C cluster0.cpu3.CONFIG64=0 \
|
||||
-C cluster1.cpu0.CONFIG64=0 \
|
||||
-C cluster1.cpu1.CONFIG64=0 \
|
||||
-C cluster1.cpu2.CONFIG64=0 \
|
||||
-C cluster1.cpu3.CONFIG64=0 \
|
||||
-C cluster0.cpu0.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu1.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu2.RVBAR=0x04002000 \
|
||||
-C cluster0.cpu3.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu0.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu1.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu2.RVBAR=0x04002000 \
|
||||
-C cluster1.cpu3.RVBAR=0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
.. note::
|
||||
Position Independent Executable (PIE) support is enabled in this
|
||||
config allowing SP_MIN to be loaded at any valid address for execution.
|
||||
|
||||
Running on the Cortex-A57-A53 Base FVP with reset to BL31 entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A57x4-A53x4`` model parameters should be used to
|
||||
boot Linux with 8 CPUs using the AArch64 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A57x4-A53x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu1.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu2.RVBARADDR=0x04010000 \
|
||||
-C cluster0.cpu3.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu0.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu1.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu2.RVBARADDR=0x04010000 \
|
||||
-C cluster1.cpu3.RVBARADDR=0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl31-binary>"@0x04010000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0xff000000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
Running on the Cortex-A32 Base FVP (AArch32) with reset to SP_MIN entrypoint
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
The following ``FVP_Base_Cortex-A32x4`` model parameters should be used to
|
||||
boot Linux with 4 CPUs using the AArch32 build of TF-A.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
<path-to>/FVP_Base_Cortex-A32x4 \
|
||||
-C pctl.startup=0.0.0.0 \
|
||||
-C bp.secure_memory=1 \
|
||||
-C bp.tzc_400.diagnostics=1 \
|
||||
-C cache_state_modelled=1 \
|
||||
-C cluster0.cpu0.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu1.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu2.RVBARADDR=0x04002000 \
|
||||
-C cluster0.cpu3.RVBARADDR=0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl32-binary>"@0x04002000 \
|
||||
--data cluster0.cpu0="<path-to>/<bl33-binary>"@0x88000000 \
|
||||
--data cluster0.cpu0="<path-to>/<fdt>"@0x82000000 \
|
||||
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
|
||||
--data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _TB_FW_CONFIG for FVP: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
|
||||
.. _Arm's website: `FVP models`_
|
||||
.. _FVP models: https://developer.arm.com/products/system-design/fixed-virtual-platforms
|
||||
.. _Linaro Release 20.01: http://releases.linaro.org/members/arm/platforms/20.01
|
||||
.. _Arm FVP website: https://developer.arm.com/products/system-design/fixed-virtual-platforms
|
||||
46
arm-trusted-firmware/docs/plat/arm/fvp_r/index.rst
Normal file
46
arm-trusted-firmware/docs/plat/arm/fvp_r/index.rst
Normal file
@@ -0,0 +1,46 @@
|
||||
ARM V8-R64 Fixed Virtual Platform (FVP)
|
||||
=======================================
|
||||
|
||||
Some of the features of Armv8-R AArch64 FVP platform referenced in Trusted
|
||||
Boot R-class include:
|
||||
|
||||
- Secure World Support Only
|
||||
- EL2 as Maximum EL support (No EL3)
|
||||
- MPU Support only at EL2
|
||||
- MPU or MMU Support at EL0/EL1
|
||||
- AArch64 Support Only
|
||||
- Trusted Board Boot
|
||||
|
||||
Further information on v8-R64 FVP is available at `info <https://developer.arm.com/documentation/ddi0600/latest/>`_
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
BL1 –> BL33
|
||||
|
||||
The execution begins from BL1 which loads the BL33 image, a boot-wrapped (bootloader + Operating System)
|
||||
Operating System, from FIP to DRAM.
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=fvp_r BL33=<path_to_os.bin> all fip
|
||||
|
||||
Enable TBBR by adding the following options to the make command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
MBEDTLS_DIR=<path_to_mbedtls_directory> \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
|
||||
|
||||
*Copyright (c) 2021, Arm Limited. All rights reserved.*
|
||||
24
arm-trusted-firmware/docs/plat/arm/index.rst
Normal file
24
arm-trusted-firmware/docs/plat/arm/index.rst
Normal file
@@ -0,0 +1,24 @@
|
||||
Arm Development Platforms
|
||||
=========================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
juno/index
|
||||
fvp/index
|
||||
fvp_r/index
|
||||
fvp-ve/index
|
||||
tc/index
|
||||
arm_fpga/index
|
||||
arm-build-options
|
||||
morello/index
|
||||
corstone1000/index
|
||||
|
||||
This chapter holds documentation related to Arm's development platforms,
|
||||
including both software models (FVPs) and hardware development boards
|
||||
such as Juno.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|
||||
253
arm-trusted-firmware/docs/plat/arm/juno/index.rst
Normal file
253
arm-trusted-firmware/docs/plat/arm/juno/index.rst
Normal file
@@ -0,0 +1,253 @@
|
||||
Arm Juno Development Platform
|
||||
=============================
|
||||
|
||||
Platform-specific build options
|
||||
-------------------------------
|
||||
|
||||
- ``JUNO_TZMP1`` : Boolean option to configure Juno to be used for TrustZone
|
||||
Media Protection (TZ-MP1). Default value of this flag is 0.
|
||||
|
||||
Running software on Juno
|
||||
------------------------
|
||||
|
||||
This version of TF-A has been tested on variants r0, r1 and r2 of Juno.
|
||||
|
||||
To run TF-A on Juno, you need to first prepare an SD card with Juno software
|
||||
stack that includes TF-A. This version of TF-A is tested with pre-built
|
||||
`Linaro release software stack`_ version 20.01. You can alternatively
|
||||
build the software stack yourself by following the
|
||||
`Juno platform software user guide`_. Once you prepare the software stack
|
||||
on an SD card, you can replace the ``bl1.bin`` and ``fip.bin``
|
||||
binaries in the ``SOFTWARE/`` directory with custom built TF-A binaries.
|
||||
|
||||
Preparing TF-A images
|
||||
---------------------
|
||||
|
||||
This section provides Juno and FVP specific instructions to build Trusted
|
||||
Firmware, obtain the additional required firmware, and pack it all together in
|
||||
a single FIP binary. It assumes that a Linaro release software stack has been
|
||||
installed.
|
||||
|
||||
.. note::
|
||||
Pre-built binaries for AArch32 are available from Linaro Release 16.12
|
||||
onwards. Before that release, pre-built binaries are only available for
|
||||
AArch64.
|
||||
|
||||
.. warning::
|
||||
Follow the full instructions for one platform before switching to a
|
||||
different one. Mixing instructions for different platforms may result in
|
||||
corrupted binaries.
|
||||
|
||||
.. warning::
|
||||
The uboot image downloaded by the Linaro workspace script does not always
|
||||
match the uboot image packaged as BL33 in the corresponding fip file. It is
|
||||
recommended to use the version that is packaged in the fip file using the
|
||||
instructions below.
|
||||
|
||||
.. note::
|
||||
For the FVP, the kernel FDT is packaged in FIP during build and loaded
|
||||
by the firmware at runtime.
|
||||
|
||||
#. Clean the working directory
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make realclean
|
||||
|
||||
#. Obtain SCP binaries (Juno)
|
||||
|
||||
This version of TF-A is tested with SCP version 2.8.0 on Juno. You can
|
||||
download pre-built SCP binaries (``scp_bl1.bin`` and ``scp_bl2.bin``)
|
||||
from `TF-A downloads page`_. Alternatively, you can `build
|
||||
the binaries from source`_.
|
||||
|
||||
#. Obtain BL33 (all platforms)
|
||||
|
||||
Use the fiptool to extract the BL33 image from the FIP
|
||||
package included in the Linaro release:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# Build the fiptool
|
||||
make [DEBUG=1] [V=1] fiptool
|
||||
|
||||
# Unpack firmware images from Linaro FIP
|
||||
./tools/fiptool/fiptool unpack <path-to-linaro-release>/[SOFTWARE]/fip.bin
|
||||
|
||||
The unpack operation will result in a set of binary images extracted to the
|
||||
current working directory. BL33 corresponds to ``nt-fw.bin``.
|
||||
|
||||
.. note::
|
||||
The fiptool will complain if the images to be unpacked already
|
||||
exist in the current directory. If that is the case, either delete those
|
||||
files or use the ``--force`` option to overwrite.
|
||||
|
||||
.. note::
|
||||
For AArch32, the instructions below assume that nt-fw.bin is a
|
||||
normal world boot loader that supports AArch32.
|
||||
|
||||
#. Build TF-A images and create a new FIP for FVP
|
||||
|
||||
.. code:: shell
|
||||
|
||||
# AArch64
|
||||
make PLAT=fvp BL33=nt-fw.bin all fip
|
||||
|
||||
# AArch32
|
||||
make PLAT=fvp ARCH=aarch32 AARCH32_SP=sp_min BL33=nt-fw.bin all fip
|
||||
|
||||
#. Build TF-A images and create a new FIP for Juno
|
||||
|
||||
For AArch64:
|
||||
|
||||
Building for AArch64 on Juno simply requires the addition of ``SCP_BL2``
|
||||
as a build parameter.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=juno BL33=nt-fw.bin SCP_BL2=scp_bl2.bin all fip
|
||||
|
||||
For AArch32:
|
||||
|
||||
Hardware restrictions on Juno prevent cold reset into AArch32 execution mode,
|
||||
therefore BL1 and BL2 must be compiled for AArch64, and BL32 is compiled
|
||||
separately for AArch32.
|
||||
|
||||
- Before building BL32, the environment variable ``CROSS_COMPILE`` must point
|
||||
to the AArch32 Linaro cross compiler.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch32-gcc>/bin/arm-linux-gnueabihf-
|
||||
|
||||
- Build BL32 in AArch32.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=aarch32 PLAT=juno AARCH32_SP=sp_min \
|
||||
RESET_TO_SP_MIN=1 JUNO_AARCH32_EL3_RUNTIME=1 bl32
|
||||
|
||||
- Save ``bl32.bin`` to a temporary location and clean the build products.
|
||||
|
||||
::
|
||||
|
||||
cp <path-to-build>/bl32.bin <path-to-temporary>
|
||||
make realclean
|
||||
|
||||
- Before building BL1 and BL2, the environment variable ``CROSS_COMPILE``
|
||||
must point to the AArch64 Linaro cross compiler.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
|
||||
- The following parameters should be used to build BL1 and BL2 in AArch64
|
||||
and point to the BL32 file.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make ARCH=aarch64 PLAT=juno JUNO_AARCH32_EL3_RUNTIME=1 \
|
||||
BL33=nt-fw.bin SCP_BL2=scp_bl2.bin \
|
||||
BL32=<path-to-temporary>/bl32.bin all fip
|
||||
|
||||
The resulting BL1 and FIP images may be found in:
|
||||
|
||||
::
|
||||
|
||||
# Juno
|
||||
./build/juno/release/bl1.bin
|
||||
./build/juno/release/fip.bin
|
||||
|
||||
# FVP
|
||||
./build/fvp/release/bl1.bin
|
||||
./build/fvp/release/fip.bin
|
||||
|
||||
After building TF-A, the files ``bl1.bin``, ``fip.bin`` and ``scp_bl1.bin``
|
||||
need to be copied to the ``SOFTWARE/`` directory on the Juno SD card.
|
||||
|
||||
Booting Firmware Update images
|
||||
------------------------------
|
||||
|
||||
The new images must be programmed in flash memory by adding
|
||||
an entry in the ``SITE1/HBI0262x/images.txt`` configuration file
|
||||
on the Juno SD card (where ``x`` depends on the revision of the Juno board).
|
||||
Refer to the `Juno Getting Started Guide`_, section 2.3 "Flash memory
|
||||
programming" for more information. User should ensure these do not
|
||||
overlap with any other entries in the file.
|
||||
|
||||
::
|
||||
|
||||
NOR10UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
|
||||
NOR10ADDRESS: 0x00400000 ;Image Flash Address [ns_bl2u_base_address]
|
||||
NOR10FILE: \SOFTWARE\fwu_fip.bin ;Image File Name
|
||||
NOR10LOAD: 00000000 ;Image Load Address
|
||||
NOR10ENTRY: 00000000 ;Image Entry Point
|
||||
|
||||
NOR11UPDATE: AUTO ;Image Update:NONE/AUTO/FORCE
|
||||
NOR11ADDRESS: 0x03EB8000 ;Image Flash Address [ns_bl1u_base_address]
|
||||
NOR11FILE: \SOFTWARE\ns_bl1u.bin ;Image File Name
|
||||
NOR11LOAD: 00000000 ;Image Load Address
|
||||
|
||||
The address ns_bl1u_base_address is the value of NS_BL1U_BASE - 0x8000000.
|
||||
In the same way, the address ns_bl2u_base_address is the value of
|
||||
NS_BL2U_BASE - 0x8000000.
|
||||
|
||||
.. _plat_juno_booting_el3_payload:
|
||||
|
||||
Booting an EL3 payload
|
||||
----------------------
|
||||
|
||||
If the EL3 payload is able to execute in place, it may be programmed in flash
|
||||
memory by adding an entry in the ``SITE1/HBI0262x/images.txt`` configuration file
|
||||
on the Juno SD card (where ``x`` depends on the revision of the Juno board).
|
||||
Refer to the `Juno Getting Started Guide`_, section 2.3 "Flash memory
|
||||
programming" for more information.
|
||||
|
||||
Alternatively, the same DS-5 command mentioned in the FVP section above can
|
||||
be used to load the EL3 payload's ELF file over JTAG on Juno.
|
||||
|
||||
For more information on EL3 payloads in general, see
|
||||
:ref:`alt_boot_flows_el3_payload`.
|
||||
|
||||
Booting a preloaded kernel image
|
||||
--------------------------------
|
||||
|
||||
The Trusted Firmware must be compiled in a similar way as for FVP explained
|
||||
above. The process to load binaries to memory is the one explained in
|
||||
`plat_juno_booting_el3_payload`_.
|
||||
|
||||
Testing System Suspend
|
||||
----------------------
|
||||
|
||||
The SYSTEM SUSPEND is a PSCI API which can be used to implement system suspend
|
||||
to RAM. For more details refer to section 5.16 of `PSCI`_. To test system suspend
|
||||
on Juno, at the linux shell prompt, issue the following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
echo +10 > /sys/class/rtc/rtc0/wakealarm
|
||||
echo -n mem > /sys/power/state
|
||||
|
||||
The Juno board should suspend to RAM and then wakeup after 10 seconds due to
|
||||
wakeup interrupt from RTC.
|
||||
|
||||
Additional Resources
|
||||
--------------------
|
||||
|
||||
Please visit the `Arm Platforms Portal`_ to get support and obtain any other Juno
|
||||
software information. Please also refer to the `Juno Getting Started Guide`_ to
|
||||
get more detailed information about the Juno Arm development platform and how to
|
||||
configure it.
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|
||||
|
||||
.. _Linaro release software stack: http://releases.linaro.org/members/arm/platforms/
|
||||
.. _Juno platform software user guide: https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/about/docs/juno/user-guide.rst
|
||||
.. _TF-A downloads page: https://downloads.trustedfirmware.org/tf-a/css_scp_2.8.0/juno/
|
||||
.. _build the binaries from source: https://github.com/ARM-software/SCP-firmware/blob/master/user_guide.md#scp-firmware-user-guide
|
||||
.. _Arm Platforms Portal: https://community.arm.com/dev-platforms/
|
||||
.. _Juno Getting Started Guide: http://infocenter.arm.com/help/topic/com.arm.doc.dui0928e/DUI0928E_juno_arm_development_platform_gsg.pdf
|
||||
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
|
||||
.. _Juno Arm Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
|
||||
33
arm-trusted-firmware/docs/plat/arm/morello/index.rst
Normal file
33
arm-trusted-firmware/docs/plat/arm/morello/index.rst
Normal file
@@ -0,0 +1,33 @@
|
||||
Morello Platform
|
||||
================
|
||||
|
||||
Morello is an ARMv8-A platform that implements the capability architecture extension.
|
||||
The platform port present at `site <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git>`_
|
||||
provides ARMv8-A architecture enablement.
|
||||
|
||||
Capability architecture specific changes will be added `here <https://git.morello-project.org/morello>`_
|
||||
|
||||
Further information on Morello Platform is available at `info <https://developer.arm.com/architectures/cpu-architecture/a-profile/morello>`_
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
The execution begins from SCP_BL1 which loads the SCP_BL2 and starts its
|
||||
execution. SCP_BL2 powers up the AP which starts execution at AP_BL31. The AP
|
||||
then continues executing and hands off execution to Non-secure world (UEFI).
|
||||
|
||||
Build Procedure (TF-A only)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
export CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-none-elf-
|
||||
|
||||
make PLAT=morello all
|
||||
|
||||
*Copyright (c) 2020, Arm Limited. All rights reserved.*
|
||||
56
arm-trusted-firmware/docs/plat/arm/tc/index.rst
Normal file
56
arm-trusted-firmware/docs/plat/arm/tc/index.rst
Normal file
@@ -0,0 +1,56 @@
|
||||
TC Total Compute Platform
|
||||
==========================
|
||||
|
||||
Some of the features of TC platform referenced in TF-A include:
|
||||
|
||||
- A `System Control Processor <https://github.com/ARM-software/SCP-firmware>`_
|
||||
to abstract power and system management tasks away from application
|
||||
processors. The RAM firmware for SCP is included in the TF-A FIP and is
|
||||
loaded by AP BL2 from FIP in flash to SRAM for copying by SCP (SCP has access
|
||||
to AP SRAM).
|
||||
- GICv4
|
||||
- Trusted Board Boot
|
||||
- SCMI
|
||||
- MHUv2
|
||||
|
||||
Currently, the main difference between TC0 (TARGET_PLATFORM=0) and TC1
|
||||
(TARGET_PLATFORM=1) platforms w.r.t to TF-A is the CPUs supported. TC0 has
|
||||
support for Cortex A510, Cortex A710 and Cortex X2, while TC1 has support for
|
||||
Cortex A510, Cortex Makalu and Cortex Makalu ELP Arm CPUs.
|
||||
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
The execution begins from SCP_BL1. SCP_BL1 powers up the AP which starts
|
||||
executing AP_BL1 and then executes AP_BL2 which loads the SCP_BL2 from
|
||||
FIP to SRAM. The SCP has access to AP SRAM. The address and size of SCP_BL2
|
||||
is communicated to SCP using SDS. SCP copies SCP_BL2 from SRAM to its own
|
||||
RAM and starts executing it. The AP then continues executing the rest of TF-A
|
||||
stages including BL31 runtime stage and hands off executing to
|
||||
Non-secure world (u-boot).
|
||||
|
||||
Build Procedure (TF-A only)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_.
|
||||
Set the CROSS_COMPILE environment variable to point to the toolchain folder.
|
||||
|
||||
- Build TF-A:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make PLAT=tc BL33=<path_to_uboot.bin> \
|
||||
SCP_BL2=<path_to_scp_ramfw.bin> TARGET_PLATFORM={0,1} all fip
|
||||
|
||||
Enable TBBR by adding the following options to the make command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
MBEDTLS_DIR=<path_to_mbedtls_directory> \
|
||||
TRUSTED_BOARD_BOOT=1 \
|
||||
GENERATE_COT=1 \
|
||||
ARM_ROTPK_LOCATION=devel_rsa \
|
||||
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
|
||||
|
||||
*Copyright (c) 2020-2021, Arm Limited. All rights reserved.*
|
||||
43
arm-trusted-firmware/docs/plat/brcm-stingray.rst
Normal file
43
arm-trusted-firmware/docs/plat/brcm-stingray.rst
Normal file
@@ -0,0 +1,43 @@
|
||||
Broadcom Stingray
|
||||
=================
|
||||
|
||||
Description
|
||||
-----------
|
||||
Broadcom's Stingray(BCM958742t) is a multi-core processor with 8 Cortex-A72 cores.
|
||||
Trusted Firmware-A (TF-A) is used to implement secure world firmware, supporting
|
||||
BL2 and BL31 for Broadcom Stingray SoCs.
|
||||
|
||||
On Poweron, Boot ROM will load bl2 image and Bl2 will initialize the hardware,
|
||||
then loads bl31 and bl33 into DDR and boots to bl33.
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
Bootrom --> TF-A BL2 --> TF-A BL31 --> BL33(u-boot)
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
- Trusted Firmware-A:
|
||||
`link <https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/>`__
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Prepare AARCH64 toolchain.
|
||||
|
||||
- Build u-boot first, and get the binary image: u-boot.bin,
|
||||
|
||||
- Build TF-A
|
||||
|
||||
Build fip:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- PLAT=stingray BOARD_CFG=bcm958742t all fip BL33=u-boot.bin
|
||||
|
||||
Deploy TF-A Images
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
The u-boot will be upstreamed soon, this doc will be updated once they are ready, and the link will be posted.
|
||||
20
arm-trusted-firmware/docs/plat/deprecated.rst
Normal file
20
arm-trusted-firmware/docs/plat/deprecated.rst
Normal file
@@ -0,0 +1,20 @@
|
||||
Deprecated platforms
|
||||
====================
|
||||
|
||||
Process of deprecating a platform
|
||||
---------------------------------
|
||||
|
||||
Platform can be deprecated and its source can be kept in repository for a cooling
|
||||
off period before deleting it or it can be deleted straight away. For later types
|
||||
Deprecated/Deleted version would be same.
|
||||
|
||||
List of deprecated platforms
|
||||
----------------------------
|
||||
|
||||
+----------------+----------------+--------------------+--------------------+
|
||||
| Platform | Vendor | Deprecated version | Deleted version |
|
||||
+================+================+====================+====================+
|
||||
| sgm775 | Arm | 2.5 | 2.7 |
|
||||
+----------------+----------------+--------------------+--------------------+
|
||||
| mt6795 | MTK | 2.5 | 2.7 |
|
||||
+----------------+----------------+--------------------+--------------------+
|
||||
155
arm-trusted-firmware/docs/plat/hikey.rst
Normal file
155
arm-trusted-firmware/docs/plat/hikey.rst
Normal file
@@ -0,0 +1,155 @@
|
||||
HiKey
|
||||
=====
|
||||
|
||||
HiKey is one of 96boards. Hisilicon Kirin6220 processor is installed on HiKey.
|
||||
|
||||
More information are listed in `link`_.
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
- Trusted Firmware-A:
|
||||
`link <https://github.com/ARM-software/arm-trusted-firmware>`__
|
||||
|
||||
- OP-TEE
|
||||
`link <https://github.com/OP-TEE/optee_os>`__
|
||||
|
||||
- edk2:
|
||||
`link <https://github.com/96boards-hikey/edk2/tree/testing/hikey960_v2.5>`__
|
||||
|
||||
- OpenPlatformPkg:
|
||||
`link <https://github.com/96boards-hikey/OpenPlatformPkg/tree/testing/hikey960_v1.3.4>`__
|
||||
|
||||
- l-loader:
|
||||
`link <https://github.com/96boards-hikey/l-loader/tree/testing/hikey960_v1.2>`__
|
||||
|
||||
- atf-fastboot:
|
||||
`link <https://github.com/96boards-hikey/atf-fastboot/tree/master>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Fetch all the above repositories into local host.
|
||||
Make all the repositories in the same ${BUILD\_PATH}.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://github.com/ARM-software/arm-trusted-firmware -b integration
|
||||
git clone https://github.com/OP-TEE/optee_os
|
||||
git clone https://github.com/96boards-hikey/edk2 -b testing/hikey960_v2.5
|
||||
git clone https://github.com/96boards-hikey/OpenPlatformPkg -b testing/hikey960_v1.3.4
|
||||
git clone https://github.com/96boards-hikey/l-loader -b testing/hikey960_v1.2
|
||||
git clone https://github.com/96boards-hikey/atf-fastboot
|
||||
|
||||
- Create the symbol link to OpenPlatformPkg in edk2.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$cd ${BUILD_PATH}/edk2
|
||||
$ln -sf ../OpenPlatformPkg
|
||||
|
||||
- Prepare AARCH64 && AARCH32 toolchain. Prepare python.
|
||||
|
||||
- If your hikey hardware is built by CircuitCo, update *OpenPlatformPkg/Platforms/Hisilicon/HiKey/HiKey.dsc* first. *(optional)*
|
||||
console on hikey.**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
DEFINE SERIAL_BASE=0xF8015000
|
||||
|
||||
If your hikey hardware is built by LeMaker, nothing to do.
|
||||
|
||||
- Build it as debug mode. Create your own build script file or you could refer to **build\_uefi.sh** in l-loader git repository.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
cd {BUILD_PATH}/arm-trusted-firmware
|
||||
sh ../l-loader/build_uefi.sh hikey
|
||||
|
||||
- Generate l-loader.bin and partition table for aosp. The eMMC capacity is either 8GB or 4GB. Just change "aosp-8g" to "linux-8g" for debian.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
cd ${BUILD_PATH}/l-loader
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/bl1.bin
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/bl2.bin
|
||||
ln -sf ${BUILD_PATH}/atf-fastboot/build/hikey/${FASTBOOT_BUILD_OPTION}/bl1.bin fastboot.bin
|
||||
make hikey PTABLE_LST=aosp-8g
|
||||
|
||||
Setup Console
|
||||
-------------
|
||||
|
||||
- Install ser2net. Use telnet as the console since UEFI fails to display Boot Manager GUI in minicom. **If you don't need Boot Manager GUI, just ignore this section.**
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo apt-get install ser2net
|
||||
|
||||
- Configure ser2net.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo vi /etc/ser2net.conf
|
||||
|
||||
Append one line for serial-over-USB in below.
|
||||
*#ser2net.conf*
|
||||
|
||||
.. code:: shell
|
||||
|
||||
2004:telnet:0:/dev/ttyUSB0:115200 8DATABITS NONE 1STOPBIT banner
|
||||
|
||||
- Start ser2net
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo killall ser2net
|
||||
$sudo ser2net -u
|
||||
|
||||
- Open the console.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$telnet localhost 2004
|
||||
|
||||
And you could open the console remotely, too.
|
||||
|
||||
Flash images in recovery mode
|
||||
-----------------------------
|
||||
|
||||
- Make sure Pin3-Pin4 on J15 are connected for recovery mode. Then power on HiKey.
|
||||
|
||||
- Remove the modemmanager package. This package may cause the idt tool failure.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo apt-get purge modemmanager
|
||||
|
||||
- Run the command to download recovery.bin into HiKey.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo python hisi-idt.py -d /dev/ttyUSB1 --img1 recovery.bin
|
||||
|
||||
- Update images. All aosp or debian images could be fetched from `link <http://releases.linaro.org/96boards/>`__.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo fastboot flash ptable prm_ptable.img
|
||||
$sudo fastboot flash loader l-loader.bin
|
||||
$sudo fastboot flash fastboot fip.bin
|
||||
$sudo fastboot flash boot boot.img
|
||||
$sudo fastboot flash cache cache.img
|
||||
$sudo fastboot flash system system.img
|
||||
$sudo fastboot flash userdata userdata.img
|
||||
|
||||
Boot UEFI in normal mode
|
||||
------------------------
|
||||
|
||||
- Make sure Pin3-Pin4 on J15 are open for normal boot mode. Then power on HiKey.
|
||||
|
||||
- Reference `link <https://github.com/96boards-hikey/tools-images-hikey960/blob/master/build-from-source/README-ATF-UEFI-build-from-source.md>`__
|
||||
|
||||
.. _link: https://www.96boards.org/documentation/consumer/hikey/
|
||||
180
arm-trusted-firmware/docs/plat/hikey960.rst
Normal file
180
arm-trusted-firmware/docs/plat/hikey960.rst
Normal file
@@ -0,0 +1,180 @@
|
||||
HiKey960
|
||||
========
|
||||
|
||||
HiKey960 is one of 96boards. Hisilicon Hi3660 processor is installed on HiKey960.
|
||||
|
||||
More information are listed in `link`_.
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
- Trusted Firmware-A:
|
||||
`link <https://github.com/ARM-software/arm-trusted-firmware>`__
|
||||
|
||||
- OP-TEE:
|
||||
`link <https://github.com/OP-TEE/optee_os>`__
|
||||
|
||||
- edk2:
|
||||
`link <https://github.com/96boards-hikey/edk2/tree/testing/hikey960_v2.5>`__
|
||||
|
||||
- OpenPlatformPkg:
|
||||
`link <https://github.com/96boards-hikey/OpenPlatformPkg/tree/testing/hikey960_v1.3.4>`__
|
||||
|
||||
- l-loader:
|
||||
`link <https://github.com/96boards-hikey/l-loader/tree/testing/hikey960_v1.2>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Fetch all the above 5 repositories into local host.
|
||||
Make all the repositories in the same ${BUILD\_PATH}.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
git clone https://github.com/ARM-software/arm-trusted-firmware -b integration
|
||||
git clone https://github.com/OP-TEE/optee_os
|
||||
git clone https://github.com/96boards-hikey/edk2 -b testing/hikey960_v2.5
|
||||
git clone https://github.com/96boards-hikey/OpenPlatformPkg -b testing/hikey960_v1.3.4
|
||||
git clone https://github.com/96boards-hikey/l-loader -b testing/hikey960_v1.2
|
||||
|
||||
- Create the symbol link to OpenPlatformPkg in edk2.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$cd ${BUILD_PATH}/edk2
|
||||
$ln -sf ../OpenPlatformPkg
|
||||
|
||||
- Prepare AARCH64 toolchain.
|
||||
|
||||
- If your hikey960 hardware is v1, update *OpenPlatformPkg/Platforms/Hisilicon/HiKey960/HiKey960.dsc* first. *(optional)*
|
||||
|
||||
.. code:: shell
|
||||
|
||||
DEFINE SERIAL_BASE=0xFDF05000
|
||||
|
||||
If your hikey960 hardware is v2 or newer, nothing to do.
|
||||
|
||||
- Build it as debug mode. Create script file for build.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
cd {BUILD_PATH}/arm-trusted-firmware
|
||||
sh ../l-loader/build_uefi.sh hikey960
|
||||
|
||||
- Generate l-loader.bin and partition table.
|
||||
*Make sure that you're using the sgdisk in the l-loader directory.*
|
||||
|
||||
.. code:: shell
|
||||
|
||||
cd ${BUILD_PATH}/l-loader
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/bl1.bin
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/bl2.bin
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/fip.bin
|
||||
ln -sf ${EDK2_OUTPUT_DIR}/FV/BL33_AP_UEFI.fd
|
||||
make hikey960
|
||||
|
||||
Setup Console
|
||||
-------------
|
||||
|
||||
- Install ser2net. Use telnet as the console since UEFI will output window
|
||||
that fails to display in minicom.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo apt-get install ser2net
|
||||
|
||||
- Configure ser2net.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo vi /etc/ser2net.conf
|
||||
|
||||
Append one line for serial-over-USB in *#ser2net.conf*
|
||||
|
||||
::
|
||||
|
||||
2004:telnet:0:/dev/ttyUSB0:115200 8DATABITS NONE 1STOPBIT banner
|
||||
|
||||
- Start ser2net
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo killall ser2net
|
||||
$sudo ser2net -u
|
||||
|
||||
- Open the console.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$telnet localhost 2004
|
||||
|
||||
And you could open the console remotely, too.
|
||||
|
||||
Boot UEFI in recovery mode
|
||||
--------------------------
|
||||
|
||||
- Fetch that are used in recovery mode. The code location is in below.
|
||||
`link <https://github.com/96boards-hikey/tools-images-hikey960>`__
|
||||
|
||||
- Prepare recovery binary.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$cd tools-images-hikey960
|
||||
$ln -sf ${BUILD_PATH}/l-loader/l-loader.bin
|
||||
$ln -sf ${BUILD_PATH}/l-loader/fip.bin
|
||||
$ln -sf ${BUILD_PATH}/l-loader/recovery.bin
|
||||
|
||||
- Prepare config file.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$vi config
|
||||
# The content of config file
|
||||
./sec_usb_xloader.img 0x00020000
|
||||
./sec_uce_boot.img 0x6A908000
|
||||
./recovery.bin 0x1AC00000
|
||||
|
||||
- Remove the modemmanager package. This package may causes hikey\_idt tool failure.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo apt-get purge modemmanager
|
||||
|
||||
- Run the command to download recovery.bin into HiKey960.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo ./hikey_idt -c config -p /dev/ttyUSB1
|
||||
|
||||
- UEFI running in recovery mode.
|
||||
When prompt '.' is displayed on console, press hotkey 'f' in keyboard. Then Android fastboot app is running.
|
||||
The timeout of prompt '.' is 10 seconds.
|
||||
|
||||
- Update images.
|
||||
|
||||
.. code:: shell
|
||||
|
||||
$sudo fastboot flash ptable prm_ptable.img
|
||||
$sudo fastboot flash xloader sec_xloader.img
|
||||
$sudo fastboot flash fastboot l-loader.bin
|
||||
$sudo fastboot flash fip fip.bin
|
||||
$sudo fastboot flash boot boot.img
|
||||
$sudo fastboot flash cache cache.img
|
||||
$sudo fastboot flash system system.img
|
||||
$sudo fastboot flash userdata userdata.img
|
||||
|
||||
- Notice: UEFI could also boot kernel in recovery mode, but BL31 isn't loaded in
|
||||
recovery mode.
|
||||
|
||||
Boot UEFI in normal mode
|
||||
------------------------
|
||||
|
||||
- Make sure "Boot Mode" switch is OFF for normal boot mode. Then power on HiKey960.
|
||||
|
||||
- Reference `link <https://github.com/96boards-hikey/tools-images-hikey960/blob/master/build-from-source/README-ATF-UEFI-build-from-source.md>`__
|
||||
|
||||
.. _link: https://www.96boards.org/documentation/consumer/hikey/hikey960
|
||||
58
arm-trusted-firmware/docs/plat/imx8.rst
Normal file
58
arm-trusted-firmware/docs/plat/imx8.rst
Normal file
@@ -0,0 +1,58 @@
|
||||
NXP i.MX 8 Series
|
||||
=================
|
||||
|
||||
The i.MX 8 series of applications processors is a feature- and
|
||||
performance-scalable multi-core platform that includes single-,
|
||||
dual-, and quad-core families based on the Arm® Cortex®
|
||||
architecture—including combined Cortex-A72 + Cortex-A53,
|
||||
Cortex-A35, and Cortex-M4 based solutions for advanced graphics,
|
||||
imaging, machine vision, audio, voice, video, and safety-critical
|
||||
applications.
|
||||
|
||||
The i.MX8QM is with 2 Cortex-A72 ARM core, 4 Cortex-A53 ARM core
|
||||
and 1 Cortex-M4 system controller.
|
||||
|
||||
The i.MX8QX is with 4 Cortex-A35 ARM core and 1 Cortex-M4 system
|
||||
controller.
|
||||
|
||||
The System Controller (SC) represents the evolution of centralized
|
||||
control for system-level resources on i.MX8. The heart of the system
|
||||
controller is a Cortex-M4 that executes system controller firmware.
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
Bootrom --> BL31 --> BL33(u-boot) --> Linux kernel
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Prepare AARCH64 toolchain.
|
||||
|
||||
- Build System Controller Firmware and u-boot firstly, and get binary images: scfw_tcm.bin and u-boot.bin
|
||||
|
||||
- Build TF-A
|
||||
|
||||
Build bl31:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-linux-gnu- make PLAT=<Target_SoC> bl31
|
||||
|
||||
Target_SoC should be "imx8qm" for i.MX8QM SoC.
|
||||
Target_SoC should be "imx8qx" for i.MX8QX SoC.
|
||||
|
||||
Deploy TF-A Images
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
TF-A binary(bl31.bin), scfw_tcm.bin and u-boot.bin are combined together
|
||||
to generate a binary file called flash.bin, the imx-mkimage tool is used
|
||||
to generate flash.bin, and flash.bin needs to be flashed into SD card
|
||||
with certain offset for BOOT ROM. The system controller firmware,
|
||||
u-boot and imx-mkimage will be upstreamed soon, this doc will be updated
|
||||
once they are ready, and the link will be posted.
|
||||
|
||||
.. _i.MX8: https://www.nxp.com/products/processors-and-microcontrollers/applications-processors/i.mx-applications-processors/i.mx-8-processors/i.mx-8-family-arm-cortex-a53-cortex-a72-virtualization-vision-3d-graphics-4k-video:i.MX8
|
||||
70
arm-trusted-firmware/docs/plat/imx8m.rst
Normal file
70
arm-trusted-firmware/docs/plat/imx8m.rst
Normal file
@@ -0,0 +1,70 @@
|
||||
NXP i.MX 8M Series
|
||||
==================
|
||||
|
||||
The i.MX 8M family of applications processors based on Arm Corte-A53 and Cortex-M4
|
||||
cores provide high-performance computing, power efficiency, enhanced system
|
||||
reliability and embedded security needed to drive the growth of fast-growing
|
||||
edge node computing, streaming multimedia, and machine learning applications.
|
||||
|
||||
imx8mq is dropped in TF-A CI build due to the small OCRAM size, but still actively
|
||||
maintained in NXP official release.
|
||||
|
||||
Boot Sequence
|
||||
-------------
|
||||
|
||||
Bootrom --> SPL --> BL31 --> BL33(u-boot) --> Linux kernel
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Prepare AARCH64 toolchain.
|
||||
|
||||
- Build spl and u-boot firstly, and get binary images: u-boot-spl.bin,
|
||||
u-boot-nodtb.bin and dtb for the target board.
|
||||
|
||||
- Build TF-A
|
||||
|
||||
Build bl31:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-linux-gnu- make PLAT=<Target_SoC> bl31
|
||||
|
||||
Target_SoC should be "imx8mq" for i.MX8MQ SoC.
|
||||
Target_SoC should be "imx8mm" for i.MX8MM SoC.
|
||||
Target_SoC should be "imx8mn" for i.MX8MN SoC.
|
||||
Target_SoC should be "imx8mp" for i.MX8MP SoC.
|
||||
|
||||
Deploy TF-A Images
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
TF-A binary(bl31.bin), u-boot-spl.bin u-boot-nodtb.bin and dtb are combined
|
||||
together to generate a binary file called flash.bin, the imx-mkimage tool is
|
||||
used to generate flash.bin, and flash.bin needs to be flashed into SD card
|
||||
with certain offset for BOOT ROM. the u-boot and imx-mkimage will be upstreamed
|
||||
soon, this doc will be updated once they are ready, and the link will be posted.
|
||||
|
||||
TBBR Boot Sequence
|
||||
------------------
|
||||
|
||||
When setting NEED_BL2=1 on imx8mm. We support an alternative way of
|
||||
boot sequence to support TBBR.
|
||||
|
||||
Bootrom --> SPL --> BL2 --> BL31 --> BL33(u-boot with UEFI) --> grub
|
||||
|
||||
This helps us to fulfill the SystemReady EBBR standard.
|
||||
BL2 will be in the FIT image and SPL will verify it.
|
||||
All of the BL3x will be put in the FIP image. BL2 will verify them.
|
||||
In U-boot we turn on the UEFI secure boot features so it can verify
|
||||
grub. And we use grub to verify linux kernel.
|
||||
|
||||
Measured Boot
|
||||
-------------
|
||||
|
||||
When setting MEASURED_BOOT=1 on imx8mm we can let TF-A generate event logs
|
||||
with a DTB overlay. The overlay will be put at PLAT_IMX8M_DTO_BASE with
|
||||
maximum size PLAT_IMX8M_DTO_MAX_SIZE. Then in U-boot we can apply the DTB
|
||||
overlay and let U-boot to parse the event log and update the PCRs.
|
||||
66
arm-trusted-firmware/docs/plat/index.rst
Normal file
66
arm-trusted-firmware/docs/plat/index.rst
Normal file
@@ -0,0 +1,66 @@
|
||||
Platform Ports
|
||||
==============
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
:numbered:
|
||||
:hidden:
|
||||
|
||||
allwinner
|
||||
arm/index
|
||||
deprecated
|
||||
meson-axg
|
||||
meson-gxbb
|
||||
meson-gxl
|
||||
meson-g12a
|
||||
hikey
|
||||
hikey960
|
||||
intel-agilex
|
||||
intel-stratix10
|
||||
marvell/index
|
||||
mt8183
|
||||
mt8186
|
||||
mt8192
|
||||
mt8195
|
||||
nvidia-tegra
|
||||
warp7
|
||||
imx8
|
||||
imx8m
|
||||
nxp/index
|
||||
poplar
|
||||
qemu
|
||||
qemu-sbsa
|
||||
qti
|
||||
qti-msm8916
|
||||
rpi3
|
||||
rpi4
|
||||
rcar-gen3
|
||||
rz-g2
|
||||
rockchip
|
||||
socionext-uniphier
|
||||
synquacer
|
||||
stm32mp1
|
||||
ti-k3
|
||||
xilinx-versal
|
||||
xilinx-zynqmp
|
||||
brcm-stingray
|
||||
|
||||
This section provides a list of supported upstream *platform ports* and the
|
||||
documentation associated with them.
|
||||
|
||||
.. note::
|
||||
In addition to the platforms ports listed within the table of contents, there
|
||||
are several additional platforms that are supported upstream but which do not
|
||||
currently have associated documentation:
|
||||
|
||||
- Arm Neoverse N1 System Development Platform (N1SDP)
|
||||
- Arm Neoverse Reference Design N1 Edge (RD-N1-Edge) FVP
|
||||
- Arm Neoverse Reference Design E1 Edge (RD-E1-Edge) FVP
|
||||
- Arm SGI-575 and SGM-775
|
||||
- MediaTek MT6795 and MT8173 SoCs
|
||||
- Arm Morello Platform
|
||||
|
||||
--------------
|
||||
|
||||
*Copyright (c) 2019-2020, Arm Limited. All rights reserved.*
|
||||
86
arm-trusted-firmware/docs/plat/intel-agilex.rst
Normal file
86
arm-trusted-firmware/docs/plat/intel-agilex.rst
Normal file
@@ -0,0 +1,86 @@
|
||||
Intel Agilex SoCFPGA
|
||||
========================
|
||||
|
||||
Agilex SoCFPGA is a FPGA with integrated quad-core 64-bit Arm Cortex A53 processor.
|
||||
|
||||
Upon boot, Boot ROM loads bl2 into OCRAM. Bl2 subsequently initializes
|
||||
the hardware, then loads bl31 and bl33 (UEFI) into DDR and boots to bl33.
|
||||
|
||||
::
|
||||
|
||||
Boot ROM --> Trusted Firmware-A --> UEFI
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
- Trusted Firmware-A:
|
||||
`link <https://github.com/ARM-software/arm-trusted-firmware>`__
|
||||
|
||||
- UEFI (to be updated with new upstreamed UEFI):
|
||||
`link <https://github.com/altera-opensource/uefi-socfpga>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Fetch all the above 2 repositories into local host.
|
||||
Make all the repositories in the same ${BUILD\_PATH}.
|
||||
|
||||
- Prepare the AARCH64 toolchain.
|
||||
|
||||
- Build UEFI using Agilex platform as configuration
|
||||
This will be updated to use an updated UEFI using the latest EDK2 source
|
||||
|
||||
.. code:: bash
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- device=agx
|
||||
|
||||
- Build atf providing the previously generated UEFI as the BL33 image
|
||||
|
||||
.. code:: bash
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- bl2 fip PLAT=agilex
|
||||
BL33=PEI.ROM
|
||||
|
||||
Install Procedure
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
- dd fip.bin to a A2 partition on the MMC drive to be booted in Agilex
|
||||
board.
|
||||
|
||||
- Generate a SOF containing bl2
|
||||
|
||||
.. code:: bash
|
||||
|
||||
aarch64-linux-gnu-objcopy -I binary -O ihex --change-addresses 0xffe00000 bl2.bin bl2.hex
|
||||
quartus_cpf --bootloader bl2.hex <quartus_generated_sof> <output_sof_with_bl2>
|
||||
|
||||
- Configure SOF to board
|
||||
|
||||
.. code:: bash
|
||||
|
||||
nios2-configure-sof <output_sof_with_bl2>
|
||||
|
||||
Boot trace
|
||||
----------
|
||||
|
||||
::
|
||||
|
||||
INFO: DDR: DRAM calibration success.
|
||||
INFO: ECC is disabled.
|
||||
NOTICE: BL2: v2.1(debug)
|
||||
NOTICE: BL2: Built
|
||||
INFO: BL2: Doing platform setup
|
||||
NOTICE: BL2: Booting BL31
|
||||
INFO: Entry point address = 0xffe1c000
|
||||
INFO: SPSR = 0x3cd
|
||||
NOTICE: BL31: v2.1(debug)
|
||||
NOTICE: BL31: Built
|
||||
INFO: ARM GICv2 driver initialized
|
||||
INFO: BL31: Initializing runtime services
|
||||
WARNING: BL31: cortex_a53
|
||||
INFO: BL31: Preparing for EL3 exit to normal world
|
||||
INFO: Entry point address = 0x50000
|
||||
INFO: SPSR = 0x3c9
|
||||
94
arm-trusted-firmware/docs/plat/intel-stratix10.rst
Normal file
94
arm-trusted-firmware/docs/plat/intel-stratix10.rst
Normal file
@@ -0,0 +1,94 @@
|
||||
Intel Stratix 10 SoCFPGA
|
||||
========================
|
||||
|
||||
Stratix 10 SoCFPGA is a FPGA with integrated quad-core 64-bit Arm Cortex A53 processor.
|
||||
|
||||
Upon boot, Boot ROM loads bl2 into OCRAM. Bl2 subsequently initializes
|
||||
the hardware, then loads bl31 and bl33 (UEFI) into DDR and boots to bl33.
|
||||
|
||||
::
|
||||
|
||||
Boot ROM --> Trusted Firmware-A --> UEFI
|
||||
|
||||
How to build
|
||||
------------
|
||||
|
||||
Code Locations
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
- Trusted Firmware-A:
|
||||
`link <https://github.com/ARM-software/arm-trusted-firmware>`__
|
||||
|
||||
- UEFI (to be updated with new upstreamed UEFI):
|
||||
`link <https://github.com/altera-opensource/uefi-socfpga>`__
|
||||
|
||||
Build Procedure
|
||||
~~~~~~~~~~~~~~~
|
||||
|
||||
- Fetch all the above 2 repositories into local host.
|
||||
Make all the repositories in the same ${BUILD\_PATH}.
|
||||
|
||||
- Prepare the AARCH64 toolchain.
|
||||
|
||||
- Build UEFI using Stratix 10 platform as configuration
|
||||
This will be updated to use an updated UEFI using the latest EDK2 source
|
||||
|
||||
.. code:: bash
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- device=s10
|
||||
|
||||
- Build atf providing the previously generated UEFI as the BL33 image
|
||||
|
||||
.. code:: bash
|
||||
|
||||
make CROSS_COMPILE=aarch64-linux-gnu- bl2 fip PLAT=stratix10
|
||||
BL33=PEI.ROM
|
||||
|
||||
Install Procedure
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
- dd fip.bin to a A2 partition on the MMC drive to be booted in Stratix 10
|
||||
board.
|
||||
|
||||
- Generate a SOF containing bl2
|
||||
|
||||
.. code:: bash
|
||||
|
||||
aarch64-linux-gnu-objcopy -I binary -O ihex --change-addresses 0xffe00000 bl2.bin bl2.hex
|
||||
quartus_cpf --bootloader bl2.hex <quartus_generated_sof> <output_sof_with_bl2>
|
||||
|
||||
- Configure SOF to board
|
||||
|
||||
.. code:: bash
|
||||
|
||||
nios2-configure-sof <output_sof_with_bl2>
|
||||
|
||||
Boot trace
|
||||
----------
|
||||
|
||||
::
|
||||
|
||||
INFO: DDR: DRAM calibration success.
|
||||
INFO: ECC is disabled.
|
||||
INFO: Init HPS NOC's DDR Scheduler.
|
||||
NOTICE: BL2: v2.0(debug):v2.0-809-g7f8474a-dirty
|
||||
NOTICE: BL2: Built : 17:38:19, Feb 18 2019
|
||||
INFO: BL2: Doing platform setup
|
||||
INFO: BL2: Loading image id 3
|
||||
INFO: Loading image id=3 at address 0xffe1c000
|
||||
INFO: Image id=3 loaded: 0xffe1c000 - 0xffe24034
|
||||
INFO: BL2: Loading image id 5
|
||||
INFO: Loading image id=5 at address 0x50000
|
||||
INFO: Image id=5 loaded: 0x50000 - 0x550000
|
||||
NOTICE: BL2: Booting BL31
|
||||
INFO: Entry point address = 0xffe1c000
|
||||
INFO: SPSR = 0x3cd
|
||||
NOTICE: BL31: v2.0(debug):v2.0-810-g788c436-dirty
|
||||
NOTICE: BL31: Built : 15:17:16, Feb 20 2019
|
||||
INFO: ARM GICv2 driver initialized
|
||||
INFO: BL31: Initializing runtime services
|
||||
WARNING: BL31: cortex_a53: CPU workaround for 855873 was missing!
|
||||
INFO: BL31: Preparing for EL3 exit to normal world
|
||||
INFO: Entry point address = 0x50000
|
||||
INFO: SPSR = 0x3c9
|
||||
UEFI firmware (version 1.0 built at 11:26:18 on Nov 7 2018)
|
||||
476
arm-trusted-firmware/docs/plat/marvell/armada/build.rst
Normal file
476
arm-trusted-firmware/docs/plat/marvell/armada/build.rst
Normal file
@@ -0,0 +1,476 @@
|
||||
TF-A Build Instructions for Marvell Platforms
|
||||
=============================================
|
||||
|
||||
This section describes how to compile the Trusted Firmware-A (TF-A) project for Marvell's platforms.
|
||||
|
||||
Build Instructions
|
||||
------------------
|
||||
(1) Set the cross compiler
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> export CROSS_COMPILE=/path/to/toolchain/aarch64-linux-gnu-
|
||||
|
||||
(2) Set path for FIP images:
|
||||
|
||||
Set U-Boot image path (relatively to TF-A root or absolute path)
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> export BL33=path/to/u-boot.bin
|
||||
|
||||
For example: if U-Boot project (and its images) is located at ``~/project/u-boot``,
|
||||
BL33 should be ``~/project/u-boot/u-boot.bin``
|
||||
|
||||
.. note::
|
||||
|
||||
*u-boot.bin* should be used and not *u-boot-spl.bin*
|
||||
|
||||
Set MSS/SCP image path (mandatory only for A7K/8K/CN913x when MSS_SUPPORT=1)
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> export SCP_BL2=path/to/mrvl_scp_bl2*.img
|
||||
|
||||
(3) Armada-37x0 build requires WTP tools installation.
|
||||
|
||||
See below in the section "Tools and external components installation".
|
||||
Install ARM 32-bit cross compiler, which is required for building WTMI image for CM3
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> sudo apt-get install gcc-arm-linux-gnueabi
|
||||
|
||||
(4) Clean previous build residuals (if any)
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> make distclean
|
||||
|
||||
(5) Build TF-A
|
||||
|
||||
There are several build options:
|
||||
|
||||
- PLAT
|
||||
|
||||
Supported Marvell platforms are:
|
||||
|
||||
- a3700 - A3720 DB, EspressoBin and Turris MOX
|
||||
- a70x0
|
||||
- a70x0_amc - AMC board
|
||||
- a70x0_mochabin - Globalscale MOCHAbin
|
||||
- a80x0
|
||||
- a80x0_mcbin - MacchiatoBin
|
||||
- a80x0_puzzle - IEI Puzzle-M801
|
||||
- t9130 - CN913x
|
||||
- t9130_cex7_eval - CN913x CEx7 Evaluation Board
|
||||
|
||||
- DEBUG
|
||||
|
||||
Default is without debug information (=0). in order to enable it use ``DEBUG=1``.
|
||||
Can be enabled also when building UART recovery images, there is no issue with it.
|
||||
|
||||
Production TF-A images should be built without this debug option!
|
||||
|
||||
- LOG_LEVEL
|
||||
|
||||
Defines the level of logging which will be purged to the default output port.
|
||||
|
||||
- 0 - LOG_LEVEL_NONE
|
||||
- 10 - LOG_LEVEL_ERROR
|
||||
- 20 - LOG_LEVEL_NOTICE (default for DEBUG=0)
|
||||
- 30 - LOG_LEVEL_WARNING
|
||||
- 40 - LOG_LEVEL_INFO (default for DEBUG=1)
|
||||
- 50 - LOG_LEVEL_VERBOSE
|
||||
|
||||
- USE_COHERENT_MEM
|
||||
|
||||
This flag determines whether to include the coherent memory region in the
|
||||
BL memory map or not. Enabled by default.
|
||||
|
||||
- LLC_ENABLE
|
||||
|
||||
Flag defining the LLC (L3) cache state. The cache is enabled by default (``LLC_ENABLE=1``).
|
||||
|
||||
- LLC_SRAM
|
||||
|
||||
Flag enabling the LLC (L3) cache SRAM support. The LLC SRAM is activated and used
|
||||
by Trusted OS (OP-TEE OS, BL32). The TF-A only prepares CCU address translation windows
|
||||
for SRAM address range at BL31 execution stage with window target set to DRAM-0.
|
||||
When Trusted OS activates LLC SRAM, the CCU window target is changed to SRAM.
|
||||
There is no reason to enable this feature if OP-TEE OS built with CFG_WITH_PAGER=n.
|
||||
Only set LLC_SRAM=1 if OP-TEE OS is built with CFG_WITH_PAGER=y.
|
||||
|
||||
- MARVELL_SECURE_BOOT
|
||||
|
||||
Build trusted(=1)/non trusted(=0) image, default is non trusted.
|
||||
This parameter is used only for ``mrvl_flash`` and ``mrvl_uart`` targets.
|
||||
|
||||
- MV_DDR_PATH
|
||||
|
||||
This parameter is required for ``mrvl_flash`` and ``mrvl_uart`` targets.
|
||||
For A7K/8K/CN913x it is used for BLE build and for Armada37x0 it used
|
||||
for ddr_tool build.
|
||||
|
||||
Specify path to the full checkout of Marvell mv-ddr-marvell git
|
||||
repository. Checkout must contain also .git subdirectory because
|
||||
mv-ddr build process calls git commands.
|
||||
|
||||
Do not remove any parts of git checkout becuase build process and other
|
||||
applications need them for correct building and version determination.
|
||||
|
||||
|
||||
CN913x specific build options:
|
||||
|
||||
- CP_NUM
|
||||
|
||||
Total amount of CPs (South Bridge) connected to AP. When the parameter is omitted,
|
||||
the build uses the default number of CPs, which is a number of embedded CPs inside the
|
||||
package: 1 or 2 depending on the SoC used. The parameter is valid for OcteonTX2 CN913x SoC
|
||||
family (PLAT=t9130), which can have external CPs connected to the MCI ports. Valid
|
||||
values with CP_NUM are in a range of 1 to 3.
|
||||
|
||||
|
||||
A7K/8K/CN913x specific build options:
|
||||
|
||||
- BLE_PATH
|
||||
|
||||
Points to BLE (Binary ROM extension) sources folder.
|
||||
The parameter is optional, its default value is ``plat/marvell/armada/a8k/common/ble``
|
||||
which uses TF-A in-tree BLE implementation.
|
||||
|
||||
- MSS_SUPPORT
|
||||
|
||||
When ``MSS_SUPPORT=1``, then TF-A includes support for Management SubSystem (MSS).
|
||||
When enabled it is required to specify path to the MSS firmware image via ``SCP_BL2``
|
||||
option.
|
||||
|
||||
This option is by default enabled.
|
||||
|
||||
- SCP_BL2
|
||||
|
||||
Specify path to the MSS fimware image binary which will run on Cortex-M3 coprocessor.
|
||||
It is available in Marvell binaries-marvell git repository. Required when ``MSS_SUPPORT=1``.
|
||||
|
||||
Globalscale MOCHAbin specific build options:
|
||||
|
||||
- DDR_TOPOLOGY
|
||||
|
||||
The DDR topology map index/name, default is 0.
|
||||
|
||||
Supported Options:
|
||||
- 0 - DDR4 1CS 2GB
|
||||
- 1 - DDR4 1CS 4GB
|
||||
- 2 - DDR4 2CS 8GB
|
||||
|
||||
Armada37x0 specific build options:
|
||||
|
||||
- HANDLE_EA_EL3_FIRST
|
||||
|
||||
When ``HANDLE_EA_EL3_FIRST=1``, External Aborts and SError Interrupts will be always trapped
|
||||
in TF-A. TF-A in this case enables dirty hack / workaround for a bug found in U-Boot and
|
||||
Linux kernel PCIe controller driver pci-aardvark.c, traps and then masks SError interrupt
|
||||
caused by AXI SLVERR on external access (syndrome 0xbf000002).
|
||||
|
||||
Otherwise when ``HANDLE_EA_EL3_FIRST=0``, these exceptions will be trapped in the current
|
||||
exception level (or in EL1 if the current exception level is EL0). So exceptions caused by
|
||||
U-Boot will be trapped in U-Boot, exceptions caused by Linux kernel (or user applications)
|
||||
will be trapped in Linux kernel.
|
||||
|
||||
Mentioned bug in pci-aardvark.c driver is fixed in U-Boot version v2021.07 and Linux kernel
|
||||
version v5.13 (workarounded since Linux kernel version 5.9) and also backported in Linux
|
||||
kernel stable releases since versions v5.12.13, v5.10.46, v5.4.128, v4.19.198, v4.14.240.
|
||||
|
||||
If target system has already patched version of U-Boot and Linux kernel then it is strongly
|
||||
recommended to not enable this workaround as it disallows propagating of all External Aborts
|
||||
to running Linux kernel and makes correctable errors as fatal aborts.
|
||||
|
||||
This option is now disabled by default. In past this option was enabled by default in
|
||||
TF-A versions v2.2, v2.3, v2.4 and v2.5.
|
||||
|
||||
- CM3_SYSTEM_RESET
|
||||
|
||||
When ``CM3_SYSTEM_RESET=1``, the Cortex-M3 secure coprocessor will be used for system reset.
|
||||
|
||||
TF-A will send command 0x0009 with a magic value via the rWTM mailbox interface to the
|
||||
Cortex-M3 secure coprocessor.
|
||||
The firmware running in the coprocessor must either implement this functionality or
|
||||
ignore the 0x0009 command (which is true for the firmware from A3700-utils-marvell
|
||||
repository). If this option is enabled but the firmware does not support this command,
|
||||
an error message will be printed prior trying to reboot via the usual way.
|
||||
|
||||
This option is needed on Turris MOX as a workaround to a HW bug which causes reset to
|
||||
sometime hang the board.
|
||||
|
||||
- A3720_DB_PM_WAKEUP_SRC
|
||||
|
||||
For Armada 3720 Development Board only, when ``A3720_DB_PM_WAKEUP_SRC=1``,
|
||||
TF-A will setup PM wake up src configuration. This option is disabled by default.
|
||||
|
||||
|
||||
Armada37x0 specific build options for ``mrvl_flash`` and ``mrvl_uart`` targets:
|
||||
|
||||
- DDR_TOPOLOGY
|
||||
|
||||
The DDR topology map index/name, default is 0.
|
||||
|
||||
Supported Options:
|
||||
- 0 - DDR3 1CS 512MB (DB-88F3720-DDR3-Modular, EspressoBin V3-V5)
|
||||
- 1 - DDR4 1CS 512MB (DB-88F3720-DDR4-Modular)
|
||||
- 2 - DDR3 2CS 1GB (EspressoBin V3-V5)
|
||||
- 3 - DDR4 2CS 4GB (DB-88F3720-DDR4-Modular)
|
||||
- 4 - DDR3 1CS 1GB (DB-88F3720-DDR3-Modular, EspressoBin V3-V5)
|
||||
- 5 - DDR4 1CS 1GB (EspressoBin V7, EspressoBin-Ultra)
|
||||
- 6 - DDR4 2CS 2GB (EspressoBin V7)
|
||||
- 7 - DDR3 2CS 2GB (EspressoBin V3-V5)
|
||||
- CUST - CUSTOMER BOARD (Customer board settings)
|
||||
|
||||
- CLOCKSPRESET
|
||||
|
||||
The clock tree configuration preset including CPU and DDR frequency,
|
||||
default is CPU_800_DDR_800.
|
||||
|
||||
- CPU_600_DDR_600 - CPU at 600 MHz, DDR at 600 MHz
|
||||
- CPU_800_DDR_800 - CPU at 800 MHz, DDR at 800 MHz
|
||||
- CPU_1000_DDR_800 - CPU at 1000 MHz, DDR at 800 MHz
|
||||
- CPU_1200_DDR_750 - CPU at 1200 MHz, DDR at 750 MHz
|
||||
|
||||
Look at Armada37x0 chip package marking on board to identify correct CPU frequency.
|
||||
The last line on package marking (next line after the 88F37x0 line) should contain:
|
||||
|
||||
- C080 or I080 - chip with 800 MHz CPU - use ``CLOCKSPRESET=CPU_800_DDR_800``
|
||||
- C100 or I100 - chip with 1000 MHz CPU - use ``CLOCKSPRESET=CPU_1000_DDR_800``
|
||||
- C120 - chip with 1200 MHz CPU - use ``CLOCKSPRESET=CPU_1200_DDR_750``
|
||||
|
||||
- BOOTDEV
|
||||
|
||||
The flash boot device, default is ``SPINOR``.
|
||||
|
||||
Currently, Armada37x0 only supports ``SPINOR``, ``SPINAND``, ``EMMCNORM`` and ``SATA``:
|
||||
|
||||
- SPINOR - SPI NOR flash boot
|
||||
- SPINAND - SPI NAND flash boot
|
||||
- EMMCNORM - eMMC Download Mode
|
||||
|
||||
Download boot loader or program code from eMMC flash into CM3 or CA53
|
||||
Requires full initialization and command sequence
|
||||
|
||||
- SATA - SATA device boot
|
||||
|
||||
Image needs to be stored at disk LBA 0 or at disk partition with
|
||||
MBR type 0x4d (ASCII 'M' as in Marvell) or at disk partition with
|
||||
GPT partition type GUID ``6828311A-BA55-42A4-BCDE-A89BB5EDECAE``.
|
||||
|
||||
- PARTNUM
|
||||
|
||||
The boot partition number, default is 0.
|
||||
|
||||
To boot from eMMC, the value should be aligned with the parameter in
|
||||
U-Boot with name of ``CONFIG_SYS_MMC_ENV_PART``, whose value by default is
|
||||
1. For details about CONFIG_SYS_MMC_ENV_PART, please refer to the U-Boot
|
||||
build instructions.
|
||||
|
||||
- WTMI_IMG
|
||||
|
||||
The path of the binary can point to an image which
|
||||
does nothing, an image which supports EFUSE or a customized CM3 firmware
|
||||
binary. The default image is ``fuse.bin`` that built from sources in WTP
|
||||
folder, which is the next option. If the default image is OK, then this
|
||||
option should be skipped.
|
||||
|
||||
Please note that this is not a full WTMI image, just a main loop without
|
||||
hardware initialization code. Final WTMI image is built from this WTMI_IMG
|
||||
binary and sys-init code from the WTP directory which sets DDR and CPU
|
||||
clocks according to DDR_TOPOLOGY and CLOCKSPRESET options.
|
||||
|
||||
CZ.NIC as part of Turris project released free and open source WTMI
|
||||
application firmware ``wtmi_app.bin`` for all Armada 3720 devices.
|
||||
This firmware includes additional features like access to Hardware
|
||||
Random Number Generator of Armada 3720 SoC which original Marvell's
|
||||
``fuse.bin`` image does not have.
|
||||
|
||||
CZ.NIC's Armada 3720 Secure Firmware is available at website:
|
||||
|
||||
https://gitlab.nic.cz/turris/mox-boot-builder/
|
||||
|
||||
- WTP
|
||||
|
||||
Specify path to the full checkout of Marvell A3700-utils-marvell git
|
||||
repository. Checkout must contain also .git subdirectory because WTP
|
||||
build process calls git commands.
|
||||
|
||||
WTP build process uses also Marvell mv-ddr-marvell git repository
|
||||
specified in MV_DDR_PATH option.
|
||||
|
||||
Do not remove any parts of git checkout becuase build process and other
|
||||
applications need them for correct building and version determination.
|
||||
|
||||
- CRYPTOPP_PATH
|
||||
|
||||
Use this parameter to point to Crypto++ source code
|
||||
directory. If this option is specified then Crypto++ source code in
|
||||
CRYPTOPP_PATH directory will be automatically compiled. Crypto++ library
|
||||
is required for building WTP image tool. Either CRYPTOPP_PATH or
|
||||
CRYPTOPP_LIBDIR with CRYPTOPP_INCDIR needs to be specified for Armada37x0.
|
||||
|
||||
- CRYPTOPP_LIBDIR
|
||||
|
||||
Use this parameter to point to the directory with
|
||||
compiled Crypto++ library. By default it points to the CRYPTOPP_PATH.
|
||||
|
||||
On Debian systems it is possible to install system-wide Crypto++ library
|
||||
via command ``apt install libcrypto++-dev`` and specify CRYPTOPP_LIBDIR
|
||||
to ``/usr/lib/``.
|
||||
|
||||
- CRYPTOPP_INCDIR
|
||||
|
||||
Use this parameter to point to the directory with
|
||||
header files of Crypto++ library. By default it points to the CRYPTOPP_PATH.
|
||||
|
||||
On Debian systems it is possible to install system-wide Crypto++ library
|
||||
via command ``apt install libcrypto++-dev`` and specify CRYPTOPP_INCDIR
|
||||
to ``/usr/include/crypto++/``.
|
||||
|
||||
|
||||
For example, in order to build the image in debug mode with log level up to 'notice' level run
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> make DEBUG=1 USE_COHERENT_MEM=0 LOG_LEVEL=20 PLAT=<MARVELL_PLATFORM> mrvl_flash
|
||||
|
||||
And if we want to build a Armada37x0 image in debug mode with log level up to 'notice' level,
|
||||
the image has the preset CPU at 1000 MHz, preset DDR3 at 800 MHz, the DDR topology of DDR4 2CS,
|
||||
the image boot from SPI NOR flash partition 0, and the image is non trusted in WTP, the command
|
||||
line is as following
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> make DEBUG=1 USE_COHERENT_MEM=0 LOG_LEVEL=20 CLOCKSPRESET=CPU_1000_DDR_800 \
|
||||
MARVELL_SECURE_BOOT=0 DDR_TOPOLOGY=3 BOOTDEV=SPINOR PARTNUM=0 PLAT=a3700 \
|
||||
MV_DDR_PATH=/path/to/mv-ddr-marvell/ WTP=/path/to/A3700-utils-marvell/ \
|
||||
CRYPTOPP_PATH=/path/to/cryptopp/ BL33=/path/to/u-boot.bin \
|
||||
all fip mrvl_bootimage mrvl_flash mrvl_uart
|
||||
|
||||
To build just TF-A without WTMI image (useful for A3720 Turris MOX board), run following command:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> make USE_COHERENT_MEM=0 PLAT=a3700 CM3_SYSTEM_RESET=1 BL33=/path/to/u-boot.bin \
|
||||
CROSS_COMPILE=aarch64-linux-gnu- mrvl_bootimage
|
||||
|
||||
Here is full example how to build production release of Marvell firmware image (concatenated
|
||||
binary of Marvell's A3720 sys-init, CZ.NIC's Armada 3720 Secure Firmware, TF-A and U-Boot) for
|
||||
EspressoBin board (PLAT=a3700) with 1GHz CPU (CLOCKSPRESET=CPU_1000_DDR_800) and
|
||||
1GB DDR4 RAM (DDR_TOPOLOGY=5):
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git
|
||||
> git clone https://source.denx.de/u-boot/u-boot.git
|
||||
> git clone https://github.com/weidai11/cryptopp.git
|
||||
> git clone https://github.com/MarvellEmbeddedProcessors/mv-ddr-marvell.git
|
||||
> git clone https://github.com/MarvellEmbeddedProcessors/A3700-utils-marvell.git
|
||||
> git clone https://gitlab.nic.cz/turris/mox-boot-builder.git
|
||||
> make -C u-boot CROSS_COMPILE=aarch64-linux-gnu- mvebu_espressobin-88f3720_defconfig u-boot.bin
|
||||
> make -C mox-boot-builder CROSS_CM3=arm-linux-gnueabi- wtmi_app.bin
|
||||
> make -C trusted-firmware-a CROSS_COMPILE=aarch64-linux-gnu- CROSS_CM3=arm-linux-gnueabi- \
|
||||
USE_COHERENT_MEM=0 PLAT=a3700 CLOCKSPRESET=CPU_1000_DDR_800 DDR_TOPOLOGY=5 \
|
||||
MV_DDR_PATH=$PWD/mv-ddr-marvell/ WTP=$PWD/A3700-utils-marvell/ \
|
||||
CRYPTOPP_PATH=$PWD/cryptopp/ BL33=$PWD/u-boot/u-boot.bin \
|
||||
WTMI_IMG=$PWD/mox-boot-builder/wtmi_app.bin FIP_ALIGN=0x100 mrvl_flash
|
||||
|
||||
Produced Marvell firmware flash image: ``trusted-firmware-a/build/a3700/release/flash-image.bin``
|
||||
|
||||
Special Build Flags
|
||||
--------------------
|
||||
|
||||
- PLAT_RECOVERY_IMAGE_ENABLE
|
||||
When set this option to enable secondary recovery function when build atf.
|
||||
In order to build UART recovery image this operation should be disabled for
|
||||
A7K/8K/CN913x because of hardware limitation (boot from secondary image
|
||||
can interrupt UART recovery process). This MACRO definition is set in
|
||||
``plat/marvell/armada/a8k/common/include/platform_def.h`` file.
|
||||
|
||||
- DDR32
|
||||
In order to work in 32bit DDR, instead of the default 64bit ECC DDR,
|
||||
this flag should be set to 1.
|
||||
|
||||
For more information about build options, please refer to the
|
||||
:ref:`Build Options` document.
|
||||
|
||||
|
||||
Build output
|
||||
------------
|
||||
Marvell's TF-A compilation generates 8 files:
|
||||
|
||||
- ble.bin - BLe image (not available for Armada37x0)
|
||||
- bl1.bin - BL1 image
|
||||
- bl2.bin - BL2 image
|
||||
- bl31.bin - BL31 image
|
||||
- fip.bin - FIP image (contains BL2, BL31 & BL33 (U-Boot) images)
|
||||
- boot-image.bin - TF-A image (contains BL1 and FIP images)
|
||||
- flash-image.bin - Flashable Marvell firmware image. For Armada37x0 it
|
||||
contains TIM, WTMI and boot-image.bin images. For other platforms it contains
|
||||
BLe and boot-image.bin images. Should be placed on the boot flash/device.
|
||||
- uart-images.tgz.bin - GZIPed TAR archive which contains Armada37x0 images
|
||||
for booting via UART. Could be loaded via Marvell's WtpDownload tool from
|
||||
A3700-utils-marvell repository.
|
||||
|
||||
Additional make target ``mrvl_bootimage`` produce ``boot-image.bin`` file. Target
|
||||
``mrvl_flash`` produce final ``flash-image.bin`` file and target ``mrvl_uart``
|
||||
produce ``uart-images.tgz.bin`` file.
|
||||
|
||||
|
||||
Tools and external components installation
|
||||
------------------------------------------
|
||||
|
||||
Armada37x0 Builds require installation of additional components
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
(1) ARM cross compiler capable of building images for the service CPU (CM3).
|
||||
This component is usually included in the Linux host packages.
|
||||
On Debian/Ubuntu hosts the default GNU ARM tool chain can be installed
|
||||
using the following command
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> sudo apt-get install gcc-arm-linux-gnueabi
|
||||
|
||||
Only if required, the default tool chain prefix ``arm-linux-gnueabi-`` can be
|
||||
overwritten using the environment variable ``CROSS_CM3``.
|
||||
Example for BASH shell
|
||||
|
||||
.. code:: shell
|
||||
|
||||
> export CROSS_CM3=/opt/arm-cross/bin/arm-linux-gnueabi
|
||||
|
||||
(2) DDR initialization library sources (mv_ddr) available at the following repository
|
||||
(use the "master" branch):
|
||||
|
||||
https://github.com/MarvellEmbeddedProcessors/mv-ddr-marvell.git
|
||||
|
||||
(3) Armada3700 tools available at the following repository
|
||||
(use the "master" branch):
|
||||
|
||||
https://github.com/MarvellEmbeddedProcessors/A3700-utils-marvell.git
|
||||
|
||||
(4) Crypto++ library available at the following repository:
|
||||
|
||||
https://github.com/weidai11/cryptopp.git
|
||||
|
||||
(5) Optional CZ.NIC's Armada 3720 Secure Firmware:
|
||||
|
||||
https://gitlab.nic.cz/turris/mox-boot-builder.git
|
||||
|
||||
Armada70x0, Armada80x0 and CN913x Builds require installation of additional components
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
(1) DDR initialization library sources (mv_ddr) available at the following repository
|
||||
(use the "master" branch):
|
||||
|
||||
https://github.com/MarvellEmbeddedProcessors/mv-ddr-marvell.git
|
||||
|
||||
(2) MSS Management SubSystem Firmware available at the following repository
|
||||
(use the "binaries-marvell-armada-SDK10.0.1.0" branch):
|
||||
|
||||
https://github.com/MarvellEmbeddedProcessors/binaries-marvell.git
|
||||
@@ -0,0 +1,49 @@
|
||||
Address decoding flow and address translation units of Marvell Armada 8K SoC family
|
||||
===================================================================================
|
||||
|
||||
::
|
||||
|
||||
+--------------------------------------------------------------------------------------------------+
|
||||
| +-------------+ +--------------+ |
|
||||
| | Memory +----- DRAM CS | |
|
||||
|+------------+ +-----------+ +-----------+ | Controller | +--------------+ |
|
||||
|| AP DMA | | | | | +-------------+ |
|
||||
|| SD/eMMC | | CA72 CPUs | | AP MSS | +-------------+ |
|
||||
|| MCI-0/1 | | | | | | Memory | |
|
||||
|+------+-----+ +--+--------+ +--------+--+ +------------+ | Controller | +-------------+ |
|
||||
| | | | | +----- Translaton | |AP | |
|
||||
| | | | | | +-------------+ |Configuration| |
|
||||
| | | +-----+ +-------------------------Space | |
|
||||
| | | +-------------+ | CCU | +-------------+ |
|
||||
| | | | MMU +---------+ Windows | +-----------+ +-------------+ |
|
||||
| | +-| translation | | Lookup +---- +--------- AP SPI | |
|
||||
| | +-------------+ | | | | +-------------+ |
|
||||
| | +-------------+ | | | IO | +-------------+ |
|
||||
| +------------| SMMU +---------+ | | Windows +--------- AP MCI0/1 | |
|
||||
| | translation | +------------+ | Lookup | +-------------+ |
|
||||
| +---------+---+ | | +-------------+ |
|
||||
| - | | +--------- AP STM | |
|
||||
| +----------------- | | +-------------+ |
|
||||
| AP | | +-+---------+ |
|
||||
+---------------------------------------------------------------|----------------------------------+
|
||||
+-------------|-------------------------------------------------|----------------------------------+
|
||||
| CP | +-------------+ +------+-----+ +-------------------+ |
|
||||
| | | | | +------- SB CFG Space | |
|
||||
| | | DIOB | | | +-------------------+ |
|
||||
| | | Windows ----------------- IOB | +-------------------+ |
|
||||
| | | Control | | Windows +------| SB PCIe-0 - PCIe2 | |
|
||||
| | | | | Lookup | +-------------------+ |
|
||||
| | +------+------+ | | +-------------------+ |
|
||||
| | | | +------+ SB NAND | |
|
||||
| | | +------+-----+ +-------------------+ |
|
||||
| | | | |
|
||||
| | | | |
|
||||
| +------------------+ +------------+ +------+-----+ +-------------------+ |
|
||||
| | Network Engine | | | | +------- SB SPI-0/SPI-1 | |
|
||||
| | Security Engine | | PCIe, MSS | | RUNIT | +-------------------+ |
|
||||
| | SATA, USB | | DMA | | Windows | +-------------------+ |
|
||||
| | SD/eMMC | | | | Lookup +------- SB Device Bus | |
|
||||
| | TDM, I2C | | | | | +-------------------+ |
|
||||
| +------------------+ +------------+ +------------+ |
|
||||
| |
|
||||
+--------------------------------------------------------------------------------------------------+
|
||||
@@ -0,0 +1,58 @@
|
||||
AMB - AXI MBUS address decoding
|
||||
===============================
|
||||
|
||||
AXI to M-bridge decoding unit driver for Marvell Armada 8K and 8K+ SoCs.
|
||||
|
||||
The Runit offers a second level of address windows lookup. It is used to map
|
||||
transaction towards the CD BootROM, SPI0, SPI1 and Device bus (NOR).
|
||||
|
||||
The Runit contains eight configurable windows. Each window defines a contiguous,
|
||||
address space and the properties associated with that address space.
|
||||
|
||||
::
|
||||
|
||||
Unit Bank ATTR
|
||||
Device-Bus DEV_BOOT_CS 0x2F
|
||||
DEV_CS0 0x3E
|
||||
DEV_CS1 0x3D
|
||||
DEV_CS2 0x3B
|
||||
DEV_CS3 0x37
|
||||
SPI-0 SPI_A_CS0 0x1E
|
||||
SPI_A_CS1 0x5E
|
||||
SPI_A_CS2 0x9E
|
||||
SPI_A_CS3 0xDE
|
||||
SPI_A_CS4 0x1F
|
||||
SPI_A_CS5 0x5F
|
||||
SPI_A_CS6 0x9F
|
||||
SPI_A_CS7 0xDF
|
||||
SPI SPI_B_CS0 0x1A
|
||||
SPI_B_CS1 0x5A
|
||||
SPI_B_CS2 0x9A
|
||||
SPI_B_CS3 0xDA
|
||||
BOOT_ROM BOOT_ROM 0x1D
|
||||
UART UART 0x01
|
||||
|
||||
Mandatory functions
|
||||
-------------------
|
||||
|
||||
- marvell_get_amb_memory_map
|
||||
Returns the AMB windows configuration and the number of windows
|
||||
|
||||
Mandatory structures
|
||||
--------------------
|
||||
|
||||
- amb_memory_map
|
||||
Array that include the configuration of the windows. Every window/entry is a
|
||||
struct which has 2 parameters:
|
||||
|
||||
- Base address of the window
|
||||
- Attribute of the window
|
||||
|
||||
Examples
|
||||
--------
|
||||
|
||||
.. code:: c
|
||||
|
||||
struct addr_map_win amb_memory_map[] = {
|
||||
{0xf900, AMB_DEV_CS0_ID},
|
||||
};
|
||||
@@ -0,0 +1,33 @@
|
||||
Marvell CCU address decoding bindings
|
||||
=====================================
|
||||
|
||||
CCU configuration driver (1st stage address translation) for Marvell Armada 8K and 8K+ SoCs.
|
||||
|
||||
The CCU node includes a description of the address decoding configuration.
|
||||
|
||||
Mandatory functions
|
||||
-------------------
|
||||
|
||||
- marvell_get_ccu_memory_map
|
||||
Return the CCU windows configuration and the number of windows of the
|
||||
specific AP.
|
||||
|
||||
Mandatory structures
|
||||
--------------------
|
||||
|
||||
- ccu_memory_map
|
||||
Array that includes the configuration of the windows. Every window/entry is
|
||||
a struct which has 3 parameters:
|
||||
|
||||
- Base address of the window
|
||||
- Size of the window
|
||||
- Target-ID of the window
|
||||
|
||||
Example
|
||||
-------
|
||||
|
||||
.. code:: c
|
||||
|
||||
struct addr_map_win ccu_memory_map[] = {
|
||||
{0x00000000f2000000, 0x00000000e000000, IO_0_TID}, /* IO window */
|
||||
};
|
||||
@@ -0,0 +1,46 @@
|
||||
Marvell IO WIN address decoding bindings
|
||||
========================================
|
||||
|
||||
IO Window configuration driver (2nd stage address translation) for Marvell Armada 8K and 8K+ SoCs.
|
||||
|
||||
The IO WIN includes a description of the address decoding configuration.
|
||||
|
||||
Transactions that are decoded by CCU windows as IO peripheral, have an additional
|
||||
layer of decoding. This additional address decoding layer defines one of the
|
||||
following targets:
|
||||
|
||||
- **0x0** = BootRom
|
||||
- **0x1** = STM (Serial Trace Macro-cell, a programmer's port into trace stream)
|
||||
- **0x2** = SPI direct access
|
||||
- **0x3** = PCIe registers
|
||||
- **0x4** = MCI Port
|
||||
- **0x5** = PCIe port
|
||||
|
||||
Mandatory functions
|
||||
-------------------
|
||||
|
||||
- marvell_get_io_win_memory_map
|
||||
Returns the IO windows configuration and the number of windows of the
|
||||
specific AP.
|
||||
|
||||
Mandatory structures
|
||||
--------------------
|
||||
|
||||
- io_win_memory_map
|
||||
Array that include the configuration of the windows. Every window/entry is
|
||||
a struct which has 3 parameters:
|
||||
|
||||
- Base address of the window
|
||||
- Size of the window
|
||||
- Target-ID of the window
|
||||
|
||||
Example
|
||||
-------
|
||||
|
||||
.. code:: c
|
||||
|
||||
struct addr_map_win io_win_memory_map[] = {
|
||||
{0x00000000fe000000, 0x000000001f00000, PCIE_PORT_TID}, /* PCIe window 31Mb for PCIe port*/
|
||||
{0x00000000ffe00000, 0x000000000100000, PCIE_REGS_TID}, /* PCI-REG window 64Kb for PCIe-reg*/
|
||||
{0x00000000f6000000, 0x000000000100000, MCIPHY_TID}, /* MCI window 1Mb for PHY-reg*/
|
||||
};
|
||||
@@ -0,0 +1,52 @@
|
||||
Marvell IOB address decoding bindings
|
||||
=====================================
|
||||
|
||||
IO bridge configuration driver (3rd stage address translation) for Marvell Armada 8K and 8K+ SoCs.
|
||||
|
||||
The IOB includes a description of the address decoding configuration.
|
||||
|
||||
IOB supports up to n (in CP110 n=24) windows for external memory transaction.
|
||||
When a transaction passes through the IOB, its address is compared to each of
|
||||
the enabled windows. If there is a hit and it passes the security checks, it is
|
||||
advanced to the target port.
|
||||
|
||||
Mandatory functions
|
||||
-------------------
|
||||
|
||||
- marvell_get_iob_memory_map
|
||||
Returns the IOB windows configuration and the number of windows
|
||||
|
||||
Mandatory structures
|
||||
--------------------
|
||||
|
||||
- iob_memory_map
|
||||
Array that includes the configuration of the windows. Every window/entry is
|
||||
a struct which has 3 parameters:
|
||||
|
||||
- Base address of the window
|
||||
- Size of the window
|
||||
- Target-ID of the window
|
||||
|
||||
Target ID options
|
||||
-----------------
|
||||
|
||||
- **0x0** = Internal configuration space
|
||||
- **0x1** = MCI0
|
||||
- **0x2** = PEX1_X1
|
||||
- **0x3** = PEX2_X1
|
||||
- **0x4** = PEX0_X4
|
||||
- **0x5** = NAND flash
|
||||
- **0x6** = RUNIT (NOR/SPI/BootRoom)
|
||||
- **0x7** = MCI1
|
||||
|
||||
Example
|
||||
-------
|
||||
|
||||
.. code:: c
|
||||
|
||||
struct addr_map_win iob_memory_map[] = {
|
||||
{0x00000000f7000000, 0x0000000001000000, PEX1_TID}, /* PEX1_X1 window */
|
||||
{0x00000000f8000000, 0x0000000001000000, PEX2_TID}, /* PEX2_X1 window */
|
||||
{0x00000000f6000000, 0x0000000001000000, PEX0_TID}, /* PEX0_X4 window */
|
||||
{0x00000000f9000000, 0x0000000001000000, NAND_TID} /* NAND window */
|
||||
};
|
||||
158
arm-trusted-firmware/docs/plat/marvell/armada/porting.rst
Normal file
158
arm-trusted-firmware/docs/plat/marvell/armada/porting.rst
Normal file
@@ -0,0 +1,158 @@
|
||||
TF-A Porting Guide for Marvell Platforms
|
||||
========================================
|
||||
|
||||
This section describes how to port TF-A to a customer board, assuming that the
|
||||
SoC being used is already supported in TF-A.
|
||||
|
||||
|
||||
Source Code Structure
|
||||
---------------------
|
||||
|
||||
- The customer platform specific code shall reside under ``plat/marvell/armada/<soc family>/<soc>_cust``
|
||||
(e.g. 'plat/marvell/armada/a8k/a7040_cust').
|
||||
- The platform name for build purposes is called ``<soc>_cust`` (e.g. ``a7040_cust``).
|
||||
- The build system will reuse all files from within the soc directory, and take only the porting
|
||||
files from the customer platform directory.
|
||||
|
||||
Files that require porting are located at ``plat/marvell/armada/<soc family>/<soc>_cust`` directory.
|
||||
|
||||
|
||||
Armada-70x0/Armada-80x0 Porting
|
||||
-------------------------------
|
||||
|
||||
SoC Physical Address Map (marvell_plat_config.c)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This file describes the SoC physical memory mapping to be used for the CCU,
|
||||
IOWIN, AXI-MBUS and IOB address decode units (Refer to the functional spec for
|
||||
more details).
|
||||
|
||||
In most cases, using the default address decode windows should work OK.
|
||||
|
||||
In cases where a special physical address map is needed (e.g. Special size for
|
||||
PCIe MEM windows, large memory mapped SPI flash...), then porting of the SoC
|
||||
memory map is required.
|
||||
|
||||
.. note::
|
||||
For a detailed information on how CCU, IOWIN, AXI-MBUS & IOB work, please
|
||||
refer to the SoC functional spec, and under
|
||||
``docs/plat/marvell/armada/misc/mvebu-[ccu/iob/amb/io-win].rst`` files.
|
||||
|
||||
boot loader recovery (marvell_plat_config.c)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Background:
|
||||
|
||||
Boot rom can skip the current image and choose to boot from next position if a
|
||||
specific value (``0xDEADB002``) is returned by the ble main function. This
|
||||
feature is used for boot loader recovery by booting from a valid flash-image
|
||||
saved in next position on flash (e.g. address 2M in SPI flash).
|
||||
|
||||
Supported options to implement the skip request are:
|
||||
- GPIO
|
||||
- I2C
|
||||
- User defined
|
||||
|
||||
- Porting:
|
||||
|
||||
Under marvell_plat_config.c, implement struct skip_image that includes
|
||||
specific board parameters.
|
||||
|
||||
.. warning::
|
||||
To disable this feature make sure the struct skip_image is not implemented.
|
||||
|
||||
- Example:
|
||||
|
||||
In A7040-DB specific implementation
|
||||
(``plat/marvell/armada/a8k/a70x0/board/marvell_plat_config.c``), the image skip is
|
||||
implemented using GPIO: mpp 33 (SW5).
|
||||
|
||||
Before resetting the board make sure there is a valid image on the next flash
|
||||
address:
|
||||
|
||||
-tftp [valid address] flash-image.bin
|
||||
-sf update [valid address] 0x2000000 [size]
|
||||
|
||||
Press reset and keep pressing the button connected to the chosen GPIO pin. A
|
||||
skip image request message is printed on the screen and boot rom boots from the
|
||||
saved image at the next position.
|
||||
|
||||
DDR Porting (dram_port.c)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This file defines the dram topology and parameters of the target board.
|
||||
|
||||
The DDR code is part of the BLE component, which is an extension of ARM Trusted
|
||||
Firmware (TF-A).
|
||||
|
||||
The DDR driver called mv_ddr is released separately apart from TF-A sources.
|
||||
|
||||
The BLE and consequently, the DDR init code is executed at the early stage of
|
||||
the boot process.
|
||||
|
||||
Each supported platform of the TF-A has its own DDR porting file called
|
||||
dram_port.c located at ``atf/plat/marvell/armada/a8k/<platform>/board`` directory.
|
||||
|
||||
Please refer to '<path_to_mv_ddr_sources>/doc/porting_guide.txt' for detailed
|
||||
porting description.
|
||||
|
||||
The build target directory is "build/<platform>/release/ble".
|
||||
|
||||
Comphy Porting (phy-porting-layer.h or phy-default-porting-layer.h)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
- Background:
|
||||
Some of the comphy's parameters value depend on the HW connection between
|
||||
the SoC and the PHY. Every board type has specific HW characteristics like
|
||||
wire length. Due to those differences some comphy parameters vary between
|
||||
board types. Therefore each board type can have its own list of values for
|
||||
all relevant comphy parameters. The PHY porting layer specifies which
|
||||
parameters need to be suited and the board designer should provide relevant
|
||||
values.
|
||||
|
||||
The PHY porting layer simplifies updating static values per board type,
|
||||
which are now grouped in one place.
|
||||
|
||||
.. note::
|
||||
The parameters for the same type of comphy may vary even for the same
|
||||
board type, it is because the lanes from comphy-x to some PHY may have
|
||||
different HW characteristic than lanes from comphy-y to the same
|
||||
(multiplexed) or other PHY.
|
||||
|
||||
- Porting:
|
||||
The porting layer for PHY was introduced in TF-A. There is one file
|
||||
``drivers/marvell/comphy/phy-default-porting-layer.h`` which contains the
|
||||
defaults. Those default parameters are used only if there is no appropriate
|
||||
phy-porting-layer.h file under: ``plat/marvell/armada/<soc
|
||||
family>/<platform>/board/phy-porting-layer.h``. If the phy-porting-layer.h
|
||||
exists, the phy-default-porting-layer.h is not going to be included.
|
||||
|
||||
.. warning::
|
||||
Not all comphy types are already reworked to support the PHY porting
|
||||
layer, currently the porting layer is supported for XFI/SFI and SATA
|
||||
comphy types.
|
||||
|
||||
The easiest way to prepare the PHY porting layer for custom board is to copy
|
||||
existing example to a new platform:
|
||||
|
||||
- cp ``plat/marvell/armada/a8k/a80x0/board/phy-porting-layer.h`` "plat/marvell/armada/<soc family>/<platform>/board/phy-porting-layer.h"
|
||||
- adjust relevant parameters or
|
||||
- if different comphy index is used for specific feature, move it to proper table entry and then adjust.
|
||||
|
||||
.. note::
|
||||
The final table size with comphy parameters can be different, depending
|
||||
on the CP module count for given SoC type.
|
||||
|
||||
- Example:
|
||||
Example porting layer for armada-8040-db is under:
|
||||
``plat/marvell/armada/a8k/a80x0/board/phy-porting-layer.h``
|
||||
|
||||
.. note::
|
||||
If there is no PHY porting layer for new platform (missing
|
||||
phy-porting-layer.h), the default values are used
|
||||
(drivers/marvell/comphy/phy-default-porting-layer.h) and the user is
|
||||
warned:
|
||||
|
||||
.. warning::
|
||||
"Using default comphy parameters - it may be required to suit them for
|
||||
your board".
|
||||
14
arm-trusted-firmware/docs/plat/marvell/index.rst
Normal file
14
arm-trusted-firmware/docs/plat/marvell/index.rst
Normal file
@@ -0,0 +1,14 @@
|
||||
Marvell
|
||||
=======
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
:caption: Contents
|
||||
|
||||
armada/build
|
||||
armada/porting
|
||||
armada/misc/mvebu-a8k-addr-map
|
||||
armada/misc/mvebu-amb
|
||||
armada/misc/mvebu-ccu
|
||||
armada/misc/mvebu-io-win
|
||||
armada/misc/mvebu-iob
|
||||
27
arm-trusted-firmware/docs/plat/meson-axg.rst
Normal file
27
arm-trusted-firmware/docs/plat/meson-axg.rst
Normal file
@@ -0,0 +1,27 @@
|
||||
Amlogic Meson A113D (AXG)
|
||||
===========================
|
||||
|
||||
The Amlogic Meson A113D is a SoC with a quad core Arm Cortex-A53 running at
|
||||
~1.2GHz. It also contains a Cortex-M3 used as SCP.
|
||||
|
||||
This port is a minimal implementation of BL31 capable of booting mainline U-Boot
|
||||
and Linux:
|
||||
|
||||
- SCPI support.
|
||||
- Basic PSCI support (CPU_ON, CPU_OFF, SYSTEM_RESET, SYSTEM_OFF). Note that CPU0
|
||||
can't be turned off, so there is a workaround to hide this from the caller.
|
||||
- GICv2 driver set up.
|
||||
- Basic SIP services (read efuse data, enable/disable JTAG).
|
||||
|
||||
In order to build it:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-none-elf- make DEBUG=1 PLAT=axg [SPD=opteed]
|
||||
[AML_USE_ATOS=1 when using ATOS as BL32]
|
||||
|
||||
This port has been tested on a A113D board. After building it, follow the
|
||||
instructions in the `U-Boot repository`_, replacing the mentioned **bl31.img**
|
||||
by the one built from this port.
|
||||
|
||||
.. _U-Boot repository: https://github.com/u-boot/u-boot/blob/master/doc/board/amlogic/s400.rst
|
||||
27
arm-trusted-firmware/docs/plat/meson-g12a.rst
Normal file
27
arm-trusted-firmware/docs/plat/meson-g12a.rst
Normal file
@@ -0,0 +1,27 @@
|
||||
Amlogic Meson S905X2 (G12A)
|
||||
===========================
|
||||
|
||||
The Amlogic Meson S905X2 is a SoC with a quad core Arm Cortex-A53 running at
|
||||
~1.8GHz. It also contains a Cortex-M3 used as SCP.
|
||||
|
||||
This port is a minimal implementation of BL31 capable of booting mainline U-Boot
|
||||
and Linux:
|
||||
|
||||
- SCPI support.
|
||||
- Basic PSCI support (CPU_ON, CPU_OFF, SYSTEM_RESET, SYSTEM_OFF). Note that CPU0
|
||||
can't be turned off, so there is a workaround to hide this from the caller.
|
||||
- GICv2 driver set up.
|
||||
- Basic SIP services (read efuse data, enable/disable JTAG).
|
||||
|
||||
In order to build it:
|
||||
|
||||
.. code:: shell
|
||||
|
||||
CROSS_COMPILE=aarch64-linux-gnu- make DEBUG=1 PLAT=g12a
|
||||
|
||||
This port has been tested on a SEI510 board. After building it, follow the
|
||||
instructions in the `gxlimg repository`_ or `U-Boot repository`_, replacing the
|
||||
mentioned **bl31.img** by the one built from this port.
|
||||
|
||||
.. _gxlimg repository: https://github.com/repk/gxlimg/blob/master/README.g12a
|
||||
.. _U-Boot repository: https://github.com/u-boot/u-boot/blob/master/doc/board/amlogic/sei510.rst
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user