Merge pull request #1240 from dp-arm/dp/smccc
Implement support for SMCCC v1.1 and optimize security mitigations for CVE-2017-5715 on AArch64
diff --git a/Makefile b/Makefile
index c16cad7..aa71ee3 100644
--- a/Makefile
+++ b/Makefile
@@ -127,6 +127,12 @@
PP := ${CROSS_COMPILE}gcc -E
DTC ?= dtc
+# Use ${LD}.bfd instead if it exists (as absolute path or together with $PATH).
+ifneq ($(strip $(wildcard ${LD}.bfd) \
+ $(foreach dir,$(subst :, ,${PATH}),$(wildcard ${dir}/${LD}.bfd))),)
+LD := ${LD}.bfd
+endif
+
ifeq (${ARM_ARCH_MAJOR},7)
target32-directive = -target arm-none-eabi
# Will set march32-directive from platform configuration
@@ -163,7 +169,7 @@
GCC_V_OUTPUT := $(shell $(CC) -v 2>&1)
PIE_FOUND := $(findstring --enable-default-pie,${GCC_V_OUTPUT})
-ifeq ($(PIE_FOUND),1)
+ifneq ($(PIE_FOUND),)
TF_CFLAGS += -fno-PIE
endif
diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst
index 1f8fcc8..c383c5d 100644
--- a/docs/firmware-design.rst
+++ b/docs/firmware-design.rst
@@ -2574,9 +2574,9 @@
``ARM_ARCH_MINOR`` >= 2.
- The Common not Private (CnP) bit is enabled to indicate that multiple
- Page Entries in the same Inner Shareable domain use the same translation
- table entries for a given stage of translation for a particular translation
- regime.
+ Processing Elements in the same Inner Shareable domain use the same
+ translation table entries for a given stage of translation for a particular
+ translation regime.
ARMv7
~~~~~
diff --git a/docs/plat/hikey.rst b/docs/plat/hikey.rst
index 1c48104..99259f3 100644
--- a/docs/plat/hikey.rst
+++ b/docs/plat/hikey.rst
@@ -65,7 +65,7 @@
BUILDFLAGS=-DSERIAL_BASE=0xF8015000
- If your hikey hardware is built by LeMarker, nothing to do.
+ If your hikey hardware is built by LeMaker, nothing to do.
- Build it as debug mode. Create your own build script file or you could refer to **build\_uefi.sh** in l-loader git repository.
diff --git a/drivers/arm/gic/v3/arm_gicv3_common.c b/drivers/arm/gic/v3/arm_gicv3_common.c
index 8d552ca..c809732 100644
--- a/drivers/arm/gic/v3/arm_gicv3_common.c
+++ b/drivers/arm/gic/v3/arm_gicv3_common.c
@@ -84,6 +84,15 @@
assert(gicr_base);
/*
+ * If the GIC had power removed, the GICR_WAKER state will be reset.
+ * Since the GICR_WAKER.Sleep and GICR_WAKER.Quiescent bits are cleared,
+ * we can exit early. This also prevents the following assert from
+ * erroneously triggering.
+ */
+ if (!(gicr_read_waker(gicr_base) & WAKER_SL_BIT))
+ return;
+
+ /*
* Writes to GICR_WAKER.Sleep bit are ignored if GICR_WAKER.Quiescent
* bit is not set. We should be alright on power on path, therefore
* coming out of sleep and Quiescent should be set, but we assert in
diff --git a/drivers/delay_timer/delay_timer.c b/drivers/delay_timer/delay_timer.c
index 43f5af7..c9f84d7 100644
--- a/drivers/delay_timer/delay_timer.c
+++ b/drivers/delay_timer/delay_timer.c
@@ -7,6 +7,7 @@
#include <assert.h>
#include <delay_timer.h>
#include <platform_def.h>
+#include <utils_def.h>
/***********************************************************
* The delay timer implementation
@@ -30,7 +31,8 @@
start = ops->get_timer_value();
- total_delta = (usec * ops->clk_div) / ops->clk_mult;
+ /* Add an extra tick to avoid delaying less than requested. */
+ total_delta = div_round_up(usec * ops->clk_div, ops->clk_mult) + 1;
do {
/*
diff --git a/include/lib/utils_def.h b/include/lib/utils_def.h
index bda3b07..ecb261a 100644
--- a/include/lib/utils_def.h
+++ b/include/lib/utils_def.h
@@ -24,6 +24,11 @@
*/
#define DIV_ROUND_UP_2EVAL(n, d) (((n) + (d) - 1) / (d))
+#define div_round_up(val, div) __extension__ ({ \
+ __typeof__(div) _div = (div); \
+ ((val) + _div - 1) / _div; \
+})
+
#define MIN(x, y) __extension__ ({ \
__typeof__(x) _x = (x); \
__typeof__(y) _y = (y); \
@@ -55,11 +60,6 @@
#define round_down(value, boundary) \
((value) & ~round_boundary(value, boundary))
-#define div_round_up(val, div) __extension__ ({ \
- __typeof__(div) _div = (div); \
- round_up((val), _div)/_div; \
-})
-
/*
* Evaluates to 1 if (ptr + inc) overflows, 0 otherwise.
* Both arguments must be unsigned pointer values (i.e. uintptr_t).
diff --git a/plat/arm/board/fvp/fvp_common.c b/plat/arm/board/fvp/fvp_common.c
index 6729863..600af61 100644
--- a/plat/arm/board/fvp/fvp_common.c
+++ b/plat/arm/board/fvp/fvp_common.c
@@ -7,6 +7,7 @@
#include <arm_config.h>
#include <arm_def.h>
#include <arm_spm_def.h>
+#include <arm_xlat_tables.h>
#include <assert.h>
#include <cci.h>
#include <ccn.h>
@@ -128,6 +129,9 @@
#if ENABLE_SPM && defined(IMAGE_BL31)
const mmap_region_t plat_arm_secure_partition_mmap[] = {
V2M_MAP_IOFPGA_EL0, /* for the UART */
+ MAP_REGION_FLAT(DEVICE0_BASE, \
+ DEVICE0_SIZE, \
+ MT_DEVICE | MT_RO | MT_SECURE | MT_USER),
ARM_SP_IMAGE_MMAP,
ARM_SP_IMAGE_NS_BUF_MMAP,
ARM_SP_IMAGE_RW_MMAP,
diff --git a/plat/rockchip/common/plat_pm.c b/plat/rockchip/common/plat_pm.c
index cd88f60..352dbc8 100644
--- a/plat/rockchip/common/plat_pm.c
+++ b/plat/rockchip/common/plat_pm.c
@@ -246,14 +246,14 @@
if (RK_CORE_PWR_STATE(target_state) != PLAT_MAX_OFF_STATE)
return;
+ /* Prevent interrupts from spuriously waking up this cpu */
+ plat_rockchip_gic_cpuif_disable();
+
if (RK_SYSTEM_PWR_STATE(target_state) == PLAT_MAX_OFF_STATE)
rockchip_soc_sys_pwr_dm_suspend();
else
rockchip_soc_cores_pwr_dm_suspend();
- /* Prevent interrupts from spuriously waking up this cpu */
- plat_rockchip_gic_cpuif_disable();
-
/* Perform the common cluster specific operations */
if (RK_CLUSTER_PWR_STATE(target_state) == PLAT_MAX_OFF_STATE)
plat_cci_disable();
diff --git a/plat/rockchip/rk3399/drivers/pmu/pmu.c b/plat/rockchip/rk3399/drivers/pmu/pmu.c
index c666c3c..51101a4 100644
--- a/plat/rockchip/rk3399/drivers/pmu/pmu.c
+++ b/plat/rockchip/rk3399/drivers/pmu/pmu.c
@@ -12,6 +12,7 @@
#include <delay_timer.h>
#include <dfs.h>
#include <errno.h>
+#include <gicv3.h>
#include <gpio.h>
#include <m0_ctl.h>
#include <mmio.h>
@@ -45,6 +46,8 @@
static uint32_t store_grf_ddrc_con[4];
static uint32_t store_wdt0[2];
static uint32_t store_wdt1[2];
+static gicv3_dist_ctx_t dist_ctx;
+static gicv3_redist_ctx_t rdist_ctx;
/*
* There are two ways to powering on or off on core.
@@ -79,9 +82,12 @@
do {
bus_state = mmio_read_32(PMU_BASE + PMU_BUS_IDLE_ST) & bus_id;
bus_ack = mmio_read_32(PMU_BASE + PMU_BUS_IDLE_ACK) & bus_id;
+ if (bus_state == bus_req && bus_ack == bus_req)
+ break;
+
wait_cnt++;
- } while ((bus_state != bus_req || bus_ack != bus_req) &&
- (wait_cnt < MAX_WAIT_COUNT));
+ udelay(1);
+ } while (wait_cnt < MAX_WAIT_COUNT);
if (bus_state != bus_req || bus_ack != bus_req) {
INFO("%s:st=%x(%x)\n", __func__,
@@ -95,7 +101,7 @@
struct pmu_slpdata_s pmu_slpdata;
-static void qos_save(void)
+static void qos_restore(void)
{
if (pmu_power_domain_st(PD_GPU) == pmu_pd_on)
RESTORE_QOS(pmu_slpdata.gpu_qos, GPU);
@@ -161,7 +167,7 @@
}
}
-static void qos_restore(void)
+static void qos_save(void)
{
if (pmu_power_domain_st(PD_GPU) == pmu_pd_on)
SAVE_QOS(pmu_slpdata.gpu_qos, GPU);
@@ -430,6 +436,7 @@
while (!(mmio_read_32(PMU_BASE + PMU_CORE_PWR_ST) &
BIT(STANDBY_BY_WFIL2_CLUSTER_B))) {
wait_cnt++;
+ udelay(1);
if (wait_cnt >= MAX_WAIT_COUNT)
ERROR("%s:wait cluster-b l2(%x)\n", __func__,
mmio_read_32(PMU_BASE + PMU_CORE_PWR_ST));
@@ -1327,6 +1334,9 @@
dmc_suspend();
pmu_scu_b_pwrdn();
+ gicv3_rdistif_save(plat_my_core_pos(), &rdist_ctx);
+ gicv3_distif_save(&dist_ctx);
+
/* need to save usbphy before shutdown PERIHP PD */
save_usbphy();
@@ -1369,6 +1379,7 @@
mmio_read_32(PMU_BASE + PMU_ADB400_ST));
panic();
}
+ udelay(1);
}
mmio_setbits_32(PMU_BASE + PMU_PWRDN_CON, BIT(PMU_SCU_B_PWRDWN_EN));
@@ -1462,6 +1473,7 @@
mmio_read_32(PMU_BASE + PMU_ADB400_ST));
panic();
}
+ udelay(1);
}
pmu_sgrf_rst_hld_release();
@@ -1481,6 +1493,8 @@
BIT(PMU_CLR_PERILPM0) |
BIT(PMU_CLR_GIC));
+ gicv3_distif_init_restore(&dist_ctx);
+ gicv3_rdistif_init_restore(plat_my_core_pos(), &rdist_ctx);
plat_rockchip_gic_cpuif_enable();
m0_stop();
diff --git a/plat/rockchip/rk3399/drivers/pmu/pmu.h b/plat/rockchip/rk3399/drivers/pmu/pmu.h
index 5c0ab4d..0265dde 100644
--- a/plat/rockchip/rk3399/drivers/pmu/pmu.h
+++ b/plat/rockchip/rk3399/drivers/pmu/pmu.h
@@ -53,7 +53,7 @@
#define TSADC_INT_PIN 38
#define CORES_PM_DISABLE 0x0
-#define PD_CTR_LOOP 500
+#define PD_CTR_LOOP 10000
#define CHK_CPU_LOOP 500
#define MAX_WAIT_COUNT 1000
diff --git a/plat/rockchip/rk3399/platform.mk b/plat/rockchip/rk3399/platform.mk
index 9e369e4..1997dfc 100644
--- a/plat/rockchip/rk3399/platform.mk
+++ b/plat/rockchip/rk3399/platform.mk
@@ -23,6 +23,8 @@
-I${RK_PLAT_SOC}/include/shared/ \
RK_GIC_SOURCES := drivers/arm/gic/common/gic_common.c \
+ drivers/arm/gic/v3/arm_gicv3_common.c \
+ drivers/arm/gic/v3/gic500.c \
drivers/arm/gic/v3/gicv3_main.c \
drivers/arm/gic/v3/gicv3_helpers.c \
plat/common/plat_gicv3.c \
diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c
index 33c451e..e70ff36 100644
--- a/tools/fiptool/fiptool.c
+++ b/tools/fiptool/fiptool.c
@@ -543,7 +543,6 @@
log_dbgx("Metadata size: %zu bytes", buf_size);
xfwrite(buf, buf_size, fp, filename);
- free(buf);
if (verbose)
log_dbgx("Payload size: %zu bytes", payload_size);
@@ -566,6 +565,7 @@
while (pad_size--)
fputc(0x0, fp);
+ free(buf);
fclose(fp);
return 0;
}