| /trusted-firmware-a/docs/design/ |
| A D | cpu-specific-build-macros.rst | 5 operations framework to enable errata workarounds and to enable optimizations
19 Defaults to 1.
22 `CVE-2018-3639`_. Defaults to 1. The TF-A project recommends to keep
30 Defaults to 0.
52 Refer to :ref:`firmware_design_cpu_errata_reporting` for information on how to
60 printing a warning to the crash console.
72 CPU. This needs to be enabled for all revisions of the CPU.
110 link time to Cortex-A53 CPU. This needs to be enabled for some variants of
119 to Cortex-A53 CPU. This needs to be enabled for some variants of revision
282 CPU. This needs to be enabled for revisions r0p0 and r1p0.
[all …]
|
| A D | psci-pd-tree.rst | 8 ``plat_get_aff_state()`` APIs to enable the generic PSCI code to
20 levels in the power domain tree to four.
23 mechanism used to populate the power domain topology tree.
28 a 'start' to an 'end' power level. The binary search is required to find the
29 node at each level. The natural way to perform this traversal is to
151 core power domains, for example, Juno and FVPs, the logic to convert an MPIDR to
153 proof hash function to do this.
163 #. Implement more complex logic to convert a valid MPIDR to a core index while
173 allow use of a simpler logic to convert an MPIDR to a core index.
231 algorithm to parse the power domain descriptor exported by the platform to
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/design/ |
| A D | cpu-specific-build-macros.rst.txt | 5 operations framework to enable errata workarounds and to enable optimizations
19 Defaults to 1.
22 `CVE-2018-3639`_. Defaults to 1. The TF-A project recommends to keep
30 Defaults to 0.
52 Refer to :ref:`firmware_design_cpu_errata_reporting` for information on how to
60 printing a warning to the crash console.
72 CPU. This needs to be enabled for all revisions of the CPU.
110 link time to Cortex-A53 CPU. This needs to be enabled for some variants of
119 to Cortex-A53 CPU. This needs to be enabled for some variants of revision
282 CPU. This needs to be enabled for revisions r0p0 and r1p0.
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/plat/arm/fvp/ |
| A D | index.rst.txt | 110 - ``FVP_CLUSTER_COUNT`` : Configures the cluster count to be used to
135 - ``FVP_HW_CONFIG_DTS`` : Specify the path to the DTS file to be compiled
142 - ``FVP_HW_CONFIG`` : Specify the path to the HW_CONFIG blob to be packaged in
180 One way to do that is to create an 8-byte file containing all zero bytes using
215 load <path-to>/el3-payload.elf
260 # Path to the input DTB
261 KERNEL_DTB=<path-to>/<fdt>
262 # Path to the output DTB
266 # Path to the ramdisk
267 INITRD=<path-to>/<ramdisk.img>
[all …]
|
| /trusted-firmware-a/docs/plat/arm/fvp/ |
| A D | index.rst | 110 - ``FVP_CLUSTER_COUNT`` : Configures the cluster count to be used to
135 - ``FVP_HW_CONFIG_DTS`` : Specify the path to the DTS file to be compiled
142 - ``FVP_HW_CONFIG`` : Specify the path to the HW_CONFIG blob to be packaged in
180 One way to do that is to create an 8-byte file containing all zero bytes using
215 load <path-to>/el3-payload.elf
260 # Path to the input DTB
261 KERNEL_DTB=<path-to>/<fdt>
262 # Path to the output DTB
266 # Path to the ramdisk
267 INITRD=<path-to>/<ramdisk.img>
[all …]
|
| /trusted-firmware-a/docs/process/ |
| A D | security-hardening.rst | 19 response to an SMC.
31 The Secure world needs to implement some defenses to prevent the Non-secure
51 - Set ``P`` to ``0``.
52 - Set ``NSK`` to ``1``.
53 - Set ``M`` to ``0``.
55 - Set ``SH`` to ``1``.
60 - Set ``C`` to ``1``.
64 - Set ``DP`` to ``0``.
65 - Set ``E`` to ``1``.
97 - The ``PMCR_EL0.DP`` bit therefore needs to be set to ``1`` when EL3 is
[all …]
|
| A D | faq.rst | 7 Often it is necessary to update your patch set before it is merged. Refer to the
8 `Gerrit Upload Patch Set documentation`_ on how to do so.
10 If you need to modify an existing patch set with multiple commits, refer to the
13 How long will my changes take to merge into ``integration``?
20 set and the impact of any delay. Feel free to add a comment to your patch set
21 to get an estimate of when it will be merged.
28 API is likely to receive much greater scrutiny than a local change to a
32 maintainers may not wait for external review comments to merge trivial
33 bug-fixes but may wait up to a week to merge major changes, or ones requiring
44 How long will it take for my changes to go from ``integration`` to ``master``?
[all …]
|
| A D | platform-compatibility-policy.rst | 13 Platform compatibility is mainly affected by changes to Platform APIs (as
15 library interfaces (like xlat_table library). The project will try to maintain
16 compatibility for upstream platforms. Due to evolving requirements and
18 means the previous interface needs to be deprecated and a new interface
19 introduced to replace it. In case the migration to the new interface is trivial,
20 the contributor of the change is expected to make good effort to migrate the
21 upstream platforms to the new interface.
25 deprecated, the page must be updated to indicate the release after which the
27 For non-trivial interface changes, an email should be sent out to the `TF-A
28 public mailing list`_ to notify platforms that they should migrate away from the
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/process/ |
| A D | security-hardening.rst.txt | 19 response to an SMC.
31 The Secure world needs to implement some defenses to prevent the Non-secure
51 - Set ``P`` to ``0``.
52 - Set ``NSK`` to ``1``.
53 - Set ``M`` to ``0``.
55 - Set ``SH`` to ``1``.
60 - Set ``C`` to ``1``.
64 - Set ``DP`` to ``0``.
65 - Set ``E`` to ``1``.
97 - The ``PMCR_EL0.DP`` bit therefore needs to be set to ``1`` when EL3 is
[all …]
|
| A D | faq.rst.txt | 7 Often it is necessary to update your patch set before it is merged. Refer to the
8 `Gerrit Upload Patch Set documentation`_ on how to do so.
10 If you need to modify an existing patch set with multiple commits, refer to the
13 How long will my changes take to merge into ``integration``?
20 set and the impact of any delay. Feel free to add a comment to your patch set
21 to get an estimate of when it will be merged.
28 API is likely to receive much greater scrutiny than a local change to a
32 maintainers may not wait for external review comments to merge trivial
33 bug-fixes but may wait up to a week to merge major changes, or ones requiring
44 How long will it take for my changes to go from ``integration`` to ``master``?
[all …]
|
| A D | platform-compatibility-policy.rst.txt | 13 Platform compatibility is mainly affected by changes to Platform APIs (as
15 library interfaces (like xlat_table library). The project will try to maintain
16 compatibility for upstream platforms. Due to evolving requirements and
18 means the previous interface needs to be deprecated and a new interface
19 introduced to replace it. In case the migration to the new interface is trivial,
20 the contributor of the change is expected to make good effort to migrate the
21 upstream platforms to the new interface.
25 deprecated, the page must be updated to indicate the release after which the
27 For non-trivial interface changes, an email should be sent out to the `TF-A
28 public mailing list`_ to notify platforms that they should migrate away from the
[all …]
|
| /trusted-firmware-a/docs/getting_started/ |
| A D | build-options.rst | 17 compiler should use. Valid values are T32 and A32. It defaults to T32 due to
65 is set to '1'.
133 build to be uniquely identified. Defaults to the current git commit id.
260 various ELs can assign themselves to desired partition to control their
571 set to 1 as well.
578 set to ``1``.
614 Delegated Exception Interface to BL31 image. This defaults to ``0``.
617 set to ``1``.
639 the path to the directory containing the SPD source, relative to
702 interrupts to TSP allowing it to save its context and hand over
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/getting_started/ |
| A D | build-options.rst.txt | 17 compiler should use. Valid values are T32 and A32. It defaults to T32 due to
65 is set to '1'.
133 build to be uniquely identified. Defaults to the current git commit id.
260 various ELs can assign themselves to desired partition to control their
571 set to 1 as well.
578 set to ``1``.
614 Delegated Exception Interface to BL31 image. This defaults to ``0``.
617 set to ``1``.
639 the path to the directory containing the SPD source, relative to
702 interrupts to TSP allowing it to save its context and hand over
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/components/ |
| A D | exception-handling.rst.txt | 24 allows for asynchronous exceptions to be routed to EL3. As described in the
29 FIQs and IRQs routed to EL3 are not required to be handled in EL3.
51 suitably routed to EL3, and the Runtime Firmware (BL31) is extended to include
54 choose to:
83 Corollary to the use cases cited above, the primary role of the |EHF| is to
179 interrupts to a priority level. In other words, all interrupts that are to
201 The priority thus assigned to an interrupt is also used to determine the
259 - The handler to be registered. The handler must be aligned to 4 bytes.
399 to a lower EL.
438 calls to these APIs are subject to the following conditions:
[all …]
|
| A D | platform-interrupt-controller-API.rst.txt | 48 peripherals target to that PE only.
91 then writes to GIC *Set Enable Register* to enable the interrupt.
105 writes to GIC *Clear Enable Register* to disable the interrupt, and inserts
178 writes to the GIC *Group Register* and *Group Modifier Register* (only GICv3) to
194 ``INTR_TYPE_S_EL1`` maps to Group 0. Otherwise, ``INTR_TYPE_EL3`` maps to
212 to appropriate *SGI Register* in order to raise the EL3 SGI.
237 writes to the GIC *Target Register* (GICv2) or *Route Register* (GICv3) to set
253 and writes to the GIC *Set Pending Register* to set the interrupt pending
268 writes to the GIC *Clear Pending Register* to clear the interrupt pending
285 inserts to order memory updates before updating mask, then writes to the GIC
[all …]
|
| /trusted-firmware-a/docs/components/ |
| A D | exception-handling.rst | 24 allows for asynchronous exceptions to be routed to EL3. As described in the
29 FIQs and IRQs routed to EL3 are not required to be handled in EL3.
51 suitably routed to EL3, and the Runtime Firmware (BL31) is extended to include
54 choose to:
83 Corollary to the use cases cited above, the primary role of the |EHF| is to
179 interrupts to a priority level. In other words, all interrupts that are to
201 The priority thus assigned to an interrupt is also used to determine the
259 - The handler to be registered. The handler must be aligned to 4 bytes.
399 to a lower EL.
438 calls to these APIs are subject to the following conditions:
[all …]
|
| A D | platform-interrupt-controller-API.rst | 48 peripherals target to that PE only.
91 then writes to GIC *Set Enable Register* to enable the interrupt.
105 writes to GIC *Clear Enable Register* to disable the interrupt, and inserts
178 writes to the GIC *Group Register* and *Group Modifier Register* (only GICv3) to
194 ``INTR_TYPE_S_EL1`` maps to Group 0. Otherwise, ``INTR_TYPE_EL3`` maps to
212 to appropriate *SGI Register* in order to raise the EL3 SGI.
237 writes to the GIC *Target Register* (GICv2) or *Route Register* (GICv3) to set
253 and writes to the GIC *Set Pending Register* to set the interrupt pending
268 writes to the GIC *Clear Pending Register* to clear the interrupt pending
285 inserts to order memory updates before updating mask, then writes to the GIC
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/perf/ |
| A D | psci-performance-juno.rst.txt | 54 test to complete before proceeding to the next non-lead CPU. The lead CPU then
62 to the point the hardware enters the low power state (WFI). Referring to the TF
67 power state to exiting the TF PSCI implementation. This corresponds to:
70 ``CFLUSH_OVERHEAD`` refers to the part of ``PSCI_ENTRY`` taken to flush the
105 observed due to TF PSCI lock contention. In the worst case, CPU 3 has to wait
138 platform code. The platform lock is used to mediate access to a single SCP
140 AP CPU to enter WFI before making the channel available to other CPUs, which
178 to the little cluster (1MB).
181 CPU 4 continues to run while CPU 5 is suspended. Hence CPU 5 only powers down to
204 only necessary to flush the cache to power level 0 (L1). This is the best case
[all …]
|
| /trusted-firmware-a/docs/perf/ |
| A D | psci-performance-juno.rst | 54 test to complete before proceeding to the next non-lead CPU. The lead CPU then
62 to the point the hardware enters the low power state (WFI). Referring to the TF
67 power state to exiting the TF PSCI implementation. This corresponds to:
70 ``CFLUSH_OVERHEAD`` refers to the part of ``PSCI_ENTRY`` taken to flush the
105 observed due to TF PSCI lock contention. In the worst case, CPU 3 has to wait
138 platform code. The platform lock is used to mediate access to a single SCP
140 AP CPU to enter WFI before making the channel available to other CPUs, which
178 to the little cluster (1MB).
181 CPU 4 continues to run while CPU 5 is suspended. Hence CPU 5 only powers down to
204 only necessary to flush the cache to power level 0 (L1). This is the best case
[all …]
|
| /trusted-firmware-a/docs/security_advisories/ |
| A D | security-advisory-tfv-8.rst | 5 | Title | Not saving x0 to x3 registers can leak information from one |
6 | | Normal World SMC client to another |
26 When taking an exception to EL3, BL31 saves the CPU context. The aim is to
29 ``x0`` to ``x3`` are not part of the CPU context saved on the stack.
31 As per the `SMC Calling Convention`_, up to 4 values may be returned to the
36 Before returning to the caller, the ``restore_gp_registers()`` function is
40 (referring to the version of the code as of `commit c385955`_):
55 request (or asynchronous exception to EL3) that used these return values.
72 to assess the impact of this threat.
84 line 19 (referring to the version of the code as of `commit c385955`_):
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/security_advisories/ |
| A D | security-advisory-tfv-8.rst.txt | 5 | Title | Not saving x0 to x3 registers can leak information from one |
6 | | Normal World SMC client to another |
26 When taking an exception to EL3, BL31 saves the CPU context. The aim is to
29 ``x0`` to ``x3`` are not part of the CPU context saved on the stack.
31 As per the `SMC Calling Convention`_, up to 4 values may be returned to the
36 Before returning to the caller, the ``restore_gp_registers()`` function is
40 (referring to the version of the code as of `commit c385955`_):
55 request (or asynchronous exception to EL3) that used these return values.
72 to assess the impact of this threat.
84 line 19 (referring to the version of the code as of `commit c385955`_):
[all …]
|
| /trusted-firmware-a/docs/plat/ |
| A D | rpi3.rst | 76 that it is loaded above 32MiB in order to avoid the need to relocate
136 instructions to see how to do it. This system is strongly discouraged.
155 The `Linux kernel tree`_ has instructions on how to jump to the Linux kernel
171 use mailboxes to trap the secondary cores until they are ready to jump to the
179 address to jump to in this Mailbox (``bl31_warm_entrypoint``).
233 - ``RPI3_USE_UEFI_MAP``: Set to 1 to build ATF with the altername memory
235 to be able to run Windows on ARM64. This option, which is disabled by
274 If OP-TEE is used it may be needed to add the following options to the
281 it. In order to use TBB, you might want to set ``GENERATE_COT=1`` to let the
284 able to set ROT_KEY to your own key in PEM format. Also in order to build,
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/plat/ |
| A D | rpi3.rst.txt | 76 that it is loaded above 32MiB in order to avoid the need to relocate
136 instructions to see how to do it. This system is strongly discouraged.
155 The `Linux kernel tree`_ has instructions on how to jump to the Linux kernel
171 use mailboxes to trap the secondary cores until they are ready to jump to the
179 address to jump to in this Mailbox (``bl31_warm_entrypoint``).
233 - ``RPI3_USE_UEFI_MAP``: Set to 1 to build ATF with the altername memory
235 to be able to run Windows on ARM64. This option, which is disabled by
274 If OP-TEE is used it may be needed to add the following options to the
281 it. In order to use TBB, you might want to set ``GENERATE_COT=1`` to let the
284 able to set ROT_KEY to your own key in PEM format. Also in order to build,
[all …]
|
| /trusted-firmware-a/docs/build/TF-A_2.5/_sources/plat/arm/ |
| A D | arm-build-options.rst.txt | 8 DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
13 - ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
17 kernel). Default is true (access to the frame is allowed).
29 to have a Linux kernel image as BL33 by preparing the registers to these
30 values before jumping to BL33. This option defaults to 0 (disabled). For
46 State-ID yet. Hence this flag is used to configure whether to use the
73 location of the ROTPK hash. Not expected to be a build option. This defaults to
89 - ``ARM_CRYPTOCELL_INTEG`` : bool option to enable TF-A to invoke Arm®
103 - ``ARM_BL2_SP_LIST_DTS``: Path to DTS file snippet to override the hardcoded
136 SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
[all …]
|
| /trusted-firmware-a/docs/plat/arm/ |
| A D | arm-build-options.rst | 8 DRAM. By default, BL31 is in the secure SRAM. Set this flag to 1 to load
13 - ``ARM_CONFIG_CNTACR``: boolean option to unlock access to the ``CNTBase<N>``
17 kernel). Default is true (access to the frame is allowed).
29 to have a Linux kernel image as BL33 by preparing the registers to these
30 values before jumping to BL33. This option defaults to 0 (disabled). For
46 State-ID yet. Hence this flag is used to configure whether to use the
73 location of the ROTPK hash. Not expected to be a build option. This defaults to
89 - ``ARM_CRYPTOCELL_INTEG`` : bool option to enable TF-A to invoke Arm®
103 - ``ARM_BL2_SP_LIST_DTS``: Path to DTS file snippet to override the hardcoded
136 SCP_BL2U to the FIP and FWU_FIP respectively, and enables them to be loaded
[all …]
|