diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/cpu-specific-build-macros.rst | 10 | ||||
| -rw-r--r-- | docs/firmware-design.rst | 8 | ||||
| -rw-r--r-- | docs/plat/socionext-uniphier.rst | 84 | ||||
| -rw-r--r-- | docs/porting-guide.rst | 19 | ||||
| -rw-r--r-- | docs/user-guide.rst | 18 |
5 files changed, 81 insertions, 58 deletions
diff --git a/docs/cpu-specific-build-macros.rst b/docs/cpu-specific-build-macros.rst index f74b4593..014817d3 100644 --- a/docs/cpu-specific-build-macros.rst +++ b/docs/cpu-specific-build-macros.rst @@ -11,6 +11,15 @@ This document describes the various build options present in the CPU specific operations framework to enable errata workarounds and to enable optimizations for a specific CPU on a platform. +Security Vulnerability Workarounds +---------------------------------- + +ARM Trusted Firmware exports a series of build flags which control which +security vulnerability workarounds should be applied at runtime. + +- ``WORKAROUND_CVE_2017_5715``: Enables the security workaround for + `CVE-2017-5715`_. Defaults to 1. + CPU Errata Workarounds ---------------------- @@ -142,6 +151,7 @@ architecture that can be enabled by the platform as desired. *Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved.* +.. _CVE-2017-5715: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715 .. _Cortex-A53 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm048406/Cortex_A53_MPCore_Software_Developers_Errata_Notice.pdf .. _Cortex-A57 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm049219/cortex_a57_mpcore_software_developers_errata_notice.pdf .. _Cortex-A72 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm012079/index.html diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst index 405964d2..3cb004a4 100644 --- a/docs/firmware-design.rst +++ b/docs/firmware-design.rst @@ -1868,9 +1868,11 @@ Firmware Image Package layout The FIP layout consists of a table of contents (ToC) followed by payload data. The ToC itself has a header followed by one or more table entries. The ToC is -terminated by an end marker entry. All ToC entries describe some payload data -that has been appended to the end of the binary package. With the information -provided in the ToC entry the corresponding payload data can be retrieved. +terminated by an end marker entry, and since the size of the ToC is 0 bytes, +the offset equals the total size of the FIP file. All ToC entries describe some +payload data that has been appended to the end of the binary package. With the +information provided in the ToC entry the corresponding payload data can be +retrieved. :: diff --git a/docs/plat/socionext-uniphier.rst b/docs/plat/socionext-uniphier.rst index fb6ebe5e..2c652ac9 100644 --- a/docs/plat/socionext-uniphier.rst +++ b/docs/plat/socionext-uniphier.rst @@ -1,11 +1,12 @@ ARM Trusted Firmware for Socionext UniPhier SoCs ================================================ + Socionext UniPhier ARMv8-A SoCs use ARM Trusted Firmware as the secure world firmware, supporting BL1, BL2, and BL31. UniPhier SoC family implements its internal boot ROM, so BL1 is used as pseudo -ROM (i.e. runs in RAM). The internal boot ROM loads 64KB `1`_ image from a +ROM (i.e. runs in RAM). The internal boot ROM loads 64KB [1]_ image from a non-volatile storage to the on-chip SRAM. Unfortunately, BL1 does not fit in the 64KB limit if `Trusted Board Boot`_ (TBB) is enabled. To solve this problem, Socionext provides a first stage loader called `UniPhier BL`_. This loader runs @@ -23,35 +24,33 @@ the UniPhier BL. The concatenation of the UniPhier BL and the compressed BL1 fits in the 64KB limit. The concatenated image is loaded by the boot ROM (and verified if the chip fuses are blown). -:: - - to the lowest common denominator. Boot Flow --------- -#. The Boot ROM +1. The Boot ROM + + This is hard-wired ROM, so never corrupted. It loads the UniPhier BL (with + compressed-BL1 appended) into the on-chip SRAM. If the SoC fuses are blown, + the image is verified by the SoC's own method. -This is hard-wired ROM, so never corrupted. It loads the UniPhier BL (with -compressed-BL1 appended) into the on-chip SRAM. If the SoC fuses are blown, -the image is verified by the SoC's own method. +2. UniPhier BL -#. UniPhier BL + This runs in the on-chip SRAM. After the minimum SoC initialization and DRAM + setup, it decompresses the appended BL1 image into the DRAM, then jumps to + the BL1 entry. -This runs in the on-chip SRAM. After the minimum SoC initialization and DRAM -setup, it decompresses the appended BL1 image into the DRAM, then jumps to -the BL1 entry. +3. BL1 -#. BL1 + This runs in the DRAM. It extracts BL2 from FIP (Firmware Image Package). + If TBB is enabled, the BL2 is authenticated by the standard mechanism of ARM + Trusted Firmware. -This runs in the DRAM. It extracts BL2 from FIP (Firmware Image Package). -If TBB is enabled, the BL2 is authenticated by the standard mechanism of ARM -Trusted Firmware. +4. BL2, BL31, and more -#. BL2, BL31, and more + They all run in the DRAM, and are authenticated by the standard mechanism if + TBB is enabled. See `Firmware Design`_ for details. -They all run in the DRAM, and are authenticated by the standard mechanism if -TBB is enabled. See `Firmware Design`_ for details. Basic Build ----------- @@ -63,59 +62,52 @@ For a non-secure boot loader (aka BL33), U-Boot is well supported for UniPhier SoCs. The U-Boot image (``u-boot.bin``) must be built in advance. For the build procedure of U-Boot, refer to the document in the `U-Boot`_ project. -To build minimum functionality for UniPhier (without TBB): - -:: +To build minimum functionality for UniPhier (without TBB):: make CROSS_COMPILE=<gcc-prefix> PLAT=uniphier BL33=<path-to-BL33> bl1_gzip fip Output images: -- ``bl1.bin.gzip`` -- ``fip.bin`` +- ``bl1.bin.gzip`` +- ``fip.bin`` + Optional features ----------------- -- Trusted Board Boot +- Trusted Board Boot -`mbed TLS`_ is needed as the cryptographic and image parser modules. -Refer to the `User Guide`_ for the appropriate version of mbed TLS. + `mbed TLS`_ is needed as the cryptographic and image parser modules. + Refer to the `User Guide`_ for the appropriate version of mbed TLS. -To enable TBB, add the following options to the build command: - -:: + To enable TBB, add the following options to the build command:: TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 MBEDTLS_DIR=<path-to-mbedtls> -- System Control Processor (SCP) - -If desired, FIP can include an SCP BL2 image. If BL2 finds an SCP BL2 image -in FIP, BL2 loads it into DRAM and kicks the SCP. Most of UniPhier boards -still work without SCP, but SCP provides better power management support. +- System Control Processor (SCP) -To include SCP\_BL2, add the following option to the build command: + If desired, FIP can include an SCP BL2 image. If BL2 finds an SCP BL2 image + in FIP, BL2 loads it into DRAM and kicks the SCP. Most of UniPhier boards + still work without SCP, but SCP provides better power management support. -:: + To include SCP BL2, add the following option to the build command:: SCP_BL2=<path-to-SCP> -- BL32 (Secure Payload) - -To enable BL32, add the following option to the build command: +- BL32 (Secure Payload) -:: + To enable BL32, add the following options to the build command:: SPD=<spd> BL32=<path-to-BL32> -If you use TSP for BL32, ``BL32=<path-to-BL32>`` is not required. Just add the -following: - -:: + If you use TSP for BL32, ``BL32=<path-to-BL32>`` is not required. Just add the + following:: SPD=tspd -.. _1: Some%20SoCs%20can%20load%2080KB,%20but%20the%20software%20implementation%20must%20be%20aligned + +.. [1] Some SoCs can load 80KB, but the software implementation must be aligned + to the lowest common denominator. .. _Trusted Board Boot: ../trusted-board-boot.rst .. _UniPhier BL: https://github.com/uniphier/uniphier-bl .. _Firmware Design: ../firmware-design.rst diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst index f020ec97..2e2cc4f7 100644 --- a/docs/porting-guide.rst +++ b/docs/porting-guide.rst @@ -549,6 +549,22 @@ behaviour of the ``assert()`` function (for example, to save memory). doesn't print anything to the console. If ``PLAT_LOG_LEVEL_ASSERT`` isn't defined, it defaults to ``LOG_LEVEL``. +If the platform port uses the Activity Monitor Unit, the following constants +may be defined: + +- **PLAT\_AMU\_GROUP1\_COUNTERS\_MASK** + This mask reflects the set of group counters that should be enabled. The + maximum number of group 1 counters supported by AMUv1 is 16 so the mask + can be at most 0xffff. If the platform does not define this mask, no group 1 + counters are enabled. If the platform defines this mask, the following + constant needs to also be defined. + +- **PLAT\_AMU\_GROUP1\_NR\_COUNTERS** + This value is used to allocate an array to save and restore the counters + specified by ``PLAT_AMU_GROUP1_COUNTERS_MASK`` on CPU suspend. + This value should be equal to the highest bit position set in the + mask, plus 1. The maximum number of group 1 counters in AMUv1 is 16. + File : plat\_macros.S [mandatory] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -1128,6 +1144,9 @@ This function executes with the MMU and data caches enabled. It is responsible for performing any remaining platform-specific setup that can occur after the MMU and data cache have been enabled. +if support for multiple boot sources is required, it initializes the boot +sequence used by plat\_try\_next\_boot\_source(). + In ARM standard platforms, this function initializes the storage abstraction layer used to load the next bootloader image. diff --git a/docs/user-guide.rst b/docs/user-guide.rst index 13f09641..0647e705 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -55,7 +55,7 @@ command: sudo apt-get install build-essential gcc make git libssl-dev -ARM TF has been tested with `Linaro Release 17.04`_. +ARM TF has been tested with `Linaro Release 17.10`_. Download and install the AArch32 or AArch64 little-endian GCC cross compiler. The `Linaro Release Notes`_ documents which version of the compiler to use for a @@ -1006,7 +1006,7 @@ images with support for these features: modules by checking out a recent version of the `mbed TLS Repository`_. It is important to use a version that is compatible with TF and fixes any known security vulnerabilities. See `mbed TLS Security Center`_ for more - information. The latest version of TF is tested with tag ``mbedtls-2.4.2``. + information. The latest version of TF is tested with tag ``mbedtls-2.6.0``. The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS source files the modules depend upon. @@ -1475,10 +1475,10 @@ Running the software on FVP The latest version of the AArch64 build of ARM Trusted Firmware has been tested on the following ARM FVPs (64-bit host machine only). -NOTE: Unless otherwise stated, the model version is Version 11.1 Build 11.1.22. +NOTE: Unless otherwise stated, the model version is Version 11.2 Build 11.2.33. - ``Foundation_Platform`` -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.7, Build 0.8.8702) +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 9.0, Build 0.8.9005) - ``FVP_Base_Cortex-A35x4`` - ``FVP_Base_Cortex-A53x4`` - ``FVP_Base_Cortex-A57x4-A53x4`` @@ -1491,7 +1491,7 @@ NOTE: Unless otherwise stated, the model version is Version 11.1 Build 11.1.22. The latest version of the AArch32 build of ARM Trusted Firmware has been tested on the following ARM FVPs (64-bit host machine only). -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.7, Build 0.8.8702) +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 9.0, Build 0.8.9005) - ``FVP_Base_Cortex-A32x4`` NOTE: The build numbers quoted above are those reported by launching the FVP @@ -1868,10 +1868,10 @@ wakeup interrupt from RTC. .. _Linaro: `Linaro Release Notes`_ .. _Linaro Release: `Linaro Release Notes`_ -.. _Linaro Release Notes: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated -.. _Linaro Release 17.04: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease17.04 -.. _Linaro instructions: https://community.arm.com/dev-platforms/b/documents/posts/instructions-for-using-the-linaro-software-deliverables -.. _Instructions for using Linaro's deliverables on Juno: https://community.arm.com/dev-platforms/b/documents/posts/using-linaros-deliverables-on-juno +.. _Linaro Release Notes: https://community.arm.com/dev-platforms/w/docs/226/old-linaro-release-notes +.. _Linaro Release 17.10: https://community.arm.com/dev-platforms/w/docs/226/old-linaro-release-notes#1710 +.. _Linaro instructions: https://community.arm.com/dev-platforms/w/docs/304/linaro-software-deliverables +.. _Instructions for using Linaro's deliverables on Juno: https://community.arm.com/dev-platforms/w/docs/303/juno .. _ARM Platforms Portal: https://community.arm.com/dev-platforms/ .. _Development Studio 5 (DS-5): http://www.arm.com/products/tools/software-tools/ds-5/index.php .. _Dia: https://wiki.gnome.org/Apps/Dia/Download |