Age | Commit message (Collapse) | Author |
|
configure OP-TEE Share memory to be accessible by OS.
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
(cherry picked from commit 0b5eeb7e0dbe50ebd7f3d0ce66047569504e9d52)
|
|
reuse Trusty support for OP-TEE
Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
(cherry picked from commit 6e2885a262b94bdeb8face851012f58ed32e86a9)
|
|
JR0 and JR1 of CAAM are owned by SECO, only kick the power
of JR2 and JR3 here and assign the resources to be accessed
by secure world.
Signed-off-by: Ji Luo <ji.luo@nxp.com>
|
|
Tee(Trusty Os) will be stored in fit for Android and Android Auto
so we don't need to copy it anymore, this will save some boot time.
Signed-off-by: Luo Ji <ji.luo@nxp.com>
|
|
This patch adds support for cpuidle with CPU powerdown,
there will be 3 idle states in Linux kernel:
1: wfi;
2: cpu power down;
3: cluster power down.
As Linux kernel needs a broadcast timer for waking up
CPU when whole CLUSTER is powerdown, GPT is adopted as
broadcast timer, and to make the clock & power management
easy for Linux kernel to avoid many workaround/hake in
Linux kernel, TF-A will handle GPT's power & clock management
as well as registers save/restore when suspend/resume.
Also, psci power states are used to determine CORE/CLUSTER/SYSTEM
power state to distinguish CPU idle and SYSTEM suspend which share
same domain_suspend callback.
The SoC IPs register mmap regions are merged into 1 large
section to cover all the SoC IPs register ranges TF-A needs,
this is to save mmap regions and make it simple.
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
|
|
The Trusty OS binary will be installed into
container.img and loaded into 0x84000000.
Due Trusty OS addresss is in 0xfe000000 which
ROM cannot reach, so use ATF to copy it into
the target address.
Mapped the BL32 code into MMU due the Trusty
SPD need to check the code status and decide
the CPU executing mode.
To reserve and protect the memory for secure
world, modify the partition code to keep
BL32 spaces in secure_part.
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
|
|
With flash_uboot_cm4ddr in imx-mkimage, the m4 code will access ddr.
However after m4 core moved to non-secure partition, the ddr memory
is still in secure partition. Then m4 core will fault.
So postpone moving resources including m4 core, until other resources,
such as memory/pin moved to non-secure partition.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
(cherry picked from commit 1c8ce0ad5f583ec41026d4ab5bef622f1b45aecd)
|
|
Switch to MULTI_CONSOLE_API to make debug UART work.
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
|
|
With default configuration, M4 and A35 in one partition, M4 is loaded by ROM.
"err = sc_rm_move_all(ipc_handle, secure_part, os_part, true, true);"
M4 core will first be moved to non-secure OS part, then the resource used
by M4 will be moved to non-secure OS part later. But before the resource be
moved to non-secure OS part, M4 core is still running, so a non-secure M4
core access a secure resource will trigger error in M4 side.
First mark M4 core as non-movable, after all other resoures moved to OS
part, move M4 to OS part. No need to check whether M4 is created a new
partition by SCFW, if a partition already created, the call to mark
M4 as non-removable will fail, because it M4 is in its own partition.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
|
|
clean up the license identifier with short SPDX short identifier.
Signed-off-by: Bai Ping <ping.bai@nxp.com>
|
|
Use MU0 to comply with boot image usage of MU0
Also power on and pass MU1 for OS/Hypervisor
Signed-off-by: Teo Hall <teo.hall@nxp.com>
|
|
In order to save power when AP side is suspend,
the DBLOG need to be put into low power mode.
GIC need to be power off to save power. before GIC
power off, we need to save the GIC setting, then
after resume, we need to restore the gic setting.
irqsteer need to be used to wakeup the AP side
when wakeup interrupt is pending for AP side.
Signed-off-by: Bai Ping <ping.bai@nxp.com>
|
|
Reserve the memory region that is only can access by ATF. ATF is running
in this memory region, while masters in other partitions can't access it.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
Change to search the ATF owned memory regions and assign them to non-secure
OS partition. Not allocate new memory region for each one.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
As we already have control for debug console in platform_def.h,
so no need to un-initialize console in plat runtime setup, just
overwrite the common implementation with blank function.
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
|
|
Not only the resources, but also the memory regions need to assign to
non-secure partition. Otherwise, when the boot partition is secured,
the OS non-secure partition can't access any memory.
This patch currently assign all memory to NS partition, since it is not
isolated, the current secure partition also can access them. In future,
may need to change the regions for reserving some memory in secure
partition for ATF and BL32.
Signed-off-by: Ye Li <ye.li@nxp.com>
|
|
missed bit 31 and 30 which are needed
Signed-off-by: Nitin Garg <nitin.garg@nxp.com>
|
|
Signed-off-by: Nitin Garg <nitin.garg@nxp.com>
|
|
Add necessary resources to secure partition for protection.
Also add in functionality to allow for register access
of some secure-owned peripherals.
These peripherals will still be protected from power or
clk changes.
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
Signed-off-by: Teo Hall <teo.hall@nxp.com>
|
|
Add i.MX8QXP platform support.
Signed-off-by: Anson Huang <Anson.Huang@nxp.com>
Signed-off-by: Bai Ping <ping.bai@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
|