To quote the author:
Adding support for Arm FF-A v1.0 (Arm Firmware Framework for Armv8-A) [A].
FF-A specifies interfaces that enable a pair of software execution
environments aka partitions to communicate with each other. A partition
could be a VM in the Normal or Secure world, an application in S-EL0, or
a Trusted OS in S-EL1.
FF-A is a discoverable bus and similar to architecture features.
FF-A bus is discovered using ARM_SMCCC_FEATURES mechanism performed
by the PSCI driver.
=> dm tree
Class Index Probed Driver Name
-----------------------------------------------------------
...
firmware 0 [ + ] psci |-- psci
ffa 0 [ ] arm_ffa | `-- arm_ffa
...
Clients are able to probe then use the FF-A bus by calling the DM class
searching APIs (e.g: uclass_first_device).
This implementation of the specification provides support for Aarch64.
The FF-A driver uses the SMC ABIs defined by the FF-A specification to:
- Discover the presence of secure partitions (SPs) of interest
- Access an SP's service through communication protocols
(e.g: EFI MM communication protocol)
The FF-A support provides the following features:
- Being generic by design and can be used by any Arm 64-bit platform
- FF-A support can be compiled and used without EFI
- Support for SMCCCv1.2 x0-x17 registers
- Support for SMC32 calling convention
- Support for 32-bit and 64-bit FF-A direct messaging
- Support for FF-A MM communication (compatible with EFI boot time)
- Enabling FF-A and MM communication in Corstone1000 platform as a use case
- A Uclass driver providing generic FF-A methods.
- An Arm FF-A device driver providing Arm-specific methods and
reusing the Uclass methods.
- A sandbox emulator for Arm FF-A, emulates the FF-A side of the
Secure World and provides FF-A ABIs inspection methods.
- An FF-A sandbox device driver for FF-A communication with the
emulated Secure World. The driver leverages the FF-A Uclass to
establish FF-A communication.
- Sandbox FF-A test cases.
- A new command called armffa is provided as an example of how to
access the FF-A bus
For more details about the FF-A support please refer to [B] and refer to [C] for
how to use the armffa command.
Please find at [D] an example of the expected boot logs when enabling
FF-A support for a platform. In this example the platform is
Corstone1000. But it can be any Arm 64-bit platform.
[A]: https://developer.arm.com/documentation/den0077/latest/
[B]: doc/arch/arm64.ffa.rst
[C]: doc/usage/cmd/armffa.rst
[D]: example of boot logs when enabling FF-A
turn on EFI MM communication
On corstone1000 platform MM communication between u-boot
and the secure world (Optee) is done using the FF-A bus.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Cc: Tom Rini <trini@konsulko.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Add MM communication support using FF-A transport
This feature allows accessing MM partitions services through
EFI MM communication protocol. MM partitions such as StandAlonneMM
or smm-gateway secure partitions which reside in secure world.
An MM shared buffer and a door bell event are used to exchange
the data.
The data is used by EFI services such as GetVariable()/SetVariable()
and copied from the communication buffer to the MM shared buffer.
The secure partition is notified about availability of data in the
MM shared buffer by an FF-A message (door bell).
On such event, MM SP can read the data and updates the MM shared
buffer with the response data.
The response data is copied back to the communication buffer and
consumed by the EFI subsystem.
MM communication protocol supports FF-A 64-bit direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Tested-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Add Sandbox test for the armffa command
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Add functional test cases for the FF-A support
These tests rely on the FF-A sandbox emulator and FF-A
sandbox driver which help in inspecting the FF-A communication.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Emulate Secure World's FF-A ABIs and allow testing U-Boot FF-A support
Features of the sandbox FF-A support:
- Introduce an FF-A emulator
- Introduce an FF-A device driver for FF-A comms with emulated Secure World
- Provides test methods allowing to read the status of the inspected ABIs
The sandbox FF-A emulator supports only 64-bit direct messaging.
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Provide armffa command showcasing the use of the U-Boot FF-A support
armffa is a command showcasing how to invoke FF-A operations.
This provides a guidance to the client developers on how to
call the FF-A bus interfaces. The command also allows to gather secure
partitions information and ping these partitions. The command is also
helpful in testing the communication with secure partitions.
For more details please refer to the command documentation [1].
[1]: doc/usage/cmd/armffa.rst
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Add Arm FF-A support implementing Arm Firmware Framework for Armv8-A v1.0
The Firmware Framework for Arm A-profile processors (FF-A v1.0) [1]
describes interfaces (ABIs) that standardize communication
between the Secure World and Normal World leveraging TrustZone
technology.
This driver uses 64-bit registers as per SMCCCv1.2 spec and comes
on top of the SMCCC layer. The driver provides the FF-A ABIs needed for
querying the FF-A framework from the secure world.
The driver uses SMC32 calling convention which means using the first
32-bit data of the Xn registers.
All supported ABIs come with their 32-bit version except FFA_RXTX_MAP
which has 64-bit version supported.
Both 32-bit and 64-bit direct messaging are supported which allows both
32-bit and 64-bit clients to use the FF-A bus.
FF-A is a discoverable bus and similar to architecture features.
FF-A bus is discovered using ARM_SMCCC_FEATURES mechanism performed
by the PSCI driver.
Clients are able to probe then use the FF-A bus by calling the DM class
searching APIs (e.g: uclass_first_device).
The Secure World is considered as one entity to communicate with
using the FF-A bus. FF-A communication is handled by one device and
one instance (the bus). This FF-A driver takes care of all the
interactions between Normal world and Secure World.
The driver exports its operations to be used by upper layers.
Exported operations:
- ffa_partition_info_get
- ffa_sync_send_receive
- ffa_rxtx_unmap
Generic FF-A methods are implemented in the Uclass (arm-ffa-uclass.c).
Arm specific methods are implemented in the Arm driver (arm-ffa.c).
For more details please refer to the driver documentation [2].
[1]: https://developer.arm.com/documentation/den0077/latest/
[2]: doc/arch/arm64.ffa.rst
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
provide a test case
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
convert UUID string to little endian binary data
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: Jens Wiklander <jens.wiklander@linaro.org>
add support for x0-x17 registers used by the SMC calls
In SMCCC v1.2 [1] arguments are passed in registers x1-x17.
Results are returned in x0-x17.
This work is inspired from the following kernel commit:
arm64: smccc: Add support for SMCCCv1.2 extended input/output registers
[1]: https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token=
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
binman TI support
binman cipher support
-----BEGIN PGP SIGNATURE-----
iQFFBAABCgAvFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAmS+wz8RHHNqZ0BjaHJv
bWl1bS5vcmcACgkQfxc6PpAIreZJFgf5AQndwI5yzs/R0HqqPjeYwKclYmn/4aqc
AqWQU9fv3ZHcmFvdAp68PxMas5zYzJvc7az6sVOechmglFXmBj+cU9sM2LL6Ulre
WjOa3yypsOxLgIga5DYDa3t3wNnoy3Yqt1TZejpfHYPNraFWFJpHCF0uSSWIBlPr
8RpCuNtsFlRlTOcXWxew+ms4dtSJ7fIyX1PMIkhFXrYiJUtcdZ6YkG1BSnScqx80
ZG/JquGmeqnkejZ608QP0SBubct02oBfhkYEmfM87Eoz2GnfRpeARoiqohSYrBWM
9Ji9T6FQBO4iLHOnETO86YG/jlwb/CP+hUdswpcrcmlpwRxLGWIraA==
=IzFg
-----END PGP SIGNATURE-----
Merge tag 'dm-pull-24jul23' of https://source.denx.de/u-boot/custodians/u-boot-dm
buildman refactoring and --maintainer-check
binman TI support
binman cipher support
- Actually merge the assorted K3 platform improvements that were
supposed to be in commit 247aa5a191 ("Merge branch
'2023-07-21-assorted-TI-platform-updates'")
In poking around it seems that many boards don't define a CONFIG_TARGET
Kconfig variable. This is not strictly necessary, but add an option to
buildman so these can be viewed.
Signed-off-by: Simon Glass <sjg@chromium.org>
Change -D to mean --debug for consistency with other tools. This is not a
commonly used option, so the impact should be minimal.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is probably a little more efficient and it allows passing the object
to another function to write data. Convert config_out to use a string I/O
device.
Signed-off-by: Simon Glass <sjg@chromium.org>
Move more of the argument-building code into this function. Fix a missing
assignment for out_rel_dir too.
Rename the function since it now builds all the arguments.
Signed-off-by: Simon Glass <sjg@chromium.org>
This variable has a different meaning in the outer scope. Use a different
name to avoid confusion, or bugs.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add a simple functional test for the --boards option. Fix the example in
the docs while we are here. Also improve the docs for Builder.count so it
is clearer what it contains.
Signed-off-by: Simon Glass <sjg@chromium.org>
Avoid an unnecessary local variable by moving this code to a function.
This fixes the pylint warning about too many local variables.
Signed-off-by: Simon Glass <sjg@chromium.org>
This is not needed until the builder is run. Move it there to reduce the
size of the do_buildman() function.
Signed-off-by: Simon Glass <sjg@chromium.org>
