Tegra186: add SE support to generate SHA256 of TZRAM
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This
memory loses power when we enter System Suspend and so its contents are
stored to TZDRAM, before entry. This opens up an attack vector where the
TZDRAM contents might be tampered with when we are in the System Suspend
mode. To mitigate this attack the SE engine calculates the hash of entire
TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The
WB0 code will validate the TZDRAM and match the hash with the one in PMC
scratch.
This patch adds driver for the SE engine, with APIs to calculate the hash
and store SE SHA256 hash-result to PMC scratch registers.
Tegra194: memctrl: remove support to reconfigure MSS
As bpmp-fw is running at the same time as ATF, and
the mss client reconfiguration sequence involves performing
a hot flush resets on bpmp, there is a chance that bpmp-fw is
trying to perform accesses while the hot flush is active.
Therefore, the mss client reconfigure has been moved to
System Suspend resume fw and bootloader, and it can be
removed from here.
Change-Id: I34019ad12abea9681f5e180af6bc86f2c4c6fc74 Signed-off-by: Stefan Kristiansson <stefank@nvidia.com>
Tegra: fiq_glue: remove bakery locks from interrupt handler
This patch removes usage of bakery_locks from the FIQ handler, as it
creates unnecessary dependency whenever the watchdog timer interrupt
fires. All operations inside the interrupt handler are 'reads', so
no need for serialization.
Tegra210B01 SoCs support atomic context save for the two SE
hardware engines. Tegra210 SoCs have support for only one SE
engine and support a software based save/restore mechanism
instead.
This patch updates the SE driver to make this change.
Sumit Garg [Thu, 14 Nov 2019 12:04:56 +0000 (17:34 +0530)]
qemu: Support optional encryption of BL31 and BL32 images
Enable encryption IO layer to be stacked above FIP IO layer for optional
encryption of Bl31 and BL32 images in case ENCRYPT_BL31 or ENCRYPT_BL32
build flag is set.
Sumit Garg [Thu, 14 Nov 2019 11:03:45 +0000 (16:33 +0530)]
Makefile: Add support to optionally encrypt BL31 and BL32
Following build flags have been added to support optional firmware
encryption:
- FW_ENC_STATUS: Top level firmware's encryption numeric flag, values:
0: Encryption is done with Secret Symmetric Key (SSK) which is
common for a class of devices.
1: Encryption is done with Binding Secret Symmetric Key (BSSK) which
is unique per device.
- ENC_KEY: A 32-byte (256-bit) symmetric key in hex string format. It
could be SSK or BSSK depending on FW_ENC_STATUS flag.
- ENC_NONCE: A 12-byte (96-bit) encryption nonce or Initialization Vector
(IV) in hex string format.
- ENCRYPT_BL31: Binary flag to enable encryption of BL31 firmware.
- ENCRYPT_BL32: Binary flag to enable encryption of Secure BL32 payload.
Similar flags can be added to encrypt other firmwares as well depending
on use-cases.
Sumit Garg [Mon, 11 Nov 2019 13:16:36 +0000 (18:46 +0530)]
tools: Add firmware authenticated encryption tool
Add firmware authenticated encryption tool which utilizes OpenSSL
library to encrypt firmwares using a key provided via cmdline. Currently
this tool supports AES-GCM as an authenticated encryption algorithm.
Sumit Garg [Fri, 15 Nov 2019 10:04:55 +0000 (15:34 +0530)]
TBB: Add an IO abstraction layer to load encrypted firmwares
TBBR spec advocates for optional encryption of firmwares (see optional
requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
support firmware decryption that can be stacked above any underlying IO/
packaging layer like FIP etc. It aims to provide a framework to load any
encrypted IO payload.
Also, add plat_get_enc_key_info() to be implemented in a platform
specific manner as handling of encryption key may vary from one platform
to another.
Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Manish Pandey [Tue, 3 Mar 2020 17:12:10 +0000 (17:12 +0000)]
driver/arm/css: minor bug fix
The cpu index was wrongly checked causing it to assert always.
Since this code path is exercised only during TF test "NODE_HW_STAT",
which queries Power state from SCP, this bug was not detected earlier.
Andre Przywara [Thu, 5 Mar 2020 13:56:56 +0000 (13:56 +0000)]
imx: console: Use CONSOLE_T_BASE for UART base address
Since commit ac71344e9eca we have the UART base address in the generic
console_t structure. For most platforms the platform-specific struct
console is gone, so we *must* use the embedded base address, since there
is no storage behind the generic console_t anymore.
Replace the usage of CONSOLE_T_DRVDATA with CONSOLE_T_BASE to fix this.
Change-Id: I6d2ab0bc2c845c71f98b9dd64d89eef3252f4591 Reported-by: Varun Wadekar <vwadekar@nvidia.com> Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Varun Wadekar [Wed, 4 Mar 2020 21:47:13 +0000 (13:47 -0800)]
Tegra: spe: use CONSOLE_T_BASE to save MMIO base address
Commit ac71344e9eca1f7d1e0ce4a67aca776470639b1c moved the base address
for the MMIO aperture of the console inside the console_t struct. As
a result, the driver should now save the MMIO base address to console_t
at offset marked by the CONSOLE_T_BASE macro.
This patch updates the SPE console driver to use the CONSOLE_T_BASE macro
to save/access the MMIO base address.
Manish Pandey [Tue, 25 Feb 2020 11:38:19 +0000 (11:38 +0000)]
SPMD: loading Secure Partition payloads
This patch implements loading of Secure Partition packages using
existing framework of loading other bl images.
The current framework uses a statically defined array to store all the
possible image types and at run time generates a link list and traverse
through it to load different images.
To load SPs, a new array of fixed size is introduced which will be
dynamically populated based on number of SPs available in the system
and it will be appended to the loadable images list.
Max Shvetsov [Tue, 25 Feb 2020 13:55:00 +0000 (13:55 +0000)]
SPMD: add command line parameter to run SPM at S-EL2 or S-EL1
Added SPMD_SPM_AT_SEL2 build command line parameter.
Set to 1 to run SPM at S-EL2.
Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is disabled).
Removed runtime EL from SPM core manifest.
Change-Id: Icb4f5ea4c800f266880db1d410d63fe27a1171c0 Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com> Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Max Shvetsov [Fri, 24 Jan 2020 13:48:53 +0000 (13:48 +0000)]
SPMD: [tegra] rename el1_sys_regs structure to sys_regs
Renamed the structure according to a SPMD refactoring
introduced in <c585d07aa> since this structure is used
to service both EL1 and EL2 as opposed to serving only EL1.
Change-Id: I23b7c089e53f617157a4b4e6443acce50d85c3b5 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Max Shvetsov [Mon, 17 Feb 2020 16:15:47 +0000 (16:15 +0000)]
SPMD: Adds partially supported EL2 registers.
This patch adds EL2 registers that are supported up to ARMv8.6.
ARM_ARCH_MINOR has to specified to enable save/restore routine.
Note: Following registers are still not covered in save/restore.
* AMEVCNTVOFF0<n>_EL2
* AMEVCNTVOFF1<n>_EL2
* ICH_AP0R<n>_EL2
* ICH_AP1R<n>_EL2
* ICH_LR<n>_EL2
Change-Id: I4813f3243e56e21cb297b31ef549a4b38d4876e1 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
Manish Pandey [Tue, 18 Feb 2020 13:08:14 +0000 (13:08 +0000)]
fvp: add Cactus/Ivy Secure Partition information
Add load address and UUID in fw config dts for Cactus and Ivy which are
example SP's in tf-test repository.
For prototype purpose these information is added manually but later on
it will be updated at compile time from SP layout file and SP manifests
provided by platform.
doc: Fix variables names in TBBR CoT documentation
In commit 516beb585c23056820a854b12c77a6f62cbc5c8b ("TBB: apply TBBR naming
convention to certificates and extensions"), some of the variables used in the
TBBR chain of trust got renamed but the documentation did not get properly
updated everywhere to reflect these changes.
aarch32: stop speculative execution past exception returns
aarch32 CPUs speculatively execute instructions following a
ERET as if it was not a jump instruction. This could lead to
cache-based side channel vulnerabilities. The software fix is
to place barrier instructions following ERET.
Manish Pandey [Fri, 28 Feb 2020 16:52:55 +0000 (16:52 +0000)]
Merge changes I75f6d135,I4add470e,I0ecd3a2b,I67a63d73 into integration
* changes:
board/rddaniel: intialize tzc400 controllers
plat/arm/tzc: add support to configure multiple tzc400
plat/arm: allow boards to specify second DRAM Base address
plat/arm: allow boards to define PLAT_ARM_TZC_FILTERS
The maintainers.rst file lists files and directories that each contributor looks
after in the TF-A source tree. As files and directories move around over time,
some pathnames had become invalid. Fix them, either by updating the path if
it has just moved, or deleting it altogether if it doesn't seem to exist
anymore.
It is needed to make it appear in the table of contents. Right now,
all Amlogic documentation pages appear under the "Platform ports"
section, except the AXG one.
Imre Kis [Tue, 17 Dec 2019 17:06:26 +0000 (18:06 +0100)]
Modify multithreaded dts file of DynamIQ FVPs
The dts file now contains a CPU map that precisely describes the
topology including thread nodes. The map was also extended to have 16
PEs to be able to test multithreaded FVPs with 8 cores in the same
cluster.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: If39559b05d20bfd68d0ecf830ddcbc5233b288a0
Masahiro Yamada [Mon, 3 Feb 2020 10:46:40 +0000 (19:46 +0900)]
uniphier: prepare uniphier_soc_info() for next SoC
The revision register address will be changed in the next SoC.
The LSI revision is needed in order to know where the revision
register is located, but you need to read out the revision
register for that. This is impossible.
We need to know the revision register address by other means.
Use BL_CODE_BASE, where the base address of the TF image that is
currently running. If it is bigger than 0x80000000 (i.e. the DRAM
base is 0x80000000), we assume it is a legacy SoC.
Mark Dykes [Tue, 25 Feb 2020 23:39:33 +0000 (23:39 +0000)]
Merge changes from topic "console_t_cleanup" into integration
* changes:
marvell: Consolidate console register calls
uniphier: Use generic console_t data structure
spe: Use generic console_t data structure
LS 16550: Use generic console_t data structure
stm32: Use generic console_t data structure
rcar: Use generic console_t data structure
a3700: Use generic console_t data structure
16550: Use generic console_t data structure
imx: Use generic console_t data structure
Alexei Fedorov [Mon, 24 Feb 2020 10:39:31 +0000 (10:39 +0000)]
FVP: Fix incorrect GIC mapping
This patch fixes incorrect setting for DEVICE1_SIZE
for FVP platforms with more than 8 PEs.
The current value of 0x200000 supports only 8 PEs
and causes exception for FVP platforms with the greater
number of PEs, e.g. FVP_Base_Cortex_A65AEx8 with 16 PEs
in one cluster.
Andre Przywara [Sat, 25 Jan 2020 23:55:08 +0000 (23:55 +0000)]
marvell: Consolidate console register calls
Now that different UARTs share the same console_t struct, we can
simplify the console selection for the Marvell platforms:
We share the same console_t pointers, just change the name of the
console register functions, depending on the selected platform.
Change-Id: I6fe3e49fd7f208a9b3372c5deef43236a12867bc Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 01:07:19 +0000 (01:07 +0000)]
coreboot: Use generic base address
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location for the coreboot memory console.
This removes the base member from the coreboot specific data structure,
but keeps the struct console_cbmc_t and its size member.
Change-Id: I7f1dffd41392ba3fe5c07090aea761a42313fb5b Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
pl011: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I7a23327394d142af4b293ea7ccd90b843c54587c Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
meson: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I07a07677153d3671ced776671e4f107824d3df16 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:54:38 +0000 (00:54 +0000)]
console: Integrate UART base address in generic console_t
*All* UART drivers in TF-A are storing their base address as a uintptr_t
pointer in the first location of the UART specific driver data.
Since the base address is a pretty natural and generic data item, we
should integrate this into the generic console_t structure.
That will not only allow to remove a lot of seemingly UART specific data
structures, but also enables to simplify runtime choices between different
UARTs, since they can share the same pointer.
This patch just adds the new member, the existing data structures will
be handled on a per-UART base in follow-up patches.
Change-Id: I59ce49471ccc8f3b870f2cfd8a72ebfd0cb14d12 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
uniphier: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: Ia9d996bb45ff3a7f1b240f12fd75805b48a048e9 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
skeletton: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I347849424782333149e5912a25cc0ab9d277a201 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
spe: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I75dbfafb67849833b3f7b5047e237651e3f553cd Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
cdns: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I9f8b55414ab7965e431e3e86d182eabd511f32a4 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
LS 16550: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: Ifd6aff1064ba1c3c029cdd8a83f715f7a9976db5 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
stm32: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: Iea6ca26ff4903c33f0fad27fec96fdbabd4e0a91 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
rcar: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I836e26ff1771abf21fd460d0ee40e90a452e9b43 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
a3700: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I89c3ab2ed85ab941d8b38ced48474feb4aaa8b7e Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
16550: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I5c2fe3b6a667acf80c808cfec4a64059a2c9c25f Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Sat, 25 Jan 2020 00:58:35 +0000 (00:58 +0000)]
imx: Use generic console_t data structure
Since now the generic console_t structure holds the UART base address as
well, let's use that generic location and drop the UART driver specific
data structure at all.
Change-Id: I058f793e4024fa7291e432f5be374a77faf16f36 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
projects / arm-tf.git / log