Tamas Ban [Fri, 11 Feb 2022 08:49:36 +0000 (09:49 +0100)]
feat(plat/arm/fvp): enable RSS backend based measured boot
Enable the RSS backend based measured boot feature.
In the absence of RSS the mocked version of PSA APIs
are used. They always return with success and hard-code data.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I7543e9033a7a21f1b836d911d8d9498c6e09b956
Tamas Ban [Tue, 18 Jan 2022 15:20:47 +0000 (16:20 +0100)]
feat(lib/psa): mock PSA APIs
Introduce PLAT_RSS_NOT_SUPPORTED build config to
provide a mocked version of PSA APIs. The goal is
to test the RSS backend based measured boot and
attestation token request integration on such
a platform (AEM FVP) where RSS is otherwise
unsupported. The mocked PSA API version does
not send a request to the RSS, it only returns
with success and hard-coded values.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ice8d174adf828c1df08fc589f0e17abd1e382a4d
Tamas Ban [Tue, 18 Jan 2022 15:32:18 +0000 (16:32 +0100)]
feat(drivers/arm/rss): add RSS communication driver
This commit adds a driver to conduct the AP's communication
with the Runtime Security Subsystem (RSS).
RSS is Arm's reference implementation for the CCA HES [1].
It can be considered as a secure enclave to which, for example,
certain services can be offloaded such as initial attestation.
RSS comms driver:
- Relies on MHU v2.x communication IP, using a generic MHU API,
- Exposes the psa_call(..) API to the upper layers.
Tamas Ban [Tue, 18 Jan 2022 15:19:17 +0000 (16:19 +0100)]
feat(lib/psa): add measured boot API
A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measured boot runtime service.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2448e324e7ece6b318403c5937dfe7abea53d0f3
Tamas Ban [Mon, 10 Jan 2022 16:04:03 +0000 (17:04 +0100)]
feat(drivers/arm/mhu): add MHU driver
The Arm Message Handling Unit (MHU) is a mailbox controller used to
communicate with other processing element(s). Adding a driver to
enable the communication:
- Adding generic MHU driver interface,
- Adding MHU_v2_x driver.
Driver supports:
- Discovering available MHU channels,
- Sending / receiving words over MHU channels,
- Signaling happens over a dedicated channel.
Signed-off-by: Tamas Ban <tamas.ban@arm.com> Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: I41a5b968f6b8319cdbdf7907d70bd8837839862e
Manish Pandey [Mon, 9 May 2022 09:30:50 +0000 (11:30 +0200)]
Merge changes Idfd268cd,I362445b9,Ibea052d3,I28cb8f74,I501ae76a, ... into integration
* changes:
feat(imx8mp): enable BL32 fdt overlay support on imx8mp
feat(imx8mq): enable optee fdt overlay support
feat(imx8mn): enable optee fdt overlay support
feat(imx8mm): enable optee fdt overlay support
feat(imx8mp): add trusty for imx8mp
feat(imx8mq): enable trusty for imx8mq
feat(imx8mn): enable Trusty OS for imx8mn
feat(imx8mm): enable Trusty OS on imx8mm
feat(imx8/imx8m): switch to xlat_tables_v2
feat(imx8m): enable the coram_s tz by default on imx8mn/mp
feat(imx8m): enable the csu init on imx8m
feat(imx8m): add a simple csu driver for imx8m family
refactor(imx8m): replace magic number with enum type
feat(imx8m): add imx csu/rdc enum type defines for imx8m
fix(imx8m): check the validation of domain id
feat(imx8m): enable conditional build for SDEI
Jacky Bai [Tue, 7 Jan 2020 06:53:54 +0000 (14:53 +0800)]
feat(imx8m): enable the csu init on imx8m
Enable the CSU init on i.MX8M SoC family. The 'csu_cfg' array
is just a placeholder for now as example with limited config listed.
In real use case,user can add the CSU config as needed based on system design.
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I1f7999efa346f18f6625ed8c478d088ed75f7833
feat(intel): implement timer init divider via cpu frequency. (#1)
Get cpu frequency and update the timer init div with it.
The timer is vary based on the cpu frequency instead of hardcoded.
The implementation shall apply to only Agilex and S10
Olivier Deprez [Fri, 6 May 2022 09:52:55 +0000 (11:52 +0200)]
Merge changes from topic "ja/boot_protocol" into integration
* changes:
fix(sptool): update Optee FF-A manifest
feat(sptool): delete c version of the sptool
feat(sptool): use python version of sptool
feat(sptool): python version of the sptool
refactor(sptool): use SpSetupActions in sp_mk_generator.py
feat(sptool): add python SpSetupActions framework
Yann Gautier [Fri, 6 May 2022 07:50:43 +0000 (09:50 +0200)]
fix(st): fix NULL pointer dereference issues
The get_bl_mem_params_node() function could return NULL. Add asserts to
check the return value is not NULL.
This corrects coverity issues:
pager_mem_params = get_bl_mem_params_node(BL32_EXTRA1_IMAGE_ID);
>>> CID 378360: (NULL_RETURNS)
>>> Dereferencing "pager_mem_params", which is known to be "NULL".
paged_mem_params = get_bl_mem_params_node(BL32_EXTRA2_IMAGE_ID);
>>> CID 378360: (NULL_RETURNS)
>>> Dereferencing "paged_mem_params", which is known to be "NULL".
tos_fw_mem_params = get_bl_mem_params_node(TOS_FW_CONFIG_ID);
>>> CID 378360: (NULL_RETURNS)
>>> Dereferencing "tos_fw_mem_params", which is known to be "NULL".
Do the same for other occurrences of get_bl_mem_params_node() return not
checked, in the functions plat_get_bl_image_load_info() and
bl2_plat_handle_pre_image_load().
MISRA Violation: MISRA-C:2012 R.14.4
The controlling expression of an if statement and the controlling
expression of an iteration-statement shall have essentially Boolean type.
MISRA Violation: MISRA-C:2012 R.10.3
- The value of an expression shall not be assigned to an object with a
narrower essential type or of a different essential type category.
johpow01 [Fri, 28 Jan 2022 23:06:20 +0000 (17:06 -0600)]
feat(brbe): add BRBE support for NS world
This patch enables access to the branch record buffer control registers
in non-secure EL2 and EL1 using the new build option ENABLE_BRBE_FOR_NS.
It is disabled for all secure world, and cannot be used with ENABLE_RME.
This option is disabled by default, however, the FVP platform makefile
enables it for FVP builds.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I576a49d446a8a73286ea6417c16bd0b8de71fca0
Sieu Mun Tang [Thu, 5 May 2022 15:42:55 +0000 (23:42 +0800)]
feat(intel): add SMPLSEL and DRVSEL setup for Stratix 10 MMC
SMPLSEL and DRVSEL values need to updated in
DWMMC for the IP to work correctly. This apply
on Stratix 10 device only.
Signed-off-by: Loh Tien Hock <tien.hock.loh@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ibd799a65890690682e27e4cbbc85e83ea03d51fc
Marc Bonnici [Thu, 9 Dec 2021 10:51:05 +0000 (10:51 +0000)]
feat(spmc): enable checking of execution ctx count
This is a mandatory entry in an SP's manifest however
currently an S-EL1 partition running under the EL3 SPMC
must have the same amount of execution contexts as
physical cores therefore just check the entry matches
this value.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I4c2a85ccde7a7bb9b1232cf6389a8c532cbf3d41
Marc Bonnici [Thu, 19 Aug 2021 13:42:19 +0000 (14:42 +0100)]
test(plat/fvp/lsp): add example logical partition
Add an example logical partition to the FVP platform that
simply prints and echos the contents of a direct request
with the appropriate direct response.
Change-Id: Ib2052c9a63a74830e5e83bd8c128c5f9b0d94658 Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change the OPTEE FF-A manifest to comply with changes to the sp pkg [1].
The sptool packs the image at the default offset of 0x4000, if it is not
provided in the arguments.
J-Alves [Mon, 21 Mar 2022 16:27:56 +0000 (16:27 +0000)]
feat(sptool): python version of the sptool
To cope with the changes/design decisions in the implementation of
boot protocol, from FF-A v1.1 specification in the S-EL2 SPM, we have
changed the format of the sp pkg header.
These changes need to be reflected in the sptool, used for packaging
the SP binary, and the SP's FF-A manifest. Now the SP pkg can
contain the boot information blob as defined by the FF-A specification.
To cater for these changes, bring to the TF-A project an equivalent to
the tool used in the Hafnium project.
Marc Bonnici [Mon, 14 Feb 2022 17:06:09 +0000 (17:06 +0000)]
feat(spmc/lsp): add logical partition framework
Introduce a framework to support running logical
partitions alongside the SPMC in EL3 as per the
v1.1 FF-A spec.
The DECLARE_LOGICAL_PARTITION macro has been added to
simplify the process to define a Logical Partition.
The partitions themselves are statically allocated
with the descriptors placed in RO memory.
It is assumed that the MAX_EL3_LP_DESCS_COUNT will
be defined by the platform.
Change-Id: I1c2523e0ad2d9c5d36aeeef6b8bcb1e80db7c443 Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Mediatek's mt6795 platform was deprecated in 2.5 release and as per [1]
a platform which has been marked deprecated should be removed from repo
after 2 release cycle.
Manish Pandey [Wed, 4 May 2022 09:59:52 +0000 (10:59 +0100)]
refactor(sgm775): remove Arm sgm775 platform
Arm's sgm775 platform was deprecated in 2.5 release and as per [1] a
platform which has been marked deprecated should be removed from repo
after 2 release cycle.
J-Alves [Mon, 21 Mar 2022 14:11:43 +0000 (14:11 +0000)]
refactor(sptool): use SpSetupActions in sp_mk_generator.py
The "sp_mk_generator.py" is responsible for processing the SP layout
file, which contains information about the SPs to be deployed on top of
the SPM, to generate the "sp_gen.mk" file which appends information
specific to each SP that shall help with packing all SPs into a fip
binary.
Before this patch the "sp_mk_generator.py" was a monolithic script,
which has now been broken down into functions for each identified
configuration action.
J-Alves [Mon, 21 Mar 2022 14:08:27 +0000 (14:08 +0000)]
feat(sptool): add python SpSetupActions framework
Developed python framework to help with SPs configuration. The framework
allows for functions (dubbed "actions" in the framework) to be defined
that should process the "sp_layout.json" file.
Andre Przywara [Fri, 25 Sep 2020 15:42:06 +0000 (16:42 +0100)]
feat(allwinner): add SMCCC SOCID support
The Allwinner SID device holds a 16-bit SoC identifier, which we already
use in our code.
Export this number through the generic SMCCC SOCID interface, to allow
an architectural identification of an Allwinner SoC. This enables access
to this information from non-secure world, simplifies generic drivers
(ACPI comes to mind), and gives easy and precise access to the SoC ID
from userland in OSes like Linux.
Change-Id: I91753046b2ae5408ca7bc0b864fcd97d24c8267c Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Merge changes from topic "allwinner-idle" into integration
* changes:
feat(allwinner): provide CPU idle states to the rich OS
feat(allwinner): simplify CPU_SUSPEND power state encoding
feat(allwinner): choose PSCI states to avoid translation
feat(fdt): add the ability to supply idle state information
fix(allwinner): improve DTB patching error handling
refactor(allwinner): patch the DTB after setting up PSCI
refactor(allwinner): move DTB change code into allwinner/common
Propose myself as a code owner of the measured boot module.
Also do a couple of updates along the way:
- Add the measured boot bindings document to the list of measured
boot files.
- Fix the list of FVP files. plat/arm/board/fvp/fvp_measured_boot.c
does not exist anymore. It has been replaced by
plat/arm/board/fvp/fvp_measured_{bl1,bl2,common}_boot.c files.
In all TF-A commit messages, the first line must comply to the
following format:
type(scope): description
Although the conventional commits specification says that the scope
above is optional, we have made it mandatory in TF-A and the following
error message is printed if no scope is provided:
scope may not be empty [scope-empty]
However, this can be too restrictive for some types of commits. For
example, it is typically hard to choose a scope for documentation
patches which modify several documents of different natures.
Lift this restriction in the tools and leave it up to the developer to
decide whether a scope is needed or not.
Sieu Mun Tang [Sat, 19 Mar 2022 16:49:57 +0000 (00:49 +0800)]
fix(intel): reject non 4-byte align request size for FPGA Crypto Service (FCS)
This patch is to add size checking to make sure that
each certificate and encryption/decryption request
are 4-byte align as this driver is expecting. Unaligned
size may indicate invalid/corrupted request hence will
be rejected.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ib6f97849ec470e45679c5adc4fbfa3afd10eda90
Harrison Mutai [Wed, 23 Feb 2022 11:37:12 +0000 (11:37 +0000)]
docs(prerequisites): use LLVM utilities to build with clang
Makefile updated to use LLVM utilities instead of GNU utilities when
compiling with clang. `CROSS_COMPILE` is not required since this
dependency has been removed.
Change-Id: I19706b84b9310e07935516681b86596c04ef8ad6 Signed-off-by: Harrison Mutai <harrison.mutai@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
John Powell [Fri, 15 Apr 2022 00:10:17 +0000 (19:10 -0500)]
fix(security): update Cortex-A15 CPU lib files for CVE-2022-23960
Cortex-A15 does not support FEAT_CSV2 so the existing workaround for
Spectre V2 is sufficient to mitigate against Spectre BHB attacks,
however the code needed to be updated to work with the new build flag.
Also, some code was refactored several years ago and not updated in
the Cortex-A15 library file so this patch fixes that as well.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I768c88a38c561c91019b038ac6c22b291955f18e
Merge changes I80661161,I82c1fa93,I018ccbb9,Ibc23734d,I97406abe, ... into integration
* changes:
feat(intel): add SMC support for HWMON voltage and temp sensor
feat(intel): add SMC support for Get USERCODE
fix(intel): extend SDM command to return the SDM firmware version
feat(intel): add SMC for enquiring firmware version
fix(intel): configuration status based on start request
fix(intel): bit-wise configuration flag handling
fix(intel): get config status OK status
fix(intel): use macro as return value
fix(intel): fix fpga config write return mechanism
feat(intel): add SiP service for DCMF status
feat(intel): add RSU 'Max Retry' SiP SMC services
feat(intel): enable SMC SoC FPGA bridges enable/disable
feat(intel): add SMC/PSCI services for DCMF version support
feat(intel): allow to access all register addresses if DEBUG=1
fix(intel): modify how configuration type is handled
feat(intel): support SiP SVC version
feat(intel): enable firewall for OCRAM in BL31
feat(intel): create source file for firewall configuration
fix(intel): refactor NOC header
Olivier Deprez [Fri, 4 Feb 2022 11:30:11 +0000 (12:30 +0100)]
feat(smmu): configure SMMU Root interface
This change performs a basic configuration of the SMMU root registers
interface on an RME enabled system. This permits enabling GPC checks
for transactions originated from a non-secure or secure device upstream
to an SMMU. It re-uses the boot time GPT base address and configuration
programmed on the PE.
The root register file offset is platform dependent and has to be
supplied on a model command line.
Sieu Mun Tang [Wed, 27 Apr 2022 10:57:29 +0000 (18:57 +0800)]
feat(intel): add SMC support for Get USERCODE
This patch adds SMC support for enquiring FPGA's User Code.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I82c1fa9390b6f7509b2284d51e199fb8b6a9b1ad
feat(intel): add SMC for enquiring firmware version
This command allows non-secure world software to enquire the
version of currently running Secure Device Manager (SDM) firmware.
This will be useful in maintaining backward-compatibility as well
as ensuring software cross-compabitility.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ibc23734d1135db74423da5e29655f9d32472a3b0
fix(intel): configuration status based on start request
Configuration status command now returns the result based on the last
config start command made to the runtime software. The status type can
be either:
- NO_REQUEST (default)
- RECONFIGURATION
- BITSTREAM_AUTH
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I97406abe09b49b9d9a5b43e62fe09eb23c729bff Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Sieu Mun Tang [Thu, 28 Apr 2022 14:40:58 +0000 (22:40 +0800)]
fix(intel): bit-wise configuration flag handling
Change configuration type handling to bit-wise flag. This is to align
with Linux's FPGA Manager definitions and promotes better compatibility.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com> Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I5aaf91d3fec538fe3f4fe8395d9adb47ec969434
Config status have different OK requirement between MBOX_CONFIG_STATUS
and MBOX_RECONFIG_STATUS request. This patch adds the checking to
differentiate between both command.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I45a4c3de460b031757dbcbd0b3a8055cb0a55aff Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
SMC function should strictly return INTEL_SIP_SMC_STATUS macro. Directly
returning value of variable status might cause confusion in calling
software.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Iea17f4feaa5c917e8b995471f3019dba6ea8dcd3 Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
projects / arm-tf.git / log