AlexeiFedorov [Thu, 24 Nov 2022 13:42:44 +0000 (13:42 +0000)]
fix(trp): preserve RMI SMC X4 when not used as return
This patch adds X2-X6 and 'smc_ret' parameters to trp_rmi_handler().
The last 'smc_ret' parameter passed in X7 contains address of
'trp_smc_result' structure on stack to return result of RMI SMC call.
This allows to preserve X4 if not used as a return argument as per
SMCCCv1.2. The patch also removes use of trp_args_t in RMI handling.
AlexeiFedorov [Tue, 29 Nov 2022 13:32:41 +0000 (13:32 +0000)]
feat(rmm): add support for the 2nd DRAM bank
This patch adds support for RMM granules allocation
in FVP 2nd DRAM 2GB bank at 0x880000000 base address.
For ENABLE_RME = 1 case it also removes "mem=1G"
Linux kernel command line option in fvp-base-psci-common.dsti
to allow memory layout discovery from the FVP device tree.
FVP parameter 'bp.dram_size' - size of main memory in gigabytes
documented in docs/components/realm-management-extension.rst
is changed from 2 to 4.
David Vincze [Thu, 1 Dec 2022 14:10:34 +0000 (15:10 +0100)]
fix(rss): do not consider MHU_ERR_ALREADY_INIT as error
rss_comms_init() should return with success (0) in case of an internal
MHU_ERR_ALREADY_INIT error code which is harmless (occurs when
rss_comms_init() is called multiple times in a row).
Change-Id: Ibb1fef48a60866e80d3a389128cb8eef1332ea01 Signed-off-by: David Vincze <david.vincze@arm.com>
Sieu Mun Tang [Wed, 28 Sep 2022 07:58:28 +0000 (15:58 +0800)]
feat(intel): extending to support SMMU in FCS
This patch is to extend support SMMU in FCS GET_DIGEST, MAC_VERIFY,
ECDSA_SHA2_DATA_SIGNING and ECDSA_SHA2_DATA_SIGNATURE_VERIFY.
It also will change to use asynchronous mailbox send command to improve
fcs_client timing performance.
Increase the SIP_SVC_VERSION_MAJOR because SMMU support is not backward
compatible.
Increase the SIP_SVC_VERSION_MINOR because 8 news function IDs are
introduced.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I15e619e246531b065451f9b201646f3c50e26307
Naman Patel [Thu, 1 Dec 2022 10:58:46 +0000 (02:58 -0800)]
fix(zynqmp): initialize uint32 with value 0U in pm code
MISRA Violation: MISRA C-2012 Rule 7.2
- Initialize the unsigned int with value 0u in pm_service component.
Current misra warning detection tool is not reporting this as
warning. It reports only when the initialized value exceeds the
range of data type based on compiler used.
But, this change is added as a part of precaution as some other
misra checker tool may report it as violation of rule 7.2.
Signed-off-by: Naman Patel <naman.patel@amd.com>
Change-Id: I50a5cee2a077fe157e79757d959ce33064225af3
Manish Pandey [Thu, 17 Nov 2022 14:43:15 +0000 (14:43 +0000)]
fix(el3_runtime): restore SPSR/ELR/SCR after esb
SCR_EL3 register is restored before esb issued and it is assumed
that EAs are unmasked at that point, which is wrong, as the SCR_EL3
value at that time is restored from the context of the world where
it is returning to.
Manish Pandey [Wed, 30 Nov 2022 13:17:08 +0000 (14:17 +0100)]
Merge changes from topic "mb/refactor-evlog" into integration
* changes:
refactor(qemu): pass platform metadata as a function's argument
refactor(imx8m): pass platform metadata as a function's argument
refactor(fvp): pass platform metadata as a function's argument
refactor(measured-boot): accept metadata as a function's argument
Baruch Siach [Thu, 24 Nov 2022 08:34:06 +0000 (10:34 +0200)]
fix(console): fix crash on spin_unlock with cache disabled
Current code skips load of spinlock address when cache is disabled. The
following call to spin_unlock stores into the random location that x0
points to.
Move spinlock address load earlier so that x0 is always valid on
spin_unlock call.
David Vincze [Fri, 4 Nov 2022 17:28:12 +0000 (18:28 +0100)]
fix(rss): remove null-terminator from RSS metadata
Remove the null-terminator of the string-like data items
from the RSS measurement's metadata. The 'version' and
'sw_type' items have an associated length value which
should not include a null-terminator when storing the
measurement.
Change-Id: Ia91ace2fff8b6f75686dd2e1862475268300bbdb Signed-off-by: David Vincze <david.vincze@arm.com>
Mate Toth-Pal [Mon, 24 Oct 2022 13:15:10 +0000 (15:15 +0200)]
feat(lib/psa): add read_measurement API
This API is added for testing purposes. It makes possible to write test
cases that read measurements back after extending them, and compare
them to expected results.
fix(intel): mailbox store QSPI ref clk in scratch reg
When HPS requests QSPI controller access the SDM returns the QSPI
reference clock frequency. Store the provided reference clock frequency
(in kHz) in BOOT_SCRATCH_COLD_0 register (bits [27:0]) as u-boot
QSPI driver expects this.
Incorrect number of FPGA pinmux registers was copied from handoff data.
This caused pinmux_emac0_usefpga register to always be zero meaning
"EMAC0 uses HPS IO Pins" even if handoff data for this register was one
meaning "EMAC0 uses the FPGA Inteface".
refactor(measured-boot): accept metadata as a function's argument
Updated the event log driver's function to accept metadata as an
argument, to remove the platform function usage from the event log
driver to make it a standalone driver.
Change-Id: I512cf693d51dc3c0b9d2c1bfde4f89414e273049 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Update SPM threat model for possible threats, from malicious
endpoints, related to interrupt management. The mitigations
are based on the guidance provided in FF-A v1.1 EAC0 spec.
Harrison Mutai [Fri, 11 Nov 2022 14:09:55 +0000 (14:09 +0000)]
fix(cpus): workaround for Cortex-X3 erratum 2615812
Cortex-X3 erratum 2615812 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r1p1, and is still open. The workaround is to disable
the use of the Full Retention power mode in the core (setting
WFI_RET_CTRL and WFE_RET_CTRL in CORTEX_X3_IMP_CPUPWRCTLR_EL1 to 0b000).
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2055130/latest
Change-Id: I5ad66df3e18fc85a6b23f6662239494ee001d82f Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Merge changes If90a18ee,I02e88f8c,Iea447fb5,Ie0570481,Ieeb14cfc into integration
* changes:
docs: add top level section numbering
docs(build): clarify getting started section
docs(build): clarify docs building instructions
fix(docs): prevent a sphinx warning
fix(docs): prevent a virtual environment from failing a build
Boyan Karatotev [Thu, 27 Oct 2022 14:12:36 +0000 (15:12 +0100)]
docs: add top level section numbering
Top level sections are not numbered. Adding numbers makes referring to
sections easier. For example the Maintainers page changes from
"about/3.1" to simply "1.3.1".
Boyan Karatotev [Thu, 27 Oct 2022 13:47:18 +0000 (14:47 +0100)]
docs(build): clarify getting started section
The Getting started section is very difficult to follow. Building the
fip comes before building the files it needs, the BL33 requirement is
given in a somewhat hand wavy way, and the Arm Developer website
download provides a lot of targets and the guide is not clear which ones
are needed on download.
Swapping the initial build and supporting tools sections makes the flow
more natural and the supporting tools section then becomes clear.
Explicitly mentioning the GCC targets avoids confusion for people less
familiar with the project (eg. new starters).
Boyan Karatotev [Thu, 27 Oct 2022 12:55:12 +0000 (13:55 +0100)]
docs(build): clarify docs building instructions
Using virtual environments with pip is a generally recommended good
practice but the docs do not acknowledge it. As a result fresh installs
might fail builds due to missing $PATH entries. The Prerequisites
section is also a bit verbose which is difficult to read.
This patch adds the virtual environment mention and clarifies wording.
Boyan Karatotev [Thu, 27 Oct 2022 10:56:40 +0000 (11:56 +0100)]
fix(docs): prevent a sphinx warning
Some newer versions of sphinx (tried on v5.3) will warn about language
being None which will fail the build. Change it to the default (en) to
prevent this.
Boyan Karatotev [Thu, 27 Oct 2022 10:28:23 +0000 (11:28 +0100)]
fix(docs): prevent a virtual environment from failing a build
sphinx-build is passed a blanket "." to build all docs. However, if a
virtual environment is placed within the docs directory, sphinx will try
to build it which will fail due to some weird files it has.
This excludes the most common virtual environment directories from the
build to prevent this.
Boyan Karatotev [Tue, 15 Nov 2022 17:39:22 +0000 (17:39 +0000)]
fix(docs): unify referenced Ubuntu versions
Documentation is inconsistent when referring to Ubuntu versioning.
Change this to a single reference that is consistent with the stated
version for TF-A tests.
The change was tested with a full build on a clean install of Ubuntu 20.04.
Quentin Schulz [Mon, 14 Nov 2022 16:40:33 +0000 (17:40 +0100)]
fix(rockchip): align fdt buffer on 8 bytes
Since commit 94b2f94bd632 ("feat(libfdt): upgrade libfdt source files"),
8-byte alignment of the FDT address is enforced to follow the DT
standard.
Rockchip implementation of params_early_setup loads the FDT address as
passed by the bootloader into a buffer. This buffer is currently made of
uint8_t which means it is not 8-byte aligned and might result in
fdt_open_into failing.
Instead, let's make this buffer uint64_t to make it 8-byte aligned.
Okash Khawaja [Mon, 14 Nov 2022 12:50:30 +0000 (12:50 +0000)]
fix(cpus): update doc and check for plat_can_cmo
plat_can_cmo must not clobber x1 but the doc doesn't mention that. This
patch updates the doc to mention x1. It also adds check for plat_can_cmo
to `dcsw_op_louis` which was missed out in original patch.
Manish Pandey [Mon, 14 Nov 2022 13:11:55 +0000 (14:11 +0100)]
Merge changes from topic "stm32mp1-trusted-boot" into integration
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
feat(stm32mp1): add the platform specific build for tools
fix(stm32mp13-fdts): remove secure status
feat(stm32mp1-fdts): add CoT and fuse references for authentication
feat(stm32mp1): add a check on TRUSTED_BOARD_BOOT with secure chip
feat(stm32mp1): add the decryption support
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
feat(stm32mp1): update ROM code API for header v2 management
feat(stm32mp1): remove unused function from boot API
refactor(stm32mp1): remove authentication using STM32 image mode
fix(fconf): fix type error displaying disable_auth
feat(tbbr): increase PK_DER_LEN size
fix(auth): correct sign-compare warning
feat(auth): allow to verify PublicKey with platform format PK
feat(cert-create): update for ECDSA brainpoolP256r/t1 support
feat(stm32mp1): add RNG initialization in BL2 for STM32MP13
feat(st-crypto): remove BL32 HASH driver usage
feat(stm32mp1): add a stm32mp crypto library
feat(st-crypto): add STM32 RNG driver
feat(st-crypto): add AES decrypt/auth by SAES IP
feat(st-crypto): add ECDSA signature check with PKA
feat(st-crypto): update HASH for new hardware version used in STM32MP13
Lionel Debieve [Mon, 14 Nov 2022 10:05:09 +0000 (11:05 +0100)]
fix(build): ensure that the correct rule is called for tools
In case of platform specific usage for both fiptool or certtool,
we need to ensure that the Makefile will use the correct rule
to generate the binary. Add the explicit call to the "all" rule.
Lionel Debieve [Thu, 6 Oct 2022 06:51:32 +0000 (08:51 +0200)]
feat(stm32mp1-fdts): add CoT and fuse references for authentication
Add the stm32mp1 CoT description file. Include the TRUSTED_BOARD_BOOT
entry in the platform device tree file.
Add the missing public root key reference for stm32mp15 and the
encryption key reference for stm32mp13.
Lionel Debieve [Wed, 5 Oct 2022 14:47:03 +0000 (16:47 +0200)]
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
Add the support of the TRUSTED_BOARD_BOOT to authenticate the loaded
FIP using platform CoT management.
It adds TBB platform definition, redefining the standard image ID in
order to decrease requested size in BL2 binary.
Authentication will use mbedTLS library for parsing certificate
configured with a platform configuration.
Change-Id: I9da66b915c5e9e9293fccfce92bef2434da1e430 Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com> Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
projects / arm-tf.git / log