| Age | Commit message (Collapse) | Author |
|---|
|
Updated the structure for Cortex-A76 in the errata ABI file
for the missing entries from the cortex_a76.S file.
Change-Id: Iceaf26fb2de493a877c4c100c0137f9255fc8b9f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
Update the revision and variant information in the
errata ABI file, cortex_A710.S file for erratum ID - 2058056
and erratum ID - 2055002 to match the revision and variant
in the latest SDEN.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775101/latest
Change-Id: Ie010dae90dabf8670f588a06f9a606cf41e22afa
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
* changes:
fix(rcar3-drivers): update DDR setting
fix(rcar3): fix CPG register code comment
fix(rcar3): update Draak and Eagle board IDs
|
|
* changes:
feat(st): support gcc as linker
fix(build): allow gcc linker on Aarch32 platforms
|
|
|
|
* changes:
feat(fvp): new SiP call to set an interrupt pending
refactor(arm): allow platform specific SiP support
|
|
|
|
into integration
|
|
This patch introduces an SiP SMC call for FVP platform to set an
interrupt pending. This is needed for testing purposes.
Change-Id: I3dc68ffbec36d90207c30571dc1fa7ebfb75046e
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
|
|
This patch introduces handler to add support for SiP calls to be
handled at EL3 for Arm platforms.
Consequently, the support for SPMD LSP is moved to corresponding
Arm platform SiP source file. This will allow us to add support
for a new SiP call in subsequent patch.
Change-Id: Ie29cb57fc622f96be3b67bebf34ce37cc82947d8
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
|
|
CMD.exe limits prompts to 8191 characters [1], unfortunately our command
line lengths when building with make get really long and in certain
instances exceed this limit. Get around this by passing options to the
compiler and linker via the response file mechanism.
[1] https://learn.microsoft.com/en-us/troubleshoot/windows-client/shell-experience/command-line-string-limitation
Change-Id: I6fee83c5892542f887daf25227fcb595a36f26b9
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
|
|
When key_load() attempts to load the key from a file and it fails to
open this file, the 'err_code' output argument is set to
'KEY_ERR_OPEN' error code. However, it is incorrectly overwritten
later on with 'KEY_ERR_NONE' or 'KEY_ERR_LOAD'.
The latter case messes up with the key creation scenario. The
'KEY_ERR_LOAD' error leads the tool to exit, when it should attempt to
create the said key file if invoked with the --new-keys/-n option.
Note that, to complicate matters further, which of 'KEY_ERR_OPEN' or
'KEY_ERR_NONE' values is returned by key_load() depends on the version
of OpenSSL in use:
- If using v3+, KEY_ERROR_LOAD is returned.
- If using <v3, KEY_ERROR_NONE is returned as a result of the key
pair container being initialized by key_new().
This patch fixes this bug and also takes the opportunity to refactor
key_load() implementation to (hopefully) make it more straight-forward
and easier to reason about.
Fixes: 616b3ce27d9a "feat(cert-create): add pkcs11 engine support"
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Reported-by: Wenchen Tan <xtaens@qq.com>
Change-Id: Ia78ff442e04c5ff98e6ced8d26becbd817a8ccb7
|
|
|
|
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I2c64e7582a744f54b54085d3a1d7ac91e269ce3d
|
|
On behalf of Jorge himself.
Change-Id: I2dca445a240f7bc16c02365e936b064f6a246d89
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
|
* changes:
feat(versal-net): retrieval of console information from dtb
feat(versal): retrieval of console information from dtb
refactor(xilinx): create generic function for clock retrieval
feat(zynqmp): retrieval of console information from dtb
|
|
|
|
* changes:
fix(dcc): enable DCC also for crash console
build(changelog): add new scope for DCC
|
|
Update R-Car H3/M3/M3N DDR setting rev.0.42.
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Ia66dd2329ab3a3ca39132a737e92b3a4864db02d
|
|
* changes:
refactor(arm): remove ARM_ROTPK_KEY_LEN comparison
fix(st): setting default KEY_SIZE
docs(cert-create): add key size options for ecdsa
feat(arm): ecdsa p384/p256 full key support
feat(tbbr): update PK_DER_LEN for ECDSA P-384 keys
feat(auth): ecdsa p384 key support
feat(cert-create): ecdsa p384 key support
|
|
Removing ARM_ROTPK_KEY_LEN definition and comparison in full key .S
files since there is little value in comparing the defined value with a
static size. This becomes more maintenance than value addition.
Removing defines no longer required and general clean up of .S full key
files.
Change-Id: Id286b7078ab9e190e37a43804e2a8d1b0934c235
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
One of the internal make rules for ST platforms uses the linker, but
with dedicated options for ld. Adapt the rule to check if the linker
is gcc and use updated options.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: If566dccfa329f9d34a80673a60c6fadd642a0231
|
|
When trying to compile and link with gcc on an Aarch32 platform, there
is the following error:
arm-none-eabi-gcc: error: unrecognized command-line option
'-mno-fix-cortex-a53-843419'; did you mean '-mno-fix-cortex-m3-ldrd'?
This option seems specific to Aarch64 version of GCC.
Enclose it with a check on ARCH=aarch64.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I8c8cb784ce2f2938c4c6999745dda09ee9a5669d
|
|
Update the code comment to match referenced register.
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Ie0ddbe0bffd31794425f0967c865e2928ce8d78d
|
|
The Draak board ID is 7, Eagle is 3, update them to match
HW documentation. Drop the U suffix from Ebisu board ID.
Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Change-Id: Idd191614a6f1f8dbbc13b8e0bc1f089090f9d20b
|
|
Setting default KEY_SIZE to 256 for ECDSA since it is currently being
set to 2048 by make_helpers/defaults.mk, which is an invalid size for
ECDSA
Change-Id: I4c0edf714dcd2a31d5e50ea060b1b5348167387d
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Adding the possible key sizes for the ecdsa key algorithm.
Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Add full key support for ECDSA P384 and P256.
New .S files and p384 pem file created along with new
plat_get_rotpk_info() flag ARM_ROTPK_DEVEL_FULL_DEV_ECDSA_KEY_ID.
Change-Id: I578b257eca41070bb4f4791ef429f2b8a66b1eb3
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Adding the PK_DER_LEN option for 384 key size when adding ECDSA P384 key
support
Change-Id: I0f19aebad20d1c552976dc3c22ed396d79614769
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Use KEY_SIZE 384 to enable ECDSA P384 key support by
setting MBEDTLS_ECP_DP_SECP384R1_ENABLED.
Selected by setting KEY_ALG=ecdsa and KEY_SIZE=384.
Change-Id: I382f34fc4da98f166a2aada5d16fdf44632b47f5
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Adding ECDSA P384 (secp384r1) key creation support through key_bits
obtained from KEY_SIZE.
Change-Id: I571251caef20222990bd927cdfb5f35bf2a185d0
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
* changes:
feat(rdn2): introduce platform handler for Group0 interrupt
feat(rdn2): add plat hook for memory transaction
feat(rdn2): introduce accessor function to obtain datastore
feat(spm): separate StMM SP specifics to add support for a S-EL0 SP
feat(rdn2): add defines needed for spmc-el3
feat(ras): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(bl31): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(arm): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(el3-spmc): add a flag to enable support to load SEL0 SP
refactor(spm-mm): reorganize secure partition manager shim code
|
|
This patch introduces a handler for RDN2 platform to triage Group0
secure interrupts. Currently, it is empty but serves as a
placeholder for future Group0 interrupt sources.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: If0b64e507e9105813d9a5d16f70101cf0d8ca5a4
|
|
RdN2 does not make MEM_SHARE/LEND requests. Instead, add a dummy
implementation of memory management related platform hooks.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ifce55b6661f03d379e2fd2dc5625200d550d8038
|
|
In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptor, introduce an accessor function
so that the backing memory can be allocated in a platform
defined manner to accommodate memory constraints and
desired usecases.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: If5842e79c2ad22ccc17362b114f47d9900d82f7e
|
|
This patch separates the code from SPM_MM to get xlat table context and
move it to a common location. In addition, only APIs required from both
SPM_MM and FF-A EL3 SPMC are moved to the common location.
This allows understanding better what is required to support a S-EL0 SP
instead of trying to retrofit what already exists.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I142d7fbef5239869176d0de93842c66051d7ed78
|
|
Add the following platform specific flags to enable SPMC build.
SECURE_PARTITION_COUNT: Number of secure partitions supported
NS_PARTITION_COUNT: Number of non secure partitions supported
MAX_EL3_LP_DESCS_COUNT: Number of logical partitions supported
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I33d46be9dffd0acfc088bc1701dc0b1ed92dbf46
|
|
For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ic88db49d4f854c718d064b2c301a639fc2df2857
|
|
For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I5ef694f7e2f6d48ec7db26f92ccb350ed537e3f1
|
|
For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ia24b97343c7b8c6b22a4d54c5bb9cee2c480241f
|
|
Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39
|
|
In preparation for adding the support for SEL0 SP in EL3 SPMC,
restructure the existing SPM_MM shim code in a way that allows reuse
of the code for both SPM_MM interface and FF-A EL3 SPMC interface. The
code for changing exception levels is identical for both.
With this restructuring of the code, the shim exception code is moved to
the common sub-directory.
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Iadda9cf73f12b56e6a1d31fc21b5ba5dc355867f
|
|
|
|
1. Allow domain D8 (SCP c0) access to the region 0x50000000~0x528FFFFF.
2. Allow domain D8 (SCP c1) access to the region 0x70000000~0x729FFFFF.
3. Allow domain D4 (DSP) access to the region 0x60000000~0x610FFFFF.
Change-Id: Iea92eebaea4d7dd2968cf51f41d07c2479168e7e
Signed-off-by: Jason Chen <Jason-ch.Chen@mediatek.com>
|
|
The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.
Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.
This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.
The following changes are introduced when getc() is disabled:
- The multi-console framework no longer provides the console_getc()
function.
- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.
If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up
If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'
- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.
[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.
Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/
Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
|
|
|
|
Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.
Comparing early console information and the data populated from
the DTB. In case of a mistmatch, the changes takes care of
unregistering the build time console configuration and registering the
DTB-based console.
Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating console-
related settings, making it easier to manage and extend the console
configuration in the future.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I7b6ebad0e91133ab5fbda8f3a8663abfb6dd2458
|
|
Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.
Comparing early console information and the data populated from
the DTB. In case of a mistmatch, the changes takes care of
unregistering the build time console configuration and registering the
DTB-based console.
Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating console-related
settings, making it easier to manage and extend the console
configuration in the future.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I617c846d753e73d2433edf15b3286f1a650f01b3
|
|
Refactors the code in the AMD-Xilinx platform for Versal and Versal NET
to create a more generic function for obtaining clock signals
from the platform. The new function get_uart_clk is specific to each
platform and providing greater flexibility for clock signal retrieval
in various parts of the codebase.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: Iff67315339b2651c9bea73af0d89fcbad2bb332a
|
|
Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.
With fdt_get_stdout_node_offset() function, which reads the 'secure-chosen'
first,'chosen' and 'stdout-path' properties from the DTB, providing a
convenient and standardized way to access serial console information.
Implemented a comparison mechanism between early console information
and the data populated from the DTB. In case of a mismatch, the commit
takes care of unregistering the build-time console configuration and
registering the DTB-based console.
Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating
console-related settings, making it easier to manage and extend the
console configuration in the future.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I857042fc0fb8f070bbc11f6b47aa57a72fbe5392
|
