| Age | Commit message (Collapse) | Author |
|---|
|
* changes:
fix(cpus): fix the rev-var of Neoverse-V1
fix(errata-abi): update the Neoverse-N2 errata ABI struct
fix(errata-abi): update the neoverse-N1 errata ABI struct
fix(cpus): fix the rev-var of Cortex-X2
fix(errata-abi): update the Cortex-A78C errata ABI struct
fix(cpus): update the rev-var for Cortex-A78AE
fix(errata-abi): update the Cortex-A76 errata ABI struct
fix(cpus): fix the rev-var for Cortex-A710
|
|
Restricts MPAM to only NS world and enables trap to EL3 for access of
MPAM registers from lower ELs of Secure and Realm world.
This patch removes MPAM enablement from global context and adds it to
EL3 State context which enables/disables MPAM during world switches.
Renamed ENABLE_MPAM_FOR_LOWER_ELS to ENABLE_FEAT_MPAM and
removed mpam_init_el3() as RESET behaviour is trapping.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I131f9dba5df236a71959b2d425ee11af7f3c38c4
|
|
* changes:
docs(stm32mp15): mark STM32MP15_OPTEE_RSV_SHM deprecated
feat(stm32mp15): disable OP-TEE shared memory
|
|
Cortex-A510 erratum 2080326 is a Cat B erratum that applies
to all revisions <= r0p2 and is fixed in r0p3.
The workaround sequence helps perform a DSB after each TLBI
instruction and can be applied only for version r0p2 and has
minimal performance impact.
The workaround is not applicable for versions < r0p2.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1873361/latest
Change-Id: Ib9bce8b711c25a79f7b2f891ae6f8b366fc80ddd
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
Update the revision and variant information in the
errata ABI file, neoverse_v1.S file for erratum ID - 2294912
to match the revision and variant in the latest SDEN.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1401781/latest
Change-Id: I38a0f53c3515860ba442b5c0872c8ab051fdda6f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
Update the revision and variant information in the
errata ABI file, cortex_X2.S file for erratum ID - 2058056
to match the revision and variant in the latest SDEN.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775100/latest
Change-Id: I28ee39949d977c53d6f5243100f0c29bc3c0428c
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
Update the revision and variant information in the
cortex_a78_ae.s and errata ABI file for erratum ID - 2376748
based on the latest SDEN.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1707912/latest
Change-Id: I082aac41adf717b0d5d59046a8933a3f5a3de94f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
Update the revision and variant information in the
errata ABI file, cortex_A710.S file for erratum ID - 2058056
and erratum ID - 2055002 to match the revision and variant
in the latest SDEN.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775101/latest
Change-Id: Ie010dae90dabf8670f588a06f9a606cf41e22afa
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
into integration
|
|
TF-A is no more in charge of configuring OP-TEE shared memory.
Set the STM32MP15_OPTEE_RSV_SHM flag as deprecated (as well as the code
depending on it).
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I863d9a1e45e0bfc2f45d9bd84b90d626738934ab
|
|
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I2c64e7582a744f54b54085d3a1d7ac91e269ce3d
|
|
On behalf of Jorge himself.
Change-Id: I2dca445a240f7bc16c02365e936b064f6a246d89
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
|
Adding the possible key sizes for the ecdsa key algorithm.
Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
|
|
Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39
|
|
The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.
Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.
This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.
The following changes are introduced when getc() is disabled:
- The multi-console framework no longer provides the console_getc()
function.
- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.
If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up
If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'
- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.
[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.
Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/
Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
|
|
Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
We build TF-A in CI using x86_64 Linux hosted cross toolchains:
---------------------------------------------------------------
* AArch32 bare-metal target (arm-none-eabi)
* AArch64 bare-metal target (aarch64-none-elf)
Change-Id: Ifcabb7fb9d8e13b87e164c3c1be8c8d32c31b49a
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
|
|
* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash calculation
feat(mbedtls-psa): use PSA crypto API for hash verification
feat(mbedtls-psa): initialise mbedtls psa crypto
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
feat(mbedtls-psa): introduce PSA_CRYPTO build option
docs(changelog): add scope for MbedTLS PSA Crypto
|
|
|
|
- Fix the name of the user account under which the CI bot posts
review comments.
- The CI has now transitioned to trustedfirmware.org so CI results
are publically accessible.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I53dd93e200c9e119b5df6bbaf2644485cde57ce5
|
|
Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001 to the PF_MODE bits
in the IMP_CPUECTLR2_EL1 register. This places the data prefetcher
in the most conservative mode instead of disabling it.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I337c4c7bb9221715aaf973a55d0154e1c7555768
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
|
|
This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
when PSA_CRYPTO=1.
Also, marked PSA_CRYPTO as an experimental feature.
Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
|
|
|
|
This patch enables Scalable Matrix Extension (SME) for RMM. RMM will
save/restore required registers that are shared with SVE/FPU register
state so that Realm can use FPU or SVE.
The Relevant RMM support can be found here :
https://github.com/TF-RMM/tf-rmm/commit/0ccd7ae58b00
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I3bbdb840e7736dec00b71c85fcec3d5719413ffd
|
|
* changes:
feat(qemu): implement firmware handoff on qemu
feat(handoff): introduce firmware handoff library
|
|
integration
|
|
|
|
Add the missing trusted key certificate in the fiptool
command line.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ife95b0261f04b7fd07a9b01488f9e5be9b87e841
|
|
Update version and release schedule for the upcoming TF-A
release v2.10.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I505fbb034a74ce1cc6bc20efdd26803e6fb8c0c1
|
|
|
|
Revise the AST2700 boot flow to the RESET_TO_BL31 scheme.
The execution of BL1/2 can be saved from ARM CA35 while most
low level platform initialization are moved to a preceding MCU.
This patch updates the build configuration and also adds
the SMP mailbox setup code to hold secondary cores until
they are being waken up.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: I7e0aa6416b92b97036153db1d9a26baaa41b7b18
|
|
Rather than returning 0 or 1, the above function returns bool false
or true. No functional change.
Change-Id: Iea904ffc368568208fa8203e0d2e0cdaa500b1e0
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
|
|
* changes:
feat(cert-create): add pkcs11 engine support
fix(cert-create): key: Avoid having a temporary value for pkey in key_load
|
|
* changes:
fix(cpus): workaround for Neoverse V2 erratum 2743011
fix(cpus): workaround for Neoverse V2 erratum 2779510
fix(cpus): workaround for Neoverse V2 erratum 2719105
fix(cpus): workaround for Neoverse V2 erratum 2331132
|
|
Add transfer list APIs and firmware handoff build option.
Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
|
|
Add pkcs11 engine support which allows using keys that are securely
stored on a HSM or TPM. To use this feature the user has to supply
an RFC 7512 compliant PKCS11 URI to a key instead of a file as an
argument to one of the key options. This change is fully backwards
compatible.
This change makes use of the openssl engine API which is deprecated
since openssl 3.0 and will most likely be removed in version 4. So
pkcs11 support will have to be updated to the openssl provider API
in the near future.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: If96725988ca62c5613ec59123943bf15922f5d1f
|
|
|
|
Neoverse V2 erratum 2743011 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0e06ca723a1cce51fb027b7160f3dd06a4c93e64
|
|
Neoverse V2 erratum 2779510 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set bit[47] of CPUACTLR3_EL1 which might have a small impact on
power and negligible impact on performance.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I6d937747bdcbf2913a64c4037f99918cbc466e80
|
|
Neoverse V2 erratum 2719105 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.
The erratum is avoided by setting CPUACTLR2_EL1[0] to 1 to force
PLDW/PFRM ST to behave like PLD/PRFM LD and not cause invalidations
to other PE caches. There might be a small performance degradation
to this workaround for certain workloads that share data.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Id026edcb7ee1ca93371ce0001d18f5a8282c49ba
|
|
Neoverse V2 erratum 2331132 is a Cat B erratum that applies to all
revisions <= r0p2 and is still open. The workaround is to write the
value 4'b1001 to the PF_MODE bits in the IMP_CPUECTLR2_EL1 register
which will place the data prefetcher in the most conservative mode
instead of disabling it.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ic6c76375df465a4ad2e20dd7add7037477d973c1
|
|
|
|
Update maintainers list for corstone1000 platform.
Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Change-Id: I779e3717f6a6e19d32e8568eda05204cd46f35ea
|
|
Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features are enabled in platform specific makefile.
This fragmentation is sometime confusing to figure out which feature
is tied to which ARCH_MAJOR.ARCH_MINOR.
So, consolidating and grouping them for tracking and enabling makes
more sense. With this change we consolidate all ARCH feature handling
within arch_features.mk and disable all optional features that need
to be enabled to platform makefile.
This is an ongoing series of effort to consolidate and going forward
platform makefile should just specify ARCH_MAJOR and ARCH MINOR and
all mandatory feature should be selected based on arch_features.mk
any optional feature needed by the platform support can be enabled
by platform makefile.
It also makes it easier for platform ports to look upto arch_features.mk
and enable any optional feature that platform may need which are
supported from TF-A.
Change-Id: I18764008856d81414256b6cbabdfa42a16b8040d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
|
|
* changes:
feat(stm32mp2): generate stm32 file
feat(stm32mp2-fdts): add stm32mp257f-ev1 board
feat(stm32mp2-fdts): introduce stm32mp25 pinctrl files
feat(stm32mp2-fdts): introduce stm32mp25 SoCs family
feat(stm32mp2): add console configuration
feat(st): add RCC registers list
feat(st-uart): add AARCH64 stm32_console driver
feat(st): introduce new platform STM32MP2
feat(dt-bindings): add the STM32MP2 clock and reset bindings
docs(changelog): add scopes for STM32MP2
feat(docs): introduce STM32MP2 doc
refactor(docs): add a sub-menu for ST platforms
refactor(st): move plat_image_load.c
refactor(st): rename PLAT_NB_FIXED_REGS
refactor(st): move some storage definitions to common part
refactor(st): move SDMMC definitions to driver
feat(st-clock): stub fdt_get_rcc_secure_state
feat(st-clock): allow aarch64 compilation of STGEN functions
feat(st): allow AARCH64 compilation for common code
refactor(st): rename QSPI macros
|
|
|
|
MULTI_CONSOLE_API have been removed long time ago by commit 5b6ebeec9c99
("Remove MULTI_CONSOLE_API flag and references to it") that's why remove
references in platform.mk files and also in one rst which is not valid
anymore.
Change-Id: I45f8e7db0a14ce63de62509100d8159b7aca2657
Signed-off-by: Michal Simek <michal.simek@amd.com>
|
|
|
|
Update TF-A documentation to recommend using the latest and greatest
release of mbedTLS library to this date, i.e. version 3.4.1. The
upgrade was successfully tested by the OpenCI running all existing
test configs, in particular trusted boot and measured boot related
ones.
The reason for this upgrade is simply to obey TF-A's guideline to
always use up-to-date security libraries. mbedTLS 3.4.1 release
notes [1] do not list any changes that should affect TF-A.
[1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.4.1
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Ifc31c2fc825a2fc9ca318ea8baadd51b670e7a4e
|
|
* changes:
fix(cpus): workaround for Cortex-X3 erratum 2742421
feat(errata_abi): add support for Cortex-X3
|
|
|
