| Age | Commit message (Collapse) | Author |
|---|
|
Added changelog for v2.10 release.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Id06263047fcc1ec60e82f85cd09e2e4bc95830f5
|
|
|
|
This reverts commit 0abbfab320344d4f2110e95d64863a3e82a51ec9.
Reason for revert: Changelog was based on rc0 tag but we got few more patches after that which were not captured.
Change-Id: I9829f2b6dc09f0bd5c538845cbae051f6e4c8a75
|
|
integration
|
|
|
|
|
|
Arm has made the strategic decision to deprecate the TC1 platform.
Consequently, software development and the creation of fast models
for the TC1 platform have been officially discontinued.
The TC1 platform, now considered obsolete, has been succeeded by
the TC2 platform. It's noteworthy that the TC2 platform is already
integrated and supported in both TF-A and CI repositories.
Change-Id: Ia196a5fc975b4dbf3c913333daf595199968d95d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
|
|
Change-Id: I44b88c3232d099b85ff71ee14c4918c4f8180146
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
|
|
* changes:
docs(juno): update PSCI instrumentation data
docs(n1sdp): update N1SDP PSCI instrumentation data
|
|
|
|
|
|
A number of features are marked experimental in the build system through
makefiles but there wasn't an explicit document to list them.
Added a dedicated experimental build options section and moved
existing experimental build option descriptions in this section.
Restoring the change from [1] removing the experimental flag on the EL3
SPMC (this has been lost in rebasing a later change).
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24713
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2c458c6857c347114b265404e8b9ede9ac588463
|
|
|
|
As part of the release process, revisit the list of maintainers to
keep it updated.
Change-Id: Ifdbbe0d0dd1c8db3e5fbc84affcceb6d3c7716d4
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
This change updates the model versions that we claim to be testing with
to reflect what the reality in the CI.
Change-Id: Ieb44f3f21cd0ba7149d47f7688698831c9eab487
Signed-off-by: Chris Kay <chris.kay@arm.com>
|
|
Change-Id: Iadbaf3d52c5e86f53b05c09e2decce3c089ab83c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
|
|
Change-Id: I11c747acfdd376668b44a116258ee75e8cba214d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
|
|
* changes:
docs(spm-mm): remove reference to SEL2 SPMC
docs: remove SEL2 SPMC threat model
docs: remove unused SPM related diagrams
|
|
Arm Confidential Compute Architecture (Arm CCA) support, underpinned by
Arm Realm Management Extension (RME) support, brings in a few important
software and hardware architectural changes in TF-A, which warrants a
new security analysis of the code base. Results of this analysis are
captured in a new threat model document, provided in this patch.
The main changes introduced in TF-A to support Arm CCA / RME are:
- Presence of a new threat agent: realm world clients.
- Availability of Arm CCA Hardware Enforced Security (HES) to support
measured boot and trusted boot.
- Configuration of the Granule Protection Tables (GPT) for
inter-world memory protection.
This is only an initial version of the threat model and we expect to
enrich it in the future.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Co-authored-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Iab84dc724df694511508f90dc76b6d469c4cccd5
|
|
UART" into integration
|
|
Add a deprecation notice for building TF-A with mbedtls-2.x
This was notified earlier in TF-A mailing list:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/message/YDPOPASMGEQBCOI5TKUSD3V3J75NAT7A/
We will be removing support to build TF-A with mbedtls-2.x after
TF-A 2.10 release.
Change-Id: I669b423ee9af9f5c5255fce370413fffaf38e8eb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
|
|
TF-A supports reading input data from UART interfaces. This opens up
an attack vector for arbitrary data to be injected into TF-A, which is
not covered in the threat model right now.
Fill this gap by:
- Updating the data flow diagrams. Data may flow from the UART into
TF-A (and not only the other way around).
- Documenting the threats inherent to reading untrusted data from a
UART.
Change-Id: I508da5d2f7ad5d20717b958d76ab9337c5eca50f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
|
CryptoCell-712 and CryptoCell-713 drivers have been deprecated since
TF-A v2.9 and their removal was announced for TF-A v2.10 release.
See [1].
As the release is approaching, this patch deletes these drivers' code as
well as all references to them in the documentation and Arm platforms
code (Nuvoton platform is taken care in a subsequent patch). Associated
build options (ARM_CRYPTOCELL_INTEG and PLAT_CRYPTOCELL_BASE) have also
been removed and thus will have no effect if defined.
This is a breaking change for downstream platforms which use these
drivers.
[1] https://trustedfirmware-a.readthedocs.io/en/v2.9/about/release-information.html#removal-of-deprecated-drivers
Note that TF-A v3.0 release later got renumbered into v2.10.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Idabbc9115f6732ac1a0e52b273d3380677a39813
|
|
|
|
|
|
The EL3 SPMC is known to be deployed into end products and properly
tested since its introduction into TF-A v2.7.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I96bb897cfefef20c33cfc39627b10746dce5485c
|
|
There is no platform function to retrieve the info in the generic code.
Populate the BL32 image base, size and max limit in arg2, arg3 and arg4.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I35527fb41829102083b488a5150c0c707c5ede15
|
|
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that
disables the unused EL2 when a platform hands off from EL3
to NS-EL1 instead of NS-EL2. Platforms without NS-EL2 in use
must enable this flag.
BREAKING CHANGE: Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I61431cc4f7e2feb568d472828e5fd79cc73e51f5
|
|
* changes:
fix(cpus): workaround for Cortex-X2 erratum 2742423
fix(cpus): workaround for Cortex-A710 erratum 2742423
fix(cpus): workaround for Neoverse N2 erratum 2340933
fix(cpus): workaround for Neoverse N2 erratum 2346952
|
|
|
|
* changes:
docs(versal-net): add TSP build documentation
docs(versal): add TSP build documentation
feat(versal-net): add tsp support
feat(versal): add tsp support
refactor(xilinx): add generic TSP makefile
chore(zynqmp): reorganize tsp code into common path
refactor(xilinx): rename platform function to generic name
|
|
Add a chapter "Version numbering" in release information file that
explains macros used for TF-A version. It also introduces VERSION_PATCH
macro that is used for LTS releases. A comment for this macro is also
added in Makefile.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I946b6cb91bb8454131f07b24534d28ab1aef1771
|
|
Cortex-X2 erratum 2742423 is a Cat B erratum that applies to all
revisions <= r2p1 and is still open.
The workaround is to set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775100/latest
Change-Id: I03897dc2a7f908937612c2b66ce7a043c1b7575d
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
Cortex-A710 erratum 2742423 is a Cat B erratum that applies to all
revisions <= r2p1 and is still open. The workaround is to set
CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775101/latest
Change-Id: I4d9d3760491f1e6c59b2667c16d59b99cc7979f1
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
Neoverse N2 erratum 2340933 is a Cat B erratum that applies to
revision r0p0 and is fixed in r0p1. The workaround is to set
CPUACTLR5_EL1[61] to 1.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1982442/latest
Change-Id: I121add0dd35072c53392d33f049d893a5ff6354f
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
Neoverse N2 erratum 2346952 is a Cat B erratum that applies to all
revisions <= r0p2 and is fixed in r0p3.
The workaround is to set L2 TQ size statically to it's full size.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1982442/latest
Change-Id: I03c3cf1f951fbc906fdebcb99a523c5ac8ba055d
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
* changes:
docs(ras): update RAS documentation
docs(el3-runtime): update BL31 exception vector handling
fix(el3-runtime): restrict lower el EA handlers in FFH mode
fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT
fix(ras): restrict ENABLE_FEAT_RAS to have only two states
feat(ras): use FEAT_IESB for error synchronization
feat(el3-runtime): modify vector entry paths
|
|
integration
|
|
Add information about Versal NET platform for TSP and provide
the build commands.
Change-Id: Id7c9d75f8a42813ca2bfd18494bfc6b73df0af52
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
|
|
Add information about Versal platform for TSP and provide
the build commands.
Change-Id: I7106ab477a881c58e1c45863bd6854d188982282
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
|
|
Add details about RAS error handling philosophies and its implementation
It also updates the tests introduced to verify them.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Iedc8c1e713dad05baadd58e5752df36fa00121a7
|
|
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ieae66bafe1cdd253edebecddea156551144a1cc9
|
|
This patch removes RAS_FFH_SUPPORT macro which is the combination of
ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an
internal macro FFH_SUPPORT which gets enabled when platforms wants
to enable lower EL EA handling at EL3. The internal macro FFH_SUPPORT
will be automatically enabled if HANDLE_EA_EL3_FIRST_NS is enabled.
FFH_SUPPORT along with ENABLE_FEAT_RAS will be used in source files
to provide equivalent check which was provided by RAS_FFH_SUPPORT
earlier. In generic code we needed a macro which could abstract both
HANDLE_EA_EL3_FIRST_NS and RAS_FFH_SUPPORT macros that had limitations.
Former was tied up with NS world only while the latter was tied to RAS
feature.
This is to allow Secure/Realm world to have their own FFH macros
in future.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ie5692ccbf462f5dcc3f005a5beea5aa35124ac73
|
|
As part of migrating RAS extension to feature detection mechanism, the
macro ENABLE_FEAT_RAS was allowed to have dynamic detection (FEAT_STATE
2). Considering this feature does impact execution of EL3 and we need
to know at compile time about the presence of this feature. Do not use
dynamic detection part of feature detection mechanism.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I23858f641f81fbd81b6b17504eb4a2cc65c1a752
|
|
As the SEL2 SPMC design doc is migrated to Hafnium tree, remove the
reference to this implementation from TF-A's SPM-MM doc.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1609c7d1d098420412dffc7b1309cc9c11502f8a
|
|
The SEL2/Hafnium SPMC implementation threat model is now hosted at [1].
[1] https://hafnium.readthedocs.io/en/latest/threat_model_spm.html
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I83d3f21ef0ee9364529c7b80de9872034ff92b09
|
|
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ia60c4aa6a0aa0da5765d295e658964e6faa5960a
|
|
* changes:
docs: mark PSA_CRYPTO as an experimental feature
feat(fvp): increase BL1 RW area for PSA_CRYPTO implementation
feat(mbedtls-psa): mbedTLS PSA Crypto with ECDSA
|
|
* changes:
fix(cpus): fix the rev-var of Neoverse-V1
fix(errata-abi): update the Neoverse-N2 errata ABI struct
fix(errata-abi): update the neoverse-N1 errata ABI struct
fix(cpus): fix the rev-var of Cortex-X2
fix(errata-abi): update the Cortex-A78C errata ABI struct
fix(cpus): update the rev-var for Cortex-A78AE
fix(errata-abi): update the Cortex-A76 errata ABI struct
fix(cpus): fix the rev-var for Cortex-A710
|
|
Updated the 'Deprecated Platforms' table to reflect that the
deletion of sgi575 and rdn1Edge is still unconfirmed.
Change-Id: Ie8e8af55a735f624f5ee604d75bb497d870620cd
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
|
