Update the boot sequence in the RD-1 AE documentation
to include BL32 (OP-TEE).
Signed-off-by: Ziad Elhanafy <ziad.elhanafy@arm.com>
Change-Id: I25fdc114bb71d3ad7e1bb2d845f758d6af037e3d
Add support for loading and booting OP-TEE as SPMC running at
S-EL1 for RD-1 AE platform.
Signed-off-by: Ziad Elhanafy <ziad.elhanafy@arm.com>
Change-Id: If29f56bb19fe7f370208ef5a6f60bfff4346ea93
In order for directories to be automatically created when used as a
dependency, they must end with a forward slash (`/`). This is because we
have a pattern rule (`%/`) to create a directory anywhere where a
directory is required as a direct dependency.
Change-Id: Ib632d59da0745f6cadb0a839a62360aeca25c178
Signed-off-by: Chris Kay <chris.kay@arm.com>
Make this function return values from crypto_ret_value.
The previous method of returning the mbedtls error code
on failure meant that the authentication module couldn't
correctly parse failures from this function.
Change-Id: I9fe6eba1fc79e8f81004f8cd202781aea907e963
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The TF_FLAGS variable must be recursively expanded as the rules that use
it are defined before it has been fully defined. That has the
unfortunate side effect of spawning a subshell that calls the compiler
for every file that is being built, thrashing multicore build times.
We don't cater to the possibility of the toolchain changing mid build so
precomputing this value would be more sensible. Doing a clean build on
an Intel dual socket Xeon Gold 5218 (i.e. 64 threads) workstation used
to take about 9 seconds. After this patch it takes about 1.5. Single
core performance went from ~45 seconds to about 25.
Change-Id: If56ed0ab3cc42bc482d9dd05a41ffbff4dd7f147
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Most of the macros in build_macros.mk get lazily evaluated. That's
mostly fine, except for the fact that the `uppercase` macro needs to
spawn a subshell to get its output. And the target for every file
requires calling `uppercase` many, MANY, times, thrashing performance on
even the most trivial of make commands.
We can be a little clever and only call `uppercase` a handful of times
and then pass around the already uppercased strings.
The same is true about the verbosity augmentation variables. Simply
changing them to simply expanded variables allows for them to be
pre-processed and then used over and over again.
`make realclean` is a pretty good benchmark for this as it doesn't do
much else but must process all the rules, like every other make command.
On a clean checkout of TF-A on an Intel Xeon Gold 5218 (i.e. slow
single-core) workstation, that command used to take about 7 seconds.
With this patch it takes about 0.5.
Change-Id: I632236a12a40f169e834974ecbc73ff80aac3462
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
* This patch adds support to tsp (BL32) Image, to exercise
EL1_context registers at S-EL1.
* Adds a SMC function ID "MODIFY_EL1_CTX" to handle EL1_CTX
registers at S-EL1 and overwrite them.
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Id4f2b3b748f7bc9e6c9d72a2f03d50aefbfb61cb
Correct feature list assignment to apply ARM v8.7 features
to `armv8-8-a-feats` instead of `armv8-7-a-feats` for ARM v8.8
compliance.
This was highlighted during the build of TC4 with ARM_ARCH_MAJOR=8
and ARM_ARCH_MINOR=8.
Change-Id: I6c48a3ffa2f1e18d5e4a6484a823c9112dddd751
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The buffer size allocated for the raw ECDSA signatures
was too small for P-384 signatures. This led to mbedtls
aborting the generation of the raw sig.
Fix this by increasing the buffer size to the required
value.
Change-Id: I06a9cfe1f4cb2603c5fbe945714e90460c24edb8
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Armv8.6 introduced the FEAT_LS64 extension, which provides a 64 *byte*
store instruction. A related instruction is ST64BV0, which will replace
the lowest 32 bits of the data with a value taken from the ACCDATA_EL1
system register (so that EL0 cannot alter them).
Using that ST64BV0 instruction and accessing the ACCDATA_EL1 system
register is guarded by two SCR_EL3 bits, which we should set to avoid a
trap into EL3, when lower ELs use one of those.
Add the required bits and pieces to make this feature usable:
- Add the ENABLE_FEAT_LS64_ACCDATA build option (defaulting to 0).
- Add the CPUID and SCR_EL3 bit definitions associated with FEAT_LS64.
- Add a feature check to check for the existing four variants of the
LS64 feature and detect future extensions.
- Add code to save and restore the ACCDATA_EL1 register on
secure/non-secure context switches.
- Enable the feature with runtime detection for FVP and Arm FPGA.
Please note that the *basic* FEAT_LS64 feature does not feature any trap
bits, it's only the addition of the ACCDATA_EL1 system register that
adds these traps and the SCR_EL3 bits.
Change-Id: Ie3e2ca2d9c4fbbd45c0cc6089accbb825579138a
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
For firmware handoff, ensure the device tree (dt) is loaded into memory
before setting the entry point arguments for the next bootloader stage.
This allows the dt to be found and its address passed as an argument.
Change-Id: Ifedd7c573e2d4f6d68c596907d9d6c6a3eded317
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Add documentation for the feature where EL3 can be used to sign realm
attestation token requests using RMM_EL3_TOKEN_SIGN command.
This patch also adds documentation for the RMM_EL3_FEATURES features
command that can be used to discover support for features such as
RMM_EL3_TOKEN_SIGN.
Change-Id: Iab5a157761ed17931210c3702f813198fc9c4b3a
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>
Update linker file and init codes to allow using separated
memory region for RW DATA. Init codes will copy the RW DATA
from the image to the linked address.
On some NXP platforms, after the BL31 image has been verified,
the bl31 image space will be locked/protected as RO only, so
need to move the RW DATA and NOBITS out of the bl31 image.
Signed-off-by: Ye Li <ye.li@nxp.com>
Reviewed-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Jacky Bai <ping.bai@nxp.com>
Change-Id: I361d9a715890961bf30790a3325f8085a40c0c39
This corrects the MISRA violation C2012-5.8:
Identifiers that define objects or functions with
external linkage shall be unique.
Modify the variable name to prevent conflict with
external object linkage.
Change-Id: I2448e4ad0660e654ceb40940e0046d2f2899b41b
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-5.8:
Identifiers that define objects or functions with
external linkage shall be unique.
Modify the variable name to prevent conflict with
external object linkage.
Change-Id: Icba1860d789d3826a58b3d83b65ca86a7b364c46
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-5.8:
Identifiers that define objects or functions with
external linkage shall be unique.
Modify the variable name to prevent conflict with
external object linkage.
Change-Id: I118fc302e6c37ba589a2871a7c59a694314910c2
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-5.8:
Identifiers that define objects or functions with
external linkage shall be unique.
Modify the variable name to prevent conflict with
external object linkage.
Change-Id: I32bed542c4810508174029ab0aaec18bcdf849a5
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-8.4:
A compatible declaration shall be visible when an object or
function with external linkage is defined.
Change-Id: I75c8e6a23ec192417f0e09c226f53c922a43f33c
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-8.4:
A compatible declaration shall be visible when an object or
function with external linkage is defined.
Change-Id: I91817596c5de84b259a5dffcc01a7b1106a5b7a4
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
This corrects the MISRA violation C2012-8.4:
A compatible declaration shall be visible when an object or
function with external linkage is defined.
Change-Id: I0e554972c24b70abd5b563639482f267cd4e1b5e
Signed-off-by: Nithin G <nithing@amd.com>
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>
The plat_helpers.h is identical across various platforms, moved to the
common folder for easier maintenance.
Change-Id: Ic9f10c697fcda7e3cfbf32e67486c9cd28481b8a
Signed-off-by: Gavin Liu <gavin.liu@mediatek.com>
The skipddc_dat variable is only use at one place in dfixlat_program()
function. Move its definition and update there to avoid compilation
issues about variables being set but not used.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I6b5273365f1da26773fc46f898362cb9af170506
Add CCA Measured Boot and DPE measured boot backends to
the threat model.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I234a2400d00fea606c5312ebddf94e2624463ff8
Restructure Measured Boot threat model for more description and clarity:
- Add what critical assets are to be protected.
- Mention other attributes and the possible attacks.
- Rephrase the section that describes the Measured Boot backends.
Change-Id: I6577a56184992bf16f4aa1b773d1636781cbb049
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
