Added few missed links for Security Advisories.
Change-Id: I9cab72b70a518273cbb1a291142f452198427127
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The docs say 3 is valid, but it is not. Jammy uses 3.10 so pin it to
that.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I73530750065294eb511d88318ba86a6c50c8aa7d
Specifying build.tools is mandatory. We use python, so use the latest
one available. For ubuntu 22.04 that should be 3.10 or thereabouts.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ifd184b9f3b2d8e91182ccb73c47b148e4aeaff05
Readthedocs uses weird defaults and the web interface gives limited
configuration options. Add the config file to allow them to be changed.
Bump build os image to Ubuntu 22.04 to be in line with the CI.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1a620b15ab3924244f305056096024fe117c63dd
As per the current code base, the version of the PM_QUERY_DATA EEMI
API is 2 in the Versal but in ZynqMP it returns the base version.
Since this EEMI API ID support similar functionality for Versal and
ZynqMP, hence there should not be any difference in the versioning
as well.
In version 2, the feature check API supports the bitmask functionality
of the QUERY_DATA API, so the user can query the supported QUERY_DATA
ID first and if the ID is supported then the user can perform the
actual functionality of the same.
Hence, bump up the version of PM_QUERY_DATA API Id to 2.
Signed-off-by: Ronak Jain <ronak.jain@amd.com>
Change-Id: I3ed7b090f486dca591352131ca286018bbb1c4be
Certain links to Juno documentation point to a location that were
removed at some point, or are unused. Fix links to point to the latest
available version on Arm's public documentation site, and remove those
that are no longer being used.
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I59202767db8834e9c302b2826f3faee47d3a5edd
Update the python dependencies for building the project's Sphinx
documentation. Sphinx plugins are updated to the latest version, while
Sphinx itself is only updated to 5.3.0 (latest 5.x.x revision) due to
sphinx-rtd-theme not supporting any higher (both require incompatible
versions of docutils). Myst-parser is also updated to the latest version
to prevent a docutils clash as well.
The effect of this is to bump certifi to version 2022.12.7 and wheel to
0.38.4 as suggested by dependabot.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I0ced5b127494255ce01aa7f51665bfcba161d135
TF-A carries its own compiler-rt so higher versions of the compilers may
not necessarily work. Because TF-A is only tested on the specified
versions in the CI, any breakage remains unknown. Update the
prerequisites guide to make it more apparent that this is the case.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ia5da9c5ff505ead99f579f3f5fbe3a480d697c1d
This file provides __aeabi_memclr8 builtin which the Ubuntu 22.04
version of clang 14 needs to compile. Add it to prevent this oddity from
failing the build.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Id67aa0abba4a27c51b3ed6bb1be84b4e803b44bf
BL31_LIMIT is not size but reserved node reg property contains base
address and size that's why BL31_LIMIT - BL31_BASE + 1 is correct size
of reseved space for BL31.
Also update warning message to cover that it is for BL31.
Change-Id: I53f53d2170eb873f758f9ba250d54f57f0b562b4
Signed-off-by: Michal Simek <michal.simek@amd.com>
This change allows platforms to provide more than one linker script to
any image utilizing the `MAKE_BL` build system macro.
This is already done by some MediaTek platforms via the
`EXTRA_LINKERFILE` build system variable, which has now been removed.
In its place, additional linker scripts may be added to the
`<IMAGE>_LINKER_SCRIPT_SOURCES` variable.
BREAKING-CHANGE: The `EXTRA_LINKERFILE` build system variable has been
replaced with the `<IMAGE>_LINKER_SCRIPT_SOURCES` variable. See the
commit message for more information.
Change-Id: I3f0b69200d6a4841fd158cd09344ce9e67047271
Signed-off-by: Chris Kay <chris.kay@arm.com>
The following build system variables have been renamed:
- `LINKERFILE` -> `DEFAULT_LINKER_SCRIPT`
- `BL_LINKERFILE` -> `DEFAULT_LINKER_SCRIPT_SOURCE`
- `<IMAGE>_LINKERFILE` -> `<IMAGE>_DEFAULT_LINKER_SCRIPT_SOURCE`
These new names better reflect how each variable is used:
1. the default linker script is passed via `-dT` instead of `-T`
2. linker script source files are first preprocessed
Additionally, linker scripts are now placed in the build directory
relative to where they exist in the source directory. For example,
the `bl32/sp_min/sp_min.ld.S` would now preprocess to
`sp_min/sp_min.ld` instead of just `bl32.ld`
BREAKING-CHANGE: The `LINKERFILE`, `BL_LINKERFILE` and
`<IMAGE_LINKERFILE>` build system variables have been renamed. See the
commit message for more information.
Change-Id: If8cef65dcb8820e8993736702c8741e97a66e6cc
Signed-off-by: Chris Kay <chris.kay@arm.com>
There are a variety of code styles used by the various linker scripts
around the code-base. This change brings them in line with one another
and attempts to make the scripts more friendly for skim-readers.
Change-Id: Ibee2afad0d543129c9ba5a8a22e3ec17d77e36ea
Signed-off-by: Chris Kay <chris.kay@arm.com>
When PIE is enabled, the `-fpie` flag is passed to the compiler but not
to the preprocessor. This change ensures that both tools are aware of
when the image is position-independent when preprocessing, which impacts
some pre-defined preprocessor definitions.
Change-Id: I5208a591d60ee01312f6bf3dd7343abe6535ee61
Signed-off-by: Chris Kay <chris.kay@arm.com>
In test_memory_send the variable i is of unsigned type, so
it is never negative. If i is 0, the result of i-- is
4294967295. Don't know what happens if trying to
access composite->address_range_array[4294967295].
Made i a signed integer.
Signed-off-by: Thomas Viehweger <Thomas.Viehweger@rohde-schwarz.com>
Change-Id: I8b4e532749b5e86e4b5acd238e72c3f88e309ff2
* changes:
feat(spmd): map SPMC manifest region as EL3_PAS
feat(fvp): update device tree with load addresses of TOS_FW config
refactor(fvp): rename the DTB info structure member
feat(fconf): rename 'ns-load-address' to 'secondary-load-address'
There were some late comments to the prior change (18635) which are
address in this commit. There was also an invalid return value check
which was changed and the wrong result was being returned via the SMC
call for loading OP-TEE which is now fixed.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Change-Id: I883ddf966662549a3ef9c801a2d4f47709422332
SAVE_KEYS is set to '0' by default, causing cert_create to
show the 'Key filename not specified' message on each run
even though this is perfectly normal. Show the message only
in the VERBOSE log level.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Change-Id: I472cdec2670055ab0edd99d172f79d01ad575972
Adds a pre-commit git hook to keep track of copyright year.
Checks staged files for Arm copyright header and suggests a change if
the year is outdated. Works with both single-year format and
from_year-to_year format.
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Change-Id: If81a0b9f5e047ec0ac401c7cf1792b9da6644926
The tos_fw_config is currently loaded into memory by BL2 and
consumed by SPMD (part of BL31) and BL32 firmwares. This does
not work in RME-enabled systems as BL31 uses the root PAS memory
and does not trust secure PAS memory.
A first attempt was made to map the TOS_FW_CONFIG region as root PAS,
and then to remap to secure PAS after SPMD consumption, but this was
not suitable for RME systems where memory encryption is enabled.
This can be solved by copying the TOS FW config (SPMC manifest) from
the Root PAS region to the Secure PAS region so that BL32 can consume
it.
Change-Id: I8eef8345366199cb0e367db883c34a5b5136465d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
BL31 already reports that there is missing CPU workaround for this
erratum as
"WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing!"
That's why enable it by default as was done by other platforms for
example by commit 74665119f0 ("allwinner: Enable workaround for
Cortex-A53 erratum 1530924").
Change-Id: I251ffe3c307781b07477afb64f4e7af5dd9af9fe
Signed-off-by: Michal Simek <michal.simek@amd.com>
Add support for calling SMCCC_ARCH_SOC_ID which is used by Linux soc_id
driver for printing information about manufacturer and also chip version
and silicon ID code. SOC revision is directly mapped to chip ID code.
And SOC version is composed from manufacturer ID based on JEP-106 with
chip_id which contains bits mapped to CPU register 0xffca0044 platform
bits which differentiate between silicon, qemu and other emulated
platforms.
Function description is available at
docs/getting_started/porting-guide.rst.
Change-Id: I1f19e1973593897e71b39244dbdbceb6bd0e8a07
Signed-off-by: Michal Simek <michal.simek@amd.com>
Enable SCXTNUM_ELx access for lower ELs in non-secure state.
Make realm context setup take this build flag into account but enable it
by default when RME is used.
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Change-Id: Ieb0186b2fdffad464bb9316fc3973772c9c28cd0
* changes:
refactor(allwinner): use fdt_node_is_enabled() in AXP driver
fix(allwinner): check RSB availability in DT on H6
refactor(fdt): introduce common fdt_node_is_enabled()
Adding AP/RSS interface for retrieving and incrementing non-volatile
counters.
The read interface implements the psa_call:
psa_call(RSS_PLATFORM_SERVICE_HANDLE,
RSS_PLATFORM_API_ID_NV_READ,
in_vec, 1, out_vec, 1);
where the in_vec indicates which of the 3 counters we want, and the
out_vec stores the counter value we get back from RSS.
The increment interface implements the psa_call:
psa_call(RSS_PLATFORM_SERVICE_HANDLE,
RSS_PLATFORM_API_ID_NV_INCREMENT,
in_vec, 1, (psa_outvec *)NULL, 0);
where, again, in_vec indicates the counter to increment, and we don't
get any output parameter from RSS.
Through this service, we will be able to get/increment any of the 3 NV
counters used on a CCA platform:
- NV counter for CCA firmware (BL2, BL31, RMM).
- NV counter for secure firmware.
- NV counter for non-secure firmware.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Signed-off-by: Raef Coles <raef.coles@arm.com>
Change-Id: I4c1c7f4837ebff30de16bb0ce7ecd416b70b1f62
