* changes:
refactor(tc): print RSS interface test PSA status
test(tc): test for AP/RSS interface for ROTPK
feat(psa): interface with RSS for retrieving ROTPK
Moving neoverse_n1_disable_speculative_loads function before reset
function to maintain git blame with refactor to new framework.
Change-Id: I79a4de9955a6f37e289456a743b946c0c4c8c27f
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
For E1, this involves replacing:
- The reset_func with the standard cpu_reset_func_{start,end}
to apply errata automatically
- The <cpu>_errata_report with the errata_report_shim to
report errata automatically
And for the E1 DSU erratum, creating symbolic names to the already
existing errata workaround functions to get them registered under
the Errata Framework.
Testing was conducted by:
- Manual comparison of disassembly of converted functions with non-
converted functions:
aarch64-none-elf-objdump -D
<trusted-firmware-a with conversion>/build/fvp/release/bl31/bl31.elf
vs
aarch64-none-elf-objdump -D
<trusted-firmware-a clean repo>/build/fvp/release/bl31/bl31.elf
- Build for debug with all errata enabled and step through ArmDS
to ensure all functions are entered and the path remains the same
as before conversion to the new framework.
Change-Id: I0a059574948badbd108333344286c76aeb142e71
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Moving all PLATFORM_TESTS into platform test makefile
Change-Id: I31821e9e69d916d12ae4c804df26f07fb523c835
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Prior to delegating handling of Group0 secure interrupt to platform
handler, SPMD framework must acknowledge the highest pending interrupt.
Moreover, once the platform has handled the interrupt successfully,
SPMD must deactivate the interrupt.
The rationale behind this decision is SPMD framework is well suited to
perform interrupt management at GIC boundary while the platform handler
is well equipped to deal with the device interface related to the
interrupt.
This patch also fixes a bug in the error code returned upon invocation
of FFA_EL3_INTR_HANDLE from normal world.
Change-Id: If8fef51899e25f966038cc01ec58c84ee25e88eb
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Adding PSA status to print statement upon failing communication
initialization, non-volatile counter, and rotpk read interface calls in
platform_tests.
Change-Id: Ia949cc2d18e93efb68f663d0c4e5500ca9021a94
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Adding new test for AP/RSS interface for reading ROTPK for
each 3 types of ROTPKs for: CCA, secure, and non-secure firmware.
Enabled by PLATFORM_TEST=rss-rotpk.
Update to print output when AP/RSS interface platform tests
pass to be able to reuse expect script functionality in CI.
Change-Id: Icc50b090e18a272378751fda104d209738b5b70c
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Adding the AP/RSS interface for reading the ROTPK.
The read interface implements the psa_call:
psa_call(RSS_CRYPTO_HANDLE, PSA_IPC_CALL,
in_vec, IOVEC_LEN(in_vec),
out_vec, IOVEC_LEN(out_vec));
where the in_vec indicates which of the 3 ROTPKs we want,
and the out_vec stores the ROTPK value we get back from RSS.
Through this service, we will be able to read any of the 3
ROTPKs used on a CCA platform:
- ROTPK for CCA firmware (BL2, BL31, RMM).
- ROTPK for secure firmware.
- ROTPK for non-secure firmware.
Change-Id: I44c615588235cc797fdf38870b74b4c422be0a72
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
A newer version of the Arm(R) Ethos(TM)-N NPU firmware is now available,
and so the constants in the SiP service need updating.
Change-Id: I8eee7d543bac0a726c6161a16b3df90609f6b443
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
We limited the r/w permission of some register groups for security
concerns. These regitser groups should not be accessed by domain 3 or
domain 5.
Change-Id: I2188da88d9e10a931d87bda14dc7dca46633dcd8
Signed-off-by: Chungying Lu <chungying.lu@mediatek.corp-partner.google.com>
Enables printing captial hex chars as well as lowercase
Change-Id: I4dc48c3db97b908f0bb344d7765807967de8cf02
Signed-off-by: Matt Schulte <matsch@google.com>
The coverity defects fixed by this patch is
** CID 394601: Integer handling issues (NO_EFFECT)
/lib/xlat_tables_v2/aarch64/xlat_tables_arch.c: 30 in
xlat_arch_is_granule_size_supported()
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Ibc8e20bd7318a52702fbd7aa86e22cd2ded42610
When the TF-A is placed in DDR memory range, the DDR memory range
needs to be explicitly reserved in the default device tree.
A new build time parameter, XILINX_OF_BOARD_DTB_ADDR, is introduced.
The TF-A will reserve the DDR memory only when a valid DTB address
is provided to XILINX_OF_BOARD_DTB_ADDR during build.
Now the user has options, either manually reserve the desired DDR
address range for TF-A in device tree or let TF-A access and modify
the device tree, to reserve the DDR address range, in runtime using
the build parameter.
Change-Id: I45a5d9a8343ea8a19ea014a70023731de94d061a
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
When the TF-A is placed in DDR memory range, the DDR memory range
needs to be explicitly reserved in the default device tree.
A new build time parameter, XILINX_OF_BOARD_DTB_ADDR, is introduced.
The TF-A will reserve the DDR memory only when a valid DTB address
is provided to XILINX_OF_BOARD_DTB_ADDR during build.
Now the user has options, either manually reserve the desired DDR
address range for TF-A in device tree or let TF-A access and modify
the device tree, to reserve the DDR address range, in runtime using
the build parameter.
Change-Id: I4442a90e1cab5a3a115f4eeb8a7e09e247189ff0
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
The boot sequence mentioned in the documentation referred to an older
boot flow. This patch updates the boot sequence to the TBBR boot flow
that is currently being followed.
Signed-off-by: Deepthi Peter <deepthi.peter@arm.com>
Change-Id: I183458cea6d43dcf8acba2e0422920ab5541fdfc
This patch fixes system suspend in OS-initiated mode by setting the
value of `last_at_pwrlvl` in the `psci_power_state_t` object to
`PLAT_MAX_PWR_LVL`, which otherwise would result in undefined behavior.
This is conditionally compiled into the build depending on the value of
the `PSCI_OS_INIT_MODE` build option.
Change-Id: Ib9ff606b7eebd8a8224891a0d239a4e13311fe2a
Signed-off-by: Wing Li <wingers@google.com>
This patch fixes system suspend in OS-initiated mode by setting the
value of `last_at_pwrlvl` in the `psci_power_state_t` object to
`PLAT_MAX_PWR_LVL`, which otherwise would result in undefined behavior.
This is conditionally compiled into the build depending on the value of
the `PSCI_OS_INIT_MODE` build option.
Change-Id: Ia0fb1e68af9320370325642b17c4569e9580aa3a
Signed-off-by: Wing Li <wingers@google.com>
Currently we have a large series of errata_refactor patches pending
and they are all failing on arm_fpga build when we add errata_framework.
Errata framework can cause the size to grow and thus causing build
failure on bl31 size. This as of today is blocking us from
merging most of our changes as it will introduce a CI failure.
As an workaround we try to just reduce the arm_fpga build by a710
platform, we have a715 and a720 which should be ok I think.
Once everyone are available for further discussion we could revert this
change back and discuss further whats the right approach.
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: I96a821e10aaecf04db7407fb2df38012839bfb94
* changes:
feat(intel): platform enablement for Agilex5 SoC FPGA
feat(intel): ccu driver for Agilex5 SoC FPGA
feat(intel): vab support for Agilex5 SoC FPGA
feat(intel): sdmmc/nand/combo-phy/qspi driver for Agilex5 SoC FPGA
feat(intel): ddr driver for Agilex5 SoC FPGA
feat(intel): power manager for Agilex5 SoC FPGA
feat(intel): cold/warm reset and smp support for Agilex5 SoC FPGA
feat(intel): reset manager support for Agilex5 SoC FPGA
feat(intel): mailbox and SMC support for Agilex5 SoC FPGA
feat(intel): system manager support for Agilex5 SoC FPGA
feat(intel): memory controller support for Agilex5 SoC FPGA
feat(intel): clock manager support for Agilex5 SoC FPGA
feat(intel): mmc support for Agilex5 SoC FPGA
feat(intel): uart support for Agilex5 SoC FPGA
feat(intel): pinmux, peripheral and Handoff support for Agilex5 SoC FPGA
* changes:
docs(imx9): add imx93 platform
feat(imx93): add OPTEE support
feat(imx93): protect OPTEE memory to secure access only
feat(imx93): add cpuidle and basic suspend support
feat(imx93): add reset & poweroff support
feat(imx93): allow SoC masters access to system TCM
feat(imx93): update the ocram trdc config for did10
feat(imx93): add the basic support
feat(imx93): add the trdc driver
build(changelog): add new scopes for nxp imx platform
A separate design document for Measured Boot covers the porting
guidelines for the Measured Boot interfaces. As a result,
the Measured Boot interfaces have been removed from the porting
guide and a link to the Measured Boot design document has been
provided.
Change-Id: Ia6bd2620d830aea6aececab4af7e10a6d737f025
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The code review guidelines have been updated to explain when
patches that do not receive a response to the review comments
will be abandoned.
Change-Id: I60539e16ca41245cf1b352f24557be1b3c67c367
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Update 'PSA_INITIAL_ATTEST_TOKEN_MAX_SIZE' to
'PSA_INITIAL_ATTEST_MAX_TOKEN_SIZE' which is defined
in the PSA Certified Attestation API spec.
Change-Id: I5837fea552e6fe18a203412eb90d41e2f90ad6f1
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
The fact that this was void instead of int, as required, caused
the test-running code to assume that the tests always failed.
Fixing the return type fixes the always-tests-failing bug.
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Change-Id: Ief55fe15c437c87dac1d03419a8e148f5d864b8d
In their respective makefiles, cert_create, encrypt_fw and fiptool
depend on the --openssl phony target as a prerequisite. This forces
those tools to be re-linked each time.
Move the dependencies on the --openssl target from the tools to their
makefiles all targets, to avoid unnecessary linking while preserving the
OpenSSL version printing done in the --openssl targets when in debug.
Fixes: cf2dd17ddd ("refactor(security): add OpenSSL 1.x compatibility")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Change-Id: I98a3ab30f36dffc253cecaaf3a57d2712522135d
