verify_hash should be placed before calc_hash
align with crypto_mod.h
Change-Id: I536125502d83bb732cf70fbe516d5fe009dc95fe
Signed-off-by: zhiyang.shi <zhiyang.shi@cixtech.com>
The DSU contains system control registers in the SCU and L3 logic to
control the functionality of the cluster. If "DIRECT CONNECT" L3 memory
system variant is used, there won't be any L3 cache, snoop filter, and
SCU logic present hence no system control register will be present.
Hence check SCU presence before accessing DSU register for DSU_2313941
errata.
(commit message taken from commit
942013e1dd by Pramod Kumar
<pramod.kumar@broadcom.com> just errata number changed)
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I38cee6085d6e49ba23de95b3de08bc98798ab2b3
Added changelog for v2.10 release.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Id06263047fcc1ec60e82f85cd09e2e4bc95830f5
This reverts commit 0abbfab320.
Reason for revert: Changelog was based on rc0 tag but we got few more patches after that which were not captured.
Change-Id: I9829f2b6dc09f0bd5c538845cbae051f6e4c8a75
Reduce the size of the CPER buffer as it is overlapping with SP's heap
region.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Iaea75a1ffb50ecf0223594fe8bffcebc16da7eab
With SPMC at el3 enabled on rdn2cfg2 configuration BL31 needs more
memory region to accommodate increased xlat table size.
Increase the size by 16K.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ib235fe35d53a9b85a5ce0a29f2ec4cc3bd85ded9
Cortex-A78C erratum 2743232 is a Cat B erratum that applies
to revisions r0p1 and r0p2 and is still open.
The workaround is to set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN Documentation:
https://developer.arm.com/documentation/SDEN-2004089/latest
Change-Id: Ic62579c2dd69b7a8cbbeaa936f45b2cc9436439a
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Neoverse V1 erratum 2348377 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is to
set CPUACTLR5_EL1[61] to 1.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1401781/latest
Change-Id: Ica402494f78811c85e56a262e1f60b09915168fe
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Cortex-X3 erratum 2779509 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is
to set chicken bit CPUACTLR3_EL1[47], this might have a small
impact on power and has negligible impact on performance.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: Id92dbae6f1f313b133ffaa018fbf9c078da55d75
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Arm has made the strategic decision to deprecate the TC1 platform.
Consequently, software development and the creation of fast models
for the TC1 platform have been officially discontinued.
The TC1 platform, now considered obsolete, has been succeeded by
the TC2 platform. It's noteworthy that the TC2 platform is already
integrated and supported in both TF-A and CI repositories.
Change-Id: Ia196a5fc975b4dbf3c913333daf595199968d95d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
A number of features are marked experimental in the build system through
makefiles but there wasn't an explicit document to list them.
Added a dedicated experimental build options section and moved
existing experimental build option descriptions in this section.
Restoring the change from [1] removing the experimental flag on the EL3
SPMC (this has been lost in rebasing a later change).
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24713
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2c458c6857c347114b265404e8b9ede9ac588463
Currently MediaTek platform code does not support the bl32 image.
Remove bl32 support from Makefile to prevent the build failure when
NEED_BL32 build flag is enabled.
Change-Id: Id8d5663ea5c537390f8ff3ccb427a3a63266545e
Signed-off-by: Hsin-Hsiung Wang <hsin-hsiung.wang@mediatek.com>
As part of the release process, revisit the list of maintainers to
keep it updated.
Change-Id: Ifdbbe0d0dd1c8db3e5fbc84affcceb6d3c7716d4
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
This change updates the model versions that we claim to be testing with
to reflect what the reality in the CI.
Change-Id: Ieb44f3f21cd0ba7149d47f7688698831c9eab487
Signed-off-by: Chris Kay <chris.kay@arm.com>
We have to handle wide selection of cpu cores in one TF-A binary:
- v8.0: a53, a57, a72
- v8.2: a55, a76, n1
- v8.4: v1
- v9.0: a710, n2
And then we have QEMU's hybrid: 'max' which has everything QEMU can
emulate.
TF-A for QEMU platforms was built for v8.5 architecture. But turned out
that 'max' has v8.7 flag now (HCX) which we need to have. And this
enabled set of mandatory features which made TF-A not-bootable on
v8.0/8.2 cpus.
So I decided to follow Arm FVP way and do build for v8.0 with set of
feature flags enabled. This way we have bare minimum to make v8.0 cpus
boot. And then all features from newer cores are enabled with runtime
check which makes them boot.
Tested with BSA/SBSA ACS and Debian Linux 6.5 kernel.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: Ib87bdab992536c65ce0747ce1520682eafc18d39
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Arm Confidential Compute Architecture (Arm CCA) support, underpinned by
Arm Realm Management Extension (RME) support, brings in a few important
software and hardware architectural changes in TF-A, which warrants a
new security analysis of the code base. Results of this analysis are
captured in a new threat model document, provided in this patch.
The main changes introduced in TF-A to support Arm CCA / RME are:
- Presence of a new threat agent: realm world clients.
- Availability of Arm CCA Hardware Enforced Security (HES) to support
measured boot and trusted boot.
- Configuration of the Granule Protection Tables (GPT) for
inter-world memory protection.
This is only an initial version of the threat model and we expect to
enrich it in the future.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Co-authored-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Iab84dc724df694511508f90dc76b6d469c4cccd5
Removed RSS usage from the Base AEM FVP platform, as it wasn't
functional on this platform. The Base AEM FVP platform lacks
support for RSS.
Instead, the TC2 platform with RSS is available for actual RSS
interface implementation and testing.
Change-Id: I8f68157319399ab526f9e851b26dba903db5c2e7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially
introduced for building the Base AEM FVP platform platform with RSS.
However, we now have a well-defined TC2 platform with RSS, making it
unnecessary to keep this flag.
Note -
Theoretically this is a breaking change. Other platforms could be
using the PLAT_RSS_NOT_SUPPORTED build option. Among upstream platforms,
only the Base AEM FVP uses it right now but we don't know about
downstream platforms.
Change-Id: I931905a4c6ac1ebe3895ab6e0287d0fa07721707
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The usage of this macro hinders the accuracy of code coverage
data. Lines of code calling this macro always appear as covered because
the test condition within it always gets executed; however, the branch
is not necessarily taken. Consequently, we lose branch coverage
information on these error code paths.
Besides, it is debatable whether such a simple macro really improves
code readability or on the contrary obfuscates the code...
For these reasons, this patch inlines the macro code everywhere it was
called.
It also adds some error messages in all these places to help narrowing
down authentication failures. These messages only get displayed and
compiled into the binaries when building TF-A with 'LOG_VERBOSE' level
of verbosity. We use the same message string everywhere in order to
limit the memory footprint increase for 'LOG_VERBOSE' builds.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I461078bb8c6fd6811d2cbefbe3614e17e83796f2
