Add a check in pre-commit hook to check the
- copyright header is present for the authors organisation.
- the copyright year for the copyright header is updated.
The author email id is parsed to get the organization. Depending upon
the parsed info, the copyright header for the organization is checked
if its present in the file(s) or not.
If the copyright header is present in the file(s) then the copyright
year is checked.
If the copyright header is not present or the copyright year in the
header is not updated it is highlighted to the author
which the user then needs to incorporate in the change accordingly.
To enable this check, the case statement in
.husky/pre-commit.copyright needs to be modified to add the domain
from the email id and corresponding copyright header of the
organisation.
Change-Id: I4dedb68248b3dae997d887dd380155fe326d071d
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name in doc
feat(dt-bindings): introduce CCA CoT, rename TBBR
Added a threat model for PSA firmware update as well as TBBR FWU aka
firmware recovery.
Change-Id: I2396e13144076d7294f61f6817e1a8646225c6c2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add support for BL2 to get the CCA chain of trust description
through the Firmware Configuration Framework (FCONF). This makes
it possible to export the part of the CCA chain of trust enforced
by BL2 in BL2's configuration file (TB_FW_CONFIG DTB file). BL2
will parse it when setting up the platform.
This feature can be enabled through the COT_DESC_IN_DTB=1 option.
The default behaviour (COT_DESC_IN_DTB=0) remains to hard-code
the CCA CoT into BL2 image.
Change-Id: Iec4f623d5e42b7c166beeb3ad6b35d918969f7e2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Adding support for CCA CoT in DTB. This makes it possible for BL2
to retrieve its chain of trust description from a configuration file
in DTB format. With this, the CoT description may be updated without
rebuilding BL2 image. This feature can be enabled by building BL2
with COT_DESC_IN_DTB=1 and COT=cca. The default behaviour remains to
embed the CoT description into BL2 image.
Change-Id: I5912aad5ae529281a93a76e6b8f4b89d867445fe
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Add CCA CoT DTB and rename generic CoT DTB to TBBR CoT DTB
This allows CCA platforms to get their chain of trust description
from a configuration file, rather than hard-coding it into the
firmware itself.
Change-Id: I114788a5d21b9a8d625239cfb71b442d204e3654
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Update CoT binding documentation to add the signing-key property
as optional in root-certificates and add rot_keys node
Change-Id: I1d1fbc0394275520cfa43213d5b7006e51990fdd
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_REQ2 interface.
Handler validates security states of sender/receiver pairs
and forwards the call to other world if necessary.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I02a60362d8d9a50fcc0b6a84753cba274ba5eb1b
Until now we have only supported describing chain of trusts through the
CoT DTB with a single ROTPK so the signing key for root certificates was
implicit. Therefore signing key was not a supported property in the
root certificates node.
Now we want to extend that to describe CoTs with mulitiple roots of
trust so we need a way to specify for each root certificate with which
ROTPK it should be verified. For that, we reuse the 'signing-key'
property already in use for the non-root certificates, but we make it
optional for root certificates in single-RoT CoTs and for root
certificates signed with the default ROTPK in multi-RoT CoTs.
Change-Id: I41eb6579e8f1d01eaf10480fe5e224d2eed9c736
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
When PIE is enabled, it can be handy to display the .rela.dyn section.
Add RELA in the list of symbols parsed, to display this section in
memory map.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ic40da54ce6fb6e281fb1a6627e9b8830993cfb2c
When building BL1 with SEPARATE_CODE_AND_RODATA=0, symbol names
__RO_{START|END}__ are ignored by memory map dump script.
Fix it by including the symbol in regular expression.
While at it, update the copyright year to current.
Change-Id: Iafeab75c5711429ea0b744510caf27dd8784a29a
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Enable handoff to BL31 and BL32 using transfer list.
Encode TL_TAG_OPTEE_PAGABLE_PART as transfer entry.
Fallback to default handoff args when transfer list is disabled or
fails to archieve args from transfer entries.
Refactor handoff from BL2 to BL33.
Minor fixes of comment style.
Change-Id: I55d92ca7f5c4727bacc9725a7216c0ac70d16aec
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Enable handoff to OP-TEE using transfer list.
Create transfer list when loading OP-TEE image via non-secure SMC call.
Fallback to default handoff args when transfer list is disabled or
transfer list signature does not exist.
Change-Id: I94bb5b7fdfbb8829016a9d5d9ef5aff993d7cc99
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Silence warning from sp_mk_generator that 'is not' operator
is not meant for integers. This replaces the referred instance
with '!='.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I0d31ad65466dbeafebbfc929e506c3e290913aca
* changes:
feat(stm32mp2): put back core 1 in wfi after debugger's halt
feat(stm32mp2): add plat_my_core_pos
fix(stm32mp2): correct early/crash console init
Add support for FFA_CONSOLE_LOG in EL3 SPMC,
Disallow forwarding FFA_CONSOLE_LOG across worlds.
Add support for FFA_CONSOLE_LOG in FFA_FEATURES.
Input parameters:
w0/x0 - FFA_CONSOLE_LOG_32/64
w1/x1 - Character count
w2/x2-w7/x7 - 24 or 48 characters depending upon whether a SMC32 or
SMC64 FID was used.
Output parameters in case of success:
w0/x0 - FFA_SUCCESS
Output parameters in case of error:
w0/x0 - FFA_ERROR
w2/x2 - NOT_SUPPORTED: ABI is not implemented
INVALID_PARAMETERS: Parameters are incorrectly encoded
Signed-off-by: Shruti Gupta <shruti.gupta@arm.com>
Change-Id: I004c043729e77d1b9aa396c42d25c73d9268169a
Enable query of fip offset from QSPI on RSU boot for
Intel agilex and intel agilex5 platform
Change-Id: Iaa189c54723a8656b9691da5849fd86b9986cfa1
Signed-off-by: Mahesh Rao <mahesh.rao@intel.com>
Query the fip binary from SPT table on RSU boot on Intel Agilex series.
Change-Id: I8856b49539f33272625d4c0a8c26b81b5864c4eb
Signed-off-by: Mahesh Rao <mahesh.rao@intel.com>
Coverity Scan reminded that we need to take care of MPIDR properly.
We need to make sure that we get MPIDR values from QEMU.
No MPIDR == panic() in case which should not happen.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: Idb5fe7d958f0bcecd3d66a643743f478538f4a8b
Added an assumption in generic threat model that platform's hardware
conforms the Platform Security Requirements specification.
Change-Id: I753287feec1cd459edfd3d1c103e0e701827cc05
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
As stated in the commit introducing the NS_TIMER_SWITCH build flag,
saving/restoring this registers causes the non-secure timer to stop
while in the secure world and non-secure timer interrupts are prevented
from asserting until we return to the non-secure world. This breaks
any realtime OS on the non-secure side that uses this timer for
realtime scheduling.
This flag is by default off, but OP-TEE SPD enables it. The K3 OP-TEE
platform makes no use of these registers and we would like to have
support for realtime OSs while also supporting the OP-TEE SPD. Disable
this flag in our platform definition.
Signed-off-by: Andrew Davis <afd@ti.com>
Change-Id: I65055512d897b93b7690fd63c734f4731a6e09e6
The core 1 is put in wfi for pen holding. If a debugger halts the
core, it causes the core to exit from wfi.
Let the core to jump back in wfi when the debugger resumes the
core's execution.
Signed-off-by: Antonio Borneo <antonio.borneo@foss.st.com>
Change-Id: I9b5607b05cdcde905dc4047af8d6f1292d53d701
This function is required, at least for bakery locks.
Change-Id: I28906c50e0a0ebff5d387a424247513ec1a599fc
Signed-off-by: Yann Gautier <yann.gautier@st.com>
The former code, using x2 register, was removing the LPEN bit from UART
config register. So the UART clock is stopped as soon as the CA35 is in
CSleep. It was then displaying crap in Linux console.
The ands check instruction is replaced with a clearer tst instruction
directly with the bit to be tested.
Change-Id: I8a2b3ab195981dee2962e0c2f5d501d5933c17f4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Calculate the free space as the range between the
limit and the end of the memory region *_REGION_END.
Change-Id: I9cacadea2543c9f5ddaebca82344a83678cd7d55
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
The FF-A specification has made it such that SPs
may optionally specify their load address in the manifest.
This info was being retrieved to generate some information
for the SPMC manifest. However, it is not a mandatory utility.
This change relaxes the case in which the SP manifest doesn't
have a load address.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Ic4c1b1ec6666522900c113903be45ba0eb5d0bf6
QEMU provides us with minimal information about hardware platform using
minimalistic DeviceTree. This is not a Linux DeviceTree. It is not even
a firmware DeviceTree.
Change-Id: I7b6cc5f53a4f78a9ed69bc7fc2fa1a69ea65428d
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
We want to remove use of DeviceTree from EDK2. So we move
functions to TF-A:
- counting cpu cores
- checking NUMA node id
- checking MPIDR
And then it gets passed to EDK2 via SMC calls.
Change-Id: I1c7fc234ba90ba32433b6e4aa2cf127f26da00fd
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
