If MTKLIB_PATH is provided, the build will use the library provided by
MTKLIB_PATH. Otherwise, it will use stub implementation.
Change-Id: I218e724231c8bbc6cc851a240c6bbc4f6f49f154
Signed-off-by: Gavin Liu <gavin.liu@mediatek.corp-partner.google.com>
* changes:
feat(qemu): hand off TPM event log via TL
feat(handoff): common API for TPM event log handoff
feat(handoff): transfer entry ID for TPM event log
fix(qemu): fix register convention in BL31 for qemu
fix(handoff): fix register convention in opteed
Commit 71c4443886ff ("fix(lib/rmm_el3_ifc): add console name to checksum
calculation") on TF-RMM updated the checksum calcualtion of the RMM
manifest to include the console names.
Include console names in the QEMU manifest to remain compatible with
RMM, just like commit aa99881d30 ("fix(rme): add console name to
checksum calculation") did for FVP.
Checksum calculation is done by adding together 64-bit values. Add a
helper that does this.
Change-Id: Ica6cab628160593830270bef1acdeb475d1c0c36
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
* changes:
feat(smccc): implement SMCCC_ARCH_FEATURE_AVAILABILITY
refactor(cm): clean up per-world context
refactor(cm): change owning security state when a feature is disabled
Implement stub functions for the EMI driver to ensure that the build
can pass when a prebuilt library is not available.
Change-Id: I296945a3df6766a3a133cd385a1e5038ca979403
Signed-off-by: Gavin Liu <gavin.liu@mediatek.corp-partner.google.com>
Move platform.mk inclusion in top level Makefile to permit a platform
specifying BRANCH_PROTECTION option.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1f662f82cd949eedfdbb61b9f66de15c46fb3106
Similarly to BL1 and BL31, use EL3_PAS macro from xlat_tables header
(depends on ENABLE_RME) in BL2 to define MAP_BL2_TOTAL.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I59a3b297efd2eacd082a297de6b579b7c9052883
If TRANSFER_LIST is enabled, hand off TPM event log via TL instead
of DT; otherwise fallback to legacy way if TRANSFER_LIST is off or
errors observed.
Moreover, for updating the TL from secure to non-secure
memory before existing EL3, replace memcpy with function
transfer_list_relocate() for more accuracy.
Change-Id: I1d6bcf573f91efe99380bc89195198a8583b1def
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
print ni-tower discovery tree to understand ni-tower hierarchy which
might be useful during debugging.
Change-Id: Ib49fef9c63f7740e04b4d8371c1083bd040f6e09
Signed-off-by: Jagdish Gediya <jagdish.gediya@arm.com>
Signed-off-by: Icen.Zeyada <Icen.Zeyada2@arm.com>
Set console baurate to 38400 for fvp as well for code
simplicity.
Change-Id: I58ba6b7043541f6eb67e32257307da4eba0bb28a
Signed-off-by: Jagdish Gediya <jagdish.gediya@arm.com>
Signed-off-by: Icen.Zeyada <Icen.Zeyada2@arm.com>
remove redundant macro UARTCLK_FREQ and replace it with TC_UARTCLK
in dts.
Change-Id: Id463a9ddc1588278e552ffca3dfb738676229ce7
Signed-off-by: Jagdish Gediya <jagdish.gediya@arm.com>
Signed-off-by: Icen.Zeyada <Icen.Zeyada2@arm.com>
SMCCC_ARCH_FEATURE_AVAILABILITY [1] is a call to query firmware about
the features it is aware of and enables. This is useful when a feature
is not enabled at EL3, eg due to an older FW image, but it is present in
hardware. In those cases, the EL1 ID registers do not reflect the usable
feature set and this call should provide the necessary information to
remedy that.
The call itself is very lightweight - effectively a sanitised read of
the relevant system register. Bits that are not relevant to feature
enablement are masked out and active low bits are converted to active
high.
The implementation is also very simple. All relevant, irrelevant, and
inverted bits combined into bitmasks at build time. Then at runtime the
masks are unconditionally applied to produce the right result. This
assumes that context managers will make sure that disabled features
do not have their bits set and the registers are context switched if
any fields in them make enablement ambiguous.
Features that are not yet supported in TF-A have not been added. On
debug builds, calling this function will fail an assert if any bits that
are not expected are set. In combination with CI this should allow for
this feature to to stay up to date as new architectural features are
added.
If a call for MPAM3_EL3 is made when MPAM is not enabled, the call
will return INVALID_PARAM, while if it is FEAT_STATE_CHECK, it will
return zero. This should be fairly consistent with feature detection.
The bitmask is meant to be interpreted as the logical AND of the
relevant ID registers. It would be permissible for this to return 1
while the ID returns 0. Despite this, this implementation takes steps
not to. In the general case, the two should match exactly.
Finally, it is not entirely clear whether this call replies to SMC32
requests. However, it will not, as the return values are all 64 bits.
[1]: https://developer.arm.com/documentation/den0028/galp1/?lang=en
Co-developed-by: Charlie Bareham <charlie.bareham@arm.com>
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1a74e7d0b3459b1396961b8fa27f84e3f0ad6a6f
In preparation for SMCCC_ARCH_FEATURE_AVAILABILITY, it is useful for
context to be directly related to the underlying system. Currently,
certain bits like SCR_EL3.APK are always set with the understanding that
they will only take effect if the feature is present.
However, that is problematic for SMCCC_ARCH_FEATURE_AVAILABILITY (an
SMCCC call to report which features firmware enables), as simply reading
the enable bit may contradict the ID register, like the APK bit above
for a system with no Pauth present.
This patch is to clean up these cases. Add a check for PAuth's presence
so that the APK bit remains unset if not present. Also move SPE and TRBE
enablement to only the NS context. They already only enable the features
for NS only and disable them for Secure and Realm worlds. This change
only makes these worlds' context read 0 for easy bitmasking.
There's only a single snag on SPE and TRBE. Currently, their fields have
the same values and any world asymmetry is handled by hardware. Since we
don't want to do that, the buffers' ownership will change if we just set
the fields to 0 for non-NS worlds. Doing that, however, exposes Secure
state to a potential denial of service attack - a malicious NS can
enable profiling and call an SMC. Then, the owning security state will
change and since no SPE/TRBE registers are contexted, Secure state will
start generating records. Always have NS world own the buffers to
prevent this.
Finally, get rid of manage_extensions_common() as it's just a level of
indirection to enable a single feature.
Change-Id: I487bd4c70ac3e2105583917a0e5499e0ee248ed9
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
This resolves Dependabot vulnerability alert #19, resolving a DoS issue
in a dependency of pytest.
Change-Id: I2959da88d3d0422e15d25df5820dfd91f474d6ca
Signed-off-by: Chris Kay <chris.kay@arm.com>
Create a common BL2 API to add a TE for TPM event log.
Change-Id: I459e70f40069aa9ea0625977e0bad8ec316439e6
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
The commit with Change-Id:Ie417e054a7a4c192024a2679419e99efeded1705
updated the register convention r1/x1 values but missing necessary
changes in BL31.
As a result, a system panic observed during setup for BL32 when
TRANSFER_LIST is enabled due to unexpected arguments.
This patch is to fix this issue for qemu.
Change-Id: I42e581c5026f0f66d3b114204b4dff167a9bc6ae
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
The commit with Change-Id:Ie417e054a7a4c192024a2679419e99efeded1705
updated the register convention r1/x1 values but missing necessary
changes in BL31.
As a result, a system panic observed during setup for BL32 when
TRANSFER_LIST is enabled due to unexpected arguments.
This patch is to fix this issue for optee.
Change-Id: I13e116e7cb5a7d89fafc11d20295cffbf24793ab
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
SPE and TRBE don't have an outright EL3 disable, there are only
constraints on what's allowed. Since we only enable them for NS at the
moment, we want NS to own the buffers even when the feature should be
"disabled" for a world. This means that when we're running in NS
everything is as normal but when running in S/RL then tracing is
prohibited (since the buffers are owned by NS). This allows us to fiddle
with context a bit more without having to context switch registers.
Change-Id: Ie1dc7c00e4cf9bcc746f02ae43633acca32d3758
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
The combination of ENABLE_RME=1 + ENABLE_PIE=1 build options is
prevented currently for no good reason. ENABLE_PIE in a 4 worlds
configuration is mostly for building BL31 with PIE support.
BL1 / BL2 (BL2_RUNS_AT_EL3=1) remain non-PIE. BL32 (TSP) is PIE capable
but typically unused in this configuration. TRP doesn't support PIE
but is loaded in place so isn't affected by this option.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ia60e295534a92cb1b4e3eb88b3e240aea4f4fe1d
This is a small change adding accessor functions for the Debug Power
Control register (DBGPRCR_EL1) to the common architectural helpers.
Change-Id: I72261fbf0395d900347b46af320093ed946aa73d
Signed-off-by: Chris Kay <chris.kay@arm.com>
* changes:
feat(mbedtls): optimize SHA256 for reduced memory footprint
refactor(arm): rename ARM_ROTPK_HEADER_LEN
docs(arm): update docs to reflect rotpk key changes
feat(arm): use provided algs for (swd/p)rotpk
feat(arm): use the provided hash alg to hash rotpk
By default, the ECDSA Brainpool regular and ECDSA Brainpool twisted
algorithms support 256-bit sized keys. Not defining this leads to
an error indicating that '256' is not a valid key size for ECDSA
Brainpool. KEY_SIZES matrix must have a value in its table to avoid
problems when KEY_SIZE is defined.
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I34886659315f59a9582dcee1d92d0e24d4a4138e
Set MBEDTLS_SHA256_SMALLER as the default mbedTLS configuration
to minimize memory usage, trading off some processing speed for
a smaller footprint.
Change-Id: Ibfa6e115a0ed94096b9acdd9e237f3fb5457071d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This variable had a misleading name, as it is the length
of the header only when the ROTPK is a hash.
Also rename arm_rotpk_header to match the new pattern.
Change-Id: I36c29998eebf50c356a6ca959ec9223c8837b540
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The hashing algorithm for the rotpk is now HASH_ALG,
not always sha-256. The public development keys are
no longer in the repository and are now generated at
run-time, updates the documentation to reflect this.
Change-Id: Ic336f7aca858e9b6a1af6d6e6dc5f4aa428da179
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
No longer hard code SHA-256 hashed rsa dev keys,
now the keys can use pair of key alg: rsa, p256, p384
and hash alg: sha256, sha384, sha512.
All public keys are now generated at build-time from the dev
keys.
Change-Id: I669438b7d1cd319962c4a135bb0e204e44d7447e
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
No longer hard code SHA-256 hashed dev rotpks, instead
use the algorithm given by HASH_ALG. This means that
we no longer need the plat_arm_configs (once the protpk and
swd_rotpk are also updated to use HASH_ALG).
The rot public key is now generated at build time, as is
the header for the key.
Also support some default 3k and 4k RSA keys.
Change-Id: I33538124aeb4fa7d67918d878d17f2a84d3a6756
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
* changes:
fix(versal2): typecast operands to match data type
fix(versal): typecast operands to match data type
fix(versal-net): typecast operands to match data type
fix(xilinx): typecast operands to match data type
fix(zynqmp): typecast operands to match data type
fix(versal-net): typecast operands to match data type
fix(versal): typecast operands to match data type
fix(xilinx): typecast operands to match data type
fix(zynqmp): typecast operands to match data type
fix(versal2): typecast expressions to match data type
fix(versal-net): typecast expressions to match data type
fix(versal): typecast expressions to match data type
fix(xilinx): typecast expressions to match data type
fix(zynqmp): typecast expressions to match data type
fix(zynqmp): align essential type categories
fix(zynqmp): typecast expression to match data type
fix(xilinx): typecast expression to match data type
