The arm,vexpress,config-bus DT binding restricts the possible (sub)node
names.
Adjust the current node names, to drop the unneeded address specifier,
and make the node names binding compliant.
Change-Id: Ic48c6969268c960ce92c8ec3a756ed1d89e61b08
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
When firmware implements idle states via PSCI, the value of the DT
entry-method property must be "psci", not "arm,psci".
Fix this to make the CPU description binding compliant.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Icd1bf704d177368af9b7aab545f47e580791b8cc
The arm,armv7-timer-mem DT binding documentation demands that the
#size-cells property should be <1> only.
Adjust the value to be <1> and drop the now needless leading 0 in the
frame's reg property. Convert to #address-cell = <1> on the way.
Also adjust the interrupts property to use the proper GIC macros.
Change-Id: Ia2224663b1e6aaa7cf94af777473641de6a840d2
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The existing DT files for the base FVP model are having some issues,
that lead to warnings reported by the device tree compiler.
Those (and many other issues around (updated) DT binding compliance)
were fixed in the Linux kernel tree, so let's sync those files back into
TF-A.
We cannot copy the files "as is" for now, since we rely on certain custom
properties to be added (max-pwr-lvl in the PSCI node, SDEI nodes, etc).
Merge in the changed parts of the Linux kernel DT (from Linux v6.0-rc1),
and rework the base file to allow including the motherboard.dtsi
unchanged. This should make any future update less painful.
As this also affects the FVP VE boards (Cortex-A7 and Cortex-A5), since
they share the motherboard include file, fix them up as well.
Change-Id: I4f74d05e5583747f8849e32f246f74aeec7a9c60
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The GICv2 and GICv3 version of the FVP DT files are unnecessarily split,
as the common part of the peripherals is the same: it's literally just
the interrupt controller node that is different.
Since the GICv3 versions now use a generic DT include file (without any
GIC node), let's reuse that for the GICv2 versions of the FVP as well.
We just add a separate fvp-base-gicv2.dtsi file which describes the
GICv2 interrupt controller. Also shorten the compatible string, since
the GICv2 binding documentation does not allow the current combination.
This allows to remove the mostly redundant nodes from the GICv2 .dts
file.
Change-Id: I9018031bb611fb00ca7dbefc1bff7d40c3f05819
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The GICv2 and GICv3 version of the FVP DT files are unnecessarily split,
as the common part of the peripherals is the same: it's literally just
the interrupt controller node that is different.
To facilitate a unification, refactor the DT include files to explicitly
include a snippet with just the GICv3 description, and a generic base DT
file for the rest. This generic file can then be reused by the GICv2
versions later.
Since we can only have a /memreserve/ entry *before* any DT nodes, move
that line to each file, to allow including the GIC DT file separately.
Change-Id: I9ff357d3fe0ce46e280c30131aeae97a99631512
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Conceptually the DT is a hardware description, as such it's independent
from the instruction set that a DT client uses. So having separate DTs
for aarch32 and aarch64 does not make sense and is not needed.
Probably due to historic reasons (a Linux bug fixed in 2016 with Linux
commit ba6dea4f7ced, in Linux v4.8) the CPU reg property was using a
different size between aarch64 and aarch32, even though the size of it
is solely governed by the parent's #address-cells property.
Consolidate this to be always 2, and always use two cells to describe
the CPU's MPIDR register.
This removes the last difference of the -aarch32 versions of the FVP
DT files, so just remove all of them. The respective versions without
that suffix can now be used with AArch32 DT clients as well.
Also remove the respective part in the documentation.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: I45d3a2cbba8e04595a741e1cf41900377952673e
For no real reason we were shipping two separate DT include files for the
base FVP motherboard peripherals, one for aarch32, one for aarch64.
There is no difference in the hardware description when using a
different instruction set, and the diff between the two files was about
a missing interrupt map for the 64-bit DT files.
Consolidate the situation by just using a single motherboard .dtsi file,
which relies on an interrupt map by the including files.
Provide that map in the two files where it was missing before, and
change the filenames to let all users include the same file now.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: I19b77ecc8da9b4bfbd61d02f910b9ab05dbf92e9
The DT files for the Cortex-A5 and Cortex-A7 FVP models include the
shared rtsm_ve-motherboard.dtsi file, which we need to sync with the
upstream Linux version soon.
To prepare for its changed structure there, adjust the top-level
#address-cells and #size-cells properties to be compatible with the
expectations of the Linux version.
Also extend the interrupt map to cover all peripherals listed in the
motherboard file, and use the proper GIC macros to make them more
readable on the way.
Change-Id: I7d1493f1a200e8350530f912833f9ffcc5f94b21
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The PSCI DT nodes used for the various fvp-base model variants provide
explicit function IDs, as required for the pre-v0.2 PSCI specification.
This prevents them from being used from both AArch32 and AArch64 DT
clients, and using this version of the PSCI spec is long deprecated
anyway.
Remove the old compatible string and the function properties, to
force clients to use the standard function IDs as described in the PSCI
spec. sys_poweroff and sys_reset were never standardised or used anyway.
There should be no client software around that cannot deal with PSCI
v0.2.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Ie87deb9898eae79b7307c15bcefcd4b311d4dc22
* changes:
fix(psa): extend measured boot logging
fix(rss): determine the size of sw_type in RSS mboot metadata
fix(psa): align with original API in tf-m-extras
fix(rss): clear the message buffer
feat(tc): enable RSS backend based measured boot
feat(tc): increase maximum BL1/BL2/BL31 sizes
Print all the params of
rss_measured_boot_extend_measurement() to
the console to check parameter healthiness.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I072fe5fef72c67e615ab64e06a9e1f6add5e9cfc
The attestation key derivation and platform attestation token
creation functionality is provided by the Delegated Attestation
partition in RSS.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2d8c0e6589d11e7c81c698adf75ee2a993e3a0c6
Platform must define the maximum size of the message
over MHU.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I91a6c132c946f4465178910b8ea83544f562e837
Without setting the correct size of sw_type the metadata won't
be propagated to RSS through rss_measured_boot_extend_measurement()
API.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I4066d4762689c96ac2ac8e8b8db5d2b1f108b550
Adding PLAT_* prefix to indicate that the
platform needs to provide this definition.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I0bd02be405fd8b1e625bd2b82647ebb2b58265fc
The measured boot API is available in the tf-m-extras
repo:
partitions/measured_boot/interface/src/measured_boot_api.c
This change make the API behavior align with
the original implementation.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie4af38b859f942b2ef090e92da64d75811b5b49b
Define the RSS_COMMS_PAYLOAD_MAX_SIZE macro. Its value is platform
specific and gives the largest message size which are exchanged
on the TC2 platform between RSS and AP.
Change-Id: Id831c282dc9a39755b82befead1a81767e217215
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Clear the MHU message buffer to remove assets from memory.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I730e7b044eaf0bf517532a12146e4f542949544e
Measurements taken during boot are stored in RSS.
These measurements are included in the platform
attestation token.
Change-Id: Iac3356f813fb417315681c718839319832a76191
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Delegated attestation is a service provided by RSS to:
- Derive a delegated attestation key: Realm Attestation Key
- Query the platform attestation token
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I3edf09fcbef24bca7c8a000ffac8c1ab64dfb812
The maximum size of BL1/BL2/BL31 is increased due to
the added new functionalities, such as RSS based
measured boot on TC2.
Change-Id: I939c7c3da6bf870db46b32cd2836c6737de278bb
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Remove an assert, which checks whether output buffer is
provided, because in measured boot there is no output.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I08db9c2eea1da2d7120c9872ffbf8d8ee45c8e08
* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache before DLME launch
feat(drtm): invalidate icache before DLME launch
feat(drtm): ensure that passed region lies within Non-Secure region of DRAM
feat(fvp): add plat API to validate that passed region is non-secure
feat(drtm): ensure that no SDEI event registered during dynamic launch
feat(drtm): prepare EL state during dynamic launch
feat(drtm): prepare DLME data for DLME launch
feat(drtm): take DRTM components measurements before DLME launch
feat(drtm): add a few DRTM DMA protection APIs
feat(drtm): add remediation driver support in DRTM
feat(fvp): add plat API to set and get the DRTM error
feat(drtm): add Event Log driver support for DRTM
feat(drtm): check drtm arguments during dynamic launch
feat(drtm): introduce drtm dynamic launch function
refactor(measured-boot): split out a few Event Log driver functions
feat(drtm): retrieve DRTM features
feat(drtm): add platform functions for DRTM
feat(sdei): add a function to return total number of events registered
feat(drtm): add PCR entries for DRTM
feat(drtm): update drtm setup function
refactor(crypto): change CRYPTO_SUPPORT flag to numeric
feat(mbedtls): update mbedTLS driver for DRTM support
feat(fvp): add crypto support in BL31
feat(crypto): update crypto module for DRTM support
build(changelog): add new scope for mbedTLS and Crypto module
feat(drtm): add standard DRTM service
build(changelog): add new scope for DRTM service
feat(fvp): increase MAX_XLAT_TABLES entries for DRTM support
feat(fvp): increase BL31's stack size for DRTM support
feat(fvp): add platform hooks for DRTM DMA protection
Documented steps to run DRTM implementation.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I30dd8c1088a54a8906389c2584d922862610dae0
Flush the data cache range before DLME launch to ensure that data
passed by DCE preamble is committed.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I9946fd3420a17b86d9f1483e8b2cd5880033454e
As per DRTM beta0 spec table #28, Before the DLME is called the DCE
must invalidate all instruction caches.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I7efbb03d1d13346a8d898882fdbd7bbe8f1d49b2
Adding SECURE rm flag to support INTR_EL3_VALID_RM1 routing model.
Signed-off-by: Muhammad Arsath K F <quic_mkf@quicinc.com>
Change-Id: Ie72d62148e81d3cf7fb05f46124f846cc45d9d41
Ensured DLME data region and DRTM parameters are lies within Non-Secure
region of DRAM by calling platform function 'plat_drtm_validate_ns_region'.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I93ead775f45ca7748193631f8f9eec4326fcf20a
Added a platform function to check passed region is within
the Non-Secure region of DRAM.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie5808fa6a1b6e6bc99f4185fa8acc52af0d5f14d
Ensured no SDEI event are registered during dynamic launch.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ied3b2d389aa3d9a96ace9078581d5e691f0b38a7
Taken measurement of various DRTM components in the Event Log
buffer to pass it to DLME.
Change-Id: Ic56620161f42596d22bf40d5c83c041cbce0b618
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added DRTM DMA protections APIs, and called them during
the DLME launch and DRTM SMC handling.
Change-Id: I29e7238c04e2ca9f26600276c5c05bff5387789e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added remediation driver for DRTM to set/get the error
from non-volatile memory
Change-Id: I8f0873dcef4936693e0f39a3c95096cb689c04b7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Added a platform function to set and get DRTM error.
Also, added a platform function to reset the system.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I471f2387f8c78b21a06af063a6fa02cda3646557
Added Event Log driver support for DRTM. This driver
is responsible for the doing the hash measurement of
various DRTM components as per [1], and putting these
measurements in the Event Log buffer.
[1]: https://developer.arm.com/documentation/den0113/a, section 3.16
Change-Id: I9892c313cf6640b82e261738116fe00f7975ee12
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This function is placeholder for checking all the necessary conditions
before doing drtm dynamic launch.
In this patch following conditions are checked (based on Table 31 of
DRTM spec beta0), rest of the conditions will be added in later
patches.
- Only boot PE is online
- Caller execution state is AArch64
- Caller exception level is NS-EL2 or NS-EL1
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I622b946bc191bb39f828831336ceafbc10834c19
Reorganized a few Event Log functions into multiple functions so that
they can be used for the upcoming DRTM feature. This change mainly
implements below new functions -
1. event_log_buf_init - called by 'event_log_init' to initialise Event
Log buffer
2. event_log_write_specid_event - called by 'event_log_fixed_header' to
write specification id event to Event Log buffer
3. event_log_measure and event_log_record - called by
'event_log_measure_and_record' to measure and record the measurement
to the Event Log buffer
Change-Id: I1aabb57f79bead726fcf36d59839702cd6a3521d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
