Cortex-X3 erratum 2742421 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Change-Id: Idadd323e419739fe909b9b68ea2dbe857846666b
Fixed internal links refrenced inside tfa/docs.
Followed https://www.sphinx-doc.org/en/master/usage/restructuredtext/roles.html#ref-role
for instrustion on how to link sections within other documents.
Signed-off-by: Thaddeus Serna <thaddeus.gonzalez-serna@arm.com>
Change-Id: I8e7c090d98951b1e3d393ab5b1d6bcdaa1865c6f
The generic threat model used to list threats in no particular order.
Reorganize threats so that they are grouped by mitigating entity. For
example, threats mitigated by the boot firmware (i.e. BL1 and BL2) are
now clubbed together, ditto for those mitigated by the runtime EL3
firmware. Note that some generic threats apply to all firmware images
so these get grouped in their own section as well.
The motivations for this refactoring are the following:
- Clarify the scope of the threats.
In particular, as the boot firmware is typically transient, threats
applying to those images can only be exploited during a short
period of time before the runtime firmware starts.
A note has been added to this effect.
- Helping developers implement mitigations in the right place.
- Some vendors have their own solution for booting their device and
only leverage the runtime firmware from the TF-A project. Thus,
they are not interested in the threat model of TF-A's boot
firmware. Isolating the latter in a specific section helps them
focus on what is important for them.
To avoid unnecessary churn, the threats ids have been kept the same.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Id8616fd0e4b37cd400b1ad3372beb3455234d4dc
The fact that RME is out of the generic threat model's scope is just
another assumption we make about the target of evaluation so mention
it there.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I839ec5427f36b085148338030e8b1b85191d4245
Neoverse N2 erratum 2009478 is a Cat B erratum that applies to
revision r0p0 and is fixed in r0p1. The workaround is to clear
the ED bit for all core error records before setting the PWRDN_EN
bit in CPUPWRCTLR_EL1 to request a power down.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ic5ef58c9e795b90026af1d2b09edc0eea3ceee51
Errata report order is enforced to be in ascending order. To achieve
this with the errata framework this has to be done at the definition
level.
Also rename the disable_non_temporal_hint to its erratum number to
conform to convention.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Id474872afebf361ab3d21c454ab3624db8354045
Add documentation for the new build option ENABLE_SPMD_LP.
Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I808e6c00e3699fc900dc97e889af63cc01cae794
This patch details the required packages and terminal commands for
building the documentation in PDF format locally.
Change-Id: Ic5f416b73e46d5f362fe9eb909200b95eda19e6a
Signed-off-by: Elizabeth Ho <elizabeth.ho@arm.com>
Move documentation related to Arm(R) Ethos(TM)-N NPU driver from
docs/plat/arm/arm-build-options.rst to
docs/getting_started/build-options.rst.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I388e8dcd3950b11bc3305f5e6396ee2e49c04493
* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'plat_mboot_measure_key' function
feat(tc): implement platform function to measure and publish Public Key
feat(auth): measure and publicise the Public Key
feat(fvp): implement platform function to measure and publish Public Key
feat(fvp): add public key-OID information in RSS metadata structure
feat(auth): add explicit entries for key OIDs
feat(rss): set the signer-ID in the RSS metadata
feat(auth): create a zero-OID for Subject Public Key
docs: add details about plat_mboot_measure_key function
feat(measured-boot): introduce platform function to measure and publish Public Key
* changes:
fix(cpus): workaround for Neoverse N2 erratum 2779511
fix(errata-abi): added Neoverse N2 to Errata ABI list
fix(cpus): workaround for Neoverse N2 erratum 2743014
fix(docs): updated certain Neoverse N2 erratum status in docs
refactor(cpus): convert Neoverse N2 to use CPU helpers
refactor(cpus): convert Neoverse N2 to framework
refactor(cpus): reorder Neoverse N2 errata by ascending order
Neoverse N2 erratum 2779511 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
set bit[47] of CPUACTLR3_EL1
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Iaa0e30de8473ecb1df1fcca3a45904aac2e419b3
Neoverse N2 erratum 2743014 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ie7e1be5dea9d1f74738f9fed0fb58bfd41763192
Certain Neoverse N2 erratum in docs were out of date with the latest
SDEN document and hence updated it to match the latest
SDEN documentation:
https://developer.arm.com/documentation/SDEN1707916/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I5d82a56388a46a09a42b940a633ecebdde0c74e3
The PDF documentation download has a lot of blank pages. This is
because Sphinx starts each section on an odd numbered page for
duplex printing. This patch fixes this to allow sections to start
on any page.
Change-Id: I1ba8a4707c39b54205f2a3c9b47c1c21a3fedcb9
Signed-off-by: Elizabeth Ho <elizabeth.ho@arm.com>
Deprecate pack_realm build command for TFTF.
To build Realm payload tests use ENABLE_REALM_PAYLOAD_TESTS=1.
This new command line for TFTF is effective from SHA 9945bef6b
in tf-a-tests repo.
Signed-off-by: Shruti Gupta <shruti.gupta@arm.com>
Change-Id: Iee9ac9b2b367aac50677fac95631e7e4818cdf3a
The auxiliary pdf build requires SVG files to be converted to pdf files.
Use libRSVG as a light weight alternative to inkscape, and ensure it's
installed in the build environment.
Change-Id: I1fdb05fb2701fc28a04e210d5928f4387ca08613
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Added details about the API that calculates the signer-ID and updated
console log details to provide signer-ID information for each image.
Change-Id: If637b3719418e9c0b8d2844c92bddbdfe454bfb8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added details of 'plat_mboot_measure_key' function in the porting-guide.
Change-Id: Id62211abc0ba13a0f581dc8e24c7b367afe2dcf5
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Neoverse V2 erratum 2801372 is a Cat B erratum that applies to
all revisions <=r0p1 and is fixed in r0p2. The workaround is to
insert a dsb before the isb in the power down sequence.
This errata is explained in SDEN 2332927 available at:
https://developer.arm.com/documentation/SDEN2332927
Change-Id: I8716b9785a67270a72ae329dc49a2f2239dfabff
Signed-off-by: Moritz Fischer <moritzf@google.com>
Maintainers for AMD platform ports has been updated.
"Amit Nagal" and "Akshay Belsare" are added to the list.
Change-Id: Ia64e1ec6c2f80515054730d307d41b0060d3dcc7
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
commit@7794d6c8f8c44acc14fbdc5ada5965310056be1e added a march utility
but the details were not updated in docs.
Update docs to provide a glimpse of march utility added.
Change-Id: I696cb9a701a30d7bf36a1ecd38a80d07df1fd551
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Document the new platform build options for the MSM8916 port which now
supports multiple similar Qualcomm SoCs:
- Snapdragon 410 (PLAT=msm8916) as before
- Snapdragon 615 (PLAT=msm8939)
- Snapdragon 210 (PLAT=msm8909)
- Snapdragon X5 Modem (PLAT=mdm9607)
The latter two use AArch32-only ARM Cortex-A7 cores that only support
using BL32/SP_MIN and not BL31 on AArch64.
Change-Id: I9fffe60dd0ad2acc18f006f11e91854b9e8dcb8f
Signed-off-by: Stephan Gerhold <stephan@gerhold.net>
The boot sequence mentioned in the documentation referred to an older
boot flow. This patch updates the boot sequence to the TBBR boot flow
that is currently being followed.
Signed-off-by: Deepthi Peter <deepthi.peter@arm.com>
Change-Id: I183458cea6d43dcf8acba2e0422920ab5541fdfc
A separate design document for Measured Boot covers the porting
guidelines for the Measured Boot interfaces. As a result,
the Measured Boot interfaces have been removed from the porting
guide and a link to the Measured Boot design document has been
provided.
Change-Id: Ia6bd2620d830aea6aececab4af7e10a6d737f025
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The code review guidelines have been updated to explain when
patches that do not receive a response to the review comments
will be abandoned.
Change-Id: I60539e16ca41245cf1b352f24557be1b3c67c367
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The FEAT_MTPMU feature disable runs very early after reset. This means,
it needs to be written in assembly, since the C runtime has not been
initialised yet.
However, there is no need for it to be initialised so soon. The PMU
state is only relevant after TF-A has relinquished control. The code
to do this is also very verbose and difficult to read. Delaying the
initialisation allows for it to happen with the rest of the PMU. Align
with FEAT_STATE in the process.
BREAKING CHANGE: This patch explicitly breaks the EL2 entry path. It is
currently unsupported.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I2aa659d026fbdb75152469f6d19812ece3488c6f
Moved common build options from Arm-specific file to common build
file.
Change-Id: If74b6223972ae3a6c11d9f9d2fbd8d2ee008b6e5
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
