The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.
Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.
This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.
The following changes are introduced when getc() is disabled:
- The multi-console framework no longer provides the console_getc()
function.
- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.
If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up
If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'
- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.
[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.
Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/
Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
* changes:
fix(imx8m): map BL32 memory only if SPD_opteed or SPD_trusty is enabled
feat(imx8mn): add workaround for errata ERR050362
feat(imx8m): enable snvs privileged registers access
Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
We build TF-A in CI using x86_64 Linux hosted cross toolchains:
---------------------------------------------------------------
* AArch32 bare-metal target (arm-none-eabi)
* AArch64 bare-metal target (aarch64-none-elf)
Change-Id: Ifcabb7fb9d8e13b87e164c3c1be8c8d32c31b49a
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
use common code definition and remove zynqmp local definition
for prepare_dtb in dtb flows.
Change-Id: I362b90b96852e9afccc8a2e23d3b7f709280fba7
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
presence of multiple return path in prepare_dtb results in misra c
violation 15.5: this return statement is not the final statement
in the compound statement that forms the body of the function.
prepare_dtb is refactored to address the same.
Change-Id: I17ca4314202d6ca8d6fb0c4ea2ed9d31a152371b
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
* changes:
refactor(cm): enable S-EL2 globally for all contexts
refactor(cm): remove world differentiation for EL2 context restore
fix(cm): make ICC_SRE_EL2 fixup generic to all worlds
refactor(cm): clean up SCR_EL3 and CPTR_EL3 initialization
* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash calculation
feat(mbedtls-psa): use PSA crypto API for hash verification
feat(mbedtls-psa): initialise mbedtls psa crypto
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
feat(mbedtls-psa): introduce PSA_CRYPTO build option
docs(changelog): add scope for MbedTLS PSA Crypto
Currently, S-EL2 is being enabled specifically while we are in
secure context and gets toggled up when we exit secure world.
This behavior is not ideal and needs correction.
Enabling the S-EL2 via SCR_EL3.EEL2 register setting should be
global and this patch addresses it.
Change-Id: If6c39ca258f2fefa835c4b51e0f6b68165fd2e35
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
The EL2 context save/restore functions have an optimisation to not
bother with the EL2 context when SEL2 is not in use. However, this
decision is made on the current value of SCR_EL3.EEL2, which is not
the value for the selected security state, but rather, for the
security state that came before it. This relies on the EEL2 bit's
value to propagate identically to all worlds.
This has an unintended side effect that for the first entry into
secure world, the restoring of the context is fully skipped, because
SCR_EL3 is only initialized after the call to the restoring routine
which means the EEL2 bit is not initialized (except when FEAT_RME
is present). This is inconsistent with normal and realm worlds which
always get their EL2 registers zeroed.
Remove this optimization to remove all the complexity with managing
the EEL2 bit's value. Instead unconditionally save/restore all
registers. It is worth noting that there is no performance penalty
in the case where SEL2 is empty with this change. This is because
SEL2 will never be entered, and as such no secure save/restore will
happen anyway, while normal world remains unchanged.
Removing the value management of the EEL2 bit causes the
CTX_ICC_SRE_EL2 register to be inaccessible in Secure world for some
configurations.
Make the SCR_EL3.NS workaround in cm_prepare_el3_exit_ns() generic
on every access to the register.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1f56d85814c5897b468e82d4bd4a08e3a90a7f8f
For ICC_SRE_EL2.SRE the Arm ARM specifies that "If software changes this
bit from 1 to 0, the results are UNPREDICTABLE". However, the
indiscriminate zeroing of the EL2 context does just that for Secure and
Realm worlds. Make this fixup generic to avoid the problem.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Iee21ace17faf10eae52a046e6dfafc5141fa7f85
As with MDCR_EL3, setting some bits of these registers is redundant at
reset since they do not matter for EL3 execution and the registers get
context switched so they get overwritten anyway.
The SCR_EL3.{TWE, TWI, SMD, API, APK} bits only affect lower ELs so
their place is in context management. The API and APK bits are a bit
special as they would get implicitly unset for secure world when
CTX_INCLUDE_PAUTH_REGS is unset. This is now explicit with their normal
world values being always set as PAuth defaults to enabled. The same
sequence is also added to realm world too. The reasoning is the same as
for Secure world - PAuth will be enabled for NS, and unless explicitly
handled by firmware, it should not leak to realm.
The CPTR_EL3.{ESM, EZ, TAM} bits are set by the relevant
feat_enable()s in lib/extensions so they can be skipped too.
CPTR_EL3.TFP is special as it's needed for access to generic floating
point registers even when SVE is not present. So keep it but move to
context management.
This leaves CPTR_EL3.TCPAC which affects several extensions. This bit
was set centrally at reset, however the earliest need for it is in BL2.
So set it in cm_setup_context_common(). However, this CPTR_EL3 is only
restored for BL31 which is clearly not the case. So always restore it.
Finally, setting CPTR_EL3 to a fresh RESET_VAL for each security state
prevents any bits from leaking between them.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Ie7095e967bd4a6d6ca6acf314c7086d89fec8900
Always map the BL32 memory can interfere with the BL33 mapping if the
BL33 is not aware of the mapping, e.g. different memory tagging
secure/non-secure. Therefore map the memory only if BL32 (opteed,
trusty) is enabled and BL33 is aware of this memory mapping.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I9c2bf78aa6e88c93e749a9248724186fee9df864
Port the workaround from the downstream imx-atf [1]:
| commit 1990081264f40822d1564f4562f05bbbc0c2941b
| Author: Ji Luo <ji.luo@nxp.com>
| Date: Thu May 20 16:26:55 2021 +0800
|
| MA-19071 imx8mn: workaround for errata ERR050362
|
| Configure the force_incr programmable bit in GPV_5 of PL301_display,
| which fixes partial write issue. This workaround was done in MCU FW
| before, move it to TF-A now as MCU should not touch secure world.
|
| Change-Id: I2e5bbc764640afeab6ac2f4b202939b59bd3b3f2
| Signed-off-by: Ji Luo <ji.luo@nxp.com>
[1] https://github.com/nxp-imx/imx-atf.git
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: Iaff5f1faa143204d64c075b288f8dd13eb2902d8
Allow non-privileged access to all SNVS registers in case of no TEE is
available.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I44686a3639a68c72c7eacc80691c294d5c32c9ae
- Fix the name of the user account under which the CI bot posts
review comments.
- The CI has now transitioned to trustedfirmware.org so CI results
are publically accessible.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I53dd93e200c9e119b5df6bbaf2644485cde57ce5
A PSA crypto API is used for signature verification, namely
psa_verify_message, which calculates the signature and verify it
for the given signed message.
Note, this functionality is as of now tested for RSA based Key
algorithm, subsequent patches will provide the signature verification
support for all the key algorithms available in TF-A (provided by KEY_ALG
build option).
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I16214e3cac6a7af445530a6dbd66cfc6ceedcfc6
A PSA crypto API is used for hash verification, namely
'psa_hash_compute', which internally calculates hash of the given
data payload.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic90e43e68b836ee2add4b868663cfca2340c8108
A PSA crypto API is used for hash verification, namely
psa_hash_verify, which internally calculates and verifies the hash
of the given data payload.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib48aa6b74b59aea6036333ff00f6ca566b910e60
Initialised Mbedtls PSA cryto during Crypto init using
function call 'psa_crypto_init'.
MbedTLS currently requires a Random Number Generator (RNG) once
PSA Crypto support is enabled. However, TF-A itself doesn't engage
in cryptographic operations that demand randomness. Consequently,
we simulate the presence of an external TRNG (through the configuration
option 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) while, in reality, we offer
a dummy implementation of mbedtls_psa_external_get_random() that always
returns an error.
Change-Id: Ife6d03909c0e6081438d2b2519ef500e5dcdb88f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
An ad-hoc MbedTLS PSA crypto driver is registered by compiling
a new driver file, namely mbedtls_psa_crypto.c when PSA_CRYPTO=1.
As of now, this file is the same as mbedtls_crypto.c, but subsequent
patches will update crypto functions in this file to trigger
PSA crypto APIs.
Change-Id: I404c347990661d87dcf5d0501d238e36914ec3ee
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001 to the PF_MODE bits
in the IMP_CPUECTLR2_EL1 register. This places the data prefetcher
in the most conservative mode instead of disabling it.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I337c4c7bb9221715aaf973a55d0154e1c7555768
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Add VERSION_PATCH macro in Makefile. This will help LTS releases.
While at it, handle VERSION_PATCH macro in .versionrc.js script.
Change-Id: Id3ec359f7768a90ba5c67e35d29736a46eb402b5
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Address an issue where incorrect macro name is being used for
setting the UART buad rate. Updated the code to use the
appropriate macro name, ensuring that baud rate name is proper.
Fixes: 04a483359f ("feat(xilinx): sync macro names")
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I27dd8b1559beb0cf7b872de037adc95a948ecc2f
This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
when PSA_CRYPTO=1.
Also, marked PSA_CRYPTO as an experimental feature.
Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added scope for MbedTLS PSA Crypto API implementation.
Change-Id: I0a7c6242841dfb94f6ca5e9174ffd520c5fe00fa
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): update comment on encryption key
fix(st): allow crypto lib compilation in aarch64
fix(st-uart): allow 64 bit compilation
fix(st): reduce MMC block_buffer
fix(stm32mp13-fdts): cosmetic fixes in PLL nodes
fix(st): update dt_get_ddr_size() type
fix(nand): reset the SLC NAND
fix(st-crypto): do not read RNG data if it's not ready
SMCCCv1.3 introduces SVE hint bit that denotes the absence of SVE
specific live state. Update the SMC function ID with SVE hint bit if it
is set the flags and pass it to RMM.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: Ibb1d73440ed1e2283a103cfd2c4592be5d3a74cb
To ensure that all explicit memory accesses are complete before udelay,
insert dsb before udelay.
Change-Id: If119e920e29539ae8b68d3c44c8f77b5bf424a1a
Signed-off-by: Karl Li <karl.li@mediatek.com>
This patch enables Scalable Matrix Extension (SME) for RMM. RMM will
save/restore required registers that are shared with SVE/FPU register
state so that Realm can use FPU or SVE.
The Relevant RMM support can be found here :
https://github.com/TF-RMM/tf-rmm/commit/0ccd7ae58b00
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I3bbdb840e7736dec00b71c85fcec3d5719413ffd
If console is not found there is no way where to print information about
it. Currently only cdns/dcc/pl011 uarts are supported that's why remove
the message which none can see anyway.
But keep "else" part with comment to avoid misra c rule 15.7 violation
which is also missing in Versal NET implementation.
Change-Id: I78e3baffd2288d2a4673099bf193f22029912840
Signed-off-by: Michal Simek <michal.simek@amd.com>
Update version and release schedule for the upcoming TF-A
release v2.10.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I505fbb034a74ce1cc6bc20efdd26803e6fb8c0c1
* changes:
refactor(el3-runtime): plat_ic_has_interrupt_type returns bool
fix(el3-runtime): leverage generic interrupt controller helpers
fix(gicv3): map generic interrupt type to GICv3 group
chore(gicv2): use interrupt group instead of type
Remove the dcc_console_init() function. The initialization function
is not being used and serves no purpose.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I056d09e153998d686d3b95ad39c563f797184c18
Revise the AST2700 boot flow to the RESET_TO_BL31 scheme.
The execution of BL1/2 can be saved from ARM CA35 while most
low level platform initialization are moved to a preceding MCU.
This patch updates the build configuration and also adds
the SMP mailbox setup code to hold secondary cores until
they are being waken up.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: I7e0aa6416b92b97036153db1d9a26baaa41b7b18
