StandaloneMM partition requires that the first memory region in its list
of reserved memory regions describe the full partition layout. Hafnium
SPMC checks that memory regions in FF-A manifest do not overlap.
Therefore, this region is added directly in HOB generation code rather
than as a memory region in the FF-A manifest for the StMM partition.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: Ia22174d755a5776e20ecf9639584f3c08cf9e60e
Specify endianness encoding when packing HOB binary. Little-endian is
used as target platforms are expected to be little-endian.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I28d7b302f79482ed142c1964409c310f713a9b8c
If the "hob_path" has been introduced in the `args`
dictionary, use it when creating a Transfer List
type of package.
Create a HOB entry in the transfer list with the
respective transfer entry type.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Ie5fefe90205cf89ee26c3683048bf42229cb4bee
Add an SP setup function that invokes the HOB creation
utilities.
It introduces an argument "hob_path" to the shared dictionary of args
with the location of the generated binary containing the HOB list.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I26a07027b6344c9d7ba732d022932736a62e2505
Add python library to build the Handoff Block list (HOB list) for an SP
at build time.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I17d46f7ed21ce42a83f33dfdc4fad038653d1ec3
This change refactors the memmap tool into a Poetry project, with its
own dependencies. You can continue to run it manually with:
poetry run memory <args>
Change-Id: I346283df1b8bfad4babc1f5a3861dab94d4a006a
Signed-off-by: Chris Kay <chris.kay@arm.com>
Generate the rules for calling 'tlc' tool, and generating
a partition package as a TL:
- The data is aligned to 4k.
- Using TE types 0x103 for FF-A manifest, and 0x106 for
FF-A SP binary.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I1941e3e8f43d8dad33cdd0dea0571cf4a0d5e8f3
Calculate the secure partition number and saves it into the defined
macro NUM_SP.
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>
Change-Id: I4175a10d315482b65fd0f3eed4c6fd1e1e2b5e4d
For a couple of releases now we have officially withdrawn support for
building TF-A on Windows using the native environment, relying instead
on POSIX emulation layers like MSYS2, Mingw64, Cygwin or WSL.
This change removes the remainder of the OS compatibility layer
entirely, and migrates the build system over to explicitly relying on a
POSIX environment.
Change-Id: I8fb60d998162422e958009afd17eab826e3bc39b
Signed-off-by: Chris Kay <chris.kay@arm.com>
This resolves Dependabot vulnerability alert #19, resolving a DoS issue
in a dependency of pytest.
Change-Id: I2959da88d3d0422e15d25df5820dfd91f474d6ca
Signed-off-by: Chris Kay <chris.kay@arm.com>
By default, the ECDSA Brainpool regular and ECDSA Brainpool twisted
algorithms support 256-bit sized keys. Not defining this leads to
an error indicating that '256' is not a valid key size for ECDSA
Brainpool. KEY_SIZES matrix must have a value in its table to avoid
problems when KEY_SIZE is defined.
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I34886659315f59a9582dcee1d92d0e24d4a4138e
Provide the 'flags' from the arguments of the create
command to the TransferList __init__ function.
This is so that the '--flags' argument to the tool is actually
used.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Ic3f548e0ce7e704b3a12c2908f03d6a639bfa6f0
In tools directory, contrary to other parts of TF-A code,
LOG_LEVEL_NOTICE is 20, and LOG_LEVEL_ERROR is 10. If LOG_LEVEL is
set to 10, which is the case if BUILD_INFO=0, then we can have this
compilation warning:
src/main.c:29:19: warning: ‘build_msg’ defined but not used
[-Wunused-const-variable=]
29 | static const char build_msg[] = "Built : " __TIME__ ",
" __DATE__;
| ^~~~~~~~~
Avoid that by putting it under '#if LOG_LEVEL >= LOG_LEVEL_NOTICE'.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ic724610d6df811fc889775dbd361087e0958d31e
Relax entry addition from YAML files to allow the addition of
entries not known to the tool. It is not possible to keep track of
every possible TE, and a user might want to add an entry that hasn't
yet been specified.
Change-Id: Ib5d227bc41cd3dd8b530699c1bab3165a3114a3c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Extended the command line interface to receive an alignment
argument.
TLC tool will align the data of the TEs accordingly.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I281b0b4c1851d58377bf6b31fcee03ee2f53367b
Add void entries to ensure proper alignment of data in the TL,
addressing runtime errors caused by previously unaccounted padding bytes
between TE's.
Change-Id: Id2acee8f4df0dcc52eedc4372b962a51acb9d8ce
Signed-off-by: J-Alves <joao.alves@arm.com>
Co-authored-by:: Harrison Mutai <harrison.mutai@arm.com>
Fix the handoff 8-bit modulo checksum calculation to ensure we never get
a checksum larger than 8 bits. The previous calculation failed to
truncate the sum at the final step in update_checksum
Change-Id: Ice0b72eb139af90f416adeff157d337646d6201a
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
To facillitate our testing, add some fixtures to make it easier to
generate transfer entry data.
Change-Id: Ieb76e54e69f410f4f7e1b55fc2cff282e592d1a4
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Generated this change-log using below command:
npm run release -- --skip.commit --skip.tag --release-as 2.12.0
Change-Id: Idb74f6a31bf2691e7666e2738030d6f0e2b8c519
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
On some version of openSSL (1.1.1 or 1.1.0), OPENSSL_init_crypto()
called by ENGINE_load_builtin_engines() will not automatically load the
configuration. Fix this behavior by calling OPENSSL_init_crypto with
OPENSSL_INIT_LOAD_CONFIG as a parameter.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Change-Id: I2e4c0d646e540d039e9c72fd7814384b17de6dd5
Since 2f1c5e7eb1 ("build: use GCC to link by default") the
code does not even compile with GCC14 on debian/unstable with
the following error:
/usr/lib/gcc-cross/aarch64-linux-gnu/14/../../../../aarch64-linux-gnu/bin/ld: bootparam_sa0.elf: error: PHDR segment not covered by LOAD segment
/usr/lib/gcc-cross/aarch64-linux-gnu/14/../../../../aarch64-linux-gnu/bin/ld: cert_header_sa6.elf: error: PHDR segment not covered by LOAD segment
Fix the tools build.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Change-Id: I830b53e23f25c62da3583c1c3e02e0607a237d15
Introduce the gen-header command to the tool, enabling developers to
create language bindings. Currently, it supports generating C headers
from a transfer list.
Change-Id: Ibec75639c38577802d5abe55c7bc718740aad2b8
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Add tox to automate testing across multiple environments, ensuring code
robustness and compatibility with different Python versions. This helps
ensure consistency in test environments so both development and CI
systems run tests uniformly, and simplifies the execution of tasks like
linting and other commands with a single command.
Change-Id: I522adb486e89abecb9a130941ce4cef31332193a
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Since the introduction of the toolchain detection framework into the
build system, we have done determination and identification of the
toolchain(s) used for the build at the initialization of the build
system.
This incurs a large cost to the build every time - for every toolchain
that has been requested by the current makefile, we try to identify each
tool in the list of known tool classes, even if that tool doesn't
actually see any use.
For the clean and check-like targets we worked around this by disabling
most of the toolchains if we detect these targets, but this is
inflexible and not very reliable, and it still means that when building
normal targets we are incurring that cost for all tools whether they are
used or not.
This change instead modifies the toolchain detection framework to only
initialize a tool for a given toolchain when it is first used. This does
mean that we can no longer warn about an incorrectly-configured
toolchain at the beginning of build system invocation, but it has the
advantage of substantially reducing build time and the complexity of
*using* the framework (at the cost of an increase in complexity in the
framework itself).
Change-Id: I7f3d06b2eb58c1b26a846791a13b0037f32c8013
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change fixes several breakages that were introduced in some build
configurations by the introduction of the cot-dt2c tool.
Some Python environments cannot be managed directly via `pip`, and
invocations of `make`, including `make distclean`, would cause errors
along the lines of:
error: externally-managed-environment
× This environment is externally managed
╰─> To install Python packages system-wide, try apt install
python3-xyz, where xyz is the package you are trying to
install.
This change has been resolved by ensuring that calls to the cot-dt2c
tool from the build system happen exclusively through Poetry, which
automatically sets up a virtual environment that *can* be modified.
Some environments saw the following error when building platforms where
the cot-dt2c tool was used:
make: *** No rule to make target '<..>/debug/bl2_cot.c', needed
by '<..>/debug/bl2/bl2_cot.o'. Stop.
Additionally, environments with a more recent version of Python saw the
following error:
File "<...>/lib/python3.12/site-packages/cot_dt2c/cot_parser.py",
line 637, in img_to_c
if ifdef:
^^^^^
NameError: name 'ifdef' is not defined
Both of these errors have now been resolved by modifications to the
build system and the cot-dt2c tool to enable preprocessing of the device
tree source file before it is processed by the tool.
As a consequence of this change, the `pydevicetree` library is no longer
vendored into the repository tree, and we instead pull it in via a
dependency in Poetry.
This change also resolves several MyPy warnings and errors related to
missing type hints.
Change-Id: I72b2d01caca3fcb789d3fe2549f318a9c92d77d1
Signed-off-by: Chris Kay <chris.kay@arm.com>
Update the test files to eliminate the use of preprocessor macros,
as the tool now requires processed output. The documentation has
also been revised accordingly.
Additionally, remove the Device Tree Source test files that were
added to test the #ifdef conditions.
Change-Id: I13a682db20e5e44170fc25a2e2dbedd45b9c7321
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Add the standalone CoT dt2c tool for CoT DTB conversion to
c file
Change-Id: If28e580a4c2825f5dc9008e93cd2aae3fc173e73
Signed-off-by: Xialin Liu <Xialin.Liu@ARM.com>
This commit adds a command create-from-yaml to tlc, which
creates a transfer list from a yaml file. It also changes
the files structure of the fixtures in the unit tests so
they are in a directory called trusted-firmware-a. This
is necessary because blob file paths in the yaml file are
relative to the root of TF-A.
The blob files are not verified by TLC, so it can be used
to load arbitrary binary information into the transfer
list. The authenticity of the transfer list must be
ensured by the loader.
Change-Id: Idf704ce5d9b7e28b31f471ac337e4aef33d0ad8a
Signed-off-by: Charlie Bareham <charlie.bareham@arm.com>
This makes the build reproducible.
When `make dev-install` was run, it would ignore the existing
poetry lock file, install different versions of all the
libraries, then overwrite the lock file. Once `--no-update`
is added, it stops doing that, and installs exactly what is
in the poetry lock file.
Change-Id: If62637a40504d23deb47a05347a272e1c13bf41e
Signed-off-by: Charlie Bareham <charlie.bareham@arm.com>
Transfer List Compiler is a command line tool that enables the static
generation of TL's compliant with version 0.9 of the firmware handoff
specification. The intent of this tool is to support information passing
via the firmware handoff framework to bootloaders that run without
preceding images (i.e. `RESET_TO_BL31`).
It currently allows for TL's to be statically generated from blobs of
data, and modified by removing/adding TE's. Future work will provide
support for TL generation from configuration file.
Change-Id: Iff670842e34c9ad18eac935248ee2aece43dc533
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Co-authored-by: Charlie Bareham <charlie.bareham@arm.com>
This commit streamlines directory creation by introducing a single
pattern rule to automatically make directories for which there is a
dependency.
We currently use several macros to generate rules to create directories
upon dependence, which is a significant amount of code and a lot of
redundancy. The rule introduced by this change represents a catch-all:
any rule dependency on a path ending in a forward slash is automatically
created.
Now, rules can rely on an unordered dependency (`|`) on `$$(@D)/` which,
when secondary expansion is enabled, expands to the directory of the
target being built, e.g.:
build/main.o: main.c | $$(@D)/ # automatically creates `build/`
Change-Id: I7e554efa2ac850e779bb302fd9c7fbb239886c9f
Signed-off-by: Chris Kay <chris.kay@arm.com>
This is a small change to split up the generation of the RZ/G layout
images into unique targets. This is predominantly for cleanliness
reasons - Make current doesn't know about the `.bin` and `.srec`
binaries generated by the `.elf` target.
Change-Id: I81251ac647b85c5eec8f910ddc841a5a32b49e67
Signed-off-by: Chris Kay <chris.kay@arm.com>
This is a small change to split up the generation of the R-Car layout
images into unique targets. This is predominantly for cleanliness
reasons - Make current doesn't know about the `.bin` and `.srec`
binaries generated by the `.elf` target.
Change-Id: I624bc0c62e99cead66a6d6e25ff016aecf6b985a
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change avoids generating a build message source file on the shell,
instead using the `__DATE__` and `__TIME__` macros directly.
Change-Id: Ida537d4c3e550f2fbbd977472ed6573491d17c23
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change avoids generating a build message source file on the shell,
instead using the `__DATE__` and `__TIME__` macros directly.
Change-Id: Ieda75bbac174847c716701bce8dd10b8e9975902
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change introduces a few helper variables for dealing with verbose
and silent build modes: `silent`, `verbose`, `q` and `s`.
The `silent` and `verbose` variables are boolean values determining
whether the build system has been configured to run silently or
verbosely respectively (i.e. with `--silent` or `V=1`).
These two modes cannot be used together - if `silent` is truthy then
`verbose` is always falsy. As such:
make --silent V=1
... results in a silent build.
In addition to these boolean variables, we also introduce two new
variables - `s` and `q` - for use in rule recipes to conditionally
suppress the output of commands.
When building silently, `s` expands to a value which disables the
command that follows, and `q` expands to a value which supppresses
echoing of the command:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed but not echoed'
When building verbosely, `s` expands to a value which disables the
command that follows, and `q` expands to nothing:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed and echoed'
In all other cases, both `s` and `q` expand to a value which suppresses
echoing of the command that follows:
$(s)echo 'This command is executed but not echoed'
$(q)echo 'This command is executed but not echoed'
The `s` variable is predominantly useful for `echo` commands, where you
always want to suppress echoing of the command itself, whilst `q` is
more useful for all other commands.
Change-Id: I8d8ff6ed714d3cb401946c52955887ed7dca602b
Signed-off-by: Chris Kay <chris.kay@arm.com>
Generated this change-log using below command:
npm run release -- --skip.commit --skip.tag --release-as 2.11.0
Change-Id: I34c7b342549781057da1b18116500f110bc3f5ad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <JuanPablo.Conde@arm.com>
