Top level sections are not numbered. Adding numbers makes referring to
sections easier. For example the Maintainers page changes from
"about/3.1" to simply "1.3.1".
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: If90a18ee8d6a6858d58f0687f31ea62b69399e04
The Getting started section is very difficult to follow. Building the
fip comes before building the files it needs, the BL33 requirement is
given in a somewhat hand wavy way, and the Arm Developer website
download provides a lot of targets and the guide is not clear which ones
are needed on download.
Swapping the initial build and supporting tools sections makes the flow
more natural and the supporting tools section then becomes clear.
Explicitly mentioning the GCC targets avoids confusion for people less
familiar with the project (eg. new starters).
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I02e88f8c279db6d8eda68f634e8473c02b733963
Using virtual environments with pip is a generally recommended good
practice but the docs do not acknowledge it. As a result fresh installs
might fail builds due to missing $PATH entries. The Prerequisites
section is also a bit verbose which is difficult to read.
This patch adds the virtual environment mention and clarifies wording.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iea447fb59dc471a502454650c8548192d93ba879
Some newer versions of sphinx (tried on v5.3) will warn about language
being None which will fail the build. Change it to the default (en) to
prevent this.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ie0570481f42aeb293e885ca936e0765f6cb299a8
sphinx-build is passed a blanket "." to build all docs. However, if a
virtual environment is placed within the docs directory, sphinx will try
to build it which will fail due to some weird files it has.
This excludes the most common virtual environment directories from the
build to prevent this.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ieeb14cfc5730d21c986611feb0ed379c58dfcae2
Since commit 94b2f94bd6 ("feat(libfdt): upgrade libfdt source files"),
8-byte alignment of the FDT address is enforced to follow the DT
standard.
Rockchip implementation of params_early_setup loads the FDT address as
passed by the bootloader into a buffer. This buffer is currently made of
uint8_t which means it is not 8-byte aligned and might result in
fdt_open_into failing.
Instead, let's make this buffer uint64_t to make it 8-byte aligned.
Cc: Quentin Schulz <foss+tf-a@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Change-Id: Ifcf0e0cf4000e3661d76d3c3a2fe3921f7fe44b9
We don't need CONDITIONAL_CMO for aarch32 so let's remove it.
Signed-off-by: Okash Khawawja <okash@google.com>
Change-Id: I256959d7005df21a850ff7791c8188ea01f5c53b
plat_can_cmo must not clobber x1 but the doc doesn't mention that. This
patch updates the doc to mention x1. It also adds check for plat_can_cmo
to `dcsw_op_louis` which was missed out in original patch.
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I721376bf3726520d0d5b0df0f33f98ce92257287
The code managing legacy boot (without FIP) that was under
STM32MP_USE_STM32IMAGE flag is remove.
Change-Id: I04452453ed84567b0de39e900594a81526562259
Signed-off-by: Yann Gautier <yann.gautier@st.com>
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
feat(stm32mp1): add the platform specific build for tools
fix(stm32mp13-fdts): remove secure status
feat(stm32mp1-fdts): add CoT and fuse references for authentication
feat(stm32mp1): add a check on TRUSTED_BOARD_BOOT with secure chip
feat(stm32mp1): add the decryption support
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
feat(stm32mp1): update ROM code API for header v2 management
feat(stm32mp1): remove unused function from boot API
refactor(stm32mp1): remove authentication using STM32 image mode
fix(fconf): fix type error displaying disable_auth
feat(tbbr): increase PK_DER_LEN size
fix(auth): correct sign-compare warning
feat(auth): allow to verify PublicKey with platform format PK
feat(cert-create): update for ECDSA brainpoolP256r/t1 support
feat(stm32mp1): add RNG initialization in BL2 for STM32MP13
feat(st-crypto): remove BL32 HASH driver usage
feat(stm32mp1): add a stm32mp crypto library
feat(st-crypto): add STM32 RNG driver
feat(st-crypto): add AES decrypt/auth by SAES IP
feat(st-crypto): add ECDSA signature check with PKA
feat(st-crypto): update HASH for new hardware version used in STM32MP13
In case of platform specific usage for both fiptool or certtool,
we need to ensure that the Makefile will use the correct rule
to generate the binary. Add the explicit call to the "all" rule.
Change-Id: I9724b63e01b3497daaedb9365c7d6a494aac9561
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add cert_create and fiptool specific files to add the platform
addons to the generic tools.
Change-Id: Ifa600241cdf32b495cc65edccddab47c3796b77d
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Remove the secure status for PKA and SAES entries.
The peripherals are used in BL2 at EL3, context will
remain secure only.
Change-Id: I79d95bc55a9afd27f295249936d7bc332c777f5e
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add the stm32mp1 CoT description file. Include the TRUSTED_BOARD_BOOT
entry in the platform device tree file.
Add the missing public root key reference for stm32mp15 and the
encryption key reference for stm32mp13.
Change-Id: I0ae2454979a3df6dd3e4361510317742e8fbc109
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add a security check to enforce the usage of TRUSTED_BOARD_BOOT
on closed device. It will guarantee the secure bootchain.
Change-Id: Id6120d0e5041e8f2d3866e5710876ec96b6d0216
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add the decryption support for STM32MP1 binaries.
Decryption is limited to the BL32 loaded images.
Limitation: STM32MP15 doesn't support the feature.
Change-Id: I96800bac7b22109f8471eb2953fc0dc269fc4fd1
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add the support of the TRUSTED_BOARD_BOOT to authenticate the loaded
FIP using platform CoT management.
It adds TBB platform definition, redefining the standard image ID in
order to decrease requested size in BL2 binary.
Authentication will use mbedTLS library for parsing certificate
configured with a platform configuration.
Change-Id: I9da66b915c5e9e9293fccfce92bef2434da1e430
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add the new definition field for authentication used in header V2
on STM32MP13.
Change-Id: Id8f0c2584ca9b74b0d21d82c9a98d286500548c4
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Remove old library access from ROM library that is no more
used.
Change-Id: I9b91f1efd6ff9d311b69ca36f60474f01268c221
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Remove deprecated authentication mode to use the FIP authentication
based on TBBR requirements. It will use the new crypto library.
Change-Id: I95c7baa64ba42c370ae136f59781f2a7a4c7f507
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
disable_auth is defined as uint32_t and must be displayed
as an unsigned int.
lib/fconf/fconf_tbbr_getter.c:
In function ‘fconf_populate_tbbr_dyn_config’:
include/common/debug.h:46:41: error:
format ‘%d’ expects argument of type ‘int’, but argument 3 has
type ‘uint32_t’ {aka ‘unsigned int’} [-Werror=format=]
46 | #define LOG_MARKER_WARNING "\x1e" /* 30 */
| ^~~~~~
include/common/debug.h:77:32: note:
in expansion of macro ‘LOG_MARKER_WARNING’
77 | # define WARN(...) tf_log(LOG_MARKER_WARNING __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~
lib/fconf/fconf_tbbr_getter.c:47:17: note:
in expansion of macro ‘WARN’
47 | WARN("Invalid value for `%s` cell %d\n",
| ^~~~
include/common/debug.h:48:41: error:
format ‘%d’ expects argument of type ‘int’, but argument 5 has
type ‘uint32_t’ {aka ‘unsigned int’} [-Werror=format=]
48 | #define LOG_MARKER_VERBOSE "\x32" /* 50 */
| ^~~~~~
include/common/debug.h:58:32: note:
in definition of macro ‘no_tf_log’
58 | tf_log(fmt, ##__VA_ARGS__); \
| ^~~
include/common/debug.h:91:35: note:
in expansion of macro ‘LOG_MARKER_VERBOSE’
91 | # define VERBOSE(...)
| no_tf_log(LOG_MARKER_VERBOSE __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~
lib/fconf/fconf_tbbr_getter.c:74:9: note:
in expansion of macro ‘VERBOSE’
74 | VERBOSE("%s%s%s %d\n","FCONF: `tbbr.", "disable_auth",
| ^~~~~~~
cc1: all warnings being treated as errors
Change-Id: I0164ddfe511406cc1a8d014a368ef3e3c5f8cd27
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Public key brainpool ECDSA DER certificate are 92 byte long.
OID for brainpool curve are 1 byte bigger than the one for NIST curve.
Change-Id: Ifad51da3c576d555da9fc519d2df3d9a0e6ed91b
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Correct the warning due to comparison between signed and
unsigned variable.
drivers/auth/mbedtls/mbedtls_x509_parser.c: In function 'get_ext':
drivers/auth/mbedtls/mbedtls_x509_parser.c:120:30:
error: comparison of integer expressions of different
signedness: 'int' and 'size_t' {aka 'unsigned int'}
[-Werror=sign-compare]
120 | if ((oid_len == strlen(oid_str)) && !strcmp(oid, oid_str)) {
| ^~
Change-Id: Ic12527f5f92a34e925bee3047c168eacf5e99d8a
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
In some platform the digest of the public key saved in the OTP is not
the digest of the exact same public key buffer needed to check the
signature. Typically, platform checks signature using the DER ROTPK
whereas some others add some related information. Add a new platform
weak function to transform the public key buffer used by
verify_signature to a platform specific public key.
Mark this new weak function as deprecated as it will be replaced
by another framework implementation.
Change-Id: I71017b41e3eca9398cededf317ad97e9b511be5f
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Updated cert_tool to be able to select brainpool P256r/t1
or NIST prim256v1 curve for certificates signature.
Change-Id: I6e800144697069ea83660053b8ba6e21c229243a
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
* changes:
fix(mt8188): add mmap entry for CPU idle SRAM
fix(mt8188): refine gic init flow after system resume
fix(mt8186): fix the DRAM voltage after the system resumes
feat(mt8188): add audio support
refactor(mt8195): use ptp3 common drivers
feat(mt8188): add support for PTP3
feat(mt8188): enable MTK_PUBEVENT_ENABLE
Initialize RNG driver at platform level for STM32MP13.
Change-Id: I64832de43e5f6559a12e26680142db54c88f0b9e
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@foss.st.com>
Remove unused mode for HASH driver. The driver will only be
used in BL2 scope.
Change-Id: I1fce09cdaa9da0c11554ac5f73433b4bee776011
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add the crypto library for STM32MP1 to use STM32 hardware
accelerators.
Change-Id: I0bbb941001242a6fdc47514ab3efe07b12249285
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
This driver manages the STM32 Random Number Generator
peripheral.
Change-Id: I4403ebb2dbdaa8df993a4413f1ef48eeba00427c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add code to be able to use STMicroelectronics SAES IP. This driver
can manage many AES algorithms (CBC, ECB, CCM, GCM). It will be used
by the authenticated decryption framework (AES-GCM only).
Change-Id: Ibd4030719fb12877dcecd5d2c395d13b4b15c260
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Add code to be able to use STMicroelectronics PKA peripheral
in the authentication framework.
Change-Id: Ifeafe84c68db483cd18674f2280576cc065f92ee
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Introduce new flag to manage hardware version.
STM32MP15 currently uses the HASH_V2 and STM32MP13 uses the HASH_V4.
For STM32_HASH_V4: remove MD5 algorithm (no more supported) and
add SHA384 and SHA512.
For STM32_HASH_V2: no change.
Change-Id: I3a9ae9e38249a2421c657232cb0877004d04dae1
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
CPU PM driver accesses CPU idle SRAM during the system suspend
process. The region of CPU idle SRAM needs to be added as mmap entry.
Otherwise, the execption would occur.
BUG=b:244215539
TEST=Test of suspend resume passes.
Signed-off-by: Liju-Clr Chen <liju-clr.chen@mediatek.com>
Change-Id: I5838964fd9cb1b833e4006e2123febb4a4601003
Call gicv3_distif_init() instead of mt_gic_init() in
armv8_2_mcusys_pwr_on_common(). This is to prevent
gicv3_rdistif_init() and gicv3_cpuif_enable() from being called twice
in the power-on flow. gicv3_rdistif_init() and gicv3_cpuif_enable()
are called in later armv8_2_cpu_pwr_on_common().
BUG=b:244215539
TEST=Suspend Resume Test pass
Change-Id: Id752c1ccbb9eab277ed6278c2dd90a051a894146
Signed-off-by: Liju-Clr Chen <liju-clr.chen@mediatek.com>
The DRAM power supply must sustain at 0.8V after the system resumes.
Otherwise, unexpected errors would occur. Therefore, we update the
DRAM voltage to 0.8v in PMIC voltage wrap table.
BUG=b:253537849
TEST=Suspend Resume Test
Signed-off-by: Allen-KH Cheng <allen-kh.cheng@mediatek.corp-partner.google.com>
Change-Id: Idd42d5a2d646468822e391e48d01d870c3b7f0d3
For MT8188, MTK_AUDIO_SMC_OP_DOMAIN_SIDEBANDS is required for normal
mode switch.
- Add audio common code and chip specific code.
- Add new id (MTK_SIP_AUDIO_CONTROL) to mtk_sip_def.h.
- Enable for MT8188.
Signed-off-by: Trevor Wu <trevor.wu@mediatek.com>
Change-Id: Iff4680cd0b520b2b519ecf30ecafe100f147cc62
Some 8195 ptp3 drivers are the same in plat/mediatek/drivers/ptp3, so
add this patch to reuse them.
Change-Id: I2b1801a73b6a2979e20d49d314c57f663dc5bf04
Signed-off-by: Liju-Clr Chen <liju-clr.chen@mediatek.com>
Add PTP3 driver to protect CPU from excessive voltage drop in CPU
heavy loading.
Signed-off-by: Riven Chen <riven.chen@mediatek.corp-partner.google.com>
Change-Id: I394096be43e1d1d615f99b22f38f0b3ae0bb40c1
Enable MTK_PUBEVENT_ENABLE for subscribing CPUPM events. This
patch also corrects the header file naming.
Signed-off-by: Bo-Chen Chen <rex-bc.chen@mediatek.com>
Change-Id: Iabd89a4ead21ccafa833390367484bfea5d351f6
When updated to work with OpenSSL 3.0, the host tools lost their
compatibility with previous versions (1.x) of OpenSSL. This is
mainly due to the fact that 1.x APIs became deprecated in 3.0 and
therefore their use cause compiling errors. In addition, updating
for a newer version of OpenSSL meant improving the stability
against security threats. However, although version 1.1.1 is
now deprecated, it still receives security updates, so it would
not imply major security issues to keep compatibility with it too.
This patch adds backwards compatibility with OpenSSL 1.x versions
by adding back 1.x API code. It defines a macro USING_OPENSSL3,
which will select the appropriate OpenSSL API version depending on
the OpenSSL library path chosen (which is determined by the
already-existing OPENSSL_DIR variable).
In addition, cleanup items were packed in functions and moved to
the proper modules in order to make the code more maintainable and
legible.
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I8deceb5e419edc73277792861882404790ccd33c
