Our documentation currently says that new security advisories will be
announced on the project's issue tracker. However, this issue tracker
is barely used by TF-A community and the software it is based on is
getting deprecated. Thus from now on, security advisories will rather
be announced on the project's mailing list.
Update TF-A documentation to reflect that.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: If2f635795e0af4c794015a025899bfcc7116ab38
Neoverse N2 erratum 2743089 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
insert a dsb before the isb in the power down sequence.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Idec862226bd32c91374a8bbd5d73d7ee480a34d9
When a platform decides to use FEAT_RNG_TRAP, every RNDR or RNDRSS read
will trap into EL3. The platform can then emulate those instructions, by
either executing the real CPU instructions, potentially conditioning the
results, or use rate-limiting or filtering to protect the hardware
entropy pool. Another possiblitiy would be to use some platform specific
TRNG device to get entropy and returning this.
To demonstrate platform specific usage, add a demo implementation for the
FVP: It will execute the actual CPU instruction and just return the
result. This should serve as reference code to implement platform specific
policies.
We change the definition of read_rndr() and read_rndrrs() to use the
alternative sysreg encoding, so that all assemblers can handle that.
Add documentation about the new platform specific RNG handler function.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Ibce817b3b06ad20129d15531b81402e3cc3e9a9e
Cortex-A78 erratum 2772019 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1401784/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0362da463eca777aa7a385bcdeb39b8549799f02
Neoverse V1 erratum 2743093 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1401781/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I8ee7c16c14c4fd6ee35d20c855273ecfce0d1b32
* changes:
docs(build): describes the SPMC_OPTEE build option
feat(qemu): support el3 spmc
feat(el3-spmc): make platform logical partition optional
feat(qemu): support s-el2 spmc
feat(qemu): update abi between spmd and spmc
fix(sptool): add dependency to SP image
Explains that the SPMC_OPTEE build option is used to load the SPMC at
S-EL1 using an OP-TEE specific mechanism.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I71757d2d9ac98caf0ac6d8e64b221adaa0f70846
When -Wextra was added, the warning levels changed their meaning. Add a
description in the build option section and leave the security hardening
section as mostly a pointer to it.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iabf2f598d0bf3e865c9b991c5d44d2acb9572bd5
Updating documentation to reflect the new ARM_ROTPK_LOCATION variant of
the full ROTPK, as opposed to the hash of it.
Change-Id: I0f83c519bd607ef1270c7d30ee9bc55451ce4ae2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Cortex-X2 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1775100/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ib02688f7b6dc7f6ec305e68e8895174f6fd577a0
Cortex-A710 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.
SDEN documentation:
https://developer.arm.com/documentation/SDEN1775101/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: If17fe04d3fda0dba6b8aabdd837a1c53e1830ed5
This patch also:
* Enforces the check of RES0 fields on EL3-RMM boot interface
and manifest
* Fixes a couple of nits on the EL3-RMM Boot Interface
documentation.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Idb9e38f9fcda2ba0655646a1e2c4fdbabd5cdc40
This patch adds support for RMM granules allocation
in FVP 2nd DRAM 2GB bank at 0x880000000 base address.
For ENABLE_RME = 1 case it also removes "mem=1G"
Linux kernel command line option in fvp-base-psci-common.dsti
to allow memory layout discovery from the FVP device tree.
FVP parameter 'bp.dram_size' - size of main memory in gigabytes
documented in docs/components/realm-management-extension.rst
is changed from 2 to 4.
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Change-Id: I174da4416ad5a8d41bf0ac89f356dba7c0cd3fe7
The BL31 part has been there forever and the PSCI reference is neither
at section 3.3 or directly below. Update this to locate the section more
easily.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I9a86e4ef13d1ac5da743917493f63ddd7690e087
Adding a new threat which is about leaving
sensitive information in internal buffers
which could be stolen by an attacker.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I737e802c0adc9b00c89a0e21779745c51afb4b17
CTX_INCLUDE_EL2_REGS is used to save/restore EL2 registers and
it should be only used when there is SPMD or RME enabled.
Make CTX_INCLUDE_EL2_REGS an internal macro and remove
from documentation.
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: I6a70edfd88163423ff0482de094601cf794246d6
The deprecation was tagged "Next release after 2.8". Now there is a 2.9
planned, directly use this version.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0727eebc4a3800dafafc4166b0c2c40a12c90b4b
Update SPM threat model for possible threats, from malicious
endpoints, related to interrupt management. The mitigations
are based on the guidance provided in FF-A v1.1 EAC0 spec.
Change-Id: Ib9e26e3f1c60fe3a2734a67de1dcf1cea4883d38
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Add details on how to run QEMU in OpenCI, and what tests are currently
supported.
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I291e4eb64a58c766519ff7dcac4841ae75c3934e
Cortex-X3 erratum 2615812 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r1p1, and is still open. The workaround is to disable
the use of the Full Retention power mode in the core (setting
WFI_RET_CTRL and WFE_RET_CTRL in CORTEX_X3_IMP_CPUPWRCTLR_EL1 to 0b000).
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2055130/latest
Change-Id: I5ad66df3e18fc85a6b23f6662239494ee001d82f
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
This patch documents the actions taken by Hafnium SPMC in response
to non-secure and secure interrupts.
Change-Id: I97687f188ca97aeb255e3e5b55d44ddf5d66b6e0
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch documents the support for partition runtime models, call
chains and schedule modes in Hafnium SPMC.
Change-Id: I91d5718bb2c21d475499e402f6f27076930336cb
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
* changes:
docs: add top level section numbering
docs(build): clarify getting started section
docs(build): clarify docs building instructions
fix(docs): prevent a sphinx warning
fix(docs): prevent a virtual environment from failing a build
Top level sections are not numbered. Adding numbers makes referring to
sections easier. For example the Maintainers page changes from
"about/3.1" to simply "1.3.1".
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: If90a18ee8d6a6858d58f0687f31ea62b69399e04
The Getting started section is very difficult to follow. Building the
fip comes before building the files it needs, the BL33 requirement is
given in a somewhat hand wavy way, and the Arm Developer website
download provides a lot of targets and the guide is not clear which ones
are needed on download.
Swapping the initial build and supporting tools sections makes the flow
more natural and the supporting tools section then becomes clear.
Explicitly mentioning the GCC targets avoids confusion for people less
familiar with the project (eg. new starters).
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I02e88f8c279db6d8eda68f634e8473c02b733963
Using virtual environments with pip is a generally recommended good
practice but the docs do not acknowledge it. As a result fresh installs
might fail builds due to missing $PATH entries. The Prerequisites
section is also a bit verbose which is difficult to read.
This patch adds the virtual environment mention and clarifies wording.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iea447fb59dc471a502454650c8548192d93ba879
Some newer versions of sphinx (tried on v5.3) will warn about language
being None which will fail the build. Change it to the default (en) to
prevent this.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ie0570481f42aeb293e885ca936e0765f6cb299a8
sphinx-build is passed a blanket "." to build all docs. However, if a
virtual environment is placed within the docs directory, sphinx will try
to build it which will fail due to some weird files it has.
This excludes the most common virtual environment directories from the
build to prevent this.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ieeb14cfc5730d21c986611feb0ed379c58dfcae2
