Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-17 10:04:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
No description
12163 commits 1 branch 147 tags 54 MiB
C 89.7%
Assembly 6%
Makefile 3.5%
Python 0.6%
C++ 0.1%
Find a file
Marco Felsch 1f49db5f25 feat(build): add support for new binutils versions 
Users of GNU ld (BPF) from binutils 2.39+ will observe multiple instaces
of a new warning when linking the bl*.elf in the form:

  ld.bfd: warning: stm32mp1_helper.o: missing .note.GNU-stack section implies executable stack
  ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
  ld.bfd: warning: bl2.elf has a LOAD segment with RWX permissions
  ld.bfd: warning: bl32.elf has a LOAD segment with RWX permissions

These new warnings are enbaled by default to secure elf binaries:
 - https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
 - https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=0d38576a34ec64a1b4500c9277a8e9d0f07e6774

Fix it in a similar way to what the Linux kernel does, see:
https://lore.kernel.org/all/20220810222442.2296651-1-ndesaulniers@google.com/

Following the reasoning there, we set "-z noexecstack" for all linkers
(although LLVM's LLD defaults to it) and optional add
--no-warn-rwx-segments since this a ld.bfd related.

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
Change-Id: I9430f5fa5036ca88da46cd3b945754d62616b617
2023-03-13 10:55:50 +01:00
.husky feat(git-hooks): add pre-commit hook 2023-02-09 17:27:25 +00:00
bl1 build: always prefix section names with . 2023-02-20 18:29:33 +00:00
bl2 build: always prefix section names with . 2023-02-20 18:29:33 +00:00
bl2u build: always prefix section names with . 2023-02-20 18:29:33 +00:00
bl31 refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED 2023-02-27 18:04:14 +00:00
bl32 refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED 2023-02-27 18:04:14 +00:00
common refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED 2023-02-27 18:04:14 +00:00
docs Merge "docs(zynqmp): add ddr address usage" into integration 2023-03-13 09:51:19 +01:00
drivers Merge "fix(mbedtls): fix mbedtls coverity issues" into integration 2023-03-03 10:54:43 +01:00
fdts feat(morello): add GPU DT node 2023-02-20 11:52:39 +00:00
include fix(cpus): workaround for Cortex-A78C erratum 2779484 2023-03-08 22:00:14 +01:00
lib fix(cpus): workaround for Cortex-A78C erratum 2779484 2023-03-08 22:00:14 +01:00
licenses docs(license): rectify arm-gic.h license 2021-04-26 12:36:00 +01:00
make_helpers build(makefile): add helper to detect linker options 2023-03-13 10:55:50 +01:00
plat Merge "fix(tegra210): support legacy SMC_ID 0xC2FEFE00" into integration 2023-03-10 17:28:10 +01:00
services feat(spmd): fail safe if SPM fails to initialize 2023-03-09 09:33:28 +01:00
tools refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE 2023-02-21 11:09:47 +00:00
.checkpatch.conf Re-apply GIT_COMMIT_ID check for checkpatch 2019-07-12 11:06:24 +01:00
.commitlintrc.js build(commitlint): make the scope optional 2022-05-03 11:06:50 +02:00
.cz.json refactor(hooks): replace cz-conventional-changelog with cz-commitlint 2022-01-24 12:55:00 +00:00
.editorconfig .editorconfig: set max line length to 100 2020-12-03 15:39:23 +00:00
.gitignore chore: add encrypt_fw to gitignore 2023-02-02 13:30:53 +01:00
.gitreview Specify integration as the default branch for git-review 2020-04-02 07:57:17 +00:00
.nvmrc build(npm): add NVM version file 2022-10-10 13:24:22 +01:00
.readthedocs.yaml fix(docs): add plantuml as a dependency 2023-02-27 15:01:58 +00:00
.versionrc.js docs(changelog): fix broken version bumping 2022-01-24 12:55:34 +00:00
changelog.yaml refactor(cpufeat): move helpers into .c file, rename FEAT_STATE_ 2023-01-11 16:02:58 +00:00
dco.txt Drop requirement for CLA in contribution.md 2016-09-27 21:52:03 +01:00
license.rst doc: De-duplicate readme and license files 2019-10-08 16:36:15 +00:00
Makefile feat(build): add support for new binutils versions 2023-03-13 10:55:50 +01:00
package-lock.json docs(changelog): changelog for v2.8 release 2022-11-16 14:10:49 -06:00
package.json docs(changelog): changelog for v2.8 release 2022-11-16 14:10:49 -06:00
readme.rst doc: Formatting fixes for readme.rst 2019-10-09 15:37:59 +00:00

readme.rst 

Trusted Firmware-A
==================

Trusted Firmware-A (TF-A) is a reference implementation of secure world software
for `Arm A-Profile architectures`_ (Armv8-A and Armv7-A), including an Exception
Level 3 (EL3) `Secure Monitor`_. It provides a suitable starting point for
productization of secure world boot and runtime firmware, in either the AArch32
or AArch64 execution states.

TF-A implements Arm interface standards, including:

-  `Power State Coordination Interface (PSCI)`_
-  `Trusted Board Boot Requirements CLIENT (TBBR-CLIENT)`_
-  `SMC Calling Convention`_
-  `System Control and Management Interface (SCMI)`_
-  `Software Delegated Exception Interface (SDEI)`_

The code is designed to be portable and reusable across hardware platforms and
software models that are based on the Armv8-A and Armv7-A architectures.

In collaboration with interested parties, we will continue to enhance TF-A
with reference implementations of Arm standards to benefit developers working
with Armv7-A and Armv8-A TrustZone technology.

Users are encouraged to do their own security validation, including penetration
testing, on any secure world code derived from TF-A.

More Info and Documentation
---------------------------

To find out more about Trusted Firmware-A, please `view the full documentation`_
that is available through `trustedfirmware.org`_.

--------------

*Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.*

.. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile
.. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php
.. _Power State Coordination Interface (PSCI): PSCI_
.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf
.. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT): https://developer.arm.com/docs/den0006/latest/trusted-board-boot-requirements-client-tbbr-client-armv8-a
.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf
.. _System Control and Management Interface (SCMI): SCMI_
.. _SCMI: http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
.. _Software Delegated Exception Interface (SDEI): SDEI_
.. _SDEI: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf
.. _Arm A-Profile architectures: https://developer.arm.com/architectures/cpu-architecture/a-profile
.. _view the full documentation: https://www.trustedfirmware.org/docs/tf-a
.. _trustedfirmware.org: http://www.trustedfirmware.org