mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-17 01:54:22 +00:00
No description
79c0c7fac0
In preparation for SMCCC_ARCH_FEATURE_AVAILABILITY, it is useful for context to be directly related to the underlying system. Currently, certain bits like SCR_EL3.APK are always set with the understanding that they will only take effect if the feature is present. However, that is problematic for SMCCC_ARCH_FEATURE_AVAILABILITY (an SMCCC call to report which features firmware enables), as simply reading the enable bit may contradict the ID register, like the APK bit above for a system with no Pauth present. This patch is to clean up these cases. Add a check for PAuth's presence so that the APK bit remains unset if not present. Also move SPE and TRBE enablement to only the NS context. They already only enable the features for NS only and disable them for Secure and Realm worlds. This change only makes these worlds' context read 0 for easy bitmasking. There's only a single snag on SPE and TRBE. Currently, their fields have the same values and any world asymmetry is handled by hardware. Since we don't want to do that, the buffers' ownership will change if we just set the fields to 0 for non-NS worlds. Doing that, however, exposes Secure state to a potential denial of service attack - a malicious NS can enable profiling and call an SMC. Then, the owning security state will change and since no SPE/TRBE registers are contexted, Secure state will start generating records. Always have NS world own the buffers to prevent this. Finally, get rid of manage_extensions_common() as it's just a level of indirection to enable a single feature. Change-Id: I487bd4c70ac3e2105583917a0e5499e0ee248ed9 Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com> |
||
|---|---|---|
| .husky | ||
| bl1 | ||
| bl2 | ||
| bl2u | ||
| bl31 | ||
| bl32 | ||
| common | ||
| docs | ||
| drivers | ||
| fdts | ||
| include | ||
| lib | ||
| licenses | ||
| make_helpers | ||
| plat | ||
| services | ||
| tools | ||
| .checkpatch.conf | ||
| .commitlintrc.js | ||
| .ctags | ||
| .cz-adapter.cjs | ||
| .cz.json | ||
| .editorconfig | ||
| .gitignore | ||
| .gitreview | ||
| .nvmrc | ||
| .readthedocs.yaml | ||
| .versionrc.cjs | ||
| changelog.yaml | ||
| dco.txt | ||
| license.rst | ||
| Makefile | ||
| package-lock.json | ||
| package.json | ||
| poetry.lock | ||
| pyproject.toml | ||
| readme.rst | ||
Trusted Firmware-A ================== Trusted Firmware-A (TF-A) is a reference implementation of secure world software for `Arm A-Profile architectures`_ (Armv8-A and Armv7-A), including an Exception Level 3 (EL3) `Secure Monitor`_. It provides a suitable starting point for productization of secure world boot and runtime firmware, in either the AArch32 or AArch64 execution states. TF-A implements Arm interface standards, including: - `Power State Coordination Interface (PSCI)`_ - `Trusted Board Boot Requirements CLIENT (TBBR-CLIENT)`_ - `SMC Calling Convention`_ - `System Control and Management Interface (SCMI)`_ - `Software Delegated Exception Interface (SDEI)`_ The code is designed to be portable and reusable across hardware platforms and software models that are based on the Armv8-A and Armv7-A architectures. In collaboration with interested parties, we will continue to enhance TF-A with reference implementations of Arm standards to benefit developers working with Armv7-A and Armv8-A TrustZone technology. Users are encouraged to do their own security validation, including penetration testing, on any secure world code derived from TF-A. More Info and Documentation --------------------------- To find out more about Trusted Firmware-A, please `view the full documentation`_ that is available through `trustedfirmware.org`_. -------------- *Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.* .. _Armv7-A and Armv8-A: https://developer.arm.com/products/architecture/a-profile .. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php .. _Power State Coordination Interface (PSCI): PSCI_ .. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf .. _Trusted Board Boot Requirements CLIENT (TBBR-CLIENT): https://developer.arm.com/docs/den0006/latest .. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf .. _System Control and Management Interface (SCMI): SCMI_ .. _SCMI: http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf .. _Software Delegated Exception Interface (SDEI): SDEI_ .. _SDEI: http://infocenter.arm.com/help/topic/com.arm.doc.den0054a/ARM_DEN0054A_Software_Delegated_Exception_Interface.pdf .. _Arm A-Profile architectures: https://developer.arm.com/architectures/cpu-architecture/a-profile .. _view the full documentation: https://www.trustedfirmware.org/docs/tf-a .. _trustedfirmware.org: http://www.trustedfirmware.org