Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6
The call to REGISTER_CRYPTO_LIB requires auth_decrypt function to be
provided. Add its prototype and update REGISTER_CRYPTO_LIB call.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Id1f2a54867ffe5dec36e0bf22490d01858891585
Compared the full ROTPK with the ROTPK obtained from the certificate
when the platform supports full ROTPK instead of hash of ROTPK.
Additionally, changed the code to verify the ROTPK before relying on
it for signature verification.
Change-Id: I52bb9deb1a1dd5b184d3156bddad14c238692de7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Updated the Crypto Module section to detail the 'calc_hash'
function.
Change-Id: I04a24abba150745e4eba6273bdb7cf12b66bfebc
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
New python dependencies are introduced by the memory mapping script.
Rather than add another `requirements.txt` utilise poetry. This is a
proper dependency management framework for Python. The two main upsides
of using poetry instead of the traditional requirements.txt are
maintainability and reproducibility.
Poetry provides a proper lock file for pinning dependencies, similar to
npm for JavaScript. This allows for separate environments (i.e. docs,
tools) to be created efficiently, and in a reproducible manner, wherever
the project is deployed. Having dependencies pinned in this manner is a
boon as a security focused project. An additional upside is that we will
receive security updates for dependencies via GitHub's Dependabot.
Change-Id: I5a3c2003769b878a464c8feac0f789e5ecf8d56c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Adds a conditional check in the `prepare-commit-msg` commit hook that
reads the `tf-a.disableCommitizen` Git configuration option, and
does not execute Commitizen if it is found.
To skip Commitizen, run:
git config tf-a.disableCommitizen true
Change-Id: Ic8967f6f42bf3555df09b57096044fb99438d4d4
Signed-off-by: Chris Kay <chris.kay@arm.com>
Updated the code to get and set the 'tpm_event_log_max_size' property
in the event_log.dtsi.
In this change, the maximum Event Log buffer size allocated by BL1 is
passed to BL2, rather than both relying on the maximum Event Log buffer
size macro.
Change-Id: I7aa6256390872171e362b6f166f3f7335aa6e425
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Needed for TQMa8Xx on MBa8Xx. With this changes it is
possible to build:
$ make PLAT=imx8qx IMX_DEBUG_UART=1 DEBUG_CONSOLE=1 bl31
Signed-off-by: Markus Niebel <Markus.Niebel@tq-group.com>
Signed-off-by: Alexander Stein <alexander.stein@ew.tq-group.com>
Change-Id: If380845b254f30fe919ebb33c86130597c4b8ad3
Remove unused PLAT_NUM_POWER_DOMAINS macro. Macro is referenced by
docs/design/psci-pd-tree.rst but it is not used in any calculation
that's why it is better to remove it.
Change-Id: I33f26cda6a4404061af5598ea4c751f64127e50a
Signed-off-by: Michal Simek <michal.simek@amd.com>
The commit 6bb49c876c ("style(hooks): adds Arm copyright style fix")
is enforcing proper case for ARM. That's why fix it in plat/xilinx to
make sure that pre-commit.copyright won't be touching platform specific
files.
Change-Id: I49c66e18d46ed871a6aa128c9b2a403d0cf83416
Signed-off-by: Michal Simek <michal.simek@amd.com>
Replace FPD_MAINCCI* macros by PLAT_ARM_CCI* not to have two different
names for the same IP.
Change-Id: Ia1930e150a51603471051acec5c79c649d57f92f
Signed-off-by: Michal Simek <michal.simek@amd.com>
Update Agilex and N5X clock manager to get MPU clock from mainPLL C0
and PeriPLLC0.
1. Updated macro name PLAT_SYS_COUNTER_CONVERT_TO_MHZ to
PLAT_HZ_CONVERT_TO_MHZ.
2. Updated get_cpu_clk to point to get_mpu_clk and added comment.
3. Added get_mpu_clk to get clock from main PLL C0 and Peri PLL C0.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I43a9d83caa832b61eba93a830e2a671fd4dffa19
Get CPU frequency and update the timer init div with it.
The timer is vary based on the CPU frequency instead of hardcoded.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ibfaa47fb7a25176eebf06f4828bf9729d56f12ed
Add initial configuration parameters for Rasperry Pi 3's sdhost
controller, and then configure and use those parameters.
This change allows warm reboots of UEFI on Raspberry Pi 3B+ where
existing code often fails with "unknown error". See discussion at:
https://github.com/pftf/RPi3/issues/24
The basic idea is that some initial configuration parameters
(clock rate, bus width) aren't configured into the hardware before
commands start being sent. I suspect that the particular setting
that matters is the "slow card" bit, but the initial clock setting
also seemed wrong to me.
Change-Id: I526def340def143f23f3422f1fc14c12c937ca7f
Signed-off-by: Rob Newberry <robthedude@mac.com>
The value of register HCRX_EL2 is UNKNOWN out of reset. This can
affect the behavior in lower exception levels, such as traps to
EL2 due to a wrong configuration of the register upon reset.
This patch initializes the register at EL3 and disables all traps
related to it.
On the other hand, new fields have been introduced for HCRX_EL2,
which are now defined in this patch, so they can be used in
further development.
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I0bf1e949aa0d3be9f227358ad088a1ecb96ce222
Arm v8.9 introduces a series of features providing a new way to set memory
permissions. Instead of directly encoding the permissions in the page
tables the PTEs contain indexes into an array of permissions stored in
system registers, allowing greater flexibility and density of encoding.
Enable access to these features for EL2 and below, context switching the
newly added EL2 registers as appropriate. Since all of FEAT_S[12]P[IO]E
are separately discoverable we have separate build time options for
enabling them, but note that there is overlap in the registers that they
implement and the enable bit required for lower EL access.
Change the FVP platform to default to handling them as dynamic options so
the right decision can be made by the code at runtime.
Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: Icf89e444e39e1af768739668b505661df18fb234
Fix coverity finding in psci_cpu_on, in which target_idx is directly
assigned the return value from plat_core_pos_by_mpidr. If the latter
returns a negative or large positive value, it can trigger an out of
bounds overflow for the psci_cpu_pd_nodes array.
>>>> CID 382009: (OVERRUN)
>>>> Overrunning callee's array of size 8 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_spin_lock_cpu".
> 80 psci_spin_lock_cpu(target_idx);
>>>> CID 382009: (OVERRUN)
>>>> Overrunning callee's array of size 8 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_spin_unlock_cpu".
> 160 psci_spin_unlock_cpu(target_idx);
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ibc46934e9ca7fdcaeebd010e5c6954dcf2dcf8c7
If PLATFORM_STACK_SIZE not already defined, use the default value of
PLATFORM_STACK_SIZE.
This makes the stack size value configurable for different interface
like custom packages.
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Change-Id: I87e9fcbfb4c4092378b1ac0ff8fb6d084495d320
When porting TF-A to a new platform, it is essential to read the
threat model documents in conjunction with the porting guide to
understand the security responsibilities of each platform interface
to implement.
Add a note to highlight this in the porting guide.
Change-Id: Icd1e41ae4b15032b72531690dd82a9ef95ca0db5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
The porting guide is currently hosted under the 'Getting started'
section. Yet, porting the full firmware to a new platform is probably
not the first thing that one would do. Before delving into the
details, one would probably start by building the code for an emulated
platform, such as Arm FVP.
Furthermore, the porting guide is such a big and important document
that it probably deserves being visible in the main table of contents.
Thus, move it just above the list of supported platforms.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I51b3d2a93832505ab90d73c823f06f9540e84c77
Version 1 of the translation table library is deprecated. Refer to
version 2 instead.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I10a4ab7b346ea963345f82baff2deda267c5308d
The pull request terminology dates back from when TF-A repository was
hosted on Github. Use a terminology that is more suited to Gerrit
workflow.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Ieecf47617ca1cdb76b9c4a83f63ba3c402b9e975
Yann Gautier
Manish V Badarkhe
Madhukar Pappireddy
Joanna Farley
Mark Dykes
Harrison Mutai
Sandrine Bailleux
Chris Kay
Markus Niebel
Michal Simek
Manish Pandey
Bipin Ravi
Jit Loon Lim
Sieu Mun Tang
André Przywara
Rob Newberry
Juan Pablo Conde
Mark Brown
Olivier Deprez
Akshay Belsare