The Getting started section is very difficult to follow. Building the
fip comes before building the files it needs, the BL33 requirement is
given in a somewhat hand wavy way, and the Arm Developer website
download provides a lot of targets and the guide is not clear which ones
are needed on download.
Swapping the initial build and supporting tools sections makes the flow
more natural and the supporting tools section then becomes clear.
Explicitly mentioning the GCC targets avoids confusion for people less
familiar with the project (eg. new starters).
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I02e88f8c279db6d8eda68f634e8473c02b733963
Documentation is inconsistent when referring to Ubuntu versioning.
Change this to a single reference that is consistent with the stated
version for TF-A tests.
The change was tested with a full build on a clean install of Ubuntu 20.04.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ibb135ed938e9d92332668fa5caf274cf61b822d3
When updated to work with OpenSSL 3.0, the host tools lost their
compatibility with previous versions (1.x) of OpenSSL. This is
mainly due to the fact that 1.x APIs became deprecated in 3.0 and
therefore their use cause compiling errors. In addition, updating
for a newer version of OpenSSL meant improving the stability
against security threats. However, although version 1.1.1 is
now deprecated, it still receives security updates, so it would
not imply major security issues to keep compatibility with it too.
This patch adds backwards compatibility with OpenSSL 1.x versions
by adding back 1.x API code. It defines a macro USING_OPENSSL3,
which will select the appropriate OpenSSL API version depending on
the OpenSSL library path chosen (which is determined by the
already-existing OPENSSL_DIR variable).
In addition, cleanup items were packed in functions and moved to
the proper modules in order to make the code more maintainable and
legible.
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I8deceb5e419edc73277792861882404790ccd33c
This change updates the version of the Node Version Manager suggested by
the prerequisites documentation. The NVM installation command line hint
has been replaced with the snippet provided by NVM's user guide, and the
second line now automatically installs a version of Node.js compatible
with TF-A's repository scripts.
Change-Id: I6ef5e504118238716ceb45a52083450c424c5d20
Signed-off-by: Chris Kay <chris.kay@arm.com>
In anticpation of the next Trusted Firmware release update the to newest
2.x Mbed TLS library [1].
Note that the Mbed TLS project published version 3.x some time ago.
However, as this is a major release with API breakages, upgrading to
this one might require some more involved changes in TF-A, which we are
not ready to do. We shall upgrade to Mbed TLS 3.x after the v2.8 release
of TF-A.
[1] https://github.com/Mbed-TLS/mbedtls/tree/v2.28.1
Change-Id: I7594ad062a693d2ecc3b1705e944dce2c3c43bb2
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
This toolchain provides multiple cross compilers and is publicly
available on https://developer.arm.com/
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I94e13f6c1ebe3a4a58ca6c79c1605bd300b372d3
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
OpenSSL 3.0 is a pre-requisite since v2.7 and can be installed
on the operating system by updating the previous version.
However, this may not be convenient for everyone, as some may
want to keep their previous versions of OpenSSL.
This update on the docs shows that there is an alternative to
install OpenSSL on the system by using a local build of
OpenSSL 3.0 and pointing both the build and run commands to
that build.
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Ib9ad9ee5c333f7b04e2747ae02433aa66e6397f3
Add an empty line just before the "Build Host" title.
Without this, the title is not properly recognized, it does not get
added to the table of contents and the underlining characters appear
as dashes, as can be seen here:
https://trustedfirmware-a.readthedocs.io/en/v2.7/getting_started/prerequisites.html#prerequisites
Change-Id: Ia89cf3de0588495cbe64b0247dc860619f5ea6a8
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
GCC 11 and Clang 14 now use the DWARF 5 standard by default however
Arm-DS currently only supports up to version 4. Therefore, for debug
builds, ensure the DWARF 4 standard is used.
Also update references for Arm DS-5 to it's successor Arm-DS (Arm
Development Studio).
Change-Id: Ica59588de3d121c1b795b3699f42c31f032cee49
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Host tools cert_tool and encrypt_fw refactored to be fully
compatible with OpenSSL v3.0.
Changes were made following the OpenSSL 3.0 migration guide:
https://www.openssl.org/docs/man3.0/man7/migration_guide.html
In some cases, those changes are straightforward and only
a small modification on the types or API calls was needed
(e.g.: replacing BN_pseudo_rand() with BN_rand(). Both identical
since v1.1.0).
The use of low level APIs is now deprecated. In some cases,
the new API provides a simplified solution for our goals and
therefore the code was simplified accordingly (e.g.: generating
RSA keys through EVP_RSA_gen() without the need of handling the
exponent). However, in some cases, a more
sophisticated approach was necessary, as the use of a context
object was required (e.g.: when retrieving the digest value from
an SHA file).
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I978e8578fe7ab3e71307450ebe7e7812fbcaedb6
Makefile updated to use LLVM utilities instead of GNU utilities when
compiling with clang. `CROSS_COMPILE` is not required since this
dependency has been removed.
Change-Id: I19706b84b9310e07935516681b86596c04ef8ad6
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Upgrade to the latest and greatest 2.x release of Mbed TLS library
(i.e. v2.28.0) to take advantage of their bug fixes.
Note that the Mbed TLS project published version 3.x some time
ago. However, as this is a major release with API breakages, upgrading
to 3.x might require some more involved changes in TF-A, which we are
not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7
release of TF-A.
Change-Id: I887dfd87893169c7be53b986e6c43338d15949d7
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Right now, TF-A documentation recommends downloading Arm compilers
from:
https://developer.arm.com/open-source/gnu-toolchain/gnu-a/downloads
However, this page is now deprecated, as indicated by the banner at
the top of the page. When navigating to the new recommended page, one
can see the following note, which provides the rationale for the
deprecation:
GNU Toolchain releases from Arm were published previously as two
separate releases - one for A-profile and the other for R & M
profiles (GNU Toolchain for A-profile processors and GNU Arm
Embedded Toolchain).
Arm GNU Toolchain releases unifies these two into a single release
and the previous way of releases therefore have been
discontinued. However, the previous releases will continue to be
available for reference.
This patch updates the link to the new recommended place for compiler
downloads.
Change-Id: Iefdea3866a1af806a5db2d2288edbb63c543b8ee
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This toolchain provides multiple cross compilers and is publicly
available on developer.arm.com.
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: Ia14de2c7d9034a6f0bc56535e961fffc81bcbf29
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Updates the Node.js version installed by the prerequisite instructions
from v14 to v16, which is the latest LTS release.
The instructions for installing the Node Version Manager (NVM) have
also been updated for v0.39.0 (previously v0.38.0).
Change-Id: I85528b3906305914ba6169b4dc5aafcf5b36a339
Signed-off-by: Chris Kay <chris.kay@arm.com>
This toolchain provides multiple cross compilers and is publicly
available on developer.arm.com
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I673e0dce8eb3ca3a004a43158a948431b032e93a
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
We currently use Linaro release software stack version
20.01 in the CI. Reflect that change in the docs.
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I0fa9f0163afb0bf399ec503abe9af4f17231f173
Two issues in documentation were identified after the release.
This patch fixes these typos.
1. Matternhorn ELP CPU was made available through v2.5 release, not
Matternhorn CPU
2. We had upgraded TF-A to use GCC 10.2 toolchain family and used this
toolchain for release testing
Change-Id: I33e59bb5a6d13f4d40dbb3352004d5b133431d65
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
To avoid the mistake fixed by the previous commit, ensure users install
the Node.js dependencies without polluting the lock file by passing
`--no-save` to the `npm install` line.
Change-Id: I10b5cc17b9001fc2e26deee02bf99ce033a949c1
Signed-off-by: Chris Kay <chris.kay@arm.com>
Husky is a tool for managing Git hooks within the repository itself.
Traditionally, commit hooks need to be manually installed on a per-user
basis, but Husky allows us to install these hooks either automatically
when `npm install` is invoked within the repository, or manually with
`npx husky install`.
This will become useful for us in the next few patches when we begin
introducing tools for enforcing a commit message style.
Change-Id: I64cae147e9ea910347416cfe0bcc4652ec9b4830
Signed-off-by: Chris Kay <chris.kay@arm.com>
Updated the documentation with latest Mbed TLS supported
version i.e. Mbed TLS v2.26.0
Fixes available in this version of Mbed TLS mainly affect
key generation/writing and certificates writing, which
are features used in the cert_create tool.
Release notes of Mbed TLSv2.26.0 are available here:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.26.0
Change-Id: Ie15ee45d878b7681e15ec4bf64d54b416a31aa2f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
This patch migrates the mbedcrypto dependency for TF-A
to mbedTLS repo v2.24.0 which is the latest release tag.
The relevant documentation is updated to reflect the
use of new version.
Change-Id: I116f44242e8c98e856416ea871d11abd3234dac1
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This toolchain provides multiple cross compilers and are publicly
available on developer.arm.com
We build TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I910200174d5bad985504d1af4a1ae5819b524003
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This toolchain provides multiple cross compilers and are publicly
available on www.developer.arm.com
We thoroughly test TF-A in CI using:
AArch32 bare-metal target (arm-none-eabi)
AArch64 ELF bare-metal target (aarch64-none-elf)
Change-Id: I2360a3ac6705c68dca781b85e9894867df255b3e
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The User Guide document has grown organically over time and
now covers a wide range of topics, making it difficult to
skim read and extract information from. Currently, it covers
these topics and maybe a couple more:
- Requirements (hardware, tools, libs)
- Checking out the repo
- Basic build instructions
- A comprehensive list of build flags
- FIP packaging
- Building specifically for Juno
- Firmware update images
- EL3 payloads
- Preloaded BL33 boot flow
- Running on FVPs
- Running on Juno
I have separated these out into a few groups that become new
documents. Broadly speaking, build instructions for the tools,
for TF-A generally, and for specific scenarios are separated.
Content relating to specific platforms (Juno and the FVPs are
Arm-specific platforms, essentially) has been moved into the
documentation that is specific to those platforms, under
docs/plat/arm.
Change-Id: Ica87c52d8cd4f577332be0b0738998ea3ba3bbec
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Boyan Karatotev
Juan Pablo Conde
Chris Kay
Daniel Boulby
Jayanth Dodderi Chidanand
Sandrine Bailleux
Harrison Mutai
Zelalem
Madhukar Pappireddy
Manish V Badarkhe
Alexei Fedorov
Mark Dykes
Paul Beesley