Currently Tf-A uses whatever openssl binary is on the system to sign
images. However if OPENSSL_DIR is specified in the build flags this can
lead to linking issues as the system binary can end up being linked
against shared libraries provided in OPENSSL_DIR/lib if both binaries
(the system's and the on in OPENSSL_DIR/bin) are the same version.
This patch ensures that the binary used is always the one given by
OPENSSL_DIR to avoid those link issues.
Signed-off-by: Salome Thirot <salome.thirot@arm.com>
Change-Id: Ib534e06ebc8482e4391e376d3791a87968de4a99
These changes are to add support for loading and booting
OP-TEE as SPMC running at SEL1 for N1SDP platform.
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I0514db646d4868b6f0c56f1ea60495cb3f7364fd
Added a platform support to use tc2 specific CPU cores.
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: Ib76d440e358e9bd1cf80aec5b8591f7a6e47ecbd
Change [1] is specific to TC2 model and breaks former TC0/TC1 test
configs.
BL1 start address is 0x0 on TC0/TC1 and 0x1000 from TC2 onwards.
Fix by adding conditional defines depending on TARGET_PLATFORM build
flag.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/15917
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I51f77e6a61ca8eaa6871c19cabe9deb1288f5a9d
Locate BL1 at 0x1000 to compensate for the MCUBoot
header size.
Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I30a5ccf8212786479bff8286f3d0abb9dec4b7d0
The value of the macro CSS_SGI_REMOTE_CHIP_MEM_OFFSET can be different
across all the Neoverse reference design platforms. This value depends
on the number of address bits used per chip. So let all platforms define
CSS_SGI_ADDR_BITS_PER_CHIP which specifies the number of address bits
used per chip.
In addition to this, reuse the definition of CSS_SGI_ADDR_BITS_PER_CHIP
for single chip platforms and CSS_SGI_REMOTE_CHIP_MEM_OFFSET for multi-
chip platforms to determine the maximum address space size. Also,
increase the RD-N2 multi-chip address space per chip from 4TB to 64TB.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: If5e69ec26c2389304c71911729d4addbdf8b2686
The EL3 runtime firmware has been running from internal trusted
SRAM space on the Morello platform. Due to unavailability of tag
support for the internal trusted SRAM this becomes a problem if
we enable capability pointers in BL31.
To support capability pointers in BL31 it has to be run from the
main DDR memory space. This patch updates the Morello platform
configuration such that BL31 is loaded and run from DDR space.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Change-Id: I16d4d757fb6f58c364f5133236d50fc06845e0b4
This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I1374f8f9cb207028f1820953cd2a5cf6d6c3b948
Use the RMM shared buffer to attestation token and signing key SMCs.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I313838b26d3d9334fb0fe8cd4b229a326440d2f4
This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, among others, to pass a boot manifest to RMM. The buffer is
composed a single memory page be used by a later EL3 <-> RMM interface
by all CPUs.
The RMM boot manifest is not implemented by this patch.
In addition to that, this patch also enables support for RMM when
RESET_TO_BL31 is enabled.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I855cd4758ee3843eadd9fb482d70a6d18954d82a
Add a new property named 'isolated-cpu-list' to list the CPUs that are
to be isolated and not used by the platform. The data represented by
this property is formatted as below.
strutct isolated_cpu_mpid_list {
uint64_t count;
uint64_t mpid_list[MAX Number of PE];
}
Also, the property is pre-initialized to 0 to reserve space for the
property in the dtb. The data for this property is read from SDS and
updated during boot. The number of entries in this list is equal to the
maximum number of PEs present on the platform.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I4119f899a273ccbf8259e0d711d3a25501c7ec64
Add the TPM event log node to the SPMC manifest such that the TF-A
measured boot infrastructure fills the properties with event log address
for components measured by BL2 at boot time.
For a SPMC there is a particular interest with SP measurements.
In the particular case of Hafnium SPMC, the tpm event log node is not
yet consumed, but the intent is later to pass this information to an
attestation SP.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ic30b553d979532c5dad9ed6d419367595be5485e
With RSS now introduced, we have 2 Measured Boot backends. Both backends
can be used in the same firmware build with potentially different hash
algorithms, so now there can be more than one hash algorithm in a build.
Therefore the logic for selecting the measured boot hash algorithm needs
to be updated and the coordination of algorithm selection added. This is
done by:
- Adding MBOOT_EL_HASH_ALG for Event Log to define the hash algorithm
to replace TPM_HASH_ALG, removing reference to TPM.
- Adding MBOOT_RSS_HASH_ALG for RSS to define the hash algorithm to
replace TPM_HASH_ALG.
- Coordinating MBOOT_EL_HASH_ALG and MBOOT_RSS_HASH_ALG to define the
Measured Boot configuration macros through defining
TF_MBEDTLS_MBOOT_USE_SHA512 to pull in SHA-512 support if either
backend requires a stronger algorithm than SHA-256.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I4ddf06ebdc3835beb4d1b6c7bab5a257ffc5c71a
The cca chain of trust involves 3 root-of-trust public keys:
- The CCA components ROTPK.
- The platform owner ROTPK (PROTPK).
- The secure world ROTPK (SWD_ROTPK).
Use the cookie argument as a key ID for plat_get_rotpk_info() to return
the appropriate one.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ieaae5b0bc4384dd12d0b616596596b031179044a
- Use the development PROTPK and SWD_ROTPK if using cca CoT.
- Define a cca CoT build flag for the platform code to provide
different implementations where needed.
- When ENABLE_RME=1, CCA CoT is selected by default on Arm
platforms if no specific CoT is specified by the user.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I70ae6382334a58d3c726b89c7961663eb8571a64
When using the new cca chain of trust, a new root of trust key is needed
to authenticate the images belonging to the secure world. Provide a
development one to deploy this on Arm platforms.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I9ea7bc1c15c0c94c1021d879a839cef40ba397e3
Adding support in fconf for the cca CoT certificates for cca, core_swd,
and plat key.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I8019cbcb7ccd4de6da624aebf3611b429fb53f96
Increase the space for BL2 by 0xC000 to accommodate the increase in size
of BL2 when ARM_BL31_IN_DRAM is set.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ifc99da51f2de3c152bbed1c8269dcc8b9100797a
Add SP entries to event_log_metadata if SPD_spmd is enabled. Otherwise
the platform cannot boot with measured boot enabled.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I525eb50e7bb60796b63a8c7f81962983017bbf87
Add call to platform hooks upon successful transmission of a
memory transaction request and as part of a memory reclaim request.
This allows for platform specific functionality to be performed
accordingly.
Note the hooks must be placed in the initial share request and final
reclaim to prevent order dependencies with operations that may take
place in the normal world without visibility of the SPMC.
Add a dummy implementation to the FVP platform.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I0c7441a9fdf953c4db0651512e5e2cdbc6656c79
In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptors, a accessor function is used.
This allows for the backing memory to be allocated in a
platform defined manner, to accommodate memory constraints
and desired use cases.
Provide an implementation for the Arm FVP platform to
use a default value of 512KB memory allocated in the
TZC RAM section.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I92bc55ba6e04bdad429eb52f0d2960ceda682804
This patch adds support to load nt_fw_config with the information from
plat_info sds structure which is then passed from BL2 to BL33.
Signed-off-by: sahil <sahil@arm.com>
Change-Id: I2fcf13b7bf5ab042ef830157fd9cceedbdca617a
Enable the RSS backend based measured boot feature.
In the absence of RSS the mocked version of PSA APIs
are used. They always return with success and hard-code data.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I7543e9033a7a21f1b836d911d8d9498c6e09b956
This patch enables access to the branch record buffer control registers
in non-secure EL2 and EL1 using the new build option ENABLE_BRBE_FOR_NS.
It is disabled for all secure world, and cannot be used with ENABLE_RME.
This option is disabled by default, however, the FVP platform makefile
enables it for FVP builds.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I576a49d446a8a73286ea6417c16bd0b8de71fca0
Introduce additional #defines for running with the EL3
SPMC on the FVP.
The increase in xlat tables has been chosen to allow
the test cases to complete successfully and may need
adjusting depending on the desired usecase.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I7f44344ff8b74ae8907d53ebb652ff8def2d2562
Add an example logical partition to the FVP platform that
simply prints and echos the contents of a direct request
with the appropriate direct response.
Change-Id: Ib2052c9a63a74830e5e83bd8c128c5f9b0d94658
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change the OPTEE FF-A manifest to comply with changes to the sp pkg [1].
The sptool packs the image at the default offset of 0x4000, if it is not
provided in the arguments.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/14507
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I647950410114f7fc24926696212bb7f8101390ac
This change performs a basic configuration of the SMMU root registers
interface on an RME enabled system. This permits enabling GPC checks
for transactions originated from a non-secure or secure device upstream
to an SMMU. It re-uses the boot time GPT base address and configuration
programmed on the PE.
The root register file offset is platform dependent and has to be
supplied on a model command line.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I4f889be6b7afc2afb4d1d147c5c1c3ea68f32e07
Currently, HW-config is loaded into non-secure memory, which mean
a malicious NS-agent could tamper with it. Ideally, this shouldn't
be an issue since no software runs in non-secure world at this time
(non-secure world has not been started yet).
It does not provide a guarantee though since malicious external
NS-agents can take control of this memory region for update/corruption
after BL2 loads it and before BL31/BL32/SP_MIN consumes it. The threat
is mapped to Threat ID#3 (Bypass authentication scenario) in threat
model [1].
Hence modified the code as below -
1. BL2 loads the HW_CONFIG into secure memory
2. BL2 makes a copy of the HW_CONFIG in the non-secure memory at an
address provided by the newly added property(ns-load-address) in
the 'hw-config' node of the FW_CONFIG
3. SP_MIN receives the FW_CONFIG address from BL2 via arg1 so that
it can retrieve details (address and size) of HW_CONFIG from
FW_CONFIG
4. A secure and non-secure HW_CONFIG address will eventually be used
by BL31/SP_MIN/BL32 and BL33 components respectively
5. BL31/SP_MIN dynamically maps the Secure HW_CONFIG region and reads
information from it to local variables (structures) and then
unmaps it
6. Reduce HW_CONFIG maximum size from 16MB to 1MB; it appears
sufficient, and it will also create a free space for any future
components to be added to memory
[1]: https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html
Change-Id: I1d431f3e640ded60616604b1c33aa638b9a1e55e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Used MBEDTLS_CONFIG_FILE macro for including mbedTLS
configuration.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I374b59a31df3ab1e69481b2c37a6f7455a106b6e
There are plans to contribute a generic MHU driver to the TF-A code
base in the short term.
In preparation for this, rename the Corstone-700 MHU driver source
files and prefix them with the name of the platform to avoid any
ambiguity or name clashes with the upcoming generic MHU driver. Also
rename the header guard accordingly.
This renaming is inline with other platform-specific MHU drivers, such
as the ones used on Broadcom [1], Socionext [2] or Amlogic [3] platforms.
[1] plat/brcm/common/brcm_mhu.h
[2] plat/socionext/synquacer/drivers/mhu/sq_mhu.h
[3] plat/amlogic/common/aml_mhu.c
Change-Id: I8a5e5b16e7c19bf931a90422dfca8f6a2a0663b4
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
parameters:
* Fid (0xC400001B2).
* Attestation key buffer PA (the realm attestation key is copied
at this address by the monitor).
* Attestation key buffer length as input and size of realm
attesation key as output.
* Type of elliptic curve.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I12d8d98fd221f4638ef225c9383374ddf6e65eac
Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC40001B3).
* Platform token PA (the platform token is copied at this address by
the monitor). The challenge object needs to be passed by
the caller in this buffer.
* Platform token len.
* Challenge object len.
When calling the SMC, the platform token buffer received by EL3 contains
the challenge object. It is not used on the FVP and is only printed to
the log.
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Change-Id: I8b2f1d54426c04e76d7a3baa6b0fbc40b0116348
In anticipation of Spectre BHB workaround mitigation patches, we
disable the RECLAIM_INIT_CODE for FVP platform. Since the spectre
BHB mitigation workarounds inevitably increase the size of the various
segments due to additional instructions and/or macros, these segments
cannot be fit in the existing memory layout designated for BL31 image.
The issue is specifically seen in complex build configs for FVP
platform. One such config has TBB with Dual CoT and test secure
payload dispatcher(TSPD) enabled. Even a small increase in individual
segment size in order of few bytes might lead to build fails due to
alignment requirements(PAGE_ALIGN to 4KB).
This is needed to workaround the following build failures observed
across multiple build configs:
aarch64-none-elf-ld.bfd: BL31 init has exceeded progbits limit.
aarch64-none-elf-ld.bfd: /work/workspace/workspace/tf-worker_ws_2/trusted_firmware/build/fvp/debug/bl31/bl31.elf section coherent_ram will not fit in region RAM
aarch64-none-elf-ld.bfd: BL31 image has exceeded its limit.
aarch64-none-elf-ld.bfd: region RAM overflowed by 4096 bytes
Change-Id: Idfab539e9a40f4346ee11eea1e618c97e93e19a1
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Pass NS-load address as ~0UL to the 'set_config_info' function while
updating FW_CONFIG device tree information since it is always loaded
into secure memory.
Change-Id: I64e8531e0ad5cda63f14d838efb9da9cf20beea8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Updating call order for arm_console_boot_init() and arm_bl31_early_platform_setup().
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: If932fff2ee4282a0aacf8751fa81e7665b886467
Following I2d274fa897171807e39b0ce9c8a28824ff424534:
Remove GICD registers S2 mapping from OP-TEE partition when it runs in a
secure partition on top of Hafnium.
The partition is not meant to access the GIC directly but use the
Hafnium provided interfaces.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1a38101f6ae9911662828734a3c9572642123f32
Platforms which support Realm world cannot boot up
properly if measured boot is enabled at build time.
An assertions occurs due to the missing RMM entry
in the event_log_metadata array.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I172f10a440797f7c9e1bc79dc72242b40c2521ea
Currently only the lowest 2 DRAM region were configured in the
TrustZone Controller, but the platform supports 6 regions spanning the
whole address space.
Configuring all of them to allow tests to access memory also in those
higher memory regions.
FVP memory map:
https://developer.arm.com/documentation/100964/1116/Base-Platform/Base---memory/Base-Platform-memory-map
Note that last row is wrong, describing a non-existing 56bit address,
all region labels should be shifted upward.
Issue has been reported and next release will be correct.
Change-Id: I695fe8e24aff67d75e74635ba32a133342289eb4
Signed-off-by: Federico Recanati <federico.recanati@arm.com>
Add initial support for RD-Edmunds platform. This platform is considered
as a variant of RD-N2 platform with only major change being the CPU
which is Demeter instead of Neoverse-N2.
Signed-off-by: Tony K Nadackal <tony.nadackal@arm.com>
Change-Id: I939d9eac652fa9e76ad002ee5e6107aa79baa013
Secure enclave decides the boot bank based on the firmware update
state of the system and updates the boot bank information at a given
location in the flash. In this commit, bl2 reads the given flash
location to indentify the bank from which it should load fip from.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I7f0f4ffc97189c9deb99db44afcd966082ffbf21
More space in the flash is reserved up front for metadata
parser and UEFI variables. That requires change in the flash
base address of where images are present.
Signed-off-by: Satish Kumar <satish.kumar01@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: Ieaabe09374d707de18d36505c69b6c9a8c2ec2e9
This change implements platform specific psci reset
for the corstone1000.
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Change-Id: I25f77234506416c3376ff4a028f6ea40ebe68437
These changes are required to accommodate 3MB for OP-TEE and this
is required for SP's part of optee
Added size macro's for better readability of the code
Moved uboot execution memory from CVM to DDR
Change-Id: I16657c6e336fe7c0fffdee1617d10af8a2c76732
Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Arpita S.K <Arpita.S.K@arm.com>
Salome Thirot
Vishnu Banavath
Rupinderjit Singh
Olivier Deprez
Sandrine Bailleux
Anders Dellien
Vijayenthiran Subramaniam
Manoj Kumar
Javier Almansa Sobrino
Nishant Sharma
laurenw-arm
Imre Kis
Marc Bonnici
sahil
Tamas Ban
johpow01
Manish V Badarkhe
J-Alves
Manish Pandey
David Vincze
Soby Mathew
Madhukar Pappireddy
Juan Pablo Conde
Federico Recanati
Tony K Nadackal
Satish Kumar
Emekcan Aras
Arpita S.K