- Jun 28, 2022
-
-
Manish Pandey2 authored
-
Sandrine Bailleux authored
Merge "fix(measured-boot): clear the entire digest array of Startup Locality event" into integration
-
Madhukar Pappireddy authored
* changes: feat(synquacer): add FWU Multi Bank Update support feat(synquacer): add TBBR support feat(synquacer): add BL2 support refactor(synquacer): move common source files
-
- Jun 27, 2022
-
-
JassiBrar authored
Add FWU Multi Bank Update support. This reads the platform metadata and update the FIP base address so that BL2 can load correct BL3X based on the boot index. Cc: Sumit Garg <sumit.garg@linaro.org> Cc: Masahisa Kojima <masahisa.kojima@linaro.org> Cc: Manish V Badarkhe <manish.badarkhe@arm.com> Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org> Change-Id: I5d96972bc4b3b9a12a8157117e53a05da5ce89f6 Signed-off-by:
Masami Hiramatsu <masami.hiramatsu@linaro.org> Signed-off-by:
Jassi Brar <jaswinder.singh@linaro.org>
-
JassiBrar authored
enable Trusted-Boot for Synquacer platform. Cc: Sumit Garg <sumit.garg@linaro.org> Cc: Masahisa Kojima <masahisa.kojima@linaro.org> Cc: Manish V Badarkhe <manish.badarkhe@arm.com> Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org> Change-Id: I2608b4d573d95d55da1fc5544333e0dbf3f763f2 Signed-off-by: -
JassiBrar authored
Add BL2 support by default. Move the legacy mode behind the RESET_TO_BL31 define. Cc: Sumit Garg <sumit.garg@linaro.org> Cc: Masahisa Kojima <masahisa.kojima@linaro.org> Cc: Manish V Badarkhe <manish.badarkhe@arm.com> Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org> Change-Id: Ic490745a7e8f6114172733428ebd6bd6adfcc1ec Signed-off-by: -
JassiBrar authored
Prepare for introduction of BL2 support by moving reusable files from BL31_SOURCES into PLAT_BL_COMMON_SOURCES Cc: Sumit Garg <sumit.garg@linaro.org> Cc: Masahisa Kojima <masahisa.kojima@linaro.org> Cc: Manish V Badarkhe <manish.badarkhe@arm.com> Cc: Leonardo Sandoval <leonardo.sandoval@linaro.org> Change-Id: I21137cdd40d027cfa77f1dec3598ee85d4873581 Signed-off-by: -
Madhukar Pappireddy authored
-
Manish Pandey2 authored
* changes: feat(stm32mp1): optionally use paged OP-TEE feat(optee): check paged_image_info
-
Igor Opaniuk authored
Introduce a functionality for saving/restoring boot auth status and partition used for booting (FSBL partition on which the boot was successful). Signed-off-by:Igor Opaniuk <igor.opaniuk@foundries.io> Change-Id: I4d7f153b70dfc49dad8c1c3fa71111a350caf1ee
-
Lauren Wehrmeister authored
* changes: refactor(imx): update config of mbedtls support refactor(qemu): update configuring mbedtls support refactor(measured-boot): mb algorithm selection
-
Madhukar Pappireddy authored
-
Sandrine Bailleux authored
Define the MBEDTLS_CHECK_RETURN_WARNING macro in mbedTLS configuration file to get compile-time warnings for mbedTLS functions we call and do not check the return value of. Right now, this does not flag anything but it could help catching bugs in the future. This was a new feature introduced in mbed TLS 2.28.0 release. Change-Id: If26f3c83b6ccc8bc60e75c3e582ab20817d047aa Signed-off-by:Sandrine Bailleux <sandrine.bailleux@arm.com>
-
Sandrine Bailleux authored
-
- Jun 24, 2022
-
-
Manish Pandey2 authored
-
Manish Pandey2 authored
* changes: fix(versal): resolve misra 15.6 warnings fix(zynqmp): resolve misra 8.13 warnings fix(versal): resolve misra 8.13 warnings fix(versal): resolve the misra 4.6 warnings
-
Manish Pandey2 authored
* changes: feat(arm): retrieve the right ROTPK for cca feat(arm): add support for cca CoT feat(arm): provide some swd rotpk files build(tbbr): drive cert_create changes for cca CoT refactor(arm): add cca CoT certificates to fconf feat(fiptool): add cca, core_swd, plat cert in FIP feat(cert_create): define the cca chain of trust feat(cca): introduce new "cca" chain of trust build(changelog): add new scope for CCA refactor(fvp): increase bl2 size when bl31 in DRAM
-
- Jun 22, 2022
-
-
Madhukar Pappireddy authored
* changes: feat(plat/arm/sgi): increase memory reserved for bl31 image feat(plat/arm/sgi): read isolated cpu mpid list from sds
-
Madhukar Pappireddy authored
-
Yann Gautier authored
STM32MP13 can encrypt the DDR. OP-TEE is then fully in DDR, and there is no need for paged image on STM32MP13. The management of the paged OP-TEE is made conditional, and will be kept only for STM32MP15. Signed-off-by:Yann Gautier <yann.gautier@foss.st.com> Change-Id: I85ac7aaf6a172c4ee529736113ed40fe66835fd7
-
Yann Gautier authored
For OP-TEE without pager, the paged image may not be present in OP-TEE header. We could then pass NULL for paged_image_info to the function parse_optee_header(). It avoids creating a useless struct for that non existing image. But we should then avoid assigning header_ep args that depend on paged_image_info. Signed-off-by:
-
- Jun 21, 2022
-
-
Madhukar Pappireddy authored
* changes: fix(st-clock): correct MISRA C2012 15.6 fix(st-clock): correctly check ready bit
-
Yann Gautier authored
Add braces to correct MISRA C2012 15.6 warning: The body of an iteration-statement or a selection-statement shall be a compound-statement. Signed-off-by:Yann Gautier <yann.gautier@st.com> Change-Id: If26f3732d31df11bf389a16298ec9e9d8a4a2279
-
Yann Gautier authored
The function clk_oscillator_wait_ready() was wrongly checking the set bit and not the ready bit. Correct that by using osc_data->gate_rdy_id when calling _clk_stm32_gate_wait_ready(). Signed-off-by: -
Nishant Sharma authored
Increase the size of bl31 image by 52K to accomodate increased size of xlat table. Signed-off-by:Nishant Sharma <nishant.sharma@arm.com> Change-Id: Ic3a8d8be1104adf48d22aa829e2197f710b6b666
-
Nishant Sharma authored
Add support to read the list of isolated CPUs from SDS and publish this list via the non-trusted firmware configuration file for the next stages of boot software to use. Isolated CPUs are those that are not to be used on the platform for various reasons. The isolated CPU list is an array of MPID values of the CPUs that have to be isolated. Signed-off-by: -
Manish Pandey2 authored
* changes: refactor(arm): update BL2 base address refactor(nxp): use DPG0 mask from Arm GICv3 header fix(gic600): implement workaround to forward highest priority interrupt
-
Nishant Sharma authored
Add a new property named 'isolated-cpu-list' to list the CPUs that are to be isolated and not used by the platform. The data represented by this property is formatted as below. strutct isolated_cpu_mpid_list { uint64_t count; uint64_t mpid_list[MAX Number of PE]; } Also, the property is pre-initialized to 0 to reserve space for the property in the dtb. The data for this property is read from SDS and updated during boot. The number of entries in this list is equal to the maximum number of PEs present on the platform. Signed-off-by: -
Manish Pandey2 authored
* changes: feat(sgi): add page table translation entry for secure uart feat(sgi): route TF-A logs via secure uart feat(sgi): deviate from arm css common uart related definitions
-
- Jun 20, 2022
-
-
Jiafei Pan authored
Firmware buffer has already been mapped when loading 1D firmware, so the same buffer address will be re-mapped when loading 2D firmware. Move the buffer mapping to be out of load_fw(). Signed-off-by:Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: Idb29d504bc482a1e7ca58bc51bec09ffe6068324
-
- Jun 17, 2022
-
-
Rohit Mathew authored
Add page table translation entry for secure uart so that logs from secure partition can be routed via the same. Signed-off-by:Rohit Mathew <rohit.mathew@arm.com> Change-Id: I3416d114bcee13824a7d0861ee54fb799e154897
-
Rohit Mathew authored
Route the boot, runtime and crash stage logs via secure UART port instead of the existing use of non-secure UART. This aligns with the security state the PE is in when logs are put out. In addition to this, this allows consolidation of the UART related macros across all the variants of the Neoverse reference design platforms. Signed-off-by: -
Rohit Mathew authored
The Neoverse reference design platforms will migrate to use different set of secure and non-secure UART ports. This implies that the board specific macros defined in the common Arm platform code will no longer be usable for Neoverse reference design platforms. In preparation for migrating to a different set of UART ports, add a Neoverse reference design platform specific copy of the board definitions. The value of these definitions will be changed in subsequent patches. Signed-off-by: -
Manish Badarkhe authored
According to TCG PC Client Platform Firmware Profile Specification (Section 10.2.2, TCG_PCR_EVENT2 Structure, and 10.4.5 EV_NO_ACTION Event Types), all EV_NO_ACTION events shall set TCG_PCR_EVENT2.digests to all 0x00's for each allocated Hash algorithm. Right now, this is not enforced. Only part of the buffer is zeroed due to the wrong macro being used for the size of the buffer in the clearing operation (TPM_ALG_ID instead of TCG_DIGEST_SIZE). This could confuse a TPM event log parser. Also, add an assertion to ensure that the Event Log size is large enough before writing the Event Log header. Change-Id: I6d4bc3fb28fd10c227e33c8c7bb4a40b08c3fd5e Signed-off-by:Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Manish Pandey2 authored
-
- Jun 16, 2022
-
-
Bipin Ravi authored
Update advisory document following Spectre-BHB mitigation support for additional CPUs. Signed-off-by:Bipin Ravi <bipin.ravi@arm.com> Change-Id: I4492397f18882f514beff4da06afe973acecf1f0
-
Madhukar Pappireddy authored
-
Madhukar Pappireddy authored
-
Lauren Wehrmeister authored
Pull in MbedTLS support for sha512 when greater than sha256 is required based on refactoring for hash algorithm selection for Measured Boot. Signed-off-by:Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: I489392133435436a16edced1d810bc5204ba608f
-
Lauren Wehrmeister authored
Pull in MbedTLS support for sha512 when greater than sha256 is required based on refactoring for hash algorithm selection for Measured Boot. Signed-off-by:
-
