The DT files for the Cortex-A5 and Cortex-A7 FVP models include the
shared rtsm_ve-motherboard.dtsi file, which we need to sync with the
upstream Linux version soon.
To prepare for its changed structure there, adjust the top-level
#address-cells and #size-cells properties to be compatible with the
expectations of the Linux version.
Also extend the interrupt map to cover all peripherals listed in the
motherboard file, and use the proper GIC macros to make them more
readable on the way.
Change-Id: I7d1493f1a200e8350530f912833f9ffcc5f94b21
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The PSCI DT nodes used for the various fvp-base model variants provide
explicit function IDs, as required for the pre-v0.2 PSCI specification.
This prevents them from being used from both AArch32 and AArch64 DT
clients, and using this version of the PSCI spec is long deprecated
anyway.
Remove the old compatible string and the function properties, to
force clients to use the standard function IDs as described in the PSCI
spec. sys_poweroff and sys_reset were never standardised or used anyway.
There should be no client software around that cannot deal with PSCI
v0.2.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Ie87deb9898eae79b7307c15bcefcd4b311d4dc22
Fix a syntax error in the delegated attestation service code.
Unfortunately, this build failure was not caught by the CI system
because right now lib/psa/delegated_attestation.c file is not getting
pulled in by any upstream platform. This will be addressed in a
separate patch.
Change-Id: Idb84f62aabc5008396213023fc40547097925860
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Currently building TF-A for the FVP with RME enabled requires a
toolchain that understands the -march=armv8.6-a command line option,
even though we actually don't need any ARMv8.6 features from the
compiler.
Relax the requirement to use ARMv8.5, since this is what's the GCC
shipped with Ubuntu 20.04 understands. This is in line what the current
RMM implementation uses as well.
Change-Id: I3806dcff90319a87f003fe2c86b7cdcdebd625e4
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Reinstate the workaround introduced in commit
9bbc03a6e0608a949d66d9da6db12a455b452bfb. The cited change to the SDEN
could not be found and there are no known problems with the workaround.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iec9938f173e7565024aca798f224df339de90806
Correct the domain setting for DSP. It should be 6.
BUG=b:249954378
TEST=audio is functional.
Change-Id: Ie79aa0dad3d2b1ef5de0f2acc51ded13b6f085ac
Signed-off-by: Tinghan Shen <tinghan.shen@mediatek.com>
This change updates our Node.js dependencies to their latest minor/patch
versions, but not necessarily to their latest major versions.
Change-Id: I59b093675134c679b7a834f3da6acf830f596c67
Signed-off-by: Chris Kay <chris.kay@arm.com>
The `.nvmrc` file specifies the version of Node.js that the repository's
Node.js-based tooling has been designed to be compatible with.
Users of NVM may want to run `nvm use` to install this version
automatically.
Change-Id: Ied90c51d8d1e5b43f2ca4de08a58bc782d9ae4e6
Signed-off-by: Chris Kay <chris.kay@arm.com>
* changes:
fix(psa): extend measured boot logging
fix(rss): determine the size of sw_type in RSS mboot metadata
fix(psa): align with original API in tf-m-extras
fix(rss): clear the message buffer
feat(tc): enable RSS backend based measured boot
feat(tc): increase maximum BL1/BL2/BL31 sizes
Add basic CPU library code to support the Hunter ELP CPU in TF-A.
Hunter-ELP adds v9.2 architecture support and is derived from
Makalu-ELP. As such, the library code is adapted from the
Makalu-ELP support library.
Change-Id: I7e93b9af6b1f0bc4d08c3cf5caf071d2cbdbc89f
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Print all the params of
rss_measured_boot_extend_measurement() to
the console to check parameter healthiness.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I072fe5fef72c67e615ab64e06a9e1f6add5e9cfc
The attestation key derivation and platform attestation token
creation functionality is provided by the Delegated Attestation
partition in RSS.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2d8c0e6589d11e7c81c698adf75ee2a993e3a0c6
Platform must define the maximum size of the message
over MHU.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I91a6c132c946f4465178910b8ea83544f562e837
Without setting the correct size of sw_type the metadata won't
be propagated to RSS through rss_measured_boot_extend_measurement()
API.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I4066d4762689c96ac2ac8e8b8db5d2b1f108b550
Adding PLAT_* prefix to indicate that the
platform needs to provide this definition.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I0bd02be405fd8b1e625bd2b82647ebb2b58265fc
The measured boot API is available in the tf-m-extras
repo:
partitions/measured_boot/interface/src/measured_boot_api.c
This change make the API behavior align with
the original implementation.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie4af38b859f942b2ef090e92da64d75811b5b49b
Define the RSS_COMMS_PAYLOAD_MAX_SIZE macro. Its value is platform
specific and gives the largest message size which are exchanged
on the TC2 platform between RSS and AP.
Change-Id: Id831c282dc9a39755b82befead1a81767e217215
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Clear the MHU message buffer to remove assets from memory.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I730e7b044eaf0bf517532a12146e4f542949544e
Measurements taken during boot are stored in RSS.
These measurements are included in the platform
attestation token.
Change-Id: Iac3356f813fb417315681c718839319832a76191
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Delegated attestation is a service provided by RSS to:
- Derive a delegated attestation key: Realm Attestation Key
- Query the platform attestation token
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I3edf09fcbef24bca7c8a000ffac8c1ab64dfb812
The maximum size of BL1/BL2/BL31 is increased due to
the added new functionalities, such as RSS based
measured boot on TC2.
Change-Id: I939c7c3da6bf870db46b32cd2836c6737de278bb
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Remove an assert, which checks whether output buffer is
provided, because in measured boot there is no output.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I08db9c2eea1da2d7120c9872ffbf8d8ee45c8e08
Replace the "is/is not" operator by "==/!=" for literals, to fix the
syntax warnings below:
tools/sptool/sp_mk_generator.py:93: SyntaxWarning: "is not" with a literal. Did you mean "!="?
return len(sppkg_rule) is not 0
tools/sptool/sp_mk_generator.py:203: SyntaxWarning: "is" with a literal. Did you mean "=="?
assert(len(uuid_lines) is 1)
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I10800f6b607942542aa2cbaaecac86b854f6b56a
* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache before DLME launch
feat(drtm): invalidate icache before DLME launch
feat(drtm): ensure that passed region lies within Non-Secure region of DRAM
feat(fvp): add plat API to validate that passed region is non-secure
feat(drtm): ensure that no SDEI event registered during dynamic launch
feat(drtm): prepare EL state during dynamic launch
feat(drtm): prepare DLME data for DLME launch
feat(drtm): take DRTM components measurements before DLME launch
feat(drtm): add a few DRTM DMA protection APIs
feat(drtm): add remediation driver support in DRTM
feat(fvp): add plat API to set and get the DRTM error
feat(drtm): add Event Log driver support for DRTM
feat(drtm): check drtm arguments during dynamic launch
feat(drtm): introduce drtm dynamic launch function
refactor(measured-boot): split out a few Event Log driver functions
feat(drtm): retrieve DRTM features
feat(drtm): add platform functions for DRTM
feat(sdei): add a function to return total number of events registered
feat(drtm): add PCR entries for DRTM
feat(drtm): update drtm setup function
refactor(crypto): change CRYPTO_SUPPORT flag to numeric
feat(mbedtls): update mbedTLS driver for DRTM support
feat(fvp): add crypto support in BL31
feat(crypto): update crypto module for DRTM support
build(changelog): add new scope for mbedTLS and Crypto module
feat(drtm): add standard DRTM service
build(changelog): add new scope for DRTM service
feat(fvp): increase MAX_XLAT_TABLES entries for DRTM support
feat(fvp): increase BL31's stack size for DRTM support
feat(fvp): add platform hooks for DRTM DMA protection
Documented steps to run DRTM implementation.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I30dd8c1088a54a8906389c2584d922862610dae0
Flush the data cache range before DLME launch to ensure that data
passed by DCE preamble is committed.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I9946fd3420a17b86d9f1483e8b2cd5880033454e
As per DRTM beta0 spec table #28, Before the DLME is called the DCE
must invalidate all instruction caches.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I7efbb03d1d13346a8d898882fdbd7bbe8f1d49b2
Adding SECURE rm flag to support INTR_EL3_VALID_RM1 routing model.
Signed-off-by: Muhammad Arsath K F <quic_mkf@quicinc.com>
Change-Id: Ie72d62148e81d3cf7fb05f46124f846cc45d9d41
Ensured DLME data region and DRTM parameters are lies within Non-Secure
region of DRAM by calling platform function 'plat_drtm_validate_ns_region'.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I93ead775f45ca7748193631f8f9eec4326fcf20a
Added a platform function to check passed region is within
the Non-Secure region of DRAM.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ie5808fa6a1b6e6bc99f4185fa8acc52af0d5f14d
Ensured no SDEI event are registered during dynamic launch.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ied3b2d389aa3d9a96ace9078581d5e691f0b38a7
Taken measurement of various DRTM components in the Event Log
buffer to pass it to DLME.
Change-Id: Ic56620161f42596d22bf40d5c83c041cbce0b618
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added DRTM DMA protections APIs, and called them during
the DLME launch and DRTM SMC handling.
Change-Id: I29e7238c04e2ca9f26600276c5c05bff5387789e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added remediation driver for DRTM to set/get the error
from non-volatile memory
Change-Id: I8f0873dcef4936693e0f39a3c95096cb689c04b7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Added a platform function to set and get DRTM error.
Also, added a platform function to reset the system.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I471f2387f8c78b21a06af063a6fa02cda3646557
Added Event Log driver support for DRTM. This driver
is responsible for the doing the hash measurement of
various DRTM components as per [1], and putting these
measurements in the Event Log buffer.
[1]: https://developer.arm.com/documentation/den0113/a, section 3.16
Change-Id: I9892c313cf6640b82e261738116fe00f7975ee12
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
