| Age | Commit message (Collapse) | Author |
|---|
|
TF-A supports reading input data from UART interfaces. This opens up
an attack vector for arbitrary data to be injected into TF-A, which is
not covered in the threat model right now.
Fill this gap by:
- Updating the data flow diagrams. Data may flow from the UART into
TF-A (and not only the other way around).
- Documenting the threats inherent to reading untrusted data from a
UART.
Change-Id: I508da5d2f7ad5d20717b958d76ab9337c5eca50f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
|
|
|
|
integration
|
|
integration
|
|
* changes:
chore(npcm845x): remove CryptoCell-712/713 support
chore(auth)!: remove CryptoCell-712/713 support
|
|
|
|
|
|
CryptoCell-712 and CryptoCell-713 drivers have been deprecated. Remove
their usage on Nuvoton npcm845x platform (maintainers confirmed that
this removal is fine with them).
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I0e3f3431558aaea1e0f2740e7088cdc155d06af2
|
|
Both qemu and qemu-sbsa use xlat tables v2 already (activated by including it
in common/common.mk) so there is no need to include compat headers.
Change-Id: I353a6f77f5916862e54b883a9adbba027ac81359
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
|
|
Change-Id: Ib3a1711be323023cf111373111f39038fa23fb6f
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
|
|
Addressed the SPMC_AT_EL3 condition by using '#if' instead of
'#if defined'. This change is warranted because the SPMC_AT_EL3
option is always defined.
Change-Id: I76d9b8d502f452c58bc0040745d642cbe11dc8eb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
|
|
CryptoCell-712 and CryptoCell-713 drivers have been deprecated since
TF-A v2.9 and their removal was announced for TF-A v2.10 release.
See [1].
As the release is approaching, this patch deletes these drivers' code as
well as all references to them in the documentation and Arm platforms
code (Nuvoton platform is taken care in a subsequent patch). Associated
build options (ARM_CRYPTOCELL_INTEG and PLAT_CRYPTOCELL_BASE) have also
been removed and thus will have no effect if defined.
This is a breaking change for downstream platforms which use these
drivers.
[1] https://trustedfirmware-a.readthedocs.io/en/v2.9/about/release-information.html#removal-of-deprecated-drivers
Note that TF-A v3.0 release later got renumbered into v2.10.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Idabbc9115f6732ac1a0e52b273d3380677a39813
|
|
|
|
* changes:
chore(compiler-rt): update compiler-rt source files
chore(zlib): update zlib to version 1.3
|
|
|
|
|
|
|
|
* changes:
feat(sgi): increase sp memmap size
feat(build): include plat header in fdt build
feat(docs): save BL32 image base and size in entry point info
feat(arm): save BL32 image base and size in entry point info
|
|
integration
|
|
The EL3 SPMC is known to be deployed into end products and properly
tested since its introduction into TF-A v2.7.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I96bb897cfefef20c33cfc39627b10746dce5485c
|
|
With FF-A enabled on SP at SEL0 enabled, SPMC at EL3 needs more entries
to map newly added regions(SP, Rx/Tx buffer and Manifest).
Increase the PLAT_SP_IMAGE_MMAP_REGIONS to 14 and MAX_XLAT_TABLES to 9.
Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I96fd291db8eb178f7aa73b5a9e38cfc67c66fa91
|
|
Include platform headers in DT build to enable build time configuration
of number of execution context supported by the platform.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I5b9ffc9865f198a1f802fcb5e0950a5fabb48727
|
|
There is no platform function to retrieve the info in the generic code.
Populate the BL32 image base, size and max limit in arg2, arg3 and arg4.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I35527fb41829102083b488a5150c0c707c5ede15
|
|
There is no platform function to retrieve the info in the generic code.
Populate the BL32 image base, size and max limit in arg2, arg3 and arg4.
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Id41cedd790ca1713787e5516fb84666d1ccb0b03
|
|
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that
disables the unused EL2 when a platform hands off from EL3
to NS-EL1 instead of NS-EL2. Platforms without NS-EL2 in use
must enable this flag.
BREAKING CHANGE: Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I61431cc4f7e2feb568d472828e5fd79cc73e51f5
|
|
Update the compiler-rt source files to the tip of llvm-project [1].
[1] https://github.com/llvm/llvm-project/commit/ab97b89d03a7
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia72b25423896a530bf5bb68ff067184b2314e2be
|
|
Update the zlib source files to the latest tagged version 1.3 [1].
[1] https://github.com/madler/zlib/tree/v1.3
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I1eba5671efab75699e68fc2f2aa9400d0f5aba7d
|
|
As part of TF-A 2.9.0 release, libfdt version was updated to its last
tagged version (1.7.0) with commit 058e017e5. This commit has only
updated the source files of libfdt but did not update header files.
This patch updates the libfdt header files in include/lib/libfdt to
the tagged version v1.7.0
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I09a0f51435b343c3e1cac45075fe7d28cbcae867
|
|
There are various SMC calls which pass mpidr as an argument which is
currently tested at random places in SMC call path.
To make the mpidr validation check consistent across SMC calls, do
this check as part of SMC argument validation.
This patch introduce a helper function is_valid_mpidr() to validate
mpidr and call it as part of validating SMC arguments at starting of
SMC handlers (which expect mpidr as an argument).
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I11ea50e22caf17896cf4b2059b87029b2ba136b1
|
|
GICV2_G0_FOR_EL3 variable is only for GICv2 platforms.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: Ibf9376caabbc05ceef4f870d816e6c60a344f895
|
|
|
|
* changes:
feat(zynqmp): enable assertion
feat(versal-net): enable assertion
feat(versal): enable assertion
|
|
* changes:
fix(cpus): workaround for Cortex-X2 erratum 2742423
fix(cpus): workaround for Cortex-A710 erratum 2742423
fix(cpus): workaround for Neoverse N2 erratum 2340933
fix(cpus): workaround for Neoverse N2 erratum 2346952
|
|
|
|
|
|
|
|
|
|
Failing to send a message is often not fatal and we will end up trying
to send again. This would fail as some exit paths do not release the
secure proxy xfer lock. Release this lock on all return paths.
Signed-off-by: Andrew Davis <afd@ti.com>
Change-Id: I3939015774f819572dbd26720b2c105fba7574cb
|
|
* changes:
feat(morello): add TF-A version string to NT_FW_CONFIG
feat(morello): set NT_FW_CONFIG properties for MCC, PCC and SCP version
|
|
* changes:
docs(versal-net): add TSP build documentation
docs(versal): add TSP build documentation
feat(versal-net): add tsp support
feat(versal): add tsp support
refactor(xilinx): add generic TSP makefile
chore(zynqmp): reorganize tsp code into common path
refactor(xilinx): rename platform function to generic name
|
|
Boot scratch cold 8 register is fully used by n5x.
Update to use boot scratch cold 8 bit 19 register for cpu0 ON/OFF
indicator.
Change-Id: I45ebfdcc17c47bcce69f5f611e677ac7838ecf52
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
|
|
Currently some platforms set PLAT_XLAT_TABLES_DYNAMIC=0 and
define it unconditionally also in platform Makefiles.
Due to this when PLAT_XLAT_TABLES_DYNAMIC=0 the limits for
MAX_PHYS_ADDR is wrongly set to the whole physical address space size.
Instead of definition the value of PLAT_XLAT_TABLES_DYNAMIC is checked
to set MAX_PHYS_ADDR to total mapped physical region.
Reference: plat/nvidia/tegra/platform.mk
Change-Id: I7bd786aaa4b039951341d0337f694074345f717f
Signed-off-by: Amit Nagal <amit.nagal@amd.com>
|
|
Add a chapter "Version numbering" in release information file that
explains macros used for TF-A version. It also introduces VERSION_PATCH
macro that is used for LTS releases. A comment for this macro is also
added in Makefile.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I946b6cb91bb8454131f07b24534d28ab1aef1771
|
|
TF-A version string is passed into NT_FW_CONFIG to allow access in
UEFI.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Change-Id: I9da7b93d30c9d9230ea9a2cd2730cde897ffc580
|
|
SDS firmware version structure is added with MCC, PCC and SCP firmware
version members. These are set in NT_FW_CONFIG to provide access to
firmware version information in UEFI.
Signed-off-by: Werner Lewis <werner.lewis@arm.com>
Change-Id: Ib0c476e54ef428fb7904f0de5c6f4df6a5fbd7db
|
|
There are no existing users of pm_ioctl_set_sgmii_mode() API so
cleanup the dead code.
Change-Id: I1088d2f5c944bf54fc5fdd554360bdd321ad798a
Signed-off-by: Ronak Jain <ronak.jain@amd.com>
|
|
|
|
Enable SME for RMM using sme_enable_per_world as well as sme_enable.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I6070f4778e507ac9cbc7442e727bedad9b40e635
|
|
Cortex-X2 erratum 2742423 is a Cat B erratum that applies to all
revisions <= r2p1 and is still open.
The workaround is to set CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775100/latest
Change-Id: I03897dc2a7f908937612c2b66ce7a043c1b7575d
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
|
Cortex-A710 erratum 2742423 is a Cat B erratum that applies to all
revisions <= r2p1 and is still open. The workaround is to set
CPUACTLR5_EL1[56:55] to 2'b01.
SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775101/latest
Change-Id: I4d9d3760491f1e6c59b2667c16d59b99cc7979f1
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
|
