| #
950effd3 |
| 12-Aug-2025 |
Joseph Lo <josephl@nvidia.com> |
core: tpm: fix TPM log address parsing to use full 64-bit address
Remove ARM32-specific address parsing that only used the lower 32 bits
of the TPM event log address. ARM32 systems can have 64-bit p
core: tpm: fix TPM log address parsing to use full 64-bit address
Remove ARM32-specific address parsing that only used the lower 32 bits
of the TPM event log address. ARM32 systems can have 64-bit physical
addresses, so the full 64-bit address from the device tree property
should be parsed regardless of architecture.
The fix ensures both ARM32 and ARM64 architectures use the same
64-bit address construction: (property[0] << 32) | property[1],
preventing potential address truncation issues on ARM32 systems
with 64-bit physical address spaces.
Signed-off-by: Joseph Lo <josephl@nvidia.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
470d4625 |
| 12-Aug-2025 |
Joseph Lo <josephl@nvidia.com> |
core: tpm: fix TPM log area zeroing condition to avoid manifest DT write fault
Change the condition for zeroing TPM event log address in device tree
from CFG_CORE_SEL1_SPMC to CFG_CORE_FFA. When CFG
core: tpm: fix TPM log area zeroing condition to avoid manifest DT write fault
Change the condition for zeroing TPM event log address in device tree
from CFG_CORE_SEL1_SPMC to CFG_CORE_FFA. When CFG_CORE_FFA is enabled,
the device tree comes from the manifest DT which is mapped as read-only,
not from the external device tree. Attempting to zero the
tpm_event_log_addr property in the manifest DT would cause a write
permission fault exception.
The fix prevents this fault by ensuring the zeroing operation only occurs
when using the external device tree (CFG_CORE_FFA=n), where write access
is permitted.
Signed-off-by: Joseph Lo <josephl@nvidia.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
bce2f88a |
| 19-Nov-2023 |
Vincent Mailhol <mailhol.vincent@wanadoo.fr> |
tree-wide: remove useless newline character in *MSG() messages
The *MSG() macros take care of printing a newline. Adding a newline
character ('\n') is useless. Remove it.
Signed-off-by: Vincent Mai
tree-wide: remove useless newline character in *MSG() messages
The *MSG() macros take care of printing a newline. Adding a newline
character ('\n') is useless. Remove it.
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
15483bde |
| 21-Sep-2023 |
Balint Dobszay <balint.dobszay@arm.com> |
core: tpm: don't write to SPMC manifest
If "CFG_CORE_SEL1_SPMC=y" the TPM event log info is read from the SPMC
manifest instead of the external DT. The TPM event log handler code is
setting the even
core: tpm: don't write to SPMC manifest
If "CFG_CORE_SEL1_SPMC=y" the TPM event log info is read from the SPMC
manifest instead of the external DT. The TPM event log handler code is
setting the event log's address to zero in the DT, which fails since the
SPMC manifest is mapped as read-only. Remove this zeroing for the S-EL1
SPMC use case, it has no added security benefits since the SPMC manifest
DT itself is always in secure memory anyways.
Fixes: 722c618f0dfa ("core: map manifest using MEM_AREA_MANIFEST_DT")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
show more ...
|
| #
97db86ce |
| 03-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: tpm: fix syntax in trace message
Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.
core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigne
core: tpm: fix syntax in trace message
Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.
core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 7 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]
115 | EMSG("TPM: Not enough space for the log: %zu, %lu",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
116 | buf_size, tpm_log_size);
| ~~~~~~~~~~~~
| |
| size_t {aka unsigned int}
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
145035ff |
| 23-Mar-2022 |
Imre Kis <imre.kis@arm.com> |
core: FF-A: Map TPM event log for FF-A SPs
Enable passing the TPM event log to FF-A SPs if their manifest has an
"arm,tpm_event_log" compatible node. The event log is mapped to the
SP's address spac
core: FF-A: Map TPM event log for FF-A SPs
Enable passing the TPM event log to FF-A SPs if their manifest has an
"arm,tpm_event_log" compatible node. The event log is mapped to the
SP's address space and the address and size fields are updated in the
SP manifest.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Imre Kis <imre.kis@arm.com>
show more ...
|
| #
bf31bf10 |
| 22-Mar-2022 |
Imre Kis <imre.kis@arm.com> |
core: Enable mapping DT from secure memory
Add CFG_MAP_EXT_DT_SECURE option to enable mapping the device tree from
the secure memory. As the device tree in the secure memory would only
have the even
core: Enable mapping DT from secure memory
Add CFG_MAP_EXT_DT_SECURE option to enable mapping the device tree from
the secure memory. As the device tree in the secure memory would only
have the event log address in the secure memory the property name is
changed from tpm_event_log_sm_addr to the standard tpm_event_log_addr
when CFG_MAP_EXT_DT_SECURE is enabled.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Imre Kis <imre.kis@arm.com>
show more ...
|
| #
bc9618c0 |
| 17-May-2021 |
Anton Rybakov <a.rybakov@omp.ru> |
core_mmu: fix implicit behavior of core_mmu_add_mapping()
In core_mmu_add_mapping() requested physical address
rounded up/down to granule size (0x100000), which leads
to establishing of virtual mapp
core_mmu: fix implicit behavior of core_mmu_add_mapping()
In core_mmu_add_mapping() requested physical address
rounded up/down to granule size (0x100000), which leads
to establishing of virtual mappings with overlapped
physical counterparts. If two virtual mappings overlaps
due to such roundings, then following phys_to_virt() can
implicitly return result of virtual address from
unexpected mapping. This patch fix such behavior by
returning virtual address of newly established mapping.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Anton Rybakov <a.rybakov@omp.ru>
show more ...
|
| #
1554a779 |
| 19-Aug-2020 |
Javier Almansa Sobrino <javier.almansasobrino@arm.com> |
core: Fix the entry on the match table for TPM support.
TF-A Measured Boot driver expects a tpm_event_log node on the
DTB with the compatible field set to "arm,tpm_event_log", so
fix the match table
core: Fix the entry on the match table for TPM support.
TF-A Measured Boot driver expects a tpm_event_log node on the
DTB with the compatible field set to "arm,tpm_event_log", so
fix the match table entry for the TPM support to match the one
used by TF-A.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
show more ...
|
| #
a2fc83d1 |
| 11-May-2020 |
Jerome Forissier <jerome@forissier.org> |
core: always build libfdt
libfdt is built only when CFG_DT=y. As a result, the libfdt header
files are only available when CFG_DT=y and any source file that makes
optional use of the library has to
core: always build libfdt
libfdt is built only when CFG_DT=y. As a result, the libfdt header
files are only available when CFG_DT=y and any source file that makes
optional use of the library has to guard the #include <libfdt.h> with
a #ifdef CFG_DT ... #endif block. This contrasts with other features
which don't require such guards.
This patch builds libfdt unconditionally and removes the include
guards. No change is expected in the binaries.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
dd333f03 |
| 20-Jan-2020 |
Javier Almansa Sobrino <javier.almansasobrino@arm.com> |
core: Add support to access a TPM event log in secure memory.
Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to e
core: Add support to access a TPM event log in secure memory.
Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to extend the measurements.
CFG_CORE_TPM_EVENT_LOG enables this feature.
CFG_TPM_LOG_BASE_ADDR hardcodes the phys address of the event log
in case CFG_DT is not set.
CFG_TPM_MAX_LOG_SIZE harcodes the size of the event log in case
CFG_DT is not set.
When this feature is enabled, the PTA_SYSTEM_GET_TPM_EVENT_LOG
command is available to any TA.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|