drivers: crypto: Add authenticated decryption framework

Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRY

drivers: crypto: Add authenticated decryption framework

Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271

show more ...

Merge changes from topic "spmd-sel2" into integration

* changes:
SPMD: add command line parameter to run SPM at S-EL2 or S-EL1
SPMD: smc handler qualify secure origin using booleans
SPMD: SPMC

Merge changes from topic "spmd-sel2" into integration

* changes:
SPMD: add command line parameter to run SPM at S-EL2 or S-EL1
SPMD: smc handler qualify secure origin using booleans
SPMD: SPMC init, SMC handler cosmetic changes
SPMD: [tegra] rename el1_sys_regs structure to sys_regs
SPMD: Adds partially supported EL2 registers.
SPMD: save/restore EL2 system registers.

show more ...

SPMD: add command line parameter to run SPM at S-EL2 or S-EL1

Added SPMD_SPM_AT_SEL2 build command line parameter.
Set to 1 to run SPM at S-EL2.
Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is di

SPMD: add command line parameter to run SPM at S-EL2 or S-EL1

Added SPMD_SPM_AT_SEL2 build command line parameter.
Set to 1 to run SPM at S-EL2.
Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is disabled).
Removed runtime EL from SPM core manifest.

Change-Id: Icb4f5ea4c800f266880db1d410d63fe27a1171c0
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>

show more ...

SPMD: save/restore EL2 system registers.

NOTE: Not all EL-2 system registers are saved/restored.
This subset includes registers recognized by ARMv8.0

Change-Id: I9993c7d78d8f5f8e72d1c6c8d6fd871283a

SPMD: save/restore EL2 system registers.

NOTE: Not all EL-2 system registers are saved/restored.
This subset includes registers recognized by ARMv8.0

Change-Id: I9993c7d78d8f5f8e72d1c6c8d6fd871283aa3ce0
Signed-off-by: Jose Marinho <jose.marinho@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>

show more ...

Merge "tools: Small improvement to print_memory_map script" into integration

Merge "Read-only xlat tables for BL31 memory" into integration

Merge "SPMD: generate and add Secure Partition blobs into FIP" into integration

Read-only xlat tables for BL31 memory

This patch introduces a build flag which allows the xlat tables
to be mapped in a read-only region within BL31 memory. It makes it
much harder for someone who h

Read-only xlat tables for BL31 memory

This patch introduces a build flag which allows the xlat tables
to be mapped in a read-only region within BL31 memory. It makes it
much harder for someone who has acquired the ability to write to
arbitrary secure memory addresses to gain control of the
translation tables.

The memory attributes of the descriptors describing the tables
themselves are changed to read-only secure data. This change
happens at the end of BL31 runtime setup. Until this point, the
tables have read-write permissions. This gives a window of
opportunity for changes to be made to the tables with the MMU on
(e.g. reclaiming init code). No changes can be made to the tables
with the MMU turned on from this point onwards. This change is also
enabled for sp_min and tspd.

To make all this possible, the base table was moved to .rodata. The
penalty we pay is that now .rodata must be aligned to the size of
the base table (512B alignment). Still, this is better than putting
the base table with the higher level tables in the xlat_table
section, as that would cost us a full 4KB page.

Changing the tables from read-write to read-only cannot be done with
the MMU on, as the break-before-make sequence would invalidate the
descriptor which resolves the level 3 page table where that very
descriptor is located. This would make the translation required for
writing the changes impossible, generating an MMU fault.

The caches are also flushed.

Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com>
Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466

show more ...

SPMD: generate and add Secure Partition blobs into FIP

Till now TF-A allows limited number of external images to be made part
of FIP. With SPM coming along, there may exist multiple SP packages
whic

SPMD: generate and add Secure Partition blobs into FIP

Till now TF-A allows limited number of external images to be made part
of FIP. With SPM coming along, there may exist multiple SP packages
which need to be inserted into FIP. To achieve this we need a more
scalable approach to feed SP packages to FIP.

This patch introduces changes in build system to generate and add SP
packages into FIP based on information provided by platform.
Platform provides information in form of JSON which contains layout
description of available Secure Partitions.
JSON parser script is invoked by build system early on and generates
a makefile which updates FIP, SPTOOL and FDT arguments which will be
used by build system later on for final packaging.

"SP_LAYOUT_FILE" passed as a build argument and can be outside of TF-A
tree. This option will be used only when SPD=spmd.

For each SP, generated makefile will have following entries
- FDT_SOURCES += sp1.dts
- SPTOOL_ARGS += -i sp1.img:sp1.dtb -o sp1.pkg
- FIP_ARGS += --blob uuid=XXXX-XXX...,file=SP1.pkg

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib6a9c064400caa3cd825d9886008a3af67741af7

show more ...

Merge changes I4e95678f,Ia7c28704,I1bb04bb4,I93d96dca,I50aef5dd into integration

* changes:
Fix boot failures on some builds linked with ld.lld.
trusty: generic-arm64-smcall: Support gicr addres

Merge changes I4e95678f,Ia7c28704,I1bb04bb4,I93d96dca,I50aef5dd into integration

* changes:
Fix boot failures on some builds linked with ld.lld.
trusty: generic-arm64-smcall: Support gicr address
trusty: Allow gic base to be specified with GICD_BASE
trusty: Allow getting trusty memsize from BL32_MEM_SIZE instead of TSP_SEC_MEM_SIZE
Fix clang build if CC is not in the path.

show more ...

tools: Small improvement to print_memory_map script

This patch:
- Add the __COHERENT_RAM_START__ and __COHERENT_RAM_END__ symbols.
- Improve how the symbols are found with a regex.
- Add a build opt

tools: Small improvement to print_memory_map script

This patch:
- Add the __COHERENT_RAM_START__ and __COHERENT_RAM_END__ symbols.
- Improve how the symbols are found with a regex.
- Add a build option to revert the memory layout output.

Change-Id: I54ec660261431bc98d78acb0f80e3d95bc5397ac
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

show more ...

Fix clang build if CC is not in the path.

If CC points to clang the linker was set to ld.lld. Copy the diectory
name from CC is it has one.

Change-Id: I50aef5dddee4d2540b12b6d4e68068ad004446f7
Sign

Fix clang build if CC is not in the path.

If CC points to clang the linker was set to ld.lld. Copy the diectory
name from CC is it has one.

Change-Id: I50aef5dddee4d2540b12b6d4e68068ad004446f7
Signed-off-by: Arve Hjønnevåg <arve@android.com>

show more ...

Merge changes from topic "lm/fconf" into integration

* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform

Merge changes from topic "lm/fconf" into integration

* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform io policies into fconf
fconf: Add mbedtls shared heap as property
fconf: Add TBBR disable_authentication property
fconf: Add dynamic config DTBs info as property
fconf: Populate properties from dtb during bl2 setup
fconf: Load config dtb from bl1
fconf: initial commit

show more ...

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0 spec
SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP
SPMD: add support for an example SPM core manifest
SPMD: add SPCI Beta 0 specification header file

show more ...

SPMD: enable SPM dispatcher support

This patch adds support to the build system to include support for the SPM
dispatcher when the SPD configuration option is spmd.

Signed-off-by: Achin Gupta <achi

SPMD: enable SPM dispatcher support

This patch adds support to the build system to include support for the SPM
dispatcher when the SPD configuration option is spmd.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: Ic1ae50ecd7403fcbcf1d318abdbd6ebdc642f732

show more ...

fconf: Move platform io policies into fconf

Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the

fconf: Move platform io policies into fconf

Use the firmware configuration framework to store the io_policies
information inside the configuration device tree instead of the static
structure in the code base.

The io_policies required by BL1 can't be inside the dtb, as this one is
loaded by BL1, and only available at BL2.

This change currently only applies to FVP platform.

Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

show more ...

Merge "Add support for documentation build as a target in Makefile" into integration

Merge changes from topic "sb/select-cot" into integration

* changes:
Introduce COT build option
cert_create: Remove references to TBBR in common code
cert_create: Introduce COT build option

Merge changes from topic "sb/select-cot" into integration

* changes:
Introduce COT build option
cert_create: Remove references to TBBR in common code
cert_create: Introduce COT build option
cert_create: Introduce TBBR CoT makefile

show more ...

Introduce COT build option

Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.

Right now, the only a

Introduce COT build option

Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.

Right now, the only available CoT is TBBR.

Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

Add support for documentation build as a target in Makefile

Command to build HTML-formatted pages from docs:
make doc

Change-Id: I4103c804b3564fe67d8fc5a3373679daabf3f2e9
Signed-off-by: Madhukar Pa

Add support for documentation build as a target in Makefile

Command to build HTML-formatted pages from docs:
make doc

Change-Id: I4103c804b3564fe67d8fc5a3373679daabf3f2e9
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge "Enable -Wredundant-decls warning check" into integration

Merge "Measured Boot: add function for hash calculation" into integration

Enable -Wredundant-decls warning check

This flag warns if anything is declared more than once in the same
scope, even in cases where multiple declaration is valid and changes
nothing.

Consequently,

Enable -Wredundant-decls warning check

This flag warns if anything is declared more than once in the same
scope, even in cases where multiple declaration is valid and changes
nothing.

Consequently, this patch also fixes the issues reported by this
flag. Consider the following two lines of code from two different source
files(bl_common.h and bl31_plat_setup.c):

IMPORT_SYM(uintptr_t, __RO_START__, BL_CODE_BASE);
IMPORT_SYM(unsigned long, __RO_START__, BL2_RO_BASE);

The IMPORT_SYM macro which actually imports a linker symbol as a C expression.
The macro defines the __RO_START__ as an extern variable twice, one for each
instance. __RO_START__ symbol is defined by the linker script to mark the start
of the Read-Only area of the memory map.

Essentially, the platform code redefines the linker symbol with a different
(relevant) name rather than using the standard symbol. A simple solution to
fix this issue in the platform code for redundant declarations warning is
to remove the second IMPORT_SYM and replace it with following assignment

static const unsigned long BL2_RO_BASE = BL_CODE_BASE;

Change-Id: If4835d1ee462d52b75e5afd2a59b64828707c5aa
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Measured Boot: add function for hash calculation

This patch adds 'calc_hash' function using Mbed TLS library
required for Measured Boot support.

Change-Id: Ifc5aee0162d04db58ec6391e0726a526f29a52bb

Measured Boot: add function for hash calculation

This patch adds 'calc_hash' function using Mbed TLS library
required for Measured Boot support.

Change-Id: Ifc5aee0162d04db58ec6391e0726a526f29a52bb
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

show more ...

Merge changes from topic "pie" into integration

* changes:
uniphier: make all BL images completely position-independent
uniphier: make uniphier_mmap_setup() work with PIE
uniphier: pass SCP ba

Merge changes from topic "pie" into integration

* changes:
uniphier: make all BL images completely position-independent
uniphier: make uniphier_mmap_setup() work with PIE
uniphier: pass SCP base address as a function parameter
uniphier: set buffer offset and length for io_block dynamically
uniphier: use more mmap_add_dynamic_region() for loading images
bl_common: add BL_END macro
uniphier: turn on ENABLE_PIE
TSP: add PIE support
BL2_AT_EL3: add PIE support
BL31: discard .dynsym .dynstr .hash sections to make ENABLE_PIE work
PIE: pass PIE options only to BL31
Build: support per-BL LDFLAGS

show more ...