| ad866942 | 28-Nov-2023 |
Mark Dykes <mark.dykes@arm.com> |
Merge "feat(security): add support for SLS mitigation" into integration |
| 5fddf53c | 23-Nov-2023 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "mb/deprecate-rss-for-fvp" into integration
* changes: refactor(fvp): remove RSS usage refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option |
| 538516f5 | 28-Sep-2023 |
Bipin Ravi <bipin.ravi@arm.com> |
feat(security): add support for SLS mitigation
This patch enables support for the gcc compiler option "-mharden-sls", the default is not to use this option. Setting HARDEN_SLS=1 sets "-mharden-sls=a
feat(security): add support for SLS mitigation
This patch enables support for the gcc compiler option "-mharden-sls", the default is not to use this option. Setting HARDEN_SLS=1 sets "-mharden-sls=all" that enables all hardening against straight line speculation.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I59f5963c22431571f5aebe7e0c5642b32362f4c9
show more ...
|
| 48856003 | 03-Nov-2023 |
Olivier Deprez <olivier.deprez@arm.com> |
docs: add a section for experimental build options
A number of features are marked experimental in the build system through makefiles but there wasn't an explicit document to list them. Added a dedi
docs: add a section for experimental build options
A number of features are marked experimental in the build system through makefiles but there wasn't an explicit document to list them. Added a dedicated experimental build options section and moved existing experimental build option descriptions in this section.
Restoring the change from [1] removing the experimental flag on the EL3 SPMC (this has been lost in rebasing a later change).
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24713
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I2c458c6857c347114b265404e8b9ede9ac588463
show more ...
|
| 878354a8 | 07-Nov-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option
Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially introduced for building the Base AEM FVP platform platform with RSS. H
refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option
Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially introduced for building the Base AEM FVP platform platform with RSS. However, we now have a well-defined TC2 platform with RSS, making it unnecessary to keep this flag.
Note - Theoretically this is a breaking change. Other platforms could be using the PLAT_RSS_NOT_SUPPORTED build option. Among upstream platforms, only the Base AEM FVP uses it right now but we don't know about downstream platforms.
Change-Id: I931905a4c6ac1ebe3895ab6e0287d0fa07721707 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| b65dfe40 | 26-Oct-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
chore(auth)!: remove CryptoCell-712/713 support
CryptoCell-712 and CryptoCell-713 drivers have been deprecated since TF-A v2.9 and their removal was announced for TF-A v2.10 release. See [1].
As th
chore(auth)!: remove CryptoCell-712/713 support
CryptoCell-712 and CryptoCell-713 drivers have been deprecated since TF-A v2.9 and their removal was announced for TF-A v2.10 release. See [1].
As the release is approaching, this patch deletes these drivers' code as well as all references to them in the documentation and Arm platforms code (Nuvoton platform is taken care in a subsequent patch). Associated build options (ARM_CRYPTOCELL_INTEG and PLAT_CRYPTOCELL_BASE) have also been removed and thus will have no effect if defined.
This is a breaking change for downstream platforms which use these drivers.
[1] https://trustedfirmware-a.readthedocs.io/en/v2.9/about/release-information.html#removal-of-deprecated-drivers Note that TF-A v3.0 release later got renumbered into v2.10.
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Change-Id: Idabbc9115f6732ac1a0e52b273d3380677a39813
show more ...
|
| e5e39c35 | 07-Nov-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "refactor(cm): introduce INIT_UNUSED_NS_EL2 macro" into integration |
| 630a06c4 | 03-Nov-2023 |
Olivier Deprez <olivier.deprez@arm.com> |
fix(el3-spmc): remove experimental flag
The EL3 SPMC is known to be deployed into end products and properly tested since its introduction into TF-A v2.7.
Signed-off-by: Olivier Deprez <olivier.depr
fix(el3-spmc): remove experimental flag
The EL3 SPMC is known to be deployed into end products and properly tested since its introduction into TF-A v2.7.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I96bb897cfefef20c33cfc39627b10746dce5485c
show more ...
|
| 183329a5 | 15-Aug-2023 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
refactor(cm): introduce INIT_UNUSED_NS_EL2 macro
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that disables the unused EL2 when a platform hands off from EL3 to NS-EL1 instead of NS-EL
refactor(cm): introduce INIT_UNUSED_NS_EL2 macro
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that disables the unused EL2 when a platform hands off from EL3 to NS-EL1 instead of NS-EL2. Platforms without NS-EL2 in use must enable this flag.
BREAKING CHANGE: Initialisation code for handoff from EL3 to NS-EL1 disabled by default. Platforms which do that need to enable this macro going forward
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com> Change-Id: I61431cc4f7e2feb568d472828e5fd79cc73e51f5
show more ...
|
| f87e54f7 | 10-Oct-2023 |
Manish Pandey <manish.pandey2@arm.com> |
fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT
This patch removes RAS_FFH_SUPPORT macro which is the combination of ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an inter
fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT
This patch removes RAS_FFH_SUPPORT macro which is the combination of ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an internal macro FFH_SUPPORT which gets enabled when platforms wants to enable lower EL EA handling at EL3. The internal macro FFH_SUPPORT will be automatically enabled if HANDLE_EA_EL3_FIRST_NS is enabled. FFH_SUPPORT along with ENABLE_FEAT_RAS will be used in source files to provide equivalent check which was provided by RAS_FFH_SUPPORT earlier. In generic code we needed a macro which could abstract both HANDLE_EA_EL3_FIRST_NS and RAS_FFH_SUPPORT macros that had limitations. Former was tied up with NS world only while the latter was tied to RAS feature.
This is to allow Secure/Realm world to have their own FFH macros in future.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ie5692ccbf462f5dcc3f005a5beea5aa35124ac73
show more ...
|
| 970a4a8d | 10-Oct-2023 |
Manish Pandey <manish.pandey2@arm.com> |
fix(ras): restrict ENABLE_FEAT_RAS to have only two states
As part of migrating RAS extension to feature detection mechanism, the macro ENABLE_FEAT_RAS was allowed to have dynamic detection (FEAT_ST
fix(ras): restrict ENABLE_FEAT_RAS to have only two states
As part of migrating RAS extension to feature detection mechanism, the macro ENABLE_FEAT_RAS was allowed to have dynamic detection (FEAT_STATE 2). Considering this feature does impact execution of EL3 and we need to know at compile time about the presence of this feature. Do not use dynamic detection part of feature detection mechanism.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: I23858f641f81fbd81b6b17504eb4a2cc65c1a752
show more ...
|
| 98ea2d81 | 26-Oct-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
docs: mark PSA_CRYPTO as an experimental feature
Updated the documentation to mark PSA_CRYPTO as an experimental feature.
Change-Id: I894b687d6727fe7f80df54e6b08937e171f459b6 Signed-off-by: Manish
docs: mark PSA_CRYPTO as an experimental feature
Updated the documentation to mark PSA_CRYPTO as an experimental feature.
Change-Id: I894b687d6727fe7f80df54e6b08937e171f459b6 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| edebefbc | 11-Oct-2023 |
Arvind Ram Prakash <arvind.ramprakash@arm.com> |
fix(mpam): refine MPAM initialization and enablement process
Restricts MPAM to only NS world and enables trap to EL3 for access of MPAM registers from lower ELs of Secure and Realm world.
This patc
fix(mpam): refine MPAM initialization and enablement process
Restricts MPAM to only NS world and enables trap to EL3 for access of MPAM registers from lower ELs of Secure and Realm world.
This patch removes MPAM enablement from global context and adds it to EL3 State context which enables/disables MPAM during world switches. Renamed ENABLE_MPAM_FOR_LOWER_ELS to ENABLE_FEAT_MPAM and removed mpam_init_el3() as RESET behaviour is trapping.
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com> Change-Id: I131f9dba5df236a71959b2d425ee11af7f3c38c4
show more ...
|
| 6adeeb47 | 03-Oct-2023 |
laurenw-arm <lauren.wehrmeister@arm.com> |
docs(cert-create): add key size options for ecdsa
Adding the possible key sizes for the ecdsa key algorithm.
Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69 Signed-off-by: Lauren Wehrmeister <
docs(cert-create): add key size options for ecdsa
Adding the possible key sizes for the ecdsa key algorithm.
Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69 Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
show more ...
|
| 801cd3c8 | 26-Jun-2023 |
Nishant Sharma <nishant.sharma@arm.com> |
feat(el3-spmc): add a flag to enable support to load SEL0 SP
Introduce a build flag for enabling the support for loading SEL0 SP in EL3 SPMC.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
feat(el3-spmc): add a flag to enable support to load SEL0 SP
Introduce a build flag for enabling the support for loading SEL0 SP in EL3 SPMC.
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com> Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39
show more ...
|
| 85bebe18 | 11-Oct-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
refactor(console): disable getc() by default
The ability to read a character from the console constitutes an attack vector into TF-A, as it gives attackers a means to inject arbitrary data into TF-A
refactor(console): disable getc() by default
The ability to read a character from the console constitutes an attack vector into TF-A, as it gives attackers a means to inject arbitrary data into TF-A. It is dangerous to keep that feature enabled if not strictly necessary, especially in production firmware builds.
Thus, we need a way to disable this feature. Moreover, when it is disabled, all related code should be eliminated from the firmware binaries, such that no remnant/dead getc() code remains in memory, which could otherwise be used as a gadget as part of a bigger security attack.
This patch disables getc() feature by default. For legitimate getc() use cases [1], it can be explicitly enabled by building TF-A with ENABLE_CONSOLE_GETC=1.
The following changes are introduced when getc() is disabled:
- The multi-console framework no longer provides the console_getc() function.
- If the console driver selected by the platform attempts to register a getc() callback into the multi-console framework then TF-A will now fail to build.
If registered through the assembly function finish_console_register(): - On AArch64, you'll get: Error: undefined symbol CONSOLE_T_GETC used as an immediate value. - On AArch32, you'll get: Error: internal_relocation (type: OFFSET_IMM) not fixed up
If registered through the C function console_register(), this requires populating a struct console with a getc field, which will trigger: error: 'console_t' {aka 'struct console'} has no member named 'getc'
- All console drivers which previously registered a getc() callback have been modified to do so only when ENABLE_CONSOLE_GETC=1.
[1] Example of such use cases would be: - Firmware recovery: retrieving a golden BL2 image over the console in order to repair a broken firmware on a bricked board. - Factory CLI tool: Drive some soak tests through the console.
Discussed on TF-A mailing list here: https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/
Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Acked-by: Baruch Siach <baruch@tkos.co.il>
show more ...
|
| 8cf07ab3 | 07-Sep-2023 |
Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com> |
docs(build): update GCC to 12.3.Rel1 version
Updating toolchain to the latest production release version 12.3.Rel1 publicly available on: https://developer.arm.com/downloads/-/arm-gnu-toolchain-down
docs(build): update GCC to 12.3.Rel1 version
Updating toolchain to the latest production release version 12.3.Rel1 publicly available on: https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
We build TF-A in CI using x86_64 Linux hosted cross toolchains: --------------------------------------------------------------- * AArch32 bare-metal target (arm-none-eabi) * AArch64 bare-metal target (aarch64-none-elf)
Change-Id: Ifcabb7fb9d8e13b87e164c3c1be8c8d32c31b49a Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
show more ...
|
| 5782b890 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): introduce PSA_CRYPTO build option
This is a preparatory patch to provide MbedTLS PSA Crypto API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the Mbed
feat(mbedtls-psa): introduce PSA_CRYPTO build option
This is a preparatory patch to provide MbedTLS PSA Crypto API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA Crypto API support in the subsequent patches. 2. Compile necessary PSA crypto files from MbedTLS source code when PSA_CRYPTO=1.
Also, marked PSA_CRYPTO as an experimental feature.
Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| 920aa8d4 | 03-Oct-2023 |
Soby Mathew <soby.mathew@arm.com> |
Merge "feat(rmmd): enable SME for RMM" into integration |
| f92eb7e2 | 18-May-2023 |
Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> |
feat(rmmd): enable SME for RMM
This patch enables Scalable Matrix Extension (SME) for RMM. RMM will save/restore required registers that are shared with SVE/FPU register state so that Realm can use
feat(rmmd): enable SME for RMM
This patch enables Scalable Matrix Extension (SME) for RMM. RMM will save/restore required registers that are shared with SVE/FPU register state so that Realm can use FPU or SVE.
The Relevant RMM support can be found here : https://github.com/TF-RMM/tf-rmm/commit/0ccd7ae58b00
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> Change-Id: I3bbdb840e7736dec00b71c85fcec3d5719413ffd
show more ...
|
| a1377a89 | 02-Oct-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "rm/handoff" into integration
* changes: feat(qemu): implement firmware handoff on qemu feat(handoff): introduce firmware handoff library |
| 3ba2c151 | 25-Jul-2023 |
Raymond Mao <raymond.mao@linaro.org> |
feat(handoff): introduce firmware handoff library
Add transfer list APIs and firmware handoff build option.
Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff Signed-off-by: Raymond Mao <raymond.
feat(handoff): introduce firmware handoff library
Add transfer list APIs and firmware handoff build option.
Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
show more ...
|
| 616b3ce2 | 12-Sep-2023 |
Robin van der Gracht <robin@protonic.nl> |
feat(cert-create): add pkcs11 engine support
Add pkcs11 engine support which allows using keys that are securely stored on a HSM or TPM. To use this feature the user has to supply an RFC 7512 compli
feat(cert-create): add pkcs11 engine support
Add pkcs11 engine support which allows using keys that are securely stored on a HSM or TPM. To use this feature the user has to supply an RFC 7512 compliant PKCS11 URI to a key instead of a file as an argument to one of the key options. This change is fully backwards compatible.
This change makes use of the openssl engine API which is deprecated since openssl 3.0 and will most likely be removed in version 4. So pkcs11 support will have to be updated to the openssl provider API in the near future.
Signed-off-by: Robin van der Gracht <robin@protonic.nl> Change-Id: If96725988ca62c5613ec59123943bf15922f5d1f
show more ...
|
| e686cdb4 | 11-Sep-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
feat(mbedtls): update to 3.4.1
Update TF-A documentation to recommend using the latest and greatest release of mbedTLS library to this date, i.e. version 3.4.1. The upgrade was successfully tested b
feat(mbedtls): update to 3.4.1
Update TF-A documentation to recommend using the latest and greatest release of mbedTLS library to this date, i.e. version 3.4.1. The upgrade was successfully tested by the OpenCI running all existing test configs, in particular trusted boot and measured boot related ones.
The reason for this upgrade is simply to obey TF-A's guideline to always use up-to-date security libraries. mbedTLS 3.4.1 release notes [1] do not list any changes that should affect TF-A.
[1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.4.1
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Change-Id: Ifc31c2fc825a2fc9ca318ea8baadd51b670e7a4e
show more ...
|
| 4ede8c39 | 14-Aug-2023 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
Merge changes from topic "el3_direct_msg" into integration
* changes: docs(spm): document new build option feat(fvp): spmd logical partition smc handler feat(fvp): add spmd logical partition
Merge changes from topic "el3_direct_msg" into integration
* changes: docs(spm): document new build option feat(fvp): spmd logical partition smc handler feat(fvp): add spmd logical partition feat(spmd): get logical partitions info feat(spmd): add partition info get regs refactor(ff-a): move structure definitions feat(spmd): el3 direct message API feat(spmd): add spmd logical partitions
show more ...
|