docs: patch Poetry build instructions

Some parts of the documentation referring to Poetry provides incorrect
build instructions and has some minor formatting errors. Reformat the
bits that require f

docs: patch Poetry build instructions

Some parts of the documentation referring to Poetry provides incorrect
build instructions and has some minor formatting errors. Reformat the
bits that require formatting, and fix the build instructions. These
were originally part of the patch stack that added Poetry support but
were accidentally reverted prior to merge.

Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I336d3a7bbe99f75262430ae436f8ebc2cb050d2c

show more ...

Merge "docs(threat-model): add a notes related to the Measured Boot" into integration

Merge "feat(gcs): support guarded control stack" into integration

Merge "docs(maintainers): make Jimmy Brisson a code owner" into integration

Merge changes from topic "mb/trusted-boot-update" into integration

* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in

Merge changes from topic "mb/trusted-boot-update" into integration

* changes:
refactor(auth)!: unify REGISTER_CRYPTO_LIB
refactor(auth): replace plat_convert_pk
docs(auth): add auth_decrypt in CM chapter
feat(auth): compare platform and certificate ROTPK for authentication
docs(auth): add 'calc_hash' function's details in CM

show more ...

docs: deprecate CryptoCell-712/713 drivers

We plan to deprecate the CryptoCell-712 and CryptoCell-713 drivers in
TF-A release v2.9 and eventually remove the code from the tree in
release 3.0.

The o

docs: deprecate CryptoCell-712/713 drivers

We plan to deprecate the CryptoCell-712 and CryptoCell-713 drivers in
TF-A release v2.9 and eventually remove the code from the tree in
release 3.0.

The only upstream platforms which use these drivers today are the Arm
Ltd developpment platforms, such as Juno.

Write this information down into the "Release Processes" document.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Ib064292733a271ecbff0dde315911017e2c4da7e

show more ...

docs: split deprecated interfaces and drivers

Having a dedicated section for deprecated interfaces, and another one
for deprecated drivers, sounds cleaner.

Signed-off-by: Sandrine Bailleux <sandrin

docs: split deprecated interfaces and drivers

Having a dedicated section for deprecated interfaces, and another one
for deprecated drivers, sounds cleaner.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Iaf65e9f4dabff89b9e86c17062656edd8c344016

show more ...

docs: extend deprecation policy

Our process documentation already mentions that if a platform is no
longer maintained, it is best to deprecate it to keep the project's
source tree clean and healthy.

docs: extend deprecation policy

Our process documentation already mentions that if a platform is no
longer maintained, it is best to deprecate it to keep the project's
source tree clean and healthy.

The same argument stands for drivers or library interfaces so extend
this policy to those.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Ieb235d6a1fb089343e0e1e3e5f36067552f2f8f0

show more ...

docs: add a note about downstream platforms

Clarify that downstream platforms generally do not affect code
deprecation / removal decisions.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.c

docs: add a note about downstream platforms

Clarify that downstream platforms generally do not affect code
deprecation / removal decisions.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I44b979c4e67ee03537852769e96544e19137bda3

show more ...

docs(juno): update SCP downloads link

Change-Id: Ibe2a1d2ec019333876a4f82b70fde0a10d667f7c
Signed-off-by: Chris Kay <chris.kay@arm.com>

refactor(auth): replace plat_convert_pk

Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declar

refactor(auth): replace plat_convert_pk

Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.

[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6

show more ...

docs(auth): add auth_decrypt in CM chapter

The call to REGISTER_CRYPTO_LIB requires auth_decrypt function to be
provided. Add its prototype and update REGISTER_CRYPTO_LIB call.

Signed-off-by: Yann

docs(auth): add auth_decrypt in CM chapter

The call to REGISTER_CRYPTO_LIB requires auth_decrypt function to be
provided. Add its prototype and update REGISTER_CRYPTO_LIB call.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Id1f2a54867ffe5dec36e0bf22490d01858891585

show more ...

docs(auth): add 'calc_hash' function's details in CM

Updated the Crypto Module section to detail the 'calc_hash'
function.

Change-Id: I04a24abba150745e4eba6273bdb7cf12b66bfebc
Signed-off-by: Manish

docs(auth): add 'calc_hash' function's details in CM

Updated the Crypto Module section to detail the 'calc_hash'
function.

Change-Id: I04a24abba150745e4eba6273bdb7cf12b66bfebc
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "feat: add support for poetry" into integration

docs(maintainers): make Jimmy Brisson a code owner

For the following modules:
- Trusted boot
- Measured boot
- cert_create tool
- PSA layer.

Change-Id: I18113441a947773b470904573e1b474a2c8e2941
Sig

docs(maintainers): make Jimmy Brisson a code owner

For the following modules:
- Trusted boot
- Measured boot
- cert_create tool
- PSA layer.

Change-Id: I18113441a947773b470904573e1b474a2c8e2941
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

build: deprecate Arm rde1edge

Arm has decided to deprecate the rde1edge platform. The development
of software and fast model for this platform have been discontinued.
Hence, updated the makefile to

build: deprecate Arm rde1edge

Arm has decided to deprecate the rde1edge platform. The development
of software and fast model for this platform have been discontinued.
Hence, updated the makefile to warn about the deprecation of this
platform, and also reflected it in the documentation.

Change-Id: I0d44de4590dd5dce02c7c4b433df25dc438e6c49
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat: add support for poetry

New python dependencies are introduced by the memory mapping script.
Rather than add another `requirements.txt` utilise poetry. This is a
proper dependency management fr

feat: add support for poetry

New python dependencies are introduced by the memory mapping script.
Rather than add another `requirements.txt` utilise poetry. This is a
proper dependency management framework for Python. The two main upsides
of using poetry instead of the traditional requirements.txt are
maintainability and reproducibility.

Poetry provides a proper lock file for pinning dependencies, similar to
npm for JavaScript. This allows for separate environments (i.e. docs,
tools) to be created efficiently, and in a reproducible manner, wherever
the project is deployed. Having dependencies pinned in this manner is a
boon as a security focused project. An additional upside is that we will
receive security updates for dependencies via GitHub's Dependabot.

Change-Id: I5a3c2003769b878a464c8feac0f789e5ecf8d56c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

docs(threat-model): add a notes related to the Measured Boot

TF-A currently does not have any TPM2 driver for extending
measurements into a discrete TPM chip. In TPM-based attestation
scheme, measur

docs(threat-model): add a notes related to the Measured Boot

TF-A currently does not have any TPM2 driver for extending
measurements into a discrete TPM chip. In TPM-based attestation
scheme, measurements are just stored into a TCG-compatible event
log buffer in secure memory.

In light of the fact that Event Log measurements are taken by BL1 and
BL2, we need to trust these components to store genuine measurements,
and the Generic Threat Model always mitigates against attacks on these
components, therefore, there is no explicit document for the Measured
Boot threat model at this time is needed.

Change-Id: I41b037b2f5956d327b53cd834345e5aefdcfb5ef
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(fvp): add Event Log maximum size property in DT

Updated the code to get and set the 'tpm_event_log_max_size' property
in the event_log.dtsi.

In this change, the maximum Event Log buffer size a

feat(fvp): add Event Log maximum size property in DT

Updated the code to get and set the 'tpm_event_log_max_size' property
in the event_log.dtsi.

In this change, the maximum Event Log buffer size allocated by BL1 is
passed to BL2, rather than both relying on the maximum Event Log buffer
size macro.

Change-Id: I7aa6256390872171e362b6f166f3f7335aa6e425
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "feat(docs): allow verbose build" into integration

feat(gcs): support guarded control stack

Arm v9.4 introduces support for Guarded Control Stack, providing
mitigations against some forms of RPO attacks and an efficient mechanism
for obtaining the c

feat(gcs): support guarded control stack

Arm v9.4 introduces support for Guarded Control Stack, providing
mitigations against some forms of RPO attacks and an efficient mechanism
for obtaining the current call stack without requiring a full stack
unwind. Enable access to this feature for EL2 and below, context
switching the newly added EL2 registers as appropriate.

Change the FVP platform to default to handling this as a dynamic option
so the right decision can be made by the code at runtime.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: I691aa7c22e3547bb3abe98d96993baf18c5f0e7b

show more ...

Merge "docs(maintainers): update maintainers for n1sdp/morello" into integration

feat(pie/por): support permission indirection and overlay

Arm v8.9 introduces a series of features providing a new way to set memory
permissions. Instead of directly encoding the permissions in the

feat(pie/por): support permission indirection and overlay

Arm v8.9 introduces a series of features providing a new way to set memory
permissions. Instead of directly encoding the permissions in the page
tables the PTEs contain indexes into an array of permissions stored in
system registers, allowing greater flexibility and density of encoding.

Enable access to these features for EL2 and below, context switching the
newly added EL2 registers as appropriate. Since all of FEAT_S[12]P[IO]E
are separately discoverable we have separate build time options for
enabling them, but note that there is overlap in the registers that they
implement and the enable bit required for lower EL access.

Change the FVP platform to default to handling them as dynamic options so
the right decision can be made by the code at runtime.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: Icf89e444e39e1af768739668b505661df18fb234

show more ...

Merge "feat(zynqmp): make stack size configurable" into integration

Merge changes from topic "mb/rst-to-bl31-update" into integration

* changes:
docs: update RESET_TO_BL31 documentation
fix(bl31): avoid clearing of argument registers in RESET_TO_BL31 case
Reve

Merge changes from topic "mb/rst-to-bl31-update" into integration

* changes:
docs: update RESET_TO_BL31 documentation
fix(bl31): avoid clearing of argument registers in RESET_TO_BL31 case
Revert "docs(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS"
Revert "feat(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS"

show more ...