| 24c5d206 | 19-May-2022 |
Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com> |
docs(changelog): changelog for v2.7 release
Change-Id: I573e5eb3c7fad097892292c8a967dc02d72d12e6
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com> |
| ae985349 | 01-Jun-2022 |
Joanna Farley <joanna.farley@arm.com> |
Merge changes from topic "sb/threat-model" into integration
* changes:
docs(threat-model): broaden the scope of threat #05
docs(threat-model): emphasize whether mitigations are implemented |
| 9eea92a1 | 28-Apr-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
docs(spm): refresh FF-A SPM design doc
- Move manifest binding doc as a dedicated SPM doc section.
- Highlight introduction of an EL3 FF-A SPM solution.
- Refresh TF-A build options.
- Refresh PE MM
docs(spm): refresh FF-A SPM design doc
- Move manifest binding doc as a dedicated SPM doc section.
- Highlight introduction of an EL3 FF-A SPM solution.
- Refresh TF-A build options.
- Refresh PE MMU configuration section.
- Add arch extensions for security hardening section.
- Minor corrections, typos fixes and rephrasing.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2db06c140ef5871a812ce00a4398c663d5433bb4
show more ...
|
| 79a91381 | 12-May-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
docs(spm): update FF-A manifest binding
- Add security state attribute to memory and device regions.
- Rename device region reg attribution to base-address aligned with
memory regions.
- Add pages
docs(spm): update FF-A manifest binding
- Add security state attribute to memory and device regions.
- Rename device region reg attribution to base-address aligned with
memory regions.
- Add pages-count field to device regions.
- Refresh interrupt attributes description in device regions.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I901f48d410edb8b10f65bb35398b80f18105e427
show more ...
|
| 0677796c | 16-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): broaden the scope of threat #05
- Cite crash reports as an example of sensitive
information. Previously, it might have sounded like this was the
focus of the threat.
- W
docs(threat-model): broaden the scope of threat #05
- Cite crash reports as an example of sensitive
information. Previously, it might have sounded like this was the
focus of the threat.
- Warn about logging high-precision timing information, as well as
conditionally logging (potentially nonsensitive) information
depending on sensitive information.
Change-Id: I33232dcb1e4b5c81efd4cd621b24ab5ac7b58685
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 7e32cdb2 | 13-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): emphasize whether mitigations are implemented
For each threat, we now separate:
- how to mitigate against it;
- whether TF-A currently implements these mitigations.
A new "Mit
docs(threat-model): emphasize whether mitigations are implemented
For each threat, we now separate:
- how to mitigate against it;
- whether TF-A currently implements these mitigations.
A new "Mitigations implemented?" box is added to each threat to
provide the implementation status. For threats that are partially
mitigated from platform code, the original text is improved to make
these expectations clearer. The hope is that platform integrators will
have an easier time identifying what they need to carefully implement
in order to follow the security recommendations from the threat model.
Change-Id: I8473d75946daf6c91a0e15e61758c183603e195b
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| ccfa411b | 30-May-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "ja/boot_protocol" into integration
* changes:
docs(spm): update ff-a boot protocol documentation
docs(maintainers): add code owner to sptool |
| 573ac373 | 24-May-2022 |
J-Alves <joao.alves@arm.com> |
docs(spm): update ff-a boot protocol documentation
Updated following sections to document implementation of the FF-A boot
information protocol:
- Describing secure partitions.
- Secure Partition Pac
docs(spm): update ff-a boot protocol documentation
Updated following sections to document implementation of the FF-A boot
information protocol:
- Describing secure partitions.
- Secure Partition Packages.
- Passing boot data to the SP.
Also updated description of the manifest field 'gp-register-num'.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I5c856437b60cdf05566dd636a01207c9b9f42e61
show more ...
|
| 77b73416 | 24-May-2022 |
J-Alves <joao.alves@arm.com> |
docs(maintainers): add code owner to sptool
Add Joao Alves as code owner to the sptool.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I9e44e322ba1cce62308bf16c4a6253f7b0117fe0 |
| 4466cf82 | 03-May-2022 |
Daniel Boulby <daniel.boulby@arm.com> |
fix(build): use DWARF 4 when building debug
GCC 11 and Clang 14 now use the DWARF 5 standard by default however
Arm-DS currently only supports up to version 4. Therefore, for debug
builds, ensure th
fix(build): use DWARF 4 when building debug
GCC 11 and Clang 14 now use the DWARF 5 standard by default however
Arm-DS currently only supports up to version 4. Therefore, for debug
builds, ensure the DWARF 4 standard is used.
Also update references for Arm DS-5 to it's successor Arm-DS (Arm
Development Studio).
Change-Id: Ica59588de3d121c1b795b3699f42c31f032cee49
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
show more ...
|
| 453abc80 | 19-May-2022 |
Bipin Ravi <bipin.ravi@arm.com> |
Merge changes from topic "sb/threat-model" into integration
* changes:
docs(threat-model): make measured boot out of scope
docs(threat-model): revamp threat #9 |
| 0a9a0edf | 19-May-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "mb/drtm-work-phase-1" into integration
* changes:
build(changelog): add new scope for Arm SMMU driver
feat(smmu): add SMMU abort transaction function
docs(build): add
Merge changes from topic "mb/drtm-work-phase-1" into integration
* changes:
build(changelog): add new scope for Arm SMMU driver
feat(smmu): add SMMU abort transaction function
docs(build): add build option for DRTM support
build(drtm): add DRTM support build option
show more ...
|
| 687cb6bd | 19-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "sb/threat-model" into integration
* changes:
docs(threat-model): remove some redundant text in threat #08
docs(threat-model): make experimental features out of scope
Merge changes from topic "sb/threat-model" into integration
* changes:
docs(threat-model): remove some redundant text in threat #08
docs(threat-model): make experimental features out of scope
docs(threat-model): cosmetic changes
show more ...
|
| d08c4966 | 16-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): make measured boot out of scope
Add an explicit note that measured boot is out of scope of the threat
model. For example, we have no threat related to the secure
management of me
docs(threat-model): make measured boot out of scope
Add an explicit note that measured boot is out of scope of the threat
model. For example, we have no threat related to the secure
management of measurements, nor do we list its security benefits
(e.g. in terms of repudiation).
This might be a future improvement to the threat model but for now
just acknowledge it is not considered.
Change-Id: I2fb799a2ef0951aa681a755a948bd2b67415d156
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 859eabd4 | 14-Feb-2022 |
Manish V Badarkhe <manish.badarkhe@arm.com> |
docs(build): add build option for DRTM support
Documented the build option for DRTM support.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paul
docs(build): add build option for DRTM support
Documented the build option for DRTM support.
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: Ic1543ee5f1d0046d5062d9744bd1a136d940b687
show more ...
|
| 48e73457 | 18-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "sb/update-maintainers" into integration
* changes:
docs(maintainers): remove John Powell from code owners
docs(maintainers): remove Jimmy Brisson from code owners |
| ee211d08 | 17-May-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge "docs: update supported FVP models documentation" into integration |
| 173c3afc | 28-Apr-2022 |
Maksims Svecovs <maksims.svecovs@arm.com> |
docs: update supported FVP models documentation
Update supported models list according to changes for v2.7 release in
ci/tf-a-ci-scripts repository:
* general FVP model update: 5c54251
* CSS model u
docs: update supported FVP models documentation
Update supported models list according to changes for v2.7 release in
ci/tf-a-ci-scripts repository:
* general FVP model update: 5c54251
* CSS model update: 3bd12fb
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Change-Id: I38c2ef2991b23873821c7e34ad2900b9ad023c4b
show more ...
|
| 652df566 | 17-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(maintainers): remove John Powell from code owners
John Powell is no longer part of the TF-A core team at Arm.
Change-Id: Iaa91474cb2c5c334b9ae6f2376724fad2677e285
Signed-off-by: Sandrine Baill
docs(maintainers): remove John Powell from code owners
John Powell is no longer part of the TF-A core team at Arm.
Change-Id: Iaa91474cb2c5c334b9ae6f2376724fad2677e285
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 9293278c | 17-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(maintainers): remove Jimmy Brisson from code owners
Jimmy Brisson is no longer part of the TF-A core team at Arm.
Change-Id: I2966c513a0c2cda438a05dedd42149d16190cbf6
Signed-off-by: Sandrine B
docs(maintainers): remove Jimmy Brisson from code owners
Jimmy Brisson is no longer part of the TF-A core team at Arm.
Change-Id: I2966c513a0c2cda438a05dedd42149d16190cbf6
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 1b7c82ca | 13-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): remove some redundant text in threat #08
The threat description was repeating the threat title.
Change-Id: I67de2c0aab6e86bf33eb91e7562e075fcb76259b
Signed-off-by: Sandrine Bail
docs(threat-model): remove some redundant text in threat #08
The threat description was repeating the threat title.
Change-Id: I67de2c0aab6e86bf33eb91e7562e075fcb76259b
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 3d6cc210 | 12-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): revamp threat #9
Reword the description of threat #9 to make it more future-proof for
Arm CCA. By avoiding specific references to secure or non-secure
contexts, in favour of "wor
docs(threat-model): revamp threat #9
Reword the description of threat #9 to make it more future-proof for
Arm CCA. By avoiding specific references to secure or non-secure
contexts, in favour of "worlds" and "security contexts", we make the
description equally applicable to 2-world and 4-world architectures.
Note that there are other threats that would benefit from such a
similar revamp but this is out of scope of this patch.
Also list malicious secure world code as a potential threat
agent. This seems to be an oversight in the first version of the
threat model (i.e. this change is not related to Arm CCA).
Change-Id: Id8c8424b0a801104c4f3dc70e344ee702d2b259a
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 4365b30c | 12-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): make experimental features out of scope
By nature, experimental features are incomplete pieces of work,
sometimes going under rapid change. Typically, the threat model
implicatio
docs(threat-model): make experimental features out of scope
By nature, experimental features are incomplete pieces of work,
sometimes going under rapid change. Typically, the threat model
implications have not been fully considered yet.
Change-Id: Ice8d4273a789558e912f82cde592da4747b37fdf
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| f10dd3e0 | 10-May-2022 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
docs(threat-model): cosmetic changes
- Add empty lines after titles.
- Reduce number of highlighting characters to fit title length.
- Remove most ``monospaced text``.
I think most of it loo
docs(threat-model): cosmetic changes
- Add empty lines after titles.
- Reduce number of highlighting characters to fit title length.
- Remove most ``monospaced text``.
I think most of it looked weird in the rendered HTML version and
it had no obvious meaning.
Change-Id: I5f746a3de035d8ac59eec0af491c187bfe86dad7
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|
| 9bc52d33 | 02-Mar-2022 |
Juan Pablo Conde <juanpablo.conde@arm.com> |
refactor(security): upgrade tools to OpenSSL 3.0
Host tools cert_tool and encrypt_fw refactored to be fully
compatible with OpenSSL v3.0.
Changes were made following the OpenSSL 3.0 migration guide
refactor(security): upgrade tools to OpenSSL 3.0
Host tools cert_tool and encrypt_fw refactored to be fully
compatible with OpenSSL v3.0.
Changes were made following the OpenSSL 3.0 migration guide:
https://www.openssl.org/docs/man3.0/man7/migration_guide.html
In some cases, those changes are straightforward and only
a small modification on the types or API calls was needed
(e.g.: replacing BN_pseudo_rand() with BN_rand(). Both identical
since v1.1.0).
The use of low level APIs is now deprecated. In some cases,
the new API provides a simplified solution for our goals and
therefore the code was simplified accordingly (e.g.: generating
RSA keys through EVP_RSA_gen() without the need of handling the
exponent). However, in some cases, a more
sophisticated approach was necessary, as the use of a context
object was required (e.g.: when retrieving the digest value from
an SHA file).
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I978e8578fe7ab3e71307450ebe7e7812fbcaedb6
show more ...
|