| 557f7d80 | 15-Aug-2023 |
laurenw-arm <lauren.wehrmeister@arm.com> |
feat(auth): ecdsa p384 key support
Use KEY_SIZE 384 to enable ECDSA P384 key support by
setting MBEDTLS_ECP_DP_SECP384R1_ENABLED.
Selected by setting KEY_ALG=ecdsa and KEY_SIZE=384.
Change-Id: I38
feat(auth): ecdsa p384 key support
Use KEY_SIZE 384 to enable ECDSA P384 key support by
setting MBEDTLS_ECP_DP_SECP384R1_ENABLED.
Selected by setting KEY_ALG=ecdsa and KEY_SIZE=384.
Change-Id: I382f34fc4da98f166a2aada5d16fdf44632b47f5
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
show more ...
|
| 85bebe18 | 11-Oct-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
refactor(console): disable getc() by default
The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A
refactor(console): disable getc() by default
The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.
Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.
This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.
The following changes are introduced when getc() is disabled:
- The multi-console framework no longer provides the console_getc()
function.
- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.
If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up
If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'
- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.
[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.
Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/
Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
show more ...
|
| eaa62e82 | 22-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): use PSA crypto API during signature verification
A PSA crypto API is used for signature verification, namely
psa_verify_message, which calculates the signature and verify it
for t
feat(mbedtls-psa): use PSA crypto API during signature verification
A PSA crypto API is used for signature verification, namely
psa_verify_message, which calculates the signature and verify it
for the given signed message.
Note, this functionality is as of now tested for RSA based Key
algorithm, subsequent patches will provide the signature verification
support for all the key algorithms available in TF-A (provided by KEY_ALG
build option).
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I16214e3cac6a7af445530a6dbd66cfc6ceedcfc6
show more ...
|
| 484b5869 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): use PSA crypto API during hash calculation
A PSA crypto API is used for hash verification, namely
'psa_hash_compute', which internally calculates hash of the given
data payload.
feat(mbedtls-psa): use PSA crypto API during hash calculation
A PSA crypto API is used for hash verification, namely
'psa_hash_compute', which internally calculates hash of the given
data payload.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic90e43e68b836ee2add4b868663cfca2340c8108
show more ...
|
| 2ed061c4 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): use PSA crypto API for hash verification
A PSA crypto API is used for hash verification, namely
psa_hash_verify, which internally calculates and verifies the hash
of the given dat
feat(mbedtls-psa): use PSA crypto API for hash verification
A PSA crypto API is used for hash verification, namely
psa_hash_verify, which internally calculates and verifies the hash
of the given data payload.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib48aa6b74b59aea6036333ff00f6ca566b910e60
show more ...
|
| 4eaaaa19 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): initialise mbedtls psa crypto
Initialised Mbedtls PSA cryto during Crypto init using
function call 'psa_crypto_init'.
MbedTLS currently requires a Random Number Generator (RNG) o
feat(mbedtls-psa): initialise mbedtls psa crypto
Initialised Mbedtls PSA cryto during Crypto init using
function call 'psa_crypto_init'.
MbedTLS currently requires a Random Number Generator (RNG) once
PSA Crypto support is enabled. However, TF-A itself doesn't engage
in cryptographic operations that demand randomness. Consequently,
we simulate the presence of an external TRNG (through the configuration
option 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) while, in reality, we offer
a dummy implementation of mbedtls_psa_external_get_random() that always
returns an error.
Change-Id: Ife6d03909c0e6081438d2b2519ef500e5dcdb88f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| 38f89369 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
An ad-hoc MbedTLS PSA crypto driver is registered by compiling
a new driver file, namely mbedtls_psa_crypto.c when PSA_CRYPTO=1.
As of now, th
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
An ad-hoc MbedTLS PSA crypto driver is registered by compiling
a new driver file, namely mbedtls_psa_crypto.c when PSA_CRYPTO=1.
As of now, this file is the same as mbedtls_crypto.c, but subsequent
patches will update crypto functions in this file to trigger
PSA crypto APIs.
Change-Id: I404c347990661d87dcf5d0501d238e36914ec3ee
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| 5782b890 | 06-Sep-2023 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
feat(mbedtls-psa): introduce PSA_CRYPTO build option
This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the Mbed
feat(mbedtls-psa): introduce PSA_CRYPTO build option
This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -
1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
when PSA_CRYPTO=1.
Also, marked PSA_CRYPTO as an experimental feature.
Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| bc9e233a | 03-Oct-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "st_fixes" into integration
* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): upda
Merge changes from topic "st_fixes" into integration
* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): update comment on encryption key
fix(st): allow crypto lib compilation in aarch64
fix(st-uart): allow 64 bit compilation
fix(st): reduce MMC block_buffer
fix(stm32mp13-fdts): cosmetic fixes in PLL nodes
fix(st): update dt_get_ddr_size() type
fix(nand): reset the SLC NAND
fix(st-crypto): do not read RNG data if it's not ready
show more ...
|
| 7ed514e6 | 02-Oct-2023 |
Joanna Farley <joanna.farley@arm.com> |
Merge changes from topic "xlnx_dcc_console" into integration
* changes:
chore(dcc): remove unnecessary code in dcc
fix(dcc): add dcc console unregister function |
| c9c8a799 | 19-Sep-2023 |
Prasad Kummari <prasad.kummari@amd.com> |
chore(dcc): remove unnecessary code in dcc
Remove the dcc_console_init() function. The initialization function
is not being used and serves no purpose.
Signed-off-by: Prasad Kummari <prasad.kummari
chore(dcc): remove unnecessary code in dcc
Remove the dcc_console_init() function. The initialization function
is not being used and serves no purpose.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I056d09e153998d686d3b95ad39c563f797184c18
show more ...
|
| 379d77b3 | 10-Jan-2023 |
Yann Gautier <yann.gautier@foss.st.com> |
fix(st-crypto): use GENMASK_32 to define PKA registers masks
When compiling the driver in aarch64, and with LOG_LEVEL_VERBOSE, there
is a compilation error on the message displaying the version of t
fix(st-crypto): use GENMASK_32 to define PKA registers masks
When compiling the driver in aarch64, and with LOG_LEVEL_VERBOSE, there
is a compilation error on the message displaying the version of the
peripheral. The masks are making the variable unsigned long, whereas
we want to display an unsigned int. As the registers are 32-bit,
we should use GENMASK_32 instead of GENMASK.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I002dd5ad901f68a9480f758eaaa4428f969813c1
show more ...
|
| 0936abe9 | 19-Sep-2023 |
Prasad Kummari <prasad.kummari@amd.com> |
fix(dcc): add dcc console unregister function
Add unregistration function for the JTAG DCC (Debug Communication
Channel) console.
The unregistration function flushes DCC buffer before unregistering
fix(dcc): add dcc console unregister function
Add unregistration function for the JTAG DCC (Debug Communication
Channel) console.
The unregistration function flushes DCC buffer before unregistering
the dcc console to make sure that no output char is pending.
Since console_flush() flushes chars for all registered consoles on
the platform, which is not required in this case, dcc_console_flush()
is being called instead.
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I6f15a07c6ee947dc0e7aa8fb069227618080e611
show more ...
|
| f4d765a1 | 17-May-2021 |
Christophe Kerello <christophe.kerello@foss.st.com> |
fix(nand): reset the SLC NAND
The reset command should be the first command sent to the SLC NAND.
Resetting the SLC NAND should not be done only if NAND_ONFI_DETECT
is enabled.
Change-Id: If225a1b1
fix(nand): reset the SLC NAND
The reset command should be the first command sent to the SLC NAND.
Resetting the SLC NAND should not be done only if NAND_ONFI_DETECT
is enabled.
Change-Id: If225a1b1a7e04181cc5839e282c435c5c8958bd7
Signed-off-by: Christophe Kerello <christophe.kerello@foss.st.com>
show more ...
|
| 53092a77 | 26-May-2023 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
fix(st-crypto): do not read RNG data if it's not ready
Having RNG_SR_DRDY bit in RNG_SR register does not mean that there are 4
RNG words ready to be read. Add a check on RNG_SR_DRDY between each wo
fix(st-crypto): do not read RNG data if it's not ready
Having RNG_SR_DRDY bit in RNG_SR register does not mean that there are 4
RNG words ready to be read. Add a check on RNG_SR_DRDY between each word
reading.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Change-Id: I46af7ca6c0ddbe19540b248365a5016b15b9a707
show more ...
|
| c6d9186f | 18-Sep-2023 |
Michal Simek <michal.simek@amd.com> |
fix(dcc): enable DCC also for crash console
The JTAG DCC (Debug Communication Channel) console is primary used
for debugging that's why make no sense not to setup it up as crash
console too.
Change
fix(dcc): enable DCC also for crash console
The JTAG DCC (Debug Communication Channel) console is primary used
for debugging that's why make no sense not to setup it up as crash
console too.
Change-Id: I16e5d83f8da721657b1a10609494f835b87e5578
Signed-off-by: Michal Simek <michal.simek@amd.com>
show more ...
|
| 632e5ffe | 03-Aug-2023 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
fix(gicv3): map generic interrupt type to GICv3 group
The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
fix(gicv3): map generic interrupt type to GICv3 group
The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
Currently, they are used interchangeably in GICv3 driver. It did not
cause any functional issues since the matching type and group had the
same value for corresponding macros. This patch makes the necessary
fixes.
The generic interrupt controller APIs, such as
plat_ic_set_interrupt_type map interrupt type to interrupt group
supported by the GICv3 IP. Similarly, other generic interrupt
controller APIs map interrupt group to interrupt type as needed.
This patch also changes the name of the helper functions to use group
rather than type for handling interrupts.
Change-Id: Ie2d88a3260c71e4ab9c8baacde24cc21e551de3d
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| ab80cf35 | 03-Aug-2023 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
chore(gicv2): use interrupt group instead of type
The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
This
chore(gicv2): use interrupt group instead of type
The generic interrupt controller identifies an interrupt based on its
type whereas the GIC uses the notion of groups to identify an
interrupt.
This patch changes the name of the helper functions to use group
rather than type for handling interrupts. No functional change in this
patch.
Change-Id: If13ec65cc6c87c2da73a3d54b033f02635ff924a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| aadb759a | 21-Sep-2023 |
Yann Gautier <yann.gautier@st.com> |
Merge "fix(ufs): performs unsigned shift for doorbell" into integration |
| cd83a766 | 20-Sep-2023 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "fix(st-ddr): express memory size with size_t type" into integration |
| 84de50c7 | 19-Sep-2023 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge "feat(ethos-n): update npu error handling" into integration |
| 83e79a39 | 19-Sep-2023 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
Merge "fix(mmc): initialises response buffer with zeros" into integration |
| dbfafc5e | 18-Sep-2023 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge "fix(auth): don't overwrite pk with converted pk when rotpk is hash" into integration |
| b4e1e8fb | 18-Sep-2023 |
Yann Gautier <yann.gautier@st.com> |
fix(st-ddr): express memory size with size_t type
Express memory size with size_t type in structures.
Retrieve value as uint32_t from device tree and then cast it to size_t.
Combined with uintptr_t
fix(st-ddr): express memory size with size_t type
Express memory size with size_t type in structures.
Retrieve value as uint32_t from device tree and then cast it to size_t.
Combined with uintptr_t use, it ensures a generic algorithm whatever
the platform architecture, notably within systematic tests. Adapt also
their prototypes.
Move memory size print outside stm32mp_ddr_check_size() to adapt it to
related platform.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: Ic6e1a62d7a5e23cef49909a658098c800e7dae3f
show more ...
|
| e47d8a58 | 16-Sep-2023 |
Anand Saminathan <anans@google.com> |
fix(ufs): performs unsigned shift for doorbell
slot ranges from 0 to 31, left shifting 1 by slot is undefined when slot
is 31
Change-Id: I0c2e6d278ff593cee07736627cd87692f45e2da9
Signed-off-by: Ana
fix(ufs): performs unsigned shift for doorbell
slot ranges from 0 to 31, left shifting 1 by slot is undefined when slot
is 31
Change-Id: I0c2e6d278ff593cee07736627cd87692f45e2da9
Signed-off-by: Anand Saminathan <anans@google.com>
show more ...
|