feat(rme): add dummy realm attestation key to RMMD

Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
paramete

feat(rme): add dummy realm attestation key to RMMD

Add a dummy realm attestation key to RMMD, and return it on request.
The realm attestation key is requested with an SMC with the following
parameters:
* Fid (0xC400001B2).
* Attestation key buffer PA (the realm attestation key is copied
at this address by the monitor).
* Attestation key buffer length as input and size of realm
attesation key as output.
* Type of elliptic curve.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I12d8d98fd221f4638ef225c9383374ddf6e65eac

show more ...

feat(rme): add dummy platform token to RMMD

Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC4000

feat(rme): add dummy platform token to RMMD

Add a dummy platform token to RMMD and return it on request. The
platform token is requested with an SMC with the following parameters:
* Fid (0xC40001B3).
* Platform token PA (the platform token is copied at this address by
the monitor). The challenge object needs to be passed by
the caller in this buffer.
* Platform token len.
* Challenge object len.

When calling the SMC, the platform token buffer received by EL3 contains
the challenge object. It is not used on the FVP and is only printed to
the log.

Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Change-Id: I8b2f1d54426c04e76d7a3baa6b0fbc40b0116348

show more ...

Merge changes from topic "fwu-on-stm32mp1" into integration

* changes:
feat(stm32mp1): add support for building the FWU feature
feat(stm32mp1): add logic to pass the boot index to the Update Age

Merge changes from topic "fwu-on-stm32mp1" into integration

* changes:
feat(stm32mp1): add support for building the FWU feature
feat(stm32mp1): add logic to pass the boot index to the Update Agent
feat(stm32mp1): add support for reading the metadata partition
feat(stm32mp1): add logic to select the images to be booted
feat(stm32mp1): add GUID's for identifying firmware images to be booted
feat(stm32mp1): add GUID values for updatable images
feat(fwu): add platform hook for getting the boot index
feat(fwu): simplify the assert to check for fwu init
feat(fwu): add a function to pass metadata structure to platforms
feat(partition): add a function to identify a partition by GUID
feat(partition): copy the partition GUID into the partition structure
feat(partition): make provision to store partition GUID value
feat(partition): cleanup partition and gpt headers
feat(fwu): add basic definitions for GUID handling
feat(fwu): pass a const metadata structure to platform routines
build(changelog): add a valid scope for partition code

show more ...

feat(fwu): add platform hook for getting the boot index

Add a platform hook for returning the boot index, i.e. the bank from
which the platform has booted the updatable firmware images. This
value w

feat(fwu): add platform hook for getting the boot index

Add a platform hook for returning the boot index, i.e. the bank from
which the platform has booted the updatable firmware images. This
value will be passed to the Update Agent.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Change-Id: Ic7bef21071c48cfc7b69c50e89df9ff758d95b00

show more ...

feat(fwu): pass a const metadata structure to platform routines

The metadata structure copy is passed to the platform routine to set
the image source to boot the platform from. This is done by readi

feat(fwu): pass a const metadata structure to platform routines

The metadata structure copy is passed to the platform routine to set
the image source to boot the platform from. This is done by reading
the metadata structure. Pass the metadata as a read-only copy to the
routine -- the routine only needs to consume the metadata values and
should not be able to update the metadata fields.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Change-Id: I399cad99ab89c71483e5a32a1de0e22df304f8b0

show more ...

Merge changes from topic "mb_critical_data" into integration

* changes:
docs(measured-boot): add a platform function for critical data
feat(fvp): measure critical data

feat(fvp): measure critical data

Implemented a platform function 'plat_mboot_measure_critical_data' to
measure critical data and record its measurement using the Event Log
driver.
'bl2_plat_mboot_fi

feat(fvp): measure critical data

Implemented a platform function 'plat_mboot_measure_critical_data' to
measure critical data and record its measurement using the Event Log
driver.
'bl2_plat_mboot_finish' function invokes this platform function
immediately after populating the critical data.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ia198295c6e07ab26d436eab1ff90df2cf28303af

show more ...

Merge changes from topic "refactor-mb" into integration

* changes:
docs(measured boot): add measured boot platform functions
refactor(measured boot): make measurement strings compliant with SBSG

Merge changes from topic "refactor-mb" into integration

* changes:
docs(measured boot): add measured boot platform functions
refactor(measured boot): make measurement strings compliant with SBSG
feat(plat/fvp): pass Event Log addr and size from BL1 to BL2
feat(measured_boot): update tb_fw_config with event log properties
feat(measured_boot): image hash measurement and recording in BL1
refactor(measured boot): remove platform calls from Event Log driver
refactor(measured_boot): remove passing of BL2 hash via device tree
refactor(measured boot): move BL2 measurement to platform layer
refactor(measured boot): rename add_event2()
refactor(measured boot): move image measurement to generic layer
build(measured boot): rename measured boot makefile
feat(measured boot): move init and teardown functions to platform layer
refactor(measured boot): rename tpm_record_measurement()

show more ...

feat(measured_boot): image hash measurement and recording in BL1

It looks safer and cleaner approach to record the measurement taken by
BL1 straightaway in TCG Event Log instead of deferring these r

feat(measured_boot): image hash measurement and recording in BL1

It looks safer and cleaner approach to record the measurement taken by
BL1 straightaway in TCG Event Log instead of deferring these recordings
to BL2.
Hence pull in the full-fledged measured boot driver into BL1 that
replaces the former ad-hoc platform interfaces i.e.
bl1_plat_set_bl2_hash, bl2_plat_get_hash.

As a result of this change the BL1 of Arm FVP platform now do the
measurements and recordings of below images:
1. FW_CONFIG
2. TB_FW_CONFIG
3. BL2

Change-Id: I798c20336308b5e91b547da4f8ed57c24d490731
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

refactor(measured_boot): remove passing of BL2 hash via device tree

Subsequent patches will provide a solution to do the BL2 hash measurement
and recording in BL1 itself, hence in preparation to ado

refactor(measured_boot): remove passing of BL2 hash via device tree

Subsequent patches will provide a solution to do the BL2 hash measurement
and recording in BL1 itself, hence in preparation to adopt that solution
remove the logic of passing BL2 hash measurement to BL2 component
via TB_FW config.

Change-Id: Iff9b3d4c6a236a33b942898fcdf799cbab89b724
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

refactor(measured boot): move image measurement to generic layer

Right now, the assumption is that the platform post-load hook takes
care of measuring the image that just got loaded. This is how it'

refactor(measured boot): move image measurement to generic layer

Right now, the assumption is that the platform post-load hook takes
care of measuring the image that just got loaded. This is how it's
implemented on FVP.

This patch moves the measurement into the generic code
instead. load_auth_image() now calls plat_mboot_measure_image(),
which is a new platform interface introduced in this patch to measure
an image. This is called just after authenticating the image.

Implement plat_mboot_measure_image() for the Arm FVP platform. The code
is copied straight from the post-load hook.

As a result, the FVP specific implementation of
arm_bl2_plat_handle_post_image_load() is no longer needed. We can go
back to using the Arm generic implementation of it.

Change-Id: I7b4b8d28941a865e10af9d0eadaf2e4850942090
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(measured boot): move init and teardown functions to platform layer

Right now, the measured boot driver is strongly coupled with the TCG
event log driver. It would not be possible to push the me

feat(measured boot): move init and teardown functions to platform layer

Right now, the measured boot driver is strongly coupled with the TCG
event log driver. It would not be possible to push the measurements
somewhere else, for instance to a physical TPM.

To enable this latter use case, turn the driver's init and teardown
functions into platform hooks. Call them bl2_plat_mboot_init()/finish().
This allows each platform to implement them appropriately, depending on
the type of measured boot backend they use. For example, on a platform
with a physical TPM, the plat_mboot_init() hook would startup the TPM
and setup it underlying bus (e.g. SPI).

Move the current implementation of the init and teardown function to the
FVP platform layer.

Finally move the conditional compilation logic (#if MEASURED_BOOT) out
of bl2_main() to improve its readability. Provide a dummy implementation
in the case measured boot is not included in the build.

Change-Id: Ib6474cb5a9c1e3d4a30c7f228431b22d1a6e85e3
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "refactor(plat/ea_handler): Use default ea handler implementation for panic" into integration

refactor(plat/ea_handler): Use default ea handler implementation for panic

Put default ea handler implementation into function plat_default_ea_handler()
which just print verbose information and pani

refactor(plat/ea_handler): Use default ea handler implementation for panic

Put default ea handler implementation into function plat_default_ea_handler()
which just print verbose information and panic, so it can be called also
from overwritten / weak function plat_ea_handler() implementation.

Replace every custom implementation of printing verbose error message of
external aborts in custom plat_ea_handler() functions by a common
implementation from plat_default_ea_handler() function.

Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I15897f61b62b4c3c29351e693f51d4df381f3b98

show more ...

Merge changes from topic "fw-update-2" into integration

* changes:
feat(sw_crc32): add software CRC32 support
refactor(hw_crc32): renamed hw_crc32 to tf_crc32
feat(fwu): avoid booting with an

Merge changes from topic "fw-update-2" into integration

* changes:
feat(sw_crc32): add software CRC32 support
refactor(hw_crc32): renamed hw_crc32 to tf_crc32
feat(fwu): avoid booting with an alternate boot source
docs(fwu): add firmware update documentation
feat(fwu): avoid NV counter upgrade in trial run state
feat(plat/arm): add FWU support in Arm platforms
feat(fwu): initialize FWU driver in BL2
feat(fwu): add FWU driver
feat(fwu): introduce FWU platform-specific functions declarations
docs(fwu_metadata): add FWU metadata build options
feat(fwu_metadata): add FWU metadata header and build options

show more ...

feat(fwu): introduce FWU platform-specific functions declarations

Added FWU platform specific functions declarations in common
platform header.

Change-Id: I637e61753ea3dc7f7e7f3159ae1b43ab6780aef2

feat(fwu): introduce FWU platform-specific functions declarations

Added FWU platform specific functions declarations in common
platform header.

Change-Id: I637e61753ea3dc7f7e7f3159ae1b43ab6780aef2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "Add TRNG Firmware Interface service" into integration

Add TRNG Firmware Interface service

This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and include

Add TRNG Firmware Interface service

This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and includes an entropy pool implementation to
avoid dropping any entropy requested from the platform.

Change-Id: I71cadb3cb377a507652eca9e0d68714c973026e9
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge "Don't return error information from console_flush" into integration

Don't return error information from console_flush

And from crash_console_flush.

We ignore the error information return by console_flush in _every_
place where we call it, and casting the return typ

Don't return error information from console_flush

And from crash_console_flush.

We ignore the error information return by console_flush in _every_
place where we call it, and casting the return type to void does not
work around the MISRA violation that this causes. Instead, we collect
the error information from the driver (to avoid changing that API), and
don't return it to the caller.

Change-Id: I1e35afe01764d5c8f0efd04f8949d333ffb688c1
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>

show more ...

Merge "SMCCC: Introduce function to check SMCCC function availability" into integration

SMCCC: Introduce function to check SMCCC function availability

Currently, 'SMCCC_ARCH_FEATURES' SMC call handler unconditionally
returns 'SMC_OK' for 'SMCCC_ARCH_SOC_ID' function. This seems to
be n

SMCCC: Introduce function to check SMCCC function availability

Currently, 'SMCCC_ARCH_FEATURES' SMC call handler unconditionally
returns 'SMC_OK' for 'SMCCC_ARCH_SOC_ID' function. This seems to
be not correct for the platform which doesn't implement soc-id
functionality i.e. functions to retrieve both soc-version and
soc-revision.
Hence introduced a platform function which will check whether SMCCC
feature is available for the platform.

Also, updated porting guide for the newly added platform function.

Change-Id: I389f0ef6b0837bb24c712aa995b7176117bc7961
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topics "af/add_measured_boot_bl1_bl2", "af/add_measured_boot_driver", "af/add_measured_boot_driver_support", "af/add_measured_boot_fconf", "af/add_measured_boot_fvp" into integrati

Merge changes from topics "af/add_measured_boot_bl1_bl2", "af/add_measured_boot_driver", "af/add_measured_boot_driver_support", "af/add_measured_boot_fconf", "af/add_measured_boot_fvp" into integration

* changes:
plat/arm/board/fvp: Add support for Measured Boot
TF-A: Add support for Measured Boot driver to FCONF
TF-A: Add support for Measured Boot driver in BL1 and BL2
TF-A: Add Event Log for Measured Boot
TF-A: Add support for Measured Boot driver

show more ...

TF-A: Add support for Measured Boot driver

This patch adds support for Measured Boot driver functionality
in common Arm platform code.

Change-Id: If049dcf8d847c39023b77c0d805a8cf5b8bcaa3e
Signed-of

TF-A: Add support for Measured Boot driver

This patch adds support for Measured Boot driver functionality
in common Arm platform code.

Change-Id: If049dcf8d847c39023b77c0d805a8cf5b8bcaa3e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

show more ...

Merge "plat/arm/fvp: Support performing SDEI platform setup in runtime" into integration