| 15e498de | 12-May-2022 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
Merge "fix(security): workaround for CVE-2022-23960" into integration |
| 6c87abdd | 11-May-2022 |
Manish Pandey <manish.pandey2@arm.com> |
fix(arm): remove reclamation of functions starting with "init"
When RECLAIM_INIT_CODE is enabled, functions with __init attribute can
be reclaimed after boot and marked as Execute Never.
Because of
fix(arm): remove reclamation of functions starting with "init"
When RECLAIM_INIT_CODE is enabled, functions with __init attribute can
be reclaimed after boot and marked as Execute Never.
Because of a bug in linker script the functions starting with "init"
were also marked XN and causing instruction abort.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I2221973c05af170acf4e723cd44645b9ff9d58d2
show more ...
|
| c2a15217 | 06-May-2022 |
Bipin Ravi <bipin.ravi@arm.com> |
fix(security): workaround for CVE-2022-23960
Implements the loop workaround for Cortex Makalu/Makalu-ELP/Hunter
and Neoverse Demeter/Poseidon.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-
fix(security): workaround for CVE-2022-23960
Implements the loop workaround for Cortex Makalu/Makalu-ELP/Hunter
and Neoverse Demeter/Poseidon.
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: If5f6689b662ecac92491e0c0902df4270051ce5b
show more ...
|
| 7e3273e8 | 22-Dec-2021 |
Bipin Ravi <bipin.ravi@arm.com> |
fix(errata): workaround for DSU-110 erratum 2313941
DSU-110 erratum 2313941 is a Cat B erratum and applies to revisions
r0p0, r1p0, r2p0, r2p1, r3p0, r3p1 and is still open.
The workaround sets IMP
fix(errata): workaround for DSU-110 erratum 2313941
DSU-110 erratum 2313941 is a Cat B erratum and applies to revisions
r0p0, r1p0, r2p0, r2p1, r3p0, r3p1 and is still open.
The workaround sets IMP_CLUSTERACTLR_EL1[16:15] bits to 0b11 to disable
clock gating of the SCLK domain. This will increase the idle power
consumption.
This patch applies the fix for Cortex-X2/A510/A710 and Neoverse N2.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1781796/latest
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I54d948b23e8e01aaf1898ed9fe4e2255dd209318
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
show more ...
|
| c44e50b7 | 11-Feb-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(plat/arm/fvp): enable RSS backend based measured boot
Enable the RSS backend based measured boot feature.
In the absence of RSS the mocked version of PSA APIs
are used. They always return with
feat(plat/arm/fvp): enable RSS backend based measured boot
Enable the RSS backend based measured boot feature.
In the absence of RSS the mocked version of PSA APIs
are used. They always return with success and hard-code data.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I7543e9033a7a21f1b836d911d8d9498c6e09b956
show more ...
|
| 0442ebd2 | 11-Jan-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(drivers/measured_boot): add RSS backend
Runtime Security Subsystem (RSS) provides for the host:
- Runtime service to store measurments, which were
computed by the host during measured boot.
feat(drivers/measured_boot): add RSS backend
Runtime Security Subsystem (RSS) provides for the host:
- Runtime service to store measurments, which were
computed by the host during measured boot.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia9e4e8a1fe8f01a28da1fd8c434b780f2a08f94e
show more ...
|
| ce0c40ed | 18-Jan-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(drivers/arm/rss): add RSS communication driver
This commit adds a driver to conduct the AP's communication
with the Runtime Security Subsystem (RSS).
RSS is Arm's reference implementation for t
feat(drivers/arm/rss): add RSS communication driver
This commit adds a driver to conduct the AP's communication
with the Runtime Security Subsystem (RSS).
RSS is Arm's reference implementation for the CCA HES [1].
It can be considered as a secure enclave to which, for example,
certain services can be offloaded such as initial attestation.
RSS comms driver:
- Relies on MHU v2.x communication IP, using a generic MHU API,
- Exposes the psa_call(..) API to the upper layers.
[1] https://developer.arm.com/documentation/DEN0096/latest
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ib174ac7d1858834006bbaf8aad0eb31e3a3ad107
show more ...
|
| 08485651 | 11-Feb-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(lib/psa): add initial attestation API
Supports:
- Get Platform Attestation token from secure enclave
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Icaeb7b4eaff08e10f449fbf752068de3a
feat(lib/psa): add initial attestation API
Supports:
- Get Platform Attestation token from secure enclave
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Icaeb7b4eaff08e10f449fbf752068de3ac7974bf
show more ...
|
| 758c6471 | 18-Jan-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(lib/psa): add measured boot API
A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measure
feat(lib/psa): add measured boot API
A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measured boot runtime service.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2448e324e7ece6b318403c5937dfe7abea53d0f3
show more ...
|
| af26d7d6 | 10-Jan-2022 |
Tamas Ban <tamas.ban@arm.com> |
feat(drivers/arm/mhu): add MHU driver
The Arm Message Handling Unit (MHU) is a mailbox controller used to
communicate with other processing element(s). Adding a driver to
enable the communication:
-
feat(drivers/arm/mhu): add MHU driver
The Arm Message Handling Unit (MHU) is a mailbox controller used to
communicate with other processing element(s). Adding a driver to
enable the communication:
- Adding generic MHU driver interface,
- Adding MHU_v2_x driver.
Driver supports:
- Discovering available MHU channels,
- Sending / receiving words over MHU channels,
- Signaling happens over a dedicated channel.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: I41a5b968f6b8319cdbdf7907d70bd8837839862e
show more ...
|
| e81e999b | 21-Apr-2022 |
Okash Khawaja <okash@google.com> |
fix(security): workaround for CVE-2022-23960 for Cortex-X1
Implements the loop workaround for Cortex-X1.
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I5828a26c1ec3cfb718246ea5c3b099da
fix(security): workaround for CVE-2022-23960 for Cortex-X1
Implements the loop workaround for Cortex-X1.
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I5828a26c1ec3cfb718246ea5c3b099dabc0fb3d7
show more ...
|
| 7b76c20d | 21-Apr-2022 |
Okash Khawaja <okash@google.com> |
fix(errata): workarounds for cortex-x1 errata
This patch adds workarounds for following cortex-x1 errata:
- 1821534 (CatB)
- 1688305 (CatB)
- 1827429 (CatB)
SDEN can be found here:
https://develop
fix(errata): workarounds for cortex-x1 errata
This patch adds workarounds for following cortex-x1 errata:
- 1821534 (CatB)
- 1688305 (CatB)
- 1827429 (CatB)
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1401782/latest
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I10ebe8d5c56a6d273820bb2c682f21bf98daa7a5
show more ...
|
| 6e8eca78 | 21-Apr-2022 |
Okash Khawaja <okash@google.com> |
feat(cpu): add support for Cortex-X1
This patch adds basic CPU library code to support Cortex-X1 CPU in TF-A.
Follow-up patches will add selected errata workarounds for this CPU.
Signed-off-by: Oka
feat(cpu): add support for Cortex-X1
This patch adds basic CPU library code to support Cortex-X1 CPU in TF-A.
Follow-up patches will add selected errata workarounds for this CPU.
Signed-off-by: Okash Khawaja <okash@google.com>
Change-Id: I4a3d50a98bf55a555bfaefeed5c7b88a35e3bc21
show more ...
|
| aeef2c22 | 10-May-2022 |
Bipin Ravi <bipin.ravi@arm.com> |
Merge "fix(errata): workaround for Cortex-A710 erratum 2008768" into integration |
| 926224e2 | 10-May-2022 |
Joanna Farley <joanna.farley@arm.com> |
Merge "fix(amu): limit virtual offset register access to NS world" into integration |
| 0c7707fd | 08-Dec-2021 |
Marc Bonnici <marc.bonnici@arm.com> |
feat(spmc): enable handling FFA_VERSION ABI
Report the SPMC version to the caller, currently v1.1 and
also store the requested version to allow the SPMC to
use the corresponding FF-A version in futu
feat(spmc): enable handling FFA_VERSION ABI
Report the SPMC version to the caller, currently v1.1 and
also store the requested version to allow the SPMC to
use the corresponding FF-A version in future ABI calls.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I79aafd1e6694cbd4b231bbd0cac5834a71063d79
show more ...
|
| af220ebb | 09-Mar-2022 |
johpow01 <john.powell@arm.com> |
fix(errata): workaround for Cortex-A710 erratum 2008768
Cortex-A710 erratum 2008768 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r2p0, and is fixed in r2p1. The workaround is to clea
fix(errata): workaround for Cortex-A710 erratum 2008768
Cortex-A710 erratum 2008768 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r2p0, and is fixed in r2p1. The workaround is to clear
the ED bit in each ERXCTLR_EL1 register before setting the PWRDN bit in
CPUPWRCTLR_EL1.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN1775101
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ib2171c06da762dd4155b02c03d86766f1616381d
show more ...
|
| efceb6be | 06-May-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes Iaf21883b,I523c5d57,I57164923 into integration
* changes:
fix(ufs): read and write attribute based on spec
fix(ufs): disables controller if enabled
refactor(ufs): adds a function
Merge changes Iaf21883b,I523c5d57,I57164923 into integration
* changes:
fix(ufs): read and write attribute based on spec
fix(ufs): disables controller if enabled
refactor(ufs): adds a function for fdeviceinit
show more ...
|
| 44b9d577 | 06-May-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "ffa_el3_spmc" into integration
* changes:
feat(spmc): enable checking of execution ctx count
feat(spmc): enable parsing of UUID from SP Manifest
feat(spmc): add parti
Merge changes from topic "ffa_el3_spmc" into integration
* changes:
feat(spmc): enable checking of execution ctx count
feat(spmc): enable parsing of UUID from SP Manifest
feat(spmc): add partition mailbox structs
feat(plat/arm): allow BL32 specific defines to be used by SPMC_AT_EL3
feat(plat/fvp): add EL3 SPMC #defines
test(plat/fvp/lsp): add example logical partition
feat(spmc/lsp): add logical partition framework
show more ...
|
| e8ad3975 | 06-May-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge "feat(brbe): add BRBE support for NS world" into integration |
| 78c82cd0 | 06-May-2022 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge changes from topic "ja/boot_protocol" into integration
* changes:
fix(sptool): update Optee FF-A manifest
feat(sptool): delete c version of the sptool
feat(sptool): use python version of
Merge changes from topic "ja/boot_protocol" into integration
* changes:
fix(sptool): update Optee FF-A manifest
feat(sptool): delete c version of the sptool
feat(sptool): use python version of sptool
feat(sptool): python version of the sptool
refactor(sptool): use SpSetupActions in sp_mk_generator.py
feat(sptool): add python SpSetupActions framework
show more ...
|
| 744ad974 | 28-Jan-2022 |
johpow01 <john.powell@arm.com> |
feat(brbe): add BRBE support for NS world
This patch enables access to the branch record buffer control registers
in non-secure EL2 and EL1 using the new build option ENABLE_BRBE_FOR_NS.
It is disab
feat(brbe): add BRBE support for NS world
This patch enables access to the branch record buffer control registers
in non-secure EL2 and EL1 using the new build option ENABLE_BRBE_FOR_NS.
It is disabled for all secure world, and cannot be used with ENABLE_RME.
This option is disabled by default, however, the FVP platform makefile
enables it for FVP builds.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I576a49d446a8a73286ea6417c16bd0b8de71fca0
show more ...
|
| 2d65ea19 | 20-Dec-2021 |
Marc Bonnici <marc.bonnici@arm.com> |
feat(plat/arm): allow BL32 specific defines to be used by SPMC_AT_EL3
For EL3 SPMC configuration enabled platforms, allow the reuse of
BL32 specific definitions.
Signed-off-by: Marc Bonnici <marc.b
feat(plat/arm): allow BL32 specific defines to be used by SPMC_AT_EL3
For EL3 SPMC configuration enabled platforms, allow the reuse of
BL32 specific definitions.
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I37ffbbf680326c101fbb2f146085a96c138f07a1
show more ...
|
| f4ec4761 | 22-Mar-2022 |
J-Alves <joao.alves@arm.com> |
feat(sptool): delete c version of the sptool
Change-Id: I224762ef66624c78dd87729dac80b2c956ee50ba
Signed-off-by: J-Alves <joao.alves@arm.com> |
| 7affa25c | 14-Feb-2022 |
Marc Bonnici <marc.bonnici@arm.com> |
feat(spmc/lsp): add logical partition framework
Introduce a framework to support running logical
partitions alongside the SPMC in EL3 as per the
v1.1 FF-A spec.
The DECLARE_LOGICAL_PARTITION macro
feat(spmc/lsp): add logical partition framework
Introduce a framework to support running logical
partitions alongside the SPMC in EL3 as per the
v1.1 FF-A spec.
The DECLARE_LOGICAL_PARTITION macro has been added to
simplify the process to define a Logical Partition.
The partitions themselves are statically allocated
with the descriptors placed in RO memory.
It is assumed that the MAX_EL3_LP_DESCS_COUNT will
be defined by the platform.
Change-Id: I1c2523e0ad2d9c5d36aeeef6b8bcb1e80db7c443
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
show more ...
|