| #
c3170fd8 |
| 14-Nov-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "stm32mp1-trusted-boot" into integration
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
Merge changes from topic "stm32mp1-trusted-boot" into integration
* changes:
docs(st): update documentation for TRUSTED_BOARD_BOOT
fix(build): ensure that the correct rule is called for tools
feat(stm32mp1): add the platform specific build for tools
fix(stm32mp13-fdts): remove secure status
feat(stm32mp1-fdts): add CoT and fuse references for authentication
feat(stm32mp1): add a check on TRUSTED_BOARD_BOOT with secure chip
feat(stm32mp1): add the decryption support
feat(stm32mp1): add the TRUSTED_BOARD_BOOT support
feat(stm32mp1): update ROM code API for header v2 management
feat(stm32mp1): remove unused function from boot API
refactor(stm32mp1): remove authentication using STM32 image mode
fix(fconf): fix type error displaying disable_auth
feat(tbbr): increase PK_DER_LEN size
fix(auth): correct sign-compare warning
feat(auth): allow to verify PublicKey with platform format PK
feat(cert-create): update for ECDSA brainpoolP256r/t1 support
feat(stm32mp1): add RNG initialization in BL2 for STM32MP13
feat(st-crypto): remove BL32 HASH driver usage
feat(stm32mp1): add a stm32mp crypto library
feat(st-crypto): add STM32 RNG driver
feat(st-crypto): add AES decrypt/auth by SAES IP
feat(st-crypto): add ECDSA signature check with PKA
feat(st-crypto): update HASH for new hardware version used in STM32MP13
show more ...
|
| #
381f465c |
| 05-Oct-2022 |
Lionel Debieve <lionel.debieve@foss.st.com> |
fix(fconf): fix type error displaying disable_auth
disable_auth is defined as uint32_t and must be displayed
as an unsigned int.
lib/fconf/fconf_tbbr_getter.c:
In function ‘fconf_populate_tbbr_dyn_
fix(fconf): fix type error displaying disable_auth
disable_auth is defined as uint32_t and must be displayed
as an unsigned int.
lib/fconf/fconf_tbbr_getter.c:
In function ‘fconf_populate_tbbr_dyn_config’:
include/common/debug.h:46:41: error:
format ‘%d’ expects argument of type ‘int’, but argument 3 has
type ‘uint32_t’ {aka ‘unsigned int’} [-Werror=format=]
46 | #define LOG_MARKER_WARNING "\x1e" /* 30 */
| ^~~~~~
include/common/debug.h:77:32: note:
in expansion of macro ‘LOG_MARKER_WARNING’
77 | # define WARN(...) tf_log(LOG_MARKER_WARNING __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~
lib/fconf/fconf_tbbr_getter.c:47:17: note:
in expansion of macro ‘WARN’
47 | WARN("Invalid value for `%s` cell %d\n",
| ^~~~
include/common/debug.h:48:41: error:
format ‘%d’ expects argument of type ‘int’, but argument 5 has
type ‘uint32_t’ {aka ‘unsigned int’} [-Werror=format=]
48 | #define LOG_MARKER_VERBOSE "\x32" /* 50 */
| ^~~~~~
include/common/debug.h:58:32: note:
in definition of macro ‘no_tf_log’
58 | tf_log(fmt, ##__VA_ARGS__); \
| ^~~
include/common/debug.h:91:35: note:
in expansion of macro ‘LOG_MARKER_VERBOSE’
91 | # define VERBOSE(...)
| no_tf_log(LOG_MARKER_VERBOSE __VA_ARGS__)
| ^~~~~~~~~~~~~~~~~~
lib/fconf/fconf_tbbr_getter.c:74:9: note:
in expansion of macro ‘VERBOSE’
74 | VERBOSE("%s%s%s %d\n","FCONF: `tbbr.", "disable_auth",
| ^~~~~~~
cc1: all warnings being treated as errors
Change-Id: I0164ddfe511406cc1a8d014a368ef3e3c5f8cd27
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
show more ...
|
| #
fa1e0167 |
| 13-Oct-2021 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "refactor-mb" into integration
* changes:
docs(measured boot): add measured boot platform functions
refactor(measured boot): make measurement strings compliant with SBSG
Merge changes from topic "refactor-mb" into integration
* changes:
docs(measured boot): add measured boot platform functions
refactor(measured boot): make measurement strings compliant with SBSG
feat(plat/fvp): pass Event Log addr and size from BL1 to BL2
feat(measured_boot): update tb_fw_config with event log properties
feat(measured_boot): image hash measurement and recording in BL1
refactor(measured boot): remove platform calls from Event Log driver
refactor(measured_boot): remove passing of BL2 hash via device tree
refactor(measured boot): move BL2 measurement to platform layer
refactor(measured boot): rename add_event2()
refactor(measured boot): move image measurement to generic layer
build(measured boot): rename measured boot makefile
feat(measured boot): move init and teardown functions to platform layer
refactor(measured boot): rename tpm_record_measurement()
show more ...
|
| #
eab78e9b |
| 10-Aug-2021 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
refactor(measured_boot): remove passing of BL2 hash via device tree
Subsequent patches will provide a solution to do the BL2 hash measurement
and recording in BL1 itself, hence in preparation to ado
refactor(measured_boot): remove passing of BL2 hash via device tree
Subsequent patches will provide a solution to do the BL2 hash measurement
and recording in BL1 itself, hence in preparation to adopt that solution
remove the logic of passing BL2 hash measurement to BL2 component
via TB_FW config.
Change-Id: Iff9b3d4c6a236a33b942898fcdf799cbab89b724
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
show more ...
|
| #
3ee148d6 |
| 22-Jul-2020 |
joanna.farley <joanna.farley@arm.com> |
Merge changes from topics "af/add_measured_boot_bl1_bl2", "af/add_measured_boot_driver", "af/add_measured_boot_driver_support", "af/add_measured_boot_fconf", "af/add_measured_boot_fvp" into integrati
Merge changes from topics "af/add_measured_boot_bl1_bl2", "af/add_measured_boot_driver", "af/add_measured_boot_driver_support", "af/add_measured_boot_fconf", "af/add_measured_boot_fvp" into integration
* changes:
plat/arm/board/fvp: Add support for Measured Boot
TF-A: Add support for Measured Boot driver to FCONF
TF-A: Add support for Measured Boot driver in BL1 and BL2
TF-A: Add Event Log for Measured Boot
TF-A: Add support for Measured Boot driver
show more ...
|
| #
c3825c9b |
| 13-Jul-2020 |
Alexei Fedorov <Alexei.Fedorov@arm.com> |
TF-A: Add support for Measured Boot driver to FCONF
This patch adds support for Measured Boot driver functionality
to FCONF library code.
Change-Id: I81cdb06f1950f7e6e58f938a1b9c2f74f7cfdf88
Signed
TF-A: Add support for Measured Boot driver to FCONF
This patch adds support for Measured Boot driver functionality
to FCONF library code.
Change-Id: I81cdb06f1950f7e6e58f938a1b9c2f74f7cfdf88
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
show more ...
|
| #
65808674 |
| 04-May-2020 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "fdt_wrappers_rework" into integration
* changes:
arm: fconf: Fix GICv3 dynamic configuration
plat/stm32: Implement fdt_read_uint32_default() as a wrapper
fdt/wrappers
Merge changes from topic "fdt_wrappers_rework" into integration
* changes:
arm: fconf: Fix GICv3 dynamic configuration
plat/stm32: Implement fdt_read_uint32_default() as a wrapper
fdt/wrappers: Replace fdtw_read_cells() implementation
plat/stm32: Use generic fdt_read_uint32_array() implementation
fdt/wrappers: Generalise fdtw_read_array()
show more ...
|
| #
ff4e6c35 |
| 26-Mar-2020 |
Andre Przywara <andre.przywara@arm.com> |
fdt/wrappers: Replace fdtw_read_cells() implementation
Our fdtw_read_cells() implementation goes to great lengths to
sanity-check every parameter and result, but leaves a big hole open:
The size of
fdt/wrappers: Replace fdtw_read_cells() implementation
Our fdtw_read_cells() implementation goes to great lengths to
sanity-check every parameter and result, but leaves a big hole open:
The size of the storage the value pointer points at needs to match the
number of cells given. This can't be easily checked at compile time,
since we lose the size information by using a void pointer.
Regardless the current usage of this function is somewhat wrong anyways,
since we use it on single-element, fixed-length properties only, for
which the DT binding specifies the size.
Typically we use those functions dealing with a number of cells in DT
context to deal with *dynamically* sized properties, which depend on
other properties (#size-cells, #clock-cells, ...), to specify the number
of cells needed.
Another problem with the current implementation is the use of
ambiguously sized types (uintptr_t, size_t) together with a certain
expectation about their size. In general there is no relation between
the length of a DT property and the bitness of the code that parses the
DTB: AArch64 code could encounter 32-bit addresses (where the physical
address space is limited to 4GB [1]), while AArch32 code could read
64-bit sized properties (/memory nodes on LPAE systems, [2]).
To make this more clear, fix the potential issues and also align more
with other DT users (Linux and U-Boot), introduce functions to explicitly
read uint32 and uint64 properties. As the other DT consumers, we do this
based on the generic "read array" function.
Convert all users to use either of those two new functions, and make
sure we never use a pointer to anything other than uint32_t or uint64_t
variables directly.
This reveals (and fixes) a bug in plat_spmd_manifest.c, where we write
4 bytes into a uint16_t variable (passed via a void pointer).
Also we change the implementation of the function to better align with
other libfdt users, by using the right types (fdt32_t) and common
variable names (*prop, prop_names).
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi#n874
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm/boot/dts/ecx-2000.dts
Change-Id: I718de960515117ac7a3331a1b177d2ec224a3890
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
show more ...
|
| #
d2737fe1 |
| 12-Mar-2020 |
Mark Dykes <mardyk01@review.trustedfirmware.org> |
Merge changes from topic "mp/enhanced_pal_hw" into integration
* changes:
plat/arm/fvp: populate pwr domain descriptor dynamically
fconf: Extract topology node properties from HW_CONFIG dtb
fc
Merge changes from topic "mp/enhanced_pal_hw" into integration
* changes:
plat/arm/fvp: populate pwr domain descriptor dynamically
fconf: Extract topology node properties from HW_CONFIG dtb
fconf: necessary modifications to support fconf in BL31 & SP_MIN
fconf: enhancements to firmware configuration framework
show more ...
|
| #
25d740c4 |
| 06-Dec-2019 |
Madhukar Pappireddy <madhukar.pappireddy@arm.com> |
fconf: enhancements to firmware configuration framework
A populate() function essentially captures the value of a property,
defined by a platform, into a fconf related c structure. Such a
callback i
fconf: enhancements to firmware configuration framework
A populate() function essentially captures the value of a property,
defined by a platform, into a fconf related c structure. Such a
callback is usually platform specific and is associated to a specific
configuration source.
For example, a populate() function which captures the hardware topology
of the platform can only parse HW_CONFIG DTB. Hence each populator
function must be registered with a specific 'config_type' identifier.
It broadly represents a logical grouping of configuration properties
which is usually a device tree source file.
Example:
> TB_FW: properties related to trusted firmware such as IO policies,
base address of other DTBs, mbedtls heap info etc.
> HW_CONFIG: properties related to hardware configuration of the SoC
such as topology, GIC controller, PSCI hooks, CPU ID etc.
This patch modifies FCONF_REGISTER_POPULATOR macro and fconf_populate()
to register and invoke the appropriate callbacks selectively based on
configuration type.
Change-Id: I6f63b1fd7a8729c6c9137d5b63270af1857bb44a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
show more ...
|
| #
21c4f56f |
| 11-Feb-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "lm/fconf" into integration
* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform
Merge changes from topic "lm/fconf" into integration
* changes:
arm-io: Panic in case of io setup failure
MISRA fix: Use boolean essential type
fconf: Add documentation
fconf: Move platform io policies into fconf
fconf: Add mbedtls shared heap as property
fconf: Add TBBR disable_authentication property
fconf: Add dynamic config DTBs info as property
fconf: Populate properties from dtb during bl2 setup
fconf: Load config dtb from bl1
fconf: initial commit
show more ...
|
| #
6c972317 |
| 01-Oct-2019 |
Louis Mayencourt <louis.mayencourt@arm.com> |
fconf: Add mbedtls shared heap as property
Use the firmware configuration framework in arm dynamic configuration
to retrieve mbedtls heap information between bl1 and bl2.
For this, a new fconf gett
fconf: Add mbedtls shared heap as property
Use the firmware configuration framework in arm dynamic configuration
to retrieve mbedtls heap information between bl1 and bl2.
For this, a new fconf getter is added to expose the device tree base
address and size.
Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
show more ...
|
| #
ce852841 |
| 30-Sep-2019 |
Louis Mayencourt <louis.mayencourt@arm.com> |
fconf: Add TBBR disable_authentication property
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.
Change-Id: Ibf184a5c6245d0
fconf: Add TBBR disable_authentication property
Use fconf to retrieve the `disable_authentication` property.
Move this access from arm dynamic configuration to bl common.
Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
show more ...
|