Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fv

Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fvp): change all occurrences of RSS to RSE
refactor(fiptool): change all occurrences of RSS to RSE
refactor(psa): change all occurrences of RSS to RSE
refactor(fvp): remove leftovers from rss measured boot support
refactor(tc): change all occurrences of RSS to RSE
docs: change all occurrences of RSS to RSE
refactor(measured-boot): change all occurrences of RSS to RSE
refactor(rse): change all occurrences of RSS to RSE
refactor(psa): rename all 'rss' files to 'rse'
refactor(tc): rename all 'rss' files to 'rse'
docs: rename all 'rss' files to 'rse'
refactor(measured-boot): rename all 'rss' files to 'rse'
refactor(rss): rename all 'rss' files to 'rse'

show more ...

refactor(psa): change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the code and build files
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id

refactor(psa): change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the code and build files
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I606e2663fb3719edf6372d6ffa4f1982eef45994

show more ...

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header

show more ...

refactor(measured-boot): move metadata size macros to a common header

The max size macros of metadata elements are shared across
multiple measured boot backends: rss-measured-boot, dpe.

Increase th

refactor(measured-boot): move metadata size macros to a common header

The max size macros of metadata elements are shared across
multiple measured boot backends: rss-measured-boot, dpe.

Increase the SW_TYPE_MAX_SIZE to be able to accomodate
all macro.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ic9004a36ef1df96c70a4f7adf7bb86dc27dd307c

show more ...

Merge changes from topic "mb/deprecate-rss-for-fvp" into integration

* changes:
refactor(fvp): remove RSS usage
refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option

refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option

Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially
introduced for building the Base AEM FVP platform platform with RSS.
H

refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option

Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially
introduced for building the Base AEM FVP platform platform with RSS.
However, we now have a well-defined TC2 platform with RSS, making it
unnecessary to keep this flag.

Note -
Theoretically this is a breaking change. Other platforms could be
using the PLAT_RSS_NOT_SUPPORTED build option. Among upstream platforms,
only the Base AEM FVP uses it right now but we don't know about
downstream platforms.

Change-Id: I931905a4c6ac1ebe3895ab6e0287d0fa07721707
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "fix(measured-boot): don't strip last non-0 char" into integration

fix(measured-boot): don't strip last non-0 char

With the current implementation of stripping the last null
byte from a string, there was no way to get the TF-M measured
boot test suite to pass. It w

fix(measured-boot): don't strip last non-0 char

With the current implementation of stripping the last null
byte from a string, there was no way to get the TF-M measured
boot test suite to pass. It would expect the size of the string
passed into extend measurement to be unaffected by the call.

This fix should allow passing a string with the null char
pre-stripped, allowing the tests to exclude the null char in
their test data and not have the length decremented.

Further, This patch adds an early exit if either the version
or sw_type is larger than its buffer. Without this check,
it may be possible to pass a length one more than the maximum,
and if the last element is a null, the length will be truncated
to fit. This is instead suppsed to return an error.

Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Change-Id: I98e1bb53345574d4645513009883c6e7b6612531

show more ...

Merge changes Ida9abfd5,Iec447d97 into integration

* changes:
build: enable adding MbedTLS files for platform
feat(lib/psa): add read_measurement API

Merge "fix(rss): remove null-terminator from RSS metadata" into integration

fix(rss): remove null-terminator from RSS metadata

Remove the null-terminator of the string-like data items
from the RSS measurement's metadata. The 'version' and
'sw_type' items have an associated

fix(rss): remove null-terminator from RSS metadata

Remove the null-terminator of the string-like data items
from the RSS measurement's metadata. The 'version' and
'sw_type' items have an associated length value which
should not include a null-terminator when storing the
measurement.

Change-Id: Ia91ace2fff8b6f75686dd2e1862475268300bbdb
Signed-off-by: David Vincze <david.vincze@arm.com>

show more ...

feat(lib/psa): add read_measurement API

This API is added for testing purposes. It makes possible to write test
cases that read measurements back after extending them, and compare
them to expected r

feat(lib/psa): add read_measurement API

This API is added for testing purposes. It makes possible to write test
cases that read measurements back after extending them, and compare
them to expected results.

Change-Id: Iec447d972fdd54a56ab933a065476e0f4d35a6fc
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>

show more ...

Merge changes I072fe5fe,I4066d476,Ie4af38b8,I730e7b04,Iac3356f8, ... into integration

* changes:
fix(psa): extend measured boot logging
fix(rss): determine the size of sw_type in RSS mboot metad

Merge changes I072fe5fe,I4066d476,Ie4af38b8,I730e7b04,Iac3356f8, ... into integration

* changes:
fix(psa): extend measured boot logging
fix(rss): determine the size of sw_type in RSS mboot metadata
fix(psa): align with original API in tf-m-extras
fix(rss): clear the message buffer
feat(tc): enable RSS backend based measured boot
feat(tc): increase maximum BL1/BL2/BL31 sizes

show more ...

fix(psa): extend measured boot logging

Print all the params of
rss_measured_boot_extend_measurement() to
the console to check parameter healthiness.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Cha

fix(psa): extend measured boot logging

Print all the params of
rss_measured_boot_extend_measurement() to
the console to check parameter healthiness.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I072fe5fef72c67e615ab64e06a9e1f6add5e9cfc

show more ...

fix(psa): align with original API in tf-m-extras

The measured boot API is available in the tf-m-extras
repo:
partitions/measured_boot/interface/src/measured_boot_api.c

This change make the API beha

fix(psa): align with original API in tf-m-extras

The measured boot API is available in the tf-m-extras
repo:
partitions/measured_boot/interface/src/measured_boot_api.c

This change make the API behavior align with
the original implementation.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie4af38b859f942b2ef090e92da64d75811b5b49b

show more ...

Merge "fix(measured-boot): fix verbosity level of RSS digests traces" into integration

fix(measured-boot): fix verbosity level of RSS digests traces

Most traces displayed by log_measurement() use the INFO verbosity
level. Only the digests are unconditionally printed, regardless of
the

fix(measured-boot): fix verbosity level of RSS digests traces

Most traces displayed by log_measurement() use the INFO verbosity
level. Only the digests are unconditionally printed, regardless of
the verbosity level. As a result, when the verbosity level is set
lower than INFO (typically in release mode), only the digests are
printed, which look weird and out of context.

Change-Id: I0220977c35dcb636f1510d8a7a0a9e3d92548bdc
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

Merge "fix(lib/psa): fix Null pointer dereference error" into integration

fix(lib/psa): fix Null pointer dereference error

Fixing possible Null pointer dereference error, found
by Coverity scan.

Change-Id: If60b7f7e13ecbc3c01e3a9c5005c480260bbabdd
Signed-off-by: David Vi

fix(lib/psa): fix Null pointer dereference error

Fixing possible Null pointer dereference error, found
by Coverity scan.

Change-Id: If60b7f7e13ecbc3c01e3a9c5005c480260bbabdd
Signed-off-by: David Vincze <david.vincze@arm.com>

show more ...

Merge changes from topic "rss/mboot-attest" into integration

* changes:
docs(maintainers): add PSA, MHU, RSS comms code owners
feat(plat/arm/fvp): enable RSS backend based measured boot
feat(l

Merge changes from topic "rss/mboot-attest" into integration

* changes:
docs(maintainers): add PSA, MHU, RSS comms code owners
feat(plat/arm/fvp): enable RSS backend based measured boot
feat(lib/psa): mock PSA APIs
feat(drivers/measured_boot): add RSS backend
feat(drivers/arm/rss): add RSS communication driver
feat(lib/psa): add initial attestation API
feat(lib/psa): add measured boot API
feat(drivers/arm/mhu): add MHU driver

show more ...

feat(lib/psa): mock PSA APIs

Introduce PLAT_RSS_NOT_SUPPORTED build config to
provide a mocked version of PSA APIs. The goal is
to test the RSS backend based measured boot and
attestation token requ

feat(lib/psa): mock PSA APIs

Introduce PLAT_RSS_NOT_SUPPORTED build config to
provide a mocked version of PSA APIs. The goal is
to test the RSS backend based measured boot and
attestation token request integration on such
a platform (AEM FVP) where RSS is otherwise
unsupported. The mocked PSA API version does
not send a request to the RSS, it only returns
with success and hard-coded values.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ice8d174adf828c1df08fc589f0e17abd1e382a4d

show more ...

feat(lib/psa): add measured boot API

A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measure

feat(lib/psa): add measured boot API

A secure enclave could provide an alternate
backend for measured boot. This API can be used
to store measurements in a secure enclave, which
provides the measured boot runtime service.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I2448e324e7ece6b318403c5937dfe7abea53d0f3

show more ...