Merge changes from topic "xl/separate-bl2" into integration

* changes:
feat(fwu): documentation for BL2 separation
feat(fwu): separate bl2 image from rest of the FIP
feat(fwu): create flag for

Merge changes from topic "xl/separate-bl2" into integration

* changes:
feat(fwu): documentation for BL2 separation
feat(fwu): separate bl2 image from rest of the FIP
feat(fwu): create flag for BL2 separation

show more ...

feat(fwu): separate bl2 image from rest of the FIP

Create a separate partition for BL2 image in the GPT.
Modify the makefile to package BL2 image and its certificates
into a different FIP image.

Ch

feat(fwu): separate bl2 image from rest of the FIP

Create a separate partition for BL2 image in the GPT.
Modify the makefile to package BL2 image and its certificates
into a different FIP image.

Change-Id: I950883ea0c393a2a063ad9e51bb963cbac742705
Signed-off-by: Xialin Liu <xialin.liu@arm.com>

show more ...

Merge changes from topic "mb/spm+rme-tb-mb-support" into integration

* changes:
fix(fvp): increase the maximum size of Event Log
fix(fvp): increase maximum MMAP and XLAT entries count
fix(arm)

Merge changes from topic "mb/spm+rme-tb-mb-support" into integration

* changes:
fix(fvp): increase the maximum size of Event Log
fix(fvp): increase maximum MMAP and XLAT entries count
fix(arm): add Event Log area behind Trustzone Controller
fix(tbbr): unrecognised 'tos-fw-key-cert' option

show more ...

fix(tbbr): unrecognised 'tos-fw-key-cert' option

CCA CoT uses 'core-swd-cert' for signing all secure software, so when
using cert_create tool to generate its certificate, it throws an
error: "tools

fix(tbbr): unrecognised 'tos-fw-key-cert' option

CCA CoT uses 'core-swd-cert' for signing all secure software, so when
using cert_create tool to generate its certificate, it throws an
error: "tools/cert_create/cert_create: unrecognized option
'--tos-fw-key-cert'".
The issue has not been seen so far since "SPM+RME+TBB+Measured-Boot"
combination is not tested in CI/local-setup. It is now resolved by
guarding usage of '--tos-fw-key-cert' for non-CCA CoTs.

Change-Id: I5e61d851a71c251920171cf410cbd0129e0e0aad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "cot_cca_nvctr" into integration

* changes:
feat(fvp): mock support for CCA NV ctr
feat(auth): add CCA NV ctr to CCA CoT
feat(build): pass CCA NV ctr option to cert_cr

Merge changes from topic "cot_cca_nvctr" into integration

* changes:
feat(fvp): mock support for CCA NV ctr
feat(auth): add CCA NV ctr to CCA CoT
feat(build): pass CCA NV ctr option to cert_create
feat(cert-create): add new option for CCA NV ctr

show more ...

feat(build): pass CCA NV ctr option to cert_create

Modifying build system to pass the new CCA NV counter options
ccafw_nvctr to cert_create tool in context of CCA COT

Change-Id: I9de2cdc041d96bc19

feat(build): pass CCA NV ctr option to cert_create

Modifying build system to pass the new CCA NV counter options
ccafw_nvctr to cert_create tool in context of CCA COT

Change-Id: I9de2cdc041d96bc19180c3189628ed23e68a992b
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

Merge "refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3" into integration

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is runnin

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is running at EL3 exception level
These two scenarios are not exactly same even though first implicitly
means second to be true. To distinguish between these two use cases we
introduce new macros.
BL2_AT_EL3 is renamed to RESET_TO_BL2 to better convey both 1. and 2.
Additional macro BL2_RUNS_AT_EL3 is added to cover all scenarious where
BL2 runs at EL3 (including four world systems).

BREAKING CHANGE: BL2_AT_EL3 renamed to RESET_TO_BL2 across the
repository.

Change-Id: I477e1d0f843b44b799c216670e028fcb3509fb72
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>

show more ...

Merge changes from topic "lw/cca_cot" into integration

* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build

Merge changes from topic "lw/cca_cot" into integration

* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build(tbbr): drive cert_create changes for cca CoT
refactor(arm): add cca CoT certificates to fconf
feat(fiptool): add cca, core_swd, plat cert in FIP
feat(cert_create): define the cca chain of trust
feat(cca): introduce new "cca" chain of trust
build(changelog): add new scope for CCA
refactor(fvp): increase bl2 size when bl31 in DRAM

show more ...

build(tbbr): drive cert_create changes for cca CoT

The build system needs to drive the cert_create tool in a slightly
different manner when using the cca chain of trust.

- It needs to pass it the p

build(tbbr): drive cert_create changes for cca CoT

The build system needs to drive the cert_create tool in a slightly
different manner when using the cca chain of trust.

- It needs to pass it the plat, core_swd, and swd ROT key files.

- It must now generate the cca, core_swd, and plat key certificates,
and exclude the non-relevant certificates.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I5759bfaf06913f86b47c7d04c897773bba16a807

show more ...

Merge changes from topic "fvpr_cleanup" into integration

* changes:
refactor(tbbr): remove "fvp_r" platform specific check
refactor(Makefile): move NEED_<IMAGE> before their use

refactor(tbbr): remove "fvp_r" platform specific check

fvp_r is a unique platform which does not have BL2 binary and image
loading functionality is performed by BL1 itself. To avoid
generating certi

refactor(tbbr): remove "fvp_r" platform specific check

fvp_r is a unique platform which does not have BL2 binary and image
loading functionality is performed by BL1 itself. To avoid
generating certificate for BL2 there was platform specific check
added which looks bit ugly, replacing that check.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I11360fa753f847768906c42dce652296245b4a63

show more ...

Merge changes from topic "gm/reviewCI" into integration

* changes:
docs: armv8-R aarch64 fvp_r documentation
fvp_r: load, auth, and transfer from BL1 to BL33
chore: fvp_r: Initial No-EL3 and

Merge changes from topic "gm/reviewCI" into integration

* changes:
docs: armv8-R aarch64 fvp_r documentation
fvp_r: load, auth, and transfer from BL1 to BL33
chore: fvp_r: Initial No-EL3 and MPU Implementation
fvp_r: initial platform port for fvp_r

show more ...

fvp_r: load, auth, and transfer from BL1 to BL33

Adding load, authentication, and transfer functionality from FVP R BL1 to
BL33, which will be the partner runtime code.

Signed-off-by: Lauren Wehrme

fvp_r: load, auth, and transfer from BL1 to BL33

Adding load, authentication, and transfer functionality from FVP R BL1 to
BL33, which will be the partner runtime code.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I293cad09739dacac0d20dd57c1d98178dbe84d40

show more ...

Merge changes I500ddbe9,I9c10dac9,I53bfff85,I06f7594d,I24bff8d4, ... into integration

* changes:
nxp lx2160a-aqds: new plat based on soc lx2160a
NXP lx2160a-rdb: new plat based on SoC lx2160a

Merge changes I500ddbe9,I9c10dac9,I53bfff85,I06f7594d,I24bff8d4, ... into integration

* changes:
nxp lx2160a-aqds: new plat based on soc lx2160a
NXP lx2160a-rdb: new plat based on SoC lx2160a
nxp lx2162aqds: new plat based on soc lx2160a
nxp: errata handling at soc level for lx2160a
nxp: make file for loading additional ddr image
nxp: adding support of soc lx2160a
nxp: deflt hdr files for soc & their platforms
nxp: platform files for bl2 and bl31 setup
nxp: warm reset support to retain ddr content
nxp: nv storage api on platforms
nxp: supports two mode of trusted board boot
nxp: fip-handler for additional fip_fuse.bin
nxp: fip-handler for additional ddr-fip.bin
nxp: image loader for loading fip image
nxp: svp & sip smc handling
nxp: psci platform functions used by lib/psci
nxp: helper function used by plat & common code
nxp: add data handler used by bl31
nxp: adding the driver.mk file
nxp-tool: for creating pbl file from bl2
nxp: adding the smmu driver
nxp: cot using nxp internal and mbedtls
nxp:driver for crypto h/w accelerator caam
nxp:add driver support for sd and emmc
nxp:add qspi driver
nxp: add flexspi driver support
nxp: adding gic apis for nxp soc
nxp: gpio driver support
nxp: added csu driver
nxp: driver pmu for nxp soc
nxp: ddr driver enablement for nxp layerscape soc
nxp: i2c driver support.
NXP: Driver for NXP Security Monitor
NXP: SFP driver support for NXP SoC
NXP: Interconnect API based on ARM CCN-CCI driver
NXP: TZC API to configure ddr region
NXP: Timer API added to enable ARM generic timer
nxp: add dcfg driver
nxp:add console driver for nxp platform
tools: add mechanism to allow platform specific image UUID
tbbr-cot: conditional definition for the macro
tbbr-cot: fix the issue of compiling time define
cert_create: updated tool for platform defined certs, keys & extensions
tbbr-tools: enable override TRUSTED_KEY_CERT

show more ...

tbbr-tools: enable override TRUSTED_KEY_CERT

Platforms, which requires additional images to be
verified using TBBR; such that their key certificate
is tied to TRUSTED_KEY_CERT.

For such platforms,

tbbr-tools: enable override TRUSTED_KEY_CERT

Platforms, which requires additional images to be
verified using TBBR; such that their key certificate
is tied to TRUSTED_KEY_CERT.

For such platforms, if make commands runs twice:
- Once with targets as bl2 & fip.bin, and
- Again to build the target as the additional image.

then, if path to the TRUSTED_KEY_CERT varies in the
makefile with make-target of the additional image, then
there would be two location where "trusted_key.crt" will
be created.

This patch helps overriding the TRUSTED_KEY_CERT from any .mk
in the platform's makefile structure.

Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I775a2c409035504b21b0bbe5a4f9046898163eed

show more ...

Merge "make_helpers: tbbr: Fix FWU certificate generation" into integration

make_helpers: tbbr: Fix FWU certificate generation

Provide missed command line parameters such as KEY_ALG, HASH_ALG
and KEY_SIZE while generating the FWU certificate.

Signed-off-by: Gilad Ben Yosse

make_helpers: tbbr: Fix FWU certificate generation

Provide missed command line parameters such as KEY_ALG, HASH_ALG
and KEY_SIZE while generating the FWU certificate.

Signed-off-by: Gilad Ben Yossef <Gilad.BenYossef@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I017fa3fff844f4262ae2441cbc9fee909d357fb3

show more ...

Merge changes from topic "sp_dual_signing" into integration

* changes:
dualroot: add chain of trust for Platform owned SPs
cert_create: add Platform owned secure partitions support

cert_create: add Platform owned secure partitions support

Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "s

cert_create: add Platform owned secure partitions support

Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "sip-sp-cert" was generated which
contained hash of all 8 SPs, with this change SPs are divided into
two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.

Platform RoT key pair is used for signing.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6

show more ...

Merge changes from topic "sp_secure_boot" into integration

* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure p

Merge changes from topic "sp_secure_boot" into integration

* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure partitions support

show more ...

cert_create: add SiP owned secure partitions support

Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specific

cert_create: add SiP owned secure partitions support

Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specification the support is only added for
dualroot CoT and not for TBBR CoT.

A single certificate file is generated containing hash of individual
packages. Maximum 8 secure partitions are supported.

Following new options added to cert_tool:
--sip-sp-cert --> SiP owned Secure Partition Content Certificate
--sp-pkg1 --> Secure Partition Package1 file
--sp-pkg2
.....
--sp-pkg8

Trusted world key pair is used for signing.

Going forward, this feature can be extended for Platfrom owned
Partitions, if required.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d

show more ...

Merge changes from topic "sb/dualroot" into integration

* changes:
Build system: Changes to drive cert_create for dualroot CoT
cert_create: Define the dualroot CoT
Introduce a new "dualroot" c

Merge changes from topic "sb/dualroot" into integration

* changes:
Build system: Changes to drive cert_create for dualroot CoT
cert_create: Define the dualroot CoT
Introduce a new "dualroot" chain of trust

show more ...

Build system: Changes to drive cert_create for dualroot CoT

The build system needs to drive the cert_create tool in a slightly
different manner when using the dualroot chain of trust.

- It needs t

Build system: Changes to drive cert_create for dualroot CoT

The build system needs to drive the cert_create tool in a slightly
different manner when using the dualroot chain of trust.

- It needs to pass it the platform root of trust key file.

- It must not try to generate the Non-Trusted Firmware Key Certificate,
which is not part of the dualroot CoT.

Change-Id: Ibcc821c5735765523730f861ae8230208f41302b
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

Merge changes from topic "jc/rsa-pkcs" into integration

* changes:
Remove RSA PKCS#1 v1.5 support from cert_tool
Add documentation for new KEY_SIZE option
Add cert_create tool support for RSA

Merge changes from topic "jc/rsa-pkcs" into integration

* changes:
Remove RSA PKCS#1 v1.5 support from cert_tool
Add documentation for new KEY_SIZE option
Add cert_create tool support for RSA key sizes
Support larger RSA key sizes when using MBEDTLS

show more ...