Merge changes from topic "hm/evlog" into integration

* changes:
refactor(drtm): use crypto-agile measured boot
refactor(imx): use crypto-agile measured boot
refactor(qemu): use crypto-agile me

Merge changes from topic "hm/evlog" into integration

* changes:
refactor(drtm): use crypto-agile measured boot
refactor(imx): use crypto-agile measured boot
refactor(qemu): use crypto-agile measured boot
refactor(juno): use crypto-agile measured boot
refactor(rpi3): use crypto-agile measured boot
refactor(fvp): use crypto-agile measured boot
feat(measured-boot): enable dynamic hash provisioning
feat: add TPM/TCG hashing helper to crypto module
chore: bump event log library

show more ...

refactor(fvp): use crypto-agile measured boot

Update the FVP measured boot flow to use the crypto-agile API. Replace
the previous single-algorithm hash configuration with dynamic algorithm
selection

refactor(fvp): use crypto-agile measured boot

Update the FVP measured boot flow to use the crypto-agile API. Replace
the previous single-algorithm hash configuration with dynamic algorithm
selection. Align image measurement and event log header generation with
the new hashing model and update platform glue code accordingly.

Change-Id: I4128a0c66a56df6c473c47a577d86cd38bf057f6
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

Merge changes Ifbc5ab02,Ib9002609,I0276257d into integration

* changes:
fix(fvp): initialise the event log's size to avoid using gibberish values
fix(tsp): keep the tsp D128 unaware, not the dis

Merge changes Ifbc5ab02,Ib9002609,I0276257d into integration

* changes:
fix(fvp): initialise the event log's size to avoid using gibberish values
fix(tsp): keep the tsp D128 unaware, not the dispatcher
fix(dice): prevent compiler warnings

show more ...

fix(fvp): initialise the event log's size to avoid using gibberish values

The event log's DT bindings only specify the lower 32 bits of the event
log's size, but the size is held in a 64 bit variabl

fix(fvp): initialise the event log's size to avoid using gibberish values

The event log's DT bindings only specify the lower 32 bits of the event
log's size, but the size is held in a 64 bit variable on stack. When
conditions are right, the uninitialised upper 32 bits may contain
gibberish that throws off our computations, leading to faults.

Change-Id: Ifbc5ab027aac4e8899fea962656b07960b9b00b9
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge changes from topic "hm/evlog" into integration

* changes:
build(measured-boot)!: move to ext event log lib
feat(build): add utilities for modifying includes

build(measured-boot)!: move to ext event log lib

Removes in-tree Event Log library implementation and updates all
references to use the external submodule. Updates include paths,
Makefile macros, an

build(measured-boot)!: move to ext event log lib

Removes in-tree Event Log library implementation and updates all
references to use the external submodule. Updates include paths,
Makefile macros, and platform integration logic to link with lib as a
static library.

If you cloned TF-A without the `--recurse-submodules` flag, you can
ensure that this submodule is present by running:

git submodule update --init --recursive

BREAKING-CHANGE: LibEventLog is now included in TF-A as a submodule.
Please run `git submodule update --init --recursive` if you encounter
issues after migrating to the latest version of TF-A.

Change-Id: I723f493033c178759a45ea04118e7cc295dc2438
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

Merge changes from topic "rustspmc_with_xferlist" into integration

* changes:
feat(fvp): introduce fvp_stmm_bl2_sp_list.dts for StandaloneMm
feat(fvp): update evtlog info in the xferlist's DT_SP

Merge changes from topic "rustspmc_with_xferlist" into integration

* changes:
feat(fvp): introduce fvp_stmm_bl2_sp_list.dts for StandaloneMm
feat(fvp): update evtlog info in the xferlist's DT_SPMC_MANIFEST entry
feat(fvp): move PLAT_ARM_SPMC_SP_MANIFEST_SIZE definition
feat(spmd): get spmc manifest from xferlist

show more ...

feat(fvp): update evtlog info in the xferlist's DT_SPMC_MANIFEST entry

For compatibility with SPMCs that obtain
event log information from DT_SPMC_MANIFEST,
ensure the event log is updated when TF-A

feat(fvp): update evtlog info in the xferlist's DT_SPMC_MANIFEST entry

For compatibility with SPMCs that obtain
event log information from DT_SPMC_MANIFEST,
ensure the event log is updated when TF-A uses firmware handoff.

Change-Id: Iafc11c63c86c2ee67481e3085d2e8390d5f99cea
Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>

show more ...

Merge changes from topic "hm/handoff-mb" into integration

* changes:
feat(arm): support boot info handoff and event log
fix(arm): update tsp_early_platform_setup prototype
fix(xilinx): update

Merge changes from topic "hm/handoff-mb" into integration

* changes:
feat(arm): support boot info handoff and event log
fix(arm): update tsp_early_platform_setup prototype
fix(xilinx): update tsp_early_platform_setup prototype
fix(socionext): update tsp_early_platform_setup prototype
fix(msm8916): update tsp_early_platform_setup prototype
feat(tsp): cascade boot arguments to platforms
feat(fvp): port event log to firmware handoff
feat(arm): port event log to firmware handoff
feat(fvp): increase bl2 mmap len for handoff
feat(measured-boot): add fw handoff event log utils

show more ...

feat(fvp): port event log to firmware handoff

Support handing off the event log to both the secure and non-secure
worlds using the firmware handoff framework. This also needs us to
increase the maxi

feat(fvp): port event log to firmware handoff

Support handing off the event log to both the secure and non-secure
worlds using the firmware handoff framework. This also needs us to
increase the maximum allocation for TB-FW configuration to accommodate
trusted boot entries.

Change-Id: I39d69d79434a366096dcf4fbdc5c434950170b78
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

Merge changes from topic "hm/evlog" into integration

* changes:
refactor(rpi3): use renamed event log printer
refactor(imx8m): use renamed event log printer
refactor(qemu): use renamed event l

Merge changes from topic "hm/evlog" into integration

* changes:
refactor(rpi3): use renamed event log printer
refactor(imx8m): use renamed event log printer
refactor(qemu): use renamed event log printer
refactor(fvp): use renamed event log printer
refactor(measured-boot): standardize function names

show more ...

refactor(fvp): use renamed event log printer

Following the renaming of printer functions to follow the
event_log_{func} convention, update FVP to use the new function names
for consistency with the

refactor(fvp): use renamed event log printer

Following the renaming of printer functions to follow the
event_log_{func} convention, update FVP to use the new function names
for consistency with the logging library.

Change-Id: I1c3b1311d51174c76903e147c28d51f986b52712
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header

show more ...

refactor(fvp): align image identifier string macros

Macros were renamed, align with new names.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I85d03164f580d9c41b7955482914d20188e559e5

Merge "feat(fvp): remove left-over RSS usage" into integration

feat(fvp): remove left-over RSS usage

Remove any residual RSS usage in the FVP platform, complementing the
changes made in commit dea307fd6cca2dad56867e757804224a8654bc38.

Signed-off-by: Manish V B

feat(fvp): remove left-over RSS usage

Remove any residual RSS usage in the FVP platform, complementing the
changes made in commit dea307fd6cca2dad56867e757804224a8654bc38.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I9ced272503456361610ec0c7783d270349233926

show more ...

Merge changes from topic "mb/mb-signer-id" into integration

* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'pla

Merge changes from topic "mb/mb-signer-id" into integration

* changes:
feat(qemu): add dummy plat_mboot_measure_key() function
docs(rss): update RSS doc for signer-ID
feat(imx): add dummy 'plat_mboot_measure_key' function
feat(tc): implement platform function to measure and publish Public Key
feat(auth): measure and publicise the Public Key
feat(fvp): implement platform function to measure and publish Public Key
feat(fvp): add public key-OID information in RSS metadata structure
feat(auth): add explicit entries for key OIDs
feat(rss): set the signer-ID in the RSS metadata
feat(auth): create a zero-OID for Subject Public Key
docs: add details about plat_mboot_measure_key function
feat(measured-boot): introduce platform function to measure and publish Public Key

show more ...

feat(fvp): add public key-OID information in RSS metadata structure

Added public key-OID information in the RSS metadata structure.

Change-Id: I5ee5d41519980091296deaa1882fdfe9ae6766c0
Signed-off-b

feat(fvp): add public key-OID information in RSS metadata structure

Added public key-OID information in the RSS metadata structure.

Change-Id: I5ee5d41519980091296deaa1882fdfe9ae6766c0
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "mb/mb-rss-refactor" into integration

* changes:
refactor(tc): update RSS driver inteface calls
refactor(fvp): update RSS driver inteface calls
refactor(rss): make RSS

Merge changes from topic "mb/mb-rss-refactor" into integration

* changes:
refactor(tc): update RSS driver inteface calls
refactor(fvp): update RSS driver inteface calls
refactor(rss): make RSS driver standalone for Measured Boot

show more ...

refactor(fvp): update RSS driver inteface calls

In order to comply with the previous RSS driver change,
interface calls have been updated.

Change-Id: I0a1f3c6a6f8017468d86903cc0158805c6461c28
Signe

refactor(fvp): update RSS driver inteface calls

In order to comply with the previous RSS driver change,
interface calls have been updated.

Change-Id: I0a1f3c6a6f8017468d86903cc0158805c6461c28
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "feat(fvp): add Event Log maximum size property in DT" into integration

feat(fvp): add Event Log maximum size property in DT

Updated the code to get and set the 'tpm_event_log_max_size' property
in the event_log.dtsi.

In this change, the maximum Event Log buffer size a

feat(fvp): add Event Log maximum size property in DT

Updated the code to get and set the 'tpm_event_log_max_size' property
in the event_log.dtsi.

In this change, the maximum Event Log buffer size allocated by BL1 is
passed to BL2, rather than both relying on the maximum Event Log buffer
size macro.

Change-Id: I7aa6256390872171e362b6f166f3f7335aa6e425
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "mb/secure-evlog-cpy" into integration

* changes:
feat(fvp): copy the Event Log to TZC secured DRAM area
feat(arm): carveout DRAM1 area for Event Log

feat(fvp): copy the Event Log to TZC secured DRAM area

Copied the Event Log from internal SRAM to the TZC secured DRAM
reserved area. Also passed this Trusted DRAM address to OPTEE via
NT FW configu

feat(fvp): copy the Event Log to TZC secured DRAM area

Copied the Event Log from internal SRAM to the TZC secured DRAM
reserved area. Also passed this Trusted DRAM address to OPTEE via
NT FW configuration, and to SPMC via TOS FW configuration,
which is eventually used to extend PCR via fTPM application running
on top of OPTEE/SPMC.

Furthermore, this patch makes it easier to access Event Log in RME
enabled systems where Secure World firmware does not have access to
internal(Root) SRAM.

Change-Id: I005e9da1e6075511f412bdf4d8b541fa543df9ab
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "mb/refactor-evlog" into integration

* changes:
refactor(qemu): pass platform metadata as a function's argument
refactor(imx8m): pass platform metadata as a function's a

Merge changes from topic "mb/refactor-evlog" into integration

* changes:
refactor(qemu): pass platform metadata as a function's argument
refactor(imx8m): pass platform metadata as a function's argument
refactor(fvp): pass platform metadata as a function's argument
refactor(measured-boot): accept metadata as a function's argument

show more ...