Merge changes I712712d7,I1932500e,I75dda77e,I12f3b8a3,Ia72e5900 into integration

* changes:
refactor(rse)!: remove rse_comms_init
refactor(arm): switch to rse_mbx_init
refactor(rse): put MHU c

Merge changes I712712d7,I1932500e,I75dda77e,I12f3b8a3,Ia72e5900 into integration

* changes:
refactor(rse)!: remove rse_comms_init
refactor(arm): switch to rse_mbx_init
refactor(rse): put MHU code in a dedicated file
refactor(tc): add plat_rse_comms_init
refactor(arm)!: rename PLAT_MHU_VERSION flag

show more ...

refactor(tc): add plat_rse_comms_init

The same way it is done for neoverse_rd, create a plat_rse_comms_init()
function to call rse_comms_init().

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Ch

refactor(tc): add plat_rse_comms_init

The same way it is done for neoverse_rd, create a plat_rse_comms_init()
function to call rse_comms_init().

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I12f3b8a38a5369decb4b97f8aceeb0dc81cbea28

show more ...

Merge "fix(tc): fix compilation error" into integration

fix(tc): fix compilation error

When the SPD_spmd configuration is disabled, the compiler complaints:

plat/arm/board/tc/tc_bl2_dpe.c:234:22: error: unused variable 'array_size' [-Werror=unused-varia

fix(tc): fix compilation error

When the SPD_spmd configuration is disabled, the compiler complaints:

plat/arm/board/tc/tc_bl2_dpe.c:234:22: error: unused variable 'array_size' [-Werror=unused-variable]
234 | const size_t array_size = ARRAY_SIZE(tc_dpe_metadata);
| ^~~~~~~~~~
plat/arm/board/tc/tc_bl2_dpe.c:233:16: error: unused variable 'i' [-Werror=unused-variable]
233 | size_t i;
| ^
cc1: all warnings being treated as errors

Move variable declarations into the code chunk protected by the SPD_spmd
configuration.

Change-Id: I1a3889938e2d4ec5efec516e9ef54034f9d711b2
Signed-off-by: Leo Yan <leo.yan@arm.com>

show more ...

Merge changes from topic "upstream_sp_num" into integration

* changes:
fix(tc): enable certificate on the last secure partition
feat(sptool): populate secure partition number in makefile

fix(tc): enable certificate on the last secure partition

Distros (e.g. Buildroot and Android) can have different secure partition
layout.

This commit iterates the DPE metadata table and finds index

fix(tc): enable certificate on the last secure partition

Distros (e.g. Buildroot and Android) can have different secure partition
layout.

This commit iterates the DPE metadata table and finds index (i) for the
first entry of the secure partition, connecting with the defined secure
partition number NUM_SP, so the last secure partition index is:

i + NUM_SP - 1

Instead of setting the certificate in hard code, dynamically enables the
certificate for the last secure partition base on calculated index.

Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>
Change-Id: Idd11b4f463bf5ccc8d82cd06bd21deeebbda67d9

show more ...

Merge changes from topic "dpe_target_locality" into integration

* changes:
feat(tc): provide target_locality info of AP FW components
refactor(tc): rename DPE header

feat(tc): provide target_locality info of AP FW components

The target_locality attribute is meant to specify that
a certain SW component is expected to run and thereby
send DPE commands from a given

feat(tc): provide target_locality info of AP FW components

The target_locality attribute is meant to specify that
a certain SW component is expected to run and thereby
send DPE commands from a given security domain. The DPE
service must be capable of determining the locality of
a client on his own. RSE determines the client's locality
based on the MHU channel used for communication.

If the expected locality (specified by the parent component)
is not matching with the determined locality by DPE
service then command fails.

The goal is to protect against spoofing when a
context_handle is stolen and used by a component
that should not have access.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I96d255de231611cfed10eef4335a47b91c2c94de

show more ...

refactor(tc): rename DPE header

The new name is more generic. The goal to add here
all platform dependent defines / data / config which
is DPE related.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>

refactor(tc): rename DPE header

The new name is more generic. The goal to add here
all platform dependent defines / data / config which
is DPE related.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I5b521932c45d8a9c43ea2344dde83c210801cfee

show more ...

Merge "refactor(dice): save parent context handle" into integration

refactor(dice): save parent context handle

Improve the restart handling of DPE. In the case of a restart
scenario where only that core is restarted which executes
the DPE client, but the core execut

refactor(dice): save parent context handle

Improve the restart handling of DPE. In the case of a restart
scenario where only that core is restarted which executes
the DPE client, but the core executes the DPE service
remains up and running. In this case, client needs to save
a valid context handle to be able to send commands again
to the DPE service during the new boot sequence.

BL1 saves a valid parent context handle to SDS
before passing the execution to BL2. This handle
can be used in case of a restart scenario when AP
is restarted but RSE is not. Because in that case
RSE does not save an initial context handle to SDS,
which meant to be used by AP during the boot process.

By then the very first initial context handle is
invalidated because it was already used in the
previous boot cycle by BL1.

BL2 does not need to do this, because the cold
boot starts with BL1.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id14eefd2ec758f89f672af176e4f5386a397fa35

show more ...

Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fv

Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fvp): change all occurrences of RSS to RSE
refactor(fiptool): change all occurrences of RSS to RSE
refactor(psa): change all occurrences of RSS to RSE
refactor(fvp): remove leftovers from rss measured boot support
refactor(tc): change all occurrences of RSS to RSE
docs: change all occurrences of RSS to RSE
refactor(measured-boot): change all occurrences of RSS to RSE
refactor(rse): change all occurrences of RSS to RSE
refactor(psa): rename all 'rss' files to 'rse'
refactor(tc): rename all 'rss' files to 'rse'
docs: rename all 'rss' files to 'rse'
refactor(measured-boot): rename all 'rss' files to 'rse'
refactor(rss): rename all 'rss' files to 'rse'

show more ...

refactor(tc): change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the code and build files
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id:

refactor(tc): change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the code and build files
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idec0bf7a90ae381f5bc968e1bb167daace24a11f

show more ...

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header

show more ...

feat(tc): group components into certificates

Set the cert_id argument to group the components
into certificates. The grouping reflects the likely units
of updateability.

Signed-off-by: Tamas Ban <t

feat(tc): group components into certificates

Set the cert_id argument to group the components
into certificates. The grouping reflects the likely units
of updateability.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie7a1f10c84af727d0cd39e3a78b0cb59cbc2e457

show more ...

feat(tc): get the parent component provided DPE context_handle

Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle c

feat(tc): get the parent component provided DPE context_handle

Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle can be used for a single time then it will
be invalidated by the DPE service. In case of calls from
the same component, the next valid context handle is
returned in the response to a DPE command. When a component
finishes their job then the next component in the boot flow
inherits its first context handle from its parent.
How the inheritance is done can be client or
platform-dependent. It can be shared through shared
memory or be part of a DTB object passed to the next
bootloader stage.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ic82f074f1c5b15953e78f9fa5404ed7f48674cbb

show more ...

feat(tc): share DPE context handle with child component

To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from

feat(tc): share DPE context handle with child component

To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from the parent
component via a DTB object.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id357fab3586398b1933444e1d10d1ab6d8243ab9

show more ...

feat(tc): add DPE backend to the measured boot framework

The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot fra

feat(tc): add DPE backend to the measured boot framework

The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot framework supports
multiple backends. A given platform always enables
the corresponding backend which is required by the
attestation scheme.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idc3360d0d7216e4859e99b5db3d377407e0aeee5

show more ...