| #
f3249498 |
| 24-Jun-2022 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "lw/cca_cot" into integration
* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build
Merge changes from topic "lw/cca_cot" into integration
* changes:
feat(arm): retrieve the right ROTPK for cca
feat(arm): add support for cca CoT
feat(arm): provide some swd rotpk files
build(tbbr): drive cert_create changes for cca CoT
refactor(arm): add cca CoT certificates to fconf
feat(fiptool): add cca, core_swd, plat cert in FIP
feat(cert_create): define the cca chain of trust
feat(cca): introduce new "cca" chain of trust
build(changelog): add new scope for CCA
refactor(fvp): increase bl2 size when bl31 in DRAM
show more ...
|
| #
147f52f3 |
| 21-Apr-2022 |
laurenw-arm <lauren.wehrmeister@arm.com> |
feat(fiptool): add cca, core_swd, plat cert in FIP
Added support for cca CoT in the fiptool by adding the cca,
core_swd, and plat key certificates.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmei
feat(fiptool): add cca, core_swd, plat cert in FIP
Added support for cca CoT in the fiptool by adding the cca,
core_swd, and plat key certificates.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I1ba559e188ad8c33cb0e643d7a2fc6fb96736ab9
show more ...
|
| #
1d651211 |
| 06-Oct-2021 |
Soby Mathew <soby.mathew@arm.com> |
Merge changes from topic "za/feat_rme" into integration
* changes:
refactor(gpt): productize and refactor GPT library
feat(rme): disable Watchdog for Arm platforms if FEAT_RME enabled
docs(rme
Merge changes from topic "za/feat_rme" into integration
* changes:
refactor(gpt): productize and refactor GPT library
feat(rme): disable Watchdog for Arm platforms if FEAT_RME enabled
docs(rme): add build and run instructions for FEAT_RME
fix(plat/fvp): bump BL2 stack size
fix(plat/fvp): allow changing the kernel DTB load address
refactor(plat/arm): rename ARM_DTB_DRAM_NS region macros
refactor(plat/fvp): update FVP platform DTS for FEAT_RME
feat(plat/arm): add GPT initialization code for Arm platforms
feat(plat/fvp): add memory map for FVP platform for FEAT_RME
refactor(plat/arm): modify memory region attributes to account for FEAT_RME
feat(plat/fvp): add RMM image support for FVP platform
feat(rme): add GPT Library
feat(rme): add ENABLE_RME build option and support for RMM image
refactor(makefile): remove BL prefixes in build macros
feat(rme): add context management changes for FEAT_RME
feat(rme): add Test Realm Payload (TRP)
feat(rme): add RMM dispatcher (RMMD)
feat(rme): run BL2 in root world when FEAT_RME is enabled
feat(rme): add xlat table library changes for FEAT_RME
feat(rme): add Realm security state definition
feat(rme): add register definitions and helper functions for FEAT_RME
show more ...
|
| #
5b18de09 |
| 11-Jul-2021 |
Zelalem Aweke <zelalem.aweke@arm.com> |
feat(rme): add ENABLE_RME build option and support for RMM image
The changes include:
- A new build option (ENABLE_RME) to enable FEAT_RME
- New image called RMM. RMM is R-EL2 firmware that manage
feat(rme): add ENABLE_RME build option and support for RMM image
The changes include:
- A new build option (ENABLE_RME) to enable FEAT_RME
- New image called RMM. RMM is R-EL2 firmware that manages Realms.
When building TF-A, a path to RMM image can be specified using
the "RMM" build flag. If RMM image is not provided, TRP is built
by default and used as RMM image.
- Support for RMM image in fiptool
Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I017c23ef02e465a5198baafd665a60858ecd1b25
show more ...
|
| #
007be5ec |
| 14-Aug-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "sp_dual_signing" into integration
* changes:
dualroot: add chain of trust for Platform owned SPs
cert_create: add Platform owned secure partitions support
|
| #
23d5f03a |
| 24-Jul-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: add Platform owned secure partitions support
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "s
cert_create: add Platform owned secure partitions support
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "sip-sp-cert" was generated which
contained hash of all 8 SPs, with this change SPs are divided into
two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.
Platform RoT key pair is used for signing.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6
show more ...
|
| #
99bcae5e |
| 26-Jun-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/a
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/arm: Load and populate fw_config and tb_fw_config
fconf: Handle error from fconf_load_config
plat/arm: Update the fw_config load call and populate it's information
fconf: Allow fconf to load additional firmware configuration
fconf: Clean confused naming between TB_FW and FW_CONFIG
tbbr/dualroot: Add fw_config image in chain of trust
cert_tool: Update cert_tool for fw_config image support
fiptool: Add fw_config in FIP
plat/arm: Rentroduce tb_fw_config device tree
show more ...
|
| #
ce10f9f4 |
| 11-Jun-2020 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
fiptool: Add fw_config in FIP
Added support in fiptool to include fw_config image
in FIP.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibbd14723a4141598d9d7f6bfcf88a0ef92cf
fiptool: Add fw_config in FIP
Added support in fiptool to include fw_config image
in FIP.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibbd14723a4141598d9d7f6bfcf88a0ef92cf87bc
show more ...
|
| #
02383c28 |
| 09-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "sp_secure_boot" into integration
* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure p
Merge changes from topic "sp_secure_boot" into integration
* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure partitions support
show more ...
|
| #
0792dd7d |
| 22-May-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: add SiP owned secure partitions support
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specific
cert_create: add SiP owned secure partitions support
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specification the support is only added for
dualroot CoT and not for TBBR CoT.
A single certificate file is generated containing hash of individual
packages. Maximum 8 secure partitions are supported.
Following new options added to cert_tool:
--sip-sp-cert --> SiP owned Secure Partition Content Certificate
--sp-pkg1 --> Secure Partition Package1 file
--sp-pkg2
.....
--sp-pkg8
Trusted world key pair is used for signing.
Going forward, this feature can be extended for Platfrom owned
Partitions, if required.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
show more ...
|
| #
ebce735d |
| 22-Jun-2018 |
Dimitris Papastamos <dimitris.papastamos@arm.com> |
Merge pull request #1406 from robertovargas-arm/uuid
Make TF UUID RFC 4122 compliant
|
| #
03364865 |
| 26-Apr-2018 |
Roberto Vargas <roberto.vargas@arm.com> |
Make TF UUID RFC 4122 compliant
RFC4122 defines that fields are stored in network order (big endian),
but TF-A stores them in machine order (little endian by default in TF-A).
We cannot change the f
Make TF UUID RFC 4122 compliant
RFC4122 defines that fields are stored in network order (big endian),
but TF-A stores them in machine order (little endian by default in TF-A).
We cannot change the future UUIDs that are already generated, but we can store
all the bytes using arrays and modify fiptool to generate the UUIDs with
the correct byte order.
Change-Id: I97be2d3168d91f4dee7ccfafc533ea55ff33e46f
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
show more ...
|
| #
0d018306 |
| 23-May-2018 |
Dimitris Papastamos <dimitris.papastamos@arm.com> |
Merge pull request #1386 from soby-mathew/sm/dyn_bl31
Extend dynamic configuration
|
| #
17bc617e |
| 29-Mar-2018 |
Soby Mathew <soby.mathew@arm.com> |
Dynamic cfg: Enable support on CoT for other configs
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
neces
Dynamic cfg: Enable support on CoT for other configs
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
necessary cert tool support and changes to default chain of trust are made
for these configs.
Change-Id: I25f266277b5b5501a196d2f2f79639d838794518
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
show more ...
|
| #
c7aa7fdf |
| 26-Feb-2018 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #1263 from soby-mathew/sm/dyn_config
Dynamic Configuration Prototype
|
| #
e24659df |
| 07-Nov-2017 |
Soby Mathew <soby.mathew@arm.com> |
Dynamic cfg: Update the tools
This patch updates the `fiptool` and `cert_create` for the
`hw_config` and `tb_fw_config` dynamic configuration files.
The necessary UUIDs and OIDs are assigned to thes
Dynamic cfg: Update the tools
This patch updates the `fiptool` and `cert_create` for the
`hw_config` and `tb_fw_config` dynamic configuration files.
The necessary UUIDs and OIDs are assigned to these files and
the `cert_create` is updated to generate appropriate hashes
and include them in the "Trusted Boot FW Certificate". The
`fiptool` is updated to allow the configs to be specified
via cmdline and included in the generated FIP.
Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
show more ...
|
| #
1a52aca5 |
| 14-Aug-2017 |
danh-arm <dan.handley@arm.com> |
Merge pull request #1040 from sliai/support-opteed-header
Support opteed header
|
| #
71fb3964 |
| 20-Apr-2017 |
Summer Qin <summer.qin@arm.com> |
Support Trusted OS firmware extra images in TF tools
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add
Support Trusted OS firmware extra images in TF tools
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
show more ...
|
| #
2dfab27a |
| 03-Aug-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #1044 from islmit01/im/fix_includes
Fix order of #includes
|
| #
769fb6b6 |
| 14-Jul-2017 |
Isla Mitchell <isla.mitchell@arm.com> |
Fix order of #includes
This fix modifies the order of system includes to meet the ARM TF coding
standard whilst retaining header groupings.
Change-Id: Ib91968f8e2cac9e96033d73d3ad9d0a2ae228b13
Sign
Fix order of #includes
This fix modifies the order of system includes to meet the ARM TF coding
standard whilst retaining header groupings.
Change-Id: Ib91968f8e2cac9e96033d73d3ad9d0a2ae228b13
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
show more ...
|
| #
aa965e15 |
| 20-Jul-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #1029 from islmit01/im/fix_includes
Fix order of includes
|
| #
2a4b4b71 |
| 11-Jul-2017 |
Isla Mitchell <isla.mitchell@arm.com> |
Fix order of #includes
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported
Fix order of #includes
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.
Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
show more ...
|
| #
e715e676 |
| 24-May-2017 |
danh-arm <dan.handley@arm.com> |
Merge pull request #938 from masahir0y/tools_share
Collect headers shared between TF and host-tools into include/tools_share
|
| #
2a6c1a8f |
| 08-May-2017 |
Masahiro Yamada <yamada.masahiro@socionext.com> |
fip: move headers shared between TF and fiptool to include/tools_share
Some header files need to be shared between TF and host programs.
For fiptool, two headers are copied to the tools/fiptool dire
fip: move headers shared between TF and fiptool to include/tools_share
Some header files need to be shared between TF and host programs.
For fiptool, two headers are copied to the tools/fiptool directory,
but it looks clumsy.
This commit introduces a new directory, include/tools_share, which
collects headers that should be shared between TF and host programs.
This will clarify the interface exposed to host tools. We should
add new headers to this directory only when we really need to do so.
For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
show more ...
|
| #
f132b4a0 |
| 04-May-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #925 from dp-arm/dp/spdx
Use SPDX license identifiers
|