Merge "fix(tools): change data type to size_t for doimage" into integration

fix(tools): change data type to size_t for doimage

In image_encrypt function, vulnerability arises
due to a mismatch between unsigned and signed
integer types. When a large unsigned integer
is retur

fix(tools): change data type to size_t for doimage

In image_encrypt function, vulnerability arises
due to a mismatch between unsigned and signed
integer types. When a large unsigned integer
is returned by strlen and stored into signed
integer k, the value represented is a large
negative integer. This bypasses the subsequent
check against AES_BLOCK_SZ and allows a buffer
overflow to happen at memcpy.

Similar, vulnerability issue is fixed in
function verify_and_copy_file_name_entry.

Change-Id: I658521c1eec1c79933ba8082ba507df04d174e52
Signed-off-by: Jaiprakash Singh <jaiprakashs@marvell.com>

show more ...

Merge "fix(marvell-tools): include mbedtls/version.h before use" into integration

fix(marvell-tools): include mbedtls/version.h before use

mbedtls/version.h needs to be included before the use of any
mbedtls config variables.

Fixes a build failure regression from commit a8eadc51

fix(marvell-tools): include mbedtls/version.h before use

mbedtls/version.h needs to be included before the use of any
mbedtls config variables.

Fixes a build failure regression from commit a8eadc51a.

Change-Id: Idd955d7955b0a55ffd127f31053335542cb15e22
Signed-off-by: Henrik Nordstrom <henrik.nordstrom@addiva.se>

show more ...

Merge changes from topic "mbedtls3_support" into integration

* changes:
feat(stm32mp1): add mbedtls-3.3 support config
refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT
style(crypto): add b

Merge changes from topic "mbedtls3_support" into integration

* changes:
feat(stm32mp1): add mbedtls-3.3 support config
refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT
style(crypto): add braces for if statement
feat(fvp): increase BL1_RW and BL2 size
feat(mbedtls): add support for mbedtls-3.3
refactor(crypto): avoid using struct mbedtls_pk_rsassa_pss_options
refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

show more ...

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it di

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3

Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes I9feae1fc,I5cbe7192,I1867ece3,I85c2434a,If8edeeec, ... into integration

* changes:
plat: marvell: armada: mcbin: squash several IO windows into one
plat: marvell: armada: fix BL32

Merge changes I9feae1fc,I5cbe7192,I1867ece3,I85c2434a,If8edeeec, ... into integration

* changes:
plat: marvell: armada: mcbin: squash several IO windows into one
plat: marvell: armada: fix BL32 extra parameters usage
drivers: marvell: Fix the LLC SRAM driver
plat: marvell: armada: a8k: change CCU LLC SRAM mapping
plat: marvell: armada: adjust trusted DRAM size to match OP-TEE OS
drivers: marvell: mg_conf_cm3: pass comphy lane number to AP FW
plat: marvell: armada: move mg conf related code to appropriate driver
marvell: comphy: start AP FW when comphy AP mode selected
drivers: marvell: mg_conf_cm3: add basic driver
tools: doimage: change the binary image alignment to 16
tools: doimage: migrate to mbedtls v2.8 APIs

show more ...

tools: doimage: change the binary image alignment to 16

Change the binary image alignment from 4 to 16.
The PKCS signature verification fails for unaligned images.

Change-Id: Ieb08dc3ea128790f542ad

tools: doimage: change the binary image alignment to 16

Change the binary image alignment from 4 to 16.
The PKCS signature verification fails for unaligned images.

Change-Id: Ieb08dc3ea128790f542ad93e3c948117567a65af
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

show more ...

tools: doimage: migrate to mbedtls v2.8 APIs

Replace deprecated mbedtls_sha256 with mbedtls_sha256_ret
The mbedtls_pk_parse_key does not work correctly anymore
with the DER buffer embedded in the se

tools: doimage: migrate to mbedtls v2.8 APIs

Replace deprecated mbedtls_sha256 with mbedtls_sha256_ret
The mbedtls_pk_parse_key does not work correctly anymore
with the DER buffer embedded in the secure image extentson
using the buffer size as the the key length.
Move to mbedtls_pk_parse_subpubkey API that handles such
case correctly.
The DER format already contains the key length, so there
is no particular reason to supply it to the key parser.
Update the doimage version to 3.3

Change-Id: I0ec5ee84b7d1505b43138e0b7a6bdba44a6702b6
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

show more ...

Merge pull request #1623 from MISL-EBU-System-SW/a3700-support

Add support for Armada 3700 and COMPHY porting layer

tools: Move doimage to marvell folder for future add-ons

Move doimage utility from toos/doimage to tools/marvell/doimage.
This is done for supporting mode Marvell tools in the future.

Signed-off-by

tools: Move doimage to marvell folder for future add-ons

Move doimage utility from toos/doimage to tools/marvell/doimage.
This is done for supporting mode Marvell tools in the future.

Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

show more ...