feat(rcar3): enable the stack protection

This commit changes ENABLE_STACK_PROTECTOR value to "strong" for
enabling the stack protector by canary.

Signed-off-by: Koichi Yamaguchi <koichi.yamaguchi.z

feat(rcar3): enable the stack protection

This commit changes ENABLE_STACK_PROTECTOR value to "strong" for
enabling the stack protector by canary.

Signed-off-by: Koichi Yamaguchi <koichi.yamaguchi.zb@hitachi.com>
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Ice351d23c98daf12737a5e65cef743035d62dabe

show more ...

docs(threat-model): supply chain threat model TF-A

Software supply chain attacks aim to inject malicious code into a
software product. There are several ways a malicious code can be
injected into a

docs(threat-model): supply chain threat model TF-A

Software supply chain attacks aim to inject malicious code into a
software product. There are several ways a malicious code can be
injected into a software product (open-source project).

These include:
- Malicious code commits
- Malicious dependencies
- Malicious toolchains

This document provides analysis of software supply chain attack
threats for the TF-A project

Change-Id: I03545d65a38dc372f3868a16c725b7378640a771
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

Merge "docs(threat-model): add threat model for PSA FWU and TBBR FWU(recovery)" into integration

Merge "fix(spm): silence warning in sp_mk_generator" into integration

Merge changes from topic "kc/dir_msg_req2" into integration

* changes:
feat(spmd): add FFA_MSG_SEND_DIR_RESP2
feat(spmd): add FFA_MSG_SEND_DIR_REQ2

Merge "style(hooks): copyright year check as per author email" into integration

style(hooks): copyright year check as per author email

Add a check in pre-commit hook to check the
- copyright header is present for the authors organisation.
- the copyright year for the copyright

style(hooks): copyright year check as per author email

Add a check in pre-commit hook to check the
- copyright header is present for the authors organisation.
- the copyright year for the copyright header is updated.

The author email id is parsed to get the organization. Depending upon
the parsed info, the copyright header for the organization is checked
if its present in the file(s) or not.
If the copyright header is present in the file(s) then the copyright
year is checked.

If the copyright header is not present or the copyright year in the
header is not updated it is highlighted to the author
which the user then needs to incorporate in the change accordingly.

To enable this check, the case statement in
.husky/pre-commit.copyright needs to be modified to add the domain
from the email id and corresponding copyright header of the
organisation.

Change-Id: I4dedb68248b3dae997d887dd380155fe326d071d
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>

show more ...

Merge changes from topic "cca_dtb" into integration

* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name

Merge changes from topic "cca_dtb" into integration

* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name in doc
feat(dt-bindings): introduce CCA CoT, rename TBBR

show more ...

docs(threat-model): add threat model for PSA FWU and TBBR FWU(recovery)

Added a threat model for PSA firmware update as well as TBBR FWU aka
firmware recovery.

Change-Id: I2396e13144076d7294f61f681

docs(threat-model): add threat model for PSA FWU and TBBR FWU(recovery)

Added a threat model for PSA firmware update as well as TBBR FWU aka
firmware recovery.

Change-Id: I2396e13144076d7294f61f6817e1a8646225c6c2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "feat(intel): enable SDMMC frontdoor load for ATF->Linux" into integration

Merge changes Iaa189c54,I8856b495 into integration

* changes:
feat(intel): enable query of fip offset on RSU
feat(intel): support query of fip offset using RSU

Merge changes from topic "cca_dtb" into integration

* changes:
docs(fconf): update bindings for multi-RoT CoTs
feat(fconf): support signing-key in root cert node

refactor(st-i2c): use fdt_read_uint32_default()

The function stm32_i2c_get_setup_from_fdt() was using fdt_getprop() to
to get some i2c node properties, and set a default value if the node
was not fo

refactor(st-i2c): use fdt_read_uint32_default()

The function stm32_i2c_get_setup_from_fdt() was using fdt_getprop() to
to get some i2c node properties, and set a default value if the node
was not found. The function fdt_read_uint32_default() already does
this in a simpler way.
Remove useless STM32_I2C_SPEED_DEFAULT.

Change-Id: I74c6295bb5765ee7c7e0a9ae020b741f1fe022a6
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

feat(arm): add COT_DESC_IN_DTB option for CCA CoT

Add support for BL2 to get the CCA chain of trust description
through the Firmware Configuration Framework (FCONF). This makes
it possible to export

feat(arm): add COT_DESC_IN_DTB option for CCA CoT

Add support for BL2 to get the CCA chain of trust description
through the Firmware Configuration Framework (FCONF). This makes
it possible to export the part of the CCA chain of trust enforced
by BL2 in BL2's configuration file (TB_FW_CONFIG DTB file). BL2
will parse it when setting up the platform.

This feature can be enabled through the COT_DESC_IN_DTB=1 option.
The default behaviour (COT_DESC_IN_DTB=0) remains to hard-code
the CCA CoT into BL2 image.

Change-Id: Iec4f623d5e42b7c166beeb3ad6b35d918969f7e2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

feat(fvp): add CCA CoT in DTB support

Adding support for CCA CoT in DTB. This makes it possible for BL2
to retrieve its chain of trust description from a configuration file
in DTB format. With this,

feat(fvp): add CCA CoT in DTB support

Adding support for CCA CoT in DTB. This makes it possible for BL2
to retrieve its chain of trust description from a configuration file
in DTB format. With this, the CoT description may be updated without
rebuilding BL2 image. This feature can be enabled by building BL2
with COT_DESC_IN_DTB=1 and COT=cca. The default behaviour remains to
embed the CoT description into BL2 image.

Change-Id: I5912aad5ae529281a93a76e6b8f4b89d867445fe
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

docs(arm): update TBBR CoT dtsi file name in doc

Change-Id: I31ebee7574f5133aadbf2767377fd74a21775ce5
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

feat(dt-bindings): introduce CCA CoT, rename TBBR

Add CCA CoT DTB and rename generic CoT DTB to TBBR CoT DTB

This allows CCA platforms to get their chain of trust description
from a configuration f

feat(dt-bindings): introduce CCA CoT, rename TBBR

Add CCA CoT DTB and rename generic CoT DTB to TBBR CoT DTB

This allows CCA platforms to get their chain of trust description
from a configuration file, rather than hard-coding it into the
firmware itself.

Change-Id: I114788a5d21b9a8d625239cfb71b442d204e3654
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

docs(fconf): update bindings for multi-RoT CoTs

Update CoT binding documentation to add the signing-key property
as optional in root-certificates and add rot_keys node

Change-Id: I1d1fbc0394275520c

docs(fconf): update bindings for multi-RoT CoTs

Update CoT binding documentation to add the signing-key property
as optional in root-certificates and add rot_keys node

Change-Id: I1d1fbc0394275520cfa43213d5b7006e51990fdd
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

feat(spmd): add FFA_MSG_SEND_DIR_RESP2

Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_RESP2 interface.

Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: Ibd0546ecd71d004804e6e18b27a

feat(spmd): add FFA_MSG_SEND_DIR_RESP2

Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_RESP2 interface.

Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: Ibd0546ecd71d004804e6e18b27a4728a21259fa0

show more ...

feat(spmd): add FFA_MSG_SEND_DIR_REQ2

Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_REQ2 interface.
Handler validates security states of sender/receiver pairs
and forwards the call to other world if ne

feat(spmd): add FFA_MSG_SEND_DIR_REQ2

Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_REQ2 interface.
Handler validates security states of sender/receiver pairs
and forwards the call to other world if necessary.

Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I02a60362d8d9a50fcc0b6a84753cba274ba5eb1b

show more ...

feat(fconf): support signing-key in root cert node

Until now we have only supported describing chain of trusts through the
CoT DTB with a single ROTPK so the signing key for root certificates was
im

feat(fconf): support signing-key in root cert node

Until now we have only supported describing chain of trusts through the
CoT DTB with a single ROTPK so the signing key for root certificates was
implicit. Therefore signing key was not a supported property in the
root certificates node.

Now we want to extend that to describe CoTs with mulitiple roots of
trust so we need a way to specify for each root certificate with which
ROTPK it should be verified. For that, we reuse the 'signing-key'
property already in use for the non-root certificates, but we make it
optional for root certificates in single-RoT CoTs and for root
certificates signed with the default ROTPK in multi-RoT CoTs.

Change-Id: I41eb6579e8f1d01eaf10480fe5e224d2eed9c736
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

Merge "feat(memmap): add RELA section display" into integration

docs(security): security advisory for CVE-2023-49100

Reported-by: Christian Lindenmeier <christian.lindenmeier@fau.de>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I13fa93a65e501

docs(security): security advisory for CVE-2023-49100

Reported-by: Christian Lindenmeier <christian.lindenmeier@fau.de>
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I13fa93a65e5017dae6c837e88cd80bda72d4c2a3

show more ...

Merge "docs(threat-model): provide PSR specification reference" into integration

build: remove the `NM` variable

No part of the build system uses the `NM` variable, which is usually
used to dump symbol tables from compiled images. This change removes all
declarations of it.

Cha

build: remove the `NM` variable

No part of the build system uses the `NM` variable, which is usually
used to dump symbol tables from compiled images. This change removes all
declarations of it.

Change-Id: I796ff365e6a7f97d21678f1c8cf8b59bfbb1ae9c
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...