1. 06 Mar, 2020 2 commits
    • Sumit Garg's avatar
      TBB: Add an IO abstraction layer to load encrypted firmwares · 2be57b86
      Sumit Garg authored
      
      
      TBBR spec advocates for optional encryption of firmwares (see optional
      requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
      support firmware decryption that can be stacked above any underlying IO/
      packaging layer like FIP etc. It aims to provide a framework to load any
      encrypted IO payload.
      
      Also, add plat_get_enc_key_info() to be implemented in a platform
      specific manner as handling of encryption key may vary from one platform
      to another.
      Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
      Change-Id: I9892e0ddf00ebecb8981301dbfa41ea23e078b03
      2be57b86
    • Sumit Garg's avatar
      drivers: crypto: Add authenticated decryption framework · 7cda17bb
      Sumit Garg authored
      
      
      Add framework for autheticated decryption of data. Currently this
      patch optionally imports mbedtls library as a backend if build option
      "DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
      using AES-GCM algorithm.
      Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
      Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
      7cda17bb
  2. 05 Mar, 2020 1 commit
    • Manish Pandey's avatar
      driver/arm/css: minor bug fix · cc7f89de
      Manish Pandey authored
      
      
      The cpu index was wrongly checked causing it to assert always.
      Since this code path is exercised only during TF test "NODE_HW_STAT",
      which queries Power state from SCP, this bug was not detected earlier.
      
      Change-Id: Ia25cef4c0aa23ed08092df39134937a2601c21ac
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      cc7f89de
  3. 25 Feb, 2020 10 commits
  4. 20 Feb, 2020 1 commit
  5. 18 Feb, 2020 3 commits
    • Zelalem's avatar
      coverity: fix MISRA violations · 2fe75a2d
      Zelalem authored
      
      
      Fixes for the following MISRA violations:
      - Missing explicit parentheses on sub-expression
      - An identifier or macro name beginning with an
        underscore, shall not be declared
      - Type mismatch in BL1 SMC handlers and tspd_main.c
      
      Change-Id: I7a92abf260da95acb0846b27c2997b59b059efc4
      Signed-off-by: default avatarZelalem <zelalem.aweke@arm.com>
      2fe75a2d
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of hash buffers when possible · 0b4e5921
      Sandrine Bailleux authored
      The TBBR implementation extracts hashes from certificates and stores
      them in static buffers. TF-A supports 3 variants of SHA right now:
      SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
      commit 9a3088a5
      
       ("tbbr: Add build flag
      HASH_ALG to let the user to select the SHA"), the hash buffers got
      unconditionally increased from 51 to 83 bytes each. We can reduce that
      space if we're using SHA-256 or SHA-384.
      
      This saves some BSS space in both BL1 and BL2:
      - BL1 with SHA-256: saving 168 bytes.
      - BL1 with SHA-384: saving 80 bytes.
      - BL2 with SHA-256: saving 384 bytes.
      - BL2 with SHA-384: saving 192 bytes.
      
      Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      0b4e5921
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of ECDSA key buffers · 495599cd
      Sandrine Bailleux authored
      
      
      The TBBR implementation extracts public keys from certificates and
      stores them in static buffers. DER-encoded ECDSA keys are only 91 bytes
      each but were each allocated 294 bytes instead. Reducing the size of
      these buffers saves 609 bytes of BSS in BL2 (294 - 91 = 203 bytes for
      each of the 3 key buffers in use).
      
      Also add a comment claryfing that key buffers are tailored on RSA key
      sizes when both ECDSA and RSA keys are used.
      
      Change-Id: Iad332856e7af1f9814418d012fba3e1e9399f72a
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      495599cd
  6. 15 Feb, 2020 4 commits
  7. 13 Feb, 2020 2 commits
  8. 07 Feb, 2020 3 commits
    • Aditya Angadi's avatar
      drivers/arm/scmi: allow use of multiple SCMI channels · 31e703f9
      Aditya Angadi authored
      
      
      On systems that have multiple platform components that can interpret the
      SCMI messages, there is a need to support multiple SCMI channels (one
      each to those platform components). Extend the existing SCMI interface
      that currently supports only a single SCMI channel to support multiple
      SCMI channels.
      
      Change-Id: Ice4062475b903aef3b5e5bc37df364c9778a62c5
      Signed-off-by: default avatarAditya Angadi <aditya.angadi@arm.com>
      31e703f9
    • Aditya Angadi's avatar
      drivers/mhu: derive doorbell base address · f8931606
      Aditya Angadi authored
      
      
      In order to allow the MHUv2 driver to be usable with multiple MHUv2
      controllers, use the base address of the controller from the platform
      information instead of the MHUV2_BASE_ADDR macro.
      
      Change-Id: I4dbab87b929fb0568935e6c8b339ce67937f8cd1
      Signed-off-by: default avatarAditya Angadi <aditya.angadi@arm.com>
      f8931606
    • Louis Mayencourt's avatar
      fconf: initial commit · ab1981db
      Louis Mayencourt authored
      
      
      Introduce the Firmware CONfiguration Framework (fconf).
      
      The fconf is an abstraction layer for platform specific data, allowing
      a "property" to be queried and a value retrieved without the requesting
      entity knowing what backing store is being used to hold the data.
      
      The default backing store used is C structure. If another backing store
      has to be used, the platform integrator needs to provide a "populate()"
      function to fill the corresponding C structure.
      The "populate()" function must be registered to the fconf framework with
      the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
      be called inside the "fconf_populate()" function.
      
      A two level macro is used as getter:
      - the first macro takes 3 parameters and converts it to a function
        call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
      - the second level defines a__b_getter(c) to the matching C structure,
        variable, array, function, etc..
      
      Ex: Get a Chain of trust property:
          1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
          2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]
      
      Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      ab1981db
  9. 05 Feb, 2020 1 commit
  10. 04 Feb, 2020 1 commit
  11. 30 Jan, 2020 1 commit
    • Grzegorz Jaszczyk's avatar
      plat: marvell: armada: add support for loading MG CM3 images · 81646055
      Grzegorz Jaszczyk authored
      
      
      In order to access MG SRAM, the amb bridge needs to be configured which is
      done in bl2 platform init.
      
      For MG CM3, the image is only loaded to its SRAM and the CM3 itself is
      left in reset. It is because the next stage bootloader (e.g. u-boot)
      will trigger action which will take it out of reset when needed. This
      can happen e.g. when appropriate device-tree setup (which has enabled
      802.3 auto-neg) will be chosen. In other cases the MG CM3 should not be
      running.
      
      Change-Id: I816ea14e3a7174eace068ec44e3cc09998d0337e
      Signed-off-by: default avatarGrzegorz Jaszczyk <jaz@semihalf.com>
      81646055
  12. 28 Jan, 2020 2 commits
  13. 20 Jan, 2020 6 commits
  14. 10 Jan, 2020 2 commits
    • Yann Gautier's avatar
      io: change seek offset to signed long long · 70cb0bff
      Yann Gautier authored
      
      
      IO seek offset can be set to values above UINT32_MAX, this change
      changes the seek offset argument from 'ssize_t' to 'signed long long'.
      Fixing platform seek functions to match the new interface update.
      
      Change-Id: I25de83b3b7abe5f52a7b0fee36f71e60cac9cfcb
      Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      Signed-off-by: default avatarEtienne Carriere <etienne.carriere@st.com>
      Signed-off-by: default avatarLionel Debieve <lionel.debieve@st.com>
      70cb0bff
    • Deepika Bhavnani's avatar
      Unify type of "cpu_idx" across PSCI module. · 5b33ad17
      Deepika Bhavnani authored
      
      
      NOTE for platform integrators:
         API `plat_psci_stat_get_residency()` third argument
         `last_cpu_idx` is changed from "signed int" to the
         "unsigned int" type.
      
      Issue / Trouble points
      1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
      with typecasting at some places leading to coverity issues.
      
      2. Underlying platform API's return cpu_idx as `unsigned int`
      and comparison is performed with platform specific defines
      `PLAFORM_xxx` which is not consistent
      
      Misra Rule 10.4:
      The value of a complex expression of integer type may only be cast to
      a type that is narrower and of the same signedness as the underlying
      type of the expression.
      
      Based on above points, cpu_idx is kept as `unsigned int` to match
      the API's and low-level functions and platform defines are updated
      where ever required
      Signed-off-by: default avatarDeepika Bhavnani <deepika.bhavnani@arm.com>
      Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
      5b33ad17
  15. 09 Jan, 2020 1 commit