1. 12 Aug, 2020 2 commits
    • Manish Pandey's avatar
      dualroot: add chain of trust for Platform owned SPs · 2947412d
      Manish Pandey authored
      
      
      For dualroot CoT there are two sets of SP certificates, one owned by
      Silicon Provider(SiP) and other owned by Platform. Each certificate can
      have a maximum of 4 SPs.
      
      This patch reduces the number of SiP owned SPs from 8 to 4 and adds
      the remaining 4 to Plat owned SP.
      Plat owned SP certificate is signed using Platform RoT key and
      protected against anti-rollback using the Non-trusted Non-volatile
      counter.
      
      Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      2947412d
    • Manish Pandey's avatar
      cert_create: add Platform owned secure partitions support · 23d5f03a
      Manish Pandey authored
      
      
      Add support to generate a certificate named "plat-sp-cert" for Secure
      Partitions(SP) owned by Platform.
      Earlier a single certificate file "sip-sp-cert" was generated which
      contained hash of all 8 SPs, with this change SPs are divided into
      two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.
      
      Platform RoT key pair is used for signing.
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6
      23d5f03a
  2. 31 Jul, 2020 1 commit
    • Manish Pandey's avatar
      tbbr/dualroot: rename SP package certificate file · 03a5225c
      Manish Pandey authored
      
      
      Currently only single signing domain is supported for SP packages but
      there is plan to support dual signing domains if CoT is dualroot.
      
      SP_CONTENT_CERT_ID is the certificate file which is currently generated
      and signed with trusted world key which in-turn is derived from Silicon
      provider RoT key.
      To allow dual signing domain for SP packages, other certificate file
      will be derived from Platform owned RoT key.
      
      This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and
      does other related changes.
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: I0bc445a3ab257e2dac03faa64f46e36a9fed5e93
      03a5225c
  3. 30 Jul, 2020 2 commits
  4. 29 Jul, 2020 1 commit
  5. 27 Jul, 2020 1 commit
  6. 26 Jul, 2020 1 commit
    • Manish V Badarkhe's avatar
      SMCCC: Introduce function to check SMCCC function availability · 6f0a2f04
      Manish V Badarkhe authored
      
      
      Currently, 'SMCCC_ARCH_FEATURES' SMC call handler unconditionally
      returns 'SMC_OK' for 'SMCCC_ARCH_SOC_ID' function. This seems to
      be not correct for the platform which doesn't implement soc-id
      functionality i.e. functions to retrieve both soc-version and
      soc-revision.
      Hence introduced a platform function which will check whether SMCCC
      feature is available for the platform.
      
      Also, updated porting guide for the newly added platform function.
      
      Change-Id: I389f0ef6b0837bb24c712aa995b7176117bc7961
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      6f0a2f04
  7. 23 Jul, 2020 4 commits
  8. 21 Jul, 2020 2 commits
  9. 17 Jul, 2020 1 commit
  10. 16 Jul, 2020 1 commit
  11. 14 Jul, 2020 1 commit
    • Alexei Fedorov's avatar
      TF-A: Redefine true/false definitions · 0aa9f3c0
      Alexei Fedorov authored
      
      
      This patch redefines 'true' and 'false' definitions in
      'include/lib/libc/stdbool.h' to fix defect reported by
      MISRA C-2012 Rule 10.1
      "The expression \"0\" of non-boolean essential type is
      being interpreted as a boolean value for the operator \"? :\"."
      
      Change-Id: Ie1b16e5826e5427cc272bd753e15d4d283e1ee4c
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      0aa9f3c0
  12. 10 Jul, 2020 3 commits
  13. 08 Jul, 2020 1 commit
  14. 29 Jun, 2020 1 commit
    • Masahiro Yamada's avatar
      linker_script: move .rela.dyn section to bl_common.ld.h · e8ad6168
      Masahiro Yamada authored
      
      
      The .rela.dyn section is the same for BL2-AT-EL3, BL31, TSP.
      
      Move it to the common header file.
      
      I slightly changed the definition so that we can do "RELA_SECTION >RAM".
      It still produced equivalent elf images.
      
      Please note I got rid of '.' from the VMA field. Otherwise, if the end
      of previous .data section is not 8-byte aligned, it fails to link.
      
      aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
      aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
      aarch64-linux-gnu-ld.bfd: warning: changing start of section .rela.dyn by 4 bytes
      make: *** [Makefile:1071: build/qemu/release/bl31/bl31.elf] Error 1
      
      Change-Id: Iba7422d99c0374d4d9e97e6fd47bae129dba5cc9
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      e8ad6168
  15. 27 Jun, 2020 1 commit
  16. 25 Jun, 2020 4 commits
  17. 24 Jun, 2020 6 commits
  18. 23 Jun, 2020 1 commit
    • J-Alves's avatar
      FFA Version interface update · 4388f28f
      J-Alves authored
      
      
      Change handler of FFA version interface:
      - Return SPMD's version if the origin of the call is secure;
      - Return SPMC's version if origin is non-secure.
      Signed-off-by: default avatarJ-Alves <joao.alves@arm.com>
      Change-Id: I0d1554da79b72b1e02da6cc363a2288119c32f44
      4388f28f
  19. 22 Jun, 2020 4 commits
  20. 19 Jun, 2020 2 commits