Skip to content

GitLab

Switch branch/tag
  1. 07 Apr, 2020 3 commits
  3. 06 Apr, 2020 1 commit
  5. 03 Apr, 2020 5 commits
  7. 01 Apr, 2020 2 commits
  9. 30 Mar, 2020 1 commit
    • Alexei Fedorov's avatar
      TF-A GICv3 driver: Introduce makefile · a6ea06f5
      Alexei Fedorov authored 
      

This patch moves all GICv3 driver files into new added
'gicv3.mk' makefile for the benefit of the generic driver
which can evolve in the future without affecting platforms.
The patch adds GICv3 driver configuration flags
'GICV3_IMPL', 'GICV3_IMPL_GIC600_MULTICHIP' and
'GICV3_OVERRIDE_DISTIF_PWR_OPS' described in
'GICv3 driver options' section of 'build-option.rst'
document.

NOTE: Platforms with GICv3 driver need to be modified to
include 'drivers/arm/gic/v3/gicv3.mk' in their makefiles.

Change-Id: If055f6770ff20f5dee5a3c99ae7ced7cdcac5c44
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      a6ea06f5
  11. 26 Mar, 2020 1 commit
    • Yann Gautier's avatar
      stm32mp1: dynamically map DDR later and non-cacheable during its test · 84686ba3
      Yann Gautier authored 
      

A speculative accesses to DDR could be done whereas it was not reachable
and could lead to bus stall.
To correct this the dynamic mapping in MMU is used.
A first mapping is done for DDR tests with MT_NON_CACHEABLE attribute,
once DDR access is setup. It is then unmapped and a new mapping DDR is done
with cacheable attribute (through MT_MEMORY) to speed-up BL33 (or OP-TEE)
load.

The disabling of cache during DDR tests is also removed, as now useless.
A call to new functions stm32mp_{,un}map_ddr_non_cacheable() is done
instead.

PLAT_XLAT_TABLES_DYNAMIC is activated globally as used in BL2 and BL32.

BL33 max size is also updated to take into account the secure and shared
memory areas. Those are used in OP-TEE case.

Change-Id: I22c48b4a48255ee264991c34ecbb15bfe87e67c3
Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      84686ba3
  13. 25 Mar, 2020 1 commit
  15. 23 Mar, 2020 3 commits
  17. 17 Mar, 2020 1 commit
    • Andre Przywara's avatar
      rpi3: gpio: Simplify GPIO setup · 0d92745e
      Andre Przywara authored 
      

There is really no reason to use and pass around a struct when its only
member is the (fixed) base address.

Remove the struct and just use the base address on its own inside the
GPIO driver. Then set the base address automatically.

This simplifies GPIO setup for users, which now don't need to deal with
zeroing a struct and setting the base address anymore.

Change-Id: I3060f7859e3f8ef9a24cc8fb38307b5da943f127
Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      0d92745e
  19. 10 Mar, 2020 1 commit
  21. 08 Mar, 2020 1 commit
  23. 06 Mar, 2020 2 commits
    • Sumit Garg's avatar
      TBB: Add an IO abstraction layer to load encrypted firmwares · 2be57b86
      Sumit Garg authored 
      

TBBR spec advocates for optional encryption of firmwares (see optional
requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
support firmware decryption that can be stacked above any underlying IO/
packaging layer like FIP etc. It aims to provide a framework to load any
encrypted IO payload.

Also, add plat_get_enc_key_info() to be implemented in a platform
specific manner as handling of encryption key may vary from one platform
to another.
Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
Change-Id: I9892e0ddf00ebecb8981301dbfa41ea23e078b03
      2be57b86
    • Sumit Garg's avatar
      drivers: crypto: Add authenticated decryption framework · 7cda17bb
      Sumit Garg authored 
      

Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
      7cda17bb
  25. 05 Mar, 2020 1 commit
    • Manish Pandey's avatar
      driver/arm/css: minor bug fix · cc7f89de
      Manish Pandey authored 
      

The cpu index was wrongly checked causing it to assert always.
Since this code path is exercised only during TF test "NODE_HW_STAT",
which queries Power state from SCP, this bug was not detected earlier.

Change-Id: Ia25cef4c0aa23ed08092df39134937a2601c21ac
Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      cc7f89de
  27. 25 Feb, 2020 10 commits
  29. 24 Feb, 2020 1 commit
    • Sandrine Bailleux's avatar
      Introduce a new "dualroot" chain of trust · 5ab8b717
      Sandrine Bailleux authored 
      

This new chain of trust defines 2 independent signing domains:

1) One for the silicon firmware (BL1, BL2, BL31) and optionally the
   Trusted OS. It is rooted in the Silicon ROTPK, just as in the TBBR
   CoT.

2) One for the Normal World Bootloader (BL33). It is rooted in a new key
   called Platform ROTPK, or PROTPK for short.

In terms of certificates chain,

- Signing domain 1) is similar to what TBBR advocates (see page 21 of
  the TBBR specification), except that the Non-Trusted World Public Key
  has been removed from the Trusted Key Certificate.

- Signing domain 2) only contains the Non-Trusted World Content
  certificate, which provides the hash of the Non-Trusted World
  Bootloader. Compared to the TBBR CoT, there's no Non-Trusted World
  Key certificate for simplicity.

Change-Id: I62f1e952522d84470acc360cf5ee63e4c4b0b4d9
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      5ab8b717
  31. 20 Feb, 2020 1 commit
  33. 18 Feb, 2020 3 commits
    • Zelalem's avatar
      coverity: fix MISRA violations · 2fe75a2d
      Zelalem authored 
      

Fixes for the following MISRA violations:
- Missing explicit parentheses on sub-expression
- An identifier or macro name beginning with an
  underscore, shall not be declared
- Type mismatch in BL1 SMC handlers and tspd_main.c

Change-Id: I7a92abf260da95acb0846b27c2997b59b059efc4
Signed-off-by: default avatarZelalem <zelalem.aweke@arm.com>
      2fe75a2d
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of hash buffers when possible · 0b4e5921
      Sandrine Bailleux authored 
      The TBBR implementation extracts hashes from certificates and stores
them in static buffers. TF-A supports 3 variants of SHA right now:
SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
commit 9a3088a5

 ("tbbr: Add build flag
HASH_ALG to let the user to select the SHA"), the hash buffers got
unconditionally increased from 51 to 83 bytes each. We can reduce that
space if we're using SHA-256 or SHA-384.

This saves some BSS space in both BL1 and BL2:
- BL1 with SHA-256: saving 168 bytes.
- BL1 with SHA-384: saving 80 bytes.
- BL2 with SHA-256: saving 384 bytes.
- BL2 with SHA-384: saving 192 bytes.

Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      0b4e5921
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of ECDSA key buffers · 495599cd
      Sandrine Bailleux authored 
      

The TBBR implementation extracts public keys from certificates and
stores them in static buffers. DER-encoded ECDSA keys are only 91 bytes
each but were each allocated 294 bytes instead. Reducing the size of
these buffers saves 609 bytes of BSS in BL2 (294 - 91 = 203 bytes for
each of the 3 key buffers in use).

Also add a comment claryfing that key buffers are tailored on RSA key
sizes when both ECDSA and RSA keys are used.

Change-Id: Iad332856e7af1f9814418d012fba3e1e9399f72a
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      495599cd
  35. 15 Feb, 2020 2 commits