1. 19 Jan, 2017 2 commits
    • Antonio Nino Diaz's avatar
      Clear static variables in X509 parser on error · 51c5e1a2
      Antonio Nino Diaz authored
      
      
      In mbedtls_x509_parser.c there are some static arrays that are filled
      during the integrity check and then read whenever an authentication
      parameter is requested. However, they aren't cleared in case of an
      integrity check failure, which can be problematic from a security
      point of view. This patch clears these arrays in the case of failure.
      
      Change-Id: I9d48f5bc71fa13e5a75d6c45b5e34796ef13aaa2
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      51c5e1a2
    • Antonio Nino Diaz's avatar
      Fix declarations of cache maintenance functions · c8d64c54
      Antonio Nino Diaz authored
      Fix the parameter type of the maintenance functions of data cache.
      
      Add missing declarations for AArch32 versions of dcsw_op_louis and
      dcsw_op_all to match the AAch64 ones.
      
      Change-Id: I4226e8ea4f8b2b5bc2972992c83de659ee0da52c
      c8d64c54
  2. 11 Jan, 2017 1 commit
  3. 10 Jan, 2017 3 commits
  4. 06 Jan, 2017 2 commits
  5. 05 Jan, 2017 4 commits
  6. 04 Jan, 2017 1 commit
  7. 23 Dec, 2016 2 commits
    • davidcunado-arm's avatar
      Merge pull request #798 from douglas-raillard-arm/dr/fix_std_smc_after_suspend · cef7b3ce
      davidcunado-arm authored
      Abort preempted TSP STD SMC after PSCI CPU suspend
      cef7b3ce
    • Douglas Raillard's avatar
      Abort preempted TSP STD SMC after PSCI CPU suspend · 3df6012a
      Douglas Raillard authored
      
      
      Standard SMC requests that are handled in the secure-world by the Secure
      Payload can be preempted by interrupts that must be handled in the
      normal world. When the TSP is preempted the secure context is stored and
      control is passed to the normal world to handle the non-secure
      interrupt. Once completed the preempted secure context is restored. When
      restoring the preempted context, the dispatcher assumes that the TSP
      preempted context is still stored as the SECURE context by the context
      management library.
      
      However, PSCI power management operations causes synchronous entry into
      TSP. This overwrites the preempted SECURE context in the context
      management library. When restoring back the SECURE context, the Secure
      Payload crashes because this context is not the preempted context
      anymore.
      
      This patch avoids corruption of the preempted SECURE context by aborting
      any preempted SMC during PSCI power management calls. The
      abort_std_smc_entry hook of the TSP is called when aborting the SMC
      request.
      
      It also exposes this feature as a FAST SMC callable from normal world to
      abort preempted SMC with FID TSP_FID_ABORT.
      
      Change-Id: I7a70347e9293f47d87b5de20484b4ffefb56b770
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      3df6012a
  8. 21 Dec, 2016 1 commit
  9. 20 Dec, 2016 14 commits
  10. 19 Dec, 2016 4 commits
  11. 15 Dec, 2016 6 commits
    • danh-arm's avatar
      Merge pull request #786 from davidcunado-arm/dc/update_foundation_model · 17612953
      danh-arm authored
      Update Foundation Model version
      17612953
    • danh-arm's avatar
      Merge pull request #782 from antonio-nino-diaz-arm/an/fix-copyright · decc6258
      danh-arm authored
      Fix incorrect copyright notices
      decc6258
    • David Cunado's avatar
      Update Foundation Model version · 8434f76f
      David Cunado authored
      
      
      Foundation Model release 10.2 has been made available and Trusted
      Firmware has been tested against that it as part of its CI system.
      
      This patch updates the user guide documentation to reflect the version
      of Foundation Model that Trusted Firmware has been tested against.
      
      Change-Id: I8571e1027b24892b41d04b93b24245a371ca2cae
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      8434f76f
    • Jeenu Viswambharan's avatar
      Add provision to extend CPU operations at more levels · 5dd9dbb5
      Jeenu Viswambharan authored
      
      
      Various CPU drivers in ARM Trusted Firmware register functions to handle
      power-down operations. At present, separate functions are registered to
      power down individual cores and clusters.
      
      This scheme operates on the basis of core and cluster, and doesn't cater
      for extending the hierarchy for power-down operations. For example,
      future CPUs might support multiple threads which might need powering
      down individually.
      
      This patch therefore reworks the CPU operations framework to allow for
      registering power down handlers on specific level basis. Henceforth:
      
        - Generic code invokes CPU power down operations by the level
          required.
      
        - CPU drivers explicitly mention CPU_NO_RESET_FUNC when the CPU has no
          reset function.
      
        - CPU drivers register power down handlers as a list: a mandatory
          handler for level 0, and optional handlers for higher levels.
      
      All existing CPU drivers are adapted to the new CPU operations framework
      without needing any functional changes within.
      
      Also update firmware design guide.
      
      Change-Id: I1826842d37a9e60a9e85fdcee7b4b8f6bc1ad043
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      5dd9dbb5
    • dp-arm's avatar
      tbbr: Fix updating of Non-Trusted NV counter · d35dee23
      dp-arm authored
      
      
      The previous code required that a certificate be signed with the ROT
      key before the platform's NV counter could be updated with the value
      in the certificate.  This implies that the Non-Trusted NV counter was
      not being updated for Non-Trusted content certificates, as they cannot
      be signed with the ROT key in the TBBR CoT scheme.
      
      The code is reworked to only allow updating the platform's Trusted NV
      counter when a certificate protected by the Trusted NV counter is
      signed with the ROT key.
      
      Content certificates protected by the Non-Trusted NV counter are
      allowed to update the platform's Non-Trusted NV counter, assuming
      that the certificate value is higher than the platform's value.
      
      A new optional platform API has been introduced, named
      plat_set_nv_ctr2().  Platforms may choose to implement it and perform
      additional checks based on the authentication image descriptor before
      modifying the NV counters.  A default weak implementation is available
      that just calls into plat_set_nv_ctr().
      
      Fixes ARM-software/tf-issues#426
      
      Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      d35dee23
    • Jeenu Viswambharan's avatar
      FVP: Avail GIC Redistributor power management · 74a9578c
      Jeenu Viswambharan authored
      
      
      Earlier patches introduced GIC Redistributor power management for ARM
      platforms. This patch modifies FVP power management to power down
      Redistributor during CPU power on/off.
      
      Change-Id: I2adb9c50a7dd750019fe3b4e576b5d5fc364bffb
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      74a9578c