1. 10 Feb, 2020 1 commit
    • Manish Pandey's avatar
      SPM: modify sptool to generate individual SP blobs · 3977a825
      Manish Pandey authored
      
      
      Currently sptool generates a single blob containing all the Secure
      Partitions, with latest SPM implementation, it is desirable to have
      individual blobs for each Secure Partition. It allows to leverage
      packaging and parsing of SP on existing FIP framework. It also allows
      SP packages coming from different sources.
      
      This patch modifies sptool so that it takes number of SP payload pairs
      as input and generates number of SP blobs instead of a single blob.
      
      Each SP blob can optionally have its own header containing offsets and
      sizes of different payloads along with a SP magic number and version.
      It is also associated in FIP with a UUID, provided by SP owner.
      
      Usage example:
      sptool -i sp1.bin:sp1.dtb -o sp1.pkg -i sp2.bin:sp2.dtb -o sp2.pkg ...
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ie2db8e601fa1d4182d0a1d22e78e9533dce231bc
      3977a825
  2. 29 Jan, 2020 3 commits
  3. 14 Jan, 2020 1 commit
  4. 25 Nov, 2019 1 commit
    • Louis Mayencourt's avatar
      tools: Add show_memory script · ea698c1e
      Louis Mayencourt authored
      
      
      show_memory is a simple tools that parse the blx.map files and print a
      representation of the memory layout for the latest build.
      This representation is based on standard symbols present on the map
      files as: __TEXT_START/END__, __RODATA_START/END__, __STACKS_START/END__
      , etc..
      
      Change-Id: Iba3e301a1a9fee9a35abf1afdb69093617d33929
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      ea698c1e
  5. 12 Sep, 2019 2 commits
    • Justin Chadwell's avatar
      Remove RSA PKCS#1 v1.5 support from cert_tool · 6a415a50
      Justin Chadwell authored
      Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed
      in SHA fe199e3b
      
      , however, cert_tool is still able to generate
      certificates in that form. This patch fully removes the ability for
      cert_tool to generate these certificates.
      
      Additionally, this patch also fixes a bug where the issuing certificate
      was a RSA and the issued certificate was EcDSA. In this case, the issued
      certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
      PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
      that PKCS#1 v1.5 support is removed, all certificates that are signed
      with RSA now use the more modern padding scheme.
      
      Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      6a415a50
    • Justin Chadwell's avatar
      Add cert_create tool support for RSA key sizes · dfe0f4c2
      Justin Chadwell authored
      
      
      cert_tool is now able to accept a command line option for specifying the
      key size. It now supports the following options: 1024, 2048 (default),
      3072 and 4096. This is also modifiable by TFA using the build flag
      KEY_SIZE.
      
      Change-Id: Ifadecf84ade3763249ee8cc7123a8178f606f0e5
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      dfe0f4c2
  6. 05 Sep, 2019 1 commit
  7. 16 Aug, 2019 1 commit
  8. 02 Jul, 2019 1 commit
  9. 02 Apr, 2019 2 commits
  10. 12 Mar, 2019 2 commits
  11. 29 Jan, 2019 1 commit
  12. 11 Dec, 2018 1 commit
  13. 08 Nov, 2018 1 commit
    • Antonio Nino Diaz's avatar
      Standardise header guards across codebase · c3cf06f1
      Antonio Nino Diaz authored
      
      
      All identifiers, regardless of use, that start with two underscores are
      reserved. This means they can't be used in header guards.
      
      The style that this project is now to use the full name of the file in
      capital letters followed by 'H'. For example, for a file called
      "uart_example.h", the header guard is UART_EXAMPLE_H.
      
      The exceptions are files that are imported from other projects:
      
      - CryptoCell driver
      - dt-bindings folders
      - zlib headers
      
      Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      c3cf06f1
  14. 22 Oct, 2018 1 commit
  15. 17 Oct, 2018 1 commit
    • Jorge Ramirez-Ortiz's avatar
      rcar-gen3: initial commit for the rcar-gen3 boards · 7e532c4b
      Jorge Ramirez-Ortiz authored
      Reference code:
      ==============
      
      rar_gen3: IPL and Secure Monitor Rev1.0.22
      https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3]
      
      Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com>
      Date:   Thu Aug 30 21:26:41 2018 +0900
      	Update IPL and Secure Monitor Rev1.0.22
      
      General Information:
      ===================
      
      This port has been tested on the Salvator-X Soc_id r8a7795 revision
      ES1.1 (uses an SPD).
      
      Build Tested:
      -------------
      ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1"
      MBEDTLS_DIR=$mbedtls
      
      $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed
      
      Other dependencies:
      ------------------
      * mbed_tls:
        git@github.com:ARMmbed/mbedtls.git [devel]
      
        Merge: 68dbc94 f34a4c1
        Author: Simon Butcher <simon.butcher@arm.com>
        Date:   Thu Aug 30 00:57:28 2018 +0100
      
      * optee_os:
        https://github.com/BayLibre/optee_os
      
      
      
        Until it gets merged into OP-TEE, the port requires Renesas' Trusted
        Environment with a modification to support power management.
      
        Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com>
        Date:   Thu Aug 30 16:49:49 2018 +0200
          plat-rcar: cpu-suspend: handle the power level
      Signed-off-by: default avatarJorge Ramirez-Ortiz <jramirez@baylibre.com>
      
      * u-boot:
        The port has beent tested using mainline uboot.
      
        Author: Fabio Estevam <festevam@gmail.com>
        Date:   Tue Sep 4 10:23:12 2018 -0300
      
      *linux:
        The port has beent tested using mainline kernel.
      
        Author: Linus Torvalds <torvalds@linux-foundation.org>
        Date:   Sun Sep 16 11:52:37 2018 -0700
            Linux 4.19-rc4
      
      Overview
      ---------
      
      BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered
      at this exception level (the Renesas' ATF reference tree [1] resets into
      EL1 before entering BL2 - see its bl2.ld.S)
      
      BL2 initializes DDR (and i2c to talk to the PMIC on some platforms)
      before determining the boot reason (cold or warm).
      
      During suspend all CPUs are switched off and the DDR is put in
      backup mode (some kind of self-refresh mode). This means that BL2 is
      always entered in a cold boot scenario.
      
      Once BL2 boots, it determines the boot reason, writes it to shared
      memory (BOOT_KIND_BASE) together with the BL31 parameters
      (PARAMS_BASE) and jumps to BL31.
      
      To all effects, BL31 is as if it is being entered in reset mode since
      it still needs to initialize the rest of the cores; this is the reason
      behind using direct shared memory access to  BOOT_KIND_BASE and
      PARAMS_BASE instead of using registers to get to those locations (see
      el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use
      case).
      
      Depending on the boot reason BL31 initializes the rest of the cores:
      in case of suspend, it uses a MBOX memory region to recover the
      program counters.
      
      [1] https://github.com/renesas-rcar/arm-trusted-firmware
      
      
      Tests
      -----
      
      * cpuidle
        -------
         enable kernel's cpuidle arm_idle driver and boot
      
      * system suspend
        --------------
        $ cat suspend.sh
          #!/bin/bash
          i2cset -f -y 7 0x30 0x20 0x0F
          read -p "Switch off SW23 and press return " foo
          echo mem > /sys/power/state
      
      * cpu hotplug:
        ------------
        $ cat offline.sh
          #!/bin/bash
          nbr=$1
          echo 0 > /sys/devices/system/cpu/cpu$nbr/online
          printf "ONLINE:  " && cat /sys/devices/system/cpu/online
          printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
      
        $ cat online.sh
          #!/bin/bash
          nbr=$1
          echo 1 > /sys/devices/system/cpu/cpu$nbr/online
          printf "ONLINE:  " && cat /sys/devices/system/cpu/online
          printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
      Signed-off-by: default avatarldts <jramirez@baylibre.com>
      7e532c4b
  16. 15 Oct, 2018 1 commit
  17. 04 Oct, 2018 1 commit
    • Antonio Nino Diaz's avatar
      tools: Make invocation of host compiler correct · 750e8d80
      Antonio Nino Diaz authored
      
      
      HOSTCC should be used in any of the tools inside the tools/ directory
      instead of CC. That way it is possible to override both values from the
      command line when building the Trusted Firmware and the tools at the
      same time. Also, use HOSTCCFLAGS instead of CFLAGS.
      
      Also, instead of printing the strings CC and LD in the console during
      the compilation of the tools, HOSTCC and HOSTLD have to be used for
      clarity. This is how it is done in other projects like U-Boot or Linux.
      
      Change-Id: Icd6f74c31eb74cdd1c353583399ab19e173e293e
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      750e8d80
  18. 03 Oct, 2018 1 commit
    • Jan Kiszka's avatar
      tools: Fix broken object compilation rules · c0f73edc
      Jan Kiszka authored
      
      
      As these rules depend on non-existing headers as well (likely copy &
      pasted from fiptool), they never matched, and the built-in rules were
      used. That led to random breakages when e.g. CPPFLAGS was suddenly
      evaluated and contained invalid options.
      
      For the stm32image, this reveals that we were relying on the built-in
      rules by passing -D_GNU_SOURCE via CPPFLAGS, rather than using CFLAGS as
      used in the local rule. Fix that as well.
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      c0f73edc
  19. 28 Sep, 2018 1 commit
  20. 24 Sep, 2018 1 commit
  21. 03 Sep, 2018 2 commits
  22. 24 Jul, 2018 1 commit
  23. 18 Jul, 2018 1 commit
  24. 06 Jul, 2018 1 commit
  25. 27 Jun, 2018 1 commit
  26. 14 Jun, 2018 1 commit
    • Roberto Vargas's avatar
      Make TF UUID RFC 4122 compliant · 03364865
      Roberto Vargas authored
      
      
      RFC4122 defines that fields are stored in network order (big endian),
      but TF-A stores them in machine order (little endian by default in TF-A).
      We cannot change the future UUIDs that are already generated, but we can store
      all the bytes using arrays and modify fiptool to generate the UUIDs with
      the correct byte order.
      
      Change-Id: I97be2d3168d91f4dee7ccfafc533ea55ff33e46f
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      03364865
  27. 18 May, 2018 1 commit
  28. 03 May, 2018 1 commit
  29. 30 Apr, 2018 1 commit
  30. 05 Mar, 2018 1 commit
  31. 26 Feb, 2018 1 commit
    • Soby Mathew's avatar
      Dynamic cfg: Update the tools · e24659df
      Soby Mathew authored
      
      
      This patch updates the `fiptool` and `cert_create` for the
      `hw_config` and `tb_fw_config` dynamic configuration files.
      The necessary UUIDs and OIDs are assigned to these files and
      the `cert_create` is updated to generate appropriate hashes
      and include them in the "Trusted Boot FW Certificate". The
      `fiptool` is updated to allow the configs to be specified
      via cmdline and included in the generated FIP.
      
      Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      e24659df
  32. 27 Jan, 2018 1 commit
  33. 03 Jan, 2018 1 commit
  34. 21 Nov, 2017 1 commit