1. 27 May, 2021 1 commit
  2. 05 May, 2021 2 commits
  3. 04 May, 2021 2 commits
  4. 30 Apr, 2021 14 commits
  5. 29 Apr, 2021 5 commits
  6. 28 Apr, 2021 12 commits
  7. 27 Apr, 2021 4 commits
    • Manish Pandey's avatar
    • Pali Rohár's avatar
      plat: marvell: armada: a3k: Add new compile option A3720_DB_PM_WAKEUP_SRC · f2800a47
      Pali Rohár authored
      
      
      This new compile option is only for Armada 3720 Development Board. When
      it is set to 1 then TF-A will setup PM wake up src configuration.
      
      By default this new option is disabled as it is board specific and no
      other A37xx board has PM wake up src configuration.
      
      Currently neither upstream U-Boot nor upstream Linux kernel has wakeup
      support for A37xx platforms, so having it disabled does not cause any
      issue.
      
      Prior this commit PM wake up src configuration specific for Armada 3720
      Development Board was enabled for every A37xx board. After this change it
      is enabled only when compiling with build flag A3720_DB_PM_WAKEUP_SRC=1
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I09fea1172c532df639acb3bb009cfde32d3c5766
      f2800a47
    • Chris Kay's avatar
      revert(commitlint): disable `signed-off-by` rule · 8a73b563
      Chris Kay authored
      
      
      The `signed-off-by` rule does not correctly detect the `Signed-off-by:`
      trailer if it's not the last trailer. Therefore, this rule has been
      disabled until we can resolve this in the commitlint upstream.
      
      Change-Id: I50ea29067528f3c1c25beeea5eb25134b25b2af2
      Signed-off-by: default avatarChris Kay <chris.kay@arm.com>
      8a73b563
    • Manish V Badarkhe's avatar
      fix(driver/auth): avoid NV counter upgrade without certificate validation · a2a5a945
      Manish V Badarkhe authored
      
      
      Platform NV counter get updated (if cert NV counter > plat NV counter)
      before authenticating the certificate if the platform specifies NV
      counter method before signature authentication in its CoT, and this
      provides an opportunity for a tempered certificate to upgrade the
      platform NV counter. This is theoretical issue, as in practice none
      of the standard CoT (TBBR, dualroot) or upstream platforms ones (NXP)
      exercised this issue.
      
      To fix this issue, modified the auth_nvctr method to do only NV
      counter check, and flags if the NV counter upgrade is needed or not.
      Then ensured that the platform NV counter gets upgraded with the NV
      counter value from the certificate only after that certificate gets
      authenticated.
      
      This change is verified manually by modifying the CoT that specifies
      certificate with:
      1. NV counter authentication before signature authentication
         method
      2. NV counter authentication method only
      
      Change-Id: I1ad17f1a911fb1035a1a60976cc26b2965b05166
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      a2a5a945