- 06 Aug, 2021 1 commit
-
-
J-Alves authored
Bump the required FF-A version in framework and manifests to v1.1 as upstream feature development goes. Signed-off-by:Olivier Deprez <olivier.deprez@arm.com> Change-Id: I89b2bd3828a13fc4344ccd53bc3ac9c0c22ab29f
-
- 22 Jul, 2021 1 commit
-
-
Maksims Svecovs authored
Align documentation with changes of messaging method for partition manifest: - Bit[0]: support for receiving direct message requests - Bit[1]: support for sending direct messages - Bit[2]: support for indirect messaging - Bit[3]: support for managed exit Change the optee_sp_manifest to align with the new messaging method description. Signed-off-by:Maksims Svecovs <maksims.svecovs@arm.com> Change-Id: I333e82c546c03698c95f0c77293018f8dca5ba9c
-
- 02 Jul, 2021 1 commit
-
-
Daniel Boulby authored
The partition layout description JSON file generated by TF-A tests declares a fourth test partition called Ivy demonstrating the implementation of a S-EL0 partition supported by a S-EL1 shim. Change-Id: If8562acfc045d6496dfdb3df0524b3a069357f8e Signed-off-by:
Daniel Boulby <daniel.boulby@arm.com> Signed-off-by:
-
- 03 Jun, 2021 1 commit
-
-
Olivier Deprez authored
Fix a remainder from early prototyping. OP-TEE as a secure partition does not need specific SMC function id pass through to EL3. Signed-off-by:
-
- 02 Jun, 2021 1 commit
-
-
Yann Gautier authored
The UUID strings used in FW_CONFIG DT are not aligned with UUIDs defined in include/tools_share/firmware_image_package.h for BL32_EXTRA1 and TRUSTED_KEY_CERT. Signed-off-by:Yann Gautier <yann.gautier@foss.st.com> Change-Id: I517f8f9311585931f2cb931e0588414da449b694
-
- 28 Apr, 2021 1 commit
-
-
David Horstmann authored
NOTE: Breaking change to the way UUIDs are stored in the DT Currently, UUIDs are stored in the device tree as sequences of 4 integers. There is a mismatch in endianness between the way UUIDs are represented in memory and the way they are parsed from the device tree. As a result, we must either store the UUIDs in little-endian format in the DT (which means that they do not match up with their string representations) or perform endianness conversion after parsing them. Currently, TF-A chooses the second option, with unwieldy endianness-conversion taking place after reading a UUID. To fix this problem, and to make it convenient to copy and paste UUIDs from other tools, change to store UUIDs in string format, using a new wrapper function to parse them from the device tree. Change-Id: I38bd63c907be14e412f03ef0aab9dcabfba0eaa0 Signed-off-by:David Horstmann <david.horstmann@arm.com>
-
- 26 Apr, 2021 1 commit
-
-
Manish Pandey authored
This will help in keeping source file generic and conditional compilation can be contained in platform provided dt files. Signed-off-by:Manish Pandey <manish.pandey2@arm.com> Change-Id: I3c6e0a429073f0afb412b9ba521ce43f880b57fe
-
- 09 Apr, 2021 1 commit
-
-
Manish Pandey authored
NT_FW_CONFIG file is meant to be passed from BL31 to be consumed by BL33, fvp platforms use this to pass measured boot configuration and the x0 register is used to pass the base address of it. In case of hafnium used as hypervisor in normal world, hypervisor manifest is expected to be passed from BL31 and its base address is passed in x0 register. As only one of NT_FW_CONFIG or hypervisor manifest base address can be passed in x0 register and also measured boot is not required for SPM so disable passing NT_FW_CONFIG. Signed-off-by:
-
- 15 Mar, 2021 1 commit
-
-
Olivier Deprez authored
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU instantiated in a Secure Partition: -A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs. An EC is pinned to a corresponding physical CPU. -An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to the physical CPU from which the FF-A call is originating. This change permits exercising the latter case within the TF-A-tests framework. Signed-off-by:
-
- 08 Dec, 2020 4 commits
-
-
Olivier Deprez authored
The primary VM concept is removed from the SPMC. Update the SPMC manifests with number of Execution Contexts and SP workspace size for the first Secure Partition (as it is done for NWd secondary VMs and other SPs). Signed-off-by: -
Olivier Deprez authored
The chosen node is no longer required as the SPMC implements a specific boot flow which no longer requires this node. Signed-off-by: -
Olivier Deprez authored
Signed-off-by: -
Olivier Deprez authored
The PVM concept is removed from the SPMC so the device-memory node which is specifying the device memory range for the PVM is no longer applicable. Signed-off-by:
-
- 21 Oct, 2020 1 commit
-
-
Olivier Deprez authored
For the first partition, mark first 2GB as device memory excluding the Trusted DRAM region reserved for the SPMC. Signed-off-by:
-
- 15 Sep, 2020 1 commit
-
-
Olivier Deprez authored
According to [1] and in context of FF-A v1.0 a secure partition must have either one EC (migratable UP) or a number of ECs equal to the number of PEs (pinned MP). Adjust the SPMC manifest such that the number of ECs is equal to the number of PEs. [1] https://trustedfirmware-a.readthedocs.io/en/latest/components/ secure-partition-manager.html#platform-topology Signed-off-by:
-
- 10 Sep, 2020 1 commit
-
-
Ruari Phipps authored
UUID's in the device tree files were stored in little endian. So to keep all entries in these files RFC 4122 compliant, store them in big endian then convert it to little endian when they are read so they can be used in the UUID data structure. Signed-off-by:Ruari Phipps <ruari.phipps@arm.com> Change-Id: I5674159b82b245104381df10a4e3291160d9b3b5
-
- 20 Aug, 2020 1 commit
-
-
Olivier Deprez authored
Signed-off-by:
-
- 19 Aug, 2020 1 commit
-
-
Ruari Phipps authored
Add information about the third partition so it can be loaded into SPM when running the tests Signed-off-by:
-
- 14 Aug, 2020 1 commit
-
-
Ruari Phipps authored
For supporting dualroot CoT for Secure Partitions a new optional field "owner" is introduced which will be used to sign the SP with corresponding signing domain. To demonstrate its usage, this patch adds owners to cactus Secure Partitions. Signed-off-by:
-
- 30 Jul, 2020 1 commit
-
-
Olivier Deprez authored
Provide manifest and build options to boot OP-TEE as a guest S-EL1 Secure Partition on top of Hafnium in S-EL2. Increase ARM_SP_MAX_SIZE to cope with OP-TEE debug build image. Signed-off-by:
-
- 22 Jul, 2020 1 commit
-
-
Alexei Fedorov authored
This patch adds support for Measured Boot functionality to FVP platform code. It also defines new properties in 'tpm_event_log' node to store Event Log address and it size 'tpm_event_log_sm_addr' 'tpm_event_log_addr' 'tpm_event_log_size' in 'event_log.dtsi' included in 'fvp_tsp_fw_config.dts' and 'fvp_nt_fw_config.dts'. The node and its properties are described in binding document 'docs\components\measured_boot\event_log.rst'. Change-Id: I087e1423afcb269d6cfe79c1af9c348931991292 Signed-off-by:Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 10 Jul, 2020 1 commit
-
-
Manish V Badarkhe authored
Included cot_descriptors.dtsi in platform device tree (fvp_tb_fw_config.dts). Also, updated the maximum size of tb_fw_config to 0x1800 in order to accomodate the device tree for CoT descriptors. Follow up patch will parse the device tree for these CoT descriptors and fill the CoT descriptor structures at runtime instead of using static CoT descriptor structures in the code base. Signed-off-by:Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I90122bc713f6842b82fb019b04caf42629b4f45a
-
- 26 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Passed the address of fw_config instead of soc_fw_config as arg1 to BL31 from BL2 for ARM fvp platform. BL31 then retrieve load-address of other device trees from fw_config device tree. Signed-off-by:
Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by:
-
- 24 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Moved BL2 configuration nodes from fw_config to newly created tb_fw_config device tree. fw_config device tree's main usage is to hold properties shared across all BLx images. An example is the "dtb-registry" node, which contains the information about the other device tree configurations (load-address, size). Also, Updated load-address of tb_fw_config which is now located after fw_config in SRAM. Signed-off-by:
-
- 09 Jun, 2020 1 commit
-
-
Manish Pandey authored
A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP) owned Secure Partitions(SP). A similar support for Platform owned SP can be added in future. The certificate is also protected against anti- rollback using the trusted Non-Volatile counter. To avoid deviating from TBBR spec, support for SP CoT is only provided in dualroot. Secure Partition content certificate is assigned image ID 31 and SP images follows after it. The CoT for secure partition look like below. +------------------+ +-------------------+ | ROTPK/ROTPK Hash |------>| Trusted Key | +------------------+ | Certificate | | (Auth Image) | /+-------------------+ / | / | / | / | L v +------------------+ +-------------------+ | Trusted World |------>| SiP owned SPs | | Public Key | | Content Cert | +------------------+ | (Auth Image) | / +-------------------+ / | / v| +------------------+ L +-------------------+ | SP_PKG1 Hash |------>| SP_PKG1 | | | | (Data Image) | +------------------+ +-------------------+ . . . . . . +------------------+ +-------------------+ | SP_PKG8 Hash |------>| SP_PKG8 | | | | (Data Image) | +------------------+ +-------------------+ Signed-off-by:
-
- 08 Jun, 2020 1 commit
-
-
Manish Pandey authored
As per "include/export/README", TF-A code should never include export headers directly. Instead, it should include a wrapper header that ensures the export header is included in the right manner. "tbbr_img_def_exp.h" is directly included in TF-A code, this patch replaces it with its wrapper header "tbbr_img_def.h". Signed-off-by:
-
- 25 May, 2020 1 commit
-
-
J-Alves authored
SPCI is renamed as PSA FF-A which stands for Platform Security Architecture Firmware Framework for A class processors. This patch replaces the occurrence of SPCI with PSA FF-A(in documents) or simply FFA(in code). Change-Id: I4ab10adb9ffeef1ff784641dfafd99f515133760 Signed-off-by:J-Alves <joao.alves@arm.com>
-
- 30 Apr, 2020 1 commit
-
-
Louis Mayencourt authored
Dynamic configuration properties are fconf properties. Modify the compatible string from "arm,.." to "fconf,.." to reflect this. Signed-off-by:
-
- 23 Apr, 2020 1 commit
-
-
Louis Mayencourt authored
Signed-off-by:
-
- 25 Mar, 2020 1 commit
-
-
Alexei Fedorov authored
This patch provides support for measured boot by adding calculation of BL2 image hash in BL1 and writing these data in TB_FW_CONFIG DTB. Change-Id: Ic074a7ed19b14956719c271c805b35d147b7cec1 Signed-off-by:
-
- 19 Mar, 2020 2 commits
-
-
Manish Pandey authored
To demonstrate communication between SP's two instances of Cactus at S-EL1 has been used. This patch replaces Ivy SP with cactus-secondary SP which aligns with changes in tf-a-tests repository. Signed-off-by: -
Olivier Deprez authored
When using the SPM Dispatcher, the SPMC sits as a BL32 component (BL32_IMAGE_ID). The SPMC manifest is passed as the TOS fw config component (TOS_FW_CONFIG_ID). It defines platform specific attributes (memory range and physical CPU layout) as well as the attributes for each secure partition (mostly load address). This manifest is passed to the SPMC on boot up. An SP package contains the SP dtb in the SPCI defined partition manifest format. As the SPMC manifest was enriched it needs an increase of tos_fw-config max-size in fvp_fw_config dts. Signed-off-by:
-
- 16 Mar, 2020 1 commit
-
-
Louis Mayencourt authored
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This removes the duplicate io_policies and functions definition. This patch: - replace arm_io_storage.c with the content of arm_fconf_io_storage.c - rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB. - use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb. - propagate DEFINES when parsing dts. - use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb. - set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior of fvp stays the same as it was before the introduction of fconf. Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e Signed-off-by:
-
- 12 Mar, 2020 1 commit
-
-
Max Shvetsov authored
This patch introduces the `SPCI_ID_GET` interface which will return the ID of the calling SPCI component. Returns 0 for requests from the non-secure world and the SPCI component ID as specified in the manifest for secure world requests. Change-Id: Icf81eb1d0e1d7d5c521571e04972b6e2d356e0d1 Signed-off-by:
Marc Bonnici <marc.bonnici@arm.com>
-
- 03 Mar, 2020 2 commits
-
-
Max Shvetsov authored
Added SPMD_SPM_AT_SEL2 build command line parameter. Set to 1 to run SPM at S-EL2. Set to 0 to run SPM at S-EL1 (pre-v8.4 or S-EL2 is disabled). Removed runtime EL from SPM core manifest. Change-Id: Icb4f5ea4c800f266880db1d410d63fe27a1171c0 Signed-off-by:
Artsem Artsemenka <artsem.artsemenka@arm.com> Signed-off-by:
-
Manish Pandey authored
Add load address and UUID in fw config dts for Cactus and Ivy which are example SP's in tf-test repository. For prototype purpose these information is added manually but later on it will be updated at compile time from SP layout file and SP manifests provided by platform. Change-Id: I41f485e0245d882c7b514bad41fae34036597ce4 Signed-off-by:
-
- 10 Feb, 2020 1 commit
-
-
Achin Gupta authored
This patch repurposes the TOS FW configuration file as the manifest for the SPM core component which will reside at the secure EL adjacent to EL3. The SPM dispatcher component will use the manifest to determine how the core component must be initialised. Routines and data structure to parse the manifest have also been added. Signed-off-by:
Achin Gupta <achin.gupta@arm.com> Signed-off-by:
-
- 07 Feb, 2020 2 commits
-
-
Louis Mayencourt authored
Use the firmware configuration framework to store the io_policies information inside the configuration device tree instead of the static structure in the code base. The io_policies required by BL1 can't be inside the dtb, as this one is loaded by BL1, and only available at BL2. This change currently only applies to FVP platform. Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1 Signed-off-by: -
Louis Mayencourt authored
This patch introduces a better separation between the trusted-boot related properties, and the dynamic configuration DTBs loading information. The dynamic configuration DTBs properties are moved to a new node: `dtb-registry`. All the sub-nodes present will be provided to the dynamic config framework to be loaded. The node currently only contains the already defined configuration DTBs, but can be extended for future features if necessary. The dynamic config framework is modified to use the abstraction provided by the fconf framework, instead of directly accessing the DTBs. The trusted-boot properties are kept under the "arm,tb_fw" compatible string, but in a separate `tb_fw-config` node. The `tb_fw-config` property of the `dtb-registry` node simply points to the load address of `fw_config`, as the `tb_fw-config` is currently part of the same DTB. Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82 Signed-off-by:
-
- 04 Sep, 2018 1 commit
-
-
John Tsichritzis authored
This patch introduces the shared Mbed TLS heap optimisation for Arm platforms. The objective is the Mbed TLS heap to be shared between BL1 and BL2 so as to not allocate the heap memory twice. To achieve that, the patch introduces all the necessary helpers for implementing this optimisation. It also applies it for FVP. Change-Id: I6d85eaa1361517b7490956b2ac50f5fa0d0bb008 Signed-off-by:John Tsichritzis <john.tsichritzis@arm.com>
-
