1. 29 Apr, 2020 1 commit
    • Andre Przywara's avatar
      plat/stm32: Implement fdt_read_uint32_default() as a wrapper · be858cff
      Andre Przywara authored
      
      
      The STM32 platform code uses its own set of FDT helper functions,
      although some of them are fairly generic.
      
      Remove the implementation of fdt_read_uint32_default() and implement it
      on top of the newly introduced fdt_read_uint32() function, then convert
      all users over.
      
      This also fixes two callers, which were slightly abusing the "default"
      semantic.
      
      Change-Id: I570533362b4846e58dd797a92347de3e0e5abb75
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      be858cff
  2. 28 Apr, 2020 1 commit
    • Andre Przywara's avatar
      plat/stm32: Use generic fdt_read_uint32_array() implementation · 52a616b4
      Andre Przywara authored
      
      
      The device tree parsing code for the STM32 platform is using its own FDT
      helper functions, some of them being rather generic.
      In particular the existing fdt_read_uint32_array() implementation is now
      almost identical to the new generic code in fdt_wrappers.c, so we can
      remove the ST specific version and adjust the existing callers.
      
      Compared to the original ST implementation the new version takes a
      pointer to the DTB as the first argument, and also swaps the order of
      the number of cells and the pointer.
      
      Change-Id: Id06b0f1ba4db1ad1f733be40e82c34f46638551a
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      52a616b4
  3. 07 Apr, 2020 3 commits
  4. 06 Apr, 2020 1 commit
  5. 03 Apr, 2020 5 commits
  6. 01 Apr, 2020 2 commits
  7. 30 Mar, 2020 1 commit
    • Alexei Fedorov's avatar
      TF-A GICv3 driver: Introduce makefile · a6ea06f5
      Alexei Fedorov authored
      
      
      This patch moves all GICv3 driver files into new added
      'gicv3.mk' makefile for the benefit of the generic driver
      which can evolve in the future without affecting platforms.
      The patch adds GICv3 driver configuration flags
      'GICV3_IMPL', 'GICV3_IMPL_GIC600_MULTICHIP' and
      'GICV3_OVERRIDE_DISTIF_PWR_OPS' described in
      'GICv3 driver options' section of 'build-option.rst'
      document.
      
      NOTE: Platforms with GICv3 driver need to be modified to
      include 'drivers/arm/gic/v3/gicv3.mk' in their makefiles.
      
      Change-Id: If055f6770ff20f5dee5a3c99ae7ced7cdcac5c44
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      a6ea06f5
  8. 26 Mar, 2020 1 commit
    • Yann Gautier's avatar
      stm32mp1: dynamically map DDR later and non-cacheable during its test · 84686ba3
      Yann Gautier authored
      
      
      A speculative accesses to DDR could be done whereas it was not reachable
      and could lead to bus stall.
      To correct this the dynamic mapping in MMU is used.
      A first mapping is done for DDR tests with MT_NON_CACHEABLE attribute,
      once DDR access is setup. It is then unmapped and a new mapping DDR is done
      with cacheable attribute (through MT_MEMORY) to speed-up BL33 (or OP-TEE)
      load.
      
      The disabling of cache during DDR tests is also removed, as now useless.
      A call to new functions stm32mp_{,un}map_ddr_non_cacheable() is done
      instead.
      
      PLAT_XLAT_TABLES_DYNAMIC is activated globally as used in BL2 and BL32.
      
      BL33 max size is also updated to take into account the secure and shared
      memory areas. Those are used in OP-TEE case.
      
      Change-Id: I22c48b4a48255ee264991c34ecbb15bfe87e67c3
      Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      84686ba3
  9. 25 Mar, 2020 1 commit
  10. 23 Mar, 2020 3 commits
  11. 17 Mar, 2020 1 commit
    • Andre Przywara's avatar
      rpi3: gpio: Simplify GPIO setup · 0d92745e
      Andre Przywara authored
      
      
      There is really no reason to use and pass around a struct when its only
      member is the (fixed) base address.
      
      Remove the struct and just use the base address on its own inside the
      GPIO driver. Then set the base address automatically.
      
      This simplifies GPIO setup for users, which now don't need to deal with
      zeroing a struct and setting the base address anymore.
      
      Change-Id: I3060f7859e3f8ef9a24cc8fb38307b5da943f127
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      0d92745e
  12. 10 Mar, 2020 1 commit
  13. 08 Mar, 2020 1 commit
  14. 06 Mar, 2020 2 commits
    • Sumit Garg's avatar
      TBB: Add an IO abstraction layer to load encrypted firmwares · 2be57b86
      Sumit Garg authored
      
      
      TBBR spec advocates for optional encryption of firmwares (see optional
      requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to
      support firmware decryption that can be stacked above any underlying IO/
      packaging layer like FIP etc. It aims to provide a framework to load any
      encrypted IO payload.
      
      Also, add plat_get_enc_key_info() to be implemented in a platform
      specific manner as handling of encryption key may vary from one platform
      to another.
      Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
      Change-Id: I9892e0ddf00ebecb8981301dbfa41ea23e078b03
      2be57b86
    • Sumit Garg's avatar
      drivers: crypto: Add authenticated decryption framework · 7cda17bb
      Sumit Garg authored
      
      
      Add framework for autheticated decryption of data. Currently this
      patch optionally imports mbedtls library as a backend if build option
      "DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
      using AES-GCM algorithm.
      Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
      Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271
      7cda17bb
  15. 05 Mar, 2020 1 commit
    • Manish Pandey's avatar
      driver/arm/css: minor bug fix · cc7f89de
      Manish Pandey authored
      
      
      The cpu index was wrongly checked causing it to assert always.
      Since this code path is exercised only during TF test "NODE_HW_STAT",
      which queries Power state from SCP, this bug was not detected earlier.
      
      Change-Id: Ia25cef4c0aa23ed08092df39134937a2601c21ac
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      cc7f89de
  16. 25 Feb, 2020 10 commits
  17. 24 Feb, 2020 1 commit
    • Sandrine Bailleux's avatar
      Introduce a new "dualroot" chain of trust · 5ab8b717
      Sandrine Bailleux authored
      
      
      This new chain of trust defines 2 independent signing domains:
      
      1) One for the silicon firmware (BL1, BL2, BL31) and optionally the
         Trusted OS. It is rooted in the Silicon ROTPK, just as in the TBBR
         CoT.
      
      2) One for the Normal World Bootloader (BL33). It is rooted in a new key
         called Platform ROTPK, or PROTPK for short.
      
      In terms of certificates chain,
      
      - Signing domain 1) is similar to what TBBR advocates (see page 21 of
        the TBBR specification), except that the Non-Trusted World Public Key
        has been removed from the Trusted Key Certificate.
      
      - Signing domain 2) only contains the Non-Trusted World Content
        certificate, which provides the hash of the Non-Trusted World
        Bootloader. Compared to the TBBR CoT, there's no Non-Trusted World
        Key certificate for simplicity.
      
      Change-Id: I62f1e952522d84470acc360cf5ee63e4c4b0b4d9
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      5ab8b717
  18. 20 Feb, 2020 1 commit
  19. 18 Feb, 2020 3 commits
    • Zelalem's avatar
      coverity: fix MISRA violations · 2fe75a2d
      Zelalem authored
      
      
      Fixes for the following MISRA violations:
      - Missing explicit parentheses on sub-expression
      - An identifier or macro name beginning with an
        underscore, shall not be declared
      - Type mismatch in BL1 SMC handlers and tspd_main.c
      
      Change-Id: I7a92abf260da95acb0846b27c2997b59b059efc4
      Signed-off-by: default avatarZelalem <zelalem.aweke@arm.com>
      2fe75a2d
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of hash buffers when possible · 0b4e5921
      Sandrine Bailleux authored
      The TBBR implementation extracts hashes from certificates and stores
      them in static buffers. TF-A supports 3 variants of SHA right now:
      SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
      commit 9a3088a5
      
       ("tbbr: Add build flag
      HASH_ALG to let the user to select the SHA"), the hash buffers got
      unconditionally increased from 51 to 83 bytes each. We can reduce that
      space if we're using SHA-256 or SHA-384.
      
      This saves some BSS space in both BL1 and BL2:
      - BL1 with SHA-256: saving 168 bytes.
      - BL1 with SHA-384: saving 80 bytes.
      - BL2 with SHA-256: saving 384 bytes.
      - BL2 with SHA-384: saving 192 bytes.
      
      Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      0b4e5921
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of ECDSA key buffers · 495599cd
      Sandrine Bailleux authored
      
      
      The TBBR implementation extracts public keys from certificates and
      stores them in static buffers. DER-encoded ECDSA keys are only 91 bytes
      each but were each allocated 294 bytes instead. Reducing the size of
      these buffers saves 609 bytes of BSS in BL2 (294 - 91 = 203 bytes for
      each of the 3 key buffers in use).
      
      Also add a comment claryfing that key buffers are tailored on RSA key
      sizes when both ECDSA and RSA keys are used.
      
      Change-Id: Iad332856e7af1f9814418d012fba3e1e9399f72a
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      495599cd