diff --git a/.gitignore b/.gitignore index b005fab..1f4efb6 100644 --- a/.gitignore +++ b/.gitignore
@@ -43,3 +43,9 @@ # Node.js node_modules/ + +# common python virtual environment directories +.env/ +env/ +.venv/ +venv/
diff --git a/.nvmrc b/.nvmrc new file mode 100644 index 0000000..e0325e5 --- /dev/null +++ b/.nvmrc
@@ -0,0 +1 @@ +v16.17.1
diff --git a/Makefile b/Makefile index 3941f86..1ddb7b8 100644 --- a/Makefile +++ b/Makefile
@@ -8,7 +8,8 @@ # Trusted Firmware Version # VERSION_MAJOR := 2 -VERSION_MINOR := 7 +VERSION_MINOR := 8 +VERSION := ${VERSION_MAJOR}.${VERSION_MINOR} # Default goal is build all images .DEFAULT_GOAL := all @@ -58,6 +59,7 @@ lib/compiler-rt \ lib/libfdt% \ lib/libc, \ + lib/zlib \ $(wildcard lib/*))) ROOT_DIRS_TO_CHECK := $(sort $(filter-out \ lib \ @@ -147,7 +149,10 @@ CTX_INCLUDE_EL2_REGS := 1 CTX_INCLUDE_AARCH32_REGS := 0 ARM_ARCH_MAJOR := 8 -ARM_ARCH_MINOR := 6 +ARM_ARCH_MINOR := 5 +ENABLE_FEAT_ECV = 1 +ENABLE_FEAT_FGT = 1 + endif # USE_SPINLOCK_CAS requires AArch64 build @@ -273,7 +278,7 @@ TF_CFLAGS_aarch64 := -target aarch64-arm-none-eabi $(march64-directive) LD := $(LINKER) else - TF_CFLAGS_aarch32 := $(target32-directive) $(march32-directive) + TF_CFLAGS_aarch32 = $(target32-directive) $(march32-directive) TF_CFLAGS_aarch64 := -target aarch64-elf $(march64-directive) LD := $(shell $(CC) --print-prog-name ld.lld) @@ -322,7 +327,7 @@ ifeq (${BUILD_STRING},) BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null) endif -VERSION_STRING := v${VERSION_MAJOR}.${VERSION_MINOR}(${BUILD_TYPE}):${BUILD_STRING} +VERSION_STRING := v${VERSION}(${BUILD_TYPE}):${BUILD_STRING} ifeq (${AARCH32_INSTRUCTION_SET},A32) TF_CFLAGS_aarch32 += -marm @@ -399,6 +404,8 @@ -ffreestanding -fno-builtin -fno-common \ -Os -std=gnu99 +$(eval $(call add_define,SVE_VECTOR_LEN)) + ifeq (${SANITIZE_UB},on) TF_CFLAGS += -fsanitize=undefined -fno-sanitize-recover endif @@ -598,6 +605,9 @@ PIE_FOUND := $(findstring --enable-default-pie,${GCC_V_OUTPUT}) ifneq ($(PIE_FOUND),) TF_CFLAGS += -fno-PIE +ifneq ($(findstring gcc,$(notdir $(LD))),) + TF_LDFLAGS += -no-pie +endif endif ifneq ($(findstring gcc,$(notdir $(LD))),) @@ -705,8 +715,8 @@ # For RAS_EXTENSION, require that EAs are handled in EL3 first ifeq ($(RAS_EXTENSION),1) - ifneq ($(HANDLE_EA_EL3_FIRST),1) - $(error For RAS_EXTENSION, HANDLE_EA_EL3_FIRST must also be 1) + ifneq ($(HANDLE_EA_EL3_FIRST_NS),1) + $(error For RAS_EXTENSION, HANDLE_EA_EL3_FIRST_NS must also be 1) endif endif @@ -724,7 +734,17 @@ endif endif -ifneq ($(filter 1,${MEASURED_BOOT} ${TRUSTED_BOARD_BOOT}),) +ifeq ($(MEASURED_BOOT)-$(TRUSTED_BOARD_BOOT),1-1) +# Support authentication verification and hash calculation + CRYPTO_SUPPORT := 3 +else ifeq ($(DRTM_SUPPORT)-$(TRUSTED_BOARD_BOOT),1-1) +# Support authentication verification and hash calculation + CRYPTO_SUPPORT := 3 +else ifneq ($(filter 1,${MEASURED_BOOT} ${DRTM_SUPPORT}),) +# Support hash calculation only + CRYPTO_SUPPORT := 2 +else ifeq (${TRUSTED_BOARD_BOOT},1) +# Support authentication verification only CRYPTO_SUPPORT := 1 else CRYPTO_SUPPORT := 0 @@ -788,11 +808,15 @@ $(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32") endif - # BRBE is not supported in Aarch32 + # BRBE is not supported in AArch32 ifeq (${ENABLE_BRBE_FOR_NS},1) $(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32") endif + # FEAT_RNG_TRAP is not supported in AArch32 + ifeq (${ENABLE_FEAT_RNG_TRAP},1) + $(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32") + endif endif # Ensure ENABLE_RME is not used with SME @@ -832,6 +856,12 @@ $(info DRTM_SUPPORT is an experimental feature) endif +ifeq (${ENABLE_RME},1) + ifneq (${SEPARATE_CODE_AND_RODATA},1) + $(error `ENABLE_RME=1` requires `SEPARATE_CODE_AND_RODATA=1`) + endif +endif + ################################################################################ # Process platform overrideable behaviour ################################################################################ @@ -1003,7 +1033,7 @@ FAULT_INJECTION_SUPPORT \ GENERATE_COT \ GICV2_G0_FOR_EL3 \ - HANDLE_EA_EL3_FIRST \ + HANDLE_EA_EL3_FIRST_NS \ HW_ASSISTED_COHERENCY \ INVERTED_MEMMAP \ MEASURED_BOOT \ @@ -1025,7 +1055,6 @@ SPMC_AT_EL3 \ SPMD_SPM_AT_SEL2 \ TRUSTED_BOARD_BOOT \ - CRYPTO_SUPPORT \ USE_COHERENT_MEM \ USE_DEBUGFS \ ARM_IO_IN_DTB \ @@ -1041,17 +1070,17 @@ ENCRYPT_BL31 \ ENCRYPT_BL32 \ ERRATA_SPECULATIVE_AT \ - RAS_TRAP_LOWER_EL_ERR_ACCESS \ + RAS_TRAP_NS_ERR_REC_ACCESS \ COT_DESC_IN_DTB \ USE_SP804_TIMER \ PSA_FWU_SUPPORT \ - ENABLE_BRBE_FOR_NS \ - ENABLE_TRBE_FOR_NS \ ENABLE_SYS_REG_TRACE_FOR_NS \ ENABLE_MPMM \ ENABLE_MPMM_FCONF \ SIMICS_BUILD \ FEATURE_DETECTION \ + TRNG_SUPPORT \ + CONDITIONAL_CMO \ ))) $(eval $(call assert_numerics,\ @@ -1062,6 +1091,9 @@ CTX_INCLUDE_PAUTH_REGS \ CTX_INCLUDE_MTE_REGS \ CTX_INCLUDE_NEVE_REGS \ + CRYPTO_SUPPORT \ + ENABLE_BRBE_FOR_NS \ + ENABLE_TRBE_FOR_NS \ ENABLE_BTI \ ENABLE_PAUTH \ ENABLE_FEAT_AMUv1 \ @@ -1073,6 +1105,7 @@ ENABLE_FEAT_HCX \ ENABLE_FEAT_PAN \ ENABLE_FEAT_RNG \ + ENABLE_FEAT_RNG_TRAP \ ENABLE_FEAT_SB \ ENABLE_FEAT_SEL2 \ ENABLE_FEAT_VHE \ @@ -1085,6 +1118,7 @@ RAS_EXTENSION \ TWED_DELAY \ ENABLE_FEAT_TWED \ + SVE_VECTOR_LEN \ ))) ifdef KEY_SIZE @@ -1140,7 +1174,7 @@ ERROR_DEPRECATED \ FAULT_INJECTION_SUPPORT \ GICV2_G0_FOR_EL3 \ - HANDLE_EA_EL3_FIRST \ + HANDLE_EA_EL3_FIRST_NS \ HW_ASSISTED_COHERENCY \ LOG_LEVEL \ MEASURED_BOOT \ @@ -1179,10 +1213,11 @@ BL2_INV_DCACHE \ USE_SPINLOCK_CAS \ ERRATA_SPECULATIVE_AT \ - RAS_TRAP_LOWER_EL_ERR_ACCESS \ + RAS_TRAP_NS_ERR_REC_ACCESS \ COT_DESC_IN_DTB \ USE_SP804_TIMER \ ENABLE_FEAT_RNG \ + ENABLE_FEAT_RNG_TRAP \ ENABLE_FEAT_SB \ ENABLE_FEAT_DIT \ NR_OF_FW_BANKS \ @@ -1207,6 +1242,7 @@ FEATURE_DETECTION \ TWED_DELAY \ ENABLE_FEAT_TWED \ + CONDITIONAL_CMO \ ))) ifeq (${SANITIZE_UB},trap) @@ -1434,7 +1470,7 @@ certtool: ${CRTTOOL} ${CRTTOOL}: FORCE - ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} OPENSSL_DIR=${OPENSSL_DIR} CRTTOOL=${CRTTOOL} --no-print-directory -C ${CRTTOOLPATH} + ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} OPENSSL_DIR=${OPENSSL_DIR} CRTTOOL=${CRTTOOL} DEBUG=${DEBUG} V=${V} --no-print-directory -C ${CRTTOOLPATH} all @${ECHO_BLANK_LINE} @echo "Built $@ successfully" @${ECHO_BLANK_LINE} @@ -1479,7 +1515,7 @@ ${FIPTOOL}: FORCE ifdef UNIX_MK - ${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" FIPTOOL=${FIPTOOL} OPENSSL_DIR=${OPENSSL_DIR} --no-print-directory -C ${FIPTOOLPATH} + ${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" FIPTOOL=${FIPTOOL} OPENSSL_DIR=${OPENSSL_DIR} DEBUG=${DEBUG} V=${V} --no-print-directory -C ${FIPTOOLPATH} all else # Clear the MAKEFLAGS as we do not want # to pass the gnumake flags to nmake. @@ -1500,7 +1536,7 @@ enctool: ${ENCTOOL} ${ENCTOOL}: FORCE - ${Q}${MAKE} PLAT=${PLAT} BUILD_INFO=0 OPENSSL_DIR=${OPENSSL_DIR} ENCTOOL=${ENCTOOL} --no-print-directory -C ${ENCTOOLPATH} + ${Q}${MAKE} PLAT=${PLAT} BUILD_INFO=0 OPENSSL_DIR=${OPENSSL_DIR} ENCTOOL=${ENCTOOL} DEBUG=${DEBUG} V=${V} --no-print-directory -C ${ENCTOOLPATH} all @${ECHO_BLANK_LINE} @echo "Built $@ successfully" @${ECHO_BLANK_LINE}
diff --git a/bl1/aarch32/bl1_entrypoint.S b/bl1/aarch32/bl1_entrypoint.S index 94dfd37..b22015e 100644 --- a/bl1/aarch32/bl1_entrypoint.S +++ b/bl1/aarch32/bl1_entrypoint.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -23,8 +23,8 @@ b bl1_entrypoint b report_exception /* Undef */ b bl1_aarch32_smc_handler /* SMC call */ - b report_exception /* Prefetch abort */ - b report_exception /* Data abort */ + b report_prefetch_abort /* Prefetch abort */ + b report_data_abort /* Data abort */ b report_exception /* Reserved */ b report_exception /* IRQ */ b report_exception /* FIQ */
diff --git a/bl1/bl1.ld.S b/bl1/bl1.ld.S index bc23828..c4ec5fe 100644 --- a/bl1/bl1.ld.S +++ b/bl1/bl1.ld.S
@@ -38,16 +38,16 @@ *(.vectors) . = ALIGN(PAGE_SIZE); __TEXT_END__ = .; - } >ROM + } >ROM - /* .ARM.extab and .ARM.exidx are only added because Clang need them */ - .ARM.extab . : { + /* .ARM.extab and .ARM.exidx are only added because Clang need them */ + .ARM.extab . : { *(.ARM.extab* .gnu.linkonce.armextab.*) - } >ROM + } >ROM - .ARM.exidx . : { + .ARM.exidx . : { *(.ARM.exidx* .gnu.linkonce.armexidx.*) - } >ROM + } >ROM .rodata . : { __RODATA_START__ = .;
diff --git a/bl2/aarch32/bl2_el3_exceptions.S b/bl2/aarch32/bl2_el3_exceptions.S index 087b665..eaa2582 100644 --- a/bl2/aarch32/bl2_el3_exceptions.S +++ b/bl2/aarch32/bl2_el3_exceptions.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,8 +14,8 @@ b bl2_entrypoint b report_exception /* Undef */ b report_exception /* SVC call */ - b report_exception /* Prefetch abort */ - b report_exception /* Data abort */ + b report_prefetch_abort /* Prefetch abort */ + b report_data_abort /* Data abort */ b report_exception /* Reserved */ b report_exception /* IRQ */ b report_exception /* FIQ */
diff --git a/bl2/aarch32/bl2_entrypoint.S b/bl2/aarch32/bl2_entrypoint.S index 6e8e2c1..678d9c2 100644 --- a/bl2/aarch32/bl2_entrypoint.S +++ b/bl2/aarch32/bl2_entrypoint.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -16,8 +16,8 @@ b bl2_entrypoint b report_exception /* Undef */ b report_exception /* SVC call */ - b report_exception /* Prefetch abort */ - b report_exception /* Data abort */ + b report_prefetch_abort /* Prefetch abort */ + b report_data_abort /* Data abort */ b report_exception /* Reserved */ b report_exception /* IRQ */ b report_exception /* FIQ */
diff --git a/bl2/bl2.ld.S b/bl2/bl2.ld.S index d332ec0..80cf7db 100644 --- a/bl2/bl2.ld.S +++ b/bl2/bl2.ld.S
@@ -34,16 +34,16 @@ *(.vectors) . = ALIGN(PAGE_SIZE); __TEXT_END__ = .; - } >RAM + } >RAM - /* .ARM.extab and .ARM.exidx are only added because Clang need them */ - .ARM.extab . : { + /* .ARM.extab and .ARM.exidx are only added because Clang need them */ + .ARM.extab . : { *(.ARM.extab* .gnu.linkonce.armextab.*) - } >RAM + } >RAM - .ARM.exidx . : { + .ARM.exidx . : { *(.ARM.exidx* .gnu.linkonce.armexidx.*) - } >RAM + } >RAM .rodata . : { __RODATA_START__ = .;
diff --git a/bl2u/aarch32/bl2u_entrypoint.S b/bl2u/aarch32/bl2u_entrypoint.S index e4dd03d..1063789 100644 --- a/bl2u/aarch32/bl2u_entrypoint.S +++ b/bl2u/aarch32/bl2u_entrypoint.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -16,8 +16,8 @@ b bl2u_entrypoint b report_exception /* Undef */ b report_exception /* SVC call */ - b report_exception /* Prefetch abort */ - b report_exception /* Data abort */ + b report_prefetch_abort /* Prefetch abort */ + b report_data_abort /* Data abort */ b report_exception /* Reserved */ b report_exception /* IRQ */ b report_exception /* FIQ */
diff --git a/bl31/aarch64/ea_delegate.S b/bl31/aarch64/ea_delegate.S index fa6ede82..dbb3234 100644 --- a/bl31/aarch64/ea_delegate.S +++ b/bl31/aarch64/ea_delegate.S
@@ -1,5 +1,6 @@ /* * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2022, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -84,10 +85,6 @@ b 2f 1: - /* Test for EA bit in the instruction syndrome */ - mrs x30, esr_el3 - tbz x30, #ESR_ISS_EABORT_EA_BIT, 3f - /* * Save general purpose and ARMv8.3-PAuth registers (if enabled). * If Secure Cycle Counter is not disabled in MDCR_EL3 when @@ -114,7 +111,6 @@ ldp x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2] ldp x4, x5, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X4] -3: /* Synchronous exceptions other than the above are assumed to be EA */ ldr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR] no_ret report_unhandled_exception @@ -199,23 +195,30 @@ */ func delegate_async_ea #if RAS_EXTENSION + /* Check Exception Class to ensure SError, as this function should + * only be invoked for SError. If that is not the case, which implies + * either an HW error or programming error, panic. + */ + ubfx x2, x1, #ESR_EC_SHIFT, #ESR_EC_LENGTH + cmp x2, EC_SERROR + b.ne do_panic /* * Check for Implementation Defined Syndrome. If so, skip checking * Uncontainable error type from the syndrome as the format is unknown. */ tbnz x1, #SERROR_IDS_BIT, 1f + /* AET only valid when DFSC is 0x11 */ + ubfx x2, x1, #EABORT_DFSC_SHIFT, #EABORT_DFSC_WIDTH + cmp x2, #DFSC_SERROR + b.ne 1f + /* * Check for Uncontainable error type. If so, route to the platform * fatal error handler rather than the generic EA one. */ - ubfx x2, x1, #EABORT_AET_SHIFT, #EABORT_AET_WIDTH - cmp x2, #ERROR_STATUS_UET_UC - b.ne 1f - - /* Check DFSC for SError type */ - ubfx x3, x1, #EABORT_DFSC_SHIFT, #EABORT_DFSC_WIDTH - cmp x3, #DFSC_SERROR + ubfx x3, x1, #EABORT_AET_SHIFT, #EABORT_AET_WIDTH + cmp x3, #ERROR_STATUS_UET_UC b.ne 1f no_ret plat_handle_uncontainable_ea
diff --git a/bl31/aarch64/runtime_exceptions.S b/bl31/aarch64/runtime_exceptions.S index bf5bd8d..0283553 100644 --- a/bl31/aarch64/runtime_exceptions.S +++ b/bl31/aarch64/runtime_exceptions.S
@@ -512,7 +512,7 @@ /* * Shift copied SCR_EL3.NSE bit by 5 to create space for - * SCR_EL3.NS bit. Bit 5 of the flag correspondes to + * SCR_EL3.NS bit. Bit 5 of the flag corresponds to * the SCR_EL3.NSE bit. */ lsl x7, x7, #5 @@ -521,6 +521,16 @@ /* Copy SCR_EL3.NS bit to the flag to indicate caller's security */ bfi x7, x18, #0, #1 + /* + * Per SMCCCv1.3 a caller can set the SVE hint bit in the SMC FID + * passed through x0. Copy the SVE hint bit to flags and mask the + * bit in smc_fid passed to the standard service dispatcher. + * A service/dispatcher can retrieve the SVE hint bit state from + * flags using the appropriate helper. + */ + bfi x7, x0, #FUNCID_SVE_HINT_SHIFT, #FUNCID_SVE_HINT_MASK + bic x0, x0, #(FUNCID_SVE_HINT_MASK << FUNCID_SVE_HINT_SHIFT) + mov sp, x12 /* Get the unique owning entity number */
diff --git a/bl31/bl31.ld.S b/bl31/bl31.ld.S index 8a1573a..309e752 100644 --- a/bl31/bl31.ld.S +++ b/bl31/bl31.ld.S
@@ -47,6 +47,10 @@ __RODATA_START__ = .; *(SORT_BY_ALIGNMENT(.rodata*)) +#if PLAT_EXTRA_RODATA_INCLUDES +#include <plat.ld.rodata.inc> +#endif + RODATA_COMMON /* Place pubsub sections for events */ @@ -186,10 +190,10 @@ __RW_END__ = .; __BL31_END__ = .; + ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.") +#endif + /DISCARD/ : { *(.dynsym .dynstr .hash .gnu.hash) } - - ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.") -#endif }
diff --git a/bl31/bl31.mk b/bl31/bl31.mk index 3964469..4c93a55 100644 --- a/bl31/bl31.mk +++ b/bl31/bl31.mk
@@ -147,6 +147,15 @@ BL31_SOURCES += common/feat_detect.c endif +ifeq (${DRTM_SUPPORT},1) +BL31_SOURCES += services/std_svc/drtm/drtm_main.c \ + services/std_svc/drtm/drtm_dma_prot.c \ + services/std_svc/drtm/drtm_res_address_map.c \ + services/std_svc/drtm/drtm_measurements.c \ + services/std_svc/drtm/drtm_remediation.c \ + ${MBEDTLS_SOURCES} +endif + BL31_LINKERFILE := bl31/bl31.ld.S # Flag used to indicate if Crash reporting via console should be included
diff --git a/bl31/ehf.c b/bl31/ehf.c index 745f165..b328380 100644 --- a/bl31/ehf.c +++ b/bl31/ehf.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -475,9 +475,16 @@ assert((exception_data.pri_bits >= 1U) || (exception_data.pri_bits < 8U)); - /* Route EL3 interrupts when in Secure and Non-secure. */ + /* Route EL3 interrupts when in Non-secure. */ set_interrupt_rm_flag(flags, NON_SECURE); + + /* + * Route EL3 interrupts when in secure, only when SPMC is not present + * in S-EL2. + */ +#if !(defined(SPD_spmd) && (SPMD_SPM_AT_SEL2 == 1)) set_interrupt_rm_flag(flags, SECURE); +#endif /* !(defined(SPD_spmd) && (SPMD_SPM_AT_SEL2 == 1)) */ /* Register handler for EL3 interrupts */ ret = register_interrupt_type_handler(INTR_TYPE_EL3,
diff --git a/bl32/sp_min/aarch32/entrypoint.S b/bl32/sp_min/aarch32/entrypoint.S index 39f1065..f102967 100644 --- a/bl32/sp_min/aarch32/entrypoint.S +++ b/bl32/sp_min/aarch32/entrypoint.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -51,8 +51,8 @@ b sp_min_entrypoint b plat_panic_handler /* Undef */ b sp_min_handle_smc /* Syscall */ - b plat_panic_handler /* Prefetch abort */ - b plat_panic_handler /* Data abort */ + b report_prefetch_abort /* Prefetch abort */ + b report_data_abort /* Data abort */ b plat_panic_handler /* Reserved */ b plat_panic_handler /* IRQ */ b sp_min_handle_fiq /* FIQ */
diff --git a/bl32/tsp/aarch64/tsp_entrypoint.S b/bl32/tsp/aarch64/tsp_entrypoint.S index 7d77f47..e5ea88c 100644 --- a/bl32/tsp/aarch64/tsp_entrypoint.S +++ b/bl32/tsp/aarch64/tsp_entrypoint.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -10,12 +10,16 @@ #include <asm_macros.S> #include <bl32/tsp/tsp.h> #include <lib/xlat_tables/xlat_tables_defs.h> +#include <smccc_helpers.h> #include "../tsp_private.h" .globl tsp_entrypoint .globl tsp_vector_table +#if SPMC_AT_EL3 + .globl tsp_cpu_on_entry +#endif @@ -25,10 +29,10 @@ * --------------------------------------------- */ .macro restore_args_call_smc - ldp x6, x7, [x0, #TSP_ARG6] - ldp x4, x5, [x0, #TSP_ARG4] - ldp x2, x3, [x0, #TSP_ARG2] - ldp x0, x1, [x0, #TSP_ARG0] + ldp x6, x7, [x0, #SMC_ARG6] + ldp x4, x5, [x0, #SMC_ARG4] + ldp x2, x3, [x0, #SMC_ARG2] + ldp x0, x1, [x0, #SMC_ARG0] smc #0 .endm
diff --git a/bl32/tsp/ffa_helpers.c b/bl32/tsp/ffa_helpers.c new file mode 100644 index 0000000..3639c22 --- /dev/null +++ b/bl32/tsp/ffa_helpers.c
@@ -0,0 +1,250 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <common/debug.h> +#include "ffa_helpers.h" +#include <services/ffa_svc.h> +#include "tsp_private.h" + +/******************************************************************************* + * Wrapper function to send a direct request. + ******************************************************************************/ +smc_args_t ffa_msg_send_direct_req(ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t receiver, + uint32_t arg3, + uint32_t arg4, + uint32_t arg5, + uint32_t arg6, + uint32_t arg7) +{ + uint32_t src_dst_ids = (sender << FFA_DIRECT_MSG_SOURCE_SHIFT) | + (receiver << FFA_DIRECT_MSG_DESTINATION_SHIFT); + + + /* Send Direct Request. */ + return smc_helper(FFA_MSG_SEND_DIRECT_REQ_SMC64, src_dst_ids, + 0, arg3, arg4, arg5, arg6, arg7); +} + +/******************************************************************************* + * Wrapper function to send a direct response. + ******************************************************************************/ +smc_args_t *ffa_msg_send_direct_resp(ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t receiver, + uint32_t arg3, + uint32_t arg4, + uint32_t arg5, + uint32_t arg6, + uint32_t arg7) +{ + uint32_t src_dst_ids = (sender << FFA_DIRECT_MSG_SOURCE_SHIFT) | + (receiver << FFA_DIRECT_MSG_DESTINATION_SHIFT); + + return set_smc_args(FFA_MSG_SEND_DIRECT_RESP_SMC64, src_dst_ids, + 0, arg3, arg4, arg5, arg6, arg7); +} + +/******************************************************************************* + * Memory Management Helpers. + ******************************************************************************/ + +/** + * Initialises the header of the given `ffa_mtd`, not including the + * composite memory region offset. + */ +static void ffa_memory_region_init_header( + struct ffa_mtd *memory_region, ffa_endpoint_id16_t sender, + ffa_mem_attr16_t attributes, ffa_mtd_flag32_t flags, + uint64_t handle, uint64_t tag, ffa_endpoint_id16_t *receivers, + uint32_t receiver_count, ffa_mem_perm8_t permissions) +{ + struct ffa_emad_v1_0 *emad; + + memory_region->emad_offset = sizeof(struct ffa_mtd); + memory_region->emad_size = sizeof(struct ffa_emad_v1_0); + emad = (struct ffa_emad_v1_0 *) + ((uint8_t *) memory_region + + memory_region->emad_offset); + memory_region->sender_id = sender; + memory_region->memory_region_attributes = attributes; + memory_region->reserved_36_39 = 0; + memory_region->flags = flags; + memory_region->handle = handle; + memory_region->tag = tag; + memory_region->reserved_40_47 = 0; + memory_region->emad_count = receiver_count; + for (uint32_t i = 0U; i < receiver_count; i++) { + emad[i].mapd.endpoint_id = receivers[i]; + emad[i].mapd.memory_access_permissions = permissions; + emad[i].mapd.flags = 0; + emad[i].comp_mrd_offset = 0; + emad[i].reserved_8_15 = 0; + } +} +/** + * Initialises the given `ffa_mtd` to be used for an + * `FFA_MEM_RETRIEVE_REQ` by the receiver of a memory transaction. + * TODO: Support differing attributes per receiver. + * + * Returns the size of the descriptor written. + */ +static uint32_t ffa_memory_retrieve_request_init( + struct ffa_mtd *memory_region, uint64_t handle, + ffa_endpoint_id16_t sender, ffa_endpoint_id16_t *receivers, uint32_t receiver_count, + uint64_t tag, ffa_mtd_flag32_t flags, + ffa_mem_perm8_t permissions, + ffa_mem_attr16_t attributes) +{ + ffa_memory_region_init_header(memory_region, sender, attributes, flags, + handle, tag, receivers, + receiver_count, permissions); + + return sizeof(struct ffa_mtd) + + memory_region->emad_count * sizeof(struct ffa_emad_v1_0); +} + +/* Relinquish access to memory region. */ +bool ffa_mem_relinquish(void) +{ + smc_args_t ret; + + ret = smc_helper(FFA_MEM_RELINQUISH, 0, 0, 0, 0, 0, 0, 0); + if (ffa_func_id(ret) != FFA_SUCCESS_SMC32) { + ERROR("%s failed to relinquish memory! error: (%x) %x\n", + __func__, ffa_func_id(ret), ffa_error_code(ret)); + return false; + } + return true; +} + +/* Retrieve memory shared by another partition. */ +smc_args_t ffa_mem_retrieve_req(uint32_t descriptor_length, + uint32_t fragment_length) +{ + return smc_helper(FFA_MEM_RETRIEVE_REQ_SMC32, + descriptor_length, + fragment_length, + 0, 0, 0, 0, 0); +} + +/* Retrieve the next memory descriptor fragment. */ +smc_args_t ffa_mem_frag_rx(uint64_t handle, uint32_t recv_length) +{ + return smc_helper(FFA_MEM_FRAG_RX, + FFA_MEM_HANDLE_LOW(handle), + FFA_MEM_HANDLE_HIGH(handle), + recv_length, + 0, 0, 0, 0); +} + +bool memory_retrieve(struct mailbox *mb, + struct ffa_mtd **retrieved, + uint64_t handle, ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t *receivers, uint32_t receiver_count, + ffa_mtd_flag32_t flags, uint32_t *frag_length, + uint32_t *total_length) +{ + smc_args_t ret; + uint32_t descriptor_size; + struct ffa_mtd *memory_region = (struct ffa_mtd *)mb->tx_buffer; + + if (retrieved == NULL || mb == NULL) { + ERROR("Invalid parameters!\n"); + return false; + } + + /* Clear TX buffer. */ + memset(memory_region, 0, PAGE_SIZE); + + /* Clear local buffer. */ + memset(mem_region_buffer, 0, REGION_BUF_SIZE); + + descriptor_size = ffa_memory_retrieve_request_init( + memory_region, handle, sender, receivers, receiver_count, 0, flags, + FFA_MEM_PERM_RW | FFA_MEM_PERM_NX, + FFA_MEM_ATTR_NORMAL_MEMORY_CACHED_WB | + FFA_MEM_ATTR_INNER_SHAREABLE); + + ret = ffa_mem_retrieve_req(descriptor_size, descriptor_size); + + if (ffa_func_id(ret) == FFA_ERROR) { + ERROR("Couldn't retrieve the memory page. Error: %x\n", + ffa_error_code(ret)); + return false; + } + + /* + * Following total_size and fragment_size are useful to keep track + * of the state of transaction. When the sum of all fragment_size of all + * fragments is equal to total_size, the memory transaction has been + * completed. + */ + *total_length = ret._regs[1]; + *frag_length = ret._regs[2]; + + /* Validate frag_length is less than total_length and mailbox size. */ + if (*frag_length == 0U || *total_length == 0U || + *frag_length > *total_length || *frag_length > (mb->rxtx_page_count * PAGE_SIZE)) { + ERROR("Invalid parameters!\n"); + return false; + } + + /* Copy response to local buffer. */ + memcpy(mem_region_buffer, mb->rx_buffer, *frag_length); + + if (ffa_rx_release()) { + ERROR("Failed to release buffer!\n"); + return false; + } + + *retrieved = (struct ffa_mtd *) mem_region_buffer; + + if ((*retrieved)->emad_count > MAX_MEM_SHARE_RECIPIENTS) { + VERBOSE("SPMC memory sharing supports max of %u receivers!\n", + MAX_MEM_SHARE_RECIPIENTS); + return false; + } + + /* + * We are sharing memory from the normal world therefore validate the NS + * bit was set by the SPMC. + */ + if (((*retrieved)->memory_region_attributes & FFA_MEM_ATTR_NS_BIT) == 0U) { + ERROR("SPMC has not set the NS bit! 0x%x\n", + (*retrieved)->memory_region_attributes); + return false; + } + + VERBOSE("Memory Descriptor Retrieved!\n"); + + return true; +} + +/* Relinquish the memory region. */ +bool memory_relinquish(struct ffa_mem_relinquish_descriptor *m, uint64_t handle, + ffa_endpoint_id16_t id) +{ + ffa_mem_relinquish_init(m, handle, 0, id); + return ffa_mem_relinquish(); +} + +/* Query SPMC that the rx buffer of the partition can be released. */ +bool ffa_rx_release(void) +{ + smc_args_t ret; + + ret = smc_helper(FFA_RX_RELEASE, 0, 0, 0, 0, 0, 0, 0); + return ret._regs[SMC_ARG0] != FFA_SUCCESS_SMC32; +} + +/* Map the provided buffers with the SPMC. */ +bool ffa_rxtx_map(uintptr_t send, uintptr_t recv, uint32_t pages) +{ + smc_args_t ret; + + ret = smc_helper(FFA_RXTX_MAP_SMC64, send, recv, pages, 0, 0, 0, 0); + return ret._regs[0] != FFA_SUCCESS_SMC32; +}
diff --git a/bl32/tsp/ffa_helpers.h b/bl32/tsp/ffa_helpers.h new file mode 100644 index 0000000..e650a07 --- /dev/null +++ b/bl32/tsp/ffa_helpers.h
@@ -0,0 +1,116 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef FFA_HELPERS_H +#define FFA_HELPERS_H + +#include <stdint.h> + +#include "../../services/std_svc/spm/el3_spmc/spmc.h" +#include "../../services/std_svc/spm/el3_spmc/spmc_shared_mem.h" +#include <services/el3_spmc_ffa_memory.h> +#include <services/ffa_svc.h> +#include "tsp_private.h" + +static inline uint32_t ffa_func_id(smc_args_t val) +{ + return (uint32_t) val._regs[0]; +} + +static inline int32_t ffa_error_code(smc_args_t val) +{ + return (uint32_t) val._regs[2]; +} + +extern uint8_t mem_region_buffer[4096 * 2] __aligned(PAGE_SIZE); +#define REGION_BUF_SIZE sizeof(mem_region_buffer) + +/** The maximum number of recipients a memory region may be sent to. */ +#define MAX_MEM_SHARE_RECIPIENTS 2U + +/* FFA Memory Management mode flags. */ +#define FFA_FLAG_SHARE_MEMORY (1U << 3) +#define FFA_FLAG_LEND_MEMORY (1U << 4) + +#define FFA_FLAG_MEMORY_MASK (3U << 3) + +#define FFA_MEM_HANDLE_LOW(x) (x & 0xFFFFFFFF) +#define FFA_MEM_HANDLE_HIGH(x) (x >> 32) + +#define FFA_MEM_PERM_DATA_OFFSET 0 +#define FFA_MEM_PERM_DATA_MASK 0x3 + +static inline uint32_t ffa_mem_relinquish_init( + struct ffa_mem_relinquish_descriptor *relinquish_request, + uint64_t handle, ffa_mtd_flag32_t flags, + ffa_endpoint_id16_t sender) +{ + relinquish_request->handle = handle; + relinquish_request->flags = flags; + relinquish_request->endpoint_count = 1; + relinquish_request->endpoint_array[0] = sender; + + return sizeof(struct ffa_mem_relinquish_descriptor) + sizeof(ffa_endpoint_id16_t); +} + +/** + * Gets the `ffa_comp_mrd` for the given receiver from an + * `ffa_mtd`, or NULL if it is not valid. + */ +static inline struct ffa_comp_mrd * +ffa_memory_region_get_composite(struct ffa_mtd *memory_region, + uint32_t receiver_index) +{ + struct ffa_emad_v1_0 *receivers; + uint32_t offset; + + receivers = (struct ffa_emad_v1_0 *) + ((uint8_t *) memory_region + + memory_region->emad_offset + + (memory_region->emad_size * receiver_index)); + offset = receivers->comp_mrd_offset; + + if (offset == 0U) { + return NULL; + } + + return (struct ffa_comp_mrd *) + ((uint8_t *) memory_region + offset); +} + +static inline uint32_t ffa_get_data_access_attr(ffa_mem_perm8_t perm) +{ + return ((perm >> FFA_MEM_PERM_DATA_OFFSET) & FFA_MEM_PERM_DATA_MASK); +} + +smc_args_t ffa_mem_frag_rx(uint64_t handle, uint32_t recv_length); +bool ffa_mem_relinquish(void); +bool ffa_rx_release(void); +bool memory_relinquish(struct ffa_mem_relinquish_descriptor *m, uint64_t handle, + ffa_endpoint_id16_t id); +bool ffa_rxtx_map(uintptr_t send, uintptr_t recv, uint32_t pages); +bool memory_retrieve(struct mailbox *mb, + struct ffa_mtd **retrieved, + uint64_t handle, ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t *receivers, uint32_t receiver_count, + ffa_mtd_flag32_t flags, uint32_t *frag_length, + uint32_t *total_length); + +smc_args_t ffa_msg_send_direct_req(ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t receiver, + uint32_t arg3, + uint32_t arg4, + uint32_t arg5, + uint32_t arg6, + uint32_t arg7); +smc_args_t *ffa_msg_send_direct_resp(ffa_endpoint_id16_t sender, + ffa_endpoint_id16_t receiver, + uint32_t arg3, + uint32_t arg4, + uint32_t arg5, + uint32_t arg6, + uint32_t arg7); +#endif /* FFA_HELPERS_H */
diff --git a/bl32/tsp/tsp.mk b/bl32/tsp/tsp.mk index 3fd6d99..c31b9b5 100644 --- a/bl32/tsp/tsp.mk +++ b/bl32/tsp/tsp.mk
@@ -1,17 +1,24 @@ # -# Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # INCLUDES += -Iinclude/bl32/tsp -BL32_SOURCES += bl32/tsp/tsp_main.c \ - bl32/tsp/aarch64/tsp_entrypoint.S \ +ifeq (${SPMC_AT_EL3},1) + BL32_SOURCES += bl32/tsp/tsp_ffa_main.c \ + bl32/tsp/ffa_helpers.c +else + BL32_SOURCES += bl32/tsp/tsp_main.c +endif + +BL32_SOURCES += bl32/tsp/aarch64/tsp_entrypoint.S \ bl32/tsp/aarch64/tsp_exceptions.S \ bl32/tsp/aarch64/tsp_request.S \ bl32/tsp/tsp_interrupt.c \ bl32/tsp/tsp_timer.c \ + bl32/tsp/tsp_common.c \ common/aarch64/early_exceptions.S \ lib/locks/exclusive/aarch64/spinlock.S
diff --git a/bl32/tsp/tsp_common.c b/bl32/tsp/tsp_common.c new file mode 100644 index 0000000..908b4ff --- /dev/null +++ b/bl32/tsp/tsp_common.c
@@ -0,0 +1,156 @@ +/* + * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <assert.h> +#include <inttypes.h> +#include <stdint.h> + +#include <arch_features.h> +#include <arch_helpers.h> +#include <bl32/tsp/tsp.h> +#include <common/bl_common.h> +#include <common/debug.h> +#include <lib/spinlock.h> +#include <plat/common/platform.h> +#include <platform_tsp.h> +#include "tsp_private.h" + +#include <platform_def.h> + +/******************************************************************************* + * Per cpu data structure to populate parameters for an SMC in C code and use + * a pointer to this structure in assembler code to populate x0-x7. + ******************************************************************************/ +static smc_args_t tsp_smc_args[PLATFORM_CORE_COUNT]; + +/******************************************************************************* + * Per cpu data structure to keep track of TSP activity + ******************************************************************************/ +work_statistics_t tsp_stats[PLATFORM_CORE_COUNT]; + +smc_args_t *set_smc_args(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id; + smc_args_t *pcpu_smc_args; + + /* + * Return to Secure Monitor by raising an SMC. The results of the + * service are passed as an arguments to the SMC. + */ + linear_id = plat_my_core_pos(); + pcpu_smc_args = &tsp_smc_args[linear_id]; + write_sp_arg(pcpu_smc_args, SMC_ARG0, arg0); + write_sp_arg(pcpu_smc_args, SMC_ARG1, arg1); + write_sp_arg(pcpu_smc_args, SMC_ARG2, arg2); + write_sp_arg(pcpu_smc_args, SMC_ARG3, arg3); + write_sp_arg(pcpu_smc_args, SMC_ARG4, arg4); + write_sp_arg(pcpu_smc_args, SMC_ARG5, arg5); + write_sp_arg(pcpu_smc_args, SMC_ARG6, arg6); + write_sp_arg(pcpu_smc_args, SMC_ARG7, arg7); + + return pcpu_smc_args; +} + +/******************************************************************************* + * Setup function for TSP. + ******************************************************************************/ +void tsp_setup(void) +{ + /* Perform early platform-specific setup. */ + tsp_early_platform_setup(); + + /* Perform late platform-specific setup. */ + tsp_plat_arch_setup(); + +#if ENABLE_PAUTH + /* + * Assert that the ARMv8.3-PAuth registers are present or an access + * fault will be triggered when they are being saved or restored. + */ + assert(is_armv8_3_pauth_present()); +#endif /* ENABLE_PAUTH */ +} + +/******************************************************************************* + * This function performs any remaining bookkeeping in the test secure payload + * before the system is switched off (in response to a psci SYSTEM_OFF request). + ******************************************************************************/ +smc_args_t *tsp_system_off_main(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + + INFO("TSP: cpu 0x%lx SYSTEM_OFF request\n", read_mpidr()); + INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count); + + /* Indicate to the SPD that we have completed this request. */ + return set_smc_args(TSP_SYSTEM_OFF_DONE, 0, 0, 0, 0, 0, 0, 0); +} + +/******************************************************************************* + * This function performs any remaining bookkeeping in the test secure payload + * before the system is reset (in response to a psci SYSTEM_RESET request). + ******************************************************************************/ +smc_args_t *tsp_system_reset_main(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + + INFO("TSP: cpu 0x%lx SYSTEM_RESET request\n", read_mpidr()); + INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count); + + /* Indicate to the SPD that we have completed this request. */ + return set_smc_args(TSP_SYSTEM_RESET_DONE, 0, 0, 0, 0, 0, 0, 0); +} + +/******************************************************************************* + * TSP smc abort handler. This function is called when aborting a preempted + * yielding SMC request. It should cleanup all resources owned by the SMC + * handler such as locks or dynamically allocated memory so following SMC + * request are executed in a clean environment. + ******************************************************************************/ +smc_args_t *tsp_abort_smc_handler(uint64_t func, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + return set_smc_args(TSP_ABORT_DONE, 0, 0, 0, 0, 0, 0, 0); +}
diff --git a/bl32/tsp/tsp_ffa_main.c b/bl32/tsp/tsp_ffa_main.c new file mode 100644 index 0000000..53dbd03 --- /dev/null +++ b/bl32/tsp/tsp_ffa_main.c
@@ -0,0 +1,655 @@ +/* + * Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <assert.h> +#include <inttypes.h> +#include <stdint.h> + +#include "../../services/std_svc/spm/el3_spmc/spmc.h" +#include "../../services/std_svc/spm/el3_spmc/spmc_shared_mem.h" +#include <arch_features.h> +#include <arch_helpers.h> +#include <bl32/tsp/tsp.h> +#include <common/bl_common.h> +#include <common/debug.h> +#include "ffa_helpers.h" +#include <lib/psci/psci.h> +#include <lib/spinlock.h> +#include <lib/xlat_tables/xlat_tables_defs.h> +#include <lib/xlat_tables/xlat_tables_v2.h> +#include <plat/common/platform.h> +#include <platform_tsp.h> +#include <services/ffa_svc.h> +#include "tsp_private.h" + +#include <platform_def.h> + +static ffa_endpoint_id16_t tsp_id, spmc_id; +uint8_t mem_region_buffer[4096 * 2] __aligned(PAGE_SIZE); + +/* Partition Mailbox. */ +static uint8_t send_page[PAGE_SIZE] __aligned(PAGE_SIZE); +static uint8_t recv_page[PAGE_SIZE] __aligned(PAGE_SIZE); + +/* + * Declare a global mailbox for use within the TSP. + * This will be initialized appropriately when the buffers + * are mapped with the SPMC. + */ +static struct mailbox mailbox; + +/******************************************************************************* + * This enum is used to handle test cases driven from the FF-A Test Driver. + ******************************************************************************/ +/* Keep in Sync with FF-A Test Driver. */ +enum message_t { + /* Partition Only Messages. */ + FF_A_RELAY_MESSAGE = 0, + + /* Basic Functionality. */ + FF_A_ECHO_MESSAGE, + FF_A_RELAY_MESSAGE_EL3, + + /* Memory Sharing. */ + FF_A_MEMORY_SHARE, + FF_A_MEMORY_SHARE_FRAGMENTED, + FF_A_MEMORY_LEND, + FF_A_MEMORY_LEND_FRAGMENTED, + + FF_A_MEMORY_SHARE_MULTI_ENDPOINT, + FF_A_MEMORY_LEND_MULTI_ENDPOINT, + + LAST, + FF_A_RUN_ALL = 255, + FF_A_OP_MAX = 256 +}; + +#if SPMC_AT_EL3 +extern void tsp_cpu_on_entry(void); +#endif + +/******************************************************************************* + * Test Functions. + ******************************************************************************/ + +/******************************************************************************* + * Enable the TSP to forward the received message to another partition and ask + * it to echo the value back in order to validate direct messages functionality. + ******************************************************************************/ +static int ffa_test_relay(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + smc_args_t ffa_forward_result; + ffa_endpoint_id16_t receiver = arg5; + + ffa_forward_result = ffa_msg_send_direct_req(ffa_endpoint_source(arg1), + receiver, + FF_A_ECHO_MESSAGE, arg4, + 0, 0, 0); + return ffa_forward_result._regs[3]; +} + +/******************************************************************************* + * This function handles memory management tests, currently share and lend. + * This test supports the use of FRAG_RX to use memory descriptors that do not + * fit in a single 4KB buffer. + ******************************************************************************/ +static int test_memory_send(ffa_endpoint_id16_t sender, uint64_t handle, + ffa_mtd_flag32_t flags, bool multi_endpoint) +{ + struct ffa_mtd *m; + struct ffa_emad_v1_0 *receivers; + struct ffa_comp_mrd *composite; + int ret, status = 0; + unsigned int mem_attrs; + char *ptr; + ffa_endpoint_id16_t source = sender; + uint32_t total_length, recv_length = 0; + + /* + * In the case that we're testing multiple endpoints choose a partition + * ID that resides in the normal world so the SPMC won't detect it as + * invalid. + * TODO: Should get endpoint receiver id and flag as input from NWd. + */ + uint32_t receiver_count = multi_endpoint ? 2 : 1; + ffa_endpoint_id16_t test_receivers[2] = { tsp_id, 0x10 }; + + /* Ensure that the sender ID resides in the normal world. */ + if (ffa_is_secure_world_id(sender)) { + ERROR("Invalid sender ID 0x%x.\n", sender); + return FFA_ERROR_DENIED; + } + + if (!memory_retrieve(&mailbox, &m, handle, source, test_receivers, + receiver_count, flags, &recv_length, + &total_length)) { + return FFA_ERROR_INVALID_PARAMETER; + } + + receivers = (struct ffa_emad_v1_0 *) + ((uint8_t *) m + m->emad_offset); + while (total_length != recv_length) { + smc_args_t ffa_return; + uint32_t frag_length; + + ffa_return = ffa_mem_frag_rx(handle, recv_length); + + if (ffa_return._regs[0] == FFA_ERROR) { + WARN("TSP: failed to resume mem with handle %lx\n", + handle); + return ffa_return._regs[2]; + } + frag_length = ffa_return._regs[3]; + + /* Validate frag_length is less than total_length and mailbox size. */ + if (frag_length > total_length || + frag_length > (mailbox.rxtx_page_count * PAGE_SIZE)) { + ERROR("Invalid parameters!\n"); + return FFA_ERROR_INVALID_PARAMETER; + } + + /* Validate frag_length is less than remaining mem_region_buffer size. */ + if (frag_length + recv_length >= REGION_BUF_SIZE) { + ERROR("Out of memory!\n"); + return FFA_ERROR_INVALID_PARAMETER; + } + + memcpy(&mem_region_buffer[recv_length], mailbox.rx_buffer, + frag_length); + + if (ffa_rx_release()) { + ERROR("Failed to release buffer!\n"); + return FFA_ERROR_DENIED; + } + + recv_length += frag_length; + + assert(recv_length <= total_length); + } + + composite = ffa_memory_region_get_composite(m, 0); + if (composite == NULL) { + WARN("Failed to get composite descriptor!\n"); + return FFA_ERROR_INVALID_PARAMETER; + } + + VERBOSE("Address: %p; page_count: %x %lx\n", + (void *)composite->address_range_array[0].address, + composite->address_range_array[0].page_count, PAGE_SIZE); + + /* This test is only concerned with RW permissions. */ + if (ffa_get_data_access_attr( + receivers[0].mapd.memory_access_permissions) != FFA_MEM_PERM_RW) { + ERROR("Data permission in retrieve response %x does not match share/lend %x!\n", + ffa_get_data_access_attr(receivers[0].mapd.memory_access_permissions), + FFA_MEM_PERM_RW); + return FFA_ERROR_INVALID_PARAMETER; + } + + mem_attrs = MT_RW_DATA | MT_EXECUTE_NEVER; + + /* Only expecting to be sent memory from NWd so map accordingly. */ + mem_attrs |= MT_NS; + + for (uint32_t i = 0U; i < composite->address_range_count; i++) { + size_t size = composite->address_range_array[i].page_count * PAGE_SIZE; + + ptr = (char *) composite->address_range_array[i].address; + ret = mmap_add_dynamic_region( + (uint64_t)ptr, + (uint64_t)ptr, + size, mem_attrs); + + if (ret != 0) { + ERROR("Failed [%u] mmap_add_dynamic_region %u (%lx) (%lx) (%x)!\n", + i, ret, + (uint64_t)composite->address_range_array[i].address, + size, mem_attrs); + + /* Remove mappings created in this transaction. */ + for (i--; i >= 0U; i--) { + ret = mmap_remove_dynamic_region( + (uint64_t)ptr, + composite->address_range_array[i].page_count * PAGE_SIZE); + + if (ret != 0) { + ERROR("Failed [%d] mmap_remove_dynamic_region!\n", i); + panic(); + } + } + return FFA_ERROR_NO_MEMORY; + } + + /* Increment memory region for validation purposes. */ + ++(*ptr); + + /* + * Read initial magic number from memory region for + * validation purposes. + */ + if (!i) { + status = *ptr; + } + } + + for (uint32_t i = 0U; i < composite->address_range_count; i++) { + ret = mmap_remove_dynamic_region( + (uint64_t)composite->address_range_array[i].address, + composite->address_range_array[i].page_count * PAGE_SIZE); + + if (ret != 0) { + ERROR("Failed [%d] mmap_remove_dynamic_region!\n", i); + return FFA_ERROR_NO_MEMORY; + } + } + + if (!memory_relinquish((struct ffa_mem_relinquish_descriptor *)mailbox.tx_buffer, + m->handle, tsp_id)) { + ERROR("Failed to relinquish memory region!\n"); + return FFA_ERROR_INVALID_PARAMETER; + } + return status; +} + +static smc_args_t *send_ffa_pm_success(void) +{ + return set_smc_args(FFA_MSG_SEND_DIRECT_RESP_SMC32, + ((tsp_id & FFA_DIRECT_MSG_ENDPOINT_ID_MASK) + << FFA_DIRECT_MSG_SOURCE_SHIFT) | spmc_id, + FFA_FWK_MSG_BIT | + (FFA_PM_MSG_PM_RESP & FFA_FWK_MSG_MASK), + 0, 0, 0, 0, 0); +} + +/******************************************************************************* + * This function performs any remaining book keeping in the test secure payload + * before this cpu is turned off in response to a psci cpu_off request. + ******************************************************************************/ +smc_args_t *tsp_cpu_off_main(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* + * This cpu is being turned off, so disable the timer to prevent the + * secure timer interrupt from interfering with power down. A pending + * interrupt will be lost but we do not care as we are turning off. + */ + tsp_generic_timer_stop(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + tsp_stats[linear_id].cpu_off_count++; + + INFO("TSP: cpu 0x%lx off request\n", read_mpidr()); + INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu off requests\n", + read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count, + tsp_stats[linear_id].cpu_off_count); + + return send_ffa_pm_success(); +} + +/******************************************************************************* + * This function performs any book keeping in the test secure payload before + * this cpu's architectural state is saved in response to an earlier psci + * cpu_suspend request. + ******************************************************************************/ +smc_args_t *tsp_cpu_suspend_main(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* + * Save the time context and disable it to prevent the secure timer + * interrupt from interfering with wakeup from the suspend state. + */ + tsp_generic_timer_save(); + tsp_generic_timer_stop(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + tsp_stats[linear_id].cpu_suspend_count++; + + INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu suspend requests\n", + read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count, + tsp_stats[linear_id].cpu_suspend_count); + + return send_ffa_pm_success(); +} + +/******************************************************************************* + * This function performs any bookkeeping in the test secure payload after this + * cpu's architectural state has been restored after wakeup from an earlier psci + * cpu_suspend request. + ******************************************************************************/ +smc_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* Restore the generic timer context. */ + tsp_generic_timer_restore(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + tsp_stats[linear_id].cpu_resume_count++; + + INFO("TSP: cpu 0x%lx resumed. maximum off power level %" PRId64 "\n", + read_mpidr(), max_off_pwrlvl); + INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu resume requests\n", + read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count, + tsp_stats[linear_id].cpu_resume_count); + + return send_ffa_pm_success(); +} + +/******************************************************************************* + * This function handles framework messages. Currently only PM. + ******************************************************************************/ +static smc_args_t *handle_framework_message(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + /* Check if it is a power management message from the SPMC. */ + if (ffa_endpoint_source(arg1) != spmc_id) { + goto err; + } + + /* Check if it is a PM request message. */ + if ((arg2 & FFA_FWK_MSG_MASK) == FFA_FWK_MSG_PSCI) { + /* Check if it is a PSCI CPU_OFF request. */ + if (arg3 == PSCI_CPU_OFF) { + return tsp_cpu_off_main(arg0, arg1, arg2, arg3, + arg4, arg5, arg6, arg7); + } else if (arg3 == PSCI_CPU_SUSPEND_AARCH64) { + return tsp_cpu_suspend_main(arg0, arg1, arg2, arg3, + arg4, arg5, arg6, arg7); + } + } else if ((arg2 & FFA_FWK_MSG_MASK) == FFA_PM_MSG_WB_REQ) { + /* Check it is a PSCI Warm Boot request. */ + if (arg3 == FFA_WB_TYPE_NOTS2RAM) { + return tsp_cpu_resume_main(arg0, arg1, arg2, arg3, + arg4, arg5, arg6, arg7); + } + } + +err: + ERROR("%s: Unknown framework message!\n", __func__); + panic(); +} + +/******************************************************************************* + * Handles partition messages. Exercised from the FF-A Test Driver. + ******************************************************************************/ +static smc_args_t *handle_partition_message(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + uint16_t sender = ffa_endpoint_source(arg1); + uint16_t receiver = ffa_endpoint_destination(arg1); + int status = -1; + const bool multi_endpoint = true; + + switch (arg3) { + case FF_A_MEMORY_SHARE: + INFO("TSP Tests: Memory Share Request--\n"); + status = test_memory_send(sender, arg4, FFA_FLAG_SHARE_MEMORY, !multi_endpoint); + break; + + case FF_A_MEMORY_LEND: + INFO("TSP Tests: Memory Lend Request--\n"); + status = test_memory_send(sender, arg4, FFA_FLAG_LEND_MEMORY, !multi_endpoint); + break; + + case FF_A_MEMORY_SHARE_MULTI_ENDPOINT: + INFO("TSP Tests: Multi Endpoint Memory Share Request--\n"); + status = test_memory_send(sender, arg4, FFA_FLAG_SHARE_MEMORY, multi_endpoint); + break; + + case FF_A_MEMORY_LEND_MULTI_ENDPOINT: + INFO("TSP Tests: Multi Endpoint Memory Lend Request--\n"); + status = test_memory_send(sender, arg4, FFA_FLAG_LEND_MEMORY, multi_endpoint); + break; + case FF_A_RELAY_MESSAGE: + INFO("TSP Tests: Relaying message--\n"); + status = ffa_test_relay(arg0, arg1, arg2, arg3, arg4, + arg5, arg6, arg7); + break; + + case FF_A_ECHO_MESSAGE: + INFO("TSP Tests: echo message--\n"); + status = arg4; + break; + + default: + INFO("TSP Tests: Unknown request ID %d--\n", (int) arg3); + } + + /* Swap the sender and receiver in the response. */ + return ffa_msg_send_direct_resp(receiver, sender, status, 0, 0, 0, 0); +} + +/******************************************************************************* + * This function implements the event loop for handling FF-A ABI invocations. + ******************************************************************************/ +static smc_args_t *tsp_event_loop(uint64_t smc_fid, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7) +{ + /* Panic if the SPMC did not forward an FF-A call. */ + if (!is_ffa_fid(smc_fid)) { + ERROR("%s: Unknown SMC FID (0x%lx)\n", __func__, smc_fid); + panic(); + } + + switch (smc_fid) { + case FFA_INTERRUPT: + /* + * IRQs were enabled upon re-entry into the TSP. The interrupt + * must have been handled by now. Return to the SPMC indicating + * the same. + */ + return set_smc_args(FFA_MSG_WAIT, 0, 0, 0, 0, 0, 0, 0); + + case FFA_MSG_SEND_DIRECT_REQ_SMC64: + case FFA_MSG_SEND_DIRECT_REQ_SMC32: + /* Check if a framework message, handle accordingly. */ + if ((arg2 & FFA_FWK_MSG_BIT)) { + return handle_framework_message(smc_fid, arg1, arg2, arg3, + arg4, arg5, arg6, arg7); + } + return handle_partition_message(smc_fid, arg1, arg2, arg3, + arg4, arg5, arg6, arg7); + } + + ERROR("%s: Unsupported FF-A FID (0x%lx)\n", __func__, smc_fid); + panic(); +} + +static smc_args_t *tsp_loop(smc_args_t *args) +{ + smc_args_t ret; + + do { + /* -------------------------------------------- + * Mask FIQ interrupts to avoid preemption + * in case EL3 SPMC delegates an IRQ next or a + * managed exit. Lastly, unmask IRQs so that + * they can be handled immediately upon re-entry. + * --------------------------------------------- + */ + write_daifset(DAIF_FIQ_BIT); + write_daifclr(DAIF_IRQ_BIT); + ret = smc_helper(args->_regs[0], args->_regs[1], args->_regs[2], + args->_regs[3], args->_regs[4], args->_regs[5], + args->_regs[6], args->_regs[7]); + args = tsp_event_loop(ret._regs[0], ret._regs[1], ret._regs[2], + ret._regs[3], ret._regs[4], ret._regs[5], + ret._regs[6], ret._regs[7]); + } while (1); + + /* Not Reached. */ + return NULL; +} + +/******************************************************************************* + * TSP main entry point where it gets the opportunity to initialize its secure + * state/applications. Once the state is initialized, it must return to the + * SPD with a pointer to the 'tsp_vector_table' jump table. + ******************************************************************************/ +uint64_t tsp_main(void) +{ + smc_args_t smc_args = {0}; + + NOTICE("TSP: %s\n", version_string); + NOTICE("TSP: %s\n", build_message); + INFO("TSP: Total memory base : 0x%lx\n", (unsigned long) BL32_BASE); + INFO("TSP: Total memory size : 0x%lx bytes\n", BL32_TOTAL_SIZE); + uint32_t linear_id = plat_my_core_pos(); + + /* Initialize the platform. */ + tsp_platform_setup(); + + /* Initialize secure/applications state here. */ + tsp_generic_timer_start(); + + /* Register secondary entrypoint with the SPMC. */ + smc_args = smc_helper(FFA_SECONDARY_EP_REGISTER_SMC64, + (uint64_t) tsp_cpu_on_entry, + 0, 0, 0, 0, 0, 0); + if (smc_args._regs[SMC_ARG0] != FFA_SUCCESS_SMC32) { + ERROR("TSP could not register secondary ep (0x%lx)\n", + smc_args._regs[2]); + panic(); + } + /* Get TSP's endpoint id. */ + smc_args = smc_helper(FFA_ID_GET, 0, 0, 0, 0, 0, 0, 0); + if (smc_args._regs[SMC_ARG0] != FFA_SUCCESS_SMC32) { + ERROR("TSP could not get own ID (0x%lx) on core%d\n", + smc_args._regs[2], linear_id); + panic(); + } + + tsp_id = smc_args._regs[2]; + INFO("TSP FF-A endpoint id = 0x%x\n", tsp_id); + + /* Get the SPMC ID. */ + smc_args = smc_helper(FFA_SPM_ID_GET, 0, 0, 0, 0, 0, 0, 0); + if (smc_args._regs[SMC_ARG0] != FFA_SUCCESS_SMC32) { + ERROR("TSP could not get SPMC ID (0x%lx) on core%d\n", + smc_args._regs[2], linear_id); + panic(); + } + + spmc_id = smc_args._regs[2]; + + /* Call RXTX_MAP to map a 4k RX and TX buffer. */ + if (ffa_rxtx_map((uintptr_t) send_page, + (uintptr_t) recv_page, 1)) { + ERROR("TSP could not map it's RX/TX Buffers\n"); + panic(); + } + + mailbox.tx_buffer = send_page; + mailbox.rx_buffer = recv_page; + mailbox.rxtx_page_count = 1; + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + tsp_stats[linear_id].cpu_on_count++; + + INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n", + read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count, + tsp_stats[linear_id].cpu_on_count); + + /* Tell SPMD that we are done initialising. */ + tsp_loop(set_smc_args(FFA_MSG_WAIT, 0, 0, 0, 0, 0, 0, 0)); + + /* Not reached. */ + return 0; +} + +/******************************************************************************* + * This function performs any remaining book keeping in the test secure payload + * after this cpu's architectural state has been setup in response to an earlier + * psci cpu_on request. + ******************************************************************************/ +smc_args_t *tsp_cpu_on_main(void) +{ + uint32_t linear_id = plat_my_core_pos(); + + /* Initialize secure/applications state here. */ + tsp_generic_timer_start(); + + /* Update this cpu's statistics. */ + tsp_stats[linear_id].smc_count++; + tsp_stats[linear_id].eret_count++; + tsp_stats[linear_id].cpu_on_count++; + INFO("TSP: cpu 0x%lx turned on\n", read_mpidr()); + INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n", + read_mpidr(), + tsp_stats[linear_id].smc_count, + tsp_stats[linear_id].eret_count, + tsp_stats[linear_id].cpu_on_count); + /* --------------------------------------------- + * Jump to the main event loop to return to EL3 + * and be ready for the next request on this cpu. + * --------------------------------------------- + */ + return tsp_loop(set_smc_args(FFA_MSG_WAIT, 0, 0, 0, 0, 0, 0, 0)); +}
diff --git a/bl32/tsp/tsp_interrupt.c b/bl32/tsp/tsp_interrupt.c index 430b5dd..a847b6c 100644 --- a/bl32/tsp/tsp_interrupt.c +++ b/bl32/tsp/tsp_interrupt.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -35,8 +35,6 @@ if (type == TSP_HANDLE_SEL1_INTR_AND_RETURN) tsp_stats[linear_id].sync_sel1_intr_ret_count++; -#if LOG_LEVEL >= LOG_LEVEL_VERBOSE - spin_lock(&console_lock); VERBOSE("TSP: cpu 0x%lx sync s-el1 interrupt request from 0x%" PRIx64 "\n", read_mpidr(), elr_el3); VERBOSE("TSP: cpu 0x%lx: %d sync s-el1 interrupt requests," @@ -44,8 +42,6 @@ read_mpidr(), tsp_stats[linear_id].sync_sel1_intr_count, tsp_stats[linear_id].sync_sel1_intr_ret_count); - spin_unlock(&console_lock); -#endif } /****************************************************************************** @@ -58,12 +54,8 @@ uint32_t linear_id = plat_my_core_pos(); tsp_stats[linear_id].preempt_intr_count++; -#if LOG_LEVEL >= LOG_LEVEL_VERBOSE - spin_lock(&console_lock); VERBOSE("TSP: cpu 0x%lx: %d preempt interrupt requests\n", read_mpidr(), tsp_stats[linear_id].preempt_intr_count); - spin_unlock(&console_lock); -#endif return TSP_PREEMPTED; } @@ -91,8 +83,18 @@ id = plat_ic_get_pending_interrupt_id(); /* TSP can only handle the secure physical timer interrupt */ - if (id != TSP_IRQ_SEC_PHY_TIMER) + if (id != TSP_IRQ_SEC_PHY_TIMER) { +#if SPMC_AT_EL3 + /* + * With the EL3 FF-A SPMC we expect only Timer secure interrupt to fire in + * the TSP, so panic if any other interrupt does. + */ + ERROR("Unexpected interrupt id %u\n", id); + panic(); +#else return tsp_handle_preemption(); +#endif + } /* * Acknowledge and handle the secure timer interrupt. Also sanity check @@ -105,13 +107,9 @@ /* Update the statistics and print some messages */ tsp_stats[linear_id].sel1_intr_count++; -#if LOG_LEVEL >= LOG_LEVEL_VERBOSE - spin_lock(&console_lock); VERBOSE("TSP: cpu 0x%lx handled S-EL1 interrupt %d\n", read_mpidr(), id); VERBOSE("TSP: cpu 0x%lx: %d S-EL1 requests\n", read_mpidr(), tsp_stats[linear_id].sel1_intr_count); - spin_unlock(&console_lock); -#endif return 0; }
diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c index 522c1b4..df9903b 100644 --- a/bl32/tsp/tsp_main.c +++ b/bl32/tsp/tsp_main.c
@@ -15,85 +15,10 @@ #include <common/debug.h> #include <lib/spinlock.h> #include <plat/common/platform.h> -#include <platform_def.h> #include <platform_tsp.h> - #include "tsp_private.h" - -/******************************************************************************* - * Lock to control access to the console - ******************************************************************************/ -spinlock_t console_lock; - -/******************************************************************************* - * Per cpu data structure to populate parameters for an SMC in C code and use - * a pointer to this structure in assembler code to populate x0-x7 - ******************************************************************************/ -static tsp_args_t tsp_smc_args[PLATFORM_CORE_COUNT]; - -/******************************************************************************* - * Per cpu data structure to keep track of TSP activity - ******************************************************************************/ -work_statistics_t tsp_stats[PLATFORM_CORE_COUNT]; - -/******************************************************************************* - * The TSP memory footprint starts at address BL32_BASE and ends with the - * linker symbol __BL32_END__. Use these addresses to compute the TSP image - * size. - ******************************************************************************/ -#define BL32_TOTAL_LIMIT BL32_END -#define BL32_TOTAL_SIZE (BL32_TOTAL_LIMIT - (unsigned long) BL32_BASE) - -static tsp_args_t *set_smc_args(uint64_t arg0, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7) -{ - uint32_t linear_id; - tsp_args_t *pcpu_smc_args; - - /* - * Return to Secure Monitor by raising an SMC. The results of the - * service are passed as an arguments to the SMC - */ - linear_id = plat_my_core_pos(); - pcpu_smc_args = &tsp_smc_args[linear_id]; - write_sp_arg(pcpu_smc_args, TSP_ARG0, arg0); - write_sp_arg(pcpu_smc_args, TSP_ARG1, arg1); - write_sp_arg(pcpu_smc_args, TSP_ARG2, arg2); - write_sp_arg(pcpu_smc_args, TSP_ARG3, arg3); - write_sp_arg(pcpu_smc_args, TSP_ARG4, arg4); - write_sp_arg(pcpu_smc_args, TSP_ARG5, arg5); - write_sp_arg(pcpu_smc_args, TSP_ARG6, arg6); - write_sp_arg(pcpu_smc_args, TSP_ARG7, arg7); - - return pcpu_smc_args; -} - -/******************************************************************************* - * Setup function for TSP. - ******************************************************************************/ -void tsp_setup(void) -{ - /* Perform early platform-specific setup */ - tsp_early_platform_setup(); - - /* Perform late platform-specific setup */ - tsp_plat_arch_setup(); - -#if ENABLE_PAUTH - /* - * Assert that the ARMv8.3-PAuth registers are present or an access - * fault will be triggered when they are being saved or restored. - */ - assert(is_armv8_3_pauth_present()); -#endif /* ENABLE_PAUTH */ -} +#include <platform_def.h> /******************************************************************************* * TSP main entry point where it gets the opportunity to initialize its secure @@ -120,15 +45,11 @@ tsp_stats[linear_id].eret_count++; tsp_stats[linear_id].cpu_on_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n", read_mpidr(), tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count, tsp_stats[linear_id].cpu_on_count); - spin_unlock(&console_lock); -#endif return (uint64_t) &tsp_vector_table; } @@ -137,7 +58,7 @@ * after this cpu's architectural state has been setup in response to an earlier * psci cpu_on request. ******************************************************************************/ -tsp_args_t *tsp_cpu_on_main(void) +smc_args_t *tsp_cpu_on_main(void) { uint32_t linear_id = plat_my_core_pos(); @@ -149,16 +70,12 @@ tsp_stats[linear_id].eret_count++; tsp_stats[linear_id].cpu_on_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx turned on\n", read_mpidr()); INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu on requests\n", read_mpidr(), tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count, tsp_stats[linear_id].cpu_on_count); - spin_unlock(&console_lock); -#endif /* Indicate to the SPD that we have completed turned ourselves on */ return set_smc_args(TSP_ON_DONE, 0, 0, 0, 0, 0, 0, 0); } @@ -167,7 +84,7 @@ * This function performs any remaining book keeping in the test secure payload * before this cpu is turned off in response to a psci cpu_off request. ******************************************************************************/ -tsp_args_t *tsp_cpu_off_main(uint64_t arg0, +smc_args_t *tsp_cpu_off_main(uint64_t arg0, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -190,16 +107,12 @@ tsp_stats[linear_id].eret_count++; tsp_stats[linear_id].cpu_off_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx off request\n", read_mpidr()); INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu off requests\n", read_mpidr(), tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count, tsp_stats[linear_id].cpu_off_count); - spin_unlock(&console_lock); -#endif /* Indicate to the SPD that we have completed this request */ return set_smc_args(TSP_OFF_DONE, 0, 0, 0, 0, 0, 0, 0); @@ -210,7 +123,7 @@ * this cpu's architectural state is saved in response to an earlier psci * cpu_suspend request. ******************************************************************************/ -tsp_args_t *tsp_cpu_suspend_main(uint64_t arg0, +smc_args_t *tsp_cpu_suspend_main(uint64_t arg0, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -233,15 +146,11 @@ tsp_stats[linear_id].eret_count++; tsp_stats[linear_id].cpu_suspend_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu suspend requests\n", read_mpidr(), tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count, tsp_stats[linear_id].cpu_suspend_count); - spin_unlock(&console_lock); -#endif /* Indicate to the SPD that we have completed this request */ return set_smc_args(TSP_SUSPEND_DONE, 0, 0, 0, 0, 0, 0, 0); @@ -252,7 +161,7 @@ * cpu's architectural state has been restored after wakeup from an earlier psci * cpu_suspend request. ******************************************************************************/ -tsp_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl, +smc_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -271,8 +180,6 @@ tsp_stats[linear_id].eret_count++; tsp_stats[linear_id].cpu_resume_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx resumed. maximum off power level %" PRId64 "\n", read_mpidr(), max_off_pwrlvl); INFO("TSP: cpu 0x%lx: %d smcs, %d erets %d cpu resume requests\n", @@ -280,83 +187,17 @@ tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count, tsp_stats[linear_id].cpu_resume_count); - spin_unlock(&console_lock); -#endif /* Indicate to the SPD that we have completed this request */ return set_smc_args(TSP_RESUME_DONE, 0, 0, 0, 0, 0, 0, 0); } /******************************************************************************* - * This function performs any remaining bookkeeping in the test secure payload - * before the system is switched off (in response to a psci SYSTEM_OFF request) - ******************************************************************************/ -tsp_args_t *tsp_system_off_main(uint64_t arg0, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7) -{ - uint32_t linear_id = plat_my_core_pos(); - - /* Update this cpu's statistics */ - tsp_stats[linear_id].smc_count++; - tsp_stats[linear_id].eret_count++; - -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); - INFO("TSP: cpu 0x%lx SYSTEM_OFF request\n", read_mpidr()); - INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(), - tsp_stats[linear_id].smc_count, - tsp_stats[linear_id].eret_count); - spin_unlock(&console_lock); -#endif - - /* Indicate to the SPD that we have completed this request */ - return set_smc_args(TSP_SYSTEM_OFF_DONE, 0, 0, 0, 0, 0, 0, 0); -} - -/******************************************************************************* - * This function performs any remaining bookkeeping in the test secure payload - * before the system is reset (in response to a psci SYSTEM_RESET request) - ******************************************************************************/ -tsp_args_t *tsp_system_reset_main(uint64_t arg0, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7) -{ - uint32_t linear_id = plat_my_core_pos(); - - /* Update this cpu's statistics */ - tsp_stats[linear_id].smc_count++; - tsp_stats[linear_id].eret_count++; - -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); - INFO("TSP: cpu 0x%lx SYSTEM_RESET request\n", read_mpidr()); - INFO("TSP: cpu 0x%lx: %d smcs, %d erets requests\n", read_mpidr(), - tsp_stats[linear_id].smc_count, - tsp_stats[linear_id].eret_count); - spin_unlock(&console_lock); -#endif - - /* Indicate to the SPD that we have completed this request */ - return set_smc_args(TSP_SYSTEM_RESET_DONE, 0, 0, 0, 0, 0, 0, 0); -} - -/******************************************************************************* * TSP fast smc handler. The secure monitor jumps to this function by * doing the ERET after populating X0-X7 registers. The arguments are received * in the function arguments in order. Once the service is rendered, this * function returns to Secure Monitor by raising SMC. ******************************************************************************/ -tsp_args_t *tsp_smc_handler(uint64_t func, +smc_args_t *tsp_smc_handler(uint64_t func, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -376,16 +217,12 @@ tsp_stats[linear_id].smc_count++; tsp_stats[linear_id].eret_count++; -#if LOG_LEVEL >= LOG_LEVEL_INFO - spin_lock(&console_lock); INFO("TSP: cpu 0x%lx received %s smc 0x%" PRIx64 "\n", read_mpidr(), ((func >> 31) & 1) == 1 ? "fast" : "yielding", func); INFO("TSP: cpu 0x%lx: %d smcs, %d erets\n", read_mpidr(), tsp_stats[linear_id].smc_count, tsp_stats[linear_id].eret_count); - spin_unlock(&console_lock); -#endif /* Render secure services and obtain results here */ results[0] = arg1; @@ -427,11 +264,7 @@ break; case TSP_CHECK_DIT: if (!is_armv8_4_dit_present()) { -#if LOG_LEVEL >= LOG_LEVEL_ERROR - spin_lock(&console_lock); ERROR("DIT not supported\n"); - spin_unlock(&console_lock); -#endif results[0] = 0; results[1] = 0xffff; break; @@ -451,21 +284,3 @@ results[1], 0, 0, 0, 0); } - -/******************************************************************************* - * TSP smc abort handler. This function is called when aborting a preempted - * yielding SMC request. It should cleanup all resources owned by the SMC - * handler such as locks or dynamically allocated memory so following SMC - * request are executed in a clean environment. - ******************************************************************************/ -tsp_args_t *tsp_abort_smc_handler(uint64_t func, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7) -{ - return set_smc_args(TSP_ABORT_DONE, 0, 0, 0, 0, 0, 0, 0); -}
diff --git a/bl32/tsp/tsp_private.h b/bl32/tsp/tsp_private.h index 38d9732..66873e2 100644 --- a/bl32/tsp/tsp_private.h +++ b/bl32/tsp/tsp_private.h
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,28 +7,22 @@ #ifndef TSP_PRIVATE_H #define TSP_PRIVATE_H -/* Definitions to help the assembler access the SMC/ERET args structure */ -#define TSP_ARGS_SIZE 0x40 -#define TSP_ARG0 0x0 -#define TSP_ARG1 0x8 -#define TSP_ARG2 0x10 -#define TSP_ARG3 0x18 -#define TSP_ARG4 0x20 -#define TSP_ARG5 0x28 -#define TSP_ARG6 0x30 -#define TSP_ARG7 0x38 -#define TSP_ARGS_END 0x40 - +/******************************************************************************* + * The TSP memory footprint starts at address BL32_BASE and ends with the + * linker symbol __BL32_END__. Use these addresses to compute the TSP image + * size. + ******************************************************************************/ +#define BL32_TOTAL_LIMIT BL32_END +#define BL32_TOTAL_SIZE (BL32_TOTAL_LIMIT - (unsigned long) BL32_BASE) #ifndef __ASSEMBLER__ #include <stdint.h> -#include <platform_def.h> /* For CACHE_WRITEBACK_GRANULE */ - #include <bl32/tsp/tsp.h> #include <lib/cassert.h> #include <lib/spinlock.h> +#include <smccc_helpers.h> typedef struct work_statistics { /* Number of s-el1 interrupts on this cpu */ @@ -47,23 +41,22 @@ uint32_t cpu_resume_count; /* Number of cpu resume requests */ } __aligned(CACHE_WRITEBACK_GRANULE) work_statistics_t; -typedef struct tsp_args { - uint64_t _regs[TSP_ARGS_END >> 3]; -} __aligned(CACHE_WRITEBACK_GRANULE) tsp_args_t; - /* Macros to access members of the above structure using their offsets */ #define read_sp_arg(args, offset) ((args)->_regs[offset >> 3]) #define write_sp_arg(args, offset, val) (((args)->_regs[offset >> 3]) \ = val) -/* - * Ensure that the assembler's view of the size of the tsp_args is the - * same as the compilers - */ -CASSERT(TSP_ARGS_SIZE == sizeof(tsp_args_t), assert_sp_args_size_mismatch); uint128_t tsp_get_magic(void); -tsp_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl, +smc_args_t *set_smc_args(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7); +smc_args_t *tsp_cpu_resume_main(uint64_t max_off_pwrlvl, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -71,7 +64,7 @@ uint64_t arg5, uint64_t arg6, uint64_t arg7); -tsp_args_t *tsp_cpu_suspend_main(uint64_t arg0, +smc_args_t *tsp_cpu_suspend_main(uint64_t arg0, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -79,8 +72,8 @@ uint64_t arg5, uint64_t arg6, uint64_t arg7); -tsp_args_t *tsp_cpu_on_main(void); -tsp_args_t *tsp_cpu_off_main(uint64_t arg0, +smc_args_t *tsp_cpu_on_main(void); +smc_args_t *tsp_cpu_off_main(uint64_t arg0, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -101,7 +94,6 @@ /* Data structure to keep track of TSP statistics */ -extern spinlock_t console_lock; extern work_statistics_t tsp_stats[PLATFORM_CORE_COUNT]; /* Vector table of jumps */ @@ -111,7 +103,7 @@ int32_t tsp_common_int_handler(void); int32_t tsp_handle_preemption(void); -tsp_args_t *tsp_abort_smc_handler(uint64_t func, +smc_args_t *tsp_abort_smc_handler(uint64_t func, uint64_t arg1, uint64_t arg2, uint64_t arg3, @@ -120,25 +112,25 @@ uint64_t arg6, uint64_t arg7); -tsp_args_t *tsp_smc_handler(uint64_t func, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7); +smc_args_t *tsp_smc_handler(uint64_t func, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7); -tsp_args_t *tsp_system_reset_main(uint64_t arg0, - uint64_t arg1, - uint64_t arg2, - uint64_t arg3, - uint64_t arg4, - uint64_t arg5, - uint64_t arg6, - uint64_t arg7); +smc_args_t *tsp_system_reset_main(uint64_t arg0, + uint64_t arg1, + uint64_t arg2, + uint64_t arg3, + uint64_t arg4, + uint64_t arg5, + uint64_t arg6, + uint64_t arg7); -tsp_args_t *tsp_system_off_main(uint64_t arg0, +smc_args_t *tsp_system_off_main(uint64_t arg0, uint64_t arg1, uint64_t arg2, uint64_t arg3,
diff --git a/changelog.yaml b/changelog.yaml index 1a11c9b..cfb2bb5 100644 --- a/changelog.yaml +++ b/changelog.yaml
@@ -31,7 +31,7 @@ type: ci hidden: true - - title: Build System + - title: Documentation description: Documentation-only changes type: docs hidden: true @@ -89,15 +89,42 @@ - title: Activity Monitors Extension (FEAT_AMU) scope: amu + - title: Branch Record Buffer Extension (FEAT_BRBE) + scope: brbe + + - title: Branch Target Identification Extension + scope: bti + + - title: Confidential Compute Architecture (CCA) + scope: cca + + - title: Extended Cache Index (FEAT_CCIDX) + scope: ccidx + - title: Support for the `HCRX_EL2` register (FEAT_HCX) scope: hcx - title: Memory Partitioning and Monitoring (MPAM) Extension (FEAT_MPAM) scope: mpam + - title: Memory Tagging Extension + scope: mte + + - title: Pointer Authentication Extension + scope: pauth + + - title: Performance Monitors Extension (FEAT_PMUv3) + scope: pmu + + - title: Trapping support for RNDR/RNDRRS (FEAT_RNG_TRAP) + scope: rng-trap + - title: Scalable Matrix Extension (FEAT_SME) scope: sme + - title: Statistical profiling Extension (FEAT_SPE) + scope: spe + - title: Scalable Vector Extension (FEAT_SVE) scope: sve @@ -113,15 +140,6 @@ - title: Self-hosted Trace Extensions (FEAT_TRF) scope: trf - - title: Statistical profiling Extension (FEAT_SPE) - scope: spe - - - title: Branch Record Buffer Extension (FEAT_BRBE) - scope: brbe - - - title: Extended Cache Index (FEAT_CCIDX) - scope: ccidx - - title: Platforms subsections: @@ -138,6 +156,12 @@ - plat/arm subsections: + - title: CSS + scope: css + + deprecated: + - plat/arm/css + - title: FPGA scope: fpga @@ -151,6 +175,7 @@ deprecated: - plat/fvp + - fvp/tsp_manifest - title: FVP-R scope: fvp-r @@ -158,6 +183,9 @@ deprecated: - fvp_r + - title: FVP Versatile Express + scope: fvp_ve + - title: Juno scope: juno @@ -200,6 +228,16 @@ - title: Broadcom scope: brcm + - title: HiSilicon + scope: hisilicon + + subsections: + - title: HiKey + scope: hikey + + - title: HiKey960 + scope: hikey960 + - title: Intel scope: intel @@ -247,6 +285,16 @@ deprecated: - plat/mediatek/mt8183 + - title: MT8186 + scope: mt8186 + + deprecated: + - plat/mediatek/mt8186 + - mt8186-emi-mpu + + - title: MT8188 + scope: mt8188 + - title: MT8192 scope: mt8192 @@ -261,12 +309,6 @@ - plat/mediatek/mt8195 - plat/mdeiatek/mt8195 - - title: MT8186 - scope: mt8186 - - deprecated: - - plat/mediatek/mt8186 - - title: NVIDIA scope: nvidia @@ -417,6 +459,9 @@ - title: QTI scope: qti + deprecated: + - plat/qti + subsections: - title: SC1780 scope: sc7180 @@ -437,6 +482,9 @@ scope: rpi subsections: + - title: Raspberry Pi 3 + scope: rpi3 + - title: Raspberry Pi 4 scope: rpi4 @@ -485,12 +533,19 @@ - plat/st subsections: - - title: ST32MP1 + - title: STM32MP1 scope: stm32mp1 deprecated: - plat/st/stm32mp1 + subsections: + - title: STM32MP13 + scope: stm32mp13 + + - title: STM32MP15 + scope: stm32mp15 + - title: Texas Instruments scope: ti @@ -498,6 +553,9 @@ - title: K3 scope: k3 + deprecated: + - ti-k3 + - title: Xilinx scope: xilinx @@ -513,6 +571,13 @@ - plat/xilinx/versal - plat/versal + subsections: + - title: Versal NET + scope: versal-net + + deprecated: + - versal_net + - title: ZynqMP scope: zynqmp @@ -536,6 +601,13 @@ - title: BL31 scope: bl31 + - title: BL32 + scope: bl32 + + subsections: + - title: TSP + scope: tsp + - title: Services scope: services @@ -549,10 +621,16 @@ - title: RME scope: rme + deprecated: + - rme/fid + subsections: - title: TRP scope: trp + - title: RMMD + scope: rmmd + - title: SPM scope: spm @@ -560,12 +638,21 @@ - title: EL3 SPMC scope: el3-spmc + deprecated: + - spmc + - title: SPMD scope: spmd - title: SPM MM scope: spm-mm + - title: DRTM + scope: drtm + + - title: TRNG + scope: trng + - title: Libraries subsections: @@ -587,6 +674,9 @@ - title: Context Management scope: cm + - title: RAS + scope: ras + - title: FCONF scope: fconf @@ -623,6 +713,18 @@ - title: PSA scope: psa + deprecated: + - lib/psa + + - title: Context Management + scope: context-mgmt + + deprecated: + - context mgmt + + - title: Semihosting + scope: semihosting + - title: Drivers subsections: @@ -636,6 +738,12 @@ - title: CryptoCell-713 scope: cc-713 + - title: Crypto + scope: crypto + + - title: mbedTLS + scope: mbedtls + - title: Generic Clock scope: clk @@ -694,6 +802,7 @@ deprecated: - scmi_common - drivers/scmi-msg + - scmi-msg - title: UFS scope: ufs @@ -715,7 +824,13 @@ - title: GICv3 scope: gicv3 + deprecated: + - gicv3/multichip + subsections: + - title: GIC-600 + scope: gic600 + - title: GIC-600AE scope: gic600ae @@ -1035,6 +1150,13 @@ deprecated: - fdts stm32mp1 + subsections: + - title: STM32MP13 + scope: stm32mp13-fdts + + - title: STM32MP15 + scope: stm32mp15-fdts + - title: PIE scope: pie @@ -1123,6 +1245,9 @@ - title: Certificate Creation Tool scope: cert-create + deprecated: + - cert_create + - title: Dependencies scope: deps @@ -1133,8 +1258,15 @@ - title: commitlint scope: commitlint + - title: Compiler runtime libraries + scope: compiler-rt + - title: libfdt scope: libfdt - title: Node Package Manager (NPM) scope: npm + + - title: zlib + scope: zlib +
diff --git a/common/aarch32/debug.S b/common/aarch32/debug.S index 9d410df..ae0bb7a 100644 --- a/common/aarch32/debug.S +++ b/common/aarch32/debug.S
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,6 +14,8 @@ .globl asm_assert .globl do_panic .globl report_exception + .globl report_prefetch_abort + .globl report_data_abort /* Since the max decimal input number is 65536 */ #define MAX_DEC_DIVISOR 10000 @@ -205,3 +207,33 @@ bl plat_report_exception no_ret plat_panic_handler endfunc report_exception + + /*********************************************************** + * This function is called from the vector table for + * unhandled exceptions. The lr_abt is given as an + * argument to platform handler. + ***********************************************************/ +func report_prefetch_abort +#if ARM_ARCH_MAJOR == 7 && !defined(ARMV7_SUPPORTS_VIRTUALIZATION) + b report_exception +#else + mrs r0, lr_abt + bl plat_report_prefetch_abort + no_ret plat_panic_handler +#endif +endfunc report_prefetch_abort + + /*********************************************************** + * This function is called from the vector table for + * unhandled exceptions. The lr_abt is given as an + * argument to platform handler. + ***********************************************************/ +func report_data_abort +#if ARM_ARCH_MAJOR == 7 && !defined(ARMV7_SUPPORTS_VIRTUALIZATION) + b report_exception +#else + mrs r0, lr_abt + bl plat_report_data_abort + no_ret plat_panic_handler +#endif +endfunc report_data_abort
diff --git a/common/aarch64/debug.S b/common/aarch64/debug.S index d105d08..742e022 100644 --- a/common/aarch64/debug.S +++ b/common/aarch64/debug.S
@@ -168,7 +168,7 @@ mrs x0, currentel ubfx x0, x0, #MODE_EL_SHIFT, #MODE_EL_WIDTH cmp x0, #MODE_EL3 -#if !HANDLE_EA_EL3_FIRST +#if !HANDLE_EA_EL3_FIRST_NS ldr x0, [sp], #0x10 b.eq el3_panic #else @@ -184,7 +184,7 @@ to_panic_common: ldr x0, [sp], #0x10 -#endif /* HANDLE_EA_EL3_FIRST */ +#endif /* HANDLE_EA_EL3_FIRST_NS */ #endif /* CRASH_REPORTING */ panic_common:
diff --git a/common/backtrace/backtrace.c b/common/backtrace/backtrace.c index 25e2c70..f994ae5 100644 --- a/common/backtrace/backtrace.c +++ b/common/backtrace/backtrace.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -37,25 +37,9 @@ uintptr_t return_addr; }; -const char *get_el_str(unsigned int el) +static inline uintptr_t extract_address(uintptr_t address) { - if (el == 3U) { - return "EL3"; - } else if (el == 2U) { - return "EL2"; - } else { - return "S-EL1"; - } -} - -/* - * Returns true if the address points to a virtual address that can be read at - * the current EL, false otherwise. - */ -#ifdef __aarch64__ -static bool is_address_readable(uintptr_t addr) -{ - unsigned int el = get_current_el(); + uintptr_t ret = address; #if ENABLE_PAUTH /* @@ -63,8 +47,23 @@ * stack contains a PAC. It must be stripped to retrieve the return * address. */ - xpaci(addr); + + xpaci(ret); #endif + + return ret; +} + +/* + * Returns true if the address points to a virtual address that can be read at + * the current EL, false otherwise. + */ +#ifdef __aarch64__ +static bool is_address_readable(uintptr_t address) +{ + unsigned int el = get_current_el(); + uintptr_t addr = extract_address(address); + if (el == 3U) { ats1e3r(addr); } else if (el == 2U) { @@ -185,7 +184,8 @@ return; } - if (fr->return_addr != link_register) { + call_site = extract_address(fr->return_addr); + if (call_site != link_register) { printf("ERROR: Corrupted stack (frame record address = %p)\n", fr); return; @@ -207,16 +207,9 @@ * call was made is the instruction before the return address, * which is always 4 bytes before it. */ - call_site = fr->return_addr - 4U; -#if ENABLE_PAUTH - /* - * When pointer authentication is enabled, the LR value saved on - * the stack contains a PAC. It must be stripped to retrieve the - * return address. - */ - xpaci(call_site); -#endif + call_site = extract_address(fr->return_addr) - 4U; + /* * If the address is invalid it means that the frame record is * probably corrupted.
diff --git a/common/bl_common.c b/common/bl_common.c index 9bfaafd..8fce02f 100644 --- a/common/bl_common.c +++ b/common/bl_common.c
@@ -269,3 +269,12 @@ #endif #undef PRINT_IMAGE_ARG } + +/* + * This function is for returning the TF-A version + */ +const char *get_version(void) +{ + extern const char version[]; + return version; +}
diff --git a/common/fdt_fixup.c b/common/fdt_fixup.c index b1d628c..1bad74f 100644 --- a/common/fdt_fixup.c +++ b/common/fdt_fixup.c
@@ -583,3 +583,44 @@ (ac + sc + ac) * 4, val, sc * 4); } +/** + * fdt_set_mac_address () - store MAC address in device tree + * @dtb: pointer to the device tree blob in memory + * @eth_idx: number of Ethernet interface in /aliases node + * @mac_addr: pointer to 6 byte MAC address to store + * + * Use the generic local-mac-address property in a network device DT node + * to define the MAC address this device should be using. Many platform + * network devices lack device-specific non-volatile storage to hold this + * address, and leave it up to firmware to find and store a unique MAC + * address in the DT. + * The MAC address could be read from some board or firmware defined storage, + * or could be derived from some other unique property like a serial number. + * + * Return: 0 on success, a negative libfdt error value otherwise. + */ +int fdt_set_mac_address(void *dtb, unsigned int ethernet_idx, + const uint8_t *mac_addr) +{ + char eth_alias[12]; + const char *path; + int node; + + if (ethernet_idx > 9U) { + return -FDT_ERR_BADVALUE; + } + snprintf(eth_alias, sizeof(eth_alias), "ethernet%d", ethernet_idx); + + path = fdt_get_alias(dtb, eth_alias); + if (path == NULL) { + return -FDT_ERR_NOTFOUND; + } + + node = fdt_path_offset(dtb, path); + if (node < 0) { + ERROR("Path \"%s\" not found in DT: %d\n", path, node); + return node; + } + + return fdt_setprop(dtb, node, "local-mac-address", mac_addr, 6); +}
diff --git a/common/feat_detect.c b/common/feat_detect.c index 8f98876..ee34588 100644 --- a/common/feat_detect.c +++ b/common/feat_detect.c
@@ -234,6 +234,36 @@ #endif } +/****************************************************** + * Feature : FEAT_BRBE (Branch Record Buffer Extension) + *****************************************************/ +static void read_feat_brbe(void) +{ +#if (ENABLE_BRBE_FOR_NS == FEAT_STATE_1) + feat_detect_panic(is_feat_brbe_present(), "BRBE"); +#endif +} + +/****************************************************** + * Feature : FEAT_TRBE (Trace Buffer Extension) + *****************************************************/ +static void read_feat_trbe(void) +{ +#if (ENABLE_TRBE_FOR_NS == FEAT_STATE_1) + feat_detect_panic(is_feat_trbe_present(), "TRBE"); +#endif +} + +/****************************************************************** + * Feature : FEAT_RNG_TRAP (Trapping support for RNDR/RNDRRS) + *****************************************************************/ +static void read_feat_rng_trap(void) +{ +#if (ENABLE_FEAT_RNG_TRAP == FEAT_STATE_1) + feat_detect_panic(is_feat_rng_trap_present(), "RNG_TRAP"); +#endif +} + /*********************************************************************************** * TF-A supports many Arm architectural features starting from arch version * (8.0 till 8.7+). These features are mostly enabled through build flags. This @@ -284,6 +314,7 @@ read_feat_mte(); read_feat_rng(); read_feat_bti(); + read_feat_rng_trap(); /* v8.6 features */ read_feat_amuv1p1(); @@ -294,6 +325,10 @@ /* v8.7 features */ read_feat_hcx(); + /* v9.0 features */ + read_feat_brbe(); + read_feat_trbe(); + /* v9.2 features */ read_feat_rme(); }
diff --git a/docs/about/features.rst b/docs/about/features.rst index 4b7fbe5..cb8b552 100644 --- a/docs/about/features.rst +++ b/docs/about/features.rst
@@ -46,8 +46,8 @@ - A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP interaction with PSCI. -- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_ - and `Trusty Secure OS`_. +- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_, + `Trusty Secure OS`_ and `ProvenCore Secure OS`_. - A Trusted Board Boot implementation, conforming to all mandatory TBBR requirements. This includes image authentication, Firmware Update (or @@ -121,6 +121,7 @@ .. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os .. _NVIDIA Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary .. _Trusty Secure OS: https://source.android.com/security/trusty +.. _ProvenCore Secure OS: https://provenrun.com/products/provencore/ --------------
diff --git a/docs/about/index.rst b/docs/about/index.rst index 3a10266..06973ef 100644 --- a/docs/about/index.rst +++ b/docs/about/index.rst
@@ -4,7 +4,6 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: features release-information
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst index 871afe3..9a2ae73 100644 --- a/docs/about/maintainers.rst +++ b/docs/about/maintainers.rst
@@ -48,7 +48,20 @@ :|G|: `madhukar-Arm`_ :|M|: Raghu Krishnamurthy <raghu.ncstate@icloud.com> :|G|: `raghuncstate`_ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ +LTS Maintainers +--------------- + +:|M|: Bipin Ravi <bipin.ravi@arm.com> +:|G|: `bipinravi-arm`_ +:|M|: Joanna Farley <joanna.farley@arm.com> +:|G|: `joannafarley-arm`_ +:|M|: Okash Khawaja <okash@google.com> +:|G|: `bytefire`_ +:|M|: Varun Wadekar <vwadekar@nvidia.com> +:|G|: `vwadekar`_ .. _code owners: @@ -65,26 +78,26 @@ Build Definitions for CMake Build System ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com> -:|G|: `javieralso-arm`_ :|M|: Chris Kay <chris.kay@arm.com> :|G|: `CJKay`_ :|F|: / Software Delegated Exception Interface (SDEI) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Mark Dykes <mark.dykes@arm.com> -:|G|: `mardyk01`_ +:|M|: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com> +:|G|: `jayanthchidanand-arm`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ :|F|: services/std_svc/sdei/ Trusted Boot ^^^^^^^^^^^^ :|M|: Sandrine Bailleux <sandrine.bailleux@arm.com> :|G|: `sandrine-bailleux-arm`_ -:|M|: Manish Pandey <manish.pandey2@arm.com> -:|G|: `manish-pandey-arm`_ :|M|: Manish Badarkhe <manish.badarkhe@arm.com> :|G|: `ManishVB-Arm`_ +:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com> +:|G|: `laurenw-arm`_ :|F|: drivers/auth/ Secure Partition Manager Core (EL3 FF-A SPMC) @@ -97,28 +110,34 @@ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ :|M|: Olivier Deprez <olivier.deprez@arm.com> :|G|: `odeprez`_ -:|M|: Manish Pandey <manish.pandey2@arm.com> -:|G|: `manish-pandey-arm`_ -:|M|: Maksims Svecovs <maksims.svecovs@arm.com> -:|G|: `max-shvetsov`_ :|M|: Joao Alves <Joao.Alves@arm.com> :|G|: `J-Alves`_ :|F|: services/std_svc/spmd/\* Exception Handling Framework (EHF) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Manish Badarkhe <manish.badarkhe@arm.com> -:|G|: `ManishVB-Arm`_ +:|M|: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com> +:|G|: `jayanthchidanand-arm`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ :|F|: bl31/ehf.c +Realm Management Monitor Dispatcher (RMMD) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +:|M|: Javier Almansa Sobrino <javier.almansasobrino@arm.com> +:|G|: `javieralso-arm`_ +:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com> +:|G|: `AlexeiFedorov`_ +:|F|: services/std_svc/rmmd/\* +:|F|: include/services/rmmd_svc.h +:|F|: include/services/rmm_core_manifest.h + Realm Management Extension (RME) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Bipin Ravi <bipin.ravi@arm.com> -:|G|: `bipinravi-arm`_ -:|M|: Mark Dykes <mark.dykes@arm.com> -:|G|: `mardyk01`_ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ +:|M|: Javier Almansa Sobrino <javier.almansasobrino@arm.com> +:|G|: `javieralso-arm`_ +:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com> +:|G|: `AlexeiFedorov`_ Drivers, Libraries and Framework Code ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -152,25 +171,35 @@ :|F|: include/drivers/ufs.h :|F|: include/drivers/synopsys/dw_mmc.h +Arm® Ethos™-N NPU driver +^^^^^^^^^^^^^^^^^^^^^^^^ +:|M|: Joshua Slater <joshua.slater@arm.com> +:|G|: `jslater8`_ +:|M|: Mikael Olsson <mikael.olsson@arm.com> +:|G|: `mikaelolsson-arm`_ +:|F|: drivers/arm/ethosn/ +:|F|: include/drivers/arm/ethosn.h +:|F|: plat/arm/common/fconf/fconf_ethosn_getter.c +:|F|: include/plat/arm/common/fconf_ethosn_getter.h +:|F|: fdts/juno-ethosn.dtsi + JTAG DCC console driver ^^^^^^^^^^^^^^^^^^^^^^^ -:M: Michal Simek <michal.simek@xilinx.com> +:M: Michal Simek <michal.simek@amd.com> :G: `michalsimek`_ -:M: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com> +:M: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com> :G: `venkatesh`_ :F: drivers/arm/dcc/ :F: include/drivers/arm/dcc.h Power State Coordination Interface (PSCI) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com> -:|G|: `javieralso-arm`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ :|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com> :|G|: `madhukar-Arm`_ :|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com> :|G|: `laurenw-arm`_ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ :|F|: lib/psci/ DebugFS @@ -195,18 +224,27 @@ :|G|: `J-Alves`_ :|F|: lib/pmf/ +Errata Management +^^^^^^^^^^^^^^^^^ +:|M|: Bipin Ravi <bipin.ravi@arm.com> +:|G|: `bipinravi-arm`_ +:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com> +:|G|: `laurenw-arm`_ + Arm CPU libraries ^^^^^^^^^^^^^^^^^ +:|M|: Bipin Ravi <bipin.ravi@arm.com> +:|G|: `bipinravi-arm`_ :|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com> :|G|: `laurenw-arm`_ :|F|: lib/cpus/ Reliability Availability Serviceabilty (RAS) framework ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Olivier Deprez <olivier.deprez@arm.com> -:|G|: `odeprez`_ :|M|: Manish Pandey <manish.pandey2@arm.com> :|G|: `manish-pandey-arm`_ +:|M|: Olivier Deprez <olivier.deprez@arm.com> +:|G|: `odeprez`_ :|F|: lib/extensions/ras/ Activity Monitors Unit (AMU) extensions @@ -219,28 +257,28 @@ Memory Partitioning And Monitoring (MPAM) extensions ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ :|F|: lib/extensions/mpam/ Pointer Authentication (PAuth) and Branch Target Identification (BTI) extensions ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ :|M|: Alexei Fedorov <Alexei.Fedorov@arm.com> :|G|: `AlexeiFedorov`_ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ :|F|: lib/extensions/pauth/ Statistical Profiling Extension (SPE) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ :|F|: lib/extensions/spe/ Standard C library ^^^^^^^^^^^^^^^^^^ -:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com> -:|G|: `AlexeiFedorov`_ +:|M|: Chris Kay <chris.kay@arm.com> +:|G|: `CJKay`_ +:|M|: Madhukar Pappireddy <Madhukar.Pappireddy@arm.com> +:|G|: `madhukar-Arm`_ :|F|: lib/libc/ Library At ROM (ROMlib) @@ -251,8 +289,8 @@ Translation tables (``xlat_tables``) library ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com> -:|G|: `javieralso-arm`_ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ :|M|: Joao Alves <Joao.Alves@arm.com> :|G|: `J-Alves`_ :|F|: lib/xlat\_tables_\*/ @@ -309,17 +347,23 @@ Measured Boot ^^^^^^^^^^^^^ -:|M|: Alexei Fedorov <Alexei.Fedorov@arm.com> -:|G|: `AlexeiFedorov`_ -:|M|: Javier Almansa Sobrino <Javier.AlmansaSobrino@arm.com> -:|G|: `javieralso-arm`_ :|M|: Sandrine Bailleux <sandrine.bailleux@arm.com> :|G|: `sandrine-bailleux-arm`_ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ :|F|: drivers/measured_boot :|F|: include/drivers/measured_boot :|F|: docs/components/measured_boot :|F|: plat/arm/board/fvp/fvp\*_measured_boot.c +DRTM +^^^^ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ +:|M|: Manish Pandey <manish.pandey2@arm.com> +:|G|: `manish-pandey-arm`_ +:|F|: services/std_svc/drtm + PSA Firmware Update ^^^^^^^^^^^^^^^^^^^ :|M|: Manish Badarkhe <manish.badarkhe@arm.com> @@ -354,8 +398,10 @@ Granule Protection Tables Library (GPT-RME) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Mark Dykes <mark.dykes@arm.com> -:|G|: `mardyk01`_ +:|M|: Soby Mathew <soby.mathew@arm.com> +:|G|: `soby-mathew`_ +:|M|: Javier Almansa Sobrino <javier.almansasobrino@arm.com> +:|G|: `javieralso-arm`_ :|F|: lib/gpt_rme :|F|: include/lib/gpt_rme @@ -460,10 +506,8 @@ Arm Total Compute platform port ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -:|M|: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> -:|G|: `arugan02`_ -:|M|: Usama Arif <usama.arif@arm.com> -:|G|: `uarif1`_ +:|M|: Anders Dellien <anders.dellien@arm.com> +:|G|: `andersdellien-arm`_ :|F|: plat/arm/board/tc HiSilicon HiKey and HiKey960 platform ports @@ -611,6 +655,8 @@ :|G|: `lachitp`_ :|M|: Sreevyshanavi Kare <skare@codeaurora.org> :|G|: `sreekare`_ +:|M|: Muhammad Arsath K F <quic_mkf@quicinc.com> +:|G|: `quic_mkf`_ :|M|: QTI TF Maintainers <qti.trustedfirmware.maintainers@codeaurora.org> :|F|: docs/plat/qti.rst :|F|: plat/qti/ @@ -717,11 +763,11 @@ Xilinx platform port ^^^^^^^^^^^^^^^^^^^^ -:|M|: Michal Simek <michal.simek@xilinx.com> +:|M|: Michal Simek <michal.simek@amd.com> :|G|: `michalsimek`_ -:|M|: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com> +:|M|: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com> :|G|: `venkatesh`_ -:|F|: docs/plat/xilinx-zynqmp.rst +:|F|: docs/plat/xilinx\* :|F|: plat/xilinx/ @@ -762,11 +808,20 @@ :|F|: bl32/tsp/ :|F|: services/spd/tspd/ +ProvenCore Secure Payload Dispatcher +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +:|M|: Jérémie Corbier <jeremie.corbier@provenrun.com> +:|G|: `jcorbier`_ +:|F|: docs/components/spd/pnc-dispatcher.rst +:|F|: services/spd/pncd/ + Tools ~~~~~ Fiptool ^^^^^^^ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ :|M|: Joao Alves <Joao.Alves@arm.com> :|G|: `J-Alves`_ :|F|: tools/fiptool/ @@ -775,6 +830,10 @@ ^^^^^^^^^^^^^^^^ :|M|: Sandrine Bailleux <sandrine.bailleux@arm.com> :|G|: `sandrine-bailleux-arm`_ +:|M|: Manish Badarkhe <manish.badarkhe@arm.com> +:|G|: `ManishVB-Arm`_ +:|M|: Lauren Wehrmeister <Lauren.Wehrmeister@arm.com> +:|G|: `laurenw-arm`_ :|F|: tools/cert_create/ Encrypt_fw tool @@ -793,6 +852,8 @@ Build system ^^^^^^^^^^^^ +:|M|: Chris Kay <chris.kay@arm.com> +:|G|: `CJKay`_ :|M|: Manish Pandey <manish.pandey2@arm.com> :|G|: `manish-pandey-arm`_ :|F|: Makefile @@ -800,8 +861,6 @@ Threat Model ~~~~~~~~~~~~~ -:|M|: Zelalem Aweke <Zelalem.Aweke@arm.com> -:|G|: `zelalem-aweke`_ :|M|: Sandrine Bailleux <sandrine.bailleux@arm.com> :|G|: `sandrine-bailleux-arm`_ :|M|: Joanna Farley <joanna.farley@arm.com> @@ -819,6 +878,7 @@ :|F|: tools/conventional-changelog-tf-a .. _AlexeiFedorov: https://github.com/AlexeiFedorov +.. _andersdellien-arm: https://github.com/andersdellien-arm .. _Andre-ARM: https://github.com/Andre-ARM .. _Anson-Huang: https://github.com/Anson-Huang .. _bijucdas: https://github.com/bijucdas @@ -832,7 +892,9 @@ .. _grandpaul: https://github.com/grandpaul .. _hzhuang1: https://github.com/hzhuang1 .. _JackyBai: https://github.com/JackyBai +.. _jcorbier: https://github.com/jcorbier .. _jenswi-linaro: https://github.com/jenswi-linaro +.. _jslater8: https://github.com/jslater8 .. _jwerner-chromium: https://github.com/jwerner-chromium .. _kostapr: https://github.com/kostapr .. _lachitp: https://github.com/lachitp @@ -840,6 +902,7 @@ .. _marex: https://github.com/marex .. _masahir0y: https://github.com/masahir0y .. _michalsimek: https://github.com/michalsimek +.. _mikaelolsson-arm: https://github.com/mikaelolsson-arm .. _mmind: https://github.com/mmind .. _MrVan: https://github.com/MrVan .. _mtk-rex-bc-chen: https://github.com/mtk-rex-bc-chen @@ -847,6 +910,7 @@ .. _niej: https://github.com/niej .. _npoushin: https://github.com/npoushin .. _prabhakarlad: https://github.com/prabhakarlad +.. _quic_mkf: https://github.com/quicmkf .. _remi-triplefault: https://github.com/repk .. _rockchip-linux: https://github.com/rockchip-linux .. _sandrine-bailleux-arm: https://github.com/sandrine-bailleux-arm @@ -873,7 +937,6 @@ .. _max-shvetsov: https://github.com/max-shvetsov .. _javieralso-arm: https://github.com/javieralso-arm .. _laurenw-arm: https://github.com/laurenw-arm -.. _zelalem-aweke: https://github.com/zelalem-aweke .. _J-Alves: https://github.com/J-Alves .. _madhukar-Arm: https://github.com/madhukar-Arm .. _raghuncstate: https://github.com/raghuncstate @@ -891,5 +954,7 @@ .. _arve-android: https://github.com/arve-android .. _marcone: https://github.com/marcone .. _marcbonnici: https://github.com/marcbonnici +.. _jayanthchidanand-arm: https://github.com/jayanthchidanand-arm +.. _bytefire: https://github.com/bytefire .. _Project Maintenance Process: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
diff --git a/docs/about/release-information.rst b/docs/about/release-information.rst index e9eaa80..dead4f7 100644 --- a/docs/about/release-information.rst +++ b/docs/about/release-information.rst
@@ -52,22 +52,27 @@ +-----------------+---------------------------+------------------------------+ | v2.8 | 5th week of Nov '22 | 3rd week of Nov '22 | +-----------------+---------------------------+------------------------------+ +| v2.9 | 1st week of May '23 | 3rd week of Apr '23 | ++-----------------+---------------------------+------------------------------+ Removal of Deprecated Interfaces -------------------------------- -As mentioned in the :ref:`Platform Compatibility Policy`, this is a live -document cataloging all the deprecated interfaces in TF-A project and the -Release version after which it will be removed. +As mentioned in the :ref:`Platform Ports Policy`, this is a live document +cataloging all the deprecated interfaces in TF-A project and the Release version +after which it will be removed. +--------------------------------+-------------+---------+---------------------------------------------------------+ | Interface | Deprecation | Removed | Comments | | | Date | after | | | | | Release | | +================================+=============+=========+=========================================================+ -| STM32MP_USE_STM32IMAGE macro | Dec '21 | 2.7 | FIP is the recommended boot method for STM32MP | +| plat_convert_pk() function | Nov'22 | Next | Platform conversion to manage specific PK hash | +| | | release | | +| | | after | | +| | | 2.8 | | +--------------------------------+-------------+---------+---------------------------------------------------------+ -------------- -*Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/change-log.md b/docs/change-log.md index 1a65700..bb05afb 100644 --- a/docs/change-log.md +++ b/docs/change-log.md
@@ -3,7 +3,921 @@ This document contains a summary of the new features, changes, fixes and known issues in each release of Trusted Firmware-A. -## [2.7.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.6.0..refs/tags/v2.7.0) (2022-05-20) +## [2.8.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.7.0..refs/tags/v2.8.0) (2022-11-15) + +### âš BREAKING CHANGES + +- **Drivers** + + - **Arm** + + - **Ethos-N** + + - add support for SMMU streams + + **See:** add support for SMMU streams ([b139f1c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b139f1cf975f9968eb8bd1182a173b976ecf06f9)) + +### New Features + +- **Architecture** + + - pass SMCCCv1.3 SVE hint bit to dispatchers ([0fe7b9f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0fe7b9f2bcdf754c483399c841e5f0ec71e53ef3)) + + - **Branch Record Buffer Extension (FEAT_BRBE)** + + - add brbe under feature detection mechanism ([1298f2f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1298f2f13d6d97dfcac120a2ee68d5eea3797068)) + + - **Confidential Compute Architecture (CCA)** + + - introduce new "cca" chain of trust ([56b741d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/56b741d3e41cd6b2f6863a372a9489c819e2b0e9)) + + - **Pointer Authentication Extension** + + - add/modify helpers to support QARMA3 ([9ff5f75](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9ff5f754aea00d0e86ba5191839fc0faef949fe0)) + + - **Trapping support for RNDR/RNDRRS (FEAT_RNG_TRAP)** + + - add EL3 support for FEAT_RNG_TRAP ([ff86e0b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ff86e0b4e6c34d28b8642dd8eb9cbdd517bad195)) + + - **Scalable Matrix Extension (FEAT_SME)** + + - fall back to SVE if SME is not there ([26a3351](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/26a3351edab1501d7e19ae96540c34b2700ac32f)) + + - **Scalable Vector Extension (FEAT_SVE)** + + - support full SVE vector length ([bebcf27](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bebcf27f1c75f48cc129e8608cba113d0db32ef8)) + + - **Trace Buffer Extension (FEAT_TRBE)** + + - add trbe under feature detection mechanism ([47c681b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/47c681b7d7f03e77f6cdd7b5d116ae64671ab8ca)) + +- **Platforms** + + - **Arm** + + - add support for cca CoT ([f242379](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f24237921e3fa61e64fa1ec845e14e2748d04a2b)) + - forbid running RME-enlightened BL31 from DRAM ([1164a59](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1164a59cb16a9bbc672fa6d07895bc6fa0361bcb)) + - provide some swd rotpk files ([98662a7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/98662a73c903b06f53c9f9da6a9404187fc10352)) + - retrieve the right ROTPK for cca ([50b4497](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/50b449776df11cac06347e8ef1af5dae701a0e3a)) + + - **CSS** + + - add interrupt handler for reboot request ([f1fe144](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f1fe1440db197d514b5484e780cfb90f504c62b9)) + - add per-cpu power down support for warm reset ([158ed58](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/158ed580bdf5736abfa9f16f61be1ca1609e0e41)) + + - **FVP** + + - add example manifest for TSP ([3cf080e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3cf080ed61e90668f0c44ca7f577e51c081e5c7c)) + - add crypto support in BL31 ([c9bd1ba](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c9bd1bacffd9697ec4ebac77e45588cf6c261a3b)) + - add plat API to set and get the DRTM error ([586f60c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/586f60cc571f0f3b6d20eb5033717e9b0cc66af4)) + - add plat API to validate that passed region is non-secure ([d5f225d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d5f225d95d3dc7473340ffebfcb9068b54f91a17)) + - add platform hooks for DRTM DMA protection ([d72c486](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d72c486b52dc654e4216d41dcc1b0f87bdbdf3e9)) + - build delegated attestation in BL31 ([0271edd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0271eddb0c00b01033bf651f0eeaf659c0c2dd39)) + - dts: drop 32-bit .dts files ([b920330](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b92033075aa27031091e184b54f4dc278ecb27bc)) + - fdts: update rtsm_ve DT files from the Linux kernel ([2716bd3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2716bd33e318821c373b3d4dce88110a340a740d)) + - increase BL31's stack size for DRTM support ([44df105](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44df105ff867aeb2aa5d20faa3e8389866099956)) + - increase MAX_XLAT_TABLES entries for DRTM support ([8a8dace](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a8dace5a5cd3a51d67df3cea86628f29cc96013)) + - support building RSS comms driver ([29e6fc5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/29e6fc5cc7d0c8bc4ba615fd97df4cb65d3c7ba3)) + + - **RD** + + - **RD-N2** + + - add a new 'isolated-cpu-list' property ([afa4157](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/afa41571b856509c25c66c331737b895144b681b)) + - add SPI ID ranges for RD-N2 multichip platform ([9f0835e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9f0835e9156f13b56336a47a4b51e90719a852ff)) + - enable extended SPI support ([108488f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/108488f9ac026f036c0de2b824b339a30f9a0cbb)) + + - **SGI** + + - increase memory reserved for bl31 image ([a62cc91](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a62cc91aeedbdcfb3396983ed165eb35b8d4c3fa)) + - read isolated cpu mpid list from sds ([4243ef4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4243ef41d480fd8e870f74defe263156a6c02c8d)) + - add page table translation entry for secure uart ([2a7e080](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2a7e080cc50be5739afcfb3b7db59e4d610a7d53)) + - bump bl1 rw size ([94df8da](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/94df8da3ab520330b2e7d276603f33e284c27b3f)) + - configure SRAM and BL31 size for sgi platform ([8fd820f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8fd820ffb918ad8fdc1f2c72cc64dad5eaff77aa)) + - deviate from arm css common uart related definitions ([173674a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/173674ae428aa23e8f2a38d5542d0ea52eed7e80)) + - enable css implementation of warm reset ([18884c0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/18884c002e6c298f27d6e4792eab2c9f4d89bddb)) + - remove override for `ARM_BL31_IN_DRAM` build-option ([a371327](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a371327ba9fc2e1c5988ac1436b29c42aab8dfd8)) + - route TF-A logs via secure uart ([0601083](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0601083f0ce0045bd957c1343d2196be0887973b)) + + - **TC** + + - add MHU addresses for AP-RSS comms on TC2 ([6299c3a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6299c3a0f7c8220b0bf15723ec8995b72bf97677)) + - add RSS-AP message size macro ([445130b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/445130b127f411bdf4958fa10f292a930c9ae57d)) + - add RTC PL031 device tree node ([a816de5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a816de564f927ebb72ab7692b8b3f46073179310)) + - enable RSS backend based measured boot ([6cb5d32](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6cb5d3268fa41d15480c4e070a51577b333767fe)) + - increase maximum BL1/BL2/BL31 sizes ([e6c1316](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e6c131655fa168ffd1ae738a74ba25e5f850036c)) + - introduce TC2 platform ([eebd2c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/eebd2c3f61c90942fb186fa43fbb4c4a543d8b55)) + - move start address for BL1 to 0x1000 ([9335c28](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9335c28a019ee2d9ab7a0f9276b91415f3c9f1bc)) + + - **HiSilicon** + + - **HiKey960** + + - add a FF-A logical partition ([25a357f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/25a357f1932cf2b0d125dd98b82eeacad14005ea)) + - add memory sharing hooks for SPMC_AT_EL3 ([5f905a2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5f905a249839e9e20ebf44c22d95caaf3a2e5611)) + - add plat-defines for SPMC_AT_EL3 ([feebd4c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/feebd4c7a86b6f0fcc1eb5008ba5f7d44e75beaf)) + - add SP manifest for SPMC_AT_EL3 ([6971642](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6971642d23d0c5e33e507eb78b7c569045e2f85d)) + - define a datastore for SPMC_AT_EL3 ([e618c62](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e618c621b3ece7a0262ff9245027132982e6207c)) + - increase secure workspace to 64MB ([e0eea33](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e0eea337b32e37bbef9bad1310b96b9c0d86f7b9)) + - read serial number from UFS ([c371b83](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c371b83f0c5b503c21bd1b6092bc0230032329ce)) + - upgrade to xlat_tables_v2 ([6cfc807](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6cfc8078d032d278e09523e236ab5b36f69f2ec0)) + + - **MediaTek** + + - add more flexibility of mtk_pm.c ([6ca2046](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6ca2046ef15dcf19fbda5f12cbfe1004d340c969)) + - add more options for build helper ([5b95e43](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5b95e439c745dcf94899238b82826d8f1d32acbe)) + - add smcc call for MSDC ([4dbe24c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4dbe24cf7d2b04c552f394062f42c30fee7e26a6)) + - extend SiP vendor subscription events ([99d30b7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/99d30b72c02502731ecf116acfda44ee3c2c9e5e)) + - implement generic platform port ([394b920](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/394b92084d53e2bf8960731be7a79c999871f127)) + - introduce mtk init framework ([52035de](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/52035dee1ae7b0f2f0d5f16c734ca7a5cea127b7)) + - move dp drivers to common folder ([d150b62](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d150b6296e6960f2548b265b8b23e6cdb502d3b7)) + - move lpm drivers back to common ([cd7890d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cd7890d79e9d508e82f3078f02e8277f8c8df181)) + - move mtk_cirq.c drivers to cirq folder ([cc76896](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cc76896d9e416b15548b2d6bf068e5d3f9b4064a)) + - support coreboot BL31 loading ([ef988ae](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ef988aed9e09a4108b87decb14dee5f2d23230a4)) + + - **MT8186** + + - add EMI MPU support for SCP and DSP ([3d4b6f9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3d4b6f932444c7b0f70f8654b92193b294527056)) + + - **MT8188** + + - add armv8.2 support ([45711e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/45711e4e1614fbed75ea645777cc2bb11d4be96f)) + - add audio support ([c70f567](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c70f567ad75c30a990cb60c71b6c0b02538366fd)) + - add cpu_pm driver ([4fe7e6a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4fe7e6a8d9f09c40d087167432cb07621c175b3f)) + - add DCM driver ([bc9410e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bc9410e2376e0b6355ea6440aa90ad968fc5f3b3)) + - add DFD control in SiP service ([7079a94](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7079a942bd9705fd9e0cd220324f7dfd9c53dcad)) + - add display port control in SiP service ([a4e5023](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a4e502319d136d8854ef2ed4aaa6d5368541e551)) + - add EMI MPU basic drivers ([8454f0d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8454f0d65eeb85b72f454376faa0f7a15226e240)) + - add IOMMU enable control in SiP service ([be45724](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/be457248c6b0a7f3c61bd95af58372938d13decd)) + - add LPM driver support ([f604e4e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f604e4ef6e306c6d87e17e77e50a68aad0510110)) + - add MCUSYS support ([4cc1ff7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4cc1ff7ef2c3544ef1aabeb2973a2d8f7800776b)) + - add pinctrl support ([ec4cfb9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ec4cfb91fc197a024d1edb9fae5e9ce100e5b200)) + - add pmic and pwrap support ([e9310c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e9310c34b018944a6c29a8f408f0a34b43a0df6d)) + - add reset and poweroff functions ([a72b9e7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a72b9e7754a27e6ebccf79f0cc4fb7cc5a0a8a5e)) + - add RTC support ([af5d8e0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/af5d8e07955ddef9000c64de94deb2703e6ffcf0)) + - add support for PTP3 ([44a1051](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44a10511c9e5a66b3a33abba44856a7a5dc5e655)) + - apply ERRATA for CA-78 ([abb995a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/abb995abbe45874a397351cbb134ae32d4cc545b)) + - enable MTK_PUBEVENT_ENABLE ([0b1186a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0b1186a3e6fd6daffaef3f6cf59650bb9121191c)) + - initialize GIC ([cfb0516](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cfb0516f3cc36e3d0ec9b0bdabf1eb6ea2b275c1)) + - initialize platform for MediaTek MT8188 ([de310e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/de310e1e5f0b76b9de2b93759344540e0109c8eb)) + - initialize systimer ([215869c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/215869c693c136192505a004ec368f503f146505)) + + - **NXP** + + - **i.MX** + + - **i.MX 8M** + + - add dram retention flow for imx8m family ([c71793c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c71793c6476fa2828f866b8d7b272289f0d9a15c)) + - add support for high assurance boot ([720e7b6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/720e7b66f2353ef7ed32a8f85f8396fbc0766ffc)) + - add the anamix pll override setting ([66d399e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/66d399e454b160ce358346cfa9142a24d8493a41)) + - add the ddr frequency change support for imx8m family ([9c336f6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9c336f6118a94970f4045641a971fd1e24dba462)) + - add the PU power domain support on imx8mm/mn ([44dea54](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44dea5444b087acd758b1c8370999be635e17e43)) + - keep pu domains in default state during boot stage ([9d3249d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9d3249de8078e33b90193d8f91f4914acc36c6ec)) + - make psci common code pie compatible ([5d2d332](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5d2d3328db88846accd179c96d71bab79a150937)) + + - **i.MX 8M Nano** + + - add BL31 PIE support ([62d37a4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/62d37a4362456694bdae6d8921c2c7572a0d99a4)) + - add hab and map required memory blocks ([b5f06d3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b5f06d3dfad8c27bdf528b083ef919ce4022c52d)) + - enable dram retention suuport on imx8mn ([2003fa9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2003fa94dc9b9eda575ebfd686308c6f87c366f0)) + + - **i.MX 8M Mini** + + - add BL31 PIE support ([a8e6a2c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a8e6a2c83ce511dad88eb68f98a3191fa93564d4)) + - add hab and map required memory blocks ([5941f37](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5941f37288a5ceac495cbdbd3e3d02f1a3c55e0a)) + - enable dram retention suuport on imx8mm ([b7abf48](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b7abf485ee15c3e5b16522bb91dd6b0c24bfbfc0)) + + - **i.MX 8M Plus** + + - add BL31 PIE support ([7a443fe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7a443fefa4eaef65332a38c8189573b5b4b4a1e3)) + - add hab and map required memory blocks ([62a93aa](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/62a93aa7afcd022f06d322c36979f0aa02713beb)) + + - **i.MX 8Q** + + - add 100us delay after USB OTG SRC bit 0 clear ([66345b8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/66345b8b13dc32bcd9f6af3c04f60532e7d82858)) + + - **Layerscape** + + - **LS1043A** + + - **LS1043ARDB** + + - update ddr configure for ls1043ardb-pd ([18af644](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/18af644279b36e841068db0e1c857dedf1456b38)) + + - **QEMU** + + - increase size of bl31 ([0e6977e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e6977eee178a6436e4a7e1503ea854989316ff4)) + + - **QTI** + + - fix to support cpu errata ([6cc743c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6cc743cf0fa9b216f2af8ff87c716dcc0bb6f6a0)) + - updated soc version for sc7180 and sc7280 ([39fdd3d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/39fdd3d85d1165cd1b876288532000c5c6eb1ecb)) + + - **Socionext** + + - **Synquacer** + + - add BL2 support ([48ab390](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/48ab390444e1dabb669430ace9b8e5a80348eed0)) + - add FWU Multi Bank Update support ([a193825](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a19382521c583b3dde89df14678b011960097f6c)) + - add TBBR support ([19aaeea](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/19aaeea00bc4fba94af7aca508af878136930f4a)) + + - **ST** + + - add trace for early console ([00606df](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/00606df01201fcad509ea9ddff89d5f176bee793)) + - enable MMC_FLAG_SD_CMD6 for SD-cards ([53d5b8f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/53d5b8ff50d322f764b1f5a8c882b9ee1ba952c9)) + - properly manage early console ([5223d88](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5223d88032dcecb880d620e63bfa70799dc6cc1a)) + - search pinctrl node by compatible ([b14d3e2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b14d3e22b4964ce589d107e7fd68601bf070f44c)) + + - **STM32MP1** + + - add a check on TRUSTED_BOARD_BOOT with secure chip ([54007c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/54007c37d560dd170efa52a79feb206aefb90ed4)) + - add a stm32mp crypto library ([ad3e46a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ad3e46a35cb208e16adfe3d753214739583dca10)) + - add define for external scratch buffer for nand devices ([9ee2510](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9ee2510b62ef9428d767523ddb9c5a39b7a2b954)) + - add early console in SP_min ([14a0704](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/14a070408d9231dc1c487dfe36058b93faf5915c)) + - add plat_report_*_abort functions ([0423868](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0423868373026a667f0c004e4d365fa12fd734ef)) + - add RNG initialization in BL2 for STM32MP13 ([2742374](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2742374414c5891ac37fd4d42ba62c3cff1474c6)) + - add the decryption support ([cd79116](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cd791164a9ad2f42d25d24012715bbe763b41e1c)) + - add the platform specific build for tools ([461d631](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/461d631acae9daec77c9668216280cbf66240249)) + - add the TRUSTED_BOARD_BOOT support ([beb625f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/beb625f90bfd1858b9d413cae67457e57c79a118)) + - allow to override MTD base offset ([e0bbc19](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e0bbc190d500e53ee0566af85639d3cdbbe7177d)) + - configure the serial boot load address ([4b2f23e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4b2f23e55f27b6baccf3e858234e69685d51fcf4)) + - extend STM32MP_EMMC_BOOT support to FIP format ([95e4908](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/95e4908e17fbb44aed1f8612fefdd6d21fef8f49)) + - manage second NAND OTP on STM32MP13 ([d3434dc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d3434dca0b3acb902fe3a6cf39065ba917f69b1c)) + - manage STM32MP13 rev.Y ([a3f97f6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a3f97f66c36e987a6617f1f39c3b9e64b763212c)) + - optionally use paged OP-TEE ([c4dbcb8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c4dbcb885201c89a44df203661af007945782993)) + - remove unused function from boot API ([f30034a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f30034a298a8d7260464cbcf2d2306bff533d6dd)) + - retrieve FIP partition by type UUID ([1dab28f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1dab28f99dfa03dc11538056a90f00f37bfb1085)) + - save boot auth status and partition info ([ab2b325](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ab2b325c1ab895e626d4e11a9f26b9e7c968f8d8)) + - update ROM code API for header v2 management ([89c0774](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/89c07747d0396b92c83af8736ff49ef8c09bc176)) + + - **STM32MP13** + + - change BL33 memory mapping ([10f6dc7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/10f6dc789350ed5915a474b2d411890261b741ae)) + + - **STM32MP15** + + - manage OP-TEE shared memory ([722ca35](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/722ca35ecc1c5de8682ca8df315a6369d0c21946)) + + - **Texas Instruments** + + - **K3** + + - add support for J784S4 SoCs ([4a566b2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a566b26ae6135d4c13deab9d3f1c40c1cb8960a)) + + - **Xilinx** + + - **Versal** + + - add infrastructure to handle multiple interrupts ([e497421](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e497421d7f1e13d15313d1ca71a8e91f370cce1e)) + - get the handoff params using IPI ([205c7ad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/205c7ad4cd73e5c091b03f23a3a3be74da5c8aea)) + - resolve the misra 10.1 warnings ([b86e1aa](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b86e1aade1c0953bd60ae0b35f1c3571ee8bae3f)) + - update macro name to generic and move to common place ([f99306d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f99306d49ba074279c5402a0a34e6bc9797d77de)) + + - **Versal NET** + + - add support for QEMU COSIM platform ([6a079ef](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6a079efd909b459448f561618df24fa94038dbad)) + - add documentation for Versal NET SoC ([4efdc48](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4efdc488961502033262613b6f20abcee68bbf84)) + - add SMP support for Versal NET ([8529c76](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8529c7694f8d614e76dcc80b394ec8a6751df44c)) + - add support for IPI ([0bf622d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0bf622de68cd353a8406f76647b6afd8791d675d)) + - add support for platform management ([0654ab7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0654ab7f75449307c79789e12be7aab2338edcc3)) + - add support for Xilinx Versal NET platform ([1d333e6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1d333e69091f0c71854a224e8cfec08695b7d1f3)) + + - **ZynqMP** + + - optimization on pinctrl_functions ([314f9f7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/314f9f7957fbab12dc8d073cf054b99520372e0e)) + - add support for ProvenCore ([358aa6b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/358aa6b21118ae4eedf816f663aa950b58f7fd4e)) + - add support for xck24 silicon ([86869f9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/86869f99d0c144ed18fb947866554a4a56b67741)) + - protect eFuses from non-secure access ([d0b7286](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d0b7286e48f0a34e7e9a8db3948caf1809193430)) + - resolve the misra 10.1 warnings ([bfd7c88](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bfd7c881905702082e3c2a56d5228ccf5fe98f11)) + +- **Bootloader Images** + + - add interface to query TF-A semantic ver ([dddf428](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dddf4283b043ad0a81d27bd5bb2f0c647c511e11)) + + - **BL32** + + - **TSP** + + - add FF-A support to the TSP ([4a8bfdb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a8bfdb90956ecec02ba5e189fe5452817a65179)) + - add ffa_helpers to enable more FF-A functionality ([e9b1f30](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e9b1f300a974a7e82190b95899c3128b73088488)) + - enable test cases for EL3 SPMC ([15ca1ee](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/15ca1ee342a4dcd8a73a4ae158d245cd4266c832)) + - increase stack size for tsp ([5b7bd2a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5b7bd2af0b2972dfffeaa674947c0082d6b5126b)) + +- **Services** + + - add a SPD for ProvenCore ([b0980e5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b0980e584398fc5adc908cd68f1a6deefa943d29)) + + - **RME** + + - **RMMD** + + - add support for RMM Boot interface ([8c980a4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8c980a4a468aeabb9e49875fec395c625a0c2b2b)) + - add support to create a boot manifest ([1d0ca40](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1d0ca40e9084903d21e570bb312646626aaf574b)) + + - **SPM** + + - add tpm event log node to spmc manifest ([054f0fe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/054f0fe1361ba0cb339fb0902470988a82a24cf7)) + + - **SPMD** + + - avoid spoofing in FF-A direct request ([5519f07](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5519f07cd46a4139615a3e8f5e57d1834b23a6f8)) + + - **DRTM** + + - add a few DRTM DMA protection APIs ([2b13a98](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2b13a985994213f766ada197427f96e064f1b59b)) + - add DRTM parameters structure version check ([c503ded](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c503ded2c5d9ceec9fba4cc0901805307a14af3d)) + - add Event Log driver support for DRTM ([4081426](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/40814266d53b7154daf5d212de481b397db43823)) + - add PCR entries for DRTM ([ff1e42e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ff1e42e20aa247ba11cf81742abff07ece376ba8)) + - add platform functions for DRTM ([2a1cdee](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2a1cdee4f5e6fe0b90399e442075880acad1869e)) + - add remediation driver support in DRTM ([1436e37](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1436e37dcb894a539a22da48a34ef01566ae728b)) + - add standard DRTM service ([e62748e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e62748e3f1f16934f0ef2d5742f3ca0b125eaea2)) + - check drtm arguments during dynamic launch ([40e1fad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/40e1fad69b9f28ab5e57cea33261bf629b05519c)) + - ensure that no SDEI event registered during dynamic launch ([b1392f4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b1392f429cdd368ea2b8e183a1ac0fb31deaf694)) + - ensure that passed region lies within Non-Secure region of DRAM ([764aa95](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/764aa951b2ca451694c74791964a712d423d8206)) + - flush dcache before DLME launch ([67471e7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/67471e75b3cf48c361e71894a666bce4395bbb35)) + - introduce drtm dynamic launch function ([bd6cc0b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bd6cc0b2388c52f2b232427be61ff52c042d724a)) + - invalidate icache before DLME launch ([2c26597](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2c265975a76977c6373636f5f28e114d1b73e10e)) + - prepare DLME data for DLME launch ([d42119c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d42119cc294fbca2afc263fe5e44538a0ca5e7b8)) + - prepare EL state during dynamic launch ([d1747e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d1747e1b8e617ad024456791ce0ab8950bb282ca)) + - retrieve DRTM features ([e9467af](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e9467afb2d483ccec8f816902624d848e8f21d86)) + - take DRTM components measurements before DLME launch ([2090e55](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2090e55283c4bf85c7a61735ca0e872745c55896)) + - update drtm setup function ([d54792b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d54792bd93f76b943bf0559c8373b898e0e3b93c)) + +- **Libraries** + + - **CPU Support** + + - add library support for Hunter ELP ([8c87bec](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8c87becbc64f2e233ac905aa006d5e15a63a9a8b)) + - add a64fx cpu to tf-a ([74ec90e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/74ec90e69bbd0e932a61f5461eedc4abd1b99d44)) + - make cache ops conditional ([04c7303](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/04c7303b9c3d2215eebc3d59431519990abe03d0)) + - remove plat_can_cmo check for aarch32 ([92f8be8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/92f8be8fd1e77be67e9c9711afa8705204758304)) + - update doc and check for plat_can_cmo ([a2e0123](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a2e0123484e62df8ed9f2943dbd158471bf31221)) + + - **OP-TEE** + + - check paged_image_info ([c0a11cd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c0a11cd8698394e1d3d3d7c9cedb19846ba59223)) + + - **PSCI** + + - add a helper function to ensure that non-boot PEs are offline ([ce14a12](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ce14a12f8b8f02b7221f37c7c4b46f909c1a4346)) + + - **C Standard Library** + + - introduce __maybe_unused ([351f9cd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/351f9cd8897fd3ea52db2421721a152494b16328)) + + - **PSA** + + - add delegated attestation partition API ([4b09ffe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4b09ffef49663ebc8c8f5c3da19636208fe2fa06)) + - remove initial attestation partition API ([420deb5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/420deb5a0dbbd35962e5449f82434c703e7a1179)) + +- **Drivers** + + - **Authentication** + + - allow to verify PublicKey with platform format PK ([40f9f64](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/40f9f644e8af34e745dbaec73d7128c0a4902e54)) + - enable MBEDTLS_CHECK_RETURN_WARNING ([a4e485d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a4e485d7bf1c428d64e90e9821e4b1a109d10626)) + + - **Crypto** + + - update crypto module for DRTM support ([e43caf3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e43caf3890817e91b3d35b5ae1149a208f1a4016)) + + - **mbedTLS** + + - update mbedTLS driver for DRTM support ([8b65390](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8b653909b7e2371c6dcddbeac112b9671c886f34)) + + - **I/O** + + - **MTD** + + - add platform function to allow using external buffer ([f29c070](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f29c0702d2e7a67327b67766f91793d8ae6d0f73)) + + - **MMC** + + - get boot partition size ([f462c12](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f462c1249ac41f43423011bb12ace38cbeb0af4c)) + - manage SD Switch Function for high speed mode ([e5b267b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e5b267bba14c55e7906d120c52d4e8e8bbb68df6)) + + - **MTD** + + - add platform function to allow using external buffer ([f29c070](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f29c0702d2e7a67327b67766f91793d8ae6d0f73)) + + - **GUID Partition Tables Support** + + - allow to find partition by type UUID ([564f5d4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/564f5d477663bc007916a11c48bdd8b9be4ad369)) + + - **SCMI** + + - send powerdown request to online secondary cpus ([14a2892](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/14a289230918b23b0985e215d38614dc7480bd02)) + - set warm reboot entry point ([5cf9cc1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5cf9cc130a90fd8c4503c57ec4af235b469fd473)) + + - **Arm** + + - **Ethos-N** + + - add support for SMMU streams ([b139f1c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b139f1cf975f9968eb8bd1182a173b976ecf06f9)) + + - **GIC** + + - add APIs to raise NS and S-EL1 SGIs ([dcb31ff](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dcb31ff79096fc88b45df8068e5de83b93f833ed)) + + - **GICv3** + + - validate multichip data for GIC-700 ([a78b3b3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a78b3b382b07675a89a66ddffe926ed225eeb245)) + + - **RSS** + + - add new comms protocols ([3125901](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/31259019235aebf7aa533d5c893940f597fb1a8b)) + + - **ST** + + - **Crypto** + + - add AES decrypt/auth by SAES IP ([4bb4e83](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4bb4e836498b0131feefbba3f857a0bf3b89e543)) + - add ECDSA signature check with PKA ([b0fbc02](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b0fbc02aea76d31e749444da63b084e6b2bd089b)) + - add STM32 RNG driver ([af8dee2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/af8dee20d5fee29f34ccd9b9556e0c23655ff549)) + - remove BL32 HASH driver usage ([6b5fc19](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6b5fc19227ff8935b1352c0e4c0d716ebee60aa2)) + - update HASH for new hardware version used in STM32MP13 ([68039f2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/68039f2d14626adce09512871d6cde20ff45e1d9)) + + - **SDMMC2** + + - define FIFO size ([b46f74d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b46f74d4e68ee08b6e912cd7f855a16cc5e79a6a)) + - make reset property optional ([8324b16](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8324b16cd5e0b1ae2f85264a74f879e8fb1bca2a)) + - manage CMD6 ([3deebd4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3deebd4ccf39904d7fe777f53e9dbaa86691d653)) + + - **UART** + + - add initialization with the device tree ([d99998f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d99998f76ed2e8676be25e31e9479a90c16c7098)) + - manage STM32MP_RECONFIGURE_CONSOLE ([ea69dcd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ea69dcdc737d8b48fec769042922914e988153ef)) + +- **Miscellaneous** + + - **Debug** + + - add AARCH32 CP15 fault registers ([bb22891](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bb2289142cbf0f3546c1034e0500b5dc32aef740)) + - add helpers for aborts on AARCH32 ([6dc5979](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6dc5979a6cb2121e4c16e7bd62e24030e0f42755)) + + - **FDTs** + + - **STM32MP1** + + - add CoT and fuse references for authentication ([928fa66](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/928fa66272a0985c900c996912b54904c64d0520)) + - change pin-controller to pinctrl ([44fea93](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44fea93bf729f631f6ae47e06ac7b6012a795791)) + + - **STM32MP13** + + - use STM32MP_DDR_S_SIZE in fw-config ([936f29f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/936f29f6b51b3c7f37fd34e30a7f1f7c3944b361)) + + - **STM32MP15** + + - add Avenger96 board with STM32MP157A DHCOR SoM ([51e2230](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/51e223058fe70b311542178f1865514745fa7874)) + - add support for STM32MP157C based DHCOM SoM on PDK2 board ([eef485a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/eef485abb13b6df9a94137edd82904aab0ecf02d)) + + - **SDEI** + + - add a function to return total number of events registered ([e6381f9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e6381f9cf8c0c62c32d5a4765aaf166f50786914)) + + - **TBBR** + + - increase PK_DER_LEN size ([1ef303f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1ef303f9f79020330bbd8e48ac652e8f2121a41b)) + +- **Tools** + + - **Firmware Image Package Tool** + + - add cca, core_swd, plat cert in FIP ([147f52f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/147f52f3e81f7ccf1dae90bc5687ec137feeb46c)) + + - **Certificate Creation Tool** + + - define the cca chain of trust ([0a6bf81](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0a6bf811d7f873a180ef4b9f96f5596b26d270c6)) + - update for ECDSA brainpoolP256r/t1 support ([e78ba69](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e78ba69e3525c968118eb91f443b1e9db9eee5f5)) + +- **Dependencies** + + - **Compiler runtime libraries** + + - update compiler-rt source files ([8a6a956](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a6a9560b5dcccfb68064c0c8c9b4b47981c6ac7)) + + - **libfdt** + + - add function to set MAC addresses ([1aa7e30](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1aa7e302a84bbf46a97bcfbb54b6b6d57de76cee)) + - upgrade libfdt source files ([94b2f94](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/94b2f94bd63258c300b53ad421488c3c4455712b)) + + - **zlib** + + - update zlib source files ([a194255](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a194255d75ed9e2ef56bd6e14349a3e7d86af934)) + +### Resolved Issues + +- **Architecture** + + - **Performance Monitors Extension (FEAT_PMUv3)** + + - add sensible default for MDCR_EL2 ([7f85619](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7f8561985778cbe5cdc7d57984c818119e87adaf)) + + - **Scalable Matrix Extension (FEAT_SME)** + + - add missing ISBs ([46e92f2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/46e92f2862326cbe57acecb2d0f3c2ffbcc176d2)) + +- **Platforms** + + - **Arm** + + - **FVP** + + - fdts: Fix idle-states entry method ([0e3d880](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e3d88070f69c6aa7cc51a2847cbba3535992397)) + - fdts: fix memtimer subframe addressing ([3fd12bb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3fd12bb8c622917d8491082b1472c39efb89c0cf)) + - fdts: unify and fix PSCI nodes ([6b2721c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6b2721c01691743a65475e82944e2f8868bf0159)) + + - **FVP Versatile Express** + + - fdts: Fix vexpress,config-bus subnode names ([60da130](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/60da130a8c5ac29bc35870180c35ca04db506e0f)) + + - **Morello** + + - dts: add model names ([30df890](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/30df8904d0f6973bbce1ecb51f14c1e4725ddf0b)) + - dts: fix DP SMMU IRQ ordering ([fba729b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fba729b0ca22be379792ce677296cda075036753)) + - dts: fix DT node naming ([41c310b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/41c310b4f691c1eefcd0234619bc751966389297)) + - dts: fix GICv3 compatible string ([982f258](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/982f2585bb27b58c017af70d852a433f36711db1)) + - dts: fix SCMI shmem/mboxes grouping ([8aeb1fc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8aeb1fcf832d4e06157a1bed1d18ba244c1fe9ee)) + - dts: fix SMMU IRQ ordering ([5016ee4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5016ee44a740127f7865dc26ed0efbbff1481c7e)) + - dts: fix stdout-path target ([67a8a5c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/67a8a5c92e7c65108b3cdf6f4f9dd2de7e22f3cd)) + - dts: remove #a-c and #s-c from memory node ([f33e113](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f33e113c7a7dffd8ed219f25191907fd64bcf19f)) + - dts: use documented DPU compatible string ([3169572](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3169572ed1bf0de17bb813583cab7ea295a8ec8d)) + - move BL31 to run from DRAM space ([05330a4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/05330a49cd91c346a8b9dc3aff35d0032db4d413)) + + - **N1SDP** + + - add numa node id for pcie controllers ([2974d2f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2974d2f2d03e842ed5e01e2e04dd3de6c1d07277)) + - mapping Run-time UART to IOFPGA UART0 ([4a81e91](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a81e91f2752a817364e1fccedb08bb453ad5a56)) + - replace non-inclusive terms from dts file ([e6ffafb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e6ffafbeeae8c78abac37475f19899f0c98523ca)) + + - **TC** + + - resolve the static-checks errors ([066450a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/066450abf326f1a68a21cdddf29f62eff95041a9)) + - tc2 bl1 start address shifted by one page ([8597a8c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8597a8cbc23f0f03a15d013dd44a4ed59c991872)) + + - **Intel** + + - fix asynchronous read response by copying data to input buffer ([dd7adcf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dd7adcf3a89a75973a88118eeb867d1c212c4ad0)) + - fix Mac verify update and finalize for return response data ([fbf7aef](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fbf7aef408a9f67fabc712bbfd52438290364879)) + + - **MediaTek** + + - remove unused cold_boot.[c|h] ([8cd3b69](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8cd3b693d6d5d3db2433a96c5f2905d92a387cc4)) + - switch console to runtime state before leaving BL31 ([fcf4dd9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fcf4dd9f794b28bbfff3ee7d66bac8d5e260f46a)) + - use uppercase for definition ([810d568](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/810d568141050db7d500c5f5ad91efaff93d2036)) + - wrap cold_boot.h with MTK_SIP_KERNEL_BOOT_ENABLE ([24476b2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/24476b2e6128dae2ca2ac46344e18f6f02eae7bf)) + + - **MT8186** + + - fix SCP permission ([8a998b5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a998b5aca3ca895a7722e7496a7fd18cd838f94)) + - fix EMI_MPU domain setting for DSP ([28a8b73](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/28a8b738feaade74f23af0e889005e687fde38b5)) + - fix the DRAM voltage after the system resumes ([600f168](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/600f168172a9281a0061f84e4da5318e08762aa1)) + - move SSPM base register definition to platform_def.h ([2a2b51d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2a2b51d8f76e2acdabb431e928beb90e0a30c87c)) + + - **MT8188** + + - add mmap entry for CPU idle SRAM ([32071c0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/32071c0263899e0e7a4b7f2c754e6363547f33b1)) + - refine c-state power domain for extensibility ([e35f4cb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e35f4cbf80ba671c42644c1ac7f8f6541042c6e5)) + - refine gic init flow after system resume ([210ebbb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/210ebbb0a6a0520cb3a5930c4fefa94baee33462)) + + - **NXP** + + - **i.MX** + + - **i.MX 8M** + + - correct serial output for HAB JR0 ([6e24d79](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6e24d795094e7fac1edc13336ce0bfd39d98e66f)) + - fix dram retention fsp_table access ([6c8f523](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6c8f523138cd94bc0608708e821a09b02c8c2f5a)) + - move caam init after serial init ([901d74b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/901d74b2d46cbd8b1d27477fa16388520fdabab1)) + - update poweroff related SNVS_LPCR bits only ([ad6eb19](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ad6eb1951b986f30635025bbdf29e257b6b1e362)) + + - **i.MX 8Q** + + - correct architected counter frequency ([21189b8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/21189b8e21062b71c9056ac1cf60d25bb018007c)) + + - **QEMU** + + - enable SVE and SME ([337ff4f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/337ff4f1dd6604738d79fd3fa275ae74d74256b2)) + + - **QTI** + + - adding secure rm flag ([b5959ab](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b5959ab029fb0a8a271967b0bd7ef438d59061bd)) + + - **Raspberry Pi** + + - **Raspberry Pi 3** + + - tighten platform pwr_domain_pwr_down_wfi behaviour ([028c4e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/028c4e42d8f632d40081b88f66d0d05c7d7c9b23)) + + - **Renesas** + + - **R-Car** + + - **R-Car 3** + + - fix RPC-IF device node name ([08ae247](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/08ae2471b1417f1d8083a79771338aa2a00b6711)) + + - **Rockchip** + + - align fdt buffer on 8 bytes ([621acbd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/621acbd055d712ab8bf79054911155598fdb74d0)) + + - **RK3399** + + - explicitly define the sys_sleep_flag_sram type ([7a5e90a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7a5e90a89d91d6662d3e468893e07c91b3a165ee)) + + - **Socionext** + + - **Synquacer** + + - increase size of BL33 ([a12a66d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a12a66d0d6d4732d41a27b1ecbc8874731c78101)) + + - **ST** + + - add max size for FIP in eMMC boot part ([e7cb4a8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e7cb4a86b884d2922984d3cd4651fb905650cfd6)) + - add missing string.h include ([0d33d38](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0d33d38334cae909a66c74187a36b5833afb8093)) + + - **STM32MP1** + + - enable crash console in FIQ handler ([484e846](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/484e846a03a1af5f88e2e28835b6349cc5977935)) + - fdts: stm32mp1: align DDR regulators with new driver ([9eed71b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9eed71b7221c5fc7ed887f1087e42c9f1a62f581)) + - update the FIP load address for serial boot ([32f2ca0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/32f2ca04bfd2d93329f2f17d9c9d134f339710f9)) + + - **STM32MP13** + + - correct USART addresses ([de1ab9f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/de1ab9fe052deba06a0904b10a6e0312ca49658e)) + + - **Xilinx** + + - include missing header ([28ba140](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/28ba1400216d7c7195929d1bd53f059a440a89a2)) + - miscellaneous fixes for xilinx platforms ([bfc514f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bfc514f10393fb7f4641ad5e75049f3acc246dd2)) + - remove unnecessary header include ([0ee2dc1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ee2dc118c34ceacc921fee196a4ba9102bdfbea)) + - update define for ZynqMP specific functions ([24b5b53](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/24b5b53a5922de40e53f0a7ecf65d3d0acc30a0d)) + + - **Versal** + + - add SGI register call version check ([5897e13](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5897e135445e2bf3345297fbe9971a113506d714)) + - enable a72 erratum 859971 and 1319367 ([769446a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/769446a6899d840df8aa5746ec32bf7530fc9826)) + - fix code indentation issues ([72583f9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/72583f92e6cc1d691b709e05c3ae280dce016fef)) + - fix macro coding style issues ([80806aa](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/80806aa1234606bb55af40ae0667cdf4d44423be)) + - fix Misra-C violations in bl31_setup and pm_svc_main ([68ffcd1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/68ffcd1bb22f2c2eac6c3329a1974b3e8ec6f515)) + - remove clock related macros ([47f8145](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/47f8145324181b86b6f460fb0c92144ef43e4e14)) + - resolve misra 10.1 warnings ([19f92c4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/19f92c4cfe014c5495f3073917119385b0014eda)) + - resolve misra 15.6 warnings ([1117a16](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1117a16e0379986ea68581c02fb2fee40937452b)) + - resolve misra 8.13 warnings ([3d2ebe7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3d2ebe756a50c27a00a03ae7f0109ed04681ac96)) + - resolve the misra 4.6 warnings ([f7c48d9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f7c48d9e30e9444f1fdb808ae5d06ed675e335fa)) + - resolve the misra 4.6 warnings ([912b7a6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/912b7a6fe46619e5df55dbd0b95d306f7bb2695c)) + - route GIC IPI interrupts during setup ([04cc91b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/04cc91b43c1d10fcba563e18f06336987e6e3a24)) + - use only one space for indentation ([dee5885](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dee588591328b96d9b9ef908869c8b42bd2632f2)) + + - **Versal NET** + + - Enable a78 errata workarounds ([bcc6e4a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bcc6e4a02a88056b9c45ff28f405e09444433528)) + - add default values for silicon ([faa22d4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/faa22d48d9929d57975b84ab76cb595afdcf57f4)) + - use api_id directly without FUNCID_MASK ([b0eb6d1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b0eb6d124b1764264778d17b1519bfe62b7b9337)) + + - **ZynqMP** + + - fix coverity scan warnings ([1ac6af1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1ac6af1199e2d14492a9d75aaba69bc775e55bd8)) + - ensure memory write finish with dsb() ([ac6c135](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ac6c135c83fe4efa4d6e9b9c06e899b57ce5647a)) + - fix for incorrect afi write mask value ([4264bd3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4264bd33e718023c62a2776e3ca40db88fce8b08)) + - move bl31 with DEBUG=1 back to OCM ([389594d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/389594dfa7e60a720d60f0d55296f91ba1610de5)) + - move debug bl31 based address back to OCM ([0ba3d7a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ba3d7a4ca04486f45d062fab54238d9a554a682)) + - remove additional 0x in %p print ([05a6107](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/05a6107ff18b03f4ca33496268398133abf04aaa)) + - resolve misra 4.6 warnings ([cdb6211](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cdb62114cfcdaeb85e64bcde459342a0a95f58e3)) + - resolve misra 8.13 warnings ([8695ffc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8695ffcfcb3801ea287fae7652ba1c350636831f)) + - resolve MISRA-C:2012 R.10.1 warnings ([c889088](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c889088386432af69e3ca853825c4219884c1cc1)) + - resolve the misra 4.6 warnings ([15dc3e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/15dc3e4f8d9730ce58cc599fb9970d486c8b9202)) + - resolve the misra 4.6 warnings ([ffa9103](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ffa910312c371080f4d0d50eb1354ad05b7be7a8)) + - resolve the misra 8.6 warnings ([7b1a6a0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7b1a6a08ccc7522687f66e6e989bbc597d08ab06)) + +- **Bootloader Images** + + - **BL31** + + - allow use of EHF with S-EL2 SPMC ([7c2fe62](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7c2fe62f1347bb94d82e9fdd3bc5eaebedaf0bc7)) + - harden check in delegate_async_ea ([d435238](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d435238dc364f0c9f0e41661365f83d83899829d)) + - pass the EA bit to 'delegate_sync_ea' ([df56e9d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/df56e9d199939c571b3fd8f539d213fc36e14494)) + +- **Services** + + - **RME** + + - refactor RME fid macros ([fb00dc4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fb00dc4a7b208cf416d082bb4367b54286bc8e3b)) + - relax RME compiler requirements ([7670ddb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7670ddb1fb5d4fa5e2e234375f7a4c0763f1c57a)) + - update FVP platform token ([364b4cd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/364b4cddbab859a56e63813aab4e983433187191)) + - use RMM shared buffer for attest SMCs ([dc65ae4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dc65ae46439f4d1be06e3a016fe76319d7a62954)) + - xlat table setup fails for bl2 ([e516ba6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e516ba6de5e248e93156b5261cedbff811226e0e)) + + - **RMMD** + + - return X4 output value ([8e51ccc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8e51cccaefc1e0e79ac2f0667ffec1cc46cf7665)) + + - **SPM** + + - **EL3 SPMC** + + - check descriptor size for overflow ([eed15e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/eed15e4310a7bcd90bf6d66b00037e05186329bb)) + - compute full FF-A V1.1 desc size ([be075c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/be075c3edf634a2df1065597266c3e41d284287b)) + - deadlock when relinquishing memory ([ac568b2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ac568b2bccb9da71f2bd7f1c7204189d1ff678d9)) + - error handling in allocation ([cee8bb3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cee8bb3b38ea266a5008719548965352ec695cae)) + - fix detection of overlapping memory regions ([0dc3518](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0dc35186669ddaedb3a932e103c3976bc3bf75d6)) + - fix incomplete reclaim validation ([c4adbe6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c4adbe6e67617bb2d4f0ffb1c1daa3395f7ac227)) + - fix location of fragment length check ([21ed9ea](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/21ed9ea32325fc556fa7e907e4995888bd3a3b45)) + - fix relinquish validation check ([b4c3621](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b4c3621e0dc8e7ec6d3229253e0326f12c8fe5a9)) + +- **Libraries** + + - **CPU Support** + + - fix cpu version check for Neoverse N2, V1 ([03ebf40](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/03ebf409c711e9f2006cedded7dc415dfe566975)) + - workaround for Cortex-A510 erratum 2666669 ([afb5d06](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/afb5d069a6fa049f18e90fa50e714b8a4acc55f4)) + - workaround for Cortex-A710 2216384 ([b781fcf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b781fcf139c3a609f1adffb8097a23eadbed53a9)) + - workaround for Cortex-A710 erratum 2291219 ([888eafa](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/888eafa00b99aa06b4ff688407336811a7ff439a)) + - workaround for Cortex-A76 erratum 2743102 ([4927309](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/49273098a5ccd87a2084a85f9e47d74fa3ecfc90)) + - workaround for Cortex-A77 erratum 2743100 ([4fdeaff](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4fdeaffe860a998e8503b847ecceec60dcddcdc5)) + - workaround for Cortex-A78C erratum 2376749 ([5d3c1f5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5d3c1f58905d3b7350e02c4687dceaf0971700b3)) + - workaround for Cortex-X3 erratum 2313909 ([7954412](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/79544126943a90d31d81177655be11f75330ffed)) + - workaround for Neoverse N1 erratum 2743102 ([8ce4050](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8ce40503ad00fe0dd35de6e51551da2b4f08a848)) + - workaround for Neoverse-N2 erratum 2326639 ([43438ad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/43438ad1ad6651964e9ae75d35f40aed8d86d088)) + - workaround for Neoverse-N2 erratum 2388450 ([884d515](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/884d515625aa09b22245c32db2fcc9222c7f34fd)) + - workaround for Cortex A78C erratum 2242638 ([6979f47](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6979f47fecfd34ac1405117c23f2e36ecb552a20)) + - workaround for Cortex-A510 erratum 2347730 ([11d448c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/11d448c93463180d03b46e9ba204124ff7ad5116)) + - workaround for Cortex-A510 erratum 2371937 ([a67c1b1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a67c1b1b2b521c888790c68e4201ecce0836a0e9)) + - workaround for Cortex-A710 erratum 2147715 ([3280e5e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3280e5e655ad64b6e299e18624d9c586e6b37cb1)) + - workaround for Cortex-A710 erratum 2371105 ([3220f05](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3220f05ef900addccb6e444d6746e4ed28c9804f)) + - workaround for Cortex-A77 erratum 2356587 ([7bf1a7a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7bf1a7aaaa41034587e43d5805b42da83090b85b)) + - workaround for Cortex-A78C 2132064 ([8008bab](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8008babd58f60c91a88ad79df3d32f63596b433a)) + - workaround for Cortex-A78C erratum 2395411 ([4b6f002](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4b6f0026ea2622b3f46cdef5b468853ddd281b39)) + - workaround for Cortex-X2 erratum 2371105 ([bc0f84d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bc0f84de40d4f1efddfb50071fff09d32f0ea9b2)) + - workaround for Neoverse-N2 erratum 2376738 ([e6602d4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e6602d4b153b81b49b39c22e70f052f9018687b7)) + - workaround for Neoverse-V1 erratum 1618635 ([14a6fed](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/14a6fed5ac14035f578a75a9758f9df7ba4d7496)) + - workaround for Neoverse-V1 erratum 2294912 ([39eb5dd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/39eb5ddbbf98bdb6c012a9d852f489f2f8e15c05)) + - workaround for Neoverse-V1 erratum 2372203 ([57b73d5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/57b73d553305d89da7098f9b53b0a2356ca7ff8b)) + + - **EL3 Runtime** + + - **RAS** + + - restrict RAS support for NS world ([46cc41d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/46cc41d5592a16f702f7f0c0c41f8948a3e11cda)) + - trap "RAS error record" accesses only for NS ([00e8f79](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/00e8f79c15d36f65f6c7f127177105e02177cbc0)) + + - **FCONF** + + - fix type error displaying disable_auth ([381f465](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/381f465ca92f7c9759e85c1bfb4c95ceda26581e)) + + - **PSCI** + + - fix MISRA failure - Memory - illegal accesses ([0551aac](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0551aac5637a638d4b9d8865a2c20ec5153de3bf)) + + - **GPT** + + - correct the GPC enable sequence ([14cddd7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/14cddd7a58799c8a9d349a4adc0136c1ab5d0b6c)) + + - **C Standard Library** + + - pri*ptr macros for aarch64 ([d307229](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d307229d754ae4d833ed50be50420aaf070065bf)) + + - **PSA** + + - fix Null pointer dereference error ([c32ab75](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c32ab75c41adfe28a60f1ff159012a7d78e72fdc)) + - update measured boot handle ([4d879e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4d879e1e5a40cefae5b5e13086a16741bf3f6d67)) + - add missing semicolon ([d219ead](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d219ead1db5ca02ec7c7905ac01d7b268c5026ae)) + - align with original API in tf-m-extras ([471c989](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/471c9895a630560561717067113e4c4d7127bb9f)) + - extend measured boot logging ([901b0a3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/901b0a3015a652d9eb66c063b0984fade9adf08f)) + + - **Context Management** + + - remove explicit ICC_SRE_EL2 register read ([2b28727](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2b28727e6dafdaa08a517b5a97bda5de26cc8919)) + + - **Semihosting** + + - fix seek call failure check ([7c49438](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7c4943887477754024f0f736461d9543d502efcc)) + +- **Drivers** + + - **Authentication** + + - correct sign-compare warning ([ed38366](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ed38366f1dfeb0b0789fd69b400728598ae3c64e)) + + - **Measured Boot** + + - add SP entries to event_log_metadata ([e637a5e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e637a5e19da72599229fd2c70e793c123aaf14ca)) + - clear the entire digest array of Startup Locality event ([70b1c02](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/70b1c025003452602f68feb13402c705e44145aa)) + - fix verbosity level of RSS digests traces ([2abd317](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2abd317d27a26bbfa3da7fe3fe709da3fa0f09af)) + + - **MMC** + + - remove broken, unsecure, unused eMMC RPMB handling ([86b015e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/86b015eb1be57439c2a01cb35d800c7f1b5c8467)) + - resolve the build error ([ccf8392](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ccf8392ccb105638fe710901d3c7ed6594d9450e)) + + - **SCMI** + + - base: fix protocol list querying ([cad90b5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cad90b569db7c547470cca922bd93207adcadfad)) + - base: fix protocol list response size ([d323f0c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d323f0cf000f1d999bf78d89c0037af76b6bf8d8)) + + - **UFS** + + - add retries to ufs_read_capacity ([28645eb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/28645ebd706fe6ac9f34db9f7be5657fe4cffc1a)) + - fix slot base address computation ([7d9648d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7d9648dd6cf3b1dcd90b6917d9d0b545b1c4c975)) + - init utrlba/utrlbau with desc_base ([9d6d1a9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9d6d1a94c99c3a0e89792c5cc118a1d8c8a9dbb7)) + - point utrlbau to header instead of upiu ([9d3f6c4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9d3f6c4b6068b3a4747f5d1dc650607876eff583)) + - removes dp and run-stop polling loops ([660c208](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/660c208d9bd2770f295005fc26a9b6f788567f41)) + - retry commands on unit attention ([3d30955](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3d309556c75bcdb59fd4e4178fa2b79aa472dc90)) + + - **Arm** + + - **GIC** + + - **GICv3** + + - fix overflow caused by left shift ([6aea762](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6aea7624a01cc39c19d4237c4b108659270a61c5)) + - update the affinity mask to 8 bit ([e689048](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e689048e20af70983e0d384301c408fc725cb5eb)) + + - **GIC-600** + + - implement workaround to forward highest priority interrupt ([e1b15b0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e1b15b09a530f2a0b0edc4384e977452d6b389eb)) + + - **RSS** + + - clear the message buffer ([e3a6fb8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e3a6fb84f523e68d2f1398348d1ae2635f3e57bc)) + - determine the size of sw_type in RSS mboot metadata ([2c8f2a9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2c8f2a9ad45023354516d419dc9fda2a4f02812b)) + - fix build issues with comms protocol ([ab545ef](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ab545efddcdbf5d08ad3b1e8f4ea15a0faf168a7)) + - reduce input validation for measured boot ([13a129e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/13a129e8dcea358033f3c83b2d81b25129e02d43)) + - remove dependency on attestation header ([6aa7154](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6aa71542f35047ea0b537e3a6016de6c579c9d6b)) + - rename AP-RSS message size macro ([70247dd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/70247ddbbd0a55a1ddf1d02f2a35b5cad3949dd1)) + + - **NXP** + + - **DDR** + + - fix firmware buffer re-mapping issue ([742c23a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/742c23aab79a21803472c5b4314b43057f1d3e84)) + + - **ST** + + - **Clock** + + - correct MISRA C2012 15.6 ([56f895e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/56f895ede3a2a4a97c0e4f8270050aff20a167bc)) + - correctly check ready bit ([3b06a53](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3b06a53044e754979cb0608fd93a137a5879a6a0)) + +- **Miscellaneous** + + - **AArch64** + + - make AArch64 FGT feature detection more robust ([c687776](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c6877763cd3a286983df160c8207368174c1b820)) + + - **Debug** + + - backtrace stack unwind misses lr adjustment ([a149eb4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a149eb4d87453f58418ad32c570090739a3e0dd6)) + - decouple "get_el_str()" from backtrace ([0ae4a3a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ae4a3a3f0cd841b83f2944dde9837ea67f08813)) + + - **FDTs** + + - **STM32MP1** + + - **STM32MP13** + + - align sdmmc pins with kernel ([c7ac7d6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c7ac7d65a7d1ee1b656bf1260ede6b8e2226bbac)) + - cleanup DT files ([4c07deb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4c07deb53e0e7daafc93bc67fdcbb3de7b73d730)) + - correct PLL nodes name ([93ed4f0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/93ed4f0801f5b3571abdd7e039d09d508c987063)) + - remove secure status ([8ef8e0e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8ef8e0e30e301e6b2595d571f004ae86b1a1ce06)) + - update SDMMC max frequency ([c9a4cb5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c9a4cb552cdd168fcab2c0383b8fbe30dc99092f)) + + - **Security** + + - optimisations for CVE-2022-23960 ([e74d658](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e74d658181e5e69b6b5e16b40adc1ffef4c1efb9)) + +- **Documentation** + + - document missing RMM-EL3 runtime services ([e50fedb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e50fedbc869341d044d4cb3479a0ab3d4edaf225)) + - add LTS maintainers ([ab0d4d9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ab0d4d9d44fe54535a0ae647092a3cfff368f126)) + - update maintainers list ([f23ce63](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f23ce639050481cda939b9e4738ed01d46481ee3)) + + - **Changelog** + + - fix the broken link to commitlintrc.js ([c1284a7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c1284a7f93309c88fd781d2b4720f742e147284e)) + +- **Build System** + + - disable default PIE when linking ([7b59241](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7b5924184566bcdcc01966905ffdcabcd6ea4b32)) + - discard sections also with SEPARATE_NOBITS_REGION ([64207f8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/64207f858f5cbf44aa6528be19a863acc4444568)) + - ensure that the correct rule is called for tools ([598b166](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/598b166bbc2f09fc219d44ecff0c870854bfa093)) + - fix arch32 build issue for clang ([94eb127](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/94eb127719881f39c7f235c887fb2c0b82341696)) + - make TF-A use provided OpenSSL binary ([e95abc4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e95abc4c01822ef43e9e874d63d6596dc0b57279)) + +- **Tools** + + - **Secure Partition Tool** + + - fix concurrency issue for SP packages ([0aaa382](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0aaa382fe2395c82c9491b199b6b82819afd368f)) + - operators "is/is not" in sp_mk_gen.py ([1a28f29](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1a28f290b8224eb1d78a2476faaedc5154f82208)) + - 'sp_mk_generator.py' reference to undef var ([0be2475](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0be2475f6990a37d2d54b7ed06bac9cb46f4660d)) + +- **Dependencies** + + - add missing aeabi_memcpy.S ([93cec69](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/93cec697deb654303379cae8f25a31dc8b90cd31)) + +## [2.7.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.6..refs/tags/v2.7.0) (2022-05-20) ### New Features
diff --git a/docs/components/el3-spmc.rst b/docs/components/el3-spmc.rst new file mode 100644 index 0000000..1a2d427 --- /dev/null +++ b/docs/components/el3-spmc.rst
@@ -0,0 +1,597 @@ +EL3 Secure Partition Manager +**************************** + +.. contents:: + +Foreword +======== + +This document describes the design of the EL3 SPMC based on the FF-A specification. +EL3 SPMC provides reference FF-A compliant implementation without S-EL2 virtualization support, +to help adopt and migrate to FF-A early. +EL3 SPMC implementation in TF-A: + +- Manages a single S-EL1 Secure Partition +- Provides a standard protocol for communication and memory sharing between FF-A endpoints. +- Provides support for EL3 Logical Partitions to support easy migration from EL3 to S-EL1. + +Sample reference stack +====================== + +The following diagram illustrates a possible configuration when the +FEAT_SEL2 architecture extension is not implemented, showing the SPMD +and SPMC at EL3, one S-EL1 secure partition, with an optional +Hypervisor: + +.. image:: ../resources/diagrams/ff-a-spm-at-el3.png + +TF-A build options +================== + +This section explains the TF-A build options involved in building +an FF-A based SPM where the SPMD and SPMC are located at EL3: + +- **SPD=spmd**: this option selects the SPMD component to relay the FF-A + protocol from NWd to SWd back and forth. It is not possible to + enable another Secure Payload Dispatcher when this option is chosen. +- **SPMC_AT_EL3**: this option adjusts the SPMC exception level to being + at EL3. +- **ARM_SPMC_MANIFEST_DTS**: this option specifies a manifest file + providing SP description. It is required when + ``SPMC_AT_EL3`` is enabled, the secure partitions are loaded + by BL2 on behalf of the SPMC. + +Notes: + +- BL32 option is re-purposed to specify the S-EL1 TEE or SP image. + BL32 option can be omitted if using TF-A Test Secure Payload as SP. +- BL33 option can specify the TFTF binary or a normal world loader + such as U-Boot or the UEFI framework payload. + +Sample TF-A build command line when the SPMC is located at EL3: + +.. code:: shell + + make \ + CROSS_COMPILE=aarch64-none-elf- \ + SPD=spmd \ + SPMD_SPM_AT_SEL2=0 \ + SPMC_AT_EL3=1 \ + BL32=<path-to-tee-binary> (opt for TSP) \ + BL33=<path-to-bl33-binary> \ + PLAT=fvp \ + all fip + +FVP model invocation +==================== + +Sample FVP command line invocation: + +.. code:: shell + + <path-to-fvp-model>/FVP_Base_RevC-2xAEMvA -C pctl.startup=0.0.0.0 \ + -C cluster0.NUM_CORES=4 -C cluster1.NUM_CORES=4 -C bp.secure_memory=1 \ + -C bp.secureflashloader.fname=trusted-firmware-a/build/fvp/debug/bl1.bin \ + -C bp.flashloader0.fname=trusted-firmware-a/build/fvp/debug/fip.bin \ + -C bp.pl011_uart0.out_file=fvp-uart0.log -C bp.pl011_uart1.out_file=fvp-uart1.log \ + -C bp.pl011_uart2.out_file=fvp-uart2.log -C bp.vis.disable_visualisation=1 + + +Platform Guide +============== + +- Platform Hooks See - `[4]`_ + + - plat_spmc_shmem_begin + - plat_spmc_shmem_reclaim + +SPMC provides platform hooks related to memory management interfaces. +These hooks can be used for platform specific implementations like +for managing access control, programming TZ Controller or MPUs. +These hooks are called by SPMC before the initial share request completes, +and after the final reclaim has been completed. + +- Datastore + + - plat_spmc_shmem_datastore_get + + EL3 SPMC uses datastore for tracking memory transaction descriptors. + On FVP platform datastore is allocated from TZC DRAM section. + Other platforms need to allocate a similar secure memory region + to be used as shared memory datastore. + + The accessor function is used during SPMC initialization to obtain + address and size of the datastore. + SPMC will also zero out the provided memory region. + +- Platform Defines See - `[5]`_ + + - SECURE_PARTITION_COUNT + Number of Secure Partitions supported: must be 1. + + - NS_PARTITION_COUNT + Number of NWd Partitions supported. + + - MAX_EL3_LP_DESCS_COUNT + Number of Logical Partitions supported. + +Logical Secure Partition (LSP) +============================== + +- The SPMC provides support for statically allocated EL3 Logical Secure Partitions + as per FF-A v1.1 specification. +- The DECLARE_LOGICAL_PARTITION macro can be used to add a LSP. +- For reference implementation See - `[2]`_ + +.. image:: ../resources/diagrams/ff-a-lsp-at-el3.png + +SPMC boot +========= + +The SPMD and SPMC are built into the BL31 image along with TF-A's runtime components. +BL2 loads the BL31 image as a part of (secure) boot process. + +The SPMC manifest is loaded by BL2 as the ``TOS_FW_CONFIG`` image `[9]`_. + +BL2 passes the SPMC manifest address to BL31 through a register. + +At boot time, the SPMD in BL31 runs from the primary core, initializes the core +contexts and launches the SPMC passing the following information through +registers: + +- X0 holds the SPMC manifest blob address. +- X4 holds the currently running core linear id. + +Parsing SP partition manifests +------------------------------ + +SPMC consumes the SP manifest, as defined in `[7]`_. +SP manifest fields align with Hafnium SP manifest for easy porting. + +.. code:: shell + + compatible = "arm,ffa-manifest-1.0"; + + ffa-version = <0x00010001>; /* 31:16 - Major, 15:0 - Minor */ + id = <0x8001>; + uuid = <0x6b43b460 0x74a24b78 0xade24502 0x40682886>; + messaging-method = <0x3>; /* Direct Messaging Only */ + exception-level = <0x2>; /* S-EL1 */ + execution-state = <0>; + execution-ctx-count = <8>; + gp-register-num = <0>; + power-management-messages = <0x7>; + + +Passing boot data to the SP +--------------------------- + +In `[1]`_ , the section "Boot information protocol" defines a method for passing +data to the SPs at boot time. It specifies the format for the boot information +descriptor and boot information header structures, which describe the data to be +exchanged between SPMC and SP. +The specification also defines the types of data that can be passed. +The aggregate of both the boot info structures and the data itself is designated +the boot information blob, and is passed to a Partition as a contiguous memory +region. + +Currently, the SPM implementation supports the FDT type which is used to pass the +partition's DTB manifest. + +The region for the boot information blob is statically allocated (4K) by SPMC. +BLOB contains Boot Info Header, followed by SP Manifest contents. + +The configuration of the boot protocol is done in the SP manifest. As defined by +the specification, the manifest field 'gp-register-num' configures the GP register +which shall be used to pass the address to the partitions boot information blob when +booting the partition. + +Supported interfaces +==================== + +The following interfaces are exposed to SPs only: + +- ``FFA_MSG_WAIT`` +- ``FFA_MEM_RETRIEVE_REQ`` +- ``FFA_MEM_RETRIEVE_RESP`` +- ``FFA_MEM_RELINQUISH`` +- ``FFA_SECONDARY_EP_REGISTER`` + +The following interfaces are exposed to both NS Client and SPs: + +- ``FFA_VERSION`` +- ``FFA_FEATURES`` +- ``FFA_RX_RELEASE`` +- ``FFA_RXTX_MAP`` +- ``FFA_RXTX_UNMAP`` +- ``FFA_PARTITION_INFO_GET`` +- ``FFA_ID_GET`` +- ``FFA_MSG_SEND_DIRECT_REQ`` +- ``FFA_MSG_SEND_DIRECT_RESP`` +- ``FFA_MEM_FRAG_TX`` +- ``FFA_SPM_ID_GET`` + +The following additional interfaces are forwarded from SPMD to support NS Client: + +- ``FFA_RUN`` +- ``FFA_MEM_LEND`` +- ``FFA_MEM_SHARE`` +- ``FFA_MEM_FRAG_RX`` +- ``FFA_MEM_RECLAIM`` + + +FFA_VERSION +----------- + +``FFA_VERSION`` requires a *requested_version* parameter from the caller. +SPMD forwards call to SPMC, the SPMC returns its own implemented version. +SPMC asserts SP and SPMC are at same FF-A Version. + +FFA_FEATURES +------------ + +FF-A features supported by the SPMC may be discovered by secure partitions at +boot (that is prior to NWd is booted) or run-time. + +The SPMC calling FFA_FEATURES at secure physical FF-A instance always get +FFA_SUCCESS from the SPMD. + +The request made by an Hypervisor or OS kernel is forwarded to the SPMC and +the response relayed back to the NWd. + + +FFA_RXTX_MAP +------------ + +FFA_RXTX_UNMAP +-------------- + +When invoked from a secure partition FFA_RXTX_MAP maps the provided send and +receive buffers described by their PAs to the EL3 translation regime +as secure buffers in the MMU descriptors. + +When invoked from the Hypervisor or OS kernel, the buffers are mapped into the +SPMC EL3 translation regime and marked as NS buffers in the MMU +descriptors. + +The FFA_RXTX_UNMAP unmaps the RX/TX pair from the translation regime of the +caller, either it being the Hypervisor or OS kernel, as well as a secure +partition. + +FFA_PARTITION_INFO_GET +---------------------- + +Partition info get call can originate: + +- from SP to SPMC +- from Hypervisor or OS kernel to SPMC. The request is relayed by the SPMD. + +The format (v1.0 or v1.1) of the populated data structure returned is based upon the +FFA version of the calling entity. + +EL3 SPMC also supports returning only the count of partitions deployed. + +All LSPs and SP are discoverable from FFA_PARTITION_INFO_GET call made by +either SP or NWd entities. + +FFA_ID_GET +---------- + +The FF-A ID space is split into a non-secure space and secure space: + +- FF-A ID with bit 15 clear relates to VMs. +- FF-A ID with bit 15 set related to SPs or LSPs. +- FF-A IDs 0, 0xffff, 0x8000 are assigned respectively to the Hypervisor + (or OS Kernel if Hyp is absent), SPMD and SPMC. + +This convention helps the SPM to determine the origin and destination worlds in +an FF-A ABI invocation. In particular the SPM shall filter unauthorized +transactions in its world switch routine. It must not be permitted for a VM to +use a secure FF-A ID as origin world by spoofing: + +- A VM-to-SP direct request/response shall set the origin world to be non-secure + (FF-A ID bit 15 clear) and destination world to be secure (FF-A ID bit 15 + set). +- Similarly, an SP-to-LSP direct request/response shall set the FF-A ID bit 15 + for both origin and destination IDs. + +An incoming direct message request arriving at SPMD from NWd is forwarded to +SPMC without a specific check. The SPMC is resumed through eret and "knows" the +message is coming from normal world in this specific code path. Thus the origin +endpoint ID must be checked by SPMC for being a normal world ID. + +An SP sending a direct message request must have bit 15 set in its origin +endpoint ID and this can be checked by the SPMC when the SP invokes the ABI. + +The SPMC shall reject the direct message if the claimed world in origin endpoint +ID is not consistent: + +- It is either forwarded by SPMD and thus origin endpoint ID must be a "normal + world ID", +- or initiated by an SP and thus origin endpoint ID must be a "secure world ID". + + +FFA_MSG_SEND_DIRECT_REQ +----------------------- + +FFA_MSG_SEND_DIRECT_RESP +------------------------ + +This is a mandatory interface for secure partitions participating in direct request +and responses with the following rules: + +- An SP can send a direct request to LSP. +- An LSP can send a direct response to SP. +- An SP cannot send a direct request to an Hypervisor or OS kernel. +- An Hypervisor or OS kernel can send a direct request to an SP or LSP. +- An SP and LSP can send a direct response to an Hypervisor or OS kernel. +- SPMD can send direct request to SPMC. + +FFA_SPM_ID_GET +-------------- + +Returns the FF-A ID allocated to an SPM component which can be one of SPMD +or SPMC. + +At initialization, the SPMC queries the SPMD for the SPMC ID, using the +FFA_ID_GET interface, and records it. The SPMC can also query the SPMD ID using +the FFA_SPM_ID_GET interface at the secure physical FF-A instance. + +Secure partitions call this interface at the virtual FF-A instance, to which +the SPMC returns the SPMC ID. + +The Hypervisor or OS kernel can issue the FFA_SPM_ID_GET call handled by the +SPMD, which returns the SPMC ID. + +FFA_ID_GET +---------- + +Returns the FF-A ID of the calling endpoint. + +FFA_MEM_SHARE +------------- + +FFA_MEM_LEND +------------ + +- If SP is borrower in the memory transaction, these calls are forwarded to SPMC. + SPMC performs Relayer responsibilities, caches the memory descriptors in the datastore, + and allocates FF-A memory handle. +- If format of descriptor was v1.0, SPMC converts the descriptor to v1.1 before caching. + In case of fragmented sharing, conversion of memory descriptors happens after last + fragment has been received. +- Multiple borrowers (including NWd endpoint) and fragmented memory sharing are supported. + +FFA_MEM_RETRIEVE_REQ +-------------------- + +FFA_MEM_RETRIEVE_RESP +--------------------- + +- Memory retrieve is supported only from SP. +- SPMC fetches the cached memory descriptor from the datastore, +- Performs Relayer responsiilities and sends FFA_MEM_RETRIEVE_RESP back to SP. +- If descriptor size is more than RX buffer size, SPMC will send the descriptor in fragments. +- SPMC will set NS Bit to 1 in memory descriptor response. + +FFA_MEM_FRAG_RX +--------------- + +FFA_MEM_FRAG_TX +--------------- + +FFA_MEM_FRAG_RX is to be used by: + +- SP if FFA_MEM_RETRIEVE_RESP returned descriptor with fragment length less than total length. +- or by SPMC if FFA_MEM_SHARE/FFA_MEM_LEND is called with fragment length less than total length. + +SPMC validates handle and Endpoint ID and returns response with FFA_MEM_FRAG_TX. + +FFA_SECONDARY_EP_REGISTER +------------------------- + +When the SPMC boots, secure partition is initialized on its primary +Execution Context. + +The FFA_SECONDARY_EP_REGISTER interface is to be used by a secure partition +from its first execution context, to provide the entry point address for +secondary execution contexts. + +A secondary EC is first resumed either upon invocation of PSCI_CPU_ON from +the NWd or by invocation of FFA_RUN. + +Power management +================ + +In platforms with or without secure virtualization: + +- The NWd owns the platform PM policy. +- The Hypervisor or OS kernel is the component initiating PSCI service calls. +- The EL3 PSCI library is in charge of the PM coordination and control + (eventually writing to platform registers). +- While coordinating PM events, the PSCI library calls backs into the Secure + Payload Dispatcher for events the latter has statically registered to. + +When using the SPMD as a Secure Payload Dispatcher: + +- A power management event is relayed through the SPD hook to the SPMC. +- In the current implementation CPU_ON (svc_on_finish), CPU_OFF + (svc_off), CPU_SUSPEND (svc_suspend) and CPU_SUSPEND_RESUME (svc_suspend_finish) + hooks are registered. + +Secure partitions scheduling +============================ + +The FF-A specification `[1]`_ provides two ways to relinquinsh CPU time to +secure partitions. For this a VM (Hypervisor or OS kernel), or SP invokes one of: + +- the FFA_MSG_SEND_DIRECT_REQ interface. +- the FFA_RUN interface. + +Additionally a secure interrupt can pre-empt the normal world execution and give +CPU cycles by transitioning to EL3. + +Partition Runtime State and Model +================================= + +EL3 SPMC implements Partition runtime states are described in v1.1 FF-A specification `[1]`_ + +An SP can be in one of the following state: + +- RT_STATE_WAITING +- RT_STATE_RUNNING +- RT_STATE_PREEMPTED +- RT_STATE_BLOCKED + +An SP will transition to one of the following runtime model when not in waiting state: + +- RT_MODEL_DIR_REQ +- RT_MODEL_RUN +- RT_MODEL_INIT +- RT_MODEL_INTR + +Platform topology +================= + +SPMC only supports a single Pinned MP S-EL1 SP. The *execution-ctx-count* +SP manifest field should match the number of physical PE. + +Interrupt handling +================== + +Secure Interrupt handling +------------------------- + +- SPMC is capable of forwarding Secure interrupt to S-EL1 SP + which has preempted the normal world. +- Interrupt is forwarded to SP using FFA_INTERRUPT interface. +- Interrupt Number is not passed, S-EL1 SP can access the GIC registers directly. +- Upon completion of Interrupt handling SP is expected to return to + SPMC using FFA_MSG_WAIT interface. +- SPMC returns to normal world after interrupt handling is completed. + +In the scenario when secure interrupt occurs while the secure partition is running, +the SPMC is not involved and the handling is implementation defined in the TOS. + +Non-Secure Interrupt handling +----------------------------- + +The 'managed exit' scenario is the responsibility of the TOS and the SPMC is not involved. + +Test Secure Payload (TSP) +========================= + +- TSP provides reference implementation of FF-A programming model. +- TSP has the following support: + + - SP initialization on all CPUs. + - Consuming Power Messages including CPU_ON, CPU_OFF, CPU_SUSPEND, CPU_SUSPEND_RESUME. + - Event Loop to receive Direct Requests. + - Sending Direct Response. + - Memory Sharing helper library. + - Ability to handle secure interrupt (timer). + +TSP Tests in CI +--------------- + +- TSP Tests are exercised in the TF-A CI using prebuilt FF-A Linux Test driver in NWd. +- Expected output: + +.. code:: shell + + #ioctl 255 + Test: Echo Message to SP. + Status: Completed Test Case: 1 + Test Executed Successfully + + Test: Message Relay vis SP to EL3 LSP. + Status: Completed Test Case: 2 + Test Executed Successfully + + Test: Memory Send. + Verified 1 constituents successfully + Status: Completed Test Case: 3 + Test Executed Successfully + + Test: Memory Send in Fragments. + Verified 256 constituents successfully + Status: Completed Test Case: 4 + Test Executed Successfully + + Test: Memory Lend. + Verified 1 constituents successfully + Status: Completed Test Case: 5 + Test Executed Successfully + + Test: Memory Lend in Fragments. + Verified 256 constituents successfully + Status: Completed Test Case: 6 + Test Executed Successfully + + Test: Memory Send with Multiple Endpoints. + random: fast init done + Verified 256 constituents successfully + Status: Completed Test Case: 7 + Test Executed Successfully + + Test: Memory Lend with Multiple Endpoints. + Verified 256 constituents successfully + Status: Completed Test Case: 8 + Test Executed Successfully + + Test: Ensure Duplicate Memory Send Requests are Rejected. + Status: Completed Test Case: 9 + Test Executed Successfully + + Test: Ensure Duplicate Memory Lend Requests are Rejected. + Status: Completed Test Case: 10 + Test Executed Successfully + + 0 Tests Failed + + Exiting Test Application - Total Failures: 0 + + +References +========== + +.. _[1]: + +[1] `Arm Firmware Framework for Arm A-profile <https://developer.arm.com/docs/den0077/latest>`__ + +.. _[2]: + +[2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fvp_el3_spmc_logical_sp.c + +.. _[3]: + +[3] `Trusted Boot Board Requirements +Client <https://developer.arm.com/documentation/den0006/d/>`__ + +.. _[4]: + +[4] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fvp_el3_spmc.c + +.. _[5]: + +[5] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/include/platform_def.h + +.. _[6]: + +[6] https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html + +.. _[7]: + +[7] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/plat/arm/board/fvp/fdts/fvp_tsp_sp_manifest.dts + +.. _[8]: + +[8] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/CFQFGU6H2D5GZYMUYGTGUSXIU3OYZP6U/ + +.. _[9]: + +[9] https://trustedfirmware-a.readthedocs.io/en/latest/design/firmware-design.html#dynamic-configuration-during-cold-boot + +-------------- + +*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/components/ffa-manifest-binding.rst b/docs/components/ffa-manifest-binding.rst index 6d2f905..7483c90 100644 --- a/docs/components/ffa-manifest-binding.rst +++ b/docs/components/ffa-manifest-binding.rst
@@ -114,6 +114,19 @@ - managed-exit - value type: <empty> - Specifies if managed exit is supported. + - This field is deprecated in favor of ns-interrupts-action field in the FF-A + v1.1 EAC0 spec. + +- ns-interrupts-action [mandatory] + - value type: <u32> + - Specifies the action that the SPMC must take in response to a Non-secure + physical interrupt. + + - 0x0: Non-secure interrupt is queued + - 0x1: Non-secure interrupt is signaled after a managed exit + - 0x2: Non-secure interrupt is signaled + + - This field supersedes the managed-exit field in the FF-A v1.0 spec. - has-primary-scheduler - value type: <empty>
diff --git a/docs/components/firmware-update.rst b/docs/components/firmware-update.rst index a591565..1ba1e1c 100644 --- a/docs/components/firmware-update.rst +++ b/docs/components/firmware-update.rst
@@ -1,22 +1,118 @@ Firmware Update (FWU) ===================== -Introduction ------------- +This document describes the design of the various Firmware Update (FWU) +mechanisms available in TF-A. -This document describes the design of the Firmware Update (FWU) feature, which -enables authenticated firmware to update firmware images from external -interfaces such as USB, UART, SD-eMMC, NAND, NOR or Ethernet to SoC Non-Volatile -memories such as NAND Flash, LPDDR2-NVM or any memory determined by the -platform. This feature functions even when the current firmware in the system -is corrupt or missing; it therefore may be used as a recovery mode. It may also -be complemented by other, higher level firmware update software. +1. PSA Firmware Update (PSA FWU) +2. TBBR Firmware Update (TBBR FWU) + +PSA Firmware Update implements the specification of the same name (Arm document +IHI 0093), which defines a standard firmware interface for installing firmware +updates. +On the other hand, TBBR Firmware Update only covers firmware recovery. Arguably, +its name is somewhat misleading but the TBBR specification and terminology +predates PSA FWU. Both mechanisms are complementary in the sense that PSA FWU +assumes that the device has a backup or recovery capability in the event of a +failed update, which can be fulfilled with TBBR FWU implementation. + +.. _PSA Firmware Update: + +PSA Firmware Update (PSA FWU) +----------------------------- + +Introduction +~~~~~~~~~~~~ +The `PSA FW update specification`_ defines the concepts of ``Firmware Update +Client`` and ``Firmware Update Agent``. +The new firmware images are provided by the ``Client`` to the ``Update Agent`` +to flash them in non-volatile storage. + +A common system design will place the ``Update Agent`` in the Secure-world +while the ``Client`` executes in the Normal-world. +The `PSA FW update specification`_ provides ABIs meant for a Normal-world +entity aka ``Client`` to transmit the firmware images to the ``Update Agent``. + +Scope +~~~~~ +The design of the ``Client`` and ``Update Agent`` is out of scope of this +document. +This document mainly covers ``Platform Boot`` details i.e. the role of +the second stage Bootloader after FWU has been done by ``Client`` and +``Update Agent``. + +Overview +~~~~~~~~ + +There are active and update banks in the non-volatile storage identified +by the ``active_index`` and the ``update_index`` respectively. +An active bank stores running firmware, whereas an update bank contains +firmware updates. + +Once Firmwares are updated in the update bank of the non-volatile +storage, then ``Update Agent`` marks the update bank as the active bank, +and write updated FWU metadata in non-volatile storage. +On subsequent reboot, the second stage Bootloader (BL2) performs the +following actions: + +- Read FWU metadata in memory +- Retrieve the image specification (offset and length) of updated images + present in non-volatile storage with the help of FWU metadata +- Set these image specification in the corresponding I/O policies of the + updated images using the FWU platform functions + ``plat_fwu_set_images_source()`` and ``plat_fwu_set_metadata_image_source()``, + please refer :ref:`Porting Guide` +- Use these I/O policies to read the images from this address into the memory + +By default, the platform uses the active bank of non-volatile storage to boot +the images in ``trial state``. If images pass through the authentication check +and also if the system successfully booted the Normal-world image then +``Update Agent`` marks this update as accepted after further sanitisation +checking at Normal-world. + +The second stage Bootloader (BL2) avoids upgrading the platform NV-counter until +it's been confirmed that given update is accepted. + +The following sequence diagram shows platform-boot flow: + +.. image:: ../resources/diagrams/PSA-FWU.png + +If the platform fails to boot from active bank due to any reasons such +as authentication failure or non-fuctionality of Normal-world software then the +watchdog will reset to give a chance to the platform to fix the issue. This +boot failure & reset sequence might be repeated up to ``trial state`` times. +After that, the platform can decide to boot from the ``previous_active_index`` +bank. + +If the images still does not boot successfully from the ``previous_active_index`` +bank (e.g. due to ageing effect of non-volatile storage) then the platform can +choose firmware recovery mechanism :ref:`TBBR Firmware Update` to bring system +back to life. + +.. _TBBR Firmware Update: + +TBBR Firmware Update (TBBR FWU) +------------------------------- + +Introduction +~~~~~~~~~~~~ + +This technique enables authenticated firmware to update firmware images from +external interfaces such as USB, UART, SD-eMMC, NAND, NOR or Ethernet to SoC +Non-Volatile memories such as NAND Flash, LPDDR2-NVM or any memory determined +by the platform. +This feature functions even when the current firmware in the system is corrupt +or missing; it therefore may be used as a recovery mode. It may also be +complemented by other, higher level firmware update software. FWU implements a specific part of the Trusted Board Boot Requirements (TBBR) specification, Arm DEN0006C-1. It should be used in conjunction with the :ref:`Trusted Board Boot` design document, which describes the image authentication parts of the Trusted Firmware-A (TF-A) TBBR implementation. +It can be used as a last resort when all firmware updates that are carried out +as part of the :ref:`PSA Firmware Update` procedure have failed to function. + Scope ~~~~~ @@ -25,8 +121,8 @@ FWU images, please refer to the "Non-Trusted Firmware Updater" requirements in the TBBR. -FWU Overview ------------- +Overview +~~~~~~~~ The FWU boot flow is primarily mediated by BL1. Since BL1 executes in ROM, and it is usually desirable to minimize the amount of ROM code, the design allows @@ -66,7 +162,7 @@ |Flow Diagram| Image Identification --------------------- +~~~~~~~~~~~~~~~~~~~~ Each FWU image and certificate is identified by a unique ID, defined by the platform, which BL1 uses to fetch an image descriptor (``image_desc_t``) via a @@ -93,7 +189,7 @@ - Initialize the execution state of the next FWU image. FWU State Machine ------------------ +~~~~~~~~~~~~~~~~~ BL1 maintains state for each FWU image during FWU execution. FWU images at lower Exception Levels raise SMCs to invoke FWU functionality in BL1, which causes @@ -126,10 +222,10 @@ requested BL1 to resume normal world execution. BL1 SMC Interface ------------------ +~~~~~~~~~~~~~~~~~ BL1_SMC_CALL_COUNT -~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^ :: @@ -142,7 +238,7 @@ This SMC returns the number of SMCs supported by BL1. BL1_SMC_UID -~~~~~~~~~~~ +^^^^^^^^^^^ :: @@ -156,7 +252,7 @@ BL1 SMC service. BL1_SMC_VERSION -~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^ :: @@ -170,7 +266,7 @@ This SMC returns the current version of the BL1 SMC service. BL1_SMC_RUN_IMAGE -~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^ :: @@ -190,7 +286,7 @@ this SMC for BL1 to pass execution control to BL31. FWU_SMC_IMAGE_COPY -~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^ :: @@ -239,7 +335,7 @@ Once the SMC is handled, BL1 returns from exception to the normal world caller. FWU_SMC_IMAGE_AUTH -~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^ :: @@ -279,7 +375,7 @@ the -EAUTH error and sets the image state back to RESET. FWU_SMC_IMAGE_EXECUTE -~~~~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^^^^ :: @@ -307,7 +403,7 @@ EXECUTED, and returns from exception to the secure image. FWU_SMC_IMAGE_RESUME -~~~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^^^ :: @@ -334,7 +430,7 @@ returned to the caller. FWU_SMC_SEC_IMAGE_DONE -~~~~~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^^^^^ :: @@ -355,7 +451,7 @@ world. FWU_SMC_UPDATE_DONE -~~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^^ :: @@ -371,7 +467,7 @@ a ``void *``. The SMC does not return. FWU_SMC_IMAGE_RESET -~~~~~~~~~~~~~~~~~~~ +^^^^^^^^^^^^^^^^^^^ :: @@ -393,8 +489,9 @@ -------------- -*Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved.* .. _Universally Unique Identifier: https://tools.ietf.org/rfc/rfc4122.txt .. |Flow Diagram| image:: ../resources/diagrams/fwu_flow.png .. |FWU state machine| image:: ../resources/diagrams/fwu_states.png +.. _PSA FW update specification: https://developer.arm.com/documentation/den0118/a/
diff --git a/docs/components/index.rst b/docs/components/index.rst index 2f81f23..30d80fc 100644 --- a/docs/components/index.rst +++ b/docs/components/index.rst
@@ -4,7 +4,6 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: spd/index activity-monitors @@ -20,8 +19,10 @@ romlib-design sdei secure-partition-manager + el3-spmc secure-partition-manager-mm xlat-tables-lib-v2-design cot-binding realm-management-extension + rmm-el3-comms-spec granule-protection-tables-design
diff --git a/docs/components/ras.rst b/docs/components/ras.rst index 02207d8..871be2d 100644 --- a/docs/components/ras.rst +++ b/docs/components/ras.rst
@@ -6,10 +6,11 @@ later CPUs, and also an optional extension to the base Armv8.0 architecture. In conjunction with the |EHF|, support for RAS extension enables firmware-first -paradigm for handling platform errors: exceptions resulting from errors are -routed to and handled in EL3. Said errors are Synchronous External Abort (SEA), -Asynchronous External Abort (signalled as SErrors), Fault Handling and Error -Recovery interrupts. The |EHF| document mentions various :ref:`error handling +paradigm for handling platform errors: exceptions resulting from errors in +Non-secure world are routed to and handled in EL3. +Said errors are Synchronous External Abort (SEA), Asynchronous External Abort +(signalled as SErrors), Fault Handling and Error Recovery interrupts. +The |EHF| document mentions various :ref:`error handling use-cases <delegation-use-cases>` . For the description of Arm RAS extensions, Standard Error Records, and the @@ -29,9 +30,9 @@ .. __: `Standard Error Record helpers`_ The build option ``RAS_EXTENSION`` when set to ``1`` includes the RAS in run -time firmware; ``EL3_EXCEPTION_HANDLING`` and ``HANDLE_EA_EL3_FIRST`` must also -be set ``1``. ``RAS_TRAP_LOWER_EL_ERR_ACCESS`` controls the access to the RAS -error record registers from lower ELs. +time firmware; ``EL3_EXCEPTION_HANDLING`` and ``HANDLE_EA_EL3_FIRST_NS`` must also +be set ``1``. ``RAS_TRAP_NS_ERR_REC_ACCESS`` controls the access to the RAS +error record registers from Non-secure. .. _ras-figure: @@ -198,8 +199,8 @@ - ``EL3_EXCEPTION_HANDLING=1`` enables handling of exceptions at EL3. See `Interaction with Exception Handling Framework`_; -- ``HANDLE_EA_EL3_FIRST=1`` enables routing of External Aborts and SErrors to - EL3. +- ``HANDLE_EA_EL3_FIRST_NS=1`` enables routing of External Aborts and SErrors, + resulting from errors in NS world, to EL3. The RAS support in |TF-A| introduces a default implementation of ``plat_ea_handler``, the External Abort handler in EL3. When ``RAS_EXTENSION``
diff --git a/docs/components/realm-management-extension.rst b/docs/components/realm-management-extension.rst index 5fa5140..6fc0c2e 100644 --- a/docs/components/realm-management-extension.rst +++ b/docs/components/realm-management-extension.rst
@@ -73,6 +73,14 @@ world. It initializes the RMM and handles Realm Management Interface (RMI) SMC calls from Non-secure and Realm worlds. +There is a contract between RMM and RMMD that defines the arguments that the +former needs to take in order to initialize and also the possible return values. +This contract is defined in the RMM Boot Interface, which can be found at +:ref:`rmm_el3_boot_interface`. + +There is also a specification of the runtime services provided by TF-A +to RMM. This can be found at :ref:`runtime_services_and_interface`. + Test Realm Payload (TRP) ************************* TRP is a small test payload that runs at R-EL2 and implements a subset of @@ -87,158 +95,151 @@ This section describes how you can build and run TF-A with RME enabled. We assume you have all the :ref:`Prerequisites` to build TF-A. -To enable RME, you need to set the ENABLE_RME build flag when building -TF-A. Currently, this feature is only supported for the FVP platform. - The following instructions show you how to build and run TF-A with RME -for two scenarios: TF-A with TF-A Tests, and four-world execution with -Hafnium and TF-A Tests. The instructions assume you have already obtained -TF-A. You can use the following command to clone TF-A. +for two scenarios: -.. code:: shell +- Three-world execution: TF-A with TF-A Tests or Linux. - git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git + - NS (TF-A Test or Linux), + - Root (TF-A) + - Realm (RMM or TRP) + +- Four-world execution: TF-A, Hafnium and TF-A Tests or Linux. + + - NS (TF-A Test or Linux), + - Root (TF-A) + - Realm (RMM or TRP) + - SPM (Hafnium) To run the tests, you need an FVP model. Please use the :ref:`latest version <Arm Fixed Virtual Platforms (FVP)>` of *FVP_Base_RevC-2xAEMvA* model. -.. note:: +Three World Testing with TF-A Tests +************************************* - ENABLE_RME build option is currently experimental. +**1. Obtain and build TF-A Tests with Realm Payload** -Building TF-A with TF-A Tests -******************************************** +The full set of instructions to setup build host and build options for +TF-A-Tests can be found in the `TFTF Getting Started`_. + Use the following instructions to build TF-A with `TF-A Tests`_ as the non-secure payload (BL33). -**1. Obtain and build TF-A Tests** - .. code:: shell git clone https://git.trustedfirmware.org/TF-A/tf-a-tests.git cd tf-a-tests - make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 + make CROSS_COMPILE=aarch64-none-elf- PLAT=fvp DEBUG=1 all pack_realm -This produces a TF-A Tests binary (*tftf.bin*) in the *build/fvp/debug* directory. +This produces a TF-A Tests binary (**tftf.bin**) with Realm payload packaged +and **sp_layout.json** in the **build/fvp/debug** directory. -**2. Build TF-A** +**2. Obtain and build RMM Image** + +Please refer to the `RMM Getting Started`_ on how to setup +Host Environment and build RMM. + +The below command shows how to build RMM using the default build options for FVP. .. code:: shell + git clone --recursive https://git.trustedfirmware.org/TF-RMM/tf-rmm.git + cd tf-rmm + cmake -DRMM_CONFIG=fvp_defcfg -S . -B build + cmake --build build + +This will generate **rmm.img** in **build** folder. + +**3. Build TF-A** + +The `TF-A Getting Started`_ has the necessary instructions to setup Host +machine and build TF-A. + +To build for RME, set ``ENABLE_RME`` build option to 1 and provide the path to +the RMM binary using the ``RMM`` build option. +Currently, this feature is only supported for the FVP platform. + +.. note:: + + ENABLE_RME build option is currently experimental. + +If the ``RMM`` option is not used, then the Test Realm Payload (TRP) in TF-A +will be built and used as the RMM. + +.. code:: shell + + git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git cd trusted-firmware-a make CROSS_COMPILE=aarch64-none-elf- \ PLAT=fvp \ ENABLE_RME=1 \ + RMM=<path/to/rmm.img> \ FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ DEBUG=1 \ BL33=<path/to/tftf.bin> \ all fip -This produces *bl1.bin* and *fip.bin* binaries in the *build/fvp/debug* directory. -The above command also builds TRP. The TRP binary is packaged in *fip.bin*. +This produces **bl1.bin** and **fip.bin** binaries in the **build/fvp/debug** directory. -Four-world execution with Hafnium and TF-A Tests -**************************************************** -Four-world execution involves software components at each security state: root, -secure, realm and non-secure. This section describes how to build TF-A -with four-world support. We use TF-A as the root firmware, `Hafnium`_ as the -secure component, TRP as the realm-world firmware and TF-A Tests as the -non-secure payload. +Running the tests for a 3 world FVP setup +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Before building TF-A, you first need to build the other software components. -You can find instructions on how to get and build TF-A Tests above. - -**1. Obtain and build Hafnium** - -.. code:: shell - - git clone --recurse-submodules https://git.trustedfirmware.org/hafnium/hafnium.git - cd hafnium - # Use the default prebuilt LLVM/clang toolchain - PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH - make PROJECT=reference - -The Hafnium binary should be located at -*out/reference/secure_aem_v8a_fvp_clang/hafnium.bin* - -**2. Build TF-A** - -Build TF-A with RME as well as SPM enabled. - -.. code:: shell - - make CROSS_COMPILE=aarch64-none-elf- \ - PLAT=fvp \ - ENABLE_RME=1 \ - FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ - SPD=spmd \ - SPMD_SPM_AT_SEL2=1 \ - BRANCH_PROTECTION=1 \ - CTX_INCLUDE_PAUTH_REGS=1 \ - DEBUG=1 \ - SP_LAYOUT_FILE=<path/to/tf-a-tests>/build/fvp/debug/sp_layout.json> \ - BL32=<path/to/hafnium.bin> \ - BL33=<path/to/tftf.bin> \ - all fip - -Running the tests -********************* Use the following command to run the tests on FVP. TF-A Tests should boot -and run the default tests including RME tests. +and run the default tests including Realm world tests. .. code:: shell - FVP_Base_RevC-2xAEMvA \ - -C bp.flashloader0.fname=<path/to/fip.bin> \ - -C bp.secureflashloader.fname=<path/to/bl1.bin> \ - -C bp.refcounter.non_arch_start_at_default=1 \ - -C bp.refcounter.use_real_time=0 \ - -C bp.ve_sysregs.exit_on_shutdown=1 \ - -C cache_state_modelled=1 \ - -C cluster0.NUM_CORES=4 \ - -C cluster0.PA_SIZE=48 \ - -C cluster0.ecv_support_level=2 \ - -C cluster0.gicv3.cpuintf-mmap-access-level=2 \ - -C cluster0.gicv3.without-DS-support=1 \ - -C cluster0.gicv4.mask-virtual-interrupt=1 \ - -C cluster0.has_arm_v8-6=1 \ - -C cluster0.has_branch_target_exception=1 \ - -C cluster0.has_rme=1 \ - -C cluster0.has_rndr=1 \ - -C cluster0.has_amu=1 \ - -C cluster0.has_v8_7_pmu_extension=2 \ - -C cluster0.max_32bit_el=-1 \ - -C cluster0.restriction_on_speculative_execution=2 \ - -C cluster0.restriction_on_speculative_execution_aarch32=2 \ - -C cluster1.NUM_CORES=4 \ - -C cluster1.PA_SIZE=48 \ - -C cluster1.ecv_support_level=2 \ - -C cluster1.gicv3.cpuintf-mmap-access-level=2 \ - -C cluster1.gicv3.without-DS-support=1 \ - -C cluster1.gicv4.mask-virtual-interrupt=1 \ - -C cluster1.has_arm_v8-6=1 \ - -C cluster1.has_branch_target_exception=1 \ - -C cluster1.has_rme=1 \ - -C cluster1.has_rndr=1 \ - -C cluster1.has_amu=1 \ - -C cluster1.has_v8_7_pmu_extension=2 \ - -C cluster1.max_32bit_el=-1 \ - -C cluster1.restriction_on_speculative_execution=2 \ - -C cluster1.restriction_on_speculative_execution_aarch32=2 \ - -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \ - -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \ - -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \ - -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 \ - -C bp.pl011_uart0.out_file=uart0.log \ - -C bp.pl011_uart1.out_file=uart1.log \ - -C bp.pl011_uart2.out_file=uart2.log \ - -C pctl.startup=0.0.0.0 \ - -Q 1000 \ - "$@" + FVP_Base_RevC-2xAEMvA \ + -C bp.refcounter.non_arch_start_at_default=1 \ + -C bp.secureflashloader.fname=<path/to/bl1.bin> \ + -C bp.flashloader0.fname=<path/to/fip.bin> \ + -C bp.refcounter.use_real_time=0 \ + -C bp.ve_sysregs.exit_on_shutdown=1 \ + -C cache_state_modelled=1 \ + -C bp.dram_size=2 \ + -C bp.secure_memory=1 \ + -C pci.pci_smmuv3.mmu.SMMU_ROOT_IDR0=3 \ + -C pci.pci_smmuv3.mmu.SMMU_ROOT_IIDR=0x43B \ + -C pci.pci_smmuv3.mmu.root_register_page_offset=0x20000 \ + -C cluster0.NUM_CORES=4 \ + -C cluster0.PA_SIZE=48 \ + -C cluster0.ecv_support_level=2 \ + -C cluster0.gicv3.cpuintf-mmap-access-level=2 \ + -C cluster0.gicv3.without-DS-support=1 \ + -C cluster0.gicv4.mask-virtual-interrupt=1 \ + -C cluster0.has_arm_v8-6=1 \ + -C cluster0.has_amu=1 \ + -C cluster0.has_branch_target_exception=1 \ + -C cluster0.rme_support_level=2 \ + -C cluster0.has_rndr=1 \ + -C cluster0.has_v8_7_pmu_extension=2 \ + -C cluster0.max_32bit_el=-1 \ + -C cluster0.stage12_tlb_size=1024 \ + -C cluster0.check_memory_attributes=0 \ + -C cluster0.ish_is_osh=1 \ + -C cluster0.restriction_on_speculative_execution=2 \ + -C cluster0.restriction_on_speculative_execution_aarch32=2 \ + -C cluster1.NUM_CORES=4 \ + -C cluster1.PA_SIZE=48 \ + -C cluster1.ecv_support_level=2 \ + -C cluster1.gicv3.cpuintf-mmap-access-level=2 \ + -C cluster1.gicv3.without-DS-support=1 \ + -C cluster1.gicv4.mask-virtual-interrupt=1 \ + -C cluster1.has_arm_v8-6=1 \ + -C cluster1.has_amu=1 \ + -C cluster1.has_branch_target_exception=1 \ + -C cluster1.rme_support_level=2 \ + -C cluster1.has_rndr=1 \ + -C cluster1.has_v8_7_pmu_extension=2 \ + -C cluster1.max_32bit_el=-1 \ + -C cluster1.stage12_tlb_size=1024 \ + -C cluster1.check_memory_attributes=0 \ + -C cluster1.ish_is_osh=1 \ + -C cluster1.restriction_on_speculative_execution=2 \ + -C cluster1.restriction_on_speculative_execution_aarch32=2 \ + -C pctl.startup=0.0.0.0 \ + -C bp.smsc_91c111.enabled=1 \ + -C bp.hostbridge.userNetworking=1 The bottom of the output from *uart0* should look something like the following. @@ -254,14 +255,137 @@ Passed > Test suite 'DebugFS' Passed - > Test suite 'Realm payload tests' + > Test suite 'RMI and SPM tests' + Passed + > Test suite 'Realm payload at EL1' Passed > Test suite 'Invalid memory access' Passed ... +Building TF-A with RME enabled Linux Kernel +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If an RME enabled Linux kernel and filesystem is available for testing, +and a suitable NS boot loader is not available, then this option can be used to +launch kernel directly after BL31: + +.. code-block:: shell + + cd trusted-firmware-a + make CROSS_COMPILE=aarch64-none-elf- \ + PLAT=fvp \ + ENABLE_RME=1 \ + RMM=<path/to/rmm.img> \ + FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ + DEBUG=1 \ + ARM_LINUX_KERNEL_AS_BL33=1 \ + PRELOADED_BL33_BASE=0x84000000 \ + all fip + +Boot and run the RME enabled Linux Kernel +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Use the following additional arguments to boot the kernel on FVP. + +.. code-block:: shell + + --data cluster0.cpu0=<path_to_kernel_Image>@0x84000000 \ + -C bp.virtioblockdevice.image_path=<path_to_rootfs.ext4> + +.. tip:: + + Set the FVP option `cache_state_modelled=0` to run Linux based tests much faster. + +Four-world execution with Hafnium and TF-A Tests +************************************************* + +Four-world execution involves software components in each security state: root, +secure, realm and non-secure. This section describes how to build TF-A +with four-world support. + +We use TF-A as the root firmware, `Hafnium SPM`_ is the reference Secure world component +and the software components for the other 2 worlds (Realm and Non-Secure) +are as described in the previous section. + +**1. Obtain and build Hafnium** + +.. code:: shell + + git clone --recurse-submodules https://git.trustedfirmware.org/hafnium/hafnium.git + cd hafnium + # Use the default prebuilt LLVM/clang toolchain + PATH=$PWD/prebuilts/linux-x64/clang/bin:$PWD/prebuilts/linux-x64/dtc:$PATH + +Feature MTE needs to be disabled in Hafnium build, apply following patch to +project/reference submodule + +.. code:: diff + + diff --git a/BUILD.gn b/BUILD.gn + index cc6a78f..234b20a 100644 + --- a/BUILD.gn + +++ b/BUILD.gn + @@ -83,7 +83,6 @@ aarch64_toolchains("secure_aem_v8a_fvp") { + pl011_base_address = "0x1c090000" + smmu_base_address = "0x2b400000" + smmu_memory_size = "0x100000" + - enable_mte = "1" + plat_log_level = "LOG_LEVEL_INFO" + } + } + +.. code:: shell + + make PROJECT=reference + +The Hafnium binary should be located at +*out/reference/secure_aem_v8a_fvp_clang/hafnium.bin* + +**2. Build TF-A** + +Build TF-A with RME as well as SPM enabled. + +Use sp_layout.json previously generated in tf-a-test build. + +.. code:: shell + + make CROSS_COMPILE=aarch64-none-elf- \ + PLAT=fvp \ + ENABLE_RME=1 \ + FVP_HW_CONFIG_DTS=fdts/fvp-base-gicv3-psci-1t.dts \ + SPD=spmd \ + SPMD_SPM_AT_SEL2=1 \ + BRANCH_PROTECTION=1 \ + CTX_INCLUDE_PAUTH_REGS=1 \ + DEBUG=1 \ + SP_LAYOUT_FILE=<path/to/sp_layout.json> \ + BL32=<path/to/hafnium.bin> \ + BL33=<path/to/tftf.bin> \ + RMM=<path/to/rmm.img> \ + all fip + +Running the tests for a 4 world FVP setup +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Use the following arguments in addition to +`Running the tests for a 3 world FVP setup`_ to run tests for 4 world setup. + +.. code:: shell + + -C pci.pci_smmuv3.mmu.SMMU_AIDR=2 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR0=0x0046123B \ + -C pci.pci_smmuv3.mmu.SMMU_IDR1=0x00600002 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR3=0x1714 \ + -C pci.pci_smmuv3.mmu.SMMU_IDR5=0xFFFF0475 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR1=0xA0000002 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR2=0 \ + -C pci.pci_smmuv3.mmu.SMMU_S_IDR3=0 .. _Arm Confidential Compute Architecture (Arm CCA): https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture .. _Arm Architecture Models website: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models +.. _TF-A Getting Started: https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/index.html .. _TF-A Tests: https://trustedfirmware-a-tests.readthedocs.io/en/latest -.. _Hafnium: https://www.trustedfirmware.org/projects/hafnium +.. _TFTF Getting Started: https://trustedfirmware-a-tests.readthedocs.io/en/latest/getting_started/index.html +.. _Hafnium SPM: https://www.trustedfirmware.org/projects/hafnium +.. _RMM Getting Started: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git/tree/docs/getting_started/index.rst
diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst new file mode 100644 index 0000000..8070ff4 --- /dev/null +++ b/docs/components/rmm-el3-comms-spec.rst
@@ -0,0 +1,543 @@ +RMM-EL3 Communication interface +******************************* + +This document defines the communication interface between RMM and EL3. +There are two parts in this interface: the boot interface and the runtime +interface. + +The Boot Interface defines the ABI between EL3 and RMM when the CPU enters +R-EL2 for the first time after boot. The cold boot interface defines the ABI +for the cold boot path and the warm boot interface defines the same for the +warm path. + +The RMM-EL3 runtime interface defines the ABI for EL3 services which can be +invoked by RMM as well as the register save-restore convention when handling an +SMC call from NS. + +The below sections discuss these interfaces more in detail. + +.. _rmm_el3_ifc_versioning: + +RMM-EL3 Interface versioning +____________________________ + +The RMM Boot and Runtime Interface uses a version number to check +compatibility with the register arguments passed as part of Boot Interface and +RMM-EL3 runtime interface. + +The Boot Manifest, discussed later in section :ref:`rmm_el3_boot_manifest`, +uses a separate version number but with the same scheme. + +The version number is a 32-bit type with the following fields: + +.. csv-table:: + :header: "Bits", "Value" + + [0:15],``VERSION_MINOR`` + [16:30],``VERSION_MAJOR`` + [31],RES0 + +The version numbers are sequentially increased and the rules for updating them +are explained below: + + - ``VERSION_MAJOR``: This value is increased when changes break + compatibility with previous versions. If the changes + on the ABI are compatible with the previous one, ``VERSION_MAJOR`` + remains unchanged. + + - ``VERSION_MINOR``: This value is increased on any change that is backwards + compatible with the previous version. When ``VERSION_MAJOR`` is increased, + ``VERSION_MINOR`` must be set to 0. + + - ``RES0``: Bit 31 of the version number is reserved 0 as to maintain + consistency with the versioning schemes used in other parts of RMM. + +This document specifies the 0.1 version of Boot Interface ABI and RMM-EL3 +services specification and the 0.1 version of the Boot Manifest. + +.. _rmm_el3_boot_interface: + +RMM Boot Interface +__________________ + +This section deals with the Boot Interface part of the specification. + +One of the goals of the Boot Interface is to allow EL3 firmware to pass +down into RMM certain platform specific information dynamically. This allows +RMM to be less platform dependent and be more generic across platform +variations. It also allows RMM to be decoupled from the other boot loader +images in the boot sequence and remain agnostic of any particular format used +for configuration files. + +The Boot Interface ABI defines a set of register conventions and +also a memory based manifest file to pass information from EL3 to RMM. The +boot manifest and the associated platform data in it can be dynamically created +by EL3 and there is no restriction on how the data can be obtained (e.g by DTB, +hoblist or other). + +The register convention and the manifest are versioned separately to manage +future enhancements and compatibility. + +RMM completes the boot by issuing the ``RMM_BOOT_COMPLETE`` SMC (0xC40001CF) +back to EL3. After the RMM has finished the boot process, it can only be +entered from EL3 as part of RMI handling. + +If RMM returns an error during boot (in any CPU), then RMM must not be entered +from any CPU. + +.. _rmm_cold_boot_interface: + +Cold Boot Interface +~~~~~~~~~~~~~~~~~~~ + +During cold boot RMM expects the following register values: + +.. csv-table:: + :header: "Register", "Value" + :widths: 1, 5 + + x0,Linear index of this PE. This index starts from 0 and must be less than the maximum number of CPUs to be supported at runtime (see x2). + x1,Version for this Boot Interface as defined in :ref:`rmm_el3_ifc_versioning`. + x2,Maximum number of CPUs to be supported at runtime. RMM should ensure that it can support this maximum number. + x3,Base address for the shared buffer used for communication between EL3 firmware and RMM. This buffer must be of 4KB size (1 page). The boot manifest must be present at the base of this shared buffer during cold boot. + +During cold boot, EL3 firmware needs to allocate a 4K page that will be +passed to RMM in x3. This memory will be used as shared buffer for communication +between EL3 and RMM. It must be assigned to Realm world and must be mapped with +Normal memory attributes (IWB-OWB-ISH) at EL3. At boot, this memory will be +used to populate the Boot Manifest. Since the Boot Manifest can be accessed by +RMM prior to enabling its MMU, EL3 must ensure that proper cache maintenance +operations are performed after the Boot Manifest is populated. + +EL3 should also ensure that this shared buffer is always available for use by RMM +during the lifetime of the system and that it can be used for runtime +communication between RMM and EL3. For example, when RMM invokes attestation +service commands in EL3, this buffer can be used to exchange data between RMM +and EL3. It is also allowed for RMM to invoke runtime services provided by EL3 +utilizing this buffer during the boot phase, prior to return back to EL3 via +RMM_BOOT_COMPLETE SMC. + +RMM should map this memory page into its Stage 1 page-tables using Normal +memory attributes. + +During runtime, it is the RMM which initiates any communication with EL3. If that +communication requires the use of the shared area, it is expected that RMM needs +to do the necessary concurrency protection to prevent the use of the same buffer +by other PEs. + +The following sequence diagram shows how a generic EL3 Firmware would boot RMM. + +.. image:: ../resources/diagrams/rmm_cold_boot_generic.png + +Warm Boot Interface +~~~~~~~~~~~~~~~~~~~ + +At warm boot, RMM is already initialized and only some per-CPU initialization +is still pending. The only argument that is required by RMM at this stage is +the CPU Id, which will be passed through register x0 whilst x1 to x3 are RES0. +This is summarized in the following table: + +.. csv-table:: + :header: "Register", "Value" + :widths: 1, 5 + + x0,Linear index of this PE. This index starts from 0 and must be less than the maximum number of CPUs to be supported at runtime (see x2). + x1 - x3,RES0 + +Boot error handling and return values +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +After boot up and initialization, RMM returns control back to EL3 through a +``RMM_BOOT_COMPLETE`` SMC call. The only argument of this SMC call will +be returned in x1 and it will encode a signed integer with the error reason +as per the following table: + +.. csv-table:: + :header: "Error code", "Description", "ID" + :widths: 2 4 1 + + ``E_RMM_BOOT_SUCCESS``,Boot successful,0 + ``E_RMM_BOOT_ERR_UNKNOWN``,Unknown error,-1 + ``E_RMM_BOOT_VERSION_NOT_VALID``,Boot Interface version reported by EL3 is not supported by RMM,-2 + ``E_RMM_BOOT_CPUS_OUT_OF_RAGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3 + ``E_RMM_BOOT_CPU_ID_OUT_OF_RAGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4 + ``E_RMM_BOOT_INVALID_SHARED_BUFFER``,Invalid pointer to shared memory area,-5 + ``E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED``,Version reported by the boot manifest not supported by RMM,-6 + ``E_RMM_BOOT_MANIFEST_DATA_ERROR``,Error parsing core boot manifest,-7 + +For any error detected in RMM during cold or warm boot, RMM will return back to +EL3 using ``RMM_BOOT_COMPLETE`` SMC with an appropriate error code. It is +expected that EL3 will take necessary action to disable Realm world for further +entry from NS Host on receiving an error. This will be done across all the PEs +in the system so as to present a symmetric view to the NS Host. Any further +warm boot by any PE should not enter RMM using the warm boot interface. + +.. _rmm_el3_boot_manifest: + +Boot Manifest +~~~~~~~~~~~~~ + +During cold boot, EL3 Firmware passes a memory boot manifest to RMM containing +platform information. + +This boot manifest is versioned independently of the boot interface, to help +evolve the boot manifest independent of the rest of Boot Manifest. +The current version for the boot manifest is ``v0.1`` and the rules explained +in :ref:`rmm_el3_ifc_versioning` apply on this version as well. + +The boot manifest is divided into two different components: + + - Core Manifest: This is the generic parameters passed to RMM by EL3 common to all platforms. + - Platform data: This is defined by the platform owner and contains information specific to that platform. + +For the current version of the manifest, the core manifest contains a pointer +to the platform data. EL3 must ensure that the whole boot manifest, +including the platform data, if available, fits inside the RMM EL3 shared +buffer. + +For the type specification of the RMM Boot Manifest v0.1, refer to +:ref:`rmm_el3_manifest_struct` + +.. _runtime_services_and_interface: + +RMM-EL3 Runtime Interface +__________________________ + +This section defines the RMM-EL3 runtime interface which specifies the ABI for +EL3 services expected by RMM at runtime as well as the register save and +restore convention between EL3 and RMM as part of RMI call handling. It is +important to note that RMM is allowed to invoke EL3-RMM runtime interface +services during the boot phase as well. The EL3 runtime service handling must +not result in a world switch to another world unless specified. Both the RMM +and EL3 are allowed to make suitable optimizations based on this assumption. + +If the interface requires the use of memory, then the memory references should +be within the shared buffer communicated as part of the boot interface. See +:ref:`rmm_cold_boot_interface` for properties of this shared buffer which both +EL3 and RMM must adhere to. + +RMM-EL3 runtime service return codes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The return codes from EL3 to RMM is a 32 bit signed integer which encapsulates +error condition as described in the following table: + +.. csv-table:: + :header: "Error code", "Description", "ID" + :widths: 2 4 1 + + ``E_RMM_OK``,No errors detected,0 + ``E_RMM_UNK``,Unknown/Generic error,-1 + ``E_RMM_BAD_ADDR``,The value of an address used as argument was invalid,-2 + ``E_RMM_BAD_PAS``,Incorrect PAS,-3 + ``E_RMM_NOMEM``,Not enough memory to perform an operation,-4 + ``E_RMM_INVAL``,The value of an argument was invalid,-5 + +If multiple failure conditions are detected in an RMM to EL3 command, then EL3 +is allowed to return an error code corresponding to any of the failure +conditions. + +RMM-EL3 runtime services +~~~~~~~~~~~~~~~~~~~~~~~~ + +The following table summarizes the RMM runtime services that need to be +implemented by EL3 Firmware. + +.. csv-table:: + :header: "FID", "Command" + :widths: 2 5 + + 0xC400018F,``RMM_RMI_REQ_COMPLETE`` + 0xC40001B0,``RMM_GTSI_DELEGATE`` + 0xC40001B1,``RMM_GTSI_UNDELEGATE`` + 0xC40001B2,``RMM_ATTEST_GET_REALM_KEY`` + 0xC40001B3,``RMM_ATTEST_GET_PLAT_TOKEN`` + +RMM_RMI_REQ_COMPLETE command +============================ + +Notifies the completion of an RMI call to the Non-Secure world. + +This call is the only function currently in RMM-EL3 runtime interface which +results in a world switch to NS. This call is the reply to the original RMI +call and it is forwarded by EL3 to the NS world. + +FID +--- + +``0xC400018F`` + +Input values +------------ + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + fid,x0,[63:0],UInt64,Command FID + err_code,x1,[63:0],RmiCommandReturnCode,Error code returned by the RMI service invoked by NS World. See Realm Management Monitor specification for more info + +Output values +------------- + +This call does not return. + +Failure conditions +------------------ + +Since this call does not return to RMM, there is no failure condition which +can be notified back to RMM. + +RMM_GTSI_DELEGATE command +========================= + +Delegate a memory granule by changing its PAS from Non-Secure to Realm. + +FID +--- + +``0xC40001B0`` + +Input values +------------ + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + fid,x0,[63:0],UInt64,Command FID + base_pa,x1,[63:0],Address,PA of the start of the granule to be delegated + +Output values +------------- + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 2 4 + + Result,x0,[63:0],Error Code,Command return status + +Failure conditions +------------------ + +The table below shows all the possible error codes returned in ``Result`` upon +a failure. The errors are ordered by condition check. + +.. csv-table:: + :header: "ID", "Condition" + :widths: 1 5 + + ``E_RMM_BAD_ADDR``,``PA`` does not correspond to a valid granule address + ``E_RMM_BAD_PAS``,The granule pointed by ``PA`` does not belong to Non-Secure PAS + ``E_RMM_OK``,No errors detected + +RMM_GTSI_UNDELEGATE command +=========================== + +Undelegate a memory granule by changing its PAS from Realm to Non-Secure. + +FID +--- + +``0xC40001B1`` + +Input values +------------ + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + fid,x0,[63:0],UInt64,Command FID + base_pa,x1,[63:0],Address,PA of the start of the granule to be undelegated + +Output values +------------- + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 2 4 + + Result,x0,[63:0],Error Code,Command return status + +Failure conditions +------------------ + +The table below shows all the possible error codes returned in ``Result`` upon +a failure. The errors are ordered by condition check. + +.. csv-table:: + :header: "ID", "Condition" + :widths: 1 5 + + ``E_RMM_BAD_ADDR``,``PA`` does not correspond to a valid granule address + ``E_RMM_BAD_PAS``,The granule pointed by ``PA`` does not belong to Realm PAS + ``E_RMM_OK``,No errors detected + +RMM_ATTEST_GET_REALM_KEY command +================================ + +Retrieve the Realm Attestation Token Signing key from EL3. + +FID +--- + +``0xC40001B2`` + +Input values +------------ + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + fid,x0,[63:0],UInt64,Command FID + buf_pa,x1,[63:0],Address,PA where the Realm Attestation Key must be stored by EL3. The PA must belong to the shared buffer + buf_size,x2,[63:0],Size,Size in bytes of the Realm Attestation Key buffer. ``bufPa + bufSize`` must lie within the shared buffer + ecc_curve,x3,[63:0],Enum,Type of the elliptic curve to which the requested attestation key belongs to. See :ref:`ecc_curves` + +Output values +------------- + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + Result,x0,[63:0],Error Code,Command return status + keySize,x1,[63:0],Size,Size of the Realm Attestation Key + +Failure conditions +------------------ + +The table below shows all the possible error codes returned in ``Result`` upon +a failure. The errors are ordered by condition check. + +.. csv-table:: + :header: "ID", "Condition" + :widths: 1 5 + + ``E_RMM_BAD_ADDR``,``PA`` is outside the shared buffer + ``E_RMM_INVAL``,``PA + BSize`` is outside the shared buffer + ``E_RMM_INVAL``,``Curve`` is not one of the listed in :ref:`ecc_curves` + ``E_RMM_UNK``,An unknown error occurred whilst processing the command + ``E_RMM_OK``,No errors detected + +.. _ecc_curves: + +Supported ECC Curves +-------------------- + +.. csv-table:: + :header: "ID", "Curve" + :widths: 1 5 + + 0,ECC SECP384R1 + +RMM_ATTEST_GET_PLAT_TOKEN command +================================= + +Retrieve the Platform Token from EL3. + +FID +--- + +``0xC40001B3`` + +Input values +------------ + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + fid,x0,[63:0],UInt64,Command FID + buf_pa,x1,[63:0],Address,PA of the platform attestation token. The challenge object is passed in this buffer. The PA must belong to the shared buffer + buf_size,x2,[63:0],Size,Size in bytes of the platform attestation token buffer. ``bufPa + bufSize`` must lie within the shared buffer + c_size,x3,[63:0],Size,Size in bytes of the challenge object. It corresponds to the size of one of the defined SHA algorithms + +Output values +------------- + +.. csv-table:: + :header: "Name", "Register", "Field", "Type", "Description" + :widths: 1 1 1 1 5 + + Result,x0,[63:0],Error Code,Command return status + tokenSize,x1,[63:0],Size,Size of the platform token + +Failure conditions +------------------ + +The table below shows all the possible error codes returned in ``Result`` upon +a failure. The errors are ordered by condition check. + +.. csv-table:: + :header: "ID", "Condition" + :widths: 1 5 + + ``E_RMM_BAD_ADDR``,``PA`` is outside the shared buffer + ``E_RMM_INVAL``,``PA + BSize`` is outside the shared buffer + ``E_RMM_INVAL``,``CSize`` does not represent the size of a supported SHA algorithm + ``E_RMM_UNK``,An unknown error occurred whilst processing the command + ``E_RMM_OK``,No errors detected + +RMM-EL3 world switch register save restore convention +_____________________________________________________ + +As part of NS world switch, EL3 is expected to maintain a register context +specific to each world and will save and restore the registers +appropriately. This section captures the contract between EL3 and RMM on the +register set to be saved and restored. + +EL3 must maintain a separate register context for the following: + + #. General purpose registers (x0-x30) and ``sp_el0``, ``sp_el2`` stack pointers + #. EL2 system register context for all enabled features by EL3. These include system registers with the ``_EL2`` prefix. The EL2 physical and virtual timer registers must not be included in this. + +As part of SMC forwarding between the NS world and Realm world, EL3 allows x0-x7 to be passed +as arguments to Realm and x0-x4 to be used for return arguments back to Non Secure. +As per SMCCCv1.2, x4 must be preserved if not being used as return argument by the SMC function +and it is the responsibility of RMM to preserve this or use this as a return argument. +EL3 will always copy x0-x4 from Realm context to NS Context. + +EL3 will not save some registers as mentioned in the below list. It is the +responsibility of RMM to ensure that these are appropriately saved if the +Realm World makes use of them: + + #. FP/SIMD registers + #. SVE registers + #. SME registers + #. EL1/0 registers + +It is the responsibility of EL3 that any other registers other than the ones mentioned above +will not be leaked to the NS Host and to maintain the confidentiality of the Realm World. + +SMCCC v1.3 allows NS world to specify whether SVE context is in use. In this +case, RMM could choose to not save the incoming SVE context but must ensure +to clear SVE registers if they have been used in Realm World. The same applies +to SME registers. + +Types +_____ + +.. _rmm_el3_manifest_struct: + +RMM-EL3 Boot Manifest Version +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The RMM-EL3 Boot Manifest structure contains platform boot information passed +from EL3 to RMM. The width of the Boot Manifest is 128 bits + +.. image:: ../resources/diagrams/rmm_el3_manifest_struct.png + +The members of the RMM-EL3 Boot Manifest structure are shown in the following +table: + +.. csv-table:: + :header: "Name", "Range", "Type", Description + :widths: 2 1 1 4 + + ``Version Minor``,15:0,uint16_t,Version Minor part of the Boot Manifest Version. + ``Version Major``,30:16,uint16_t,Version Major part of the Boot Manifest Version. + ``RES0``,31,bit,Reserved. Set to 0. + ``Platform Data``,127:64,Address,Pointer to the Platform Data section of the Boot Manifest.
diff --git a/docs/components/secure-partition-manager.rst b/docs/components/secure-partition-manager.rst index 18d870b..cd439ad 100644 --- a/docs/components/secure-partition-manager.rst +++ b/docs/components/secure-partition-manager.rst
@@ -794,6 +794,8 @@ - ``FFA_SECONDARY_EP_REGISTER`` - ``FFA_MEM_PERM_GET`` - ``FFA_MEM_PERM_SET`` + - ``FFA_MSG_SEND2`` + - ``FFA_RX_ACQUIRE`` FFA_VERSION ~~~~~~~~~~~ @@ -827,7 +829,11 @@ When invoked from the Hypervisor or OS kernel, the buffers are mapped into the SPMC EL2 Stage-1 translation regime and marked as NS buffers in the MMU -descriptors. +descriptors. The provided addresses may be owned by a VM in the normal world, +which is expected to receive messages from the secure world. The SPMC will in +this case allocate internal state structures to facilitate RX buffer access +synchronization (through FFA_RX_ACQUIRE interface), and to permit SPs to send +messages. The FFA_RXTX_UNMAP unmaps the RX/TX pair from the translation regime of the caller, either it being the Hypervisor or OS kernel, as well as a secure @@ -969,6 +975,53 @@ A secondary EC is first resumed either upon invocation of PSCI_CPU_ON from the NWd or by invocation of FFA_RUN. +FFA_RX_ACQUIRE/FFA_RX_RELEASE +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The RX buffers can be used to pass information to an FF-A endpoint in the +following scenarios: + + - When it was targetted by a FFA_MSG_SEND2 invokation from another endpoint. + - Return the result of calling ``FFA_PARTITION_INFO_GET``. + - In a memory share operation, as part of the ``FFA_MEM_RETRIEVE_RESP``, + with the memory descriptor of the shared memory. + +If a normal world VM is expected to exchange messages with secure world, +its RX/TX buffer addresses are forwarded to the SPMC via FFA_RXTX_MAP ABI, +and are from this moment owned by the SPMC. +The hypervisor must call the FFA_RX_ACQUIRE interface before attempting +to use the RX buffer, in any of the aforementioned scenarios. A successful +call to FFA_RX_ACQUIRE transfers ownership of RX buffer to hypervisor, such +that it can be safely used. + +The FFA_RX_RELEASE interface is used after the FF-A endpoint is done with +processing the data received in its RX buffer. If the RX buffer has been +acquired by the hypervisor, the FFA_RX_RELEASE call must be forwarded to +the SPMC to reestablish SPMC's RX ownership. + +An attempt from an SP to send a message to a normal world VM whose RX buffer +was acquired by the hypervisor fails with error code FFA_BUSY, to preserve +the RX buffer integrity. +The operation could then be conducted after FFA_RX_RELEASE. + +FFA_MSG_SEND2 +~~~~~~~~~~~~~ + +Hafnium copies a message from the sender TX buffer into receiver's RX buffer. +For messages from SPs to VMs, operation is only possible if the SPMC owns +the receiver's RX buffer. + +Both receiver and sender need to enable support for indirect messaging, +in their respective partition manifest. The discovery of support +of such feature can be done via FFA_PARTITION_INFO_GET. + +On a successful message send, Hafnium pends an RX buffer full framework +notification for the receiver, to inform it about a message in the RX buffer. + +The handling of framework notifications is similar to that of +global notifications. Binding of these is not necessary, as these are +reserved to be used by the hypervisor or SPMC. + SPMC-SPMD direct requests/responses ----------------------------------- @@ -1009,6 +1062,40 @@ For S-EL0 partitions with VHE enabled, a single secure EL2&0 Stage-1 translation regime is used for both Hafnium and the partition. +Schedule modes and SP Call chains +--------------------------------- + +An SP execution context is said to be in SPMC scheduled mode if CPU cycles are +allocated to it by SPMC. Correspondingly, an SP execution context is said to be +in Normal world scheduled mode if CPU cycles are allocated by the normal world. + +A call chain represents all SPs in a sequence of invocations of a direct message +request. When execution on a PE is in the secure state, only a single call chain +that runs in the Normal World scheduled mode can exist. FF-A v1.1 spec allows +any number of call chains to run in the SPMC scheduled mode but the Hafnium +SPMC restricts the number of call chains in SPMC scheduled mode to only one for +keeping the implementation simple. + +Partition runtime models +------------------------ + +The runtime model of an endpoint describes the transitions permitted for an +execution context between various states. These are the four partition runtime +models supported (refer to `[1]`_ section 7): + + - RTM_FFA_RUN: runtime model presented to an execution context that is + allocated CPU cycles through FFA_RUN interface. + - RTM_FFA_DIR_REQ: runtime model presented to an execution context that is + allocated CPU cycles through FFA_MSG_SEND_DIRECT_REQ interface. + - RTM_SEC_INTERRUPT: runtime model presented to an execution context that is + allocated CPU cycles by SPMC to handle a secure interrupt. + - RTM_SP_INIT: runtime model presented to an execution context that is + allocated CPU cycles by SPMC to initialize its state. + +If an endpoint execution context attempts to make an invalid transition or a +valid transition that could lead to a loop in the call chain, SPMC denies the +transition with the help of above runtime models. + Interrupt management -------------------- @@ -1020,44 +1107,58 @@ IDs based on SP manifests. The SPMC acknowledges physical interrupts and injects virtual interrupts by setting the use of vIRQ/vFIQ bits before resuming a SP. +Abbreviations: + + - NS-Int: A non-secure physical interrupt. It requires a switch to the normal + world to be handled if it triggers while execution is in secure world. + - Other S-Int: A secure physical interrupt targeted to an SP different from + the one that is currently running. + - Self S-Int: A secure physical interrupt targeted to the SP that is currently + running. + Non-secure interrupt handling ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The following illustrate the scenarios of non secure physical interrupts trapped -by the SPMC: +This section documents the actions supported in SPMC in response to a non-secure +interrupt as per the guidance provided by FF-A v1.1 EAC0 specification. +An SP specifies one of the following actions in its partition manifest: -- The SP handles a managed exit operation: + - Non-secure interrupt is signaled. + - Non-secure interrupt is signaled after a managed exit. + - Non-secure interrupt is queued. -.. image:: ../resources/diagrams/ffa-ns-interrupt-handling-managed-exit.png - -- The SP is pre-empted without managed exit: - -.. image:: ../resources/diagrams/ffa-ns-interrupt-handling-sp-preemption.png +An SP execution context in a call chain could specify a less permissive action +than subsequent SP execution contexts in the same call chain. The less +permissive action takes precedence over the more permissive actions specified +by the subsequent execution contexts. Please refer to FF-A v1.1 EAC0 section +8.3.1 for further explanation. Secure interrupt handling -------------------------- +~~~~~~~~~~~~~~~~~~~~~~~~~ This section documents the support implemented for secure interrupt handling in -SPMC as per the guidance provided by FF-A v1.1 Beta0 specification. +SPMC as per the guidance provided by FF-A v1.1 EAC0 specification. The following assumptions are made about the system configuration: - In the current implementation, S-EL1 SPs are expected to use the para - virtualized ABIs for interrupt management rather than accessing virtual GIC - interface. + virtualized ABIs for interrupt management rather than accessing the virtual + GIC interface. - Unless explicitly stated otherwise, this support is applicable only for S-EL1 SPs managed by SPMC. - Secure interrupts are configured as G1S or G0 interrupts. - All physical interrupts are routed to SPMC when running a secure partition execution context. + - All endpoints with multiple execution contexts have their contexts pinned + to corresponding CPUs. Hence, a secure virtual interrupt cannot be signaled + to a target vCPU that is currently running or blocked on a different + physical CPU. -A physical secure interrupt could preempt normal world execution. Moreover, when -the execution is in secure world, it is highly likely that the target of a -secure interrupt is not the currently running execution context of an SP. It -could be targeted to another FF-A component. Consequently, secure interrupt -management depends on the state of the target execution context of the SP that -is responsible for handling the interrupt. Hence, the spec provides guidance on -how to signal start and completion of secure interrupt handling as discussed in -further sections. +A physical secure interrupt could trigger while CPU is executing in normal world +or secure world. +The action of SPMC for a secure interrupt depends on: the state of the target +execution context of the SP that is responsible for handling the interrupt; +whether the interrupt triggered while execution was in normal world or secure +world. Secure interrupt signaling mechanisms ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -1100,47 +1201,46 @@ - ``FFA_MSG_WAIT`` ABI if it was in WAITING state. - ``FFA_RUN`` ABI if its was in BLOCKED state. -In the current implementation, S-EL1 SPs use para-virtualized HVC interface -implemented by SPMC to perform priority drop and interrupt deactivation (we -assume EOImode = 0, i.e. priority drop and deactivation are done together). +This is a remnant of SPMC implementation based on the FF-A v1.0 specification. +In the current implementation, S-EL1 SPs use the para-virtualized HVC interface +implemented by SPMC to perform priority drop and interrupt deactivation (SPMC +configures EOImode = 0, i.e. priority drop and deactivation are done together). +The SPMC performs checks to deny the state transition upon invocation of +either FFA_MSG_WAIT or FFA_RUN interface if the SP didn't perform the +deactivation of the secure virtual interrupt. -If normal world execution was preempted by secure interrupt, SPMC uses +If the current SP execution context was preempted by a secure interrupt to be +handled by execution context of target SP, SPMC resumes current SP after signal +completion by target SP execution context. + +Actions for a secure interrupt triggered while execution is in normal world +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ++-------------------+----------+-----------------------------------------------+ +| State of target | Action | Description | +| execution context | | | ++-------------------+----------+-----------------------------------------------+ +| WAITING | Signaled | This starts a new call chain in SPMC scheduled| +| | | mode. | ++-------------------+----------+-----------------------------------------------+ +| PREEMPTED | Queued | The target execution must have been preempted | +| | | by a non-secure interrupt. SPMC queues the | +| | | secure virtual interrupt now. It is signaled | +| | | when the target execution context next enters | +| | | the RUNNING state. | ++-------------------+----------+-----------------------------------------------+ +| BLOCKED, RUNNING | NA | The target execution context is blocked or | +| | | running on a different CPU. This is not | +| | | supported by current SPMC implementation and | +| | | execution hits panic. | ++-------------------+----------+-----------------------------------------------+ + +If normal world execution was preempted by a secure interrupt, SPMC uses FFA_NORMAL_WORLD_RESUME ABI to indicate completion of secure interrupt handling -and further return execution to normal world. If the current SP execution -context was preempted by a secure interrupt to be handled by execution context -of target SP, SPMC resumes current SP after signal completion by target SP -execution context. +and further returns execution to normal world. -An action is broadly a set of steps taken by the SPMC in response to a physical -interrupt. In order to simplify the design, the current version of secure -interrupt management support in SPMC (Hafnium) does not fully implement the -Scheduling models and Partition runtime models. However, the current -implementation loosely maps to the following actions that are legally allowed -by the specification. Please refer to the Table 8.4 in the spec for further -description of actions. The action specified for a type of interrupt when the -SP is in the message processing running state cannot be less permissive than the -action specified for the same type of interrupt when the SP is in the interrupt -handling running state. - -+--------------------+--------------------+------------+-------------+ -| Runtime Model | NS-Int | Self S-Int | Other S-Int | -+--------------------+--------------------+------------+-------------+ -| Message Processing | Signalable with ME | Signalable | Signalable | -+--------------------+--------------------+------------+-------------+ -| Interrupt Handling | Queued | Queued | Queued | -+--------------------+--------------------+------------+-------------+ - -Abbreviations: - - - NS-Int: A Non-secure physical interrupt. It requires a switch to the Normal - world to be handled. - - Other S-Int: A secure physical interrupt targeted to an SP different from - the one that is currently running. - - Self S-Int: A secure physical interrupt targeted to the SP that is currently - running. - -The following figure describes interrupt handling flow when secure interrupt -triggers while in normal world: +The following figure describes interrupt handling flow when a secure interrupt +triggers while execution is in normal world: .. image:: ../resources/diagrams/ffa-secure-interrupt-handling-nwd.png @@ -1151,40 +1251,78 @@ - 3) SPMD signals secure interrupt to SPMC at S-EL2 using FFA_INTERRUPT ABI. - 4) SPMC identifies target vCPU of SP and injects virtual interrupt (pends vIRQ). - - 5) Since SP1 vCPU is in WAITING state, SPMC signals using FFA_INTERRUPT with - interrupt id as argument and resume it using ERET. - - 6) Execution traps to vIRQ handler in SP1 provided that interrupt is not - masked i.e., PSTATE.I = 0 - - 7) SP1 services the interrupt and invokes the de-activation HVC call. - - 8) SPMC does internal state management and further de-activates the physical - interrupt and resumes SP vCPU. - - 9) SP performs secure interrupt completion through FFA_MSG_WAIT ABI. + - 5) Assuming SP1 vCPU is in WAITING state, SPMC signals virtual interrupt + using FFA_INTERRUPT with interrupt id as an argument and resumes the SP1 + vCPU using ERET in SPMC scheduled mode. + - 6) Execution traps to vIRQ handler in SP1 provided that the virtual + interrupt is not masked i.e., PSTATE.I = 0 + - 7) SP1 queries for the pending virtual interrupt id using a paravirtualized + HVC call. SPMC clears the pending virtual interrupt state management + and returns the pending virtual interrupt id. + - 8) SP1 services the virtual interrupt and invokes the paravirtualized + de-activation HVC call. SPMC de-activates the physical interrupt, + clears the fields tracking the secure interrupt and resumes SP1 vCPU. + - 9) SP1 performs secure interrupt completion through FFA_MSG_WAIT ABI. - 10) SPMC returns control to EL3 using FFA_NORMAL_WORLD_RESUME. - 11) EL3 resumes normal world execution. -The following figure describes interrupt handling flow when secure interrupt -triggers while in secure world: +Actions for a secure interrupt triggered while execution is in secure world +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ++-------------------+----------+------------------------------------------------+ +| State of target | Action | Description | +| execution context | | | ++-------------------+----------+------------------------------------------------+ +| WAITING | Signaled | This starts a new call chain in SPMC scheduled | +| | | mode. | ++-------------------+----------+------------------------------------------------+ +| PREEMPTED by Self | Signaled | The target execution context reenters the | +| S-Int | | RUNNING state to handle the secure virtual | +| | | interrupt. | ++-------------------+----------+------------------------------------------------+ +| PREEMPTED by | Queued | SPMC queues the secure virtual interrupt now. | +| NS-Int | | It is signaled when the target execution | +| | | context next enters the RUNNING state. | ++-------------------+----------+------------------------------------------------+ +| BLOCKED | Signaled | Both preempted and target execution contexts | +| | | must have been part of the Normal world | +| | | scheduled call chain. Refer scenario 1 of | +| | | Table 8.4 in the FF-A v1.1 EAC0 spec. | ++-------------------+----------+------------------------------------------------+ +| RUNNING | NA | The target execution context is running on a | +| | | different CPU. This scenario is not supported | +| | | by current SPMC implementation and execution | +| | | hits panic. | ++-------------------+----------+------------------------------------------------+ + +The following figure describes interrupt handling flow when a secure interrupt +triggers while execution is in secure world. We assume OS kernel sends a direct +request message to SP1. Further, SP1 sends a direct request message to SP2. SP1 +enters BLOCKED state and SPMC resumes SP2. .. image:: ../resources/diagrams/ffa-secure-interrupt-handling-swd.png A brief description of the events: - - 1) Secure interrupt triggers while SP2 is running and SP1 is blocked. - - 2) Gets trapped to SPMC as IRQ. + - 1) Secure interrupt triggers while SP2 is running. + - 2) SP2 gets preempted and execution traps to SPMC as IRQ. - 3) SPMC finds the target vCPU of secure partition responsible for handling this secure interrupt. In this scenario, it is SP1. - 4) SPMC pends vIRQ for SP1 and signals through FFA_INTERRUPT interface. - SPMC further resumes SP1 through ERET conduit. - - 5) Execution traps to vIRQ handler in SP1 provided that interrupt is not - masked i.e., PSTATE.I = 0 - - 6) SP1 services the secure interrupt and invokes the de-activation HVC call. - - 7) SPMC does internal state management, de-activates the physical interrupt - and resumes SP1 vCPU. - - 8) Assuming SP1 is in BLOCKED state, SP1 performs secure interrupt completion - through FFA_RUN ABI. + SPMC further resumes SP1 through ERET conduit. Note that SP1 remains in + Normal world schedule mode. + - 6) Execution traps to vIRQ handler in SP1 provided that the virtual + interrupt is not masked i.e., PSTATE.I = 0 + - 7) SP1 queries for the pending virtual interrupt id using a paravirtualized + HVC call. SPMC clears the pending virtual interrupt state management + and returns the pending virtual interrupt id. + - 8) SP1 services the virtual interrupt and invokes the paravirtualized + de-activation HVC call. SPMC de-activates the physical interrupt and + clears the fields tracking the secure interrupt and resumes SP1 vCPU. + - 9) Since SP1 direct request completed with FFA_INTERRUPT, it resumes the + direct request to SP2 by invoking FFA_RUN. - 9) SPMC resumes the pre-empted vCPU of SP2. - Power management ---------------- @@ -1374,13 +1512,13 @@ capable of migrating, and the SPMC enforces this requirement. The SPMC allows a S-EL0 partition to accept a direct message from secure world and normal world, and generate direct responses to them. +All S-EL0 partitions must use AArch64. AArch32 S-EL0 partitions are not supported. -Memory sharing between and with S-EL0 partitions is supported. -Indirect messaging, Interrupt handling and Notifications are not supported with -S-EL0 partitions and is work in progress, planned for future releases. -All S-EL0 partitions must use AArch64. AArch32 S-EL0 partitions are not -supported. +Memory sharing, indirect messaging, and notifications functionality with S-EL0 +partitions is supported. +Interrupt handling is not supported with S-EL0 partitions and is work in +progress. References ==========
diff --git a/docs/components/spd/index.rst b/docs/components/spd/index.rst index 25d0124..6857806 100644 --- a/docs/components/spd/index.rst +++ b/docs/components/spd/index.rst
@@ -8,3 +8,4 @@ optee-dispatcher tlk-dispatcher trusty-dispatcher + pnc-dispatcher
diff --git a/docs/components/spd/pnc-dispatcher.rst b/docs/components/spd/pnc-dispatcher.rst new file mode 100644 index 0000000..5be2fc7 --- /dev/null +++ b/docs/components/spd/pnc-dispatcher.rst
@@ -0,0 +1,10 @@ +ProvenCore Dispatcher +===================== + +ProvenCore dispatcher (PnC-D) adds support for ProvenRun's ProvenCore micro-kernel +to work with Trusted Firmware-A (TF-A). + +ProvenCore is a secure OS developed by ProvenRun S.A.S. using deductive formal methods. + +Once a BL32 is ready, PnC-D can be included in the image by adding "SPD=pncd" +to the build command.
diff --git a/docs/conf.py b/docs/conf.py index ef77f6b..371632a 100644 --- a/docs/conf.py +++ b/docs/conf.py
@@ -36,12 +36,13 @@ # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. -language = None +language = "en" # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. # This pattern also affects html_static_path and html_extra_path . -exclude_patterns = [] +# Don't try to build the venv in case it's placed with the sources +exclude_patterns = [".env", "env", ".venv", "venv"] # The name of the Pygments (syntax highlighting) style to use. pygments_style = 'sphinx'
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst index fbd2cbc..55e265c 100644 --- a/docs/design/cpu-specific-build-macros.rst +++ b/docs/design/cpu-specific-build-macros.rst
@@ -256,6 +256,10 @@ - ``ERRATA_A76_1946160``: This applies errata 1946160 workaround to Cortex-A76 CPU. This needs to be enabled only for revisions r3p0 - r4p1 of the CPU. +- ``ERRATA_A76_2743102``: This applies errata 2743102 workaround to Cortex-A76 + CPU. This needs to be enabled for all revisions <= r4p1 of the CPU and is + still open. + For Cortex-A77, the following errata build flags are defined : - ``ERRATA_A77_1508412``: This applies errata 1508412 workaround to Cortex-A77 @@ -270,6 +274,15 @@ - ``ERRATA_A77_1791578``: This applies errata 1791578 workaround to Cortex-A77 CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open. +- ``ERRATA_A77_2356587``: This applies errata 2356587 workaround to Cortex-A77 + CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open. + + - ``ERRATA_A77_1800714``: This applies errata 1800714 workaround to Cortex-A77 + CPU. This needs to be enabled for revisions <= r1p1 of the CPU. + + - ``ERRATA_A77_2743100``: This applies errata 2743100 workaround to Cortex-A77 + CPU. This needs to be enabled for r0p0, r1p0, and r1p1, it is still open. + For Cortex-A78, the following errata build flags are defined : - ``ERRATA_A78_1688305``: This applies errata 1688305 workaround to Cortex-A78 @@ -322,6 +335,24 @@ Cortex-A78 AE CPU. This needs to be enabled for revisions r0p0 and r0p1. This erratum is still open. +For Cortex-A78C, the following errata build flags are defined : + +- ``ERRATA_A78C_2132064`` : This applies errata 2132064 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1, r0p2 and + it is still open. + +- ``ERRATA_A78C_2242638`` : This applies errata 2242638 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1, r0p2 and + it is still open. + +- ``ERRATA_A78C_2376749`` : This applies errata 2376749 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This + erratum is still open. + +- ``ERRATA_A78C_2395411`` : This applies errata 2395411 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This + erratum is still open. + For Cortex-X1 CPU, the following errata build flags are defined: - ``ERRATA_X1_1821534`` : This applies errata 1821534 workaround to Cortex-X1 @@ -375,8 +406,16 @@ CPU. This needs to be enabled for revisions r3p0, r3p1, r4p0, and r4p1, for revisions r0p0, r1p0, and r2p0 there is no workaround. +- ``ERRATA_N1_2743102``: This applies errata 2743102 workaround to Neoverse-N1 + CPU. This needs to be enabled for all revisions <= r4p1 of the CPU and is + still open. + For Neoverse V1, the following errata build flags are defined : +- ``ERRATA_V1_1618635``: This applies errata 1618635 workaround to Neoverse-V1 + CPU. This needs to be enabled for revision r0p0 of the CPU, it is fixed in + r1p0. + - ``ERRATA_V1_1774420``: This applies errata 1774420 workaround to Neoverse-V1 CPU. This needs to be enabled only for revisions r0p0 and r1p0, it is fixed in r1p1. @@ -414,6 +453,13 @@ issue is present in r0p0 as well but there is no workaround for that revision. It is still open. +- ``ERRATA_V1_2294912``: This applies errata 2294912 workaround to Neoverse-V1 + CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 of the CPU. + +- ``ERRATA_V1_2372203``: This applies errata 2372203 workaround to Neoverse-V1 + CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU. + It is still open. + For Cortex-A710, the following errata build flags are defined : - ``ERRATA_A710_1987031``: This applies errata 1987031 workaround to @@ -448,14 +494,30 @@ Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 of the CPU and is fixed in r2p1. +- ``ERRATA_A710_2147715``: This applies errata 2147715 workaround to + Cortex-A710 CPU. This needs to be enabled for revision r2p0 of the CPU + and is fixed in r2p1. + +- ``ERRATA_A710_2216384``: This applies errata 2216384 workaround to + Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 + of the CPU and is fixed in r2p1. + - ``ERRATA_A710_2282622``: This applies errata 2282622 workaround to Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 of the CPU and is fixed in r2p1. +- ``ERRATA_A710_2291219``: This applies errata 2291219 workaround to + Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 + of the CPU and is fixed in r2p1. + - ``ERRATA_A710_2008768``: This applies errata 2008768 workaround to Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 of the CPU and is fixed in r2p1. +- ``ERRATA_A710_2371105``: This applies errata 2371105 workaround to + Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 + of the CPU and is fixed in r2p1. + For Neoverse N2, the following errata build flags are defined : - ``ERRATA_N2_2002655``: This applies errata 2002655 workaround to Neoverse-N2 @@ -488,6 +550,18 @@ - ``ERRATA_N2_2280757``: This applies errata 2280757 workaround to Neoverse-N2 CPU. This needs to be enabled for revision r0p0 of the CPU and is still open. +- ``ERRATA_N2_2326639``: This applies errata 2326639 workaround to Neoverse-N2 + CPU. This needs to be enabled for revision r0p0 of the CPU, it is fixed in + r0p1. + +- ``ERRATA_N2_2376738``: This applies errata 2376738 workaround to Neoverse-N2 + CPU. This needs to be enabled for revision r0p0 of the CPU, it is fixed in + r0p1. + +- ``ERRATA_N2_2388450``: This applies errata 2388450 workaround to Neoverse-N2 + CPU. This needs to be enabled for revision r0p0 of the CPU, it is fixed in + r0p1. + For Cortex-X2, the following errata build flags are defined : - ``ERRATA_X2_2002765``: This applies errata 2002765 workaround to Cortex-X2 @@ -517,6 +591,16 @@ Cortex-X2 CPU. This needs to be enabled only for revision r2p0 of the CPU, it is fixed in r2p1. +- ``ERRATA_X2_2371105``: This applies errata 2371105 workaround to + Cortex-X2 CPU. This needs to be enabled for revisions r0p0, r1p0 and r2p0 + of the CPU and is fixed in r2p1. + +For Cortex-X3, the following errata build flags are defined : + +- ``ERRATA_X3_2313909``: This applies errata 2313909 workaround to + Cortex-X3 CPU. This needs to be enabled only for revisions r0p0 and r1p0 + of the CPU, it is fixed in r1p1. + For Cortex-A510, the following errata build flags are defined : - ``ERRATA_A510_1922240``: This applies errata 1922240 workaround to @@ -549,6 +633,18 @@ Cortex-A510 CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2, r0p3 and r1p0, it is fixed in r1p1. +- ``ERRATA_A510_2347730``: This applies errata 2347730 workaround to + Cortex-A510 CPU. This needs to be enabled for revisions r0p0, r0p1, r0p2, + r0p3, r1p0 and r1p1. It is fixed in r1p2. + +- ``ERRATA_A510_2371937``: This applies errata 2371937 workaround to + Cortex-A510 CPU. This needs to applied for revisions r0p0, r0p1, r0p2, + r0p3, r1p0, r1p1, and is fixed in r1p2. + +- ``ERRATA_A510_2666669``: This applies errata 2666669 workaround to + Cortex-A510 CPU. This needs to applied for revisions r0p0, r0p1, r0p2, + r0p3, r1p0, r1p1. It is fixed in r1p2. + DSU Errata Workarounds ---------------------- @@ -624,9 +720,17 @@ This is used to control how the LL_CACHE* PMU events count. Default value is 0 (Disabled). +GIC Errata Workarounds +---------------------- +- ``GIC600_ERRATA_WA_2384374``: This flag applies part 2 of errata 2384374 + workaround for the affected GIC600 and GIC600-AE implementations. It applies + to implementations of GIC600 and GIC600-AE with revisions less than or equal + to r1p6 and r0p2 respectively. If the platform sets GICV3_SUPPORT_GIC600, + then this flag is enabled; otherwise, it is 0 (Disabled). + -------------- -*Copyright (c) 2014-2021, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2014-2022, Arm Limited and Contributors. All rights reserved.* .. _CVE-2017-5715: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 .. _CVE-2018-3639: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst index 71fdfcb..84bba18 100644 --- a/docs/design/firmware-design.rst +++ b/docs/design/firmware-design.rst
@@ -990,9 +990,10 @@ directly, the others are saved into memory for retrieval (if needed) by the handler. The handler is also provided with an opaque ``handle`` for use with the supporting library for parameter retrieval, setting return values and context -manipulation; and with ``flags`` indicating the security state of the caller. The -framework finally sets up the execution stack for the handler, and invokes the -services ``handle()`` function. +manipulation. The ``flags`` parameter indicates the security state of the caller +and the state of the SVE hint bit per the SMCCCv1.3. The framework finally sets +up the execution stack for the handler, and invokes the services ``handle()`` +function. On return from the handler the result registers are populated in X0-X7 as needed before restoring the stack and CPU state and returning from the original SMC.
diff --git a/docs/design/index.rst b/docs/design/index.rst index e3b8f74..17ef756 100644 --- a/docs/design/index.rst +++ b/docs/design/index.rst
@@ -4,7 +4,6 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: alt-boot-flows auth-framework
diff --git a/docs/design/trusted-board-boot-build.rst b/docs/design/trusted-board-boot-build.rst index dd61b61..c3f3a2f 100644 --- a/docs/design/trusted-board-boot-build.rst +++ b/docs/design/trusted-board-boot-build.rst
@@ -35,6 +35,13 @@ By default, this will use the Chain of Trust described in the TBBR-client document. To select a different one, use the ``COT`` build option. + If using a custom build of OpenSSL, set the ``OPENSSL_DIR`` variable + accordingly so it points at the OpenSSL installation path, as explained in + :ref:`Build Options`. In addition, set the ``LD_LIBRARY_PATH`` variable + when running to point at the custom OpenSSL path, so the OpenSSL libraries + are loaded from that path instead of the default OS path. Export this + variable if necessary. + In the case of Arm platforms, the location of the ROTPK hash must also be specified at build time. The following locations are currently supported (see ``ARM_ROTPK_LOCATION`` build option): @@ -63,7 +70,7 @@ make PLAT=<platform> TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \ ARM_ROTPK_LOCATION=devel_rsa \ ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \ - BL33=<path-to>/<bl33_image> \ + BL33=<path-to>/<bl33_image> OPENSSL_DIR=<path-to>/<openssl> \ all fip The result of this build will be the bl1.bin and the fip.bin binaries. This @@ -87,7 +94,7 @@ make PLAT=juno TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \ ARM_ROTPK_LOCATION=devel_rsa \ ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem \ - BL33=<path-to>/<bl33_image> \ + BL33=<path-to>/<bl33_image> OPENSSL_DIR=<path-to>/<openssl> \ SCP_BL2=<path-to>/<scp_bl2_image> \ SCP_BL2U=<path-to>/<scp_bl2u_image> \ NS_BL2U=<path-to>/<ns_bl2u_image> \ @@ -109,7 +116,7 @@ -------------- -*Copyright (c) 2019-2020, Arm Limited. All rights reserved.* +*Copyright (c) 2019-2022, Arm Limited. All rights reserved.* .. _mbed TLS Repository: https://github.com/ARMmbed/mbedtls.git .. _mbed TLS Security Center: https://tls.mbed.org/security
diff --git a/docs/design_documents/drtm_poc.rst b/docs/design_documents/drtm_poc.rst new file mode 100644 index 0000000..79e1142 --- /dev/null +++ b/docs/design_documents/drtm_poc.rst
@@ -0,0 +1,132 @@ +DRTM Proof of Concept +===================== + +Dynamic Root of Trust for Measurement (DRTM) begins a new trust environment +by measuring and executing a protected payload. + +Static Root of Trust for Measurement (SRTM)/Measured Boot implementation, +currently used by TF-A covers all firmwares, from the boot ROM to the normal +world bootloader. As a whole, they make up the system's TCB. These boot +measurements allow attesting to what software is running on the system and +enable enforcing security policies. + +As the boot chain grows or firmware becomes dynamically extensible, +establishing an attestable TCB becomes more challenging. DRTM provides a +solution to this problem by allowing measurement chains to be started at +any time. As these measurements are stored separately from the boot-time +measurements, they reduce the size of the TCB, which helps reduce the attack +surface and the risk of untrusted code executing, which could compromise +the security of the system. + +Components +~~~~~~~~~~ + + - **DCE-Preamble**: The DCE Preamble prepares the platform for DRTM by + doing any needed configuration, loading the target payload image(DLME), + and preparing input parameters needed by DRTM. Finally, it invokes the + DL Event to start the dynamic launch. + + - **D-CRTM**: The D-CRTM is the trust anchor (or root of trust) for the + DRTM boot sequence and is where the dynamic launch starts. The D-CRTM + must be implemented as a trusted agent in the system. The D-CRTM + initializes the TPM for DRTM and prepares the environment for the next + stage of DRTM, the DCE. The D-CRTM measures the DCE, verifies its + signature, and transfers control to it. + + - **DCE**: The DCE executes on an application core. The DCE verifies the + system’s state, measures security-critical attributes of the system, + prepares the memory region for the target payload, measures the payload, + and finally transfers control to the payload. + + - **DLME**: The protected payload is referred to as the Dynamically Launched + Measured Environment, or DLME. The DLME begins execution in a safe state, + with a single thread of execution, DMA protections, and interrupts + disabled. The DCE provides data to the DLME that it can use to verify the + configuration of the system. + +In this proof of concept, DCE and D-CRTM are implemented in BL31 and +DCE-Preamble and DLME are implemented in UEFI application. A DL Event is +triggered as a SMC by DCE-Preamble and handled by D-CRTM, which launches the +DLME via DCE. + +This manual provides instructions to build TF-A code with pre-buit EDK2 +and DRTM UEFI application. + +Building the PoC for the Arm FVP platform +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +(1) Use the below command to clone TF-A source code - + +.. code:: shell + + $ git clone https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git + +(2) There are prebuilt binaries required to execute the DRTM implementation + in the `prebuilts-drtm-bins`_. + Download EDK2 *FVP_AARCH64_EFI.fd* and UEFI DRTM application *test-disk.img* + binary from `prebuilts-drtm-bins`_. + +(3) Build the TF-A code using below command + +.. code:: shell + + $ make CROSS_COMPILE=aarch64-none-elf- ARM_ROTPK_LOCATION=devel_rsa + DEBUG=1 V=1 BL33=</path/to/FVP_AARCH64_EFI.fd> DRTM_SUPPORT=1 + MBEDTLS_DIR=</path/to/mbedTLS-source> USE_ROMLIB=1 all fip + +Running DRTM UEFI application on the Armv8-A AEM FVP +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +To run the DRTM test application along with DRTM implementation in BL31, +you need an FVP model. Please use the version of FVP_Base_RevC-2xAEMvA model +advertised in the TF-A documentation. + +.. code:: shell + + FVP_Base_RevC-2xAEMvA \ + --data cluster0.cpu0=</path/to/romlib.bin>@0x03ff2000 \ + --stat \ + -C bp.flashloader0.fname=<path/to/fip.bin> \ + -C bp.secureflashloader.fname=<path/to/bl1.bin> \ + -C bp.ve_sysregs.exit_on_shutdown=1 \ + -C bp.virtioblockdevice.image_path=<path/to/test-disk.img> \ + -C cache_state_modelled=1 \ + -C cluster0.check_memory_attributes=0 \ + -C cluster0.cpu0.etm-present=0 \ + -C cluster0.cpu1.etm-present=0 \ + -C cluster0.cpu2.etm-present=0 \ + -C cluster0.cpu3.etm-present=0 \ + -C cluster0.stage12_tlb_size=1024 \ + -C cluster1.check_memory_attributes=0 \ + -C cluster1.cpu0.etm-present=0 \ + -C cluster1.cpu1.etm-present=0 \ + -C cluster1.cpu2.etm-present=0 \ + -C cluster1.cpu3.etm-present=0 \ + -C cluster1.stage12_tlb_size=1024 \ + -C pctl.startup=0.0.0.0 \ + -Q 1000 \ + "$@" + +The bottom of the output from *uart1* should look something like the +following to indicate that the last SMC to unprotect memory has been fired +successfully. + +.. code-block:: shell + + ... + + INFO: DRTM service handler: version + INFO: ++ DRTM service handler: TPM features + INFO: ++ DRTM service handler: Min. mem. requirement features + INFO: ++ DRTM service handler: DMA protection features + INFO: ++ DRTM service handler: Boot PE ID features + INFO: ++ DRTM service handler: TCB-hashes features + INFO: DRTM service handler: dynamic launch + WARNING: DRTM service handler: close locality is not supported + INFO: DRTM service handler: unprotect mem + +-------------- + +*Copyright (c) 2022, Arm Limited. All rights reserved.* + +.. _prebuilts-drtm-bins: https://downloads.trustedfirmware.org/tf-a/drtm +.. _DRTM-specification: https://developer.arm.com/documentation/den0113/a
diff --git a/docs/design_documents/index.rst b/docs/design_documents/index.rst index 257a510..3e20c07 100644 --- a/docs/design_documents/index.rst +++ b/docs/design_documents/index.rst
@@ -4,12 +4,12 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: cmake_framework context_mgmt_rework measured_boot_poc + drtm_poc -------------- -*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst index cfd7201..402de13 100644 --- a/docs/getting_started/build-options.rst +++ b/docs/getting_started/build-options.rst
@@ -313,7 +313,13 @@ - ``ENABLE_FEAT_RNG``: Numeric value to enable the ``FEAT_RNG`` extension. ``FEAT_RNG`` is an optional feature available on Arm v8.5 onwards. This flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION`` - mechanism. Default is ``0``. + mechanism. Default value is ``0``. + +- ``ENABLE_FEAT_RNG_TRAP``: Numeric value to enable the ``FEAT_RNG_TRAP`` + extension. This feature is only supported in AArch64 state. This flag can + take values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism. + Default value is ``0``. ``FEAT_RNG_TRAP`` is an optional feature from + Armv8.5 onwards. - ``ENABLE_FEAT_SB``: Numeric value to enable the ``FEAT_SB`` (Speculation Barrier) extension allowing access to ``sb`` instruction. ``FEAT_SB`` is an @@ -461,8 +467,11 @@ - ``EL3_EXCEPTION_HANDLING``: When set to ``1``, enable handling of exceptions targeted at EL3. When set ``0`` (default), no exceptions are expected or - handled at EL3, and a panic will result. This is supported only for AArch64 - builds. + handled at EL3, and a panic will result. The exception to this rule is when + ``SPMD_SPM_AT_SEL2`` is set to ``1``, in which case, only exceptions + occuring during normal world execution, are trapped to EL3. Any exception + trapped during secure world execution are trapped to the SPMC. This is + supported only for AArch64 builds. - ``EVENT_LOG_LEVEL``: Chooses the log level to use for Measured Boot when ``MEASURED_BOOT`` is enabled. For a list of valid values, see ``LOG_LEVEL``. @@ -560,10 +569,11 @@ EL1 for handling. The default value of this option is ``0``, which means the Group 0 interrupts are assumed to be handled by Secure EL1. -- ``HANDLE_EA_EL3_FIRST``: When set to ``1``, External Aborts and SError - Interrupts will be always trapped in EL3 i.e. in BL31 at runtime. When set to - ``0`` (default), these exceptions will be trapped in the current exception - level (or in EL1 if the current exception level is EL0). +- ``HANDLE_EA_EL3_FIRST_NS``: When set to ``1``, External Aborts and SError + Interrupts, resulting from errors in NS world, will be always trapped in + EL3 i.e. in BL31 at runtime. When set to ``0`` (default), these exceptions + will be trapped in the current exception level (or in EL1 if the current + exception level is EL0). - ``HW_ASSISTED_COHERENCY``: On most Arm systems to-date, platform-specific software operations are required for CPUs to enter and exit coherency. @@ -600,22 +610,28 @@ - ``KEY_ALG``: This build flag enables the user to select the algorithm to be used for generating the PKCS keys and subsequent signing of the certificate. - It accepts 3 values: ``rsa``, ``rsa_1_5`` and ``ecdsa``. The option - ``rsa_1_5`` is the legacy PKCS#1 RSA 1.5 algorithm which is not TBBR - compliant and is retained only for compatibility. The default value of this - flag is ``rsa`` which is the TBBR compliant PKCS#1 RSA 2.1 scheme. + It accepts 5 values: ``rsa``, ``rsa_1_5``, ``ecdsa``, ``ecdsa-brainpool-regular`` + and ``ecdsa-brainpool-twisted``. The option ``rsa_1_5`` is the legacy PKCS#1 + RSA 1.5 algorithm which is not TBBR compliant and is retained only for + compatibility. The default value of this flag is ``rsa`` which is the TBBR + compliant PKCS#1 RSA 2.1 scheme. - ``KEY_SIZE``: This build flag enables the user to select the key size for the algorithm specified by ``KEY_ALG``. The valid values for ``KEY_SIZE`` depend on the chosen algorithm and the cryptographic module. - +-----------+------------------------------------+ - | KEY_ALG | Possible key sizes | - +===========+====================================+ - | rsa | 1024 , 2048 (default), 3072, 4096* | - +-----------+------------------------------------+ - | ecdsa | unavailable | - +-----------+------------------------------------+ + +---------------------------+------------------------------------+ + | KEY_ALG | Possible key sizes | + +===========================+====================================+ + | rsa | 1024 , 2048 (default), 3072, 4096* | + +---------------------------+------------------------------------+ + | ecdsa | unavailable | + +---------------------------+------------------------------------+ + | ecdsa-brainpool-regular | unavailable | + +---------------------------+------------------------------------+ + | ecdsa-brainpool-twisted | unavailable | + +---------------------------+------------------------------------+ + * Only 2048 bits size is available with CryptoCell 712 SBROM release 1. Only 3072 bits size is available with CryptoCell 712 SBROM release 2. @@ -716,7 +732,7 @@ or later CPUs. This flag can take the values 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism. - When ``RAS_EXTENSION`` is set to ``1``, ``HANDLE_EA_EL3_FIRST`` must also be + When ``RAS_EXTENSION`` is set to ``1``, ``HANDLE_EA_EL3_FIRST_NS`` must also be set to ``1``. This option is disabled by default. @@ -834,6 +850,17 @@ to mask these events. Platforms that enable FIQ handling in SP_MIN shall implement the api ``sp_min_plat_fiq_handler()``. The default value is 0. +- ``SVE_VECTOR_LEN``: SVE vector length to configure in ZCR_EL3. + Platforms can configure this if they need to lower the hardware + limit, for example due to asymmetric configuration or limitations of + software run at lower ELs. The default is the architectural maximum + of 2048 which should be suitable for most configurations, the + hardware will limit the effective VL to the maximum physically supported + VL. + +- ``TRNG_SUPPORT``: Setting this to ``1`` enables support for True + Random Number Generator Interface to BL31 image. This defaults to ``0``. + - ``TRUSTED_BOARD_BOOT``: Boolean flag to include support for the Trusted Board Boot feature. When set to '1', BL1 and BL2 images include support to load and verify the certificates and images in a FIP, and BL1 includes support @@ -970,28 +997,31 @@ implement this workaround due to the behaviour of the errata mentioned in new SDEN document which will get published soon. -- ``RAS_TRAP_LOWER_EL_ERR_ACCESS``: This flag enables/disables the SCR_EL3.TERR +- ``RAS_TRAP_NS_ERR_REC_ACCESS``: This flag enables/disables the SCR_EL3.TERR bit, to trap access to the RAS ERR and RAS ERX registers from lower ELs. This flag is disabled by default. -- ``OPENSSL_DIR``: This flag is used to provide the installed openssl directory - path on the host machine which is used to build certificate generation and - firmware encryption tool. +- ``OPENSSL_DIR``: This option is used to provide the path to a directory on the + host machine where a custom installation of OpenSSL is located, which is used + to build the certificate generation, firmware encryption and FIP tools. If + this option is not set, the default OS installation will be used. - ``USE_SP804_TIMER``: Use the SP804 timer instead of the Generic Timer for functions that wait for an arbitrary time length (udelay and mdelay). The default value is 0. -- ``ENABLE_BRBE_FOR_NS``: This flag enables access to the branch record buffer - registers from NS ELs when FEAT_BRBE is implemented. BRBE is an optional - architectural feature for AArch64. The default is 0 and it is automatically - disabled when the target architecture is AArch32. +- ``ENABLE_BRBE_FOR_NS``: Numeric value to enable access to the branch record + buffer registers from NS ELs when FEAT_BRBE is implemented. BRBE is an + optional architectural feature for AArch64. This flag can take the values + 0 to 2, to align with the ``FEATURE_DETECTION`` mechanism. The default is 0 + and it is automatically disabled when the target architecture is AArch32. -- ``ENABLE_TRBE_FOR_NS``: This flag is used to enable access of trace buffer +- ``ENABLE_TRBE_FOR_NS``: Numeric value to enable access of trace buffer control registers from NS ELs, NS-EL2 or NS-EL1(when NS-EL2 is implemented but unused) when FEAT_TRBE is implemented. TRBE is an optional architectural - feature for AArch64. The default is 0 and it is automatically disabled when - the target architecture is AArch32. + feature for AArch64. This flag can take the values 0 to 2, to align with the + ``FEATURE_DETECTION`` mechanism. The default is 0 and it is automatically + disabled when the target architecture is AArch32. - ``ENABLE_SYS_REG_TRACE_FOR_NS``: Boolean option to enable trace system registers access from NS ELs, NS-EL2 or NS-EL1 (when NS-EL2 is implemented @@ -1008,6 +1038,12 @@ functionalities). When enabled (``1``), a mocked version of the APIs are used. The default value is 0. +- ``CONDITIONAL_CMO``: Boolean option to enable call to platform-defined routine + ``plat_can_cmo`` which will return zero if cache management operations should + be skipped and non-zero otherwise. By default, this option is disabled which + means platform hook won't be checked and CMOs will always be performed when + related functions are called. + GICv3 driver options --------------------
diff --git a/docs/getting_started/docs-build.rst b/docs/getting_started/docs-build.rst index 87c677f..4a48059 100644 --- a/docs/getting_started/docs-build.rst +++ b/docs/getting_started/docs-build.rst
@@ -17,22 +17,28 @@ Prerequisites ------------- -For building a local copy of the |TF-A| documentation you will need, at minimum: +For building a local copy of the |TF-A| documentation you will need: - Python 3 (3.5 or later) - PlantUML (1.2017.15 or later) +- Python modules specified in ``docs/requirements.txt`` -Optionally, the `Dia`_ application can be installed if you need to edit -existing ``.dia`` diagram files, or create new ones. + You can install these with ``pip3`` (the Python Package Installer) by + passing it the requirements file above (with ``-r``). An optional ``--user`` + argument will install them locally, but you have to add their location to + $PATH (pip will emit a warning). Alternatively, they can be installed + globally (but will probably require root privileges). -You must also install the Python modules that are specified in the -``requirements.txt`` file in the root of the ``docs`` directory. These modules -can be installed using ``pip3`` (the Python Package Installer). Passing this -requirements file as an argument to ``pip3`` automatically installs the specific -module versions required by |TF-A|. + .. note:: + Although not necessary, it is recommended you use a virtual environment. + More advanced usage instructions for *pip* are beyond the scope of this + document but you can refer to the `pip homepage`_ for detailed guides. -An example set of installation commands for Ubuntu 18.04 LTS follows, assuming -that the working directory is ``docs``: +- Optionally, the `Dia`_ application can be installed if you need to edit + existing ``.dia`` diagram files, or create new ones. + +An example set of installation commands for Ubuntu follows, assuming that the +working directory is ``docs``: .. code:: shell @@ -44,15 +50,6 @@ the list to ensure that there will be no conflicts with other modules already installed in your environment. -Passing the optional ``--user`` argument to ``pip3`` will install the Python -packages only for the current user. Omitting this argument will attempt to -install the packages globally and this will likely require the command to be run -as root or using ``sudo``. - -.. note:: - More advanced usage instructions for *pip* are beyond the scope of this - document but you can refer to the `pip homepage`_ for detailed guides. - Building rendered documentation -------------------------------
diff --git a/docs/getting_started/image-terminology.rst b/docs/getting_started/image-terminology.rst index a90ec0b..66f47e8 100644 --- a/docs/getting_started/image-terminology.rst +++ b/docs/getting_started/image-terminology.rst
@@ -4,8 +4,8 @@ This page contains the current name, abbreviated name and purpose of the various images referred to in the Trusted Firmware project. -General Notes -------------- +Common Image Features +--------------------- - Some of the names and abbreviated names have changed to accommodate new requirements. The changed names are as backward compatible as possible to @@ -40,6 +40,15 @@ Trusted Firmware Images ----------------------- +Firmware Image Package: ``FIP`` +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This is a packaging format used by TF-A to package firmware images in a single +binary. The number and type of images that should be packed in a FIP is +platform-specific and may include TF-A images and other firmware images +required by the platform. For example, most platforms require a BL33 image +which corresponds to the normal world bootloader (e.g. UEFI or U-Boot). + AP Boot ROM: ``AP_BL1`` ~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/getting_started/index.rst b/docs/getting_started/index.rst index 817beaf..3fbf48d 100644 --- a/docs/getting_started/index.rst +++ b/docs/getting_started/index.rst
@@ -4,12 +4,11 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: prerequisites docs-build - tools-build initial-build + tools-build build-options image-terminology porting-guide
diff --git a/docs/getting_started/initial-build.rst b/docs/getting_started/initial-build.rst index 62f1941..4f41be4 100644 --- a/docs/getting_started/initial-build.rst +++ b/docs/getting_started/initial-build.rst
@@ -2,7 +2,7 @@ =========================== - Before building TF-A, the environment variable ``CROSS_COMPILE`` must point - to the Linaro cross compiler. + to your cross compiler. For AArch64:
diff --git a/docs/getting_started/porting-guide.rst b/docs/getting_started/porting-guide.rst index 2c6a005..aa57e1d 100644 --- a/docs/getting_started/porting-guide.rst +++ b/docs/getting_started/porting-guide.rst
@@ -23,8 +23,8 @@ discusses these in detail. The subsequent sections discuss the remaining modifications for each BL stage in detail. -Please refer to the :ref:`Platform Compatibility Policy` for the policy -regarding compatibility and deprecation of these porting interfaces. +Please refer to the :ref:`Platform Ports Policy` for the policy regarding +compatibility and deprecation of these porting interfaces. Only Arm development platforms (such as FVP and Juno) may use the functions/definitions in ``include/plat/arm/common/`` and the corresponding @@ -89,6 +89,8 @@ The following variables, functions and constants must be defined by the platform for the firmware to work correctly. +.. _platform_def_mandatory: + File : platform_def.h [mandatory] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -118,7 +120,7 @@ - **#define : CACHE_WRITEBACK_GRANULE** - Defines the size in bits of the largest cache line across all the cache + Defines the size in bytes of the largest cache line across all the cache levels in the platform. - **#define : FIRMWARE_WELCOME_STR** @@ -240,6 +242,11 @@ Defines the maximum address in secure RAM that the BL31 image can occupy. +- **#define : PLAT_RSS_COMMS_PAYLOAD_MAX_SIZE** + + Defines the maximum message size between AP and RSS. Need to define if + platform supports RSS. + For every image, the platform must define individual identifiers that will be used by BL1 or BL2 to load the corresponding image into memory from non-volatile storage. For the sake of performance, integer numbers will be used as @@ -562,6 +569,21 @@ doesn't print anything to the console. If ``PLAT_LOG_LEVEL_ASSERT`` isn't defined, it defaults to ``LOG_LEVEL``. +If the platform port uses the DRTM feature, the following constants must be +defined: + +- **#define : PLAT_DRTM_EVENT_LOG_MAX_SIZE** + + Maximum Event Log size used by the platform. Platform can decide the maximum + size of the Event Log buffer, depending upon the highest hash algorithm + chosen and the number of components selected to measure during the DRTM + execution flow. + +- **#define : PLAT_DRTM_MMAP_ENTRIES** + + Number of the MMAP entries used by the DRTM implementation to calculate the + size of address map region of the platform. + File : plat_macros.S [mandatory] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -787,6 +809,214 @@ either could not be updated or the authentication image descriptor indicates that it is not allowed to be updated. +Function: plat_convert_pk() +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void *, unsigned int, void **, unsigned int * + Return : int + +This function is optional when Trusted Board Boot is enabled, and only +used if the platform saves a hash of the ROTPK. +First argument is the Distinguished Encoding Rules (DER) ROTPK. +Second argument is its size. +Third argument is used to return a pointer to a buffer, which hash should +be the one saved in OTP. +Fourth argument is a pointer to return its size. + +Most platforms save the hash of the ROTPK, but some may save slightly different +information - e.g the hash of the ROTPK plus some related information. +Defining this function allows to transform the ROTPK used to verify +the signature to the buffer (a platform specific public key) which +hash is saved in OTP. + +The default implementation copies the input key and length to the output without +modification. + +The function returns 0 on success. Any other value means the expected +public key buffer cannot be extracted. + +Dynamic Root of Trust for Measurement support (in BL31) +------------------------------------------------------- + +The functions mentioned in this section are mandatory, when platform enables +DRTM_SUPPORT build flag. + +Function : plat_get_addr_mmap() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : const mmap_region_t * + +This function is used to return the address of the platform *address-map* table, +which describes the regions of normal memory, memory mapped I/O +and non-volatile memory. + +Function : plat_has_non_host_platforms() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : bool + +This function returns *true* if the platform has any trusted devices capable of +DMA, otherwise returns *false*. + +Function : plat_has_unmanaged_dma_peripherals() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : bool + +This function returns *true* if platform uses peripherals whose DMA is not +managed by an SMMU, otherwise returns *false*. + +Note - +If the platform has peripherals that are not managed by the SMMU, then the +platform should investigate such peripherals to determine whether they can +be trusted, and such peripherals should be moved under "Non-host platforms" +if they can be trusted. + +Function : plat_get_total_num_smmus() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : unsigned int + +This function returns the total number of SMMUs in the platform. + +Function : plat_enumerate_smmus() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +:: + + + Argument : void + Return : const uintptr_t *, size_t + +This function returns an array of SMMU addresses and the actual number of SMMUs +reported by the platform. + +Function : plat_drtm_get_dma_prot_features() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : const plat_drtm_dma_prot_features_t* + +This function returns the address of plat_drtm_dma_prot_features_t structure +containing the maximum number of protected regions and bitmap with the types +of DMA protection supported by the platform. +For more details see section 3.3 Table 6 of `DRTM`_ specification. + +Function : plat_drtm_dma_prot_get_max_table_bytes() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +This function returns the maximum size of DMA protected regions table in +bytes. + +Function : plat_drtm_get_tpm_features() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : const plat_drtm_tpm_features_t* + +This function returns the address of *plat_drtm_tpm_features_t* structure +containing PCR usage schema, TPM-based hash, and firmware hash algorithm +supported by the platform. + +Function : plat_drtm_get_min_size_normal_world_dce() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +This function returns the size normal-world DCE of the platform. + +Function : plat_drtm_get_imp_def_dlme_region_size() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +This function returns the size of implementation defined DLME region +of the platform. + +Function : plat_drtm_get_tcb_hash_table_size() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +This function returns the size of TCB hash table of the platform. + +Function : plat_drtm_get_tcb_hash_features() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +This function returns the Maximum number of TCB hashes recorded by the +platform. +For more details see section 3.3 Table 6 of `DRTM`_ specification. + +Function : plat_drtm_validate_ns_region() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : uintptr_t, uintptr_t + Return : int + +This function validates that given region is within the Non-Secure region +of DRAM. This function takes a region start address and size an input +arguments, and returns 0 on success and -1 on failure. + +Function : plat_set_drtm_error() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : uint64_t + Return : int + +This function writes a 64 bit error code received as input into +non-volatile storage and returns 0 on success and -1 on failure. + +Function : plat_get_drtm_error() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : uint64_t* + Return : int + +This function reads a 64 bit error code from the non-volatile storage +into the received address, and returns 0 on success and -1 on failure. + Common mandatory function modifications --------------------------------------- @@ -1095,6 +1325,20 @@ The address from where it was called is stored in x30 (Link Register). The default implementation simply spins. +Function : plat_system_reset() +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : void + +This function is used by the platform to resets the system. It can be used +in any specific use-case where system needs to be resetted. For example, +in case of DRTM implementation this function reset the system after +writing the DRTM error code in the non-volatile storage. This function +never returns. Failure in reset results in panic. + Function : plat_get_bl_image_load_info() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -1245,6 +1489,22 @@ When the MEASURED_BOOT flag is disabled, this function doesn't do anything. +Function : plat_can_cmo() +~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : uint64_t + +When CONDITIONAL_CMO flag is enabled: + +- This function indicates whether cache management operations should be + performed. It returns 0 if CMOs should be skipped and non-zero + otherwise. +- The function must not clobber x1, x2 and x3. It's also not safe to rely on + stack. Otherwise obey AAPCS. + Modifications specific to a Boot Loader stage --------------------------------------------- @@ -1663,6 +1923,42 @@ must return 0, otherwise it must return 1. The default implementation of this always returns 0. +Function : bl2_plat_mboot_init() [optional] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : void + +When the MEASURED_BOOT flag is enabled: + +- This function is used to initialize the backend driver(s) of measured boot. +- On the Arm FVP port, this function is used to initialize the Event Log + backend driver with the Event Log buffer information (base address and + size) received from BL1. It results in panic on error. + +When the MEASURED_BOOT flag is disabled, this function doesn't do anything. + +Function : bl2_plat_mboot_finish() [optional] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : void + +When the MEASURED_BOOT flag is enabled: + +- This function is used to finalize the measured boot backend driver(s), + and also, set the information for the next bootloader component to extend + the measurement if needed. +- On the Arm FVP port, this function is used to pass the Event Log buffer + information (base address and size) to non-secure(BL33) and trusted OS(BL32) + via nt_fw and tos_fw config respectively. It results in panic on error. + +When the MEASURED_BOOT flag is disabled, this function doesn't do anything. + Boot Loader Stage 2 (BL2) at EL3 -------------------------------- @@ -1820,42 +2116,6 @@ This function returns 0 on success, a negative error code otherwise. This function is included if SCP_BL2U_BASE is defined. -Function : bl2_plat_mboot_init() [optional] -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - Argument : void - Return : void - -When the MEASURED_BOOT flag is enabled: - -- This function is used to initialize the backend driver(s) of measured boot. -- On the Arm FVP port, this function is used to initialize the Event Log - backend driver with the Event Log buffer information (base address and - size) received from BL1. It results in panic on error. - -When the MEASURED_BOOT flag is disabled, this function doesn't do anything. - -Function : bl2_plat_mboot_finish() [optional] -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -:: - - Argument : void - Return : void - -When the MEASURED_BOOT flag is enabled: - -- This function is used to finalize the measured boot backend driver(s), - and also, set the information for the next bootloader component to extend - the measurement if needed. -- On the Arm FVP port, this function is used to pass the Event Log buffer - information (base address and size) to non-secure(BL33) and trusted OS(BL32) - via nt_fw and tos_fw config respectively. It results in panic on error. - -When the MEASURED_BOOT flag is disabled, this function doesn't do anything. - Boot Loader Stage 3-1 (BL31) ---------------------------- @@ -2017,7 +2277,7 @@ (that was copied during ``bl31_early_platform_setup()``) if the image exists. It should return NULL otherwise. -Function : plat_get_cca_attest_token() [mandatory when ENABLE_RME == 1] +Function : plat_rmmd_get_cca_attest_token() [mandatory when ENABLE_RME == 1] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :: @@ -2043,8 +2303,8 @@ The function returns 0 on success, -EINVAL on failure. -Function : plat_get_cca_realm_attest_key() [mandatory when ENABLE_RME == 1] -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Function : plat_rmmd_get_cca_realm_attest_key() [mandatory when ENABLE_RME == 1] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :: @@ -2069,6 +2329,31 @@ The function returns 0 on success, -EINVAL on failure. +Function : plat_rmmd_get_el3_rmm_shared_mem() [when ENABLE_RME == 1] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : uintptr_t * + Return : size_t + +This function returns the size of the shared area between EL3 and RMM (or 0 on +failure). A pointer to the shared area (or a NULL pointer on failure) is stored +in the pointer passed as argument. + +Function : plat_rmmd_load_manifest() [when ENABLE_RME == 1] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Arguments : rmm_manifest_t *manifest + Return : int + +When ENABLE_RME is enabled, this function populates a boot manifest for the +RMM image and stores it in the area specified by manifest. + +When ENABLE_RME is disabled, this function is not used. + Function : bl31_plat_enable_mmu [optional] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -2227,7 +2512,7 @@ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This value must be defined to the UUID of the TRNG backend that is specific to -the hardware after ``plat_trng_setup`` function is called. This value must +the hardware after ``plat_entropy_setup`` function is called. This value must conform to the SMCCC calling convention; The most significant 32 bits of the UUID must not equal ``0xffffffff`` or the signed integer ``-1`` as this value in w0 indicates failure to get a TRNG source. @@ -2528,7 +2813,8 @@ The ``target_state`` has a similar meaning as described in the ``pwr_domain_off()`` operation and it encodes the platform coordinated target local power states for the CPU power domain and its parent power domain levels. This function must -not return back to the caller. +not return back to the caller (by calling wfi in an infinite loop to ensure +some CPUs power down mitigations work properly). If this function is not implemented by the platform, PSCI generic implementation invokes ``psci_power_down_wfi()`` for power down. @@ -2914,6 +3200,34 @@ (``GICD_IGRPMODRn``) is read to figure out whether the interrupt is configured as Group 0 secure interrupt, Group 1 secure interrupt or Group 1 NS interrupt. +Common helper functions +----------------------- + +Function : do_panic() +~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : void + +This API is called from assembly files when encountering a critical failure that +cannot be recovered from. It also invokes elx_panic() which allows to report a +crash from lower exception level. This function assumes that it is invoked from +a C runtime environment i.e. valid stack exists. This call **must not** return. + +Function : panic() +~~~~~~~~~~~~~~~~~~ + +:: + + Argument : void + Return : void + +This API called from C files when encountering a critical failure that cannot +be recovered from. This function in turn prints backtrace (if enabled) and calls +do_panic(). This call **must not** return. + Crash Reporting mechanism (in BL31) ----------------------------------- @@ -3198,3 +3512,4 @@ .. _3.0 (GICv3): http://infocenter.arm.com/help/topic/com.arm.doc.ihi0069b/index.html .. _FreeBSD: https://www.freebsd.org .. _SCC: http://www.simple-cc.org/ +.. _DRTM: https://developer.arm.com/documentation/den0113/a
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst index 0b8a71c..3723294 100644 --- a/docs/getting_started/prerequisites.rst +++ b/docs/getting_started/prerequisites.rst
@@ -7,13 +7,14 @@ It may possible to build |TF-A| with combinations of software packages that are different from those listed below, however only the software described in this document can be officially supported. + Build Host ---------- |TF-A| can be built using either a Linux or a Windows machine as the build host. A relatively recent Linux distribution is recommended for building |TF-A|. We -have performed tests using Ubuntu 16.04 LTS (64-bit) but other distributions +have performed tests using Ubuntu 20.04 LTS (64-bit) but other distributions should also work fine as a base, provided that the necessary tools and libraries can be installed. @@ -25,7 +26,11 @@ |TF-A| can be built with any of the following *cross-compiler* toolchains that target the Armv7-A or Armv8-A architectures: -- GCC >= 11.2-2022.02 (from the `Arm Developer website`_) +- GCC >= 11.3.Rel1 (from the `Arm Developer website`_) + + You will need the targets ``arm-none-eabi`` and ``aarch64-none-elf`` for + AArch32 and AArch64 builds respectively. + - Clang >= 14.0.0 - Arm Compiler >= 6.18 @@ -53,14 +58,20 @@ The following libraries must be available to build one or more components or supporting tools: -- OpenSSL >= 3.0 +- OpenSSL >= 1.1.1 (v3.0.0 to v3.0.6 highly discouraged due to security issues) - Required to build the cert_create tool. + Required to build the cert_create, encrypt_fw, and fiptool tools. + + .. note:: + + If using OpenSSL 3, older Linux versions may require it to be built from + source code, as it may not be available in the default package repositories. + Please refer to the OpenSSL project documentation for more information. The following libraries are required for Trusted Board Boot and Measured Boot support: -- mbed TLS == 2.28.0 (tag: ``mbedtls-2.28.0``) +- mbed TLS == 2.28.1 (tag: ``mbedtls-2.28.1``) These tools are optional: @@ -89,7 +100,7 @@ .. code:: shell - sudo apt install build-essential git libssl-dev + sudo apt install build-essential git The optional packages can be installed using: @@ -97,14 +108,15 @@ sudo apt install device-tree-compiler -Additionally, to install an up-to-date version of Node.js, you can use the `Node -Version Manager`_ to install a version of your choosing (we recommend 16, but -later LTS versions might offer a more stable experience): +Additionally, to install a version of Node.js compatible with TF-A's repository +scripts, you can use the `Node Version Manager`_. To install both NVM and an +appropriate version of Node.js, run the following **from the root directory of +the repository**: .. code:: shell - curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | "$SHELL" - exec "$SHELL" -ic "nvm install 16; exec $SHELL" + curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash + exec "$SHELL" -ic "nvm install; exec $SHELL" .. _Node Version Manager: https://github.com/nvm-sh/nvm#install--update-script
diff --git a/docs/getting_started/psci-lib-integration-guide.rst b/docs/getting_started/psci-lib-integration-guide.rst index 3735265..4d690a9 100644 --- a/docs/getting_started/psci-lib-integration-guide.rst +++ b/docs/getting_started/psci-lib-integration-guide.rst
@@ -337,16 +337,6 @@ This function invalidates (flushes) the data cache for memory at address ``addr`` (first argument) address and of size ``size`` (second argument). -**Function : do_panic()** - -:: - - Argument : void - Return : void - -This function will be called by the PSCI library on encountering a critical -failure that cannot be recovered from. This function **must not** return. - CPU Context management API ~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/getting_started/tools-build.rst b/docs/getting_started/tools-build.rst index c050f58..166b527 100644 --- a/docs/getting_started/tools-build.rst +++ b/docs/getting_started/tools-build.rst
@@ -1,15 +1,24 @@ Building Supporting Tools ========================= +.. note:: + + OpenSSL 3.0 is needed in order to build the tools. A custom installation + can be used if not updating the OpenSSL version on the OS. In order to do + this, use the ``OPENSSL_DIR`` variable after the ``make`` command to + indicate the location of the custom OpenSSL build. Then, to run the tools, + use the ``LD_LIBRARY_PATH`` to indicate the location of the built + libraries. More info about ``OPENSSL_DIR`` can be found at + :ref:`Build Options`. + Building and using the FIP tool ------------------------------- -Firmware Image Package (FIP) is a packaging format used by TF-A to package -firmware images in a single binary. The number and type of images that should -be packed in a FIP is platform specific and may include TF-A images and other -firmware images required by the platform. For example, most platforms require -a BL33 image which corresponds to the normal world bootloader (e.g. UEFI or -U-Boot). +The following snippets build a :ref:`FIP<Image Terminology>` for the FVP +platform. While it is not an intrinsic part of the FIP format, a BL33 image is +required for these examples. For the purposes of experimentation, `Trusted +Firmware-A Tests`_ (`tftf.bin``) may be used. Refer to to the `TFTF +documentation`_ for instructions on building a TFTF binary. The TF-A build system provides the make target ``fip`` to create a FIP file for the specified platform using the FIP creation tool included in the TF-A @@ -164,4 +173,7 @@ -------------- -*Copyright (c) 2019, Arm Limited. All rights reserved.* +*Copyright (c) 2019-2022, Arm Limited. All rights reserved.* + +.. _Trusted Firmware-A Tests: https://git.trustedfirmware.org/TF-A/tf-a-tests.git/ +.. _TFTF documentation: https://trustedfirmware-a-tests.readthedocs.io/en/latest/
diff --git a/docs/glossary.rst b/docs/glossary.rst index aeeb133..e6b0239 100644 --- a/docs/glossary.rst +++ b/docs/glossary.rst
@@ -40,6 +40,18 @@ Common Vulnerabilities and Exposures. A CVE document is commonly used to describe a publicly-known security vulnerability. + DCE + DRTM Configuration Environment + + D-CRTM + Dynamic Code Root of Trust for Measurement + + DLME + Dynamically Launched Measured Environment + + DRTM + Dynamic Root of Trust for Measurement + DS-5 Arm Development Studio 5 @@ -86,6 +98,9 @@ A collaborative engineering organization consolidating and optimizing open source software and tools for the Arm architecture. + LSP + A logical secure partition managed by SPM + MMU Memory Management Unit @@ -186,6 +201,9 @@ TBBR Trusted Board Boot Requirements + TCB + Trusted Compute Base + TEE Trusted Execution Environment
diff --git a/docs/index.rst b/docs/index.rst index edc2535..3860199 100644 --- a/docs/index.rst +++ b/docs/index.rst
@@ -3,7 +3,7 @@ .. toctree:: :maxdepth: 1 - :hidden: + :numbered: Home<self> about/index
diff --git a/docs/perf/index.rst b/docs/perf/index.rst index 1482b80..bccad00 100644 --- a/docs/perf/index.rst +++ b/docs/perf/index.rst
@@ -4,7 +4,6 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: psci-performance-juno tsp
diff --git a/docs/plat/arm/arm-build-options.rst b/docs/plat/arm/arm-build-options.rst index 339ebbe..407c04b 100644 --- a/docs/plat/arm/arm-build-options.rst +++ b/docs/plat/arm/arm-build-options.rst
@@ -92,7 +92,7 @@ SBROM library must be specified via ``CCSBROM_LIB_PATH`` flag. - ``ARM_ETHOSN_NPU_DRIVER``: boolean option to enable a SiP service that can - configure an Arm Ethos-N NPU. To use this service the target platform's + configure an Arm® Ethos™-N NPU. To use this service the target platform's ``HW_CONFIG`` must include the device tree nodes for the NPU. Currently, only the Arm Juno platform has this included in its ``HW_CONFIG`` and the platform only loads the ``HW_CONFIG`` in AArch64 builds. Default is 0. @@ -152,6 +152,11 @@ to select the appropriate platform variant for the build. The range of valid values is platform specific. +- ``CSS_SYSTEM_GRACEFUL_RESET``: Build option to enable graceful powerdown of + CPU core on reset. This build option can be used on CSS platforms that + require all the CPUs to execute the CPU specific power down sequence to + complete a warm reboot sequence in which only the CPUs are power cycled. + -------------- .. |FIP in a GPT image| image:: ../../resources/diagrams/FIP_in_a_GPT_image.png
diff --git a/docs/plat/arm/fvp/index.rst b/docs/plat/arm/fvp/index.rst index 3d10e45..42c0eda 100644 --- a/docs/plat/arm/fvp/index.rst +++ b/docs/plat/arm/fvp/index.rst
@@ -12,61 +12,59 @@ (64-bit host machine only). .. note:: - The FVP models used are Version 11.17 Build 21, unless otherwise stated. + The FVP models used are Version 11.19 Build 14, unless otherwise stated. - ``Foundation_Platform`` -- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502`` -- ``FVP_Base_AEMv8A-AEMv8A`` (For certain configurations also uses 11.14/21) -- ``FVP_Base_AEMv8A-GIC600AE`` -- ``FVP_Base_AEMvA`` (For certain configurations also uses 0.0/6684) -- ``FVP_Base_Cortex-A32x4`` (Version 11.12/38) +- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502`` (Version 11.17/21) +- ``FVP_Base_AEMv8A-GIC600AE`` (Version 11.17/21) +- ``FVP_Base_AEMvA`` +- ``FVP_Base_AEMvA-AEMvA`` +- ``FVP_Base_Cortex-A32x4`` (Version 11.12/38) - ``FVP_Base_Cortex-A35x4`` - ``FVP_Base_Cortex-A53x4`` -- ``FVP_Base_Cortex-A55x4`` +- ``FVP_Base_Cortex-A55`` - ``FVP_Base_Cortex-A55x4+Cortex-A75x4`` +- ``FVP_Base_Cortex-A55x4+Cortex-A76x2`` - ``FVP_Base_Cortex-A57x1-A53x1`` - ``FVP_Base_Cortex-A57x2-A53x4`` -- ``FVP_Base_Cortex-A57x4-A53x4`` - ``FVP_Base_Cortex-A57x4`` -- ``FVP_Base_Cortex-A65AEx8`` -- ``FVP_Base_Cortex-A65x4`` -- ``FVP_Base_Cortex-A710x4`` -- ``FVP_Base_Cortex-A72x4-A53x4`` +- ``FVP_Base_Cortex-A57x4-A53x4`` +- ``FVP_Base_Cortex-A65`` +- ``FVP_Base_Cortex-A65AE`` +- ``FVP_Base_Cortex-A710x4`` (Version 11.17/21) - ``FVP_Base_Cortex-A72x4`` -- ``FVP_Base_Cortex-A73x4-A53x4`` +- ``FVP_Base_Cortex-A72x4-A53x4`` - ``FVP_Base_Cortex-A73x4`` -- ``FVP_Base_Cortex-A75x4`` -- ``FVP_Base_Cortex-A76AEx4`` -- ``FVP_Base_Cortex-A76AEx8`` -- ``FVP_Base_Cortex-A76x4`` -- ``FVP_Base_Cortex-A77x4`` -- ``FVP_Base_Cortex-A78x4`` -- ``FVP_Base_Neoverse-E1x1`` -- ``FVP_Base_Neoverse-E1x2`` -- ``FVP_Base_Neoverse-E1x4`` -- ``FVP_Base_Neoverse-N1x4`` -- ``FVP_Base_Neoverse-N2x4`` (Version 11.12 build 38) -- ``FVP_Base_Neoverse-V1x4`` -- ``FVP_Base_RevC-2xAEMvA`` (For certain configurations also uses 0.0/6557) -- ``FVP_CSS_SGI-575`` (Version 11.17/33) +- ``FVP_Base_Cortex-A73x4-A53x4`` +- ``FVP_Base_Cortex-A75`` +- ``FVP_Base_Cortex-A76`` +- ``FVP_Base_Cortex-A76AE`` +- ``FVP_Base_Cortex-A77`` +- ``FVP_Base_Cortex-A78`` +- ``FVP_Base_Cortex-A78C`` +- ``FVP_Base_Cortex-X2x4`` (Version 11.17/21) +- ``FVP_Base_Neoverse-E1`` +- ``FVP_Base_Neoverse-N1`` +- ``FVP_Base_Neoverse-N2x4`` (Version 11.16/16) +- ``FVP_Base_Neoverse-V1`` +- ``FVP_Base_RevC-2xAEMvA`` - ``FVP_Morello`` (Version 0.11/33) -- ``FVP_RD_E1_edge`` (Version 11.17/33) -- ``FVP_RD_N1_edge_dual`` (Version 11.17/33) -- ``FVP_RD_N1_edge`` (Version 11.17/33) -- ``FVP_RD_V1`` (Version 11.17/33) -- ``FVP_TC0`` -- ``FVP_TC1`` +- ``FVP_RD_E1_edge`` (Version 11.17/29) +- ``FVP_RD_V1`` (Version 11.17/29) +- ``FVP_TC0`` (Version 11.17/18) +- ``FVP_TC1`` (Version 11.17/33) +- ``FVP_TC2`` (Version 11.18/28) The latest version of the AArch32 build of TF-A has been tested on the following Arm FVPs without shifted affinities, and that do not support threaded CPU cores (64-bit host machine only). - ``FVP_Base_AEMvA`` -- ``FVP_Base_AEMv8A-AEMv8A`` +- ``FVP_Base_AEMvA-AEMvA`` - ``FVP_Base_Cortex-A32x4`` .. note:: - The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which + The ``FVP_Base_RevC-2xAEMvA`` FVP only supports shifted affinities, which is not compatible with legacy GIC configurations. Therefore this FVP does not support these legacy GIC configurations. @@ -327,19 +325,14 @@ - ``fvp-base-gicv2-psci.dts`` - For use with models such as the Cortex-A57-A53 Base FVPs without shifted - affinities and with Base memory map configuration. - -- ``fvp-base-gicv2-psci-aarch32.dts`` - - For use with models such as the Cortex-A32 Base FVPs without shifted - affinities and running Linux in AArch32 state with Base memory map - configuration. + For use with models such as the Cortex-A57-A53 or Cortex-A32 Base FVPs + without shifted affinities and with Base memory map configuration. - ``fvp-base-gicv3-psci.dts`` - For use with models such as the Cortex-A57-A53 Base FVPs without shifted - affinities and with Base memory map configuration and Linux GICv3 support. + For use with models such as the Cortex-A57-A53 or Cortex-A32 Base FVPs + without shifted affinities and with Base memory map configuration and + Linux GICv3 support. - ``fvp-base-gicv3-psci-1t.dts`` @@ -352,12 +345,6 @@ single cluster, single threaded CPUs, Base memory map configuration and Linux GICv3 support. -- ``fvp-base-gicv3-psci-aarch32.dts`` - - For use with models such as the Cortex-A32 Base FVPs without shifted - affinities and running Linux in AArch32 state with Base memory map - configuration and Linux GICv3 support. - - ``fvp-foundation-gicv2-psci.dts`` For use with Foundation FVP with Base memory map configuration.
diff --git a/docs/plat/arm/juno/index.rst b/docs/plat/arm/juno/index.rst index 8b9d453..91e681f 100644 --- a/docs/plat/arm/juno/index.rst +++ b/docs/plat/arm/juno/index.rst
@@ -241,13 +241,13 @@ -------------- -*Copyright (c) 2019-2021, Arm Limited. All rights reserved.* +*Copyright (c) 2019-2022, Arm Limited. All rights reserved.* .. _Linaro release software stack: http://releases.linaro.org/members/arm/platforms/ .. _Juno platform software user guide: https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/about/docs/juno/user-guide.rst .. _TF-A downloads page: https://downloads.trustedfirmware.org/tf-a/css_scp_2.8.0/juno/ .. _build the binaries from source: https://github.com/ARM-software/SCP-firmware/blob/master/user_guide.md#scp-firmware-user-guide .. _Arm Platforms Portal: https://community.arm.com/dev-platforms/ -.. _Juno Getting Started Guide: http://infocenter.arm.com/help/topic/com.arm.doc.dui0928e/DUI0928E_juno_arm_development_platform_gsg.pdf +.. _Juno Getting Started Guide: https://developer.arm.com/documentation/den0928/f/?lang=en .. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf .. _Juno Arm Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
diff --git a/docs/plat/arm/tc/index.rst b/docs/plat/arm/tc/index.rst index 20d3e56..df1847d 100644 --- a/docs/plat/arm/tc/index.rst +++ b/docs/plat/arm/tc/index.rst
@@ -13,10 +13,13 @@ - SCMI - MHUv2 -Currently, the main difference between TC0 (TARGET_PLATFORM=0) and TC1 -(TARGET_PLATFORM=1) platforms w.r.t to TF-A is the CPUs supported. TC0 has -support for Cortex A510, Cortex A710 and Cortex X2, while TC1 has support for -Cortex A510, Cortex Makalu and Cortex Makalu ELP Arm CPUs. +Currently, the main difference between TC0 (TARGET_PLATFORM=0), TC1 +(TARGET_PLATFORM=1), TC2 (TARGET_PLATFORM=2) platforms w.r.t to TF-A +is the CPUs supported as below: + +- TC0 has support for Cortex A510, Cortex A710 and Cortex X2. +- TC1 has support for Cortex A510, Cortex Makalu and Cortex X3. +- TC2 has support for Hayes and Hunter Arm CPUs. Boot Sequence @@ -33,15 +36,15 @@ Build Procedure (TF-A only) ~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Obtain arm `toolchain <https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>`_. - Set the CROSS_COMPILE environment variable to point to the toolchain folder. +- Obtain `Arm toolchain`_ and set the CROSS_COMPILE environment variable to + point to the toolchain folder. - Build TF-A: .. code:: shell make PLAT=tc BL33=<path_to_uboot.bin> \ - SCP_BL2=<path_to_scp_ramfw.bin> TARGET_PLATFORM={0,1} all fip + SCP_BL2=<path_to_scp_ramfw.bin> TARGET_PLATFORM={0,1,2} all fip Enable TBBR by adding the following options to the make command: @@ -53,4 +56,8 @@ ARM_ROTPK_LOCATION=devel_rsa \ ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem -*Copyright (c) 2020-2021, Arm Limited. All rights reserved.* +-------------- + +*Copyright (c) 2020-2022, Arm Limited. All rights reserved.* + +.. _Arm Toolchain: https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads
diff --git a/docs/plat/deprecated.rst b/docs/plat/deprecated.rst deleted file mode 100644 index 7cc4258..0000000 --- a/docs/plat/deprecated.rst +++ /dev/null
@@ -1,20 +0,0 @@ -Deprecated platforms -==================== - -Process of deprecating a platform ---------------------------------- - -Platform can be deprecated and its source can be kept in repository for a cooling -off period before deleting it or it can be deleted straight away. For later types -Deprecated/Deleted version would be same. - -List of deprecated platforms ----------------------------- - -+----------------+----------------+--------------------+--------------------+ -| Platform | Vendor | Deprecated version | Deleted version | -+================+================+====================+====================+ -| sgm775 | Arm | 2.5 | 2.7 | -+----------------+----------------+--------------------+--------------------+ -| mt6795 | MTK | 2.5 | 2.7 | -+----------------+----------------+--------------------+--------------------+
diff --git a/docs/plat/imx8m.rst b/docs/plat/imx8m.rst index 101d52b..f8071f7 100644 --- a/docs/plat/imx8m.rst +++ b/docs/plat/imx8m.rst
@@ -68,3 +68,46 @@ with a DTB overlay. The overlay will be put at PLAT_IMX8M_DTO_BASE with maximum size PLAT_IMX8M_DTO_MAX_SIZE. Then in U-boot we can apply the DTB overlay and let U-boot to parse the event log and update the PCRs. + +High Assurance Boot (HABv4) +--------------------------- + +All actively maintained platforms have a support for High Assurance +Boot (HABv4), which is implemented via ROM Vector Table (RVT) API to +extend the Root-of-Trust beyond the SPL. Those calls are done via SMC +and are executed in EL3, with results returned back to original caller. + +Note on DRAM Memory Mapping +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +There is a special case of mapping the DRAM: entire DRAM available on the +platform is mapped into the EL3 with MT_RW attributes. + +Mapping the entire DRAM allows the usage of 2MB block mapping in Level-2 +Translation Table entries, which use less Page Table Entries (PTEs). If +Level-3 PTE mapping is used instead then additional PTEs would be required, +which leads to the increase of translation table size. + +Due to the fact that the size of SRAM is limited on some platforms in the +family it should rather be avoided creating additional Level-3 mapping and +introduce more PTEs, hence the implementation uses Level-2 mapping which +maps entire DRAM space. + +The reason for the MT_RW attribute mapping scheme is the fact that the SMC +API to get the status and events is called from NS world passing destination +pointers which are located in DRAM. Mapping DRAM without MT_RW permissions +causes those locations not to be filled, which in turn causing EL1&0 software +not to receive replies. + +Therefore, DRAM mapping is done with MT_RW attributes, as it is required for +data exchange between EL3 and EL1&0 software. + +Reference Documentation +~~~~~~~~~~~~~~~~~~~~~~~ + +Details on HABv4 usage and implementation could be found in following documents: + +- AN4581: "i.MX Secure Boot on HABv4 Supported Devices", Rev. 4 - June 2020 +- AN12263: "HABv4 RVT Guidelines and Recommendations", Rev. 1 - 06/2020 +- "HABv4 API Reference Manual". This document in the part of NXP Code Signing Tool (CST) distribution. +
diff --git a/docs/plat/index.rst b/docs/plat/index.rst index 0cef16a..a4e2067 100644 --- a/docs/plat/index.rst +++ b/docs/plat/index.rst
@@ -4,12 +4,10 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: :hidden: allwinner arm/index - deprecated meson-axg meson-gxbb meson-gxl @@ -21,6 +19,7 @@ marvell/index mt8183 mt8186 + mt8188 mt8192 mt8195 nvidia-tegra @@ -42,6 +41,7 @@ synquacer stm32mp1 ti-k3 + xilinx-versal-net xilinx-versal xilinx-zynqmp brcm-stingray @@ -57,10 +57,26 @@ - Arm Neoverse N1 System Development Platform (N1SDP) - Arm Neoverse Reference Design N1 Edge (RD-N1-Edge) FVP - Arm Neoverse Reference Design E1 Edge (RD-E1-Edge) FVP - - Arm SGI-575 and SGM-775 - - MediaTek MT6795 and MT8173 SoCs - - Arm Morello Platform + - Arm SGI-575 + - MediaTek MT8173 SoCs + +Deprecated platforms +-------------------- + ++----------------+----------------+--------------------+--------------------+ +| Platform | Vendor | Deprecated version | Deleted version | ++================+================+====================+====================+ +| sgm775 | Arm | 2.5 | 2.7 | ++----------------+----------------+--------------------+--------------------+ +| mt6795 | MTK | 2.5 | 2.7 | ++----------------+----------------+--------------------+--------------------+ +| sgi575 | Arm | 2.8 | 3.0 | ++----------------+----------------+--------------------+--------------------+ +| rdn1edge | Arm | 2.8 | 3.0 | ++----------------+----------------+--------------------+--------------------+ +| tc0 | Arm | 2.8 | 3.0 | ++----------------+----------------+--------------------+--------------------+ -------------- -*Copyright (c) 2019-2020, Arm Limited. All rights reserved.* +*Copyright (c) 2019-2022, Arm Limited. All rights reserved.*
diff --git a/docs/plat/marvell/armada/build.rst b/docs/plat/marvell/armada/build.rst index adb9603..8cb3fdf 100644 --- a/docs/plat/marvell/armada/build.rst +++ b/docs/plat/marvell/armada/build.rst
@@ -26,7 +26,7 @@ *u-boot.bin* should be used and not *u-boot-spl.bin* -Set MSS/SCP image path (mandatory only for A7K/8K/CN913x when MSS_SUPPORT=1) +Set MSS/SCP image path (mandatory only for A7K/A8K/CN913x when MSS_SUPPORT=1) .. code:: shell @@ -109,7 +109,7 @@ - MV_DDR_PATH This parameter is required for ``mrvl_flash`` and ``mrvl_uart`` targets. - For A7K/8K/CN913x it is used for BLE build and for Armada37x0 it used + For A7K/A8K/CN913x it is used for BLE build and for Armada37x0 it used for ddr_tool build. Specify path to the full checkout of Marvell mv-ddr-marvell git @@ -131,7 +131,7 @@ values with CP_NUM are in a range of 1 to 3. -A7K/8K/CN913x specific build options: +A7K/A8K/CN913x specific build options: - BLE_PATH @@ -165,14 +165,14 @@ Armada37x0 specific build options: -- HANDLE_EA_EL3_FIRST +- HANDLE_EA_EL3_FIRST_NS - When ``HANDLE_EA_EL3_FIRST=1``, External Aborts and SError Interrupts will be always trapped - in TF-A. TF-A in this case enables dirty hack / workaround for a bug found in U-Boot and - Linux kernel PCIe controller driver pci-aardvark.c, traps and then masks SError interrupt - caused by AXI SLVERR on external access (syndrome 0xbf000002). + When ``HANDLE_EA_EL3_FIRST_NS=1``, External Aborts and SError Interrupts, resulting from errors + in NS world, will be always trapped in TF-A. TF-A in this case enables dirty hack / workaround for + a bug found in U-Boot and Linux kernel PCIe controller driver pci-aardvark.c, traps and then masks + SError interrupt caused by AXI SLVERR on external access (syndrome 0xbf000002). - Otherwise when ``HANDLE_EA_EL3_FIRST=0``, these exceptions will be trapped in the current + Otherwise when ``HANDLE_EA_EL3_FIRST_NS=0``, these exceptions will be trapped in the current exception level (or in EL1 if the current exception level is EL0). So exceptions caused by U-Boot will be trapped in U-Boot, exceptions caused by Linux kernel (or user applications) will be trapped in Linux kernel. @@ -185,8 +185,8 @@ recommended to not enable this workaround as it disallows propagating of all External Aborts to running Linux kernel and makes correctable errors as fatal aborts. - This option is now disabled by default. In past this option was enabled by default in - TF-A versions v2.2, v2.3, v2.4 and v2.5. + This option is now disabled by default. In past this option has different name "HANDLE_EA_EL3_FIRST" and + was enabled by default in TF-A versions v2.2, v2.3, v2.4 and v2.5. - CM3_SYSTEM_RESET @@ -387,7 +387,7 @@ - PLAT_RECOVERY_IMAGE_ENABLE When set this option to enable secondary recovery function when build atf. In order to build UART recovery image this operation should be disabled for - A7K/8K/CN913x because of hardware limitation (boot from secondary image + A7K/A8K/CN913x because of hardware limitation (boot from secondary image can interrupt UART recovery process). This MACRO definition is set in ``plat/marvell/armada/a8k/common/include/platform_def.h`` file.
diff --git a/docs/plat/marvell/armada/uart-booting.rst b/docs/plat/marvell/armada/uart-booting.rst new file mode 100644 index 0000000..04ce464 --- /dev/null +++ b/docs/plat/marvell/armada/uart-booting.rst
@@ -0,0 +1,103 @@ +TF-A UART Booting Instructions for Marvell Platforms +==================================================== + +This section describes how to temporary boot the Trusted Firmware-A (TF-A) project over UART +without flashing it to non-volatile storage for Marvell's platforms. + +See :ref:`TF-A Build Instructions for Marvell Platforms` how to build ``mrvl_uart`` and +``mrvl_flash`` targets used in this section. + +Armada37x0 UART image downloading +--------------------------------- + +There are two options how to download UART image into any Armada37x0 board. + +Marvell Wtpdownloader +~~~~~~~~~~~~~~~~~~~~~ + +Marvell Wtpdownloader works only with UART images stored in separate files and supports only upload +speed with 115200 bauds. Target ``mrvl_uart`` produces GZIPed TAR archive ``uart-images.tgz.bin`` +with either three files ``TIM_ATF.bin``, ``wtmi_h.bin`` and ``boot-image_h.bin`` for non-secure +boot or with four files ``TIM_ATF_TRUSTED.bin``, ``TIMN_ATF_TRUSTED.bin``, ``wtmi_h.bin`` and +``boot-image_h.bin`` when secure boot is enabled. + +Compilation: + +.. code:: shell + + > git clone https://github.com/MarvellEmbeddedProcessors/A3700-utils-marvell.git + > make -C A3700-utils-marvell/wtptp/src/Wtpdownloader_Linux -f makefile.mk + +It produces executable binary ``A3700-utils-marvell/wtptp/src/Wtpdownloader_Linux/WtpDownload_linux`` + +To download images from ``uart-images.tgz.bin`` archive unpack it and for non-secure boot variant run: + +.. code:: shell + + > stty -F /dev/ttyUSB<port#> clocal + > WtpDownload_linux -P UART -C <port#> -E -B TIM_ATF.bin -I wtmi_h.bin -I boot-image_h.bin + +After that immediately start terminal on ``/dev/ttyUSB<port#>`` to see boot output. + +CZ.NIC mox-imager +~~~~~~~~~~~~~~~~~ + +CZ.NIC mox-imager supports all Armada37x0 boards (not only Turris MOX as name suggests). It works +with either with separate files from ``uart-images.tgz.bin`` archive (like Marvell Wtpdownloader) +produced by ``mrvl_uart`` target or also with ``flash-image.bin`` file produced by ``mrvl_flash`` +target, which is the exactly same file as used for flashing. So when using CZ.NIC mox-imager there +is no need to build separate files for UART flashing like in case with Marvell Wtpdownloader. + +CZ.NIC mox-imager moreover supports higher upload speeds up to the 6000000 bauds (which seems to +be limit of Armada37x0 SoC) which is much higher and faster than Marvell Wtpdownloader. + +Compilation: + +.. code:: shell + + > git clone https://gitlab.nic.cz/turris/mox-imager.git + > make -C mox-imager + +It produces executable binary ``mox-imager/mox-imager`` + +To download single file image built by ``mrvl_flash`` target at the highest speed, run: + +.. code:: shell + + > mox-imager -D /dev/ttyUSB<port#> -E -b 6000000 -t flash-image.bin + +To download images from ``uart-images.tgz.bin`` archive built by ``mrvl_uart`` target for +non-secure boot variant (like Wtpdownloader) but at the highest speed, first unpack +``uart-images.tgz.bin`` archive and then run: + +.. code:: shell + + > mox-imager -D /dev/ttyUSB<port#> -E -b 6000000 -t TIM_ATF.bin wtmi_h.bin boot-image_h.bin + +CZ.NIC mox-imager after successful download will start its own mini terminal (option ``-t``) to +not loose any boot output. It also prints boot output which is sent either by image files or by +bootrom during transferring of image files. This mini terminal can be quit by CTRL-\\ + C keypress. + + +A7K/A8K/CN913x UART image downloading +------------------------------------- + +A7K/A8K/CN913x uses same image ``flash-image.bin`` for both flashing and booting over UART. +For downloading image over UART it is possible to use mvebu64boot tool. + +Compilation: + +.. code:: shell + + > git clone https://github.com/pali/mvebu64boot.git + > make -C mvebu64boot + +It produces executable binary ``mvebu64boot/mvebu64boot`` + +To download ``flash-image.bin`` image run: + +.. code:: shell + + > mvebu64boot -t -b flash-image.bin /dev/ttyUSB0 + +After successful download it will start own mini terminal (option ``-t``) like CZ.NIC mox-imager.
diff --git a/docs/plat/marvell/index.rst b/docs/plat/marvell/index.rst index 0d33432..2d5cdeb 100644 --- a/docs/plat/marvell/index.rst +++ b/docs/plat/marvell/index.rst
@@ -6,6 +6,7 @@ :caption: Contents armada/build + armada/uart-booting armada/porting armada/misc/mvebu-a8k-addr-map armada/misc/mvebu-amb
diff --git a/docs/plat/mt8188.rst b/docs/plat/mt8188.rst new file mode 100644 index 0000000..93abaa5 --- /dev/null +++ b/docs/plat/mt8188.rst
@@ -0,0 +1,21 @@ +MediaTek 8188 +============= + +MediaTek 8188 (MT8188) is a 64-bit ARM SoC introduced by MediaTek in 2022. +The chip incorporates eight cores - six Cortex-A55 little cores and two Cortex-A78. +Cortex-A78 can operate at up to 2.6 GHz. +Cortex-A55 can operate at up to 2.0 GHz. + +Boot Sequence +------------- + +:: + + Boot Rom --> Coreboot --> TF-A BL31 --> Depthcharge --> Linux Kernel + + How to Build + ------------ + + .. code:: shell + + make CROSS_COMPILE=aarch64-linux-gnu- LD=aarch64-linux-gnu-gcc PLAT=mt8188 DEBUG=1 COREBOOT=1
diff --git a/docs/plat/qemu.rst b/docs/plat/qemu.rst index 66b8247..6986326 100644 --- a/docs/plat/qemu.rst +++ b/docs/plat/qemu.rst
@@ -136,3 +136,37 @@ -append 'console=ttyAMA0,38400 keep_bootcon' \ -initrd rootfs.cpio.gz -smp 2 -m 1024 -bios flash.bin \ -d unimp + +Running QEMU in OpenCI +----------------------- + +Linaro's continuous integration platform OpenCI supports running emulated tests +on QEMU. The tests are kicked off on Jenkins and deployed through the Linaro +Automation and Validation Architecture `LAVA`_. + +There are a set of Linux boot tests provided in OpenCI. They rely on prebuilt +`binaries`_ for UEFI, the kernel, root file system, as well as, any other TF-A +dependencies, and are run as part of the OpenCI TF-A `daily job`_. To run them +manually, a `builder`_ job may be triggered with the test configuration +``qemu-boot-tests``. + + +You may see the following warning repeated several times in the boot logs: + +.. code:: shell + + pflash_write: Write to buffer emulation is flawed + +Please ignore this as it is an unresolved `issue in QEMU`_, it is an internal +QEMU warning that logs flawed use of "write to buffer". + +.. note:: + For more information on how to trigger jobs in OpenCI, please refer to + Linaro's CI documentation, which explains how to trigger a `manual job`_. + +.. _binaries: https://downloads.trustedfirmware.org/tf-a/linux_boot/ +.. _daily job: https://ci.trustedfirmware.org/view/TF-A/job/tf-a-main/ +.. _builder: https://ci.trustedfirmware.org/view/TF-A/job/tf-a-builder/ +.. _LAVA: https://tf.validation.linaro.org/ +.. _manual job: https://tf-ci-users-guide.readthedocs.io/en/latest/#manual-job-trigger +.. _issue in QEMU: https://git.qemu.org/?p=qemu.git;a=blob;f=hw/block/pflash_cfi01.c;h=0cbc2fb4cbf62c9a033b8dd89012374ff74ed610;hb=refs/heads/master#l500
diff --git a/docs/plat/stm32mp1.rst b/docs/plat/stm32mp1.rst index 7ae98b1..23ea25a 100644 --- a/docs/plat/stm32mp1.rst +++ b/docs/plat/stm32mp1.rst
@@ -63,15 +63,6 @@ inside the FIP binary: BL32 (SP_min or OP-TEE), U-Boot and their respective device tree blobs. -STM32IMAGE bootchain -~~~~~~~~~~~~~~~~~~~~ -Although still supported, this way of booting is not recommended. -Pease use FIP instead. -At compilation step, BL2, BL32 and DTB file are linked together in a single -binary. The stm32image tool is also generated and the header is added to TF-A -binary. This binary file with header is named tf-a-stm32mp157c-ev1.stm32. -It can then be copied in the first partition of the boot device. - Memory mapping ~~~~~~~~~~~~~~ @@ -144,8 +135,12 @@ - | ``DTB_FILE_NAME``: to precise board device-tree blob to be used. | Default: stm32mp157c-ev1.dtb +- | ``DWL_BUFFER_BASE``: the 'serial boot' load address of FIP, + | default location (end of the first 128MB) is used when absent - | ``STM32MP_EARLY_CONSOLE``: to enable early traces before clock driver is setup. | Default: 0 (disabled) +- | ``STM32MP_RECONFIGURE_CONSOLE``: to re-configure crash console (especially after BL2). + | Default: 0 (disabled) - | ``STM32MP_UART_BAUDRATE``: to select UART baud rate. | Default: 115200 - | ``STM32_TF_VERSION``: to manage BL2 monotonic counter. @@ -231,44 +226,40 @@ BL32_EXTRA2=<optee_directory>/tee-pageable_v2.bin fip +Trusted Boot Board +__________________ -STM32IMAGE bootchain -~~~~~~~~~~~~~~~~~~~~ -You need to add the following flag to the make command: -``STM32MP_USE_STM32IMAGE=1`` +.. code:: shell -To build with SP_min and support for SD-card boot: + tools/cert_create/cert_create -n --rot-key "build/stm32mp1/debug/rot_key.pem" \ + --tfw-nvctr 0 \ + --ntfw-nvctr 0 \ + --key-alg ecdsa --hash-alg sha256 \ + --trusted-key-cert build/stm32mp1/cert_images/trusted-key-cert.key-crt \ + --tos-fw <optee_directory>/tee-header_v2.bin \ + --tos-fw-extra1 <optee_directory>/tee-pager_v2.bin \ + --tos-fw-extra2 <optee_directory>/tee-pageable_v2.bin \ + --tos-fw-cert build/stm32mp1/cert_images/tee-header_v2.bin.crt \ + --tos-fw-key-cert build/stm32mp1/cert_images/tee-header_v2.bin.key-crt \ + --nt-fw <u-boot_directory>/u-boot-nodtb.bin \ + --nt-fw-cert build/stm32mp1/cert_images/u-boot.bin.crt \ + --nt-fw-key-cert build/stm32mp1/cert_images/u-boot.bin.key-crt \ + --hw-config <u-boot_directory>/u-boot.dtb \ + --fw-config build/stm32mp1/debug/fdts/fw-config.dtb \ + --stm32mp-cfg-cert build/stm32mp1/cert_images/stm32mp_cfg_cert.crt -.. code:: bash + tools/fiptool/fiptool create --tos-fw <optee_directory>/tee-header_v2.bin \ + --tos-fw-extra1 <optee_directory>/tee-pager_v2.bin \ + --tos-fw-extra2 <optee_directory>/tee-pageable_v2.bin \ + --nt-fw <u-boot_directory>/u-boot-nodtb.bin \ + --hw-config <u-boot_directory>/u-boot.dtb \ + --fw-config build/stm32mp1/debug/fdts/fw-config.dtb \ + --tos-fw-cert build/stm32mp1/cert_images/tee-header_v2.bin.crt \ + --tos-fw-key-cert build/stm32mp1/cert_images/tee-header_v2.bin.key-crt \ + --nt-fw-cert build/stm32mp1/cert_images/u-boot.bin.crt \ + --nt-fw-key-cert build/stm32mp1/cert_images/u-boot.bin.key-crt \ + --stm32mp-cfg-cert build/stm32mp1/cert_images/stm32mp_cfg_cert.crt stm32mp1.fip - make CROSS_COMPILE=arm-linux-gnueabihf- PLAT=stm32mp1 ARCH=aarch32 ARM_ARCH_MAJOR=7 \ - AARCH32_SP=sp_min STM32MP_SDMMC=1 DTB_FILE_NAME=stm32mp157c-ev1.dtb \ - STM32MP_USE_STM32IMAGE=1 - - cd <u-boot_directory> - make stm32mp15_trusted_defconfig - make DEVICE_TREE=stm32mp157c-ev1 all - -To build TF-A with OP-TEE support for SD-card boot: - -.. code:: bash - - make CROSS_COMPILE=arm-linux-gnueabihf- PLAT=stm32mp1 ARCH=aarch32 ARM_ARCH_MAJOR=7 \ - AARCH32_SP=optee STM32MP_SDMMC=1 DTB_FILE_NAME=stm32mp157c-ev1.dtb \ - STM32MP_USE_STM32IMAGE=1 - - cd <optee_directory> - make CROSS_COMPILE=arm-linux-gnueabihf- ARCH=arm PLATFORM=stm32mp1 \ - CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-ev1.dts - - cd <u-boot_directory> - make stm32mp15_trusted_defconfig - make DEVICE_TREE=stm32mp157c-ev1 all - - -The following build options are supported: - -- ``ENABLE_STACK_PROTECTOR``: To enable the stack protection. Populate SD-card @@ -284,22 +275,6 @@ Usually, two copies of fsbl are used (fsbl1 and fsbl2) instead of one partition fsbl. -STM32IMAGE bootchain -~~~~~~~~~~~~~~~~~~~~ -The SD-card has to be formatted with GPT. -It should contain at least those partitions: - -- fsbl: to copy the tf-a-stm32mp157c-ev1.stm32 binary -- ssbl: to copy the u-boot.stm32 binary - -Usually, two copies of fsbl are used (fsbl1 and fsbl2) instead of one partition fsbl. - -OP-TEE artifacts go into separate partitions as follows: - -- teeh: tee-header_v2.stm32 -- teed: tee-pageable_v2.stm32 -- teex: tee-pager_v2.stm32 - .. _STM32MP1 Series: https://www.st.com/en/microcontrollers-microprocessors/stm32mp1-series.html .. _STM32MP1 part number codification: https://wiki.st.com/stm32mpu/wiki/STM32MP15_microprocessor#Part_number_codification
diff --git a/docs/plat/xilinx-versal-net.rst b/docs/plat/xilinx-versal-net.rst new file mode 100644 index 0000000..5d2e663 --- /dev/null +++ b/docs/plat/xilinx-versal-net.rst
@@ -0,0 +1,31 @@ +Xilinx Versal NET +================= + +Trusted Firmware-A implements the EL3 firmware layer for Xilinx Versal NET. +The platform only uses the runtime part of TF-A as Xilinx Versal NET already +has a BootROM (BL1) and PMC FW (BL2). + +BL31 is TF-A. +BL32 is an optional Secure Payload. +BL33 is the non-secure world software (U-Boot, Linux etc). + +To build: +```bash +make RESET_TO_BL31=1 CROSS_COMPILE=aarch64-none-elf- PLAT=versal_net bl31 +``` + +Xilinx Versal NET platform specific build options +------------------------------------------------- + +* `VERSAL_NET_ATF_MEM_BASE`: Specifies the base address of the bl31 binary. +* `VERSAL_NET_ATF_MEM_SIZE`: Specifies the size of the memory region of the bl31 binary. +* `VERSAL_NET_BL32_MEM_BASE`: Specifies the base address of the bl32 binary. +* `VERSAL_NET_BL32_MEM_SIZE`: Specifies the size of the memory region of the bl32 binary. + +* `VERSAL_NET_CONSOLE`: Select the console driver. Options: + - `pl011`, `pl011_0`: ARM pl011 UART 0 + - `pl011_1` : ARM pl011 UART 1 + +* `TFA_NO_PM` : Platform Management support. + - 0 : Enable Platform Management (Default) + - 1 : Disable Platform Management
diff --git a/docs/process/coding-guidelines.rst b/docs/process/coding-guidelines.rst index ef319e4..26c272d 100644 --- a/docs/process/coding-guidelines.rst +++ b/docs/process/coding-guidelines.rst
@@ -463,11 +463,11 @@ -------------- -*Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2020, 2022, Arm Limited and Contributors. All rights reserved.* .. _`Linux master tree`: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/ -.. _`Procedure Call Standard for the Arm Architecture`: https://developer.arm.com/docs/ihi0042/latest/ -.. _`Procedure Call Standard for the Arm 64-bit Architecture`: https://developer.arm.com/docs/ihi0055/latest/ +.. _`Procedure Call Standard for the Arm Architecture`: https://github.com/ARM-software/abi-aa/blob/main/aapcs32/aapcs32.rst +.. _`Procedure Call Standard for the Arm 64-bit Architecture`: https://github.com/ARM-software/abi-aa/blob/main/aapcs64/aapcs64.rst .. _`EditorConfig`: http://editorconfig.org/ .. _`Why the “volatile” type class should not be used`: https://www.kernel.org/doc/html/latest/process/volatile-considered-harmful.html .. _`MISRA C:2012 Guidelines`: https://www.misra.org.uk/Activities/MISRAC/tabid/160/Default.aspx
diff --git a/docs/process/commit-style.rst b/docs/process/commit-style.rst index de899ab..d7e937b 100644 --- a/docs/process/commit-style.rst +++ b/docs/process/commit-style.rst
@@ -96,36 +96,25 @@ Adding Scopes ------------- -Scopes that are either a) unblessed in the configuration file, or b) do not -exist in the configuration file at all are considered to be deprecated. If you -are adding a new component that does not yet have a designated scope, please -feel free to add one. +Scopes that are not present in the changelog configuration file are considered +to be deprecated, and should be avoided. If you are adding a new component that +does not yet have a designated scope, please add one. For example, if you are adding or making modifications to `Foo`'s latest and -greatest new platform `Bar`, you would add it to the `Platforms` changelog -section, and the hierarchy should look something like this: +greatest new platform `Bar` then you would add it to the `Platforms` changelog +sub-section, and the hierarchy should look something like this: -.. code:: json +.. code:: yaml - { - "sections": [ - { - "title": "Platforms", - "sections": [ - { - "title": "Foo", - "scopes": ["foo"], - "sections": [ - { - "title": "Bar", - "scopes": ["bar"] - } - ] - } - ] - } - ] - } + - title: Platforms + + subsections: + - title: Foo + scope: foo + + subsections: + - title: Bar + scope: bar When creating new scopes, try to keep them short and succinct, and use kebab case (``this-is-kebab-case``). Components with a product name (i.e. most @@ -138,7 +127,9 @@ Commits are expected to be signed off with the ``Signed-off-by:`` trailer using your real name and email address. You can do this automatically by committing -with Git's ``-s`` flag. +with Git's ``-s`` flag. By adding this line the contributor certifies the +contribution is made under the terms of the :download:`Developer Certificate of +Origin <../../dco.txt>`. There may be multiple ``Signed-off-by:`` lines depending on the history of the patch, but one **must** be the committer. More details may be found in the
diff --git a/docs/process/index.rst b/docs/process/index.rst index bba2b40..7914a4e 100644 --- a/docs/process/index.rst +++ b/docs/process/index.rst
@@ -4,10 +4,9 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: security - platform-compatibility-policy + platform-ports-policy commit-style coding-style coding-guidelines
diff --git a/docs/process/platform-compatibility-policy.rst b/docs/process/platform-ports-policy.rst similarity index 63% rename from docs/process/platform-compatibility-policy.rst rename to docs/process/platform-ports-policy.rst index a10236c..7983749 100644 --- a/docs/process/platform-compatibility-policy.rst +++ b/docs/process/platform-ports-policy.rst
@@ -1,11 +1,8 @@ -Platform Compatibility Policy -============================= +Platform Ports Policy +===================== -Introduction ------------- - -This document clarifies the project's policy around compatibility for upstream -platforms. +This document clarifies a couple of policy points around platform ports +management. Platform compatibility policy ----------------------------- @@ -29,6 +26,24 @@ deprecated interfaces. Platforms are expected to migrate before the removal of the deprecated interface. +Platform deprecation policy +--------------------------- + +If a platform is no longer maintained, it is best to deprecate it to keep the +projects' source tree clean and healthy. Deprecation can be a 1-stage or 2-stage +process (up to the platform maintainers). + + - *2-stage*: The platform's source code can be kept in the repository for a + cooling off period before deleting it (typically 2 release cycles). In this + case, we keep track ot the *Deprecated* version separately from the *Deleted* + version. + + - *1-stage*: The platform's source code can be deleted straight away. In this + case, both versions are the same. + +The :ref:`Platform Ports` page provides a list of all deprecated/deleted +platform ports (or soon to be) to this day. + -------------- *Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.*
diff --git a/docs/resources/diagrams/Makefile b/docs/resources/diagrams/Makefile index 7f583b5..c951754 100644 --- a/docs/resources/diagrams/Makefile +++ b/docs/resources/diagrams/Makefile
@@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -61,7 +61,25 @@ xlat_align_layers = "bg,translations" xlat_align_opts = -all:$(RESET_PNGS) $(INT_PNGS) $(XLAT_PNG) +RMM_DIA = rmm_cold_boot_generic.dia +RMM_PNG = rmm_cold_boot_generic.png + +rmm_cold_boot_generic_layers = "background" +rmm_cold_boot_generic_opts = + +RMM_EL3_MANIFEST_DIA = rmm_el3_manifest_struct.dia +RMM_EL3_MANIFEST_PNG = rmm_el3_manifest_struct.png + +rmm_el3_manifest_struct_layers = "Background" +rmm_el3_manifest_struct_opts = + +PSA_FWU_DIA = PSA-FWU.dia +PSA_FWU_PNG = PSA-FWU.png + +FWU-update_struct_layers = "background" +FWU-update_struct_opts = + +all:$(RESET_PNGS) $(INT_PNGS) $(XLAT_PNG) $(RMM_PNG) $(RMM_EL3_MANIFEST_PNG) $(PSA_FWU_PNG) $(RESET_PNGS):$(RESET_DIA) $(call generate_image,$($(patsubst %.png,%_layers,$@)),$@,png,$($(patsubst %.png,%_opts,$@)),$<) @@ -72,3 +90,12 @@ $(XLAT_PNG):$(XLAT_DIA) $(call generate_image,$($(patsubst %.png,%_layers,$@)),$(patsubst %.png,%.svg,$@),svg,$($(patsubst %.png,%_opts,$@)),$<) inkscape -z $(patsubst %.png,%.svg,$@) -e $@ -d 45 + +$(RMM_PNG):$(RMM_DIA) + $(call generate_image,$($(patsubst %.png,%_layers,$@)),$@,png,$($(patsubst %.png,%_opts,$@)),$<) + +$(RMM_EL3_MANIFEST_PNG):$(RMM_EL3_MANIFEST_DIA) + $(call generate_image,$($(patsubst %.png,%_layers,$@)),$@,png,$($(patsubst %.png,%_opts,$@)),$<) + +$(PSA_FWU_PNG):$(PSA_FWU_DIA) + $(call generate_image,$($(patsubst %.png,%_layers,$@)),$@,png,$($(patsubst %.png,%_opts,$@)),$<)
diff --git a/docs/resources/diagrams/PSA-FWU.dia b/docs/resources/diagrams/PSA-FWU.dia new file mode 100644 index 0000000..aac5276 --- /dev/null +++ b/docs/resources/diagrams/PSA-FWU.dia Binary files differ
diff --git a/docs/resources/diagrams/PSA-FWU.png b/docs/resources/diagrams/PSA-FWU.png new file mode 100644 index 0000000..d58ba86 --- /dev/null +++ b/docs/resources/diagrams/PSA-FWU.png Binary files differ
diff --git a/docs/resources/diagrams/ff-a-lsp-at-el3.png b/docs/resources/diagrams/ff-a-lsp-at-el3.png new file mode 100644 index 0000000..7cff34f --- /dev/null +++ b/docs/resources/diagrams/ff-a-lsp-at-el3.png Binary files differ
diff --git a/docs/resources/diagrams/ff-a-spm-at-el3.png b/docs/resources/diagrams/ff-a-spm-at-el3.png new file mode 100644 index 0000000..3b263b0 --- /dev/null +++ b/docs/resources/diagrams/ff-a-spm-at-el3.png Binary files differ
diff --git a/docs/resources/diagrams/plantuml/el3_spm_dfd.puml b/docs/resources/diagrams/plantuml/el3_spm_dfd.puml new file mode 100644 index 0000000..c716180 --- /dev/null +++ b/docs/resources/diagrams/plantuml/el3_spm_dfd.puml
@@ -0,0 +1,78 @@ +/' + ' Copyright (c) 2022, Arm Limited. All rights reserved. + ' + ' SPDX-License-Identifier: BSD-3-Clause + '/ + +/' +TF-A EL3 SPMC Data Flow Diagram +'/ + +@startuml +digraph tfa_el3_dfd { + + # Allow arrows to end on cluster boundaries + compound=true + concentrate=false + newrank=true + + # Default settings for edges and nodes + edge [minlen=2 color="#8c1b07"] + node [fillcolor="#ffb866" style=filled shape=box fixedsize=true width=1.6 height=0.7] + + # Nodes outside of the trust boundary + nsec [label="NS Client"] + ddr [label="External memory (DDR)"] + + {rank="same" smmu, spmd} + # Trust boundary cluster + subgraph cluster_trusted { + graph [style=dashed color="#f22430"] + concentrate=false + + # HW IPs cluster + subgraph cluster_ip { + label ="Hardware IPs"; + graph [style=filled color="#000000" fillcolor="#ffd29e"] + + rank="same" + gic [label="GIC" width=1.2 height=0.5] + smmu [label="SMMU" width=1.2 height=0.5] + uart [label="UART" width=1.2 height=0.5] + pe [label="PE" width=1.2 height=0.5] + } + + # TF-A cluster + subgraph cluster_tfa { + label ="EL3 monitor"; + graph [style=filled color="#000000" fillcolor="#faf9cd"] + {rank="same" spmc, bl31} + {rank="same" spmd, lsp} + spmc [label="SPMC" fillcolor="#ddffb3"] + bl31 [label="BL31" fillcolor="#ddffb3"]; + spmd [label="SPMD" fillcolor="#ddffb3"] + lsp[label="LSP1" fillcolor="#ddffb3"] + } + bl2 [label="BL2" width=1.2 height=0.5] + } + + # Secure Partitions cluster + subgraph cluster_sp { + label ="Secure Partitions"; + graph [style=filled color="#000000" fillcolor="#faf9cd"] + + sp1 [label="SP1" fillcolor="#ddffb3"] + } + + sp1 -> spmc [dir="both" label="DF1"] + lsp -> spmc [dir="both" label="DF4"] + spmc -> spmd [dir="both" label="DF2"] + spmd -> nsec [dir="both" label="DF3"] + spmc -> smmu [lhead=cluster_spmc label="DF5"] + bl2 -> spmc [lhead=cluster_spmc label="DF6"] + bl2 -> sp1 [lhead=cluster_spmc label="DF6"] + sp1 -> ddr [dir="both" label="DF7"] + spmc -> ddr [dir="both" label="DF7"] +} + +@enduml
diff --git a/docs/resources/diagrams/rmm_cold_boot_generic.dia b/docs/resources/diagrams/rmm_cold_boot_generic.dia new file mode 100644 index 0000000..739a1df --- /dev/null +++ b/docs/resources/diagrams/rmm_cold_boot_generic.dia Binary files differ
diff --git a/docs/resources/diagrams/rmm_cold_boot_generic.png b/docs/resources/diagrams/rmm_cold_boot_generic.png new file mode 100644 index 0000000..df4c1ba --- /dev/null +++ b/docs/resources/diagrams/rmm_cold_boot_generic.png Binary files differ
diff --git a/docs/resources/diagrams/rmm_el3_manifest_struct.dia b/docs/resources/diagrams/rmm_el3_manifest_struct.dia new file mode 100644 index 0000000..7b7a9c2 --- /dev/null +++ b/docs/resources/diagrams/rmm_el3_manifest_struct.dia Binary files differ
diff --git a/docs/resources/diagrams/rmm_el3_manifest_struct.png b/docs/resources/diagrams/rmm_el3_manifest_struct.png new file mode 100644 index 0000000..8b5776c --- /dev/null +++ b/docs/resources/diagrams/rmm_el3_manifest_struct.png Binary files differ
diff --git a/docs/security_advisories/index.rst b/docs/security_advisories/index.rst index 887b06a..b80ba34 100644 --- a/docs/security_advisories/index.rst +++ b/docs/security_advisories/index.rst
@@ -4,7 +4,6 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: security-advisory-tfv-1.rst security-advisory-tfv-2.rst
diff --git a/docs/security_advisories/security-advisory-tfv-9.rst b/docs/security_advisories/security-advisory-tfv-9.rst index 74b85dc..d73e74b 100644 --- a/docs/security_advisories/security-advisory-tfv-9.rst +++ b/docs/security_advisories/security-advisory-tfv-9.rst
@@ -57,20 +57,38 @@ +----------------------+ | Cortex-A76 | +----------------------+ +| Cortex-A76AE | ++----------------------+ | Cortex-A77 | +----------------------+ | Cortex-A78 | +----------------------+ +| Cortex-A78AE | ++----------------------+ +| Cortex-A78C | ++----------------------+ +| Cortex-X1 | ++----------------------+ | Cortex-X2 | +----------------------+ +| Cortex-X3 | ++----------------------+ | Cortex-A710 | +----------------------+ +| Cortex-A715 | ++----------------------+ +| Cortex-Hunter | ++----------------------+ | Neoverse-N1 | +----------------------+ | Neoverse-N2 | +----------------------+ | Neoverse-V1 | +----------------------+ +| Neoverse-V2 | ++----------------------+ +| Neoverse-Poseidon | ++----------------------+ For all other cores impacted by Spectre-BHB, some of which that do not implement FEAT_CSV2 and some that do e.g. Cortex-A73, the recommended mitigation is to @@ -81,7 +99,9 @@ Convention specification`_ for more details. `Gerrit topic #spectre_bhb`_ This patchset implements the Spectre-BHB loop -workaround for CPUs mentioned in the above table. It also mitigates against +workaround for CPUs mentioned in the above table. For CPUs supporting +speculative barrier instruction, the loop workaround is optimised by using SB +in place of the common DSB and ISB sequence. It also mitigates against this vulnerability for Cortex-A72 CPU versions that support the CSV2 feature (from r1p0). The patch stack also includes an implementation for a specified `CVE-2022-23960`_ workaround SMC(``SMCCC_ARCH_WORKAROUND_3``) for use by normal @@ -90,7 +110,7 @@ implementation also enables the normal world to discover the presence of this firmware service. This patch also implements ``SMCCC_ARCH_WORKAROUND_3`` for Cortex-A57, Coxtex-A72, Cortex-A73 and Cortex-A75 using the existing workaround. -for CVE-2017-5715. +for CVE-2017-5715. Cortex-A15 patch extends Spectre V2 mitigation to Spectre-BHB. The above workaround is enabled by default (on vulnerable CPUs only). Platforms can choose to disable them at compile time if they do not require them.
diff --git a/docs/threat_model/index.rst b/docs/threat_model/index.rst index 335937e..ad8b82a 100644 --- a/docs/threat_model/index.rst +++ b/docs/threat_model/index.rst
@@ -11,10 +11,10 @@ .. toctree:: :maxdepth: 1 :caption: Contents - :numbered: threat_model threat_model_spm + threat_model_el3_spm threat_model_fvp_r --------------
diff --git a/docs/threat_model/threat_model_el3_spm.rst b/docs/threat_model/threat_model_el3_spm.rst new file mode 100644 index 0000000..c3af7a2 --- /dev/null +++ b/docs/threat_model/threat_model_el3_spm.rst
@@ -0,0 +1,650 @@ +EL3 SPMC Threat Model +********************* + +************ +Introduction +************ +This document provides a threat model for the TF-A `EL3 Secure Partition Manager`_ +(EL3 SPM) implementation. The EL3 SPM implementation is based on the +`Arm Firmware Framework for Arm A-profile`_ specification. + +******************** +Target of Evaluation +******************** +In this threat model, the target of evaluation is the ``Secure Partition Manager Core`` +component (SPMC) within the EL3 firmware. +The monitor and SPMD at EL3 are covered by the `Generic TF-A threat model`_. + +The scope for this threat model is: + +- The TF-A implementation for the EL3 SPMC +- The implementation complies with the FF-A v1.1 specification. +- Secure partition is statically provisioned at boot time. +- Focus on the run-time part of the life-cycle (no specific emphasis on boot + time, factory firmware provisioning, firmware udpate etc.) +- Not covering advanced or invasive physical attacks such as decapsulation, + FIB etc. + +Data Flow Diagram +================= +Figure 1 shows a high-level data flow diagram for the SPM split into an SPMD +and SPMC component at EL3. The SPMD mostly acts as a relayer/pass-through between +the normal world and the secure world. It is assumed to expose small attack surface. + +A description of each diagram element is given in Table 1. In the diagram, the +red broken lines indicate trust boundaries. + +Components outside of the broken lines are considered untrusted. + +.. uml:: ../resources/diagrams/plantuml/el3_spm_dfd.puml + :caption: Figure 1: EL3 SPMC Data Flow Diagram + +.. table:: Table 1: EL3 SPMC Data Flow Diagram Description + + +---------------------+--------------------------------------------------------+ + | Diagram Element | Description | + +=====================+========================================================+ + | DF1 | SP to SPMC communication. FF-A function invocation or | + | | implementation-defined Hypervisor call. | + | | | + | | Note:- To communicate with LSP, SP1 performs a direct | + | | message request to SPMC targeting LSP as destination. | + +---------------------+--------------------------------------------------------+ + | DF2 | SPMC to SPMD communication. | + +---------------------+--------------------------------------------------------+ + | DF3 | SPMD to NS forwarding. | + +---------------------+--------------------------------------------------------+ + | DF4 | SPMC to LSP communication. | + | | NWd to LSP communication happens through SPMC. | + | | LSP can send direct response SP1 or NWd through SPMC. | + +---------------------+--------------------------------------------------------+ + | DF5 | HW control. | + +---------------------+--------------------------------------------------------+ + | DF6 | Bootloader image loading. | + +---------------------+--------------------------------------------------------+ + | DF7 | External memory access. | + +---------------------+--------------------------------------------------------+ + + +*************** +Threat Analysis +*************** + +This threat model follows a similar methodology to the `Generic TF-A threat model`_. +The following sections define: + +- Trust boundaries +- Assets +- Theat agents +- Threat types + +Trust boundaries +================ + +- Normal world is untrusted. +- Secure world and normal world are separate trust boundaries. +- EL3 monitor, SPMD and SPMC are trusted. +- Bootloaders (in particular BL1/BL2 if using TF-A) and run-time BL31 are + implicitely trusted by the usage of trusted boot. +- EL3 monitor, SPMD, SPMC do not trust SPs. + +Assets +====== + +The following assets are identified: + +- SPMC state. +- SP state. +- Information exchange between endpoints (partition messages). +- SPMC secrets (e.g. pointer authentication key when enabled) +- SP secrets (e.g. application keys). +- Scheduling cycles. +- Shared memory. + +Threat Agents +============= + +The following threat agents are identified: + +- Non-secure endpoint (referred NS-Endpoint later): normal world client at + NS-EL2 (Hypervisor) or NS-EL1 (VM or OS kernel). +- Secure endpoint (referred as S-Endpoint later): typically a secure partition. +- Hardware attacks (non-invasive) requiring a physical access to the device, + such as bus probing or DRAM stress. + +Threat types +============ + +The following threat categories as exposed in the `Generic TF-A threat model`_ +are re-used: + +- Spoofing +- Tampering +- Repudiation +- Information disclosure +- Denial of service +- Elevation of privileges + +Similarly this threat model re-uses the same threat risk ratings. The risk +analysis is evaluated based on the environment being ``Server`` or ``Mobile``. +IOT is not evaluated as the EL3 SPMC is primarily meant for use in Client. + +Threat Assessment +================= + +The following threats are identified by applying STRIDE analysis on each diagram +element of the data flow diagram. + ++------------------------+----------------------------------------------------+ +| ID | 01 | ++========================+====================================================+ +| Threat | **An endpoint impersonates the sender | +| | FF-A ID in a direct request/response invocation.** | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3, DF4 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMD, SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Spoofing | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------++------------------------+ +| Impact | Critical(5) | Critical(5) | ++------------------------+--------------------------++------------------------+ +| Likelihood | Critical(5) | Critical(5) | ++------------------------+--------------------------++------------------------+ +| Total Risk Rating | Critical(25) | Critical(25) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | SPMC must be able to correctly identify an | +| | endpoint and enforce checks to disallow spoofing. | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. | +| implemented? | The SPMC enforces checks in the direct message | +| | request/response interfaces such an endpoint cannot| +| | spoof the origin and destination worlds (e.g. a NWd| +| | originated message directed to the SWd cannot use a| +| | SWd ID as the sender ID). | +| | Also enforces check for direct response being sent | +| | only to originator of request. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 02 | ++========================+====================================================+ +| Threat | **An endpoint impersonates the receiver | +| | FF-A ID in a direct request/response invocation.** | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3, DF4 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMD, SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Spoofing, Denial of Service | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------++------------------------+ +| Impact | Critical(5) | Critical(5) | ++------------------------+--------------------------++------------------------+ +| Likelihood | Critical(5) | Critical(5) | ++------------------------+--------------------------++------------------------+ +| Total Risk Rating | Critical(25) | Critical(25) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Validate if endpoind has permission to send | +| | request to other endpoint by implementation | +| | defined means. | ++------------------------+----------------------------------------------------+ +| Mitigations | Platform specific. | +| implemented? | | +| | The guidance below is left for a system integrator | +| | to implement as necessary. | +| | | +| | Additionally a software component residing in the | +| | SPMC can be added for the purpose of direct | +| | request/response filtering. | +| | | +| | It can be configured with the list of known IDs | +| | and about which interaction can occur between one | +| | and another endpoint (e.g. which NWd endpoint ID | +| | sends a direct request to which SWd endpoint ID). | +| | | +| | This component checks the sender/receiver fields | +| | for a legitimate communication between endpoints. | +| | | +| | A similar component can exist in the OS kernel | +| | driver, or Hypervisor although it remains untrusted| +| | by the SPMD/SPMC. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 03 | ++========================+====================================================+ +| Threat | **Tampering with memory shared between an endpoint | +| | and the SPMC.** | +| | | +| | A malicious endpoint may attempt tampering with its| +| | RX/TX buffer contents while the SPMC is processing | +| | it (TOCTOU). | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF3, DF7 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | Shared memory, Information exchange | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Tampering | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | High (16) | High (16) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Validate all inputs, copy before use. | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. In context of FF-A v1.1 this is the case of | +| implemented? | sharing the RX/TX buffer pair and usage in the | +| | PARTITION_INFO_GET or memory sharing primitives. | +| | | +| | The SPMC copies the contents of the TX buffer | +| | to an internal temporary buffer before processing | +| | its contents. The SPMC implements hardened input | +| | validation on data transmitted through the TX | +| | buffer by an untrusted endpoint. | +| | | +| | The TF-A SPMC enforces | +| | checks on data transmitted through RX/TX buffers. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 04 | ++========================+====================================================+ +| Threat | **An endpoint may tamper with its own state or the | +| | state of another endpoint.** | +| | | +| | A malicious endpoint may attempt violating: | +| | | +| | - its own or another SP state by using an unusual | +| | combination (or out-of-order) FF-A function | +| | invocations. | +| | This can also be an endpoint emitting FF-A | +| | function invocations to another endpoint while | +| | the latter in not in a state to receive it (e.g. | +| | SP sends a direct request to the normal world | +| | early while the normal world is not booted yet). | +| | - the SPMC state itself by employing unexpected | +| | transitions in FF-A memory sharing, direct | +| | requests and responses, or handling of interrupts| +| | This can be led by random stimuli injection or | +| | fuzzing. | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMD, SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP state, SPMC state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Tampering | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | High (12) | High (12) | ++------------------------+------------------+-----------------+---------------+ +| Mitigations | Follow guidelines in FF-A v1.1 specification on | +| | state transitions (run-time model). | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. The TF-A SPMC is hardened to follow this | +| implemented? | guidance. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 05 | ++========================+====================================================+ +| Threat | **Replay fragments of past communication between | +| | endpoints.** | +| | | +| | A malicious endpoint may replay a message exchange | +| | that occurred between two legitimate endpoints as | +| | a matter of triggering a malfunction or extracting | +| | secrets from the receiving endpoint. In particular | +| | the memory sharing operation with fragmented | +| | messages between an endpoint and the SPMC may be | +| | replayed by a malicious agent as a matter of | +| | getting access or gaining permissions to a memory | +| | region which does not belong to this agent. | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | Information exchange | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Repudiation | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | High (12) | High (12) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Strict input validation and state tracking. | ++------------------------+----------------------------------------------------+ +| Mitigations | Platform specific. | +| implemented? | | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 06 | ++========================+====================================================+ +| Threat | **A malicious endpoint may attempt to extract data | +| | or state information by the use of invalid or | +| | incorrect input arguments.** | +| | | +| | Lack of input parameter validation or side effects | +| | of maliciously forged input parameters might affect| +| | the SPMC. | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMD, SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP secrets, SPMC secrets, SP state, SPMC state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Information discolure | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | High (12) | High (12) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | SPMC must be prepared to receive incorrect input | +| | data from secure partitions and reject them | +| | appropriately. | +| | The use of software (canaries) or hardware | +| | hardening techniques (XN, WXN, pointer | +| | authentication) helps detecting and stopping | +| | an exploitation early. | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. The TF-A SPMC mitigates this threat by | +| implemented? | implementing stack protector, pointer | +| | authentication, XN, WXN, security hardening | +| | techniques. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 07 | ++========================+====================================================+ +| Threat | **A malicious endpoint may forge a direct message | +| | request such that it reveals the internal state of | +| | another endpoint through the direct message | +| | response.** | +| | | +| | The secure partition or SPMC replies to a partition| +| | message by a direct message response with | +| | information which may reveal its internal state | +| | (e.g. partition message response outside of | +| | allowed bounds). | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SPMC or SP state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Information discolure | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Low (2) | Low (2) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | Medium (6) | Medium (6) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Follow FF-A specification about state transitions, | +| | run time model, do input validation. | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. For the specific case of direct requests | +| implemented? | targeting the SPMC, the latter is hardened to | +| | prevent its internal state or the state of an SP | +| | to be revealed through a direct message response. | +| | Further FF-A v1.1 guidance about run time models | +| | and partition states is followed. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 08 | ++========================+====================================================+ +| Threat | **Probing the FF-A communication between | +| | endpoints.** | +| | | +| | SPMC and SPs are typically loaded to external | +| | memory (protected by a TrustZone memory | +| | controller). A malicious agent may use non invasive| +| | methods to probe the external memory bus and | +| | extract the traffic between an SP and the SPMC or | +| | among SPs when shared buffers are held in external | +| | memory. | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF7 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP/SPMC state, SP/SPMC secrets | ++------------------------+----------------------------------------------------+ +| Threat Agent | Hardware attack | ++------------------------+----------------------------------------------------+ +| Threat Type | Information disclosure | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Low (2) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | Medium (6) | Medium (9) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Implement DRAM protection techniques using | +| | hardware countermeasures at platform or chip level.| ++------------------------+--------------------------+-------------------------+ +| Mitigations | Platform specific. | +| implemented? | | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 09 | ++========================+====================================================+ +| Threat | **A malicious agent may attempt revealing the SPMC | +| | state or secrets by the use of software-based cache| +| | side-channel attack techniques.** | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF7 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP or SPMC state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Information disclosure | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Low (2) | Low (2) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | Medium (6) | Medium (6) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | The SPMC may be hardened further with SW | +| | mitigations (e.g. speculation barriers) for the | +| | cases not covered in HW. Usage of hardened | +| | compilers and appropriate options, code inspection | +| | are recommended ways to mitigate Spectre types of | +| | attacks. | ++------------------------+----------------------------------------------------+ +| Mitigations | No. | +| implemented? | | ++------------------------+----------------------------------------------------+ + + ++------------------------+----------------------------------------------------+ +| ID | 10 | ++========================+====================================================+ +| Threat | **A malicious endpoint may attempt flooding the | +| | SPMC with requests targeting a service within an | +| | endpoint such that it denies another endpoint to | +| | access this service.** | +| | | +| | Similarly, the malicious endpoint may target a | +| | a service within an endpoint such that the latter | +| | is unable to request services from another | +| | endpoint. | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SPMC state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Denial of service | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | Medium (9) | Medium (9) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Bounding the time for operations to complete can | +| | be achieved by the usage of a trusted watchdog. | +| | Other quality of service monitoring can be achieved| +| | in the SPMC such as counting a number of operations| +| | in a limited timeframe. | ++------------------------+----------------------------------------------------+ +| Mitigations | Platform specific. | +| implemented? | | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 11 | ++========================+====================================================+ +| Threat | **Denying a lender endpoint to make progress if | +| | borrower endpoint encountered a fatal exception. | +| | Denying a new sender endpoint to make progress | +| | if receiver encountered a fatal exception.** | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | Shared resources, Scheduling cycles. | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Denial of service | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | Medium (3) | Medium (3) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | Medium (9) | Medium (9) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | SPMC must be able to detect fatal error in SP and | +| | take ownership of shared resources. It should | +| | be able to relinquish the access to shared memory | +| | regions to allow lender to proceed. | +| | SPMC must return ABORTED if new direct requests are| +| | targeted to SP which has had a fatal error. | ++------------------------+----------------------------------------------------+ +| Mitigations | Platform specific. | +| implemented? | | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 12 | ++========================+====================================================+ +| Threat | **A malicious endpoint may attempt to donate, | +| | share, lend, relinquish or reclaim unauthorized | +| | memory region.** | ++------------------------+----------------------------------------------------+ +| Diagram Elements | DF1, DF2, DF3 | ++------------------------+----------------------------------------------------+ +| Affected TF-A | SPMC | +| Components | | ++------------------------+----------------------------------------------------+ +| Assets | SP secrets, SPMC secrets, SP state, SPMC state | ++------------------------+----------------------------------------------------+ +| Threat Agent | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| Threat Type | Elevation of Privilege | ++------------------------+--------------------------+-------------------------+ +| Application | Server | Mobile | ++------------------------+--------------------------+-------------------------+ +| Impact | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Likelihood | High (4) | High (4) | ++------------------------+--------------------------+-------------------------+ +| Total Risk Rating | High (16) | High (16) | ++------------------------+--------------------------+-------------------------+ +| Mitigations | Follow FF-A specification guidelines | +| | on Memory management transactions. | ++------------------------+----------------------------------------------------+ +| Mitigations | Yes. The SPMC tracks ownership and access state | +| implemented? | for memory transactions appropriately, and | +| | validating the same for all operations. | +| | SPMC follows FF-A v1.1 | +| | guidance for memory transaction lifecycle. | ++------------------------+----------------------------------------------------+ + +--------------- + +*Copyright (c) 2022, Arm Limited. All rights reserved.* + +.. _Arm Firmware Framework for Arm A-profile: https://developer.arm.com/docs/den0077/latest +.. _EL3 Secure Partition Manager: ../components/el3-spmc.html +.. _Generic TF-A threat model: ./threat_model.html#threat-analysis +.. _FF-A ACS: https://github.com/ARM-software/ff-a-acs/releases
diff --git a/docs/threat_model/threat_model_spm.rst b/docs/threat_model/threat_model_spm.rst index a7bc2a9..98dbf76 100644 --- a/docs/threat_model/threat_model_spm.rst +++ b/docs/threat_model/threat_model_spm.rst
@@ -258,7 +258,7 @@ | | invocations. | | | This can also be an endpoint emitting | | | FF-A function invocations to another endpoint while| -| | the latter in not in a state to receive it (e.g. a | +| | the latter is not in a state to receive it (e.g. a | | | SP sends a direct request to the normal world early| | | while the normal world is not booted yet). | | | - the SPMC state itself by employing unexpected | @@ -286,14 +286,12 @@ +------------------------+------------------+-----------------+---------------+ | ``Total Risk Rating`` | High (12) | High (12) | | +------------------------+------------------+-----------------+---------------+ -| ``Mitigations`` | The SPMC may be vulnerable to invalid state | -| | transitions for itself or while handling an SP | -| | state. The FF-A v1.1 specification provides a | -| | guidance on those state transitions (run-time | -| | model). The TF-A SPMC will be hardened in future | -| | releases to follow this guidance. | -| | Additionally The TF-A SPMC mitigates the threat by | -| | runs of the Arm `FF-A ACS`_ compliance test suite. | +| ``Mitigations`` | The TF-A SPMC provides mitigation against such | +| | threat by following the guidance for partition | +| | runtime models as described in FF-A v1.1 EAC0 spec.| +| | The SPMC performs numerous checks in runtime to | +| | prevent illegal state transitions by adhering to | +| | the partition runtime model. | +------------------------+----------------------------------------------------+ +------------------------+----------------------------------------------------+ @@ -482,9 +480,11 @@ | | the SPMC, the latter is hardened to prevent | | | its internal state or the state of an SP to be | | | revealed through a direct message response. | -| | Further FF-A v1.1 guidance about run time models | -| | and partition states will be implemented in future | -| | TF-A SPMC releases. | +| | Further, SPMC performs numerous checks in runtime | +| | on the basis of the rules established by partition | +| | runtime models to stop any malicious attempts by | +| | an endpoint to extract internal state of another | +| | endpoint. | +------------------------+----------------------------------------------------+ +------------------------+----------------------------------------------------+ @@ -882,9 +882,278 @@ | | execution context. | +------------------------+----------------------------------------------------+ ---------------- ++------------------------+----------------------------------------------------+ +| ID | 19 | ++========================+====================================================+ +| ``Threat`` | **A malicious endpoint may abuse FFA_RUN call to | +| | resume or turn on other endpoint execution | +| | contexts, attempting to alter the internal state of| +| | SPMC and SPs, potentially leading to illegal state | +| | transitions and deadlocks.** | +| | An endpoint can call into another endpoint | +| | execution context using FFA_MSG_SEND_DIRECT_REQ | +| | ABI to create a call chain. A malicious endpoint | +| | could abuse this to form loops in a call chain that| +| | could lead to potential deadlocks. | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF2, DF4 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC, SPMD | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Tampering, Denial of Service | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | The TF-A SPMC provides mitigation against such | +| | threats by following the guidance for partition | +| | runtime models as described in FF-A v1.1 EAC0 spec.| +| | The SPMC performs numerous checks in runtime to | +| | prevent illegal state transitions by adhering to | +| | the partition runtime model. Further, if the | +| | receiver endpoint is a predecessor of current | +| | endpoint in the present call chain, the SPMC denies| +| | any attempts to form loops by returning FFA_DENIED | +| | error code. Only the primary scheduler is allowed | +| | to turn on execution contexts of other partitions | +| | though SPMC does not have the ability to | +| | scrutinize its identity. Secure partitions have | +| | limited ability to resume execution contexts of | +| | other partitions based on the runtime model. Such | +| | attempts cannot compromise the integrity of the | +| | SPMC. | ++------------------------+----------------------------------------------------+ -*Copyright (c) 2021, Arm Limited. All rights reserved.* ++------------------------+----------------------------------------------------+ +| ID | 20 | ++========================+====================================================+ +| ``Threat`` | **A malicious endpoint can perform a | +| | denial-of-service attack by using FFA_INTERRUPT | +| | call that could attempt to cause the system to | +| | crash or enter into an unknown state as no physical| +| | interrupt could be pending for it to be handled in | +| | the SPMC.** | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF2, DF5 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC, SPMD | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | NS-Endpoint, S-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Tampering, Denial of Service | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | The TF-A SPMC provides mitigation against such | +| | attack by detecting invocations from partitions | +| | and simply returning FFA_ERROR status interface. | +| | SPMC only allows SPMD to use FFA_INTERRUPT ABI to | +| | communicate a pending secure interrupt triggered | +| | while execution was in normal world. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 21 | ++========================+====================================================+ +| ``Threat`` | **A malicious secure endpoint might deactivate a | +| | (virtual) secure interrupt that was not originally | +| | signaled by SPMC, thereby attempting to alter the | +| | state of the SPMC and potentially lead to system | +| | crash.** | +| | SPMC maps the virtual interrupt ids to the physical| +| | interrupt ids to keep the implementation of virtual| +| | interrupt driver simple. | +| | Similarly, a malicious secure endpoint might invoke| +| | the deactivation ABI more than once for a secure | +| | interrupt. Moreover, a malicious secure endpoint | +| | might attempt to deactivate a (virtual) secure | +| | interrupt that was signaled to another endpoint | +| | execution context by the SPMC even before secure | +| | interrupt was handled. | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF5 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | S-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Tampering | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | At initialization, the TF-A SPMC parses the | +| | partition manifests to find the target execution | +| | context responsible for handling the various | +| | secure physical interrupts. The TF-A SPMC provides | +| | mitigation against above mentioned threats by: | +| | | +| | - Keeping track of each pending virtual interrupt | +| | signaled to an execution context of a secure | +| | secure partition. | +| | - Denying any deactivation call from SP if there is| +| | no pending physical interrupt mapped to the | +| | given virtual interrupt. | +| | - Denying any deactivation call from SP if the | +| | virtual interrupt has not been signaled to the | +| | current execution context. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 22 | ++========================+====================================================+ +| ``Threat`` | **A malicious secure endpoint might not deactivate | +| | a virtual interrupt signaled to it by the SPMC but | +| | perform secure interrupt signal completion. This | +| | attempt to corrupt the internal state of the SPMC | +| | could lead to an unknown state and further lead to | +| | system crash.** | +| | Similarly, a malicious secure endpoint could | +| | deliberately not perform either interrupt | +| | deactivation or interrupt completion signal. Since,| +| | the SPMC can only process one secure interrupt at a| +| | time, this could choke the system where all | +| | interrupts are indefinitely masked which could | +| | potentially lead to system crash or reboot. | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF5 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | S-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Tampering, Denial of Service | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | The TF-A SPMC does not provide mitigation against | +| | such threat. This is a limitation of the current | +| | SPMC implementation and needs to be handled in the | +| | future releases. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 23 | ++========================+====================================================+ +| ``Threat`` | **A malicious endpoint could leverage non-secure | +| | interrupts to preempt a secure endpoint, thereby | +| | attempting to render it unable to handle a secure | +| | virtual interrupt targetted for it. This could lead| +| | to priority inversion as secure virtual interrupts | +| | are kept pending while non-secure interrupts are | +| | handled by normal world VMs.** | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF2, DF3, DF5 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC, SPMD | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | NS-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Denial of Service | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | The TF-A SPMC alone does not provide mitigation | +| | against such threats. System integrators must take | +| | necessary high level design decisions that takes | +| | care of interrupt prioritization. The SPMC performs| +| | its role of enabling SPs to specify appropriate | +| | action towards non-secure interrupt with the help | +| | of partition manifest based on the guidance in the | +| | FF-A v1.1 EAC0 specification. | ++------------------------+----------------------------------------------------+ + ++------------------------+----------------------------------------------------+ +| ID | 24 | ++========================+====================================================+ +| ``Threat`` | **A secure endpoint depends on primary scheduler | +| | for CPU cycles. A malicious endpoint could delay | +| | the secure endpoint from being scheduled. Secure | +| | interrupts, if not handled timely, could compromise| +| | the state of SP and SPMC, thereby rendering the | +| | system unresponsive.** | ++------------------------+----------------------------------------------------+ +| ``Diagram Elements`` | DF1, DF2, DF3, DF5 | ++------------------------+----------------------------------------------------+ +| ``Affected TF-A | SPMC, SPMD | +| Components`` | | ++------------------------+----------------------------------------------------+ +| ``Assets`` | SPMC state, SP state, Scheduling cycles | ++------------------------+----------------------------------------------------+ +| ``Threat Agent`` | NS-Endpoint | ++------------------------+----------------------------------------------------+ +| ``Threat Type`` | Denial of Service | ++------------------------+------------------+-----------------+---------------+ +| ``Application`` | ``Server`` | ``Mobile`` | | ++------------------------+------------------+-----------------+---------------+ +| ``Impact`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Likelihood`` | Medium (3) | Medium (3) | | ++------------------------+------------------+-----------------+---------------+ +| ``Total Risk Rating`` | Medium (9) | Medium (9) | | ++------------------------+------------------+-----------------+---------------+ +| ``Mitigations`` | The TF-A SPMC does not provide full mitigation | +| | against such threats. However, based on the | +| | guidance provided in the FF-A v1.1 EAC0 spec, SPMC | +| | provisions CPU cycles to run a secure endpoint | +| | execution context in SPMC schedule mode which | +| | cannot be preempted by a non-secure interrupt. | +| | This reduces the dependency on primary scheduler | +| | for cycle allocation. Moreover, all further | +| | interrupts are masked until pending secure virtual | +| | interrupt on current CPU is handled. This allows SP| +| | execution context to make progress even upon being | +| | interrupted. | ++------------------------+----------------------------------------------------+ + +-------------- + +*Copyright (c) 2021-2022, Arm Limited. All rights reserved.* .. _Arm Firmware Framework for Arm A-profile: https://developer.arm.com/docs/den0077/latest .. _Secure Partition Manager: ../components/secure-partition-manager.html
diff --git a/drivers/amlogic/crypto/sha_dma.c b/drivers/amlogic/crypto/sha_dma.c index fceb1c0..5c16d49 100644 --- a/drivers/amlogic/crypto/sha_dma.c +++ b/drivers/amlogic/crypto/sha_dma.c
@@ -8,6 +8,7 @@ #include <assert.h> #include <crypto/sha_dma.h> #include <lib/mmio.h> +#include <platform_def.h> #include "aml_private.h"
diff --git a/drivers/arm/css/scp/css_pm_scmi.c b/drivers/arm/css/scp/css_pm_scmi.c index 5de2604..9fe8b37 100644 --- a/drivers/arm/css/scp/css_pm_scmi.c +++ b/drivers/arm/css/scp/css_pm_scmi.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -11,6 +11,7 @@ #include <common/debug.h> #include <drivers/arm/css/css_scp.h> #include <drivers/arm/css/scmi.h> +#include <lib/mmio.h> #include <plat/arm/common/plat_arm.h> #include <plat/arm/css/common/css_pm.h> #include <plat/common/platform.h> @@ -286,15 +287,42 @@ return HW_OFF; } +/* + * Callback function to raise a SGI designated to trigger the CPU power down + * sequence on all the online secondary cores. + */ +static void css_raise_pwr_down_interrupt(u_register_t mpidr) +{ +#if CSS_SYSTEM_GRACEFUL_RESET + plat_ic_raise_el3_sgi(CSS_CPU_PWR_DOWN_REQ_INTR, mpidr); +#endif +} + void __dead2 css_scp_system_off(int state) { int ret; /* + * Before issuing the system power down command, set the trusted mailbox + * to 0. This will ensure that in the case of a warm/cold reset, the + * primary CPU executes from the cold boot sequence. + */ + mmio_write_64(PLAT_ARM_TRUSTED_MAILBOX_BASE, 0U); + + /* + * Send powerdown request to online secondary core(s) + */ + ret = psci_stop_other_cores(0, css_raise_pwr_down_interrupt); + if (ret != PSCI_E_SUCCESS) { + ERROR("Failed to powerdown secondary core(s)\n"); + } + + /* * Disable GIC CPU interface to prevent pending interrupt from waking * up the AP from WFI. */ plat_arm_gic_cpuif_disable(); + plat_arm_gic_redistif_off(); /* * Issue SCMI command. First issue a graceful @@ -309,6 +337,9 @@ state, ret); panic(); } + + /* Powerdown of primary core */ + psci_pwrdown_cpu(PLAT_MAX_PWR_LVL); wfi(); ERROR("CSS set power state: operation not handled.\n"); panic();
diff --git a/drivers/arm/ethosn/ethosn_smc.c b/drivers/arm/ethosn/ethosn_smc.c index 60364cd..915a0d8 100644 --- a/drivers/arm/ethosn/ethosn_smc.c +++ b/drivers/arm/ethosn/ethosn_smc.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, Arm Limited. All rights reserved. + * Copyright (c) 2021-2022, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,18 +12,17 @@ #include <drivers/arm/ethosn.h> #include <drivers/delay_timer.h> #include <lib/mmio.h> +#include <lib/utils_def.h> #include <plat/arm/common/fconf_ethosn_getter.h> /* - * Number of Arm Ethos-N NPU (NPU) cores available for a - * particular parent device + * Number of Arm(R) Ethos(TM)-N NPU (NPU) devices available */ -#define ETHOSN_NUM_CORES \ - FCONF_GET_PROPERTY(hw_config, ethosn_config, num_cores) +#define ETHOSN_NUM_DEVICES \ + FCONF_GET_PROPERTY(hw_config, ethosn_config, num_devices) -/* Address to an NPU core */ -#define ETHOSN_CORE_ADDR(core_idx) \ - FCONF_GET_PROPERTY(hw_config, ethosn_core_addr, core_idx) +#define ETHOSN_GET_DEVICE(dev_idx) \ + FCONF_GET_PROPERTY(hw_config, ethosn_device, dev_idx) /* NPU core sec registry address */ #define ETHOSN_CORE_SEC_REG(core_addr, reg_offset) \ @@ -40,9 +39,6 @@ #define SEC_SECCTLR_REG U(0x0010) #define SEC_SECCTLR_VAL U(0x3) -#define SEC_DEL_MMUSID_REG U(0x2008) -#define SEC_DEL_MMUSID_VAL U(0x3FFFF) - #define SEC_DEL_ADDR_EXT_REG U(0x201C) #define SEC_DEL_ADDR_EXT_VAL U(0x15) @@ -50,17 +46,63 @@ #define SEC_SYSCTRL0_SOFT_RESET U(3U << 29) #define SEC_SYSCTRL0_HARD_RESET U(1U << 31) -static bool ethosn_is_core_addr_valid(uintptr_t core_addr) +#define SEC_MMUSID_REG_BASE U(0x3008) +#define SEC_MMUSID_OFFSET U(0x1000) + +static bool ethosn_get_device_and_core(uintptr_t core_addr, + const struct ethosn_device_t **dev_match, + const struct ethosn_core_t **core_match) { - for (uint32_t core_idx = 0U; core_idx < ETHOSN_NUM_CORES; core_idx++) { - if (ETHOSN_CORE_ADDR(core_idx) == core_addr) { - return true; + uint32_t dev_idx; + uint32_t core_idx; + + for (dev_idx = 0U; dev_idx < ETHOSN_NUM_DEVICES; ++dev_idx) { + const struct ethosn_device_t *dev = ETHOSN_GET_DEVICE(dev_idx); + + for (core_idx = 0U; core_idx < dev->num_cores; ++core_idx) { + const struct ethosn_core_t *core = &(dev->cores[core_idx]); + + if (core->addr == core_addr) { + *dev_match = dev; + *core_match = core; + return true; + } } } + WARN("ETHOSN: Unknown core address given to SMC call.\n"); return false; } +static void ethosn_configure_smmu_streams(const struct ethosn_device_t *device, + const struct ethosn_core_t *core, + uint32_t asset_alloc_idx) +{ + const struct ethosn_main_allocator_t *main_alloc = + &(core->main_allocator); + const struct ethosn_asset_allocator_t *asset_alloc = + &(device->asset_allocators[asset_alloc_idx]); + const uint32_t streams[9] = { + main_alloc->firmware.stream_id, + main_alloc->working_data.stream_id, + asset_alloc->command_stream.stream_id, + 0U, /* Not used*/ + main_alloc->firmware.stream_id, + asset_alloc->weight_data.stream_id, + asset_alloc->buffer_data.stream_id, + asset_alloc->intermediate_data.stream_id, + asset_alloc->buffer_data.stream_id + }; + size_t i; + + for (i = 0U; i < ARRAY_SIZE(streams); ++i) { + const uintptr_t reg_addr = SEC_MMUSID_REG_BASE + + (SEC_MMUSID_OFFSET * i); + mmio_write_32(ETHOSN_CORE_SEC_REG(core->addr, reg_addr), + streams[i]); + } +} + static void ethosn_delegate_to_ns(uintptr_t core_addr) { mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_SECCTLR_REG), @@ -69,9 +111,6 @@ mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_DEL_REG), SEC_DEL_VAL); - mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_DEL_MMUSID_REG), - SEC_DEL_MMUSID_VAL); - mmio_setbits_32(ETHOSN_CORE_SEC_REG(core_addr, SEC_DEL_ADDR_EXT_REG), SEC_DEL_ADDR_EXT_VAL); } @@ -112,7 +151,7 @@ uintptr_t ethosn_smc_handler(uint32_t smc_fid, u_register_t core_addr, - u_register_t x2, + u_register_t asset_alloc_idx, u_register_t x3, u_register_t x4, void *cookie, @@ -120,6 +159,8 @@ u_register_t flags) { int hard_reset = 0; + const struct ethosn_device_t *device = NULL; + const struct ethosn_core_t *core = NULL; const uint32_t fid = smc_fid & FUNCID_NUM_MASK; /* Only SiP fast calls are expected */ @@ -131,12 +172,14 @@ /* Truncate parameters to 32-bits for SMC32 */ if (GET_SMC_CC(smc_fid) == SMC_32) { core_addr &= 0xFFFFFFFF; - x2 &= 0xFFFFFFFF; + asset_alloc_idx &= 0xFFFFFFFF; x3 &= 0xFFFFFFFF; x4 &= 0xFFFFFFFF; } - if (!is_ethosn_fid(smc_fid)) { + if (!is_ethosn_fid(smc_fid) || + (fid < ETHOSN_FNUM_VERSION || fid > ETHOSN_FNUM_SOFT_RESET)) { + WARN("ETHOSN: Unknown SMC call: 0x%x\n", smc_fid); SMC_RET1(handle, SMC_UNK); } @@ -146,25 +189,41 @@ SMC_RET2(handle, ETHOSN_VERSION_MAJOR, ETHOSN_VERSION_MINOR); } - if (!ethosn_is_core_addr_valid(core_addr)) { - WARN("ETHOSN: Unknown core address given to SMC call.\n"); + if (!ethosn_get_device_and_core(core_addr, &device, &core)) { SMC_RET1(handle, ETHOSN_UNKNOWN_CORE_ADDRESS); } - /* Commands that require a valid addr */ + /* Commands that require a valid core address */ switch (fid) { case ETHOSN_FNUM_IS_SEC: - SMC_RET1(handle, ethosn_is_sec(core_addr)); + SMC_RET1(handle, ethosn_is_sec(core->addr)); + } + + if (!device->has_reserved_memory && + asset_alloc_idx >= device->num_allocators) { + WARN("ETHOSN: Unknown asset allocator index given to SMC call.\n"); + SMC_RET1(handle, ETHOSN_UNKNOWN_ALLOCATOR_IDX); + } + + /* Commands that require a valid device, core and asset allocator */ + switch (fid) { case ETHOSN_FNUM_HARD_RESET: hard_reset = 1; /* Fallthrough */ case ETHOSN_FNUM_SOFT_RESET: - if (!ethosn_reset(core_addr, hard_reset)) { + if (!ethosn_reset(core->addr, hard_reset)) { SMC_RET1(handle, ETHOSN_FAILURE); } - ethosn_delegate_to_ns(core_addr); + + if (!device->has_reserved_memory) { + ethosn_configure_smmu_streams(device, core, + asset_alloc_idx); + } + + ethosn_delegate_to_ns(core->addr); SMC_RET1(handle, ETHOSN_SUCCESS); default: + WARN("ETHOSN: Unimplemented SMC call: 0x%x\n", fid); SMC_RET1(handle, SMC_UNK); } }
diff --git a/drivers/arm/gic/v2/gicv2_main.c b/drivers/arm/gic/v2/gicv2_main.c index 939d097..1925a13 100644 --- a/drivers/arm/gic/v2/gicv2_main.c +++ b/drivers/arm/gic/v2/gicv2_main.c
@@ -1,5 +1,6 @@ /* * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. + * Portions copyright (c) 2021-2022, ProvenRun S.A.S. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -417,7 +418,7 @@ * The proc_num parameter must be the linear index of the target PE in the * system. ******************************************************************************/ -void gicv2_raise_sgi(int sgi_num, int proc_num) +void gicv2_raise_sgi(int sgi_num, bool ns, int proc_num) { unsigned int sgir_val, target; @@ -437,7 +438,7 @@ target = driver_data->target_masks[proc_num]; assert(target != 0U); - sgir_val = GICV2_SGIR_VALUE(SGIR_TGT_SPECIFIC, target, sgi_num); + sgir_val = GICV2_SGIR_VALUE(SGIR_TGT_SPECIFIC, target, ns, sgi_num); /* * Ensure that any shared variable updates depending on out of band
diff --git a/drivers/arm/gic/v3/gic-x00.c b/drivers/arm/gic/v3/gic-x00.c index aaef485..83ef32f 100644 --- a/drivers/arm/gic/v3/gic-x00.c +++ b/drivers/arm/gic/v3/gic-x00.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2022, Arm Limited and Contributors. All rights reserved. * Copyright (c) 2020, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause @@ -16,6 +16,7 @@ #include <assert.h> #include <arch_helpers.h> +#include <common/debug.h> #include <drivers/arm/arm_gicv3_common.h> #include <drivers/arm/gicv3.h> @@ -42,6 +43,8 @@ #define PWRR_ON (0U << PWRR_RDPD_SHIFT) #define PWRR_OFF (1U << PWRR_RDPD_SHIFT) +static bool gic600_errata_wa_2384374 __unused; + #if GICV3_SUPPORT_GIC600 /* GIC-600/700 specific accessor functions */ @@ -170,3 +173,60 @@ } #endif } + +#if GIC600_ERRATA_WA_2384374 +/******************************************************************************* + * Apply part 2 of workaround for errata-2384374 as per SDEN: + * https://developer.arm.com/documentation/sden892601/latest/ + ******************************************************************************/ +void gicv3_apply_errata_wa_2384374(uintptr_t gicr_base) +{ + if (gic600_errata_wa_2384374) { + uint32_t gicr_ctlr_val = gicr_read_ctlr(gicr_base); + + gicr_write_ctlr(gicr_base, gicr_ctlr_val | + (GICR_CTLR_DPG0_BIT | GICR_CTLR_DPG1NS_BIT | + GICR_CTLR_DPG1S_BIT)); + gicr_write_ctlr(gicr_base, gicr_ctlr_val & + ~(GICR_CTLR_DPG0_BIT | GICR_CTLR_DPG1NS_BIT | + GICR_CTLR_DPG1S_BIT)); + } +} +#endif /* GIC600_ERRATA_WA_2384374 */ + +void gicv3_check_erratas_applies(uintptr_t gicd_base) +{ + unsigned int gic_prod_id; + uint8_t gic_rev; + + assert(gicd_base != 0UL); + + gicv3_get_component_prodid_rev(gicd_base, &gic_prod_id, &gic_rev); + + /* + * This workaround applicable only to GIC600 and GIC600AE products with + * revision less than r1p6 and r0p2 respectively. + * As per GIC600/GIC600AE specification - + * r1p6 = 0x17 => GICD_IIDR[19:12] + * r0p2 = 0x04 => GICD_IIDR[19:12] + */ + if ((gic_prod_id == GIC_PRODUCT_ID_GIC600) || + (gic_prod_id == GIC_PRODUCT_ID_GIC600AE)) { + if (((gic_prod_id == GIC_PRODUCT_ID_GIC600) && + (gic_rev <= GIC_REV(GIC_VARIANT_R1, GIC_REV_P6))) || + ((gic_prod_id == GIC_PRODUCT_ID_GIC600AE) && + (gic_rev <= GIC_REV(GIC_VARIANT_R0, GIC_REV_P2)))) { +#if GIC600_ERRATA_WA_2384374 + gic600_errata_wa_2384374 = true; + VERBOSE("%s applies\n", + "GIC600/GIC600AE errata workaround 2384374"); +#else + WARN("%s missing\n", + "GIC600/GIC600AE errata workaround 2384374"); +#endif /* GIC600_ERRATA_WA_2384374 */ + } else { + VERBOSE("%s not applies\n", + "GIC600/GIC600AE errata workaround 2384374"); + } + } +}
diff --git a/drivers/arm/gic/v3/gic600_multichip.c b/drivers/arm/gic/v3/gic600_multichip.c index 5f42ad9..e85dbc1 100644 --- a/drivers/arm/gic/v3/gic600_multichip.c +++ b/drivers/arm/gic/v3/gic600_multichip.c
@@ -1,5 +1,6 @@ /* * Copyright (c) 2019, Arm Limited. All rights reserved. + * Copyright (c) 2022, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -97,16 +98,28 @@ spi_id_max = GIC600_SPI_ID_MIN; } - spi_block_min = SPI_BLOCK_MIN_VALUE(spi_id_min); - spi_blocks = SPI_BLOCKS_VALUE(spi_id_min, spi_id_max); - switch ((gicd_iidr_val & IIDR_MODEL_MASK)) { case IIDR_MODEL_ARM_GIC_600: + spi_block_min = SPI_BLOCK_MIN_VALUE(spi_id_min); + spi_blocks = SPI_BLOCKS_VALUE(spi_id_min, spi_id_max); + chipr_n_val = GICD_CHIPR_VALUE_GIC_600(chip_addr, spi_block_min, spi_blocks); break; case IIDR_MODEL_ARM_GIC_700: + /* Calculate the SPI_ID_MIN value for ESPI */ + if (spi_id_min >= GIC700_ESPI_ID_MIN) { + spi_block_min = ESPI_BLOCK_MIN_VALUE(spi_id_min); + spi_block_min += SPI_BLOCKS_VALUE(GIC700_SPI_ID_MIN, + GIC700_SPI_ID_MAX); + } else { + spi_block_min = SPI_BLOCK_MIN_VALUE(spi_id_min); + } + + /* Calculate the total number of blocks */ + spi_blocks = SPI_BLOCKS_VALUE(spi_id_min, spi_id_max); + chipr_n_val = GICD_CHIPR_VALUE_GIC_700(chip_addr, spi_block_min, spi_blocks); @@ -202,13 +215,104 @@ } /******************************************************************************* - * Intialize GIC-600 Multichip operation. + * Validates the GIC-700 Multichip data structure passed by the platform. + ******************************************************************************/ +static void gic700_multichip_validate_data( + struct gic600_multichip_data *multichip_data) +{ + unsigned int i, spi_id_min, spi_id_max, blocks_of_32; + unsigned int multichip_spi_blocks = 0U, multichip_espi_blocks = 0U; + + assert(multichip_data != NULL); + + if (multichip_data->chip_count > GIC600_MAX_MULTICHIP) { + ERROR("GIC-700 Multichip count (%u) should not exceed %u\n", + multichip_data->chip_count, GIC600_MAX_MULTICHIP); + panic(); + } + + for (i = 0U; i < multichip_data->chip_count; i++) { + spi_id_min = multichip_data->spi_ids[i][SPI_MIN_INDEX]; + spi_id_max = multichip_data->spi_ids[i][SPI_MAX_INDEX]; + + if ((spi_id_min == 0U) || (spi_id_max == 0U)) { + continue; + } + + /* MIN SPI ID check */ + if ((spi_id_min < GIC700_SPI_ID_MIN) || + ((spi_id_min >= GIC700_SPI_ID_MAX) && + (spi_id_min < GIC700_ESPI_ID_MIN))) { + ERROR("Invalid MIN SPI ID {%u} passed for " + "Chip %u\n", spi_id_min, i); + panic(); + } + + if ((spi_id_min > spi_id_max) || + ((spi_id_max - spi_id_min + 1) % 32 != 0)) { + ERROR("Unaligned SPI IDs {%u, %u} passed for " + "Chip %u\n", spi_id_min, + spi_id_max, i); + panic(); + } + + /* ESPI IDs range check */ + if ((spi_id_min >= GIC700_ESPI_ID_MIN) && + (spi_id_max > GIC700_ESPI_ID_MAX)) { + ERROR("Invalid ESPI IDs {%u, %u} passed for " + "Chip %u\n", spi_id_min, + spi_id_max, i); + panic(); + + } + + /* SPI IDs range check */ + if (((spi_id_min < GIC700_SPI_ID_MAX) && + (spi_id_max > GIC700_SPI_ID_MAX))) { + ERROR("Invalid SPI IDs {%u, %u} passed for " + "Chip %u\n", spi_id_min, + spi_id_max, i); + panic(); + } + + /* SPI IDs overlap check */ + if (spi_id_max < GIC700_SPI_ID_MAX) { + blocks_of_32 = BLOCKS_OF_32(spi_id_min, spi_id_max); + if ((multichip_spi_blocks & blocks_of_32) != 0) { + ERROR("SPI IDs of Chip %u overlapping\n", i); + panic(); + } + multichip_spi_blocks |= blocks_of_32; + } + + /* ESPI IDs overlap check */ + if (spi_id_max > GIC700_ESPI_ID_MIN) { + blocks_of_32 = BLOCKS_OF_32(spi_id_min - GIC700_ESPI_ID_MIN, + spi_id_max - GIC700_ESPI_ID_MIN); + if ((multichip_espi_blocks & blocks_of_32) != 0) { + ERROR("SPI IDs of Chip %u overlapping\n", i); + panic(); + } + multichip_espi_blocks |= blocks_of_32; + } + } +} + +/******************************************************************************* + * Intialize GIC-600 and GIC-700 Multichip operation. ******************************************************************************/ void gic600_multichip_init(struct gic600_multichip_data *multichip_data) { unsigned int i; + uint32_t gicd_iidr_val = gicd_read_iidr(multichip_data->rt_owner_base); - gic600_multichip_validate_data(multichip_data); + if ((gicd_iidr_val & IIDR_MODEL_MASK) == IIDR_MODEL_ARM_GIC_600) { + gic600_multichip_validate_data(multichip_data); + } + + if ((gicd_iidr_val & IIDR_MODEL_MASK) == IIDR_MODEL_ARM_GIC_700) { + gic700_multichip_validate_data(multichip_data); + } /* * Ensure that G0/G1S/G1NS interrupts are disabled. This also ensures
diff --git a/drivers/arm/gic/v3/gic600_multichip_private.h b/drivers/arm/gic/v3/gic600_multichip_private.h index 5d1ff6a..414bd5b 100644 --- a/drivers/arm/gic/v3/gic600_multichip_private.h +++ b/drivers/arm/gic/v3/gic600_multichip_private.h
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, ARM Limited. All rights reserved. + * Copyright (c) 2019-2022, ARM Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -41,6 +41,11 @@ #define GIC600_SPI_ID_MIN 32 #define GIC600_SPI_ID_MAX 960 +#define GIC700_SPI_ID_MIN 32 +#define GIC700_SPI_ID_MAX 991 +#define GIC700_ESPI_ID_MIN 4096 +#define GIC700_ESPI_ID_MAX 5119 + /* Number of retries for PUP update */ #define GICD_PUP_UPDATE_RETRIES 10000 @@ -53,6 +58,9 @@ #define SPI_BLOCKS_VALUE(spi_id_min, spi_id_max) \ (((spi_id_max) - (spi_id_min) + 1) / \ GIC600_SPI_ID_MIN) +#define ESPI_BLOCK_MIN_VALUE(spi_id_min) \ + (((spi_id_min) - GIC700_ESPI_ID_MIN + 1) / \ + GIC700_SPI_ID_MIN) #define GICD_CHIPR_VALUE_GIC_700(chip_addr, spi_block_min, spi_blocks) \ (((chip_addr) << GICD_CHIPRx_ADDR_SHIFT) | \ ((spi_block_min) << GIC_700_SPI_BLOCK_MIN_SHIFT) | \ @@ -66,7 +74,8 @@ * Multichip data assertion macros */ /* Set bits from 0 to ((spi_id_max + 1) / 32) */ -#define SPI_BLOCKS_TILL_MAX(spi_id_max) ((1 << (((spi_id_max) + 1) >> 5)) - 1) +#define SPI_BLOCKS_TILL_MAX(spi_id_max) \ + ((1ULL << (((spi_id_max) + 1) >> 5)) - 1) /* Set bits from 0 to (spi_id_min / 32) */ #define SPI_BLOCKS_TILL_MIN(spi_id_min) ((1 << ((spi_id_min) >> 5)) - 1) /* Set bits from (spi_id_min / 32) to ((spi_id_max + 1) / 32) */
diff --git a/drivers/arm/gic/v3/gicv3.mk b/drivers/arm/gic/v3/gicv3.mk index d7e3536..1d20ff3 100644 --- a/drivers/arm/gic/v3/gicv3.mk +++ b/drivers/arm/gic/v3/gicv3.mk
@@ -1,5 +1,5 @@ # -# Copyright (c) 2013-2020, Arm Limited and Contributors. All rights reserved. +# Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved. # Copyright (c) 2021, NVIDIA Corporation. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause @@ -12,6 +12,7 @@ GICV3_OVERRIDE_DISTIF_PWR_OPS ?= 0 GIC_ENABLE_V4_EXTN ?= 0 GIC_EXT_INTID ?= 0 +GIC600_ERRATA_WA_2384374 ?= ${GICV3_SUPPORT_GIC600} GICV3_SOURCES += drivers/arm/gic/v3/gicv3_main.c \ drivers/arm/gic/v3/gicv3_helpers.c \ @@ -47,3 +48,7 @@ # Set support for extended PPI and SPI range $(eval $(call assert_boolean,GIC_EXT_INTID)) $(eval $(call add_define,GIC_EXT_INTID)) + +# Set errata workaround for GIC600/GIC600AE +$(eval $(call assert_boolean,GIC600_ERRATA_WA_2384374)) +$(eval $(call add_define,GIC600_ERRATA_WA_2384374))
diff --git a/drivers/arm/gic/v3/gicv3_helpers.c b/drivers/arm/gic/v3/gicv3_helpers.c index 753d995..446d0ad 100644 --- a/drivers/arm/gic/v3/gicv3_helpers.c +++ b/drivers/arm/gic/v3/gicv3_helpers.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,6 +12,8 @@ #include <common/interrupt_props.h> #include <drivers/arm/gic_common.h> +#include <platform_def.h> + #include "../common/gic_common_private.h" #include "gicv3_private.h" @@ -408,3 +410,34 @@ return part_id; } + +/******************************************************************************* + * Helper function to return product ID and revision of GIC + * @gicd_base: base address of the GIC distributor + * @gic_prod_id: retrieved product id of GIC + * @gic_rev: retrieved revision of GIC + ******************************************************************************/ +void gicv3_get_component_prodid_rev(const uintptr_t gicd_base, + unsigned int *gic_prod_id, + uint8_t *gic_rev) +{ + unsigned int gicd_iidr; + uint8_t gic_variant; + + gicd_iidr = gicd_read_iidr(gicd_base); + *gic_prod_id = gicd_iidr >> IIDR_PRODUCT_ID_SHIFT; + *gic_prod_id &= IIDR_PRODUCT_ID_MASK; + + gic_variant = gicd_iidr >> IIDR_VARIANT_SHIFT; + gic_variant &= IIDR_VARIANT_MASK; + + *gic_rev = gicd_iidr >> IIDR_REV_SHIFT; + *gic_rev &= IIDR_REV_MASK; + + /* + * pack gic variant and gic_rev in 1 byte + * gic_rev = gic_variant[7:4] and gic_rev[0:3] + */ + *gic_rev = *gic_rev | gic_variant << 0x4; + +}
diff --git a/drivers/arm/gic/v3/gicv3_main.c b/drivers/arm/gic/v3/gicv3_main.c index 53a8fae..bc93f93 100644 --- a/drivers/arm/gic/v3/gicv3_main.c +++ b/drivers/arm/gic/v3/gicv3_main.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -169,6 +169,8 @@ flush_dcache_range((uintptr_t)gicv3_driver_data, sizeof(*gicv3_driver_data)); #endif + gicv3_check_erratas_applies(plat_driver_data->gicd_base); + INFO("GICv%u with%s legacy support detected.\n", gic_version, (gicv2_compat == 0U) ? "" : "out"); INFO("ARM GICv%u driver initialized in EL3\n", gic_version); @@ -362,9 +364,17 @@ /* Add DSB to ensure visibility of System register writes */ dsb(); - /* Mark the connected core as asleep */ gicr_base = gicv3_driver_data->rdistif_base_addrs[proc_num]; - assert(gicr_base != 0U); + assert(gicr_base != 0UL); + + /* + * dsb() already issued previously after clearing the CPU group + * enabled, apply below workaround to toggle the "DPG*" + * bits of GICR_CTLR register for unblocking event. + */ + gicv3_apply_errata_wa_2384374(gicr_base); + + /* Mark the connected core as asleep */ gicv3_rdistif_mark_core_asleep(gicr_base); } @@ -1085,11 +1095,12 @@ } /******************************************************************************* - * This function raises the specified Secure Group 0 SGI. + * This function raises the specified SGI of the specified group. * * The target parameter must be a valid MPIDR in the system. ******************************************************************************/ -void gicv3_raise_secure_g0_sgi(unsigned int sgi_num, u_register_t target) +void gicv3_raise_sgi(unsigned int sgi_num, gicv3_irq_group_t group, + u_register_t target) { unsigned int tgt, aff3, aff2, aff1, aff0; uint64_t sgi_val; @@ -1119,7 +1130,22 @@ * interrupt trigger are observed before raising SGI. */ dsbishst(); - write_icc_sgi0r_el1(sgi_val); + + switch (group) { + case GICV3_G0: + write_icc_sgi0r_el1(sgi_val); + break; + case GICV3_G1NS: + write_icc_asgi1r(sgi_val); + break; + case GICV3_G1S: + write_icc_sgi1r(sgi_val); + break; + default: + assert(false); + break; + } + isb(); }
diff --git a/drivers/arm/mhu/mhu_wrapper_v2_x.c b/drivers/arm/mhu/mhu_wrapper_v2_x.c index d8b7cfd..60de1d3 100644 --- a/drivers/arm/mhu/mhu_wrapper_v2_x.c +++ b/drivers/arm/mhu/mhu_wrapper_v2_x.c
@@ -300,3 +300,13 @@ return MHU_ERR_NONE; } + +size_t mhu_get_max_message_size(void) +{ + struct mhu_v2_x_dev_t *dev = &MHU1_SEH_DEV; + uint32_t num_channels = mhu_v2_x_get_num_channel_implemented(dev); + + assert(num_channels != 0); + + return num_channels * sizeof(uint32_t); +}
diff --git a/drivers/arm/rss/rss_comms.c b/drivers/arm/rss/rss_comms.c index 28a4925..5e224e1 100644 --- a/drivers/arm/rss/rss_comms.c +++ b/drivers/arm/rss/rss_comms.c
@@ -10,199 +10,144 @@ #include <common/debug.h> #include <drivers/arm/mhu.h> #include <drivers/arm/rss_comms.h> -#include <initial_attestation.h> #include <psa/client.h> +#include <rss_comms_protocol.h> -#include <platform_def.h> - -#define TYPE_OFFSET U(16) -#define TYPE_MASK (0xFFFFUL << TYPE_OFFSET) -#define IN_LEN_OFFSET U(8) -#define IN_LEN_MASK (0xFFUL << IN_LEN_OFFSET) -#define OUT_LEN_OFFSET U(0) -#define OUT_LEN_MASK (0xFFUL << OUT_LEN_OFFSET) - -#define PARAM_PACK(type, in_len, out_len) \ - (((((uint32_t)type) << TYPE_OFFSET) & TYPE_MASK) | \ - ((((uint32_t)in_len) << IN_LEN_OFFSET) & IN_LEN_MASK) | \ - ((((uint32_t)out_len) << OUT_LEN_OFFSET) & OUT_LEN_MASK)) - -#define PARAM_UNPACK_IN_LEN(ctrl_param) \ - ((size_t)(((ctrl_param) & IN_LEN_MASK) >> IN_LEN_OFFSET)) - -/* Message types */ -struct __packed packed_psa_call_t { - uint8_t protocol_ver; - uint8_t seq_num; - uint16_t client_id; - psa_handle_t handle; - uint32_t ctrl_param; /* type, in_len, out_len */ - uint16_t io_size[4]; -}; - -struct __packed packed_psa_reply_t { - uint8_t protocol_ver; - uint8_t seq_num; - uint16_t client_id; - int32_t return_val; - uint16_t out_size[4]; -}; - -/* - * In the current implementation the RoT Service request that requires the - * biggest message buffer is the RSS_ATTEST_GET_TOKEN. The maximum required - * buffer size is calculated based on the platform-specific needs of - * this request. +/* Union as message space and reply space are never used at the same time, and this saves space as + * we can overlap them. */ -#define MAX_REQUEST_PAYLOAD_SIZE (PSA_INITIAL_ATTEST_CHALLENGE_SIZE_64 \ - + PLAT_ATTEST_TOKEN_MAX_SIZE) +union __packed __attribute__((aligned(4))) rss_comms_io_buffer_t { + struct serialized_rss_comms_msg_t msg; + struct serialized_rss_comms_reply_t reply; +}; -/* Buffer to store the messages to be sent/received. */ -static uint8_t message_buf[MAX_REQUEST_PAYLOAD_SIZE] __aligned(4); - -static int32_t pack_params(const psa_invec *invecs, - size_t in_len, - uint8_t *buf, - size_t *buf_len) +static uint8_t select_protocol_version(const psa_invec *in_vec, size_t in_len, + const psa_outvec *out_vec, size_t out_len) { - uint32_t i; - size_t payload_size = 0U; - - for (i = 0U; i < in_len; ++i) { - if (invecs[i].len > *buf_len - payload_size) { - return -1; - } - memcpy(buf + payload_size, invecs[i].base, invecs[i].len); - payload_size += invecs[i].len; - } - - *buf_len = payload_size; - return 0; -} - -static int serialise_message(const struct packed_psa_call_t *msg, - const psa_invec *invecs, - uint8_t *payload_buf, - size_t *payload_len) -{ - size_t message_len = 0U; - size_t len; - - /* Copy the message header into the payload buffer. */ - len = sizeof(*msg); - if (len > *payload_len) { - ERROR("[RSS-COMMS] Message buffer too small.\n"); - return -1; - } - memcpy(payload_buf, (const void *)msg, len); - message_len += len; - - /* The input data will follow the message header in the payload buffer. */ - len = *payload_len - message_len; - if (pack_params(invecs, PARAM_UNPACK_IN_LEN(msg->ctrl_param), - payload_buf + message_len, &len) != 0) { - ERROR("[RSS-COMMS] Message buffer too small.\n"); - return -1; - } - message_len += len; - - *payload_len = message_len; - return 0; -} - -static void unpack_params(const uint8_t *buf, - psa_outvec *outvecs, - size_t out_len) -{ + size_t comms_mhu_msg_size; + size_t comms_embed_msg_min_size; + size_t comms_embed_reply_min_size; + size_t in_size_total = 0; + size_t out_size_total = 0; size_t i; + for (i = 0U; i < in_len; ++i) { + in_size_total += in_vec[i].len; + } for (i = 0U; i < out_len; ++i) { - memcpy(outvecs[i].base, buf, outvecs[i].len); - buf += outvecs[i].len; + out_size_total += out_vec[i].len; + } + + comms_mhu_msg_size = mhu_get_max_message_size(); + + comms_embed_msg_min_size = sizeof(struct serialized_rss_comms_header_t) + + sizeof(struct rss_embed_msg_t) - + PLAT_RSS_COMMS_PAYLOAD_MAX_SIZE; + + comms_embed_reply_min_size = sizeof(struct serialized_rss_comms_header_t) + + sizeof(struct rss_embed_reply_t) - + PLAT_RSS_COMMS_PAYLOAD_MAX_SIZE; + + /* Use embed if we can pack into one message and reply, else use + * pointer_access. The underlying MHU transport protocol uses a + * single uint32_t to track the length, so the amount of data that + * can be in a message is 4 bytes less than mhu_get_max_message_size + * reports. + * + * TODO tune this with real performance numbers, it's possible a + * pointer_access message is less performant than multiple embed + * messages due to ATU configuration costs to allow access to the + * pointers. + */ + if ((comms_embed_msg_min_size + in_size_total > comms_mhu_msg_size - sizeof(uint32_t)) + || (comms_embed_reply_min_size + out_size_total > comms_mhu_msg_size) - sizeof(uint32_t)) { + return RSS_COMMS_PROTOCOL_POINTER_ACCESS; + } else { + return RSS_COMMS_PROTOCOL_EMBED; } } -static void deserialise_reply(struct packed_psa_reply_t *reply, - psa_outvec *outvecs, - size_t outlen, - const uint8_t *message, - size_t message_len) -{ - uint32_t i; - - memcpy(reply, message, sizeof(*reply)); - - /* Outvecs */ - for (i = 0U; i < outlen; ++i) { - outvecs[i].len = reply->out_size[i]; - } - - unpack_params(message + sizeof(*reply), outvecs, outlen); -} - -psa_status_t psa_call(psa_handle_t handle, int32_t type, - const psa_invec *in_vec, size_t in_len, +psa_status_t psa_call(psa_handle_t handle, int32_t type, const psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len) { + /* Declared statically to avoid using huge amounts of stack space. Maybe revisit if + * functions not being reentrant becomes a problem. + */ + static union rss_comms_io_buffer_t io_buf; enum mhu_error_t err; - static uint32_t seq_num = 1U; - struct packed_psa_call_t msg = { - .protocol_ver = 0U, - .seq_num = seq_num, - /* No need to distinguish callers (currently concurrent calls are not supported). */ - .client_id = 1U, - .handle = handle, - .ctrl_param = PARAM_PACK(type, in_len, out_len), - }; + psa_status_t status; + static uint8_t seq_num = 1U; + size_t msg_size; + size_t reply_size = sizeof(io_buf.reply); + psa_status_t return_val; + size_t idx; - struct packed_psa_reply_t reply = {0}; - size_t message_size; - uint32_t i; - - /* Fill msg iovec lengths */ - for (i = 0U; i < in_len; ++i) { - msg.io_size[i] = in_vec[i].len; - } - for (i = 0U; i < out_len; ++i) { - msg.io_size[in_len + i] = out_vec[i].len; + if (type > INT16_MAX || type < INT16_MIN || in_len > PSA_MAX_IOVEC + || out_len > PSA_MAX_IOVEC) { + return PSA_ERROR_INVALID_ARGUMENT; } - message_size = sizeof(message_buf); - if (serialise_message(&msg, in_vec, message_buf, &message_size)) { - /* Local buffer is probably too small. */ - return PSA_ERROR_INSUFFICIENT_MEMORY; + io_buf.msg.header.seq_num = seq_num, + /* No need to distinguish callers (currently concurrent calls are not supported). */ + io_buf.msg.header.client_id = 1U, + io_buf.msg.header.protocol_ver = select_protocol_version(in_vec, in_len, out_vec, out_len); + + status = rss_protocol_serialize_msg(handle, type, in_vec, in_len, out_vec, + out_len, &io_buf.msg, &msg_size); + if (status != PSA_SUCCESS) { + return status; } - err = mhu_send_data(message_buf, message_size); + VERBOSE("[RSS-COMMS] Sending message\n"); + VERBOSE("protocol_ver=%u\n", io_buf.msg.header.protocol_ver); + VERBOSE("seq_num=%u\n", io_buf.msg.header.seq_num); + VERBOSE("client_id=%u\n", io_buf.msg.header.client_id); + for (idx = 0; idx < in_len; idx++) { + VERBOSE("in_vec[%lu].len=%lu\n", idx, in_vec[idx].len); + VERBOSE("in_vec[%lu].buf=%p\n", idx, (void *)in_vec[idx].base); + } + + err = mhu_send_data((uint8_t *)&io_buf.msg, msg_size); if (err != MHU_ERR_NONE) { return PSA_ERROR_COMMUNICATION_FAILURE; } - message_size = sizeof(message_buf); #if DEBUG /* * Poisoning the message buffer (with a known pattern). * Helps in detecting hypothetical RSS communication bugs. */ - memset(message_buf, 0xA5, message_size); + memset(&io_buf.msg, 0xA5, msg_size); #endif - err = mhu_receive_data(message_buf, &message_size); + + err = mhu_receive_data((uint8_t *)&io_buf.reply, &reply_size); if (err != MHU_ERR_NONE) { return PSA_ERROR_COMMUNICATION_FAILURE; } - deserialise_reply(&reply, out_vec, out_len, message_buf, message_size); + VERBOSE("[RSS-COMMS] Received reply\n"); + VERBOSE("protocol_ver=%u\n", io_buf.reply.header.protocol_ver); + VERBOSE("seq_num=%u\n", io_buf.reply.header.seq_num); + VERBOSE("client_id=%u\n", io_buf.reply.header.client_id); + + status = rss_protocol_deserialize_reply(out_vec, out_len, &return_val, + &io_buf.reply, reply_size); + if (status != PSA_SUCCESS) { + return status; + } + + VERBOSE("return_val=%d\n", return_val); + for (idx = 0U; idx < out_len; idx++) { + VERBOSE("out_vec[%lu].len=%lu\n", idx, out_vec[idx].len); + VERBOSE("out_vec[%lu].buf=%p\n", idx, (void *)out_vec[idx].base); + } + + /* Clear the MHU message buffer to remove assets from memory */ + memset(&io_buf, 0x0, sizeof(io_buf)); seq_num++; - VERBOSE("[RSS-COMMS] Received reply\n"); - VERBOSE("protocol_ver=%d\n", reply.protocol_ver); - VERBOSE("seq_num=%d\n", reply.seq_num); - VERBOSE("client_id=%d\n", reply.client_id); - VERBOSE("return_val=%d\n", reply.return_val); - VERBOSE("out_size[0]=%d\n", reply.out_size[0]); - - return reply.return_val; + return return_val; } int rss_comms_init(uintptr_t mhu_sender_base, uintptr_t mhu_receiver_base)
diff --git a/drivers/arm/rss/rss_comms.mk b/drivers/arm/rss/rss_comms.mk new file mode 100644 index 0000000..c1c994b --- /dev/null +++ b/drivers/arm/rss/rss_comms.mk
@@ -0,0 +1,22 @@ +# +# Copyright (c) 2022, Arm Limited. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause +# + +$(warning "RSS driver is an experimental feature") + +RSS_COMMS_SOURCES := $(addprefix drivers/arm/rss/, \ + rss_comms.c \ + rss_comms_protocol.c \ + rss_comms_protocol_embed.c \ + rss_comms_protocol_pointer_access.c \ + ) + +RSS_COMMS_SOURCES += $(addprefix drivers/arm/mhu/, \ + mhu_v2_x.c \ + mhu_wrapper_v2_x.c \ + ) + +PLAT_INCLUDES += -Idrivers/arm/rss \ + -Idrivers/arm/mhu
diff --git a/drivers/arm/rss/rss_comms_protocol.c b/drivers/arm/rss/rss_comms_protocol.c new file mode 100644 index 0000000..a1b1b58 --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol.c
@@ -0,0 +1,75 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include <assert.h> + +#include <common/debug.h> +#include "rss_comms_protocol.h" + +psa_status_t rss_protocol_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct serialized_rss_comms_msg_t *msg, + size_t *msg_len) +{ + psa_status_t status; + + assert(msg != NULL); + assert(msg_len != NULL); + assert(in_vec != NULL); + + switch (msg->header.protocol_ver) { + case RSS_COMMS_PROTOCOL_EMBED: + status = rss_protocol_embed_serialize_msg(handle, type, in_vec, in_len, out_vec, + out_len, &msg->msg.embed, msg_len); + if (status != PSA_SUCCESS) { + return status; + } + break; + case RSS_COMMS_PROTOCOL_POINTER_ACCESS: + status = rss_protocol_pointer_access_serialize_msg(handle, type, in_vec, in_len, + out_vec, out_len, + &msg->msg.pointer_access, + msg_len); + if (status != PSA_SUCCESS) { + return status; + } + break; + default: + return PSA_ERROR_NOT_SUPPORTED; + } + + *msg_len += sizeof(struct serialized_rss_comms_header_t); + + return PSA_SUCCESS; +} + +psa_status_t rss_protocol_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct serialized_rss_comms_reply_t *reply, + size_t reply_size) +{ + assert(reply != NULL); + assert(return_val != NULL); + + switch (reply->header.protocol_ver) { + case RSS_COMMS_PROTOCOL_EMBED: + return rss_protocol_embed_deserialize_reply(out_vec, out_len, return_val, + &reply->reply.embed, reply_size); + case RSS_COMMS_PROTOCOL_POINTER_ACCESS: + return rss_protocol_pointer_access_deserialize_reply(out_vec, out_len, return_val, + &reply->reply.pointer_access, + reply_size); + default: + return PSA_ERROR_NOT_SUPPORTED; + } + + return PSA_SUCCESS; +}
diff --git a/drivers/arm/rss/rss_comms_protocol.h b/drivers/arm/rss/rss_comms_protocol.h new file mode 100644 index 0000000..9a38057 --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol.h
@@ -0,0 +1,67 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __RSS_COMMS_PROTOCOL_H__ +#define __RSS_COMMS_PROTOCOL_H__ + +#include <cdefs.h> +#include <stdint.h> + +#include <psa/client.h> +#include "rss_comms_protocol_embed.h" +#include "rss_comms_protocol_pointer_access.h" + +enum rss_comms_protocol_version_t { + RSS_COMMS_PROTOCOL_EMBED = 0, + RSS_COMMS_PROTOCOL_POINTER_ACCESS = 1, +}; + +struct __packed serialized_rss_comms_header_t { + uint8_t protocol_ver; + uint8_t seq_num; + uint16_t client_id; +}; + +/* MHU message passed from Host to RSS to deliver a PSA client call */ +struct __packed serialized_rss_comms_msg_t { + struct serialized_rss_comms_header_t header; + union __packed { + struct rss_embed_msg_t embed; + struct rss_pointer_access_msg_t pointer_access; + } msg; +}; + +/* MHU reply message to hold the PSA client reply result returned by RSS */ +struct __packed serialized_rss_comms_reply_t { + struct serialized_rss_comms_header_t header; + union __packed { + struct rss_embed_reply_t embed; + struct rss_pointer_access_reply_t pointer_access; + } reply; +}; + +/* in_len and out_len are uint8_ts, therefore if there are more than 255 iovecs + * an error may occur. + */ +CASSERT(PSA_MAX_IOVEC <= UINT8_MAX, assert_rss_comms_max_iovec_too_large); + +psa_status_t rss_protocol_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct serialized_rss_comms_msg_t *msg, + size_t *msg_len); + +psa_status_t rss_protocol_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct serialized_rss_comms_reply_t *reply, + size_t reply_size); + +#endif /* __RSS_COMMS_PROTOCOL_H__ */
diff --git a/drivers/arm/rss/rss_comms_protocol_embed.c b/drivers/arm/rss/rss_comms_protocol_embed.c new file mode 100644 index 0000000..801b7cc --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol_embed.c
@@ -0,0 +1,91 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#include <assert.h> +#include <string.h> + +#include <common/debug.h> +#include "rss_comms_protocol_embed.h" + +#define TYPE_OFFSET (16U) +#define TYPE_MASK (0xFFFFUL << TYPE_OFFSET) +#define IN_LEN_OFFSET (8U) +#define IN_LEN_MASK (0xFFUL << IN_LEN_OFFSET) +#define OUT_LEN_OFFSET (0U) +#define OUT_LEN_MASK (0xFFUL << OUT_LEN_OFFSET) + +#define PARAM_PACK(type, in_len, out_len) \ + (((((uint32_t)type) << TYPE_OFFSET) & TYPE_MASK) | \ + ((((uint32_t)in_len) << IN_LEN_OFFSET) & IN_LEN_MASK) | \ + ((((uint32_t)out_len) << OUT_LEN_OFFSET) & OUT_LEN_MASK)) + +psa_status_t rss_protocol_embed_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct rss_embed_msg_t *msg, + size_t *msg_len) +{ + uint32_t payload_size = 0; + uint32_t i; + + assert(msg != NULL); + assert(msg_len != NULL); + assert(in_vec != NULL); + + msg->ctrl_param = PARAM_PACK(type, in_len, out_len); + msg->handle = handle; + + /* Fill msg iovec lengths */ + for (i = 0U; i < in_len; ++i) { + msg->io_size[i] = in_vec[i].len; + } + for (i = 0U; i < out_len; ++i) { + msg->io_size[in_len + i] = out_vec[i].len; + } + + for (i = 0U; i < in_len; ++i) { + if (in_vec[i].len > sizeof(msg->trailer) - payload_size) { + return PSA_ERROR_INVALID_ARGUMENT; + } + memcpy(msg->trailer + payload_size, in_vec[i].base, in_vec[i].len); + payload_size += in_vec[i].len; + } + + /* Output the actual size of the message, to optimize sending */ + *msg_len = sizeof(*msg) - sizeof(msg->trailer) + payload_size; + + return PSA_SUCCESS; +} + +psa_status_t rss_protocol_embed_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct rss_embed_reply_t *reply, + size_t reply_size) +{ + uint32_t payload_offset = 0; + uint32_t i; + + assert(reply != NULL); + assert(return_val != NULL); + + for (i = 0U; i < out_len; ++i) { + if (sizeof(reply) - sizeof(reply->trailer) + payload_offset > reply_size) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + memcpy(out_vec[i].base, reply->trailer + payload_offset, out_vec[i].len); + payload_offset += out_vec[i].len; + } + + *return_val = reply->return_val; + + return PSA_SUCCESS; +}
diff --git a/drivers/arm/rss/rss_comms_protocol_embed.h b/drivers/arm/rss/rss_comms_protocol_embed.h new file mode 100644 index 0000000..c81c795 --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol_embed.h
@@ -0,0 +1,47 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __RSS_COMMS_PROTOCOL_EMBED_H__ +#define __RSS_COMMS_PROTOCOL_EMBED_H__ + +#include <cdefs.h> + +#include <psa/client.h> + +#include <platform_def.h> + + + +struct __packed rss_embed_msg_t { + psa_handle_t handle; + uint32_t ctrl_param; /* type, in_len, out_len */ + uint16_t io_size[PSA_MAX_IOVEC]; + uint8_t trailer[PLAT_RSS_COMMS_PAYLOAD_MAX_SIZE]; +}; + +struct __packed rss_embed_reply_t { + int32_t return_val; + uint16_t out_size[PSA_MAX_IOVEC]; + uint8_t trailer[PLAT_RSS_COMMS_PAYLOAD_MAX_SIZE]; +}; + +psa_status_t rss_protocol_embed_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct rss_embed_msg_t *msg, + size_t *msg_len); + +psa_status_t rss_protocol_embed_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct rss_embed_reply_t *reply, + size_t reply_size); + +#endif /* __RSS_COMMS_PROTOCOL_EMBED_H__ */
diff --git a/drivers/arm/rss/rss_comms_protocol_pointer_access.c b/drivers/arm/rss/rss_comms_protocol_pointer_access.c new file mode 100644 index 0000000..5007b9d --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol_pointer_access.c
@@ -0,0 +1,74 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +#include <assert.h> + +#include "rss_comms_protocol_pointer_access.h" + +#define TYPE_OFFSET (16U) +#define TYPE_MASK (0xFFFFUL << TYPE_OFFSET) +#define IN_LEN_OFFSET (8U) +#define IN_LEN_MASK (0xFFUL << IN_LEN_OFFSET) +#define OUT_LEN_OFFSET (0U) +#define OUT_LEN_MASK (0xFFUL << OUT_LEN_OFFSET) + +#define PARAM_PACK(type, in_len, out_len) \ + (((((uint32_t)type) << TYPE_OFFSET) & TYPE_MASK) | \ + ((((uint32_t)in_len) << IN_LEN_OFFSET) & IN_LEN_MASK) | \ + ((((uint32_t)out_len) << OUT_LEN_OFFSET) & OUT_LEN_MASK)) + +psa_status_t rss_protocol_pointer_access_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct rss_pointer_access_msg_t *msg, + size_t *msg_len) +{ + unsigned int i; + + assert(msg != NULL); + assert(msg_len != NULL); + assert(in_vec != NULL); + + msg->ctrl_param = PARAM_PACK(type, in_len, out_len); + msg->handle = handle; + + /* Fill msg iovec lengths */ + for (i = 0U; i < in_len; ++i) { + msg->io_sizes[i] = in_vec[i].len; + msg->host_ptrs[i] = (uint64_t)in_vec[i].base; + } + for (i = 0U; i < out_len; ++i) { + msg->io_sizes[in_len + i] = out_vec[i].len; + msg->host_ptrs[in_len + i] = (uint64_t)out_vec[i].base; + } + + *msg_len = sizeof(*msg); + + return PSA_SUCCESS; +} + +psa_status_t rss_protocol_pointer_access_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct rss_pointer_access_reply_t *reply, + size_t reply_size) +{ + unsigned int i; + + assert(reply != NULL); + assert(return_val != NULL); + + for (i = 0U; i < out_len; ++i) { + out_vec[i].len = reply->out_sizes[i]; + } + + *return_val = reply->return_val; + + return PSA_SUCCESS; +}
diff --git a/drivers/arm/rss/rss_comms_protocol_pointer_access.h b/drivers/arm/rss/rss_comms_protocol_pointer_access.h new file mode 100644 index 0000000..a4d054b --- /dev/null +++ b/drivers/arm/rss/rss_comms_protocol_pointer_access.h
@@ -0,0 +1,42 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ + +#ifndef __RSS_COMMS_PROTOCOL_POINTER_ACCESS_H__ +#define __RSS_COMMS_PROTOCOL_POINTER_ACCESS_H__ + +#include <cdefs.h> + +#include <psa/client.h> + +struct __packed rss_pointer_access_msg_t { + psa_handle_t handle; + uint32_t ctrl_param; + uint32_t io_sizes[PSA_MAX_IOVEC]; + uint64_t host_ptrs[PSA_MAX_IOVEC]; +}; + +struct __packed rss_pointer_access_reply_t { + int32_t return_val; + uint32_t out_sizes[PSA_MAX_IOVEC]; +}; + +psa_status_t rss_protocol_pointer_access_serialize_msg(psa_handle_t handle, + int16_t type, + const psa_invec *in_vec, + uint8_t in_len, + const psa_outvec *out_vec, + uint8_t out_len, + struct rss_pointer_access_msg_t *msg, + size_t *msg_len); + +psa_status_t rss_protocol_pointer_access_deserialize_reply(psa_outvec *out_vec, + uint8_t out_len, + psa_status_t *return_val, + const struct rss_pointer_access_reply_t *reply, + size_t reply_size); + +#endif /* __RSS_COMMS_PROTOCOL_POINTER_ACCESS_H__ */
diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c index a99a2c7..fa9509a 100644 --- a/drivers/auth/auth_mod.c +++ b/drivers/auth/auth_mod.c
@@ -31,6 +31,7 @@ } while (0) #pragma weak plat_set_nv_ctr2 +#pragma weak plat_convert_pk static int cmp_auth_param_type_desc(const auth_param_type_desc_t *a, @@ -202,6 +203,10 @@ NOTICE("ROTPK is not deployed on platform. " "Skipping ROTPK verification.\n"); } else { + /* platform may store the hash of a prefixed, suffixed or modified pk */ + rc = plat_convert_pk(pk_ptr, pk_len, &pk_ptr, &pk_len); + return_if_error(rc); + /* Ask the crypto-module to verify the key hash */ rc = crypto_mod_verify_hash(pk_ptr, pk_len, pk_hash_ptr, pk_hash_len); @@ -301,6 +306,15 @@ return plat_set_nv_ctr(cookie, nv_ctr); } +int plat_convert_pk(void *full_pk_ptr, unsigned int full_pk_len, + void **hashed_pk_ptr, unsigned int *hashed_pk_len) +{ + *hashed_pk_ptr = full_pk_ptr; + *hashed_pk_len = full_pk_len; + + return 0; +} + /* * Return the parent id in the output parameter '*parent_id' *
diff --git a/drivers/auth/cca/cot.c b/drivers/auth/cca/cot.c new file mode 100644 index 0000000..d3f3087 --- /dev/null +++ b/drivers/auth/cca/cot.c
@@ -0,0 +1,675 @@ +/* + * Copyright (c) 2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <stddef.h> + +#include <drivers/auth/auth_mod.h> +#include MBEDTLS_CONFIG_FILE +#include <tools_share/cca_oid.h> + +#include <platform_def.h> + +/* + * Allocate static buffers to store the authentication parameters extracted from + * the certificates. + */ +static unsigned char fw_config_hash_buf[HASH_DER_LEN]; +static unsigned char tb_fw_hash_buf[HASH_DER_LEN]; +static unsigned char tb_fw_config_hash_buf[HASH_DER_LEN]; +static unsigned char hw_config_hash_buf[HASH_DER_LEN]; +static unsigned char soc_fw_hash_buf[HASH_DER_LEN]; +static unsigned char soc_fw_config_hash_buf[HASH_DER_LEN]; +static unsigned char rmm_hash_buf[HASH_DER_LEN]; + +#ifdef IMAGE_BL2 +static unsigned char nt_world_bl_hash_buf[HASH_DER_LEN]; +static unsigned char tos_fw_hash_buf[HASH_DER_LEN]; +static unsigned char tos_fw_config_hash_buf[HASH_DER_LEN]; +static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN]; +#if defined(SPD_spmd) +static unsigned char sp_pkg_hash_buf[MAX_SP_IDS][HASH_DER_LEN]; +#endif /* SPD_spmd */ + +static unsigned char core_swd_pk_buf[PK_DER_LEN]; +static unsigned char plat_pk_buf[PK_DER_LEN]; +#endif /* IMAGE_BL2 */ + +/* + * Parameter type descriptors. + */ +static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID); +static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_PUB_KEY, 0); +static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_SIG, 0); +static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_SIG_ALG, 0); +static auth_param_type_desc_t raw_data = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_RAW_DATA, 0); + +static auth_param_type_desc_t tb_fw_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, TRUSTED_BOOT_FW_HASH_OID); +static auth_param_type_desc_t tb_fw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, TRUSTED_BOOT_FW_CONFIG_HASH_OID); +static auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, HW_CONFIG_HASH_OID); +static auth_param_type_desc_t fw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, FW_CONFIG_HASH_OID); +static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID); +static auth_param_type_desc_t soc_fw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SOC_FW_CONFIG_HASH_OID); +static auth_param_type_desc_t rmm_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, RMM_HASH_OID); + +#ifdef IMAGE_BL2 +static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID); + +static auth_param_type_desc_t prot_pk = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_PUB_KEY, PROT_PK_OID); +static auth_param_type_desc_t swd_rot_pk = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_PUB_KEY, SWD_ROT_PK_OID); +static auth_param_type_desc_t core_swd_pk = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_PUB_KEY, CORE_SWD_PK_OID); +static auth_param_type_desc_t plat_pk = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_PUB_KEY, PLAT_PK_OID); + +static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID); +static auth_param_type_desc_t tos_fw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, TRUSTED_OS_FW_CONFIG_HASH_OID); +static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID); +static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID); +#if defined(SPD_spmd) +static auth_param_type_desc_t sp_pkg1_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG1_HASH_OID); +static auth_param_type_desc_t sp_pkg2_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG2_HASH_OID); +static auth_param_type_desc_t sp_pkg3_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG3_HASH_OID); +static auth_param_type_desc_t sp_pkg4_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG4_HASH_OID); +static auth_param_type_desc_t sp_pkg5_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG5_HASH_OID); +static auth_param_type_desc_t sp_pkg6_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG6_HASH_OID); +static auth_param_type_desc_t sp_pkg7_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG7_HASH_OID); +static auth_param_type_desc_t sp_pkg8_hash = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_HASH, SP_PKG8_HASH_OID); +#endif /* SPD_spmd */ +#endif /* IMAGE_BL2 */ + +/* CCA Content Certificate */ +static const auth_img_desc_t cca_content_cert = { + .img_id = CCA_CONTENT_CERT_ID, + .img_type = IMG_CERT, + .parent = NULL, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &subject_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &tb_fw_hash, + .data = { + .ptr = (void *)tb_fw_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [1] = { + .type_desc = &tb_fw_config_hash, + .data = { + .ptr = (void *)tb_fw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [2] = { + .type_desc = &fw_config_hash, + .data = { + .ptr = (void *)fw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [3] = { + .type_desc = &hw_config_hash, + .data = { + .ptr = (void *)hw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [4] = { + .type_desc = &soc_fw_hash, + .data = { + .ptr = (void *)soc_fw_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [5] = { + .type_desc = &soc_fw_config_hash, + .data = { + .ptr = (void *)soc_fw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [6] = { + .type_desc = &rmm_hash, + .data = { + .ptr = (void *)rmm_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + } + } +}; + +#ifdef IMAGE_BL1 +static const auth_img_desc_t bl2_image = { + .img_id = BL2_IMAGE_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &tb_fw_hash + } + } + } +}; + +static const auth_img_desc_t tb_fw_config = { + .img_id = TB_FW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &tb_fw_config_hash + } + } + } +}; + +static const auth_img_desc_t fw_config = { + .img_id = FW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &fw_config_hash + } + } + } +}; +#endif /* IMAGE_BL1 */ + +#ifdef IMAGE_BL2 +/* HW Config */ +static const auth_img_desc_t hw_config = { + .img_id = HW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &hw_config_hash + } + } + } +}; + +/* BL31 */ +static const auth_img_desc_t bl31_image = { + .img_id = BL31_IMAGE_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &soc_fw_hash + } + } + } +}; + +/* BL31 Config */ +static const auth_img_desc_t soc_fw_config = { + .img_id = SOC_FW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &soc_fw_config_hash + } + } + } +}; + +/* RMM */ +static const auth_img_desc_t rmm_image = { + .img_id = RMM_IMAGE_ID, + .img_type = IMG_RAW, + .parent = &cca_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &rmm_hash + } + } + } +}; + +/* Core SWD Key Certificate */ +static const auth_img_desc_t core_swd_key_cert = { + .img_id = CORE_SWD_KEY_CERT_ID, + .img_type = IMG_CERT, + .parent = NULL, /* SWD ROOT CERT */ + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &swd_rot_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &core_swd_pk, + .data = { + .ptr = (void *)core_swd_pk_buf, + .len = (unsigned int)PK_DER_LEN + } + } + } +}; + +/* SPMC Content Certificate */ +static const auth_img_desc_t trusted_os_fw_content_cert = { + .img_id = TRUSTED_OS_FW_CONTENT_CERT_ID, + .img_type = IMG_CERT, + .parent = &core_swd_key_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &core_swd_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &tos_fw_hash, + .data = { + .ptr = (void *)tos_fw_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [1] = { + .type_desc = &tos_fw_config_hash, + .data = { + .ptr = (void *)tos_fw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + } + } +}; + +/* SPMC */ +static const auth_img_desc_t bl32_image = { + .img_id = BL32_IMAGE_ID, + .img_type = IMG_RAW, + .parent = &trusted_os_fw_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &tos_fw_hash + } + } + } +}; + +/* SPM Config */ +static const auth_img_desc_t tos_fw_config = { + .img_id = TOS_FW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &trusted_os_fw_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &tos_fw_config_hash + } + } + } +}; + +/* Platform Key Certificate */ +static const auth_img_desc_t plat_key_cert = { + .img_id = PLAT_KEY_CERT_ID, + .img_type = IMG_CERT, + .parent = NULL, /* PLATFORM ROOT CERT */ + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &prot_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &non_trusted_nv_ctr, + .plat_nv_ctr = &non_trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &plat_pk, + .data = { + .ptr = (void *)plat_pk_buf, + .len = (unsigned int)PK_DER_LEN + } + } + } +}; + +/* Non-Trusted Firmware */ +static const auth_img_desc_t non_trusted_fw_content_cert = { + .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID, + .img_type = IMG_CERT, + .parent = &plat_key_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &plat_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &non_trusted_nv_ctr, + .plat_nv_ctr = &non_trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &nt_world_bl_hash, + .data = { + .ptr = (void *)nt_world_bl_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + }, + [1] = { + .type_desc = &nt_fw_config_hash, + .data = { + .ptr = (void *)nt_fw_config_hash_buf, + .len = (unsigned int)HASH_DER_LEN + } + } + } +}; + +static const auth_img_desc_t bl33_image = { + .img_id = BL33_IMAGE_ID, + .img_type = IMG_RAW, + .parent = &non_trusted_fw_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &nt_world_bl_hash + } + } + } +}; + +/* NT FW Config */ +static const auth_img_desc_t nt_fw_config = { + .img_id = NT_FW_CONFIG_ID, + .img_type = IMG_RAW, + .parent = &non_trusted_fw_content_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_HASH, + .param.hash = { + .data = &raw_data, + .hash = &nt_fw_config_hash + } + } + } +}; + +/* + * Secure Partitions + */ +#if defined(SPD_spmd) +static const auth_img_desc_t sip_sp_content_cert = { + .img_id = SIP_SP_CONTENT_CERT_ID, + .img_type = IMG_CERT, + .parent = &core_swd_key_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &core_swd_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &sp_pkg1_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[0], + .len = (unsigned int)HASH_DER_LEN + } + }, + [1] = { + .type_desc = &sp_pkg2_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[1], + .len = (unsigned int)HASH_DER_LEN + } + }, + [2] = { + .type_desc = &sp_pkg3_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[2], + .len = (unsigned int)HASH_DER_LEN + } + }, + [3] = { + .type_desc = &sp_pkg4_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[3], + .len = (unsigned int)HASH_DER_LEN + } + } + } +}; + +DEFINE_SIP_SP_PKG(1); +DEFINE_SIP_SP_PKG(2); +DEFINE_SIP_SP_PKG(3); +DEFINE_SIP_SP_PKG(4); + +static const auth_img_desc_t plat_sp_content_cert = { + .img_id = PLAT_SP_CONTENT_CERT_ID, + .img_type = IMG_CERT, + .parent = &plat_key_cert, + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { + [0] = { + .type = AUTH_METHOD_SIG, + .param.sig = { + .pk = &plat_pk, + .sig = &sig, + .alg = &sig_alg, + .data = &raw_data + } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &non_trusted_nv_ctr, + .plat_nv_ctr = &non_trusted_nv_ctr + } + } + }, + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { + [0] = { + .type_desc = &sp_pkg5_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[4], + .len = (unsigned int)HASH_DER_LEN + } + }, + [1] = { + .type_desc = &sp_pkg6_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[5], + .len = (unsigned int)HASH_DER_LEN + } + }, + [2] = { + .type_desc = &sp_pkg7_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[6], + .len = (unsigned int)HASH_DER_LEN + } + }, + [3] = { + .type_desc = &sp_pkg8_hash, + .data = { + .ptr = (void *)sp_pkg_hash_buf[7], + .len = (unsigned int)HASH_DER_LEN + } + } + } +}; + +DEFINE_PLAT_SP_PKG(5); +DEFINE_PLAT_SP_PKG(6); +DEFINE_PLAT_SP_PKG(7); +DEFINE_PLAT_SP_PKG(8); +#endif /* SPD_spmd */ +#endif /* IMAGE_BL2 */ +/* + * Chain of trust definition + */ +#ifdef IMAGE_BL1 +static const auth_img_desc_t * const cot_desc[] = { + [CCA_CONTENT_CERT_ID] = &cca_content_cert, + [BL2_IMAGE_ID] = &bl2_image, + [TB_FW_CONFIG_ID] = &tb_fw_config, + [FW_CONFIG_ID] = &fw_config, +}; +#else /* IMAGE_BL2 */ +static const auth_img_desc_t * const cot_desc[] = { + [CCA_CONTENT_CERT_ID] = &cca_content_cert, + [HW_CONFIG_ID] = &hw_config, + [BL31_IMAGE_ID] = &bl31_image, + [SOC_FW_CONFIG_ID] = &soc_fw_config, + [RMM_IMAGE_ID] = &rmm_image, + [CORE_SWD_KEY_CERT_ID] = &core_swd_key_cert, + [TRUSTED_OS_FW_CONTENT_CERT_ID] = &trusted_os_fw_content_cert, + [BL32_IMAGE_ID] = &bl32_image, + [TOS_FW_CONFIG_ID] = &tos_fw_config, + [PLAT_KEY_CERT_ID] = &plat_key_cert, + [NON_TRUSTED_FW_CONTENT_CERT_ID] = &non_trusted_fw_content_cert, + [BL33_IMAGE_ID] = &bl33_image, + [NT_FW_CONFIG_ID] = &nt_fw_config, +#if defined(SPD_spmd) + [SIP_SP_CONTENT_CERT_ID] = &sip_sp_content_cert, + [PLAT_SP_CONTENT_CERT_ID] = &plat_sp_content_cert, + [SP_PKG1_ID] = &sp_pkg1, + [SP_PKG2_ID] = &sp_pkg2, + [SP_PKG3_ID] = &sp_pkg3, + [SP_PKG4_ID] = &sp_pkg4, + [SP_PKG5_ID] = &sp_pkg5, + [SP_PKG6_ID] = &sp_pkg6, + [SP_PKG7_ID] = &sp_pkg7, + [SP_PKG8_ID] = &sp_pkg8, +#endif +}; +#endif /* IMAGE_BL1 */ + +/* Register the CoT in the authentication module */ +REGISTER_COT(cot_desc);
diff --git a/drivers/auth/crypto_mod.c b/drivers/auth/crypto_mod.c index eada357..fa1adb4 100644 --- a/drivers/auth/crypto_mod.c +++ b/drivers/auth/crypto_mod.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2021, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -46,19 +46,26 @@ { assert(crypto_lib_desc.name != NULL); assert(crypto_lib_desc.init != NULL); -#if TRUSTED_BOARD_BOOT +#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC assert(crypto_lib_desc.verify_signature != NULL); assert(crypto_lib_desc.verify_hash != NULL); -#endif /* TRUSTED_BOARD_BOOT */ -#if MEASURED_BOOT +#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ + +#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC assert(crypto_lib_desc.calc_hash != NULL); -#endif /* MEASURED_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ /* Initialize the cryptographic library */ crypto_lib_desc.init(); INFO("Using crypto library '%s'\n", crypto_lib_desc.name); } +#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC /* * Function to verify a digital signature * @@ -108,8 +115,11 @@ return crypto_lib_desc.verify_hash(data_ptr, data_len, digest_info_ptr, digest_info_len); } +#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ -#if MEASURED_BOOT +#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC /* * Calculate a hash * @@ -129,7 +139,8 @@ return crypto_lib_desc.calc_hash(alg, data_ptr, data_len, output); } -#endif /* MEASURED_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ /* * Authenticated decryption of data
diff --git a/drivers/auth/cryptocell/713/cryptocell_crypto.c b/drivers/auth/cryptocell/713/cryptocell_crypto.c index 077317e..3ac16af 100644 --- a/drivers/auth/cryptocell/713/cryptocell_crypto.c +++ b/drivers/auth/cryptocell/713/cryptocell_crypto.c
@@ -8,6 +8,8 @@ #include <stddef.h> #include <string.h> +#include <platform_def.h> + #include <drivers/arm/cryptocell/713/bsv_api.h> #include <drivers/arm/cryptocell/713/bsv_crypto_asym_api.h> #include <drivers/auth/crypto_mod.h>
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index 3eb4161..16ce65f 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -97,18 +97,6 @@ TF_MBEDTLS_USE_AES_GCM := 0 endif -ifeq ($(MEASURED_BOOT),1) - ifeq (${TPM_HASH_ALG}, sha256) - TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA256 - else ifeq (${TPM_HASH_ALG}, sha384) - TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA384 - else ifeq (${TPM_HASH_ALG}, sha512) - TF_MBEDTLS_TPM_HASH_ALG_ID := TF_MBEDTLS_SHA512 - else - $(error "TPM_HASH_ALG not defined.") - endif -endif - # Needs to be set to drive mbed TLS configuration correctly $(eval $(call add_defines,\ $(sort \ @@ -118,10 +106,6 @@ TF_MBEDTLS_USE_AES_GCM \ ))) -ifeq ($(MEASURED_BOOT),1) - $(eval $(call add_define,TF_MBEDTLS_TPM_HASH_ALG_ID)) -endif - $(eval $(call MAKE_LIB,mbedtls)) endif
diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c index 0901d04..d231179 100644 --- a/drivers/auth/mbedtls/mbedtls_crypto.c +++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@@ -24,7 +24,8 @@ #define LIB_NAME "mbed TLS" -#if MEASURED_BOOT +#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC /* * CRYPTO_MD_MAX_SIZE value is as per current stronger algorithm available * so make sure that mbed TLS MD maximum size must be lesser than this. @@ -32,7 +33,8 @@ CASSERT(CRYPTO_MD_MAX_SIZE >= MBEDTLS_MD_MAX_SIZE, assert_mbedtls_md_size_overflow); -#endif /* MEASURED_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ /* * AlgorithmIdentifier ::= SEQUENCE { @@ -60,7 +62,8 @@ mbedtls_init(); } -#if TRUSTED_BOARD_BOOT +#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC /* * Verify a signature. * @@ -219,9 +222,11 @@ return CRYPTO_SUCCESS; } -#endif /* TRUSTED_BOARD_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ -#if MEASURED_BOOT +#if CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ +CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC /* * Map a generic crypto message digest algorithm to the corresponding macro used * by Mbed TLS. @@ -264,7 +269,8 @@ */ return mbedtls_md(md_info, data_ptr, data_len, output); } -#endif /* MEASURED_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY || \ + CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */ #if TF_MBEDTLS_USE_AES_GCM /* @@ -368,7 +374,7 @@ /* * Register crypto library descriptor */ -#if MEASURED_BOOT && TRUSTED_BOARD_BOOT +#if CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC #if TF_MBEDTLS_USE_AES_GCM REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash, auth_decrypt); @@ -376,13 +382,13 @@ REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash, NULL); #endif -#elif TRUSTED_BOARD_BOOT +#elif CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY #if TF_MBEDTLS_USE_AES_GCM REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, auth_decrypt); #else REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, NULL); #endif -#elif MEASURED_BOOT +#elif CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY REGISTER_CRYPTO_LIB(LIB_NAME, init, calc_hash); -#endif /* MEASURED_BOOT && TRUSTED_BOARD_BOOT */ +#endif /* CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC */
diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c index 129566b..993ef12 100644 --- a/drivers/auth/mbedtls/mbedtls_x509_parser.c +++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -114,10 +114,10 @@ oid_len = mbedtls_oid_get_numeric_string(oid_str, MAX_OID_STR_LEN, &extn_oid); - if (oid_len == MBEDTLS_ERR_OID_BUF_TOO_SMALL) { + if ((oid_len == MBEDTLS_ERR_OID_BUF_TOO_SMALL) || (oid_len < 0)) { return IMG_PARSER_ERR; } - if ((oid_len == strlen(oid_str)) && !strcmp(oid, oid_str)) { + if (((size_t)oid_len == strlen(oid_str)) && !strcmp(oid, oid_str)) { *ext = (void *)p; *ext_len = (unsigned int)len; return IMG_PARSER_OK;
diff --git a/drivers/console/multi_console.c b/drivers/console/multi_console.c index 08b8e9f..e3fb749 100644 --- a/drivers/console/multi_console.c +++ b/drivers/console/multi_console.c
@@ -5,6 +5,8 @@ */ #include <assert.h> +#include <stddef.h> +#include <stdlib.h> #include <drivers/console.h> @@ -95,10 +97,17 @@ if ((err == ERROR_NO_VALID_CONSOLE) || (ret < err)) err = ret; } - return err; } +int putchar(int c) +{ + if (console_putc(c) == 0) + return c; + else + return EOF; +} + int console_getc(void) { int err = ERROR_NO_VALID_CONSOLE;
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c index 792f235..d661c35 100644 --- a/drivers/measured_boot/event_log/event_log.c +++ b/drivers/measured_boot/event_log/event_log.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2020-2021, Arm Limited. All rights reserved. + * Copyright (c) 2020-2022, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -84,23 +84,26 @@ * Record a measurement as a TCG_PCR_EVENT2 event * * @param[in] hash Pointer to hash data of TCG_DIGEST_SIZE bytes + * @param[in] event_type Type of Event, Various Event Types are + * mentioned in tcg.h header * @param[in] metadata_ptr Pointer to event_log_metadata_t structure * * There must be room for storing this new event into the event log buffer. */ -static void event_log_record(const uint8_t *hash, - const event_log_metadata_t *metadata_ptr) +void event_log_record(const uint8_t *hash, uint32_t event_type, + const event_log_metadata_t *metadata_ptr) { void *ptr = log_ptr; - uint32_t name_len; + uint32_t name_len = 0U; assert(hash != NULL); assert(metadata_ptr != NULL); - assert(metadata_ptr->name != NULL); - /* event_log_init() must have been called prior to this. */ + /* event_log_buf_init() must have been called prior to this. */ assert(log_ptr != NULL); - name_len = (uint32_t)strlen(metadata_ptr->name) + 1U; + if (metadata_ptr->name != NULL) { + name_len = (uint32_t)strlen(metadata_ptr->name) + 1U; + } /* Check for space in Event Log buffer */ assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) < @@ -115,7 +118,7 @@ ((event2_header_t *)ptr)->pcr_index = metadata_ptr->pcr; /* TCG_PCR_EVENT2.EventType */ - ((event2_header_t *)ptr)->event_type = EV_POST_CODE; + ((event2_header_t *)ptr)->event_type = event_type; /* TCG_PCR_EVENT2.Digests.Count */ ptr = (uint8_t *)ptr + offsetof(event2_header_t, digests); @@ -139,14 +142,25 @@ ((event2_data_t *)ptr)->event_size = name_len; /* Copy event data to TCG_PCR_EVENT2.Event */ - (void)memcpy((void *)(((event2_data_t *)ptr)->event), - (const void *)metadata_ptr->name, name_len); + if (metadata_ptr->name != NULL) { + (void)memcpy((void *)(((event2_data_t *)ptr)->event), + (const void *)metadata_ptr->name, name_len); + } /* End of event data */ log_ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event) + name_len); } +void event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish) +{ + assert(event_log_start != NULL); + assert(event_log_finish > event_log_start); + + log_ptr = event_log_start; + log_end = (uintptr_t)event_log_finish; +} + /* * Initialise Event Log global variables, used during the recording * of various payload measurements into the Event Log buffer @@ -158,28 +172,20 @@ */ void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish) { - assert(event_log_start != NULL); - assert(event_log_finish > event_log_start); - - log_ptr = event_log_start; - log_end = (uintptr_t)event_log_finish; + event_log_buf_init(event_log_start, event_log_finish); /* Get pointer to platform's event_log_metadata_t structure */ plat_metadata_ptr = plat_event_log_get_metadata(); assert(plat_metadata_ptr != NULL); } -/* - * Initialises Event Log by writing Specification ID and - * Startup Locality events - */ -void event_log_write_header(void) +void event_log_write_specid_event(void) { - const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE; void *ptr = log_ptr; - /* event_log_init() must have been called prior to this. */ + /* event_log_buf_init() must have been called prior to this. */ assert(log_ptr != NULL); + assert(((uintptr_t)log_ptr + ID_EVENT_SIZE) < log_end); /* * Add Specification ID Event first @@ -200,8 +206,23 @@ * No vendor data */ ((id_event_struct_data_t *)ptr)->vendor_info_size = 0; - ptr = (uint8_t *)((uintptr_t)ptr + + log_ptr = (uint8_t *)((uintptr_t)ptr + offsetof(id_event_struct_data_t, vendor_info)); +} + +/* + * Initialises Event Log by writing Specification ID and + * Startup Locality events + */ +void event_log_write_header(void) +{ + const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE; + void *ptr; + + event_log_write_specid_event(); + + ptr = log_ptr; + assert(((uintptr_t)log_ptr + LOC_EVENT_SIZE) < log_end); /* * The Startup Locality event should be placed in the log before @@ -219,7 +240,7 @@ ((tpmt_ha *)ptr)->algorithm_id = TPM_ALG_ID; /* TCG_PCR_EVENT2.Digests[].Digest[] */ - (void)memset(&((tpmt_ha *)ptr)->digest, 0, TPM_ALG_ID); + (void)memset(&((tpmt_ha *)ptr)->digest, 0, TCG_DIGEST_SIZE); ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest) + TCG_DIGEST_SIZE); @@ -240,6 +261,14 @@ log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t)); } +int event_log_measure(uintptr_t data_base, uint32_t data_size, + unsigned char hash_data[CRYPTO_MD_MAX_SIZE]) +{ + /* Calculate hash */ + return crypto_mod_calc_hash(CRYPTO_MD_ID, + (void *)data_base, data_size, hash_data); +} + /* * Calculate and write hash of image, configuration data, etc. * to Event Log. @@ -265,14 +294,13 @@ } assert(metadata_ptr->id != EVLOG_INVALID_ID); - /* Calculate hash */ - rc = crypto_mod_calc_hash(CRYPTO_MD_ID, - (void *)data_base, data_size, hash_data); + /* Measure the payload with algorithm selected by EventLog driver */ + rc = event_log_measure(data_base, data_size, hash_data); if (rc != 0) { return rc; } - event_log_record(hash_data, metadata_ptr); + event_log_record(hash_data, EV_POST_CODE, metadata_ptr); return 0; }
diff --git a/drivers/measured_boot/event_log/event_log.mk b/drivers/measured_boot/event_log/event_log.mk index 1ff4aa8..5ea4c55 100644 --- a/drivers/measured_boot/event_log/event_log.mk +++ b/drivers/measured_boot/event_log/event_log.mk
@@ -7,20 +7,25 @@ # Default log level to dump the event log (LOG_LEVEL_INFO) EVENT_LOG_LEVEL ?= 40 -# TPM hash algorithm. +# Measured Boot hash algorithm. # SHA-256 (or stronger) is required for all devices that are TPM 2.0 compliant. -TPM_HASH_ALG := sha256 +ifdef TPM_HASH_ALG + $(warning "TPM_HASH_ALG is deprecated. Please use MBOOT_EL_HASH_ALG instead.") + MBOOT_EL_HASH_ALG := ${TPM_HASH_ALG} +else + MBOOT_EL_HASH_ALG := sha256 +endif -ifeq (${TPM_HASH_ALG}, sha512) +ifeq (${MBOOT_EL_HASH_ALG}, sha512) TPM_ALG_ID := TPM_ALG_SHA512 TCG_DIGEST_SIZE := 64U -else ifeq (${TPM_HASH_ALG}, sha384) +else ifeq (${MBOOT_EL_HASH_ALG}, sha384) TPM_ALG_ID := TPM_ALG_SHA384 TCG_DIGEST_SIZE := 48U else TPM_ALG_ID := TPM_ALG_SHA256 TCG_DIGEST_SIZE := 32U -endif #TPM_HASH_ALG +endif #MBOOT_EL_HASH_ALG # Set definitions for Measured Boot driver. $(eval $(call add_defines,\
diff --git a/drivers/measured_boot/rss/rss_measured_boot.c b/drivers/measured_boot/rss/rss_measured_boot.c index fe2baf0..cf545a7 100644 --- a/drivers/measured_boot/rss/rss_measured_boot.c +++ b/drivers/measured_boot/rss/rss_measured_boot.c
@@ -5,6 +5,7 @@ */ #include <assert.h> #include <stdint.h> +#include <string.h> #include <common/debug.h> #include <drivers/auth/crypto_mod.h> @@ -40,10 +41,21 @@ /* At this point it is expected that communication channel over MHU * is already initialised by platform init. */ + struct rss_mboot_metadata *metadata_ptr; /* Get pointer to platform's struct rss_mboot_metadata structure */ plat_metadata_ptr = plat_rss_mboot_get_metadata(); assert(plat_metadata_ptr != NULL); + + /* Use a local variable to preserve the value of the global pointer */ + metadata_ptr = plat_metadata_ptr; + + /* Init the non-const members of the metadata structure */ + while (metadata_ptr->id != RSS_MBOOT_INVALID_ID) { + metadata_ptr->sw_type_size = + strlen((const char *)&metadata_ptr->sw_type) + 1; + metadata_ptr++; + } } int rss_mboot_measure_and_record(uintptr_t data_base, uint32_t data_size,
diff --git a/drivers/measured_boot/rss/rss_measured_boot.mk b/drivers/measured_boot/rss/rss_measured_boot.mk index 01545af..18ee836 100644 --- a/drivers/measured_boot/rss/rss_measured_boot.mk +++ b/drivers/measured_boot/rss/rss_measured_boot.mk
@@ -6,21 +6,18 @@ # Hash algorithm for measured boot # SHA-256 (or stronger) is required. -# TODO: The measurement algorithm incorrectly suggests that the TPM backend -# is used which may not be the case. It is currently being worked on and -# soon TPM_HASH_ALG will be replaced by a more generic name. -TPM_HASH_ALG := sha256 +MBOOT_RSS_HASH_ALG := sha256 -ifeq (${TPM_HASH_ALG}, sha512) +ifeq (${MBOOT_RSS_HASH_ALG}, sha512) MBOOT_ALG_ID := MBOOT_ALG_SHA512 MBOOT_DIGEST_SIZE := 64U -else ifeq (${TPM_HASH_ALG}, sha384) +else ifeq (${MBOOT_RSS_HASH_ALG}, sha384) MBOOT_ALG_ID := MBOOT_ALG_SHA384 MBOOT_DIGEST_SIZE := 48U else MBOOT_ALG_ID := MBOOT_ALG_SHA256 MBOOT_DIGEST_SIZE := 32U -endif #TPM_HASH_ALG +endif #MBOOT_RSS_HASH_ALG # Set definitions for Measured Boot driver. $(eval $(call add_defines,\
diff --git a/drivers/mmc/mmc.c b/drivers/mmc/mmc.c index c327e71..8e83464 100644 --- a/drivers/mmc/mmc.c +++ b/drivers/mmc/mmc.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2021, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2018-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -16,6 +16,7 @@ #include <drivers/delay_timer.h> #include <drivers/mmc.h> #include <lib/utils.h> +#include <plat/common/common_def.h> #define MMC_DEFAULT_MAX_RETRIES 5 #define SEND_OP_COND_MAX_RETRIES 100 @@ -25,6 +26,7 @@ static const struct mmc_ops *ops; static unsigned int mmc_ocr_value; static struct mmc_csd_emmc mmc_csd; +static struct sd_switch_status sd_switch_func_status; static unsigned char mmc_ext_csd[512] __aligned(16); static unsigned int mmc_flags; static struct mmc_device_info *mmc_dev_info; @@ -44,6 +46,11 @@ return ((mmc_flags & MMC_FLAG_CMD23) != 0U); } +static bool is_sd_cmd6_enabled(void) +{ + return ((mmc_flags & MMC_FLAG_SD_CMD6) != 0U); +} + static int mmc_send_cmd(unsigned int idx, unsigned int arg, unsigned int r_type, unsigned int *r_data) { @@ -357,6 +364,33 @@ return 0; } +static int sd_switch(unsigned int mode, unsigned char group, + unsigned char func) +{ + unsigned int group_shift = (group - 1U) * 4U; + unsigned int group_mask = GENMASK(group_shift + 3U, group_shift); + unsigned int arg; + int ret; + + ret = ops->prepare(0, (uintptr_t)&sd_switch_func_status, + sizeof(sd_switch_func_status)); + if (ret != 0) { + return ret; + } + + /* MMC CMD6: SWITCH_FUNC */ + arg = mode | SD_SWITCH_ALL_GROUPS_MASK; + arg &= ~group_mask; + arg |= func << group_shift; + ret = mmc_send_cmd(MMC_CMD(6), arg, MMC_RESPONSE_R1, NULL); + if (ret != 0) { + return ret; + } + + return ops->read(0, (uintptr_t)&sd_switch_func_status, + sizeof(sd_switch_func_status)); +} + static int sd_send_op_cond(void) { int n; @@ -524,7 +558,39 @@ return ret; } - return mmc_fill_device_info(); + ret = mmc_fill_device_info(); + if (ret != 0) { + return ret; + } + + if (is_sd_cmd6_enabled() && + (mmc_dev_info->mmc_dev_type == MMC_IS_SD_HC)) { + /* Try to switch to High Speed Mode */ + ret = sd_switch(SD_SWITCH_FUNC_CHECK, 1U, 1U); + if (ret != 0) { + return ret; + } + + if ((sd_switch_func_status.support_g1 & BIT(9)) == 0U) { + /* High speed not supported, keep default speed */ + return 0; + } + + ret = sd_switch(SD_SWITCH_FUNC_SWITCH, 1U, 1U); + if (ret != 0) { + return ret; + } + + if ((sd_switch_func_status.sel_g2_g1 & 0x1U) == 0U) { + /* Cannot switch to high speed, keep default speed */ + return 0; + } + + mmc_dev_info->max_bus_freq = 50000000U; + ret = ops->set_ios(clk, bus_width); + } + + return ret; } size_t mmc_read_blocks(int lba, uintptr_t buf, size_t size) @@ -694,52 +760,6 @@ return size; } -static inline void mmc_rpmb_enable(void) -{ - mmc_set_ext_csd(CMD_EXTCSD_PARTITION_CONFIG, - PART_CFG_BOOT_PARTITION1_ENABLE | - PART_CFG_BOOT_PARTITION1_ACCESS); -} - -static inline void mmc_rpmb_disable(void) -{ - mmc_set_ext_csd(CMD_EXTCSD_PARTITION_CONFIG, - PART_CFG_BOOT_PARTITION1_ENABLE); -} - -size_t mmc_rpmb_read_blocks(int lba, uintptr_t buf, size_t size) -{ - size_t size_read; - - mmc_rpmb_enable(); - size_read = mmc_read_blocks(lba, buf, size); - mmc_rpmb_disable(); - - return size_read; -} - -size_t mmc_rpmb_write_blocks(int lba, const uintptr_t buf, size_t size) -{ - size_t size_written; - - mmc_rpmb_enable(); - size_written = mmc_write_blocks(lba, buf, size); - mmc_rpmb_disable(); - - return size_written; -} - -size_t mmc_rpmb_erase_blocks(int lba, size_t size) -{ - size_t size_erased; - - mmc_rpmb_enable(); - size_erased = mmc_erase_blocks(lba, size); - mmc_rpmb_disable(); - - return size_erased; -} - static int mmc_part_switch(unsigned int part_type) { uint8_t part_config = mmc_ext_csd[CMD_EXTCSD_PARTITION_CONFIG]; @@ -755,29 +775,56 @@ return PART_CFG_CURRENT_BOOT_PARTITION(mmc_ext_csd[CMD_EXTCSD_PARTITION_CONFIG]); } -size_t mmc_boot_part_read_blocks(int lba, uintptr_t buf, size_t size) +int mmc_part_switch_current_boot(void) { - size_t size_read; - int ret; unsigned char current_boot_part = mmc_current_boot_part(); + int ret; if (current_boot_part != 1U && current_boot_part != 2U) { ERROR("Got unexpected value for active boot partition, %u\n", current_boot_part); - return 0; + return -EIO; } ret = mmc_part_switch(current_boot_part); if (ret < 0) { ERROR("Failed to switch to boot partition, %d\n", ret); + } + + return ret; +} + +int mmc_part_switch_user(void) +{ + int ret; + + ret = mmc_part_switch(PART_CFG_BOOT_PARTITION_NO_ACCESS); + if (ret < 0) { + ERROR("Failed to switch to user partition, %d\n", ret); + } + + return ret; +} + +size_t mmc_boot_part_size(void) +{ + return mmc_ext_csd[CMD_EXTCSD_BOOT_SIZE_MULT] * SZ_128K; +} + +size_t mmc_boot_part_read_blocks(int lba, uintptr_t buf, size_t size) +{ + size_t size_read; + int ret; + + ret = mmc_part_switch_current_boot(); + if (ret < 0) { return 0; } size_read = mmc_read_blocks(lba, buf, size); - ret = mmc_part_switch(0); + ret = mmc_part_switch_user(); if (ret < 0) { - ERROR("Failed to switch back to user partition, %d\n", ret); return 0; }
diff --git a/drivers/mtd/nand/core.c b/drivers/mtd/nand/core.c index 9f0331a..6ef2256 100644 --- a/drivers/mtd/nand/core.c +++ b/drivers/mtd/nand/core.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2019-2021, STMicroelectronics - All Rights Reserved + * Copyright (c) 2019-2022, STMicroelectronics - All Rights Reserved * * SPDX-License-Identifier: BSD-3-Clause */ @@ -8,18 +8,29 @@ #include <errno.h> #include <stddef.h> -#include <platform_def.h> - #include <common/debug.h> #include <drivers/delay_timer.h> #include <drivers/nand.h> #include <lib/utils.h> +#include <platform_def.h> + /* * Define a single nand_device used by specific NAND frameworks. */ static struct nand_device nand_dev; -static uint8_t scratch_buff[PLATFORM_MTD_MAX_PAGE_SIZE]; + +#pragma weak plat_get_scratch_buffer +void plat_get_scratch_buffer(void **buffer_addr, size_t *buf_size) +{ + static uint8_t scratch_buff[PLATFORM_MTD_MAX_PAGE_SIZE]; + + assert(buffer_addr != NULL); + assert(buf_size != NULL); + + *buffer_addr = (void *)scratch_buff; + *buf_size = sizeof(scratch_buff); +} int nand_read(unsigned int offset, uintptr_t buffer, size_t length, size_t *length_read) @@ -34,6 +45,12 @@ unsigned int bytes_read; int is_bad; int ret; + uint8_t *scratch_buff; + size_t scratch_buff_size; + + plat_get_scratch_buffer((void **)&scratch_buff, &scratch_buff_size); + + assert(scratch_buff != NULL); VERBOSE("Block %u - %u, page_start %u, nb %u, length %zu, offset %u\n", block, end_block, page_start, nb_pages, length, offset); @@ -41,7 +58,7 @@ *length_read = 0UL; if (((start_offset != 0U) || (length % nand_dev.page_size) != 0U) && - (sizeof(scratch_buff) < nand_dev.page_size)) { + (scratch_buff_size < nand_dev.page_size)) { return -EINVAL; }
diff --git a/drivers/nxp/ddr/phy-gen2/phy.c b/drivers/nxp/ddr/phy-gen2/phy.c index c8245a8..9e52145 100644 --- a/drivers/nxp/ddr/phy-gen2/phy.c +++ b/drivers/nxp/ddr/phy-gen2/phy.c
@@ -2216,14 +2216,6 @@ size = PHY_GEN2_MAX_IMAGE_SIZE; image_buf = (uintptr_t)phy_gen2_fw_img_buf; - ret = mmap_add_dynamic_region(phy_gen2_fw_img_buf, - phy_gen2_fw_img_buf, - PHY_GEN2_MAX_IMAGE_SIZE, - MT_MEMORY | MT_RW | MT_SECURE); - if (ret != 0) { - ERROR("Failed to add dynamic memory region.\n"); - return ret; - } ret = img_loadr(imem_id, &image_buf, &size); if (ret != 0) { ERROR("Failed to load %d firmware.\n", imem_id); @@ -2592,6 +2584,15 @@ } } else { #endif + /* Mapping IMG buffer firstly */ + ret = mmap_add_dynamic_region(priv->phy_gen2_fw_img_buf, + priv->phy_gen2_fw_img_buf, + PHY_GEN2_MAX_IMAGE_SIZE, + MT_MEMORY | MT_RW | MT_SECURE); + if (ret != 0) { + ERROR("Failed to add dynamic memory region.\n"); + return ret; + } debug("Load 1D firmware\n"); ret = load_fw(priv->phy, &input, 0, &msg_1d,
diff --git a/drivers/partition/gpt.c b/drivers/partition/gpt.c index ee0bddf..4fe8322 100644 --- a/drivers/partition/gpt.c +++ b/drivers/partition/gpt.c
@@ -1,5 +1,5 @@ /* - * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2022, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -59,6 +59,7 @@ gpt_entry->first_lba + 1) * PLAT_PARTITION_BLOCK_SIZE; guidcpy(&entry->part_guid, &gpt_entry->unique_uuid); + guidcpy(&entry->type_guid, &gpt_entry->type_uuid); return 0; }
diff --git a/drivers/partition/partition.c b/drivers/partition/partition.c index c84816f..1881c91 100644 --- a/drivers/partition/partition.c +++ b/drivers/partition/partition.c
@@ -266,6 +266,19 @@ return NULL; } +const partition_entry_t *get_partition_entry_by_type(const uuid_t *type_uuid) +{ + int i; + + for (i = 0; i < list.entry_count; i++) { + if (guidcmp(type_uuid, &list.list[i].type_guid) == 0) { + return &list.list[i]; + } + } + + return NULL; +} + const partition_entry_t *get_partition_entry_by_uuid(const uuid_t *part_uuid) { int i;
diff --git a/drivers/rpi3/gpio/rpi3_gpio.c b/drivers/rpi3/gpio/rpi3_gpio.c index f938f56..55a8832 100644 --- a/drivers/rpi3/gpio/rpi3_gpio.c +++ b/drivers/rpi3/gpio/rpi3_gpio.c
@@ -10,6 +10,7 @@ #include <lib/mmio.h> #include <drivers/delay_timer.h> #include <drivers/rpi3/gpio/rpi3_gpio.h> +#include <platform_def.h> static uintptr_t reg_base;
diff --git a/drivers/scmi-msg/base.c b/drivers/scmi-msg/base.c index 2d72034..2db4d7e 100644 --- a/drivers/scmi-msg/base.c +++ b/drivers/scmi-msg/base.c
@@ -1,7 +1,7 @@ // SPDX-License-Identifier: BSD-3-Clause /* * Copyright (c) 2015-2019, Arm Limited and Contributors. All rights reserved. - * Copyright (c) 2019-2020, Linaro Limited + * Copyright (c) 2019-2022, Linaro Limited */ #include <assert.h> #include <string.h> @@ -131,15 +131,12 @@ return count; } -#define MAX_PROTOCOL_IN_LIST 8U - static void discover_list_protocols(struct scmi_msg *msg) { const struct scmi_base_discover_list_protocols_a2p *a2p = NULL; struct scmi_base_discover_list_protocols_p2a p2a = { .status = SCMI_SUCCESS, }; - uint8_t outargs[sizeof(p2a) + MAX_PROTOCOL_IN_LIST] = { 0U }; const uint8_t *list = NULL; unsigned int count = 0U; @@ -148,24 +145,22 @@ return; } - assert(msg->out_size > sizeof(outargs)); - a2p = (void *)msg->in; list = plat_scmi_protocol_list(msg->agent_id); count = count_protocols_in_list(list); + if (count > a2p->skip) { - count = MIN(count - a2p->skip, MAX_PROTOCOL_IN_LIST); + count = MIN(count - a2p->skip, msg->out_size - sizeof(p2a)); } else { count = 0U; } p2a.num_protocols = count; - memcpy(outargs, &p2a, sizeof(p2a)); - memcpy(outargs + sizeof(p2a), list + a2p->skip, count); - - scmi_write_response(msg, outargs, sizeof(outargs)); + memcpy(msg->out, &p2a, sizeof(p2a)); + memcpy(msg->out + sizeof(p2a), list + a2p->skip, count); + msg->out_size_out = sizeof(p2a) + round_up(count, sizeof(uint32_t)); } static const scmi_msg_handler_t scmi_base_handler_table[] = {
diff --git a/drivers/st/clk/clk-stm32-core.c b/drivers/st/clk/clk-stm32-core.c index e1b6940..bb03125 100644 --- a/drivers/st/clk/clk-stm32-core.c +++ b/drivers/st/clk/clk-stm32-core.c
@@ -143,7 +143,7 @@ { struct clk_oscillator_data *osc_data = clk_oscillator_get_data(priv, id); - return _clk_stm32_gate_wait_ready(priv, osc_data->gate_id, ready_on); + return _clk_stm32_gate_wait_ready(priv, osc_data->gate_rdy_id, ready_on); } int clk_oscillator_wait_ready_on(struct stm32_clk_priv *priv, int id) @@ -215,24 +215,6 @@ return 0; } -const char *_clk_stm32_get_name(struct stm32_clk_priv *priv, int id) -{ - return priv->clks[id].name; -} - -const char *clk_stm32_get_name(struct stm32_clk_priv *priv, - unsigned long binding_id) -{ - int id; - - id = clk_get_index(priv, binding_id); - if (id == -EINVAL) { - return NULL; - } - - return _clk_stm32_get_name(priv, id); -} - const struct clk_stm32 *_clk_get(struct stm32_clk_priv *priv, int id) { if ((unsigned int)
