Merge "refactor(arm): avoid setting HASH_PREREQUISITES for a build without ROT_KEY" into integration
diff --git a/bl1/bl1.mk b/bl1/bl1.mk
index 95fe50e..53946ab 100644
--- a/bl1/bl1.mk
+++ b/bl1/bl1.mk
@@ -25,6 +25,10 @@
BL1_SOURCES += bl1/bl1_fwu.c
endif
+ifeq (${ENABLE_PMF},1)
+BL1_SOURCES += lib/pmf/pmf_main.c
+endif
+
ifneq ($(findstring gcc,$(notdir $(LD))),)
BL1_LDFLAGS += -Wl,--sort-section=alignment
else ifneq ($(findstring ld,$(notdir $(LD))),)
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index 3f64e27..6fe5511 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,7 +17,9 @@
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/console.h>
+#include <lib/bootmarker_capture.h>
#include <lib/cpus/errata.h>
+#include <lib/pmf/pmf.h>
#include <lib/utils.h>
#include <plat/common/platform.h>
#include <smccc_helpers.h>
@@ -31,6 +33,11 @@
uint64_t bl1_apiakey[2];
#endif
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_REGISTER_SERVICE(bl_svc, PMF_RT_INSTR_SVC_ID,
+ BL_TOTAL_IDS, PMF_DUMP_ENABLE)
+#endif
+
/*******************************************************************************
* Helper utility to calculate the BL2 memory layout taking into consideration
* the BL1 RW data assuming that it is at the top of the memory layout.
@@ -81,6 +88,10 @@
{
unsigned int image_id;
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL1_ENTRY, PMF_CACHE_MAINT);
+#endif
+
/* Announce our arrival */
NOTICE(FIRMWARE_WELCOME_STR);
NOTICE("BL1: %s\n", version_string);
@@ -156,6 +167,10 @@
bl1_prepare_next_image(image_id);
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL1_EXIT, PMF_CACHE_MAINT);
+#endif
+
console_flush();
}
diff --git a/bl2/bl2.mk b/bl2/bl2.mk
index 1663c52..b70a3fb 100644
--- a/bl2/bl2.mk
+++ b/bl2/bl2.mk
@@ -49,3 +49,7 @@
BL2_DEFAULT_LINKER_SCRIPT_SOURCE := bl2/bl2_el3.ld.S
endif
+
+ifeq (${ENABLE_PMF},1)
+BL2_SOURCES += lib/pmf/pmf_main.c
+endif
\ No newline at end of file
diff --git a/bl2/bl2_main.c b/bl2/bl2_main.c
index ce83692..923a554 100644
--- a/bl2/bl2_main.c
+++ b/bl2/bl2_main.c
@@ -16,7 +16,9 @@
#include <drivers/auth/crypto_mod.h>
#include <drivers/console.h>
#include <drivers/fwu/fwu.h>
+#include <lib/bootmarker_capture.h>
#include <lib/extensions/pauth.h>
+#include <lib/pmf/pmf.h>
#include <plat/common/platform.h>
#include "bl2_private.h"
@@ -27,6 +29,11 @@
#define NEXT_IMAGE "BL32"
#endif
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_REGISTER_SERVICE(bl_svc, PMF_RT_INSTR_SVC_ID,
+ BL_TOTAL_IDS, PMF_DUMP_ENABLE);
+#endif
+
#if RESET_TO_BL2
/*******************************************************************************
* Setup function for BL2 when RESET_TO_BL2=1
@@ -81,6 +88,10 @@
{
entry_point_info_t *next_bl_ep_info;
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_ENTRY, PMF_CACHE_MAINT);
+#endif
+
NOTICE("BL2: %s\n", version_string);
NOTICE("BL2: %s\n", build_message);
@@ -118,8 +129,6 @@
disable_mmu_icache_secure();
#endif /* !__aarch64__ */
- console_flush();
-
#if ENABLE_PAUTH
/*
* Disable pointer authentication before running next boot image
@@ -127,6 +136,12 @@
pauth_disable_el1();
#endif /* ENABLE_PAUTH */
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_EXIT, PMF_CACHE_MAINT);
+#endif
+
+ console_flush();
+
/*
* Run next BL image via an SMC to BL1. Information on how to pass
* control to the BL32 (if present) and BL33 software images will
@@ -137,6 +152,9 @@
NOTICE("BL2: Booting " NEXT_IMAGE "\n");
print_entry_point_info(next_bl_ep_info);
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL2_EXIT, PMF_CACHE_MAINT);
+#endif
console_flush();
#if ENABLE_PAUTH
diff --git a/bl31/bl31_main.c b/bl31/bl31_main.c
index 8f1f043..cae55f3 100644
--- a/bl31/bl31_main.c
+++ b/bl31/bl31_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -17,6 +17,7 @@
#include <common/feat_detect.h>
#include <common/runtime_svc.h>
#include <drivers/console.h>
+#include <lib/bootmarker_capture.h>
#include <lib/el3_runtime/context_mgmt.h>
#include <lib/pmf/pmf.h>
#include <lib/runtime_instr.h>
@@ -24,10 +25,15 @@
#include <services/std_svc.h>
#if ENABLE_RUNTIME_INSTRUMENTATION
-PMF_REGISTER_SERVICE_SMC(rt_instr_svc, PMF_RT_INSTR_SVC_ID,
- RT_INSTR_TOTAL_IDS, PMF_STORE_ENABLE)
+ PMF_REGISTER_SERVICE_SMC(rt_instr_svc, PMF_RT_INSTR_SVC_ID,
+ RT_INSTR_TOTAL_IDS, PMF_STORE_ENABLE)
#endif
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_REGISTER_SERVICE(bl_svc, PMF_RT_INSTR_SVC_ID,
+ BL_TOTAL_IDS, PMF_DUMP_ENABLE)
+#endif
+
/*******************************************************************************
* This function pointer is used to initialise the BL32 image. It's initialized
* by SPD calling bl31_register_bl32_init after setting up all things necessary
@@ -123,6 +129,10 @@
detect_arch_features();
#endif /* FEATURE_DETECTION */
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL31_ENTRY, PMF_CACHE_MAINT);
+#endif
+
#ifdef SUPPORT_UNKNOWN_MPID
if (unsupported_mpid_flag == 0) {
NOTICE("Unsupported MPID detected!\n");
@@ -163,6 +173,7 @@
if (bl32_init != NULL) {
INFO("BL31: Initializing BL32\n");
+ console_flush();
int32_t rc = (*bl32_init)();
if (rc == 0) {
@@ -178,6 +189,7 @@
if (rmm_init != NULL) {
INFO("BL31: Initializing RMM\n");
+ console_flush();
int32_t rc = (*rmm_init)();
if (rc == 0) {
@@ -199,6 +211,11 @@
* from BL31
*/
bl31_plat_runtime_setup();
+
+#if ENABLE_RUNTIME_INSTRUMENTATION
+ PMF_CAPTURE_TIMESTAMP(bl_svc, BL31_EXIT, PMF_CACHE_MAINT);
+ console_flush();
+#endif
}
/*******************************************************************************
diff --git a/changelog.yaml b/changelog.yaml
index 3534cb0..9f5d4b7 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -1350,5 +1350,8 @@
- title: Node Package Manager (NPM)
scope: npm
+ - title: Poetry
+ scope: poetry
+
- title: zlib
scope: zlib
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index 20c56fd..026a463 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -635,6 +635,13 @@
:|F|: docs/plat/imx8m.rst
:|F|: plat/imx/imx8m/
+NXP i.MX9 platform port
+^^^^^^^^^^^^^^^^^^^^^^^^
+:|M|: Jacky Bai <ping.bai@nxp.com>
+:|G|: `JackyBai`_
+:|F|: docs/plat/imx9.rst
+:|F|: plat/imx/imx93/
+
NXP QorIQ Layerscape common code for platform ports
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:|M|: Pankaj Gupta <pankaj.gupta@nxp.com>
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index 69d3722..d1bf0d3 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -604,6 +604,9 @@
- ``ERRATA_N2_2002655``: This applies errata 2002655 workaround to Neoverse-N2
CPU. This needs to be enabled for revision r0p0 of the CPU and is fixed in r0p1.
+- ``ERRATA_N2_2009478``: This applies errata 2009478 workaround to Neoverse-N2
+ CPU. This needs to be enabled for revision r0p0 of the CPU and is fixed in r0p1.
+
- ``ERRATA_N2_2067956``: This applies errata 2067956 workaround to Neoverse-N2
CPU. This needs to be enabled for revision r0p0 of the CPU and is fixed in r0p1.
@@ -715,6 +718,10 @@
CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1 of the
CPU, it is still open.
+- ``ERRATA_X3_2742421``: This applies errata 2742421 workaround to
+ Cortex-X3 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
+ r1p1. It is fixed in r1p2.
+
For Cortex-A510, the following errata build flags are defined :
- ``ERRATA_A510_1922240``: This applies errata 1922240 workaround to
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index f4c3c28..332ed58 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -77,7 +77,7 @@
The following libraries are required for Trusted Board Boot and Measured Boot
support:
-- mbed TLS == 3.4.0 (tag: ``mbedtls-3.4.0``)
+- mbed TLS == 3.4.1 (tag: ``mbedtls-3.4.1``)
These tools are optional:
diff --git a/docs/perf/psci-performance-instr.rst b/docs/perf/psci-performance-instr.rst
index 16f386f..41094b2 100644
--- a/docs/perf/psci-performance-instr.rst
+++ b/docs/perf/psci-performance-instr.rst
@@ -13,16 +13,17 @@
Performance Measurement Framework
---------------------------------
-The Performance Measurement Framework `PMF`_ is a framework that provides
-mechanisms for collecting and retrieving timestamps at runtime from the
-Performance Measurement Unit (`PMU`_). The PMU is a generalized abstraction for
-accessing CPU hardware registers used to measure hardware events. This means,
-for instance, that the PMU might be used to place instrumentation points at
-logical locations in code for tracing purposes.
+The Performance Measurement Framework :ref:`PMF <firmware_design_pmf>`
+is a framework that provides mechanisms for collecting and retrieving timestamps
+at runtime from the Performance Measurement Unit
+(:ref:`PMU <Performance Monitoring Unit>`).
+The PMU is a generalized abstraction for accessing CPU hardware registers used to
+measure hardware events. This means, for instance, that the PMU might be used to
+place instrumentation points at logical locations in code for tracing purposes.
TF-A utilises the PMF as a backend for the two instrumentation services it
provides--PSCI Statistics and Runtime Instrumentation. The PMF is used by
-these services to facilitate collection and retrieval of timestamps. For
+these services to facilitate collection and retrieval of timestamps. For
instance, the PSCI Statistics service registers the PMF service
``psci_svc`` to track its residency statistics.
@@ -112,6 +113,4 @@
*Copyright (c) 2023, Arm Limited. All rights reserved.*
-.. _PMF: ../design/firmware-design.html#performance-measurement-framework
-.. _PMU: performance-monitoring-unit.html
.. _PSCI: https://developer.arm.com/documentation/den0022/latest/
diff --git a/docs/perf/psci-performance-juno.rst b/docs/perf/psci-performance-juno.rst
index 7a484b8..d458d86 100644
--- a/docs/perf/psci-performance-juno.rst
+++ b/docs/perf/psci-performance-juno.rst
@@ -34,8 +34,9 @@
- TF-A [`v2.9-rc0`_]
- TFTF [`v2.9-rc0`_]
-Please see the Runtime Instrumentation `Testing Methodology`_ page for more
-details.
+Please see the Runtime Instrumentation :ref:`Testing Methodology
+<Runtime Instrumentation Methodology>`
+page for more details.
Procedure
---------
@@ -418,4 +419,3 @@
.. _Juno R1 platform: https://developer.arm.com/documentation/100122/latest/
.. _TF master as of 31/01/2017: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?id=c38b36d
.. _v2.9-rc0: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?h=v2.9-rc0
-.. _Testing Methodology: ../perf/psci-performance-methodology.html
diff --git a/docs/perf/psci-performance-n1sdp.rst b/docs/perf/psci-performance-n1sdp.rst
index 70a1436..ae1b89b 100644
--- a/docs/perf/psci-performance-n1sdp.rst
+++ b/docs/perf/psci-performance-n1sdp.rst
@@ -10,8 +10,8 @@
- TFTF [`v2.9-rc0`_]
- SCP/MCP `Prebuilt Images`_
-Please see the Runtime Instrumentation `Testing Methodology`_ page for more
-details.
+Please see the Runtime Instrumentation :ref:`Testing Methodology
+<Runtime Instrumentation Methodology>` page for more details.
Procedure
---------
@@ -200,4 +200,3 @@
.. _user guide: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs/-/blob/master/docs/n1sdp/user-guide.rst
.. _Prebuilt Images: https://downloads.trustedfirmware.org/tf-a/css_scp_2.11.0/n1sdp/release/
.. _N1SDP: https://developer.arm.com/documentation/101489/latest
-.. _Testing Methodology: ../perf/psci-performance-methodology.html
\ No newline at end of file
diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst
index 71ec9b1..57a5e1b 100644
--- a/docs/threat_model/threat_model.rst
+++ b/docs/threat_model/threat_model.rst
@@ -7,10 +7,7 @@
This document provides a generic threat model for TF-A firmware.
-.. note::
-
- This threat model doesn't consider Root and Realm worlds introduced by
- :ref:`Realm Management Extension (RME)`.
+.. _Target of Evaluation:
********************
Target of Evaluation
@@ -36,33 +33,12 @@
- There is no Secure-EL2. We don't consider threats that may come with
Secure-EL2 software.
+- There are no Root and Realm worlds. These are introduced by :ref:`Realm
+ Management Extension (RME)`.
+
- No experimental features are enabled. We do not consider threats that may come
from them.
-.. note::
-
- In the current Measured Boot design, BL1, BL2, and BL31, as well as the
- secure world components, form the |SRTM|. Measurement data is currently
- considered an asset to be protected against attack, and this is achieved
- by storing them in the Secure Memory.
- Beyond the measurements stored inside the TCG-compliant Event Log buffer,
- there are no other assets to protect or threats to defend against that
- could compromise |TF-A| execution environment's security.
-
- There are general security assets and threats associated with remote/delegated
- attestation. However, these are outside the |TF-A| security boundary and
- should be dealt with by the appropriate agent in the platform/system.
- Since current Measured Boot design does not use local attestation, there would
- be no further assets to protect(like unsealed keys).
-
- A limitation of the current Measured Boot design is that it is dependent upon
- Secure Boot as implementation of Measured Boot does not extend measurements
- into a discrete |TPM|, where they would be securely stored and protected
- against tampering. This implies that if Secure-Boot is compromised, Measured
- Boot may also be compromised.
-
- Platforms must carefully evaluate the security of the default implementation
- since the |SRTM| includes all secure world components.
Data Flow Diagram
=================
@@ -108,6 +84,8 @@
| | interrupts and registers. |
+-----------------+--------------------------------------------------------+
+
+.. _threat_analysis:
***************
Threat Analysis
@@ -286,201 +264,16 @@
Also, some mitigations require enabling specific features, which must be
explicitly turned on via a build flag.
-These are highlighted in the ``Mitigations implemented?`` box.
-
-+------------------------+----------------------------------------------------+
-| ID | 01 |
-+========================+====================================================+
-| Threat | | **An attacker can mangle firmware images to |
-| | execute arbitrary code** |
-| | |
-| | | Some TF-A images are loaded from external |
-| | storage. It is possible for an attacker to access|
-| | the external flash memory and change its contents|
-| | physically, through the Rich OS, or using the |
-| | updating mechanism to modify the non-volatile |
-| | images to execute arbitrary code. |
-+------------------------+----------------------------------------------------+
-| Diagram Elements | DF1, DF4, DF5 |
-+------------------------+----------------------------------------------------+
-| Affected TF-A | BL2, BL31 |
-| Components | |
-+------------------------+----------------------------------------------------+
-| Assets | Code Execution |
-+------------------------+----------------------------------------------------+
-| Threat Agent | PhysicalAccess, NSCode, SecCode |
-+------------------------+----------------------------------------------------+
-| Threat Type | Tampering, Elevation of Privilege |
-+------------------------+------------------+-----------------+---------------+
-| Application | Server | IoT | Mobile |
-+------------------------+------------------+-----------------+---------------+
-| Impact | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+------------------+-----------------+---------------+
-| Likelihood | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+------------------+-----------------+---------------+
-| Total Risk Rating | Critical (25) | Critical (25) | Critical (25) |
-+------------------------+------------------+-----------------+---------------+
-| Mitigations | | 1) Implement the `Trusted Board Boot (TBB)`_ |
-| | feature which prevents malicious firmware from |
-| | running on the platform by authenticating all |
-| | firmware images. |
-| | |
-| | | 2) Perform extra checks on unauthenticated data, |
-| | such as FIP metadata, prior to use. |
-+------------------------+----------------------------------------------------+
-| Mitigations | | 1) Yes, provided that the ``TRUSTED_BOARD_BOOT`` |
-| implemented? | build option is set to 1. |
-| | |
-| | | 2) Yes. |
-+------------------------+----------------------------------------------------+
-
-+------------------------+----------------------------------------------------+
-| ID | 02 |
-+========================+====================================================+
-| Threat | | **An attacker may attempt to boot outdated, |
-| | potentially vulnerable firmware image** |
-| | |
-| | | When updating firmware, an attacker may attempt |
-| | to rollback to an older version that has unfixed |
-| | vulnerabilities. |
-+------------------------+----------------------------------------------------+
-| Diagram Elements | DF1, DF4, DF5 |
-+------------------------+----------------------------------------------------+
-| Affected TF-A | BL2, BL31 |
-| Components | |
-+------------------------+----------------------------------------------------+
-| Assets | Code Execution |
-+------------------------+----------------------------------------------------+
-| Threat Agent | PhysicalAccess, NSCode, SecCode |
-+------------------------+----------------------------------------------------+
-| Threat Type | Tampering |
-+------------------------+------------------+-----------------+---------------+
-| Application | Server | IoT | Mobile |
-+------------------------+------------------+-----------------+---------------+
-| Impact | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+------------------+-----------------+---------------+
-| Likelihood | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+------------------+-----------------+---------------+
-| Total Risk Rating | Critical (25) | Critical (25) | Critical (25) |
-+------------------------+------------------+-----------------+---------------+
-| Mitigations | Implement anti-rollback protection using |
-| | non-volatile counters (NV counters) as required |
-| | by `TBBR-Client specification`_. |
-+------------------------+----------------------------------------------------+
-| Mitigations | | Yes / Platform specific. |
-| implemented? | |
-| | | After a firmware image is validated, the image |
-| | revision number taken from a certificate |
-| | extension field is compared with the |
-| | corresponding NV counter stored in hardware to |
-| | make sure the new counter value is larger than |
-| | the current counter value. |
-| | |
-| | | **Platforms must implement this protection using |
-| | platform specific hardware NV counters.** |
-+------------------------+----------------------------------------------------+
+When such conditions must be met, these are highlighted in the ``Mitigations
+implemented?`` box.
-+------------------------+-------------------------------------------------------+
-| ID | 03 |
-+========================+=======================================================+
-| Threat | | **An attacker can use Time-of-Check-Time-of-Use |
-| | (TOCTOU) attack to bypass image authentication |
-| | during the boot process** |
-| | |
-| | | Time-of-Check-Time-of-Use (TOCTOU) threats occur |
-| | when the security check is produced before the time |
-| | the resource is accessed. If an attacker is sitting |
-| | in the middle of the off-chip images, they could |
-| | change the binary containing executable code right |
-| | after the integrity and authentication check has |
-| | been performed. |
-+------------------------+-------------------------------------------------------+
-| Diagram Elements | DF1 |
-+------------------------+-------------------------------------------------------+
-| Affected TF-A | BL1, BL2 |
-| Components | |
-+------------------------+-------------------------------------------------------+
-| Assets | Code Execution, Sensitive Data |
-+------------------------+-------------------------------------------------------+
-| Threat Agent | PhysicalAccess |
-+------------------------+-------------------------------------------------------+
-| Threat Type | Elevation of Privilege |
-+------------------------+---------------------+-----------------+---------------+
-| Application | Server | IoT | Mobile |
-+------------------------+---------------------+-----------------+---------------+
-| Impact | N/A | Critical (5) | Critical (5) |
-+------------------------+---------------------+-----------------+---------------+
-| Likelihood | N/A | Medium (3) | Medium (3) |
-+------------------------+---------------------+-----------------+---------------+
-| Total Risk Rating | N/A | High (15) | High (15) |
-+------------------------+---------------------+-----------------+---------------+
-| Mitigations | Copy image to on-chip memory before authenticating |
-| | it. |
-+------------------------+-------------------------------------------------------+
-| Mitigations | | Platform specific. |
-| implemented? | |
-| | | The list of images to load and their location is |
-| | platform specific. Platforms are responsible for |
-| | arranging images to be loaded in on-chip memory. |
-+------------------------+-------------------------------------------------------+
+As our :ref:`Target of Evaluation` is made of several, distinct firmware images,
+some threats are confined in specific images, while others apply to each of
+them. To help developers implement mitigations in the right place, threats below
+are categorized based on the firmware image that should mitigate them.
-+------------------------+-------------------------------------------------------+
-| ID | 04 |
-+========================+=======================================================+
-| Threat | | **An attacker with physical access can execute |
-| | arbitrary image by bypassing the signature |
-| | verification stage using glitching techniques** |
-| | |
-| | | Glitching (Fault injection) attacks attempt to put |
-| | a hardware into a undefined state by manipulating an|
-| | environmental variable such as power supply. |
-| | |
-| | | TF-A relies on a chain of trust that starts with the|
-| | ROTPK, which is the key stored inside the chip and |
-| | the root of all validation processes. If an attacker|
-| | can break this chain of trust, they could execute |
-| | arbitrary code on the device. This could be |
-| | achieved with physical access to the device by |
-| | attacking the normal execution flow of the |
-| | process using glitching techniques that target |
-| | points where the image is validated against the |
-| | signature. |
-+------------------------+-------------------------------------------------------+
-| Diagram Elements | DF1 |
-+------------------------+-------------------------------------------------------+
-| Affected TF-A | BL1, BL2 |
-| Components | |
-+------------------------+-------------------------------------------------------+
-| Assets | Code Execution |
-+------------------------+-------------------------------------------------------+
-| Threat Agent | PhysicalAccess |
-+------------------------+-------------------------------------------------------+
-| Threat Type | Tampering, Elevation of Privilege |
-+------------------------+---------------------+-----------------+---------------+
-| Application | Server | IoT | Mobile |
-+------------------------+---------------------+-----------------+---------------+
-| Impact | N/A | Critical (5) | Critical (5) |
-+------------------------+---------------------+-----------------+---------------+
-| Likelihood | N/A | Medium (3) | Medium (3) |
-+------------------------+---------------------+-----------------+---------------+
-| Total Risk Rating | N/A | High (15) | High (15) |
-+------------------------+---------------------+-----------------+---------------+
-| Mitigations | Mechanisms to detect clock glitch and power |
-| | variations. |
-+------------------------+-------------------------------------------------------+
-| Mitigations | | No. |
-| implemented? | |
-| | | The most effective mitigation is adding glitching |
-| | detection and mitigation circuit at the hardware |
-| | level. |
-| | |
-| | | However, software techniques, such as adding |
-| | redundant checks when performing conditional |
-| | branches that are security sensitive, can be used |
-| | to harden TF-A against such attacks. |
-| | **At the moment TF-A doesn't implement such |
-| | mitigations.** |
-+------------------------+-------------------------------------------------------+
+General Threats for All Firmware Images
+---------------------------------------
+------------------------+---------------------------------------------------+
| ID | 05 |
@@ -598,77 +391,34 @@
+------------------------+----------------------------------------------------+
+------------------------+------------------------------------------------------+
-| ID | 07 |
+| ID | 08 |
+========================+======================================================+
-| Threat | | **An attacker can perform a denial-of-service |
-| | attack by using a broken SMC call that causes the |
-| | system to reboot or enter into unknown state.** |
+| Threat | | **Memory corruption due to memory overflows and |
+| | lack of boundary checking when accessing resources |
+| | could allow an attacker to execute arbitrary code, |
+| | modify some state variable to change the normal |
+| | flow of the program, or leak sensitive |
+| | information** |
| | |
-| | | Secure and non-secure clients access TF-A services |
-| | through SMC calls. Malicious code can attempt to |
-| | place the TF-A runtime into an inconsistent state |
-| | by calling unimplemented SMC call or by passing |
-| | invalid arguments. |
+| | | Like in other software, TF-A has multiple points |
+| | where memory corruption security errors can arise. |
+| | |
+| | | Some of the errors include integer overflow, |
+| | buffer overflow, incorrect array boundary checks, |
+| | and incorrect error management. |
+| | Improper use of asserts instead of proper input |
+| | validations might also result in these kinds of |
+| | errors in release builds. |
+------------------------+------------------------------------------------------+
| Diagram Elements | DF4, DF5 |
+------------------------+------------------------------------------------------+
-| Affected TF-A | BL31 |
+| Affected TF-A | BL1, BL2, BL31 |
| Components | |
+------------------------+------------------------------------------------------+
-| Assets | Availability |
+| Assets | Code Execution, Sensitive Data |
+------------------------+------------------------------------------------------+
| Threat Agent | NSCode, SecCode |
+------------------------+------------------------------------------------------+
-| Threat Type | Denial of Service |
-+------------------------+-------------------+----------------+-----------------+
-| Application | Server | IoT | Mobile |
-+------------------------+-------------------+----------------+-----------------+
-| Impact | Medium (3) | Medium (3) | Medium (3) |
-+------------------------+-------------------+----------------+-----------------+
-| Likelihood | High (4) | High (4) | High (4) |
-+------------------------+-------------------+----------------+-----------------+
-| Total Risk Rating | High (12) | High (12) | High (12) |
-+------------------------+-------------------+----------------+-----------------+
-| Mitigations | Validate SMC function ids and arguments before using |
-| | them. |
-+------------------------+------------------------------------------------------+
-| Mitigations | | Yes / Platform specific. |
-| implemented? | |
-| | | For standard services, all input is validated. |
-| | |
-| | | Platforms that implement SiP services must also |
-| | validate SMC call arguments. |
-+------------------------+------------------------------------------------------+
-
-+------------------------+------------------------------------------------------+
-| ID | 08 |
-+========================+======================================================+
-| Threat | | **Memory corruption due to memory overflows and |
-| | lack of boundary checking when accessing resources |
-| | could allow an attacker to execute arbitrary code, |
-| | modify some state variable to change the normal |
-| | flow of the program, or leak sensitive |
-| | information** |
-| | |
-| | | Like in other software, TF-A has multiple points |
-| | where memory corruption security errors can arise. |
-| | |
-| | | Some of the errors include integer overflow, |
-| | buffer overflow, incorrect array boundary checks, |
-| | and incorrect error management. |
-| | Improper use of asserts instead of proper input |
-| | validations might also result in these kinds of |
-| | errors in release builds. |
-+------------------------+------------------------------------------------------+
-| Diagram Elements | DF4, DF5 |
-+------------------------+------------------------------------------------------+
-| Affected TF-A | BL1, BL2, BL31 |
-| Components | |
-+------------------------+------------------------------------------------------+
-| Assets | Code Execution, Sensitive Data |
-+------------------------+------------------------------------------------------+
-| Threat Agent | NSCode, SecCode |
-+------------------------+------------------------------------------------------+
| Threat Type | Tampering, Information Disclosure, |
| | Elevation of Privilege |
+------------------------+-------------------+-----------------+----------------+
@@ -712,6 +462,380 @@
| | platforms. |
+------------------------+------------------------------------------------------+
+
++------------------------+----------------------------------------------------+
+| ID | 11 |
++========================+====================================================+
+| Threat | | **Misconfiguration of the Memory Management Unit |
+| | (MMU) may allow a normal world software to |
+| | access sensitive data, execute arbitrary |
+| | code or access otherwise restricted HW |
+| | interface** |
+| | |
+| | | A misconfiguration of the MMU could |
+| | lead to an open door for software running in the |
+| | normal world to access sensitive data or even |
+| | execute code if the proper security mechanisms |
+| | are not in place. |
++------------------------+----------------------------------------------------+
+| Diagram Elements | DF5, DF6 |
++------------------------+----------------------------------------------------+
+| Affected TF-A | BL1, BL2, BL31 |
+| Components | |
++------------------------+----------------------------------------------------+
+| Assets | Sensitive Data, Code execution |
++------------------------+----------------------------------------------------+
+| Threat Agent | NSCode |
++------------------------+----------------------------------------------------+
+| Threat Type | Information Disclosure, Elevation of Privilege |
++------------------------+-----------------+-----------------+----------------+
+| Application | Server | IoT | Mobile |
++------------------------+-----------------+-----------------+----------------+
+| Impact | Critical (5) | Critical (5) | Critical (5) |
++------------------------+-----------------+-----------------+----------------+
+| Likelihood | High (4) | High (4) | High (4) |
++------------------------+-----------------+-----------------+----------------+
+| Total Risk Rating | Critical (20) | Critical (20) | Critical (20) |
++------------------------+-----------------+-----------------+----------------+
+| Mitigations | When configuring access permissions, the |
+| | principle of least privilege ought to be |
+| | enforced. This means we should not grant more |
+| | privileges than strictly needed, e.g. code |
+| | should be read-only executable, read-only data |
+| | should be read-only execute-never, and so on. |
++------------------------+----------------------------------------------------+
+| Mitigations | | Platform specific. |
+| implemented? | |
+| | | MMU configuration is platform specific, |
+| | therefore platforms need to make sure that the |
+| | correct attributes are assigned to memory |
+| | regions. |
+| | |
+| | | TF-A provides a library which abstracts the |
+| | low-level details of MMU configuration. It |
+| | provides well-defined and tested APIs. |
+| | Platforms are encouraged to use it to limit the |
+| | risk of misconfiguration. |
++------------------------+----------------------------------------------------+
+
+
++------------------------+-----------------------------------------------------+
+| ID | 13 |
++========================+=====================================================+
+| Threat | | **Leaving sensitive information in the memory, |
+| | can allow an attacker to retrieve them.** |
+| | |
+| | | Accidentally leaving not-needed sensitive data in |
+| | internal buffers can leak them if an attacker |
+| | gains access to memory due to a vulnerability. |
++------------------------+-----------------------------------------------------+
+| Diagram Elements | DF4, DF5 |
++------------------------+-----------------------------------------------------+
+| Affected TF-A | BL1, BL2, BL31 |
+| Components | |
++------------------------+-----------------------------------------------------+
+| Assets | Sensitive Data |
++------------------------+-----------------------------------------------------+
+| Threat Agent | NSCode, SecCode |
++------------------------+-----------------------------------------------------+
+| Threat Type | Information Disclosure |
++------------------------+-------------------+----------------+----------------+
+| Application | Server | IoT | Mobile |
++------------------------+-------------------+----------------+----------------+
+| Impact | Critical (5) | Critical (5) | Critical (5) |
++------------------------+-------------------+----------------+----------------+
+| Likelihood | Medium (3) | Medium (3) | Medium (3) |
++------------------------+-------------------+----------------+----------------+
+| Total Risk Rating | High (15) | High (15) | High (15) |
++------------------------+-------------------+----------------+----------------+
+| Mitigations | Clear the sensitive data from internal buffers as |
+| | soon as they are not needed anymore. |
++------------------------+-----------------------------------------------------+
+| Mitigations | | Yes / Platform specific |
++------------------------+-----------------------------------------------------+
+
+
+Threats to be Mitigated by the Boot Firmware
+--------------------------------------------
+
+The boot firmware here refers to the boot ROM (BL1) and the trusted boot
+firmware (BL2). Typically it does not stay resident in memory and it is
+dismissed once execution has reached the runtime EL3 firmware (BL31). Thus, past
+that point in time, the threats below can no longer be exploited.
+
+Note, however, that this is not necessarily true on all platforms. Platform
+vendors should review these threats to make sure they cannot be exploited
+nonetheless once execution has reached the runtime EL3 firmware.
+
++------------------------+----------------------------------------------------+
+| ID | 01 |
++========================+====================================================+
+| Threat | | **An attacker can mangle firmware images to |
+| | execute arbitrary code** |
+| | |
+| | | Some TF-A images are loaded from external |
+| | storage. It is possible for an attacker to access|
+| | the external flash memory and change its contents|
+| | physically, through the Rich OS, or using the |
+| | updating mechanism to modify the non-volatile |
+| | images to execute arbitrary code. |
++------------------------+----------------------------------------------------+
+| Diagram Elements | DF1, DF4, DF5 |
++------------------------+----------------------------------------------------+
+| Affected TF-A | BL2, BL31 |
+| Components | |
++------------------------+----------------------------------------------------+
+| Assets | Code Execution |
++------------------------+----------------------------------------------------+
+| Threat Agent | PhysicalAccess, NSCode, SecCode |
++------------------------+----------------------------------------------------+
+| Threat Type | Tampering, Elevation of Privilege |
++------------------------+------------------+-----------------+---------------+
+| Application | Server | IoT | Mobile |
++------------------------+------------------+-----------------+---------------+
+| Impact | Critical (5) | Critical (5) | Critical (5) |
++------------------------+------------------+-----------------+---------------+
+| Likelihood | Critical (5) | Critical (5) | Critical (5) |
++------------------------+------------------+-----------------+---------------+
+| Total Risk Rating | Critical (25) | Critical (25) | Critical (25) |
++------------------------+------------------+-----------------+---------------+
+| Mitigations | | 1) Implement the `Trusted Board Boot (TBB)`_ |
+| | feature which prevents malicious firmware from |
+| | running on the platform by authenticating all |
+| | firmware images. |
+| | |
+| | | 2) Perform extra checks on unauthenticated data, |
+| | such as FIP metadata, prior to use. |
++------------------------+----------------------------------------------------+
+| Mitigations | | 1) Yes, provided that the ``TRUSTED_BOARD_BOOT`` |
+| implemented? | build option is set to 1. |
+| | |
+| | | 2) Yes. |
++------------------------+----------------------------------------------------+
+
++------------------------+----------------------------------------------------+
+| ID | 02 |
++========================+====================================================+
+| Threat | | **An attacker may attempt to boot outdated, |
+| | potentially vulnerable firmware image** |
+| | |
+| | | When updating firmware, an attacker may attempt |
+| | to rollback to an older version that has unfixed |
+| | vulnerabilities. |
++------------------------+----------------------------------------------------+
+| Diagram Elements | DF1, DF4, DF5 |
++------------------------+----------------------------------------------------+
+| Affected TF-A | BL2, BL31 |
+| Components | |
++------------------------+----------------------------------------------------+
+| Assets | Code Execution |
++------------------------+----------------------------------------------------+
+| Threat Agent | PhysicalAccess, NSCode, SecCode |
++------------------------+----------------------------------------------------+
+| Threat Type | Tampering |
++------------------------+------------------+-----------------+---------------+
+| Application | Server | IoT | Mobile |
++------------------------+------------------+-----------------+---------------+
+| Impact | Critical (5) | Critical (5) | Critical (5) |
++------------------------+------------------+-----------------+---------------+
+| Likelihood | Critical (5) | Critical (5) | Critical (5) |
++------------------------+------------------+-----------------+---------------+
+| Total Risk Rating | Critical (25) | Critical (25) | Critical (25) |
++------------------------+------------------+-----------------+---------------+
+| Mitigations | Implement anti-rollback protection using |
+| | non-volatile counters (NV counters) as required |
+| | by `TBBR-Client specification`_. |
++------------------------+----------------------------------------------------+
+| Mitigations | | Yes / Platform specific. |
+| implemented? | |
+| | | After a firmware image is validated, the image |
+| | revision number taken from a certificate |
+| | extension field is compared with the |
+| | corresponding NV counter stored in hardware to |
+| | make sure the new counter value is larger than |
+| | the current counter value. |
+| | |
+| | | **Platforms must implement this protection using |
+| | platform specific hardware NV counters.** |
++------------------------+----------------------------------------------------+
+
+
++------------------------+-------------------------------------------------------+
+| ID | 03 |
++========================+=======================================================+
+| Threat | | **An attacker can use Time-of-Check-Time-of-Use |
+| | (TOCTOU) attack to bypass image authentication |
+| | during the boot process** |
+| | |
+| | | Time-of-Check-Time-of-Use (TOCTOU) threats occur |
+| | when the security check is produced before the time |
+| | the resource is accessed. If an attacker is sitting |
+| | in the middle of the off-chip images, they could |
+| | change the binary containing executable code right |
+| | after the integrity and authentication check has |
+| | been performed. |
++------------------------+-------------------------------------------------------+
+| Diagram Elements | DF1 |
++------------------------+-------------------------------------------------------+
+| Affected TF-A | BL1, BL2 |
+| Components | |
++------------------------+-------------------------------------------------------+
+| Assets | Code Execution, Sensitive Data |
++------------------------+-------------------------------------------------------+
+| Threat Agent | PhysicalAccess |
++------------------------+-------------------------------------------------------+
+| Threat Type | Elevation of Privilege |
++------------------------+---------------------+-----------------+---------------+
+| Application | Server | IoT | Mobile |
++------------------------+---------------------+-----------------+---------------+
+| Impact | N/A | Critical (5) | Critical (5) |
++------------------------+---------------------+-----------------+---------------+
+| Likelihood | N/A | Medium (3) | Medium (3) |
++------------------------+---------------------+-----------------+---------------+
+| Total Risk Rating | N/A | High (15) | High (15) |
++------------------------+---------------------+-----------------+---------------+
+| Mitigations | Copy image to on-chip memory before authenticating |
+| | it. |
++------------------------+-------------------------------------------------------+
+| Mitigations | | Platform specific. |
+| implemented? | |
+| | | The list of images to load and their location is |
+| | platform specific. Platforms are responsible for |
+| | arranging images to be loaded in on-chip memory. |
++------------------------+-------------------------------------------------------+
+
+
++------------------------+-------------------------------------------------------+
+| ID | 04 |
++========================+=======================================================+
+| Threat | | **An attacker with physical access can execute |
+| | arbitrary image by bypassing the signature |
+| | verification stage using glitching techniques** |
+| | |
+| | | Glitching (Fault injection) attacks attempt to put |
+| | a hardware into a undefined state by manipulating an|
+| | environmental variable such as power supply. |
+| | |
+| | | TF-A relies on a chain of trust that starts with the|
+| | ROTPK, which is the key stored inside the chip and |
+| | the root of all validation processes. If an attacker|
+| | can break this chain of trust, they could execute |
+| | arbitrary code on the device. This could be |
+| | achieved with physical access to the device by |
+| | attacking the normal execution flow of the |
+| | process using glitching techniques that target |
+| | points where the image is validated against the |
+| | signature. |
++------------------------+-------------------------------------------------------+
+| Diagram Elements | DF1 |
++------------------------+-------------------------------------------------------+
+| Affected TF-A | BL1, BL2 |
+| Components | |
++------------------------+-------------------------------------------------------+
+| Assets | Code Execution |
++------------------------+-------------------------------------------------------+
+| Threat Agent | PhysicalAccess |
++------------------------+-------------------------------------------------------+
+| Threat Type | Tampering, Elevation of Privilege |
++------------------------+---------------------+-----------------+---------------+
+| Application | Server | IoT | Mobile |
++------------------------+---------------------+-----------------+---------------+
+| Impact | N/A | Critical (5) | Critical (5) |
++------------------------+---------------------+-----------------+---------------+
+| Likelihood | N/A | Medium (3) | Medium (3) |
++------------------------+---------------------+-----------------+---------------+
+| Total Risk Rating | N/A | High (15) | High (15) |
++------------------------+---------------------+-----------------+---------------+
+| Mitigations | Mechanisms to detect clock glitch and power |
+| | variations. |
++------------------------+-------------------------------------------------------+
+| Mitigations | | No. |
+| implemented? | |
+| | | The most effective mitigation is adding glitching |
+| | detection and mitigation circuit at the hardware |
+| | level. |
+| | |
+| | | However, software techniques, such as adding |
+| | redundant checks when performing conditional |
+| | branches that are security sensitive, can be used |
+| | to harden TF-A against such attacks. |
+| | **At the moment TF-A doesn't implement such |
+| | mitigations.** |
++------------------------+-------------------------------------------------------+
+
+.. topic:: Measured Boot Threats (or lack of)
+
+ In the current Measured Boot design, BL1, BL2, and BL31, as well as the
+ secure world components, form the |SRTM|. Measurement data is currently
+ considered an asset to be protected against attack, and this is achieved
+ by storing them in the Secure Memory.
+ Beyond the measurements stored inside the TCG-compliant Event Log buffer,
+ there are no other assets to protect or threats to defend against that
+ could compromise |TF-A| execution environment's security.
+
+ There are general security assets and threats associated with remote/delegated
+ attestation. However, these are outside the |TF-A| security boundary and
+ should be dealt with by the appropriate agent in the platform/system.
+ Since current Measured Boot design does not use local attestation, there would
+ be no further assets to protect(like unsealed keys).
+
+ A limitation of the current Measured Boot design is that it is dependent upon
+ Secure Boot as implementation of Measured Boot does not extend measurements
+ into a discrete |TPM|, where they would be securely stored and protected
+ against tampering. This implies that if Secure-Boot is compromised, Measured
+ Boot may also be compromised.
+
+ Platforms must carefully evaluate the security of the default implementation
+ since the |SRTM| includes all secure world components.
+
+
+Threats to be Mitigated by the Runtime EL3 Firmware
+---------------------------------------------------
+
++------------------------+------------------------------------------------------+
+| ID | 07 |
++========================+======================================================+
+| Threat | | **An attacker can perform a denial-of-service |
+| | attack by using a broken SMC call that causes the |
+| | system to reboot or enter into unknown state.** |
+| | |
+| | | Secure and non-secure clients access TF-A services |
+| | through SMC calls. Malicious code can attempt to |
+| | place the TF-A runtime into an inconsistent state |
+| | by calling unimplemented SMC call or by passing |
+| | invalid arguments. |
++------------------------+------------------------------------------------------+
+| Diagram Elements | DF4, DF5 |
++------------------------+------------------------------------------------------+
+| Affected TF-A | BL31 |
+| Components | |
++------------------------+------------------------------------------------------+
+| Assets | Availability |
++------------------------+------------------------------------------------------+
+| Threat Agent | NSCode, SecCode |
++------------------------+------------------------------------------------------+
+| Threat Type | Denial of Service |
++------------------------+-------------------+----------------+-----------------+
+| Application | Server | IoT | Mobile |
++------------------------+-------------------+----------------+-----------------+
+| Impact | Medium (3) | Medium (3) | Medium (3) |
++------------------------+-------------------+----------------+-----------------+
+| Likelihood | High (4) | High (4) | High (4) |
++------------------------+-------------------+----------------+-----------------+
+| Total Risk Rating | High (12) | High (12) | High (12) |
++------------------------+-------------------+----------------+-----------------+
+| Mitigations | Validate SMC function ids and arguments before using |
+| | them. |
++------------------------+------------------------------------------------------+
+| Mitigations | | Yes / Platform specific. |
+| implemented? | |
+| | | For standard services, all input is validated. |
+| | |
+| | | Platforms that implement SiP services must also |
+| | validate SMC call arguments. |
++------------------------+------------------------------------------------------+
+
+
+------------------------+------------------------------------------------------+
| ID | 09 |
+========================+======================================================+
@@ -795,60 +919,6 @@
| | attacks. |
+------------------------+-----------------------------------------------------+
-+------------------------+----------------------------------------------------+
-| ID | 11 |
-+========================+====================================================+
-| Threat | | **Misconfiguration of the Memory Management Unit |
-| | (MMU) may allow a normal world software to |
-| | access sensitive data, execute arbitrary |
-| | code or access otherwise restricted HW |
-| | interface** |
-| | |
-| | | A misconfiguration of the MMU could |
-| | lead to an open door for software running in the |
-| | normal world to access sensitive data or even |
-| | execute code if the proper security mechanisms |
-| | are not in place. |
-+------------------------+----------------------------------------------------+
-| Diagram Elements | DF5, DF6 |
-+------------------------+----------------------------------------------------+
-| Affected TF-A | BL1, BL2, BL31 |
-| Components | |
-+------------------------+----------------------------------------------------+
-| Assets | Sensitive Data, Code execution |
-+------------------------+----------------------------------------------------+
-| Threat Agent | NSCode |
-+------------------------+----------------------------------------------------+
-| Threat Type | Information Disclosure, Elevation of Privilege |
-+------------------------+-----------------+-----------------+----------------+
-| Application | Server | IoT | Mobile |
-+------------------------+-----------------+-----------------+----------------+
-| Impact | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+-----------------+-----------------+----------------+
-| Likelihood | High (4) | High (4) | High (4) |
-+------------------------+-----------------+-----------------+----------------+
-| Total Risk Rating | Critical (20) | Critical (20) | Critical (20) |
-+------------------------+-----------------+-----------------+----------------+
-| Mitigations | When configuring access permissions, the |
-| | principle of least privilege ought to be |
-| | enforced. This means we should not grant more |
-| | privileges than strictly needed, e.g. code |
-| | should be read-only executable, read-only data |
-| | should be read-only execute-never, and so on. |
-+------------------------+----------------------------------------------------+
-| Mitigations | | Platform specific. |
-| implemented? | |
-| | | MMU configuration is platform specific, |
-| | therefore platforms need to make sure that the |
-| | correct attributes are assigned to memory |
-| | regions. |
-| | |
-| | | TF-A provides a library which abstracts the |
-| | low-level details of MMU configuration. It |
-| | provides well-defined and tested APIs. |
-| | Platforms are encouraged to use it to limit the |
-| | risk of misconfiguration. |
-+------------------------+----------------------------------------------------+
+------------------------+-----------------------------------------------------+
| ID | 12 |
@@ -905,40 +975,9 @@
| | mitigated. |
+------------------------+-----------------------------------------------------+
-+------------------------+-----------------------------------------------------+
-| ID | 13 |
-+========================+=====================================================+
-| Threat | | **Leaving sensitive information in the memory, |
-| | can allow an attacker to retrieve them.** |
-| | |
-| | | Accidentally leaving not-needed sensitive data in |
-| | internal buffers can leak them if an attacker |
-| | gains access to memory due to a vulnerability. |
-+------------------------+-----------------------------------------------------+
-| Diagram Elements | DF4, DF5 |
-+------------------------+-----------------------------------------------------+
-| Affected TF-A | BL1, BL2, BL31 |
-| Components | |
-+------------------------+-----------------------------------------------------+
-| Assets | Sensitive Data |
-+------------------------+-----------------------------------------------------+
-| Threat Agent | NSCode, SecCode |
-+------------------------+-----------------------------------------------------+
-| Threat Type | Information Disclosure |
-+------------------------+-------------------+----------------+----------------+
-| Application | Server | IoT | Mobile |
-+------------------------+-------------------+----------------+----------------+
-| Impact | Critical (5) | Critical (5) | Critical (5) |
-+------------------------+-------------------+----------------+----------------+
-| Likelihood | Medium (3) | Medium (3) | Medium (3) |
-+------------------------+-------------------+----------------+----------------+
-| Total Risk Rating | High (15) | High (15) | High (15) |
-+------------------------+-------------------+----------------+----------------+
-| Mitigations | Clear the sensitive data from internal buffers as |
-| | soon as they are not needed anymore. |
-+------------------------+-----------------------------------------------------+
-| Mitigations | | Yes / Platform specific |
-+------------------------+-----------------------------------------------------+
+
+Threats to be Mitigated by an External Agent Outside of TF-A
+------------------------------------------------------------
+------------------------+-----------------------------------------------------+
| ID | 14 |
diff --git a/docs/threat_model/threat_model_el3_spm.rst b/docs/threat_model/threat_model_el3_spm.rst
index c3af7a2..8adf3df 100644
--- a/docs/threat_model/threat_model_el3_spm.rst
+++ b/docs/threat_model/threat_model_el3_spm.rst
@@ -4,7 +4,7 @@
************
Introduction
************
-This document provides a threat model for the TF-A `EL3 Secure Partition Manager`_
+This document provides a threat model for the TF-A :ref:`EL3 Secure Partition Manager`
(EL3 SPM) implementation. The EL3 SPM implementation is based on the
`Arm Firmware Framework for Arm A-profile`_ specification.
@@ -13,7 +13,8 @@
********************
In this threat model, the target of evaluation is the ``Secure Partition Manager Core``
component (SPMC) within the EL3 firmware.
-The monitor and SPMD at EL3 are covered by the `Generic TF-A threat model`_.
+The monitor and SPMD at EL3 are covered by the :ref:`Generic TF-A threat model
+<threat_analysis>`.
The scope for this threat model is:
@@ -70,8 +71,8 @@
Threat Analysis
***************
-This threat model follows a similar methodology to the `Generic TF-A threat model`_.
-The following sections define:
+This threat model follows a similar methodology to the :ref:`Generic TF-A threat model
+<threat_analysis>`. The following sections define:
- Trust boundaries
- Assets
@@ -115,7 +116,8 @@
Threat types
============
-The following threat categories as exposed in the `Generic TF-A threat model`_
+The following threat categories as exposed in the :ref:`Generic TF-A threat model
+<threat_analysis>`
are re-used:
- Spoofing
@@ -642,9 +644,7 @@
---------------
-*Copyright (c) 2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2022-2023, Arm Limited. All rights reserved.*
.. _Arm Firmware Framework for Arm A-profile: https://developer.arm.com/docs/den0077/latest
-.. _EL3 Secure Partition Manager: ../components/el3-spmc.html
-.. _Generic TF-A threat model: ./threat_model.html#threat-analysis
.. _FF-A ACS: https://github.com/ARM-software/ff-a-acs/releases
diff --git a/docs/threat_model/threat_model_spm.rst b/docs/threat_model/threat_model_spm.rst
index 9458a9f..24a115b 100644
--- a/docs/threat_model/threat_model_spm.rst
+++ b/docs/threat_model/threat_model_spm.rst
@@ -4,7 +4,7 @@
************************
Introduction
************************
-This document provides a threat model for the TF-A `Secure Partition Manager`_
+This document provides a threat model for the TF-A :ref:`Secure Partition Manager`
(SPM) implementation or more generally the S-EL2 reference firmware running on
systems implementing the FEAT_SEL2 (formerly Armv8.4 Secure EL2) architecture
extension. The SPM implementation is based on the `Arm Firmware Framework for
@@ -28,7 +28,8 @@
************************
In this threat model, the target of evaluation is the S-EL2 firmware or the
``Secure Partition Manager Core`` component (SPMC).
-The monitor and SPMD at EL3 are covered by the `Generic TF-A threat model`_.
+The monitor and SPMD at EL3 are covered by the :ref:`Generic TF-A threat model
+<threat_analysis>`.
The scope for this threat model is:
@@ -92,7 +93,8 @@
Threat Analysis
*********************
-This threat model follows a similar methodology to the `Generic TF-A threat model`_.
+This threat model follows a similar methodology to the :ref:`Generic TF-A threat model
+<threat_analysis>`.
The following sections define:
- Trust boundaries
@@ -141,7 +143,8 @@
Threat types
============================
-The following threat categories as exposed in the `Generic TF-A threat model`_
+The following threat categories as exposed in the :ref:`Generic TF-A threat model
+<threat_analysis>`
are re-used:
- Spoofing
@@ -1333,7 +1336,5 @@
*Copyright (c) 2021-2023, Arm Limited. All rights reserved.*
.. _Arm Firmware Framework for Arm A-profile: https://developer.arm.com/docs/den0077/latest
-.. _Secure Partition Manager: ../components/secure-partition-manager.html
-.. _Generic TF-A threat model: ./threat_model.html#threat-analysis
.. _FF-A ACS: https://github.com/ARM-software/ff-a-acs/releases
diff --git a/drivers/cadence/uart/aarch64/cdns_console.S b/drivers/cadence/uart/aarch64/cdns_console.S
index 4c1a80e..1bdaa48 100644
--- a/drivers/cadence/uart/aarch64/cdns_console.S
+++ b/drivers/cadence/uart/aarch64/cdns_console.S
@@ -197,7 +197,14 @@
cmp x0, #0
ASM_ASSERT(ne)
#endif /* ENABLE_ASSERTIONS */
- /* Placeholder */
+ /* Loop until the transmit FIFO is empty */
+check_txfifo_empty:
+ ldr w2, [x0, #R_UART_SR]
+ tbz w2, #UART_SR_INTR_TEMPTY_BIT, check_txfifo_empty
+ /* Wait until the Transmit is Inactive */
+check_tx_inactive_state:
+ ldr w2, [x0, #R_UART_SR]
+ tbnz w2, #UART_SR_INTR_TACTIVE_BIT, check_tx_inactive_state
ret
endfunc console_cdns_core_flush
diff --git a/drivers/scmi-msg/clock.c b/drivers/scmi-msg/clock.c
index 98fdc6a..5aaf68c 100644
--- a/drivers/scmi-msg/clock.c
+++ b/drivers/scmi-msg/clock.c
@@ -37,7 +37,8 @@
int32_t plat_scmi_clock_rates_array(unsigned int agent_id __unused,
unsigned int scmi_id __unused,
unsigned long *rates __unused,
- size_t *nb_elts __unused)
+ size_t *nb_elts __unused,
+ uint32_t start_idx __unused)
{
return SCMI_NOT_SUPPORTED;
}
@@ -298,7 +299,7 @@
/* Platform may support array rate description */
status = plat_scmi_clock_rates_array(msg->agent_id, clock_id, NULL,
- &nb_rates);
+ &nb_rates, 0);
if (status == SCMI_SUCCESS) {
/* Currently 12 cells mex, so it's affordable for the stack */
unsigned long plat_rates[RATES_ARRAY_SIZE_MAX / RATE_DESC_SIZE];
@@ -307,7 +308,8 @@
size_t rem_nb = nb_rates - in_args->rate_index - ret_nb;
status = plat_scmi_clock_rates_array(msg->agent_id, clock_id,
- plat_rates, &ret_nb);
+ plat_rates, &ret_nb,
+ in_args->rate_index);
if (status == SCMI_SUCCESS) {
write_rate_desc_array_in_buffer(msg->out + sizeof(p2a),
plat_rates, ret_nb);
diff --git a/fdts/morello-fvp.dts b/fdts/morello-fvp.dts
index dc3df41..fda0f55 100644
--- a/fdts/morello-fvp.dts
+++ b/fdts/morello-fvp.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -25,6 +25,32 @@
};
};
+ /*
+ * The timings below are just to demonstrate working cpuidle.
+ * These values may be inaccurate.
+ */
+ idle-states {
+ entry-method = "psci";
+
+ cluster_sleep: cluster-sleep {
+ compatible = "arm,idle-state";
+ arm,psci-suspend-param = <0x40000022>;
+ local-timer-stop;
+ entry-latency-us = <500>;
+ exit-latency-us = <1000>;
+ min-residency-us = <2500>;
+ };
+
+ cpu_sleep: cpu-sleep {
+ compatible = "arm,idle-state";
+ arm,psci-suspend-param = <0x40000002>;
+ local-timer-stop;
+ entry-latency-us = <150>;
+ exit-latency-us = <300>;
+ min-residency-us = <200>;
+ };
+ };
+
cpus {
#address-cells = <2>;
#size-cells = <0>;
@@ -53,6 +79,7 @@
device_type = "cpu";
enable-method = "psci";
clocks = <&scmi_dvfs 0>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
CPU1: cpu1@100 {
compatible = "arm,armv8";
@@ -60,6 +87,7 @@
device_type = "cpu";
enable-method = "psci";
clocks = <&scmi_dvfs 0>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
CPU2: cpu2@10000 {
compatible = "arm,armv8";
@@ -67,6 +95,7 @@
device_type = "cpu";
enable-method = "psci";
clocks = <&scmi_dvfs 1>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
CPU3: cpu3@10100 {
compatible = "arm,armv8";
@@ -74,6 +103,7 @@
device_type = "cpu";
enable-method = "psci";
clocks = <&scmi_dvfs 1>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
};
diff --git a/fdts/morello-soc.dts b/fdts/morello-soc.dts
index f207c06..fba904b 100644
--- a/fdts/morello-soc.dts
+++ b/fdts/morello-soc.dts
@@ -26,6 +26,32 @@
};
};
+ /*
+ * The timings below are just to demonstrate working cpuidle.
+ * These values may be inaccurate.
+ */
+ idle-states {
+ entry-method = "psci";
+
+ cluster_sleep: cluster-sleep {
+ compatible = "arm,idle-state";
+ arm,psci-suspend-param = <0x40000022>;
+ local-timer-stop;
+ entry-latency-us = <500>;
+ exit-latency-us = <1000>;
+ min-residency-us = <2500>;
+ };
+
+ cpu_sleep: cpu-sleep {
+ compatible = "arm,idle-state";
+ arm,psci-suspend-param = <0x40000002>;
+ local-timer-stop;
+ entry-latency-us = <150>;
+ exit-latency-us = <300>;
+ min-residency-us = <200>;
+ };
+ };
+
cpus {
#address-cells = <2>;
#size-cells = <0>;
@@ -44,6 +70,7 @@
1800000 750000
>;
#cooling-cells = <2>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
cpu1: cpu1@100 {
compatible = "arm,armv8";
@@ -60,6 +87,7 @@
1800000 750000
>;
#cooling-cells = <2>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
cpu2: cpu2@10000 {
compatible = "arm,armv8";
@@ -76,6 +104,7 @@
1800000 750000
>;
#cooling-cells = <2>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
cpu3: cpu3@10100 {
compatible = "arm,armv8";
@@ -92,6 +121,7 @@
1800000 750000
>;
#cooling-cells = <2>;
+ cpu-idle-states = <&cpu_sleep &cluster_sleep>;
};
};
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 951f023..c10102a 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -1379,6 +1379,13 @@
#define HCRX_EL2_INIT_VAL ULL(0x0)
/*******************************************************************************
+ * FEAT_FGT - Definitions for Fine-Grained Trap registers
+ ******************************************************************************/
+#define HFGITR_EL2_INIT_VAL ULL(0x180000000000000)
+#define HFGRTR_EL2_INIT_VAL ULL(0xC4000000000000)
+#define HFGWTR_EL2_INIT_VAL ULL(0xC4000000000000)
+
+/*******************************************************************************
* FEAT_TCR2 - Extended Translation Control Register
******************************************************************************/
#define TCR2_EL2 S3_4_C2_C0_3
diff --git a/include/drivers/cadence/cdns_uart.h b/include/drivers/cadence/cdns_uart.h
index 30ca910..327c1d9 100644
--- a/include/drivers/cadence/cdns_uart.h
+++ b/include/drivers/cadence/cdns_uart.h
@@ -22,6 +22,7 @@
#define UART_SR_INTR_REMPTY_BIT 1
#define UART_SR_INTR_TFUL_BIT 4
#define UART_SR_INTR_TEMPTY_BIT 3
+#define UART_SR_INTR_TACTIVE_BIT 11
#define R_UART_TX 0x30
#define R_UART_RX 0x30
diff --git a/include/drivers/scmi-msg.h b/include/drivers/scmi-msg.h
index eb90859..c93c455 100644
--- a/include/drivers/scmi-msg.h
+++ b/include/drivers/scmi-msg.h
@@ -113,10 +113,12 @@
* @scmi_id: SCMI clock ID
* @rates: If NULL, function returns, else output rates array
* @nb_elts: Array size of @rates.
+ * @start_idx: Start index of rates array
* Return an SCMI compliant error code
*/
int32_t plat_scmi_clock_rates_array(unsigned int agent_id, unsigned int scmi_id,
- unsigned long *rates, size_t *nb_elts);
+ unsigned long *rates, size_t *nb_elts,
+ uint32_t start_idx);
/*
* Get clock possible rate as range with regular steps in Hertz
diff --git a/include/lib/bootmarker_capture.h b/include/lib/bootmarker_capture.h
new file mode 100644
index 0000000..31fe048
--- /dev/null
+++ b/include/lib/bootmarker_capture.h
@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef BOOTMARKER_CAPTURE_H
+#define BOOTMARKER_CAPTURE_H
+
+#define BL1_ENTRY U(0)
+#define BL1_EXIT U(1)
+#define BL2_ENTRY U(2)
+#define BL2_EXIT U(3)
+#define BL31_ENTRY U(4)
+#define BL31_EXIT U(5)
+#define BL_TOTAL_IDS U(6)
+
+#ifdef __ASSEMBLER__
+PMF_DECLARE_CAPTURE_TIMESTAMP(bl_svc)
+#endif /*__ASSEMBLER__*/
+
+#endif /*BOOTMARKER_CAPTURE_H*/
diff --git a/include/lib/cpus/aarch64/cortex_x3.h b/include/lib/cpus/aarch64/cortex_x3.h
index ceafe66..e648734 100644
--- a/include/lib/cpus/aarch64/cortex_x3.h
+++ b/include/lib/cpus/aarch64/cortex_x3.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,4 +31,11 @@
#define CORTEX_X3_CPUACTLR2_EL1 S3_0_C15_C1_1
#define CORTEX_X3_CPUACTLR2_EL1_BIT_36 (ULL(1) << 36)
+/*******************************************************************************
+ * CPU Auxiliary Control register 5 specific definitions.
+ ******************************************************************************/
+#define CORTEX_X3_CPUACTLR5_EL1 S3_0_C15_C8_0
+#define CORTEX_X3_CPUACTLR5_EL1_BIT_55 (ULL(1) << 55)
+#define CORTEX_X3_CPUACTLR5_EL1_BIT_56 (ULL(1) << 56)
+
#endif /* CORTEX_X3_H */
diff --git a/include/plat/arm/common/plat_arm.h b/include/plat/arm/common/plat_arm.h
index e8461f5..2fdbfb7 100644
--- a/include/plat/arm/common/plat_arm.h
+++ b/include/plat/arm/common/plat_arm.h
@@ -39,6 +39,20 @@
* - Region 1 with secure access only;
* - the remaining DRAM regions access from the given Non-Secure masters.
******************************************************************************/
+
+#if ENABLE_RME
+#define ARM_TZC_RME_REGIONS_DEF \
+ {ARM_AP_TZC_DRAM1_BASE, ARM_AP_TZC_DRAM1_END, TZC_REGION_S_RDWR, 0},\
+ {ARM_EL3_TZC_DRAM1_BASE, ARM_L1_GPT_END, TZC_REGION_S_RDWR, 0}, \
+ {ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
+ PLAT_ARM_TZC_NS_DEV_ACCESS}, \
+ /* Realm and Shared area share the same PAS */ \
+ {ARM_REALM_BASE, ARM_EL3_RMM_SHARED_END, ARM_TZC_NS_DRAM_S_ACCESS, \
+ PLAT_ARM_TZC_NS_DEV_ACCESS}, \
+ {ARM_DRAM2_BASE, ARM_DRAM2_END, ARM_TZC_NS_DRAM_S_ACCESS, \
+ PLAT_ARM_TZC_NS_DEV_ACCESS}
+#endif
+
#if SPM_MM
#define ARM_TZC_REGIONS_DEF \
{ARM_AP_TZC_DRAM1_BASE, ARM_EL3_TZC_DRAM1_END + ARM_L1_GPT_SIZE,\
@@ -52,16 +66,16 @@
PLAT_ARM_TZC_NS_DEV_ACCESS}
#elif ENABLE_RME
-#define ARM_TZC_REGIONS_DEF \
- {ARM_AP_TZC_DRAM1_BASE, ARM_AP_TZC_DRAM1_END, TZC_REGION_S_RDWR, 0},\
- {ARM_EL3_TZC_DRAM1_BASE, ARM_L1_GPT_END, TZC_REGION_S_RDWR, 0}, \
- {ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END, ARM_TZC_NS_DRAM_S_ACCESS, \
- PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- /* Realm and Shared area share the same PAS */ \
- {ARM_REALM_BASE, ARM_EL3_RMM_SHARED_END, ARM_TZC_NS_DRAM_S_ACCESS, \
- PLAT_ARM_TZC_NS_DEV_ACCESS}, \
- {ARM_DRAM2_BASE, ARM_DRAM2_END, ARM_TZC_NS_DRAM_S_ACCESS, \
- PLAT_ARM_TZC_NS_DEV_ACCESS}
+#if (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)) && \
+MEASURED_BOOT
+#define ARM_TZC_REGIONS_DEF \
+ ARM_TZC_RME_REGIONS_DEF, \
+ {ARM_EVENT_LOG_DRAM1_BASE, ARM_EVENT_LOG_DRAM1_END, \
+ TZC_REGION_S_RDWR, 0}
+#else
+#define ARM_TZC_REGIONS_DEF \
+ ARM_TZC_RME_REGIONS_DEF
+#endif
#else
#define ARM_TZC_REGIONS_DEF \
diff --git a/lib/cpus/aarch64/cortex_x3.S b/lib/cpus/aarch64/cortex_x3.S
index c781d38..98d148e 100644
--- a/lib/cpus/aarch64/cortex_x3.S
+++ b/lib/cpus/aarch64/cortex_x3.S
@@ -42,6 +42,14 @@
check_erratum_ls cortex_x3, ERRATUM(2615812), CPU_REV(1, 1)
+workaround_reset_start cortex_x3, ERRATUM(2742421), ERRATA_X3_2742421
+ /* Set CPUACTLR5_EL1[56:55] to 2'b01 */
+ sysreg_bit_set CORTEX_X3_CPUACTLR5_EL1, CORTEX_X3_CPUACTLR5_EL1_BIT_55
+ sysreg_bit_clear CORTEX_X3_CPUACTLR5_EL1, CORTEX_X3_CPUACTLR5_EL1_BIT_56
+workaround_reset_end cortex_x3, ERRATUM(2742421)
+
+check_erratum_ls cortex_x3, ERRATUM(2742421), CPU_REV(1, 1)
+
workaround_reset_start cortex_x3, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
#if IMAGE_BL31
override_vector_table wa_cve_vbar_cortex_x3
diff --git a/lib/cpus/aarch64/neoverse_n2.S b/lib/cpus/aarch64/neoverse_n2.S
index acf8dee..ead3908 100644
--- a/lib/cpus/aarch64/neoverse_n2.S
+++ b/lib/cpus/aarch64/neoverse_n2.S
@@ -68,6 +68,22 @@
check_erratum_ls neoverse_n2, ERRATUM(2067956), CPU_REV(0, 0)
+workaround_runtime_start neoverse_n2, ERRATUM(2009478), ERRATA_N2_2009478
+ /* Stash ERRSELR_EL1 in x2 */
+ mrs x2, ERRSELR_EL1
+
+ /* Select error record 0 and clear ED bit */
+ msr ERRSELR_EL1, xzr
+ mrs x1, ERXCTLR_EL1
+ bfi x1, xzr, #ERXCTLR_ED_SHIFT, #1
+ msr ERXCTLR_EL1, x1
+
+ /* Restore ERRSELR_EL1 from x2 */
+ msr ERRSELR_EL1, x2
+workaround_runtime_end neoverse_n2, ERRATUM(2009478), NO_ISB
+
+check_erratum_ls neoverse_n2, ERRATUM(2009478), CPU_REV(0, 0)
+
workaround_reset_start neoverse_n2, ERRATUM(2138953), ERRATA_N2_2138953
/* Apply instruction patching sequence */
mrs x1, NEOVERSE_N2_CPUECTLR2_EL1
@@ -233,7 +249,9 @@
func neoverse_n2_core_pwr_dwn
- apply_erratum neoverse_n2, ERRATUM(2326639), ERRATA_N2_2326639
+ apply_erratum neoverse_n2, ERRATUM(2009478), ERRATA_N2_2009478
+ apply_erratum neoverse_n2, ERRATUM(2326639), ERRATA_N2_2326639, NO_GET_CPU_REV
+
/* ---------------------------------------------------
* Enable CPU power down bit in power control register
* No need to do cache maintenance here.
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index 8df0a29..0d8f4d4 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -615,6 +615,10 @@
# to revisions r0p0 of the Neoverse-N2 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_N2_2002655
+# Flag to apply erratum 2009478 workaround during powerdown. This erratum
+# applies to revision r0p0 of the Neoverse N2 cpu, it is fixed in r0p1.
+CPU_FLAG_LIST += ERRATA_N2_2009478
+
# Flag to apply erratum 2067956 workaround during reset. This erratum applies
# to revision r0p0 of the Neoverse N2 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_N2_2067956
@@ -738,6 +742,10 @@
# to revisions r0p0, r1p0, r1p1 of the Cortex-X3 cpu, it is still open.
CPU_FLAG_LIST += ERRATA_X3_2615812
+# Flag to apply erratum 2742421 workaround on reset. This erratum applies
+# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2.
+CPU_FLAG_LIST += ERRATA_X3_2742421
+
# Flag to apply erratum 1922240 workaround during reset. This erratum applies
# to revision r0p0 of the Cortex-A510 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_A510_1922240
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 0ac2d6e..b16c113 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -279,6 +279,20 @@
write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_HCRX_EL2,
HCRX_EL2_INIT_VAL);
}
+
+ if (is_feat_fgt_supported()) {
+ /*
+ * Initialize HFG*_EL2 registers with a default value so legacy
+ * systems unaware of FEAT_FGT do not get trapped due to their lack
+ * of initialization for this feature.
+ */
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_HFGITR_EL2,
+ HFGITR_EL2_INIT_VAL);
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_HFGRTR_EL2,
+ HFGRTR_EL2_INIT_VAL);
+ write_ctx_reg(get_el2_sysregs_ctx(ctx), CTX_HFGWTR_EL2,
+ HFGWTR_EL2_INIT_VAL);
+ }
#endif /* CTX_INCLUDE_EL2_REGS */
manage_extensions_nonsecure(ctx);
@@ -829,8 +843,27 @@
if (is_feat_hcx_supported()) {
write_hcrx_el2(HCRX_EL2_INIT_VAL);
}
+
+ /*
+ * Initialize Fine-grained trap registers introduced
+ * by FEAT_FGT so all traps are initially disabled when
+ * switching to EL2 or a lower EL, preventing undesired
+ * behavior.
+ */
+ if (is_feat_fgt_supported()) {
+ /*
+ * Initialize HFG*_EL2 registers with a default
+ * value so legacy systems unaware of FEAT_FGT
+ * do not get trapped due to their lack of
+ * initialization for this feature.
+ */
+ write_hfgitr_el2(HFGITR_EL2_INIT_VAL);
+ write_hfgrtr_el2(HFGRTR_EL2_INIT_VAL);
+ write_hfgwtr_el2(HFGWTR_EL2_INIT_VAL);
+ }
}
+
if ((scr_el3 & SCR_HCE_BIT) != 0U) {
/* Use SCTLR_EL1.EE value to initialise sctlr_el2 */
sctlr_elx = read_ctx_reg(get_el1_sysregs_ctx(ctx),
diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk
index 3bce3a5..a5c93a6 100644
--- a/make_helpers/build_macros.mk
+++ b/make_helpers/build_macros.mk
@@ -334,10 +334,10 @@
$(eval OBJ := $(1)/$(patsubst %.c,%.o,$(notdir $(2))))
$(eval DEP := $(patsubst %.o,%.d,$(OBJ)))
-$(eval BL_DEFINES := $($(call uppercase,$(3))_DEFINES))
-$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS))
-$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) -DIMAGE_$(call uppercase,$(3)) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)))
-$(eval BL_CFLAGS := $($(call uppercase,$(3))_CFLAGS))
+$(eval BL_DEFINES := IMAGE_$(call uppercase,$(3)) $($(call uppercase,$(3))_DEFINES) $(PLAT_BL_COMMON_DEFINES))
+$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS) $(PLAT_BL_COMMON_INCLUDE_DIRS))
+$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)) $(PLAT_BL_COMMON_CPPFLAGS))
+$(eval BL_CFLAGS := $($(call uppercase,$(3))_CFLAGS) $(PLAT_BL_COMMON_CFLAGS))
$(OBJ): $(2) $(filter-out %.d,$(MAKEFILE_LIST)) | $(3)_dirs
$$(ECHO) " CC $$<"
@@ -357,10 +357,10 @@
$(eval OBJ := $(1)/$(patsubst %.S,%.o,$(notdir $(2))))
$(eval DEP := $(patsubst %.o,%.d,$(OBJ)))
-$(eval BL_DEFINES := $($(call uppercase,$(3))_DEFINES))
-$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS))
-$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) -DIMAGE_$(call uppercase,$(3)) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)))
-$(eval BL_ASFLAGS := $($(call uppercase,$(3))_ASFLAGS))
+$(eval BL_DEFINES := IMAGE_$(call uppercase,$(3)) $($(call uppercase,$(3))_DEFINES) $(PLAT_BL_COMMON_DEFINES))
+$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS) $(PLAT_BL_COMMON_INCLUDE_DIRS))
+$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)) $(PLAT_BL_COMMON_CPPFLAGS))
+$(eval BL_ASFLAGS := $($(call uppercase,$(3))_ASFLAGS) $(PLAT_BL_COMMON_ASFLAGS))
$(OBJ): $(2) $(filter-out %.d,$(MAKEFILE_LIST)) | $(3)_dirs
$$(ECHO) " AS $$<"
@@ -379,9 +379,9 @@
$(eval DEP := $(1).d)
-$(eval BL_DEFINES := $($(call uppercase,$(3))_DEFINES))
-$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS))
-$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) -DIMAGE_$(call uppercase,$(3)) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)))
+$(eval BL_DEFINES := IMAGE_$(call uppercase,$(3)) $($(call uppercase,$(3))_DEFINES) $(PLAT_BL_COMMON_DEFINES))
+$(eval BL_INCLUDE_DIRS := $($(call uppercase,$(3))_INCLUDE_DIRS) $(PLAT_BL_COMMON_INCLUDE_DIRS))
+$(eval BL_CPPFLAGS := $($(call uppercase,$(3))_CPPFLAGS) $(addprefix -D,$(BL_DEFINES)) $(addprefix -I,$(BL_INCLUDE_DIRS)) $(PLAT_BL_COMMON_CPPFLAGS))
$(1): $(2) $(filter-out %.d,$(MAKEFILE_LIST)) | $(3)_dirs
$$(ECHO) " PP $$<"
@@ -504,7 +504,7 @@
define MAKE_BL
$(eval BUILD_DIR := ${BUILD_PLAT}/$(1))
$(eval BL_SOURCES := $($(call uppercase,$(1))_SOURCES))
- $(eval SOURCES := $(BL_SOURCES) $(BL_COMMON_SOURCES) $(PLAT_BL_COMMON_SOURCES))
+ $(eval SOURCES := $(sort $(BL_SOURCES) $(BL_COMMON_SOURCES) $(PLAT_BL_COMMON_SOURCES)))
$(eval OBJS := $(addprefix $(BUILD_DIR)/,$(call SOURCES_TO_OBJS,$(SOURCES))))
$(eval MAPFILE := $(call IMG_MAPFILE,$(1)))
$(eval ELF := $(call IMG_ELF,$(1)))
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk
index a3351eb..3a2c53f 100644
--- a/make_helpers/tbbr/tbbr_tools.mk
+++ b/make_helpers/tbbr/tbbr_tools.mk
@@ -118,8 +118,10 @@
ifeq (${NEED_BL32},yes)
$(if ${BL32_KEY},$(eval $(call CERT_ADD_CMD_OPT,${BL32_KEY},--tos-fw-key)))
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/tos_fw_content.crt,--tos-fw-cert))
+ifneq (${COT},cca)
$(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/tos_fw_key.crt,--tos-fw-key-cert))
endif
+endif
# Add the BL33 CoT (key cert + img cert)
ifneq (${BL33},)
diff --git a/package-lock.json b/package-lock.json
index 89ebd51..e23f9a4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3894,9 +3894,9 @@
}
},
"node_modules/word-wrap": {
- "version": "1.2.3",
- "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz",
- "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==",
+ "version": "1.2.4",
+ "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz",
+ "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==",
"dev": true,
"engines": {
"node": ">=0.10.0"
@@ -4022,7 +4022,7 @@
}
},
"tools/conventional-changelog-tf-a": {
- "version": "2.7.0",
+ "version": "2.9.0",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
@@ -6978,9 +6978,9 @@
}
},
"word-wrap": {
- "version": "1.2.3",
- "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz",
- "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==",
+ "version": "1.2.4",
+ "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz",
+ "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==",
"dev": true
},
"wordwrap": {
diff --git a/plat/arm/board/arm_fpga/platform.mk b/plat/arm/board/arm_fpga/platform.mk
index c31697e..bd56f30 100644
--- a/plat/arm/board/arm_fpga/platform.mk
+++ b/plat/arm/board/arm_fpga/platform.mk
@@ -33,7 +33,17 @@
FPGA_PRELOADED_CMD_LINE := 0x1000
$(eval $(call add_define,FPGA_PRELOADED_CMD_LINE))
-ENABLE_FEAT_AMU := 2
+ENABLE_BRBE_FOR_NS := 2
+ENABLE_TRBE_FOR_NS := 2
+ENABLE_FEAT_AMU := 2
+ENABLE_FEAT_AMUv1p1 := 2
+ENABLE_FEAT_CSV2_2 := 2
+ENABLE_FEAT_ECV := 2
+ENABLE_FEAT_FGT := 2
+ENABLE_FEAT_HCX := 2
+ENABLE_MPAM_FOR_LOWER_ELS := 2
+ENABLE_SYS_REG_TRACE_FOR_NS := 2
+ENABLE_TRF_FOR_NS := 2
# Treating this as a memory-constrained port for now
USE_COHERENT_MEM := 0
diff --git a/plat/arm/board/fvp/include/platform_def.h b/plat/arm/board/fvp/include/platform_def.h
index df04617..d9fe24f 100644
--- a/plat/arm/board/fvp/include/platform_def.h
+++ b/plat/arm/board/fvp/include/platform_def.h
@@ -168,8 +168,8 @@
# define MAX_XLAT_TABLES 6
# endif
#elif !USE_ROMLIB
-# define PLAT_ARM_MMAP_ENTRIES 11
-# define MAX_XLAT_TABLES 5
+# define PLAT_ARM_MMAP_ENTRIES 12
+# define MAX_XLAT_TABLES 6
#else
# define PLAT_ARM_MMAP_ENTRIES 12
# if (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd)) && \
@@ -437,7 +437,12 @@
/*
* Maximum size of Event Log buffer used in Measured Boot Event Log driver
*/
+#if ENABLE_RME && (defined(SPD_tspd) || defined(SPD_opteed) || defined(SPD_spmd))
+/* Account for additional measurements of secure partitions and SPM. */
+#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x800)
+#else
#define PLAT_ARM_EVENT_LOG_MAX_SIZE UL(0x400)
+#endif
/*
* Maximum size of Event Log buffer used for DRTM
diff --git a/plat/arm/board/morello/platform.mk b/plat/arm/board/morello/platform.mk
index 0ae7693..12ffb5a 100644
--- a/plat/arm/board/morello/platform.mk
+++ b/plat/arm/board/morello/platform.mk
@@ -89,6 +89,9 @@
override ARM_BL31_IN_DRAM := 1
+override PSCI_EXTENDED_STATE_ID := 1
+override ARM_RECOM_STATE_ID_ENC := 1
+
# Errata workarounds:
ERRATA_N1_1868343 := 1
diff --git a/plat/aspeed/ast2700/include/platform_def.h b/plat/aspeed/ast2700/include/platform_def.h
index 3f2468f..8be26c3 100644
--- a/plat/aspeed/ast2700/include/platform_def.h
+++ b/plat/aspeed/ast2700/include/platform_def.h
@@ -41,13 +41,13 @@
#define MAX_MMAP_REGIONS U(32)
/* BL31 region */
-#define BL31_BASE ULL(0x400000000)
-#define BL31_SIZE ULL(0x400000)
+#define BL31_BASE ULL(0x430000000)
+#define BL31_SIZE SZ_512K
#define BL31_LIMIT (BL31_BASE + BL31_SIZE)
/* BL32 region */
#define BL32_BASE BL31_LIMIT
-#define BL32_SIZE ULL(0x400000)
+#define BL32_SIZE SZ_16M
#define BL32_LIMIT (BL32_BASE + BL32_SIZE)
/* console */
diff --git a/plat/imx/imx8m/ddr/clock.c b/plat/imx/imx8m/ddr/clock.c
index 8b132d2..31f2f56 100644
--- a/plat/imx/imx8m/ddr/clock.c
+++ b/plat/imx/imx8m/ddr/clock.c
@@ -91,6 +91,10 @@
case 4000:
mmio_write_32(DRAM_PLL_CTRL + 0x4, (250 << 12) | (3 << 4) | 1);
break;
+ case 3733:
+ case 3732:
+ mmio_write_32(DRAM_PLL_CTRL + 0x4, (311 << 12) | (4 << 4) | 1);
+ break;
case 3200:
mmio_write_32(DRAM_PLL_CTRL + 0x4, (200 << 12) | (3 << 4) | 1);
break;
diff --git a/plat/imx/imx8m/ddr/dram_retention.c b/plat/imx/imx8m/ddr/dram_retention.c
index 983f6e2..d98a37e 100644
--- a/plat/imx/imx8m/ddr/dram_retention.c
+++ b/plat/imx/imx8m/ddr/dram_retention.c
@@ -8,14 +8,12 @@
#include <lib/mmio.h>
#include <dram.h>
+#include <gpc_reg.h>
#include <platform_def.h>
#define SRC_DDR1_RCR (IMX_SRC_BASE + 0x1000)
#define SRC_DDR2_RCR (IMX_SRC_BASE + 0x1004)
-#define PU_PGC_UP_TRG 0xf8
-#define PU_PGC_DN_TRG 0x104
-#define GPC_PU_PWRHSK (IMX_GPC_BASE + 0x01FC)
#define CCM_SRC_CTRL_OFFSET (IMX_CCM_BASE + 0x800)
#define CCM_CCGR_OFFSET (IMX_CCM_BASE + 0x4000)
#define CCM_TARGET_ROOT_OFFSET (IMX_CCM_BASE + 0x8000)
@@ -102,21 +100,12 @@
}
dwc_ddrphy_apb_wr(0xd0000, 0x1);
-#if defined(PLAT_imx8mq)
- /* pwrdnreqn_async adbm/adbs of ddr */
- mmio_clrbits_32(GPC_PU_PWRHSK, BIT(1));
- while (mmio_read_32(GPC_PU_PWRHSK) & BIT(18)) {
- ;
- }
- mmio_setbits_32(GPC_PU_PWRHSK, BIT(1));
-#else
/* pwrdnreqn_async adbm/adbs of ddr */
- mmio_clrbits_32(GPC_PU_PWRHSK, BIT(2));
- while (mmio_read_32(GPC_PU_PWRHSK) & BIT(20)) {
+ mmio_clrbits_32(IMX_GPC_BASE + GPC_PU_PWRHSK, DDRMIX_ADB400_SYNC);
+ while (mmio_read_32(IMX_GPC_BASE + GPC_PU_PWRHSK) & DDRMIX_ADB400_ACK)
;
- }
- mmio_setbits_32(GPC_PU_PWRHSK, BIT(2));
-#endif
+ mmio_setbits_32(IMX_GPC_BASE + GPC_PU_PWRHSK, DDRMIX_ADB400_SYNC);
+
/* remove PowerOk */
mmio_write_32(SRC_DDR1_RCR, 0x8F000008);
@@ -124,8 +113,8 @@
mmio_write_32(CCM_SRC_CTRL(15), 2);
/* enable the phy iso */
- mmio_setbits_32(IMX_GPC_BASE + 0xd40, 1);
- mmio_setbits_32(IMX_GPC_BASE + PU_PGC_DN_TRG, BIT(5));
+ mmio_setbits_32(IMX_GPC_BASE + DDRMIX_PGC, 1);
+ mmio_setbits_32(IMX_GPC_BASE + PU_PGC_DN_TRG, DDRMIX_PWR_REQ);
VERBOSE("dram enter retention\n");
}
@@ -150,7 +139,7 @@
mmio_write_32(CCM_TARGET_ROOT(65) + 0x4, (0x4 << 24) | (0x3 << 16));
/* disable iso */
- mmio_setbits_32(IMX_GPC_BASE + PU_PGC_UP_TRG, BIT(5));
+ mmio_setbits_32(IMX_GPC_BASE + PU_PGC_UP_TRG, DDRMIX_PWR_REQ);
mmio_write_32(SRC_DDR1_RCR, 0x8F000006);
/* wait dram pll locked */
diff --git a/plat/imx/imx8m/imx8mm/gpc.c b/plat/imx/imx8m/imx8mm/gpc.c
index e0e38a9..f173a16 100644
--- a/plat/imx/imx8m/imx8mm/gpc.c
+++ b/plat/imx/imx8m/imx8mm/gpc.c
@@ -19,46 +19,7 @@
#include <gpc.h>
#include <imx_sip_svc.h>
-#define MIPI_PWR_REQ BIT(0)
-#define PCIE_PWR_REQ BIT(1)
-#define OTG1_PWR_REQ BIT(2)
-#define OTG2_PWR_REQ BIT(3)
-#define HSIOMIX_PWR_REQ BIT(4)
-#define GPU2D_PWR_REQ BIT(6)
-#define GPUMIX_PWR_REQ BIT(7)
-#define VPUMIX_PWR_REQ BIT(8)
-#define GPU3D_PWR_REQ BIT(9)
-#define DISPMIX_PWR_REQ BIT(10)
-#define VPU_G1_PWR_REQ BIT(11)
-#define VPU_G2_PWR_REQ BIT(12)
-#define VPU_H1_PWR_REQ BIT(13)
-
-#define HSIOMIX_ADB400_SYNC (0x3 << 5)
-#define DISPMIX_ADB400_SYNC BIT(7)
-#define VPUMIX_ADB400_SYNC BIT(8)
-#define GPU3D_ADB400_SYNC BIT(9)
-#define GPU2D_ADB400_SYNC BIT(10)
-#define GPUMIX_ADB400_SYNC BIT(11)
-#define HSIOMIX_ADB400_ACK (0x3 << 23)
-#define DISPMIX_ADB400_ACK BIT(25)
-#define VPUMIX_ADB400_ACK BIT(26)
-#define GPU3D_ADB400_ACK BIT(27)
-#define GPU2D_ADB400_ACK BIT(28)
-#define GPUMIX_ADB400_ACK BIT(29)
-
-#define MIPI_PGC 0xc00
-#define PCIE_PGC 0xc40
-#define OTG1_PGC 0xc80
-#define OTG2_PGC 0xcc0
-#define HSIOMIX_PGC 0xd00
-#define GPU2D_PGC 0xd80
-#define GPUMIX_PGC 0xdc0
-#define VPUMIX_PGC 0xe00
-#define GPU3D_PGC 0xe40
-#define DISPMIX_PGC 0xe80
-#define VPU_G1_PGC 0xec0
-#define VPU_G2_PGC 0xf00
-#define VPU_H1_PGC 0xf40
+#define CCGR(x) (0x4000 + (x) * 16)
enum pu_domain_id {
HSIOMIX,
diff --git a/plat/qemu/qemu/qemu_bl1_measured_boot.c b/plat/qemu/qemu/qemu_bl1_measured_boot.c
index 3d20f97..7984781 100644
--- a/plat/qemu/qemu/qemu_bl1_measured_boot.c
+++ b/plat/qemu/qemu/qemu_bl1_measured_boot.c
@@ -26,3 +26,9 @@
{
return 0;
}
+
+int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
+ size_t pk_len)
+{
+ return 0;
+}
diff --git a/plat/st/stm32mp1/stm32mp1_scmi.c b/plat/st/stm32mp1/stm32mp1_scmi.c
index 98585dc..625d01a 100644
--- a/plat/st/stm32mp1/stm32mp1_scmi.c
+++ b/plat/st/stm32mp1/stm32mp1_scmi.c
@@ -260,7 +260,8 @@
}
int32_t plat_scmi_clock_rates_array(unsigned int agent_id, unsigned int scmi_id,
- unsigned long *array, size_t *nb_elts)
+ unsigned long *array, size_t *nb_elts,
+ uint32_t start_idx)
{
struct stm32_scmi_clk *clock = find_clock(agent_id, scmi_id);
@@ -272,6 +273,10 @@
return SCMI_DENIED;
}
+ if (start_idx > 0) {
+ return SCMI_OUT_OF_RANGE;
+ }
+
if (array == NULL) {
*nb_elts = 1U;
} else if (*nb_elts == 1U) {
diff --git a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
index dacef74..495f0c7 100644
--- a/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
+++ b/plat/ti/k3/common/drivers/ti_sci/ti_sci.c
@@ -413,7 +413,7 @@
struct ti_sci_xfer xfer;
int ret;
- ret = ti_sci_setup_one_xfer(TI_SCI_MSG_GET_DEVICE_STATE, 0,
+ ret = ti_sci_setup_one_xfer(TI_SCI_MSG_SET_DEVICE_STATE, 0,
&req, sizeof(req),
NULL, 0,
&xfer);
@@ -1389,7 +1389,7 @@
struct ti_sci_xfer xfer;
int ret;
- ret = ti_sci_setup_one_xfer(TI_SCI_MSG_GET_DEVICE_STATE, 0,
+ ret = ti_sci_setup_one_xfer(TISCI_MSG_SET_PROC_BOOT_CTRL, 0,
&req, sizeof(req),
NULL, 0,
&xfer);
@@ -1623,7 +1623,7 @@
struct ti_sci_xfer xfer;
int ret;
- ret = ti_sci_setup_one_xfer(TI_SCI_MSG_GET_DEVICE_STATE, 0,
+ ret = ti_sci_setup_one_xfer(TISCI_MSG_WAIT_PROC_BOOT_STATUS, 0,
&req, sizeof(req),
NULL, 0,
&xfer);
@@ -1669,7 +1669,7 @@
struct ti_sci_xfer xfer;
int ret;
- ret = ti_sci_setup_one_xfer(TI_SCI_MSG_GET_DEVICE_STATE, 0,
+ ret = ti_sci_setup_one_xfer(TI_SCI_MSG_ENTER_SLEEP, 0,
&req, sizeof(req),
NULL, 0,
&xfer);
diff --git a/plat/xilinx/common/plat_fdt.c b/plat/xilinx/common/plat_fdt.c
index dc3e893..012aaa6 100644
--- a/plat/xilinx/common/plat_fdt.c
+++ b/plat/xilinx/common/plat_fdt.c
@@ -12,11 +12,17 @@
#include <plat_fdt.h>
#include <platform_def.h>
-#if (defined(XILINX_OF_BOARD_DTB_ADDR) && !IS_TFA_IN_OCM(BL31_BASE))
void prepare_dtb(void)
{
- void *dtb = (void *)XILINX_OF_BOARD_DTB_ADDR;
+ void *dtb;
int ret;
+#if !defined(XILINX_OF_BOARD_DTB_ADDR)
+ return;
+#else
+ dtb = (void *)XILINX_OF_BOARD_DTB_ADDR;
+#endif
+ if (IS_TFA_IN_OCM(BL31_BASE))
+ return;
/* Return if no device tree is detected */
if (fdt_check_header(dtb) != 0) {
@@ -31,7 +37,7 @@
}
/* Reserve memory used by Trusted Firmware. */
- if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE, BL31_LIMIT - BL31_BASE + 1)) {
+ if (fdt_add_reserved_memory(dtb, "tf-a", BL31_BASE, BL31_LIMIT - BL31_BASE)) {
WARN("Failed to add reserved memory nodes for BL31 to DT.\n");
return;
}
@@ -45,8 +51,3 @@
clean_dcache_range((uintptr_t)dtb, fdt_blob_size(dtb));
INFO("Changed device tree to advertise PSCI and reserved memories.\n");
}
-#else
-void prepare_dtb(void)
-{
-}
-#endif
diff --git a/plat/xilinx/versal/include/platform_def.h b/plat/xilinx/versal/include/platform_def.h
index 4c0df4f..4c02402 100644
--- a/plat/xilinx/versal/include/platform_def.h
+++ b/plat/xilinx/versal/include/platform_def.h
@@ -79,7 +79,7 @@
#define XILINX_OF_BOARD_DTB_MAX_SIZE U(0x200000)
-#define PLAT_OCM_BSE U(0xFFFE0000)
+#define PLAT_OCM_BASE U(0xFFFE0000)
#define PLAT_OCM_LIMIT U(0xFFFFFFFF)
#define IS_TFA_IN_OCM(x) ((x >= PLAT_OCM_BASE) && (x < PLAT_OCM_LIMIT))
diff --git a/poetry.lock b/poetry.lock
index 07cd572..08b2b37 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.5.0 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
[[package]]
name = "alabaster"
@@ -68,13 +68,13 @@
[[package]]
name = "certifi"
-version = "2022.12.7"
+version = "2023.7.22"
description = "Python package for providing Mozilla's CA Bundle."
optional = false
python-versions = ">=3.6"
files = [
- {file = "certifi-2022.12.7-py3-none-any.whl", hash = "sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18"},
- {file = "certifi-2022.12.7.tar.gz", hash = "sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3"},
+ {file = "certifi-2023.7.22-py3-none-any.whl", hash = "sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9"},
+ {file = "certifi-2023.7.22.tar.gz", hash = "sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082"},
]
[[package]]
@@ -556,13 +556,13 @@
[[package]]
name = "requests"
-version = "2.30.0"
+version = "2.31.0"
description = "Python HTTP for Humans."
optional = false
python-versions = ">=3.7"
files = [
- {file = "requests-2.30.0-py3-none-any.whl", hash = "sha256:10e94cc4f3121ee6da529d358cdaeaff2f1c409cd377dbc72b825852f2f7e294"},
- {file = "requests-2.30.0.tar.gz", hash = "sha256:239d7d4458afcb28a692cdd298d87542235f4ca8d36d03a15bfc128a6559a2f4"},
+ {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"},
+ {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"},
]
[package.dependencies]
diff --git a/services/std_svc/errata_abi/cpu_errata_info.h b/services/std_svc/errata_abi/cpu_errata_info.h
index 9906fac..e24a621 100644
--- a/services/std_svc/errata_abi/cpu_errata_info.h
+++ b/services/std_svc/errata_abi/cpu_errata_info.h
@@ -28,6 +28,7 @@
#include <cortex_a715.h>
#include <cortex_x1.h>
#include <cortex_x2.h>
+#include <cortex_x3.h>
#include <neoverse_n1.h>
#include <neoverse_n2.h>
#include <neoverse_v1.h>
diff --git a/services/std_svc/errata_abi/errata_abi_main.c b/services/std_svc/errata_abi/errata_abi_main.c
index 71a907b..8fee6ac 100644
--- a/services/std_svc/errata_abi/errata_abi_main.c
+++ b/services/std_svc/errata_abi/errata_abi_main.c
@@ -332,24 +332,25 @@
.cpu_partnumber = NEOVERSE_N2_MIDR,
.cpu_errata_list = {
[0] = {2002655, 0x00, 0x00, ERRATA_N2_2002655},
- [1] = {2025414, 0x00, 0x00, ERRATA_N2_2025414},
- [2] = {2067956, 0x00, 0x00, ERRATA_N2_2067956},
- [3] = {2138953, 0x00, 0x00, ERRATA_N2_2138953},
- [4] = {2138956, 0x00, 0x00, ERRATA_N2_2138956},
- [5] = {2138958, 0x00, 0x00, ERRATA_N2_2138958},
- [6] = {2189731, 0x00, 0x00, ERRATA_N2_2189731},
- [7] = {2242400, 0x00, 0x00, ERRATA_N2_2242400},
- [8] = {2242415, 0x00, 0x00, ERRATA_N2_2242415},
- [9] = {2280757, 0x00, 0x00, ERRATA_N2_2280757},
- [10] = {2326639, 0x00, 0x00, ERRATA_N2_2326639},
- [11] = {2376738, 0x00, 0x00, ERRATA_N2_2376738},
- [12] = {2388450, 0x00, 0x00, ERRATA_N2_2388450},
- [13] = {2728475, 0x00, 0x02, ERRATA_N2_2728475, \
+ [1] = {2009478, 0x00, 0x00, ERRATA_N2_2009478},
+ [2] = {2025414, 0x00, 0x00, ERRATA_N2_2025414},
+ [3] = {2067956, 0x00, 0x00, ERRATA_N2_2067956},
+ [4] = {2138953, 0x00, 0x00, ERRATA_N2_2138953},
+ [5] = {2138956, 0x00, 0x00, ERRATA_N2_2138956},
+ [6] = {2138958, 0x00, 0x00, ERRATA_N2_2138958},
+ [7] = {2189731, 0x00, 0x00, ERRATA_N2_2189731},
+ [8] = {2242400, 0x00, 0x00, ERRATA_N2_2242400},
+ [9] = {2242415, 0x00, 0x00, ERRATA_N2_2242415},
+ [10] = {2280757, 0x00, 0x00, ERRATA_N2_2280757},
+ [11] = {2326639, 0x00, 0x00, ERRATA_N2_2326639},
+ [12] = {2376738, 0x00, 0x00, ERRATA_N2_2376738},
+ [13] = {2388450, 0x00, 0x00, ERRATA_N2_2388450},
+ [14] = {2728475, 0x00, 0x02, ERRATA_N2_2728475, \
ERRATA_NON_ARM_INTERCONNECT},
- [14] = {2743014, 0x00, 0x02, ERRATA_N2_2743014},
- [15] = {2743089, 0x00, 0x02, ERRATA_N2_2743089},
- [16] = {2779511, 0x00, 0x02, ERRATA_N2_2779511},
- [17 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [15] = {2743014, 0x00, 0x02, ERRATA_N2_2743014},
+ [16] = {2743089, 0x00, 0x02, ERRATA_N2_2743089},
+ [17] = {2779511, 0x00, 0x02, ERRATA_N2_2779511},
+ [18 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* NEOVERSE_N2_H_INC */
@@ -417,6 +418,18 @@
}
},
#endif /* CORTEX_A715_H_INC */
+
+#if CORTEX_X3_H_INC
+{
+ .cpu_partnumber = CORTEX_X3_MIDR,
+ .cpu_errata_list = {
+ [0] = {2313909, 0x00, 0x10, ERRATA_X3_2313909},
+ [1] = {2615812, 0x00, 0x11, ERRATA_X3_2615812},
+ [2] = {2742421, 0x00, 0x11, ERRATA_X3_2742421},
+ [3 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ }
+},
+#endif /* CORTEX_X3_H_INC */
};
/*