2017-06-28 |
Do basic CryptoCell LCS check
...
This patch implements the basic lifecycle state check when CryptoCell
SBROM is initialized. Currently the check ensures that if the lifecycle
state is Security Disabled (SD), the boot process does not proceed
further.
Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 28 Jun 2017
|
Add CC crypto driver to the Auth module
...
This patch adds a crypto driver which utilizes the ARM® TrustZone®
CryptoCell-712 to verify signature and hash during Trusted Board Boot. Along
with this driver, the CryptoCell SBROM library is required to successfully
build the BL image. The path to this library is specified via
the `CCSBROM_LIB_PATH` variable. Please note that, mbedTLS is still required
to do the X509 certificate ASN.1 parsing and CryptoCell is only utilized for
signature and hash verification.
Change-Id: If82dfbae0d7772ba1c64839f0b27850c103fe253
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 28 Jun 2017
|
2017-06-23 |
io_dummy: correct sparse warnings
...
Include io_dummy.h header file.
Use static for device_type_dummy function.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Etienne Carriere
committed
on 23 Jun 2017
|
io_storage: use unsigned int for index
...
This change avoids warning about type conversion.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Etienne Carriere
committed
on 23 Jun 2017
|
delay_timer: correct sparse issues and warnings
...
Use NULL instead of 0 where required.
Include headers to have the prototype of the functions.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Etienne Carriere
committed
on 23 Jun 2017
|
2017-06-13 |
ufs: fix the and operator
...
Should use AND (&), not &&.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Haojian Zhuang
committed
on 13 Jun 2017
|
2017-06-09 |
Merge pull request #968 from antonio-nino-diaz-arm/an/snprintf-alt
...
mbedtls: Don't use tf_snprintf if option not defined
davidcunado-arm
authored
on 9 Jun 2017
GitHub
committed
on 9 Jun 2017
|
2017-06-06 |
mbedtls: Don't use tf_snprintf if option not defined
...
If `MBEDTLS_PLATFORM_SNPRINTF_ALT` isn't used, the function
`mbedtls_platform_set_snprintf()` isn't defined.
In case a platform uses a different mbed TLS configuration file than
the one provided by the Trusted Firmware, and it doesn't define the
mentioned build option, this will result in a build error.
This patch modifies the initialization code so that
`mbedtls_platform_set_snprintf()` is only used if
`MBEDTLS_PLATFORM_SNPRINTF_ALT` is defined, allowing platforms to use
it or not depending on their needs.
Change-Id: I1d5c86d57e9b2871ba463030bf89210ebec5178e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 6 Jun 2017
|
2017-06-05 |
Merge pull request #964 from soby-mathew/sm/rsapss_sup
...
Add support for RSASSAPSS algorithm
danh-arm
authored
on 5 Jun 2017
GitHub
committed
on 5 Jun 2017
|
Add support for RSASSAPSS algorithm in mbedtls crypto driver
...
This patch adds support for RSASSA-PSS Signature Algorithm for
X509 certificates in mbedtls crypto driver. Now the driver supports
RSA PKCS2_1 standard as mandated by TBBR.
NOTE: With this patch, the PKCS1_5 standard compliant RSA signature
is deprecated.
Change-Id: I9cf6d073370b710cc36a7b374a55ec96c0496461
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 5 Jun 2017
|
Increase heapsize for mbedtls library
...
The mbedTLS library requires larger heap memory for verification of RSASSA-PSS
signature in certificates during Trusted Board Boot. This patch increases the
heap memory for the same.
Change-Id: I3c3123d7142b7b7b01463516ec436734895da159
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 5 Jun 2017
|
2017-06-01 |
Introduce ARM GIC-600 driver
...
ARM GIC-600 IP complies with ARM GICv3 architecture, but among others,
implements a power control register in the Redistributor frame. This
register must be programmed to mark the frame as powered on, before
accessing other registers in the frame. Rest of initialization sequence
remains the same.
The driver provides APIs for Redistributor power management, and
overrides those in the generic GICv3 driver. The driver data is shared
between generic GICv3 driver and that of GIC-600.
For FVP platform, the GIC-600 driver is chosen when FVP_USE_GIC_DRIVER
is set to FVP_GIC600. Also update user guide.
Change-Id: I321b2360728d69f6d4b0a747b2cfcc3fe5a20d67
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan
committed
on 1 Jun 2017
|
2017-05-31 |
Merge pull request #958 from antonio-nino-diaz-arm/an/mbedtls-heap-size
...
mbedtls: Define optimized mbed TLS heap size
danh-arm
authored
on 31 May 2017
GitHub
committed
on 31 May 2017
|
mbedtls: Define optimized mbed TLS heap size
...
mbed TLS provides the debug API `mbedtls_memory_buffer_alloc_status()`
to analyse the RAM usage of the library.
When RSA is selected as algorithm, the maximum heap usage in FVP and
Juno has been determined empirically to be approximately 5.5 KiB.
However, The default heap size used when RSA is selected is 8 KiB.
This patch reduces the buffer from 8 KiB to 6 KiB so that the BSS
sections of both BL1 and BL2 are 2 KiB smaller when the firmware is
compiled with TBB support.
Change-Id: I43878a4e7af50c97be9c8d027c728c8483f24fbf
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 31 May 2017
|
Merge pull request #955 from hzhuang1/ufs
...
Add ufs stack and designware phy
danh-arm
authored
on 31 May 2017
GitHub
committed
on 31 May 2017
|
2017-05-30 |
drivers: add designware ufs driver
...
Initialized the designware UFS PHY.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Haojian Zhuang
committed
on 30 May 2017
|
drivers: add ufs stack
...
If UFS device is initialized, we could just make it out of
hibernation by UFS_FLAGS_SKIPINIT. And vendor's dirver is always
focus on PHY setting. We could use UFS driver directly if it
exits from hibernation.
There're eight LUNs in UFS device. The UFS driver only provides
the read/write API with LUN. User could define his own read/write
since user may want to access different LUNs.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Haojian Zhuang
committed
on 30 May 2017
|
Merge pull request #949 from antonio-nino-diaz-arm/an/printf-memory
...
Reduce code size when building with Trusted Board Boot enabled
davidcunado-arm
authored
on 30 May 2017
GitHub
committed
on 30 May 2017
|
2017-05-24 |
mbedtls: Use `tf_snprintf` instead of `snprintf`
...
The Trusted Firmware uses a subset of the APIs provided by mbed TLS.
This subset internally uses `snprintf`, but the only format specifier
used is '%d', which is supported by `tf_snprintf`.
This patch makes mbed TLS use `tf_snprintf` instead of `snprintf`,
saving 3 KB in both debug and release builds when TBBR is enabled.
Change-Id: I7f992a21015930d7c0f4660e7a28ceefd60b9597
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 24 May 2017
|
2017-05-23 |
cert: move platform_oid.h to include/tools_share for all platforms
...
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).
For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.
The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.
For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada
committed
on 23 May 2017
|
2017-05-12 |
mbedtls: Complete namespace for TF specific macros
...
This patch renames MBEDTLS_KEY_ALG to TF_MBEDTLS_KEY_ALG. This
completes the migration of TF specific macros so that they do not
have the MBEDTLS_ suffix (see arm-trusted-firmware#874).
Change-Id: Iad7632477e220b0af987c4db3cf52229fb127d00
Signed-off-by: David Cunado <david.cunado@arm.com>
David Cunado
committed
on 12 May 2017
|
mbedtls: Namespace for TF specific macros
...
An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
macros to have a TBBR_ suffix to avoid any potential clash with future
mbedtls macros.
But on reflection the TBBR_ suffix could be confusing as the macros
are used to drive TF-specific configuration of mbedtls. As such
this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
suffix which more accurately conveys their use.
Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
Signed-off-by: David Cunado <david.cunado@arm.com>
David Cunado
committed
on 12 May 2017
|
2017-05-03 |
Use SPDX license identifiers
...
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
dp-arm
committed
on 3 May 2017
|
2017-04-21 |
drivers: ti: uart: remove UART_FCR writes
...
This patch removes the code that touched UART_FCR, from
console_core_putc(). The check for whether transmit FIFO is
full is sufficient before writing to UART TX FIFO. In fact
setting UARTFCR_TXCLR immediately after a byte is written to
FIFO might even result in loss of that byte, if UART hasn't
sent that byte out yet.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Varun Wadekar
committed
on 21 Apr 2017
|
Merge pull request #906 from antonio-nino-diaz-arm/an/asserts-release
...
Add `ENABLE_ASSERTIONS` build option
davidcunado-arm
authored
on 21 Apr 2017
GitHub
committed
on 21 Apr 2017
|
2017-04-20 |
Control inclusion of helper code used for asserts
...
Many asserts depend on code that is conditionally compiled based on the
DEBUG define. This patch modifies the conditional inclusion of such code
so that it is based on the ENABLE_ASSERTIONS build option.
Change-Id: I6406674788aa7e1ad7c23d86ce94482ad3c382bd
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 20 Apr 2017
|
2017-04-18 |
TZC: rename included C file to a header
...
C files shouldn't be included into others. This file only contains some
macros and functions that can be made `static inline`, so it is ok to
convert it into a header file.
This is the only occurrence of a C file being included in another one in
the codebase instead of using a header, other occurrences are a way of
achieving backwards-compatibility.
Functions therein have been qualified as `inline`.
Change-Id: I88fe300f6d85a7f0740ef14c9cb8fa54849218e6
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 18 Apr 2017
|
2017-04-16 |
Merge pull request #893 from antonio-nino-diaz-arm/an/tf-printf-error
...
Replace tf_printf occurrences with ERROR
davidcunado-arm
authored
on 16 Apr 2017
GitHub
committed
on 16 Apr 2017
|
2017-04-12 |
Merge pull request #885 from antonio-nino-diaz-arm/an/console-flush
...
Implement console_flush()
davidcunado-arm
authored
on 12 Apr 2017
GitHub
committed
on 12 Apr 2017
|
2017-04-06 |
Replace tf_printf occurrences with ERROR
...
The amount of console output is controlled by the LOG_LEVEL build
option. Using tf_printf without any #ifdef depending on the LOG_LEVEL
doesn't give the user that flexibility.
This patch replaces all occurrences of tf_printf that prints error, but
aren't dependent on LOG_LEVEL, with the ERROR macro.
Change-Id: Ib5147f14fc1579398a11f19ddd0e840ff6692831
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz
committed
on 6 Apr 2017
|