- TF-A - lists.trustedfirmware.org

[PATCH 1/2] fix(cert-create): move WARN to higher priority than NOTICE

by Baruch Siach

NOTICE messages should require higher LOG_LEVEL than WARN, not the other way around. Signed-off-by: Baruch Siach <baruch(a)tkos.co.il> Change-Id: Iba9c67cafed19be47e7d03198faa98fbf99a10ee --- I still can't upload to review.trustedfirmware.org so I'm once again sending to the list instead. https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.… --- tools/cert_create/include/debug.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/cert_create/include/debug.h b/tools/cert_create/include/debug.h index ee8f1f51786f..8f7c62eefe2d 100644 --- a/tools/cert_create/include/debug.h +++ b/tools/cert_create/include/debug.h @@ -20,8 +20,8 @@ #define LOG_LEVEL_NONE 0 #define LOG_LEVEL_ERROR 10 -#define LOG_LEVEL_NOTICE 20 -#define LOG_LEVEL_WARNING 30 +#define LOG_LEVEL_WARNING 20 +#define LOG_LEVEL_NOTICE 30 #define LOG_LEVEL_INFO 40 #define LOG_LEVEL_VERBOSE 50 -- 2.39.0

1 day, 5 hours

1
1
0 0

Updated invitation: TF-A Tech Forum @ Thu Jan 26, 2023 4pm - 5pm (GMT) (tf-a@lists.trustedfirmware.org)

by joanna.farley＠arm.com

This event has been updated Changed: description TF-A Tech Forum Thursday Jan 26, 2023 ⋅ 4pm – 5pm United Kingdom Time Apologies the LTS Update is for this week on 26th January at 4pm GMT Not February session.=====Just a reminder that this week the TF-A Tech Forum is covering a LTS Release update session from the primary maintainers of the TF-A v2.8 LTS branch:Varun WadekarOkash Khawaja Bipin Ravi Thanks AllJoanna========We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org bpeckham(a)google.com mayurvg(a)gmail.com View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Reply for tf-a(a)lists.trustedfirmware.org and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 week, 1 day

1
0
0 0

Updated invitation: TF-A Tech Forum @ Thu Feb 23, 2023 4pm - 5pm (GMT) (tf-a@lists.trustedfirmware.org)

by joanna.farley＠arm.com

This event has been updated Changed: description TF-A Tech Forum Thursday Feb 23, 2023 ⋅ 4pm – 5pm United Kingdom Time Just a reminder that this week the TF-A Tech Forum is covering a LTS Release update session from the primary maintainers of the TF-A v2.8 LTS branch:Varun Wadekar <vwadekar(a)nvidia.com> Okash Khawaja <okash(a)google.com> Bipin Ravi <Bipin.Ravi(a)arm.com>Thanks AllJoanna===============================We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Reply for tf-a(a)lists.trustedfirmware.org and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 week, 1 day

1
0
0 0

[TF-A]: Deprecating mbedtls-2.28 support for TF-A 3.0 release

by Govindraj Raja

Hi All, We are in the process of migrating from mbedtls-2.28 support to 3.3 support we plan to deprecate mbedtls-2.28 support for TF-A 3.0 Release but would retain support for both 2.28 and 3.3 for TF-A 2.9 lifetime. There is draft implementation available[1] for code review which cleanups and prepares for mbedtls-3.3 support but retaining backward compatibility for mbedtls-2.28. Please let us know if there any objections to deprecation of mbedtls-2.28 in TF-A 3.0. -- Thanks Govindraj [1]: https://review.trustedfirmware.org/q/topic:%2522mbedtls3.3_support%2522 <https://review.trustedfirmware.org/q/topic:%2522mbedtls3.3_support%2522>

1 week, 3 days

1
0
0 0

Query BL31 version from NWd

by Varun Wadekar

Hi, Happy new year! For NVIDIA Tegra platforms, we need the capability to query the BL31 version (e.g. 2.7, 2.8, 2.8.x) from the NWd at runtime. I could not find an FID that returns this value. I propose we introduce a new runtime service in bl31 that returns the version_string to the NWd to support this requirement. Thoughts? -Varun

1 week, 4 days

8
18
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 382954: Concurrent data access violations (MISSING_LOCK) /plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_cpu_buck_ldo.c: 173 in spm_get_status_rc_cpu_buck_ldo() ________________________________________________________________________________________________________ *** CID 382954: Concurrent data access violations (MISSING_LOCK) /plat/mediatek/drivers/spm/mt8188/constraints/mt_spm_rc_cpu_buck_ldo.c: 173 in spm_get_status_rc_cpu_buck_ldo() 167 dest = (struct constraint_status *)st->value; 168 do { 169 if (dest == NULL) { 170 break; 171 } 172 if (st->type == CONSTRAINT_GET_VALID) { >>> CID 382954: Concurrent data access violations (MISSING_LOCK) >>> Accessing "dest->is_valid" without holding lock "spm_lock". Elsewhere, "constraint_status.is_valid" is accessed with "spm_lock" held 5 out of 6 times. 173 dest->is_valid = cpubuckldo_status; 174 } else if (st->type == CONSTRAINT_COND_BLOCK) { 175 dest->is_cond_block = 0; 176 } else if (st->type == CONSTRAINT_GET_ENTER_CNT) { 177 if (st->id == MT_RM_CONSTRAINT_ID_ALL) { 178 dest->enter_cnt += cpubuckldo_enter_cnt; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 week, 5 days

1
0
0 0

Post-boot loading of OP-TEE

by Jens Wiklander

Hi, The recent patch [1] for the OP-TEE Dispatcher in TF-A proposes a way of post-boot loading OP-TEE by the Linux kernel with signature verification in the normal world only. This has previously been discussed in this mail thread [2] about half a year ago. Ultimately, it was concluded that this should in principle be accepted upstream as a platform choice to allow this or not. There are concerns that what we have in upstream TF-A should serve as good examples, and trusting the normal world to verify secure world software might not meet that criterion. There are also concerns about adding signature verification to BL31 Leaving the secure world wide open until the Linux kernel has been able to successfully load and verify an OP-TEE binary seems very risky. Even if it's claimed that the normal world can be trusted at this point, we're still giving up a critical level of defense without a good reason. I've started to review [1], but it should not be accepted for merging without support and approval from other maintainers. I would like to explore other options in this mail thread. In [2] it was suggested that a remnant of bl2 could be kept to verify OP-TEE before starting to execute it. This could be taken one step further and load a limited OP-TEE at boot which later is updated live, almost like what's discussed in [3]. This should minimize the impact on TF-A and also leave OP-TEE in charge of accepting an update instead of a divided responsibility between the normal world and TF-A. [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18635 [2] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.… [3] https://github.com/OP-TEE/optee_os/issues/5699 Thanks, Jens

1 week, 5 days

3
3
0 0

New vulnerability: Out-of-bounds read in TF-A X.509 parser

by Sandrine Bailleux

Hello everyone, A new security vulnerability has been identified in TF-A X.509 parser, used for trusted boot in BL1 and BL2. Please note that this vulnerability is *not* exploitable in TF-A upstream code. Only downstream code might be affected under specific circumstances. The security advisory has been published in TF-A documentation and has all the details: https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/secu… Patches to fix the identified bugs have already been merged in TF-A tree. The advisory lists the relevant patches. I would like to thank Demi Marie Obenour from Invisible Things Lab for responsibly disclosing this security vulnerability to TrustedFirmware.org, for providing patches to fix the identified bugs and further harden the X.509 parser, for providing a detailed impact analysis and for helping put this security advisory together. Best regards, Sandrine Bailleux, on behalf of TF-A security team.

2 weeks

1
0
0 0

Updated invitation with note: TF-A Tech Forum @ Thu Jan 26, 2023 4pm - 5pm (GMT) (tf-a@lists.trustedfirmware.org)

by joanna.farley＠arm.com

This event has been updated with a note: "Correcting the deletion of the wrong Techforum." Changed: time TF-A Tech Forum Thursday Jan 26, 2023 ⋅ 4pm – 5pm United Kingdom Time We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Reply for tf-a(a)lists.trustedfirmware.org and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 weeks, 5 days

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Jan 26, 2023 4pm - 5pm (GMT) (tf-a@lists.trustedfirmware.org)

by joanna.farley＠arm.com

This event has been canceled with a note: "No topic this week. Cancelling. Joanna" TF-A Tech Forum Thursday Jan 26, 2023 ⋅ 4pm – 5pm United Kingdom Time We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

2 weeks, 5 days

1
0
0 0

2023

2022

2021

2020

2019

2018

TF-A