- TF-A - lists.trustedfirmware.org

Minor update to Platform ports requirements

by Govindraj Raja

Hi All / Platform owners, There is a minor update to Platform ports requirements based on patches merged recently. https://trustedfirmware-a.readthedocs.io/en/latest/porting-guide.html#build… So please use correct ARM_ARCH_MAJOR and ARM_ARCH_MINOR from platform makefile or from build options to utilize the 'arch_features.mk' to enable all mandatory features by default. Enabling of optional features remain unchanged and based on availability and need can be enabled from platform makefile. Some of platform port convert examples are as below: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23463/20/pla… https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23670/21/pla… -- Thanks, Govindraj.R & Manish Pandey

1 year, 8 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Nov 2, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, The TF-A Tech Forum is cancelled this week as no topic planned. Regards, Olivier." TF-A Tech Forum Thursday Nov 2, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 8 months

1
0
0 0

TF-A Hang on NXP i.MX 8M Plus QuadLite

by Marcel Ziswiler

Hi there We recently got our first batch of i.MX 8M Plus QuadLite based SoMs. While NXP downstream works just fine on them they just hang booting with latest upstream U-Boot (and TF-A). Replacing TF-A with the downstream NXP one made upstream U-Boot work as well. Further debugging TF-A showed imx_gpc_pm_domain_enable() to be the culprit. Looking more specifically I discovered the following so far downstream-only commit [1]. So it looks like in downstream NXP is limiting the to-be-enabled power management domains to HSIOMIX, USB1_PHY and USB2_PHY. Anybody knows why exactly this is done and why this got never upstreamed? Thank you very much for any insights into this matter. [1] https://github.com/nxp-imx/imx-atf/commit/47759cfca10b2286a218062915d4a2808… Cheers Marcel

1 year, 8 months

1
0
0 0

Suspend to RAM support for K3 J7200

by Thomas Richard

Hello, I just sent a series to gerrit: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23992. I'm writing this email to add more context to this series, as I didn't find how to to it with gerrit. This series is only the TF-A part to add suspend to RAM support for the TI K3 J7200 target. Some modifications are also needed in Linux kernel, U-Boot (R5 SPL) and DM-Firmware. During the suspend sequence, TF-A save itself in DRAM, in a reserved memory region dedicated to lpm. TF-A will be restored by R5 SPL. We need to save it in DRAM (which will be in retention mode during suspend) because as it runs in SRAM, it will be lost once the SOC is powered-off by the PMIC. Best Regards, -- Thomas Richard, Bootlin Embedded Linux and Kernel engineering https://bootlin.com

1 year, 8 months

4
3
0 0

Trusted Firmware-A LTS v2.8.10 Release Announcement

by Yann GAUTIER - foss

Hello, Trusted Firmware-A LTS version 2.8.10 is now available. This release contains the support for MbedTLS v2.28.5, and documentation updates. The complete list can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.10/change-log.html>. Thanks.

1 year, 8 months

1
0
0 0

TF-A Tech Forum on Oct 19th 2023

by Olivier Deprez

Hi, For the TF-A Tech forum on Oct, 19th Manish Badarkhe from Arm TF-A team will present: Migration to PSA Crypto API Agenda: Existing Crypto Mechanism - using legacy Crypto API What is PSA? Design of PSA Crypto API Use of PSA Crypto API in TF-A PSA Crypto API verification using CI Future Scope: MbedTLS with PSA Crypto driver Regards, Olivier. ________________________________________ From: Trusted Firmware Public Meetings Sent: 14 June 2020 19:21 To: Trusted Firmware Public Meetings; tf-a(a)lists.trustedfirmware.org Subject: [TF-A] Invitation: TF-A Tech Forum @ Every 2 weeks from 16:00 to 17:00 on Thursday (BST) (tf-a(a)lists.trustedfirmware.org) When: 19 October 2023 17:00-18:00. Where: You have been invited to the following event. TF-A Tech Forum When Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time Calendar tf-a(a)lists.trustedfirmware.org Who • Bill Fletcher- creator • tf-a(a)lists.trustedfirmware.org more details »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/<https://www.google.com/url?q=https%3A%2F%2Fwww.trustedfirmware.org%2Fmeetin…> Trusted Firmware is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/9159704974<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fj%2F9159704974&sa=D&us…> Meeting ID: 915 970 4974 One tap mobile +16465588656,,9159704974# US (New York) +16699009128,,9159704974# US (San Jose) Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 915 970 4974 Find your local number: https://zoom.us/u/ad27hc6t7h<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2Fad27hc6t7h&sa=D&us…> Going (tf-a(a)lists.trustedfirmware.org)? All events in this series: Yes<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - Maybe<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - No<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> more options »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> Invitation from Google Calendar<https://www.google.com/calendar/> You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more<https://support.google.com/calendar/answer/37135#forwarding>.

1 year, 8 months

1
0
0 0

Compile error when SAVE_KEYS=1 in tf-a v2.9.0

by xtaens＠qq.com

Hello everyone, When I used TF-A 2.9.0 (commit b06b509eb2b7f0f4dce1b4133500cf30aa0dcd4a) to compile FVP, I opened the SAVE_KEYS=1 and modified the relevant code to save the key, but the compilation failed. The error message is as follows, SAVE_KEYS=0 compile is normal. It is also normal in lts-v2.8.9. Is this question not configured or TF-A has bugs? //Compile information MBEDTLS_VERSION_MAJOR is [2] MBEDTLS_VERSION_MINOR is [28] Including drivers/auth/mbedtls/mbedtls_crypto.mk Building fvp Selected OpenSSL version: 3.0.2 Built tools/cert_create/cert_create successfully Selected OpenSSL version: 3.0.2 NOTICE: CoT Generation Tool: Built : 16:00:52, Oct 13 2023 NOTICE: Target platform: TBBR Generic NOTICE: Creating new key for 'Root Of Trust key' WARNING: Cannot open file /mnt/sdb/tanwc/linux/tf-a/build/fvp/debug/trusted_rsa2048.pem ERROR: Cannot load key from /mnt/sdb/tanwc/linux/tf-a/build/fvp/debug/trusted_rsa2048.pem ERROR: Error loading '/mnt/sdb/tanwc/linux/tf-a/build/fvp/debug/trusted_rsa2048.pem' make: *** [Makefile:1652: certificates] Error 1 //File modification: Define the specified macro diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk index 41d1b66c1..216659835 100644 --- a/plat/arm/common/arm_common.mk +++ b/plat/arm/common/arm_common.mk @@ -377,6 +377,22 @@ ifneq (${TRUSTED_BOARD_BOOT},0) # Include common TBB sources AUTH_SOURCES := drivers/auth/auth_mod.c \ drivers/auth/img_parser_mod.c + ifeq (${GENERATE_COT},1) + TFW_NVCTR_VAL ?= 0 + NTFW_NVCTR_VAL ?= 0 + KEY_SIZE ?= + HASH_ALG ?= sha256 + KEY_ALG ?= ecdsa + TF_MBEDTLS_KEY_ALG := ${KEY_ALG} + + ifeq (${SAVE_KEYS},1) + TRUSTED_WORLD_KEY ?= ${BUILD_PLAT}/trusted_${KEY_ALG}${KEY_SIZE}.pem + NON_TRUSTED_WORLD_KEY ?= ${BUILD_PLAT}/non-trusted_${KEY_ALG}${KEY_SIZE}.pem + BL31_KEY ?= ${BUILD_PLAT}/soc_${KEY_ALG}${KEY_SIZE}.pem + BL32_KEY ?= ${BUILD_PLAT}/trusted_os_${KEY_ALG}${KEY_SIZE}.pem + BL33_KEY ?= ${BUILD_PLAT}/non-trusted_os_${KEY_ALG}${KEY_SIZE}.pem + endif + endif # Include the selected chain of trust sources. ifeq (${COT},tbbr) //The compilation command I use make -j ARM_ARCH_MAJOR=8 \ ARCH=aarch64 \ CROSS_COMPILE=aarch64-linux-gnu- \ DEBUG=1 \ PLAT=fvp \ TRUSTED_BOARD_BOOT=1 \ GENERATE_COT=1 \ SAVE_KEYS=1 \ ARM_ROTPK_LOCATION=devel_rsa \ MBEDTLS_DIR=/mbedtls \ BL33=/mnt/uboot.bin \ all fip Thanks

1 year, 8 months

2
2
0 0

Usage of assert functions in TFA Code

by Nithin S

Hello, There are multiple occurrences in TFA Code where assert statements are used to handle function arguments. But these assert statements are currently enabled only in debug mode. So, I wanted to know that will there be any harm in continuing to use assert statements in production code as well for handling failures? Regards, Nithin S

1 year, 8 months

3
3
0 0

Trusted Firmware-A LTS v2.8.9 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.9 is now available. This release contains the support for the new Errata ABI and Errata Framework along with the conversion patches for all CPUs. The complete list can be found here<https://ci-builds.trustedfirmware.org/static-files/_5qFfMg2QdoFuFBk6-0oB6Jm…>. We will update the official readthedocs page shortly. Thanks.

1 year, 8 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 5 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 395749: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7945 in psa_pake_input() ________________________________________________________________________________________________________ *** CID 395749: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7945 in psa_pake_input() 7939 default: 7940 (void) step; 7941 status = PSA_ERROR_NOT_SUPPORTED; 7942 goto exit; 7943 } 7944 >>> CID 395749: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "status = psa_driver_wrapper...". 7945 status = psa_driver_wrapper_pake_input(operation, driver_step, 7946 input, input_length); 7947 7948 if (status != PSA_SUCCESS) { 7949 goto exit; 7950 } ** CID 395684: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7344 in psa_pake_setup() ________________________________________________________________________________________________________ *** CID 395684: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7344 in psa_pake_setup() 7338 #endif /* PSA_WANT_ALG_JPAKE */ 7339 { 7340 status = PSA_ERROR_NOT_SUPPORTED; 7341 goto exit; 7342 } 7343 >>> CID 395684: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "operation->stage = 1;". 7344 operation->stage = PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS; 7345 7346 return PSA_SUCCESS; 7347 exit: 7348 psa_pake_abort(operation); 7349 return status; ** CID 395609: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 8002 in psa_pake_get_implicit_key() ________________________________________________________________________________________________________ *** CID 395609: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 8002 in psa_pake_get_implicit_key() 7996 #endif /* PSA_WANT_ALG_JPAKE */ 7997 { 7998 status = PSA_ERROR_NOT_SUPPORTED; 7999 goto exit; 8000 } 8001 >>> CID 395609: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "status = psa_driver_wrapper...". 8002 status = psa_driver_wrapper_pake_get_implicit_key(operation, 8003 shared_key, 8004 sizeof(shared_key), 8005 &shared_key_len); 8006 8007 if (status != PSA_SUCCESS) { ** CID 395586: Control flow issues (DEADCODE) /mbedtls/library/psa_crypto.c: 8019 in psa_pake_get_implicit_key() ________________________________________________________________________________________________________ *** CID 395586: Control flow issues (DEADCODE) /mbedtls/library/psa_crypto.c: 8019 in psa_pake_get_implicit_key() 8013 shared_key, 8014 shared_key_len); 8015 8016 mbedtls_platform_zeroize(shared_key, sizeof(shared_key)); 8017 exit: 8018 abort_status = psa_pake_abort(operation); >>> CID 395586: Control flow issues (DEADCODE) >>> Execution cannot reach the expression "abort_status" inside this statement: "return (status == 0) ? abor...". 8019 return status == PSA_SUCCESS ? abort_status : status; 8020 } 8021 8022 psa_status_t psa_pake_abort( 8023 psa_pake_operation_t *operation) 8024 { ** CID 395567: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7781 in psa_pake_output() ________________________________________________________________________________________________________ *** CID 395567: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto.c: 7781 in psa_pake_output() 7775 default: 7776 (void) step; 7777 status = PSA_ERROR_NOT_SUPPORTED; 7778 goto exit; 7779 } 7780 >>> CID 395567: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "status = psa_driver_wrapper...". 7781 status = psa_driver_wrapper_pake_output(operation, driver_step, 7782 output, output_size, output_length); 7783 7784 if (status != PSA_SUCCESS) { 7785 goto exit; 7786 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 year, 8 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Oct 5, 2023 5pm - 6pm (CEST) (tf-a@lists.trustedfirmware.org)

by olivier.deprez＠arm.com

This event has been canceled with a note: "Hi, Cancelling as no topic proposed for this instance. Regards, Olivier." TF-A Tech Forum Thursday Oct 5, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 9 months

1
0
0 0

Deprecated platforms in TF-A

by Manish Badarkhe

Hi All, We are currently in the process of preparing for an upcoming release v2.10 [1] and are actively seeking out any deprecated platforms within the TF-A source code. We kindly request all platform owners and contributors to dedicate some time to review the TF-A source code for any platforms that may have been deprecated. If you encounter any platforms that require deprecation but have not yet been labelled as such, we kindly request that you contribute by submitting the required changes to officially mark them as deprecated. You can follow the example provided in [2]. Thank you for your cooperation. [1]: https://trustedfirmware-a.readthedocs.io/en/latest/about/release-informatio… [2]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17710 Regards, Manish Badarkhe

1 year, 9 months

1
0
0 0

#ifdef PLAT_XLAT_TABLES_DYNAMIC in xlat_tables_context.c

by Nagal, Amit

Hi , When I grep for PLAT_XLAT_TABLES_DYNAMIC in /lib/lib/xlat_tables_v2/ , I see most references for PLAT_XLAT_TABLES_DYNAMIC are enclosed in #if directive. Is there any specific reason why only below mentioned reference for PLAT_XLAT_TABLES_DYNAMIC is covered with #ifdef and not under #if . https://github.com/Xilinx/arm-trusted-firmware/blob/master/lib/xlat_tables_… #ifdef PLAT_XLAT_TABLES_DYNAMIC #define MAX_PHYS_ADDR tf_xlat_ctx.pa_max_address #else #define MAX_PHYS_ADDR tf_xlat_ctx.max_pa #endif Regards Amit

1 year, 9 months

2
2
0 0

Platforms without NS-EL2 component

by Manish Pandey2

Hi, I am writing this email to find out any legacy platforms supports in TF-A (upstream or downstream) which does not have any NS-EL2 component running. Because NS-EL2 is present but unused EL3 also need to do a minimal initialization of EL2. The side effect of this is, TF-A currently has extra code in generic path (e.g. cm_prepare_el3_exit() ) to cater for these platforms which is not required for most others. The most likely reason why TF-A introduced support for systems without NS-EL2 was because of UEFI implementation for Windows which didn't initialize NS-EL2 properly. Given that the UEFI spec has said "Use the highest 64 bit non secure privilege level available" for a long time now we are safe to assume that any UEFI implementation will handover to windows at NS-EL2. (similar to Linux) Considering that there are very few platforms which need this code and to keep backward compatibility, we propose to introduce a macro like "INIT_UNUSED_NS_EL2" and guard the code under this[1]. Keep this flag default disabled and get rid of it( along with code) altogether in next couple of releases, if we are certain that none of the platforms using it. Please let me know if you are aware of any such platform configuration. [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/22716 Thanks Manish

1 year, 9 months

2
2
0 0

EHF + OP-TEE

by brian.neely＠analog.com

Hello, Are EHF and OP-TEE (opteed) designed to work together? I'm seeing some strange behavior when NS interrupts are routed to EL3 as FIQs (due to EHF), but before I dig into it further I wanted to confirm if EHF + OP-TEE is a valid combination. Some background: Our system, which uses OP-TEE, has some "aggregated interrupts" that contain both secure and non-secure sources, for which we wanted to use SDEI to filter and dispatch to Linux (and SDEI requires EHF). Thanks! -Brian

1 year, 9 months

4
4
0 0

Console getc() callback

by Sandrine Bailleux

Hi everyone, As you may know, console drivers in TF-A are required to provide a number of callbacks. One of them is getc() (to read a character from the console). Even though most platform ports provide a valid implementation of it, it does not seem to be called anywhere in the code base today, effectively qualifying it as dead code. I did a bit of git history digging and from what I've seen, the very first public version of TF-A (v0.2!) already had a getc() callback in the Arm PL011 UART driver. So my guess is that all subsequent UART drivers added after that followed the same approach. When the multi-console framework was introduced, it naturally catered for this feature as well. However, taking a step back, I wonder why we introduced getc() in the first place... Unlike other firmwares (like U-boot or EDK2), TF-A does not implement any kind of interactive user shell. And from a security point of view, getc() constitutes an attack vector into TF-A, which might allow an attacker to inject arbitrary data. So keeping this functionality without any valid use case sounds like a bad idea to me. Now, even though getc() is not used in upstream TF-A code right now, I realize there might be downstream / internal test setups which need it. For example, for firmware recovery purposes (receiving a backup firmware over a serial interface) or automated tests setups (some script driving a test session using some communication protocol over a serial interface). Is anyone depending on such use cases? If not, then I suggest we consider removing getc() feature altogether. We could always bring it back when there is a real use case for it (it will survive through git history). At the very least, I would like to disable getc() by default. Enabling it would require setting a build flag. Any thoughts or concerns? Best regards, Sandrine

1 year, 9 months

4
6
0 0

Convert fiptool to Python script

by Varun Wadekar

Hello, We use fiptool extensively to generate the FIP blobs for NVIDIA platforms. But, we encountered the following issues during deployment. 1. fiptool has a dependency on the host machine for OpenSSL and gcc. 2. fiptool resides under the TF-A repo and is used by Hafnium and SPs. This creates a cross-repository dependency. As a workaround, we ship a prebuilt fiptool. But, due to OS dependency, this approach is not scalable across OS versions. E.g. One OS distribution might be using a lower OpenSSL version compared another, creating an incompatibility. I was thinking if converting fiptool to a python script might help resolve these issues. Sptool was converted into a Python script, so was wondering if anyone has tried converting fiptool to a Python script too. -Varun

1 year, 9 months

3
9
0 0

Re: Workaround for ARM Cortex-A78AE Erratum 1941500 is not enabled

by Matthias Rosenfelder

Hi, the code is still incorrect after half a year. It has been changed twice, without fixing it. There was no response to the report I created [1]. If there is no interest / lack of response I may get the impression that my contributions are not welcomed at TF-A. Thus, I decided to not report any issues in the future. Sadly, this is how the open source idea dies - at least for this project. Best Regards, Matthias [1] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.… [Banner]<http://www.nio.io> This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. You may NOT use, disclose, copy or disseminate this information. If you have received this email in error, please notify the sender and destroy all copies of the original message and all attachments. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

1 year, 9 months

4
5
0 0

SME support in RMM

by Arunachalam Ganapathy

Hi All, Please review the patch-set that adds the functionality in RMM to manage Scalable Matrix Extension (SME) context. If the CPU supports SME and if Realm accesses FPU/SVE functionality then NS SME state is saved to allow Realm to use FPU/SVE register state. https://review.trustedfirmware.org/q/topic:%22rmm_sme%22+(status:open%20OR%… Brief summary of changes made in different components: RMM: - Introduces SIMD context and exports APIs to the runtime component of RMM to initialize, save, restore, and switch SIMD context. - Adds SME support in RMM to manage NS SME context. Supports SVE+SME config and SME only config. - Handles SVE hint bit passed in RMI SMCs - Handles SME exceptions from Realms https://review.trustedfirmware.org/q/topic:%22rmm_sme%22+(status:open%20OR%… TF-A: - Enables FEAT_SME for RMM - Passes SMCCCv1.3 SVE hint bit in SMC function ID to RMM tf-a-tests: - There are changes in common lib routines for sve, sme so that testcases running in NS-EL2, S-EL1, R-EL1 can use these helper routines. - Adds helper routines to read, write, compare FPU and SVE Z, P, FFR registers - Adds SMCCCv1.3 SVE hint bit support in TFTF framework - Enables SME/SME2 during arch init - Adds SME helper routines and extends SVE lib routines to support streaming SVE mode. https://review.trustedfirmware.org/q/topic:%22rmm_sme%22+(status:open%20OR%… Thanks, Arun

1 year, 9 months

1
0
0 0

Console scope flags/ console switch state - understanding

by Michal Simek

Hi, I am looking at how console flags are used and setup. In porting guide I see Function : bl31_plat_runtime_setup() [optional] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ :: Argument : void Return : void The purpose of this function is allow the platform to perform any BL31 runtime setup just prior to BL31 exit during cold boot. The default weak implementation of this function will invoke ``console_switch_state()`` to switch console output to consoles marked for use in the ``runtime`` state. Some platform are calling it but some of them not (like our Xilinx one). Tegra has in tegra_pwr_domain_power_down_wfi() console_flush(); console_switch_state(0); which is what none other has. Should console_flush() be called by default all the time when console is switched and also disabled when system goes down? Why console_switch_state(CONSOLE_FLAG_RUNTIME) is not called from bl31_main() when before bl31_plat_runtime_setup() is called we have console_flush() already? The second part of this how console scope is setup. Implementation is clear and set. void console_set_scope(console_t *console, unsigned int scope) { assert(console != NULL); console->flags = (console->flags & ~CONSOLE_FLAG_SCOPE_MASK) | scope; } The commit cc5859ca19ff ("Multi-console: Deprecate the `finish_console_register` macro") when finish_console_register is called (DCC is exception here) is setting up CONSOLE_FLAG_BOOT and CONSOLE_FLAG_CRASH by default. And most of platforms is calling console registration with calling console_set_scope() where new flags are recorded BOOT only, BOOT/RUNTIME, RUNTIME only or BOOT/RUNTIME/CRASH. I would like to understand what should be the right behavior. Why are platforms removing CRASH flag after registration? (I see that a lot of platforms are having private plat_crash_console_init() but pretty much crash console is the same with regular console). Why runtime console is setup directly in bl31_early_platform_setup2 when guidance is saying that it should be done much later? Also commit 63c52d0071ef ("plat/common/crash_console_helpers.S: Fix MULTI_CONSOLE_API support") removed CONSOLE_FLAG_CRASH from plat_crash_console_init but only from 64bit version. In 32bit version there is still there. It suggest that any C code should be called. Do we really need CONSOLE_FLAG_CRASH? Thanks, Michal -- Michal Simek, Ing. (M.Eng), OpenPGP -> KeyID: FE3D1F91 w: www.monstr.eu p: +42-0-721842854 Maintainer of Linux kernel - Xilinx Microblaze Maintainer of Linux kernel - Xilinx Zynq ARM and ZynqMP/Versal ARM64 SoCs U-Boot custodian - Xilinx Microblaze/Zynq/ZynqMP/Versal/Versal NET SoCs TF-A maintainer - Xilinx ZynqMP/Versal/Versal NET SoCs

1 year, 9 months

4
5
0 0

Re: Invitation: TF-A Tech Forum @ Every 2 weeks from 16:00 to 17:00 on Thursday (BST) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

Hi, The TF-A Tech Forum instance on Sep 21st 2023 is cancelled due to lack of topic. Thanks & Regards, Olivier. ________________________________ From: Trusted Firmware Public Meetings Sent: 14 June 2020 19:21 To: Trusted Firmware Public Meetings <linaro.org_havjv2figrh5egaiurb229pd8c(a)group.calendar.google.com>; tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Invitation: TF-A Tech Forum @ Every 2 weeks from 16:00 to 17:00 on Thursday (BST) (tf-a(a)lists.trustedfirmware.org) When: 21 September 2023 17:00-18:00. Where: You have been invited to the following event. TF-A Tech Forum When Every 2 weeks from 16:00 to 17:00 on Thursday United Kingdom Time Calendar tf-a(a)lists.trustedfirmware.org Who • Bill Fletcher- creator • tf-a(a)lists.trustedfirmware.org more details »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/<https://www.google.com/url?q=https%3A%2F%2Fwww.trustedfirmware.org%2Fmeetin…> Trusted Firmware is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/9159704974<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fj%2F9159704974&sa=D&us…> Meeting ID: 915 970 4974 One tap mobile +16465588656,,9159704974# US (New York) +16699009128,,9159704974# US (San Jose) Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 915 970 4974 Find your local number: https://zoom.us/u/ad27hc6t7h<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2Fad27hc6t7h&sa=D&us…> Going (tf-a(a)lists.trustedfirmware.org)? All events in this series: Yes<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - Maybe<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> - No<https://www.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tMmk1cT…> more options »<https://www.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1cTJrM…> Invitation from Google Calendar<https://www.google.com/calendar/> You are receiving this courtesy email at the account tf-a(a)lists.trustedfirmware.org because you are an attendee of this event. To stop receiving future updates for this event, decline this event. Alternatively, you can sign up for a Google Account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. Forwarding this invitation could allow any recipient to send a response to the organiser and be added to the guest list, invite others regardless of their own invitation status or to modify your RSVP. Learn more<https://support.google.com/calendar/answer/37135#forwarding>.

1 year, 9 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Sep 21, 2023 5pm - 6pm (CEST) (tf-a@lists.trustedfirmware.org)

by olivier.deprez＠arm.com

This event has been canceled with a note: "Hi, The TF-A Tech Forum instance on Sep 21st 2023 is cancelled due to lack of topic. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Sep 21, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 9 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 401729: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/ddr/stm32mp_ddr_test.c: 134 in stm32mp_ddr_check_size() ________________________________________________________________________________________________________ *** CID 401729: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/st/ddr/stm32mp_ddr_test.c: 134 in stm32mp_ddr_check_size() 128 uint32_t stm32mp_ddr_check_size(void) 129 { 130 uint32_t offset = sizeof(uint32_t); 131 132 mmio_write_32(STM32MP_DDR_BASE, DDR_PATTERN); 133 >>> CID 401729: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "offset < 4294967296UL" is always true regardless of the values of its operands. This occurs as the logical operand of "while". 134 while (offset < STM32MP_DDR_MAX_SIZE) { 135 mmio_write_32(STM32MP_DDR_BASE + offset, DDR_ANTIPATTERN); 136 dsb(); 137 138 if (mmio_read_32(STM32MP_DDR_BASE) != DDR_PATTERN) { 139 break; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 year, 9 months

2
1
0 0

Plan for RME support in QEMU

by Jean-Philippe Brucker

Hello, QEMU 8.1 added support for FEAT_RME. It is experimental, enabled with '-cpu max,x-rme=on', and requires fixes that will be available in QEMU 8.2. I'm working on adding support to TF-A and TF-RMM. I just submitted some TF-A patches for review (topic qemu-rme) that enable the feature for the virt platform, and intend to send the necessary changes for TF-RMM within a week or so. Without RMM, the Test Realm Payload is included into the FIP for light testing. After the TF-A and TF-RMM changes, I'd like to add support for the SBSA platform as well, which should be a relatively small change once the common QEMU support is merged. Thanks, Jean --- Building TF-A for QEMU with RME support: make -j CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu DEBUG=1 RMM=path/to/rmm/build/Debug/rmm.img ENABLE_RME=1 BL33=path/to/QEMU_EFI.fd QEMU_USE_GIC_DRIVER=QEMU_GICV3 all fip dd if=tf-a/build/qemu/debug/bl1.bin of=flash.bin bs=4096 conv=notrunc dd if=tf-a//build/qemu/debug/fip.bin of=flash.bin seek=64 bs=4096 conv=notrunc Running QEMU, for example: qemu-system-aarch64 -cpu max,x-rme=on,sme=off -m 3G -smp 8 -M virt,gic-version=3,virtualization=on,secure=on,acpi=off -bios flash.bin -kernel linux/arch/arm64/boot/Image -initrd path/to/initrd -append console=ttyAMA0 -nographic ... [ 0.825891] kvm [1]: Using prototype RMM support (version 66.0) SMC_RMM_FEATURES 0 > RMI_SUCCESS 33403e30

1 year, 9 months

2
2
0 0

New Member

by Nicholas Vonza

Dear Sir/Madam, Just Join the Forum To Learn and Experience More. Regards, Nicholas Vonza

1 year, 9 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A