- TF-A - lists.trustedfirmware.org

Trusted Firmware-A LTS v2.8.21 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.21 is now available. This release contains the following patches: 75124503f fix(cpus): workaround for Cortex-X4 erratum 2816013 [1] dedcbb78e fix(cpus): workaround for Cortex-A720 erratum 2844092 [2] 9db99a3e4 fix(cpus): workaround for Cortex-A720 erratum 2792132 [3] a0a574d70 feat(cpus): workaround for Cortex-A520(2938996) and Cortex-X4(2726228) [4] d1f63aba2 fix(spm-mm): carve out NS buffer TZC400 region [5] 4220b8313 feat(fvp): add cpu power control [6] d9daf130c docs(fvp): update FVP versions used [7] [1] https://review.trustedfirmware.org/q/I546044bde6e5eedd0abf61643d25e2dd2036d… [2] https://review.trustedfirmware.org/q/I3d8eacb26cba42774f1f31c3aae2a0e6fecec… [3] https://review.trustedfirmware.org/q/I8d11fe65a2ab5f79244cc3395d0645f772563… [4] https://review.trustedfirmware.org/q/I8f886a1c21698f546a0996c719cc27dc0a236… [5] https://review.trustedfirmware.org/q/Idc3370803ad204ac29efeded77305e52e17cc… [6] https://review.trustedfirmware.org/q/Iba6c3c8db60dbeb177cead7ebc65df8265860… [7] https://review.trustedfirmware.org/q/Ie478b81b0f09d8664966cc1fac71a775a1a95… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.21/change-log.html Thanks, TF-A LTS team

9 months, 2 weeks

1
0
0 0

Trusted Firmware-A LTS v2.10.6 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.10.6 is now available. This release contains the following patches: 582b950ed fix(cpus): workaround for Cortex-X4 erratum 2816013 [1] 9d3934323 fix(cpus): workaround for Cortex-A720 erratum 2844092 [2] a93c69bbb fix(cpus): workaround for Cortex-A720 erratum 2792132 [3] 74fc9576d fix(spm-mm): carve out NS buffer TZC400 region [4] 9ca6bf389 feat(fvp): add cpu power control [5] e941b0e0f fix(arm_fpga): halve number of PEs per core [6] 47010ae9d feat(cpus): workaround for Cortex-A520(2938996) and Cortex-X4(2726228) [7] c1b976727 docs(fvp): update FVP versions used [8] [1] https://review.trustedfirmware.org/q/I546044bde6e5eedd0abf61643d25e2dd2036d… [2] https://review.trustedfirmware.org/q/I3d8eacb26cba42774f1f31c3aae2a0e6fecec… [3] https://review.trustedfirmware.org/q/I8d11fe65a2ab5f79244cc3395d0645f772563… [4] https://review.trustedfirmware.org/q/Idc3370803ad204ac29efeded77305e52e17cc… [5] https://review.trustedfirmware.org/q/Iba6c3c8db60dbeb177cead7ebc65df8265860… [6] https://review.trustedfirmware.org/q/Ieb37ccc9f362b10ff0ce038f72efca21512a7… [7] https://review.trustedfirmware.org/q/I8f886a1c21698f546a0996c719cc27dc0a236… [8] https://review.trustedfirmware.org/q/Ie478b81b0f09d8664966cc1fac71a775a1a95… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.10.6/change-log.html Thanks, TF-A LTS team

9 months, 2 weeks

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 445015: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto_cipher.c: 250 in mbedtls_cipher_values_from_psa() ________________________________________________________________________________________________________ *** CID 445015: Control flow issues (UNREACHABLE) /mbedtls/library/psa_crypto_cipher.c: 250 in mbedtls_cipher_values_from_psa() 244 cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20; 245 break; 246 #endif 247 default: 248 return PSA_ERROR_NOT_SUPPORTED; 249 } >>> CID 445015: Control flow issues (UNREACHABLE) >>> This code cannot be reached: "if (cipher_id != NULL) { ...". 250 if (cipher_id != NULL) { 251 *cipher_id = cipher_id_tmp; 252 } 253 254 return mbedtls_cipher_validate_values(alg, key_type); 255 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

9 months, 2 weeks

1
0
0 0

Re: Canceled event: TF-A Tech Forum @ Thu Sep 19, 2024 5pm - 6pm (GMT+2) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

Hi, Cancelling today's Sep 19th instance as no topic proposed. Regards, Olivier. ________________________________ From: Trusted Firmware Public Meetings Sent: 24 July 2024 17:36 To: Trusted Firmware Public Meetings <linaro.org_havjv2figrh5egaiurb229pd8c(a)group.calendar.google.com>; tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: [TF-A] Canceled event: TF-A Tech Forum @ Thu Sep 19, 2024 5pm - 6pm (GMT+2) (tf-a(a)lists.trustedfirmware.org) When: 19 September 2024 17:00-18:00. Where: This event has been canceled. We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/<https://www.google.com/url?q=https%3A%2F%2Fwww.trustedfirmware.org%2Fmeetin…> Trusted Firmware is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvd…<https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fmy%2Ftruste…> One tap mobile +16465588656,,9159704974# US (New York) +16699009128,,9159704974# US (San Jose) Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 915 970 4974 Find your local number: https://zoom.us/u/ad27hc6t7h<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2Fad27hc6t7h&sa=D&us…> When Thursday Sep 19, 2024 ⋅ 5pm – 6pm (Central European Time - Paris) Guests tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Invitation from Google Calendar<https://calendar.google.com/calendar/> You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more<https://support.google.com/calendar/answer/37135#forwarding>

9 months, 2 weeks

1
0
0 0

Canceled event: TF-A Tech Forum @ Thu Sep 19, 2024 5pm - 6pm (GMT+2) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled. TF-A Tech Forum Thursday Sep 19, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

9 months, 2 weeks

1
0
0 0

How to map a physical address using `mmap_add_dynamic_region_alloc_va`?

by 钱非凡

Hi experts, I tried to allocate a physical memory address in Linux Kernel, and pass the memory address to tf-a using smc call. As I asked in previous mails (https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.…), tf-a can not access the physical memory address directly, so I try to use the `mmap_add_dynamic_region_alloc_va` function in `xlat_table_v2` Library, and map the physical memory in tf-a. After calling the function, It does return a new virtual memory address, but I still failed to access the address, is there any details I have missed? Here is the code: ``` NOTICE("phys_addr: 0x%lx, virt_addr: 0x%lx\n", phys_addr, virt_addr); int rc = mmap_add_dynamic_region_alloc_va(phys_addr, ptr_virt_addr, size, MT_NS | MT_RW_DATA); if (rc) { WARN("Failed to map memory at 0x%lx: %d\n", phys_addr, rc); return; } NOTICE("virt_addr_el3: 0x%lx\n", virt_addr_el3); NOTICE("virt_addr_el3[0] = 0x%x\n", *((uint32_t *)virt_addr_el3)); ``` Here is the output: ``` NOTICE: phys_addr: 0x40f0000, virt_addr: 0xffff0000040f0000 NOTICE: mm.base_va: 0 NOTICE: mm.base_va: 100000000 NOTICE: virt_addr_el3: 0x100000000 [ 38.540464] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 38.546584] rcu: 4-...0: (1 ticks this GP) idle=4224/1/0x4000000000000000 softirq=125/125 fqs=2625 [ 38.555651] (detected by 0, t=5252 jiffies, g=-779, q=16 ncpus=8) [ 38.561843] Task dump for CPU 4: [ 38.565075] task:main state:R running task stack:0 pid:195 ppid:181 flags:0x00000002 [ 38.575015] Call trace: [ 38.577464] __switch_to+0xe4/0x160 [ 38.580975] 0x42 ``` I would be grateful for any advice or suggestions you may have. Sincerely, Feifan

9 months, 2 weeks

2
1
0 0

Canceled event with note: TF-A Tech Forum @ Thu Sep 5, 2024 5pm - 6pm (GMT+2) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling as no topic this week. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Sep 5, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

10 months

1
0
0 0

Can't start new thread in website

by 林觀明

Hi I have a question. But, I can't launch a new thread. Can you help me? Thanks

10 months

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 6 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 6 of 6 defect(s) ** CID 443168: Error handling issues (CHECKED_RETURN) /plat/st/stm32mp2/bl2_plat_setup.c: 183 in bl2_el3_plat_arch_setup() ________________________________________________________________________________________________________ *** CID 443168: Error handling issues (CHECKED_RETURN) /plat/st/stm32mp2/bl2_plat_setup.c: 183 in bl2_el3_plat_arch_setup() 177 BL_CODE_END - BL_CODE_BASE, 178 MT_CODE | MT_SECURE); 179 180 configure_mmu(); 181 182 /* Prevent corruption of preloaded Device Tree */ >>> CID 443168: Error handling issues (CHECKED_RETURN) >>> Calling "mmap_add_dynamic_region" without checking return value (as is done elsewhere 25 out of 29 times). 183 mmap_add_dynamic_region(DTB_BASE, DTB_BASE, 184 DTB_LIMIT - DTB_BASE, 185 MT_RO_DATA | MT_SECURE); 186 187 if (dt_open_and_check(STM32MP_DTB_BASE) < 0) { 188 panic(); ** CID 443167: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 578 in rk3588_b0pll_get_rate() ________________________________________________________________________________________________________ *** CID 443167: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 578 in rk3588_b0pll_get_rate() 572 573 rate64 *= m; 574 rate64 = rate64 / p; 575 576 if (k != 0) { 577 /* fractional mode */ >>> CID 443167: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "24000000U * k" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). 578 uint64_t frac_rate64 = 24000000 * k; 579 580 postdiv = p * 65535; 581 frac_rate64 = frac_rate64 / postdiv; 582 rate64 += frac_rate64; 583 } ** CID 443166: Memory - corruptions (OVERRUN) ________________________________________________________________________________________________________ *** CID 443166: Memory - corruptions (OVERRUN) /plat/intel/soc/common/socfpga_vab.c: 97 in socfpga_vab_authentication() 91 if (!IS_BYTE_ALIGNED(img_sz, sizeof(uint32_t))) { 92 ERROR("Image size (%d bytes) not aliged to 4 bytes!\n", img_sz); 93 return -EIMGERR; 94 } 95 96 /* Generate HASH384 from the image */ >>> CID 443166: Memory - corruptions (OVERRUN) >>> Overrunning array "hash384" of 12 bytes by passing it to a function which accesses it at byte offset 47. 97 sha384_start((uint8_t *)img_addr, img_sz, hash384, CHUNKSZ_PER_WD_RESET); 98 cert_hash_ptr = (uint8_t *)(img_addr + img_sz + VAB_CERT_MAGIC_OFFSET + 99 VAB_CERT_FIT_SHA384_OFFSET); 100 101 /* 102 * Compare the SHA384 found in certificate against the SHA384 ** CID 443165: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 747 in rk3588_b1pll_get_rate() ________________________________________________________________________________________________________ *** CID 443165: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 747 in rk3588_b1pll_get_rate() 741 742 rate64 *= m; 743 rate64 = rate64 / p; 744 745 if (k != 0) { 746 /* fractional mode */ >>> CID 443165: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "24000000U * k" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). 747 uint64_t frac_rate64 = 24000000 * k; 748 749 postdiv = p * 65535; 750 frac_rate64 = frac_rate64 / postdiv; 751 rate64 += frac_rate64; 752 } ** CID 443164: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 408 in rk3588_lpll_get_rate() ________________________________________________________________________________________________________ *** CID 443164: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /plat/rockchip/rk3588/drivers/scmi/rk3588_clk.c: 408 in rk3588_lpll_get_rate() 402 403 rate64 *= m; 404 rate64 = rate64 / p; 405 406 if (k != 0) { 407 /* fractional mode */ >>> CID 443164: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "24000000U * k" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). 408 uint64_t frac_rate64 = 24000000 * k; 409 410 postdiv = p * 65535; 411 frac_rate64 = frac_rate64 / postdiv; 412 rate64 += frac_rate64; 413 } ** CID 254051: Memory - illegal accesses (OVERRUN) /plat/intel/soc/common/lib/sha/sha.c: 206 in sha512_base_do_finalize() ________________________________________________________________________________________________________ *** CID 254051: Memory - illegal accesses (OVERRUN) /plat/intel/soc/common/lib/sha/sha.c: 206 in sha512_base_do_finalize() 200 const int bit_offset = SHA512_BLOCK_SIZE - sizeof(uint64_t[2]); 201 uint64_t *bits = (uint64_t *)(sctx->buf + bit_offset); 202 unsigned int partial = sctx->count[0] % SHA512_BLOCK_SIZE; 203 204 sctx->buf[partial++] = 0x80; 205 if (partial > bit_offset) { >>> CID 254051: Memory - illegal accesses (OVERRUN) >>> Overrunning array of 128 bytes at byte offset 128 by dereferencing pointer "sctx->buf + partial". [Note: The source code implementation of the function has been overridden by a builtin model.] 206 memset(sctx->buf + partial, 0x0, SHA512_BLOCK_SIZE - partial); 207 partial = 0; 208 209 sha512_block_fn(sctx, sctx->buf, 1); 210 } 211 ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

10 months, 1 week

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Aug 22, 2024 5pm - 6pm (GMT+2) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling today as no topic. Regards, Olivier." TF-A Tech Forum Thursday Aug 22, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

10 months, 2 weeks

1
0
0 0

Re: TF-A Tech Forum

by Olivier Deprez

Hi, cancelling today as no topic. Regards, Olivier. ________________________________ From: Trusted Firmware Public Meetings Sent: 24 July 2024 17:36 To: Trusted Firmware Public Meetings <linaro.org_havjv2figrh5egaiurb229pd8c(a)group.calendar.google.com>; marek.bykowski(a)gmail.com <marek.bykowski(a)gmail.com>; okash.khawaja(a)gmail.com <okash.khawaja(a)gmail.com>; tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Subject: TF-A Tech Forum When: 22 August 2024 17:00-18:00. Where: TF-A Tech Forum We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this This event has been updated We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/<https://www.google.com/url?q=https%3A%2F%2Fwww.trustedfirmware.org%2Fmeetin…> Trusted Firmware is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvd…<https://www.google.com/url?q=https%3A%2F%2Flinaro-org.zoom.us%2Fmy%2Ftruste…> One tap mobile +16465588656,,9159704974# US (New York) +16699009128,,9159704974# US (San Jose) Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 915 970 4974 Find your local number: https://zoom.us/u/ad27hc6t7h<https://www.google.com/url?q=https%3A%2F%2Fzoom.us%2Fu%2Fad27hc6t7h&sa=D&us…> When Every 2 weeks from 8am to 9am on Thursday (Mountain Standard Time - Phoenix) Guests marek.bykowski(a)gmail.com<mailto:marek.bykowski@gmail.com> okash.khawaja(a)gmail.com<mailto:okash.khawaja@gmail.com> tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> View all guest info<https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1…> RSVP for tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> for all events in this series <https://calendar.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tM…> Yes <https://calendar.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tM…> No <https://calendar.google.com/calendar/event?action=RESPOND&eid=NWlub3Ewdm1tM…> Maybe <https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1…> More options Invitation from Google Calendar<https://calendar.google.com/calendar/> You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more<https://support.google.com/calendar/answer/37135#forwarding>

10 months, 2 weeks

1
0
0 0

Query regarding the test coverage thru tf-a-tests

by Thangaraj, Senthil Nathan

Dear TF-A team, I have a query regarding the TF-A test. Specifically, I would like to know if there is a method to find out the code coverage for a specific test or for all the tests in current run? Your direction in this regard will be really appreciated. Thank you, Senthil

10 months, 2 weeks

1
0
1 0

Arm TF-A can not access linux kernel's virtual/physical address?

by 钱非凡

In my opinion, Arm TF-A (EL3) has higher privileges than Linux Kernel (EL1), and Secure World should be able to access all memory address in Normal World. To verify this feature, I added a new SMC call in Arm TF-A and wrote a kernel module to test it (on a Hikey960 Development Board). But the program does not run as expected that Arm TF-A stucked while accessing the memory address passed by Linux Kernel. Here is my kernel module, which uses `alloc_pages` to acquire a physical address, and uses `page_address` converting it to a virtual address. And the module passes the physical address and the virtual address to Arm TF-A using `smc #0`: ```cpp static int __init smc_testing_init(void) { uintptr_t phys_addr, virt_addr; pr_info("Mmodule loaded\n"); phys_addr = (uintptr_t) alloc_pages(GFP_KERNEL, 2); virt_addr = (uintptr_t) page_address((struct page *) phys_addr); memset((void *) virt_addr, 'A', PAGE_SIZE << 2); printk("phys_addr: 0x%llx, virt_addr: 0x%llx\n", (uint64_t) phys_addr, (uint64_t) virt_addr); asm volatile( "ldr x0, =0xC8000003\n" "mov x1, %0\n" "mov x2, %1\n" "smc #0\n" : : "r" (phys_addr), "r" (virt_addr) : "x0", "x1", "x2" ); __free_pages((struct page *) phys_addr, 2); return 0; } static void __exit smc_testing_exit(void) { pr_info("Module unloaded\n"); } ``` And here is the handler's code in Arm TF-A, which prints the addresses of physical address and virtual address, and access the first element of the memory address: ```cpp if (0xC8000003 == smc_fid) { uintptr_t virt_addr = x3; NOTICE("phys_addr: 0x%lx, virt_addr: 0x%lx\n", phys_addr, virt_addr); NOTICE("virt_addr[0] = 0x%x\n", *((uint32_t *)virt_addr)); NOTICE("phys_addr[0] = 0x%x\n", *((uint32_t *)phys_addr)); SMC_RET0(handle); } ``` Here is the output, Arm TF-A handles the request successfully, but failed to access the memory address passed by Linux Kernel: ```bash # insmod ./smc_testing.ko [ 75.259590] smc_testing: loading out-of-tree module taints kernel. [ 75.266682] Mmodule loaded [ 75.269404] phys_addr: 0xfffffc0002dc5e00, virt_addr: 0xffff0000b7178000 NOTICE: phys_addr: 0xfffffc0002dc5e00, virt_addr: 0xffff0000b7178000 [ 96.276605] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 96.282741] rcu: 4-...0: (1 ticks this GP) idle=72ec/1/0x4000000000000000 softirq=204/204 fqs=2592 [ 96.291835] (detected by 0, t=5253 jiffies, g=-643, q=16 ncpus=8) [ 96.298044] Task dump for CPU 4: [ 96.301287] task:insmod state:R running task stack:0 pid:201 ppid:185 flags:0x00000006 [ 96.311254] Call trace: [ 96.313713] __switch_to+0xe4/0x160 [ 96.317241] printk_rb_static+0x30/0x58 ```

10 months, 2 weeks

2
1
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 441243: Memory - corruptions (OVERRUN) ________________________________________________________________________________________________________ *** CID 441243: Memory - corruptions (OVERRUN) /plat/xilinx/common/pm_service/pm_svc_main.c: 516 in eemi_api_handler() 510 module_id = (api_id & MODULE_ID_MASK) >> 8U; 511 512 PM_PACK_PAYLOAD7(payload, module_id, security_flag, api_id, 513 pm_arg[0], pm_arg[1], pm_arg[2], pm_arg[3], 514 pm_arg[4], pm_arg[5]); 515 >>> CID 441243: Memory - corruptions (OVERRUN) >>> Overrunning callee's array of size 7 by passing argument "7UL" in call to "pm_ipi_send_sync". 516 ret = pm_ipi_send_sync(primary_proc, payload, (uint32_t *)buf, 517 PAYLOAD_ARG_CNT); 518 519 SMC_RET4(handle, (uint64_t)ret | ((uint64_t)buf[0] << 32U), 520 (uint64_t)buf[1] | ((uint64_t)buf[2] << 32U), 521 (uint64_t)buf[3] | ((uint64_t)buf[4] << 32U), ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

10 months, 3 weeks

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Aug 8, 2024 4pm - 5pm (BST) (tf-a@lists.trustedfirmware.org)

by Joanna Farley

This event has been canceled with a note: "No topics scheduled this week so cancelling. Also a lot of people seem to be away on vacations." TF-A Tech Forum Thursday Aug 8, 2024 ⋅ 4pm – 5pm United Kingdom Time We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

10 months, 4 weeks

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 440627: Control flow issues (DEADCODE) /plat/allwinner/sun50i_h616/sunxi_h616_dtb.c: 56 in sunxi_soc_fdt_fixup() ________________________________________________________________________________________________________ *** CID 440627: Control flow issues (DEADCODE) /plat/allwinner/sun50i_h616/sunxi_h616_dtb.c: 56 in sunxi_soc_fdt_fixup() 50 if (ret != 0) { 51 return; 52 } 53 54 node = fdt_node_offset_by_phandle(dtb, phandle); 55 if (ret != 0) { >>> CID 440627: Control flow issues (DEADCODE) >>> Execution cannot reach this statement: "return;". 56 return; 57 } 58 59 ccsidr = armv8_get_ccsidr(CACHE_L2U); 60 sets = ((ccsidr >> CCSIDR_SETS_SHIFT) & CCSIDR_SETS_MASK) + 1; 61 line_size = 16U << ((ccsidr >> CCSIDR_LSIZE_SHIFT) & CCSIDR_LSIZE_MASK); ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

11 months, 1 week

1
0
0 0

Re: Integrate TF-A and PSA Crypto API with PUFcc

by Jothikumar Mani

HI Andy, Thank you for explaining, psa-arch-test(psa certified api compliance) testsuite currently used with TFM +MbedTLS environment as a release gate, and there is trusted service team whom were running the psa-arch-test package on arm-A class devices. Coming back to the question related to psa-arch-test, the current available package should suffice to check the compliance of crypto necessary tasks/functinoality, fyi we have already validated the latest psa-arch-test repo with the mbedtls 3.6. So I would not be more concern about the psa-arch-test being compliant to latest 1.2.1 spec. because between 1.1.0 and 1.2.1 there were minimal changes which is not showstopper for the psa certified api certification. Regards, JK From: Andy Chen <andychen(a)pufsecurity.com> Date: Thursday, 25 July 2024 at 5:30 AM To: Jothikumar Mani <Jothikumar.Mani(a)arm.com>, Manish Badarkhe <Manish.Badarkhe(a)arm.com>, tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> Cc: Diya Soubra <Diya.Soubra(a)arm.com>, Victoria Lee <victorialee(a)pufsecurity.com>, Andrew <andrewirvin(a)pufsecurity.com> Subject: 回覆: Integrate TF-A and PSA Crypto API with PUFcc Hi Jothikumar and Manish, It's great to discuss with you and thanks. Sure, it's more clarity with usage scenarios: 1. As a Security IP provider, our PUFcc functions as a Hardware Root of Trust. However, mbedTLS currently doesn't fully support HRoT. Therefore, we are integrating directly into the PSA Crypto API, which permits customization. 1. While working on PSA L3 or L2R, we frequently face version conflicts. That why, in this project, we aim to confirm these version issues (including the dev. and test bench). 1. This also means that both TF-A and TF-M support PSA Crypto API, so we can also support both through this package. There is our PSA Software Package with PUFcc. We try to find the best way to support cryptographic tasks. Additionally, we plan to use the same development platform as ARM to ensure optimal compatibility for our customers. It means we would try to know the FPV, although I'm not sure if we can add external IPs. If I misunderstood or you have any ideas, please feel free to tell me. [cid:ed0bb76e-fb77-4502-ae5d-f8443d6b4fc4] Have a Nice Day, Andy ________________________________ 寄件者: Jothikumar Mani <Jothikumar.Mani(a)arm.com> 寄件日期: 2024年7月24日下午 11:48 收件者: Andy Chen <andychen(a)pufsecurity.com>; Manish Badarkhe <Manish.Badarkhe(a)arm.com>; tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org> 副本: Diya Soubra <Diya.Soubra(a)arm.com>; Victoria Lee <victorialee(a)pufsecurity.com>; Andrew <andrewirvin(a)pufsecurity.com> 主旨: RE: Integrate TF-A and PSA Crypto API with PUFcc Hi Andy, Please find my reply in the previous mail. Regards, JK From: Andy Chen <andychen(a)pufsecurity.com> Sent: Wednesday, July 24, 2024 8:11 PM To: Manish Badarkhe <Manish.Badarkhe(a)arm.com>; Jothikumar Mani <Jothikumar.Mani(a)arm.com>; tf-a(a)lists.trustedfirmware.org Cc: Diya Soubra <Diya.Soubra(a)arm.com>; Victoria Lee <victorialee(a)pufsecurity.com>; Andrew <andrewirvin(a)pufsecurity.com> Subject: 回覆: Integrate TF-A and PSA Crypto API with PUFcc Hi Manish, Thanks for your information. We need to integrate our hardware Crypto IP (PUFcc). And it seems that FVP cannot add custom IP, so we are planning to purchase an FPGA with the A53 - AXU9EGB<https://www.xilinx.com/products/boards-and-kits/1-1ervp7b.html> for our needs. And we need to make sure it is compatible with TF-A lts-v2.10.5. Thanks. Hi Jothikumar, We would try to integrate with PSA Crypto API, and we need a test bench for v1.2.1. Please feel free to let me know if you have any suggestions. [JK] : may I know what the intent is to requesting the crypto v1.2.1 spec compliance suites?, if you are looking for the PSA Certified APIs compliance for your product then the currently available testsuite is more than sufficient. Also, the mbedTLS version mentioned also only supports psa-crypto spec v1.1.0. I am trying to under the end goal of the psa certified api compliance suite usage with your product. Answer to this question will help me to give better suggestion. For TF-A, we plan to integrate with: TF-A lts-v2.10.5 PSA Crypto API - v1.1.0 >>> v1.2.1 PSA Certified APIs Architecture Test Suite - v1.6 Thank you very much. Have a Nice Day, Andy ________________________________ 寄件者: Manish Badarkhe <Manish.Badarkhe(a)arm.com<mailto:Manish.Badarkhe@arm.com>> 寄件日期: 2024年7月24日下午 06:12 收件者: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>>; Andy Chen <andychen(a)pufsecurity.com<mailto:andychen@pufsecurity.com>>; Jothikumar Mani <Jothikumar.Mani(a)arm.com<mailto:Jothikumar.Mani@arm.com>> 副本: Diya Soubra <Diya.Soubra(a)arm.com<mailto:Diya.Soubra@arm.com>>; Victoria Lee <victorialee(a)pufsecurity.com<mailto:victorialee@pufsecurity.com>>; Andrew <andrewirvin(a)pufsecurity.com<mailto:andrewirvin@pufsecurity.com>> 主旨: Re: Integrate TF-A and PSA Crypto API with PUFcc Hi Andy Please see my replies inline. Adding Jothikumar Mani for PSA Certified APIs Architecture Test Suite. Thanks, Manish Badarkhe ________________________________ From: Andy Chen via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Sent: 23 July 2024 09:55 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Cc: Diya Soubra <Diya.Soubra(a)arm.com<mailto:Diya.Soubra@arm.com>>; Victoria Lee <victorialee(a)pufsecurity.com<mailto:victorialee@pufsecurity.com>>; Andrew <andrewirvin(a)pufsecurity.com<mailto:andrewirvin@pufsecurity.com>> Subject: [TF-A] Integrate TF-A and PSA Crypto API with PUFcc Hi TF-A teams, This is Andy from PUFsecurity, and we have a project with ARM. We try to integrate the PSA Crypto API with PUFcc (Our Crypto Engine) on TF-A. However, there are multiple versions included, and we need your assistance for specification clarification. Please ensure the versions match your recommendations. For TF-A, we plan to integrate with: TF-A lts-v2.10.5 PSA Crypto API - v1.1.0 PSA Certified APIs Architecture Test Suite - v1.6 [MB]: This looks fine. As TF-A lts-v2.10.5 using mbedTLS v3.6.0 which is compliance with PSA Crypto API - v1.1.0 but mbedTLS team can provide more detailed answer on this and also on test suite PSA Certified APIs Architecture Test Suite - v1.6. TF-A It would be beneficial to use the same hardware (FPGA) and tools as the ARM development team. If we can confirm which models are used for TF-A , scripts or details with the ARM hardware That would be grateful. [MB]: We are using FVP AEM model i.e. FVP_Base_RevC-2xAEMvA (Model version: 11.26, Build: 11). Test Run with PSA Crypto you can find here: https://ci.trustedfirmware.org/job/tf-a-builder/4029201/ (today's daily run) PSA Crypto API - The test bench is using the PSA Crypto API v1.1.0, and it is published in 2022. And Now is v1.2.1 in March 2024. I not sure it is a good choose or not. [cid:image001.png@01DADE0E.1BA75330] [MB]: It looks like arch-test is not upgraded to use v1.2.1 PSA Crypto API. Added Jothikumar Mani, he may have idea about this. Test Bench - For the "PSA Certified APIs Architecture Test Suite - v1.6," we would like to identify which test codes (test_c001 to test_c067) are relevant for TF-A. [MB]: Again, TF-A is not using this test suite, so we don't have any insights unless we review all these tests. TF-A mainly uses the following PSA_* APIs for signature verification, hash calculation, and hash comparison. psa_crypto_init mbedtls_md_psa_alg_from_type psa_set_key_algorithm psa_set_key_type psa_set_key_usage_flags psa_import_key psa_destroy_key psa_verify_message psa_hash_compute psa_hash_compare Thank you very much!!! Have a Nice Day, Andy [cid:image002.png@01DADE0E.1BA75330] 熵碼科技股份有限公司 Tel: 886-3-5601010 #2119 Email: andychen(a)pufsecurity.com<mailto:andychen@pufsecurity.com> Website: https://www.pufsecurity.com/ -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------

11 months, 1 week

2
2
0 0

Re: Integrate TF-A and PSA Crypto API with PUFcc

by Jothikumar Mani

Hi Andy, Please find my reply in the previous mail. Regards, JK From: Andy Chen <andychen(a)pufsecurity.com> Sent: Wednesday, July 24, 2024 8:11 PM To: Manish Badarkhe <Manish.Badarkhe(a)arm.com>; Jothikumar Mani <Jothikumar.Mani(a)arm.com>; tf-a(a)lists.trustedfirmware.org Cc: Diya Soubra <Diya.Soubra(a)arm.com>; Victoria Lee <victorialee(a)pufsecurity.com>; Andrew <andrewirvin(a)pufsecurity.com> Subject: 回覆: Integrate TF-A and PSA Crypto API with PUFcc Hi Manish, Thanks for your information. We need to integrate our hardware Crypto IP (PUFcc). And it seems that FVP cannot add custom IP, so we are planning to purchase an FPGA with the A53 - AXU9EGB<https://www.xilinx.com/products/boards-and-kits/1-1ervp7b.html> for our needs. And we need to make sure it is compatible with TF-A lts-v2.10.5. Thanks. Hi Jothikumar, We would try to integrate with PSA Crypto API, and we need a test bench for v1.2.1. Please feel free to let me know if you have any suggestions. [JK] : may I know what the intent is to requesting the crypto v1.2.1 spec compliance suites?, if you are looking for the PSA Certified APIs compliance for your product then the currently available testsuite is more than sufficient. Also, the mbedTLS version mentioned also only supports psa-crypto spec v1.1.0. I am trying to under the end goal of the psa certified api compliance suite usage with your product. Answer to this question will help me to give better suggestion. For TF-A, we plan to integrate with: TF-A lts-v2.10.5 PSA Crypto API - v1.1.0 >>> v1.2.1 PSA Certified APIs Architecture Test Suite - v1.6 Thank you very much. Have a Nice Day, Andy ________________________________ 寄件者: Manish Badarkhe <Manish.Badarkhe(a)arm.com<mailto:Manish.Badarkhe@arm.com>> 寄件日期: 2024年7月24日下午 06:12 收件者: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>>; Andy Chen <andychen(a)pufsecurity.com<mailto:andychen@pufsecurity.com>>; Jothikumar Mani <Jothikumar.Mani(a)arm.com<mailto:Jothikumar.Mani@arm.com>> 副本: Diya Soubra <Diya.Soubra(a)arm.com<mailto:Diya.Soubra@arm.com>>; Victoria Lee <victorialee(a)pufsecurity.com<mailto:victorialee@pufsecurity.com>>; Andrew <andrewirvin(a)pufsecurity.com<mailto:andrewirvin@pufsecurity.com>> 主旨: Re: Integrate TF-A and PSA Crypto API with PUFcc Hi Andy Please see my replies inline. Adding Jothikumar Mani for PSA Certified APIs Architecture Test Suite. Thanks, Manish Badarkhe ________________________________ From: Andy Chen via TF-A <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Sent: 23 July 2024 09:55 To: tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> Cc: Diya Soubra <Diya.Soubra(a)arm.com<mailto:Diya.Soubra@arm.com>>; Victoria Lee <victorialee(a)pufsecurity.com<mailto:victorialee@pufsecurity.com>>; Andrew <andrewirvin(a)pufsecurity.com<mailto:andrewirvin@pufsecurity.com>> Subject: [TF-A] Integrate TF-A and PSA Crypto API with PUFcc Hi TF-A teams, This is Andy from PUFsecurity, and we have a project with ARM. We try to integrate the PSA Crypto API with PUFcc (Our Crypto Engine) on TF-A. However, there are multiple versions included, and we need your assistance for specification clarification. Please ensure the versions match your recommendations. For TF-A, we plan to integrate with: TF-A lts-v2.10.5 PSA Crypto API - v1.1.0 PSA Certified APIs Architecture Test Suite - v1.6 [MB]: This looks fine. As TF-A lts-v2.10.5 using mbedTLS v3.6.0 which is compliance with PSA Crypto API - v1.1.0 but mbedTLS team can provide more detailed answer on this and also on test suite PSA Certified APIs Architecture Test Suite - v1.6. TF-A It would be beneficial to use the same hardware (FPGA) and tools as the ARM development team. If we can confirm which models are used for TF-A , scripts or details with the ARM hardware That would be grateful. [MB]: We are using FVP AEM model i.e. FVP_Base_RevC-2xAEMvA (Model version: 11.26, Build: 11). Test Run with PSA Crypto you can find here: https://ci.trustedfirmware.org/job/tf-a-builder/4029201/ (today's daily run) PSA Crypto API - The test bench is using the PSA Crypto API v1.1.0, and it is published in 2022. And Now is v1.2.1 in March 2024. I not sure it is a good choose or not. [cid:image001.png@01DADE0E.1BA75330] [MB]: It looks like arch-test is not upgraded to use v1.2.1 PSA Crypto API. Added Jothikumar Mani, he may have idea about this. Test Bench - For the "PSA Certified APIs Architecture Test Suite - v1.6," we would like to identify which test codes (test_c001 to test_c067) are relevant for TF-A. [MB]: Again, TF-A is not using this test suite, so we don't have any insights unless we review all these tests. TF-A mainly uses the following PSA_* APIs for signature verification, hash calculation, and hash comparison. psa_crypto_init mbedtls_md_psa_alg_from_type psa_set_key_algorithm psa_set_key_type psa_set_key_usage_flags psa_import_key psa_destroy_key psa_verify_message psa_hash_compute psa_hash_compare Thank you very much!!! Have a Nice Day, Andy [cid:image002.png@01DADE0E.1BA75330] 熵碼科技股份有限公司 Tel: 886-3-5601010 #2119 Email: andychen(a)pufsecurity.com<mailto:andychen@pufsecurity.com> Website: https://www.pufsecurity.com/ -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------

11 months, 1 week

1
0
0 0

Updated invitation: TF-A Tech Forum @ Every 2 weeks from 8am to 9am on Thursday (MST) (tf-a@lists.trustedfirmware.org)

by Don Harbin

This event has been updated TF-A Tech Forum Every 2 weeks from 8am to 9am on Thursday Mountain Standard Time - Phoenix We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Reply for tf-a(a)lists.trustedfirmware.org and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

11 months, 1 week

1
0
0 0

Updated invitation: TF-A Tech Forum @ Every 2 weeks from 9am to 10am on Thursday from Thu Mar 7 to Wed Jul 24 (MST) (tf-a@lists.trustedfirmware.org)

by Don Harbin

This event has been updated Changed: time TF-A Tech Forum Every 2 weeks from 9am to 10am on Thursday from Thursday Mar 7 to Wednesday Jul 24 Mountain Standard Time - Phoenix We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org View all guest info https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Reply for tf-a(a)lists.trustedfirmware.org and view more details https://calendar.google.com/calendar/event?action=VIEW&eid=NWlub3Ewdm1tMmk1… Your attendance is optional. ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

11 months, 1 week

1
0
0 0

Integrate TF-A and PSA Crypto API with PUFcc

by Andy Chen

Hi TF-A teams, This is Andy from PUFsecurity, and we have a project with ARM. We try to integrate the PSA Crypto API with PUFcc (Our Crypto Engine) on TF-A. However, there are multiple versions included, and we need your assistance for specification clarification. Please ensure the versions match your recommendations. For TF-A, we plan to integrate with: TF-A lts-v2.10.5 PSA Crypto API - v1.1.0 PSA Certified APIs Architecture Test Suite - v1.6 TF-A It would be beneficial to use the same hardware (FPGA) and tools as the ARM development team. If we can confirm which models are used for TF-A , scripts or details with the ARM hardware That would be grateful. PSA Crypto API - The test bench is using the PSA Crypto API v1.1.0, and it is published in 2022. And Now is v1.2.1 in March 2024. I not sure it is a good choose or not. [cid:0e747007-8c2a-49a7-9447-8d5e7f9a3e9c] Test Bench - For the "PSA Certified APIs Architecture Test Suite - v1.6," we would like to identify which test codes (test_c001 to test_c067) are relevant for TF-A. Thank you very much!!! Have a Nice Day, Andy [cid:74269c28-12d4-48a9-b215-3d3eaf95f2c3] 熵碼科技股份有限公司 Tel: 886-3-5601010 #2119 Email: andychen(a)pufsecurity.com<mailto:andychen@pufsecurity.com> Website: https://www.pufsecurity.com/ -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.-------- -------- Disclaimer: This e-mail is from PUFsecurity Corporation. This e-mail may contain privileged and confidential information. It is intended for the named recipient(s) only. Disclosure, copying, distribution, or use of the contents of this e-mail by persons other than the intended recipient may violate applicable laws. If you are not an intended recipient, please notify us immediately (by reply e-mail) and delete this e-mail from your system. Our postal address is 8F-1, No. 5, Tai-Yuan 1st St., Jhubei City, Hsinchu County 302082, Taiwan.--------

11 months, 2 weeks

2
1
0 0

TF-A Tech Forum - Jul 25th 2024 - Unification of Chain of Trust Descriptors

by Olivier Deprez

Hi, On Jul 25th in the TF-A Tech Forum: Unification of Chain of Trust Descriptors - presented by Xialin Liu Currently, the Chain of Trust is implemented using C data structures built into the firmware or through device tree nodes. Maintaining both formats can lead to maintenance challenges. Therefore, we are standardizing the provision of Chain of Trust descriptors exclusively via the device tree and providing a tool to convert device tree descriptors into C source files. This approach simplifies the process, ensuring consistency and reducing the potential for errors associated with managing multiple formats. Regards, Olivier. TF-A Tech Forum Thursday Jul 25, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org

11 months, 2 weeks

1
0
0 0

Firmware Partition Filesystem query

by Ghennadi Procopciuc

Greetings everyone, I came across the following paragraph while reading the 'Firmware Partition Filesystem' chapter from EBBR v2.2.0 and I would like to clarify my understanding: Where possible, firmware images and data should be stored in a filesystem. Firmware can be stored either in a dedicated firmware partition, or in certain circumstances in the UEFI System Partition (ESP). Using a filesystem makes it simpler to manage multiple firmware files and makes it possible for a single disk image to contain firmware for multiple platforms. Dedicated firmware partitions should be formatted with a FAT filesystem as defined in UEFI § 13.3 File System Format. Dedicated firmware partitions should use the same /FIRMWARE directory hierarchy. OS tools shall ignore dedicated firmware partitions, and shall not attempt to use a dedicated firmware partition as an ESP Questions: 1. Does the above paragraph mean that, if the device allows, all firmware binaries (TF-A, U-Boot, and some others) must be stored in a dedicated firmware partition formatted with a FAT filesystem and GUID Partition Table (GPT) disk layout? 2. If so, would this also mean that, where possible, the BootROM or a (first stage) bootloader running before TF-A should have GPT and FAT support embedded support to load one of the TF-A stages (BL1/BL2)? Regards, Ghennadi

11 months, 2 weeks

5
7
0 0

Proper message for ERRATA_NOT_APPLIES case

by Bollapalli, Maheedhar Sai

Hi, On AMD-Xilinx ZynqMP platform for ERRATA_NOT_APPLIES case; the log appearing on the console is as below: "VERBOSE: BL31: cortex_a53: CPU workaround for erratum 819472was not applied". We checked ZynqMP code and found that the ZynqMP cpu revision was higher than the cpu revision intended in the erratum and hence it was not applicable and not applied. The message seems inappropriate to us as from log message it is not clear why it wasn't applied. Our suggestion is that in the log message instead of "not applied" it should be mentioned as "not applicable" as indicated below to reflect the reason properly. "VERBOSE: BL31: cortex_a53: CPU workaround for erratum 819472 was not applicable". Regards, Maheedhar.

11 months, 2 weeks

2
1
0 0

BL2 does find only 2 images

by Labs, Torsten

Hey all, i tried to setup a fip.bin and add 3 images (bl31, bl32 and bl33). ./fiptool --verbose create --soc-fw bl31.bin --nt-fw bl33.bin --tos-fw bl32.bin fip.bin When i check the generated fip.bin with fiptool info it shows me all my three images in the fip.bin EL3 Runtime Firmware BL31: offset=0xB0, size=0x13644, cmdline="--soc-fw" Secure Payload BL32 (Trusted OS): offset=0x136F4, size=0x18D864, cmdline="--tos-fw" Non-Trusted Firmware BL33: offset=0x1A0F58, size=0x9692E, cmdline="--nt-fw" But during bootup the BL2 finds only the image id =3 and image id=5 which is BL32 and BL33. Why he is not finding the bl32? Thanks for youre short help. Regards Torsten

11 months, 3 weeks

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A