- TF-A - lists.trustedfirmware.org

Trusted Firmware-A LTS v2.8.30 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.30 is now available. This release contains the following patches: 983f4c8ed chore(cpus): fix incorrect header macro [1] 1a2a26897 refactor(errata-abi): move EXTRACT_PARTNUM to arch.h [2] 37db9abef refactor(cm): move remaining EL2 save/restore into C [3] f2a263ed8 fix(cm): update gic el2 sysregs save/restore mechanism [4] 8c6068fab fix(cpus): workaround for accessing ICH_VMCR_EL2 [5] c32e3a38d fix(cpus): workaround for Cortex-A710 erratum 3701772 [6] 3b8a3ad15 fix(cpus): workaround for Cortex-A715 erratum 3699560 [7] c7d5de9fe fix(cpus): workaround for Cortex-A720 erratum 3699561 [8] 2296df6fe fix(cpus): workaround for Cortex-X2 erratum 3701772 [9] ed4bd3c61 fix(cpus): workaround for Cortex-X3 erratum 3701769 [10] 395f67e87 fix(cpus): workaround for Cortex-X4 erratum 3701758 [11] 2414a852a fix(cpus): workaround for Neoverse-N2 erratum 3701773 [12] 35caff979 fix(cpus): workaround for Neoverse-V3 erratum 3701767 [13] 55589ce29 chore(smccc): bump up SMCCC version to 1.4 [14] [1] https://review.trustedfirmware.org/q/I6a4a8ec6546adb41e24d8885cb445fa8be830… [2] https://review.trustedfirmware.org/q/Id8bbaf21566f3145a75cfa0dafec6823ed2df… [3] https://review.trustedfirmware.org/q/If690f792e70b97fd4b4cd5f43847a71719b12… [4] https://review.trustedfirmware.org/q/I8d55c3dc6a17c4749748822d4a738912c1e13… [5] https://review.trustedfirmware.org/q/I9f0403601c6346276e925f02eab55908b009d… [6] https://review.trustedfirmware.org/q/I997c9cfaa75321f22b4f690c4d3f234c0b51c… [7] https://review.trustedfirmware.org/q/I183aa921b4b6f715d64eb6b70809de2566017… [8] https://review.trustedfirmware.org/q/I7ea3aaf3e7bf6b4f3648f6872e505a41247b1… [9] https://review.trustedfirmware.org/q/I2ffc5e7d7467f1bcff8b895fea52a1daa7d14… [10] https://review.trustedfirmware.org/q/Ifd722e1bb8616ada2ad158297a7ca80b19a33… [11] https://review.trustedfirmware.org/q/I4ee941d1e7653de7a12d69f538ca05f7f9f99… [12] https://review.trustedfirmware.org/q/If95bd67363228c8083724b31f630636fb27f3… [13] https://review.trustedfirmware.org/q/I5be0de881f408a9e82a07b8459d79490e9065… [14] https://review.trustedfirmware.org/q/Ie5476c4601bd504d3f3e8433e1d672ebd0a75… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.30/change-log.html Thanks, TF-A LTS team

11 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Feb 20, 2025 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, No topic planned for today. Thanks & Regards, Olivier." TF-A Tech Forum Thursday Feb 20, 2025 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

11 months

1
0
0 0

Trusted Firmware-A LTS v2.10.13 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.10.13 is now available. This release contains the following patches: b2be8b051 fix(security): enable WORKAROUND_CVE_2024_7881 build option [1] 8618e9d8f fix(security): add CVE-2024-7881 mitigation to Cortex-X4 [2] 81476ada1 fix(security): add CVE-2024-7881 mitigation to Cortex-X925 [3] 6caef6a1f fix(security): add CVE-2024-7881 mitigation to Neoverse-V2 [4] a7371652e fix(security): add CVE-2024-7881 mitigation to Neoverse-V3 [5] 023e80d4c fix(security): add CVE-2024-7881 mitigation to Cortex-X3 [6] b5386661a fix(security): add support in cpu_ops for CVE-2024-7881 [7] 64618d664 fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus [8] f823cc74e fix(cm): update gic el2 sysregs save/restore mechanism [9] 053bdc35f refactor(fvp): move cpus with nomodel [10] 813f66774 chore: rename hermes to neoverse-n3 [11] 86b37315e chore(cpus): fix incorrect header macro [12] 57ab066a2 refactor(errata-abi): move EXTRACT_PARTNUM to arch.h [13] 57bdc57e3 fix(cpus): workaround for accessing ICH_VMCR_EL2 [14] 8f709377f fix(cpus): workaround for Cortex-A710 erratum 3701772 [15] 857cfc2e9 fix(cpus): workaround for Cortex-A715 erratum 3699560 [16] 36b53f90f fix(cpus): workaround for Cortex-A720 erratum 3699561 [17] 17b8a8a33 fix(cpus): workaround for Cortex-A725 erratum 3699564 [18] 3e9433d76 fix(cpus): workaround for Cortex-X2 erratum 3701772 [19] 1852f608b fix(cpus): workaround for Cortex-X3 erratum 3701769 [20] db3048d54 fix(cpus): workaround for Cortex-X4 erratum 3701758 [21] c8a6cc0a1 fix(cpus): workaround for Cortex-X925 erratum 3701747 [22] 1d17578bd fix(cpus): workaround for Neoverse-N2 erratum 3701773 [23] e2a5da1c0 fix(cpus): workaround for Neoverse-N3 erratum 3699563 [24] fc497736f fix(cpus): workaround for Neoverse-V3 erratum 3701767 [25] [1] https://review.trustedfirmware.org/q/Id77f82a4dfaa4422729f7e3f2429f47cc90d9… [2] https://review.trustedfirmware.org/q/I0bec96d4f71a08a89c6612e272ecfb173f80d… [3] https://review.trustedfirmware.org/q/I53e72e4dbc8937cea3c344a5ba04664c50a07… [4] https://review.trustedfirmware.org/q/I129814eb3494b287fd76a3f7dbc50f76553b2… [5] https://review.trustedfirmware.org/q/Ib5c644895b8c76d3c7e8b5e6e98d7b9afef7f… [6] https://review.trustedfirmware.org/q/I410517d175a80fc6f459fa6ce5c30c0a38db9… [7] https://review.trustedfirmware.org/q/I417389f040c6ead7f96f9b720d29061833f43… [8] https://review.trustedfirmware.org/q/I1b1ffaa1f806f07472fd79d5525f81764d99b… [9] https://review.trustedfirmware.org/q/I8d55c3dc6a17c4749748822d4a738912c1e13… [10] https://review.trustedfirmware.org/q/I3da12d2f8d9c246b435b31adfac61c79dc1ab… [11] https://review.trustedfirmware.org/q/I912d4c824c5004a8c1909c68fef77f1f5e202… [12] https://review.trustedfirmware.org/q/I6a4a8ec6546adb41e24d8885cb445fa8be830… [13] https://review.trustedfirmware.org/q/Id8bbaf21566f3145a75cfa0dafec6823ed2df… [14] https://review.trustedfirmware.org/q/I9f0403601c6346276e925f02eab55908b009d… [15] https://review.trustedfirmware.org/q/I997c9cfaa75321f22b4f690c4d3f234c0b51c… [16] https://review.trustedfirmware.org/q/I183aa921b4b6f715d64eb6b70809de2566017… [17] https://review.trustedfirmware.org/q/I7ea3aaf3e7bf6b4f3648f6872e505a41247b1… [18] https://review.trustedfirmware.org/q/Ifad1f6c3f5b74060273f897eb5e4b79dd9f08… [19] https://review.trustedfirmware.org/q/I2ffc5e7d7467f1bcff8b895fea52a1daa7d14… [20] https://review.trustedfirmware.org/q/Ifd722e1bb8616ada2ad158297a7ca80b19a33… [21] https://review.trustedfirmware.org/q/I4ee941d1e7653de7a12d69f538ca05f7f9f99… [22] https://review.trustedfirmware.org/q/I080296666f89276b3260686c2bdb8de63fc17… [23] https://review.trustedfirmware.org/q/If95bd67363228c8083724b31f630636fb27f3… [24] https://review.trustedfirmware.org/q/I77aaf8ae0afff3adde9a85f4a1a13ac9d1daf… [25] https://review.trustedfirmware.org/q/I5be0de881f408a9e82a07b8459d79490e9065… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.10.13/change-log.html Thanks, TF-A LTS team

11 months, 1 week

1
0
0 0

Trusted Firmware-A LTS v2.8.29 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.29 is now available. This release contains the following patches: 772bdd3bc style: normalize linker script code style [1] cf5e7d8d4 build: always prefix section names with `.` [2] e2084abfc fix(services): disable workaround discovery on aarch32 for now [3] cc04eac23 fix(security): enable WORKAROUND_CVE_2024_7881 build option [4] 2ef768d4a fix(security): add CVE-2024-7881 mitigation to Cortex-X4 [5] 172ccad6a fix(security): add CVE-2024-7881 mitigation to Neoverse-V2 [6] cbf4a4e3c fix(security): add CVE-2024-7881 mitigation to Neoverse-V3 [7] a7f53d34f fix(security): add CVE-2024-7881 mitigation to Cortex-X3 [8] 8fc0fa7c0 fix(security): add support in cpu_ops for CVE-2024-7881 [9] 337aa3bf1 fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus [10] 1e4b43644 feat(fvp): allow configurable FVP Trusted SRAM size [11] [1] https://review.trustedfirmware.org/q/Ibee2afad0d543129c9ba5a8a22e3ec17d77e3… [2] https://review.trustedfirmware.org/q/I51c13c5266d5975fbd944ef4961328e72f82f… [3] https://review.trustedfirmware.org/q/Ic19973a8e4d50a97f274d4461794c117b3373… [4] https://review.trustedfirmware.org/q/Id77f82a4dfaa4422729f7e3f2429f47cc90d9… [5] https://review.trustedfirmware.org/q/I0bec96d4f71a08a89c6612e272ecfb173f80d… [6] https://review.trustedfirmware.org/q/I129814eb3494b287fd76a3f7dbc50f76553b2… [7] https://review.trustedfirmware.org/q/Ib5c644895b8c76d3c7e8b5e6e98d7b9afef7f… [8] https://review.trustedfirmware.org/q/I410517d175a80fc6f459fa6ce5c30c0a38db9… [9] https://review.trustedfirmware.org/q/I417389f040c6ead7f96f9b720d29061833f43… [10] https://review.trustedfirmware.org/q/I1b1ffaa1f806f07472fd79d5525f81764d99b… [11] https://review.trustedfirmware.org/q/I8344d3718564cd2bd53f1e6860e2fe341ae24… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.29/change-log.html Thanks, TF-A LTS team

11 months, 1 week

1
0
0 0

TBBR: Question about the available Non Volatile Counters

by Rares Constantin

Hi, I have a question regarding the TBBR implementation for non-volatile counters in TF-A. While looking through the code and documentation for Trusted Boot authentication options, it was not clear why there are only two non-volatile counters for the Trusted and Non-Trusted worlds (`TRUSTED_FW_NVCOUNTER` and `NON_TRUSTED_FW_NVCOUNTER`). This is true for the Arm DEN0006D specification, but it was retired and ARM DEN0072 is the current specification. Is there any specific reason why there isn't a counter for each authenticated image declared and created by `cert_create` or is the retired specification the only reason? This limits the non-volatile counter extensions for all certificates, meaning that the Trusted OS content certificate for example cannot be authenticated with another extension, unless I add a custom certificate with another non-volatile counter extension and a new command line option. To quote the ARM DEN0072 TBBR specification [source: https://developer.arm.com/documentation/den0072/latest]: "It is recommended to implement as many version counters as there are images, where each image can use a separate counter without affecting other images. However, the number of rollback counters that can practically be supported is implementation dependent.". Thank you!

11 months, 1 week

2
3
0 0

Canceled event with note: TF-A Tech Forum @ Thu Feb 6, 2025 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling as no topic proposed this week. Regards, Olivier. " TF-A Tech Forum Thursday Feb 6, 2025 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

11 months, 2 weeks

1
0
0 0

Trusted Firmware-A LTS v2.8.28 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.28 is now available. This release contains the following patches: d4ce532c6 fix(arm): add extra hash config to validate ROTPK [1] 0f7eed07d refactor(mbedtls): rename default mbedtls confs [2] ae45ec9d4 docs(prerequisites): update mbedtls to version 3.6.2 [3] 8c37a4b7f feat(mbedtls): mbedtls config update for v3.6.2 [4] bf358fef7 docs: add inital lts doc [5] 633fc7323 docs: updates to LTS [6] 0330b630a chore(deps): bump jinja2 in the pip group across 1 directory [7] b3d5cc387 chore(deps): bump cross-spawn [8] 2c6035419 docs(maintainers): update LTS maintainers [9] [1] https://review.trustedfirmware.org/q/Ib3128ce7b0fb5c0858624ecbc998d456968be… [2] https://review.trustedfirmware.org/q/I1f665c2471877ecc833270c511749ff845046… [3] https://review.trustedfirmware.org/q/Ibc4a8712c92019648fe0e75390cd3540d86b7… [4] https://review.trustedfirmware.org/q/I79027f6c741ab3f419f7b555321507e6a78b9… [5] https://review.trustedfirmware.org/q/I1434c29f0236161d2a127596e2cc528bf4cc3… [6] https://review.trustedfirmware.org/q/Iafc606a66ea3ea69c51b433867b5025b8debe… [7] https://review.trustedfirmware.org/q/I4502ed17a6ce37f53ac64370a5d7fe756875f… [8] https://review.trustedfirmware.org/q/I78624d7ef8c3842a2271d091bf2d3213d9455… [9] https://review.trustedfirmware.org/q/Ibf087c6b0e24d6faa9dafb6f8a0955a47f583… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.28/change-log.html Thanks, TF-A LTS team

11 months, 3 weeks

1
0
0 0

Trusted Firmware-A LTS v2.10.12 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.10.12 is now available. This release contains the following patches: 8b2c88573 fix(arm): add extra hash config to validate ROTPK [1] 0ac65e7aa refactor(mbedtls): rename default mbedtls confs [2] 44161dcb1 docs(prerequisites): update mbedtls to version 3.6.2 [3] 564922601 feat(mbedtls): mbedtls config update for v3.6.2 [4] 13657a3f3 docs: add inital lts doc [5] 3d85a19f2 docs: updates to LTS [6] 7c8c034e5 chore(deps): bump jinja2 in the pip group across 1 directory [7] 924c7f42c chore(deps): bump cross-spawn [8] 8355ef772 docs(maintainers): update LTS maintainers [9] [1] https://review.trustedfirmware.org/q/Ib3128ce7b0fb5c0858624ecbc998d456968be… [2] https://review.trustedfirmware.org/q/I1f665c2471877ecc833270c511749ff845046… [3] https://review.trustedfirmware.org/q/Ibc4a8712c92019648fe0e75390cd3540d86b7… [4] https://review.trustedfirmware.org/q/I79027f6c741ab3f419f7b555321507e6a78b9… [5] https://review.trustedfirmware.org/q/I1434c29f0236161d2a127596e2cc528bf4cc3… [6] https://review.trustedfirmware.org/q/Iafc606a66ea3ea69c51b433867b5025b8debe… [7] https://review.trustedfirmware.org/q/I4502ed17a6ce37f53ac64370a5d7fe756875f… [8] https://review.trustedfirmware.org/q/I78624d7ef8c3842a2271d091bf2d3213d9455… [9] https://review.trustedfirmware.org/q/Ibf087c6b0e24d6faa9dafb6f8a0955a47f583… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.10.12/change-log.html Thanks, TF-A LTS team

11 months, 3 weeks

1
0
0 0

question about encryption

by 林觀明

Hi I tried to turn on encryption in BL31. And, I met some trouble. Here is my code. ``` static struct plat_io_policy policies[] = { ... [BL31_IMAGE_ID] = {&enc_dev_handle, &bl31_uuid_spec, check_enc_fip}, .... [ENC_IMAGE_ID] = {&fip_dev_handle, NULL, check_fip} } int plat_get_image_source(...) { ... policy = &policies[image_id]; ret = policy->check[policy->image_spec]; ... } static int check_fip(const uintptr_t spec) { int ret; ret = io_dev_open(fip_dev_con, (uintptr_t)NULL, &fip_dev_handle); if (ret) { ERROR("io_dev_open failed for FIP (%d)\n", ret); return ret; } ret = io_dev_init(fip_dev_handle, fip_image_id); if (ret) { ERROR("io_dev_init failed for FIP image id %lu (%d)\n", fip_image_id, ret); io_dev_close(fip_dev_handle); } return ret; } static int check_enc_fip(const uintptr_t spec) { int result; uintptr_t local_image_handle; /* See if a Firmware Image Package is available */ result = io_dev_open(enc_dev_con, (uintptr_t)NULL, &enc_dev_handle); if (result) { ERROR("io_dev_open failed for FIP (%d)\n", result); return result; } result = io_dev_init(enc_dev_handle, (uintptr_t)ENC_IMAGE_ID); if (result != 0) return result; return result; } ``` But, I can't boot successfully. Below is log. ``` INFO: Image id=3 loaded: 0x40800000 - 0x4080e299 INFO: BL2: Loading image id 5 WARNING: ===== allocate_dev_info 1 ===== WARNING: ==== -12 ==== ERROR: io_dev_open failed for FIP (-12) ERROR: Image id 11 open failed with -12 WARNING: Failed to obtain reference to image id=11 (-12) ERROR: BL2: Failed to load image id 5 (-12) ``` And, I found root cause in `allocate_dev_info` and `free_dev_info` in `drivers/io/io_fip.c` In `allocate_dev_info`, there is a count, `fip_dev_count`, increasing by 1 after calling `fip_dev_open` There is a check. The value of MAX_FIP_DEVICES is 1. ``` if (fip_dev_count < (unsigned int)MAX_FIP_DEVICES) { unsigned int index = 0; result = find_first_fip_state(0, &index); assert(result == 0); /* initialize dev_info */ dev_info_pool[index].funcs = &fip_dev_funcs; dev_info_pool[index].info = (uintptr_t)&state_pool[index]; *dev_info = &dev_info_pool[index]; ++fip_dev_count; } ``` And, in `fip_dev_close`, The `fip_dev_count` will be decreased by 1. However, The root casue is it call fip_dev_open but not calling fip_dev_close. It cause the `fip_dev_count` not be decreased by 1. Now, I have two solution. 1. Increasing the MAX_FIP_DEVICES, it will be working. 2. Add the io_dev_close in `enc_dev_close` in `driver/io_/io_encrypted.c`. And, it will call the fip_dev_close. It will be working. Do you have any idea in this solution ? Which solution is more general ? Thanks !

12 months

2
1
0 0

TF-A Tech Forum - Jan 23rd 2025 - RMM design of EL0 applications support

by Olivier Deprez

Hi, On Jan 23rd 2025, in the TF-A Tech forum, Mate Toth-Pal and Soby Mathew will present the RMM design of EL0 applications support. The TF-A Tech forum is a regular open forum for anyone from the open source community to participate. Feel free to reach if you have a topic you'd want to present. It can be a design review with slides, walking through RFC patches, or more generic discussion around open source projects. Regards, Olivier. TF-A Tech Forum Thursday Jan 23, 2025 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org

1 year

1
0
0 0

Trusted Firmware-A LTS v2.8.27 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.27 is now available. This release contains the following patches: 03d2ef8b0 fix(cpus): workaround for CVE-2024-5660 for Cortex-X4 [1] 85b4f4595 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3 [2] 9761fcc4d fix(cpus): workaround for CVE-2024-5660 for Cortex-X3 [3] cfa1200ff fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2 [4] 5625d9e28 fix(cpus): workaround for CVE-2024-5660 for Cortex-A710 [5] ca1a7aaf7 fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2 [6] feb80a641 fix(cpus): workaround for CVE-2024-5660 for Cortex-X1 [7] de65c9fc4 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78 [8] d87e44989 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C [9] 5e9988827 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE [10] ba5453ca4 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1 [11] 1f48d849e fix(cpus): workaround for CVE-2024-5660 for Cortex-A77 [12] 07a4df505 fix(cpus): workaround for CVE-2024-5660 for Cortex-X2 [13] 9f342211f chore(cpus): optimise runtime errata applications [14] 3edd92a1f fix(cpus): workaround for Cortex-X4 erratum 2923985 [15] [1] https://review.trustedfirmware.org/q/I378cb4978919cced03e7febc2ad431c572eac… [2] https://review.trustedfirmware.org/q/I9ed2590bf1215bf6a692f01dfd351e469ff07… [3] https://review.trustedfirmware.org/q/Ibe90313948102ece3469f2cfe3faccc7f4bee… [4] https://review.trustedfirmware.org/q/If66687add52d16f68ce54fe5433dd3b3f067e… [5] https://review.trustedfirmware.org/q/I10feea238600dcceaac7bb75a59db7913ca65… [6] https://review.trustedfirmware.org/q/I2b9dea78771cc159586a03ff563c0ec79591e… [7] https://review.trustedfirmware.org/q/I3124db3980f2786412369a010ca6abbbbaa3b… [8] https://review.trustedfirmware.org/q/I4e40388bef814481943b2459fe35dd7267c62… [9] https://review.trustedfirmware.org/q/Ieb8d7b122320d16bf8987a43dc683ca41227b… [10] https://review.trustedfirmware.org/q/I33ac653fcb45f687fe9ace1c76a3eb2000459… [11] https://review.trustedfirmware.org/q/Ia59452ea38c66b291790956d7f2880bfcd56d… [12] https://review.trustedfirmware.org/q/Ic71b163883ea624e9f2f77deb8b30c6961293… [13] https://review.trustedfirmware.org/q/If28804e154617a39d7d52c40b3a00a14a39df… [14] https://review.trustedfirmware.org/q/I02f9dd7d0619feb54c870938ea186be5e3a6c… [15] https://review.trustedfirmware.org/q/I9207802ad479919a7f77c1271019fa2479e07… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.27/change-log.html Thanks, TF-A LTS team

1 year

1
0
0 0

Trusted Firmware-A LTS v2.10.11 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.10.11 is now available. This release contains the following patches: 96498991d chore: rename Chaberton to Cortex-A725 [1] b229b47bd chore: rename Blackhawk to Cortex-X925 [2] 698e68fe1 fix(cpus): workaround for CVE-2024-5660 for Cortex-X925 [3] e42abf298 fix(cpus): workaround for CVE-2024-5660 for Cortex-X4 [4] a6375e1fe fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3 [5] 17e17ed3f fix(cpus): workaround for CVE-2024-5660 for Cortex-X3 [6] 3efc9e130 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2 [7] f7ae819f0 fix(cpus): workaround for CVE-2024-5660 for Cortex-A710 [8] 282e63544 fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2 [9] c7d3c9eb2 fix(cpus): workaround for CVE-2024-5660 for Cortex-X1 [10] 30c57c58a fix(cpus): workaround for CVE-2024-5660 for Cortex-A78 [11] 87250d2bb fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C [12] a02a863d3 fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE [13] 4fd2a6702 fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1 [14] 5673d345a fix(cpus): workaround for CVE-2024-5660 for Cortex-A77 [15] ad9dfdc58 fix(cpus): workaround for CVE-2024-5660 for Cortex-X2 [16] 0eed05ee7 chore(cpus): optimise runtime errata applications [17] 196984e65 fix(cpus): workaround for Cortex-X4 erratum 2923985 [18] [1] https://review.trustedfirmware.org/q/I981b22d3b37f1aa6e25ff1f35aa156fff9c30… [2] https://review.trustedfirmware.org/q/I51e40a7bc6b8871c53c40d1f341853b1fd7fd… [3] https://review.trustedfirmware.org/q/I9d5a07ca6b89b27d8876f4349eff2af26c962… [4] https://review.trustedfirmware.org/q/I378cb4978919cced03e7febc2ad431c572eac… [5] https://review.trustedfirmware.org/q/I9ed2590bf1215bf6a692f01dfd351e469ff07… [6] https://review.trustedfirmware.org/q/Ibe90313948102ece3469f2cfe3faccc7f4bee… [7] https://review.trustedfirmware.org/q/If66687add52d16f68ce54fe5433dd3b3f067e… [8] https://review.trustedfirmware.org/q/I10feea238600dcceaac7bb75a59db7913ca65… [9] https://review.trustedfirmware.org/q/I2b9dea78771cc159586a03ff563c0ec79591e… [10] https://review.trustedfirmware.org/q/I3124db3980f2786412369a010ca6abbbbaa3b… [11] https://review.trustedfirmware.org/q/I4e40388bef814481943b2459fe35dd7267c62… [12] https://review.trustedfirmware.org/q/Ieb8d7b122320d16bf8987a43dc683ca41227b… [13] https://review.trustedfirmware.org/q/I33ac653fcb45f687fe9ace1c76a3eb2000459… [14] https://review.trustedfirmware.org/q/Ia59452ea38c66b291790956d7f2880bfcd56d… [15] https://review.trustedfirmware.org/q/Ic71b163883ea624e9f2f77deb8b30c6961293… [16] https://review.trustedfirmware.org/q/If28804e154617a39d7d52c40b3a00a14a39df… [17] https://review.trustedfirmware.org/q/I02f9dd7d0619feb54c870938ea186be5e3a6c… [18] https://review.trustedfirmware.org/q/I9207802ad479919a7f77c1271019fa2479e07… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.10.11/change-log.html Thanks, TF-A LTS team

1 year

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Jan 9, 2025 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, No topic planned for this week. Regards, Olivier. " TF-A Tech Forum Thursday Jan 9, 2025 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year

1
0
0 0

Re: Linker errors with ENABLE_LTO and LD overriding

by Bollapalli, Maheedhar Sai

Hi, Adding further details: build command, error log and linker version. Build command : make -j12 CC=aarch64-none-elf-gcc LD=aarch64-none-elf-ld CROSS_COMPILE=aarch64-none-elf- PLAT=zynqmp RESET_TO_BL31=1 DEBUG=1 ZYNQMP_CONSOLE=dtb bl31 Error Log: usr/bin/aarch64-xilinx-elf/aarch64-xilinx-elf-ld.real: build/zynqmp/debug/bl31/bl31_entrypoint.o: in function `bl31_entrypoint': bl31/aarch64/bl31_entrypoint.S:79:(.text.asm.bl31_entrypoint+0x108): undefined reference to `bl31_setup' bl31/aarch64/bl31_entrypoint.S:93:(.text.asm.bl31_entrypoint+0x10c): undefined reference to `bl31_main' build/zynqmp/debug/bl31/cpu_data.o: in function `_cpu_data_by_index': lib/el3_runtime/aarch64/cpu_data.S:44:(.text.asm._cpu_data_by_index+0x8): undefined reference to `percpu_data' usr/bin/aarch64-xilinx-elf/aarch64-xilinx-elf-ld.real: lib/el3_runtime/aarch64/cpu_data.S:45:(.text.asm._cpu_data_by_index+0xc): undefined reference to `percpu_data' usr/bin/aarch64-xilinx-elf/aarch64-xilinx-elf-ld.real: build/zynqmp/debug/bl31/context.o: in function `el3_exit': arm-trusted-firmware$ aarch64-none-elf-ld --version GNU ld (GNU Binutils) 2.42.0.20240620 arm-trusted-firmware$ aarch64-none-elf-gcc --version aarch64-xilinx-elf-gcc.real (GCC) 13.3.0 Regards, Maheedhar.

1 year

3
4
0 0

Erratum 1530924 handling

by Bollapalli, Maheedhar Sai

Hi, On AMD-Xilinx ZynqMP platform there is a erratum (1530924) which is mentioned as applied as shown in the log below: " INFO: BL31: cortex_a53: CPU workaround for erratum 1530924 was applied " Refer to the code comments mentioned below, there is no "erratum has no workaround in the CPU. Generic code must take care " https://gitenterprise.xilinx.com/Linux/arm-trusted-firmware/blob/master/lib… However, we found no handling in the generic code either. Can we be guided further regarding the handling of erratum 1530924 ? Regards, Maheedhar.

1 year

2
2
0 0

Canceled event: TF-A Tech Forum @ Thu Dec 26, 2024 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled. TF-A Tech Forum Thursday Dec 26, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 1 month

1
0
0 0

Re: Query regarding the test coverage thru tf-a-tests

by Nagal, Amit

Hi , I am referring to the code coverage as below : https://ci-builds.trustedfirmware.org/static-files/htxSEy4sEOQXtuGetFtzHqAm… I see a lot of files from non plat code getting covered with code coverage . can somebody help me with further information : 1. Where are cputests related unit test scripts hosted for non plat files like bl31_main.c ? 2. can we use the unit test & code coverage infra for other platforms say AMD-Xilinx? 3. How is the code coverage achieved for assembly .S files like bl31_entrypoint.S ? Regards Amit From: Nagal, Amit Sent: Wednesday, December 11, 2024 1:23 PM To: Gyorgy Szing <Gyorgy.Szing(a)arm.com>; Mark Dykes <Mark.Dykes(a)arm.com>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com>; Olivier Deprez <Olivier.Deprez(a)arm.com>; tf-a-tests(a)lists.trustedfirmware.org; Joanna Farley <Joanna.Farley(a)arm.com> Cc: Jain, Ronak <ronak.jain(a)amd.com>; Simek, Michal <michal.simek(a)amd.com> Subject: RE: Query regarding the test coverage thru tf-a-tests Hi Everyone, I see very limited number of unit tests cpp files hosted at https://git.trustedfirmware.org/plugins/gitiles/TF-A/tf-a-unit-tests/+/refs… Do we have more unit tests implemented for TF-A and available publicly anywhere ? Regards Amit From: Gyorgy Szing <Gyorgy.Szing(a)arm.com<mailto:Gyorgy.Szing@arm.com>> Sent: Wednesday, November 20, 2024 2:44 PM To: Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com>>; Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org>; Joanna Farley <Joanna.Farley(a)arm.com<mailto:Joanna.Farley@arm.com>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com>> Subject: Re: Query regarding the test coverage thru tf-a-tests Hi Amit, “can this be utilized to perform unit testing for platforms other than fvp” Unit-tests executables are running on the “build host” which often is the X86 based PC of the developer (or a CI worker). UT is favoring low cost and sacrificing some level of test correctness. It assumes the compiled C code is fully portable and works the same on all platforms. Moreover, it focuses on C function correctness, and checks if a specific function works as designed. Verifying higher level operation is out of scope (e.g. function implements any feature correctly or is behaving correctly when called by other functions in the system). In turn the complexity of embedded development is removed (managing the target, updating the firmware, using a JTAG interface for debugging, etc…), and the resource constraints of the embedded target is not present. The code coverage executed on the fvp platform is a system test, it exercises the product on an emulated target. It verifies the correctness of the code as it executes like it will in a real-world scenario. This is a higher value test, but it is much more expensive in terms of time and complexity than UT. “Is c-picker tool available inside arm still as of now ?” No, it is public, although it is a bit hidden. It lives on the c-picker branch to the Trusted Services repository (see [1) Similarly, Firmware Test Builder lives on the fwtb branch (see 2). This branch is independent of TS code and contains only the two tools. We have plans to move each to dedicated repositories, but I don’t know when I will have the time to do this. (FWTB and c-picker was developed by my team (TS) and is used and maintained by both projects. Before the TS project was started, we were working on TF-A. I can help with the tools, but I am not familiar to TF-A specifics like, how the tools are integrated to TF-A or which parts of TF-A are covered by UT cases.) 1: https://review.trustedfirmware.org/plugins/gitiles/TS/trusted-services/+/re… 2: https://review.trustedfirmware.org/plugins/gitiles/TS/trusted-services/+/re… /George On 2024-11-20, 06:05, "Nagal, Amit via TF-A-Tests" <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org>> wrote: Hi Mark, From unit test prospective , I saw this document https://www.trustedfirmware.org/docs/TF-A-UnitLevelTesting.pdf. can this be utilized to perform unit testing for platforms other than fvp ? Is c-picker tool available inside arm still as of now ? Regards Amit From: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com>> Sent: Tuesday, October 29, 2024 9:20 PM To: Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org>; Joanna Farley <Joanna.Farley(a)arm.com<mailto:Joanna.Farley@arm.com>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com>> Subject: Re: Query regarding the test coverage thru tf-a-tests Amit, It appears I was incorrect in getting coverage outside of the flows we have internally. I apologize for the confusion... Mark ________________________________ From: Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>> Sent: Friday, October 25, 2024 12:07 AM To: Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>>; Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>> <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>>; Joanna Farley <Joanna.Farley(a)arm.com<mailto:Joanna.Farley@arm.com<mailto:Joanna.Farley@arm.com%3cmailto:Joanna.Farley@arm.com>>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: RE: Query regarding the test coverage thru tf-a-tests Hi @Mark Dykes<mailto:Mark.Dykes@arm.com> , Can you please share insights about how to get coverage information using manual tests run for FVP platform . That will help us to atleast get the coverage information for non platform code ( we are interested for bl31) . Regards Amit From: Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>> Sent: Tuesday, September 10, 2024 12:23 AM To: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>; joanna.farley(a)arm.com<mailto:joanna.farley@arm.com<mailto:joanna.farley@arm.com%3cmailto:joanna.farley@arm.com>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: RE: Query regarding the test coverage thru tf-a-tests Thank you Joanna and Mark, for your insights and response. I wasn’t aware that these tests are running on a Virtual Platform and that’s how the coverage is being measured. I’ll look into this further, decide how we want to integrate it into our project, and get back to you. I appreciate your help and support here. Best regards, Senthil From: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>> Sent: Wednesday, August 28, 2024 9:03 AM To: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: RE: Query regarding the test coverage thru tf-a-tests Caution: This message originated from an External Source. Use proper caution when opening attachments, clicking links, or responding. Senthil, I do have a way to get coverage for manual test runs using FVP if that helps. I can assist if needed…. Mark From: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>> Sent: Wednesday, August 28, 2024 12:53 AM To: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: Re: Query regarding the test coverage thru tf-a-tests Hi Senthil, * Is there a way to get code coverage for manual test runs? Sorry, I'm not aware of such capability. As you say code coverage implies use of CI scripting that isn't possible to reproduce locally out of the box (afaik). Regards, Olivier. ________________________________ From: Thangaraj, Senthil Nathan via TF-A-Tests <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>> Sent: 26 August 2024 23:58 To: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>> <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: [Tf-a-tests] Re: Query regarding the test coverage thru tf-a-tests Hi Mark and Oliver, A gentle reminder on the below request. Thanks, Senthil From: Thangaraj, Senthil Nathan Sent: Tuesday, August 20, 2024 3:44 PM To: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>; Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>> Cc: Jain, Ronak <ronak.jain(a)amd.com<mailto:ronak.jain@amd.com<mailto:ronak.jain@amd.com%3cmailto:ronak.jain@amd.com>>>; Nagal, Amit <amit.nagal(a)amd.com<mailto:amit.nagal@amd.com<mailto:amit.nagal@amd.com%3cmailto:amit.nagal@amd.com>>>; Simek, Michal <michal.simek(a)amd.com<mailto:michal.simek@amd.com<mailto:michal.simek@amd.com%3cmailto:michal.simek@amd.com>>> Subject: RE: Query regarding the test coverage thru tf-a-tests Thanks a lot Mark and Oliver for your inputs and pointers. All of these seem to be more closely integrated with the CI/CD builds. Is there a way to get code coverage for manual test runs? Specifically, I'm looking to get coverage results after loading and executing all the tests from a developer build (e.g., using a binary like tftf.bin). Best regards, Senthil From: Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>> Sent: Tuesday, August 20, 2024 3:16 PM To: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>>; tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>>> Subject: RE: Query regarding the test coverage thru tf-a-tests Caution: This message originated from an External Source. Use proper caution when opening attachments, clicking links, or responding. All, This link is more current. The overall coverage numbers are not being reported due to an issue that is being worked on now. However you can see the individual coverage metrics if you click on a particular config where is says "success". The next page will have the link "Build Artifacts" at the top and so click that to the next where you will see the directory "trace_report". Click this and you will see a list of contents one of which should be index.html. If you click this you will see the individual coverage report for that config(test). tf-a-ci-coverage-gateway #72 [Jenkins] (trustedfirmware.org)<https://ci.trustedfirmware.org/job/tf-a-ci-coverage-gateway/72/> Let me know if you have questions... Mark From: Olivier Deprez <Olivier.Deprez(a)arm.com<mailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com<mailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com%3cmailto:Olivier.Deprez@arm.com>>>> Sent: Tuesday, August 20, 2024 2:27 AM To: tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>>; Thangaraj, Senthil Nathan <SenthilNathan.Thangaraj(a)amd.com<mailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com<mailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com%3cmailto:SenthilNathan.Thangaraj@amd.com>>>>; Mark Dykes <Mark.Dykes(a)arm.com<mailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com<mailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com%3cmailto:Mark.Dykes@arm.com>>>> Subject: Re: Query regarding the test coverage thru tf-a-tests Hi, You can refer to this job showing code coverage results aggregation from multiple test configurations: https://ci.trustedfirmware.org/job/tf-a-ci-coverage-gateway/67/ https://ci-builds.trustedfirmware.org/static-files/IK1tucCNXFdhS4AAQth8N7zW… I don't think there is a test level granularity. @Mark Dykes<mailto:Mark.Dykes@arm.com> may know better. Regards, Olivier. ________________________________ From: Thangaraj, Senthil Nathan via TF-A-Tests <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>>> Sent: 20 August 2024 08:40 To: tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>> <tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>>> Subject: [Tf-a-tests] Query regarding the test coverage thru tf-a-tests Dear TF-A team, I have a query regarding the TF-A test. Specifically, I would like to know if there is a method to find out the code coverage for a specific test or for all the tests in current run? Your direction in this regard will be really appreciated. Thank you, Senthil -- TF-A-Tests mailing list -- tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>>> To unsubscribe send an email to tf-a-tests-leave(a)lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org%3cmailto:tf-a-tests-leave@lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org%3cmailto:tf-a-tests-leave@lists.trustedfirmware.org%3cmailto:tf-a-tests-leave@lists.trustedfirmware.org%3cmailto:tf-a-tests-leave@lists.trustedfirmware.org>>> -- TF-A-Tests mailing list -- tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org%3cmailto:tf-a-tests@lists.trustedfirmware.org>> To unsubscribe send an email to tf-a-tests-leave(a)lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org%3cmailto:tf-a-tests-leave@lists.trustedfirmware.org>> -- TF-A-Tests mailing list -- tf-a-tests(a)lists.trustedfirmware.org<mailto:tf-a-tests@lists.trustedfirmware.org> To unsubscribe send an email to tf-a-tests-leave(a)lists.trustedfirmware.org<mailto:tf-a-tests-leave@lists.trustedfirmware.org>

1 year, 1 month

2
4
0 0

Canceled event with note: TF-A Tech Forum @ Thu Dec 12, 2024 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling as no topic proposed. Regards, Olivier. " TF-A Tech Forum Thursday Dec 12, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 1 month

1
0
0 0

Unable to merge gerrit#33536

by Amarinder Singh Sethi (QUIC)

Hi, I recently uploaded the patch (https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/33536) to add qti platform support for qcs615. The patch is fully isolated and doesn't touch any common code and doesn't get included in any other platform compilation. On enabling basic CI, I see some failures which are unrelated to my patch. I wonder what the next step should be. If somebody can help me, it will be greatly appreciated. Thanks Amarinder

1 year, 1 month

2
2
0 0

Trusted Firmware-A LTS v2.8.26 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.8.26 is now available. This release contains the following patches: a449c1360 build(npm): bump word-wrap from 1.2.3 to 1.2.4 [1] ceb400895 build(npm): update Node.js and all packages [2] 0abe5d571 build(deps): bump braces [3] 3de9d3abd chore(deps): bump micromatch [4] [1] https://review.trustedfirmware.org/q/I9a383e6d6ae907858028980eadccfa2070f42… [2] https://review.trustedfirmware.org/q/[1, "always", "Change-Id:"], /* Warning */ [3] https://review.trustedfirmware.org/q/I7e2a543a3bc67d426a69fc25f93b878c9b5a3… [4] https://review.trustedfirmware.org/q/I783a6838616c570a41a5a0f58db3e6430c43c… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.26/change-log.html Thanks, TF-A LTS team

1 year, 1 month

1
0
0 0

Trusted Firmware-A LTS v2.10.10 Release Announcement

by ci_notify＠trustedfirmware.org

Hello, Trusted Firmware-A LTS version 2.10.10 is now available. This release contains the following patches: 3ea256c36 build(deps): bump pip from 23.1.2 to 23.3 [1] f8a06a0f8 build(deps): bump urllib3 from 2.0.2 to 2.2.2 [2] 93ad43e79 build(deps): bump jinja2 from 3.1.2 to 3.1.4 [3] ebf6430a0 build(deps): bump idna from 3.4 to 3.7 [4] c5d2a030a build(deps): bump braces [5] 6c6e986bf build(npm): update Node.js and all packages [6] 395ef3534 chore(deps): bump micromatch [7] c9f3fb582 build(deps): bump setuptools in the pip group across 1 directory [8] [1] https://review.trustedfirmware.org/q/I40b0219fe5e6797fc2a2534d8ea8c9480af36… [2] https://review.trustedfirmware.org/q/I4f3a1ffe0cf374f433ac59b20b7d60ee77009… [3] https://review.trustedfirmware.org/q/I69248b2c17f8edfe7dfd27952aae688e7d424… [4] https://review.trustedfirmware.org/q/I78f5052e20572d92f1bc21213bb29b5549f34… [5] https://review.trustedfirmware.org/q/I7e2a543a3bc67d426a69fc25f93b878c9b5a3… [6] https://review.trustedfirmware.org/q/[1, "always", "Change-Id:"], /* Warning */ [7] https://review.trustedfirmware.org/q/I783a6838616c570a41a5a0f58db3e6430c43c… [8] https://review.trustedfirmware.org/q/Ibd4e4730bfc5cce8d85ec55021983d6f748ff… Alternatively, Change Log is available in the documentation section: https://trustedfirmware-a.readthedocs.io/en/lts-v2.10.10/change-log.html Thanks, TF-A LTS team

1 year, 1 month

1
0
0 0

Firmware-A v2.12 release follow up - shrinkwrap

by Olivier Deprez

Hi, As a follow up to the Firmware-A v2.12 release [1], we are pleased to share the shrinkwrap tool [2] configurations have been updated to consume latest firmware/upstream ingredients using following tags: TF-A: v2.12.0 TF-a-tests: v2.12.0 Hafnium: v2.12.0 TF-RMM: tf-rmm-v0.6.0 CCA EDK2: 3223_arm_cca_rmm_v1.0_rel0_v3 linux: cca-full/v5+v7 kvmtool: cca/v3 An additional merge request is in queue for kvm-unit-tests update to cca/rmm-v1.0-rel0 tag. Shrinkwrap is a convenient tool for building a fully integrated Arm CCA SW stack running on the Base AEM FVP platform. In particular this is the tool of choice for RMM development to reproduce a 3 or 4 worlds RME based environment. Regards, Olivier. [1] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.… [2] https://shrinkwrap.docs.arm.com/en/latest/

1 year, 1 month

1
0
0 0

Re: Interaction with TF-a from NS World

by Tamas Ban

Hi Max, > Can we say this presentation (2022) is there and ready to use? Yes, there are multiple measured boot and attestation schemes are implemented in TF-A and Trusted Services. What to use is depends on your use case and your system capability: - A class core only - A+M system where the M core is in a secure enclave > By the way, you mentioned that attestation is not handled in TF-a (EL3), but the below EL3 handler handles it (RMM_ATTEST_GET_PLAT_TOKEN). Does it just send the request to the "Trusted Service" you were referencing? No, they are different. The available options/schemes: * -If you have a single A class core and you want something similar to psa_initial_attest_get_token() then read this: https://trusted-services.readthedocs.io/en/latest/services/attest-service-d… Here the token is created by a secure service running in SEL0/1. EL3 only responsible for making the world switch (S<->NS). This is callable from Linux user space, with the libs and kernel driver pointed out by George. * What you mentioned above (RMM_ATTEST_GET_PLAT_TOKEN) is basically the CCA attestation scheme, where there are two halves tokens. It is targeting the RME capable systems which otherwise have A+M cores. One half of the token is produced by the M class secure enclave(HES) the other half by the RMM running in REL2 on the A core. There is a hash link between the half tokens. Please elaborate your use case then I can help more! Regards, Tamas From: Gyorgy Szing <Gyorgy.Szing(a)arm.com> Sent: Monday, December 2, 2024 11:43 AM To: Max Adam <maxadamcamb(a)gmail.com>; Tamas Ban <Tamas.Ban(a)arm.com> Subject: Re: [TF-A] Interaction with TF-a from NS World Hi, "By the way, you mentioned that attestation is not handled in TF-a (EL3)," Sorry, my bad. Since you mentioned PSA I got the impression you are after PSA Initial Attestation, and that is out of scope for TF-A. Tamas: Can you please respond to the RMM related attestation question? /George On 2024-12-02, 11:38, "Max Adam" <maxadamcamb(a)gmail.com<mailto:maxadamcamb@gmail.com>> wrote: Hi Gyorgy, Thank you for the detailed comment. It is really helpful, especially this link seems good to chase: https://git.yoctoproject.org/meta-arm/about/documentation/trusted-services.… Basically, I was following this link from @Tamas.ban@arm.com<mailto:Tamas.ban@arm.com>; "CCA attestation and measured both" https://www.trustedfirmware.org/docs/Attestation_and_Measured_Boot.pdf Can we say this presentation (2022) is there and ready to use? By the way, you mentioned that attestation is not handled in TF-a (EL3), but the below EL3 handler handles it (RMM_ATTEST_GET_PLAT_TOKEN). Does it just send the request to the "Trusted Service" you were referencing? Error! Filename not specified. Gyorgy Szing <Gyorgy.Szing(a)arm.com<mailto:Gyorgy.Szing@arm.com>>, 2 Ara 2024 Pzt, 09:29 tarihinde şunu yazdı: Hi Max, Please check this picture [1]. It shows the exception levels on an aarch64 platforms, and typical components executing at each exception level. TF-A is a Secure Monitor implementation. It is the most privileged component, and its main goal is to route calls between the NWd and SWd. Each call to SWd must go through this component. E.g. if an "aarch64 App" wishes to use a service provided by a Trusted Service, a call has to be made into EL1 (e.g. Linux Kernel), then if a Hypervisor is present to EL2, then to the Monitor at EL3 (TF-A), then to optional S-EL2 (e.g. Hafnium), S-EL1 (e.g. OP_TEE) and finally to S-EL0. TF-A does not implement the PSA APIs. OP-TEE is a Trusted OS, and a reference implementation of the Global Platforms standards [2]. PSA is not part of GP, and AFAIK there is no TA implementing PSA APIs. The PSA reference implementation for Cortex-A is developed in the Trusted Services project. The project implements all services required for PSA certification (Crypto, ITS, PS, Attestation) plus a few non-psa ones like Firmware Update Service or UEFI Variable service. We developed a Linux kernel driver called tstee (up-stream since v6.10) , and two shared libraries which can be used by linux user-space applications to access the services. Libts implements service discovery and the TS RPC components, and "libtspsa" carries easy to use PSA client implementations (basically the C PSA API). Trusted Services follows the Firmware Framework for A-Profile standard (FF-A) which defines a protocol to be used between exception levels and a runtime model. PSA services are deployed to S-EL0 Secure Partitions and need a Secure Partition Manager implementation executing at a higher exception levels. The reference SPMD implementation is part of the TF-A project, the S-EL2 reference SPMC is Hafnium [5], and the S-EL1 reference implementation is OP-TEE SPMC [6]. (Only one SPMC implementation can be present on a system.) A major difference between the Cortex-M and the Cortex-A ecosystem is the level of diversity. While a Cortex-M stack is typically implemented using components from one or maximum a few stakeholders, a Cortex-A stack is built from components owned by a vast set of owners. As a result, integration of a Cortex-A software stack is much more complex. There are multiple integration systems targeting the problem like Buildroot and Yocto. Trusted Services supports two integration systems currently. The OP-TEE integration system, which is a gnumake and Buildroot based solution (see [7]) and Yocto where the meta-arm layer [8] hosts TS recipes. Please find some TS specific meta-arm documentation here: [9] For more help and information, about PSA on Cortex-A and TS feel free to drop an email to the TS mailing list [10], and/or to me. /George 1: https://documentation-service.arm.com/static/63a065c41d698c4dc521cb1b 2: https://globalplatform.org/about-globalplatform/ 3: https://trusted-services.readthedocs.io/en/stable/overview/index.html 4: https://developer.arm.com/architectures/Firmware%20Framework%20for%20A-Prof… 5: https://hafnium.readthedocs.io/en/latest/secure-partition-manager/index.html 6: https://optee.readthedocs.io/en/latest/architecture/spmc.html 7: https://github.com/OP-TEE/build 8: https://git.yoctoproject.org/meta-arm 9: https://git.yoctoproject.org/meta-arm/about/documentation/trusted-services.… 10: https://lists.trustedfirmware.org/mailman3/lists/trusted-services.lists.tru… On 2024-12-01, 21:14, "Max Adam via TF-A" <tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org>> wrote: Hello All, I am coming from the TF-m domain, and now I am struggling with TF-a as I am not a Linux expert. I am just looking for the interactions with TF-a, such as getting psa attestation token etc. How can I find example these interactions from NS World (Linux) or lower privilege Secure World Executions such as OP-TEE or OP-TEE TAs? I suppose there shall be drivers and APIs provided by TF-a? Thanks Max

1 year, 1 month

3
3
0 0

Interaction with TF-a from NS World

by Max Adam

Hello All, I am coming from the TF-m domain, and now I am struggling with TF-a as I am not a Linux expert. I am just looking for the interactions with TF-a, such as getting psa attestation token etc. How can I find example these interactions from NS World (Linux) or lower privilege Secure World Executions such as OP-TEE or OP-TEE TAs? I suppose there shall be drivers and APIs provided by TF-a? Thanks Max

1 year, 1 month

2
1
0 0

Addition of mbedTLS as a submodule dependency to TF-A-Tests

by Soby Mathew

Hi Everyone, In order to facilitate development for Device Assignment tests for RME-DA, we have added MbedTLS repo as a submodule dependency to tf-a-tests. The merge commit can be found here : https://review.trustedfirmware.org/plugins/gitiles/TF-A/tf-a-tests/+/3e72cd… The patch is done in such a way that existing build of TF-A-Tests or Test run is not affected due to the additional dependency. Only tests which depend on MbedTLS will be affected in that they will either be skipped or fail at runtime due to the missing dependency. Also, the change allows to use the config `MBEDTLS_DIR` to point to a MbedTLS directory outside the tf-a-tests source tree. This aligns with the TF-A mechanism for MbedTLS dependancy in case the submodule mechanism is not preferred. We expect existing CI and testing infrastructure to be unaffected by this change. Please let us know if you have any comments. Best Regards Soby Mathew

1 year, 1 month

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

TF-A