- TF-A - lists.trustedfirmware.org

All if...else if constructs shall be terminated with an else statement.

by Nithin G

Hello, In the file /lib/el3_runtime/aarch64/context_mgmt.c. getting misra_c_2012_rule_15_7_violation: No non-empty terminating "else" statement. during the Coverity MISRA-C analysis. void cm_prepare_el3_exit(uint32_t security_state) { u_register_t sctlr_elx, scr_el3, mdcr_el2; if (security_state == NON_SECURE) { scr_el3 = read_ctx_reg(get_el3state_ctx(ctx), CTX_SCR_EL3); misra_c_2012_rule_15_7_violation: No non-empty terminating "else" statement. if ((scr_el3 & SCR_HCE_BIT) != 0U) { ... ... ... write_sctlr_el2(sctlr_elx); } else if (el_implemented(2) != EL_IMPL_NONE) { el2_unused = true; ... ... ... write_cnthp_ctl_el2(CNTHP_CTL_RESET_VAL & ~(CNTHP_CTL_ENABLE_BIT)); } manage_extensions_nonsecure(el2_unused, ctx); } cm_el1_sysregs_context_restore(security_state); cm_set_next_eret_context(security_state); } Resolution: added empty else statement to resolve the issue. diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c index 8e6bfc5..8996746 100644 --- a/lib/el3_runtime/aarch64/context_mgmt.c +++ b/lib/el3_runtime/aarch64/context_mgmt.c @@ -789,6 +789,8 @@ void cm_prepare_el3_exit(uint32_t security_state) */ write_cnthp_ctl_el2(CNTHP_CTL_RESET_VAL & ~(CNTHP_CTL_ENABLE_BIT)); + } else { + /* To fix the MISRA 15.7 warning - Added an empty else statement */ } manage_extensions_nonsecure(el2_unused, ctx); } -- Is it possible to add an empty else statement in this code? Please suggest. Regards, Nithin G

1 year, 3 months

2
1
0 0

Fw: Trusted Firmware-A LTS v2.8.15 Release Announcement

by Yann GAUTIER - foss

Hello, Trusted Firmware-A LTS version 2.8.15 is now available. This release contains the following patches. 7185d051b fix(docs): add few missed links for Security Advisories [1] 10d738975 docs(security): security advisory for CVE-2023-49100 [2] fc08e1bc4 fix(cpus): workaround for Cortex X3 erratum 2743088 [3] 70bd2640b fix(cpus): workaround for Cortex-X3 erratum 2302506 [4] eadc24b6b fix(cpus): workaround for Cortex-X3 erratum 2266875 [5] 560f14075 fix(cpus): workaround for Cortex-A78C erratum 2683027 [6] bdb731568 docs(changelog): changelog for lts-v2.8.15 release [7] [1] https://review.trustedfirmware.org/q/I9cab72b70a518273cbb1a291142f452198427… [2] https://review.trustedfirmware.org/q/I13fa93a65e5017dae6c837e88cd80bda72d4c… [3] https://review.trustedfirmware.org/q/I2c8577e3ca0781af8b1c3912e577d3bd77f92… [4] https://review.trustedfirmware.org/q/I048b830867915b88afa36582c6da05734a56d… [5] https://review.trustedfirmware.org/q/I9c610777e222f57f520d223bb03fc5ad05af1… [6] https://review.trustedfirmware.org/q/I2bf9e675f48b62b4cd203100f7df40f4846aa… [7] https://review.trustedfirmware.org/q/Ibb920e90a6f44a858b9f4709dbeb22e22ab86… Thanks, TF-A LTS team

1 year, 3 months

1
0
0 0

New ticketing system

by Sandrine Bailleux

Hi all, As you might have heard, developer.trustedfirmware.org is getting deprecated. TF-A project used to make (little) use of its issues tracker at [1]. In replacement, we suggest switching to the issues tracker associated with TF-A Github mirror at [2]. Similarly, for TF-A Tests and TF-A CI scripts repositories, we've now got Github mirrors for these projects as well and associated issues trackers at [3] and [4], which we'd like to start using. If you've opened tickets on developer.trustedfirmware.org in the past, could you please migrate them to Github? We might review the tickets list at some point and migrate remaining ones but your help would be much appreciated! TF-A and TF-A tests documentation are in the process of being updated (see [5] and [6]) to refer to the new ticketing system. Best regards, Sandrine [1] https://developer.trustedfirmware.org/project/board/1/ [2] https://github.com/TrustedFirmware-A/trusted-firmware-a/issues [3] https://github.com/TrustedFirmware-A/tf-a-tests/issues [4] https://github.com/TrustedFirmware-A/tf-a-ci-scripts/issues [5] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/26168 [6] https://review.trustedfirmware.org/c/TF-A/tf-a-tests/+/26169

1 year, 3 months

1
0
0 0

Deprecating CTX_INCLUDE_MTE_REGS build option.

by Govindraj Raja

Hi All, Please note build option CTX_INCLUDE_MTE_REGS is now replaced with ENABLE_FEAT_MTE[1] To avoid breaking any builds for timebeing CTX_INCLUDE_MTE_REGS usage will indirectly enable ENABLE_FEAT_MTE but will produce a build warning. Kindly request anyone using CTX_INCLUDE_MTE_REGS to replace with ENABLE_FEAT_MTE As option CTX_INCLUDE_MTE_REGS backward support will be removed after next release and going forward usage of CTX_INCLUDE_MTE_REGS will not be handled within build. -- Thanks, Govindraj R [1]: https://review.trustedfirmware.org/q/topic:%22gr/refac_mte%22

1 year, 3 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Jan 25, 2024 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, No topic proposed, cancelling. Thanks, Olivier. " TF-A Tech Forum Thursday Jan 25, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 3 months

1
0
0 0

Should strscpy() be preferred over strlcpy()?

by Sandrine Bailleux

Hi, Right now, TF-A coding guidelines advocate the use of strlcpy() over strcpy()/strncpy() (see the banned libc functions [1]) for the following reasons: - strlcpy() always null-terminates the destination string, even if it gets truncated. This is safer and less error-prone than leaving it unterminated like strncpy() does in this case. - With strlcpy(), it is possible to detect whether the string was truncated. This is useful in some use cases. - strlcpy() writes a single null-terminating byte into the destination string, whereas strncpy() wastes time writing multiple null-terminating bytes until it fills the destination string. Thus, strlcpy() is more efficient in the case where the source string is shorter than the destination one. There exists another string copy variant: strscpy(). Just like strlcpy(), it is not part of the C standard but most libc implementations provide it. strscpy() has the following advantages over strlcpy(): - strscpy() only reads the specified number of bytes from the source string, whereas strlcpy() reads all of its bytes until it finds a null-terminating byte (this is because it needs to return this information). This opens up a potential security risk if the source string is untrusted and controlled by an attacker, as we might end up reading a lot of memory if proper safeguards are not put in place on the source string prior to calling strlcpy(). Also it causes a performance penalty for reading "useless" bytes from the source string. - Checking for truncation is easier and less error-prone with strscpy() : strscpy() returns an error code (-E2BIG) in case of truncation, whereas strlcpy() requires comparing the return value with the destination string size. For these reasons, it seems to me we should prefer strscpy() over strlcpy() in TF-A code base. Any thoughts? Note that the Linux kernel coding style already goes in that direction. The coding style verification script (checkpatch.pl), which TF-A reuses, will print the following warning message if strlcpy() is used: WARNING: Prefer strscpy over strlcpy - see: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmk… This got flagged by the OpenCI into some TF-A code review already [2]. If we decide that strlcpy() is fine for TF-A codebase in the end, we'll at least need to find a way to silence this checkpatch.pl warning. AFAICS there is already a switch to this effect so it should just be a matter of adding '--ignore STRLCPY' inside .checkpatch.conf file. Best regards, Sandrine [1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guideline…) [2] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/25551

1 year, 3 months

1
0
0 0

Declaration uses a different parameter type than the function Definition.

by Nithin G

Hello, In the file /plat/xilinx/zynqmp/aarch64/zynqmp_common.c, there is a function named plat_get_syscnt_freq2 with its definition. Simultaneously, the declaration of this function is included in include/plat/common/platform.h with the name plat_get_syscnt_freq2 and a different parameter type, leading to a violation when running the Coverity MISRA-C analysis for the Zynqmp platform. Declaration uses a different parameter type than the function Definition. Addressing this issue by introducing a typedef for plat_get_syscnt_freq2 in platform.h and specifying its type as uint32_t resolves the violation. However, it introduces a challenge for other platforms, as this modification necessitates similar changes across various platforms, causing violations in those areas due to the adjusted typedef. Is it possible to fix with the typedef? Please suggest. Regards, Nithin

1 year, 3 months

3
5
0 0

A project should not contain unused tag declarations.

by Nithin G

Hello, In the file /bl31/interrupt_mgmt.c and /include/drivers/arm/gicv2.h and other files getting misra_c_2012_rule_2_4_violation: Type has tag "intr_type_desc" but that tag is never used. during the Coverity MISRA-C analysis. typedef struct intr_type_desc { interrupt_type_handler_t handler; u_register_t scr_el3[2]; uint32_t flags; } intr_type_desc_t; Resolution: Removed the intr_type_desc variable as it declared it's typedef intr_type_desc_t. typedef struct { interrupt_type_handler_t handler; u_register_t scr_el3[2]; uint32_t flags; } intr_type_desc_t; Is It possible to remove the intr_type_desc variable since it is typedef. Please suggest? Regards, Nithin

1 year, 4 months

3
2
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 414009: (RETURN_LOCAL) /services/std_svc/spm/el3_spmc/spmc_main.c: 1530 in spmc_ffa_console_log() /services/std_svc/spm/el3_spmc/spmc_main.c: 1530 in spmc_ffa_console_log() ________________________________________________________________________________________________________ *** CID 414009: (RETURN_LOCAL) /services/std_svc/spm/el3_spmc/spmc_main.c: 1530 in spmc_ffa_console_log() 1524 } 1525 1526 if ((chars_count == 0) || (chars_count > chars_max)) { 1527 return spmc_ffa_error_return(handle, FFA_ERROR_INVALID_PARAMETER); 1528 } 1529 >>> CID 414009: (RETURN_LOCAL) >>> Using "chars", which points to an out-of-scope variable "registers". 1530 for (size_t i = 0; (i < chars_count) && (chars[i] != '\0'); i++) { 1531 putchar(chars[i]); 1532 } 1533 1534 SMC_RET1(handle, FFA_SUCCESS_SMC32); 1535 } /services/std_svc/spm/el3_spmc/spmc_main.c: 1530 in spmc_ffa_console_log() 1524 } 1525 1526 if ((chars_count == 0) || (chars_count > chars_max)) { 1527 return spmc_ffa_error_return(handle, FFA_ERROR_INVALID_PARAMETER); 1528 } 1529 >>> CID 414009: (RETURN_LOCAL) >>> Using "chars", which points to an out-of-scope variable "registers". 1530 for (size_t i = 0; (i < chars_count) && (chars[i] != '\0'); i++) { 1531 putchar(chars[i]); 1532 } 1533 1534 SMC_RET1(handle, FFA_SUCCESS_SMC32); 1535 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 year, 4 months

1
0
0 0

PSCI patches fail TF-A-tests on 2 platform configs

by Yann Gautier

Hi, Patrick has sent 2 correction patches for PSCI stack in OSI mode there: https://review.trustedfirmware.org/q/topic:%22fix_psci_osi%22 But when running CI+2, there are 2 platforms for which 2 PSCI OSI tests are failing: fvp-ext-pstate-ea-el3|fvp-default|fvp-tftf-fip.tftf-cortexa57x4a53x4-debug fvp-ext-pstate-ea-el3|fvp-default|fvp-tftf-fip.tftf-aemv8a-debug I'm not familiar with those test configs, but when checking lava logs, I see those traces for failing tests: 2024-01-11T14:21:59 > Executing 'CPU suspend to powerdown at level 1 in OSI mode' 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Booting 2024-01-11T14:21:59 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:21:59 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Going into suspend state 2024-01-11T14:22:00 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 TEST COMPLETE Failed 2024-01-11T14:22:03 Wrong value: expected 0, got -3 2024-01-11T14:22:03 > Executing 'CPU suspend to powerdown at level 2 in OSI mode' 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Booting 2024-01-11T14:22:03 INFO: Registered IRQ handler 0x8801b274 for IRQ #7 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Going into suspend state 2024-01-11T14:22:03 INFO: Saving system context 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Unregistered IRQ handler for IRQ #7 2024-01-11T14:22:03 INFO: Powering off 2024-01-11T14:22:03 INFO: Restoring system context 2024-01-11T14:22:03 INFO: Resumed from suspend state 2024-01-11T14:22:03 TEST COMPLETE Failed 2024-01-11T14:22:03 Wrong value: expected 0, got -3 The "Resumed from suspend state" message interleaved with "Going into suspend state" seem strange, but I cannot say what could be wrong there. Maybe there is something wrong with the TF-A patches? Or the platforms tests or configs need to be updated? If you have any clue that would be very helpful! Thanks, Yann

1 year, 4 months

2
1
0 0

Cache Maintenance For SiP buffers

by Ahmad Fatoum

Hi, I was looking at imx_hab_handler, which forwards calls into the BootROM on i.MX SoCs in response to secure monitor calls. The BootROM call (and thus the SiP call) accepts two pointers as arguments, where it writes data. The plat/imx/imx8m/imx8m*/imx8m*_bl31_setup.c files map the RAM as MT_MEMORY | MT_RW, which would mean that not only is it writable from TF-A side, but it's also mapped cacheable. I see no explicit cache maintenance in the i.MX SiP code for these two pointer arguments and haven't been successful to find where in TF-A core code if at all, complete D-Cache is flushed on SMC exit. Therefore I ask: - Don't shared non-secure memory buffers between EL3 and lower EL require explicit cache maintenance? - Did I miss the place where this cache maintenance is done? - How did it work so far? barebox does explicit flushing before HAB SiP, invalidation after. U-Boot doesn't do cache maintenance. Both apparently work... Thanks, Ahmad --- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |

1 year, 4 months

3
11
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 413966: Uninitialized variables (UNINIT) /plat/qemu/qemu_sbsa/sbsa_sip_svc.c: 113 in read_cpuinfo_from_dt() ________________________________________________________________________________________________________ *** CID 413966: Uninitialized variables (UNINIT) /plat/qemu/qemu_sbsa/sbsa_sip_svc.c: 113 in read_cpuinfo_from_dt() 107 108 if (fdt_getprop(dtb, node, "numa-node-id", NULL)) { 109 fdt_read_uint32(dtb, node, "numa-node-id", &nodeid); 110 } 111 112 dynamic_platform_info.cpu[cpu].nodeid = nodeid; >>> CID 413966: Uninitialized variables (UNINIT) >>> Using uninitialized value "mpidr". 113 dynamic_platform_info.cpu[cpu].mpidr = mpidr; 114 115 INFO("CPU %d: node-id: %d, mpidr: %ld\n", cpu, nodeid, mpidr); 116 117 cpu++; 118 ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P…

1 year, 4 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Jan 11, 2024 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling as no topic proposed. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Jan 11, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 4 months

1
0
0 0

Violations MISRA_15.1 and 15.5 when running the Coverity MISRA-C analysis.

by Nithin G

1. misra_c_2012_rule_15_1_violation: Using "goto" statement. In the file common/bl_common.c and other related files, getting misra_c_2012_rule_15_1_violation: Using "goto" statement. during the Coverity MISRA-C analysis. if (...) { goto exit; } exit: some operation Resolution: goto statement is replaced with exit_func() and new variable is introduced to store the return value of exit_func(). exit_func() some operation int ret; if (...) { ret = return value of exit func() } return ret; Is it possible to fix MISRA 15.1 like this in open source? Please suggest. 2. misra_c_2012_rule_15_5_violation: This return statement is not the final statement in the compound statement that forms the body of the function. In the file common/bl_common.c, lib/xlat_tables/aarch64/xlat_tables.c and other related files, getting misra_c_2012_rule_15_5_violation: This return statement is not the final statement in the compound statement that forms the body of the function. during the Coverity MISRA-C analysis. if (...) { return <something> } if (...) { return <something> } return; Resolution: Taken new variable and assign the return result to new variable and calling only one return statement in end of the function. int result; if (...) { result = <something> } else { if (...) { result = <something> } } return result; Is it possible to fix MISRA 15.5 like this in open source? Please suggest. Thanks & Regards, Nithin G

1 year, 4 months

2
3
0 0

Trusted Firmware-A LTS v2.8.14 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.14 is now available. This release introduces errata workarounds for Cortex-A520, Cortex-A710, and Neoverse X2 CPUs. The complete list of changes can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.14/change-log.html>. Thanks.

1 year, 4 months

1
0
0 0

Minor updates to the tf.org project maintenance

by Sandrine Bailleux

Hello TF-A and TF-M communities, I've done 2 minor updates to the generic tf.org project maintenance process, which TF-A and TF-M both use. Please see the pull request here: https://github.com/TrustedFirmware/tf_docs/pull/1 Please provide your feedback on the pull request, if any. Happy end-of-year celebrations to all! Best regards, Sandrine

1 year, 4 months

1
0
0 0

Stack usage details with armclang TF-A build

by mail2diggi＠gmail.com

Dear all, we want analyze stack usage details when we build TF-A for armclang compiler but we are not able generate stack usage details. sorry for long thread and question please go through and suggest way forward to perform stack analysis with TF-A armclang build. as per https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… (section 2.3) when CC is set to armclang, GCC linker is used default (since the TF-A build system doesn’t currently support Arm Scatter files) So when we try to generate stack usage details we will not be able to use GCC -fstack-usage and -fdump-ipa-calgraph since CC is set to armclang and these flags will be un-recognized. Since we are building this for armclang we attempted to use following armlinker flags along with -g compiler flag (refer link:https://developer.arm.com/documentation/100748/0607/writing-optimized-…). --info=stack, --calgrapth, --calgraph_output=text But we end up with unrecognized options error for --info=stack, --calgrapth, --calgraph_output=text This error occurs because GCC linker is used default as per above link section 2.3 (since the TF-A build system doesn’t currently support Arm Scatter files) So we end up with not having stack usage details generated. Q1: Any suggestion to generate stack usage when CC=armclang and GCC linker is used by default. Q2: if we attempt to change LD with armlink we will end up with "Fatal error: L6031U: Could not open scatter description file." https://trustedfirmware-a.readthedocs.io/en/latest/getting_started/initial-… section 2.3 suggest that "that the default linker may be manually overridden using the LD variable" can you please let us know how to override LD with armlinker without getting scatter issue. Using: armclang 6.6.2 version. Thank you Shivakumar Diggi

1 year, 5 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Dec 14, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling the TF-A Tech Forum as no topic planned. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Dec 14, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 5 months

1
0
0 0

Function parameter should not be modified.

by Nithin G

Hello, In the file common/bl_common.c and other related files, there are instances where function parameters are being modified. This leads to violations when running the Coverity MISRA-C analysis for the ZynqMP platform. To address this issue a new variable is declared and used to store the value from the argument in the code. Is it possible to fix by taking a new variable? Please provide your suggestions. Regards, Nithin G

1 year, 5 months

2
1
0 0

The condition clause of the for loop does not use the loop counter variable.

by Nithin G

Hello, In the file lib/xlat_tables/xlat_tables_common.c and other related files, the condition clause of the for loop does not use the loop counter variable "mm". This leads to violations when running the Coverity MISRA-C analysis for the ZynqMP platform. Addressing this issue added mm as part of loop counter and this belongs to core translational table logic and other violations also related to this. Is it possible to address this issue? Please provide your suggestions. Regards, Nithin G

1 year, 5 months

2
1
0 0

Trusted Firmware-A LTS v2.8.13 Release Announcement

by Varun Wadekar

Hello, Trusted Firmware-A LTS version 2.8.13 is now available. This release introduces workarounds for new CPU errata for Cortex-A78C, Cortex-X3, and Neoverse V1/V2. It also adds support for the SLS mitigation. The complete list of changes can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.13/change-log.html>. Thanks.

1 year, 5 months

1
0
0 0

Function bl31_lib_init() has external linkage but is only used in one translation unit.

by Nithin G

Hello, In the file bl31/bl31_main.c, there is a function named bl31_lib_init with its definition. Simultaneously, the declaration of this function is included in include/bl31/bl31.h since the function bl31_lib_init used only in one translational unit. leading to a violation when running the Coverity MISRA-C analysis for the ZynqMP. Addressing this issue need to remove the declaration of the function from the bl31.h file and making its definition static. To maintain visibility, included a static declaration in the bl31_main.c file. However, it will may impact in future modifications due to the removal of the declaration in bl31.h. Please provide your suggestions. Regards, Nithin

1 year, 5 months

2
2
0 0

Experimental rust-spmc project release

by Imre Kis

Dear All, We would like to announce that we have published an experimental project called rust-spmc which is a S-EL1 FF-A Secure Partition Manager Core implementation in Rust. We started this as a free time project and now we had the opportunity to publish it on trustedfirmware.org. In its current state it has a partial implementation of the FF-A protocol, and it is able to run the secure partitions of Trusted Services with all tests passing on Arm FVP. It also provides the required compartmentalization between the S-EL0 secure partitions. Please note that the project is experimental (i.e. PoC, not suitable for production) and it is currently not scheduled by Arm for further development. The Rust language is an ideal language for implementing firmware components given its lack of undefined behavior and its memory safety guarantees. Our goal was to demonstrate the capabilities of language in a security critical firmware environment and to gather feedback from partners which could open up the possibility of further development of the project. The repository is available here: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/ We also prepared a readme with instructions for testing the project: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/about/ Please reach out to us if you are interested in the project or if you have any questions. Regards, Bálint Dobszay & Imre Kis

1 year, 5 months

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Nov 30, 2023 5pm - 6pm (CET) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling the TF-A Tech Forum as no topic. Thanks & Regards, Olivier. " TF-A Tech Forum Thursday Nov 30, 2023 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr… Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location        +1 646 558 8656 US (New York)        +1 669 900 9128 US (San Jose)        877 853 5247 US Toll-free        888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h   Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year, 5 months

1
0
0 0

rk3328: WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing!

by Diederik de Haas

When booting my Pine64 Rock64 (rk3328), I see the following warning: WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing! That warning is present in u-boot 2023.01 and also in 2023.07. Asking on their IRC channel and they indicated it should be fixed in TF-A. In the source code I saw various commits which all seem a variation of 74665119f04de0cd7c735fa741aff607a4a9fde8 titled "Enable workaround for Cortex-A53 erratum 1530924" But such a commit seems to be missing for the rk3328 platform. I guess a patch like this is needed to fix that? ```patch diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/ platform.mk index 5b4766d51..bd86a1cc8 100644 --- a/plat/rockchip/rk3328/platform.mk +++ b/plat/rockchip/rk3328/platform.mk @@ -65,6 +65,7 @@ include lib/libfdt/libfdt.mk # Enable workarounds for selected Cortex-A53 errata ERRATA_A53_855873 := 1 +ERRATA_A53_1530924 := 1 $(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT)) $(eval $(call add_define,PLAT_SKIP_OPTEE_S_EL1_INT_REGISTER)) ``` The Contributor’s Guide indicates that it requires a Microsoft Github account, so I opted to post a patch to this list. Cheers, Diederik PS: https://developer.trustedfirmware.org/ seems to be full of spam; you may want to look into that.

1 year, 5 months

2
4
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A