- TF-A - lists.trustedfirmware.org

by Nagal, Amit

Hi, Referring https://github.com/ARM-software/arm-trusted-firmware/blob/master/lib/cpus/a… Software cache maintenance is done till L3 . Referring https://github.com/ARM-software/arm-trusted-firmware/blob/master/lib/cpus/a… for cortex a78 , it is mentioned that HW will do the cache maintenance . is HW cache maintenance done till L3 for cortex a78 case too ? Regards Amit

1 year

2
2
0 0

Trusted Firmware-A LTS v2.10.3 Release Announcement

by Yann GAUTIER - foss

Hello, Trusted Firmware-A LTS version 2.10.3 is now available. This release contains the following patches. 5f8f745c7 fix(cpus): workaround for Cortex-X3 erratum 2372204 [1] 301698e15 fix(cpus): workaround for Cortex-A715 erratum 2429384 [2] 9fe65073d refactor(errata-abi): optimize errata ABI using errata framework [3] a24c8006e refactor(errata-abi): workaround platforms non-arm interconnect [4] a234f540b fix(cpus): add erratum 2701951 to Cortex-X3's list [5] 58646309a chore: rearrange the fvp_cpu_errata.mk file [6] b7ed781ee fix(gic600): workaround for Part 1 of GIC600 erratum 2384374 [7] 04c60d5ef fix(cpus): workaround for Cortex-A715 erratum 2420947 [8] 940ebbe2d fix(cpus): workaround for Cortex-A715 erratum 2331818 [9] d466c5d4d fix(cpus): workaround for Cortex-X4 erratum 2701112 [10] 3e3ff298a fix(cpus): workaround for Cortex-A715 erratum 2344187 [11] 11cb0962f docs(threat_model): mark power analysis threats out-of-scope [12] 44f36c48f docs(sdei): provide security guidelines when using SDEI [13] b59307ef8 fix(cpus): workaround for Cortex-A715 erratum 2413290 [14] e86990d09 fix(cpus): fix a defect in Cortex-A715 erratum 2561034 [15] 03636f2c3 fix(cpus): workaround for Cortex-A720 erratum 2940794 [16] 635c83eb4 chore: update status of Cortex-X3 erratum 2615812 [17] baf14745f fix(cpus): workaround for Cortex-A720 erratum 2926083 [18] 81931a13a fix(cpus): workaround for Cortex-A715 erratum 2413290 [19] ef393a3f9 fix(cpu): correct variant name for default Poseidon CPU [20] a6256d7a2 feat(cpu): add support for Poseidon V CPU [21] bafc27c8d chore: rename Poseidon to Neoverse V3 [22] d6b1d4807 fix(readme): dummy commit for sandbox release [23] [1] https://review.trustedfirmware.org/q/Iad28f8625c84186fbd8049406d139d4f15c6e… [2] https://review.trustedfirmware.org/q/I3cdb1b71567542174759f6946e9c81f77d0d9… [3] https://review.trustedfirmware.org/q/I1a60d3e4f116b6254fb45426f43ff1b21771a… [4] https://review.trustedfirmware.org/q/Ie86b7212d731a79e2a0c07649e69234e733cd… [5] https://review.trustedfirmware.org/q/I6ffaf4360a4a2d0a23c253a2326c178e010c8… [6] https://review.trustedfirmware.org/q/I3959bdf5852c5714f2238f61493a931b3c857… [7] https://review.trustedfirmware.org/q/I4bb6dcf86c94125cbc574e0dc5119abe43e84… [8] https://review.trustedfirmware.org/q/I01a71b878cd958e742ff8357f8cdfbfc5625d… [9] https://review.trustedfirmware.org/q/If3b1ed78b145ab6515cdd41135314350ed556… [10] https://review.trustedfirmware.org/q/I8ede1ee75b0ea1658369a0646d8af91d44a87… [11] https://review.trustedfirmware.org/q/I78ea39a91254765c964bff89f771af33b23f2… [12] https://review.trustedfirmware.org/q/I5b245f33609fe8948e473ce4484898db5ff8d… [13] https://review.trustedfirmware.org/q/Ic27bdc88186f6805adee2f452503856e213a4… [14] https://review.trustedfirmware.org/q/Iaeb258c8b0a92e93d70b7dad6ba59d1056aeb… [15] https://review.trustedfirmware.org/q/I4f115bbb27c57f16cada2a7eb314af8380f93… [16] https://review.trustedfirmware.org/q/I1488802e0ec7c16349c9633bb45de4d0e1faa… [17] https://review.trustedfirmware.org/q/Ied7150bab505a743401cf4afa9a0a5f81d5fd… [18] https://review.trustedfirmware.org/q/I30182c3893416af65b55fca9a913cb4512430… [19] https://review.trustedfirmware.org/q/I87b2175b89d6fb168c77e6ab233c90ca05679… [20] https://review.trustedfirmware.org/q/I48183290ffc2889d6ae000d3aa423c0ee5e4d… [21] https://review.trustedfirmware.org/q/Icdcc5f57c62855b2ec54c58a401d3bf09f292… [22] https://review.trustedfirmware.org/q/I9e40ba8f80b7390703d543787e6cd2ab6301e… [23] https://review.trustedfirmware.org/q/Ib36e14779e2cdf42cfd9d5690ca8d0288689c… TF-A-tests LTS version 2.10.3 contains the following patches. 2162802 refactor(errata_abi): update the cpu structs for errata ABI [24] 9135090 refactor(errata_abi): add the Cortex-X4 cpu struct [25] [24] https://review.trustedfirmware.org/q/I4650a88003db2ded9277b35c7fc521026fe4a… [25] https://review.trustedfirmware.org/q/I8421dcc98eea85d038070f90e819e91bb2652… TF-A-ci-scripts LTS version 2.10.3 contains the following patches. 7a33284 fix(fvp): remove fvp-tc.crash-linux.tc-fip.tc-tc2-debug [26] 4ffc461 ci(errata_abi): update testconfig for errata ABI [27] a295862 ci: create groups for Arm platforms and partner boards [28] e78b129 lts: new downloads area for LTS v2.10 [29] 3dc2907 tf-l3-boot-tests-css: Remove TC1/TC2 configs [30] ae4d470 expect-lava/linux.inc: Fail-fast on kernel panic [31] 32fac0c fvp-tftf.cactus_mm: Increase timeout to 900s [32] f818c0e fvp-tftf.cactus_mm: Increase timeout to 720s [33] 80294ea fvp-tftf.cactus_mm: Further increase timeout for this test to 600s [34] 3a5cbe9 expect-lava: Propagate failure clauses to all TFTF test snippets [35] a2ee841 run_config/fvp-tftf.cactus_mm: Set lava_timeout="450" [36] 052f1bb fix: check and initialise spm submodules [37] [26] https://review.trustedfirmware.org/q/Ifd3fda7e18d2135287371f2e991e29e1d7e70… [27] https://review.trustedfirmware.org/q/I5635916abe03676316488b0321f0d8757bf07… [28] https://review.trustedfirmware.org/q/I8cfa16de1dd09981b5a5ffdc9cf79b19e789b… [29] https://review.trustedfirmware.org/q/I0280c4f6d286b4bf0fb13490e7234004bdd32… [30] https://review.trustedfirmware.org/q/Ia213695824ef8923edd2ca4e924e44b10ad4e… [31] https://review.trustedfirmware.org/q/Ib89948e0a0c9b1a9fa1eed8bf02b6b88f70a3… [32] https://review.trustedfirmware.org/q/I10d9e1b62456ecd2908b08287a23ebccdb261… [33] https://review.trustedfirmware.org/q/I1f796b06ddac1ab66e3e5090dbf1da8ec718e… [34] https://review.trustedfirmware.org/q/I8e792a07928c0f63954e8c166300614cef292… [35] https://review.trustedfirmware.org/q/I1a19e7e21d7db3527d24624a16d6ed442ec2f… [36] https://review.trustedfirmware.org/q/Id582f8712fb50fd58e00d49c65dcecb753141… [37] https://review.trustedfirmware.org/q/If07fb5c721b699bf80bd7fe5f54fad5ad16ed… Thanks, TF-A LTS team

1 year

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Apr 4, 2024 5pm - 6pm (GMT+2) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling as no topic planned. Regards, Olivier. " TF-A Tech Forum Thursday Apr 4, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year

1
0
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 424695: Incorrect expression (SIZEOF_MISMATCH) /services/std_svc/rmmd/rmmd_main.c: 237 in rmmd_setup() ________________________________________________________________________________________________________ *** CID 424695: Incorrect expression (SIZEOF_MISMATCH) /services/std_svc/rmmd/rmmd_main.c: 237 in rmmd_setup() 231 232 assert((shared_buf_size == SZ_4K) && 233 ((void *)shared_buf_base != NULL)); 234 235 /* Zero out and load the boot manifest at the beginning of the share area */ 236 manifest = (struct rmm_manifest *)shared_buf_base; >>> CID 424695: Incorrect expression (SIZEOF_MISMATCH) >>> Passing argument "manifest" of type "struct rmm_manifest *" and argument "8UL /* sizeof (manifest) */" to function "memset" is suspicious. 237 memset((void *)manifest, 0, sizeof(manifest)); 238 239 rc = plat_rmmd_load_manifest(manifest); 240 if (rc != 0) { 241 ERROR("Error loading RMM Boot Manifest (%i)\n", rc); 242 return rc; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

1 year

1
0
0 0

Deprecating ENABLE_FEAT_MTE build option

by Govindraj Raja

Hi All, Please note build option `ENABLE_FEAT_MTE` is now depcreated[1] and not handled anymore part of TF-A since there is no setting needed in EL3 to enable MTE to be used at EL0. However please note MTE at EL2/EL1 will require setting of ENABLE_FEAT_MTE2 build option[2]. This is also a breaking change for platforms and downstream code that uses MTE at EL2/EL1 without any configuration from TF-A but now SCR_EL3.ATA bit(26) which was set unconditionally prior to this change[3] is now fixed and moved correctly under ENABLE_FEAT_MTE2[3]. Going forward use build option `ENABLE_FEAT_MTE2` to use MTE at EL2/EL1. -- Thanks, Govindraj R [1]: https://review.trustedfirmware.org/q/topic:%22mte_fixes%22 [2]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/27122/19/doc… [3]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/26891

1 year

1
0
0 0

RAS exceptions TRAP at EL3

by Nagal, Amit

Hi , I am using TF-A tests tests-single-fault.mk to inject RAS errors on AMD Xilinx platform which is cortex a-78 armv8.2 based. With this test , I can see RAS exceptions are getting triggered at EL2 . I want to trap this exception at EL3 and handle RAS errors further using FFH approach. From code , I could see fvp platform using FAULT_INJECTION_SUPPORT=1 , but from documentation it is meant from ARMv8.4 . I am following https://www.trustedfirmware.org/docs/RAS_Tech_Forum.pdf . Another option is RAS_ALLOW_ERR_REC_ACCESS_NS , but in the pdf , for FFH it is mentioned RAS_ALLOW_ERR_REC_ACCESS_NS should be 0. Can I be advised what should be done to trap the RAS exception at EL3 on armv8.2 cortex a78 platform ? Regards Amit

1 year

2
3
0 0

New Defects reported by Coverity Scan for ARM-software/arm-trusted-firmware

by scan-admin＠coverity.com

Hi, Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. 3 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 424609: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) /plat/nuvoton/npcm845x/npcm845x_bl31_setup.c: 132 in () ________________________________________________________________________________________________________ *** CID 424609: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) /plat/nuvoton/npcm845x/npcm845x_bl31_setup.c: 132 in () 126 * in BL2 & EL3 in BL1) before they are lost (potentially). This needs to be 127 * done before the MMU is initialized so that the memory layout can be used 128 * while creating page tables. BL2 has flushed this information to memory, 129 * so we are guaranteed to pick up good data. 130 *****************************************************************************/ 131 void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, >>> CID 424609: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) >>> parameter "arg2" was set but never used 132 u_register_t arg2, u_register_t arg3) 133 { 134 arg0 = arg1 = arg2 = arg3 = 0; 135 #if RESET_TO_BL31 136 void *from_bl2 = (void *)arg0; 137 void *plat_params_from_bl2 = (void *)arg3; ** CID 424608: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/arm/mhu/mhu_v3_x.c: 75 in mhu_v3_x_driver_init() ________________________________________________________________________________________________________ *** CID 424608: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /drivers/arm/mhu/mhu_v3_x.c: 75 in mhu_v3_x_driver_init() 69 /* Unsupported MHU version */ 70 return MHU_V_3_X_ERR_UNSUPPORTED_VERSION; 71 } 72 73 /* Read the MHU Architecture Minor Revision */ 74 dev->subversion = >>> CID 424608: Integer handling issues (CONSTANT_EXPRESSION_RESULT) >>> "(aidr & (15U /* 0xfU << 0U */)) >> (15U /* 0xfU << 0U */)" is 0 regardless of the values of its operands. This occurs as the operand of assignment. 75 ((aidr & MHU_ARCH_MINOR_REV_MASK) >> MHU_ARCH_MINOR_REV_MASK); 76 77 /* Return error if the MHU minor revision is not 0 */ 78 if (dev->subversion != MHU_MINOR_REV_3_0) { 79 /* Unsupported subversion */ 80 return MHU_V_3_X_ERR_UNSUPPORTED_VERSION; ** CID 424607: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) /plat/nuvoton/npcm845x/npcm845x_bl31_setup.c: 131 in () ________________________________________________________________________________________________________ *** CID 424607: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) /plat/nuvoton/npcm845x/npcm845x_bl31_setup.c: 131 in () 125 * Here is an opportunity to copy parameters passed by the calling EL (S-EL1 126 * in BL2 & EL3 in BL1) before they are lost (potentially). This needs to be 127 * done before the MMU is initialized so that the memory layout can be used 128 * while creating page tables. BL2 has flushed this information to memory, 129 * so we are guaranteed to pick up good data. 130 *****************************************************************************/ >>> CID 424607: Parse warnings (PW.PARAM_SET_BUT_NOT_USED) >>> parameter "arg1" was set but never used 131 void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1, 132 u_register_t arg2, u_register_t arg3) 133 { 134 arg0 = arg1 = arg2 = arg3 = 0; 135 #if RESET_TO_BL31 136 void *from_bl2 = (void *)arg0; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2…

1 year

1
0
0 0

Canceled event with note: TF-A Tech Forum @ Thu Mar 21, 2024 5pm - 6pm (GMT+1) (tf-a@lists.trustedfirmware.org)

by Olivier Deprez

This event has been canceled with a note: "Hi, Cancelling this instance as no topic planned. Regards, Olivier. " TF-A Tech Forum Thursday Mar 21, 2024 ⋅ 5pm – 6pm Central European Time - Paris We run an open technical forum call for anyone to participate and it is not restricted to Trusted Firmware project members. It will operate under the guidance of the TF TSC. Feel free to forward this invite to colleagues. Invites are via the TF-A mailing list and also published on the Trusted Firmware website. Details are here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Trusted Firmware is inviting you to a scheduled Zoom meeting.Join Zoom Meetinghttps://linaro-org.zoom.us/my/trustedfirmware?pwd=VktXcm5MNUUyVVM4R0k3ZUtvdU84QT09 One tap mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US (San Jose)Dial by your location +1 646 558 8656 US (New York) +1 669 900 9128 US (San Jose) 877 853 5247 US Toll-free 888 788 0099 US Toll-freeMeeting ID: 915 970 4974Find your local number: https://zoom.us/u/ad27hc6t7h Guests marek.bykowski(a)gmail.com okash.khawaja(a)gmail.com tf-a(a)lists.trustedfirmware.org ~~//~~ Invitation from Google Calendar: https://calendar.google.com/calendar/ You are receiving this email because you are an attendee on the event. To stop receiving future updates for this event, decline this event. Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more https://support.google.com/calendar/answer/37135#forwarding

1 year

1
0
0 0

Question about RME-DA in TF-A/TF-RMM/FVP

by Chenxu Wang

Hi all, I find that Arm has considered "device for realms" and purposed RME-DA since last year. This is not only a concept but also includes some SMMU hardware extensions (e.g., Realm Page MMIO and DPT). Unfortunately, I only find few contents related to RME-DA in the latest FVP user guide, and nothing in TF-A/TF-RMM. Thus, can I ask 1. Does current FVP simulate the RME-DA? 2. Will TF-A/TF-RMM supports RME-DA recently? Sincerely, WANG Chenxu

1 year

2
1
0 0

Compatibility support for SPM_MM and SPMD

by baopeng (A)

Hi Olivier Deprez, We use the SPM_MM framework mainly for read/write control of security variables. We do not want to modify the original application code at this time. At the same time we want to add support for the new SPMD framework based code. ________________________________ Hi Baopeng, By "code based on the SPM_MM framework" I assume you refer to a secure service running in a S-EL0 partition based on the MM protocol? If you can share this information, what kind of service is this implementing? RAS handling, secure variables, TPM back end, other? What kind of interface is needed to access the service? asynchronous with interrupts? synchronous with SMC from normal world? Another question is why do you need to collocate the SPMD if the MM implementation is already achieving the scenarios you need? Ideally you'd want to migrate this service to run on top of: * the EL3 FF-A SPMC https://trustedfirmware-a.readthedocs.io/en/latest/components/el3-spmc.html * or if the HW/chipset implements it, the S-EL2 FF-A SPMC https://hafnium.readthedocs.io/en/latest/secure-partition-manager/index.htm… Knowing the kind of S-EL0 service would help narrowing the effort for a migration. FF-A (https://developer.arm.com/documentation/den0077/latest/) is a modern evolution of MM (https://developer.arm.com/documentation/den0060/latest) and any functionality achieved by the MM protocol can be handled by FF-A. For example the MM_COMMUNICATE interface can be easily swapped by the FFA_MSG_SEND_DIRECT_REQ interface. Regards, Olivier. ________________________________ From: baopeng (A) via TF-A tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Sent: 21 February 2024 07:10 To: tf-a(a)lists.trustedfirmware.org tf-a(a)lists.trustedfirmware.org<mailto:tf-a@lists.trustedfirmware.org> Subject: [TF-A] Re: Request for help Hi Olivier Deprez, We have developed code based on the SPM_MM framework and do not want to reconstruct the code. However, we want to adapt the code to the SPMD framework. What should we do? ________________________________ Hi Baopeng, SPM_MM is the legacy implementation for a secure partition manager relying on the MM protocol. This implementation gets deprecated in favor of FF-A based implementations (what you refer to as SPMD + SPMC). Both implementations aren't compatible and it is discouraged to attempt co-locating both. It may be more palatable and future proof to transition all your SW stack to be compliant to FF-A standard. We may help you better if you tell a bit more about the reason for mixing both implementations in the same build. Regards, Olivier. ________________________________ From: baopeng (A) baopeng1@huawei.commailto:baopeng1@huawei.com Sent: 20 February 2024 02:19 To: tf-a-owner(a)lists.trustedfirmware.org tf-a-owner@lists.trustedfirmware.orgmailto:tf-a-owner@lists.trustedfirmware.org Subject: Request for help Dear Sir/ Madam, we need to support the simultaneous loading of SPMD and SPM_MM due to project reasons. However, we notice that the makefile of SPM_MM of ATF does not support the simultaneous loading of SPMD and SPM_MM by default. I would like to ask what is the main reason for making the current restrictions?

1 year, 1 month

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

TF-A