Hello,
In the file lib/xlat_tables/xlat_tables_common.c and other related files, the condition clause of the for loop does not use the loop counter variable "mm". This leads to violations when running the Coverity MISRA-C analysis for the ZynqMP platform.
Addressing this issue added mm as part of loop counter and this belongs to core translational table logic and other violations also related to this. Is it possible to address this issue? Please provide your suggestions.
Regards,
Nithin G
Hello,
Trusted Firmware-A LTS version 2.8.13 is now available. This release introduces workarounds for new CPU errata for Cortex-A78C, Cortex-X3, and Neoverse V1/V2. It also adds support for the SLS mitigation.
The complete list of changes can be found here<https://trustedfirmware-a.readthedocs.io/en/lts-v2.8.13/change-log.html>.
Thanks.
Hello,
In the file bl31/bl31_main.c, there is a function named bl31_lib_init with its definition. Simultaneously, the declaration of this function is included in include/bl31/bl31.h since the function bl31_lib_init used only in one translational unit. leading to a violation when running the Coverity MISRA-C analysis for the ZynqMP.
Addressing this issue need to remove the declaration of the function from the bl31.h file and making its definition static. To maintain visibility, included a static declaration in the bl31_main.c file. However, it will may impact in future modifications due to the removal of the declaration in bl31.h. Please provide your suggestions.
Regards,
Nithin
Dear All,
We would like to announce that we have published an experimental project called rust-spmc which is a S-EL1 FF-A Secure Partition Manager Core implementation in Rust. We started this as a free time project and now we had the opportunity to publish it on trustedfirmware.org. In its current state it has a partial implementation of the FF-A protocol, and it is able to run the secure partitions of Trusted Services with all tests passing on Arm FVP. It also provides the required compartmentalization between the S-EL0 secure partitions.
Please note that the project is experimental (i.e. PoC, not suitable for production) and it is currently not scheduled by Arm for further development.
The Rust language is an ideal language for implementing firmware components given its lack of undefined behavior and its memory safety guarantees. Our goal was to demonstrate the capabilities of language in a security critical firmware environment and to gather feedback from partners which could open up the possibility of further development of the project.
The repository is available here: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/
We also prepared a readme with instructions for testing the project: https://git.trustedfirmware.org/rust-spmc/rust-spmc.git/about/
Please reach out to us if you are interested in the project or if you have any questions.
Regards,
Bálint Dobszay & Imre Kis
This event has been canceled with a note:
"Hi, Cancelling the TF-A Tech Forum as no topic. Thanks & Regards,
Olivier. "
TF-A Tech Forum
Thursday Nov 30, 2023 ⋅ 5pm – 6pm
Central European Time - Paris
We run an open technical forum call for anyone to participate and it is not
restricted to Trusted Firmware project members. It will operate under the
guidance of the TF TSC. Feel free to forward this invite to
colleagues. Invites are via the TF-A mailing list and also published on the
Trusted Firmware website. Details are
here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr…
Firmware is inviting you to a scheduled Zoom meeting.Join Zoom
Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap
mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US
(San Jose)Dial by your location +1 646 558
8656 US (New York) +1 669 900
9128 US (San Jose) 877 853 5247 US
Toll-free 888 788 0099 US Toll-freeMeeting ID:
915 970 4974Find your local
number: https://zoom.us/u/ad27hc6t7h
Guests
marek.bykowski(a)gmail.com
okash.khawaja(a)gmail.com
tf-a(a)lists.trustedfirmware.org
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event. To
stop receiving future updates for this event, decline this event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
When booting my Pine64 Rock64 (rk3328), I see the following warning:
WARNING: BL31: cortex_a53: CPU workaround for 1530924 was missing!
That warning is present in u-boot 2023.01 and also in 2023.07.
Asking on their IRC channel and they indicated it should be fixed in TF-A.
In the source code I saw various commits which all seem a variation of
74665119f04de0cd7c735fa741aff607a4a9fde8
titled "Enable workaround for Cortex-A53 erratum 1530924"
But such a commit seems to be missing for the rk3328 platform.
I guess a patch like this is needed to fix that?
```patch
diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/
platform.mk
index 5b4766d51..bd86a1cc8 100644
--- a/plat/rockchip/rk3328/platform.mk
+++ b/plat/rockchip/rk3328/platform.mk
@@ -65,6 +65,7 @@ include lib/libfdt/libfdt.mk
# Enable workarounds for selected Cortex-A53 errata
ERRATA_A53_855873 := 1
+ERRATA_A53_1530924 := 1
$(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT))
$(eval $(call add_define,PLAT_SKIP_OPTEE_S_EL1_INT_REGISTER))
```
The Contributor’s Guide indicates that it requires a Microsoft Github account,
so I opted to post a patch to this list.
Cheers,
Diederik
PS: https://developer.trustedfirmware.org/ seems to be full of spam; you may
want to look into that.
Hello,
Trusted Firmware-A LTS version 2.8.12 is now available. This release removes the Cryptocell driver support and contains fixes for the Tegra platform, the SMCCC library, and SDEI.
The complete list of changes can be found here<https://ci-builds.trustedfirmware.org/static-files/DcqMVUzlEWpu-LYx_0-RuHeu…>.
Thanks.
Hi All,
We are pleased to announce the formal release of Trusted Firmware-A version 2.10 bundle of project deliverables.
This includes Trusted Firmware-A, Trusted Firmware-A Tests, Hafnium, RMM and TF-A OpenCI Scripts/Jobs 2.10 releases involving the tagging of multiple repositories.
These went live on 22nd November 2023.
Please find references to tags and change logs at the end of this email.
Many thanks to the community for the active engagement in delivering this release!
Notable Features of the Version 2.10 Release are as follows:
TF-A/EL3 Root World
* New Features:
* Firmware handoff library support
* Improvements to BL31 runtime exception handling
* Context management refactoring for RME/4 worlds
* Gelas, Nevis & Travis CPUs support
* V8.9 features enabled (FEAT_ HAFT, RPRFM, LRCPC3, MTE_PERM)
TF-A Boot BL1/BL2
* New Features
* Trusted Boot support for ECDSA (Elliptic Curve Digital Signature Algorithm)
* Migrated to PSA crypto API’s
* Improved the GUID Partition Table (GPT) parser.
* Various security Improvements and threat Model updates for ARM CCA
* Signer id extraction Implementation
Hafnium/SEL2 SPM
* New Features:
* FF-A v1.2: FFA_YIELD with time-out; EL3 SPMDs LSPs communication; memory sharing updates.
* Memory region relative base address field support in SP manifests.
* Interrupt re-configuration hypervisor calls.
* Memory management: S2 PT NS/S IPA split
* SMCCCv1.2+ compliance fixes.
* Feature parity test improvements, EL3 SPMC and Hafnium (S-EL2 SPMC)
TF-RMM/REL2
* New Feature/Support
* Fenimore v1.0 EAC5 aligned implementation.
* TFTF Enhancements for RME testing
* Initial CBMC support
* NS SME support in RMM
* BTI support for RMM
Errata
* Errata implemented (1xCortex-X2/ Matterhorn-ELP, 1xCortex-A710/Matterhorn, 1xNeoverse N2/Perseus, 2xNeoverse V2/Demeter, Makalu ELP/Cortex X3, Klein/Cortex-A510)
* Fix some minor defects with version in a few errata that applies for some follow up revisions of the CPUs. (Neoverse V1, Cortex-X2, Cortex-A710)
TF-A Tests
* Core
* Added errata management firmware interface tests.
* Added firmware handoff tests.
* Introduced RAS KFH support test.
* SPM/FF-A
* Support SMCCCv1.2 extended GP registers set.
* Test SMCCC compliance at the non-secure physical instance.
* Test secure eSPI interrupt handling.
* Test FF-A v1.2 FFA_PARTITION_INFO_GET_REGS interface.
* RMM
* Added FPU/SVE/SME tests
* Added multiple REC single CPU tests.
* Added PAuth support in Realms tests.
* Added PMU tests.
Platform Support
* New platforms added:
* Aspeed AST2700, NXP IMX93, Intel Agilex5, Nuvoton NPCM845x, QTI MDM9607, MSM8909, MSM8939, ST STM32MP2
Release tags across repositories:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tag/?h=v2.10https://git.trustedfirmware.org/TF-A/tf-a-tests.git/tag/?h=v2.10https://git.trustedfirmware.org/ci/tf-a-ci-scripts.git/tag/?h=v2.10https://git.trustedfirmware.org/ci/tf-a-job-configs.git/tag/?h=v2.10https://git.trustedfirmware.org/hafnium/hafnium.git/tag/?h=v2.10https://git.trustedfirmware.org/ci/hafnium-ci-scripts.git/tag/?h=v2.10https://git.trustedfirmware.org/ci/hafnium-job-configs.git/tag/?h=v2.10https://git.trustedfirmware.org/TF-RMM/tf-rmm.git/tag/?h=tf-rmm-v0.4.0
Change logs:
https://trustedfirmware-a.readthedocs.io/en/v2.10/change-log.html#id1https://trustedfirmware-a-tests.readthedocs.io/en/v2.10/change-log.html#ver…https://hafnium.readthedocs.io/en/latest/change-log.html#v2-10https://tf-rmm.readthedocs.io/en/tf-rmm-v0.4.0/about/change-log.html#v0-4-0
Regards,
Olivier.
TL;DR: move Mandatory features to be runtime checked (value 2)
Month ago there was changeset from Govindraj Raja merged [1]. The plan
was to enable all mandatory features based on architecture version set
by plaform (using ARM_ARCH_{MAJOR,MINOR} variables).
1. https://review.trustedfirmware.org/q/topic:%22gr/build_refactor%22
The idea is nice. But only for final products. If you are working on
silicon bring up or on virtualization platform (QEMU or other) then you
got hit badly...
I am working on SBSA Reference Platform in QEMU. It can have one of
several cpu models. From old v8.0 cores up to v9.0 ones. And then there
is also 'max' core which cannot be mapped to any architecture level
because it contains all Arm cpu features QEMU can emulate. We need to
support all of them in one TF-A binary. Whenever something fails we
have some cpu cores in non-bootable state.
We had to enable FGT to get 'max' boot Linux. Now we have to move DIT to
be runtime checked to boot anything below Neoverse-V1 at all. And HCX to
get 'max' boot Linux again.
At current state of TF-A we cannot handle it. Toplevel Makefile includes
platform.mk which sets ARM_ARCH_{MAJOR,MINOR} and then
make_helpers/arch_features.mk enables mandatory options by setting them
to value "1" which means "present, no need to check".
Due to this we have those changes in Gerrit:
DIT: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24870
TRF: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/23648
And instead of sending another one to switch FGT, RNG and HCX I decided
to write this email.
I have spent half of day today bisecting TF-A, booting several tools and
operating systems to check how we are and where the problem is. Still
have to get Neoverse-N2 booting properly but other than then I got to
the point where all cpu cores boot into Linux.
We need to change make_helpers/arch_features.mk to stop enabling mandatory
features as "present, no need to check" (value '1') but to use runtime
check (value '2') instead. This way any platform which contains CPU not
yet fully developed can boot TF-A. Or platform where one firmware can boot
different cpu models.
I am sorry that I bring it so late in release cycle but was unable to use
computer for a development for some time.