- Trusted-services - lists.trustedfirmware.org

Any document to integrate smm-gateway into edk2 UEFI project?

by carlos.liu＠mediatek.com

We guess that all things we have to do is replace the following implementation into smm client. EFI_SMM_VARIABLE_PROTOCOL gSmmVariable = { VariableServiceGetVariable, VariableServiceGetNextVariableName, SmmVariableSetVariable, VariableServiceQueryVariableInfo }; EDKII_SMM_VAR_CHECK_PROTOCOL mSmmVarCheck = { VarCheckRegisterSetVariableCheckHandler, VarCheckVariablePropertySet, VarCheckVariablePropertyGet }; And I correct or something we miss? Do you have to document to integrate this feature into UEFI variable smm service? Carlos

2 years, 4 months

2
3
0 0

How to run trusted services under Hafnium, without OP-TEE

by haiyuan.ghy＠alibaba-inc.com

Hi experts: I want to run S-EL0 trusted services under S-EL2 Hafnium, without S-EL1 OP-TEE, in FVP simulation. I see totalcompute project integrates trusted-service with architecture, that S-EL0 can run under S-EL2, as here: https://totalcompute.docs.arm.com/en/latest/totalcompute/tc2/tc2_sw_stack.h… However, trusted-service documents only describe S-EL0 examples running under S-EL1 OP-TEE https://trusted-services.readthedocs.io/en/v1.0.0-beta/quickstart/optee-tes… https://trusted-services.readthedocs.io/en/v1.0.0-beta/environments/secure-… Anyone can help?

2 years, 7 months

2
1
1 0

v1.0.0 release

by Gyorgy Szing

Hi, I am pleased to announce the v1.0.0 release of Trusted Services. Nearly a year has passed since the previous tagged release (v1.0.0-beta) and a significant number of changes has been done since then. (Git reports 875 changed files, 59631 insertions, 10971 deletions.) For details, please see the release notes [1]. Let me give some highlights: * This release carries the first tagged version of the Block Storage [2] and the PSA Firmware Update [3] services. * The TS RPC protocol and Service Discovery [4] has been redesigned and refactored. * Added support for the Armv8-A CRC32 feature. * Extended FF-A v1.1 and v1.2 support. * SPs now set the "ns-interrupts-action" property in their SP manifest. SPMC implementations honouring this property will allow pre-emption of the SPs by Normal-World interrupts. Links and resources: 1: Detailed changelog of the new release: https://trusted-services.readthedocs.io/en/stable/project/change-log.html#v… 2: Block Storage Service description: https://trusted-services.readthedocs.io/en/stable/services/block-storage-se… 3: PSA Firmware Update Service description: https://trusted-services.readthedocs.io/en/stable/services/fwu/fwu-service-… 4: TS RPC protocol description: https://trusted-services.readthedocs.io/en/stable/developer/service-access-… Test results summary is available here: https://developer.trustedfirmware.org/w/trusted-services/test-reports/v1.0.… The source code can be downloaded from here: https://git.trustedfirmware.org/TS/trusted-services.git/log/?h=v1.0.0 Project documentation is available here: https://developer.trustedfirmware.org/w/trusted-services/test-reports/v1.0.… Regards: George

2 years, 7 months

1
0
0 0

New TrustedFirmware Discord Server

by Don Harbin

Hi All, Note you may have received another instance of this note but when I attempted to send to all TF ML's simultaneously it seemed to fail, so sending to each one at a time. Sorry about that. :/ We've created a Discord Server for real time chats/sharing. This solution comes at no cost to the project, is set up with channels for each project, includes a #general channel, and supports direct 1-1 chats between members, all with the goal of improving collaboration between trustedfirmware.org developers. We encourage all to join! :) Instructions for joining can be found on the TF.org FAQ page <https://www.trustedfirmware.org/faq/>. See you all there and please don't hesitate to reach out if you have any questions! Don Harbin TrustedFirmware Community Manager don.harbin(a)linaro.org

2 years, 8 months

1
0
0 0

New TrustedFirmware Discord Server

by don.harbin＠linaro.org

The content of this message was lost. It was probably cross-posted to multiple lists and previously handled on another list.

2 years, 8 months

1
0
0 0

OP-TEE S-EL1 SPMC broken

by Balint Dobszay

Hi All, A recent patch in optee_os [1] changed the boot ABI, which causes the "S-EL1 SPMC + Secure Partitions" config fail to boot. We are currently investigating the issue. Regards, Balint [1]: https://github.com/OP-TEE/optee_os/commit/f1f431c7a92671b4fa397976d381cc5ad…

3 years, 3 months

1
0
0 0

Trusted Services v1.0.0-beta release

by Gyorgy Szing

Hi all, We are pleased to announce that the Trusted Services project has made the first tagged public release, v1.0.0-beta. The release includes Trusted Services which can be deployed on Cortex-A devices to meet PSA Certified requirements. The release also includes necessary build and test infrastructure and documentation. The release includes: * PSA Crypto, Storage and Attestation Secure Partitions exposing the PSA Certified Functional APIs, the same APIs available today on Arm v8-M Cortex-M platforms via Trusted Firmware-M. * Additionally, UEFI SMM services are available through the SMM Gateway Secure Partition. * The services within the Secure Partitions can be invoked by applications for secure operations. * OP-TEE in 3.17 and later releases support Secure Partition Manager Core (SPMC). Details can be found here<https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/>. This release was validated with OP-TEE v3.19 For more information, please refer to the following resources: * Change log and release notes: https://trusted-services.readthedocs.io/en/v1.0.0-beta/project/change-log.h… * Documentation: https://trusted-services.readthedocs.io/en/v1.0.0-beta/ * Source code: https://git.trustedfirmware.org/TS/trusted-services.git/tag/?h=v1.0.0-beta * Test results including information on the set-up tests were executed with: https://developer.trustedfirmware.org/w/trusted-services/test-reports/v1.0.… * Roadmap for future development: https://developer.trustedfirmware.org/w/trusted-services/roadmap If you have any questions or comments do not hesitate to contact us via the mailing list, or by dropping an email to Shebu.VargheseKuriakose(a)arm.com<mailto:Shebu.VargheseKuriakose@arm.com> or gyorgy.szing(a)arm.com<mailto:gyorgy.szing@arm.com>. Kind Regards György Szing

3 years, 5 months

1
0
0 0

OP-TEE 3.19 SPMC status

by Balint Dobszay

Hi All, This is a follow-up email to the OP-TEE 3.19 release, highlighting the updates to the SPMC and related components. Short summary of introduced changes: - Added support for running SPs loaded from the FIP (by TF-A). This is an alternative to the current embedded SP loading mechanism [1]. - Added a new suite to xtest (ffa_spmc) to enable testing the SPMC as part of the normal OP-TEE test procedure [2]. For more details on how to get, build and test the SPMC, please see [3]. Our 3.19 release related test results are captured on this page [4]. Regards, Balint [1] https://optee.readthedocs.io/en/latest/architecture/spmc.html#sp-loading-me… [2] https://github.com/OP-TEE/optee_test/blob/3.19.0/host/xtest/ffa_spmc_1000.c [3] https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc [4] https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/releas…

3 years, 7 months

1
0
0 0

OP-TEE 3.18 SPMC status

by Balint Dobszay

Hi All, This is a follow-up email to the OP-TEE 3.18 release, highlighting the updates to the SPMC and related components. Short summary of introduced changes: - optee_os: Added support to the SPMC to process memory regions described in the SP manifest. This enables running the Trusted Services smm-gateway SP. - manifest: Added new manifest (derived from the fvp manifest) which includes Trusted Services and related kernel modules [1]. - build: Added new top level Makefile to configure optee_os as S-EL1 SPMC, build Trusted Services SPs and test apps [2]. For more details on how to get, build and test the SPMC, please see [3]. Regards, Balint [1]: https://github.com/OP-TEE/manifest/blob/3.18.0/fvp-ts.xml [2]: https://github.com/OP-TEE/build/blob/3.18.0/fvp-psa-sp.mk [3]: https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc

3 years, 10 months

1
0
0 0

OP-TEE v3.17 S-EL1 SPMC status

by Balint Dobszay

Hi All, This is a follow-up email to the OP-TEE v3.17 release, highlighting the updates to the SPMC component. As you might know there is a forked version living at [1], and we are continuously working on moving all features to upstream. This version enables all PSA Secure Partitions implemented by Trusted Services to work with the upstream SPMC. For more information about the PSA SPs, please see [2]. Short summary of introduced changes: - Added support to process the SP manifests in the SPMC. The device MMIO regions described in the SP manifest are mapped into the SP's translation regime, as requested by FF-A. - Added support for the FF-A v1.0 partition boot protocol. The SPMC will pass information to the S-EL0 SPs about the device regions mapped. The boot information is passed in device tree format, using the same bindings as the SP manifest [3]. - Forward TPM Event Log to S-EL0 SPs. For more details on how to get, build and test the SPMC, please see [4]. If you have any questions, please do not hesitate to reach out to us via [5] or [6]. Regards, Balint on behalf of the Trusted Services team [1] https://git.trustedfirmware.org/OP-TEE/optee_os.git/log/?h=psa-development [2] https://trusted-services.readthedocs.io/en/integration [3] https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-… [4] https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc [5] https://lists.trustedfirmware.org/mailman3/lists/op-tee.lists.trustedfirmwa… [6] https://lists.trustedfirmware.org/mailman3/lists/trusted-services.lists.tru…

4 years

2
1
0 0

2026

2025

2024

2023

2022

Trusted-services