* changes: fix(intel): add flash dcache after return response for INTEL_SIP_SMC_MBOX_SEND_CMD fix(intel): extending to support large file size for SHA2/HMAC get digest and verifying fix(intel): extending to support large file size for SHA-2 ECDSA data signing and signature verifying fix(intel): extending to support large file size for AES encryption and decryption feat(intel): support version 2 SiP SVC SMC function ID for mailbox commands feat(intel): support version 2 SiP SVC SMC function ID for non-mailbox commands fix(intel): update certificate mask for FPGA Attestation feat(intel): update to support maximum response data size feat(intel): support ECDSA HASH Verification feat(intel): support ECDSA HASH Signing feat(intel): support ECDH request feat(intel): support ECDSA SHA-2 Data Signature Verification feat(intel): support ECDSA SHA-2 Data Signing feat(intel): support ECDSA Get Public Key feat(intel): support session based SDOS encrypt and decrypt feat(intel): support AES Crypt Service feat(intel): support HMAC SHA-2 MAC verify request feat(intel): support SHA-2 hash digest generation on a blob feat(intel): support extended random number generation feat(intel): support crypto service key operation feat(intel): support crypto service session feat(intel): extend attestation service to Agilex family fix(intel): flush dcache before sending certificate to mailbox fix(intel): introduce a generic response error code fix(intel): allow non-secure access to FPGA Crypto Services (FCS) feat(intel): single certificate feature enablement feat(intel): initial commit for attestation service fix(intel): update encryption and decryption command logic |
||
---|---|---|
.husky | ||
bl1 | ||
bl2 | ||
bl2u | ||
bl31 | ||
bl32 | ||
common | ||
docs | ||
drivers | ||
fdts | ||
include | ||
lib | ||
licenses | ||
make_helpers | ||
plat | ||
services | ||
tools | ||
.checkpatch.conf | ||
.commitlintrc.js | ||
.cz.json | ||
.editorconfig | ||
.gitignore | ||
.gitreview | ||
.versionrc.js | ||
Makefile | ||
changelog.yaml | ||
dco.txt | ||
license.rst | ||
package-lock.json | ||
package.json | ||
readme.rst |
readme.rst
Trusted Firmware-A
Trusted Firmware-A (TF-A) is a reference implementation of secure world software for Arm A-Profile architectures (Armv8-A and Armv7-A), including an Exception Level 3 (EL3) Secure Monitor. It provides a suitable starting point for productization of secure world boot and runtime firmware, in either the AArch32 or AArch64 execution states.
TF-A implements Arm interface standards, including:
- Power State Coordination Interface (PSCI)
- Trusted Board Boot Requirements CLIENT (TBBR-CLIENT)
- SMC Calling Convention
- System Control and Management Interface (SCMI)
- Software Delegated Exception Interface (SDEI)
The code is designed to be portable and reusable across hardware platforms and software models that are based on the Armv8-A and Armv7-A architectures.
In collaboration with interested parties, we will continue to enhance TF-A with reference implementations of Arm standards to benefit developers working with Armv7-A and Armv8-A TrustZone technology.
Users are encouraged to do their own security validation, including penetration testing, on any secure world code derived from TF-A.
More Info and Documentation
To find out more about Trusted Firmware-A, please view the full documentation that is available through trustedfirmware.org.
Copyright (c) 2013-2019, Arm Limited and Contributors. All rights reserved.