TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 2e14ebe8b6e3876ebb576eca5c2472d5d35fc0b0
commit2e14ebe8b6e3876ebb576eca5c2472d5d35fc0b0[log] [tgz]
authorDaniel Boulby <daniel.boulby@arm.com>Mon Jan 15 16:21:44 2024 +0000
committerJoao Alves <joao.alves@arm.com>Thu Feb 01 15:14:42 2024 +0100
tree0e91959519040a77275c1fc2f0d87cc6984c6b20
parent3d0a462034c0d140171a90a0a2648af730196ecc [diff]
fix(memory share): fix behaviour of relinquish clear flag

The `Zero memory after relinquish` flag set in a relinquish
request should take priority over the value of the
`Zero memory flag` set in the retrieve request previously.
This is not currently the case and this patch corrects that.

We also correct the tests to reflect this as well as adding some
additional tests to ensure in cases where the flag's value during
the retrieve request does not match the flag during the relinquish
request, the behaviour that occurs is dictated by the relinquish
request.

Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Change-Id: I770362374da9c333952249f30e17bf34edd83d6c
4 files changed
tree: 0e91959519040a77275c1fc2f0d87cc6984c6b20
  1. .vscode/
  2. build/
  3. docs/
  4. driver/
  5. inc/
  6. kokoro/
  7. project/
  8. src/
  9. test/
  10. third_party/
  11. vmlib/
  12. prebuilts
  13. .clang-format
  14. .clang-tidy
  15. .gitignore
  16. .gitmodules
  17. .gn
  18. .readthedocs.yaml
  19. AUTHORS
  20. BUILD.gn
  21. CONTRIBUTING.md
  22. dco.txt
  23. LICENSE
  24. Makefile
  25. navbar.md
  26. pyproject.toml
  27. README.md
README.md

Hafnium

Hafnium is the Secure Partition Manager(SPM) reference implementation, following the Arm's Firmware Framework specification.

It leverages Arm's virtualization extensions in the secure world of Arm's A class of devices (feature introduced with Armv8.4 FEAT_SEL2) to allow multiple Trusted OSes or Applications to run concurrently, inside the Trusted Execution Environment, each running as a Secure Partition (SP). Its main goal is to control the system access given to Trusted OSes, and serve as a mediator to the rest of the system.

For example, it limits the memory use, and handles all system calls from Trusted OS. Thus the SPM can enforce spacial isolation, and enforce some level of access control, protecting other critical system resources such as: the secure monitor, the normal world software stack, the SPM itself and other SPs/Trusted Applications. Other important features are: secure interrupt handling, device assignment, inter-partition communication and with the Normal World Software stack, also known as Rich Execution Environment (REE).

The following diagram shows an overview of a typical aarch64-based system, and where Hafnium fits:

Hafnium Architecture

Get in touch and keep up-to-date at:

See feature requests and bugs through github.

Documentation

To find more about Hafnium, view the full documentation. It includes valuable resources such as: Getting Started guide, Threat Model, and other documentation.