SBSA update: TFA and RngLib (#626)

# Preface Please ensure you have read the [contribution docs](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md) prior to submitting the pull request. In particular, [pull request guidelines](https://github.com/microsoft/mu/blob/master/CONTRIBUTING.md#pull-request-best-practices). ## Description Current SBSA is using timer based RngLib, which is not appropriate as an example. This change updated the library to be instruction based. Note that this instruction may not be available on all instructions sets. The change also updates to the latest TFA release for our own housekeeping. Fixes https://github.com/microsoft/mu_tiano_platforms/issues/616. For each item, place an "x" in between `[` and `]` if true. Example: `[x]`. _(you can also check items in the GitHub UI)_ - [ ] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [x] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [ ] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... ## How This Was Tested Booted SBSA platform firmware to Windows desktop. ## Integration Instructions N/A
2023-07-05 19:34:13 -07:00 · 2023-07-05 19:34:13 -07:00 · f1a3463a3b
--- a/.gitmodules
+++ b/.gitmodules
@ -21,7 +21,7 @@
 [submodule "Silicon/Arm/TFA"]
 	path = Silicon/Arm/TFA
 	url = https://github.com/ARM-software/arm-trusted-firmware.git
-	branch = v2.7
+	branch = v2.9.0
 [submodule "Features/DFCI"]
 	path = Features/DFCI
 	url = https://github.com/microsoft/mu_feature_dfci
--- a/Platforms/QemuSbsaPkg/PlatformBuild.py
+++ b/Platforms/QemuSbsaPkg/PlatformBuild.py
@ -297,7 +297,7 @@ class PlatformBuilder( UefiBuilder, BuildSettingsManager):
        args += " PLAT=" + self.env.GetValue("QEMU_PLATFORM").lower()
        args += " ARCH=" + self.env.GetValue("TARGET_ARCH").lower()
        args += " DEBUG=" + str(1 if self.env.GetValue("TARGET").lower() == 'debug' else 0)
-        args += " SPM_MM=1 EL3_EXCEPTION_HANDLING=1"
+        args += " SPM_MM=1 EL3_EXCEPTION_HANDLING=1 ENABLE_SME_FOR_NS=0 ENABLE_SVE_FOR_NS=0"
        args += " ENABLE_FEAT_HCX=1" # Features used by hypervisor
        # args += " FEATURE_DETECTION=1" # Enforces support for features enabled.
        args += " BL32=" + os.path.join(op_fv, "BL32_AP_MM.fd")
--- a/Platforms/QemuSbsaPkg/QemuSbsaPkg.dsc
+++ b/Platforms/QemuSbsaPkg/QemuSbsaPkg.dsc
@ -210,7 +210,7 @@
  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
 !endif
  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
-  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+  RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
  ArmMonitorLib|ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
  ArmTrngLib|ArmPkg/Library/ArmTrngLib/ArmTrngLib.inf
  Hash2CryptoLib|SecurityPkg/Library/BaseHash2CryptoLibNull/BaseHash2CryptoLibNull.inf
--- a/Silicon/Arm/TFA
+++ b/Silicon/Arm/TFA
@ -1 +1 @@
-Subproject commit 35f4c7295bafeb32c8bcbdfb6a3f2e74a57e732b
+Subproject commit d3e71ead6ea5bc3555ac90a446efec84ef6c6122