Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Arm Trusted Firmware
Commits
31d5e7f5
Commit
31d5e7f5
authored
Dec 14, 2015
by
danh-arm
Browse files
Merge pull request #467 from jcastillo-arm/jc/tbb_oid
Apply new image terminology
parents
a84deb9c
d178637d
Changes
53
Expand all
Hide whitespace changes
Inline
Side-by-side
Makefile
View file @
31d5e7f5
...
...
@@ -309,7 +309,7 @@ ifeq (${DISABLE_PEDANTIC},0)
CFLAGS
+=
-pedantic
endif
# Using the ARM Trusted Firmware BL2 implies that a BL3
-
3 image also need to be
# Using the ARM Trusted Firmware BL2 implies that a BL33 image also need to be
# supplied for the FIP and Certificate generation tools. This flag can be
# overridden by the platform.
ifdef
BL2_SOURCES
...
...
@@ -589,8 +589,8 @@ help:
@
echo
" bl1 Build the BL1 binary"
@
echo
" bl2 Build the BL2 binary"
@
echo
" bl2u Build the BL2U binary"
@
echo
" bl31 Build the BL3
-
1 binary"
@
echo
" bl32 Build the BL3
-
2 binary"
@
echo
" bl31 Build the BL31 binary"
@
echo
" bl32 Build the BL32 binary"
@
echo
" certificates Build the certificates (requires 'GENERATE_COT=1')"
@
echo
" fip Build the Firmware Image Package (FIP)"
@
echo
" fwu_fip Build the FWU Firmware Image Package (FIP)"
...
...
bl1/bl1_main.c
View file @
31d5e7f5
...
...
@@ -216,7 +216,7 @@ void bl1_load_bl2(void)
******************************************************************************/
void
bl1_print_bl31_ep_info
(
const
entry_point_info_t
*
bl31_ep_info
)
{
NOTICE
(
"BL1: Booting BL3
-
1
\n
"
);
NOTICE
(
"BL1: Booting BL31
\n
"
);
print_entry_point_info
(
bl31_ep_info
);
}
...
...
bl2/bl2_main.c
View file @
31d5e7f5
...
...
@@ -41,54 +41,61 @@
#include <stdint.h>
#include "bl2_private.h"
/*
* Check for platforms that use obsolete image terminology
*/
#ifdef BL30_BASE
# error "BL30_BASE platform define no longer used - please use SCP_BL2_BASE"
#endif
/*******************************************************************************
* Load the
BL3-0
image if there's one.
* If a platform does not want to attempt to load
BL3-0
image it must leave
*
BL30
_BASE undefined.
* Return 0 on success or if there's no
BL3-0
image to load, a negative error
* Load the
SCP_BL2
image if there's one.
* If a platform does not want to attempt to load
SCP_BL2
image it must leave
*
SCP_BL2
_BASE undefined.
* Return 0 on success or if there's no
SCP_BL2
image to load, a negative error
* code otherwise.
******************************************************************************/
static
int
load_
bl30
(
void
)
static
int
load_
scp_bl2
(
void
)
{
int
e
=
0
;
#ifdef
BL30
_BASE
meminfo_t
bl30
_mem_info
;
image_info_t
bl30
_image_info
;
#ifdef
SCP_BL2
_BASE
meminfo_t
scp_bl2
_mem_info
;
image_info_t
scp_bl2
_image_info
;
/*
* It is up to the platform to specify where
BL3-0
should be loaded if
* It is up to the platform to specify where
SCP_BL2
should be loaded if
* it exists. It could create space in the secure sram or point to a
* completely different memory.
*
* The entry point information is not relevant in this case as the AP
* won't execute the
BL3-0
image.
* won't execute the
SCP_BL2
image.
*/
INFO
(
"BL2: Loading
BL3-0
\n
"
);
bl2_plat_get_
bl30
_meminfo
(
&
bl30
_mem_info
);
bl30
_image_info
.
h
.
version
=
VERSION_1
;
e
=
load_auth_image
(
&
bl30
_mem_info
,
BL30
_IMAGE_ID
,
BL30
_BASE
,
&
bl30
_image_info
,
INFO
(
"BL2: Loading
SCP_BL2
\n
"
);
bl2_plat_get_
scp_bl2
_meminfo
(
&
scp_bl2
_mem_info
);
scp_bl2
_image_info
.
h
.
version
=
VERSION_1
;
e
=
load_auth_image
(
&
scp_bl2
_mem_info
,
SCP_BL2
_IMAGE_ID
,
SCP_BL2
_BASE
,
&
scp_bl2
_image_info
,
NULL
);
if
(
e
==
0
)
{
/* The subsequent handling of
BL3-0
is platform specific */
e
=
bl2_plat_handle_
bl30
(
&
bl30
_image_info
);
/* The subsequent handling of
SCP_BL2
is platform specific */
e
=
bl2_plat_handle_
scp_bl2
(
&
scp_bl2
_image_info
);
if
(
e
)
{
ERROR
(
"Failure in platform-specific handling of
BL3-0
image.
\n
"
);
ERROR
(
"Failure in platform-specific handling of
SCP_BL2
image.
\n
"
);
}
}
#endif
/*
BL30
_BASE */
#endif
/*
SCP_BL2
_BASE */
return
e
;
}
#ifndef EL3_PAYLOAD_BASE
/*******************************************************************************
* Load the BL3
-
1 image.
* Load the BL31 image.
* The bl2_to_bl31_params and bl31_ep_info params will be updated with the
* relevant BL3
-
1 information.
* relevant BL31 information.
* Return 0 on success, a negative error code otherwise.
******************************************************************************/
static
int
load_bl31
(
bl31_params_t
*
bl2_to_bl31_params
,
...
...
@@ -97,17 +104,17 @@ static int load_bl31(bl31_params_t *bl2_to_bl31_params,
meminfo_t
*
bl2_tzram_layout
;
int
e
;
INFO
(
"BL2: Loading BL3
-
1
\n
"
);
INFO
(
"BL2: Loading BL31
\n
"
);
assert
(
bl2_to_bl31_params
!=
NULL
);
assert
(
bl31_ep_info
!=
NULL
);
/* Find out how much free trusted ram remains after BL2 load */
bl2_tzram_layout
=
bl2_plat_sec_mem_layout
();
/* Set the X0 parameter to BL3
-
1 */
/* Set the X0 parameter to BL31 */
bl31_ep_info
->
args
.
arg0
=
(
unsigned
long
)
bl2_to_bl31_params
;
/* Load the BL3
-
1 image */
/* Load the BL31 image */
e
=
load_auth_image
(
bl2_tzram_layout
,
BL31_IMAGE_ID
,
BL31_BASE
,
...
...
@@ -123,12 +130,12 @@ static int load_bl31(bl31_params_t *bl2_to_bl31_params,
}
/*******************************************************************************
* Load the BL3
-
2 image if there's one.
* The bl2_to_bl31_params param will be updated with the relevant BL3
-
2
* Load the BL32 image if there's one.
* The bl2_to_bl31_params param will be updated with the relevant BL32
* information.
* If a platform does not want to attempt to load BL3
-
2 image it must leave
* If a platform does not want to attempt to load BL32 image it must leave
* BL32_BASE undefined.
* Return 0 on success or if there's no BL3
-
2 image to load, a negative error
* Return 0 on success or if there's no BL32 image to load, a negative error
* code otherwise.
******************************************************************************/
static
int
load_bl32
(
bl31_params_t
*
bl2_to_bl31_params
)
...
...
@@ -137,11 +144,11 @@ static int load_bl32(bl31_params_t *bl2_to_bl31_params)
#ifdef BL32_BASE
meminfo_t
bl32_mem_info
;
INFO
(
"BL2: Loading BL3
-
2
\n
"
);
INFO
(
"BL2: Loading BL32
\n
"
);
assert
(
bl2_to_bl31_params
!=
NULL
);
/*
* It is up to the platform to specify where BL3
-
2 should be loaded if
* It is up to the platform to specify where BL32 should be loaded if
* it exists. It could create space in the secure sram or point to a
* completely different memory.
*/
...
...
@@ -163,8 +170,8 @@ static int load_bl32(bl31_params_t *bl2_to_bl31_params)
}
/*******************************************************************************
* Load the BL3
-
3 image.
* The bl2_to_bl31_params param will be updated with the relevant BL3
-
3
* Load the BL33 image.
* The bl2_to_bl31_params param will be updated with the relevant BL33
* information.
* Return 0 on success, a negative error code otherwise.
******************************************************************************/
...
...
@@ -173,12 +180,12 @@ static int load_bl33(bl31_params_t *bl2_to_bl31_params)
meminfo_t
bl33_mem_info
;
int
e
;
INFO
(
"BL2: Loading BL3
-
3
\n
"
);
INFO
(
"BL2: Loading BL33
\n
"
);
assert
(
bl2_to_bl31_params
!=
NULL
);
bl2_plat_get_bl33_meminfo
(
&
bl33_mem_info
);
/* Load the BL3
-
3 image in non-secure memory provided by the platform */
/* Load the BL33 image in non-secure memory provided by the platform */
e
=
load_auth_image
(
&
bl33_mem_info
,
BL33_IMAGE_ID
,
plat_get_ns_image_entrypoint
(),
...
...
@@ -196,7 +203,7 @@ static int load_bl33(bl31_params_t *bl2_to_bl31_params)
/*******************************************************************************
* The only thing to do in BL2 is to load further images and pass control to
* BL3
-
1. The memory occupied by BL2 will be reclaimed by BL3
-
x stages. BL2 runs
* BL31. The memory occupied by BL2 will be reclaimed by BL3x stages. BL2 runs
* entirely in S-EL1.
******************************************************************************/
void
bl2_main
(
void
)
...
...
@@ -219,18 +226,18 @@ void bl2_main(void)
/*
* Load the subsequent bootloader images
*/
e
=
load_
bl30
();
e
=
load_
scp_bl2
();
if
(
e
)
{
ERROR
(
"Failed to load
BL3-0
(%i)
\n
"
,
e
);
ERROR
(
"Failed to load
SCP_BL2
(%i)
\n
"
,
e
);
plat_error_handler
(
e
);
}
/* Perform platform setup in BL2 after loading
BL3-0
*/
/* Perform platform setup in BL2 after loading
SCP_BL2
*/
bl2_platform_setup
();
/*
* Get a pointer to the memory the platform has set aside to pass
* information to BL3
-
1.
* information to BL31.
*/
bl2_to_bl31_params
=
bl2_plat_get_bl31_params
();
bl31_ep_info
=
bl2_plat_get_bl31_ep_info
();
...
...
@@ -241,7 +248,7 @@ void bl2_main(void)
* images. Just update the BL31 entrypoint info structure to make BL1
* jump to the EL3 payload.
* The pointer to the memory the platform has set aside to pass
* information to BL3
-
1 in the normal boot flow is reused here, even
* information to BL31 in the normal boot flow is reused here, even
* though only a fraction of the information contained in the
* bl31_params_t structure makes sense in the context of EL3 payloads.
* This will be refined in the future.
...
...
@@ -253,23 +260,23 @@ void bl2_main(void)
#else
e
=
load_bl31
(
bl2_to_bl31_params
,
bl31_ep_info
);
if
(
e
)
{
ERROR
(
"Failed to load BL3
-
1 (%i)
\n
"
,
e
);
ERROR
(
"Failed to load BL31 (%i)
\n
"
,
e
);
plat_error_handler
(
e
);
}
e
=
load_bl32
(
bl2_to_bl31_params
);
if
(
e
)
{
if
(
e
==
-
EAUTH
)
{
ERROR
(
"Failed to authenticate BL3
-
2
\n
"
);
ERROR
(
"Failed to authenticate BL32
\n
"
);
plat_error_handler
(
e
);
}
else
{
WARN
(
"Failed to load BL3
-
2 (%i)
\n
"
,
e
);
WARN
(
"Failed to load BL32 (%i)
\n
"
,
e
);
}
}
e
=
load_bl33
(
bl2_to_bl31_params
);
if
(
e
)
{
ERROR
(
"Failed to load BL3
-
3 (%i)
\n
"
,
e
);
ERROR
(
"Failed to load BL33 (%i)
\n
"
,
e
);
plat_error_handler
(
e
);
}
#endif
/* EL3_PAYLOAD_BASE */
...
...
@@ -278,9 +285,9 @@ void bl2_main(void)
bl2_plat_flush_bl31_params
();
/*
* Run BL3
-
1 via an SMC to BL1. Information on how to pass control to
* the BL3
-
2 (if present) and BL3
-
3 software images will be passed to
* BL3
-
1 as an argument.
* Run BL31 via an SMC to BL1. Information on how to pass control to
* the BL32 (if present) and BL33 software images will be passed to
* BL31 as an argument.
*/
smc
(
BL1_SMC_RUN_IMAGE
,
(
unsigned
long
)
bl31_ep_info
,
0
,
0
,
0
,
0
,
0
,
0
);
}
bl31/aarch64/bl31_entrypoint.S
View file @
31d5e7f5
...
...
@@ -91,7 +91,7 @@ func bl31_entrypoint
_exception_vectors
=
runtime_exceptions
/
*
---------------------------------------------------------------------
*
For
RESET_TO_BL31
systems
,
BL3
-
1
is
the
first
bootloader
to
run
so
*
For
RESET_TO_BL31
systems
,
BL31
is
the
first
bootloader
to
run
so
*
there
's no argument to relay from a previous bootloader. Zero the
*
arguments
passed
to
the
platform
layer
to
reflect
that
.
*
---------------------------------------------------------------------
...
...
bl31/bl31.ld.S
View file @
31d5e7f5
...
...
@@ -94,7 +94,7 @@ SECTIONS
}
>
RAM
#ifdef BL31_PROGBITS_LIMIT
ASSERT
(.
<=
BL31_PROGBITS_LIMIT
,
"BL3
-
1 progbits has exceeded its limit."
)
ASSERT
(.
<=
BL31_PROGBITS_LIMIT
,
"BL31 progbits has exceeded its limit."
)
#endif
stacks
(
NOLOAD
)
:
{
...
...
@@ -184,5 +184,5 @@ SECTIONS
__COHERENT_RAM_END_UNALIGNED__
-
__COHERENT_RAM_START__
;
#endif
ASSERT
(.
<=
BL31_LIMIT
,
"BL3
-
1 image has exceeded its limit."
)
ASSERT
(.
<=
BL31_LIMIT
,
"BL31 image has exceeded its limit."
)
}
bl31/bl31.mk
View file @
31d5e7f5
...
...
@@ -62,7 +62,7 @@ endif
BL31_LINKERFILE
:=
bl31/bl31.ld.S
# Flag used to inidicate if Crash reporting via console should be included
# in BL3
-
1. This defaults to being present in DEBUG builds only
# in BL31. This defaults to being present in DEBUG builds only
ifndef
CRASH_REPORTING
CRASH_REPORTING
:=
$(DEBUG)
endif
...
...
bl31/bl31_main.c
View file @
31d5e7f5
...
...
@@ -71,8 +71,8 @@ void bl31_lib_init(void)
******************************************************************************/
void
bl31_main
(
void
)
{
NOTICE
(
"BL3
-
1: %s
\n
"
,
version_string
);
NOTICE
(
"BL3
-
1: %s
\n
"
,
build_message
);
NOTICE
(
"BL31: %s
\n
"
,
version_string
);
NOTICE
(
"BL31: %s
\n
"
,
build_message
);
/* Perform remaining generic architectural setup from EL3 */
bl31_arch_setup
();
...
...
@@ -84,7 +84,7 @@ void bl31_main(void)
bl31_lib_init
();
/* Initialize the runtime services e.g. psci */
INFO
(
"BL3
-
1: Initializing runtime services
\n
"
);
INFO
(
"BL31: Initializing runtime services
\n
"
);
runtime_svc_init
();
/*
...
...
@@ -101,7 +101,7 @@ void bl31_main(void)
* If SPD had registerd an init hook, invoke it.
*/
if
(
bl32_init
)
{
INFO
(
"BL3
-
1: Initializing BL3
-
2
\n
"
);
INFO
(
"BL31: Initializing BL32
\n
"
);
(
*
bl32_init
)();
}
/*
...
...
@@ -153,7 +153,7 @@ void bl31_prepare_next_image_entry(void)
assert
(
next_image_info
);
assert
(
image_type
==
GET_SECURITY_STATE
(
next_image_info
->
h
.
attr
));
INFO
(
"BL3
-
1: Preparing for EL3 exit to %s world
\n
"
,
INFO
(
"BL31: Preparing for EL3 exit to %s world
\n
"
,
(
image_type
==
SECURE
)
?
"secure"
:
"normal"
);
print_entry_point_info
(
next_image_info
);
cm_init_my_context
(
next_image_info
);
...
...
bl32/tsp/tsp.ld.S
View file @
31d5e7f5
...
...
@@ -138,5 +138,5 @@ SECTIONS
__COHERENT_RAM_END_UNALIGNED__
-
__COHERENT_RAM_START__
;
#endif
ASSERT
(.
<=
BL32_LIMIT
,
"BL3
-
2 image has exceeded its limit."
)
ASSERT
(.
<=
BL32_LIMIT
,
"BL32 image has exceeded its limit."
)
}
bl32/tsp/tsp.mk
View file @
31d5e7f5
...
...
@@ -41,8 +41,8 @@ BL32_SOURCES += bl32/tsp/tsp_main.c \
BL32_LINKERFILE
:=
bl32/tsp/tsp.ld.S
# This flag determines if the TSPD initializes BL3
-
2 in tspd_init() (synchronous
# method) or configures BL3
-
1 to pass control to BL3
-
2 instead of BL3
-
3
# This flag determines if the TSPD initializes BL32 in tspd_init() (synchronous
# method) or configures BL31 to pass control to BL32 instead of BL33
# (asynchronous method).
TSP_INIT_ASYNC
:=
0
...
...
common/aarch64/early_exceptions.S
View file @
31d5e7f5
...
...
@@ -37,7 +37,7 @@
/
*
-----------------------------------------------------
*
Very
simple
stackless
exception
handlers
used
by
BL2
*
and
BL3
-
1
bootloader
stages
.
BL3
-
1
uses
them
before
*
and
BL31
bootloader
stages
.
BL31
uses
them
before
*
stacks
are
setup
.
BL2
uses
them
throughout
.
*
-----------------------------------------------------
*/
...
...
docs/auth-framework.md
View file @
31d5e7f5
...
...
@@ -83,7 +83,7 @@ behind them. These aspects are key to verify a Chain of Trust.
A CoT is basically a sequence of authentication images which usually starts with
a root of trust and culminates in a single data image. The following diagram
illustrates how this maps to a CoT for the BL3
-
1 image described in the
illustrates how this maps to a CoT for the BL31 image described in the
TBBR-Client specification.
```
...
...
@@ -97,8 +97,8 @@ TBBR-Client specification.
/ |
/ |
L v
+------------------+ +-------------------+
| Trusted World |------>| BL3
-
1 Key |
+------------------+
+-------------------+
| Trusted World |------>| BL31 Key
|
| Public Key | | Certificate |
+------------------+ | (Auth Image) |
+-------------------+
...
...
@@ -108,7 +108,7 @@ TBBR-Client specification.
/ |
/ v
+------------------+ L +-------------------+
| BL3
-
1 Content |------>| BL3
-
1 Content |
| BL31 Content
|------>| BL31 Content
|
| Certificate PK | | Certificate |
+------------------+ | (Auth Image) |
+-------------------+
...
...
@@ -118,7 +118,7 @@ TBBR-Client specification.
/ |
/ v
+------------------+ L +-------------------+
| BL3
-
1 Hash |------>| BL3
-
1 Image |
| BL31 Hash
|------>| BL31 Image
|
| | | (Data Image) |
+------------------+ | |
+-------------------+
...
...
@@ -211,14 +211,15 @@ It is responsible for:
3.
Tracking which images have been verified. In case an image is a part of
multiple CoTs then it should be verified only once e.g. the Trusted World
Key Certificate in the TBBR-Client spec. contains information to verify
BL3-0, BL3-1, BL3-2 each of which have a separate CoT. (This responsibility
has not been described in this document but should be trivial to implement).
SCP_BL2, BL31, BL32 each of which have a separate CoT. (This
responsibility has not been described in this document but should be
trivial to implement).
4.
Reusing memory meant for a data image to verify authentication images e.g.
in the CoT described in Diagram 2, each certificate can be loaded and
verified in the memory reserved by the platform for the BL3
-
1 image. By the
time BL3
-
1 (the data image) is loaded, all information to authenticate it
will have been extracted from the parent image i.e. BL3
-
1 content
verified in the memory reserved by the platform for the BL31 image. By the
time BL31 (the data image) is loaded, all information to authenticate it
will have been extracted from the parent image i.e. BL31 content
certificate. It is assumed that the size of an authentication image will
never exceed the size of a data image. It should be possible to verify this
at build time using asserts.
...
...
@@ -491,7 +492,7 @@ typedef struct auth_param_type_desc_s {
`cookie`
is used by the platform to specify additional information to the IPM
which enables it to uniquely identify the parameter that should be extracted
from an image. For example, the hash of a BL3
-
x image in its corresponding
from an image. For example, the hash of a BL3x image in its corresponding
content certificate is stored in an X509v3 custom extension field. An extension
field can only be identified using an OID. In this case, the
`cookie`
could
contain the pointer to the OID defined by the platform for the hash extension
...
...
@@ -632,10 +633,10 @@ is, however, a minimum set of images that are mandatory in the Trusted Firmware
and thus all CoTs must present:
*
`BL2`
*
`
BL3-0
`
(platform specific)
*
`BL3
-
1`
*
`BL3
-
2`
(optional)
*
`BL3
-
3`
*
`
SCP_BL2
`
(platform specific)
*
`BL31`
*
`BL32`
(optional)
*
`BL33`
The TBBR specifies the additional certificates that must accompany these images
for a proper authentication. Details about the TBBR CoT may be found in the
...
...
@@ -704,9 +705,9 @@ process, some of the buffers may be reused at different stages during the boot.
Next in that file, the parameter descriptors are defined. These descriptors will
be used to extract the parameter data from the corresponding image.
#### 4.1.1 Example: the BL3
-
1 Chain of Trust
#### 4.1.1 Example: the BL31 Chain of Trust
Four image descriptors form the BL3
-
1 Chain of Trust:
Four image descriptors form the BL31 Chain of Trust:
```
[TRUSTED_KEY_CERT_ID] = {
...
...
@@ -726,30 +727,30 @@ Four image descriptors form the BL3-1 Chain of Trust:
},
.authenticated_data = {
[0] = {
.type_desc = &t
z
_world_pk,
.type_desc = &t
rusted
_world_pk,
.data = {
.ptr = (void *)
plat_tz
_world_pk_buf,
.ptr = (void *)
trusted
_world_pk_buf,
.len = (unsigned int)PK_DER_LEN
}
},
[1] = {
.type_desc = &n
tz
_world_pk,
.type_desc = &n
on_trusted
_world_pk,
.data = {
.ptr = (void *)
plat_ntz
_world_pk_buf,
.ptr = (void *)
non_trusted
_world_pk_buf,
.len = (unsigned int)PK_DER_LEN
}
}
}
},
[
BL31
_KEY_CERT_ID] = {
.img_id =
BL31
_KEY_CERT_ID,
[
SOC_FW
_KEY_CERT_ID] = {
.img_id =
SOC_FW
_KEY_CERT_ID,
.img_type = IMG_CERT,
.parent = &cot_desc[TRUSTED_KEY_CERT_ID],
.img_auth_methods = {
[0] = {
.type = AUTH_METHOD_SIG,
.param.sig = {
.pk = &t
z
_world_pk,
.pk = &t
rusted
_world_pk,
.sig = &sig,
.alg = &sig_alg,
.data = &raw_data,
...
...
@@ -758,23 +759,23 @@ Four image descriptors form the BL3-1 Chain of Trust:
},
.authenticated_data = {
[0] = {
.type_desc = &
bl31
_content_pk,
.type_desc = &
soc_fw
_content_pk,
.data = {
.ptr = (void *)
plat_
content_pk,
.ptr = (void *)content_pk
_buf
,
.len = (unsigned int)PK_DER_LEN
}
}
}
},
[
BL31
_CERT_ID] = {
.img_id =
BL31
_CERT_ID,
[
SOC_FW_CONTENT
_CERT_ID] = {
.img_id =
SOC_FW_CONTENT
_CERT_ID,
.img_type = IMG_CERT,
.parent = &cot_desc[
BL31
_KEY_CERT_ID],
.parent = &cot_desc[
SOC_FW
_KEY_CERT_ID],
.img_auth_methods = {
[0] = {
.type = AUTH_METHOD_SIG,
.param.sig = {
.pk = &
bl31
_content_pk,
.pk = &
soc_fw
_content_pk,
.sig = &sig,
.alg = &sig_alg,
.data = &raw_data,
...
...
@@ -783,9 +784,9 @@ Four image descriptors form the BL3-1 Chain of Trust:
},
.authenticated_data = {
[0] = {
.type_desc = &
bl31
_hash,
.type_desc = &
soc_fw
_hash,
.data = {
.ptr = (void *)
plat_bl31
_hash_buf,
.ptr = (void *)
soc_fw
_hash_buf,
.len = (unsigned int)HASH_DER_LEN
}
}
...
...
@@ -794,13 +795,13 @@ Four image descriptors form the BL3-1 Chain of Trust:
[BL31_IMAGE_ID] = {
.img_id = BL31_IMAGE_ID,
.img_type = IMG_RAW,
.parent = &cot_desc[
BL31
_CERT_ID],
.parent = &cot_desc[
SOC_FW_CONTENT
_CERT_ID],
.img_auth_methods = {
[0] = {
.type = AUTH_METHOD_HASH,
.param.hash = {
.data = &raw_data,
.hash = &
bl31
_hash,
.hash = &
soc_fw
_hash,
}
}
}
...
...
@@ -835,27 +836,27 @@ is created in the `authenticated_data` array for that purpose. In that entry,
the corresponding parameter descriptor must be specified along with the buffer
address to store the parameter value. In this case, the
`tz_world_pk`
descriptor
is used to extract the public key from an x509v3 extension with OID
`T
Z
_WORLD_PK_OID`
. The BL3
-
1 key certificate will use this descriptor as
`T
RUSTED
_WORLD_PK_OID`
. The BL31 key certificate will use this descriptor as
parameter in the signature authentication method. The key is stored in the
`plat_tz_world_pk_buf`
buffer.
The
**BL3
-
1 Key certificate**
is authenticated by checking its digital signature
The
**BL31 Key certificate**
is authenticated by checking its digital signature
using the Trusted World public key obtained previously from the Trusted Key
certificate. In the image descriptor, we specify a single authentication method
by signature whose public key is the
`tz_world_pk`
. Once this certificate has
been authenticated, we have to extract the BL3
-
1 public key, stored in the
been authenticated, we have to extract the BL31 public key, stored in the
extension specified by
`bl31_content_pk`
. This key will be copied to the
`plat_content_pk`
buffer.
The
**BL3
-
1 certificate**
is authenticated by checking its digital signature
using the BL3
-
1 public key obtained previously from the BL3
-
1 Key certificate.
The
**BL31 certificate**
is authenticated by checking its digital signature
using the BL31 public key obtained previously from the BL31 Key certificate.
We specify the authentication method using
`bl31_content_pk`
as public key.
After authentication, we need to extract the BL3
-
1 hash, stored in the extension
After authentication, we need to extract the BL31 hash, stored in the extension
specified by
`bl31_hash`
. This hash will be copied to the
`plat_bl31_hash_buf`
buffer.
The
**BL3
-
1 image**
is authenticated by calculating its hash and matching it
with the hash obtained from the BL3
-
1 certificate. The image descriptor contains
The
**BL31 image**
is authenticated by calculating its hash and matching it
with the hash obtained from the BL31 certificate. The image descriptor contains
a single authentication method by hash. The parameters to the hash method are
the reference hash,
`bl31_hash`
, and the data to be hashed. In this case, it is
the whole image, so we specify
`raw_data`
.
...
...
docs/firmware-design.md
View file @
31d5e7f5
This diff is collapsed.
Click to expand it.
docs/platform-migration-guide.md
View file @
31d5e7f5
...
...
@@ -314,7 +314,7 @@ This function is called with the `SCTLR.M` and `SCTLR.C` bits disabled. The core
is identified by its `
MPIDR
`, which is passed as the argument. The function is
responsible for distinguishing between a warm and cold reset using platform-
specific means. If it is a warm reset, it returns the entrypoint into the
BL3
-
1 image that the core must jump to. If it is a cold reset, this function
BL31 image that the core must jump to. If it is a cold reset, this function
must return zero.
This function is also responsible for implementing a platform-specific mechanism
...
...
@@ -387,7 +387,7 @@ provided in [plat/common/aarch64/platform_up_stack.S] and
[plat/common/aarch64/platform_mp_stack.S]
## Modifications for Power State Coordination Interface (in BL3
-
1)
## Modifications for Power State Coordination Interface (in BL31)
The following functions must be implemented to initialize PSCI functionality in
the ARM Trusted Firmware.
...
...
@@ -448,7 +448,7 @@ called by the primary core.
This function is called by PSCI initialization code. Its purpose is to export
handler routines for platform-specific power management actions by populating
the passed pointer with a pointer to the private `
plat_pm_ops
` structure of
BL3
-
1.
BL31.
A description of each member of this structure is given below. A platform port
is expected to implement these handlers if the corresponding PSCI operation
...
...
docs/porting-guide.md
View file @
31d5e7f5
This diff is collapsed.
Click to expand it.
docs/rt-svc-writers-guide.md
View file @
31d5e7f5
...
...
@@ -19,7 +19,7 @@ Contents
----------------
This document describes how to add a runtime service to the EL3 Runtime
Firmware component of ARM Trusted Firmware (BL3
-
1).
Firmware component of ARM Trusted Firmware (BL31).
Software executing in the normal world and in the trusted world at exception
levels lower than EL3 will request runtime services using the Secure Monitor
...
...
@@ -30,9 +30,9 @@ results are returned.
SMC Functions are grouped together based on the implementor of the service, for
example a subset of the Function IDs are designated as "OEM Calls" (see [SMCCC]
for full details). The EL3 runtime services framework in BL3
-
1 enables the
for full details). The EL3 runtime services framework in BL31 enables the
independent implementation of services for each group, which are then compiled
into the BL3
-
1 image. This simplifies the integration of common software from
into the BL31 image. This simplifies the integration of common software from
ARM to support [PSCI], Secure Monitor for a Trusted OS and SoC specific
software. The common runtime services framework ensures that SMC Functions are
dispatched to their respective service implementation - the [Firmware Design]
...
...
@@ -290,7 +290,7 @@ between the normal and secure worlds, deliver SMC Calls through to Secure-EL1
and generally manage the Secure-EL1 Payload through CPU power-state transitions.
TODO: Provide details of the additional work required to implement a SPD and
the BL3
-
1 support for these services. Or a reference to the document that will
the BL31 support for these services. Or a reference to the document that will
provide this information....
...
...
docs/trusted-board-boot.md
View file @
31d5e7f5
...
...
@@ -66,29 +66,29 @@ The keys used to establish the CoT are:
*
**Trusted world key**
The private part is used to sign the key certificates corresponding to the
secure world images (
BL3-0
, BL3
-
1 and BL3
-
2). The public part is stored in
secure world images (
SCP_BL2
, BL31 and BL32). The public part is stored in
one of the extension fields in the trusted world certificate.
*
**Non-trusted world key**
The private part is used to sign the key certificate corresponding to the
non secure world image (BL3
-
3). The public part is stored in one of the
non secure world image (BL33). The public part is stored in one of the
extension fields in the trusted world certificate.
*
**BL3-X keys**
For each of
BL3-0
, BL3
-
1, BL3
-
2 and BL3
-
3, the private part is used to
sign
the content certificate for the BL3-X image. The public part is stored
in
one of the extension fields in the corresponding key certificate.
For each of
SCP_BL2
, BL31, BL32 and BL33, the private part is used to
sign
the content certificate for the BL3-X image. The public part is stored
in
one of the extension fields in the corresponding key certificate.
The following images are included in the CoT:
*
BL1
*
BL2
*
BL3-0
(optional)
*
BL3
-
1
*
BL3
-
3
*
BL3
-
2 (optional)
*
SCP_BL2
(optional)
*
BL31
*
BL33
*
BL32 (optional)
The following certificates are used to authenticate the images.
...
...
@@ -103,44 +103,45 @@ The following certificates are used to authenticate the images.
public part of the trusted world key and the public part of the non-trusted
world key.
*
**
BL3-0
key certificate**
*
**
SCP_BL2
key certificate**
It is self-signed with the trusted world key. It contains the public part of
the
BL3-0
key.
the
SCP_BL2
key.
*
**
BL3-0
content certificate**
*
**
SCP_BL2
content certificate**
It is self-signed with the BL3-0 key. It contains a hash of the BL3-0 image.
It is self-signed with the SCP_BL2 key. It contains a hash of the SCP_BL2
image.
*
**BL3
-
1 key certificate**
*
**BL31 key certificate**
It is self-signed with the trusted world key. It contains the public part of
the BL3
-
1 key.
the BL31 key.
*
**BL3
-
1 content certificate**
*
**BL31 content certificate**
It is self-signed with the BL3
-
1 key. It contains a hash of the BL3
-
1 image.
It is self-signed with the BL31 key. It contains a hash of the BL31 image.
*
**BL3
-
2 key certificate**
*
**BL32 key certificate**
It is self-signed with the trusted world key. It contains the public part of
the BL3
-
2 key.
the BL32 key.
*
**BL3
-
2 content certificate**
*
**BL32 content certificate**
It is self-signed with the BL3
-
2 key. It contains a hash of the BL3
-
2 image.
It is self-signed with the BL32 key. It contains a hash of the BL32 image.
*
**BL3
-
3 key certificate**
*
**BL33 key certificate**
It is self-signed with the non-trusted world key. It contains the public
part of the BL3
-
3 key.
part of the BL33 key.
*
**BL3
-
3 content certificate**
*
**BL33 content certificate**
It is self-signed with the BL3
-
3 key. It contains a hash of the BL3
-
3 image.
It is self-signed with the BL33 key. It contains a hash of the BL33 image.
The
BL3-0
and BL3
-
2 certificates are optional, but they must be present if the
corresponding
BL3-0
or BL3
-
2 images are present.
The
SCP_BL2
and BL32 certificates are optional, but they must be present if the
corresponding
SCP_BL2
or BL32 images are present.
3. Trusted Board Boot Sequence
...
...
@@ -167,27 +168,27 @@ if any of the steps fail.
registers. If the comparison succeeds, BL2 reads and saves the trusted and
non-trusted world public keys from the verified certificate.
The next two steps are executed for each of the
BL3-0
, BL3
-
1 & BL3
-
2 images.
The
steps for the optional
BL3-0
and BL3
-
2 images are skipped if these images
are
not present.
The next two steps are executed for each of the
SCP_BL2
, BL31 & BL32 images.
The
steps for the optional
SCP_BL2
and BL32 images are skipped if these images
are
not present.
*
BL2 loads and verifies the BL3
-
x key certificate. The certificate signature
*
BL2 loads and verifies the BL3x key certificate. The certificate signature
is verified using the trusted world public key. If the signature
verification succeeds, BL2 reads and saves the BL3
-
x public key from the
verification succeeds, BL2 reads and saves the BL3x public key from the
certificate.
*
BL2 loads and verifies the BL3
-
x content certificate. The signature is
verified using the BL3
-
x public key. If the signature verification succeeds,
BL2 reads and saves the BL3
-
x image hash from the certificate.
*
BL2 loads and verifies the BL3x content certificate. The signature is
verified using the BL3x public key. If the signature verification succeeds,
BL2 reads and saves the BL3x image hash from the certificate.
The next two steps are executed only for the BL3
-
3 image.
The next two steps are executed only for the BL33 image.
*
BL2 loads and verifies the BL3
-
3 key certificate. If the signature
verification succeeds, BL2 reads and saves the BL3
-
3 public key from the
*
BL2 loads and verifies the BL33 key certificate. If the signature
verification succeeds, BL2 reads and saves the BL33 public key from the
certificate.
*
BL2 loads and verifies the BL3
-
3 content certificate. If the signature
verification succeeds, BL2 reads and saves the BL3
-
3 image hash from the
*
BL2 loads and verifies the BL33 content certificate. If the signature
verification succeeds, BL2 reads and saves the BL33 image hash from the
certificate.
The next step is executed for all the boot loader images.
...
...
docs/user-guide.md
View file @
31d5e7f5
...
...
@@ -99,7 +99,7 @@ as part of the Linaro release.
To build the Trusted Firmware images, change to the root directory of the
Trusted Firmware source tree and follow these steps:
1.
Set the compiler path, specify a Non-trusted Firmware image (BL3
-
3) and
1.
Set the compiler path, specify a Non-trusted Firmware image (BL33) and
a valid platform, and then build:
CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu- \
...
...
@@ -109,11 +109,11 @@ Trusted Firmware source tree and follow these steps:
If `PLAT` is not specified, `fvp` is assumed by default. See the "Summary of
build options" for more information on available build options.
The BL3
-
3 image corresponds to the software that is executed after switching
to the non-secure world. UEFI can be used as the BL3
-
3 image. Refer to the
The BL33 image corresponds to the software that is executed after switching
to the non-secure world. UEFI can be used as the BL33 image. Refer to the
"Building the rest of the software stack" section below.
The TSP (Test Secure Payload), corresponding to the BL3
-
2 image, is not
The TSP (Test Secure Payload), corresponding to the BL32 image, is not
compiled in by default. Refer to the "Building the Test Secure Payload"
section below.
...
...
@@ -139,11 +139,11 @@ Trusted Firmware source tree and follow these steps:
For more information on FIPs, see the "Firmware Image Package" section in
the [Firmware Design].
2.
(Optional) Some platforms may require a
BL3-0
image to boot. This image can
2.
(Optional) Some platforms may require a
SCP_BL2
image to boot. This image can
be included in the FIP when building the Trusted Firmware by specifying the
`
BL30
`
build option:
`
SCP_BL2
`
build option:
BL30
=<path-to>/<
bl30
_image>
SCP_BL2
=<path-to>/<
scp_bl2
_image>
3.
Output binary files
`bl1.bin`
and
`fip.bin`
are both required to boot the
system. How these files are used is platform specific. Refer to the
...
...
@@ -159,10 +159,10 @@ Trusted Firmware source tree and follow these steps:
make realclean
5.
(Optional) Path to binary for certain BL stages (BL2, BL3
-
1 and BL3
-
2) can be
5.
(Optional) Path to binary for certain BL stages (BL2, BL31 and BL32) can be
provided by specifying the BLx=
<path-to>
/
<blx_image>
where BLx is the BL stage.
This will bypass the build of the BL component from source, but will include
the specified binary in the final FIP image. Please note that BL3
-
2 will be
the specified binary in the final FIP image. Please note that BL32 will be
included in the build, only if the
`SPD`
build option is specified.
For example, specifying BL2=<path-to>/<bl2_image> in the build option, will
...
...
@@ -180,11 +180,11 @@ performed.
#### Common build options
*
`
BL30
`
: Path to
BL3-0
image in the host file system. This image is optional.
If a
BL3-0
image is present then this option must be passed for the
`fip`
*
`
SCP_BL2
`
: Path to
SCP_BL2
image in the host file system. This image is optional.
If a
SCP_BL2
image is present then this option must be passed for the
`fip`
target.
*
`BL33`
: Path to BL3
-
3 image in the host file system. This is mandatory for
*
`BL33`
: Path to BL33 image in the host file system. This is mandatory for
`fip`
target in case the BL2 from ARM Trusted Firmware is used.
*
`BL2`
: This is an optional build option which specifies the path to BL2
...
...
@@ -192,11 +192,11 @@ performed.
Firmware will not be built.
*
`BL31`
: This is an optional build option which specifies the path to
BL3
-
1 image for the
`fip`
target. In this case, the BL3
-
1 in the ARM
BL31 image for the
`fip`
target. In this case, the BL31 in the ARM
Trusted Firmware will not be built.
*
`BL32`
: This is an optional build option which specifies the path to
BL3
-
2 image for the
`fip`
target. In this case, the BL3
-
2 in the ARM
BL32 image for the
`fip`
target. In this case, the BL32 in the ARM
Trusted Firmware will not be built.
*
`FIP_NAME`
: This is an optional build option which specifies the FIP
...
...
@@ -246,14 +246,14 @@ performed.
is used to determine the number of valid slave interfaces available in the
ARM CCI driver. Default is 400 (that is, CCI-400).
*
`RESET_TO_BL31`
: Enable BL3
-
1 entrypoint as the CPU reset vector instead
*
`RESET_TO_BL31`
: Enable BL31 entrypoint as the CPU reset vector instead
of the BL1 entrypoint. It can take the value 0 (CPU reset to BL1
entrypoint) or 1 (CPU reset to BL3
-
1 entrypoint).
entrypoint) or 1 (CPU reset to BL31 entrypoint).
The default value is 0.
*
`CRASH_REPORTING`
: A non-zero value enables a console dump of processor
register state when an unexpected exception occurs during execution of
BL3
-
1. This option defaults to the value of
`DEBUG`
- i.e. by default
BL31. This option defaults to the value of
`DEBUG`
- i.e. by default
this is only enabled for a debug build of the firmware.
*
`ASM_ASSERTION`
: This flag determines whether the assertion checks within
...
...
@@ -261,10 +261,10 @@ performed.
value of
`DEBUG`
- that is, by default this is only enabled for a debug
build of the firmware.
*
`TSP_INIT_ASYNC`
: Choose BL3
-
2 initialization method as asynchronous or
synchronous, (see "Initializing a BL3
-
2 Image" section in [Firmware
Design]). It can take the value 0 (BL3
-
2 is initialized using
synchronous method) or 1 (BL3
-
2 is initialized using asynchronous method).
*
`TSP_INIT_ASYNC`
: Choose BL32 initialization method as asynchronous or
synchronous, (see "Initializing a BL32 Image" section in [Firmware
Design]). It can take the value 0 (BL32 is initialized using
synchronous method) or 1 (BL32 is initialized using asynchronous method).
Default is 0.
*
`USE_COHERENT_MEM`
: This flag determines whether to include the coherent
...
...
@@ -327,20 +327,20 @@ performed.
specifies the file that contains the Non-Trusted World private key in PEM
format. If
`SAVE_KEYS=1`
, this file name will be used to save the key.
*
`
BL30
_KEY`
: This option is used when
`GENERATE_COT=1`
. It specifies the
file that contains the
BL3-0
private key in PEM format. If
`SAVE_KEYS=1`
,
*
`
SCP_BL2
_KEY`
: This option is used when
`GENERATE_COT=1`
. It specifies the
file that contains the
SCP_BL2
private key in PEM format. If
`SAVE_KEYS=1`
,
this file name will be used to save the key.
*
`BL31_KEY`
: This option is used when
`GENERATE_COT=1`
. It specifies the
file that contains the BL3
-
1 private key in PEM format. If
`SAVE_KEYS=1`
,
file that contains the BL31 private key in PEM format. If
`SAVE_KEYS=1`
,
this file name will be used to save the key.
*
`BL32_KEY`
: This option is used when
`GENERATE_COT=1`
. It specifies the
file that contains the BL3
-
2 private key in PEM format. If
`SAVE_KEYS=1`
,
file that contains the BL32 private key in PEM format. If
`SAVE_KEYS=1`
,
this file name will be used to save the key.
*
`BL33_KEY`
: This option is used when
`GENERATE_COT=1`
. It specifies the
file that contains the BL3
-
3 private key in PEM format. If
`SAVE_KEYS=1`
,
file that contains the BL33 private key in PEM format. If
`SAVE_KEYS=1`
,
this file name will be used to save the key.
*
`PROGRAMMABLE_RESET_ADDRESS`
: This option indicates whether the reset
...
...
@@ -459,7 +459,7 @@ It is recommended to remove the build artifacts before rebuilding:
make -C tools/fip_create clean
Create a Firmware package that contains existing BL2 and BL3
-
1 images:
Create a Firmware package that contains existing BL2 and BL31 images:
# fip_create --help to print usage information
# fip_create <fip_name> <images to add> [--dump to show result]
...
...
@@ -470,7 +470,7 @@ Create a Firmware package that contains existing BL2 and BL3-1 images:
---------------------------
- Trusted Boot Firmware BL2: offset=0x88, size=0x81E8
file: 'build/<platform>/debug/bl2.bin'
- EL3 Runtime Firmware BL3
-
1: offset=0x8270, size=0xC218
- EL3 Runtime Firmware BL31: offset=0x8270, size=0xC218
file: 'build/<platform>/debug/bl31.bin'
---------------------------
Creating "fip.bin"
...
...
@@ -482,7 +482,7 @@ View the contents of an existing Firmware package:
Firmware Image Package ToC:
---------------------------
- Trusted Boot Firmware BL2: offset=0x88, size=0x81E8
- EL3 Runtime Firmware BL3
-
1: offset=0x8270, size=0xC218
- EL3 Runtime Firmware BL31: offset=0x8270, size=0xC218
---------------------------
Existing package entries can be individially updated:
...
...
@@ -495,7 +495,7 @@ Existing package entries can be individially updated:
---------------------------
- Trusted Boot Firmware BL2: offset=0x88, size=0x7240
file: 'build/<platform>/release/bl2.bin'
- EL3 Runtime Firmware BL3
-
1: offset=0x72C8, size=0xC218
- EL3 Runtime Firmware BL31: offset=0x72C8, size=0xC218
---------------------------
Updating "fip.bin"
...
...
@@ -550,13 +550,13 @@ commands can be used:
### Building the Test Secure Payload
The TSP is coupled with a companion runtime service in the BL3
-
1 firmware,
called the TSPD. Therefore, if you intend to use the TSP, the BL3
-
1 image
The TSP is coupled with a companion runtime service in the BL31 firmware,
called the TSPD. Therefore, if you intend to use the TSP, the BL31 image
must be recompiled as well. For more information on SPs and SPDs, see the
"Secure-EL1 Payloads and Dispatchers" section in the [Firmware Design].
First clean the Trusted Firmware build directory to get rid of any previous
BL3
-
1 binary. Then to build the TSP image and include it into the FIP use:
BL31 binary. Then to build the TSP image and include it into the FIP use:
CROSS_COMPILE=<path-to-aarch64-gcc>/bin/aarch64-linux-gnu- \
BL33=<path-to>/<bl33_image> \
...
...
@@ -566,19 +566,19 @@ An additional boot loader binary file is created in the `build` directory:
*
`build/<platform>/<build-type>/bl32.bin`
The FIP will now contain the additional BL3
-
2 image. Here is an example
output from an FVP build in release mode including BL3
-
2 and using
FVP_AARCH64_EFI.fd as BL3
-
3 image:
The FIP will now contain the additional BL32 image. Here is an example
output from an FVP build in release mode including BL32 and using
FVP_AARCH64_EFI.fd as BL33 image:
Firmware Image Package ToC:
---------------------------
- Trusted Boot Firmware BL2: offset=0xD8, size=0x6000
file: './build/fvp/release/bl2.bin'
- EL3 Runtime Firmware BL3
-
1: offset=0x60D8, size=0x9000
- EL3 Runtime Firmware BL31: offset=0x60D8, size=0x9000
file: './build/fvp/release/bl31.bin'
- Secure Payload BL3
-
2 (Trusted OS): offset=0xF0D8, size=0x3000
- Secure Payload BL32 (Trusted OS): offset=0xF0D8, size=0x3000
file: './build/fvp/release/bl32.bin'
- Non-Trusted Firmware BL3
-
3: offset=0x120D8, size=0x280000
- Non-Trusted Firmware BL33: offset=0x120D8, size=0x280000
file: '../FVP_AARCH64_EFI.fd'
---------------------------
Creating "build/fvp/release/fip.bin"
...
...
@@ -767,7 +767,7 @@ complexity of developing EL3 baremetal code by:
*
putting the system into a known architectural state;
*
taking care of platform secure world initialization;
*
loading the
BL30
image if required by the platform.
*
loading the
SCP_BL2
image if required by the platform.
When booting an EL3 payload on ARM standard platforms, the configuration of the
TrustZone controller is simplified such that only region 0 is enabled and is
...
...
@@ -1002,7 +1002,7 @@ boot Linux with 8 CPUs using the ARM Trusted Firmware.
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
### Running on the AEMv8 Base FVP with reset to BL3
-
1 entrypoint
### Running on the AEMv8 Base FVP with reset to BL31 entrypoint
Please read "Notes regarding Base FVP configuration options" section above for
information about some of the options to run the software.
...
...
@@ -1032,7 +1032,7 @@ with 8 CPUs using the ARM Trusted Firmware.
--data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>"
### Running on the Cortex-A57-A53 Base FVP with reset to BL3
-
1 entrypoint
### Running on the Cortex-A57-A53 Base FVP with reset to BL31 entrypoint
Please read "Notes regarding Base FVP configuration options" section above for
information about some of the options to run the software.
...
...
@@ -1097,7 +1097,7 @@ registers memory map (`0x1c010000`).
This register can be configured as described in the following sections.
NOTE: If the legacy VE GIC memory map is used, then the corresponding FDT and
BL3
-
3 images should be used.
BL33 images should be used.
#### Configuring AEMv8 Foundation FVP GIC for legacy VE memory map
...
...
@@ -1187,14 +1187,15 @@ deliverables on Juno][Juno Instructions].
### Preparing Trusted Firmware images
The Juno platform requires a BL0 and a BL30 image to boot up. The BL0 image
contains the ROM firmware that runs on the SCP (System Control Processor),
whereas the BL30 image contains the SCP Runtime firmware. Both images are
embedded within the Juno board recovery image, these are the files
`bl0.bin`
and
`bl30.bin`
.
The Juno platform requires a SCP_BL1 and a SCP_BL2 image to boot up. The
SCP_BL1 image contains the ROM firmware that runs on the SCP (System Control
Processor), whereas the SCP_BL2 image contains the SCP Runtime firmware. Both
images are embedded within the Juno board recovery image, these are the files
`bl0.bin`
and
`bl30.bin`
, respectively. Please note that these filenames still
use the old terminology.
The
BL30
file must be part of the FIP image. Therefore, its path must be
supplied using the
`
BL30
`
variable on the command line when building the
The
SCP_BL2
file must be part of the FIP image. Therefore, its path must be
supplied using the
`
SCP_BL2
`
variable on the command line when building the
FIP. Please refer to the section "Building the Trusted Firmware".
After building Trusted Firmware, the files
`bl1.bin`
and
`fip.bin`
need copying
...
...
drivers/auth/tbbr/tbbr_cot.c
View file @
31d5e7f5
...
...
@@ -44,14 +44,14 @@
* extracted from the certificates. In this case, because of the way the CoT is
* established, we can reuse some of the buffers on different stages
*/
static
unsigned
char
plat_bl2
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
plat_bl30
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
plat_bl31
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
plat_bl32
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
plat_bl33
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
plat_tz
_world_pk_buf
[
PK_DER_LEN
];
static
unsigned
char
plat_ntz
_world_pk_buf
[
PK_DER_LEN
];
static
unsigned
char
plat_
content_pk
[
PK_DER_LEN
];
static
unsigned
char
tb_fw
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
scp_fw
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
soc_fw
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
tos_fw
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
nt_world_bl
_hash_buf
[
HASH_DER_LEN
];
static
unsigned
char
trusted
_world_pk_buf
[
PK_DER_LEN
];
static
unsigned
char
non_trusted
_world_pk_buf
[
PK_DER_LEN
];
static
unsigned
char
content_pk
_buf
[
PK_DER_LEN
];
/*
* Parameter type descriptors
...
...
@@ -65,36 +65,36 @@ static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC(
static
auth_param_type_desc_t
raw_data
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_RAW_DATA
,
0
);
static
auth_param_type_desc_t
t
z
_world_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
T
Z
_WORLD_PK_OID
);
static
auth_param_type_desc_t
n
tz
_world_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
N
TZ
_WORLD_PK_OID
);
static
auth_param_type_desc_t
t
rusted
_world_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
T
RUSTED
_WORLD_PK_OID
);
static
auth_param_type_desc_t
n
on_trusted
_world_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
N
ON_TRUSTED
_WORLD_PK_OID
);
static
auth_param_type_desc_t
bl30
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
BL30
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
bl31
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
BL31
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
bl32
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
BL32
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
bl33
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
BL33
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
scp_fw
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
SCP_FW
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
soc_fw
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
SOC_FW
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
tos_fw
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
TRUSTED_OS_FW
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
nt_fw
_content_pk
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_PUB_KEY
,
NON_TRUSTED_FW
_CONTENT_CERT_PK_OID
);
static
auth_param_type_desc_t
bl2
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL2
_HASH_OID
);
static
auth_param_type_desc_t
bl30
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL30
_HASH_OID
);
static
auth_param_type_desc_t
bl31
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL31
_HASH_OID
);
static
auth_param_type_desc_t
bl32
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL32
_HASH_OID
);
static
auth_param_type_desc_t
bl
33
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL33
_HASH_OID
);
static
auth_param_type_desc_t
tb_fw
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
TRUSTED_BOOT_FW
_HASH_OID
);
static
auth_param_type_desc_t
scp_fw
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
SCP_FW
_HASH_OID
);
static
auth_param_type_desc_t
soc_fw
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
SOC_AP_FW
_HASH_OID
);
static
auth_param_type_desc_t
tos_fw
_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
TRUSTED_OS_FW
_HASH_OID
);
static
auth_param_type_desc_t
nt_world_
bl_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
NON_TRUSTED_WORLD_BOOTLOADER
_HASH_OID
);
static
auth_param_type_desc_t
scp_bl2u_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
SCP_
BL2U
_HASH_OID
);
AUTH_PARAM_HASH
,
SCP_
FWU_CFG
_HASH_OID
);
static
auth_param_type_desc_t
bl2u_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
BL2U
_HASH_OID
);
AUTH_PARAM_HASH
,
AP_FWU_CFG
_HASH_OID
);
static
auth_param_type_desc_t
ns_bl2u_hash
=
AUTH_PARAM_TYPE_DESC
(
AUTH_PARAM_HASH
,
NS_BL2
U_HASH_OID
);
AUTH_PARAM_HASH
,
FW
U_HASH_OID
);
/*
* TBBR Chain of trust definition
...
...
@@ -103,8 +103,8 @@ static const auth_img_desc_t cot_desc[] = {
/*
* BL2
*/
[
BL2
_CERT_ID
]
=
{
.
img_id
=
BL2
_CERT_ID
,
[
TRUSTED_BOOT_FW
_CERT_ID
]
=
{
.
img_id
=
TRUSTED_BOOT_FW
_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
NULL
,
.
img_auth_methods
=
{
...
...
@@ -120,9 +120,9 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl2
_hash
,
.
type_desc
=
&
tb_fw
_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl2
_hash_buf
,
.
ptr
=
(
void
*
)
tb_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
...
...
@@ -131,13 +131,13 @@ static const auth_img_desc_t cot_desc[] = {
[
BL2_IMAGE_ID
]
=
{
.
img_id
=
BL2_IMAGE_ID
,
.
img_type
=
IMG_RAW
,
.
parent
=
&
cot_desc
[
BL2
_CERT_ID
],
.
parent
=
&
cot_desc
[
TRUSTED_BOOT_FW
_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_HASH
,
.
param
.
hash
=
{
.
data
=
&
raw_data
,
.
hash
=
&
bl2
_hash
,
.
hash
=
&
tb_fw
_hash
,
}
}
}
...
...
@@ -162,33 +162,33 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
t
z
_world_pk
,
.
type_desc
=
&
t
rusted
_world_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_tz
_world_pk_buf
,
.
ptr
=
(
void
*
)
trusted
_world_pk_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
},
[
1
]
=
{
.
type_desc
=
&
n
tz
_world_pk
,
.
type_desc
=
&
n
on_trusted
_world_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_ntz
_world_pk_buf
,
.
ptr
=
(
void
*
)
non_trusted
_world_pk_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
}
}
},
/*
*
BL3-0
*
SCP Firmware
*/
[
BL30
_KEY_CERT_ID
]
=
{
.
img_id
=
BL30
_KEY_CERT_ID
,
[
SCP_FW
_KEY_CERT_ID
]
=
{
.
img_id
=
SCP_FW
_KEY_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
TRUSTED_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
t
z
_world_pk
,
.
pk
=
&
t
rusted
_world_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -197,23 +197,23 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl30
_content_pk
,
.
type_desc
=
&
scp_fw
_content_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_
content_pk
,
.
ptr
=
(
void
*
)
content_pk
_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
}
}
},
[
BL30
_CERT_ID
]
=
{
.
img_id
=
BL30
_CERT_ID
,
[
SCP_FW_CONTENT
_CERT_ID
]
=
{
.
img_id
=
SCP_FW_CONTENT
_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
BL30
_KEY_CERT_ID
],
.
parent
=
&
cot_desc
[
SCP_FW
_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
bl30
_content_pk
,
.
pk
=
&
scp_fw
_content_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -222,40 +222,40 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl30
_hash
,
.
type_desc
=
&
scp_fw
_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl30
_hash_buf
,
.
ptr
=
(
void
*
)
scp_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
}
},
[
BL30
_IMAGE_ID
]
=
{
.
img_id
=
BL30
_IMAGE_ID
,
[
SCP_BL2
_IMAGE_ID
]
=
{
.
img_id
=
SCP_BL2
_IMAGE_ID
,
.
img_type
=
IMG_RAW
,
.
parent
=
&
cot_desc
[
BL30
_CERT_ID
],
.
parent
=
&
cot_desc
[
SCP_FW_CONTENT
_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_HASH
,
.
param
.
hash
=
{
.
data
=
&
raw_data
,
.
hash
=
&
bl30
_hash
,
.
hash
=
&
scp_fw
_hash
,
}
}
}
},
/*
*
BL3-1
*
SoC Firmware
*/
[
BL31
_KEY_CERT_ID
]
=
{
.
img_id
=
BL31
_KEY_CERT_ID
,
[
SOC_FW
_KEY_CERT_ID
]
=
{
.
img_id
=
SOC_FW
_KEY_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
TRUSTED_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
t
z
_world_pk
,
.
pk
=
&
t
rusted
_world_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -264,23 +264,23 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl31
_content_pk
,
.
type_desc
=
&
soc_fw
_content_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_
content_pk
,
.
ptr
=
(
void
*
)
content_pk
_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
}
}
},
[
BL31
_CERT_ID
]
=
{
.
img_id
=
BL31
_CERT_ID
,
[
SOC_FW_CONTENT
_CERT_ID
]
=
{
.
img_id
=
SOC_FW_CONTENT
_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
BL31
_KEY_CERT_ID
],
.
parent
=
&
cot_desc
[
SOC_FW
_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
bl31
_content_pk
,
.
pk
=
&
soc_fw
_content_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -289,9 +289,9 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl31
_hash
,
.
type_desc
=
&
soc_fw
_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl31
_hash_buf
,
.
ptr
=
(
void
*
)
soc_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
...
...
@@ -300,29 +300,29 @@ static const auth_img_desc_t cot_desc[] = {
[
BL31_IMAGE_ID
]
=
{
.
img_id
=
BL31_IMAGE_ID
,
.
img_type
=
IMG_RAW
,
.
parent
=
&
cot_desc
[
BL31
_CERT_ID
],
.
parent
=
&
cot_desc
[
SOC_FW_CONTENT
_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_HASH
,
.
param
.
hash
=
{
.
data
=
&
raw_data
,
.
hash
=
&
bl31
_hash
,
.
hash
=
&
soc_fw
_hash
,
}
}
}
},
/*
*
BL3-2
*
Trusted OS Firmware
*/
[
BL32
_KEY_CERT_ID
]
=
{
.
img_id
=
BL32
_KEY_CERT_ID
,
[
TRUSTED_OS_FW
_KEY_CERT_ID
]
=
{
.
img_id
=
TRUSTED_OS_FW
_KEY_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
TRUSTED_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
t
z
_world_pk
,
.
pk
=
&
t
rusted
_world_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -331,23 +331,23 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl32
_content_pk
,
.
type_desc
=
&
tos_fw
_content_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_
content_pk
,
.
ptr
=
(
void
*
)
content_pk
_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
}
}
},
[
BL32
_CERT_ID
]
=
{
.
img_id
=
BL32
_CERT_ID
,
[
TRUSTED_OS_FW_CONTENT
_CERT_ID
]
=
{
.
img_id
=
TRUSTED_OS_FW_CONTENT
_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
BL32
_KEY_CERT_ID
],
.
parent
=
&
cot_desc
[
TRUSTED_OS_FW
_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
bl32
_content_pk
,
.
pk
=
&
tos_fw
_content_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -356,9 +356,9 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl32
_hash
,
.
type_desc
=
&
tos_fw
_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl32
_hash_buf
,
.
ptr
=
(
void
*
)
tos_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
...
...
@@ -367,29 +367,29 @@ static const auth_img_desc_t cot_desc[] = {
[
BL32_IMAGE_ID
]
=
{
.
img_id
=
BL32_IMAGE_ID
,
.
img_type
=
IMG_RAW
,
.
parent
=
&
cot_desc
[
BL32
_CERT_ID
],
.
parent
=
&
cot_desc
[
TRUSTED_OS_FW_CONTENT
_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_HASH
,
.
param
.
hash
=
{
.
data
=
&
raw_data
,
.
hash
=
&
bl32
_hash
,
.
hash
=
&
tos_fw
_hash
,
}
}
}
},
/*
*
BL3-3
*
Non-Trusted Firmware
*/
[
BL33
_KEY_CERT_ID
]
=
{
.
img_id
=
BL33
_KEY_CERT_ID
,
[
NON_TRUSTED_FW
_KEY_CERT_ID
]
=
{
.
img_id
=
NON_TRUSTED_FW
_KEY_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
TRUSTED_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
n
tz
_world_pk
,
.
pk
=
&
n
on_trusted
_world_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -398,23 +398,23 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl33
_content_pk
,
.
type_desc
=
&
nt_fw
_content_pk
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_
content_pk
,
.
ptr
=
(
void
*
)
content_pk
_buf
,
.
len
=
(
unsigned
int
)
PK_DER_LEN
}
}
}
},
[
BL33
_CERT_ID
]
=
{
.
img_id
=
BL33
_CERT_ID
,
[
NON_TRUSTED_FW_CONTENT
_CERT_ID
]
=
{
.
img_id
=
NON_TRUSTED_FW_CONTENT
_CERT_ID
,
.
img_type
=
IMG_CERT
,
.
parent
=
&
cot_desc
[
BL33
_KEY_CERT_ID
],
.
parent
=
&
cot_desc
[
NON_TRUSTED_FW
_KEY_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_SIG
,
.
param
.
sig
=
{
.
pk
=
&
bl33
_content_pk
,
.
pk
=
&
nt_fw
_content_pk
,
.
sig
=
&
sig
,
.
alg
=
&
sig_alg
,
.
data
=
&
raw_data
,
...
...
@@ -423,9 +423,9 @@ static const auth_img_desc_t cot_desc[] = {
},
.
authenticated_data
=
{
[
0
]
=
{
.
type_desc
=
&
bl
33
_hash
,
.
type_desc
=
&
nt_world_
bl_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl33
_hash_buf
,
.
ptr
=
(
void
*
)
nt_world_bl
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
...
...
@@ -434,13 +434,13 @@ static const auth_img_desc_t cot_desc[] = {
[
BL33_IMAGE_ID
]
=
{
.
img_id
=
BL33_IMAGE_ID
,
.
img_type
=
IMG_RAW
,
.
parent
=
&
cot_desc
[
BL33
_CERT_ID
],
.
parent
=
&
cot_desc
[
NON_TRUSTED_FW_CONTENT
_CERT_ID
],
.
img_auth_methods
=
{
[
0
]
=
{
.
type
=
AUTH_METHOD_HASH
,
.
param
.
hash
=
{
.
data
=
&
raw_data
,
.
hash
=
&
bl
33
_hash
,
.
hash
=
&
nt_world_
bl_hash
,
}
}
}
...
...
@@ -467,21 +467,21 @@ static const auth_img_desc_t cot_desc[] = {
[
0
]
=
{
.
type_desc
=
&
scp_bl2u_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl30
_hash_buf
,
.
ptr
=
(
void
*
)
scp_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
},
[
1
]
=
{
.
type_desc
=
&
bl2u_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl2
_hash_buf
,
.
ptr
=
(
void
*
)
tb_fw
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
},
[
2
]
=
{
.
type_desc
=
&
ns_bl2u_hash
,
.
data
=
{
.
ptr
=
(
void
*
)
plat_bl33
_hash_buf
,
.
ptr
=
(
void
*
)
nt_world_bl
_hash_buf
,
.
len
=
(
unsigned
int
)
HASH_DER_LEN
}
}
...
...
include/common/bl_common.h
View file @
31d5e7f5
...
...
@@ -245,14 +245,14 @@ typedef struct image_desc {
* This structure represents the superset of information that can be passed to
* BL31 e.g. while passing control to it from BL2. The BL32 parameters will be
* populated only if BL2 detects its presence. A pointer to a structure of this
* type should be passed in X0 to BL3
-
1's cold boot entrypoint.
* type should be passed in X0 to BL31's cold boot entrypoint.
*
* Use of this structure and the X0 parameter is not mandatory: the BL3
-
1
* Use of this structure and the X0 parameter is not mandatory: the BL31
* platform code can use other mechanisms to provide the necessary information
* about BL3
-
2 and BL3
-
3 to the common and SPD code.
* about BL32 and BL33 to the common and SPD code.
*
* BL3
-
1 image information is mandatory if this structure is used. If either of
* the optional BL3
-
2 and BL3
-
3 image information is not provided, this is
* BL31 image information is mandatory if this structure is used. If either of
* the optional BL32 and BL33 image information is not provided, this is
* indicated by the respective image_info pointers being zero.
******************************************************************************/
typedef
struct
bl31_params
{
...
...
include/common/el3_common_macros.S
View file @
31d5e7f5
...
...
@@ -104,7 +104,7 @@
/*
-----------------------------------------------------------------------------
*
This
is
the
super
set
of
actions
that
need
to
be
performed
during
a
cold
boot
*
or
a
warm
boot
in
EL3
.
This
code
is
shared
by
BL1
and
BL3
-
1
.
*
or
a
warm
boot
in
EL3
.
This
code
is
shared
by
BL1
and
BL31
.
*
*
This
macro
will
always
perform
reset
handling
,
architectural
initialisations
*
and
stack
setup
.
The
rest
of
the
actions
are
optional
because
they
might
not
...
...
Prev
1
2
3
Next
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment