Merge pull request #467 from jcastillo-arm/jc/tbb_oid

Apply new image terminology

Merge pull request #467 from jcastillo-arm/jc/tbb_oid
Apply new image terminology
31d5e7f5 · danh-arm · a84deb9c · d178637d · 31d5e7f5 · 31d5e7f5
Commit 31d5e7f5 authored Dec 14, 2015 by danh-arm
--- a/plat/arm/common/tsp/arm_tsp_setup.c
+++ b/plat/arm/common/tsp/arm_tsp_setup.c
@@ -38,7 +38,7 @@

 /*
 * The next 3 constants identify the extents of the code & RO data region and
- * the limit of the BL3-2 image. These addresses are used by the MMU setup code
+ * the limit of the BL32 image. These addresses are used by the MMU setup code
 * and therefore they must be page-aligned.  It is the responsibility of the
 * linker script to ensure that __RO_START__, __RO_END__ & & __BL32_END__
 * linker symbols refer to page-aligned addresses.

--- a/plat/arm/css/common/css_bl2_setup.c
+++ b/plat/arm/css/common/css_bl2_setup.c
@@ -37,25 +37,25 @@
 #include "css_scp_bootloader.h"

 /* Weak definition may be overridden in specific CSS based platform */
-#pragma weak bl2_plat_handle_bl30
+#pragma weak bl2_plat_handle_scp_bl2

 /*******************************************************************************
- * Transfer BL3-0 from Trusted RAM using the SCP Download protocol.
+ * Transfer SCP_BL2 from Trusted RAM using the SCP Download protocol.
 * Return 0 on success, -1 otherwise.
 ******************************************************************************/
-int bl2_plat_handle_bl30(image_info_t *bl30_image_info)
+int bl2_plat_handle_scp_bl2(image_info_t *scp_bl2_image_info)
 {
 	int ret;

-	INFO("BL2: Initiating BL3-0 transfer to SCP\n");
+	INFO("BL2: Initiating SCP_BL2 transfer to SCP\n");

-	ret = scp_bootloader_transfer((void *)bl30_image_info->image_base,
-		bl30_image_info->image_size);
+	ret = scp_bootloader_transfer((void *)scp_bl2_image_info->image_base,
+		scp_bl2_image_info->image_size);

 	if (ret == 0)
-		INFO("BL2: BL3-0 transferred to SCP\n");
+		INFO("BL2: SCP_BL2 transferred to SCP\n");
 	else
-		ERROR("BL2: BL3-0 transfer failure\n");
+		ERROR("BL2: SCP_BL2 transfer failure\n");

 	return ret;
 }
@@ -72,7 +72,7 @@ void bl2_early_platform_setup(meminfo_t *mem_layout)
 {
 	arm_bl2_early_platform_setup(mem_layout);

-	/* Save SCP Boot config before it gets overwritten by BL30 loading */
+	/* Save SCP Boot config before it gets overwritten by SCP_BL2 loading */
 	scp_boot_config = mmio_read_32(SCP_BOOT_CFG_ADDR);
 	VERBOSE("BL2: Saved SCP Boot config = 0x%x\n", scp_boot_config);
 }

--- a/plat/arm/css/common/css_common.mk
+++ b/plat/arm/css/common/css_common.mk
@@ -56,12 +56,12 @@ $(eval $(call FWU_FIP_ADD_IMG,SCP_BL2U,--scp_bl2u))
 endif

 ifneq (${RESET_TO_BL31},0)
-  $(error "Using BL3-1 as the reset vector is not supported on CSS platforms. \
+  $(error "Using BL31 as the reset vector is not supported on CSS platforms. \
  Please set RESET_TO_BL31 to 0.")
 endif

-# Subsystems require a BL30 image
-$(eval $(call FIP_ADD_IMG,BL30,--bl30))
+# Subsystems require a SCP_BL2 image
+$(eval $(call FIP_ADD_IMG,SCP_BL2,--scp_bl2))

 # Enable option to detect whether the SCP ROM firmware in use predates version
 # 1.7.0 and therefore, is incompatible.

--- a/plat/arm/css/common/css_scp_bootloader.c
+++ b/plat/arm/css/common/css_scp_bootloader.c
@@ -118,10 +118,10 @@ int scp_bootloader_transfer(void *image, unsigned int image_size)
 	cmd_info_payload_t *cmd_info_payload;
 	cmd_data_payload_t *cmd_data_payload;

-	assert((uintptr_t) image == BL30_BASE);
+	assert((uintptr_t) image == SCP_BL2_BASE);

 	if ((image_size == 0) || (image_size % 4 != 0)) {
-		ERROR("Invalid size for the BL3-0 image. Must be a multiple of "
+		ERROR("Invalid size for the SCP_BL2 image. Must be a multiple of "
 			"4 bytes and not zero (current size = 0x%x)\n",
 			image_size);
 		return -1;
@@ -134,7 +134,7 @@ int scp_bootloader_transfer(void *image, unsigned int image_size)

 	mhu_secure_init();

-	VERBOSE("Send info about the BL3-0 image to be transferred to SCP\n");
+	VERBOSE("Send info about the SCP_BL2 image to be transferred to SCP\n");

 	/*
 	 * Send information about the SCP firmware image about to be transferred
@@ -174,9 +174,9 @@ int scp_bootloader_transfer(void *image, unsigned int image_size)
 		return -1;
 	}

-	VERBOSE("Transferring BL3-0 image to SCP\n");
+	VERBOSE("Transferring SCP_BL2 image to SCP\n");

-	/* Transfer BL3-0 image to SCP */
+	/* Transfer SCP_BL2 image to SCP */
 	scp_boot_message_start();

 	BOM_CMD_HEADER->id = BOOT_CMD_DATA;

--- a/services/std_svc/psci/psci_entry.S
+++ b/services/std_svc/psci/psci_entry.S
@@ -48,7 +48,7 @@ func psci_entrypoint
 	 * On the warm boot path, most of the EL3 initialisations performed by
 	 * 'el3_entrypoint_common' must be skipped:
 	 *
-	 *  - Only when the platform bypasses the BL1/BL3-1 entrypoint by
+	 *  - Only when the platform bypasses the BL1/BL31 entrypoint by
 	 *    programming the reset address do we need to set the CPU endianness.
 	 *    In other cases, we assume this has been taken care by the
 	 *    entrypoint code.

--- a/tools/cert_create/include/tbbr/tbb_cert.h
+++ b/tools/cert_create/include/tbbr/tbb_cert.h
@@ -37,16 +37,16 @@
 * Enumerate the certificates that are used to establish the chain of trust
 */
 enum {
-	BL2_CERT,
+	TRUSTED_BOOT_FW_CERT,
 	TRUSTED_KEY_CERT,
-	BL30_KEY_CERT,
-	BL30_CERT,
-	BL31_KEY_CERT,
-	BL31_CERT,
-	BL32_KEY_CERT,
-	BL32_CERT,
-	BL33_KEY_CERT,
-	BL33_CERT,
+	SCP_FW_KEY_CERT,
+	SCP_FW_CONTENT_CERT,
+	SOC_FW_KEY_CERT,
+	SOC_FW_CONTENT_CERT,
+	TRUSTED_OS_FW_KEY_CERT,
+	TRUSTED_OS_FW_CONTENT_CERT,
+	NON_TRUSTED_FW_KEY_CERT,
+	NON_TRUSTED_FW_CONTENT_CERT,
 	FWU_CERT
 };


--- a/tools/cert_create/include/tbbr/tbb_ext.h
+++ b/tools/cert_create/include/tbbr/tbb_ext.h
@@ -34,22 +34,22 @@

 /* TBBR extensions */
 enum {
-	TZ_FW_NVCOUNTER_EXT,
-	NTZ_FW_NVCOUNTER_EXT,
-	BL2_HASH_EXT,
-	TZ_WORLD_PK_EXT,
-	NTZ_WORLD_PK_EXT,
-	BL31_CONTENT_CERT_PK_EXT,
-	BL31_HASH_EXT,
-	BL30_CONTENT_CERT_PK_EXT,
-	BL30_HASH_EXT,
-	BL32_CONTENT_CERT_PK_EXT,
-	BL32_HASH_EXT,
-	BL33_CONTENT_CERT_PK_EXT,
-	BL33_HASH_EXT,
-	SCP_BL2U_HASH_EXT,
-	BL2U_HASH_EXT,
-	NS_BL2U_HASH_EXT
+	TRUSTED_FW_NVCOUNTER_EXT,
+	NON_TRUSTED_FW_NVCOUNTER_EXT,
+	TRUSTED_BOOT_FW_HASH_EXT,
+	TRUSTED_WORLD_PK_EXT,
+	NON_TRUSTED_WORLD_PK_EXT,
+	SCP_FW_CONTENT_CERT_PK_EXT,
+	SCP_FW_HASH_EXT,
+	SOC_FW_CONTENT_CERT_PK_EXT,
+	SOC_AP_FW_HASH_EXT,
+	TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
+	TRUSTED_OS_FW_HASH_EXT,
+	NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
+	NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
+	SCP_FWU_CFG_HASH_EXT,
+	AP_FWU_CFG_HASH_EXT,
+	FWU_HASH_EXT
 };

 #endif /* TBB_EXT_H_ */
--- a/tools/cert_create/include/tbbr/tbb_key.h
+++ b/tools/cert_create/include/tbbr/tbb_key.h
@@ -40,10 +40,10 @@ enum {
 	ROT_KEY,
 	TRUSTED_WORLD_KEY,
 	NON_TRUSTED_WORLD_KEY,
-	BL30_KEY,
-	BL31_KEY,
-	BL32_KEY,
-	BL33_KEY
+	SCP_FW_CONTENT_CERT_KEY,
+	SOC_FW_CONTENT_CERT_KEY,
+	TRUSTED_OS_FW_CONTENT_CERT_KEY,
+	NON_TRUSTED_FW_CONTENT_CERT_KEY
 };

 #endif /* TBB_KEY_H_ */
--- a/tools/cert_create/src/main.c
+++ b/tools/cert_create/src/main.c
@@ -86,26 +86,26 @@
 enum {
 	/* Image file names (inputs) */
 	BL2_ID = 0,
-	BL30_ID,
+	SCP_BL2_ID,
 	BL31_ID,
 	BL32_ID,
 	BL33_ID,
 	/* Certificate file names (outputs) */
-	BL2_CERT_ID,
+	TRUSTED_BOOT_FW_CERT_ID,
 	TRUSTED_KEY_CERT_ID,
-	BL30_KEY_CERT_ID,
-	BL30_CERT_ID,
-	BL31_KEY_CERT_ID,
-	BL31_CERT_ID,
-	BL32_KEY_CERT_ID,
-	BL32_CERT_ID,
-	BL33_KEY_CERT_ID,
-	BL33_CERT_ID,
+	SCP_FW_KEY_CERT_ID,
+	SCP_FW_CONTENT_CERT_ID,
+	SOC_FW_KEY_CERT_ID,
+	SOC_FW_CONTENT_CERT_ID,
+	TRUSTED_OS_FW_KEY_CERT_ID,
+	TRUSTED_OS_FW_CONTENT_CERT_ID,
+	NON_TRUSTED_FW_KEY_CERT_ID,
+	NON_TRUSTED_FW_CONTENT_CERT_ID,
 	/* Key file names (input/output) */
 	ROT_KEY_ID,
 	TRUSTED_WORLD_KEY_ID,
 	NON_TRUSTED_WORLD_KEY_ID,
-	BL30_KEY_ID,
+	SCP_BL2_KEY_ID,
 	BL31_KEY_ID,
 	BL32_KEY_ID,
 	BL33_KEY_ID,

--- a/tools/cert_create/src/tbbr/tbb_cert.c
+++ b/tools/cert_create/src/tbbr/tbb_cert.c
@@ -40,15 +40,15 @@
 * field points to itself.
 */
 static cert_t tbb_certs[] = {
-	[BL2_CERT] = {
-		.id = BL2_CERT,
-		.opt = "bl2-cert",
+	[TRUSTED_BOOT_FW_CERT] = {
+		.id = TRUSTED_BOOT_FW_CERT,
+		.opt = "tb-fw-cert",
 		.fn = NULL,
-		.cn = "BL2 Certificate",
+		.cn = "Trusted Boot FW Certificate",
 		.key = ROT_KEY,
-		.issuer = BL2_CERT,
+		.issuer = TRUSTED_BOOT_FW_CERT,
 		.ext = {
-			BL2_HASH_EXT
+			TRUSTED_BOOT_FW_HASH_EXT
 		},
 		.num_ext = 1
 	},
@@ -60,104 +60,104 @@ static cert_t tbb_certs[] = {
 		.key = ROT_KEY,
 		.issuer = TRUSTED_KEY_CERT,
 		.ext = {
-			TZ_WORLD_PK_EXT,
-			NTZ_WORLD_PK_EXT
+			TRUSTED_WORLD_PK_EXT,
+			NON_TRUSTED_WORLD_PK_EXT
 		},
 		.num_ext = 2
 	},
-	[BL30_KEY_CERT] = {
-		.id = BL30_KEY_CERT,
-		.opt = "bl30-key-cert",
+	[SCP_FW_KEY_CERT] = {
+		.id = SCP_FW_KEY_CERT,
+		.opt = "scp-fw-key-cert",
 		.fn = NULL,
-		.cn = "BL3-0 Key Certificate",
+		.cn = "SCP Firmware Key Certificate",
 		.key = TRUSTED_WORLD_KEY,
-		.issuer = BL30_KEY_CERT,
+		.issuer = SCP_FW_KEY_CERT,
 		.ext = {
-			BL30_CONTENT_CERT_PK_EXT
+			SCP_FW_CONTENT_CERT_PK_EXT
 		},
 		.num_ext = 1
 	},
-	[BL30_CERT] = {
-		.id = BL30_CERT,
-		.opt = "bl30-cert",
+	[SCP_FW_CONTENT_CERT] = {
+		.id = SCP_FW_CONTENT_CERT,
+		.opt = "scp-fw-cert",
 		.fn = NULL,
-		.cn = "BL3-0 Content Certificate",
-		.key = BL30_KEY,
-		.issuer = BL30_CERT,
+		.cn = "SCP Firmware Content Certificate",
+		.key = SCP_FW_CONTENT_CERT_KEY,
+		.issuer = SCP_FW_CONTENT_CERT,
 		.ext = {
-			BL30_HASH_EXT
+			SCP_FW_HASH_EXT
 		},
 		.num_ext = 1
 	},
-	[BL31_KEY_CERT] = {
-		.id = BL31_KEY_CERT,
-		.opt = "bl31-key-cert",
+	[SOC_FW_KEY_CERT] = {
+		.id = SOC_FW_KEY_CERT,
+		.opt = "soc-fw-key-cert",
 		.fn = NULL,
-		.cn = "BL3-1 Key Certificate",
+		.cn = "SoC Firmware Key Certificate",
 		.key = TRUSTED_WORLD_KEY,
-		.issuer = BL31_KEY_CERT,
+		.issuer = SOC_FW_KEY_CERT,
 		.ext = {
-			BL31_CONTENT_CERT_PK_EXT
+			SOC_FW_CONTENT_CERT_PK_EXT
 		},
 		.num_ext = 1
 	},
-	[BL31_CERT] = {
-		.id = BL31_CERT,
-		.opt = "bl31-cert",
+	[SOC_FW_CONTENT_CERT] = {
+		.id = SOC_FW_CONTENT_CERT,
+		.opt = "soc-fw-cert",
 		.fn = NULL,
-		.cn = "BL3-1 Content Certificate",
-		.key = BL31_KEY,
-		.issuer = BL31_CERT,
+		.cn = "SoC Firmware Content Certificate",
+		.key = SOC_FW_CONTENT_CERT_KEY,
+		.issuer = SOC_FW_CONTENT_CERT,
 		.ext = {
-			BL31_HASH_EXT
+			SOC_AP_FW_HASH_EXT
 		},
 		.num_ext = 1
 	},
-	[BL32_KEY_CERT] = {
-		.id = BL32_KEY_CERT,
-		.opt = "bl32-key-cert",
+	[TRUSTED_OS_FW_KEY_CERT] = {
+		.id = TRUSTED_OS_FW_KEY_CERT,
+		.opt = "tos-fw-key-cert",
 		.fn = NULL,
-		.cn = "BL3-2 Key Certificate",
+		.cn = "Trusted OS Firmware Key Certificate",
 		.key = TRUSTED_WORLD_KEY,
-		.issuer = BL32_KEY_CERT,
+		.issuer = TRUSTED_OS_FW_KEY_CERT,
 		.ext = {
-			BL32_CONTENT_CERT_PK_EXT
+			TRUSTED_OS_FW_CONTENT_CERT_PK_EXT
 		},
 		.num_ext = 1
 	},
-	[BL32_CERT] = {
-		.id = BL32_CERT,
-		.opt = "bl32-cert",
+	[TRUSTED_OS_FW_CONTENT_CERT] = {
+		.id = TRUSTED_OS_FW_CONTENT_CERT,
+		.opt = "tos-fw-cert",
 		.fn = NULL,
-		.cn = "BL3-2 Content Certificate",
-		.key = BL32_KEY,
-		.issuer = BL32_CERT,
+		.cn = "Trusted OS Firmware Content Certificate",
+		.key = TRUSTED_OS_FW_CONTENT_CERT_KEY,
+		.issuer = TRUSTED_OS_FW_CONTENT_CERT,
 		.ext = {
-			BL32_HASH_EXT
+			TRUSTED_OS_FW_HASH_EXT
 		},
 		.num_ext = 1
 	},
-	[BL33_KEY_CERT] = {
-		.id = BL33_KEY_CERT,
-		.opt = "bl33-key-cert",
+	[NON_TRUSTED_FW_KEY_CERT] = {
+		.id = NON_TRUSTED_FW_KEY_CERT,
+		.opt = "nt-fw-key-cert",
 		.fn = NULL,
-		.cn = "BL3-3 Key Certificate",
+		.cn = "Non-Trusted Firmware Key Certificate",
 		.key = NON_TRUSTED_WORLD_KEY,
-		.issuer = BL33_KEY_CERT,
+		.issuer = NON_TRUSTED_FW_KEY_CERT,
 		.ext = {
-			BL33_CONTENT_CERT_PK_EXT
+			NON_TRUSTED_FW_CONTENT_CERT_PK_EXT
 		},
 		.num_ext = 1
 	},
-	[BL33_CERT] = {
-		.id = BL33_CERT,
-		.opt = "bl33-cert",
+	[NON_TRUSTED_FW_CONTENT_CERT] = {
+		.id = NON_TRUSTED_FW_CONTENT_CERT,
+		.opt = "nt-fw-cert",
 		.fn = NULL,
-		.cn = "BL3-3 Content Certificate",
-		.key = BL33_KEY,
-		.issuer = BL33_CERT,
+		.cn = "Non-Trusted Firmware Content Certificate",
+		.key = NON_TRUSTED_FW_CONTENT_CERT_KEY,
+		.issuer = NON_TRUSTED_FW_CONTENT_CERT,
 		.ext = {
-			BL33_HASH_EXT
+			NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT
 		},
 		.num_ext = 1
 	},
@@ -169,9 +169,9 @@ static cert_t tbb_certs[] = {
 		.key = ROT_KEY,
 		.issuer = FWU_CERT,
 		.ext = {
-			SCP_BL2U_HASH_EXT,
-			BL2U_HASH_EXT,
-			NS_BL2U_HASH_EXT
+			SCP_FWU_CFG_HASH_EXT,
+			AP_FWU_CFG_HASH_EXT,
+			FWU_HASH_EXT
 		},
 		.num_ext = 3
 	}

--- a/tools/cert_create/src/tbbr/tbb_ext.c
+++ b/tools/cert_create/src/tbbr/tbb_ext.c
@@ -42,133 +42,133 @@
 #define NORMAL_WORLD_NVCTR_VALUE	0

 static ext_t tbb_ext[] = {
-	[TZ_FW_NVCOUNTER_EXT] = {
-		.oid = TZ_FW_NVCOUNTER_OID,
+	[TRUSTED_FW_NVCOUNTER_EXT] = {
+		.oid = TRUSTED_FW_NVCOUNTER_OID,
 		.sn = "TrustedWorldNVCounter",
 		.ln = "Trusted World Non-Volatile counter",
 		.asn1_type = V_ASN1_INTEGER,
 		.type = EXT_TYPE_NVCOUNTER,
 		.data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE
 	},
-	[NTZ_FW_NVCOUNTER_EXT] = {
-		.oid = NTZ_FW_NVCOUNTER_OID,
+	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
+		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
 		.sn = "NormalWorldNVCounter",
 		.ln = "Normal World Non-Volatile counter",
 		.asn1_type = V_ASN1_INTEGER,
 		.type = EXT_TYPE_NVCOUNTER,
 		.data.nvcounter = NORMAL_WORLD_NVCTR_VALUE
 	},
-	[BL2_HASH_EXT] = {
-		.oid = BL2_HASH_OID,
-		.opt = "bl2",
+	[TRUSTED_BOOT_FW_HASH_EXT] = {
+		.oid = TRUSTED_BOOT_FW_HASH_OID,
+		.opt = "tb-fw",
 		.sn = "TrustedBootFirmwareHash",
-		.ln = "Trusted Boot Firmware (BL2) hash (SHA256)",
+		.ln = "Trusted Boot Firmware hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH
 	},
-	[TZ_WORLD_PK_EXT] = {
-		.oid = TZ_WORLD_PK_OID,
+	[TRUSTED_WORLD_PK_EXT] = {
+		.oid = TRUSTED_WORLD_PK_OID,
 		.sn = "TrustedWorldPublicKey",
 		.ln = "Trusted World Public Key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
 		.data.key = TRUSTED_WORLD_KEY
 	},
-	[NTZ_WORLD_PK_EXT] = {
-		.oid = NTZ_WORLD_PK_OID,
+	[NON_TRUSTED_WORLD_PK_EXT] = {
+		.oid = NON_TRUSTED_WORLD_PK_OID,
 		.sn = "NonTrustedWorldPublicKey",
 		.ln = "Non-Trusted World Public Key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
 		.data.key = NON_TRUSTED_WORLD_KEY
 	},
-	[BL30_CONTENT_CERT_PK_EXT] = {
-		.oid = BL30_CONTENT_CERT_PK_OID,
+	[SCP_FW_CONTENT_CERT_PK_EXT] = {
+		.oid = SCP_FW_CONTENT_CERT_PK_OID,
 		.sn = "SCPFirmwareContentCertPK",
 		.ln = "SCP Firmware content certificate public key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
-		.data.key = BL30_KEY
+		.data.key = SCP_FW_CONTENT_CERT_KEY
 	},
-	[BL30_HASH_EXT] = {
-		.oid = BL30_HASH_OID,
-		.opt = "bl30",
+	[SCP_FW_HASH_EXT] = {
+		.oid = SCP_FW_HASH_OID,
+		.opt = "scp-fw",
 		.sn = "SCPFirmwareHash",
-		.ln = "SCP Firmware (BL30) hash (SHA256)",
+		.ln = "SCP Firmware hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH
 	},
-	[BL31_CONTENT_CERT_PK_EXT] = {
-		.oid = BL31_CONTENT_CERT_PK_OID,
+	[SOC_FW_CONTENT_CERT_PK_EXT] = {
+		.oid = SOC_FW_CONTENT_CERT_PK_OID,
 		.sn = "SoCFirmwareContentCertPK",
 		.ln = "SoC Firmware content certificate public key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
-		.data.key = BL31_KEY
+		.data.key = SOC_FW_CONTENT_CERT_KEY
 	},
-	[BL31_HASH_EXT] = {
-		.oid = BL31_HASH_OID,
-		.opt = "bl31",
+	[SOC_AP_FW_HASH_EXT] = {
+		.oid = SOC_AP_FW_HASH_OID,
+		.opt = "soc-fw",
 		.sn = "SoCAPFirmwareHash",
-		.ln = "SoC AP Firmware (BL31) hash (SHA256)",
+		.ln = "SoC AP Firmware hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH
 	},
-	[BL32_CONTENT_CERT_PK_EXT] = {
-		.oid = BL32_CONTENT_CERT_PK_OID,
+	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
+		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
 		.sn = "TrustedOSFirmwareContentCertPK",
 		.ln = "Trusted OS Firmware content certificate public key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
-		.data.key = BL32_KEY
+		.data.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
 	},
-	[BL32_HASH_EXT] = {
-		.oid = BL32_HASH_OID,
-		.opt = "bl32",
+	[TRUSTED_OS_FW_HASH_EXT] = {
+		.oid = TRUSTED_OS_FW_HASH_OID,
+		.opt = "tos-fw",
 		.sn = "TrustedOSHash",
-		.ln = "Trusted OS (BL32) hash (SHA256)",
+		.ln = "Trusted OS hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH
 	},
-	[BL33_CONTENT_CERT_PK_EXT] = {
-		.oid = BL33_CONTENT_CERT_PK_OID,
+	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
+		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
 		.sn = "NonTrustedFirmwareContentCertPK",
 		.ln = "Non-Trusted Firmware content certificate public key",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_PKEY,
-		.data.key = BL33_KEY
+		.data.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
 	},
-	[BL33_HASH_EXT] = {
-		.oid = BL33_HASH_OID,
-		.opt = "bl33",
+	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
+		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
+		.opt = "nt-fw",
 		.sn = "NonTrustedWorldBootloaderHash",
-		.ln = "Non-Trusted World (BL33) hash (SHA256)",
+		.ln = "Non-Trusted World hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH
 	},
-	[SCP_BL2U_HASH_EXT] = {
-		.oid = SCP_BL2U_HASH_OID,
-		.opt = "scp_bl2u",
+	[SCP_FWU_CFG_HASH_EXT] = {
+		.oid = SCP_FWU_CFG_HASH_OID,
+		.opt = "scp-fwu-cfg",
 		.sn = "SCPFWUpdateConfig",
-		.ln = "SCP Firmware Update Config (SCP_BL2U) hash (SHA256)",
+		.ln = "SCP Firmware Update Config hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH,
 		.optional = 1
 	},
-	[BL2U_HASH_EXT] = {
-		.oid = BL2U_HASH_OID,
-		.opt = "bl2u",
+	[AP_FWU_CFG_HASH_EXT] = {
+		.oid = AP_FWU_CFG_HASH_OID,
+		.opt = "ap-fwu-cfg",
 		.sn = "APFWUpdateConfig",
-		.ln = "AP Firmware Update Config (BL2U) hash (SHA256)",
+		.ln = "AP Firmware Update Config hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH,
 		.optional = 1
 	},
-	[NS_BL2U_HASH_EXT] = {
-		.oid = NS_BL2U_HASH_OID,
-		.opt = "ns_bl2u",
+	[FWU_HASH_EXT] = {
+		.oid = FWU_HASH_OID,
+		.opt = "fwu",
 		.sn = "FWUpdaterHash",
-		.ln = "Firmware Updater (NS_BL2U) hash (SHA256)",
+		.ln = "Firmware Updater hash (SHA256)",
 		.asn1_type = V_ASN1_OCTET_STRING,
 		.type = EXT_TYPE_HASH,
 		.optional = 1

--- a/tools/cert_create/src/tbbr/tbb_key.c
+++ b/tools/cert_create/src/tbbr/tbb_key.c
@@ -51,25 +51,25 @@ static key_t tbb_keys[] = {
 		.opt = "non-trusted-world-key",
 		.desc = "Non Trusted World key"
 	},
-	[BL30_KEY] = {
-		.id = BL30_KEY,
-		.opt = "bl30-key",
-		.desc = "BL30 key"
+	[SCP_FW_CONTENT_CERT_KEY] = {
+		.id = SCP_FW_CONTENT_CERT_KEY,
+		.opt = "scp-fw-key",
+		.desc = "SCP Firmware Content Certificate key"
 	},
-	[BL31_KEY] = {
-		.id = BL31_KEY,
-		.opt = "bl31-key",
-		.desc = "BL31 key"
+	[SOC_FW_CONTENT_CERT_KEY] = {
+		.id = SOC_FW_CONTENT_CERT_KEY,
+		.opt = "soc-fw-key",
+		.desc = "SoC Firmware Content Certificate key"
 	},
-	[BL32_KEY] = {
-		.id = BL32_KEY,
-		.opt = "bl32-key",
-		.desc = "BL32 key"
+	[TRUSTED_OS_FW_CONTENT_CERT_KEY] = {
+		.id = TRUSTED_OS_FW_CONTENT_CERT_KEY,
+		.opt = "tos-fw-key",
+		.desc = "Trusted OS Firmware Content Certificate key"
 	},
-	[BL33_KEY] = {
-		.id = BL33_KEY,
-		.opt = "bl33-key",
-		.desc = "BL33 key"
+	[NON_TRUSTED_FW_CONTENT_CERT_KEY] = {
+		.id = NON_TRUSTED_FW_CONTENT_CERT_KEY,
+		.opt = "nt-fw-key",
+		.desc = "Non Trusted Firmware Content Certificate key"
 	}
 };


--- a/tools/fip_create/fip_create.c
+++ b/tools/fip_create/fip_create.c
@@ -65,38 +65,38 @@ static entry_lookup_list_t toc_entry_lookup_list[] = {
 	  "fwu-cert", NULL, FLAG_FILENAME},
 	{ "Trusted Boot Firmware BL2", UUID_TRUSTED_BOOT_FIRMWARE_BL2,
 	  "bl2", NULL, FLAG_FILENAME },
-	{ "SCP Firmware BL3-0", UUID_SCP_FIRMWARE_BL30,
-	  "bl30", NULL, FLAG_FILENAME},
-	{ "EL3 Runtime Firmware BL3-1", UUID_EL3_RUNTIME_FIRMWARE_BL31,
+	{ "SCP Firmware SCP_BL2", UUID_SCP_FIRMWARE_SCP_BL2,
+	  "scp_bl2", NULL, FLAG_FILENAME},
+	{ "EL3 Runtime Firmware BL31", UUID_EL3_RUNTIME_FIRMWARE_BL31,
 	  "bl31", NULL, FLAG_FILENAME},
-	{ "Secure Payload BL3-2 (Trusted OS)", UUID_SECURE_PAYLOAD_BL32,
+	{ "Secure Payload BL32 (Trusted OS)", UUID_SECURE_PAYLOAD_BL32,
 	  "bl32", NULL, FLAG_FILENAME},
-	{ "Non-Trusted Firmware BL3-3", UUID_NON_TRUSTED_FIRMWARE_BL33,
+	{ "Non-Trusted Firmware BL33", UUID_NON_TRUSTED_FIRMWARE_BL33,
 	  "bl33", NULL, FLAG_FILENAME},
 	/* Key Certificates */
 	{ "Root Of Trust key certificate", UUID_ROT_KEY_CERT,
 	  "rot-cert", NULL, FLAG_FILENAME },
 	{ "Trusted key certificate", UUID_TRUSTED_KEY_CERT,
 	  "trusted-key-cert", NULL, FLAG_FILENAME},
-	{ "SCP Firmware BL3-0 key certificate", UUID_SCP_FIRMWARE_BL30_KEY_CERT,
-	  "bl30-key-cert", NULL, FLAG_FILENAME},
-	{ "EL3 Runtime Firmware BL3-1 key certificate", UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT,
-	  "bl31-key-cert", NULL, FLAG_FILENAME},
-	{ "Secure Payload BL3-2 (Trusted OS) key certificate", UUID_SECURE_PAYLOAD_BL32_KEY_CERT,
-	  "bl32-key-cert", NULL, FLAG_FILENAME},
-	{ "Non-Trusted Firmware BL3-3 key certificate", UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT,
-	  "bl33-key-cert", NULL, FLAG_FILENAME},
+	{ "SCP Firmware key certificate", UUID_SCP_FW_KEY_CERT,
+	  "scp-fw-key-cert", NULL, FLAG_FILENAME},
+	{ "SoC Firmware key certificate", UUID_SOC_FW_KEY_CERT,
+	  "soc-fw-key-cert", NULL, FLAG_FILENAME},
+	{ "Trusted OS Firmware key certificate", UUID_TRUSTED_OS_FW_KEY_CERT,
+	  "tos-fw-key-cert", NULL, FLAG_FILENAME},
+	{ "Non-Trusted Firmware key certificate", UUID_NON_TRUSTED_FW_KEY_CERT,
+	  "nt-fw-key-cert", NULL, FLAG_FILENAME},
 	/* Content certificates */
-	{ "Trusted Boot Firmware BL2 certificate", UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT,
-	  "bl2-cert", NULL, FLAG_FILENAME },
-	{ "SCP Firmware BL3-0 certificate", UUID_SCP_FIRMWARE_BL30_CERT,
-	  "bl30-cert", NULL, FLAG_FILENAME},
-	{ "EL3 Runtime Firmware BL3-1 certificate", UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT,
-	  "bl31-cert", NULL, FLAG_FILENAME},
-	{ "Secure Payload BL3-2 (Trusted OS) certificate", UUID_SECURE_PAYLOAD_BL32_CERT,
-	  "bl32-cert", NULL, FLAG_FILENAME},
-	{ "Non-Trusted Firmware BL3-3 certificate", UUID_NON_TRUSTED_FIRMWARE_BL33_CERT,
-	  "bl33-cert", NULL, FLAG_FILENAME},
+	{ "Trusted Boot Firmware BL2 certificate", UUID_TRUSTED_BOOT_FW_CERT,
+	  "tb-fw-cert", NULL, FLAG_FILENAME },
+	{ "SCP Firmware content certificate", UUID_SCP_FW_CONTENT_CERT,
+	  "scp-fw-cert", NULL, FLAG_FILENAME},
+	{ "SoC Firmware content certificate", UUID_SOC_FW_CONTENT_CERT,
+	  "soc-fw-cert", NULL, FLAG_FILENAME},
+	{ "Trusted OS Firmware content certificate", UUID_TRUSTED_OS_FW_CONTENT_CERT,
+	  "tos-fw-cert", NULL, FLAG_FILENAME},
+	{ "Non-Trusted Firmware content certificate", UUID_NON_TRUSTED_FW_CONTENT_CERT,
+	  "nt-fw-cert", NULL, FLAG_FILENAME},
 	{ NULL, {0}, 0 }
 };