Unverified Commit 3ba92957 authored by Dimitris Papastamos's avatar Dimitris Papastamos Committed by GitHub
Browse files

Merge pull request #1510 from robertovargas-arm/romlib

Add support for moving libraries to ROM
parents 0983b8b1 1eb735d7
......@@ -45,7 +45,7 @@ CHECKCODE_ARGS := --no-patch
# Do not check the coding style on imported library files or documentation files
INC_LIB_DIRS_TO_CHECK := $(sort $(filter-out \
include/lib/libfdt \
include/lib/stdlib, \
include/lib/libc, \
$(wildcard include/lib/*)))
INC_DIRS_TO_CHECK := $(sort $(filter-out \
include/lib, \
......@@ -53,7 +53,7 @@ INC_DIRS_TO_CHECK := $(sort $(filter-out \
LIB_DIRS_TO_CHECK := $(sort $(filter-out \
lib/compiler-rt \
lib/libfdt% \
lib/stdlib, \
lib/libc, \
$(wildcard lib/*)))
ROOT_DIRS_TO_CHECK := $(sort $(filter-out \
lib \
......@@ -172,7 +172,7 @@ TF_CFLAGS_aarch64 += -mgeneral-regs-only -mstrict-align
ASFLAGS_aarch32 = $(march32-directive)
ASFLAGS_aarch64 = -march=armv8-a
CPPFLAGS = ${DEFINES} ${INCLUDES} -nostdinc \
CPPFLAGS = ${DEFINES} ${INCLUDES} ${MBEDTLS_INC} -nostdinc \
-Wmissing-include-dirs -Werror
ASFLAGS += $(CPPFLAGS) $(ASFLAGS_$(ARCH)) \
-D__ASSEMBLY__ -ffreestanding \
......@@ -198,7 +198,7 @@ DTC_FLAGS += -I dts -O dtb
# Common sources and include directories
################################################################################
include lib/compiler-rt/compiler-rt.mk
include lib/stdlib/stdlib.mk
include lib/libc/libc.mk
BL_COMMON_SOURCES += common/bl_common.c \
common/tf_log.c \
......@@ -211,8 +211,7 @@ BL_COMMON_SOURCES += common/bl_common.c \
plat/common/plat_log_common.c \
plat/common/${ARCH}/plat_common.c \
plat/common/${ARCH}/platform_helpers.S \
${COMPILER_RT_SRCS} \
${STDLIB_SRCS}
${COMPILER_RT_SRCS}
INCLUDES += -Iinclude \
-Iinclude/bl1 \
......@@ -506,6 +505,9 @@ CRTTOOL ?= ${CRTTOOLPATH}/cert_create${BIN_EXT}
FIPTOOLPATH ?= tools/fiptool
FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT}
# Variables for use with ROMLIB
ROMLIBPATH ?= lib/romlib
################################################################################
# Include BL specific makefiles
################################################################################
......@@ -574,6 +576,7 @@ $(eval $(call assert_boolean,SEPARATE_CODE_AND_RODATA))
$(eval $(call assert_boolean,SPIN_ON_BL1_EXIT))
$(eval $(call assert_boolean,TRUSTED_BOARD_BOOT))
$(eval $(call assert_boolean,USE_COHERENT_MEM))
$(eval $(call assert_boolean,USE_ROMLIB))
$(eval $(call assert_boolean,USE_TBBR_DEFS))
$(eval $(call assert_boolean,WARMBOOT_ENABLE_DCACHE_EARLY))
$(eval $(call assert_boolean,BL2_AT_EL3))
......@@ -626,6 +629,7 @@ $(eval $(call add_define,SPD_${SPD}))
$(eval $(call add_define,SPIN_ON_BL1_EXIT))
$(eval $(call add_define,TRUSTED_BOARD_BOOT))
$(eval $(call add_define,USE_COHERENT_MEM))
$(eval $(call add_define,USE_ROMLIB))
$(eval $(call add_define,USE_TBBR_DEFS))
$(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY))
$(eval $(call add_define,BL2_AT_EL3))
......@@ -670,6 +674,9 @@ ifeq (${ERROR_DEPRECATED},0)
CPPFLAGS += -Wno-error=deprecated-declarations -Wno-error=cpp
endif
$(eval $(call MAKE_LIB_DIRS))
$(eval $(call MAKE_LIB,c))
# Expand build macros for the different images
ifeq (${NEED_BL1},yes)
$(eval $(call MAKE_BL,1))
......@@ -734,6 +741,7 @@ clean:
$(call SHELL_REMOVE_DIR,${BUILD_PLAT})
${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
realclean distclean:
@echo " REALCLEAN"
......@@ -741,11 +749,12 @@ realclean distclean:
$(call SHELL_DELETE_ALL, ${CURDIR}/cscope.*)
${Q}${MAKE} --no-print-directory -C ${FIPTOOLPATH} clean
${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} clean
${Q}${MAKE} --no-print-directory -C ${ROMLIBPATH} clean
checkcodebase: locate-checkpatch
@echo " CHECKING STYLE"
@if test -d .git ; then \
git ls-files | grep -E -v 'libfdt|stdlib|docs|\.md' | \
git ls-files | grep -E -v 'libfdt|libc|docs|\.md' | \
while read GIT_FILE ; \
do ${CHECKPATCH} ${CHECKCODE_ARGS} -f $$GIT_FILE ; \
done ; \
......@@ -753,7 +762,7 @@ checkcodebase: locate-checkpatch
find . -type f -not -iwholename "*.git*" \
-not -iwholename "*build*" \
-not -iwholename "*libfdt*" \
-not -iwholename "*stdlib*" \
-not -iwholename "*libc*" \
-not -iwholename "*docs*" \
-not -iwholename "*.md" \
-exec ${CHECKPATCH} ${CHECKCODE_ARGS} -f {} \; ; \
......@@ -819,6 +828,10 @@ fwu_fip: ${BUILD_PLAT}/${FWU_FIP_NAME}
${FIPTOOL}:
${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" --no-print-directory -C ${FIPTOOLPATH}
.PHONY: libraries
romlib.bin: libraries
${Q}${MAKE} BUILD_PLAT=${BUILD_PLAT} INCLUDES='${INCLUDES}' DEFINES='${DEFINES}' --no-print-directory -C ${ROMLIBPATH} all
cscope:
@echo " CSCOPE"
${Q}find ${CURDIR} -name "*.[chsS]" > cscope.files
......
......@@ -14,9 +14,7 @@ BL1_SOURCES += bl1/bl1_main.c \
lib/el3_runtime/${ARCH}/context_mgmt.c \
plat/common/plat_bl1_common.c \
plat/common/${ARCH}/platform_up_stack.S \
${MBEDTLS_COMMON_SOURCES} \
${MBEDTLS_CRYPTO_SOURCES} \
${MBEDTLS_X509_SOURCES}
${MBEDTLS_SOURCES}
ifeq (${ARCH},aarch64)
BL1_SOURCES += lib/el3_runtime/aarch64/context.S
......
......@@ -8,9 +8,7 @@ BL2_SOURCES += bl2/bl2_main.c \
bl2/${ARCH}/bl2_arch_setup.c \
lib/locks/exclusive/${ARCH}/spinlock.S \
plat/common/${ARCH}/platform_up_stack.S \
${MBEDTLS_COMMON_SOURCES} \
${MBEDTLS_CRYPTO_SOURCES} \
${MBEDTLS_X509_SOURCES}
${MBEDTLS_SOURCES}
ifeq (${ARCH},aarch64)
BL2_SOURCES += common/aarch64/early_exceptions.S
......
......@@ -17,6 +17,7 @@
#include <platform_def.h>
#include <stdint.h>
/*******************************************************************************
* This function is responsible to:
* Load SCP_BL2U if platform has defined SCP_BL2U_BASE
......
......@@ -5,6 +5,7 @@
*/
#include <debug.h>
#include <stdlib.h>
/* mbed TLS headers */
#include <mbedtls/memory_buffer_alloc.h>
......@@ -23,6 +24,12 @@
#endif
static unsigned char heap[MBEDTLS_HEAP_SIZE];
static void cleanup(void)
{
ERROR("EXIT from BL2\n");
panic();
}
/*
* mbed TLS initialization function
*/
......@@ -31,6 +38,9 @@ void mbedtls_init(void)
static int ready;
if (!ready) {
if (atexit(cleanup))
panic();
/* Initialize the mbed TLS heap */
mbedtls_memory_buffer_alloc_init(heap, MBEDTLS_HEAP_SIZE);
......
......@@ -13,22 +13,86 @@ ifeq (${MBEDTLS_DIR},)
$(error Error: MBEDTLS_DIR not set)
endif
INCLUDES += -I${MBEDTLS_DIR}/include \
-Iinclude/drivers/auth/mbedtls
MBEDTLS_INC = -I${MBEDTLS_DIR}/include
INCLUDES += -Iinclude/drivers/auth/mbedtls
# Specify mbed TLS configuration file
MBEDTLS_CONFIG_FILE := "<mbedtls_config.h>"
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \
$(addprefix ${MBEDTLS_DIR}/library/, \
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c
LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
asn1parse.c \
asn1write.c \
memory_buffer_alloc.c \
oid.c \
platform.c \
platform_util.c \
bignum.c \
md.c \
md_wrap.c \
pk.c \
pk_wrap.c \
pkparse.c \
pkwrite.c \
sha256.c \
sha512.c \
ecdsa.c \
ecp_curves.c \
ecp.c \
rsa.c \
rsa_internal.c \
x509.c \
x509_crt.c \
)
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
# algorithm to use. If the variable is not defined, select it based on algorithm
# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
ifeq (${TF_MBEDTLS_KEY_ALG},)
ifeq (${KEY_ALG}, ecdsa)
TF_MBEDTLS_KEY_ALG := ecdsa
else
TF_MBEDTLS_KEY_ALG := rsa
endif
endif
# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
# backward compatibility
ifdef MBEDTLS_KEY_ALG
ifeq (${ERROR_DEPRECATED},1)
$(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
endif
$(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG}
endif
ifeq (${HASH_ALG}, sha384)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384
else ifeq (${HASH_ALG}, sha512)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512
else
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256
endif
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
else
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
endif
# Needs to be set to drive mbed TLS configuration correctly
$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
$(eval $(call MAKE_LIB,mbedtls))
endif
......@@ -6,86 +6,6 @@
include drivers/auth/mbedtls/mbedtls_common.mk
# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
# algorithm to use. If the variable is not defined, select it based on algorithm
# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is
# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`.
ifeq (${TF_MBEDTLS_KEY_ALG},)
ifeq (${KEY_ALG}, ecdsa)
TF_MBEDTLS_KEY_ALG := ecdsa
else
TF_MBEDTLS_KEY_ALG := rsa
endif
endif
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_crypto.c
# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for
# backward compatibility
ifdef MBEDTLS_KEY_ALG
ifeq (${ERROR_DEPRECATED},1)
$(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
endif
$(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG")
TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG}
endif
MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \
$(addprefix ${MBEDTLS_DIR}/library/, \
bignum.c \
md.c \
md_wrap.c \
pk.c \
pk_wrap.c \
pkparse.c \
pkwrite.c \
)
ifeq (${HASH_ALG}, sha384)
MBEDTLS_CRYPTO_SOURCES += \
$(addprefix ${MBEDTLS_DIR}/library/, \
sha256.c \
sha512.c \
)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384
else ifeq (${HASH_ALG}, sha512)
MBEDTLS_CRYPTO_SOURCES += \
$(addprefix ${MBEDTLS_DIR}/library/, \
sha256.c \
sha512.c \
)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512
else
MBEDTLS_CRYPTO_SOURCES += \
$(addprefix ${MBEDTLS_DIR}/library/, \
sha256.c \
)
TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256
endif
# Key algorithm specific files
MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
ecdsa.c \
ecp_curves.c \
ecp.c \
)
MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \
rsa.c \
)
ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa)
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa)
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA
else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa)
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES)
MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES)
TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA
else
$(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS")
endif
# Needs to be set to drive mbed TLS configuration correctly
$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID))
$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID))
......@@ -6,8 +6,4 @@
include drivers/auth/mbedtls/mbedtls_common.mk
MBEDTLS_X509_SOURCES := drivers/auth/mbedtls/mbedtls_x509_parser.c \
$(addprefix ${MBEDTLS_DIR}/library/, \
x509.c \
x509_crt.c \
)
MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_x509_parser.c
/*
* Copyright (c) 2018, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef ROMLIB_H_
#define ROMLIB_MAJOR 0
#define ROMLIB_MINOR 1
#define ROMLIB_VERSION ((ROMLIB_MAJOR << 8) | ROMLIB_MINOR)
int rom_lib_init(int version);
#endif
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment