Commit 3bff910d authored by Sandrine Bailleux's avatar Sandrine Bailleux
Browse files

Introduce COT build option



Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.

Right now, the only available CoT is TBBR.

Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
parent 067f7e9c
...@@ -1009,7 +1009,7 @@ certtool: ${CRTTOOL} ...@@ -1009,7 +1009,7 @@ certtool: ${CRTTOOL}
.PHONY: ${CRTTOOL} .PHONY: ${CRTTOOL}
${CRTTOOL}: ${CRTTOOL}:
${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} --no-print-directory -C ${CRTTOOLPATH}
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@echo "Built $@ successfully" @echo "Built $@ successfully"
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
......
...@@ -128,6 +128,9 @@ Common build options ...@@ -128,6 +128,9 @@ Common build options
``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need ``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
to be implemented in this case. to be implemented in this case.
- ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
Defaults to ``tbbr``.
- ``CRASH_REPORTING``: A non-zero value enables a console dump of processor - ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
register state when an unexpected exception occurs during execution of register state when an unexpected exception occurs during execution of
BL31. This option defaults to the value of ``DEBUG`` - i.e. by default BL31. This option defaults to the value of ``DEBUG`` - i.e. by default
......
# #
# Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
...@@ -201,6 +201,9 @@ USE_DEBUGFS := 0 ...@@ -201,6 +201,9 @@ USE_DEBUGFS := 0
# Build option to choose whether Trusted Firmware uses library at ROM # Build option to choose whether Trusted Firmware uses library at ROM
USE_ROMLIB := 0 USE_ROMLIB := 0
# Chain of trust.
COT := tbbr
# Use tbbr_oid.h instead of platform_oid.h # Use tbbr_oid.h instead of platform_oid.h
USE_TBBR_DEFS := 1 USE_TBBR_DEFS := 1
......
# #
# Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
...@@ -254,7 +254,13 @@ ifneq (${TRUSTED_BOARD_BOOT},0) ...@@ -254,7 +254,13 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
AUTH_SOURCES := drivers/auth/auth_mod.c \ AUTH_SOURCES := drivers/auth/auth_mod.c \
drivers/auth/crypto_mod.c \ drivers/auth/crypto_mod.c \
drivers/auth/img_parser_mod.c \ drivers/auth/img_parser_mod.c \
drivers/auth/tbbr/tbbr_cot.c \
# Include the selected chain of trust sources.
ifeq (${COT},tbbr)
AUTH_SOURCES += drivers/auth/tbbr/tbbr_cot.c
else
$(error Unknown chain of trust ${COT})
endif
BL1_SOURCES += ${AUTH_SOURCES} \ BL1_SOURCES += ${AUTH_SOURCES} \
bl1/tbbr/tbbr_img_desc.c \ bl1/tbbr/tbbr_img_desc.c \
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment