Commit 53d703a5 authored by Yatharth Kochar's avatar Yatharth Kochar
Browse files

Enable TRUSTED_BOARD_BOOT support for LOAD_IMAGE_V2=1



This patch enables TRUSTED_BOARD_BOOT (Authentication and FWU)
support, for AArch64, when LOAD_IMAGE_V2 is enabled.

This patch also enables LOAD_IMAGE_V2 for ARM platforms.

Change-Id: I294a2eebce7a30b6784c80c9d4ac7752808ee3ad
Signed-off-by: default avatarYatharth Kochar <yatharth.kochar@arm.com>
parent 1b5fa6ef
...@@ -122,10 +122,6 @@ ifneq (${GENERATE_COT},0) ...@@ -122,10 +122,6 @@ ifneq (${GENERATE_COT},0)
FWU_FIP_DEPS += fwu_certificates FWU_FIP_DEPS += fwu_certificates
endif endif
# For AArch32, enable new version of image loading.
ifeq (${ARCH},aarch32)
LOAD_IMAGE_V2 := 1
endif
################################################################################ ################################################################################
# Toolchain # Toolchain
...@@ -294,19 +290,15 @@ ifeq (${NEED_BL33},yes) ...@@ -294,19 +290,15 @@ ifeq (${NEED_BL33},yes)
endif endif
endif endif
# TRUSTED_BOARD_BOOT is currently not supported when LOAD_IMAGE_V2 is enabled.
ifeq (${LOAD_IMAGE_V2},1)
ifeq (${TRUSTED_BOARD_BOOT},1)
$(error "TRUSTED_BOARD_BOOT is currently not supported \
for LOAD_IMAGE_V2=1")
endif
endif
# For AArch32, LOAD_IMAGE_V2 must be enabled.
ifeq (${ARCH},aarch32) ifeq (${ARCH},aarch32)
# For AArch32, LOAD_IMAGE_V2 must be enabled.
ifeq (${LOAD_IMAGE_V2}, 0) ifeq (${LOAD_IMAGE_V2}, 0)
$(error "For AArch32, LOAD_IMAGE_V2 must be enabled.") $(error "For AArch32, LOAD_IMAGE_V2 must be enabled.")
endif endif
# TRUSTED_BOARD_BOOT is currently not supported for AArch32.
ifeq (${TRUSTED_BOARD_BOOT},1)
$(error "TRUSTED_BOARD_BOOT is currently not supported for AArch32")
endif
endif endif
......
...@@ -121,7 +121,6 @@ static int bl1_fwu_image_copy(unsigned int image_id, ...@@ -121,7 +121,6 @@ static int bl1_fwu_image_copy(unsigned int image_id,
unsigned int flags) unsigned int flags)
{ {
uintptr_t base_addr; uintptr_t base_addr;
meminfo_t *mem_layout;
/* Get the image descriptor. */ /* Get the image descriptor. */
image_desc_t *image_desc = bl1_plat_get_image_desc(image_id); image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
...@@ -208,15 +207,22 @@ static int bl1_fwu_image_copy(unsigned int image_id, ...@@ -208,15 +207,22 @@ static int bl1_fwu_image_copy(unsigned int image_id,
WARN("BL1-FWU: Copy arguments source/size not mapped\n"); WARN("BL1-FWU: Copy arguments source/size not mapped\n");
return -ENOMEM; return -ENOMEM;
} }
#if LOAD_IMAGE_V2
/* Check that the image size to load is within limit */
if (image_size > image_desc->image_info.image_max_size) {
WARN("BL1-FWU: Image size out of bounds\n");
return -ENOMEM;
}
#else
/* Find out how much free trusted ram remains after BL1 load */ /* Find out how much free trusted ram remains after BL1 load */
mem_layout = bl1_plat_sec_mem_layout(); meminfo_t *mem_layout = bl1_plat_sec_mem_layout();
if ((image_desc->image_info.image_base < mem_layout->free_base) || if ((image_desc->image_info.image_base < mem_layout->free_base) ||
(image_desc->image_info.image_base + image_size > (image_desc->image_info.image_base + image_size >
mem_layout->free_base + mem_layout->free_size)) { mem_layout->free_base + mem_layout->free_size)) {
WARN("BL1-FWU: Memory not available to copy\n"); WARN("BL1-FWU: Memory not available to copy\n");
return -ENOMEM; return -ENOMEM;
} }
#endif
/* Update the image size. */ /* Update the image size. */
image_desc->image_info.image_size = image_size; image_desc->image_info.image_size = image_size;
......
...@@ -38,6 +38,9 @@ image_desc_t bl1_tbbr_image_descs[] = { ...@@ -38,6 +38,9 @@ image_desc_t bl1_tbbr_image_descs[] = {
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY, SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_1, image_info_t, 0), VERSION_1, image_info_t, 0),
.image_info.image_base = BL2_BASE, .image_info.image_base = BL2_BASE,
#if LOAD_IMAGE_V2
.image_info.image_max_size = BL2_LIMIT - BL2_BASE,
#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY, SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
VERSION_1, entry_point_info_t, SECURE), VERSION_1, entry_point_info_t, SECURE),
}, },
...@@ -55,6 +58,9 @@ image_desc_t bl1_tbbr_image_descs[] = { ...@@ -55,6 +58,9 @@ image_desc_t bl1_tbbr_image_descs[] = {
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY, SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_1, image_info_t, 0), VERSION_1, image_info_t, 0),
.image_info.image_base = SCP_BL2U_BASE, .image_info.image_base = SCP_BL2U_BASE,
#if LOAD_IMAGE_V2
.image_info.image_max_size = SCP_BL2U_LIMIT - SCP_BL2U_BASE,
#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY, SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
VERSION_1, entry_point_info_t, SECURE), VERSION_1, entry_point_info_t, SECURE),
}, },
...@@ -65,6 +71,9 @@ image_desc_t bl1_tbbr_image_descs[] = { ...@@ -65,6 +71,9 @@ image_desc_t bl1_tbbr_image_descs[] = {
SET_STATIC_PARAM_HEAD(image_info, PARAM_EP, SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
VERSION_1, image_info_t, 0), VERSION_1, image_info_t, 0),
.image_info.image_base = BL2U_BASE, .image_info.image_base = BL2U_BASE,
#if LOAD_IMAGE_V2
.image_info.image_max_size = BL2U_LIMIT - BL2U_BASE,
#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP, SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
VERSION_1, entry_point_info_t, SECURE | EXECUTABLE), VERSION_1, entry_point_info_t, SECURE | EXECUTABLE),
.ep_info.pc = BL2U_BASE, .ep_info.pc = BL2U_BASE,
......
...@@ -135,8 +135,10 @@ ...@@ -135,8 +135,10 @@
* SCP, it is discarded and BL31 is loaded over the top. * SCP, it is discarded and BL31 is loaded over the top.
*/ */
#define SCP_BL2_BASE BL31_BASE #define SCP_BL2_BASE BL31_BASE
#define SCP_BL2_LIMIT (SCP_BL2_BASE + PLAT_CSS_MAX_SCP_BL2_SIZE)
#define SCP_BL2U_BASE BL31_BASE #define SCP_BL2U_BASE BL31_BASE
#define SCP_BL2U_LIMIT (SCP_BL2U_BASE + PLAT_CSS_MAX_SCP_BL2U_SIZE)
#endif /* CSS_LOAD_SCP_IMAGES */ #endif /* CSS_LOAD_SCP_IMAGES */
/* Load address of Non-Secure Image for CSS platform ports */ /* Load address of Non-Secure Image for CSS platform ports */
......
...@@ -190,6 +190,12 @@ ...@@ -190,6 +190,12 @@
*/ */
#define PLAT_CSS_MAX_SCP_BL2_SIZE 0x1D000 #define PLAT_CSS_MAX_SCP_BL2_SIZE 0x1D000
/*
* PLAT_CSS_MAX_SCP_BL2U_SIZE is calculated using the current
* SCP_BL2U size plus a little space for growth.
*/
#define PLAT_CSS_MAX_SCP_BL2U_SIZE 0x1D000
/* /*
* Define a list of Group 1 Secure and Group 0 interrupts as per GICv3 * Define a list of Group 1 Secure and Group 0 interrupts as per GICv3
* terminology. On a GICv2 system or mode, the lists will be merged and treated * terminology. On a GICv2 system or mode, the lists will be merged and treated
......
...@@ -97,6 +97,8 @@ ENABLE_PSCI_STAT := 1 ...@@ -97,6 +97,8 @@ ENABLE_PSCI_STAT := 1
# mapping the former as executable and the latter as execute-never. # mapping the former as executable and the latter as execute-never.
SEPARATE_CODE_AND_RODATA := 1 SEPARATE_CODE_AND_RODATA := 1
# Enable new version of image loading on ARM platforms
LOAD_IMAGE_V2 := 1
PLAT_INCLUDES += -Iinclude/common/tbbr \ PLAT_INCLUDES += -Iinclude/common/tbbr \
-Iinclude/plat/arm/common -Iinclude/plat/arm/common
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment