Merge pull request #315 from jcastillo-arm/jc/tbb_tmp9

Authentication Framework

drivers/auth/tbbr/tbbr_cot.c

+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <auth_mod.h>
+#include <platform_def.h>
+#include <platform_oid.h>
+#include <stddef.h>
+
+/*
+ * Maximum key and hash sizes (in DER format)
+ */
+#define PK_DER_LEN			294
+#define HASH_DER_LEN			51
+
+/*
+ * The platform must allocate buffers to store the authentication parameters
+ * extracted from the certificates. In this case, because of the way the CoT is
+ * established, we can reuse some of the buffers on different stages
+ */
+static unsigned char plat_bl2_hash_buf[HASH_DER_LEN];
+static unsigned char plat_bl30_hash_buf[HASH_DER_LEN];
+static unsigned char plat_bl31_hash_buf[HASH_DER_LEN];
+static unsigned char plat_bl32_hash_buf[HASH_DER_LEN];
+static unsigned char plat_bl33_hash_buf[HASH_DER_LEN];
+static unsigned char plat_tz_world_pk_buf[PK_DER_LEN];
+static unsigned char plat_ntz_world_pk_buf[PK_DER_LEN];
+static unsigned char plat_content_pk[PK_DER_LEN];
+
+/*
+ * Parameter type descriptors
+ */
+static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, 0);
+static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_SIG, 0);
+static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_SIG_ALG, 0);
+static auth_param_type_desc_t raw_data = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_RAW_DATA, 0);
+
+static auth_param_type_desc_t tz_world_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, TZ_WORLD_PK_OID);
+static auth_param_type_desc_t ntz_world_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, NTZ_WORLD_PK_OID);
+
+static auth_param_type_desc_t bl30_content_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, BL30_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t bl31_content_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, BL31_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t bl32_content_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, BL32_CONTENT_CERT_PK_OID);
+static auth_param_type_desc_t bl33_content_pk = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_PUB_KEY, BL33_CONTENT_CERT_PK_OID);
+
+static auth_param_type_desc_t bl2_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, BL2_HASH_OID);
+static auth_param_type_desc_t bl30_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, BL30_HASH_OID);
+static auth_param_type_desc_t bl31_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, BL31_HASH_OID);
+static auth_param_type_desc_t bl32_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, BL32_HASH_OID);
+static auth_param_type_desc_t bl33_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, BL33_HASH_OID);
+
+/*
+ * TBBR Chain of trust definition
+ */
+static const auth_img_desc_t cot_desc[] = {
+	/*
+	 * BL2
+	 */
+	[BL2_CERT_ID] = {
+		.img_id = BL2_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = NULL,
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &subject_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl2_hash,
+				.data = {
+					.ptr = (void *)plat_bl2_hash_buf,
+					.len = (unsigned int)HASH_DER_LEN
+				}
+			}
+		}
+	},
+	[BL2_IMAGE_ID] = {
+		.img_id = BL2_IMAGE_ID,
+		.img_type = IMG_RAW,
+		.parent = &cot_desc[BL2_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_HASH,
+				.param.hash = {
+					.data = &raw_data,
+					.hash = &bl2_hash,
+				}
+			}
+		}
+	},
+	/*
+	 * Trusted key certificate
+	 */
+	[TRUSTED_KEY_CERT_ID] = {
+		.img_id = TRUSTED_KEY_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = NULL,
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &subject_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &tz_world_pk,
+				.data = {
+					.ptr = (void *)plat_tz_world_pk_buf,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			},
+			[1] = {
+				.type_desc = &ntz_world_pk,
+				.data = {
+					.ptr = (void *)plat_ntz_world_pk_buf,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			}
+		}
+	},
+	/*
+	 * BL3-0
+	 */
+	[BL30_KEY_CERT_ID] = {
+		.img_id = BL30_KEY_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[TRUSTED_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &tz_world_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl30_content_pk,
+				.data = {
+					.ptr = (void *)plat_content_pk,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			}
+		}
+	},
+	[BL30_CERT_ID] = {
+		.img_id = BL30_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[BL30_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &bl30_content_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl30_hash,
+				.data = {
+					.ptr = (void *)plat_bl30_hash_buf,
+					.len = (unsigned int)HASH_DER_LEN
+				}
+			}
+		}
+	},
+	[BL30_IMAGE_ID] = {
+		.img_id = BL30_IMAGE_ID,
+		.img_type = IMG_RAW,
+		.parent = &cot_desc[BL30_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_HASH,
+				.param.hash = {
+					.data = &raw_data,
+					.hash = &bl30_hash,
+				}
+			}
+		}
+	},
+	/*
+	 * BL3-1
+	 */
+	[BL31_KEY_CERT_ID] = {
+		.img_id = BL31_KEY_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[TRUSTED_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &tz_world_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl31_content_pk,
+				.data = {
+					.ptr = (void *)plat_content_pk,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			}
+		}
+	},
+	[BL31_CERT_ID] = {
+		.img_id = BL31_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[BL31_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &bl31_content_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl31_hash,
+				.data = {
+					.ptr = (void *)plat_bl31_hash_buf,
+					.len = (unsigned int)HASH_DER_LEN
+				}
+			}
+		}
+	},
+	[BL31_IMAGE_ID] = {
+		.img_id = BL31_IMAGE_ID,
+		.img_type = IMG_RAW,
+		.parent = &cot_desc[BL31_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_HASH,
+				.param.hash = {
+					.data = &raw_data,
+					.hash = &bl31_hash,
+				}
+			}
+		}
+	},
+	/*
+	 * BL3-2
+	 */
+	[BL32_KEY_CERT_ID] = {
+		.img_id = BL32_KEY_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[TRUSTED_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &tz_world_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl32_content_pk,
+				.data = {
+					.ptr = (void *)plat_content_pk,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			}
+		}
+	},
+	[BL32_CERT_ID] = {
+		.img_id = BL32_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[BL32_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &bl32_content_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl32_hash,
+				.data = {
+					.ptr = (void *)plat_bl32_hash_buf,
+					.len = (unsigned int)HASH_DER_LEN
+				}
+			}
+		}
+	},
+	[BL32_IMAGE_ID] = {
+		.img_id = BL32_IMAGE_ID,
+		.img_type = IMG_RAW,
+		.parent = &cot_desc[BL32_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_HASH,
+				.param.hash = {
+					.data = &raw_data,
+					.hash = &bl32_hash,
+				}
+			}
+		}
+	},
+	/*
+	 * BL3-3
+	 */
+	[BL33_KEY_CERT_ID] = {
+		.img_id = BL33_KEY_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[TRUSTED_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &ntz_world_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl33_content_pk,
+				.data = {
+					.ptr = (void *)plat_content_pk,
+					.len = (unsigned int)PK_DER_LEN
+				}
+			}
+		}
+	},
+	[BL33_CERT_ID] = {
+		.img_id = BL33_CERT_ID,
+		.img_type = IMG_CERT,
+		.parent = &cot_desc[BL33_KEY_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_SIG,
+				.param.sig = {
+					.pk = &bl33_content_pk,
+					.sig = &sig,
+					.alg = &sig_alg,
+					.data = &raw_data,
+				}
+			}
+		},
+		.authenticated_data = {
+			[0] = {
+				.type_desc = &bl33_hash,
+				.data = {
+					.ptr = (void *)plat_bl33_hash_buf,
+					.len = (unsigned int)HASH_DER_LEN
+				}
+			}
+		}
+	},
+	[BL33_IMAGE_ID] = {
+		.img_id = BL33_IMAGE_ID,
+		.img_type = IMG_RAW,
+		.parent = &cot_desc[BL33_CERT_ID],
+		.img_auth_methods = {
+			[0] = {
+				.type = AUTH_METHOD_HASH,
+				.param.hash = {
+					.data = &raw_data,
+					.hash = &bl33_hash,
+				}
+			}
+		}
+	}
+};
+
+/* Register the CoT in the authentication module */
+REGISTER_COT(cot_desc);

drivers/io/io_fip.c

@@ -50,11 +50,6 @@
 		x.node[0], x.node[1], x.node[2], x.node[3],			\
 		x.node[4], x.node[5]
 
-typedef struct {
-	const char	*name;
-	const uuid_t	 uuid;
-} plat_fip_name_uuid_t;
-
 typedef struct {
 	/* Put file_pos above the struct to allow {0} on static init.
 	 * It is a workaround for a known bug in GCC
@@ -64,37 +59,6 @@ typedef struct {
 	fip_toc_entry_t entry;
 } file_state_t;
 
-static const plat_fip_name_uuid_t name_uuid[] = {
-	{BL2_IMAGE_NAME, UUID_TRUSTED_BOOT_FIRMWARE_BL2},
-#ifdef BL30_IMAGE_NAME
-	/* BL3-0 is optional in the platform */
-	{BL30_IMAGE_NAME, UUID_SCP_FIRMWARE_BL30},
-#endif /* BL30_IMAGE_NAME */
-	{BL31_IMAGE_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31},
-#ifdef BL32_IMAGE_NAME
-	/* BL3-2 is optional in the platform */
-	{BL32_IMAGE_NAME, UUID_SECURE_PAYLOAD_BL32},
-#endif /* BL32_IMAGE_NAME */
-	{BL33_IMAGE_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33},
-#if TRUSTED_BOARD_BOOT
-	/* Certificates */
-	{BL2_CERT_NAME, UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT},
-	{TRUSTED_KEY_CERT_NAME, UUID_TRUSTED_KEY_CERT},
-#ifdef BL30_KEY_CERT_NAME
-	{BL30_KEY_CERT_NAME, UUID_SCP_FIRMWARE_BL30_KEY_CERT},
-#endif
-	{BL31_KEY_CERT_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT},
-	{BL32_KEY_CERT_NAME, UUID_SECURE_PAYLOAD_BL32_KEY_CERT},
-	{BL33_KEY_CERT_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT},
-#ifdef BL30_CERT_NAME
-	{BL30_CERT_NAME, UUID_SCP_FIRMWARE_BL30_CERT},
-#endif
-	{BL31_CERT_NAME, UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT},
-	{BL32_CERT_NAME, UUID_SECURE_PAYLOAD_BL32_CERT},
-	{BL33_CERT_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33_CERT},
-#endif /* TRUSTED_BOARD_BOOT */
-};
-
 static const uuid_t uuid_null = {0};
 static file_state_t current_file = {0};
 static uintptr_t backend_dev_handle;
@@ -113,13 +77,6 @@ static int fip_dev_init(io_dev_info_t *dev_info, const uintptr_t init_params);
 static int fip_dev_close(io_dev_info_t *dev_info);
 
 
-static inline int copy_uuid(uuid_t *dst, const uuid_t *src)
-{
-	memcpy(dst, src, sizeof(uuid_t));
-	return 0;
-}
-
-
 /* Return 0 for equal uuids. */
 static inline int compare_uuids(const uuid_t *uuid1, const uuid_t *uuid2)
 {
@@ -138,22 +95,6 @@ static inline int is_valid_header(fip_toc_header_t *header)
 }
 
 
-static int file_to_uuid(const char *filename, uuid_t *uuid)
-{
-	int i;
-	int status = -EINVAL;
-
-	for (i = 0; i < ARRAY_SIZE(name_uuid); i++) {
-		if (strcmp(filename, name_uuid[i].name) == 0) {
-			copy_uuid(uuid, &name_uuid[i].uuid);
-			status = 0;
-			break;
-		}
-	}
-	return status;
-}
-
-
 /* Identify the device type as a virtual driver */
 io_type_t device_type_fip(void)
 {
@@ -201,17 +142,17 @@ static int fip_dev_open(const uintptr_t dev_spec __attribute__((unused)),
 static int fip_dev_init(io_dev_info_t *dev_info, const uintptr_t init_params)
 {
 	int result = IO_FAIL;
-	char *image_name = (char *)init_params;
+	unsigned int image_id = (unsigned int)init_params;
 	uintptr_t backend_handle;
 	fip_toc_header_t header;
 	size_t bytes_read;
 
 	/* Obtain a reference to the image by querying the platform layer */
-	result = plat_get_image_source(image_name, &backend_dev_handle,
+	result = plat_get_image_source(image_id, &backend_dev_handle,
 				       &backend_image_spec);
 	if (result != IO_SUCCESS) {
-		WARN("Failed to obtain reference to image '%s' (%i)\n",
-			image_name, result);
+		WARN("Failed to obtain reference to image id=%u (%i)\n",
+			image_id, result);
 		result = IO_FAIL;
 		goto fip_dev_init_exit;
 	}
@@ -220,7 +161,7 @@ static int fip_dev_init(io_dev_info_t *dev_info, const uintptr_t init_params)
 	result = io_open(backend_dev_handle, backend_image_spec,
 			 &backend_handle);
 	if (result != IO_SUCCESS) {
-		WARN("Failed to access image '%s' (%i)\n", image_name, result);
+		WARN("Failed to access image id=%u (%i)\n", image_id, result);
 		result = IO_FAIL;
 		goto fip_dev_init_exit;
 	}
@@ -261,12 +202,11 @@ static int fip_file_open(io_dev_info_t *dev_info, const uintptr_t spec,
 {
 	int result = IO_FAIL;
 	uintptr_t backend_handle;
-	uuid_t file_uuid;
-	const io_file_spec_t *file_spec = (io_file_spec_t *)spec;
+	const io_uuid_spec_t *uuid_spec = (io_uuid_spec_t *)spec;
 	size_t bytes_read;
 	int found_file = 0;
 
-	assert(file_spec != NULL);
+	assert(uuid_spec != NULL);
 	assert(entity != NULL);
 
 	/* Can only have one file open at a time for the moment. We need to
@@ -297,8 +237,6 @@ static int fip_file_open(io_dev_info_t *dev_info, const uintptr_t spec,
 		goto fip_file_open_close;
 	}
 
-	file_to_uuid(file_spec->path, &file_uuid);
-
 	found_file = 0;
 	do {
 		result = io_read(backend_handle,
@@ -307,7 +245,7 @@ static int fip_file_open(io_dev_info_t *dev_info, const uintptr_t spec,
 				 &bytes_read);
 		if (result == IO_SUCCESS) {
 			if (compare_uuids(&current_file.entry.uuid,
-					  &file_uuid) == 0) {
+					  &uuid_spec->uuid) == 0) {
 				found_file = 1;
 				break;
 			}

include/common/bl_common.h

@@ -226,10 +226,15 @@ CASSERT(sizeof(unsigned long) ==
  ******************************************************************************/
 unsigned long page_align(unsigned long, unsigned);
 void change_security_state(unsigned int);
-unsigned long image_size(const char *);
+unsigned long image_size(unsigned int image_id);
 int load_image(meminfo_t *mem_layout,
-	       const char *image_name,
-	       uint64_t image_base,
+	       unsigned int image_id,
+	       uintptr_t image_base,
+	       image_info_t *image_data,
+	       entry_point_info_t *entry_point_info);
+int load_auth_image(meminfo_t *mem_layout,
+		    unsigned int image_name,
+		    uintptr_t image_base,
 		    image_info_t *image_data,
 		    entry_point_info_t *entry_point_info);
 extern const char build_message[];

include/common/tbbr/cot_def.h

+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __COT_DEF_H__
+#define __COT_DEF_H__
+
+/* TBBR CoT definitions */
+
+#define COT_MAX_VERIFIED_PARAMS		4
+
+#endif /* __COT_DEF_H__ */

include/common/tbbr/tbbr_img_def.h

+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __TBBR_IMG_DEF_H__
+#define __TBBR_IMG_DEF_H__
+
+/* Firmware Image Package */
+#define FIP_IMAGE_ID			0
+
+/* Trusted Boot Firmware BL2 */
+#define BL2_IMAGE_ID			1
+
+/* SCP Firmware BL3-0 */
+#define BL30_IMAGE_ID			2
+
+/* EL3 Runtime Firmware BL31 */
+#define BL31_IMAGE_ID			3
+
+/* Secure Payload BL32 (Trusted OS) */
+#define BL32_IMAGE_ID			4
+
+/* Non-Trusted Firmware BL33 */
+#define BL33_IMAGE_ID			5
+
+/* Certificates */
+#define BL2_CERT_ID			6
+#define TRUSTED_KEY_CERT_ID		7
+
+#define BL30_KEY_CERT_ID		8
+#define BL31_KEY_CERT_ID		9
+#define BL32_KEY_CERT_ID		10
+#define BL33_KEY_CERT_ID		11
+
+#define BL30_CERT_ID			12
+#define BL31_CERT_ID			13
+#define BL32_CERT_ID			14
+#define BL33_CERT_ID			15
+
+#endif /* __TBBR_IMG_DEF_H__ */

include/drivers/auth/auth_common.h

+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __AUTH_COMMON_H__
+#define __AUTH_COMMON_H__
+
+/*
+ * Authentication framework common types
+ */
+
+/*
+ * Type of parameters that can be extracted from an image and
+ * used for authentication
+ */
+typedef enum auth_param_type_enum {
+	AUTH_PARAM_NONE,
+	AUTH_PARAM_RAW_DATA,		/* Raw image data */
+	AUTH_PARAM_SIG,			/* The image signature */
+	AUTH_PARAM_SIG_ALG,		/* The image signature algorithm */
+	AUTH_PARAM_HASH,		/* A hash (including the algorithm) */
+	AUTH_PARAM_PUB_KEY,		/* A public key */
+} auth_param_type_t;
+
+/*
+ * Defines an authentication parameter. The cookie will be interpreted by the
+ * image parser module.
+ */
+typedef struct auth_param_type_desc_s {
+	auth_param_type_t type;
+	void *cookie;
+} auth_param_type_desc_t;
+
+/*
+ * Store a pointer to the authentication parameter and its length
+ */
+typedef struct auth_param_data_desc_s {
+	void *ptr;
+	unsigned int len;
+} auth_param_data_desc_t;
+
+/*
+ * Authentication parameter descriptor, including type and value
+ */
+typedef struct auth_param_desc_s {
+	auth_param_type_desc_t *type_desc;
+	auth_param_data_desc_t data;
+} auth_param_desc_t;
+
+/*
+ * The method type defines how an image is authenticated
+ */
+typedef enum auth_method_type_enum {
+	AUTH_METHOD_NONE = 0,
+	AUTH_METHOD_HASH,	/* Authenticate by hash matching */
+	AUTH_METHOD_SIG,	/* Authenticate by PK operation */
+	AUTH_METHOD_NUM 	/* Number of methods */
+} auth_method_type_t;
+
+/*
+ * Parameters for authentication by hash matching
+ */
+typedef struct auth_method_param_hash_s {
+	auth_param_type_desc_t *data;	/* Data to hash */
+	auth_param_type_desc_t *hash;	/* Hash to match with */
+} auth_method_param_hash_t;
+
+/*
+ * Parameters for authentication by signature
+ */
+typedef struct auth_method_param_sig_s {
+	auth_param_type_desc_t *pk;	/* Public key */
+	auth_param_type_desc_t *sig;	/* Signature to check */
+	auth_param_type_desc_t *alg;	/* Signature algorithm */
+	auth_param_type_desc_t *data;	/* Data signed */
+} auth_method_param_sig_t;
+
+/*
+ * Parameters for authentication by NV counter
+ */
+typedef struct auth_method_param_nv_ctr_s {
+	auth_param_type_desc_t *nv_ctr;	/* NV counter value */
+} auth_method_param_nv_ctr_t;
+
+/*
+ * Authentication method descriptor
+ */
+typedef struct auth_method_desc_s {
+	auth_method_type_t type;
+	union {
+		auth_method_param_hash_t hash;
+		auth_method_param_sig_t sig;
+		auth_method_param_nv_ctr_t nv_ctr;
+	} param;
+} auth_method_desc_t;
+
+/*
+ * Helper macro to define an authentication parameter type descriptor
+ */
+#define AUTH_PARAM_TYPE_DESC(_type, _cookie) \
+	{ \
+		.type = _type, \
+		.cookie = (void *)_cookie \
+	}
+
+/*
+ * Helper macro to define an authentication parameter data descriptor
+ */
+#define AUTH_PARAM_DATA_DESC(_ptr, _len) \
+	{ \
+		.ptr = (void *)_ptr, \
+		.len = (unsigned int)_len \
+	}
+
+#endif /* __AUTH_COMMON_H__ */

include/drivers/auth/mbedtls/mbedtls_common.h

+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef __MBEDTLS_COMMON_H__
+#define __MBEDTLS_COMMON_H__
+
+void mbedtls_init(void);
+
+#endif /* __MBEDTLS_COMMON_H__ */

include/drivers/io/io_storage.h

@@ -33,6 +33,7 @@
 
 #include <stdint.h>
 #include <stdio.h> /* For ssize_t */
+#include <uuid.h>
 
 
 /* Device type which can be used to enable policy decisions about which device
@@ -67,6 +68,11 @@ typedef struct io_file_spec {
 	unsigned int mode;
 } io_file_spec_t;
 
+/* UUID specification - used to refer to data accessed using UUIDs (i.e. FIP
+ * images) */
+typedef struct io_uuid_spec {
+	const uuid_t uuid;
+} io_uuid_spec_t;
 
 /* Block specification - used to refer to data on a device supporting
  * block-like entities */