Merge changes from topic "fw_config_handoff" into integration

* changes: doc: Update memory layout for firmware configuration area plat/arm: Increase size of firmware configuration area plat/arm: Load and populate fw_config and tb_fw_config fconf: Handle error from fconf_load_config plat/arm: Update the fw_config load call and populate it's information fconf: Allow fconf to load additional firmware configuration fconf: Clean confused naming between TB_FW and FW_CONFIG tbbr/dualroot: Add fw_config image in chain of trust cert_tool: Update cert_tool for fw_config image support fiptool: Add fw_config in FIP plat/arm: Rentroduce tb_fw_config device tree

Merge changes from topic "fw_config_handoff" into integration
* changes: doc: Update memory layout for firmware configuration area plat/arm: Increase size of firmware configuration area plat/arm: Load and populate fw_config and tb_fw_config fconf: Handle error from fconf_load_config plat/arm: Update the fw_config load call and populate it's information fconf: Allow fconf to load additional firmware configuration fconf: Clean confused naming between TB_FW and FW_CONFIG tbbr/dualroot: Add fw_config image in chain of trust cert_tool: Update cert_tool for fw_config image support fiptool: Add fw_config in FIP plat/arm: Rentroduce tb_fw_config device tree
99bcae5e · Sandrine Bailleux · TrustedFirmware Code Review · 24cdbb22 · 089fc624 · 99bcae5e
Commit 99bcae5e authored Jun 26, 2020 by Sandrine Bailleux Committed by TrustedFirmware Code Review Jun 26, 2020
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -83,6 +83,10 @@ Each of the Boot Loader stages may be dynamically configured if required by the
 platform. The Boot Loader stage may optionally specify a firmware
 configuration file and/or hardware configuration file as listed below:
+-  FW_CONFIG - The firmware configuration file. Holds properties shared across
+   all BLx images.
+   An example is the "dtb-registry" node, which contains the information about
+   the other device tree configurations (load-address, size, image_id).
 -  HW_CONFIG - The hardware configuration file. Can be shared by all Boot Loader
   stages and also by the Normal World Rich OS.
 -  TB_FW_CONFIG - Trusted Boot Firmware configuration file. Shared between BL1
@@ -109,8 +113,8 @@ convention:
   the generic hardware configuration is passed the next available argument.
   For example,
-   -  If TB_FW_CONFIG is loaded by BL1, then its address is passed in ``arg0``
+   -  FW_CONFIG is loaded by BL1, then its address is passed in ``arg0`` to BL2.
-      to BL2.
+   -  TB_FW_CONFIG address is retrieved by BL2 from FW_CONFIG device tree.
   -  If HW_CONFIG is loaded by BL1, then its address is passed in ``arg2`` to
      BL2. Note, ``arg1`` is already used for meminfo_t.
   -  If SOC_FW_CONFIG is loaded by BL2, then its address is passed in ``arg1``
@@ -1732,7 +1736,7 @@ CONFIG section in memory layouts shown below contains:
 ``bl2_mem_params_descs`` contains parameters passed from BL2 to next the
 BL image during boot.
-``fw_configs`` includes soc_fw_config, tos_fw_config and tb_fw_config.
+``fw_configs`` includes soc_fw_config, tos_fw_config, tb_fw_config and fw_config.
 **FVP with TSP in Trusted SRAM with firmware configs :**
 (These diagrams only cover the AArch64 case)
@@ -1757,7 +1761,7 @@ BL image during boot.
               |          |  <<<<<<<<<<<<<  | BL31 PROGBITS  |
               |          |  <<<<<<<<<<<<<  |----------------|
               |          |  <<<<<<<<<<<<<  |     BL32       |
-    0x04002000 +----------+                 +----------------+
+    0x04003000 +----------+                 +----------------+
               |  CONFIG  |
    0x04001000 +----------+
               |  Shared  |
@@ -1794,7 +1798,7 @@ BL image during boot.
               |--------------|  <<<<<<<<<<<<<  |----------------|
               |              |  <<<<<<<<<<<<<  | BL31 PROGBITS  |
               |              |                 +----------------+
-               +--------------+
+    0x04003000 +--------------+
               |    CONFIG    |
    0x04001000 +--------------+
               |    Shared    |
@@ -1828,7 +1832,7 @@ BL image during boot.
               |----------|  <<<<<<<<<<<<<  |----------------|
               |          |  <<<<<<<<<<<<<  | BL31 PROGBITS  |
               |          |                 +----------------+
-    0x04002000 +----------+
+    0x04003000 +----------+
               |  CONFIG  |
    0x04001000 +----------+
               |  Shared  |

--- a/drivers/arm/css/scp/css_bom_bootloader.c
+++ b/drivers/arm/css/scp/css_bom_bootloader.c
 /*
- * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -51,13 +51,13 @@ typedef struct {
 * All CSS platforms load SCP_BL2/SCP_BL2U just below BL2 (this is where BL31
 * usually resides except when ARM_BL31_IN_DRAM is
 * set). Ensure that SCP_BL2/SCP_BL2U do not overflow into shared RAM and
- * the tb_fw_config.
+ * the fw_config.
 */
 CASSERT(SCP_BL2_LIMIT <= BL2_BASE, assert_scp_bl2_overwrite_bl2);
 CASSERT(SCP_BL2U_LIMIT <= BL2_BASE, assert_scp_bl2u_overwrite_bl2);
-CASSERT(SCP_BL2_BASE >= ARM_TB_FW_CONFIG_LIMIT, assert_scp_bl2_overflow);
+CASSERT(SCP_BL2_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2_overflow);
-CASSERT(SCP_BL2U_BASE >= ARM_TB_FW_CONFIG_LIMIT, assert_scp_bl2u_overflow);
+CASSERT(SCP_BL2U_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2u_overflow);
 static void scp_boot_message_start(void)
 {

--- a/drivers/auth/dualroot/cot.c
+++ b/drivers/auth/dualroot/cot.c
@@ -16,6 +16,7 @@
 * Allocate static buffers to store the authentication parameters extracted from
 * the certificates.
 */
+static unsigned char fw_config_hash_buf[HASH_DER_LEN];
 static unsigned char tb_fw_hash_buf[HASH_DER_LEN];
 static unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
 static unsigned char hw_config_hash_buf[HASH_DER_LEN];
@@ -58,6 +59,8 @@ static auth_param_type_desc_t tb_fw_config_hash = AUTH_PARAM_TYPE_DESC(
 		AUTH_PARAM_HASH, TRUSTED_BOOT_FW_CONFIG_HASH_OID);
 static auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC(
 		AUTH_PARAM_HASH, HW_CONFIG_HASH_OID);
+static auth_param_type_desc_t fw_config_hash = AUTH_PARAM_TYPE_DESC(
+		AUTH_PARAM_HASH, FW_CONFIG_HASH_OID);
 #ifdef IMAGE_BL1
 static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
 		AUTH_PARAM_HASH, SCP_FWU_CFG_HASH_OID);
@@ -165,6 +168,13 @@ static const auth_img_desc_t trusted_boot_fw_cert = {
 				.ptr = (void *)hw_config_hash_buf,
 				.len = (unsigned int)HASH_DER_LEN
 			}
+		},
+		[3] = {
+			.type_desc = &fw_config_hash,
+			.data = {
+				.ptr = (void *)fw_config_hash_buf,
+				.len = (unsigned int)HASH_DER_LEN
+			}
 		}
 	}
 };
@@ -218,6 +228,22 @@ static const auth_img_desc_t tb_fw_config = {
 		}
 	}
 };
+static const auth_img_desc_t fw_config = {
+	.img_id = FW_CONFIG_ID,
+	.img_type = IMG_RAW,
+	.parent = &trusted_boot_fw_cert,
+	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+		[0] = {
+			.type = AUTH_METHOD_HASH,
+			.param.hash = {
+				.data = &raw_data,
+				.hash = &fw_config_hash
+			}
+		}
+	}
+};
 #endif /* IMAGE_BL1 */
 #ifdef IMAGE_BL2
@@ -860,6 +886,7 @@ static const auth_img_desc_t * const cot_desc[] = {
 	[BL2_IMAGE_ID]				=	&bl2_image,
 	[HW_CONFIG_ID]				=	&hw_config,
 	[TB_FW_CONFIG_ID]			=	&tb_fw_config,
+	[FW_CONFIG_ID]				=	&fw_config,
 	[FWU_CERT_ID]				=	&fwu_cert,
 	[SCP_BL2U_IMAGE_ID]			=	&scp_bl2u_image,
 	[BL2U_IMAGE_ID]				=	&bl2u_image,

--- a/drivers/auth/tbbr/tbbr_cot_bl1.c
+++ b/drivers/auth/tbbr/tbbr_cot_bl1.c
@@ -150,6 +150,21 @@ static const auth_img_desc_t tb_fw_config = {
 	}
 };
+static const auth_img_desc_t fw_config = {
+	.img_id = FW_CONFIG_ID,
+	.img_type = IMG_RAW,
+	.parent = &trusted_boot_fw_cert,
+	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
+		[0] = {
+			.type = AUTH_METHOD_HASH,
+			.param.hash = {
+				.data = &raw_data,
+				.hash = &fw_config_hash
+			}
+		}
+	}
+};
 /*
 * TBBR Chain of trust definition
 */
@@ -158,6 +173,7 @@ static const auth_img_desc_t * const cot_desc[] = {
 	[BL2_IMAGE_ID]				=	&bl2_image,
 	[HW_CONFIG_ID]				=	&hw_config,
 	[TB_FW_CONFIG_ID]			=	&tb_fw_config,
+	[FW_CONFIG_ID]				=	&fw_config,
 	[FWU_CERT_ID]				=	&fwu_cert,
 	[SCP_BL2U_IMAGE_ID]			=	&scp_bl2u_image,
 	[BL2U_IMAGE_ID]				=	&bl2u_image,

--- a/drivers/auth/tbbr/tbbr_cot_common.c
+++ b/drivers/auth/tbbr/tbbr_cot_common.c
@@ -23,9 +23,10 @@
 * established, we can reuse some of the buffers on different stages
 */
+static unsigned char fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
+static unsigned char hw_config_hash_buf[HASH_DER_LEN];
 unsigned char tb_fw_hash_buf[HASH_DER_LEN];
-unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
-unsigned char hw_config_hash_buf[HASH_DER_LEN];
 unsigned char scp_fw_hash_buf[HASH_DER_LEN];
 unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];
@@ -48,7 +49,9 @@ auth_param_type_desc_t tb_fw_hash = AUTH_PARAM_TYPE_DESC(
 	AUTH_PARAM_HASH, TRUSTED_BOOT_FW_HASH_OID);
 auth_param_type_desc_t tb_fw_config_hash = AUTH_PARAM_TYPE_DESC(
 	AUTH_PARAM_HASH, TRUSTED_BOOT_FW_CONFIG_HASH_OID);
-auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC(
+auth_param_type_desc_t fw_config_hash = AUTH_PARAM_TYPE_DESC(
+	AUTH_PARAM_HASH, FW_CONFIG_HASH_OID);
+static auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC(
 	AUTH_PARAM_HASH, HW_CONFIG_HASH_OID);
 /* trusted_boot_fw_cert */
@@ -95,6 +98,13 @@ const auth_img_desc_t trusted_boot_fw_cert = {
 				.ptr = (void *)hw_config_hash_buf,
 				.len = (unsigned int)HASH_DER_LEN
 			}
+		},
+		[3] = {
+			.type_desc = &fw_config_hash,
+			.data = {
+				.ptr = (void *)fw_config_hash_buf,
+				.len = (unsigned int)HASH_DER_LEN
+			}
 		}
 	}
 };

--- a/include/drivers/arm/css/css_scp.h
+++ b/include/drivers/arm/css/css_scp.h
 /*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -40,13 +40,13 @@ int css_scp_boot_ready(void);
 /*
 * All CSS platforms load SCP_BL2/SCP_BL2U just below BL2 (this is where BL31
 * usually resides except when ARM_BL31_IN_DRAM is
- * set). Ensure that SCP_BL2/SCP_BL2U do not overflow into tb_fw_config.
+ * set). Ensure that SCP_BL2/SCP_BL2U do not overflow into fw_config.
 */
 CASSERT(SCP_BL2_LIMIT <= BL2_BASE, assert_scp_bl2_overwrite_bl2);
 CASSERT(SCP_BL2U_LIMIT <= BL2_BASE, assert_scp_bl2u_overwrite_bl2);
-CASSERT(SCP_BL2_BASE >= ARM_TB_FW_CONFIG_LIMIT, assert_scp_bl2_overflow);
+CASSERT(SCP_BL2_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2_overflow);
-CASSERT(SCP_BL2U_BASE >= ARM_TB_FW_CONFIG_LIMIT, assert_scp_bl2u_overflow);
+CASSERT(SCP_BL2U_BASE >= ARM_FW_CONFIG_LIMIT, assert_scp_bl2u_overflow);
 #endif
 #endif /* CSS_SCP_H */
--- a/include/drivers/auth/tbbr_cot_common.h
+++ b/include/drivers/auth/tbbr_cot_common.h
@@ -10,8 +10,6 @@
 #include <drivers/auth/auth_mod.h>
 extern unsigned char tb_fw_hash_buf[HASH_DER_LEN];
-extern unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
-extern unsigned char hw_config_hash_buf[HASH_DER_LEN];
 extern unsigned char scp_fw_hash_buf[HASH_DER_LEN];
 extern unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];
@@ -23,7 +21,7 @@ extern auth_param_type_desc_t raw_data;
 extern auth_param_type_desc_t tb_fw_hash;
 extern auth_param_type_desc_t tb_fw_config_hash;
-extern auth_param_type_desc_t hw_config_hash;
+extern auth_param_type_desc_t fw_config_hash;
 extern const auth_img_desc_t trusted_boot_fw_cert;
 extern const auth_img_desc_t hw_config;

--- a/include/export/common/tbbr/tbbr_img_def_exp.h
+++ b/include/export/common/tbbr/tbbr_img_def_exp.h
 /*
- * Copyright (c) 2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -88,7 +88,10 @@
 /* Encrypted image identifier */
 #define ENC_IMAGE_ID			U(30)
+/* FW_CONFIG */
+#define FW_CONFIG_ID			U(31)
 /* Max Images */
-#define MAX_IMAGE_IDS			U(31)
+#define MAX_IMAGE_IDS			U(32)
 #endif /* ARM_TRUSTED_FIRMWARE_EXPORT_COMMON_TBBR_TBBR_IMG_DEF_EXP_H */
--- a/include/lib/fconf/fconf.h
+++ b/include/lib/fconf/fconf.h
@@ -43,8 +43,8 @@ struct fconf_populator {
 	int (*populate)(uintptr_t config);
 };
-/* Load firmware configuration dtb */
+/* This function supports to load tb_fw_config and fw_config dtb */
-void fconf_load_config(void);
+int fconf_load_config(unsigned int image_id);
 /* Top level populate function
 *

--- a/include/lib/fconf/fconf_dyn_cfg_getter.h
+++ b/include/lib/fconf/fconf_dyn_cfg_getter.h
@@ -21,4 +21,7 @@ struct dyn_cfg_dtb_info_t {
 struct dyn_cfg_dtb_info_t *dyn_cfg_dtb_info_getter(unsigned int config_id);
 int fconf_populate_dtb_registry(uintptr_t config);
+/* Set fw_config information in global DTB array */
+void set_fw_config_info(uintptr_t config_addr, uint32_t config_max_size);
 #endif /* FCONF_DYN_CFG_GETTER_H */
--- a/include/plat/arm/common/arm_def.h
+++ b/include/plat/arm/common/arm_def.h
@@ -346,24 +346,24 @@
 #define CACHE_WRITEBACK_GRANULE		(U(1) << ARM_CACHE_WRITEBACK_SHIFT)
 /*
- * To enable TB_FW_CONFIG to be loaded by BL1, define the corresponding base
+ * To enable FW_CONFIG to be loaded by BL1, define the corresponding base
 * and limit. Leave enough space of BL2 meminfo.
 */
-#define ARM_TB_FW_CONFIG_BASE		(ARM_BL_RAM_BASE + sizeof(meminfo_t))
+#define ARM_FW_CONFIG_BASE		(ARM_BL_RAM_BASE + sizeof(meminfo_t))
-#define ARM_TB_FW_CONFIG_LIMIT		(ARM_BL_RAM_BASE + (PAGE_SIZE / 2U))
+#define ARM_FW_CONFIG_LIMIT		(ARM_BL_RAM_BASE + PAGE_SIZE)
 /*
 * Boot parameters passed from BL2 to BL31/BL32 are stored here
 */
-#define ARM_BL2_MEM_DESC_BASE		ARM_TB_FW_CONFIG_LIMIT
+#define ARM_BL2_MEM_DESC_BASE		ARM_FW_CONFIG_LIMIT
 #define ARM_BL2_MEM_DESC_LIMIT		(ARM_BL2_MEM_DESC_BASE +	\
 							(PAGE_SIZE / 2U))
 /*
 * Define limit of firmware configuration memory:
- * ARM_TB_FW_CONFIG + ARM_BL2_MEM_DESC memory
+ * ARM_FW_CONFIG + ARM_BL2_MEM_DESC memory
 */
-#define ARM_FW_CONFIG_LIMIT		(ARM_BL_RAM_BASE + PAGE_SIZE)
+#define ARM_FW_CONFIGS_LIMIT		(ARM_BL_RAM_BASE + (PAGE_SIZE * 2))
 /*******************************************************************************
 * BL1 specific defines.
@@ -461,7 +461,7 @@
 * SP_MIN is the only BL image in SRAM. Allocate the whole of SRAM (excluding
 * the page reserved for fw_configs) to BL32
 */
-#  define BL32_BASE			ARM_FW_CONFIG_LIMIT
+#  define BL32_BASE			ARM_FW_CONFIGS_LIMIT
 #  define BL32_LIMIT			(ARM_BL_RAM_BASE + ARM_BL_RAM_SIZE)
 # else
 /* Put BL32 below BL2 in the Trusted SRAM.*/
@@ -505,7 +505,7 @@
 #  define TSP_SEC_MEM_BASE		ARM_BL_RAM_BASE
 #  define TSP_SEC_MEM_SIZE		ARM_BL_RAM_SIZE
 #  define TSP_PROGBITS_LIMIT		BL31_BASE
-#  define BL32_BASE			ARM_FW_CONFIG_LIMIT
+#  define BL32_BASE			ARM_FW_CONFIGS_LIMIT
 #  define BL32_LIMIT			BL31_BASE
 # elif ARM_TSP_RAM_LOCATION_ID == ARM_TRUSTED_DRAM_ID
 #  define TSP_SEC_MEM_BASE		PLAT_ARM_TRUSTED_DRAM_BASE

--- a/include/plat/arm/common/plat_arm.h
+++ b/include/plat/arm/common/plat_arm.h
@@ -190,7 +190,7 @@ void arm_bl1_platform_setup(void);
 void arm_bl1_plat_arch_setup(void);
 /* BL2 utility functions */
-void arm_bl2_early_platform_setup(uintptr_t tb_fw_config, struct meminfo *mem_layout);
+void arm_bl2_early_platform_setup(uintptr_t fw_config, struct meminfo *mem_layout);
 void arm_bl2_platform_setup(void);
 void arm_bl2_plat_arch_setup(void);
 uint32_t arm_get_spsr_for_bl32_entry(void);

--- a/include/tools_share/firmware_image_package.h
+++ b/include/tools_share/firmware_image_package.h
 /*
- * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -77,6 +77,8 @@
 	{{0x26,  0x25, 0x7c, 0x1a}, {0xdb, 0xc6}, {0x7f, 0x47}, 0x8d, 0x96, {0xc4, 0xc4, 0xb0, 0x24, 0x80, 0x21} }
 #define UUID_NT_FW_CONFIG \
 	{{0x28,  0xda, 0x98, 0x15}, {0x93, 0xe8}, {0x7e, 0x44}, 0xac, 0x66, {0x1a, 0xaf, 0x80, 0x15, 0x50, 0xf9} }
+#define UUID_FW_CONFIG \
+	{{0x58,  0x07, 0xe1, 0x6a}, {0x84, 0x59}, {0x47, 0xbe}, 0x8e, 0xd5, {0x64, 0x8e, 0x8d, 0xdd, 0xab, 0x0e} }
 typedef struct fip_toc_header {
 	uint32_t	name;

--- a/include/tools_share/tbbr_oid.h
+++ b/include/tools_share/tbbr_oid.h
 /*
- * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -43,6 +43,7 @@
 #define TRUSTED_BOOT_FW_HASH_OID		"1.3.6.1.4.1.4128.2100.201"
 #define TRUSTED_BOOT_FW_CONFIG_HASH_OID		"1.3.6.1.4.1.4128.2100.202"
 #define HW_CONFIG_HASH_OID			"1.3.6.1.4.1.4128.2100.203"
+#define FW_CONFIG_HASH_OID			"1.3.6.1.4.1.4128.2100.204"
 /*
 * Trusted Key Certificate

--- a/lib/debugfs/devfip.c
+++ b/lib/debugfs/devfip.c
@@ -73,6 +73,7 @@ static const struct uuidnames uuidnames[] = {
 	{"soc-fw.cfg",		UUID_SOC_FW_CONFIG},
 	{"tos-fw.cfg",		UUID_TOS_FW_CONFIG},
 	{"nt-fw.cfg",		UUID_NT_FW_CONFIG},
+	{"fw.cfg",		UUID_FW_CONFIG},
 	{"rot-k.crt",		UUID_ROT_KEY_CERT},
 	{"nt-k.crt",		UUID_NON_TRUSTED_WORLD_KEY_CERT},
 	{"sip-sp.crt",		UUID_SIP_SECURE_PARTITION_CONTENT_CERT}

--- a/lib/fconf/fconf.c
+++ b/lib/fconf/fconf.c
@@ -9,48 +9,43 @@
 #include <common/debug.h>
 #include <common/fdt_wrappers.h>
 #include <lib/fconf/fconf.h>
+#include <lib/fconf/fconf_dyn_cfg_getter.h>
 #include <libfdt.h>
 #include <plat/common/platform.h>
 #include <platform_def.h>
-struct fconf_dtb_info_t fconf_dtb_info;
+int fconf_load_config(unsigned int image_id)
-void fconf_load_config(void)
 {
 	int err;
-	/* fconf FW_CONFIG and TB_FW_CONFIG are currently the same DTB */
+	const struct dyn_cfg_dtb_info_t *config_info;
-	image_info_t arm_tb_fw_info = {
+	assert((image_id == FW_CONFIG_ID) || (image_id == TB_FW_CONFIG_ID));
+	image_info_t config_image_info = {
 		.h.type = (uint8_t)PARAM_IMAGE_BINARY,
 		.h.version = (uint8_t)VERSION_2,
 		.h.size = (uint16_t)sizeof(image_info_t),
-		.h.attr = 0,
+		.h.attr = 0
-		.image_base = ARM_TB_FW_CONFIG_BASE,
-		.image_max_size = (uint32_t)
-				(ARM_TB_FW_CONFIG_LIMIT - ARM_TB_FW_CONFIG_BASE)
 	};
-	VERBOSE("FCONF: Loading FW_CONFIG\n");
+	config_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, image_id);
-	err = load_auth_image(TB_FW_CONFIG_ID, &arm_tb_fw_info);
+	assert(config_info != NULL);
-	if (err != 0) {
-		/* Return if FW_CONFIG is not loaded */
-		VERBOSE("FW_CONFIG not loaded, continuing without it\n");
-		return;
-	}
-	/* At this point we know that a DTB is indeed available */
+	config_image_info.image_base = config_info->config_addr;
-	fconf_dtb_info.base_addr = arm_tb_fw_info.image_base;
+	config_image_info.image_max_size =
-	fconf_dtb_info.size = (size_t)arm_tb_fw_info.image_size;
+		(uint32_t)config_info->config_max_size;
-#if !BL2_AT_EL3
+	VERBOSE("FCONF: Loading config with image ID: %d\n", image_id);
-	image_desc_t *desc;
+	err = load_auth_image(image_id, &config_image_info);
+	if (err != 0) {
+		VERBOSE("Failed to load config %d\n", image_id);
+		return err;
+	}
-	/* The BL2 ep_info arg0 is modified to point to FW_CONFIG */
+	INFO("FCONF: Config file with image ID:%d loaded at address = 0x%lx\n",
-	desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
+		image_id, config_image_info.image_base);
-	assert(desc != NULL);
-	desc->ep_info.args.arg0 = arm_tb_fw_info.image_base;
-#endif
-	INFO("FCONF: FW_CONFIG loaded at address = 0x%lx\n", arm_tb_fw_info.image_base);
+	return 0;
 }
 void fconf_populate(const char *config_type, uintptr_t config)
@@ -81,7 +76,4 @@ void fconf_populate(const char *config_type, uintptr_t config)
 			}
 		}
 	}
-	/* save local pointer to the config dtb */
-	fconf_dtb_info.base_addr = config;
 }
--- a/lib/fconf/fconf.mk
+++ b/lib/fconf/fconf.mk
@@ -8,5 +8,5 @@
 FCONF_SOURCES		:=	lib/fconf/fconf.c
 FCONF_DYN_SOURCES	:=	lib/fconf/fconf_dyn_cfg_getter.c
-BL1_SOURCES		+=	${FCONF_SOURCES}
+BL1_SOURCES		+=	${FCONF_SOURCES} ${FCONF_DYN_SOURCES}
 BL2_SOURCES		+=	${FCONF_SOURCES} ${FCONF_DYN_SOURCES}
--- a/lib/fconf/fconf_dyn_cfg_getter.c
+++ b/lib/fconf/fconf_dyn_cfg_getter.c
@@ -12,12 +12,27 @@
 #include <lib/object_pool.h>
 #include <libfdt.h>
-/* We currently use TB_FW, SOC_FW, TOS_FW, NS_fw and HW configs  */
+/* We currently use FW, TB_FW, SOC_FW, TOS_FW, NS_fw and HW configs  */
-#define MAX_DTB_INFO	U(5)
+#define MAX_DTB_INFO	U(6)
 static struct dyn_cfg_dtb_info_t dtb_infos[MAX_DTB_INFO];
 static OBJECT_POOL_ARRAY(dtb_info_pool, dtb_infos);
+/*
+ * This function is used to alloc memory for fw config information from
+ * global pool and set fw configuration information.
+ * Specifically used by BL1 to set fw_config information in global array
+ */
+void set_fw_config_info(uintptr_t config_addr, uint32_t config_max_size)
+{
+	struct dyn_cfg_dtb_info_t *dtb_info;
+	dtb_info = pool_alloc(&dtb_info_pool);
+	dtb_info->config_addr = config_addr;
+	dtb_info->config_max_size = config_max_size;
+	dtb_info->config_id = FW_CONFIG_ID;
+}
 struct dyn_cfg_dtb_info_t *dyn_cfg_dtb_info_getter(unsigned int config_id)
 {
 	unsigned int index;
@@ -48,6 +63,30 @@ int fconf_populate_dtb_registry(uintptr_t config)
 	/* As libfdt use void *, we can't avoid this cast */
 	const void *dtb = (void *)config;
+	/*
+	 * Compile time assert if FW_CONFIG_ID is 0 which is more
+	 * unlikely as 0 is a valid image id for FIP as per the current
+	 * code but still to avoid code breakage in case of unlikely
+	 * event when image ids gets changed.
+	 */
+	CASSERT(FW_CONFIG_ID != 0, assert_invalid_fw_config_id);
+	/*
+	 * In case of BL1, fw_config dtb information is already
+	 * populated in global dtb_infos array by 'set_fw_config_info'
+	 * function, Below check is present to avoid re-population of
+	 * fw_config information.
+	 *
+	 * Other BLs, satisfy below check and populate fw_config information
+	 * in global dtb_infos array.
+	 */
+	if (dtb_infos[0].config_id == 0) {
+		dtb_info = pool_alloc(&dtb_info_pool);
+		dtb_info->config_addr = config;
+		dtb_info->config_max_size = fdt_totalsize(dtb);
+		dtb_info->config_id = FW_CONFIG_ID;
+	}
 	/* Find the node offset point to "fconf,dyn_cfg-dtb_registry" compatible property */
 	const char *compatible_str = "fconf,dyn_cfg-dtb_registry";
 	node = fdt_node_offset_by_compatible(dtb, -1, compatible_str);
@@ -98,4 +137,4 @@ int fconf_populate_dtb_registry(uintptr_t config)
 	return 0;
 }
-FCONF_REGISTER_POPULATOR(TB_FW, dyn_cfg, fconf_populate_dtb_registry);
+FCONF_REGISTER_POPULATOR(FW_CONFIG, dyn_cfg, fconf_populate_dtb_registry);
--- a/plat/arm/board/a5ds/fdts/a5ds_fw_config.dts
+++ b/plat/arm/board/a5ds/fdts/a5ds_fw_config.dts
@@ -12,9 +12,8 @@
 	dtb-registry {
 		compatible = "fconf,dyn_cfg-dtb_registry";
-		/* tb_fw_config is temporarily contained in this dtb */
 		tb_fw-config {
-			load-address = <0x0 0x2001010>;
+			load-address = <0x0 0x2001300>;
 			max-size = <0x200>;
 			id = <TB_FW_CONFIG_ID>;
 		};
@@ -25,11 +24,4 @@
 			id = <HW_CONFIG_ID>;
 		};
 	};
-	tb_fw-config {
-		compatible = "arm,tb_fw";
-		/* Disable authentication for development */
-		disable_auth = <0x0>;
-	};
 };
--- a/plat/arm/board/a5ds/fdts/a5ds_tb_fw_config.dts
+++ b/plat/arm/board/a5ds/fdts/a5ds_tb_fw_config.dts
+/*
+ * Copyright (c) 2020, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+/dts-v1/;
+/ {
+	tb_fw-config {
+		compatible = "arm,tb_fw";
+		/* Disable authentication for development */
+		disable_auth = <0x0>;
+	};
+};