diff --git a/.gitignore b/.gitignore index 2f9c89d38388c3c6fc853f723fea9650d0fb806c..4ece189ab25b664a651b34e2d005d1c11341218a 100644 --- a/.gitignore +++ b/.gitignore @@ -19,10 +19,6 @@ tools/cert_create/src/**/*.o tools/cert_create/cert_create tools/cert_create/cert_create.exe -# Ignore header files copied. -tools/fiptool/firmware_image_package.h -tools/fiptool/uuid.h - # GNU GLOBAL files GPATH GRTAGS diff --git a/Makefile b/Makefile index ddf875616c42b2d4c11f94a597ad79e886b4d873..d9a29bd6510f133a93d527c461c31b17ba13587e 100644 --- a/Makefile +++ b/Makefile @@ -179,7 +179,8 @@ INCLUDES += -Iinclude/bl1 \ -Iinclude/plat/common \ -Iinclude/services \ ${PLAT_INCLUDES} \ - ${SPD_INCLUDES} + ${SPD_INCLUDES} \ + -Iinclude/tools_share ################################################################################ @@ -442,6 +443,7 @@ $(eval $(call assert_boolean,SEPARATE_CODE_AND_RODATA)) $(eval $(call assert_boolean,SPIN_ON_BL1_EXIT)) $(eval $(call assert_boolean,TRUSTED_BOARD_BOOT)) $(eval $(call assert_boolean,USE_COHERENT_MEM)) +$(eval $(call assert_boolean,USE_TBBR_DEFS)) $(eval $(call assert_boolean,WARMBOOT_ENABLE_DCACHE_EARLY)) $(eval $(call assert_numeric,ARM_ARCH_MAJOR)) @@ -480,6 +482,7 @@ $(eval $(call add_define,SPD_${SPD})) $(eval $(call add_define,SPIN_ON_BL1_EXIT)) $(eval $(call add_define,TRUSTED_BOARD_BOOT)) $(eval $(call add_define,USE_COHERENT_MEM)) +$(eval $(call add_define,USE_TBBR_DEFS)) $(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY)) # Define the EL3_PAYLOAD_BASE flag only if it is provided. @@ -603,7 +606,7 @@ certtool: ${CRTTOOL} .PHONY: ${CRTTOOL} ${CRTTOOL}: - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} + ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} @${ECHO_BLANK_LINE} @echo "Built $@ successfully" @${ECHO_BLANK_LINE} diff --git a/docs/user-guide.md b/docs/user-guide.md index 2379298ead0286f697a2be5a2df2f16d19d0d291..85ece9305a8af3d7ee768a05c7b8f551c6d414e8 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -914,7 +914,11 @@ section), but it can also be built separately with the following command: make PLAT= [DEBUG=1] [V=1] certtool -Specifying the platform is mandatory since the tool is platform specific. +For platforms that do not require their own IDs in certificate files, +the generic 'cert_create' tool can be built with the following command: + + make USE_TBBR_DEFS=1 [DEBUG=1] [V=1] certtool + `DEBUG=1` builds the tool in debug mode. `V=1` makes the build process more verbose. The following command should be used to obtain help about the tool: diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 8b6ca23b71f2c565c4f93999948d29a8fa9cb2a1..e88c7c26dc47a614c14b2ecab6f99bd1beb6896a 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -1,12 +1,16 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include #include +#if USE_TBBR_DEFS +#include +#else #include +#endif #include /* diff --git a/include/common/firmware_image_package.h b/include/tools_share/firmware_image_package.h similarity index 100% rename from include/common/firmware_image_package.h rename to include/tools_share/firmware_image_package.h diff --git a/include/plat/arm/board/common/board_arm_oid.h b/include/tools_share/tbbr_oid.h similarity index 90% rename from include/plat/arm/board/common/board_arm_oid.h rename to include/tools_share/tbbr_oid.h index fc6cd792592f35481ab3113b6a45add337b72953..7a34087823aee63de1f1642f32ded43f1adc571c 100644 --- a/include/plat/arm/board/common/board_arm_oid.h +++ b/include/tools_share/tbbr_oid.h @@ -1,21 +1,17 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ -#ifndef __BOARD_ARM_OID_H__ -#define __BOARD_ARM_OID_H__ +#ifndef __TBBR_OID_H__ +#define __TBBR_OID_H__ /* * The following is a list of OID values defined and reserved by ARM, which * are used to define the extension fields of the certificate structure, as * defined in the Trusted Board Boot Requirements (TBBR) specification, * ARM DEN0006C-1. - * - * Non-ARM platform owners that wish to align with the TBBR should define - * constants with the same name in their own platform port(s), using their - * own OIDs obtained from the ITU-T. */ @@ -140,4 +136,4 @@ /* NonTrustedWorldBootloaderHash - BL33 */ #define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID "1.3.6.1.4.1.4128.2100.1201" -#endif /* __BOARD_ARM_OID_H__ */ +#endif /* __TBBR_OID_H__ */ diff --git a/include/lib/stdlib/sys/uuid.h b/include/tools_share/uuid.h similarity index 100% rename from include/lib/stdlib/sys/uuid.h rename to include/tools_share/uuid.h diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk index 36f220e08c965c1e7bce2f32678c4f99ff063581..34d82c9a373c7b06ccd31d66f4ccbba205373642 100644 --- a/make_helpers/build_macros.mk +++ b/make_helpers/build_macros.mk @@ -54,7 +54,7 @@ endef # Convenience function for verifying option has a boolean value # $(eval $(call assert_boolean,FOO)) will assert FOO is 0 or 1 define assert_boolean - $(and $(patsubst 0,,$(value $(1))),$(patsubst 1,,$(value $(1))),$(error $(1) must be boolean)) + $(if $(filter-out 0 1,$($1)),$(error $1 must be boolean)) endef 0-9 := 0 1 2 3 4 5 6 7 8 9 diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 18c41e052e3d9bdfae37c52c000813120a27ceb3..a31e59c0fecd5a8d04d96c503e62d79544656b30 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -128,6 +128,9 @@ TRUSTED_BOARD_BOOT := 0 # Build option to choose whether Trusted firmware uses Coherent memory or not. USE_COHERENT_MEM := 1 +# Use tbbr_oid.h instead of platform_oid.h +USE_TBBR_DEFS = $(ERROR_DEPRECATED) + # Build verbosity V := 0 diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index eb1dc8c2d10467418454f6625dcd938846ad84b8..391ae45cd6273834b4178667bba23329de7f99ef 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,9 +7,9 @@ #include #include #include -#include #include #include +#include /* Weak definition may be overridden in specific platform */ #pragma weak plat_match_rotpk diff --git a/plat/arm/board/fvp/fvp_trusted_boot.c b/plat/arm/board/fvp/fvp_trusted_boot.c index 51d30830c47538999b8ba71df1773695f191f1be..d1e8b9f57a724de0334a49d728fe4c3b0c01b495 100644 --- a/plat/arm/board/fvp/fvp_trusted_boot.c +++ b/plat/arm/board/fvp/fvp_trusted_boot.c @@ -1,13 +1,14 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include -#include #include #include +#include + #include "fvp_def.h" /* diff --git a/plat/arm/board/fvp/include/platform_oid.h b/plat/arm/board/fvp/include/platform_oid.h deleted file mode 100644 index 5ef1580b5803c0d722dc0e3615b563f8cde7a240..0000000000000000000000000000000000000000 --- a/plat/arm/board/fvp/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/board/juno/include/platform_oid.h b/plat/arm/board/juno/include/platform_oid.h deleted file mode 100644 index 5ef1580b5803c0d722dc0e3615b563f8cde7a240..0000000000000000000000000000000000000000 --- a/plat/arm/board/juno/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk index 58fc94ec661f00c9117f15e90d7f34ae6b9cb17f..3c207698b5f720d84e838f3530e95c69c92d1479 100644 --- a/plat/arm/common/arm_common.mk +++ b/plat/arm/common/arm_common.mk @@ -87,6 +87,9 @@ SEPARATE_CODE_AND_RODATA := 1 # Enable new version of image loading on ARM platforms LOAD_IMAGE_V2 := 1 +# Use generic OID definition (tbbr_oid.h) +USE_TBBR_DEFS := 1 + PLAT_INCLUDES += -Iinclude/common/tbbr \ -Iinclude/plat/arm/common diff --git a/plat/common/tbbr/plat_tbbr.c b/plat/common/tbbr/plat_tbbr.c index 4aa9457dcb893290f47bf457fb8e61fd674ef131..f5a4f315c9837e51ff868f5f212be502d30440ff 100644 --- a/plat/common/tbbr/plat_tbbr.c +++ b/plat/common/tbbr/plat_tbbr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,7 +7,11 @@ #include #include #include +#if USE_TBBR_DEFS +#include +#else #include +#endif #include /* diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile index 989a8e4dc1abb09c378067519bef2523fe5761ff..8a216495b744154a476d756d2607d579a6a48fa8 100644 --- a/tools/cert_create/Makefile +++ b/tools/cert_create/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -27,6 +27,13 @@ MAKE_HELPERS_DIRECTORY := ../../make_helpers/ include ${MAKE_HELPERS_DIRECTORY}build_macros.mk include ${MAKE_HELPERS_DIRECTORY}build_env.mk +ifeq (${USE_TBBR_DEFS},1) +# In this case, cert_tool is platform-independent +PLAT_MSG := TBBR Generic +PLAT_INCLUDE := ../../include/tools_share +else +PLAT_MSG := ${PLAT} + PLATFORM_ROOT := ../../plat/ include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk @@ -35,6 +42,7 @@ PLAT_INCLUDE := $(wildcard ${PLAT_DIR}include) ifeq ($(PLAT_INCLUDE),) $(error "Error: Invalid platform '${PLAT}' has no include directory.") endif +endif ifeq (${DEBUG},1) CFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40 @@ -47,6 +55,9 @@ else Q := endif +$(eval $(call add_define,USE_TBBR_DEFS)) +CFLAGS += ${DEFINES} + # Make soft links and include from local directory otherwise wrong headers # could get pulled in from firmware tree. INC_DIR := -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include @@ -62,7 +73,7 @@ all: clean ${BINARY} ${BINARY}: ${OBJECTS} Makefile @echo " LD $@" @echo 'const char build_msg[] = "Built : "__TIME__", "__DATE__; \ - const char platform_msg[] = "${PLAT}";' | \ + const char platform_msg[] = "${PLAT_MSG}";' | \ ${CC} -c ${CFLAGS} -xc - -o src/build_msg.o ${Q}${CC} src/build_msg.o ${OBJECTS} ${LIB_DIR} ${LIB} -o $@ diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c index 62ff2555b61f271919f2c01272f08b88b21972ae..80ccfe93181aa4ac94ab31b6fa08cdad8dc78580 100644 --- a/tools/cert_create/src/cert.c +++ b/tools/cert_create/src/cert.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,11 +14,16 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define SERIAL_RAND_BITS 64 diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c index a118fbbb816fb2d3e318ccbb91bdd46c457b0d94..c1bde5dea3b998ee80c7805327c76b5b7cf17dab 100644 --- a/tools/cert_create/src/key.c +++ b/tools/cert_create/src/key.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -13,11 +13,16 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define MAX_FILENAME_LEN 1024 diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index e0f331c21e9f22505e36ecba03d6a1caf2dd3e43..99236370cd6711bb93c4a7eb60cb7709776556d2 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -18,12 +18,17 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "ext.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_cert.h" diff --git a/tools/cert_create/src/tbbr/tbb_ext.c b/tools/cert_create/src/tbbr/tbb_ext.c index 11d779b0990a7d784a4665778c0c104b0b52bcbd..d9a8ea265394f0bfc6fe821db7fdd1eff5aee96c 100644 --- a/tools/cert_create/src/tbbr/tbb_ext.c +++ b/tools/cert_create/src/tbbr/tbb_ext.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -8,8 +8,14 @@ #include #include #include + +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "ext.h" -#include "platform_oid.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_key.h" diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile index 0a46ad7c66710fead6467ec09ae6f5ca0f2077e5..29eac2a7901cd7372b372efac7c41c0b492eba34 100644 --- a/tools/fiptool/Makefile +++ b/tools/fiptool/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -11,7 +11,6 @@ include ${MAKE_HELPERS_DIRECTORY}build_env.mk PROJECT := fiptool${BIN_EXT} OBJECTS := fiptool.o tbbr_config.o V := 0 -COPIED_H_FILES := uuid.h firmware_image_package.h override CPPFLAGS += -D_GNU_SOURCE -D_XOPEN_SOURCE=700 CFLAGS := -Wall -Werror -pedantic -std=c99 @@ -28,8 +27,7 @@ else Q := endif -# Only include from local directory (see comment below). -INCLUDE_PATHS := -I. +INCLUDE_PATHS := -I. -I../../include/tools_share CC := gcc @@ -48,24 +46,9 @@ fip_create: fip_create.sh ${Q}mkdir -p ../fip_create ${Q}install -m 755 fip_create.sh ../fip_create/fip_create -%.o: %.c %.h ${COPIED_H_FILES} Makefile +%.o: %.c %.h Makefile @echo " CC $<" ${Q}${CC} -c ${CPPFLAGS} ${CFLAGS} ${INCLUDE_PATHS} $< -o $@ -# -# Copy required library headers to a local directory so they can be included -# by this project without adding the library directories to the system include -# path. This avoids conflicts with definitions in the compiler standard -# include path. -# -uuid.h : ../../include/lib/stdlib/sys/uuid.h - $(call SHELL_COPY,$<,$@) - -firmware_image_package.h : ../../include/common/firmware_image_package.h - $(call SHELL_COPY,$<,$@) - clean: $(call SHELL_DELETE_ALL, ${PROJECT} ${OBJECTS} fip_create) - -distclean: clean - $(call SHELL_DELETE_ALL, ${COPIED_H_FILES}) diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c index 7bfd2720e2bf13bdf89ad90ec0ae626fe0564db6..4d80f2f16632bb6ec067b133460d705b0387aff7 100644 --- a/tools/fiptool/fiptool.c +++ b/tools/fiptool/fiptool.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -20,8 +20,9 @@ #include +#include + #include "fiptool.h" -#include "firmware_image_package.h" #include "tbbr_config.h" #define OPT_TOC_ENTRY 0 diff --git a/tools/fiptool/fiptool.h b/tools/fiptool/fiptool.h index 81453e0d064cb0b2eb2b6943db703527ba9100fe..4b5cdd91f22ab523385bc576722217869da55a9f 100644 --- a/tools/fiptool/fiptool.h +++ b/tools/fiptool/fiptool.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -10,8 +10,8 @@ #include #include -#include "firmware_image_package.h" -#include "uuid.h" +#include +#include #define NELEM(x) (sizeof (x) / sizeof *(x)) diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c index 46620832988e4849c70c98e7e69fd97e35b3c890..7c6c24be4ff179c7b4cbfb5ebbcb23823ae3de8d 100644 --- a/tools/fiptool/tbbr_config.c +++ b/tools/fiptool/tbbr_config.c @@ -1,12 +1,13 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include -#include "firmware_image_package.h" +#include + #include "tbbr_config.h" /* The images used depends on the platform. */ diff --git a/tools/fiptool/tbbr_config.h b/tools/fiptool/tbbr_config.h index a5155c8b12e2ad411f2c26e96931f960fe39b44c..bad757db57f7c53027cdeec269507224449117e2 100644 --- a/tools/fiptool/tbbr_config.h +++ b/tools/fiptool/tbbr_config.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,7 +9,7 @@ #include -#include "uuid.h" +#include /* TODO: Update this number as required */ #define TOC_HEADER_SERIAL_NUMBER 0x12345678