1. 31 Jul, 2020 1 commit
    • Manish Pandey's avatar
      tbbr/dualroot: rename SP package certificate file · 03a5225c
      Manish Pandey authored
      
      
      Currently only single signing domain is supported for SP packages but
      there is plan to support dual signing domains if CoT is dualroot.
      
      SP_CONTENT_CERT_ID is the certificate file which is currently generated
      and signed with trusted world key which in-turn is derived from Silicon
      provider RoT key.
      To allow dual signing domain for SP packages, other certificate file
      will be derived from Platform owned RoT key.
      
      This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and
      does other related changes.
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: I0bc445a3ab257e2dac03faa64f46e36a9fed5e93
      03a5225c
  2. 21 Jul, 2020 1 commit
  3. 24 Jun, 2020 1 commit
    • Louis Mayencourt's avatar
      tbbr/dualroot: Add fw_config image in chain of trust · 243875ea
      Louis Mayencourt authored
      
      
      fw_config image is authenticated using secure boot framework by
      adding it into the single root and dual root chain of trust.
      
      The COT for fw_config image looks as below:
      
      +------------------+       +-------------------+
      | ROTPK/ROTPK Hash |------>| Trusted Boot fw   |
      +------------------+       | Certificate       |
                                 | (Auth Image)      |
                                /+-------------------+
                               /                   |
                              /                    |
                             /                     |
                            /                      |
                           L                       v
      +------------------+       +-------------------+
      | fw_config hash   |------>| fw_config         |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367
      243875ea
  4. 15 Jun, 2020 1 commit
    • Manish Pandey's avatar
      tbbr: add chain of trust for Secure Partitions · 68758dd6
      Manish Pandey authored
      with sha 44f1aa8e
      
      , support for Silicon Provider(SiP) owned Secure
      Partition(SP) was added for dualroot CoT. This patch extends this
      support for tbbr CoT.
      
      Earlier tbbr CoT for SPs was left to avoid adding new image types in
      TBBR which could possibly be seen as deviation from specification.
      But with further discussions it is understood that TBBR being a
      *minimal* set of requirements that can be extended as long as we don't
      violate any of the musts, which is the case with adding SP support.
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: I1b9e3ebdd7d653f1fd4cc3bd910a69871b55ecbb
      68758dd6
  5. 09 Jun, 2020 1 commit
    • Manish Pandey's avatar
      dualroot: add chain of trust for secure partitions · 44f1aa8e
      Manish Pandey authored
      
      
      A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP)
      owned Secure Partitions(SP). A similar support for Platform owned SP can
      be added in future. The certificate is also protected against anti-
      rollback using the trusted Non-Volatile counter.
      
      To avoid deviating from TBBR spec, support for SP CoT is only provided
      in dualroot.
      Secure Partition content certificate is assigned image ID 31 and SP
      images follows after it.
      
      The CoT for secure partition look like below.
      +------------------+       +-------------------+
      | ROTPK/ROTPK Hash |------>| Trusted Key       |
      +------------------+       | Certificate       |
                                 | (Auth Image)      |
                                /+-------------------+
                               /                   |
                              /                    |
                             /                     |
                            /                      |
                           L                       v
      +------------------+       +-------------------+
      | Trusted World    |------>| SiP owned SPs     |
      | Public Key       |       | Content Cert      |
      +------------------+       | (Auth Image)      |
                              /   +-------------------+
                             /                      |
                            /                      v|
      +------------------+ L     +-------------------+
      | SP_PKG1 Hash     |------>| SP_PKG1           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
              .                           .
              .                           .
              .                           .
      +------------------+       +-------------------+
      | SP_PKG8 Hash     |------>| SP_PKG8           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f
      44f1aa8e
  6. 19 May, 2020 1 commit
  7. 01 Apr, 2020 1 commit
  8. 25 Mar, 2020 1 commit
  9. 08 Mar, 2020 1 commit
  10. 06 Mar, 2020 1 commit
  11. 24 Feb, 2020 1 commit
    • Sandrine Bailleux's avatar
      Introduce a new "dualroot" chain of trust · 5ab8b717
      Sandrine Bailleux authored
      
      
      This new chain of trust defines 2 independent signing domains:
      
      1) One for the silicon firmware (BL1, BL2, BL31) and optionally the
         Trusted OS. It is rooted in the Silicon ROTPK, just as in the TBBR
         CoT.
      
      2) One for the Normal World Bootloader (BL33). It is rooted in a new key
         called Platform ROTPK, or PROTPK for short.
      
      In terms of certificates chain,
      
      - Signing domain 1) is similar to what TBBR advocates (see page 21 of
        the TBBR specification), except that the Non-Trusted World Public Key
        has been removed from the Trusted Key Certificate.
      
      - Signing domain 2) only contains the Non-Trusted World Content
        certificate, which provides the hash of the Non-Trusted World
        Bootloader. Compared to the TBBR CoT, there's no Non-Trusted World
        Key certificate for simplicity.
      
      Change-Id: I62f1e952522d84470acc360cf5ee63e4c4b0b4d9
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      5ab8b717
  12. 18 Feb, 2020 2 commits
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of hash buffers when possible · 0b4e5921
      Sandrine Bailleux authored
      The TBBR implementation extracts hashes from certificates and stores
      them in static buffers. TF-A supports 3 variants of SHA right now:
      SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
      commit 9a3088a5
      
       ("tbbr: Add build flag
      HASH_ALG to let the user to select the SHA"), the hash buffers got
      unconditionally increased from 51 to 83 bytes each. We can reduce that
      space if we're using SHA-256 or SHA-384.
      
      This saves some BSS space in both BL1 and BL2:
      - BL1 with SHA-256: saving 168 bytes.
      - BL1 with SHA-384: saving 80 bytes.
      - BL2 with SHA-256: saving 384 bytes.
      - BL2 with SHA-384: saving 192 bytes.
      
      Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      0b4e5921
    • Sandrine Bailleux's avatar
      TBBR: Reduce size of ECDSA key buffers · 495599cd
      Sandrine Bailleux authored
      
      
      The TBBR implementation extracts public keys from certificates and
      stores them in static buffers. DER-encoded ECDSA keys are only 91 bytes
      each but were each allocated 294 bytes instead. Reducing the size of
      these buffers saves 609 bytes of BSS in BL2 (294 - 91 = 203 bytes for
      each of the 3 key buffers in use).
      
      Also add a comment claryfing that key buffers are tailored on RSA key
      sizes when both ECDSA and RSA keys are used.
      
      Change-Id: Iad332856e7af1f9814418d012fba3e1e9399f72a
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      495599cd
  13. 07 Feb, 2020 1 commit
    • Louis Mayencourt's avatar
      fconf: initial commit · ab1981db
      Louis Mayencourt authored
      
      
      Introduce the Firmware CONfiguration Framework (fconf).
      
      The fconf is an abstraction layer for platform specific data, allowing
      a "property" to be queried and a value retrieved without the requesting
      entity knowing what backing store is being used to hold the data.
      
      The default backing store used is C structure. If another backing store
      has to be used, the platform integrator needs to provide a "populate()"
      function to fill the corresponding C structure.
      The "populate()" function must be registered to the fconf framework with
      the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
      be called inside the "fconf_populate()" function.
      
      A two level macro is used as getter:
      - the first macro takes 3 parameters and converts it to a function
        call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
      - the second level defines a__b_getter(c) to the matching C structure,
        variable, array, function, etc..
      
      Ex: Get a Chain of trust property:
          1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
          2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]
      
      Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      ab1981db
  14. 04 Feb, 2020 1 commit
  15. 28 Jan, 2020 1 commit
  16. 09 Jan, 2020 1 commit
  17. 11 Dec, 2019 1 commit
  18. 12 Sep, 2019 2 commits
    • Justin Chadwell's avatar
      Remove RSA PKCS#1 v1.5 support from cert_tool · 6a415a50
      Justin Chadwell authored
      Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed
      in SHA fe199e3b
      
      , however, cert_tool is still able to generate
      certificates in that form. This patch fully removes the ability for
      cert_tool to generate these certificates.
      
      Additionally, this patch also fixes a bug where the issuing certificate
      was a RSA and the issued certificate was EcDSA. In this case, the issued
      certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
      PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
      that PKCS#1 v1.5 support is removed, all certificates that are signed
      with RSA now use the more modern padding scheme.
      
      Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      6a415a50
    • Justin Chadwell's avatar
      Support larger RSA key sizes when using MBEDTLS · aacff749
      Justin Chadwell authored
      
      
      Previously, TF-A could not support large RSA key sizes as the
      configuration options passed to MBEDTLS prevented storing and performing
      calculations with the larger, higher-precision numbers required. With
      these changes to the arguments passed to MBEDTLS, TF-A now supports
      using 3072 (3K) and 4096 (4K) keys in certificates.
      
      Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      aacff749
  19. 25 Jul, 2019 2 commits
    • Gilad Ben-Yossef's avatar
      cryptocell: add product version awareness support · 76f3c7dc
      Gilad Ben-Yossef authored
      
      
      Add support for multiple Cryptocell revisions which
      use different APIs.
      
      This commit only refactors the existing code in preperation to the addition
      of another Cryptocell revisions later on.
      Signed-off-by: default avatarGilad Ben-Yossef <gilad.benyossef@arm.com>
      Change-Id: I16d80b31afb6edd56dc645fee5ea619cc74f09b6
      76f3c7dc
    • Gilad Ben-Yossef's avatar
      cryptocell: move Cryptocell specific API into driver · 36ec2bb0
      Gilad Ben-Yossef authored
      
      
      Code using Cryptocell specific APIs was used as part of the
      arm common board ROT support, instead of being abstracted
      in Cryptocell specific driver code, creating two problems:
      - Any none arm board that uses Cryptocell wuld need to
        copy and paste the same code.
      - Inability to cleanly support multiple versions of Cryptocell
        API and products.
      
      Move over Cryptocell specific API calls into the Cryptocell
      driver, creating abstraction API where needed.
      Signed-off-by: default avatarGilad Ben-Yossef <gilad.benyossef@arm.com>
      Change-Id: I9e03ddce90fcc47cfdc747098bece86dbd11c58e
      36ec2bb0
  20. 13 Jun, 2019 1 commit
    • Sandrine Bailleux's avatar
      Fix type of cot_desc_ptr · 2efb7ddc
      Sandrine Bailleux authored
      
      
      The chain of trust description and the pointer pointing to its first
      element were incompatible, thus requiring an explicit type cast for
      the assignment.
      
      - cot_desc was an array of
        const pointers to const image descriptors.
      
      - cot_desc_ptr was a const pointer to
        (non-constant) pointers to const image descriptors.
      
      Thus, trying to assign cot_desc to cot_desc_ptr (with no cast) would
      generate the following compiler warning:
      
      drivers/auth/tbbr/tbbr_cot.c:826:14: warning: initialization discards
        ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
       REGISTER_COT(cot_desc);
                    ^~~~~~~~
      
      Change-Id: Iae62dd1bdb43fe379e3843d96461d47cc2f68a06
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      2efb7ddc
  21. 12 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Mbed TLS: Remove weak heap implementation · 2374ab17
      Ambroise Vincent authored
      
      
      The implementation of the heap function plat_get_mbedtls_heap() becomes
      mandatory for platforms supporting TRUSTED_BOARD_BOOT.
      
      The shared Mbed TLS heap default weak function implementation is
      converted to a helper function get_mbedtls_heap_helper() which can be
      used by the platforms for their own function implementation.
      
      Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
      Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      2374ab17
  22. 09 Apr, 2019 1 commit
  23. 08 Apr, 2019 2 commits
    • Joel Hutton's avatar
      cot-desc: optimise memory further · 30070427
      Joel Hutton authored
      
      
      This changes the auth_img_desc_t struct to have pointers to struct
      arrays instead of struct arrays. This saves memory as many of these
      were never used, and can be NULL pointers. Note the memory savings are
      only when these arrays are not initialised, as it is assumed these
      arrays are fixed length. A possible future optimisation could allow for
      variable length.
      
      memory diff:
      bl1:        bl2:
          text        text
            -12         -12
          bss         bss
            -1463       0
          data        data
            -56         -48
          rodata      rodata
            -5688       -2592
          total       total
            -7419       -2652
      
      Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc
      Signed-off-by: default avatarJoel Hutton <Joel.Hutton@Arm.com>
      30070427
    • Joel Hutton's avatar
      Reduce memory needed for CoT description · 0b6377d1
      Joel Hutton authored
      
      
      When Trusted Board Boot is enabled, we need to specify the Chain of
      Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array
      of image descriptors. The authentication module assumes that each
      image descriptor in this array is indexed by its unique image
      identifier. For example, the Trusted Boot Firmware Certificate has to
      be at index [TRUSTED_BOOT_FW_CERT_ID].
      
      Unique image identifiers may not necessarily be consecutive. Also,
      a given BL image might not use all image descriptors. For example, BL1
      does not need any of the descriptors related to BL31. As a result, the
      CoT array might contain holes, which unnecessarily takes up space in
      the BL binary.
      
      Using pointers to auth_img_desc_t structs (rather than structs
      themselves) means these unused elements only use 1 pointer worth of
      space, rather than one struct worth of space. This patch also changes
      the code which accesses this array to reflect the change to pointers.
      
      Image descriptors not needed in BL1 or BL2 respectively are also
      ifdef'd out in this patch. For example, verifying the BL31 image is
      the responsibility of BL2 so BL1 does not need any of the data
      structures describing BL31.
      
      memory diff:
      bl1:        bl2:
          text        text
            -20         -20
          bss         bss
            -1463       0
          data        data
            -256        -48
          rodata      rodata
            -5240       -1952
          total       total
            -6979       -2020
      
      Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad
      Signed-off-by: default avatarJoel Hutton <Joel.Hutton@Arm.com>
      0b6377d1
  24. 01 Apr, 2019 1 commit
  25. 28 Feb, 2019 1 commit
  26. 04 Jan, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
  27. 28 Sep, 2018 1 commit
  28. 04 Sep, 2018 1 commit
    • John Tsichritzis's avatar
      Prepare Mbed TLS drivers for shared heap · 6d01a463
      John Tsichritzis authored
      
      
      The Mbed TLS drivers, in order to work, need a heap for internal usage.
      This heap, instead of being directly referenced by the drivers, now it
      is being accessed indirectly through a pointer. Also, the heap, instead
      of being part of the drivers, now it is being received through the
      plat_get_mbedtls_heap() function. This function requests a heap from the
      current BL image which utilises the Mbed TLS drivers.
      
      Those changes create the opportunity for the Mbed TLS heap to be shared
      among different images, thus saving memory. A default heap
      implementation is provided but it can be overridden by a platform
      specific, optimised implemenetation.
      
      Change-Id: I286a1f10097a9cdcbcd312201eea576c18d157fa
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      6d01a463
  29. 22 Aug, 2018 1 commit
  30. 03 Aug, 2018 3 commits
  31. 18 Jun, 2018 1 commit
  32. 18 May, 2018 1 commit
  33. 13 Apr, 2018 2 commits
    • Roberto Vargas's avatar
      Fix MISRA rule 8.4 Part 4 · 3b94189a
      Roberto Vargas authored
      
      
      Rule 8.4: A compatible declaration shall be visible when
                an object or function with external linkage is defined
      
      Fixed for:
      	make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1 \
      	     GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
      	     ROT_KEY=arm_rotprivk_rsa.pem MBEDTLS_DIR=mbedtls all
      
      Change-Id: Ie4cd6011b3e4fdcdd94ccb97a7e941f3b5b7aeb8
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      3b94189a
    • Roberto Vargas's avatar
      Fix MISRA rule 8.3 Part 4 · 735181b6
      Roberto Vargas authored
      
      
      Rule 8.3: All declarations of an object or function shall
                use the same names and type qualifiers
      
      Fixed for:
      	make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1 \
      	     GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
      	     ROT_KEY=arm_rotprivk_rsa.pem MBEDTLS_DIR=mbedtls all
      
      Change-Id: Ia34fe1ae1f142e89c9a6c19831e3daf4d28f5831
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      735181b6