GitLab

This patch provides support for measured boot by adding calculation
of BL2 image hash in BL1 and writing these data in TB_FW_CONFIG DTB.

Change-Id: Ic074a7ed19b14956719c271c805b35d147b7cec1
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

Add framework for autheticated decryption of data. Currently this
patch optionally imports mbedtls library as a backend if build option
"DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption
using AES-GCM algorithm.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Change-Id: I2966f0e79033151012bf4ffc66f484cd949e7271

Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed
in SHA fe199e3b

, however, cert_tool is still able to generate
certificates in that form. This patch fully removes the ability for
cert_tool to generate these certificates.

Additionally, this patch also fixes a bug where the issuing certificate
was a RSA and the issued certificate was EcDSA. In this case, the issued
certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
that PKCS#1 v1.5 support is removed, all certificates that are signed
with RSA now use the more modern padding scheme.

Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations with the larger, higher-precision numbers required. With
these changes to the arguments passed to MBEDTLS, TF-A now supports
using 3072 (3K) and 4096 (4K) keys in certificates.

Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}

The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).

For example, this patch had to be created because two headers were
called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3 ("drivers: add tzc380 support").

This problem was introduced in commit 4ecca339

 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.

Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.

Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Change-Id: Icd1cdd42afdc78895a9be6c46b414b0a155cfa63
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Mbebtls include paths are controlled by the user using the variable
MBEDTLS_DIR and they are out of the TF source tree. Since these
includes have a different origin it is better to move them to a
different variable.

This change makes easier for the romlib Makefile to parse the include
paths.

Change-Id: I3e4c99300f1012bc7f88c6b9f5bc0ec1f7b5aa8d
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

TF Makefile was linking all the objects files generated for the
Mbed TLS library instead of creating a static library that could be
used in the linking stage.

Change-Id: I8e4cd843ef56033c9d3faeee71601d110b7e4c12
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

To build with the new release, we pick couple of more files from mbedTLS
library.

Change-Id: I77dfe5723284cb26d4e5c717fb0e6f6dd803cb6b
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

This patch modifies the makefiles to avoid the definition
of BL1_SOURCES and BL2_SOURCES in the tbbr makefiles, and
it lets to the platform makefiles to define them if they
actually need these images. In the case of BL2_AT_EL3
BL1 will not be needed usually because the Boot ROM will
jump directly to BL2.

Change-Id: Ib6845a260633a22a646088629bcd7387fe35dcf9
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.

NOTE: Files that have been imported by FreeBSD have not been modified.

[0]: https://spdx.org/



Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

By default ARM TF is built with the '-pedantic' compiler flag, which
helps detecting violations of the C standard. However, the mbed TLS
library and its associated authentication module in TF used to fail
building with this compiler flag. As a workaround, the mbed TLS
authentication module makefile used to set the 'DISABLE_PEDANTIC'
TF build flag.

The compiler errors flagged by '-pedantic' in the mbed TLS library
have been fixed between versions 1.3.9 and 2.2.0 and the library now
properly builds with this compiler flag.

This patch fixes the remaining compiler errors in the mbed TLS
authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF
build flag. This means that TF is now always built with '-pedantic'.

In particular, this patch:

 * Removes the final semi-colon in REGISTER_COT() macro.

   This semi-colon was causing the following error message:

   drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow
   extra ';' outside of a function [-Werror=pedantic]

   This has been fixed both in the mbed TLS authentication module
   as well as in the certificate generation tool. Note that the latter
   code didn't need fixing since it is not built with '-pedantic' but
   the change has been propagated for consistency.

   Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros,
   which were suffering from the same issue.

 * Fixes a pointer type.

   It was causing the following error message:

   drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash':
   drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of
   type 'void *' used in arithmetic [-Werror=pointer-arith]

Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d

The mbed TLS library has introduced some changes in the API from
the 1.3.x to the 2.x releases. Using the 2.x releases requires
some changes to the crypto and transport modules.

This patch updates both modules to the mbed TLS 2.x API.

All references to the mbed TLS library in the code or documentation
have been updated to 'mbed TLS'. Old references to PolarSSL have
been updated to 'mbed TLS'.

User guide updated to use mbed TLS 2.2.0.

NOTE: moving up to mbed TLS 2.x from 1.3.x is not backward compatible.
Applying this patch will require an mbed TLS 2.x release to be used.
Also note that the mbed TLS license changed to Apache version 2.0.

Change-Id: Iba4584408653cf153091f2ca2ee23bc9add7fda4

This patch adds the following mbedTLS based libraries:

* Cryptographic library

It is used by the crypto module to verify a digital signature
and a hash. This library relies on mbedTLS to perform the
cryptographic operations. mbedTLS sources must be obtained
separately.

Two key algorithms are currently supported:

    * RSA-2048
    * ECDSA-SECP256R1

The platform is responsible for picking up the required
algorithm by defining the 'MBEDTLS_KEY_ALG' variable in the
platform makefile. Available options are:

    * 'rsa' (for RSA-2048) (default option)
    * 'ecdsa' (for ECDSA-SECP256R1)

Hash algorithm currently supported is SHA-256.

* Image parser library

Used by the image parser module to extract the authentication
parameters stored in X509v3 certificates.

Change-Id: I597c4be3d29287f2f18b82846973afc142ee0bf0

Commit ea4ec3aa ("TBB: use SHA256 to generate the certificate
signatures") updated the cert_create tool to generate the
signatures using SHA256 instead of SHA1. Therefore, SHA1 is no
longer required.

This patch removes the SHA1 option from the PolarSSL configuration
file. The source file sha1.c is no longer needed and has been
excluded from the build. The SHA1 functions are no longer included
in the binary, reducing the memory footprint of BL1 and BL2 by
approximately 6 KB.

Change-Id: I72ea2cff03c0964c3eaadce148ec2ad2c6dde2e3

This patch implements an authentication module based on the
PolarSSL library (v1.3.9) to verify the Chain of Trust when
Trusted Boot is enabled.

PolarSSL sources must be fetched separately. The POLARSSL_DIR
build option may be used to indicate the path to the PolarSSL
main directory (this directory must contain the 'include' and
'library' subdirectories).

To be able to build PolarSSL sources as a part of the Trusted
Firmware build process, the DISABLE_PEDANTIC flag in polarssl.mk
will tell the build system to remove the -pedantic option from
the CFLAGS.

Inclusion of PolarSSL increases the memory requirements of the BL1
and BL2 images. The following are the changes made to the FVP and
Juno platforms to cater for this when TRUSTED_BOARD_BOOT is
defined:

Changes on FVP:

  - BL1 and BL2 stacks have been increased to 4 KB
  - BL1(rw) section has been increased to 32 KB.
  - BL2 memory region has been increased to 112 KB

Changes on Juno:

  - BL1 and BL2 stacks have been increased to 4 KB
  - BL1(rw) section has been increased to 32 KB.
  - Trusted ROM region in Flash has been increased to 128 KB.
  - BL2 memory region has been increased to 116 KB

Change-Id: Ie87d80d43408eb6239c4acd0ec5ab2120e4e9e80

The 'fiptool' target doesn't depend on fip_create's source files,
neither directly nor indirectly. As a result, the FIP tool is not
rebuilt whenever its source files change.

This patch makes the ${FIPTOOL} target into a phony target so that the
FIP tool's sub-makefile is always called. The sub-makefile correctly
handles the dependencies. It also moves the completion message into
the sub-makefile so that it is only displayed when the tool is
actually recompiled.

Fixes ARM-software/tf-issues#278

Change-Id: Ia027519fe51d3c42be30665d1ad20a7b89fa350f

At present the fip.bin depends on phony targets for BL images, resulting
in unconditional remake of fip.bin. Also the build messages doesn't
match with the rest of build system.

This patch modifies the fip.bin dependencies to the actual BL binary
images so that fip.bin is remade only when the component images are
rebuilt/modified. The build messages and FIP Makefile are modified to
match the style of rest of the build system.

Change-Id: I8dd08666ff766d106820a5b4b037c2161bcf140f

This tool can be used to create a Firmware Image Packages (FIP). These
FIPs store a combined set of firmware images with a Table of Contents
(ToC) that can be loaded by the firmware from platform storage.

- Add uuid.h from FreeBSD.
- Use symbolic links to shared headers otherwise unwanted headers and
  definitions are pulled in.
- A FIP is created as part of the default FVP build.
- A BL3-3 image(e.g. UEFI) must be provided.

Change-Id: Ib73feee181df2dba68bf6abec115a83cfa5e26cb

Tidy up the spacing of variable definitions within the makefiles to make
them more consistent, easier to read and amend.

Change-Id: Ic6d7c8489ca4330824abb5cd1ead8f1d449d1a85
Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>

Move all explicit platform or architecture specific references
into a new platform.mk file that is defined for each platform.

Change-Id: I9d6320d1ba957e0cc8d9b316b3578132331fa428
Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>

Change-Id: Ic7fb61aabae1d515b9e6baf3dd003807ff42da60

- This change is split into two separate patches in order to
  simplify the history as interpreted by 'git'. The split is
  between the move/rename and addition of new files.
- Remove dependency on toolchain C library headers and functions in
  order to ensure behavioural compatibility between toolchains.
- Use FreeBSD as reference for C library implementation.
- Do not let GCC use default library include paths.
- Remove unused definitions in modified headers and implementations.
- Move C library files to 'lib/stdlib' and 'include/stdlib'.
- Break std.c functions out into separate files.

Change-Id: I91cddfb3229775f770ad781589670c57d347a154

- Add instructions for contributing to ARM Trusted Firmware.

- Update copyright text in all files to acknowledge contributors.

Change-Id: I9311aac81b00c6c167d2f8c889aea403b84450e5