1. 12 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Mbed TLS: Remove weak heap implementation · 2374ab17
      Ambroise Vincent authored
      
      
      The implementation of the heap function plat_get_mbedtls_heap() becomes
      mandatory for platforms supporting TRUSTED_BOARD_BOOT.
      
      The shared Mbed TLS heap default weak function implementation is
      converted to a helper function get_mbedtls_heap_helper() which can be
      used by the platforms for their own function implementation.
      
      Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
      Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      2374ab17
  2. 04 Jan, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
  3. 25 Oct, 2017 1 commit
  4. 20 Jun, 2017 1 commit
    • Masahiro Yamada's avatar
      uniphier: embed ROTPK hash into BL1/BL2 · 63634800
      Masahiro Yamada authored
      
      
      Currently, ROTPK_NOT_DEPLOYED flag is set in plat_get_rotpk_info().
      It is up to users how to retrieve ROTPK if the ROT verification is
      desired.  This is not nice.
      
      This commit improves plat_get_rotpk_info() implementation and automates
      the ROTPK deployment.  UniPhier platform has no ROTPK storage, so it
      should be embedded in BL1/BL2, like ARM_ROTPK_LOCATION=devel_rsa case.
      This makes sense because UniPhier platform implements its internal ROM
      i.e. BL1 is used as updatable pseudo ROM.
      
      Things work like this:
      
      - ROT_KEY (default: $(BUILD_PLAT)/rot_key.pem) is created if missing.
        Users can override ROT_KEY from the command line if they want to
        use a specific ROT key.
      
      - ROTPK_HASH is generated based on ROT_KEY.
      
      - ROTPK_HASH is included by uniphier_rotpk.S and compiled into BL1/BL2.
      
      - ROT_KEY is input to cert_create tool.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      63634800
  5. 12 Jun, 2017 1 commit