- 24 Mar, 2021 1 commit
-
-
Pankaj Gupta authored
Platforms, which requires additional images to be verified using TBBR; such that their key certificate is tied to TRUSTED_KEY_CERT. For such platforms, if make commands runs twice: - Once with targets as bl2 & fip.bin, and - Again to build the target as the additional image. then, if path to the TRUSTED_KEY_CERT varies in the makefile with make-target of the additional image, then there would be two location where "trusted_key.crt" will be created. This patch helps overriding the TRUSTED_KEY_CERT from any .mk in the platform's makefile structure. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I775a2c409035504b21b0bbe5a4f9046898163eed
-
- 09 Nov, 2020 1 commit
-
-
Manish V Badarkhe authored
Provide missed command line parameters such as KEY_ALG, HASH_ALG and KEY_SIZE while generating the FWU certificate. Signed-off-by: Gilad Ben Yossef <Gilad.BenYossef@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I017fa3fff844f4262ae2441cbc9fee909d357fb3
-
- 12 Aug, 2020 1 commit
-
-
Manish Pandey authored
Add support to generate a certificate named "plat-sp-cert" for Secure Partitions(SP) owned by Platform. Earlier a single certificate file "sip-sp-cert" was generated which contained hash of all 8 SPs, with this change SPs are divided into two categories viz "SiP owned" and "Plat owned" containing 4 SPs each. Platform RoT key pair is used for signing. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6
-
- 08 Jun, 2020 1 commit
-
-
Manish Pandey authored
Add support to generate certificate "sip-sp-cert" for Secure Partitions(SP) owned by Silicon provider(SiP). To avoid deviation from TBBR specification the support is only added for dualroot CoT and not for TBBR CoT. A single certificate file is generated containing hash of individual packages. Maximum 8 secure partitions are supported. Following new options added to cert_tool: --sip-sp-cert --> SiP owned Secure Partition Content Certificate --sp-pkg1 --> Secure Partition Package1 file --sp-pkg2 ..... --sp-pkg8 Trusted world key pair is used for signing. Going forward, this feature can be extended for Platfrom owned Partitions, if required. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
-
- 24 Feb, 2020 1 commit
-
-
Sandrine Bailleux authored
The build system needs to drive the cert_create tool in a slightly different manner when using the dualroot chain of trust. - It needs to pass it the platform root of trust key file. - It must not try to generate the Non-Trusted Firmware Key Certificate, which is not part of the dualroot CoT. Change-Id: Ibcc821c5735765523730f861ae8230208f41302b Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 12 Sep, 2019 1 commit
-
-
Justin Chadwell authored
cert_tool is now able to accept a command line option for specifying the key size. It now supports the following options: 1024, 2048 (default), 3072 and 4096. This is also modifiable by TFA using the build flag KEY_SIZE. Change-Id: Ifadecf84ade3763249ee8cc7123a8178f606f0e5 Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
- 01 Feb, 2018 4 commits
-
-
Masahiro Yamada authored
The third argument was given "true" by images, but it was moved to TOOL_ADD_PAYLOAD. No more caller of CERT_ADD_CMD_OPT uses this. So, the third argument is always empty. Remove it. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now FIP_ADD_PAYLOAD takes care of both fiptool and cert_create symmetrically. Rename it so that it matches the behavior. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The fiptool and cert_create use the same command options for images. It is pretty easy to handle both in the same, symmetrical way. Move CRT_ARGS and CRT_DEPS to FIP_ADD_PAYLOAD. This refactoring makes sense because FIP_ADD_PAYLOAD is called from MAKE_BL (when building images from source), and from FIP_ADD_IMG (when including external images). (FIP_ADD_PAYLOAD will be renamed later on since it now caters to both fiptool and cert_create). We can delete CERT_ADD_CMD_OPT for images in tbbr.mk. It still needs to call CERT_ADD_CMD_OPT directly for certificates. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The build system supports generating two FIP images, fip and fwu_fip. Accordingly, we have similar build macros. FIP_ADD_PAYLOAD <--> FWU_FIP_ADD_PAYLOAD CERT_ADD_CMD_OPT <--> FWU_CERT_ADD_CMD_OPT FIP_ADD_IMG <--> FWU_FIP_ADD_IMG The duplicated code increases the maintenance burden. Also, the build rule of BL2U looks clumsy - we want to call MAKE_BL to compile it from source files, but we want to put it in fwu_fip. We can not do it in a single macro call since the current MAKE_BL does not support fwu_fip. To refactor those in a clean way is to support one more argument to specify the FIP prefix. If it is empty, the images are targeted to fip, whereas if the argument is "FWU_", targeted to fwu_fip. The build macros prefixed with FWU_ go away. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 18 Jan, 2018 1 commit
-
-
Roberto Vargas authored
It is better to not include BL2 in FIP when using `BL2 at EL3` as platforms using this config would not have the capability to parse the FIP format in Boot ROM and BL2 needs to be loaded independently. This patch does the required changes for the same. Change-Id: Iad285c247b3440e2d827fef97c3dd81f5c09cabc Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 29 Nov, 2017 1 commit
-
-
Soby Mathew authored
This patch fixes a couple of issues for AArch32 builds on ARM reference platforms : 1. The arm_def.h previously defined the same BL32_BASE value for AArch64 and AArch32 build. Since BL31 is not present in AArch32 mode, this meant that the BL31 memory is empty when built for AArch32. Hence this patch allocates BL32 to the memory region occupied by BL31 for AArch32 builds. As a side-effect of this change, the ARM_TSP_RAM_LOCATION macro cannot be used to control the load address of BL32 in AArch32 mode which was never the intention of the macro anyway. 2. A static assert is added to sp_min linker script to check that the progbits are within the bounds expected when overlaid with other images. 3. Fix specifying `SPD` when building Juno for AArch32 mode. Due to the quirks involved when building Juno for AArch32 mode, the build option SPD needed to specifed. This patch corrects this and also updates the documentation in the user-guide. 4. Exclude BL31 from the build and FIP when building Juno for AArch32 mode. As a result the previous assumption that BL31 must be always present is removed and the certificates for BL31 is only generated if `NEED_BL31` is defined. Change-Id: I1c39bbc0abd2be8fbe9f2dea2e9cb4e3e3e436a8 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 21 Nov, 2017 1 commit
-
-
Qixiang Xu authored
The flag support the following values: - sha256 (default) - sha384 - sha512 Change-Id: I7a49d858c361e993949cf6ada0a86575c3291066 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 09 Aug, 2017 1 commit
-
-
Summer Qin authored
Since Trusted OS firmware may have extra images, need to assign new uuid and image id for them. The TBBR chain of trust has been extended to add support for the new images within the existing Trusted OS firmware content certificate. Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06 Signed-off-by: Summer Qin <summer.qin@arm.com>
-
- 15 May, 2017 1 commit
-
-
dp-arm authored
This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode. To build this patch the "mbedtls/include/mbedtls/bignum.h" needs to be modified to remove `#define MBEDTLS_HAVE_UDBL` when `MBEDTLS_HAVE_INT32` is defined. This is a workaround for "https://github.com/ARMmbed/mbedtls/issues/708 " NOTE: TBBR support on Juno AArch32 is not currently supported. Change-Id: I86d80e30b9139adc4d9663f112801ece42deafcf Signed-off-by: dp-arm <dimitris.papastamos@arm.com> Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>
-
- 03 May, 2017 1 commit
-
-
dp-arm authored
To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 29 Jul, 2016 1 commit
-
-
dp-arm authored
fiptool provides a more consistent and intuitive interface compared to the fip_create program. It serves as a better base to build on more features in the future. fiptool supports various subcommands. Below are the currently supported subcommands: 1) info - List the images contained in a FIP file. 2) create - Create a new FIP file with the given images. 3) update - Update an existing FIP with the given images. 4) unpack - Extract a selected set or all the images from a FIP file. 5) remove - Remove images from a FIP file. This is a new command that was not present in fip_create. To create a new FIP file, replace "fip_create" with "fiptool create". To update a FIP file, replace "fip_create" with "fiptool update". To dump the contents of a FIP file, replace "fip_create --dump" with "fiptool info". A compatibility script that emulates the basic functionality of fip_create is provided. Existing scripts might or might not work with the compatibility script. Users are strongly encouraged to migrate to fiptool. Fixes ARM-Software/tf-issues#87 Fixes ARM-Software/tf-issues#108 Fixes ARM-Software/tf-issues#361 Change-Id: I7ee4da7ac60179cc83cf46af890fd8bc61a53330
-
- 30 Mar, 2016 1 commit
-
-
Juan Castillo authored
This patch adds non-volatile counter support to the Certificate Generation tool. The TBBR Chain of Trust definition in the tool has been extended to include the counters as certificate extensions. The counter values can be specified in the command line. The following default counter values are specified in the build system: * Trusted FW Non-Volatile counter = 0 * Non-Trusted FW Non-Volatile counter = 0 These values can be overridden by the platform at build time. Change-Id: I7ea10ee78d72748d181df4ee78a7169b3ef2720c
-
- 14 Dec, 2015 3 commits
-
-
Juan Castillo authored
This patch removes the dash character from the image name, to follow the image terminology in the Trusted Firmware Wiki page: https://github.com/ARM-software/arm-trusted-firmware/wiki Changes apply to output messages, comments and documentation. non-ARM platform files have been left unmodified. Change-Id: Ic2a99be4ed929d52afbeb27ac765ceffce46ed76
-
Juan Castillo authored
This patch replaces all references to the SCP Firmware (BL0, BL30, BL3-0, bl30) with the image terminology detailed in the TF wiki (https://github.com/ARM-software/arm-trusted-firmware/wiki): BL0 --> SCP_BL1 BL30, BL3-0 --> SCP_BL2 bl30 --> scp_bl2 This change affects code, documentation, build system, tools and platform ports that load SCP firmware. ARM plaforms have been updated to the new porting API. IMPORTANT: build option to specify the SCP FW image has changed: BL30 --> SCP_BL2 IMPORTANT: This patch breaks compatibility for platforms that use BL2 to load SCP firmware. Affected platforms must be updated as follows: BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID BL30_BASE --> SCP_BL2_BASE bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo() bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2() Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
-
Juan Castillo authored
This patch applies the TBBR naming convention to the certificates and the corresponding extensions defined by the CoT: * Certificate UUID names * Certificate identifier names * OID names Changes apply to: * Generic code (variables and defines) * The default certificate identifiers provided in the generic code * Build system * ARM platforms port * cert_create tool internal definitions * fip_create and cert_create tools command line options * Documentation IMPORTANT: this change breaks the compatibility with platforms that use TBBR. The platform will need to adapt the identifiers and OIDs to the TBBR naming convention introduced by this patch: Certificate UUIDs: UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT Certificate identifiers: BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID OIDs: TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID BL30_HASH_OID --> SCP_FW_HASH_OID BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID BL31_HASH_OID --> SOC_AP_FW_HASH_OID BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID NS_BL2U_HASH_OID --> FWU_HASH_OID Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
-
- 09 Dec, 2015 2 commits
-
-
Yatharth Kochar authored
Firmware update feature needs a new FIP called `fwu_fip.bin` that includes Secure(SCP_BL2U, BL2U) and Normal world(NS_BL2U) images along with the FWU_CERT certificate in order for NS_BL1U to load the images and help the Firmware update process to complete. This patch adds the capability to support the new target `fwu_fip` which includes above mentioned FWU images in the make files. The new target of `fwu_fip` and its dependencies are included for compilation only when `TRUSTED_BOARD_BOOT` is defined. Change-Id: Ie780e3aac6cbd0edfaff3f9af96a2332bd69edbc
-
Yatharth Kochar authored
The Firmware Update (FWU) feature needs support for an optional secure world image, BL2U, to allow additional secure world initialization required by FWU, for example DDR initialization. This patch adds generic framework support to create BL2U. NOTE: A platform makefile must supply additional `BL2U_SOURCES` to build the bl2u target. A subsequent patch adds bl2u support for ARM platforms. Change-Id: If2ce036199bb40b39b7f91a9332106bcd4e25413
-
- 17 Nov, 2015 1 commit
-
-
Juan Castillo authored
If an SPD wants to use a prebuilt binary as BL32 image (for example, the OPTEE Dispatcher), it must point the `BL32` variable to the image file. This dependency should apply only to the `fip` target. However, it also applies to the `all` target at the moment. If the user tries to build all individual TF images using `make all` without setting BL32, the build fails. The following command will throw the error: make CROSS_COMPILE=aarch64-linux-gnu- SPD=opteed all ... ... aarch64-linux-gnu-gcc: fatal error: no input files compilation terminated. make: *** [build/fvp/release/bl32/bl32.ld] Error 1 The reason is that the build system checks if BL32 is defined, and if it is not, it will try to build BL32 from source. If the SPD makefile does not provide support for that (as is the case of the OPTEE Dispatcher, since OPTEE is provided as an external binary), the build will fail. This patch fixes the issue by checking if `BL32_SOURCES` has been defined by the SPD before attempting to build BL32 from source. If neither `BL32` nor `BL32_SOURCES` is defined when building the FIP, a warning message will be printed and the process aborted. Fixes ARM-software/tf-issues#333 Change-Id: I5e801ad333103ed9b042e5c4757424c8df2ff6e4
-
- 27 Oct, 2015 1 commit
-
-
Juan Castillo authored
This patch is a complete rework of the main Makefile. Functionality remains the same but the code has been reorganized in sections in order to improve readability and facilitate adding future extensions. A new file 'build_macros.mk' has been created and will contain common definitions (variables, macros, etc) that may be used from the main Makefile and other platform specific makefiles. A new macro 'FIP_ADD_IMG' has been introduced and it will allow the platform to specify binary images and the necessary checks for a successful build. Platforms that require a BL30 image no longer need to specify the NEED_BL30 option. The main Makefile is now completely unaware of additional images not built as part of Trusted Firmware, like BL30. It is the platform responsibility to specify images using the macro 'FIP_ADD_IMG'. Juno uses this macro to include the BL30 image in the build. BL33 image is specified in the main Makefile to preserve backward compatibility with the NEED_BL33 option. Otherwise, platform ports that rely on the definition of NEED_BL33 might break. All Trusted Board Boot related definitions have been moved to a separate file 'tbbr_tools.mk'. The main Makefile will include this file unless the platform indicates otherwise by setting the variable 'INCLUDE_TBBR_MK := 0' in the corresponding platform.mk file. This will keep backward compatibility but ideally each platform should include the corresponding TBB .mk file in platform.mk. Change-Id: I35e7bc9930d38132412e950e20aa2a01e2b26801
-