- 23 May, 2017 1 commit
-
-
Masahiro Yamada authored
Platforms aligned with TBBR are supposed to use their own OIDs, but defining the same macros with different OIDs does not provide any value (at least technically). For easier use of TBBR, this commit allows platforms to reuse the OIDs obtained by ARM Ltd. This will be useful for non-ARM vendors that do not need their own extension fields in their certificate files. The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the backward compatibility. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 03 May, 2017 1 commit
-
-
dp-arm authored
To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 01 Apr, 2016 5 commits
-
-
Evan Lloyd authored
In some build environments executable programs have a specific file extension. The value of BIN_EXT is appended to the relevant tool file names to allow for this. The value of BIN_EXT is set, where appropriate, by the build environment specific make helper (to .exe for Windows build environments). .gitignore is updated to hide the new (.exe) files. Change-Id: Icc32f64b750e425265075ad4e0dea18129640b86
-
Evan Lloyd authored
Add make helper files to select the appropriate settings for the build environment. Selection is made in make_helpers/build_env.mk, which selects other files to include using generic build environment settings. The Trusted Firmware Makefile and supporting tool Makefiles are updated to include build_env.mk instead of unix.mk. NOTE: This change does not fully enable builds in other build environments. It facilitates this without compromising the existing build environments. Change-Id: Ic4064ffe6ce158bbd16d7cc9f27dd4655a3580f6
-
Evan Lloyd authored
Macros are inserted to replace direct invocations of commands that are problematic on some build environments. (e.g. Some environments expect \ in paths instead of /.) The changes take into account mismatched command mappings across environments. The new helper file unix.mk retains existing makefile behaviour on unix like build environments by providing the following macro definitions: SHELL_COPY cp -f SHELL_COPY_TREE cp -rf SHELL_DELETE rm -f SHELL_DELETE_ALL rm -rf MAKE_PREREQ_DIR mkdir -p (As make target) SHELL_REMOVE_DIR rm -rf Change-Id: I1b5ca5e1208e78230b15284c4af00c1c006cffcb
-
Evan Lloyd authored
Update the cert_create Makefile to list realclean as .PHONY (like clean) Change-Id: I9dc8a61a11574a044372e0952b5b12b74e133747
-
Evan Lloyd authored
As an initial stage of making Trusted Firmware build environment more portable, we remove most uses of the $(shell ) function and replace them with more portable make function based solutions. Note that the setting of BUILD_STRING still uses $(shell ) since it's not possible to reimplement this as a make function. Avoiding invocation of this on incompatible host platforms will be implemented separately. Change-Id: I768e2f9a265c78814a4adf2edee4cc46cda0f5b8
-
- 23 Oct, 2015 1 commit
-
-
Juan Castillo authored
This patch introduces a new API that allows to specify command line options in the Chain of Trust description. These command line options may be used to specify parameters related to the CoT (i.e. keys or certificates), instead of keeping a hardcoded list of options in main.c. Change-Id: I282b0b01cb9add557b26bddc238a28253ce05e44
-
- 16 Jul, 2015 1 commit
-
-
Juan Castillo authored
This patch reworks the certificate generation tool to follow a data driven approach. The user may specify at build time the certificates, keys and extensions defined in the CoT, register them using the appropiate macros and the tool will take care of creating the certificates corresponding to the CoT specified. Change-Id: I29950b39343c3e1b71718fce0e77dcf2a9a0be2f
-
- 25 Jun, 2015 1 commit
-
-
Juan Castillo authored
This patch extends the 'cert_create' tool to support ECDSA keys to sign the certificates. The '--key-alg' command line option can be used to specify the key algorithm when invoking the tool. Available options are: * 'rsa': create RSA-2048 keys (default option) * 'ecdsa': create ECDSA-SECP256R1 keys The TF Makefile has been updated to allow the platform to specify the key algorithm by declaring the 'KEY_ALG' variable in the platform makefile. The behaviour regarding key management has changed. After applying this patch, the tool will try first to open the keys from disk. If one key does not exist or no key is specified, and the command line option to create keys has been specified, new keys will be created. Otherwise an error will be generated and the tool will exit. This way, the user may specify certain keys while the tool will create the remaining ones. This feature is useful for testing purposes and CI infrastructures. The OpenSSL directory may be specified using the build option 'OPENSSL_DIR' when building the certificate generation tool. Default is '/usr'. Change-Id: I98bcc2bfab28dd7179f17f1177ea7a65698df4e7
-
- 28 Apr, 2015 1 commit
-
-
Dan Handley authored
Update the top level makefile to allow platform ports to exist in subdirectories at any level instead of one level under `plat/`. The makefile recursively searches for all files called `platform.mk` in all subdirectories of `plat/`. The directory containing `platform.mk` is the platform name. Platform names must be unique across the codebase. Replace usage of HELP_PLATFORMS in the Makefile with PLATFORMS since these are both used to report the same information back to the user. Update the TSP and cert_create tool makefiles in a similar way to support a deeper platform port directory structure. Also add PLAT_<plat_name> as a define passed through the top level makefile to the source files, to allow build time variation in common platform code. Change-Id: I213420164808c5ddb99a26144e8e3f141a7417b7
-
- 28 Jan, 2015 1 commit
-
-
Juan Castillo authored
This patch adds a tool that generates all the necessary elements to establish the chain of trust (CoT) between the images. The tool reads the binary images and signing keys and outputs the corresponding certificates that will be used by the target at run time to verify the authenticity of the images. Note: the platform port must provide the file platform_oid.h. This file will define the OIDs of the x509 extensions that will be added to the certificates in order to establish the CoT. Change-Id: I2734d6808b964a2107ab3a4805110698066a04be
-
- 26 Nov, 2014 1 commit
-
-
Sandrine Bailleux authored
The 'fiptool' target doesn't depend on fip_create's source files, neither directly nor indirectly. As a result, the FIP tool is not rebuilt whenever its source files change. This patch makes the ${FIPTOOL} target into a phony target so that the FIP tool's sub-makefile is always called. The sub-makefile correctly handles the dependencies. It also moves the completion message into the sub-makefile so that it is only displayed when the tool is actually recompiled. Fixes ARM-software/tf-issues#278 Change-Id: Ia027519fe51d3c42be30665d1ad20a7b89fa350f
-
- 20 Feb, 2014 1 commit
-
-
Jeenu Viswambharan authored
At present the fip.bin depends on phony targets for BL images, resulting in unconditional remake of fip.bin. Also the build messages doesn't match with the rest of build system. This patch modifies the fip.bin dependencies to the actual BL binary images so that fip.bin is remade only when the component images are rebuilt/modified. The build messages and FIP Makefile are modified to match the style of rest of the build system. Change-Id: I8dd08666ff766d106820a5b4b037c2161bcf140f
-
- 17 Feb, 2014 1 commit
-
-
Harry Liebel authored
This tool can be used to create a Firmware Image Packages (FIP). These FIPs store a combined set of firmware images with a Table of Contents (ToC) that can be loaded by the firmware from platform storage. - Add uuid.h from FreeBSD. - Use symbolic links to shared headers otherwise unwanted headers and definitions are pulled in. - A FIP is created as part of the default FVP build. - A BL3-3 image(e.g. UEFI) must be provided. Change-Id: Ib73feee181df2dba68bf6abec115a83cfa5e26cb
-
- 20 Jan, 2014 2 commits
-
-
Ryan Harkin authored
Tidy up the spacing of variable definitions within the makefiles to make them more consistent, easier to read and amend. Change-Id: Ic6d7c8489ca4330824abb5cd1ead8f1d449d1a85 Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>
-
Ryan Harkin authored
Move all explicit platform or architecture specific references into a new platform.mk file that is defined for each platform. Change-Id: I9d6320d1ba957e0cc8d9b316b3578132331fa428 Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>
-
- 17 Jan, 2014 1 commit
-
-
Dan Handley authored
Change-Id: Ic7fb61aabae1d515b9e6baf3dd003807ff42da60
-
- 20 Dec, 2013 1 commit
-
-
Harry Liebel authored
- This change is split into two separate patches in order to simplify the history as interpreted by 'git'. The split is between the move/rename and addition of new files. - Remove dependency on toolchain C library headers and functions in order to ensure behavioural compatibility between toolchains. - Use FreeBSD as reference for C library implementation. - Do not let GCC use default library include paths. - Remove unused definitions in modified headers and implementations. - Move C library files to 'lib/stdlib' and 'include/stdlib'. - Break std.c functions out into separate files. Change-Id: I91cddfb3229775f770ad781589670c57d347a154
-
- 05 Dec, 2013 1 commit
-
-
Dan Handley authored
- Add instructions for contributing to ARM Trusted Firmware. - Update copyright text in all files to acknowledge contributors. Change-Id: I9311aac81b00c6c167d2f8c889aea403b84450e5
-
- 25 Oct, 2013 1 commit
-
-
Achin Gupta authored
-