feat(mbedtls): update mbedTLS driver for DRTM support

Updated mbedTLS driver to include mbedTLS functions necessary for a DRTM supported build. Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com> Change-Id: If0120374a971519cf84f93e0c59e1a320a72cd97
2025-04-16 17:44:19 +00:00 · 2022-02-25 09:11:12 +00:00 · 2022-02-25 09:11:12 +00:00 · 8b653909b7
commit 8b653909b7
parent c9bd1bacff
2 changed files with 9 additions and 8 deletions
--- a/bl31/bl31.mk
+++ b/bl31/bl31.mk
@ -148,7 +148,8 @@ BL31_SOURCES		+=	common/feat_detect.c
 endif

 ifeq (${DRTM_SUPPORT},1)
-BL31_SOURCES		+=	services/std_svc/drtm/drtm_main.c
+BL31_SOURCES		+=	services/std_svc/drtm/drtm_main.c	\
+				${MBEDTLS_SOURCES}
 endif

 BL31_LINKERFILE		:=	bl31/bl31.ld.S
--- a/drivers/auth/mbedtls/mbedtls_crypto.c
+++ b/drivers/auth/mbedtls/mbedtls_crypto.c
@ -24,7 +24,7 @@

 #define LIB_NAME		"mbed TLS"

-#if MEASURED_BOOT
+#if MEASURED_BOOT || DRTM_SUPPORT
 /*
 * CRYPTO_MD_MAX_SIZE value is as per current stronger algorithm available
 * so make sure that mbed TLS MD maximum size must be lesser than this.
@ -32,7 +32,7 @@
 CASSERT(CRYPTO_MD_MAX_SIZE >= MBEDTLS_MD_MAX_SIZE,
 	assert_mbedtls_md_size_overflow);

-#endif /* MEASURED_BOOT */
+#endif /* MEASURED_BOOT || DRTM_SUPPORT */

 /*
 * AlgorithmIdentifier  ::=  SEQUENCE  {
@ -221,7 +221,7 @@ static int verify_hash(void *data_ptr, unsigned int data_len,
 }
 #endif /* TRUSTED_BOARD_BOOT */

-#if MEASURED_BOOT
+#if MEASURED_BOOT || DRTM_SUPPORT
 /*
 * Map a generic crypto message digest algorithm to the corresponding macro used
 * by Mbed TLS.
@ -264,7 +264,7 @@ static int calc_hash(enum crypto_md_algo md_algo, void *data_ptr,
 	 */
 	return mbedtls_md(md_info, data_ptr, data_len, output);
 }
-#endif /* MEASURED_BOOT */
+#endif /* MEASURED_BOOT || DRTM_SUPPORT */

 #if TF_MBEDTLS_USE_AES_GCM
 /*
@ -368,7 +368,7 @@ static int auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr,
 /*
 * Register crypto library descriptor
 */
-#if MEASURED_BOOT && TRUSTED_BOARD_BOOT
+#if (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT
 #if TF_MBEDTLS_USE_AES_GCM
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, calc_hash,
 		    auth_decrypt);
@ -383,6 +383,6 @@ REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash,
 #else
 REGISTER_CRYPTO_LIB(LIB_NAME, init, verify_signature, verify_hash, NULL);
 #endif
-#elif MEASURED_BOOT
+#elif MEASURED_BOOT || DRTM_SUPPORT
 REGISTER_CRYPTO_LIB(LIB_NAME, init, calc_hash);
-#endif /* MEASURED_BOOT && TRUSTED_BOARD_BOOT */
+#endif /* (MEASURED_BOOT || DRTM_SUPPORT) && TRUSTED_BOARD_BOOT */