Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-22 04:24:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge changes from topic "sb/select-cot" into integration

Browse source 
* changes:
  Introduce COT build option
  cert_create: Remove references to TBBR in common code
  cert_create: Introduce COT build option
  cert_create: Introduce TBBR CoT makefile
This commit is contained in:
Sandrine Bailleux 2020-01-30 13:58:10 +00:00 committed by TrustedFirmware Code Review
commit dcd03ce7bb
8 changed files with 66 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -1018,7 +1018,7 @@ certtool: ${CRTTOOL}
.PHONY: ${CRTTOOL} .PHONY: ${CRTTOOL}
${CRTTOOL}: ${CRTTOOL}:
${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} --no-print-directory -C ${CRTTOOLPATH}
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@echo "Built $@ successfully" @echo "Built $@ successfully"
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}

3
docs/getting_started/build-options.rst
View file

@ -128,6 +128,9 @@ Common build options
``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need ``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
to be implemented in this case. to be implemented in this case.
- ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
Defaults to ``tbbr``.
- ``CRASH_REPORTING``: A non-zero value enables a console dump of processor - ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
register state when an unexpected exception occurs during execution of register state when an unexpected exception occurs during execution of
BL31. This option defaults to the value of ``DEBUG`` - i.e. by default BL31. This option defaults to the value of ``DEBUG`` - i.e. by default

3
make_helpers/defaults.mk
View file

@ -204,6 +204,9 @@ USE_DEBUGFS := 0
# Build option to choose whether Trusted Firmware uses library at ROM # Build option to choose whether Trusted Firmware uses library at ROM
USE_ROMLIB := 0 USE_ROMLIB := 0
# Chain of trust.
COT := tbbr
# Use tbbr_oid.h instead of platform_oid.h # Use tbbr_oid.h instead of platform_oid.h
USE_TBBR_DEFS := 1 USE_TBBR_DEFS := 1

10
plat/arm/common/arm_common.mk
View file

@ -1,5 +1,5 @@
# #
# Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
@ -254,7 +254,13 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
AUTH_SOURCES := drivers/auth/auth_mod.c \ AUTH_SOURCES := drivers/auth/auth_mod.c \
drivers/auth/crypto_mod.c \ drivers/auth/crypto_mod.c \
drivers/auth/img_parser_mod.c \ drivers/auth/img_parser_mod.c \
drivers/auth/tbbr/tbbr_cot.c \
# Include the selected chain of trust sources.
ifeq (${COT},tbbr)
AUTH_SOURCES += drivers/auth/tbbr/tbbr_cot.c
else
$(error Unknown chain of trust ${COT})
endif
BL1_SOURCES += ${AUTH_SOURCES} \ BL1_SOURCES += ${AUTH_SOURCES} \
bl1/tbbr/tbbr_img_desc.c \ bl1/tbbr/tbbr_img_desc.c \

46
tools/cert_create/Makefile
View file

@ -1,5 +1,5 @@
# #
# Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
@ -10,53 +10,41 @@ V ?= 0
DEBUG := 0 DEBUG := 0
BINARY := ${PROJECT}${BIN_EXT} BINARY := ${PROJECT}${BIN_EXT}
OPENSSL_DIR := /usr OPENSSL_DIR := /usr
USE_TBBR_DEFS := 1 COT := tbbr
OBJECTS := src/cert.o \
src/cmd_opt.o \
src/ext.o \
src/key.o \
src/main.o \
src/sha.o \
src/tbbr/tbb_cert.o \
src/tbbr/tbb_ext.o \
src/tbbr/tbb_key.o
HOSTCCFLAGS := -Wall -std=c99
MAKE_HELPERS_DIRECTORY := ../../make_helpers/ MAKE_HELPERS_DIRECTORY := ../../make_helpers/
include ${MAKE_HELPERS_DIRECTORY}build_macros.mk include ${MAKE_HELPERS_DIRECTORY}build_macros.mk
include ${MAKE_HELPERS_DIRECTORY}build_env.mk include ${MAKE_HELPERS_DIRECTORY}build_env.mk
ifeq (${USE_TBBR_DEFS},1) # Common source files.
# In this case, cert_tool is platform-independent OBJECTS := src/cert.o \
PLAT_MSG := TBBR Generic src/cmd_opt.o \
PLAT_INCLUDE := ../../include/tools_share src/ext.o \
src/key.o \
src/main.o \
src/sha.o
# Chain of trust.
ifeq (${COT},tbbr)
include src/tbbr/tbbr.mk
else else
PLAT_MSG := ${PLAT} $(error Unknown chain of trust ${COT})
TF_PLATFORM_ROOT := ../../plat/
include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk
PLAT_INCLUDE := $(wildcard ${PLAT_DIR}include)
ifeq ($(PLAT_INCLUDE),)
$(error "Error: Invalid platform '${PLAT}' has no include directory.")
endif
endif endif
HOSTCCFLAGS := -Wall -std=c99
ifeq (${DEBUG},1) ifeq (${DEBUG},1)
HOSTCCFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40 HOSTCCFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40
else else
HOSTCCFLAGS += -O2 -DLOG_LEVEL=20 HOSTCCFLAGS += -O2 -DLOG_LEVEL=20
endif endif
ifeq (${V},0) ifeq (${V},0)
Q := @ Q := @
else else
Q := Q :=
endif endif
$(eval $(call add_define,USE_TBBR_DEFS))
HOSTCCFLAGS += ${DEFINES} HOSTCCFLAGS += ${DEFINES}
# Make soft links and include from local directory otherwise wrong headers # Make soft links and include from local directory otherwise wrong headers

6
tools/cert_create/src/ext.c
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
* *
* SPDX-License-Identifier: BSD-3-Clause * SPDX-License-Identifier: BSD-3-Clause
*/ */
@ -33,11 +33,11 @@ DECLARE_ASN1_FUNCTIONS(HASH)
IMPLEMENT_ASN1_FUNCTIONS(HASH) IMPLEMENT_ASN1_FUNCTIONS(HASH)
/* /*
* This function adds the TBB extensions to the internal extension list * This function adds the CoT extensions to the internal extension list
* maintained by OpenSSL so they can be used later. * maintained by OpenSSL so they can be used later.
* *
* It also initializes the methods to print the contents of the extension. If an * It also initializes the methods to print the contents of the extension. If an
* alias is specified in the TBB extension, we reuse the methods of the alias. * alias is specified in the CoT extension, we reuse the methods of the alias.
* Otherwise, only methods for V_ASN1_INTEGER and V_ASN1_OCTET_STRING are * Otherwise, only methods for V_ASN1_INTEGER and V_ASN1_OCTET_STRING are
* provided. Any other type will be printed as a raw ascii string. * provided. Any other type will be printed as a raw ascii string.
* *

4
tools/cert_create/src/main.c
View file

@ -47,7 +47,7 @@
do { \ do { \
v = OBJ_txt2nid(oid); \ v = OBJ_txt2nid(oid); \
if (v == NID_undef) { \ if (v == NID_undef) { \
ERROR("Cannot find TBB extension %s\n", oid); \ ERROR("Cannot find extension %s\n", oid); \
exit(1); \ exit(1); \
} \ } \
} while (0) } while (0)
@ -335,7 +335,7 @@ int main(int argc, char *argv[])
/* Initialize the new types and register OIDs for the extensions */ /* Initialize the new types and register OIDs for the extensions */
if (ext_init() != 0) { if (ext_init() != 0) {
ERROR("Cannot initialize TBB extensions\n"); ERROR("Cannot initialize extensions\n");
exit(1); exit(1);
} }

29
tools/cert_create/src/tbbr/tbbr.mk Normal file
View file

@ -0,0 +1,29 @@
#
# Copyright (c) 2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
USE_TBBR_DEFS := 1
$(eval $(call add_define,USE_TBBR_DEFS))
ifeq (${USE_TBBR_DEFS},1)
# In this case, cert_tool is platform-independent
PLAT_MSG := TBBR Generic
PLAT_INCLUDE := ../../include/tools_share
else
PLAT_MSG := ${PLAT}
TF_PLATFORM_ROOT := ../../plat/
include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk
PLAT_INCLUDE := $(wildcard ${PLAT_DIR}include)
ifeq ($(PLAT_INCLUDE),)
$(error "Error: Invalid platform '${PLAT}' has no include directory.")
endif
endif
OBJECTS += src/tbbr/tbb_cert.o \
src/tbbr/tbb_ext.o \
src/tbbr/tbb_key.o