Age | Commit message (Collapse) | Author |
|
Support opteed header
|
|
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
|
|
The current build system and driver requires the CCI product to be
specified at build time. The device constraints can be determined at run
time from its ID registers, obviating the need for specifying them
ahead.
This patch adds changes to identify and validate CCI at run time. Some
global variables are renamed to be in line with the rest of the code
base.
The build option ARM_CCI_PRODUCT_ID is now removed, and user guide is
updated.
Change-Id: Ibb765e349d3bc95ff3eb9a64bde1207ab710a93d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
|
This patch defines the variable `LDLIBS` which allows external
libraries to be specified to 'ld' to enable it to link the
libraries.
Change-Id: I02a490eca1074063d00153ccb0ee974ef8859a0e
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
|
|
Use TF_LDFLAGS from the Makefiles, and still append LDFLAGS as well to
the compiler's invocation. This allows passing extra options from the
make command line using LDFLAGS.
Document new LDFLAGS Makefile option.
Change-Id: I88c5ac26ca12ac2b2d60a6f150ae027639991f27
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
|
|
SPE is only supported in non-secure state. Accesses to SPE specific
registers from SEL1 will trap to EL3. During a world switch, before
`TTBR` is modified the SPE profiling buffers are drained. This is to
avoid a potential invalid memory access in SEL1.
SPE is architecturally specified only for AArch64.
Change-Id: I04a96427d9f9d586c331913d815fdc726855f6b0
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
|
|
It doesn't make sense to use the `-pedantic` flag when building the
Trusted Firmware as we use GNU extensions and so our code is not
fully ISO C compliant. This flag only makes sense if the code intends to
be ISO C compliant.
Change-Id: I6273564112759ff57f03b273f5349733a5f38aef
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
|
|
Collect headers shared between TF and host-tools into include/tools_share
|
|
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).
For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.
The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.
For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
The current assert_boolean does not work with variables assigned with
'=' flavor instead of ':='.
For example,
FOO = $(BAR)
BAR := 1
Here, $(value FOO) is evaluated to $(BAR), not 1. This is not what
we expect. While I am here, I simplified the implementation.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode.
To build this patch the "mbedtls/include/mbedtls/bignum.h"
needs to be modified to remove `#define MBEDTLS_HAVE_UDBL`
when `MBEDTLS_HAVE_INT32` is defined. This is a workaround
for "https://github.com/ARMmbed/mbedtls/issues/708"
NOTE: TBBR support on Juno AArch32 is not currently supported.
Change-Id: I86d80e30b9139adc4d9663f112801ece42deafcf
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>
|
|
Minor makefile fixes
|
|
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
|
|
Some recent changes have added direct use of the echo command without
parameters. This fails on a Windows shell, because echo without
parameters reports the mode ("ECHO is on").
This is corrected using the ECHO_BLANK_LINE macro already provided
for that purpose.
Change-Id: I5fd7192861b4496f6f46b4f096e80a752cd135d6
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
|
|
2 problems were found, but are in one change to avoid submitting a patch
that might fail to build. The problems were:
1. The macro MAKE_PREREQ_DIR has a minor bug, in that it is capable of
generating recursive dependencies.
2. The inclusion of BUILD_DIR in TEMP_OBJ_DIRS left no explicit
dependency, BUILD_DIR might not exist when subdirectories are
created by a thread on another CPU.
This fix corrects these with the following changes:
1. MAKE_PREREQ_DIR does nothing for a direct self dependency.
2. BUILD_DIR is built using MAKE_PREREQ_DIR.
3. BUILD_DIR is an explicit prerequisite of all OBJ_DIRS.
Change-Id: I938cddea4a006df225c02a47b9cf759212f27fb7
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
|
|
This patch introduces a build option to enable D-cache early on the CPU
after warm boot. This is applicable for platforms which do not require
interconnect programming to enable cache coherency (eg: single cluster
platforms). If this option is enabled, then warm boot path enables
D-caches immediately after enabling MMU.
Fixes ARM-Software/tf-issues#456
Change-Id: I44c8787d116d7217837ced3bcf0b1d3441c8d80e
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
|
|
Introduce new build option ENABLE_STACK_PROTECTOR. It enables
compilation of all BL images with one of the GCC -fstack-protector-*
options.
A new platform function plat_get_stack_protector_canary() is introduced.
It returns a value that is used to initialize the canary for stack
corruption detection. Returning a random value will prevent an attacker
from predicting the value and greatly increase the effectiveness of the
protection.
A message is printed at the ERROR level when a stack corruption is
detected.
To be effective, the global data must be stored at an address
lower than the base of the stacks. Failure to do so would allow an
attacker to overwrite the canary as part of an attack which would void
the protection.
FVP implementation of plat_get_stack_protector_canary is weak as
there is no real source of entropy on the FVP. It therefore relies on a
timer's value, which could be predictable.
Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
|
|
The boolean build option HW_ASSISTED_COHERENCY is introduced to enable
various optimizations in ARM Trusted Software, when built for such
systems. It's set to 0 by default.
Change-Id: I638390da6e1718fe024dcf5b402e07084f1eb014
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
|
The ARMv8v.1 architecture extension has introduced support for far
atomics, which includes compare-and-swap. Compare and Swap instruction
is only available for AArch64.
Introduce build options to choose the architecture versions to target
ARM Trusted Firmware:
- ARM_ARCH_MAJOR: selects the major version of target ARM
Architecture. Default value is 8.
- ARM_ARCH_MINOR: selects the minor version of target ARM
Architecture. Default value is 0.
When:
(ARM_ARCH_MAJOR > 8) || ((ARM_ARCH_MAJOR == 8) && (ARM_ARCH_MINOR >= 1)),
for AArch64, Compare and Swap instruction is used to implement spin
locks. Otherwise, the implementation falls back to using
load-/store-exclusive instructions.
Update user guide, and introduce a section in Firmware Design guide to
summarize support for features introduced in ARMv8 Architecture
Extensions.
Change-Id: I73096a0039502f7aef9ec6ab3ae36680da033f16
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
|
The current fiptool packs all the images without any padding between
them. So, the offset to each image has no alignment. This is not
efficient, for example, when the FIP is read from a block-oriented
device.
For example, (e)MMC is accessed by block-addressing. The block size
is 512 byte. So, the best case is each image is aligned by 512 byte
since the DMA engine can transfer the whole of the image to its load
address directly. The worst case is the offset does not have even
DMA-capable alignment (this is where we stand now). In this case,
we need to transfer every block to a bounce buffer, then do memcpy()
from the bounce buffer to our final destination. At least, this
should work with the abstraction by the block I/O layer, but the
CPU-intervention for the whole data transfer makes it really slow.
This commit adds a new option --align to the fiptool. This option,
if given, requests the tool to align each component in the FIP file
by the specified byte. Also, add a new Make option FIP_ALIGN for
easier access to this feature; users can give something like
FIP_ALIGN=512 from the command line, or add "FIP_ALIGN := 512" to
their platform.mk file.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
Append . then strip /. seems clumsy. Just use $(patsubst %/,%, ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
Soren reports build fails if -j option is given:
$ make -j16 CROSS_COMPILE=aarch64-linux-gnu-
Building fvp
make: *** No rule to make target 'build/fvp/release/bl1/',
needed by 'build/fvp/release/bl1/bl1.ld'. Stop.
make: *** Waiting for unfinished jobs....
The cause of the failure is that $(dir ) leaves a trailing / on the
directory names. It must be ripped off to let Make create the
directory.
There are some ways to fix the issue. Here, I chose to make MAKE_LD
look like MAKE_C and MAKE_S because bl*_dirs seems the central place
of making directories.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reported-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Tested-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
|
|
This adds a phony target for each dependency other than the main
file, causing each to depend on nothing.
Without this, the incremental build will fail when a header file
is removed.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
Currently, .d files are generated before any objects are built.
So, IS_ANYTHING_TO_BUILD flag is needed to avoid such processing for
non-build targets.
There is a cleverer way; just create a .d file simultaneously when
the corresponding object is created. No need to have separate rules
for .d files.
This commit will also fix a bug; -D$(IMAGE) is defined for $(OBJ),
but not for $(PREREQUISITES). So, .d files are generated with
different macro sets from those for .o files, then wrong .d files
are generated.
For example, in lib/cpus/aarch64/cpu_helpers.S
#if IMAGE_BL31
#include <cpu_data.h>
#endif
<cpu_data.h> is parsed for the object when built for BL31, but the
.d file does not pick up that dependency.
With this commit, the compiler will generate .o and .d at the same
time, guaranteeing they are generated under the same circumstances.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
Using AS for pre-processing looks a bit weird, and some assembly
specific options are given for nothing. Rather, use CPP.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
The -c flag should not be included in the global variable TF_CFLAGS;
it should be specified in the build rule only when its target is a
*.o file.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
|
|
Some files have incorrect copyright notices, this patch fixes all
files with deviations from the standard notice.
Change-Id: I66b73e78a50a235acb55f1e2ec2052a42c0570d2
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
|
|
When build variables are assigned or processed en masse, they'd appear
neater in alphabetical order.
Static initializations are moved to a separate file,
make_helpers/defaults.mk, which in itself is sorted alphabetically.
No functional changes.
Change-Id: I966010042b33de6b67592fb9ffcef8fc44d7d128
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
|
|
fiptool provides a more consistent and intuitive interface compared to
the fip_create program. It serves as a better base to build on more
features in the future.
fiptool supports various subcommands. Below are the currently
supported subcommands:
1) info - List the images contained in a FIP file.
2) create - Create a new FIP file with the given images.
3) update - Update an existing FIP with the given images.
4) unpack - Extract a selected set or all the images from a FIP file.
5) remove - Remove images from a FIP file. This is a new command that
was not present in fip_create.
To create a new FIP file, replace "fip_create" with "fiptool create".
To update a FIP file, replace "fip_create" with "fiptool update".
To dump the contents of a FIP file, replace "fip_create --dump" with
"fiptool info".
A compatibility script that emulates the basic functionality of
fip_create is provided. Existing scripts might or might not work with
the compatibility script. Users are strongly encouraged to migrate to
fiptool.
Fixes ARM-Software/tf-issues#87
Fixes ARM-Software/tf-issues#108
Fixes ARM-Software/tf-issues#361
Change-Id: I7ee4da7ac60179cc83cf46af890fd8bc61a53330
|
|
zynqmp: Make UART selectable
|
|
Add a convenience macro to add a build definition with a value.
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
|
|
The user can provide additional CFLAGS to use when building TF.
However, these custom CFLAGS are currently prepended to the
standard CFLAGS that are hardcoded in the TF build system. This
is an issue because when providing conflicting compiler flags
(e.g. different optimisations levels like -O1 and -O0), the last
one on the command line usually takes precedence. This means that
the user flags get overriden.
To address this problem, this patch separates the TF CFLAGS from
the user CFLAGS. The former are now stored in the TF_CFLAGS make
variable, whereas the CFLAGS make variable is untouched and reserved
for the user. The order of the 2 sets of flags is enforced when
invoking the compiler.
Fixes ARM-Software/tf-issues#350
Change-Id: Ib189f44555b885f1dffbec6015092f381600e560
|
|
Make improvements for host environment portability
|
|
To get round problems encountered when building in a DOS build
environment the generation of the .o file containing build identifier
strings is modified.
The problems encounterred were:
1. DOS echo doesn't strip ' characters from the output text.
2. git is not available from CMD.EXE so the BUILD_STRING value needs
some other origin.
A BUILD_STRING value of "development build" is used for now.
MAKE_BUILD_STRINGS is used to customise build string generation in a DOS
environment. This variable is not defined in the UNIX build environment
make file helper, and so the existing build string generation behaviour
is retained in these build environments.
NOTE: This commit completes a cumulative series aimed at improving
build portability across development environments.
This enables the build to run on several new build environments,
if the relevant tools are available.
At this point the build is tested on Windows 7 Enterprise SP1,
using CMD.EXE, Cygwin and Msys (MinGW),as well as a native
Linux envionment". The Windows platform builds used
aarch64-none-elf-gcc.exe 4.9.1. CMD.EXE and Msys used Gnu
Make 3.81, cygwin used Gnu Make 4.1.
CAVEAT: The cert_create tool build is not tested on the Windows
platforms (openssl-for-windows has a GPL license).
Change-Id: Iaa4fc89dbe2a9ebae87e2600c9eef10a6af30251
|
|
Because of command differences in some build environments the "inline"
method of generating the build directory structure is not portable.
(e.g. in DOS environments the mkdir shell command fails if a directory
already exists, whereas in UNIX environments it succeeds.)
To improve portability we generate the directories needed using make,
but use the "order-only prerequisites" feature of make to prevent writes
of files into the directories generating re-builds, as suggested in the
GNU make Manual (Version 4.1 September 2014).
Change-Id: Ic9af475831063c7fe6f8bccffef184d79e799419
|
|
In some build environments executable programs have a specific file
extension. The value of BIN_EXT is appended to the relevant tool file
names to allow for this.
The value of BIN_EXT is set, where appropriate, by the build environment
specific make helper (to .exe for Windows build environments).
.gitignore is updated to hide the new (.exe) files.
Change-Id: Icc32f64b750e425265075ad4e0dea18129640b86
|
|
Add make helper files to select the appropriate settings for the build
environment. Selection is made in make_helpers/build_env.mk, which
selects other files to include using generic build environment settings.
The Trusted Firmware Makefile and supporting tool Makefiles are updated
to include build_env.mk instead of unix.mk.
NOTE: This change does not fully enable builds in other build
environments. It facilitates this without compromising the
existing build environments.
Change-Id: Ic4064ffe6ce158bbd16d7cc9f27dd4655a3580f6
|
|
To help diagnose make problems, we report an error if the make
program used does not provide the $(eval ) make functionality.
This will detect early versions of GNU make and other make programs.
Change-Id: I0ebb0f63694cf0b04eaeb7ea1e9e172fb9770ce0
|
|
Macros are inserted to replace direct invocations of commands that are
problematic on some build environments. (e.g. Some environments expect
\ in paths instead of /.)
The changes take into account mismatched command mappings across
environments.
The new helper file unix.mk retains existing makefile behaviour on unix
like build environments by providing the following macro definitions:
SHELL_COPY cp -f
SHELL_COPY_TREE cp -rf
SHELL_DELETE rm -f
SHELL_DELETE_ALL rm -rf
MAKE_PREREQ_DIR mkdir -p (As make target)
SHELL_REMOVE_DIR rm -rf
Change-Id: I1b5ca5e1208e78230b15284c4af00c1c006cffcb
|
|
As an initial stage of making Trusted Firmware build environment more
portable, we remove most uses of the $(shell ) function and replace them
with more portable make function based solutions.
Note that the setting of BUILD_STRING still uses $(shell ) since it's
not possible to reimplement this as a make function. Avoiding invocation
of this on incompatible host platforms will be implemented separately.
Change-Id: I768e2f9a265c78814a4adf2edee4cc46cda0f5b8
|
|
This patch adds non-volatile counter support to the Certificate
Generation tool. The TBBR Chain of Trust definition in the tool
has been extended to include the counters as certificate extensions.
The counter values can be specified in the command line.
The following default counter values are specified in the build
system:
* Trusted FW Non-Volatile counter = 0
* Non-Trusted FW Non-Volatile counter = 0
These values can be overridden by the platform at build time.
Change-Id: I7ea10ee78d72748d181df4ee78a7169b3ef2720c
|
|
This allows reproducible builds (same source and same compiler produce
bit-identical results) and also allows coordinating the timestamp across
multiple projects, eg. with another firmware.
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
|
|
The fip_create tool specifies images in the command line using the
ARM TF naming convention (--bl2, --bl31, etc), while the cert_create
tool uses the TBBR convention (--tb-fw, --soc-fw, etc). This double
convention is confusing and should be aligned.
This patch updates the fip_create command line options to follow the
TBBR naming convention. Usage examples in the User Guide have been
also updated.
NOTE: users that build the FIP by calling the fip_create tool directly
from the command line must update the command line options in their
scripts. Users that build the FIP by invoking the main ARM TF Makefile
should not notice any difference.
Change-Id: I84d602630a2585e558d927b50dfde4dd2112496f
|
|
This patch removes the dash character from the image name, to
follow the image terminology in the Trusted Firmware Wiki page:
https://github.com/ARM-software/arm-trusted-firmware/wiki
Changes apply to output messages, comments and documentation.
non-ARM platform files have been left unmodified.
Change-Id: Ic2a99be4ed929d52afbeb27ac765ceffce46ed76
|
|
This patch replaces all references to the SCP Firmware (BL0, BL30,
BL3-0, bl30) with the image terminology detailed in the TF wiki
(https://github.com/ARM-software/arm-trusted-firmware/wiki):
BL0 --> SCP_BL1
BL30, BL3-0 --> SCP_BL2
bl30 --> scp_bl2
This change affects code, documentation, build system, tools and
platform ports that load SCP firmware. ARM plaforms have been
updated to the new porting API.
IMPORTANT: build option to specify the SCP FW image has changed:
BL30 --> SCP_BL2
IMPORTANT: This patch breaks compatibility for platforms that use BL2
to load SCP firmware. Affected platforms must be updated as follows:
BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID
BL30_BASE --> SCP_BL2_BASE
bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo()
bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2()
Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
|
|
This patch applies the TBBR naming convention to the certificates
and the corresponding extensions defined by the CoT:
* Certificate UUID names
* Certificate identifier names
* OID names
Changes apply to:
* Generic code (variables and defines)
* The default certificate identifiers provided in the generic
code
* Build system
* ARM platforms port
* cert_create tool internal definitions
* fip_create and cert_create tools command line options
* Documentation
IMPORTANT: this change breaks the compatibility with platforms
that use TBBR. The platform will need to adapt the identifiers
and OIDs to the TBBR naming convention introduced by this patch:
Certificate UUIDs:
UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT
UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT
UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT
UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT
UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT
Certificate identifiers:
BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID
BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID
BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID
BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID
BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID
BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID
BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID
BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID
BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID
OIDs:
TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID
NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID
BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID
TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID
NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID
BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID
BL30_HASH_OID --> SCP_FW_HASH_OID
BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID
BL31_HASH_OID --> SOC_AP_FW_HASH_OID
BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID
BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID
BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID
BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID
BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID
SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID
NS_BL2U_HASH_OID --> FWU_HASH_OID
Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
|
|
Firmware update feature needs a new FIP called `fwu_fip.bin` that
includes Secure(SCP_BL2U, BL2U) and Normal world(NS_BL2U) images
along with the FWU_CERT certificate in order for NS_BL1U to load
the images and help the Firmware update process to complete.
This patch adds the capability to support the new target `fwu_fip`
which includes above mentioned FWU images in the make files.
The new target of `fwu_fip` and its dependencies are included for
compilation only when `TRUSTED_BOARD_BOOT` is defined.
Change-Id: Ie780e3aac6cbd0edfaff3f9af96a2332bd69edbc
|
|
The Firmware Update (FWU) feature needs support for an optional
secure world image, BL2U, to allow additional secure world
initialization required by FWU, for example DDR initialization.
This patch adds generic framework support to create BL2U.
NOTE: A platform makefile must supply additional `BL2U_SOURCES`
to build the bl2u target. A subsequent patch adds bl2u
support for ARM platforms.
Change-Id: If2ce036199bb40b39b7f91a9332106bcd4e25413
|
|
This patch adds `uppercase` macro to prepare IMAGE_BLxx defines
used for conditional compilation and to prepare variables used
for defining BL source and linker file names.
This change is needed for upcoming BL images that can have names
which uses both letters and numbers.
Change-Id: I05ce9bcd0d221a54db92c0fe3ad28e9e0080ed2e
|
|
If an SPD wants to use a prebuilt binary as BL32 image (for example,
the OPTEE Dispatcher), it must point the `BL32` variable to the
image file. This dependency should apply only to the `fip` target.
However, it also applies to the `all` target at the moment. If the
user tries to build all individual TF images using `make all`
without setting BL32, the build fails. The following command will
throw the error:
make CROSS_COMPILE=aarch64-linux-gnu- SPD=opteed all
...
...
aarch64-linux-gnu-gcc: fatal error: no input files
compilation terminated.
make: *** [build/fvp/release/bl32/bl32.ld] Error 1
The reason is that the build system checks if BL32 is defined, and
if it is not, it will try to build BL32 from source. If the SPD
makefile does not provide support for that (as is the case of the
OPTEE Dispatcher, since OPTEE is provided as an external binary),
the build will fail.
This patch fixes the issue by checking if `BL32_SOURCES` has been
defined by the SPD before attempting to build BL32 from source.
If neither `BL32` nor `BL32_SOURCES` is defined when building the
FIP, a warning message will be printed and the process aborted.
Fixes ARM-software/tf-issues#333
Change-Id: I5e801ad333103ed9b042e5c4757424c8df2ff6e4
|