| #
735181b6 |
| 12-Feb-2018 |
Roberto Vargas <roberto.vargas@arm.com> |
Fix MISRA rule 8.3 Part 4
Rule 8.3: All declarations of an object or function shall
use the same names and type qualifiers
Fixed for:
make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1
Fix MISRA rule 8.3 Part 4
Rule 8.3: All declarations of an object or function shall
use the same names and type qualifiers
Fixed for:
make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1 \
GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=arm_rotprivk_rsa.pem MBEDTLS_DIR=mbedtls all
Change-Id: Ia34fe1ae1f142e89c9a6c19831e3daf4d28f5831
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
show more ...
|
| #
f132b4a0 |
| 04-May-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #925 from dp-arm/dp/spdx
Use SPDX license identifiers
|
| #
82cb2c1a |
| 03-May-2017 |
dp-arm <dimitris.papastamos@arm.com> |
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
show more ...
|
| #
e123b2a3 |
| 13-Jan-2016 |
danh-arm <dan.handley@arm.com> |
Merge pull request #483 from soby-mathew/sm/rm_struct_padding
Rearrange fields in TF data structures to reduce padding
|
| #
b313d755 |
| 12-Jan-2016 |
Soby Mathew <soby.mathew@arm.com> |
Rearrange fields in TF data structures to reduce padding
This patch rearranges fields of the `image_desc_t` & `auth_img_desc_t`
data structures to reduce padding between the fields and thereby
save
Rearrange fields in TF data structures to reduce padding
This patch rearranges fields of the `image_desc_t` & `auth_img_desc_t`
data structures to reduce padding between the fields and thereby
save memory.
NOTE: Platform ports which anonymously initialize these structures
should be aware of the rearrangement and do the required
modification.
Change-Id: I428b5429632797b31d5bd306174599c07e24c060
show more ...
|
| #
d37b2098 |
| 06-Jan-2016 |
danh-arm <dan.handley@arm.com> |
Merge pull request #478 from sandrine-bailleux/sb/mbed-tls-pedantic
Always build with '-pedantic'
|
| #
aa856917 |
| 04-Jan-2016 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Always build with '-pedantic'
By default ARM TF is built with the '-pedantic' compiler flag, which
helps detecting violations of the C standard. However, the mbed TLS
library and its associated auth
Always build with '-pedantic'
By default ARM TF is built with the '-pedantic' compiler flag, which
helps detecting violations of the C standard. However, the mbed TLS
library and its associated authentication module in TF used to fail
building with this compiler flag. As a workaround, the mbed TLS
authentication module makefile used to set the 'DISABLE_PEDANTIC'
TF build flag.
The compiler errors flagged by '-pedantic' in the mbed TLS library
have been fixed between versions 1.3.9 and 2.2.0 and the library now
properly builds with this compiler flag.
This patch fixes the remaining compiler errors in the mbed TLS
authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF
build flag. This means that TF is now always built with '-pedantic'.
In particular, this patch:
* Removes the final semi-colon in REGISTER_COT() macro.
This semi-colon was causing the following error message:
drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow
extra ';' outside of a function [-Werror=pedantic]
This has been fixed both in the mbed TLS authentication module
as well as in the certificate generation tool. Note that the latter
code didn't need fixing since it is not built with '-pedantic' but
the change has been propagated for consistency.
Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros,
which were suffering from the same issue.
* Fixes a pointer type.
It was causing the following error message:
drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash':
drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of
type 'void *' used in arithmetic [-Werror=pointer-arith]
Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
show more ...
|
| #
84f95bed |
| 25-Jun-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #315 from jcastillo-arm/jc/tbb_tmp9
Authentication Framework
|
| #
05799ae0 |
| 02-Apr-2015 |
Juan Castillo <juan.castillo@arm.com> |
TBB: add authentication framework
This patch adds the authentication framework that will be used as
the base to implement Trusted Board Boot in the Trusted Firmware.
The framework comprises the foll
TBB: add authentication framework
This patch adds the authentication framework that will be used as
the base to implement Trusted Board Boot in the Trusted Firmware.
The framework comprises the following modules:
- Image Parser Module (IPM)
This module is responsible for interpreting images, check
their integrity and extract authentication information from
them during Trusted Board Boot.
The module currently supports three types of images i.e.
raw binaries, X509v3 certificates and any type specific to
a platform. An image parser library must be registered for
each image type (the only exception is the raw image parser,
which is included in the main module by default).
Each parser library (if used) must export a structure in a
specific linker section which contains function pointers to:
1. Initialize the library
2. Check the integrity of the image type supported by
the library
3. Extract authentication information from the image
- Cryptographic Module (CM)
This module is responsible for verifying digital signatures
and hashes. It relies on an external cryptographic library
to perform the cryptographic operations.
To register a cryptographic library, the library must use the
REGISTER_CRYPTO_LIB macro, passing function pointers to:
1. Initialize the library
2. Verify a digital signature
3. Verify a hash
Failing to register a cryptographic library will generate
a build time error.
- Authentication Module (AM)
This module provides methods to authenticate an image, like
hash comparison or digital signatures. It uses the image parser
module to extract authentication parameters, the crypto module
to perform cryptographic operations and the Chain of Trust to
authenticate the images.
The Chain of Trust (CoT) is a data structure that defines the
dependencies between images and the authentication methods
that must be followed to authenticate an image.
The Chain of Trust, when added, must provide a header file named
cot_def.h with the following definitions:
- COT_MAX_VERIFIED_PARAMS
Integer value indicating the maximum number of authentication
parameters an image can present. This value will be used by the
authentication module to allocate the memory required to load
the parameters in the image descriptor.
Change-Id: Ied11bd5cd410e1df8767a1df23bb720ce7e58178
show more ...
|