| #
007be5ec |
| 14-Aug-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "sp_dual_signing" into integration
* changes:
dualroot: add chain of trust for Platform owned SPs
cert_create: add Platform owned secure partitions support
|
| #
23d5f03a |
| 24-Jul-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: add Platform owned secure partitions support
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "s
cert_create: add Platform owned secure partitions support
Add support to generate a certificate named "plat-sp-cert" for Secure
Partitions(SP) owned by Platform.
Earlier a single certificate file "sip-sp-cert" was generated which
contained hash of all 8 SPs, with this change SPs are divided into
two categories viz "SiP owned" and "Plat owned" containing 4 SPs each.
Platform RoT key pair is used for signing.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I5bd493cfce4cf3fc14b87c8ed1045f633d0c92b6
show more ...
|
| #
99bcae5e |
| 26-Jun-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/a
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/arm: Load and populate fw_config and tb_fw_config
fconf: Handle error from fconf_load_config
plat/arm: Update the fw_config load call and populate it's information
fconf: Allow fconf to load additional firmware configuration
fconf: Clean confused naming between TB_FW and FW_CONFIG
tbbr/dualroot: Add fw_config image in chain of trust
cert_tool: Update cert_tool for fw_config image support
fiptool: Add fw_config in FIP
plat/arm: Rentroduce tb_fw_config device tree
show more ...
|
| #
9b3ca9b1 |
| 11-Jun-2020 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
cert_tool: Update cert_tool for fw_config image support
Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.
Signed-off-by: Manish V Badarkh
cert_tool: Update cert_tool for fw_config image support
Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I720319225925806a2a9f50a1ac9c8a464be975f0
show more ...
|
| #
02383c28 |
| 09-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes from topic "sp_secure_boot" into integration
* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure p
Merge changes from topic "sp_secure_boot" into integration
* changes:
dualroot: add chain of trust for secure partitions
sptool: append cert_tool arguments.
cert_create: add SiP owned secure partitions support
show more ...
|
| #
0792dd7d |
| 22-May-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: add SiP owned secure partitions support
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specific
cert_create: add SiP owned secure partitions support
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specification the support is only added for
dualroot CoT and not for TBBR CoT.
A single certificate file is generated containing hash of individual
packages. Maximum 8 secure partitions are supported.
Following new options added to cert_tool:
--sip-sp-cert --> SiP owned Secure Partition Content Certificate
--sp-pkg1 --> Secure Partition Package1 file
--sp-pkg2
.....
--sp-pkg8
Trusted world key pair is used for signing.
Going forward, this feature can be extended for Platfrom owned
Partitions, if required.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
show more ...
|
| #
e3102677 |
| 10-Mar-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "sb/dualroot" into integration
* changes:
Build system: Changes to drive cert_create for dualroot CoT
cert_create: Define the dualroot CoT
Introduce a new "dualroot" c
Merge changes from topic "sb/dualroot" into integration
* changes:
Build system: Changes to drive cert_create for dualroot CoT
cert_create: Define the dualroot CoT
Introduce a new "dualroot" chain of trust
show more ...
|
| #
a9d5c273 |
| 10-Jan-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
cert_create: Define the dualroot CoT
Selection of the chain of trust is done through the COT build option:
> make COT=dualroot
Change-Id: Id87c7a5116bdd13bdb29645ecf31d111ad094c1e
Signed-off-by: S
cert_create: Define the dualroot CoT
Selection of the chain of trust is done through the COT build option:
> make COT=dualroot
Change-Id: Id87c7a5116bdd13bdb29645ecf31d111ad094c1e
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
show more ...
|