| #
7afa5c96 |
| 15-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes I1b9e3ebd,I451c0333 into integration
* changes:
tbbr: add chain of trust for Secure Partitions
cert_create: extend Secure partition support for tbbr CoT
|
| #
a8818bbf |
| 10-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: extend Secure partition support for tbbr CoT
with sha 0792dd7, support to generate certificate for Secure
Partitions was added for dualroot CoT only, this patch extends
this support for
cert_create: extend Secure partition support for tbbr CoT
with sha 0792dd7, support to generate certificate for Secure
Partitions was added for dualroot CoT only, this patch extends
this support for tbbr CoT.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I451c0333536dd1cbe17861d454bdb0dc7a17c63f
show more ...
|
| #
9d068f66 |
| 08-Nov-2018 |
Antonio Niño Díaz <antonio.ninodiaz@arm.com> |
Merge pull request #1673 from antonio-nino-diaz-arm/an/headers
Standardise header guards across codebase
|
| #
c3cf06f1 |
| 08-Nov-2018 |
Antonio Nino Diaz <antonio.ninodiaz@arm.com> |
Standardise header guards across codebase
All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.
The style that this proje
Standardise header guards across codebase
All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.
The style that this project is now to use the full name of the file in
capital letters followed by 'H'. For example, for a file called
"uart_example.h", the header guard is UART_EXAMPLE_H.
The exceptions are files that are imported from other projects:
- CryptoCell driver
- dt-bindings folders
- zlib headers
Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
show more ...
|
| #
f132b4a0 |
| 04-May-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #925 from dp-arm/dp/spdx
Use SPDX license identifiers
|
| #
82cb2c1a |
| 03-May-2017 |
dp-arm <dimitris.papastamos@arm.com> |
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
show more ...
|
| #
31d5e7f5 |
| 14-Dec-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #467 from jcastillo-arm/jc/tbb_oid
Apply new image terminology
|
| #
516beb58 |
| 03-Dec-2015 |
Juan Castillo <juan.castillo@arm.com> |
TBB: apply TBBR naming convention to certificates and extensions
This patch applies the TBBR naming convention to the certificates
and the corresponding extensions defined by the CoT:
* Certifi
TBB: apply TBBR naming convention to certificates and extensions
This patch applies the TBBR naming convention to the certificates
and the corresponding extensions defined by the CoT:
* Certificate UUID names
* Certificate identifier names
* OID names
Changes apply to:
* Generic code (variables and defines)
* The default certificate identifiers provided in the generic
code
* Build system
* ARM platforms port
* cert_create tool internal definitions
* fip_create and cert_create tools command line options
* Documentation
IMPORTANT: this change breaks the compatibility with platforms
that use TBBR. The platform will need to adapt the identifiers
and OIDs to the TBBR naming convention introduced by this patch:
Certificate UUIDs:
UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT
UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT
UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT
UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT
UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT
Certificate identifiers:
BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID
BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID
BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID
BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID
BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID
BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID
BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID
BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID
BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID
OIDs:
TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID
NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID
BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID
TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID
NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID
BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID
BL30_HASH_OID --> SCP_FW_HASH_OID
BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID
BL31_HASH_OID --> SOC_AP_FW_HASH_OID
BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID
BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID
BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID
BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID
BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID
SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID
NS_BL2U_HASH_OID --> FWU_HASH_OID
Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
show more ...
|
| #
ab5a53ef |
| 09-Dec-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #453 from yatharth-arm/yk/fwu-6
Firmware Update patch stack
|
| #
cebe1f23 |
| 21-Aug-2015 |
Yatharth Kochar <yatharth.kochar@arm.com> |
FWU: Add FWU support to `cert_create` tool
Firmware Update requires an X509v3 certificate which contains
hashes for SCP_BL2U, BL2U and NS_BL2U images as extensions.
This patch extends the Chain of
FWU: Add FWU support to `cert_create` tool
Firmware Update requires an X509v3 certificate which contains
hashes for SCP_BL2U, BL2U and NS_BL2U images as extensions.
This patch extends the Chain of Trust definition in the
'cert_create' tool to include the Firmware Update certificate
and the required extensions (including command line options).
A new field in the extension structure will be used to indicate
that the extension is optional. In the case of an image hash
extension, this field will tell the tool that the hash should
be included in the certificate, but filled with zeros.
Change-Id: I1f77a66b018826b71745910771f38d9cf6050388
show more ...
|
| #
3747e291 |
| 04-Aug-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #349 from jcastillo-arm/jc/tbb_cert_opt
TBB: rework cert_create tool to follow a data driven approach
|
| #
55e291a4 |
| 12-Jun-2015 |
Juan Castillo <juan.castillo@arm.com> |
TBB: rework cert_create tool to follow a data driven approach
This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates
TBB: rework cert_create tool to follow a data driven approach
This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates,
keys and extensions defined in the CoT, register them using the
appropiate macros and the tool will take care of creating the
certificates corresponding to the CoT specified.
Change-Id: I29950b39343c3e1b71718fce0e77dcf2a9a0be2f
show more ...
|