| #
99bcae5e |
| 26-Jun-2020 |
Sandrine Bailleux <sandrine.bailleux@arm.com> |
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/a
Merge changes from topic "fw_config_handoff" into integration
* changes:
doc: Update memory layout for firmware configuration area
plat/arm: Increase size of firmware configuration area
plat/arm: Load and populate fw_config and tb_fw_config
fconf: Handle error from fconf_load_config
plat/arm: Update the fw_config load call and populate it's information
fconf: Allow fconf to load additional firmware configuration
fconf: Clean confused naming between TB_FW and FW_CONFIG
tbbr/dualroot: Add fw_config image in chain of trust
cert_tool: Update cert_tool for fw_config image support
fiptool: Add fw_config in FIP
plat/arm: Rentroduce tb_fw_config device tree
show more ...
|
| #
9b3ca9b1 |
| 11-Jun-2020 |
Manish V Badarkhe <Manish.Badarkhe@arm.com> |
cert_tool: Update cert_tool for fw_config image support
Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.
Signed-off-by: Manish V Badarkh
cert_tool: Update cert_tool for fw_config image support
Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I720319225925806a2a9f50a1ac9c8a464be975f0
show more ...
|
| #
7afa5c96 |
| 15-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
Merge changes I1b9e3ebd,I451c0333 into integration
* changes:
tbbr: add chain of trust for Secure Partitions
cert_create: extend Secure partition support for tbbr CoT
|
| #
a8818bbf |
| 10-Jun-2020 |
Manish Pandey <manish.pandey2@arm.com> |
cert_create: extend Secure partition support for tbbr CoT
with sha 0792dd7, support to generate certificate for Secure
Partitions was added for dualroot CoT only, this patch extends
this support for
cert_create: extend Secure partition support for tbbr CoT
with sha 0792dd7, support to generate certificate for Secure
Partitions was added for dualroot CoT only, this patch extends
this support for tbbr CoT.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I451c0333536dd1cbe17861d454bdb0dc7a17c63f
show more ...
|
| #
9d068f66 |
| 08-Nov-2018 |
Antonio Niño Díaz <antonio.ninodiaz@arm.com> |
Merge pull request #1673 from antonio-nino-diaz-arm/an/headers
Standardise header guards across codebase
|
| #
c3cf06f1 |
| 08-Nov-2018 |
Antonio Nino Diaz <antonio.ninodiaz@arm.com> |
Standardise header guards across codebase
All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.
The style that this proje
Standardise header guards across codebase
All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.
The style that this project is now to use the full name of the file in
capital letters followed by 'H'. For example, for a file called
"uart_example.h", the header guard is UART_EXAMPLE_H.
The exceptions are files that are imported from other projects:
- CryptoCell driver
- dt-bindings folders
- zlib headers
Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
show more ...
|
| #
0d018306 |
| 23-May-2018 |
Dimitris Papastamos <dimitris.papastamos@arm.com> |
Merge pull request #1386 from soby-mathew/sm/dyn_bl31
Extend dynamic configuration
|
| #
17bc617e |
| 29-Mar-2018 |
Soby Mathew <soby.mathew@arm.com> |
Dynamic cfg: Enable support on CoT for other configs
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
neces
Dynamic cfg: Enable support on CoT for other configs
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
necessary cert tool support and changes to default chain of trust are made
for these configs.
Change-Id: I25f266277b5b5501a196d2f2f79639d838794518
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
show more ...
|
| #
c7aa7fdf |
| 26-Feb-2018 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #1263 from soby-mathew/sm/dyn_config
Dynamic Configuration Prototype
|
| #
e24659df |
| 07-Nov-2017 |
Soby Mathew <soby.mathew@arm.com> |
Dynamic cfg: Update the tools
This patch updates the `fiptool` and `cert_create` for the
`hw_config` and `tb_fw_config` dynamic configuration files.
The necessary UUIDs and OIDs are assigned to thes
Dynamic cfg: Update the tools
This patch updates the `fiptool` and `cert_create` for the
`hw_config` and `tb_fw_config` dynamic configuration files.
The necessary UUIDs and OIDs are assigned to these files and
the `cert_create` is updated to generate appropriate hashes
and include them in the "Trusted Boot FW Certificate". The
`fiptool` is updated to allow the configs to be specified
via cmdline and included in the generated FIP.
Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
show more ...
|
| #
1a52aca5 |
| 14-Aug-2017 |
danh-arm <dan.handley@arm.com> |
Merge pull request #1040 from sliai/support-opteed-header
Support opteed header
|
| #
71fb3964 |
| 20-Apr-2017 |
Summer Qin <summer.qin@arm.com> |
Support Trusted OS firmware extra images in TF tools
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add
Support Trusted OS firmware extra images in TF tools
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
show more ...
|
| #
f132b4a0 |
| 04-May-2017 |
davidcunado-arm <david.cunado@arm.com> |
Merge pull request #925 from dp-arm/dp/spdx
Use SPDX license identifiers
|
| #
82cb2c1a |
| 03-May-2017 |
dp-arm <dimitris.papastamos@arm.com> |
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by
Use SPDX license identifiers
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
show more ...
|
| #
31d5e7f5 |
| 14-Dec-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #467 from jcastillo-arm/jc/tbb_oid
Apply new image terminology
|
| #
516beb58 |
| 03-Dec-2015 |
Juan Castillo <juan.castillo@arm.com> |
TBB: apply TBBR naming convention to certificates and extensions
This patch applies the TBBR naming convention to the certificates
and the corresponding extensions defined by the CoT:
* Certifi
TBB: apply TBBR naming convention to certificates and extensions
This patch applies the TBBR naming convention to the certificates
and the corresponding extensions defined by the CoT:
* Certificate UUID names
* Certificate identifier names
* OID names
Changes apply to:
* Generic code (variables and defines)
* The default certificate identifiers provided in the generic
code
* Build system
* ARM platforms port
* cert_create tool internal definitions
* fip_create and cert_create tools command line options
* Documentation
IMPORTANT: this change breaks the compatibility with platforms
that use TBBR. The platform will need to adapt the identifiers
and OIDs to the TBBR naming convention introduced by this patch:
Certificate UUIDs:
UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT
UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT
UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT
UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT
UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT
UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT
UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT
Certificate identifiers:
BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID
BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID
BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID
BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID
BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID
BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID
BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID
BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID
BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID
OIDs:
TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID
NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID
BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID
TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID
NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID
BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID
BL30_HASH_OID --> SCP_FW_HASH_OID
BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID
BL31_HASH_OID --> SOC_AP_FW_HASH_OID
BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID
BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID
BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID
BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID
BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID
SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID
NS_BL2U_HASH_OID --> FWU_HASH_OID
Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
show more ...
|
| #
ab5a53ef |
| 09-Dec-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #453 from yatharth-arm/yk/fwu-6
Firmware Update patch stack
|
| #
cebe1f23 |
| 21-Aug-2015 |
Yatharth Kochar <yatharth.kochar@arm.com> |
FWU: Add FWU support to `cert_create` tool
Firmware Update requires an X509v3 certificate which contains
hashes for SCP_BL2U, BL2U and NS_BL2U images as extensions.
This patch extends the Chain of
FWU: Add FWU support to `cert_create` tool
Firmware Update requires an X509v3 certificate which contains
hashes for SCP_BL2U, BL2U and NS_BL2U images as extensions.
This patch extends the Chain of Trust definition in the
'cert_create' tool to include the Firmware Update certificate
and the required extensions (including command line options).
A new field in the extension structure will be used to indicate
that the extension is optional. In the case of an image hash
extension, this field will tell the tool that the hash should
be included in the certificate, but filled with zeros.
Change-Id: I1f77a66b018826b71745910771f38d9cf6050388
show more ...
|
| #
3747e291 |
| 04-Aug-2015 |
danh-arm <dan.handley@arm.com> |
Merge pull request #349 from jcastillo-arm/jc/tbb_cert_opt
TBB: rework cert_create tool to follow a data driven approach
|
| #
55e291a4 |
| 12-Jun-2015 |
Juan Castillo <juan.castillo@arm.com> |
TBB: rework cert_create tool to follow a data driven approach
This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates
TBB: rework cert_create tool to follow a data driven approach
This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates,
keys and extensions defined in the CoT, register them using the
appropiate macros and the tool will take care of creating the
certificates corresponding to the CoT specified.
Change-Id: I29950b39343c3e1b71718fce0e77dcf2a9a0be2f
show more ...
|