195cfd4adSJuan Castillo# 2*02552d45Slaurenw-arm# Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. 395cfd4adSJuan Castillo# 482cb2c1aSdp-arm# SPDX-License-Identifier: BSD-3-Clause 595cfd4adSJuan Castillo# 695cfd4adSJuan Castillo 71a0a3f06SYatharth KocharPLAT_BL_COMMON_SOURCES += drivers/arm/pl011/${ARCH}/pl011_console.S \ 81a0a3f06SYatharth Kochar plat/arm/board/common/${ARCH}/board_arm_helpers.S 995cfd4adSJuan Castillo 10aa7877c4SAntonio Nino DiazBL1_SOURCES += drivers/cfi/v2m/v2m_flash.c 1195cfd4adSJuan Castillo 12aa7877c4SAntonio Nino DiazBL2_SOURCES += drivers/cfi/v2m/v2m_flash.c 1395cfd4adSJuan Castillo 1495cfd4adSJuan Castilloifneq (${TRUSTED_BOARD_BOOT},0) 1595302e4bSlaurenw-armARM_ROTPK_S = plat/arm/board/common/rotpk/arm_dev_rotpk.S 16f143cafeSSoby Mathewifneq (${ARM_CRYPTOCELL_INTEG}, 1) 1795cfd4adSJuan Castillo# ROTPK hash location 1895cfd4adSJuan Castilloifeq (${ARM_ROTPK_LOCATION}, regs) 1995cfd4adSJuan Castillo ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID 2095cfd4adSJuan Castilloelse ifeq (${ARM_ROTPK_LOCATION}, devel_rsa) 21698e231dSMax Shvetsov CRYPTO_ALG=rsa 2295cfd4adSJuan Castillo ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID 23a6ffddecSMax Shvetsov ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin 24a6ffddecSMax Shvetsov$(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"')) 25a6ffddecSMax Shvetsov$(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK_HASH) 26a6ffddecSMax Shvetsov$(warning Development keys support for FVP is deprecated. Use `regs` \ 27a6ffddecSMax Shvetsovoption instead) 289db9c65aSQixiang Xuelse ifeq (${ARM_ROTPK_LOCATION}, devel_ecdsa) 29698e231dSMax Shvetsov CRYPTO_ALG=ec 309db9c65aSQixiang Xu ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_ECDSA_ID 31a6ffddecSMax Shvetsov ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin 32a6ffddecSMax Shvetsov$(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"')) 33a6ffddecSMax Shvetsov$(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK_HASH) 34a6ffddecSMax Shvetsov$(warning Development keys support for FVP is deprecated. Use `regs` \ 35a6ffddecSMax Shvetsovoption instead) 365f899286Slaurenw-armelse ifeq (${ARM_ROTPK_LOCATION}, devel_full_dev_rsa_key) 375f899286Slaurenw-arm CRYPTO_ALG=rsa 385f899286Slaurenw-arm ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_FULL_DEV_RSA_KEY_ID 395f899286Slaurenw-arm ARM_ROTPK_S = plat/arm/board/common/rotpk/arm_full_dev_rsa_rotpk.S 405f899286Slaurenw-arm$(warning Development keys support for FVP is deprecated. Use `regs` \ 415f899286Slaurenw-armoption instead) 4295cfd4adSJuan Castilloelse 4395cfd4adSJuan Castillo$(error "Unsupported ARM_ROTPK_LOCATION value") 4495cfd4adSJuan Castilloendif 45a6ffddecSMax Shvetsov 4695cfd4adSJuan Castillo$(eval $(call add_define,ARM_ROTPK_LOCATION_ID)) 4795cfd4adSJuan Castillo 48f2423792Slaurenw-armifeq (${ENABLE_RME}, 1) 49f2423792Slaurenw-armCOT := cca 50f2423792Slaurenw-armendif 51f2423792Slaurenw-arm 52a6ffddecSMax Shvetsov# Force generation of the new hash if ROT_KEY is specified 53a6ffddecSMax Shvetsovifdef ROT_KEY 54a6ffddecSMax Shvetsov HASH_PREREQUISITES = $(ROT_KEY) FORCE 55a6ffddecSMax Shvetsovelse 56a6ffddecSMax Shvetsov HASH_PREREQUISITES = $(ROT_KEY) 57a6ffddecSMax Shvetsovendif 58a6ffddecSMax Shvetsov 59a6ffddecSMax Shvetsov$(ARM_ROTPK_HASH) : $(HASH_PREREQUISITES) 60a6ffddecSMax Shvetsovifndef ROT_KEY 61a6ffddecSMax Shvetsov $(error Cannot generate hash: no ROT_KEY defined) 62a6ffddecSMax Shvetsovendif 63e95abc4cSSalome Thirot ${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | \ 64e95abc4cSSalome Thirot ${OPENSSL_BIN_PATH}/openssl dgst -sha256 -binary > $@ 65a6ffddecSMax Shvetsov 6648279d52SJuan Castillo# Certificate NV-Counters. Use values corresponding to tied off values in 6748279d52SJuan Castillo# ARM development platforms 6848279d52SJuan CastilloTFW_NVCTR_VAL ?= 31 6948279d52SJuan CastilloNTFW_NVCTR_VAL ?= 223 70*02552d45Slaurenw-arm# The CCA Non-Volatile Counter only exists on some Arm development platforms. 71*02552d45Slaurenw-arm# On others, we mock it by aliasing it to the Trusted Firmware Non-Volatile counter, 72*02552d45Slaurenw-arm# hence we set both counters to the same default value. 73*02552d45Slaurenw-armCCAFW_NVCTR_VAL ?= 31 74f143cafeSSoby Mathewelse 75f143cafeSSoby Mathew# Certificate NV-Counters when CryptoCell is integrated. For development 76f143cafeSSoby Mathew# platforms we set the counter to first valid value. 77f143cafeSSoby MathewTFW_NVCTR_VAL ?= 0 78f143cafeSSoby MathewNTFW_NVCTR_VAL ?= 0 79*02552d45Slaurenw-armCCAFW_NVCTR_VAL ?= 0 80f143cafeSSoby Mathewendif 81a6ffddecSMax ShvetsovBL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \ 825f899286Slaurenw-arm ${ARM_ROTPK_S} 83a6ffddecSMax ShvetsovBL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \ 845f899286Slaurenw-arm ${ARM_ROTPK_S} 85a6ffddecSMax Shvetsov 861035a706SSandrine Bailleux# Allows platform code to provide implementation variants depending on the 871035a706SSandrine Bailleux# selected chain of trust. 881035a706SSandrine Bailleux$(eval $(call add_define,ARM_COT_${COT})) 891035a706SSandrine Bailleux 901035a706SSandrine Bailleuxifeq (${COT},dualroot) 911035a706SSandrine Bailleux# Platform Root of Trust key files. 921035a706SSandrine BailleuxARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem 931035a706SSandrine BailleuxARM_PROTPK_HASH := plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin 941035a706SSandrine Bailleux 951035a706SSandrine Bailleux# Provide the private key to cert_create tool. It needs it to sign the images. 961035a706SSandrine BailleuxPROT_KEY := ${ARM_PROT_KEY} 971035a706SSandrine Bailleux 981035a706SSandrine Bailleux$(eval $(call add_define_val,ARM_PROTPK_HASH,'"$(ARM_PROTPK_HASH)"')) 991035a706SSandrine Bailleux 1001035a706SSandrine BailleuxBL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S 1011035a706SSandrine BailleuxBL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S 1021035a706SSandrine Bailleux 1031035a706SSandrine Bailleux$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 1041035a706SSandrine Bailleux$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 1051035a706SSandrine Bailleuxendif 1061035a706SSandrine Bailleux 107f2423792Slaurenw-armifeq (${COT},cca) 108f2423792Slaurenw-arm# Platform and Secure World Root of Trust key files. 109f2423792Slaurenw-armARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem 110f2423792Slaurenw-armARM_PROTPK_HASH := plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin 111f2423792Slaurenw-armARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem 112f2423792Slaurenw-armARM_SWD_ROTPK_HASH := plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin 113f2423792Slaurenw-arm 114f2423792Slaurenw-arm# Provide the private keys to cert_create tool. It needs them to sign the images. 115f2423792Slaurenw-armPROT_KEY := ${ARM_PROT_KEY} 116f2423792Slaurenw-armSWD_ROT_KEY := ${ARM_SWD_ROT_KEY} 117f2423792Slaurenw-arm 118f2423792Slaurenw-arm$(eval $(call add_define_val,ARM_PROTPK_HASH,'"$(ARM_PROTPK_HASH)"')) 119f2423792Slaurenw-arm$(eval $(call add_define_val,ARM_SWD_ROTPK_HASH,'"$(ARM_SWD_ROTPK_HASH)"')) 120f2423792Slaurenw-arm 121f2423792Slaurenw-armBL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \ 122f2423792Slaurenw-arm plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S 123f2423792Slaurenw-armBL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \ 124f2423792Slaurenw-arm plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S 125f2423792Slaurenw-arm 126f2423792Slaurenw-arm$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 127f2423792Slaurenw-arm$(BUILD_PLAT)/bl1/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH) 128f2423792Slaurenw-arm$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 129f2423792Slaurenw-arm$(BUILD_PLAT)/bl2/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH) 130f2423792Slaurenw-armendif 131f2423792Slaurenw-arm 13295cfd4adSJuan Castilloendif 133