diff --git a/Makefile b/Makefile index b7116a7ea..17630fbf3 100644 --- a/Makefile +++ b/Makefile @@ -401,6 +401,16 @@ ifeq ($(FAULT_INJECTION_SUPPORT),1) endif endif +# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1 and LOAD_IMAGE_V2=1 +ifeq ($(DYN_DISABLE_AUTH), 1) + ifeq (${TRUSTED_BOARD_BOOT}, 0) + $(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH to be set.") + endif + ifeq (${LOAD_IMAGE_V2}, 0) + $(error "DYN_DISABLE_AUTH is only supported for LOAD_IMAGE_V2.") + endif +endif + ################################################################################ # Process platform overrideable behaviour ################################################################################ @@ -517,6 +527,7 @@ $(eval $(call assert_boolean,CTX_INCLUDE_AARCH32_REGS)) $(eval $(call assert_boolean,CTX_INCLUDE_FPREGS)) $(eval $(call assert_boolean,DEBUG)) $(eval $(call assert_boolean,DISABLE_PEDANTIC)) +$(eval $(call assert_boolean,DYN_DISABLE_AUTH)) $(eval $(call assert_boolean,EL3_EXCEPTION_HANDLING)) $(eval $(call assert_boolean,ENABLE_AMU)) $(eval $(call assert_boolean,ENABLE_ASSERTIONS)) @@ -620,6 +631,11 @@ else $(eval $(call add_define,AARCH64)) endif +# Define the DYN_DISABLE_AUTH flag only if set. +ifeq (${DYN_DISABLE_AUTH},1) +$(eval $(call add_define,DYN_DISABLE_AUTH)) +endif + ################################################################################ # Build targets ################################################################################ diff --git a/common/bl_common.c b/common/bl_common.c index b0d1bfa75..6b979f64a 100644 --- a/common/bl_common.c +++ b/common/bl_common.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2018, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -17,6 +17,35 @@ #include #include +#if TRUSTED_BOARD_BOOT +# ifdef DYN_DISABLE_AUTH +static int disable_auth; + +/****************************************************************************** + * API to dynamically disable authentication. Only meant for development + * systems. This is only invoked if DYN_DISABLE_AUTH is defined. This + * capability is restricted to LOAD_IMAGE_V2. + *****************************************************************************/ +void dyn_disable_auth(void) +{ + INFO("Disabling authentication of images dynamically\n"); + disable_auth = 1; +} +# endif /* DYN_DISABLE_AUTH */ + +/****************************************************************************** + * Function to determine whether the authentication is disabled dynamically. + *****************************************************************************/ +static int dyn_is_auth_disabled(void) +{ +# ifdef DYN_DISABLE_AUTH + return disable_auth; +# else + return 0; +# endif +} +#endif /* TRUSTED_BOARD_BOOT */ + uintptr_t page_align(uintptr_t value, unsigned dir) { /* Round up the limit to the next page boundary */ @@ -287,14 +316,16 @@ static int load_auth_image_internal(unsigned int image_id, int rc; #if TRUSTED_BOARD_BOOT - unsigned int parent_id; + if (dyn_is_auth_disabled() == 0) { + unsigned int parent_id; - /* Use recursion to authenticate parent images */ - rc = auth_mod_get_parent_id(image_id, &parent_id); - if (rc == 0) { - rc = load_auth_image_internal(parent_id, image_data, 1); - if (rc != 0) { - return rc; + /* Use recursion to authenticate parent images */ + rc = auth_mod_get_parent_id(image_id, &parent_id); + if (rc == 0) { + rc = load_auth_image_internal(parent_id, image_data, 1); + if (rc != 0) { + return rc; + } } } #endif /* TRUSTED_BOARD_BOOT */ @@ -306,17 +337,19 @@ static int load_auth_image_internal(unsigned int image_id, } #if TRUSTED_BOARD_BOOT - /* Authenticate it */ - rc = auth_mod_verify_img(image_id, - (void *)image_data->image_base, - image_data->image_size); - if (rc != 0) { - /* Authentication error, zero memory and flush it right away. */ - zero_normalmem((void *)image_data->image_base, - image_data->image_size); - flush_dcache_range(image_data->image_base, - image_data->image_size); - return -EAUTH; + if (dyn_is_auth_disabled() == 0) { + /* Authenticate it */ + rc = auth_mod_verify_img(image_id, + (void *)image_data->image_base, + image_data->image_size); + if (rc != 0) { + /* Authentication error, zero memory and flush it right away. */ + zero_normalmem((void *)image_data->image_base, + image_data->image_size); + flush_dcache_range(image_data->image_base, + image_data->image_size); + return -EAUTH; + } } #endif /* TRUSTED_BOARD_BOOT */ diff --git a/docs/user-guide.rst b/docs/user-guide.rst index 069ad113c..fbe258fdf 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -323,6 +323,11 @@ Common build options - ``DEBUG``: Chooses between a debug and release build. It can take either 0 (release) or 1 (debug) as values. 0 is the default. +- ``DYN_DISABLE_AUTH``: Enables the capability to disable Trusted Board Boot + authentication. This option is only meant to be enabled for development + platforms. Both TRUSTED_BOARD_BOOT and the LOAD_IMAGE_V2 flags need to be + set if this flag has to be enabled. 0 is the default. + - ``EL3_PAYLOAD_BASE``: This option enables booting an EL3 payload instead of the normal boot flow. It must specify the entry point address of the EL3 payload. Please refer to the "Booting an EL3 payload" section for more diff --git a/include/common/bl_common.h b/include/common/bl_common.h index 09a394dd1..c7c748729 100644 --- a/include/common/bl_common.h +++ b/include/common/bl_common.h @@ -233,6 +233,14 @@ void reserve_mem(uintptr_t *free_base, size_t *free_size, #endif /* LOAD_IMAGE_V2 */ +#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH) +/* + * API to dynamically disable authentication. Only meant for development + * systems. + */ +void dyn_disable_auth(void); +#endif + extern const char build_message[]; extern const char version_string[]; diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 4bbff0345..cea853381 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -58,6 +58,10 @@ DEBUG := 0 # Build platform DEFAULT_PLAT := fvp +# Enable capability to disable authentication dynamically. Only meant for +# development platforms. +DYN_DISABLE_AUTH := 0 + # Flag to enable Performance Measurement Framework ENABLE_PMF := 0