Introduce COT build option

Allows to select the chain of trust to use when the Trusted Boot feature is enabled. This affects both the cert_create tool and the firmware itself. Right now, the only available CoT is TBBR. Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2020-01-15 10:23:25 +01:00 · 2020-01-15 10:23:25 +01:00 · 3bff910dc1
parent 067f7e9c52
commit 3bff910dc1
4 changed files with 16 additions and 4 deletions
--- a/2
+++ b/2
@ -1009,7 +1009,7 @@ certtool: ${CRTTOOL}

 .PHONY: ${CRTTOOL}
 ${CRTTOOL}:
-	${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH}
+	${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} --no-print-directory -C ${CRTTOOLPATH}
 	@${ECHO_BLANK_LINE}
 	@echo "Built $@ successfully"
 	@${ECHO_BLANK_LINE}
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@ -128,6 +128,9 @@ Common build options
   ``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
   to be implemented in this case.

+-  ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
+   Defaults to ``tbbr``.
+
 -  ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
   register state when an unexpected exception occurs during execution of
   BL31. This option defaults to the value of ``DEBUG`` - i.e. by default
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@ -201,6 +201,9 @@ USE_DEBUGFS			:= 0
 # Build option to choose whether Trusted Firmware uses library at ROM
 USE_ROMLIB			:= 0

+# Chain of trust.
+COT				:= tbbr
+
 # Use tbbr_oid.h instead of platform_oid.h
 USE_TBBR_DEFS			:= 1

--- a/plat/arm/common/arm_common.mk
+++ b/plat/arm/common/arm_common.mk
@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@ -254,7 +254,13 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
    AUTH_SOURCES	:=	drivers/auth/auth_mod.c				\
 				drivers/auth/crypto_mod.c			\
 				drivers/auth/img_parser_mod.c			\
-				drivers/auth/tbbr/tbbr_cot.c			\
+
+    # Include the selected chain of trust sources.
+    ifeq (${COT},tbbr)
+        AUTH_SOURCES	+=	drivers/auth/tbbr/tbbr_cot.c
+    else
+        $(error Unknown chain of trust ${COT})
+    endif

    BL1_SOURCES		+=	${AUTH_SOURCES}					\
 				bl1/tbbr/tbbr_img_desc.c			\