andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Introduce COT build option 

Allows to select the chain of trust to use when the Trusted Boot feature
is enabled. This affects both the cert_create tool and the firmware
itself.

Right now, the only available CoT is TBBR.

Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
This commit is contained in:
Sandrine Bailleux 2020-01-15 10:23:25 +01:00
parent 067f7e9c52
commit 3bff910dc1
4 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -1009,7 +1009,7 @@ certtool: ${CRTTOOL}
.PHONY: ${CRTTOOL} .PHONY: ${CRTTOOL}
${CRTTOOL}: ${CRTTOOL}:
${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} COT=${COT} --no-print-directory -C ${CRTTOOLPATH}
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@echo "Built $@ successfully" @echo "Built $@ successfully"
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}

3
docs/getting_started/build-options.rst
View File

@ -128,6 +128,9 @@ Common build options
``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need ``plat_secondary_cold_boot_setup()`` platform porting interfaces do not need
to be implemented in this case. to be implemented in this case.
- ``COT``: When Trusted Boot is enabled, selects the desired chain of trust.
Defaults to ``tbbr``.
- ``CRASH_REPORTING``: A non-zero value enables a console dump of processor - ``CRASH_REPORTING``: A non-zero value enables a console dump of processor
register state when an unexpected exception occurs during execution of register state when an unexpected exception occurs during execution of
BL31. This option defaults to the value of ``DEBUG`` - i.e. by default BL31. This option defaults to the value of ``DEBUG`` - i.e. by default

5
make_helpers/defaults.mk
View File

@ -1,5 +1,5 @@
# #
# Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
@ -201,6 +201,9 @@ USE_DEBUGFS := 0
# Build option to choose whether Trusted Firmware uses library at ROM # Build option to choose whether Trusted Firmware uses library at ROM
USE_ROMLIB := 0 USE_ROMLIB := 0
# Chain of trust.
COT := tbbr
# Use tbbr_oid.h instead of platform_oid.h # Use tbbr_oid.h instead of platform_oid.h
USE_TBBR_DEFS := 1 USE_TBBR_DEFS := 1

10
plat/arm/common/arm_common.mk
View File

@ -1,5 +1,5 @@
# #
# Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved. # Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
# #
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
# #
@ -254,7 +254,13 @@ ifneq (${TRUSTED_BOARD_BOOT},0)
AUTH_SOURCES := drivers/auth/auth_mod.c \ AUTH_SOURCES := drivers/auth/auth_mod.c \
drivers/auth/crypto_mod.c \ drivers/auth/crypto_mod.c \
drivers/auth/img_parser_mod.c \ drivers/auth/img_parser_mod.c \
drivers/auth/tbbr/tbbr_cot.c \
# Include the selected chain of trust sources.
ifeq (${COT},tbbr)
AUTH_SOURCES += drivers/auth/tbbr/tbbr_cot.c
else
$(error Unknown chain of trust ${COT})
endif
BL1_SOURCES += ${AUTH_SOURCES} \ BL1_SOURCES += ${AUTH_SOURCES} \
bl1/tbbr/tbbr_img_desc.c \ bl1/tbbr/tbbr_img_desc.c \