Merge changes from topic "sb/measured-boot" into integration

* changes:
  refactor(plat/fvp): tidy up list of images to measure
  docs: explain Measured Boot dependency on Trusted Boot

Makefile

@@ -735,6 +735,9 @@ ifeq ($(CTX_INCLUDE_MTE_REGS),1)
     endif
 endif
 
+# Trusted Boot is a prerequisite for Measured Boot. It provides trust that the
+# code taking the measurements and recording them has not been tampered
+# with. This is referred to as the Root of Trust for Measurement.
 ifeq ($(MEASURED_BOOT),1)
     ifneq (${TRUSTED_BOARD_BOOT},1)
         $(error MEASURED_BOOT requires TRUSTED_BOARD_BOOT=1)

docs/getting_started/build-options.rst

@@ -469,7 +469,10 @@ Common build options
    the build. The default value is 40 in debug builds and 20 in release builds.
 
 -  ``MEASURED_BOOT``: Boolean flag to include support for the Measured Boot
-   feature. If this flag is enabled ``TRUSTED_BOARD_BOOT`` must be set.
+   feature. If this flag is enabled ``TRUSTED_BOARD_BOOT`` must be set as well
+   in order to provide trust that the code taking the measurements and recording
+   them has not been tampered with.
+
    This option defaults to 0 and is an experimental feature in the stage of
    development.
 

plat/arm/board/fvp/fvp_measured_boot.c

@@ -15,12 +15,10 @@ static const image_data_t fvp_images_data[] = {
 	{ BL32_EXTRA1_IMAGE_ID, BL32_EXTRA1_IMAGE_STRING, PCR_0 },
 	{ BL32_EXTRA2_IMAGE_ID, BL32_EXTRA2_IMAGE_STRING, PCR_0 },
 	{ BL33_IMAGE_ID, BL33_STRING, PCR_0 },
-	{ GPT_IMAGE_ID, GPT_IMAGE_STRING, PCR_0 },
 	{ HW_CONFIG_ID, HW_CONFIG_STRING, PCR_0 },
 	{ NT_FW_CONFIG_ID, NT_FW_CONFIG_STRING, PCR_0 },
 	{ SCP_BL2_IMAGE_ID, SCP_BL2_IMAGE_STRING, PCR_0 },
 	{ SOC_FW_CONFIG_ID, SOC_FW_CONFIG_STRING, PCR_0 },
-	{ STM32_IMAGE_ID, STM32_IMAGE_STRING, PCR_0 },
 	{ TOS_FW_CONFIG_ID, TOS_FW_CONFIG_STRING, PCR_0 },
 	{ INVALID_ID, NULL, (unsigned int)(-1) }	/* Terminator */
 };