diff --git a/.gitignore b/.gitignore index 2f9c89d38..4ece189ab 100644 --- a/.gitignore +++ b/.gitignore @@ -19,10 +19,6 @@ tools/cert_create/src/**/*.o tools/cert_create/cert_create tools/cert_create/cert_create.exe -# Ignore header files copied. -tools/fiptool/firmware_image_package.h -tools/fiptool/uuid.h - # GNU GLOBAL files GPATH GRTAGS diff --git a/Makefile b/Makefile index ddf875616..d9a29bd65 100644 --- a/Makefile +++ b/Makefile @@ -179,7 +179,8 @@ INCLUDES += -Iinclude/bl1 \ -Iinclude/plat/common \ -Iinclude/services \ ${PLAT_INCLUDES} \ - ${SPD_INCLUDES} + ${SPD_INCLUDES} \ + -Iinclude/tools_share ################################################################################ @@ -442,6 +443,7 @@ $(eval $(call assert_boolean,SEPARATE_CODE_AND_RODATA)) $(eval $(call assert_boolean,SPIN_ON_BL1_EXIT)) $(eval $(call assert_boolean,TRUSTED_BOARD_BOOT)) $(eval $(call assert_boolean,USE_COHERENT_MEM)) +$(eval $(call assert_boolean,USE_TBBR_DEFS)) $(eval $(call assert_boolean,WARMBOOT_ENABLE_DCACHE_EARLY)) $(eval $(call assert_numeric,ARM_ARCH_MAJOR)) @@ -480,6 +482,7 @@ $(eval $(call add_define,SPD_${SPD})) $(eval $(call add_define,SPIN_ON_BL1_EXIT)) $(eval $(call add_define,TRUSTED_BOARD_BOOT)) $(eval $(call add_define,USE_COHERENT_MEM)) +$(eval $(call add_define,USE_TBBR_DEFS)) $(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY)) # Define the EL3_PAYLOAD_BASE flag only if it is provided. @@ -603,7 +606,7 @@ certtool: ${CRTTOOL} .PHONY: ${CRTTOOL} ${CRTTOOL}: - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} + ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} @${ECHO_BLANK_LINE} @echo "Built $@ successfully" @${ECHO_BLANK_LINE} diff --git a/docs/user-guide.md b/docs/user-guide.md index 2379298ea..85ece9305 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -914,7 +914,11 @@ section), but it can also be built separately with the following command: make PLAT= [DEBUG=1] [V=1] certtool -Specifying the platform is mandatory since the tool is platform specific. +For platforms that do not require their own IDs in certificate files, +the generic 'cert_create' tool can be built with the following command: + + make USE_TBBR_DEFS=1 [DEBUG=1] [V=1] certtool + `DEBUG=1` builds the tool in debug mode. `V=1` makes the build process more verbose. The following command should be used to obtain help about the tool: diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 8b6ca23b7..e88c7c26d 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -1,12 +1,16 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include #include +#if USE_TBBR_DEFS +#include +#else #include +#endif #include /* diff --git a/include/common/firmware_image_package.h b/include/tools_share/firmware_image_package.h similarity index 100% rename from include/common/firmware_image_package.h rename to include/tools_share/firmware_image_package.h diff --git a/include/plat/arm/board/common/board_arm_oid.h b/include/tools_share/tbbr_oid.h similarity index 90% rename from include/plat/arm/board/common/board_arm_oid.h rename to include/tools_share/tbbr_oid.h index fc6cd7925..7a3408782 100644 --- a/include/plat/arm/board/common/board_arm_oid.h +++ b/include/tools_share/tbbr_oid.h @@ -1,21 +1,17 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ -#ifndef __BOARD_ARM_OID_H__ -#define __BOARD_ARM_OID_H__ +#ifndef __TBBR_OID_H__ +#define __TBBR_OID_H__ /* * The following is a list of OID values defined and reserved by ARM, which * are used to define the extension fields of the certificate structure, as * defined in the Trusted Board Boot Requirements (TBBR) specification, * ARM DEN0006C-1. - * - * Non-ARM platform owners that wish to align with the TBBR should define - * constants with the same name in their own platform port(s), using their - * own OIDs obtained from the ITU-T. */ @@ -140,4 +136,4 @@ /* NonTrustedWorldBootloaderHash - BL33 */ #define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID "1.3.6.1.4.1.4128.2100.1201" -#endif /* __BOARD_ARM_OID_H__ */ +#endif /* __TBBR_OID_H__ */ diff --git a/include/lib/stdlib/sys/uuid.h b/include/tools_share/uuid.h similarity index 100% rename from include/lib/stdlib/sys/uuid.h rename to include/tools_share/uuid.h diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk index 36f220e08..34d82c9a3 100644 --- a/make_helpers/build_macros.mk +++ b/make_helpers/build_macros.mk @@ -54,7 +54,7 @@ endef # Convenience function for verifying option has a boolean value # $(eval $(call assert_boolean,FOO)) will assert FOO is 0 or 1 define assert_boolean - $(and $(patsubst 0,,$(value $(1))),$(patsubst 1,,$(value $(1))),$(error $(1) must be boolean)) + $(if $(filter-out 0 1,$($1)),$(error $1 must be boolean)) endef 0-9 := 0 1 2 3 4 5 6 7 8 9 diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 18c41e052..a31e59c0f 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -128,6 +128,9 @@ TRUSTED_BOARD_BOOT := 0 # Build option to choose whether Trusted firmware uses Coherent memory or not. USE_COHERENT_MEM := 1 +# Use tbbr_oid.h instead of platform_oid.h +USE_TBBR_DEFS = $(ERROR_DEPRECATED) + # Build verbosity V := 0 diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index eb1dc8c2d..391ae45cd 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,9 +7,9 @@ #include #include #include -#include #include #include +#include /* Weak definition may be overridden in specific platform */ #pragma weak plat_match_rotpk diff --git a/plat/arm/board/fvp/fvp_trusted_boot.c b/plat/arm/board/fvp/fvp_trusted_boot.c index 51d30830c..d1e8b9f57 100644 --- a/plat/arm/board/fvp/fvp_trusted_boot.c +++ b/plat/arm/board/fvp/fvp_trusted_boot.c @@ -1,13 +1,14 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include -#include #include #include +#include + #include "fvp_def.h" /* diff --git a/plat/arm/board/fvp/include/platform_oid.h b/plat/arm/board/fvp/include/platform_oid.h deleted file mode 100644 index 5ef1580b5..000000000 --- a/plat/arm/board/fvp/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/board/juno/include/platform_oid.h b/plat/arm/board/juno/include/platform_oid.h deleted file mode 100644 index 5ef1580b5..000000000 --- a/plat/arm/board/juno/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk index 58fc94ec6..3c207698b 100644 --- a/plat/arm/common/arm_common.mk +++ b/plat/arm/common/arm_common.mk @@ -87,6 +87,9 @@ SEPARATE_CODE_AND_RODATA := 1 # Enable new version of image loading on ARM platforms LOAD_IMAGE_V2 := 1 +# Use generic OID definition (tbbr_oid.h) +USE_TBBR_DEFS := 1 + PLAT_INCLUDES += -Iinclude/common/tbbr \ -Iinclude/plat/arm/common diff --git a/plat/common/tbbr/plat_tbbr.c b/plat/common/tbbr/plat_tbbr.c index 4aa9457dc..f5a4f315c 100644 --- a/plat/common/tbbr/plat_tbbr.c +++ b/plat/common/tbbr/plat_tbbr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,7 +7,11 @@ #include #include #include +#if USE_TBBR_DEFS +#include +#else #include +#endif #include /* diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile index 989a8e4dc..8a216495b 100644 --- a/tools/cert_create/Makefile +++ b/tools/cert_create/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -27,6 +27,13 @@ MAKE_HELPERS_DIRECTORY := ../../make_helpers/ include ${MAKE_HELPERS_DIRECTORY}build_macros.mk include ${MAKE_HELPERS_DIRECTORY}build_env.mk +ifeq (${USE_TBBR_DEFS},1) +# In this case, cert_tool is platform-independent +PLAT_MSG := TBBR Generic +PLAT_INCLUDE := ../../include/tools_share +else +PLAT_MSG := ${PLAT} + PLATFORM_ROOT := ../../plat/ include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk @@ -35,6 +42,7 @@ PLAT_INCLUDE := $(wildcard ${PLAT_DIR}include) ifeq ($(PLAT_INCLUDE),) $(error "Error: Invalid platform '${PLAT}' has no include directory.") endif +endif ifeq (${DEBUG},1) CFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40 @@ -47,6 +55,9 @@ else Q := endif +$(eval $(call add_define,USE_TBBR_DEFS)) +CFLAGS += ${DEFINES} + # Make soft links and include from local directory otherwise wrong headers # could get pulled in from firmware tree. INC_DIR := -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include @@ -62,7 +73,7 @@ all: clean ${BINARY} ${BINARY}: ${OBJECTS} Makefile @echo " LD $@" @echo 'const char build_msg[] = "Built : "__TIME__", "__DATE__; \ - const char platform_msg[] = "${PLAT}";' | \ + const char platform_msg[] = "${PLAT_MSG}";' | \ ${CC} -c ${CFLAGS} -xc - -o src/build_msg.o ${Q}${CC} src/build_msg.o ${OBJECTS} ${LIB_DIR} ${LIB} -o $@ diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c index 62ff2555b..80ccfe931 100644 --- a/tools/cert_create/src/cert.c +++ b/tools/cert_create/src/cert.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,11 +14,16 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define SERIAL_RAND_BITS 64 diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c index a118fbbb8..c1bde5dea 100644 --- a/tools/cert_create/src/key.c +++ b/tools/cert_create/src/key.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -13,11 +13,16 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define MAX_FILENAME_LEN 1024 diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index e0f331c21..99236370c 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -18,12 +18,17 @@ #include #include +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "ext.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_cert.h" diff --git a/tools/cert_create/src/tbbr/tbb_ext.c b/tools/cert_create/src/tbbr/tbb_ext.c index 11d779b09..d9a8ea265 100644 --- a/tools/cert_create/src/tbbr/tbb_ext.c +++ b/tools/cert_create/src/tbbr/tbb_ext.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -8,8 +8,14 @@ #include #include #include + +#if USE_TBBR_DEFS +#include +#else +#include +#endif + #include "ext.h" -#include "platform_oid.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_key.h" diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile index 0a46ad7c6..29eac2a79 100644 --- a/tools/fiptool/Makefile +++ b/tools/fiptool/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -11,7 +11,6 @@ include ${MAKE_HELPERS_DIRECTORY}build_env.mk PROJECT := fiptool${BIN_EXT} OBJECTS := fiptool.o tbbr_config.o V := 0 -COPIED_H_FILES := uuid.h firmware_image_package.h override CPPFLAGS += -D_GNU_SOURCE -D_XOPEN_SOURCE=700 CFLAGS := -Wall -Werror -pedantic -std=c99 @@ -28,8 +27,7 @@ else Q := endif -# Only include from local directory (see comment below). -INCLUDE_PATHS := -I. +INCLUDE_PATHS := -I. -I../../include/tools_share CC := gcc @@ -48,24 +46,9 @@ fip_create: fip_create.sh ${Q}mkdir -p ../fip_create ${Q}install -m 755 fip_create.sh ../fip_create/fip_create -%.o: %.c %.h ${COPIED_H_FILES} Makefile +%.o: %.c %.h Makefile @echo " CC $<" ${Q}${CC} -c ${CPPFLAGS} ${CFLAGS} ${INCLUDE_PATHS} $< -o $@ -# -# Copy required library headers to a local directory so they can be included -# by this project without adding the library directories to the system include -# path. This avoids conflicts with definitions in the compiler standard -# include path. -# -uuid.h : ../../include/lib/stdlib/sys/uuid.h - $(call SHELL_COPY,$<,$@) - -firmware_image_package.h : ../../include/common/firmware_image_package.h - $(call SHELL_COPY,$<,$@) - clean: $(call SHELL_DELETE_ALL, ${PROJECT} ${OBJECTS} fip_create) - -distclean: clean - $(call SHELL_DELETE_ALL, ${COPIED_H_FILES}) diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c index 7bfd2720e..4d80f2f16 100644 --- a/tools/fiptool/fiptool.c +++ b/tools/fiptool/fiptool.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -20,8 +20,9 @@ #include +#include + #include "fiptool.h" -#include "firmware_image_package.h" #include "tbbr_config.h" #define OPT_TOC_ENTRY 0 diff --git a/tools/fiptool/fiptool.h b/tools/fiptool/fiptool.h index 81453e0d0..4b5cdd91f 100644 --- a/tools/fiptool/fiptool.h +++ b/tools/fiptool/fiptool.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -10,8 +10,8 @@ #include #include -#include "firmware_image_package.h" -#include "uuid.h" +#include +#include #define NELEM(x) (sizeof (x) / sizeof *(x)) diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c index 466208329..7c6c24be4 100644 --- a/tools/fiptool/tbbr_config.c +++ b/tools/fiptool/tbbr_config.c @@ -1,12 +1,13 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include -#include "firmware_image_package.h" +#include + #include "tbbr_config.h" /* The images used depends on the platform. */ diff --git a/tools/fiptool/tbbr_config.h b/tools/fiptool/tbbr_config.h index a5155c8b1..bad757db5 100644 --- a/tools/fiptool/tbbr_config.h +++ b/tools/fiptool/tbbr_config.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,7 +9,7 @@ #include -#include "uuid.h" +#include /* TODO: Update this number as required */ #define TOC_HEADER_SERIAL_NUMBER 0x12345678