github
/
arm-trusted-firmware
mirror of https://github.com/ARM-software/arm-trusted-firmware.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

feat(fvp): build delegated attestation in BL31 

Right now, the delegated attestation module is not used in TF-A. This
means it's not even getting built and so the CI system cannot detect
build regressions.

Eventually, delegated attestation will be involved in a new runtime
service exposed by BL31 to lower exception levels. We are not there
yet but let's already include it into BL31 image, so we get build
coverage and static analysis on the code. Note that we make sure to
cover both PLAT_RSS_NOT_SUPPORTED=0 and PLAT_RSS_NOT_SUPPORTED=1
configurations.

Delegated attestation is currently made dependent on measured boot
support. This dependency is not at the source code level (attestation
code does not invoke any measured boot interfaces) but it is rather a
logical dependency: attestation without boot measurements is not very
useful...

For now, this is good enough for our purpose but the conditions under
which the attestation code is included might change in the future.

Change-Id: I616715c3dd0418a1bbf1019df3ff9acd8461e705
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
pull/1988/merge
Sandrine Bailleux 2 years ago
parent
c45d2febb9
commit
0271eddb0c
1 changed files with 8 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      plat/arm/board/fvp/platform.mk

8
plat/arm/board/fvp/platform.mk
View File

@ -392,6 +392,11 @@ BL2_SOURCES += plat/arm/board/fvp/fvp_common_measured_boot.c \
plat/arm/board/fvp/fvp_bl2_measured_boot.c \
lib/psa/measured_boot.c
# Note that attestation code does not depend on measured boot interfaces per se,
# but the two features go together - attestation without boot measurements is
# pretty much pointless...
BL31_SOURCES += lib/psa/delegated_attestation.c
PLAT_INCLUDES += -Iinclude/lib/psa
# RSS is not supported on FVP right now. Thus, we use the mocked version
@ -407,9 +412,12 @@ ifneq (${PLAT_RSS_NOT_SUPPORTED},1)
include drivers/arm/rss/rss_comms.mk
BL1_SOURCES += ${RSS_COMMS_SOURCES}
BL2_SOURCES += ${RSS_COMMS_SOURCES}
BL31_SOURCES += ${RSS_COMMS_SOURCES} \
lib/psa/delegated_attestation.c
BL1_CFLAGS += -DPLAT_RSS_COMMS_PAYLOAD_MAX_SIZE=0
BL2_CFLAGS += -DPLAT_RSS_COMMS_PAYLOAD_MAX_SIZE=0
BL31_CFLAGS += -DPLAT_RSS_COMMS_PAYLOAD_MAX_SIZE=0
endif
endif

Write Preview
Loading…
Cancel
Save