This is a small change to split up the generation of the RZ/G layout
images into unique targets. This is predominantly for cleanliness
reasons - Make current doesn't know about the `.bin` and `.srec`
binaries generated by the `.elf` target.
Change-Id: I81251ac647b85c5eec8f910ddc841a5a32b49e67
Signed-off-by: Chris Kay <chris.kay@arm.com>
This is a small change to split up the generation of the R-Car layout
images into unique targets. This is predominantly for cleanliness
reasons - Make current doesn't know about the `.bin` and `.srec`
binaries generated by the `.elf` target.
Change-Id: I624bc0c62e99cead66a6d6e25ff016aecf6b985a
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change avoids generating a build message source file on the shell,
instead using the `__DATE__` and `__TIME__` macros directly.
Change-Id: Ida537d4c3e550f2fbbd977472ed6573491d17c23
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change avoids generating a build message source file on the shell,
instead using the `__DATE__` and `__TIME__` macros directly.
Change-Id: Ieda75bbac174847c716701bce8dd10b8e9975902
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change introduces a few helper variables for dealing with verbose
and silent build modes: `silent`, `verbose`, `q` and `s`.
The `silent` and `verbose` variables are boolean values determining
whether the build system has been configured to run silently or
verbosely respectively (i.e. with `--silent` or `V=1`).
These two modes cannot be used together - if `silent` is truthy then
`verbose` is always falsy. As such:
make --silent V=1
... results in a silent build.
In addition to these boolean variables, we also introduce two new
variables - `s` and `q` - for use in rule recipes to conditionally
suppress the output of commands.
When building silently, `s` expands to a value which disables the
command that follows, and `q` expands to a value which supppresses
echoing of the command:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed but not echoed'
When building verbosely, `s` expands to a value which disables the
command that follows, and `q` expands to nothing:
$(s)echo 'This command is neither echoed nor executed'
$(q)echo 'This command is executed and echoed'
In all other cases, both `s` and `q` expand to a value which suppresses
echoing of the command that follows:
$(s)echo 'This command is executed but not echoed'
$(q)echo 'This command is executed but not echoed'
The `s` variable is predominantly useful for `echo` commands, where you
always want to suppress echoing of the command itself, whilst `q` is
more useful for all other commands.
Change-Id: I8d8ff6ed714d3cb401946c52955887ed7dca602b
Signed-off-by: Chris Kay <chris.kay@arm.com>
Generated this change-log using below command:
npm run release -- --skip.commit --skip.tag --release-as 2.11.0
Change-Id: I34c7b342549781057da1b18116500f110bc3f5ad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <JuanPablo.Conde@arm.com>
Changes all occurrences of "RSS" and "rss" in the code and build files
to "RSE" and "rse".
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I8982c203375250d6c709a26f33fb88673d69da50
OpenSSL has brainpool support only since version 1.1.0, make sure we
put a proper guardrail around it.
Change-Id: Ia2ee686904ed80699f77b1da953546ab7538ec37
Signed-off-by: Donald Chan <donachan@tesla.com>
Currently when RSA-PSS signing is invoked, a salt length of 32 bytes
is assumed. This works well when SHA-256 is the digest algorithm, but
the standard industry practice is that the salt length should follow
the digest length (e.g. 48/64 bytes for SHA-384/SHA-512).
Various cloud services' key management services (KMS) offering have
such restrictions in place, so if someone wants to integrate cert_create
against these services for signing key/content certs, they will have
problem with integration.
Furthermore, JWS (RFC7518) defined these specific combinations as valid
specs and other combinations are not supported:
- PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256
- PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
- PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512
Change-Id: Iafc7c60ccb36f4681053dbeb4147bac01b9d724d
Signed-off-by: Donald Chan <donachan@tesla.com>
When generating fiptool for STM32MP2, a new parameter is added to
put DDR firmware inside the FIP.
To avoid duplicating fiptool platform files, move
tools/fiptool/plat_fiptool/st/stm32mp1 files in their parent directory
and move plat_def_fip_uuid.h in in plat/st/common/include.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I1dd796847869e2bfb6ee8c2bcef25c595fa5197a
When configuring GNU GCC as the C compiler, we usually use the GNU BFD
linker directly to link by default. However, this complicates things
because we also need to support LTO, which can only be done when linking
is done via the C compiler, and we cannot change the linker later on if
some other part of the build system wants to enable LTO.
This change migrates the default choice of linker to GCC if the C
compiler is GCC, in order to enable this use-case. This should have no
impact on anything outside of the build system, as by default GCC merely
acts as a wrapper around BFD.
Change-Id: I40771be2b0571def67bbfde9e877e7629ec8cdaa
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change migrates the values of `CC`, `CPP`, `AS` and other toolchain
variables to the new `$(toolchain)-$(tool)` variables, which were
introduced by the toolchain refactor patch. These variables should be
equivalent to the values that they're replacing.
Change-Id: I644fe4ce82ef1894bed129ddb4b6ab94fb04985d
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change refactors how we identify the toolchain, with the ultimate
aim of eventually cleaning up the various mechanisms that we employ to
configure default tools, identify the tools in use, and configure
toolchain flags.
To do this, we introduce three new concepts in this change:
- Toolchain identifiers,
- Tool class identifiers, and
- Tool identifiers.
Toolchain identifiers identify a configurable chain of tools targeting
one platform/machine/architecture. Today, these are:
- The host machine, which receives the `host` identifier,
- The AArch32 architecture, which receives the `aarch32` identifier, and
- The AArch64 architecture, which receivs the `aarch64` identifier.
The tools in a toolchain may come from different vendors, and are not
necessarily expected to come from one single toolchain distribution. In
most cases it is perfectly valid to mix tools from different toolchain
distributions, with some exceptions (notably, link-time optimization
generally requires the compiler and the linker to be aligned).
Tool class identifiers identify a class (or "role") of a tool. C
compilers, assemblers and linkers are all examples of tool classes.
Tool identifiers identify a specific tool recognized and supported by
the build system. Every tool that can make up a part of a toolchain must
receive a tool identifier.
These new identifiers can be used to retrieve information about the
toolchain in a more standardized fashion.
For example, logic in a Makefile that should only execute when the C
compiler is GNU GCC can now check the tool identifier for the C compiler
in the relevant toolchain:
ifeq ($($(ARCH)-cc-id),gnu-gcc)
...
endif
Change-Id: Icc23e43aaa32f4fd01d8187c5202f5012a634e7c
Signed-off-by: Chris Kay <chris.kay@arm.com>
The `rzg_layout_create` and `rcar_layout_create` tools have a rule to
build object files from C files, but it depends on object files in the
parent directory when it should depend on object files in the current
directory. Consequently, the rule is not triggering and the implicit C
compilation rule is executed instead. This rule works, so I have
replaced the broken rule with exactly the same command as what the
implicit rule is executing and fixed the dependency.
Change-Id: Ib8d640361adff8c4d660738dda230e5536bec629
Signed-off-by: Chris Kay <chris.kay@arm.com>
When PIE is enabled, it can be handy to display the .rela.dyn section.
Add RELA in the list of symbols parsed, to display this section in
memory map.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ic40da54ce6fb6e281fb1a6627e9b8830993cfb2c
When building BL1 with SEPARATE_CODE_AND_RODATA=0, symbol names
__RO_{START|END}__ are ignored by memory map dump script.
Fix it by including the symbol in regular expression.
While at it, update the copyright year to current.
Change-Id: Iafeab75c5711429ea0b744510caf27dd8784a29a
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Silence warning from sp_mk_generator that 'is not' operator
is not meant for integers. This replaces the referred instance
with '!='.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I0d31ad65466dbeafebbfc929e506c3e290913aca
Calculate the free space as the range between the
limit and the end of the memory region *_REGION_END.
Change-Id: I9cacadea2543c9f5ddaebca82344a83678cd7d55
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
The FF-A specification has made it such that SPs
may optionally specify their load address in the manifest.
This info was being retrieved to generate some information
for the SPMC manifest. However, it is not a mandatory utility.
This change relaxes the case in which the SP manifest doesn't
have a load address.
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Ic4c1b1ec6666522900c113903be45ba0eb5d0bf6
The same was done for other platforms: stm32mp1, tc before in
commit 034a2e3ef8 ('refactor(fiptool):
move plat_fiptool.mk to tools')
Additionally this will make ignore generated files:
Untracked files:
plat/arm/board/juno/fip/plat_def_uuid_config.d
plat/arm/board/juno/fip/plat_def_uuid_config.o
Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Change-Id: Ia5f1082fcd6d9dfc0be012759493e61ddb869956
Fixed the check of the address range which the program is loaded to.
Use the addresses and sizes in the BL31 and BL32 certificates to check
that they are within the range of the target address and size
defined inside the TF-A.
It also uses the addresses and sizes in the BL33x certificates to check
that they are outside the protected area defined inside the TF-A.
Signed-off-by: Hideyuki Nitta <hideyuki.nitta.jf@hitachi.com>
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> # Code clean up
Change-Id: Iade15431fc86587489fb0ca9106f6baaf7e926e2
mbedtls/version.h needs to be included before the use of any
mbedtls config variables.
Fixes a build failure regression from commit a8eadc51a.
Change-Id: Idd955d7955b0a55ffd127f31053335542cb15e22
Signed-off-by: Henrik Nordstrom <henrik.nordstrom@addiva.se>
Added changelog for v2.10 release.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Id06263047fcc1ec60e82f85cd09e2e4bc95830f5
This reverts commit 0abbfab320.
Reason for revert: Changelog was based on rc0 tag but we got few more patches after that which were not captured.
Change-Id: I9829f2b6dc09f0bd5c538845cbae051f6e4c8a75
When key_load() attempts to load the key from a file and it fails to
open this file, the 'err_code' output argument is set to
'KEY_ERR_OPEN' error code. However, it is incorrectly overwritten
later on with 'KEY_ERR_NONE' or 'KEY_ERR_LOAD'.
The latter case messes up with the key creation scenario. The
'KEY_ERR_LOAD' error leads the tool to exit, when it should attempt to
create the said key file if invoked with the --new-keys/-n option.
Note that, to complicate matters further, which of 'KEY_ERR_OPEN' or
'KEY_ERR_NONE' values is returned by key_load() depends on the version
of OpenSSL in use:
- If using v3+, KEY_ERROR_LOAD is returned.
- If using <v3, KEY_ERROR_NONE is returned as a result of the key
pair container being initialized by key_new().
This patch fixes this bug and also takes the opportunity to refactor
key_load() implementation to (hopefully) make it more straight-forward
and easier to reason about.
Fixes: 616b3ce27d "feat(cert-create): add pkcs11 engine support"
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Reported-by: Wenchen Tan <xtaens@qq.com>
Change-Id: Ia78ff442e04c5ff98e6ced8d26becbd817a8ccb7
Provide a STATIC command line build option for platforms willing to
build fiptool statically and remove dependency to toolchain and OpenSSL
libraries.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1d1b6676df50081828170e2b0ab7b71c4ec19d6e
Add pkcs11 engine support which allows using keys that are securely
stored on a HSM or TPM. To use this feature the user has to supply
an RFC 7512 compliant PKCS11 URI to a key instead of a file as an
argument to one of the key options. This change is fully backwards
compatible.
This change makes use of the openssl engine API which is deprecated
since openssl 3.0 and will most likely be removed in version 4. So
pkcs11 support will have to be updated to the openssl provider API
in the near future.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: If96725988ca62c5613ec59123943bf15922f5d1f
key->key and k will point to the same if PEM_read_PrivateKey
(pem_read_bio_key_decoder) succeeds. There is no need for the temporary
'k' pointer here.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: I219c49d331eb6dd7200b49b75d47fd66da3d82dd
TF-A makefile accepts a device-tree snippet to override hardcoded SP
nodes, via the `ARM_BL2_SP_LIST_DTS` variable. However the SPs declared
in `ARM_BL2_SP_LIST_DTS` must be in the same order as they are in the
FIP image, otherwise hash authentication will fail when loaded by BL2.
This patch generates the `ARM_BL2_SP_LIST_DTS` file from the
`sp_layout.json` file. The SPs in the FIP image are also generated from
`sp_layout.json`, so this ensures that there is only one source of truth
for the SP list, removing the possibility to have the lists disagree
with each other.
Signed-off-by: Karl Meakin <karl.meakin@arm.com>
Change-Id: I7d76715135c596605c6a02aad5196d967dfeb1ce
The build flags to enable the Arm(R) Ethos(TM)-N NPU driver are in arm
platform specific make files i.e. plat/arm/common/arm_common.mk. These
flags are renamed and moved to ethosn_npu.mk. Other source and make
files are changed to reflect the changes in these flags.
Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I6fd20225343c574cb5ac1f0f32ff2fc28ef37ea6
In their respective makefiles, cert_create, encrypt_fw and fiptool
depend on the --openssl phony target as a prerequisite. This forces
those tools to be re-linked each time.
Move the dependencies on the --openssl target from the tools to their
makefiles all targets, to avoid unnecessary linking while preserving the
OpenSSL version printing done in the --openssl targets when in debug.
Fixes: cf2dd17ddd ("refactor(security): add OpenSSL 1.x compatibility")
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Change-Id: I98a3ab30f36dffc253cecaaf3a57d2712522135d
Add symbols to mark end of TEXT/RODATA before page alignment.
Similar change was done by commit 8d69a03f6a ("Various
improvements/cleanups on the linker scripts") for
RO_END/COHERENT_RAM. These symbols help to know how much free
space is in the final binary because of page alignment.
Also show all *UNALIGNED__ symbols via poetry.
For example:
poetry run memory -p zynqmp -b debug
Change-Id: I322beba37dad76be9f4e88ca7e5b3eff2df7d96e
Signed-off-by: Michal Simek <michal.simek@amd.com>
The intial patch stack only supported ELF files, which proved
particularly problematic when dealing with incomplete builds (i.e. build
didn't complete due to linker errors). This adds support for GNU map
files. Most analysis performed by the tool should be possible with map
files alone.
Change-Id: I89f775a98efc5aef6671a17d0e6e973df555a6fa
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Extends cert_create tool with a new option for CCA NV
counter: ccafw_nvctr.
And changes the non-volatile counter used to protect
the CCA Content Certificate from the Trusted FW NV counter
to the CCA FW NV counter in the CCA CoT description.
Change-Id: I27f3ab2e25809f0dcc56fa05e5c3a25a2e861ef6
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
In response to feedback provided during review of the v2.9 changelog,
commits with the `build` type and without a scope are now treated as
though they have the `build` scope as well.
Change-Id: I9628e0faf1fcf31fe88758ad3e75ca8febf1bb36
Signed-off-by: Chris Kay <chris.kay@arm.com>
plat_fiptool.mk files now need to be in tools/fiptool/plat_fiptool/, so
this file has been moved to the new location so that it is picked up
correctly by the build system.
Change-Id: Id3596b08bc856362e300f3dfefcaab5d75b4c400
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
Present memory usage in hierarchical view. This view maps modules to
their respective segments and sections.
Change-Id: I5c374b46738edbc83133441ff3f4268f08cb011d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Add support for tabulating static memory consumption data from ELF
binaries. This relies on static symbols, defined in the linker files,
that provide information about the memory ranges.
Change-Id: Ie19cd2b80a7b591607640feeb84c63266963ea4d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Make the symbol table produced by the memory mapping script more
readable. Add a generic interface for interacting with ELF binaries.
This interface enables us to get symbols that provide some insights into
TF-A's memory usage.
Change-Id: I6646f817a1d38d6184b837b78039b7465a533c5c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
The object target in the fiptool Makefile only depends on the
corresponding source file so it won't rebuild the object, if a header
file used by the source file is changed.
To make it rebuild the object file for both source and header file
changes, a dependency file will now be generated for each object and
included in the Makefile.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I0468c6e9c54126242150667268d471f28e011b0d
Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.
However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3
Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
SAVE_KEYS is set to '0' by default, causing cert_create to
show the 'Key filename not specified' message on each run
even though this is perfectly normal. Show the message only
in the VERBOSE log level.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Change-Id: I472cdec2670055ab0edd99d172f79d01ad575972
Move all plat_fiptool.mks into tools, change the logic to recursively
check for tools/fiptool/plat_fiptool/<plat_path>/plat_fiptool.mk
I.e. for a platform that has the path "plat/arm/board/tc/platform.mk",
the makefile will now load the first existing file from:
- tools/fiptool/plat_fiptool/arm/board/tc/plat_fiptool.mk
- tools/fiptool/plat_fiptool/arm/board/plat_fiptool.mk
- tools/fiptool/plat_fiptool/arm/plat_fiptool.mk
This enables fiptool to support multiple platforms, or a specific one.
Remove file-copying previously being used to handle old default path.
Remove custom file cleaning in plat_fiptool.mk.
Change-Id: I95245bcf7143b329481d4394ab64f29bfe9de5ab
Signed-off-by: Raef Coles <raef.coles@arm.com>
When FIP is programmed in a disk partition, fiptool cannot be used
directly; this forces the user to temporarily copy the partition
to a file, apply fiptool and copy back the file. This is caused by
fstat() that returns zero file size on a block special file, thus
making fiptool commands info, update, unpack and remove to exit.
For either Linux host or Linux target, recover the partition size
with ioctl() and use it as FIP file size. E.g.:
fiptool info /dev/disk/by-partlabel/fip-a
fiptool info /dev/mtdblock4
While there, rework two identical error log messages to provide
more details about the failure and update the date in copyright.
Signed-off-by: Antonio Borneo <antonio.borneo@foss.st.com>
Change-Id: I7cab60e577422d94c24ba7e39458f58bcebc2336
Chris Kay
Manish V Badarkhe
Tamas Ban
Donald Chan
Yann Gautier
Sekhar Nori
J-Alves
Harrison Mutai
Andrey Skvortsov
Takuya Sakata
Henrik Nordstrom
Manish Pandey
Juan Pablo Conde
Sandrine Bailleux
laurenw-arm
Olivier Deprez
Robin van der Gracht
Karl Meakin
Rajasekaran Kalidoss
Vincent Stehlé
Michal Simek
Rob Hughes
Yann Gautier
Elyes Haouas
Mikael Olsson
Govindraj Raja
Raef Coles
Antonio Borneo
Jiafei Pan