Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.
However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3
Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Common mbedTLS implementation include the fixed configuration
file of mbedTLS and that does not gives flexilibility to the
platform to include their own mbedTLS configuration.
Hence changes are done so that platform can include their own
mbedTLS configuration file.
Signed-off-by: Lucian Paul-Trifu <lucian.paul-trifu@arm.com>
Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I04546589f67299e26b0a6a6e151cdf1fdb302607
Currently only single signing domain is supported for SP packages but
there is plan to support dual signing domains if CoT is dualroot.
SP_CONTENT_CERT_ID is the certificate file which is currently generated
and signed with trusted world key which in-turn is derived from Silicon
provider RoT key.
To allow dual signing domain for SP packages, other certificate file
will be derived from Platform owned RoT key.
This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and
does other related changes.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I0bc445a3ab257e2dac03faa64f46e36a9fed5e93
with sha 44f1aa8, support for Silicon Provider(SiP) owned Secure
Partition(SP) was added for dualroot CoT. This patch extends this
support for tbbr CoT.
Earlier tbbr CoT for SPs was left to avoid adding new image types in
TBBR which could possibly be seen as deviation from specification.
But with further discussions it is understood that TBBR being a
*minimal* set of requirements that can be extended as long as we don't
violate any of the musts, which is the case with adding SP support.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I1b9e3ebdd7d653f1fd4cc3bd910a69871b55ecbb
CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c
and tbbr_cot_bl2.c respectively.
Common CoT used across BL1 and BL2 are moved to
tbbr_cot_common.c.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5
The TBBR implementation extracts hashes from certificates and stores
them in static buffers. TF-A supports 3 variants of SHA right now:
SHA-256, SHA-384 and SHA-512. When support for SHA-512 was added in
commit 9a3088a5f5 ("tbbr: Add build flag
HASH_ALG to let the user to select the SHA"), the hash buffers got
unconditionally increased from 51 to 83 bytes each. We can reduce that
space if we're using SHA-256 or SHA-384.
This saves some BSS space in both BL1 and BL2:
- BL1 with SHA-256: saving 168 bytes.
- BL1 with SHA-384: saving 80 bytes.
- BL2 with SHA-256: saving 384 bytes.
- BL2 with SHA-384: saving 192 bytes.
Change-Id: I0d02e5dc5f0162e82339c768609c9766cfe7e2bd
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
The TBBR implementation extracts public keys from certificates and
stores them in static buffers. DER-encoded ECDSA keys are only 91 bytes
each but were each allocated 294 bytes instead. Reducing the size of
these buffers saves 609 bytes of BSS in BL2 (294 - 91 = 203 bytes for
each of the 3 key buffers in use).
Also add a comment claryfing that key buffers are tailored on RSA key
sizes when both ECDSA and RSA keys are used.
Change-Id: Iad332856e7af1f9814418d012fba3e1e9399f72a
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations with the larger, higher-precision numbers required. With
these changes to the arguments passed to MBEDTLS, TF-A now supports
using 3072 (3K) and 4096 (4K) keys in certificates.
Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
This changes the auth_img_desc_t struct to have pointers to struct
arrays instead of struct arrays. This saves memory as many of these
were never used, and can be NULL pointers. Note the memory savings are
only when these arrays are not initialised, as it is assumed these
arrays are fixed length. A possible future optimisation could allow for
variable length.
memory diff:
bl1: bl2:
text text
-12 -12
bss bss
-1463 0
data data
-56 -48
rodata rodata
-5688 -2592
total total
-7419 -2652
Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
When Trusted Board Boot is enabled, we need to specify the Chain of
Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array
of image descriptors. The authentication module assumes that each
image descriptor in this array is indexed by its unique image
identifier. For example, the Trusted Boot Firmware Certificate has to
be at index [TRUSTED_BOOT_FW_CERT_ID].
Unique image identifiers may not necessarily be consecutive. Also,
a given BL image might not use all image descriptors. For example, BL1
does not need any of the descriptors related to BL31. As a result, the
CoT array might contain holes, which unnecessarily takes up space in
the BL binary.
Using pointers to auth_img_desc_t structs (rather than structs
themselves) means these unused elements only use 1 pointer worth of
space, rather than one struct worth of space. This patch also changes
the code which accesses this array to reflect the change to pointers.
Image descriptors not needed in BL1 or BL2 respectively are also
ifdef'd out in this patch. For example, verifying the BL31 image is
the responsibility of BL2 so BL1 does not need any of the data
structures describing BL31.
memory diff:
bl1: bl2:
text text
-20 -20
bss bss
-1463 0
data data
-256 -48
rodata rodata
-5240 -1952
total total
-6979 -2020
Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
Enforce full include path for includes. Deprecate old paths.
The following folders inside include/lib have been left unchanged:
- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}
The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).
For example, this patch had to be created because two headers were
called the same way: e0ea0928d5 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3a2 ("drivers: add tzc380 support").
This problem was introduced in commit 4ecca33988 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.
Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.
Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
necessary cert tool support and changes to default chain of trust are made
for these configs.
Change-Id: I25f266277b5b5501a196d2f2f79639d838794518
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
This patch adds image IDs to `hw_config` and `tb_fw_config` and
includes them in the default Chain Of Trust (CoT).
Change-Id: If7bb3e9be8a5e48be76614b35bf43d58fc7fed12
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
The flag support the following values:
- sha256 (default)
- sha384
- sha512
Change-Id: I7a49d858c361e993949cf6ada0a86575c3291066
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.
Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).
For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.
The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.
For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.
NOTE: Files that have been imported by FreeBSD have not been modified.
[0]: https://spdx.org/
Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
This patch adds support for non-volatile counter authentication to
the Authentication Module. This method consists of matching the
counter values provided in the certificates with the ones stored
in the platform. If the value from the certificate is lower than
the platform, the boot process is aborted. This mechanism protects
the system against rollback.
The TBBR CoT has been updated to include this method as part of the
authentication process. Two counters are used: one for the trusted
world images and another for the non trusted world images.
** NEW PLATFORM APIs (mandatory when TBB is enabled) **
int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr);
This API returns the non-volatile counter value stored
in the platform. The cookie in the first argument may be
used to select the counter in case the platform provides
more than one (i.e. TBSA compliant platforms must provide
trusted and non-trusted counters). This cookie is specified
in the CoT.
int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr);
This API sets a new counter value. The cookie may be
used to select the counter to be updated.
An implementation of these new APIs for ARM platforms is also
provided. The values are obtained from the Trusted Non-Volatile
Counters peripheral. The cookie is used to pass the extension OID.
This OID may be interpreted by the platform to know which counter
must return. On Juno, The trusted and non-trusted counter values
have been tied to 31 and 223, respectively, and cannot be modified.
** IMPORTANT **
THIS PATCH BREAKS THE BUILD WHEN TRUSTED_BOARD_BOOT IS ENABLED. THE
NEW PLATFORM APIs INTRODUCED IN THIS PATCH MUST BE IMPLEMENTED IN
ORDER TO SUCCESSFULLY BUILD TF.
Change-Id: Ic943b76b25f2a37f490eaaab6d87b4a8b3cbc89a
This patch replaces all references to the SCP Firmware (BL0, BL30,
BL3-0, bl30) with the image terminology detailed in the TF wiki
(https://github.com/ARM-software/arm-trusted-firmware/wiki):
BL0 --> SCP_BL1
BL30, BL3-0 --> SCP_BL2
bl30 --> scp_bl2
This change affects code, documentation, build system, tools and
platform ports that load SCP firmware. ARM plaforms have been
updated to the new porting API.
IMPORTANT: build option to specify the SCP FW image has changed:
BL30 --> SCP_BL2
IMPORTANT: This patch breaks compatibility for platforms that use BL2
to load SCP firmware. Affected platforms must be updated as follows:
BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID
BL30_BASE --> SCP_BL2_BASE
bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo()
bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2()
Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
Firmware update(a.k.a FWU) feature is part of the TBB architecture.
BL1 is responsible for carrying out the FWU process if platform
specific code detects that it is needed.
This patch adds support for FWU feature support in BL1 which is
included by enabling `TRUSTED_BOARD_BOOT` compile time flag.
This patch adds bl1_fwu.c which contains all the core operations
of FWU, which are; SMC handler, image copy, authentication, execution
and resumption. It also adds bl1.h introducing #defines for all
BL1 SMCs.
Following platform porting functions are introduced:
int bl1_plat_mem_check(uintptr_t mem_base, unsigned int mem_size,
unsigned int flags);
This function can be used to add platform specific memory checks
for the provided base/size for the given security state.
The weak definition will invoke `assert()` and return -ENOMEM.
__dead2 void bl1_plat_fwu_done(void *cookie, void *reserved);
This function can be used to initiate platform specific procedure
to mark completion of the FWU process.
The weak definition waits forever calling `wfi()`.
plat_bl1_common.c contains weak definitions for above functions.
FWU process starts when platform detects it and return the image_id
other than BL2_IMAGE_ID by using `bl1_plat_get_next_image_id()` in
`bl1_main()`.
NOTE: User MUST provide platform specific real definition for
bl1_plat_mem_check() in order to use it for Firmware update.
Change-Id: Ice189a0885d9722d9e1dd03f76cac1aceb0e25ed
This patch adds a CoT based on the Trusted Board Boot Requirements
document*. The CoT consists of an array of authentication image
descriptors indexed by the image identifiers.
A new header file with TBBR image identifiers has been added.
Platforms that use the TBBR (i.e. ARM platforms) may reuse these
definitions as part of their platform porting.
PLATFORM PORT - IMPORTANT:
Default image IDs have been removed from the platform common
definitions file (common_def.h). As a consequence, platforms that
used those common definitons must now either include the IDs
provided by the TBBR header file or define their own IDs.
*The NVCounter authentication method has not been implemented yet.
Change-Id: I7c4d591863ef53bb0cd4ce6c52a60b06fa0102d5
Govindraj Raja
Manish V Badarkhe
Manish Pandey
Sandrine Bailleux
Justin Chadwell
Joel Hutton
Antonio Nino Diaz
Soby Mathew
Qixiang Xu
Summer Qin
Isla Mitchell
Masahiro Yamada
dp-arm
Juan Castillo
Yatharth Kochar