diff options
25 files changed, 92 insertions, 83 deletions
@@ -19,10 +19,6 @@ tools/cert_create/src/**/*.o tools/cert_create/cert_create tools/cert_create/cert_create.exe -# Ignore header files copied. -tools/fiptool/firmware_image_package.h -tools/fiptool/uuid.h - # GNU GLOBAL files GPATH GRTAGS @@ -179,7 +179,8 @@ INCLUDES += -Iinclude/bl1 \ -Iinclude/plat/common \ -Iinclude/services \ ${PLAT_INCLUDES} \ - ${SPD_INCLUDES} + ${SPD_INCLUDES} \ + -Iinclude/tools_share ################################################################################ @@ -442,6 +443,7 @@ $(eval $(call assert_boolean,SEPARATE_CODE_AND_RODATA)) $(eval $(call assert_boolean,SPIN_ON_BL1_EXIT)) $(eval $(call assert_boolean,TRUSTED_BOARD_BOOT)) $(eval $(call assert_boolean,USE_COHERENT_MEM)) +$(eval $(call assert_boolean,USE_TBBR_DEFS)) $(eval $(call assert_boolean,WARMBOOT_ENABLE_DCACHE_EARLY)) $(eval $(call assert_numeric,ARM_ARCH_MAJOR)) @@ -480,6 +482,7 @@ $(eval $(call add_define,SPD_${SPD})) $(eval $(call add_define,SPIN_ON_BL1_EXIT)) $(eval $(call add_define,TRUSTED_BOARD_BOOT)) $(eval $(call add_define,USE_COHERENT_MEM)) +$(eval $(call add_define,USE_TBBR_DEFS)) $(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY)) # Define the EL3_PAYLOAD_BASE flag only if it is provided. @@ -603,7 +606,7 @@ certtool: ${CRTTOOL} .PHONY: ${CRTTOOL} ${CRTTOOL}: - ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH} + ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH} @${ECHO_BLANK_LINE} @echo "Built $@ successfully" @${ECHO_BLANK_LINE} diff --git a/docs/user-guide.md b/docs/user-guide.md index 2379298e..85ece930 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -914,7 +914,11 @@ section), but it can also be built separately with the following command: make PLAT=<platform> [DEBUG=1] [V=1] certtool -Specifying the platform is mandatory since the tool is platform specific. +For platforms that do not require their own IDs in certificate files, +the generic 'cert_create' tool can be built with the following command: + + make USE_TBBR_DEFS=1 [DEBUG=1] [V=1] certtool + `DEBUG=1` builds the tool in debug mode. `V=1` makes the build process more verbose. The following command should be used to obtain help about the tool: diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 8b6ca23b..e88c7c26 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -1,12 +1,16 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include <auth_mod.h> #include <platform_def.h> +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else #include <platform_oid.h> +#endif #include <stddef.h> /* diff --git a/include/common/firmware_image_package.h b/include/tools_share/firmware_image_package.h index dcf16b48..dcf16b48 100644 --- a/include/common/firmware_image_package.h +++ b/include/tools_share/firmware_image_package.h diff --git a/include/plat/arm/board/common/board_arm_oid.h b/include/tools_share/tbbr_oid.h index fc6cd792..7a340878 100644 --- a/include/plat/arm/board/common/board_arm_oid.h +++ b/include/tools_share/tbbr_oid.h @@ -1,21 +1,17 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ -#ifndef __BOARD_ARM_OID_H__ -#define __BOARD_ARM_OID_H__ +#ifndef __TBBR_OID_H__ +#define __TBBR_OID_H__ /* * The following is a list of OID values defined and reserved by ARM, which * are used to define the extension fields of the certificate structure, as * defined in the Trusted Board Boot Requirements (TBBR) specification, * ARM DEN0006C-1. - * - * Non-ARM platform owners that wish to align with the TBBR should define - * constants with the same name in their own platform port(s), using their - * own OIDs obtained from the ITU-T. */ @@ -140,4 +136,4 @@ /* NonTrustedWorldBootloaderHash - BL33 */ #define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID "1.3.6.1.4.1.4128.2100.1201" -#endif /* __BOARD_ARM_OID_H__ */ +#endif /* __TBBR_OID_H__ */ diff --git a/include/lib/stdlib/sys/uuid.h b/include/tools_share/uuid.h index 6d935bd6..6d935bd6 100644 --- a/include/lib/stdlib/sys/uuid.h +++ b/include/tools_share/uuid.h diff --git a/make_helpers/build_macros.mk b/make_helpers/build_macros.mk index 36f220e0..34d82c9a 100644 --- a/make_helpers/build_macros.mk +++ b/make_helpers/build_macros.mk @@ -54,7 +54,7 @@ endef # Convenience function for verifying option has a boolean value # $(eval $(call assert_boolean,FOO)) will assert FOO is 0 or 1 define assert_boolean - $(and $(patsubst 0,,$(value $(1))),$(patsubst 1,,$(value $(1))),$(error $(1) must be boolean)) + $(if $(filter-out 0 1,$($1)),$(error $1 must be boolean)) endef 0-9 := 0 1 2 3 4 5 6 7 8 9 diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index 18c41e05..a31e59c0 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -128,6 +128,9 @@ TRUSTED_BOARD_BOOT := 0 # Build option to choose whether Trusted firmware uses Coherent memory or not. USE_COHERENT_MEM := 1 +# Use tbbr_oid.h instead of platform_oid.h +USE_TBBR_DEFS = $(ERROR_DEPRECATED) + # Build verbosity V := 0 diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index eb1dc8c2..391ae45c 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,9 +7,9 @@ #include <arm_def.h> #include <assert.h> #include <platform.h> -#include <platform_oid.h> #include <stdint.h> #include <string.h> +#include <tbbr_oid.h> /* Weak definition may be overridden in specific platform */ #pragma weak plat_match_rotpk diff --git a/plat/arm/board/fvp/fvp_trusted_boot.c b/plat/arm/board/fvp/fvp_trusted_boot.c index 51d30830..d1e8b9f5 100644 --- a/plat/arm/board/fvp/fvp_trusted_boot.c +++ b/plat/arm/board/fvp/fvp_trusted_boot.c @@ -1,13 +1,14 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include <assert.h> -#include <platform_oid.h> #include <stdint.h> #include <string.h> +#include <tbbr_oid.h> + #include "fvp_def.h" /* diff --git a/plat/arm/board/fvp/include/platform_oid.h b/plat/arm/board/fvp/include/platform_oid.h deleted file mode 100644 index 5ef1580b..00000000 --- a/plat/arm/board/fvp/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/board/juno/include/platform_oid.h b/plat/arm/board/juno/include/platform_oid.h deleted file mode 100644 index 5ef1580b..00000000 --- a/plat/arm/board/juno/include/platform_oid.h +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ -#include "../../../../../include/plat/arm/board/common/board_arm_oid.h" - -/* - * Required platform OIDs - * (Provided by included header) - */ diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk index 58fc94ec..3c207698 100644 --- a/plat/arm/common/arm_common.mk +++ b/plat/arm/common/arm_common.mk @@ -87,6 +87,9 @@ SEPARATE_CODE_AND_RODATA := 1 # Enable new version of image loading on ARM platforms LOAD_IMAGE_V2 := 1 +# Use generic OID definition (tbbr_oid.h) +USE_TBBR_DEFS := 1 + PLAT_INCLUDES += -Iinclude/common/tbbr \ -Iinclude/plat/arm/common diff --git a/plat/common/tbbr/plat_tbbr.c b/plat/common/tbbr/plat_tbbr.c index 4aa9457d..f5a4f315 100644 --- a/plat/common/tbbr/plat_tbbr.c +++ b/plat/common/tbbr/plat_tbbr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -7,7 +7,11 @@ #include <assert.h> #include <auth/auth_mod.h> #include <platform.h> +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else #include <platform_oid.h> +#endif #include <string.h> /* diff --git a/tools/cert_create/Makefile b/tools/cert_create/Makefile index 989a8e4d..8a216495 100644 --- a/tools/cert_create/Makefile +++ b/tools/cert_create/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -27,6 +27,13 @@ MAKE_HELPERS_DIRECTORY := ../../make_helpers/ include ${MAKE_HELPERS_DIRECTORY}build_macros.mk include ${MAKE_HELPERS_DIRECTORY}build_env.mk +ifeq (${USE_TBBR_DEFS},1) +# In this case, cert_tool is platform-independent +PLAT_MSG := TBBR Generic +PLAT_INCLUDE := ../../include/tools_share +else +PLAT_MSG := ${PLAT} + PLATFORM_ROOT := ../../plat/ include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk @@ -35,6 +42,7 @@ PLAT_INCLUDE := $(wildcard ${PLAT_DIR}include) ifeq ($(PLAT_INCLUDE),) $(error "Error: Invalid platform '${PLAT}' has no include directory.") endif +endif ifeq (${DEBUG},1) CFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40 @@ -47,6 +55,9 @@ else Q := endif +$(eval $(call add_define,USE_TBBR_DEFS)) +CFLAGS += ${DEFINES} + # Make soft links and include from local directory otherwise wrong headers # could get pulled in from firmware tree. INC_DIR := -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include @@ -62,7 +73,7 @@ all: clean ${BINARY} ${BINARY}: ${OBJECTS} Makefile @echo " LD $@" @echo 'const char build_msg[] = "Built : "__TIME__", "__DATE__; \ - const char platform_msg[] = "${PLAT}";' | \ + const char platform_msg[] = "${PLAT_MSG}";' | \ ${CC} -c ${CFLAGS} -xc - -o src/build_msg.o ${Q}${CC} src/build_msg.o ${OBJECTS} ${LIB_DIR} ${LIB} -o $@ diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c index 62ff2555..80ccfe93 100644 --- a/tools/cert_create/src/cert.c +++ b/tools/cert_create/src/cert.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -14,11 +14,16 @@ #include <openssl/sha.h> #include <openssl/x509v3.h> +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else +#include <platform_oid.h> +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define SERIAL_RAND_BITS 64 diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c index a118fbbb..c1bde5de 100644 --- a/tools/cert_create/src/key.c +++ b/tools/cert_create/src/key.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -13,11 +13,16 @@ #include <openssl/evp.h> #include <openssl/pem.h> +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else +#include <platform_oid.h> +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #define MAX_FILENAME_LEN 1024 diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index e0f331c2..99236370 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -18,12 +18,17 @@ #include <openssl/sha.h> #include <openssl/x509v3.h> +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else +#include <platform_oid.h> +#endif + #include "cert.h" #include "cmd_opt.h" #include "debug.h" #include "ext.h" #include "key.h" -#include "platform_oid.h" #include "sha.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_cert.h" diff --git a/tools/cert_create/src/tbbr/tbb_ext.c b/tools/cert_create/src/tbbr/tbb_ext.c index 11d779b0..d9a8ea26 100644 --- a/tools/cert_create/src/tbbr/tbb_ext.c +++ b/tools/cert_create/src/tbbr/tbb_ext.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -8,8 +8,14 @@ #include <string.h> #include <openssl/err.h> #include <openssl/x509v3.h> + +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else +#include <platform_oid.h> +#endif + #include "ext.h" -#include "platform_oid.h" #include "tbbr/tbb_ext.h" #include "tbbr/tbb_key.h" diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile index 0a46ad7c..29eac2a7 100644 --- a/tools/fiptool/Makefile +++ b/tools/fiptool/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved. +# Copyright (c) 2014-2017, ARM Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -11,7 +11,6 @@ include ${MAKE_HELPERS_DIRECTORY}build_env.mk PROJECT := fiptool${BIN_EXT} OBJECTS := fiptool.o tbbr_config.o V := 0 -COPIED_H_FILES := uuid.h firmware_image_package.h override CPPFLAGS += -D_GNU_SOURCE -D_XOPEN_SOURCE=700 CFLAGS := -Wall -Werror -pedantic -std=c99 @@ -28,8 +27,7 @@ else Q := endif -# Only include from local directory (see comment below). -INCLUDE_PATHS := -I. +INCLUDE_PATHS := -I. -I../../include/tools_share CC := gcc @@ -48,24 +46,9 @@ fip_create: fip_create.sh ${Q}mkdir -p ../fip_create ${Q}install -m 755 fip_create.sh ../fip_create/fip_create -%.o: %.c %.h ${COPIED_H_FILES} Makefile +%.o: %.c %.h Makefile @echo " CC $<" ${Q}${CC} -c ${CPPFLAGS} ${CFLAGS} ${INCLUDE_PATHS} $< -o $@ -# -# Copy required library headers to a local directory so they can be included -# by this project without adding the library directories to the system include -# path. This avoids conflicts with definitions in the compiler standard -# include path. -# -uuid.h : ../../include/lib/stdlib/sys/uuid.h - $(call SHELL_COPY,$<,$@) - -firmware_image_package.h : ../../include/common/firmware_image_package.h - $(call SHELL_COPY,$<,$@) - clean: $(call SHELL_DELETE_ALL, ${PROJECT} ${OBJECTS} fip_create) - -distclean: clean - $(call SHELL_DELETE_ALL, ${COPIED_H_FILES}) diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c index 7bfd2720..4d80f2f1 100644 --- a/tools/fiptool/fiptool.c +++ b/tools/fiptool/fiptool.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -20,8 +20,9 @@ #include <openssl/sha.h> +#include <firmware_image_package.h> + #include "fiptool.h" -#include "firmware_image_package.h" #include "tbbr_config.h" #define OPT_TOC_ENTRY 0 diff --git a/tools/fiptool/fiptool.h b/tools/fiptool/fiptool.h index 81453e0d..4b5cdd91 100644 --- a/tools/fiptool/fiptool.h +++ b/tools/fiptool/fiptool.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -10,8 +10,8 @@ #include <stddef.h> #include <stdint.h> -#include "firmware_image_package.h" -#include "uuid.h" +#include <firmware_image_package.h> +#include <uuid.h> #define NELEM(x) (sizeof (x) / sizeof *(x)) diff --git a/tools/fiptool/tbbr_config.c b/tools/fiptool/tbbr_config.c index 46620832..7c6c24be 100644 --- a/tools/fiptool/tbbr_config.c +++ b/tools/fiptool/tbbr_config.c @@ -1,12 +1,13 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include <stddef.h> -#include "firmware_image_package.h" +#include <firmware_image_package.h> + #include "tbbr_config.h" /* The images used depends on the platform. */ diff --git a/tools/fiptool/tbbr_config.h b/tools/fiptool/tbbr_config.h index a5155c8b..bad757db 100644 --- a/tools/fiptool/tbbr_config.h +++ b/tools/fiptool/tbbr_config.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -9,7 +9,7 @@ #include <stdint.h> -#include "uuid.h" +#include <uuid.h> /* TODO: Update this number as required */ #define TOC_HEADER_SERIAL_NUMBER 0x12345678 |