Broadcom-s Trusted Firmware A https://git-03.infra.openwrt.org/project/bcm63xx/atf/atom?h=master 2019-09-12T14:27:39Z 2019-09-12T14:27:39Z Justin Chadwell 2019-07-29T16:13:10Z urn:sha1:aacff7498c7241696f55a9b80473e59b72d4d095 Previously, TF-A could not support large RSA key sizes as the configuration options passed to MBEDTLS prevented storing and performing calculations with the larger, higher-precision numbers required. With these changes to the arguments passed to MBEDTLS, TF-A now supports using 3072 (3K) and 4096 (4K) keys in certificates. Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f Signed-off-by: Justin Chadwell <justin.chadwell@arm.com> 2019-09-04T06:35:42Z Masahiro Yamada 2019-09-04T05:09:07Z urn:sha1:948a0c0d3c756a69dca56f76d02eed119956cc79 The #include "mbedtls/check_config.h" directive first searches for the header in the relative path to mbedtls_config.h, i.e. include/drivers/auth/mbedtls/mbedtls/check_config.h Obviously, it does not exist since check_config.h is located in the mbedtls project. It is more sensible to use #include <...> form. Change-Id: If72a71381f84e7748a2c9f07dd1176559d9bb1d2 Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> 2019-08-01T20:14:12Z Julius Werner 2019-07-09T20:49:11Z urn:sha1:d5dfdeb65ff5b7f24dded201d2945c7b74565ce8 NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__. All common C compilers predefine a macro called __ASSEMBLER__ when preprocessing a .S file. There is no reason for TF-A to define it's own __ASSEMBLY__ macro for this purpose instead. To unify code with the export headers (which use __ASSEMBLER__ to avoid one extra dependency), let's deprecate __ASSEMBLY__ and switch the code base over to the predefined standard. Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417 Signed-off-by: Julius Werner <jwerner@chromium.org> 2019-06-13T10:53:17Z Sandrine Bailleux 2019-06-07T12:33:51Z urn:sha1:2efb7ddc3b77a1ff11921083f290aebedbc935a2 The chain of trust description and the pointer pointing to its first element were incompatible, thus requiring an explicit type cast for the assignment. - cot_desc was an array of const pointers to const image descriptors. - cot_desc_ptr was a const pointer to (non-constant) pointers to const image descriptors. Thus, trying to assign cot_desc to cot_desc_ptr (with no cast) would generate the following compiler warning: drivers/auth/tbbr/tbbr_cot.c:826:14: warning: initialization discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] REGISTER_COT(cot_desc); ^~~~~~~~ Change-Id: Iae62dd1bdb43fe379e3843d96461d47cc2f68a06 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> 2019-04-08T13:24:21Z Joel Hutton 2019-03-11T11:37:38Z urn:sha1:30070427e3ed30721074465f97ffb68390ee688c This changes the auth_img_desc_t struct to have pointers to struct arrays instead of struct arrays. This saves memory as many of these were never used, and can be NULL pointers. Note the memory savings are only when these arrays are not initialised, as it is assumed these arrays are fixed length. A possible future optimisation could allow for variable length. memory diff: bl1: bl2: text text -12 -12 bss bss -1463 0 data data -56 -48 rodata rodata -5688 -2592 total total -7419 -2652 Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com> 2019-04-08T13:21:21Z Joel Hutton 2019-02-20T11:56:46Z urn:sha1:0b6377d1c60c01dd456a1a88dac5b1e83c0e3273 When Trusted Board Boot is enabled, we need to specify the Chain of Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array of image descriptors. The authentication module assumes that each image descriptor in this array is indexed by its unique image identifier. For example, the Trusted Boot Firmware Certificate has to be at index [TRUSTED_BOOT_FW_CERT_ID]. Unique image identifiers may not necessarily be consecutive. Also, a given BL image might not use all image descriptors. For example, BL1 does not need any of the descriptors related to BL31. As a result, the CoT array might contain holes, which unnecessarily takes up space in the BL binary. Using pointers to auth_img_desc_t structs (rather than structs themselves) means these unused elements only use 1 pointer worth of space, rather than one struct worth of space. This patch also changes the code which accesses this array to reflect the change to pointers. Image descriptors not needed in BL1 or BL2 respectively are also ifdef'd out in this patch. For example, verifying the BL31 image is the responsibility of BL2 so BL1 does not need any of the data structures describing BL31. memory diff: bl1: bl2: text text -20 -20 bss bss -1463 0 data data -256 -48 rodata rodata -5240 -1952 total total -6979 -2020 Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com> 2019-01-04T10:43:17Z Antonio Nino Diaz 2018-12-14T00:18:21Z urn:sha1:09d40e0e08283a249e7dce0e106c07c5141f9b7e Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3a282 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca33988b9 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> 2018-11-08T10:20:19Z Antonio Nino Diaz 2018-11-08T10:20:19Z urn:sha1:c3cf06f1a3a9b9ee8ac7a0ae505f95c45f7dca84 All identifiers, regardless of use, that start with two underscores are reserved. This means they can't be used in header guards. The style that this project is now to use the full name of the file in capital letters followed by 'H'. For example, for a file called "uart_example.h", the header guard is UART_EXAMPLE_H. The exceptions are files that are imported from other projects: - CryptoCell driver - dt-bindings folders - zlib headers Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> 2018-09-28T14:31:53Z Antonio Nino Diaz 2018-09-25T08:39:51Z urn:sha1:fe199e3bac38cc824a280ec35b7d55b6dae9a9ca Change-Id: Icd1cdd42afdc78895a9be6c46b414b0a155cfa63 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> 2018-09-04T09:32:06Z John Tsichritzis 2018-06-07T15:31:34Z urn:sha1:6d01a463348b04af2afa3c00579ebc6ecd12eaf1 The Mbed TLS drivers, in order to work, need a heap for internal usage. This heap, instead of being directly referenced by the drivers, now it is being accessed indirectly through a pointer. Also, the heap, instead of being part of the drivers, now it is being received through the plat_get_mbedtls_heap() function. This function requests a heap from the current BL image which utilises the Mbed TLS drivers. Those changes create the opportunity for the Mbed TLS heap to be shared among different images, thus saving memory. A default heap implementation is provided but it can be overridden by a platform specific, optimised implemenetation. Change-Id: I286a1f10097a9cdcbcd312201eea576c18d157fa Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>