diff options
| author | Juan Castillo <juan.castillo@arm.com> | 2015-04-14 12:49:03 +0100 |
|---|---|---|
| committer | Juan Castillo <juan.castillo@arm.com> | 2015-06-25 08:53:26 +0100 |
| commit | 95cfd4ad84633502938a8bccc2b0290dfbcac2f7 (patch) | |
| tree | 88abb69a6b305be5bc3bcbf6010357e2edff0fa1 /include | |
| parent | 16948ae1d9e14190229f0fd8602f8cc0f25d57d2 (diff) | |
TBB: add platform API to read the ROTPK information
This patch extends the platform port by adding an API that returns
either the Root of Trust public key (ROTPK) or its hash. This is
usually stored in ROM or eFUSE memory. The ROTPK returned must be
encoded in DER format according to the following ASN.1 structure:
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING
}
In case the platform returns a hash of the key:
DigestInfo ::= SEQUENCE {
digestAlgorithm AlgorithmIdentifier,
keyDigest OCTET STRING
}
An implementation for ARM development platforms is provided in this
patch. When TBB is enabled, the ROTPK hash location must be specified
using the build option 'ARM_ROTPK_LOCATION'. Available options are:
- 'regs' : return the ROTPK hash stored in the Trusted
root-key storage registers.
- 'devel_rsa' : return a ROTPK hash embedded in the BL1 and
BL2 binaries. This hash has been obtained from the development
RSA public key located in 'plat/arm/board/common/rotpk'.
On FVP, the number of MMU tables has been increased to map and
access the ROTPK registers.
A new file 'board_common.mk' has been added to improve code sharing
in the ARM develelopment platforms.
Change-Id: Ib25862e5507d1438da10773e62bd338da8f360bf
Diffstat (limited to 'include')
| -rw-r--r-- | include/plat/arm/board/common/board_arm_def.h | 24 | ||||
| -rw-r--r-- | include/plat/arm/soc/common/soc_css_def.h | 8 | ||||
| -rw-r--r-- | include/plat/common/platform.h | 9 |
3 files changed, 34 insertions, 7 deletions
diff --git a/include/plat/arm/board/common/board_arm_def.h b/include/plat/arm/board/common/board_arm_def.h index 21dee7e4..3abf235e 100644 --- a/include/plat/arm/board/common/board_arm_def.h +++ b/include/plat/arm/board/common/board_arm_def.h @@ -64,29 +64,41 @@ * plat_arm_mmap array defined for each BL stage. */ #if IMAGE_BL1 -# define PLAT_ARM_MMAP_ENTRIES 6 +# if PLAT_fvp +# define PLAT_ARM_MMAP_ENTRIES 7 +# else +# define PLAT_ARM_MMAP_ENTRIES 6 +# endif #endif #if IMAGE_BL2 -# define PLAT_ARM_MMAP_ENTRIES 8 +# if PLAT_fvp +# define PLAT_ARM_MMAP_ENTRIES 9 +# else +# define PLAT_ARM_MMAP_ENTRIES 8 +# endif #endif #if IMAGE_BL31 -# define PLAT_ARM_MMAP_ENTRIES 5 +#define PLAT_ARM_MMAP_ENTRIES 5 #endif #if IMAGE_BL32 -# define PLAT_ARM_MMAP_ENTRIES 4 +#define PLAT_ARM_MMAP_ENTRIES 4 #endif /* * Platform specific page table and MMU setup constants */ #if IMAGE_BL1 -# if PLAT_fvp || PLAT_juno +# if PLAT_juno # define MAX_XLAT_TABLES 2 # else # define MAX_XLAT_TABLES 3 # endif /* PLAT_ */ #elif IMAGE_BL2 -# define MAX_XLAT_TABLES 3 +# if PLAT_juno +# define MAX_XLAT_TABLES 3 +# else +# define MAX_XLAT_TABLES 4 +# endif /* PLAT_ */ #elif IMAGE_BL31 # define MAX_XLAT_TABLES 2 #elif IMAGE_BL32 diff --git a/include/plat/arm/soc/common/soc_css_def.h b/include/plat/arm/soc/common/soc_css_def.h index 8b43e4ce..428df4d2 100644 --- a/include/plat/arm/soc/common/soc_css_def.h +++ b/include/plat/arm/soc/common/soc_css_def.h @@ -65,6 +65,14 @@ */ #define SOC_CSS_NIC400_APB4_BRIDGE 4 +/* Keys */ +#define SOC_KEYS_BASE 0x7fe80000 +#define TZ_PUB_KEY_HASH_BASE (SOC_KEYS_BASE + 0x0000) +#define TZ_PUB_KEY_HASH_SIZE 32 +#define HU_KEY_BASE (SOC_KEYS_BASE + 0x0020) +#define HU_KEY_SIZE 16 +#define END_KEY_BASE (SOC_KEYS_BASE + 0x0044) +#define END_KEY_SIZE 32 #define SOC_CSS_MAP_DEVICE MAP_REGION_FLAT( \ SOC_CSS_DEVICE_BASE, \ diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 73c2fdd4..d8fa8916 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -44,6 +44,11 @@ struct entry_point_info; struct bl31_params; /******************************************************************************* + * plat_get_rotpk_info() flags + ******************************************************************************/ +#define ROTPK_IS_HASH (1 << 0) + +/******************************************************************************* * Function declarations ******************************************************************************/ /******************************************************************************* @@ -191,8 +196,10 @@ void bl31_plat_enable_mmu(uint32_t flags); void bl32_plat_enable_mmu(uint32_t flags); /******************************************************************************* - * Trusted Boot functions + * Trusted Board Boot functions ******************************************************************************/ int plat_match_rotpk(const unsigned char *, unsigned int); +int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, + unsigned int *flags); #endif /* __PLATFORM_H__ */ |