6 files changed, 85 insertions, 0 deletions

diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index a5bd648c..491fd5cf 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -31,6 +31,7 @@
 #include <arch.h>
 #include <arch_helpers.h>
 #include <assert.h>
+#include <auth.h>
 #include <bl_common.h>
 #include <debug.h>
 #include <platform.h>
@@ -141,6 +142,34 @@ void bl1_main(void)
 	/* Find out how much free trusted ram remains after BL1 load */
 	bl1_tzram_layout = bl1_plat_sec_mem_layout();
 
+#if TRUSTED_BOARD_BOOT
+	/* Initialize authentication module */
+	auth_init();
+
+	/*
+	 * Load the BL2 certificate into the BL2 region. This region will be
+	 * overwritten by the image, so the authentication module is responsible
+	 * for storing the relevant data from the certificate (keys, hashes,
+	 * etc.) so it can be used later.
+	 */
+	err = load_image(bl1_tzram_layout,
+			 BL2_CERT_NAME,
+			 BL2_BASE,
+			 &bl2_image_info,
+			 NULL);
+	if (err) {
+		ERROR("Failed to load BL2 certificate.\n");
+		panic();
+	}
+
+	err = auth_verify_obj(AUTH_BL2_IMG_CERT, bl2_image_info.image_base,
+			bl2_image_info.image_size);
+	if (err) {
+		ERROR("Failed to validate BL2 certificate.\n");
+		panic();
+	}
+#endif /* TRUSTED_BOARD_BOOT */
+
 	/* Load the BL2 image */
 	err = load_image(bl1_tzram_layout,
 			 BL2_IMAGE_NAME,
@@ -155,6 +184,20 @@ void bl1_main(void)
 		ERROR("Failed to load BL2 firmware.\n");
 		panic();
 	}
+
+#if TRUSTED_BOARD_BOOT
+	err = auth_verify_obj(AUTH_BL2_IMG, bl2_image_info.image_base,
+				bl2_image_info.image_size);
+	if (err) {
+		ERROR("Failed to validate BL2 image.\n");
+		panic();
+	}
+
+	/* After working with data, invalidate the data cache */
+	inv_dcache_range(bl2_image_info.image_base,
+			(size_t)bl2_image_info.image_size);
+#endif /* TRUSTED_BOARD_BOOT */
+
 	/*
 	 * Create a new layout of memory for BL2 as seen by BL1 i.e.
 	 * tell it the amount of total and free memory available.
diff --git a/drivers/io/io_fip.c b/drivers/io/io_fip.c
index 4262a9de..7d205907 100644
--- a/drivers/io/io_fip.c
+++ b/drivers/io/io_fip.c
@@ -76,6 +76,10 @@ static const plat_fip_name_uuid_t name_uuid[] = {
 	{BL32_IMAGE_NAME, UUID_SECURE_PAYLOAD_BL32},
 #endif /* BL32_IMAGE_NAME */
 	{BL33_IMAGE_NAME, UUID_NON_TRUSTED_FIRMWARE_BL33},
+#if TRUSTED_BOARD_BOOT
+	/* Certificates */
+	{BL2_CERT_NAME, UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT},
+#endif /* TRUSTED_BOARD_BOOT */
 };
 
 static const uuid_t uuid_null = {0};
diff --git a/plat/fvp/fvp_io_storage.c b/plat/fvp/fvp_io_storage.c
index b4a04f19..b1e033ee 100644
--- a/plat/fvp/fvp_io_storage.c
+++ b/plat/fvp/fvp_io_storage.c
@@ -77,6 +77,13 @@ static const io_file_spec_t bl33_file_spec = {
 	.mode = FOPEN_MODE_RB
 };
 
+#if TRUSTED_BOARD_BOOT
+static const io_file_spec_t bl2_cert_file_spec = {
+	.path = BL2_CERT_NAME,
+	.mode = FOPEN_MODE_RB
+};
+#endif /* TRUSTED_BOARD_BOOT */
+
 static int open_fip(const uintptr_t spec);
 static int open_memmap(const uintptr_t spec);
 
@@ -114,6 +121,13 @@ static const struct plat_io_policy policies[] = {
 		(uintptr_t)&bl33_file_spec,
 		open_fip
 	}, {
+#if TRUSTED_BOARD_BOOT
+		BL2_CERT_NAME,
+		&fip_dev_handle,
+		(uintptr_t)&bl2_cert_file_spec,
+		open_fip
+	}, {
+#endif /* TRUSTED_BOARD_BOOT */
 		0, 0, 0
 	}
 };
diff --git a/plat/fvp/include/platform_def.h b/plat/fvp/include/platform_def.h
index bd53bc7b..edbbdf31 100644
--- a/plat/fvp/include/platform_def.h
+++ b/plat/fvp/include/platform_def.h
@@ -80,6 +80,11 @@
 /* Non-Trusted Firmware BL33 */
 #define BL33_IMAGE_NAME			"bl33.bin" /* e.g. UEFI */
 
+#if TRUSTED_BOARD_BOOT
+/* Certificates */
+# define BL2_CERT_NAME			"bl2.crt"
+#endif /* TRUSTED_BOARD_BOOT */
+
 #define PLATFORM_CACHE_LINE_SIZE	64
 #define PLATFORM_CLUSTER_COUNT		2ull
 #define PLATFORM_CLUSTER0_CORE_COUNT	4
diff --git a/plat/juno/include/platform_def.h b/plat/juno/include/platform_def.h
index c64b6829..748b32d9 100644
--- a/plat/juno/include/platform_def.h
+++ b/plat/juno/include/platform_def.h
@@ -71,6 +71,11 @@
 /* Firmware Image Package */
 #define FIP_IMAGE_NAME			"fip.bin"
 
+#if TRUSTED_BOARD_BOOT
+/* Certificates */
+# define BL2_CERT_NAME			"bl2.crt"
+#endif /* TRUSTED_BOARD_BOOT */
+
 #define PLATFORM_CACHE_LINE_SIZE	64
 #define PLATFORM_CLUSTER_COUNT		2
 #define PLATFORM_CORE_COUNT             6
diff --git a/plat/juno/plat_io_storage.c b/plat/juno/plat_io_storage.c
index 83d7e43b..dd9f048a 100644
--- a/plat/juno/plat_io_storage.c
+++ b/plat/juno/plat_io_storage.c
@@ -77,6 +77,13 @@ static const io_file_spec_t bl33_file_spec = {
 	.mode = FOPEN_MODE_RB
 };
 
+#if TRUSTED_BOARD_BOOT
+static const io_file_spec_t bl2_cert_file_spec = {
+	.path = BL2_CERT_NAME,
+	.mode = FOPEN_MODE_RB
+};
+#endif /* TRUSTED_BOARD_BOOT */
+
 static int open_fip(const uintptr_t spec);
 static int open_memmap(const uintptr_t spec);
 
@@ -119,6 +126,13 @@ static const struct plat_io_policy policies[] = {
 		(uintptr_t)&bl33_file_spec,
 		open_fip
 	}, {
+#if TRUSTED_BOARD_BOOT
+		BL2_CERT_NAME,
+		&fip_dev_handle,
+		(uintptr_t)&bl2_cert_file_spec,
+		open_fip
+	}, {
+#endif /* TRUSTED_BOARD_BOOT */
 		0, 0, 0
 	}
 };