Fork: 0
LuminaSensum / arm-trusted-firmware
Browse code
Allow dynamic overriding of ROTPK verification
A production ROM with TBB enabled must have the ability to boot test software
before a real ROTPK is deployed (e.g. manufacturing mode). Previously the
function plat_get_rotpk_info() must return a valid ROTPK for TBB to succeed.
This patch adds an additional bit `ROTPK_NOT_DEPLOYED` in the output `flags`
parameter from plat_get_rotpk_info(). If this bit is set, then the ROTPK
in certificate is used without verifying against the platform value.

Fixes ARM-software/tf-issues#381

Change-Id: Icbbffab6bff8ed76b72431ee21337f550d8fdbbb
WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4 v1.3_rc2 v1.3_rc1 v1.3-rc0 v1.3
1 parent a7e5303 commit 04943d33cf379868a1dfa3971c2c2250526f0670
@Soby Mathew Soby Mathew authored on 24 May 2016
Patch
Unified Split
Showing 3 changed files
View
docs/porting-guide.md
View
drivers/auth/auth_mod.c
View
include/plat/common/platform.h