2018-09-03 |
fix: tools: Fix doimage syntax breaking secure mode build
...
Missing ")" in fprintf causing build break in secure boot mode.
Change-Id: Ice555571683b68bb0d81479e9fc8abc4296809ac
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Konstantin Porotchkin
committed
on 3 Sep 2018
|
tools: doimage: Add secure image key file examples
...
Add example keys for building trusted flash images using
doimage tools.
Similar files can be generated using openssl or mbedtls.
Marvell platform make files are using trusted boot
configurations from this example etst vector.
Change-Id: I38a2e295171bee4c14005ce6f020b352c683496e
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Konstantin Porotchkin
committed
on 3 Sep 2018
|
2018-07-24 |
tools: Add stm32image tool into TF-A
...
This tools adds a specific header to ST TF-A binary.
This header is used by STM32MP1 ROM code to check the bootloader.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@st.com>
Yann Gautier
committed
on 24 Jul 2018
|
2018-07-19 |
Merge pull request #1450 from MISL-EBU-System-SW/marvell-support-v6
...
Marvell support for Armada 8K SoC family
danh-arm
authored
on 19 Jul 2018
GitHub
committed
on 19 Jul 2018
|
2018-07-18 |
tools: add support for Marvell doimage
...
Add Marvell "doimage" utility support.
The "doimage" utility allows to create flash images compatible
with Marvell BootROM image format. Additionally this tool
allows the flash image parsing and verification.
Change-Id: Ie8d7ccd0cc2978684e7eecb695f375395fc749ee
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Konstantin Porotchkin
committed
on 18 Jul 2018
|
2018-07-06 |
tools/cert_create: fix makefile to build build_msg.o by HOSTCC
...
Previously build_msg.o is built by CC. It causes FTBFS when CC
is not equal to HOSTCC.
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Ying-Chun Liu (PaulLiu)
committed
on 6 Jul 2018
|
2018-06-27 |
make_cert: return error when invalid options are used
...
Print_help was used in different contexts and returning no
error in that function was hiding the error when incorrect
options were used.
Change-Id: Ic3f71748be7ff8440c9d54810b986e9f177f4439
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas
committed
on 27 Jun 2018
|
2018-06-14 |
Make TF UUID RFC 4122 compliant
...
RFC4122 defines that fields are stored in network order (big endian),
but TF-A stores them in machine order (little endian by default in TF-A).
We cannot change the future UUIDs that are already generated, but we can store
all the bytes using arrays and modify fiptool to generate the UUIDs with
the correct byte order.
Change-Id: I97be2d3168d91f4dee7ccfafc533ea55ff33e46f
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas
committed
on 14 Jun 2018
|
2018-05-18 |
Dynamic cfg: Enable support on CoT for other configs
...
This patch implements support for adding dynamic configurations for
BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The
necessary cert tool support and changes to default chain of trust are made
for these configs.
Change-Id: I25f266277b5b5501a196d2f2f79639d838794518
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 18 May 2018
|
2018-05-03 |
Merge pull request #1374 from jonathanwright-ARM/jw/fix-memory-leaks-in-fiptool
...
Fix memory leaks in fiptool
danh-arm
authored
on 3 May 2018
GitHub
committed
on 3 May 2018
|
tools/fiptool: fix memory leaks in fiptool
...
Free desc->image->buffer before freeing desc->image. We make sure that
the desc->image is non-null before attempting this.
Change-Id: I35c5674629a41d7cf1a78b7b41ca4b930d0fb688
Signed-off-by: Jonathan Wright <jonathan.wright@arm.com>
Jonathan Wright
committed
on 3 May 2018
|
2018-04-30 |
cert_create: fix makefile to remove executable on 'make realclean'
...
Spurious whitespace existed in the BINARY shell variable which meant
the cert_tool executable was not being removed on 'make realclean'.
Change-Id: Ibfd2fd17889514f6613e33c6df58d53b9232ec14
Signed-off-by: Jonathan Wright <jonathan.wright@arm.com>
Jonathan Wright
committed
on 30 Apr 2018
|
2018-03-05 |
Change PLATFORM_ROOT to TF_PLATFORM_ROOT
...
Since we use "?=" to set PLATFORM_ROOT, it is better to change the
name to be more special, or else it may be overridden by some
environment variables, such as in some CI build environments.
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Heyi Guo
committed
on 5 Mar 2018
|
2018-02-26 |
Dynamic cfg: Update the tools
...
This patch updates the `fiptool` and `cert_create` for the
`hw_config` and `tb_fw_config` dynamic configuration files.
The necessary UUIDs and OIDs are assigned to these files and
the `cert_create` is updated to generate appropriate hashes
and include them in the "Trusted Boot FW Certificate". The
`fiptool` is updated to allow the configs to be specified
via cmdline and included in the generated FIP.
Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 26 Feb 2018
|
2018-01-27 |
fiptool: Fix use after free
...
Commit 880b9e8 (Add padding at the end
of the last entry) added code using toc_entry pointer, whose memory is
already freed via variable buf. This causes enormous padding on openSUSE.
Free the memory buffer only after padding is done.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Andreas Färber
committed
on 27 Jan 2018
|
2018-01-03 |
Add padding at the end of the last entry
...
This patch adds padding bytes at the end of the last image in the
fip to be able to transfer by DMA the last image.
Change-Id: I8c6f07dee389cb3d1dc919936d9d52841d7e5723
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
Roberto Vargas
authored
on 19 Dec 2017
David Cunado
committed
on 3 Jan 2018
|
2017-11-21 |
tools: add an option -hash-alg for cert_create
...
This option enables the user to select the secure hash algorithm
to be used for generating the hash. It supports the following
options:
- sha256 (default)
- sha384
- sha512
Change-Id: Icb093cec1b5715e248c3d1c3749a2479a7ab4b89
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Qixiang Xu
committed
on 21 Nov 2017
|
2017-10-17 |
fiptool: Enable Visual Studio build
...
Updates are required to enable the fiptool utility to be built on a
Windows platform. This change modifies the source files to enable
building with Visual Studio (detected via preprocessor settings).
The primary changes are:
1. Provide an implementation of the getopt_long function. This does
not exist in the Visual Studio CRT libraries because Windows
commands normally use '/' not '-' as an option indicator.
2. Redirect some function names to match those supported by the
Visual Studio libraries (when building with Visual Studio).
2. Modify a structure name (stat) to match that provided
by the Visual Studio libraries (_stat).
Note - this change does not provide makefile updates. It only modifies
the sources to enable the fiptool to be built from a Visual
Studio project. In normal use the presence of FIPTOOL.EXE is
enough to satisfy the make requirements. A makefile change may
be derived from the Visual Studio command line information at
some point in the future.
Change-Id: I3ade77ea140246af3c030920b3f97c070087f111
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
Evan Lloyd
committed
on 17 Oct 2017
|
2017-10-11 |
fiptool: Precursor changes for Visual Studio
...
In order to compile the source of Fiptool using Visual Studio a number
of adjustments are required to the source. This commit modifies the
source with changes that will be required, but makes no functional
modification. The intent is to allow confirmation that the GCC build
is unaffected.
Change-Id: I4055bd941c646dd0a1aa2e24b940a1db3bf629ce
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
Evan Lloyd
committed
on 11 Oct 2017
|
Merge pull request #1120 from michpappas/tf-issues#521_cert_tool_does_not_build_with_openssl_v1.1
...
cert_tool: update for compatibility with OpenSSL v1.1
davidcunado-arm
authored
on 11 Oct 2017
GitHub
committed
on 11 Oct 2017
|
2017-10-09 |
cert_tool: Fix ECDSA certificates create failure
...
Commit a8eb286 introduced the
following error when creating ECDSA certificates.
ERROR: Error creating key 'Trusted World key'
Makefile:634: recipe for target 'certificates' failed
make: *** [certificates] Error 1
this patch adds the function to create PKCS#1 v1.5.
Change-Id: Ief96d55969d5e9877aeb528c6bb503b560563537
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Qixiang Xu
committed
on 9 Oct 2017
|
2017-10-08 |
cert_tool: update for compatibility with OpenSSL v1.1
...
This patch fixes incompatibility issues that prevent building the cert_tool
with OpenSSL >= v1.1.0. The changes introduced are still backwards
compatible with OpenSSL v1.0.2.
Fixes arm-software/trusted-fw#521
Signed-off-by: Michalis Pappas <mpappas@fastmail.fm>
Michalis Pappas
authored
on 6 Oct 2017
Michalis Pappas
committed
on 8 Oct 2017
|
2017-09-11 |
Set default value of USE_TBBR_DEFS
...
Using the OIDs defined in tbbr_oids.h is the recommended way to build
the cert_create tool. This patch hence sets default value of the build
flag USE_TBBR_DEFS to 1 in the Makefile in `tools/cert_create` folder
when cert_create is built from this folder.
Fixes ARM-software/tf-issues#482
Change-Id: Id1d224826b3417770bccbefa1b68d9bdb3b567f0
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 11 Sep 2017
|
2017-08-31 |
cert_tool: Support for legacy RSA PKCS#1 v1.5
...
This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 becomes the default version and this patch enables to specify
the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
-a option. Also, the build option `KEY_ALG` can be used to pass this
option from the build system. Please note that RSA PSS is mandated
by Trusted Board Boot requirements (TBBR) and legacy RSA support is
being added for compatibility reasons.
Fixes ARM-Software/tf-issues#499
Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew
committed
on 31 Aug 2017
|
2017-08-30 |
fiptool: Update file open modes with 'b' (for Windows)
...
Unix does not distinguish binary and text modes.
On Windows the 'b' flag (e.g. "rb" instead of "r") is used to
indicate that files should be opened in binary mode.
This has no impact on Unix, but is needed on Windows to avoid
end-of-line issues.
Change-Id: I69424c55735d5d563d36c50bedd6357b8e05137e
Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
Evan Lloyd
committed
on 30 Aug 2017
|
2017-08-09 |
Support Trusted OS firmware extra images in TF tools
...
Since Trusted OS firmware may have extra images, need to
assign new uuid and image id for them.
The TBBR chain of trust has been extended to add support
for the new images within the existing Trusted OS firmware
content certificate.
Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06
Signed-off-by: Summer Qin <summer.qin@arm.com>
Summer Qin
authored
on 20 Apr 2017
Edison Ai
committed
on 9 Aug 2017
|
2017-08-03 |
Merge pull request #1044 from islmit01/im/fix_includes
...
Fix order of #includes
davidcunado-arm
authored
on 3 Aug 2017
GitHub
committed
on 3 Aug 2017
|
2017-07-31 |
Fix order of #includes
...
This fix modifies the order of system includes to meet the ARM TF coding
standard whilst retaining header groupings.
Change-Id: Ib91968f8e2cac9e96033d73d3ad9d0a2ae228b13
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
Isla Mitchell
committed
on 31 Jul 2017
|
2017-07-26 |
fiptool: remove unneeded -I. include path
...
All local headers in tools/fiptool are included by #include "..."
notation instead of #include <...>, so there is no need to add the
local directory to to the header search path.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada
committed
on 26 Jul 2017
|
2017-07-12 |
Fix order of #includes
...
This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.
Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
Isla Mitchell
committed
on 12 Jul 2017
|