diff --git a/docs/porting-guide.md b/docs/porting-guide.md index 4f842c4..d009605 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -483,6 +483,38 @@ the platform. Any other return value means a mismatch. +### Function: plat_get_rotpk_info() + + Argument : void *, void **, unsigned int *, unsigned int * + Return : int + +This function is mandatory when Trusted Board Boot is enabled. It returns a +pointer to the ROTPK stored in the platform (or a hash of it) and its length. +The ROTPK must be encoded in DER format according to the following ASN.1 +structure: + + AlgorithmIdentifier ::= SEQUENCE { + algorithm OBJECT IDENTIFIER, + parameters ANY DEFINED BY algorithm OPTIONAL + } + + SubjectPublicKeyInfo ::= SEQUENCE { + algorithm AlgorithmIdentifier, + subjectPublicKey BIT STRING + } + +In case the function returns a hash of the key: + + DigestInfo ::= SEQUENCE { + digestAlgorithm AlgorithmIdentifier, + digest OCTET STRING + } + +The function returns 0 on success. Any other value means the ROTPK could not be +retrieved from the platform. The function also reports extra information related +to the ROTPK in the flags parameter. + + 2.3 Common optional modifications --------------------------------- diff --git a/docs/user-guide.md b/docs/user-guide.md index 184e46a..742f616 100644 --- a/docs/user-guide.md +++ b/docs/user-guide.md @@ -346,6 +346,23 @@ For a better understanding of these options, the ARM development platform memory map is explained in the [Firmware Design]. +* `ARM_ROTPK_LOCATION`: used when `TRUSTED_BOARD_BOOT=1`. It specifies the + location of the ROTPK hash returned by the function `plat_get_rotpk_info()` + for ARM platforms. Depending on the selected option, the proper private key + must be specified using the `ROT_KEY` option when building the Trusted + Firmware. This private key will be used by the certificate generation tool + to sign the BL2 and Trusted Key certificates. Available options for + `ARM_ROTPK_LOCATION` are: + + - `regs` : return the ROTPK hash stored in the Trusted root-key storage + registers. The private key corresponding to this ROTPK hash is not + currently available. + - `devel_rsa` : return a development public key hash embedded in the BL1 + and BL2 binaries. This hash has been obtained from the RSA public key + `arm_rotpk_rsa.der`, located in `plat/arm/board/common/rotpk`. To use + this option, `arm_rotprivk_rsa.pem` must be specified as `ROT_KEY` when + creating the certificates. + #### ARM CSS platform specific build options * `CSS_DETECT_PRE_1_7_0_SCP`: Boolean flag to detect SCP version diff --git a/include/plat/arm/board/common/board_arm_def.h b/include/plat/arm/board/common/board_arm_def.h index 21dee7e..3abf235 100644 --- a/include/plat/arm/board/common/board_arm_def.h +++ b/include/plat/arm/board/common/board_arm_def.h @@ -64,29 +64,41 @@ * plat_arm_mmap array defined for each BL stage. */ #if IMAGE_BL1 -# define PLAT_ARM_MMAP_ENTRIES 6 +# if PLAT_fvp +# define PLAT_ARM_MMAP_ENTRIES 7 +# else +# define PLAT_ARM_MMAP_ENTRIES 6 +# endif #endif #if IMAGE_BL2 -# define PLAT_ARM_MMAP_ENTRIES 8 +# if PLAT_fvp +# define PLAT_ARM_MMAP_ENTRIES 9 +# else +# define PLAT_ARM_MMAP_ENTRIES 8 +# endif #endif #if IMAGE_BL31 -# define PLAT_ARM_MMAP_ENTRIES 5 +#define PLAT_ARM_MMAP_ENTRIES 5 #endif #if IMAGE_BL32 -# define PLAT_ARM_MMAP_ENTRIES 4 +#define PLAT_ARM_MMAP_ENTRIES 4 #endif /* * Platform specific page table and MMU setup constants */ #if IMAGE_BL1 -# if PLAT_fvp || PLAT_juno +# if PLAT_juno # define MAX_XLAT_TABLES 2 # else # define MAX_XLAT_TABLES 3 # endif /* PLAT_ */ #elif IMAGE_BL2 -# define MAX_XLAT_TABLES 3 +# if PLAT_juno +# define MAX_XLAT_TABLES 3 +# else +# define MAX_XLAT_TABLES 4 +# endif /* PLAT_ */ #elif IMAGE_BL31 # define MAX_XLAT_TABLES 2 #elif IMAGE_BL32 diff --git a/include/plat/arm/soc/common/soc_css_def.h b/include/plat/arm/soc/common/soc_css_def.h index 8b43e4c..428df4d 100644 --- a/include/plat/arm/soc/common/soc_css_def.h +++ b/include/plat/arm/soc/common/soc_css_def.h @@ -65,6 +65,14 @@ */ #define SOC_CSS_NIC400_APB4_BRIDGE 4 +/* Keys */ +#define SOC_KEYS_BASE 0x7fe80000 +#define TZ_PUB_KEY_HASH_BASE (SOC_KEYS_BASE + 0x0000) +#define TZ_PUB_KEY_HASH_SIZE 32 +#define HU_KEY_BASE (SOC_KEYS_BASE + 0x0020) +#define HU_KEY_SIZE 16 +#define END_KEY_BASE (SOC_KEYS_BASE + 0x0044) +#define END_KEY_SIZE 32 #define SOC_CSS_MAP_DEVICE MAP_REGION_FLAT( \ SOC_CSS_DEVICE_BASE, \ diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 73c2fdd..d8fa891 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -44,6 +44,11 @@ struct bl31_params; /******************************************************************************* + * plat_get_rotpk_info() flags + ******************************************************************************/ +#define ROTPK_IS_HASH (1 << 0) + +/******************************************************************************* * Function declarations ******************************************************************************/ /******************************************************************************* @@ -191,8 +196,10 @@ void bl32_plat_enable_mmu(uint32_t flags); /******************************************************************************* - * Trusted Boot functions + * Trusted Board Boot functions ******************************************************************************/ int plat_match_rotpk(const unsigned char *, unsigned int); +int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, + unsigned int *flags); #endif /* __PLATFORM_H__ */ diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index c6ad68a..50379be 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -28,8 +28,40 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#include +#include +#include +#include +#include + /* Weak definition may be overridden in specific platform */ #pragma weak plat_match_rotpk + +/* SHA256 algorithm */ +#define SHA256_BYTES 32 + +/* ROTPK locations */ +#define ARM_ROTPK_REGS_ID 1 +#define ARM_ROTPK_DEVEL_RSA_ID 2 + +#if !ARM_ROTPK_LOCATION_ID + #error "ARM_ROTPK_LOCATION_ID not defined" +#endif + +static const unsigned char rotpk_hash_hdr[] = \ + "\x30\x31\x30\x0D\x06\x09\x60\x86\x48" \ + "\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"; +static const unsigned int rotpk_hash_hdr_len = sizeof(rotpk_hash_hdr) - 1; +static unsigned char rotpk_hash_der[sizeof(rotpk_hash_hdr) - 1 + SHA256_BYTES]; + +#if (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) +static const unsigned char arm_devel_rotpk_hash[] = \ + "\xB0\xF3\x82\x09\x12\x97\xD8\x3A" \ + "\x37\x7A\x72\x47\x1B\xEC\x32\x73" \ + "\xE9\x92\x32\xE2\x49\x59\xF6\x5E" \ + "\x8B\x4A\x4A\x46\xD8\x22\x9A\xDA"; +#endif + /* * Check the validity of the key * @@ -40,3 +72,90 @@ /* TODO: check against the ROT key stored in the platform */ return 0; } + +/* + * Return the ROTPK hash in the following ASN.1 structure in DER format: + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL + * } + * + * DigestInfo ::= SEQUENCE { + * digestAlgorithm AlgorithmIdentifier, + * digest OCTET STRING + * } + */ +int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, + unsigned int *flags) +{ + uint8_t *dst; + + assert(key_ptr != NULL); + assert(key_len != NULL); + assert(flags != NULL); + + /* Copy the DER header */ + memcpy(rotpk_hash_der, rotpk_hash_hdr, rotpk_hash_hdr_len); + dst = (uint8_t *)&rotpk_hash_der[rotpk_hash_hdr_len]; + +#if (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) + memcpy(dst, arm_devel_rotpk_hash, SHA256_BYTES); +#elif (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_REGS_ID) + uint32_t *src, tmp; + unsigned int words, i; + + /* + * Append the hash from Trusted Root-Key Storage registers. The hash has + * not been written linearly into the registers, so we have to do a bit + * of byte swapping: + * + * 0x00 0x04 0x08 0x0C 0x10 0x14 0x18 0x1C + * +---------------------------------------------------------------+ + * | Reg0 | Reg1 | Reg2 | Reg3 | Reg4 | Reg5 | Reg6 | Reg7 | + * +---------------------------------------------------------------+ + * | ... ... | | ... ... | + * | +--------------------+ | +-------+ + * | | | | + * +----------------------------+ +----------------------------+ + * | | | | + * +-------+ | +--------------------+ | + * | | | | + * v v v v + * +---------------------------------------------------------------+ + * | | | + * +---------------------------------------------------------------+ + * 0 15 16 31 + * + * Additionally, we have to access the registers in 32-bit words + */ + words = SHA256_BYTES >> 3; + + /* Swap bytes 0-15 (first four registers) */ + src = (uint32_t *)TZ_PUB_KEY_HASH_BASE; + for (i = 0 ; i < words ; i++) { + tmp = src[words - 1 - i]; + /* Words are read in little endian */ + *dst++ = (uint8_t)((tmp >> 24) & 0xFF); + *dst++ = (uint8_t)((tmp >> 16) & 0xFF); + *dst++ = (uint8_t)((tmp >> 8) & 0xFF); + *dst++ = (uint8_t)(tmp & 0xFF); + } + + /* Swap bytes 16-31 (last four registers) */ + src = (uint32_t *)(TZ_PUB_KEY_HASH_BASE + SHA256_BYTES / 2); + for (i = 0 ; i < words ; i++) { + tmp = src[words - 1 - i]; + *dst++ = (uint8_t)((tmp >> 24) & 0xFF); + *dst++ = (uint8_t)((tmp >> 16) & 0xFF); + *dst++ = (uint8_t)((tmp >> 8) & 0xFF); + *dst++ = (uint8_t)(tmp & 0xFF); + } +#endif /* (ARM_ROTPK_LOCATION_ID == ARM_ROTPK_DEVEL_RSA_ID) */ + + *key_ptr = (void *)rotpk_hash_der; + *key_len = (unsigned int)sizeof(rotpk_hash_der); + *flags = ROTPK_IS_HASH; + return 0; +} + diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk new file mode 100644 index 0000000..bec49ed --- /dev/null +++ b/plat/arm/board/common/board_common.mk @@ -0,0 +1,55 @@ +# +# Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# Redistributions of source code must retain the above copyright notice, this +# list of conditions and the following disclaimer. +# +# Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# Neither the name of ARM nor the names of its contributors may be used +# to endorse or promote products derived from this software without specific +# prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +PLAT_INCLUDES += -Iinclude/plat/arm/board/common/ + +PLAT_BL_COMMON_SOURCES += drivers/arm/pl011/pl011_console.S \ + plat/arm/board/common/aarch64/board_arm_helpers.S + +#BL1_SOURCES += + +#BL2_SOURCES += + +#BL31_SOURCES += + +ifneq (${TRUSTED_BOARD_BOOT},0) + # ROTPK hash location + ifeq (${ARM_ROTPK_LOCATION}, regs) + ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID + else ifeq (${ARM_ROTPK_LOCATION}, devel_rsa) + ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID + else + $(error "Unsupported ARM_ROTPK_LOCATION value") + endif + $(eval $(call add_define,ARM_ROTPK_LOCATION_ID)) + + BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c + BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c +endif diff --git a/plat/arm/board/common/board_css.mk b/plat/arm/board/common/board_css.mk index 691999b..67e794e 100644 --- a/plat/arm/board/common/board_css.mk +++ b/plat/arm/board/common/board_css.mk @@ -28,20 +28,6 @@ # POSSIBILITY OF SUCH DAMAGE. # -PLAT_INCLUDES += -Iinclude/plat/arm/board/common/ +PLAT_BL_COMMON_SOURCES += plat/arm/board/common/board_css_common.c -PLAT_BL_COMMON_SOURCES += drivers/arm/pl011/pl011_console.S \ - plat/arm/board/common/aarch64/board_arm_helpers.S \ - plat/arm/board/common/board_css_common.c - - -#BL1_SOURCES += - -#BL2_SOURCES += - -#BL31_SOURCES += - -ifneq (${TRUSTED_BOARD_BOOT},0) - BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c - BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c -endif +include plat/arm/board/common/board_common.mk diff --git a/plat/arm/board/common/rotpk/arm_rotpk_rsa.der b/plat/arm/board/common/rotpk/arm_rotpk_rsa.der new file mode 100644 index 0000000..661f899 --- /dev/null +++ b/plat/arm/board/common/rotpk/arm_rotpk_rsa.der Binary files differ diff --git a/plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin b/plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin new file mode 100644 index 0000000..7653f7e --- /dev/null +++ b/plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin @@ -0,0 +1 @@ +�� ��:7zrG�2s�2�IY�^�JJF�"�� \ No newline at end of file diff --git a/plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem b/plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem new file mode 100644 index 0000000..71410ec --- /dev/null +++ b/plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDLLGDVjWPUB3l+ +xxaWvU0kTqyG5rdx48VUC+cUHL0pGsE/erYCqqs2xNk2aWziZcObsb89qFYmy/0E +AbqsPlQyynleu7IF6gZY8nS64fSHwBkKH2YHd4SDoRzv/yhZ58NofSYgQ+tWY/M5 +MdgrUam8T9D23pXcX1vB7ZBv7CiRfhfteJD0YKfEx09Q7V0TOiErcMVhewghZTrN +glaMekesieilSEgx2R1G5YWGmKDlwKZqvQfkkldhB499Wk3Krja5VgQQ8my+9jts +gD6+DqNNx9R+p0nU8tK8zzCo53SPZN+8XEdozEBM+IPMy0A1BGDKs6QXnwPKHVr6 +0a8hVxDTAgMBAAECggEAfwsc8ewbhDW4TwIGqfNtDUr0rtYN13VpqohW0ki2L8G/ +HQaKUViO/wxQFqoNn/OqQO0AfHmKhXAAokTCiXngBHJ/OjF7vB7+IRhazZEE6u2/ +uoivr/OYNQbFpXyTqsQ1eFzpPju6KKcPK7BzT4Mc89ek/vloFAi8w6LdMl8lbvOg +LBWqX+5A+UQoenPUTvYM4U22YNcEAWubkpsYAmViiWiac+a+uPRk39aKyfOedDNu ++ty9MtCwekivoUTfP/1+O+jFlDnPMJUOEkBmcBqxseYYAHu7blBpdHxYpAItC2pv +YwJJSvsE+HLBLPk177Jahg7sOUqcP0F/X+T65yuvIQKBgQDxdjXdJT5K8j7rG2fv +2bvF2H1GPaHaTYRk0EGI2Ql6Nn+ddfeCE6gaT7aPPgg87wAhNu93coFuYHw0p/sc +ZkXMJ+BmlstPV555cWXmwcxZLsni0fOXrt4YxwWkZwmh74m0NVM/cSFw56PU0oj1 +yDNeq3fgmsJocmuNTe1eG9qA7QKBgQDXaAGrNA5Xel5mqqMYTHHQWI6l2uzdNtt7 +eDn3K9+Eh3ywTqrwP845MAjKDU2Lq61I6t2H89dEifHq823VIcLCHd9BF04MrAH7 +qDPzrmPP2iB9g+YFmGBKe+K0HFE1t1KrTlo9VV6ZAC6RJNLAgwD4kvfIVYNkCGwe ++hoZBdhgvwKBgBrOsPQ4ak4PzwRzKnrqhXpVqrLdrNZ7vLMkm+IBlpfG7SwiKLR8 +UjF5oB8PGAML1cvaOYPdZplGhQOjkrF4eU9NLhC1tSS96Y46FMIlyfYsx6UzAgRZ +GbdOgUXbWqpr2bH0KaXlfXz3eqzqIuKGs41TJB//jo3iBibN/AhytzORAoGAeGov +5KDpE4XYl9Pz8HVremjG9Xh4yQENmOwQm1fvT4rd7UFM1ZkVk2qCv1DIdLe32vdQ +d9ucDzh+ADWsxGRnF1TTpPN+Mh9FzISu5h4qtdreJsxBHgecbIbsqHrb+wdMM29N +itPaWfV8Eq9fETcqp8qgsWD8XkNHDdoKFMrrtskCgYAoSt/Je1D3ZE/3HEjez7bq +fenS3J6KG2SEn2PNFn+R0R5vBo4DaV/cQysKh44GD2+sh0QDyh6nuWJufyhPzROP +DU6DCLbwNePj/yaGuzi36oLt6bBgfPWCiJY7jIdK8DmTLW25m7fRtCC5pxZlSzgl +KBf7R6cbaTvaFe05Y2FJXA== +-----END PRIVATE KEY----- diff --git a/plat/arm/board/fvp/aarch64/fvp_common.c b/plat/arm/board/fvp/aarch64/fvp_common.c index a876313..c46bdb6 100644 --- a/plat/arm/board/fvp/aarch64/fvp_common.c +++ b/plat/arm/board/fvp/aarch64/fvp_common.c @@ -55,6 +55,11 @@ DEVICE1_SIZE, \ MT_DEVICE | MT_RW | MT_SECURE) +#define MAP_DEVICE2 MAP_REGION_FLAT(DEVICE2_BASE, \ + DEVICE2_SIZE, \ + MT_DEVICE | MT_RO | MT_SECURE) + + /* * Table of regions for various BL stages to map using the MMU. * This doesn't include TZRAM as the 'mem_layout' argument passed to @@ -67,6 +72,7 @@ V2M_MAP_IOFPGA, MAP_DEVICE0, MAP_DEVICE1, + MAP_DEVICE2, {0} }; #endif @@ -77,6 +83,7 @@ V2M_MAP_IOFPGA, MAP_DEVICE0, MAP_DEVICE1, + MAP_DEVICE2, ARM_MAP_NS_DRAM1, ARM_MAP_TSP_SEC_MEM, {0} diff --git a/plat/arm/board/fvp/fvp_def.h b/plat/arm/board/fvp/fvp_def.h index 68ef297..842a287 100644 --- a/plat/arm/board/fvp/fvp_def.h +++ b/plat/arm/board/fvp/fvp_def.h @@ -58,13 +58,25 @@ #define DEVICE1_BASE 0x2f000000 #define DEVICE1_SIZE 0x200000 +/* Devices in the second GB */ +#define DEVICE2_BASE 0x7fe00000 +#define DEVICE2_SIZE 0x00200000 + #define NSRAM_BASE 0x2e000000 #define NSRAM_SIZE 0x10000 #define PCIE_EXP_BASE 0x40000000 #define TZRNG_BASE 0x7fe60000 #define TZNVCTR_BASE 0x7fe70000 -#define TZROOTKEY_BASE 0x7fe80000 + +/* Keys */ +#define SOC_KEYS_BASE 0x7fe80000 +#define TZ_PUB_KEY_HASH_BASE (SOC_KEYS_BASE + 0x0000) +#define TZ_PUB_KEY_HASH_SIZE 32 +#define HU_KEY_BASE (SOC_KEYS_BASE + 0x0020) +#define HU_KEY_SIZE 16 +#define END_KEY_BASE (SOC_KEYS_BASE + 0x0044) +#define END_KEY_SIZE 32 /* Constants to distinguish FVP type */ #define HBI_BASE_FVP 0x020 diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk index 949e6ad..a1a0971 100644 --- a/plat/arm/board/fvp/platform.mk +++ b/plat/arm/board/fvp/platform.mk @@ -29,12 +29,10 @@ # -PLAT_INCLUDES := -Iinclude/plat/arm/board/common \ - -Iplat/arm/board/fvp/include +PLAT_INCLUDES := -Iplat/arm/board/fvp/include -PLAT_BL_COMMON_SOURCES := drivers/arm/pl011/pl011_console.S \ - plat/arm/board/fvp/aarch64/fvp_common.c +PLAT_BL_COMMON_SOURCES := plat/arm/board/fvp/aarch64/fvp_common.c BL1_SOURCES += drivers/io/io_semihosting.c \ lib/cpus/aarch64/aem_generic.S \ @@ -65,10 +63,5 @@ plat/arm/board/fvp/aarch64/fvp_helpers.S \ plat/arm/board/fvp/drivers/pwrc/fvp_pwrc.c -ifneq (${TRUSTED_BOARD_BOOT},0) - BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c - BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c -endif - - +include plat/arm/board/common/board_common.mk include plat/arm/common/arm_common.mk