diff --git a/common/bl_common.c b/common/bl_common.c index b74225b..2fcb538 100644 --- a/common/bl_common.c +++ b/common/bl_common.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2019, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2020, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ diff --git a/include/lib/fconf/fconf_tbbr_getter.h b/include/lib/fconf/fconf_tbbr_getter.h index fb81e7b..32e1b65 100644 --- a/include/lib/fconf/fconf_tbbr_getter.h +++ b/include/lib/fconf/fconf_tbbr_getter.h @@ -12,4 +12,14 @@ /* TBBR related getter */ #define tbbr__cot_getter(id) cot_desc_ptr[id] +#define tbbr__dyn_config_getter(id) tbbr_dyn_config.id + +struct tbbr_dyn_config_t { + uint32_t disable_auth; +}; + +extern struct tbbr_dyn_config_t tbbr_dyn_config; + +int fconf_populate_tbbr_dyn_config(uintptr_t config); + #endif /* FCONF_TBBR_GETTER_H */ diff --git a/include/plat/arm/common/arm_dyn_cfg_helpers.h b/include/plat/arm/common/arm_dyn_cfg_helpers.h index 9fb3131..61f876f 100644 --- a/include/plat/arm/common/arm_dyn_cfg_helpers.h +++ b/include/plat/arm/common/arm_dyn_cfg_helpers.h @@ -11,7 +11,6 @@ /* Function declarations */ int arm_dyn_tb_fw_cfg_init(void *dtb, int *node); -int arm_dyn_get_disable_auth(void *dtb, int node, uint32_t *disable_auth); int arm_get_dtb_mbedtls_heap_info(void *dtb, void **heap_addr, size_t *heap_size); int arm_set_dtb_mbedtls_heap_info(void *dtb, void *heap_addr, diff --git a/lib/fconf/fconf_tbbr_getter.c b/lib/fconf/fconf_tbbr_getter.c new file mode 100644 index 0000000..29f67ca --- /dev/null +++ b/lib/fconf/fconf_tbbr_getter.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2019-2020, ARM Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ +#include + +#include +#include +#include +#include +#include + +struct tbbr_dyn_config_t tbbr_dyn_config; + +int fconf_populate_tbbr_dyn_config(uintptr_t config) +{ + int err; + int node; + + /* As libfdt use void *, we can't avoid this cast */ + const void *dtb = (void *)config; + + /* Assert the node offset point to "arm,tb_fw" compatible property */ + const char *compatible_str = "arm,tb_fw"; + node = fdt_node_offset_by_compatible(dtb, -1, compatible_str); + if (node < 0) { + ERROR("FCONF: Can't find %s compatible in dtb\n", compatible_str); + return node; + } + + /* Locate the disable_auth cell and read the value */ + err = fdtw_read_cells(dtb, node, "disable_auth", 1, &tbbr_dyn_config.disable_auth); + if (err < 0) { + WARN("FCONF: Read cell failed for `disable_auth`\n"); + return err; + } + + /* Check if the value is boolean */ + if ((tbbr_dyn_config.disable_auth != 0U) && (tbbr_dyn_config.disable_auth != 1U)) { + WARN("Invalid value for `disable_auth` cell %d\n", tbbr_dyn_config.disable_auth); + return -1; + } + +#if defined(DYN_DISABLE_AUTH) + if (tbbr_dyn_config.disable_auth == 1) + dyn_disable_auth(); +#endif + + VERBOSE("FCONF:tbbr.disable_auth cell found with value = %d\n", + tbbr_dyn_config.disable_auth); + + return 0; +} + +FCONF_REGISTER_POPULATOR(tbbr, fconf_populate_tbbr_dyn_config); diff --git a/plat/arm/common/arm_common.mk b/plat/arm/common/arm_common.mk index abf2f91..ceff6e2 100644 --- a/plat/arm/common/arm_common.mk +++ b/plat/arm/common/arm_common.mk @@ -273,7 +273,8 @@ # Include common TBB sources AUTH_SOURCES := drivers/auth/auth_mod.c \ drivers/auth/crypto_mod.c \ - drivers/auth/img_parser_mod.c + drivers/auth/img_parser_mod.c \ + lib/fconf/fconf_tbbr_getter.c # Include the selected chain of trust sources. ifeq (${COT},tbbr) diff --git a/plat/arm/common/arm_dyn_cfg.c b/plat/arm/common/arm_dyn_cfg.c index 402fd93..d373ded 100644 --- a/plat/arm/common/arm_dyn_cfg.c +++ b/plat/arm/common/arm_dyn_cfg.c @@ -207,27 +207,4 @@ */ cfg_mem_params->image_info.h.attr &= ~IMAGE_ATTRIB_SKIP_LOADING; } - -#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH) - uint32_t disable_auth = 0; - void *tb_fw_cfg_dtb; - int err, tb_fw_node; - - dtb_info = FCONF_GET_PROPERTY(dyn_cfg, dtb, TB_FW_CONFIG_ID); - tb_fw_cfg_dtb = (void *)dtb_info->config_addr; - - err = arm_dyn_tb_fw_cfg_init(tb_fw_cfg_dtb, &tb_fw_node); - if (err < 0) { - ERROR("Invalid TB_FW_CONFIG passed from BL1\n"); - panic(); - } - - err = arm_dyn_get_disable_auth(tb_fw_cfg_dtb, tb_fw_node, - &disable_auth); - if (err < 0) - return; - - if (disable_auth == 1) - dyn_disable_auth(); -#endif } diff --git a/plat/arm/common/arm_dyn_cfg_helpers.c b/plat/arm/common/arm_dyn_cfg_helpers.c index ac6c99d..db6f260 100644 --- a/plat/arm/common/arm_dyn_cfg_helpers.c +++ b/plat/arm/common/arm_dyn_cfg_helpers.c @@ -16,51 +16,6 @@ #define DTB_PROP_MBEDTLS_HEAP_SIZE "mbedtls_heap_size" /******************************************************************************* - * Helper to read the `disable_auth` property in config DTB. This function - * expects the following properties to be present in the config DTB. - * name : disable_auth size : 1 cell - * - * Arguments: - * void *dtb - pointer to the TB_FW_CONFIG in memory - * int node - The node offset to appropriate node in the - * DTB. - * uint64_t *disable_auth - The value of `disable_auth` property on - * successful read. Must be 0 or 1. - * - * Returns 0 on success and -1 on error. - ******************************************************************************/ -int arm_dyn_get_disable_auth(void *dtb, int node, uint32_t *disable_auth) -{ - int err; - - assert(dtb != NULL); - assert(disable_auth != NULL); - - /* Check if the pointer to DT is correct */ - assert(fdt_check_header(dtb) == 0); - - /* Assert the node offset point to "arm,tb_fw" compatible property */ - assert(node == fdt_node_offset_by_compatible(dtb, -1, "arm,tb_fw")); - - /* Locate the disable_auth cell and read the value */ - err = fdtw_read_cells(dtb, node, "disable_auth", 1, disable_auth); - if (err < 0) { - WARN("Read cell failed for `disable_auth`\n"); - return -1; - } - - /* Check if the value is boolean */ - if ((*disable_auth != 0U) && (*disable_auth != 1U)) { - WARN("Invalid value for `disable_auth` cell %d\n", *disable_auth); - return -1; - } - - VERBOSE("Dyn cfg: `disable_auth` cell found with value = %d\n", - *disable_auth); - return 0; -} - -/******************************************************************************* * Validate the tb_fw_config is a valid DTB file and returns the node offset * to "arm,tb_fw" property. * Arguments: