Boot: Enable CC312 runtime library
Enable in cmake. Update mbedtls config to use hardware functions. Add
init function.
Change-Id: Ic704ee6327a1a2566ffa1f88acb5db297b73582e
Signed-off-by: Raef Coles <raef.coles@arm.com>
diff --git a/bl2/ext/mcuboot/CMakeLists.txt b/bl2/ext/mcuboot/CMakeLists.txt
index 10057f6..efa64eb 100644
--- a/bl2/ext/mcuboot/CMakeLists.txt
+++ b/bl2/ext/mcuboot/CMakeLists.txt
@@ -83,6 +83,8 @@
)
#Define location of Mbed Crypto source, build, and installation directory.
+set(MBEDTLS_CONFIG_FILE "config-boot.h")
+set(MBEDTLS_CONFIG_PATH "${TFM_ROOT_DIR}/bl2/ext/mcuboot/include")
get_filename_component(MBEDCRYPTO_SOURCE_DIR "${TFM_ROOT_DIR}/../mbed-crypto" ABSOLUTE)
if(NOT EXISTS ${MBEDCRYPTO_SOURCE_DIR})
message(FATAL_ERROR "Missing mbed-crypto. Please clone the mbed-crypto repo to directory \"${MBEDCRYPTO_SOURCE_DIR}\".")
@@ -90,10 +92,17 @@
set (MBEDCRYPTO_BINARY_DIR "${CMAKE_CURRENT_BINARY_DIR}/mbed-crypto/build")
set (MBEDCRYPTO_INSTALL_DIR ${MBEDCRYPTO_BINARY_DIR}/../install)
+if (CRYPTO_HW_ACCELERATOR)
+ if(NOT DEFINED CRYPTO_HW_ACCELERATOR_CMAKE_BUILD)
+ message(FATAL_ERROR "CRYPTO_HW_ACCELERATOR_CMAKE_BUILD not defined.")
+ endif()
+ include(${CRYPTO_HW_ACCELERATOR_CMAKE_BUILD})
+endif()
+
#Build Mbed Crypto as external project.
#This ensures Mbed Crypto is built with exactly defined settings.
-#Mbed Crypto will be used from is't install location
-set(MBEDCRYPTO_C_FLAGS ${MBEDCRYPTO_C_FLAGS_BL2})
+#Mbed Crypto will be used from its install location
+string(APPEND MBEDCRYPTO_C_FLAGS " ${MBEDCRYPTO_C_FLAGS_BL2}")
set(MBEDCRYPTO_TARGET_NAME "mbedcrypto_mcuboot_lib")
include(${TFM_ROOT_DIR}/BuildMbedCrypto.cmake)
@@ -141,6 +150,14 @@
target_link_libraries(${PROJECT_NAME} "${MBEDCRYPTO_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX_C}mbedcrypto${CMAKE_STATIC_LIBRARY_SUFFIX_C}")
add_dependencies(${PROJECT_NAME} ${MBEDCRYPTO_TARGET_NAME}_install)
+#Link crypto accelerator libraries if applicable
+if (CRYPTO_HW_ACCELERATOR)
+ if(NOT DEFINED CRYPTO_HW_ACCELERATOR_CMAKE_LINK)
+ message(FATAL_ERROR "CRYPTO_HW_ACCELERATOR_CMAKE_LINK not defined.")
+ endif()
+ include(${CRYPTO_HW_ACCELERATOR_CMAKE_LINK})
+endif()
+
#Generate binary file from axf
compiler_generate_binary_output(${PROJECT_NAME})
@@ -154,7 +171,7 @@
target_compile_definitions(${PROJECT_NAME} PRIVATE
MCUBOOT_VALIDATE_PRIMARY_SLOT
MCUBOOT_USE_FLASH_AREA_GET_SECTORS
- MBEDTLS_CONFIG_FILE="config-boot.h"
+ MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}"
MCUBOOT_TARGET_CONFIG="flash_layout.h")
if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
diff --git a/bl2/ext/mcuboot/bl2_main.c b/bl2/ext/mcuboot/bl2_main.c
index 6ff4197..26461c1 100644
--- a/bl2/ext/mcuboot/bl2_main.c
+++ b/bl2/ext/mcuboot/bl2_main.c
@@ -31,6 +31,9 @@
#if BOOT_LOG_LEVEL > BOOT_LOG_LEVEL_OFF
#include "uart_stdout.h"
#endif
+#ifdef CRYPTO_HW_ACCELERATOR
+#include "crypto_hw.h"
+#endif /* CRYPTO_HW_ACCELERATOR */
/* Avoids the semihosting issue */
#if defined (__ARMCC_VERSION) && (__ARMCC_VERSION >= 6010050)
@@ -173,6 +176,14 @@
*/
mbedtls_memory_buffer_alloc_init(mbedtls_mem_buf, BL2_MBEDTLS_MEM_BUF_LEN);
+#ifdef CRYPTO_HW_ACCELERATOR
+ rc = crypto_hw_accelerator_init();
+ if (rc) {
+ BOOT_LOG_ERR("Error while initializing cryptographic accelerator.");
+ while (1);
+ }
+#endif /* CRYPTO_HW_ACCELERATOR */
+
rc = FLASH_DEV_NAME.Initialize(NULL);
if(rc != ARM_DRIVER_OK) {
BOOT_LOG_ERR("Error while initializing Flash Interface");
@@ -194,6 +205,14 @@
;
}
+#ifdef CRYPTO_HW_ACCELERATOR
+ rc = crypto_hw_accelerator_finish();
+ if (rc) {
+ BOOT_LOG_ERR("Error while uninitializing cryptographic accelerator.");
+ while (1);
+ }
+#endif /* CRYPTO_HW_ACCELERATOR */
+
BOOT_LOG_INF("Bootloader chainload address offset: 0x%x",
rsp.br_image_off);
flash_area_warn_on_open();
diff --git a/bl2/ext/mcuboot/include/config-boot.h b/bl2/ext/mcuboot/include/config-boot.h
index 3fd8cc0..6b0c040 100644
--- a/bl2/ext/mcuboot/include/config-boot.h
+++ b/bl2/ext/mcuboot/include/config-boot.h
@@ -54,9 +54,9 @@
/* Save RAM by adjusting to our exact needs */
#if MCUBOOT_SIGN_RSA_LEN == 3072
-#define MBEDTLS_MPI_MAX_SIZE 384
+#define MBEDTLS_MPI_MAX_SIZE 384
#else /* RSA2048 */
-#define MBEDTLS_MPI_MAX_SIZE 256
+#define MBEDTLS_MPI_MAX_SIZE 256
#endif
#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
@@ -64,6 +64,10 @@
/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+#ifdef CRYPTO_HW_ACCELERATOR
+#include "mbedtls_accelerator_config.h"
+#endif
+
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_BOOT_H */