TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / sandbox / arthur / trustedfirmware-a / da57b6e3cfdb36ad96d136d17ec3d300f699fee3 / . / plat / arm / board / common / board_common.mk
blob: 124a44b2dddee5e00437af2b6aecff93ec82efea [file] [log] [blame]
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]1#
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]2# Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]3#
dp-arm82cb2c12017-05-03 09:38:09 +0100[diff] [blame]4# SPDX-License-Identifier: BSD-3-Clause
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]5#
6
Antonio Nino Diazaa7877c2018-10-10 11:14:44 +0100[diff] [blame]7PLAT_BL_COMMON_SOURCES += drivers/arm/pl011/${ARCH}/pl011_console.S \
Yatharth Kochar1a0a3f02016-06-28 16:58:26 +0100[diff] [blame]8 plat/arm/board/common/${ARCH}/board_arm_helpers.S
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]9
Antonio Nino Diazaa7877c2018-10-10 11:14:44 +0100[diff] [blame]10BL1_SOURCES += drivers/cfi/v2m/v2m_flash.c
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]11
Antonio Nino Diazaa7877c2018-10-10 11:14:44 +0100[diff] [blame]12BL2_SOURCES += drivers/cfi/v2m/v2m_flash.c
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]13
14ifneq (${TRUSTED_BOARD_BOOT},0)
laurenw-arm95302e42022-12-13 09:42:40 -0600[diff] [blame]15ARM_ROTPK_S = plat/arm/board/common/rotpk/arm_dev_rotpk.S
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]16ARM_ROTPK = $(BUILD_PLAT)/arm_rotpk.bin
17ARM_ROTPK_IS_HASH := 1
18$(eval $(call add_define_val,ARM_ROTPK,'"$(ARM_ROTPK)"'))
Sandrine Bailleuxb65dfe42023-10-26 15:14:42 +0200[diff] [blame]19
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]20# ROTPK hash location
21ifeq (${ARM_ROTPK_LOCATION}, regs)
22 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]23else
24# The ROTPK is a development key
25ifeq (${ARM_ROTPK_LOCATION}, devel_rsa)
Max Shvetsov698e2312020-02-11 12:41:08 +0000[diff] [blame]26 CRYPTO_ALG=rsa
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]27 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]28 ROT_KEY ?= plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]29$(warning Development keys support for FVP is deprecated. Use `regs` \
30option instead)
31else ifeq (${ARM_ROTPK_LOCATION}, devel_ecdsa)
Max Shvetsov698e2312020-02-11 12:41:08 +0000[diff] [blame]32 CRYPTO_ALG=ec
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]33 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_ECDSA_ID
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]34 ROT_KEY ?= plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]35$(warning Development keys support for FVP is deprecated. Use `regs` \
36option instead)
laurenw-arm5f899282022-10-28 11:26:32 -0500[diff] [blame]37else ifeq (${ARM_ROTPK_LOCATION}, devel_full_dev_rsa_key)
38 CRYPTO_ALG=rsa
39 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_FULL_DEV_RSA_KEY_ID
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]40 ROT_KEY ?= plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
41 ARM_ROTPK_IS_HASH = 0
laurenw-arm5f899282022-10-28 11:26:32 -0500[diff] [blame]42$(warning Development keys support for FVP is deprecated. Use `regs` \
43option instead)
laurenw-armb8ae6892023-08-15 14:57:56 -0500[diff] [blame]44else ifeq (${ARM_ROTPK_LOCATION}, devel_full_dev_ecdsa_key)
45 CRYPTO_ALG=ec
46 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_FULL_DEV_ECDSA_KEY_ID
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]47 ROT_KEY ?= plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem
48 ARM_ROTPK_IS_HASH = 0
laurenw-armb8ae6892023-08-15 14:57:56 -0500[diff] [blame]49$(warning Development keys support for FVP is deprecated. Use `regs` \
50option instead)
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]51else
Sandrine Bailleux5eea0192021-04-16 16:08:46 +0200[diff] [blame]52$(error "Unsupported ARM_ROTPK_LOCATION value")
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]53endif
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]54$(BUILD_PLAT)/bl1/arm_dev_rotpk.o : $(ARM_ROTPK)
55$(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK)
56endif
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]57
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]58$(eval $(call add_define,ARM_ROTPK_LOCATION_ID))
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]59$(eval $(call add_define,ARM_ROTPK_IS_HASH))
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]60
laurenw-armf2423792022-04-21 16:50:49 -0500[diff] [blame]61ifeq (${ENABLE_RME}, 1)
62COT := cca
63endif
64
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]65# Force generation of the ROT public key if ROT_KEY is specified
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]66ifdef ROT_KEY
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]67 PK_PREREQUISITES = $(ROT_KEY) FORCE
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]68endif
69
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]70$(ARM_ROTPK) : $(PK_PREREQUISITES)
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]71ifndef ROT_KEY
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]72 $(error Cannot generate public key: no ROT_KEY defined)
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]73endif
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]74ifeq ($(ARM_ROTPK_IS_HASH), 1)
Salome Thirote95abc42022-07-14 16:14:15 +0100[diff] [blame]75 ${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | \
Ryan Everettd51981e2024-11-11 18:02:10 +0000[diff] [blame]76 ${OPENSSL_BIN_PATH}/openssl dgst -${HASH_ALG} -binary -out $@
77else
78 ${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in $< -pubout -outform DER -out $@
79endif
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]80
81# Certificate NV-Counters. Use values corresponding to tied off values in
82# ARM development platforms
83TFW_NVCTR_VAL ?= 31
84NTFW_NVCTR_VAL ?= 223
laurenw-arm02552d42023-05-02 14:42:48 -0500[diff] [blame]85# The CCA Non-Volatile Counter only exists on some Arm development platforms.
86# On others, we mock it by aliasing it to the Trusted Firmware Non-Volatile counter,
87# hence we set both counters to the same default value.
88CCAFW_NVCTR_VAL ?= 31
Sandrine Bailleuxb65dfe42023-10-26 15:14:42 +0200[diff] [blame]89
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]90BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \
laurenw-arm5f899282022-10-28 11:26:32 -0500[diff] [blame]91 ${ARM_ROTPK_S}
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]92BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \
laurenw-arm5f899282022-10-28 11:26:32 -0500[diff] [blame]93 ${ARM_ROTPK_S}
Max Shvetsova6ffdde2019-12-06 11:50:12 +0000[diff] [blame]94
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]95ifeq ($(CRYPTO_ALG), ec)
96ifeq ($(KEY_SIZE), 384)
97ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_ecdsa_secp384r1.pem
98ARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_ecdsa_secp384r1.pem
99else
100ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_ecdsa.pem
101ARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_ecdsa.pem
102endif
103else
104ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem
105ARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem
106endif
107
Sandrine Bailleux1035a702020-02-06 14:59:33 +0100[diff] [blame]108# Allows platform code to provide implementation variants depending on the
109# selected chain of trust.
110$(eval $(call add_define,ARM_COT_${COT}))
111
112ifeq (${COT},dualroot)
113# Platform Root of Trust key files.
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]114ARM_PROTPK := $(BUILD_PLAT)/arm_protpk.bin
Sandrine Bailleux1035a702020-02-06 14:59:33 +0100[diff] [blame]115
116# Provide the private key to cert_create tool. It needs it to sign the images.
117PROT_KEY := ${ARM_PROT_KEY}
118
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]119$(eval $(call add_define_val,ARM_PROTPK,'"$(ARM_PROTPK)"'))
Sandrine Bailleux1035a702020-02-06 14:59:33 +0100[diff] [blame]120
121BL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S
122BL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S
123
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]124$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK)
125$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK)
Sandrine Bailleux1035a702020-02-06 14:59:33 +0100[diff] [blame]126endif
127
laurenw-armf2423792022-04-21 16:50:49 -0500[diff] [blame]128ifeq (${COT},cca)
129# Platform and Secure World Root of Trust key files.
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]130ARM_PROTPK := $(BUILD_PLAT)/arm_protpk.bin
131ARM_SWD_ROTPK := $(BUILD_PLAT)/arm_swd_rotpk.bin
laurenw-armf2423792022-04-21 16:50:49 -0500[diff] [blame]132
133# Provide the private keys to cert_create tool. It needs them to sign the images.
134PROT_KEY := ${ARM_PROT_KEY}
135SWD_ROT_KEY := ${ARM_SWD_ROT_KEY}
136
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]137$(eval $(call add_define_val,ARM_PROTPK,'"$(ARM_PROTPK)"'))
138$(eval $(call add_define_val,ARM_SWD_ROTPK,'"$(ARM_SWD_ROTPK)"'))
laurenw-armf2423792022-04-21 16:50:49 -0500[diff] [blame]139
140BL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \
141 plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
142BL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \
143 plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S
144
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]145$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK)
146$(BUILD_PLAT)/bl1/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK)
147$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK)
148$(BUILD_PLAT)/bl2/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK)
laurenw-armf2423792022-04-21 16:50:49 -0500[diff] [blame]149endif
150
Ryan Everettda57b6e2024-11-11 18:08:10 +0000[diff] [blame^]151$(ARM_PROTPK): $(ARM_PROT_KEY)
152ifndef ARM_PROT_KEY
153 $(error Cannot generate hash: no PROT_KEY defined)
154endif
155 ${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in ${ARM_PROT_KEY} -pubout -outform DER | \
156 ${OPENSSL_BIN_PATH}/openssl dgst -${HASH_ALG} -binary -out $@
157
158$(ARM_SWD_ROTPK): $(ARM_SWD_ROT_KEY)
159ifndef ARM_SWD_ROT_KEY
160 $(error Cannot generate hash: no SWD_KEY defined)
161endif
162 ${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in ${ARM_SWD_ROT_KEY} -pubout -outform DER | \
163 ${OPENSSL_BIN_PATH}/openssl dgst -${HASH_ALG} -binary -out $@
Juan Castillo95cfd4a2015-04-14 12:49:03 +0100[diff] [blame]164endif