1# 2# Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved. 3# 4# SPDX-License-Identifier: BSD-3-Clause 5# 6 7PLAT_BL_COMMON_SOURCES += drivers/arm/pl011/${ARCH}/pl011_console.S \ 8 plat/arm/board/common/${ARCH}/board_arm_helpers.S 9 10BL1_SOURCES += drivers/cfi/v2m/v2m_flash.c 11 12BL2_SOURCES += drivers/cfi/v2m/v2m_flash.c 13 14ifneq (${TRUSTED_BOARD_BOOT},0) 15ifneq (${ARM_CRYPTOCELL_INTEG}, 1) 16# ROTPK hash location 17ifeq (${ARM_ROTPK_LOCATION}, regs) 18 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_REGS_ID 19else ifeq (${ARM_ROTPK_LOCATION}, devel_rsa) 20 CRYPTO_ALG=rsa 21 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_RSA_ID 22 ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin 23$(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"')) 24$(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK_HASH) 25$(warning Development keys support for FVP is deprecated. Use `regs` \ 26option instead) 27else ifeq (${ARM_ROTPK_LOCATION}, devel_ecdsa) 28 CRYPTO_ALG=ec 29 ARM_ROTPK_LOCATION_ID = ARM_ROTPK_DEVEL_ECDSA_ID 30 ARM_ROTPK_HASH = plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin 31$(eval $(call add_define_val,ARM_ROTPK_HASH,'"$(ARM_ROTPK_HASH)"')) 32$(BUILD_PLAT)/bl2/arm_dev_rotpk.o : $(ARM_ROTPK_HASH) 33$(warning Development keys support for FVP is deprecated. Use `regs` \ 34option instead) 35else 36$(error "Unsupported ARM_ROTPK_LOCATION value") 37endif 38 39$(eval $(call add_define,ARM_ROTPK_LOCATION_ID)) 40 41ifeq (${ENABLE_RME}, 1) 42COT := cca 43endif 44 45# Force generation of the new hash if ROT_KEY is specified 46ifdef ROT_KEY 47 HASH_PREREQUISITES = $(ROT_KEY) FORCE 48else 49 HASH_PREREQUISITES = $(ROT_KEY) 50endif 51 52$(ARM_ROTPK_HASH) : $(HASH_PREREQUISITES) 53ifndef ROT_KEY 54 $(error Cannot generate hash: no ROT_KEY defined) 55endif 56 openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | openssl dgst \ 57 -sha256 -binary > $@ 58 59# Certificate NV-Counters. Use values corresponding to tied off values in 60# ARM development platforms 61TFW_NVCTR_VAL ?= 31 62NTFW_NVCTR_VAL ?= 223 63else 64# Certificate NV-Counters when CryptoCell is integrated. For development 65# platforms we set the counter to first valid value. 66TFW_NVCTR_VAL ?= 0 67NTFW_NVCTR_VAL ?= 0 68endif 69BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \ 70 plat/arm/board/common/rotpk/arm_dev_rotpk.S 71BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c \ 72 plat/arm/board/common/rotpk/arm_dev_rotpk.S 73 74# Allows platform code to provide implementation variants depending on the 75# selected chain of trust. 76$(eval $(call add_define,ARM_COT_${COT})) 77 78ifeq (${COT},dualroot) 79# Platform Root of Trust key files. 80ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem 81ARM_PROTPK_HASH := plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin 82 83# Provide the private key to cert_create tool. It needs it to sign the images. 84PROT_KEY := ${ARM_PROT_KEY} 85 86$(eval $(call add_define_val,ARM_PROTPK_HASH,'"$(ARM_PROTPK_HASH)"')) 87 88BL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S 89BL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S 90 91$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 92$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 93endif 94 95ifeq (${COT},cca) 96# Platform and Secure World Root of Trust key files. 97ARM_PROT_KEY := plat/arm/board/common/protpk/arm_protprivk_rsa.pem 98ARM_PROTPK_HASH := plat/arm/board/common/protpk/arm_protpk_rsa_sha256.bin 99ARM_SWD_ROT_KEY := plat/arm/board/common/swd_rotpk/arm_swd_rotprivk_rsa.pem 100ARM_SWD_ROTPK_HASH := plat/arm/board/common/swd_rotpk/arm_swd_rotpk_rsa_sha256.bin 101 102# Provide the private keys to cert_create tool. It needs them to sign the images. 103PROT_KEY := ${ARM_PROT_KEY} 104SWD_ROT_KEY := ${ARM_SWD_ROT_KEY} 105 106$(eval $(call add_define_val,ARM_PROTPK_HASH,'"$(ARM_PROTPK_HASH)"')) 107$(eval $(call add_define_val,ARM_SWD_ROTPK_HASH,'"$(ARM_SWD_ROTPK_HASH)"')) 108 109BL1_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \ 110 plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S 111BL2_SOURCES += plat/arm/board/common/protpk/arm_dev_protpk.S \ 112 plat/arm/board/common/swd_rotpk/arm_dev_swd_rotpk.S 113 114$(BUILD_PLAT)/bl1/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 115$(BUILD_PLAT)/bl1/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH) 116$(BUILD_PLAT)/bl2/arm_dev_protpk.o: $(ARM_PROTPK_HASH) 117$(BUILD_PLAT)/bl2/arm_dev_swd_rotpk.o: $(ARM_SWD_ROTPK_HASH) 118endif 119 120endif 121