diff options
| author | Joel Hutton <Joel.Hutton@Arm.com> | 2019-03-11 11:37:38 +0000 |
|---|---|---|
| committer | Joel Hutton <Joel.Hutton@Arm.com> | 2019-04-08 14:24:21 +0100 |
| commit | 30070427e3ed30721074465f97ffb68390ee688c (patch) | |
| tree | a9b0cc8e9ddf99630b6f5e6411d208dae85c41bd /drivers | |
| parent | 0b6377d1c60c01dd456a1a88dac5b1e83c0e3273 (diff) | |
| download | platform_external_arm-trusted-firmware-30070427e3ed30721074465f97ffb68390ee688c.tar.gz platform_external_arm-trusted-firmware-30070427e3ed30721074465f97ffb68390ee688c.tar.bz2 platform_external_arm-trusted-firmware-30070427e3ed30721074465f97ffb68390ee688c.zip | |
cot-desc: optimise memory further
This changes the auth_img_desc_t struct to have pointers to struct
arrays instead of struct arrays. This saves memory as many of these
were never used, and can be NULL pointers. Note the memory savings are
only when these arrays are not initialised, as it is assumed these
arrays are fixed length. A possible future optimisation could allow for
variable length.
memory diff:
bl1: bl2:
text text
-12 -12
bss bss
-1463 0
data data
-56 -48
rodata rodata
-5688 -2592
total total
-7419 -2652
Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/auth/auth_mod.c | 43 | ||||
| -rw-r--r-- | drivers/auth/tbbr/tbbr_cot.c | 74 |
2 files changed, 62 insertions, 55 deletions
diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c index d66e5dd1d..1aca1ccc8 100644 --- a/drivers/auth/auth_mod.c +++ b/drivers/auth/auth_mod.c @@ -53,6 +53,9 @@ static int auth_get_param(const auth_param_type_desc_t *param_type_desc, { int i; + if (img_desc->authenticated_data == NULL) + return 1; + for (i = 0 ; i < COT_MAX_VERIFIED_PARAMS ; i++) { if (0 == cmp_auth_param_type_desc(param_type_desc, img_desc->authenticated_data[i].type_desc)) { @@ -361,6 +364,8 @@ int auth_mod_verify_img(unsigned int img_id, /* Authenticate the image using the methods indicated in the image * descriptor. */ + if(img_desc->img_auth_methods == NULL) + return 1; for (i = 0 ; i < AUTH_METHOD_NUM ; i++) { auth_method = &img_desc->img_auth_methods[i]; switch (auth_method->type) { @@ -389,25 +394,27 @@ int auth_mod_verify_img(unsigned int img_id, /* Extract the parameters indicated in the image descriptor to * authenticate the children images. */ - for (i = 0 ; i < COT_MAX_VERIFIED_PARAMS ; i++) { - if (img_desc->authenticated_data[i].type_desc == NULL) { - continue; - } - - /* Get the parameter from the image parser module */ - rc = img_parser_get_auth_param(img_desc->img_type, - img_desc->authenticated_data[i].type_desc, - img_ptr, img_len, ¶m_ptr, ¶m_len); - return_if_error(rc); - - /* Check parameter size */ - if (param_len > img_desc->authenticated_data[i].data.len) { - return 1; + if (img_desc->authenticated_data != NULL) { + for (i = 0 ; i < COT_MAX_VERIFIED_PARAMS ; i++) { + if (img_desc->authenticated_data[i].type_desc == NULL) { + continue; + } + + /* Get the parameter from the image parser module */ + rc = img_parser_get_auth_param(img_desc->img_type, + img_desc->authenticated_data[i].type_desc, + img_ptr, img_len, ¶m_ptr, ¶m_len); + return_if_error(rc); + + /* Check parameter size */ + if (param_len > img_desc->authenticated_data[i].data.len) { + return 1; + } + + /* Copy the parameter for later use */ + memcpy((void *)img_desc->authenticated_data[i].data.ptr, + (void *)param_ptr, param_len); } - - /* Copy the parameter for later use */ - memcpy((void *)img_desc->authenticated_data[i].data.ptr, - (void *)param_ptr, param_len); } /* Mark image as authenticated */ diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 1c962596c..da3631bbf 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -122,7 +122,7 @@ static const auth_img_desc_t trusted_boot_fw_cert = { .img_id = TRUSTED_BOOT_FW_CERT_ID, .img_type = IMG_CERT, .parent = NULL, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -140,7 +140,7 @@ static const auth_img_desc_t trusted_boot_fw_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &tb_fw_hash, .data = { @@ -169,7 +169,7 @@ static const auth_img_desc_t bl2_image = { .img_id = BL2_IMAGE_ID, .img_type = IMG_RAW, .parent = &trusted_boot_fw_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -185,7 +185,7 @@ static const auth_img_desc_t hw_config = { .img_id = HW_CONFIG_ID, .img_type = IMG_RAW, .parent = &trusted_boot_fw_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -201,7 +201,7 @@ static const auth_img_desc_t tb_fw_config = { .img_id = TB_FW_CONFIG_ID, .img_type = IMG_RAW, .parent = &trusted_boot_fw_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -220,7 +220,7 @@ static const auth_img_desc_t trusted_key_cert = { .img_id = TRUSTED_KEY_CERT_ID, .img_type = IMG_CERT, .parent = NULL, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -238,7 +238,7 @@ static const auth_img_desc_t trusted_key_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &trusted_world_pk, .data = { @@ -262,7 +262,7 @@ static const auth_img_desc_t scp_fw_key_cert = { .img_id = SCP_FW_KEY_CERT_ID, .img_type = IMG_CERT, .parent = &trusted_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -280,7 +280,7 @@ static const auth_img_desc_t scp_fw_key_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &scp_fw_content_pk, .data = { @@ -294,7 +294,7 @@ static const auth_img_desc_t scp_fw_content_cert = { .img_id = SCP_FW_CONTENT_CERT_ID, .img_type = IMG_CERT, .parent = &scp_fw_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -312,7 +312,7 @@ static const auth_img_desc_t scp_fw_content_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &scp_fw_hash, .data = { @@ -326,7 +326,7 @@ static const auth_img_desc_t scp_bl2_image = { .img_id = SCP_BL2_IMAGE_ID, .img_type = IMG_RAW, .parent = &scp_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -343,7 +343,7 @@ static const auth_img_desc_t soc_fw_key_cert = { .img_id = SOC_FW_KEY_CERT_ID, .img_type = IMG_CERT, .parent = &trusted_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -361,7 +361,7 @@ static const auth_img_desc_t soc_fw_key_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &soc_fw_content_pk, .data = { @@ -375,7 +375,7 @@ static const auth_img_desc_t soc_fw_content_cert = { .img_id = SOC_FW_CONTENT_CERT_ID, .img_type = IMG_CERT, .parent = &soc_fw_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -393,7 +393,7 @@ static const auth_img_desc_t soc_fw_content_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &soc_fw_hash, .data = { @@ -414,7 +414,7 @@ static const auth_img_desc_t bl31_image = { .img_id = BL31_IMAGE_ID, .img_type = IMG_RAW, .parent = &soc_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -429,7 +429,7 @@ static const auth_img_desc_t soc_fw_config = { .img_id = SOC_FW_CONFIG_ID, .img_type = IMG_RAW, .parent = &soc_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -446,7 +446,7 @@ static const auth_img_desc_t trusted_os_fw_key_cert = { .img_id = TRUSTED_OS_FW_KEY_CERT_ID, .img_type = IMG_CERT, .parent = &trusted_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -464,7 +464,7 @@ static const auth_img_desc_t trusted_os_fw_key_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &tos_fw_content_pk, .data = { @@ -478,7 +478,7 @@ static const auth_img_desc_t trusted_os_fw_content_cert = { .img_id = TRUSTED_OS_FW_CONTENT_CERT_ID, .img_type = IMG_CERT, .parent = &trusted_os_fw_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -496,7 +496,7 @@ static const auth_img_desc_t trusted_os_fw_content_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &tos_fw_hash, .data = { @@ -531,7 +531,7 @@ static const auth_img_desc_t bl32_image = { .img_id = BL32_IMAGE_ID, .img_type = IMG_RAW, .parent = &trusted_os_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -545,7 +545,7 @@ static const auth_img_desc_t bl32_extra1_image = { .img_id = BL32_EXTRA1_IMAGE_ID, .img_type = IMG_RAW, .parent = &trusted_os_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -559,7 +559,7 @@ static const auth_img_desc_t bl32_extra2_image = { .img_id = BL32_EXTRA2_IMAGE_ID, .img_type = IMG_RAW, .parent = &trusted_os_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -574,7 +574,7 @@ static const auth_img_desc_t tos_fw_config = { .img_id = TOS_FW_CONFIG_ID, .img_type = IMG_RAW, .parent = &trusted_os_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -591,7 +591,7 @@ static const auth_img_desc_t non_trusted_fw_key_cert = { .img_id = NON_TRUSTED_FW_KEY_CERT_ID, .img_type = IMG_CERT, .parent = &trusted_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -609,7 +609,7 @@ static const auth_img_desc_t non_trusted_fw_key_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &nt_fw_content_pk, .data = { @@ -623,7 +623,7 @@ static const auth_img_desc_t non_trusted_fw_content_cert = { .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID, .img_type = IMG_CERT, .parent = &non_trusted_fw_key_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -641,7 +641,7 @@ static const auth_img_desc_t non_trusted_fw_content_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &nt_world_bl_hash, .data = { @@ -662,7 +662,7 @@ static const auth_img_desc_t bl33_image = { .img_id = BL33_IMAGE_ID, .img_type = IMG_RAW, .parent = &non_trusted_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -677,7 +677,7 @@ static const auth_img_desc_t nt_fw_config = { .img_id = NT_FW_CONFIG_ID, .img_type = IMG_RAW, .parent = &non_trusted_fw_content_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -695,7 +695,7 @@ static const auth_img_desc_t fwu_cert = { .img_id = FWU_CERT_ID, .img_type = IMG_CERT, .parent = NULL, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_SIG, .param.sig = { @@ -706,7 +706,7 @@ static const auth_img_desc_t fwu_cert = { } } }, - .authenticated_data = { + .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { [0] = { .type_desc = &scp_bl2u_hash, .data = { @@ -737,7 +737,7 @@ static const auth_img_desc_t scp_bl2u_image = { .img_id = SCP_BL2U_IMAGE_ID, .img_type = IMG_RAW, .parent = &fwu_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -754,7 +754,7 @@ static const auth_img_desc_t bl2u_image = { .img_id = BL2U_IMAGE_ID, .img_type = IMG_RAW, .parent = &fwu_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { @@ -771,7 +771,7 @@ static const auth_img_desc_t ns_bl2u_image = { .img_id = NS_BL2U_IMAGE_ID, .img_type = IMG_RAW, .parent = &fwu_cert, - .img_auth_methods = { + .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { [0] = { .type = AUTH_METHOD_HASH, .param.hash = { |