diff options
| author | Dimitris Papastamos <dimitris.papastamos@arm.com> | 2018-08-13 13:02:16 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-08-13 13:02:16 +0100 |
| commit | 3ba929571517347a12e027c629703ced0db0b255 (patch) | |
| tree | 8ad3df2f8ae19402b88c8e0a19c9b2e555072752 /drivers | |
| parent | 0983b8b149e1c53c9378d26fa76aec43d95359d5 (diff) | |
| parent | 1eb735d75366526c0fdc1acee6a1a78ef6617975 (diff) | |
| download | platform_external_arm-trusted-firmware-3ba929571517347a12e027c629703ced0db0b255.tar.gz platform_external_arm-trusted-firmware-3ba929571517347a12e027c629703ced0db0b255.tar.bz2 platform_external_arm-trusted-firmware-3ba929571517347a12e027c629703ced0db0b255.zip | |
Merge pull request #1510 from robertovargas-arm/romlib
Add support for moving libraries to ROM
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.c | 10 | ||||
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_common.mk | 88 | ||||
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_crypto.mk | 82 | ||||
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_x509.mk | 6 |
4 files changed, 88 insertions, 98 deletions
diff --git a/drivers/auth/mbedtls/mbedtls_common.c b/drivers/auth/mbedtls/mbedtls_common.c index c048d005a..64dc1967d 100644 --- a/drivers/auth/mbedtls/mbedtls_common.c +++ b/drivers/auth/mbedtls/mbedtls_common.c @@ -5,6 +5,7 @@ */ #include <debug.h> +#include <stdlib.h> /* mbed TLS headers */ #include <mbedtls/memory_buffer_alloc.h> @@ -23,6 +24,12 @@ #endif static unsigned char heap[MBEDTLS_HEAP_SIZE]; +static void cleanup(void) +{ + ERROR("EXIT from BL2\n"); + panic(); +} + /* * mbed TLS initialization function */ @@ -31,6 +38,9 @@ void mbedtls_init(void) static int ready; if (!ready) { + if (atexit(cleanup)) + panic(); + /* Initialize the mbed TLS heap */ mbedtls_memory_buffer_alloc_init(heap, MBEDTLS_HEAP_SIZE); diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index a5d19e6a9..71c496eda 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -13,22 +13,86 @@ ifeq (${MBEDTLS_DIR},) $(error Error: MBEDTLS_DIR not set) endif -INCLUDES += -I${MBEDTLS_DIR}/include \ - -Iinclude/drivers/auth/mbedtls +MBEDTLS_INC = -I${MBEDTLS_DIR}/include +INCLUDES += -Iinclude/drivers/auth/mbedtls # Specify mbed TLS configuration file MBEDTLS_CONFIG_FILE := "<mbedtls_config.h>" $(eval $(call add_define,MBEDTLS_CONFIG_FILE)) -MBEDTLS_COMMON_SOURCES := drivers/auth/mbedtls/mbedtls_common.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - asn1parse.c \ - asn1write.c \ - memory_buffer_alloc.c \ - oid.c \ - platform.c \ - platform_util.c \ - rsa_internal.c \ - ) +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c + + +LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ + asn1parse.c \ + asn1write.c \ + memory_buffer_alloc.c \ + oid.c \ + platform.c \ + platform_util.c \ + bignum.c \ + md.c \ + md_wrap.c \ + pk.c \ + pk_wrap.c \ + pkparse.c \ + pkwrite.c \ + sha256.c \ + sha512.c \ + ecdsa.c \ + ecp_curves.c \ + ecp.c \ + rsa.c \ + rsa_internal.c \ + x509.c \ + x509_crt.c \ + ) + +# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key +# algorithm to use. If the variable is not defined, select it based on algorithm +# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is +# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. +ifeq (${TF_MBEDTLS_KEY_ALG},) + ifeq (${KEY_ALG}, ecdsa) + TF_MBEDTLS_KEY_ALG := ecdsa + else + TF_MBEDTLS_KEY_ALG := rsa + endif +endif + +# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for +# backward compatibility +ifdef MBEDTLS_KEY_ALG + ifeq (${ERROR_DEPRECATED},1) + $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + endif + $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") + TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} +endif + +ifeq (${HASH_ALG}, sha384) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 +else ifeq (${HASH_ALG}, sha512) + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 +else + TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 +endif + +ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA +else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) + TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA +else + $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") +endif + +# Needs to be set to drive mbed TLS configuration correctly +$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) +$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) + + +$(eval $(call MAKE_LIB,mbedtls)) endif diff --git a/drivers/auth/mbedtls/mbedtls_crypto.mk b/drivers/auth/mbedtls/mbedtls_crypto.mk index 6b15e717d..2a9fbbf99 100644 --- a/drivers/auth/mbedtls/mbedtls_crypto.mk +++ b/drivers/auth/mbedtls/mbedtls_crypto.mk @@ -6,86 +6,6 @@ include drivers/auth/mbedtls/mbedtls_common.mk -# The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key -# algorithm to use. If the variable is not defined, select it based on algorithm -# used for key generation `KEY_ALG`. If `KEY_ALG` is not defined or is -# defined to `rsa`/`rsa_1_5`, then set the variable to `rsa`. -ifeq (${TF_MBEDTLS_KEY_ALG},) - ifeq (${KEY_ALG}, ecdsa) - TF_MBEDTLS_KEY_ALG := ecdsa - else - TF_MBEDTLS_KEY_ALG := rsa - endif -endif +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_crypto.c -# If MBEDTLS_KEY_ALG build flag is defined use it to set TF_MBEDTLS_KEY_ALG for -# backward compatibility -ifdef MBEDTLS_KEY_ALG - ifeq (${ERROR_DEPRECATED},1) - $(error "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") - endif - $(warning "MBEDTLS_KEY_ALG is deprecated. Please use the new build flag TF_MBEDTLS_KEY_ALG") - TF_MBEDTLS_KEY_ALG := ${MBEDTLS_KEY_ALG} -endif -MBEDTLS_CRYPTO_SOURCES := drivers/auth/mbedtls/mbedtls_crypto.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - bignum.c \ - md.c \ - md_wrap.c \ - pk.c \ - pk_wrap.c \ - pkparse.c \ - pkwrite.c \ - ) - -ifeq (${HASH_ALG}, sha384) - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - sha512.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA384 -else ifeq (${HASH_ALG}, sha512) - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - sha512.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA512 -else - MBEDTLS_CRYPTO_SOURCES += \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - sha256.c \ - ) - TF_MBEDTLS_HASH_ALG_ID := TF_MBEDTLS_SHA256 -endif - -# Key algorithm specific files -MBEDTLS_ECDSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - ecdsa.c \ - ecp_curves.c \ - ecp.c \ - ) - -MBEDTLS_RSA_CRYPTO_SOURCES += $(addprefix ${MBEDTLS_DIR}/library/, \ - rsa.c \ - ) - -ifeq (${TF_MBEDTLS_KEY_ALG},ecdsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_ECDSA -else ifeq (${TF_MBEDTLS_KEY_ALG},rsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA -else ifeq (${TF_MBEDTLS_KEY_ALG},rsa+ecdsa) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_ECDSA_CRYPTO_SOURCES) - MBEDTLS_CRYPTO_SOURCES += $(MBEDTLS_RSA_CRYPTO_SOURCES) - TF_MBEDTLS_KEY_ALG_ID := TF_MBEDTLS_RSA_AND_ECDSA -else - $(error "TF_MBEDTLS_KEY_ALG=${TF_MBEDTLS_KEY_ALG} not supported on mbed TLS") -endif - -# Needs to be set to drive mbed TLS configuration correctly -$(eval $(call add_define,TF_MBEDTLS_KEY_ALG_ID)) -$(eval $(call add_define,TF_MBEDTLS_HASH_ALG_ID)) diff --git a/drivers/auth/mbedtls/mbedtls_x509.mk b/drivers/auth/mbedtls/mbedtls_x509.mk index a6f72e678..a0557e20a 100644 --- a/drivers/auth/mbedtls/mbedtls_x509.mk +++ b/drivers/auth/mbedtls/mbedtls_x509.mk @@ -6,8 +6,4 @@ include drivers/auth/mbedtls/mbedtls_common.mk -MBEDTLS_X509_SOURCES := drivers/auth/mbedtls/mbedtls_x509_parser.c \ - $(addprefix ${MBEDTLS_DIR}/library/, \ - x509.c \ - x509_crt.c \ - ) +MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_x509_parser.c |