FVP: Enable capability to disable auth via dynamic config
This patch adds capability to FVP to disable authentication dynamically
via the `disable_auth` property in TB_FW_CONFIG. Both BL1 and BL2 parses
the TB_FW_CONFIG for the `disable_auth` property and invokes the
`load_dyn_disable_auth()` API to disable authentication if the
property is set to 1. The DYN_DISABLE_AUTH is enabled by default for
FVP as it is a development platform. Note that the TB_FW_CONFIG has to
be authenticated by BL1 irrespective of these settings.
The arm_bl2_dyn_cfg_init() is now earlier in bl2_plat_preload_setup()
rather than in bl2_platform_setup() as we need to get the value of
`disable_auth` property prior to authentication of any image by BL2.
Change-Id: I734acd59572849793e5020ec44c6ac51f654a4d1
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
diff --git a/plat/arm/common/arm_dyn_cfg_helpers.c b/plat/arm/common/arm_dyn_cfg_helpers.c
index 9ba51a3..e37e7e7 100644
--- a/plat/arm/common/arm_dyn_cfg_helpers.c
+++ b/plat/arm/common/arm_dyn_cfg_helpers.c
@@ -64,6 +64,51 @@
}
/*******************************************************************************
+ * Helper to read the `disable_auth` property in config DTB. This function
+ * expects the following properties to be present in the config DTB.
+ * name : disable_auth size : 1 cell
+ *
+ * Arguments:
+ * void *dtb - pointer to the TB_FW_CONFIG in memory
+ * int node - The node offset to appropriate node in the
+ * DTB.
+ * uint64_t *disable_auth - The value of `disable_auth` property on
+ * successful read. Must be 0 or 1.
+ *
+ * Returns 0 on success and -1 on error.
+ ******************************************************************************/
+int arm_dyn_get_disable_auth(void *dtb, int node, uint32_t *disable_auth)
+{
+ int err;
+
+ assert(dtb != NULL);
+ assert(disable_auth != NULL);
+
+ /* Check if the pointer to DT is correct */
+ assert(fdt_check_header(dtb) == 0);
+
+ /* Assert the node offset point to "arm,tb_fw" compatible property */
+ assert(node == fdt_node_offset_by_compatible(dtb, -1, "arm,tb_fw"));
+
+ /* Locate the disable_auth cell and read the value */
+ err = fdtw_read_cells(dtb, node, "disable_auth", 1, disable_auth);
+ if (err < 0) {
+ WARN("Read cell failed for `disable_auth`\n");
+ return -1;
+ }
+
+ /* Check if the value is boolean */
+ if (*disable_auth != 0 && *disable_auth != 1) {
+ WARN("Invalid value for `disable_auth` cell %d\n", *disable_auth);
+ return -1;
+ }
+
+ VERBOSE("Dyn cfg: `disable_auth` cell found with value = %d\n",
+ *disable_auth);
+ return 0;
+}
+
+/*******************************************************************************
* Validate the tb_fw_config is a valid DTB file and returns the node offset
* to "arm,tb_fw" property.
* Arguments: