TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / ci / tf-a-ci-scripts / 8f464c0ed2ef24c303b238d1a8e9de0423606cbc^! / .
commit8f464c0ed2ef24c303b238d1a8e9de0423606cbc[log] [tgz]
authorLionel Debieve <lionel.debieve@foss.st.com>Thu Oct 13 09:25:45 2022 +0200
committerManish Pandey <manish.pandey2@arm.com>Mon Nov 14 14:16:20 2022 +0100
tree9ae8885df4ac1f628d05e89765838de6f7c34fbd
parent9ef33c5cd9b45187511e5ab8d7ef4fd25132e72b [diff]
feat(st): add the TRUSTED_BOARD_BOOT build config

Add the TRUSTED_BOARD_BOOT option for the STM32MP15 and
STM32MP13 boards.
It will includes the specific files to manage authentication
and decryption.
Add two specific STM32MP13 configurations to use ECDSA Brainpool
algorithms.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: I25e79b79e8cee067524fece148c4cb3a5c79d7f0

diff --git a/group/tf-l1-build-plat/stm32mp1-mp13-tbb:nil b/group/tf-l1-build-plat/stm32mp1-mp13-tbb:nil
new file mode 100644
index 0000000..37b17ff
--- /dev/null
+++ b/group/tf-l1-build-plat/stm32mp1-mp13-tbb:nil

@@ -0,0 +1,6 @@
+#
+# Copyright (c) 2019-2022 Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+

diff --git a/group/tf-l1-build-plat/stm32mp1-tbb:nil b/group/tf-l1-build-plat/stm32mp1-tbb:nil
new file mode 100644
index 0000000..37b17ff
--- /dev/null
+++ b/group/tf-l1-build-plat/stm32mp1-tbb:nil

@@ -0,0 +1,6 @@
+#
+# Copyright (c) 2019-2022 Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+

diff --git a/script/tf-coverity/tf-cov-make b/script/tf-coverity/tf-cov-make
index 6dde39f..fee1605 100755
--- a/script/tf-coverity/tf-cov-make
+++ b/script/tf-coverity/tf-cov-make

@@ -613,12 +613,26 @@
     STM32MP_USE_STM32IMAGE=1 \
     ARCH=aarch32 AARCH32_SP=sp_min ENABLE_STACK_PROTECTOR=strong bl2 bl32
 
+# STM32MP1 TBBR
+make PLAT=stm32mp1 CROSS_COMPILE=arm-none-eabi- \
+    $(common_flags) ARM_ARCH_MAJOR=7 STM32MP_SDMMC=1 \
+    BUILD_PLAT=build/stm32mp1-sdmmc/debug \
+    MBEDTLS_DIR=$(pwd)/mbedtls TRUSTED_BOARD_BOOT=1 \
+    ARCH=aarch32 AARCH32_SP=sp_min ENABLE_STACK_PROTECTOR=strong bl2 bl32
+
 # STM32MP13 SDMMC boot
 make PLAT=stm32mp1 CROSS_COMPILE=arm-none-eabi- \
     $(common_flags) ARM_ARCH_MAJOR=7 STM32MP_SDMMC=1 \
     BUILD_PLAT=build/stm32mp1-mp13-sdmmc/debug STM32MP13=1 \
     ARCH=aarch32 AARCH32_SP=optee ENABLE_STACK_PROTECTOR=strong bl2
 
+# STM32MP13 TBBR
+make PLAT=stm32mp1 CROSS_COMPILE=arm-none-eabi- \
+    $(common_flags) ARM_ARCH_MAJOR=7 STM32MP_SDMMC=1 \
+    BUILD_PLAT=build/stm32mp1-mp13-sdmmc/debug STM32MP13=1 \
+    MBEDTLS_DIR=$(pwd)/mbedtls TRUSTED_BOARD_BOOT=1 \
+    ARCH=aarch32 AARCH32_SP=optee ENABLE_STACK_PROTECTOR=strong bl2
+
 # Platforms from TI
 make PLAT=k3 $(common_flags) all
 make PLAT=k3 TARGET_BOARD=j784s4 $(common_flags) all

diff --git a/tf_config/stm32mp1-mp13-tbb b/tf_config/stm32mp1-mp13-tbb
new file mode 100644
index 0000000..f8b295d
--- /dev/null
+++ b/tf_config/stm32mp1-mp13-tbb

@@ -0,0 +1,10 @@
+AARCH32_SP=optee
+ARCH=aarch32
+ARM_ARCH_MAJOR=7
+CROSS_COMPILE=arm-none-eabi-
+PLAT=stm32mp1
+STM32MP13=1
+STM32MP_EMMC=1
+STM32MP_SDMMC=1
+DTB_FILE_NAME=stm32mp135f-dk.dtb
+TRUSTED_BOARD_BOOT=1

diff --git a/tf_config/stm32mp1-mp13-tbb-ecdsa-regular b/tf_config/stm32mp1-mp13-tbb-ecdsa-regular
new file mode 100644
index 0000000..9a771ca
--- /dev/null
+++ b/tf_config/stm32mp1-mp13-tbb-ecdsa-regular

@@ -0,0 +1,11 @@
+AARCH32_SP=optee
+ARCH=aarch32
+ARM_ARCH_MAJOR=7
+CROSS_COMPILE=arm-none-eabi-
+PLAT=stm32mp1
+STM32MP13=1
+STM32MP_EMMC=1
+STM32MP_SDMMC=1
+DTB_FILE_NAME=stm32mp135f-dk.dtb
+TRUSTED_BOARD_BOOT=1
+KEY_ALG=ecdsa-brainpool-regular

diff --git a/tf_config/stm32mp1-mp13-tbb-ecdsa-twisted b/tf_config/stm32mp1-mp13-tbb-ecdsa-twisted
new file mode 100644
index 0000000..991a167
--- /dev/null
+++ b/tf_config/stm32mp1-mp13-tbb-ecdsa-twisted

@@ -0,0 +1,11 @@
+AARCH32_SP=optee
+ARCH=aarch32
+ARM_ARCH_MAJOR=7
+CROSS_COMPILE=arm-none-eabi-
+PLAT=stm32mp1
+STM32MP13=1
+STM32MP_EMMC=1
+STM32MP_SDMMC=1
+DTB_FILE_NAME=stm32mp135f-dk.dtb
+TRUSTED_BOARD_BOOT=1
+KEY_ALG=ecdsa-brainpool-twisted

diff --git a/tf_config/stm32mp1-tbb b/tf_config/stm32mp1-tbb
new file mode 100644
index 0000000..86d65fc
--- /dev/null
+++ b/tf_config/stm32mp1-tbb

@@ -0,0 +1,9 @@
+AARCH32_SP=sp_min
+ARCH=aarch32
+ARM_ARCH_MAJOR=7
+CROSS_COMPILE=arm-none-eabi-
+PLAT=stm32mp1
+STM32MP_EMMC=1
+STM32MP_SDMMC=1
+DTB_FILE_NAME=stm32mp157c-ev1.dtb
+TRUSTED_BOARD_BOOT=1