commit 0b6377d1c60c01dd456a1a88dac5b1e83c0e3273
author Joel Hutton <Joel.Hutton@Arm.com> Wed Feb 20 11:56:46 2019 +0000
committer Joel Hutton <Joel.Hutton@Arm.com> Mon Apr 08 14:21:21 2019 +0100
tree 5ada22f18f89be7c39d61dab4456cc7cb292c98d
parent c48991e1fe918f48508c088b443742622b9f2181

Reduce memory needed for CoT description

When Trusted Board Boot is enabled, we need to specify the Chain of
Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array
of image descriptors. The authentication module assumes that each
image descriptor in this array is indexed by its unique image
identifier. For example, the Trusted Boot Firmware Certificate has to
be at index [TRUSTED_BOOT_FW_CERT_ID].

Unique image identifiers may not necessarily be consecutive. Also,
a given BL image might not use all image descriptors. For example, BL1
does not need any of the descriptors related to BL31. As a result, the
CoT array might contain holes, which unnecessarily takes up space in
the BL binary.

Using pointers to auth_img_desc_t structs (rather than structs
themselves) means these unused elements only use 1 pointer worth of
space, rather than one struct worth of space. This patch also changes
the code which accesses this array to reflect the change to pointers.

Image descriptors not needed in BL1 or BL2 respectively are also
ifdef'd out in this patch. For example, verifying the BL31 image is
the responsibility of BL2 so BL1 does not need any of the data
structures describing BL31.

memory diff:
bl1:        bl2:
    text        text
      -20         -20
    bss         bss
      -1463       0
    data        data
      -256        -48
    rodata      rodata
      -5240       -1952
    total       total
      -6979       -2020

Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>

drivers/auth/auth_mod.c

diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c
index 97e1220..d66e5dd 100644
--- a/drivers/auth/auth_mod.c
+++ b/drivers/auth/auth_mod.c
@@ -30,6 +30,10 @@
 
 #pragma weak plat_set_nv_ctr2
 
+/* Pointer to CoT */
+extern const auth_img_desc_t **const cot_desc_ptr;
+extern unsigned int auth_img_flags[MAX_NUMBER_IDS];
+
 static int cmp_auth_param_type_desc(const auth_param_type_desc_t *a,
 		const auth_param_type_desc_t *b)
 {
@@ -300,7 +304,7 @@
 	assert(parent_id != NULL);
 
 	/* Get the image descriptor */
-	img_desc = &cot_desc_ptr[img_id];
+	img_desc = cot_desc_ptr[img_id];
 
 	/* Check if the image has no parent (ROT) */
 	if (img_desc->parent == NULL) {
@@ -349,7 +353,7 @@
 	int rc, i;
 
 	/* Get the image descriptor from the chain of trust */
-	img_desc = &cot_desc_ptr[img_id];
+	img_desc = cot_desc_ptr[img_id];
 
 	/* Ask the parser to check the image integrity */
 	rc = img_parser_check_integrity(img_desc->img_type, img_ptr, img_len);