diff options
author | Manish Pandey <manish.pandey2@arm.com> | 2020-05-22 12:27:28 +0100 |
---|---|---|
committer | Manish Pandey <manish.pandey2@arm.com> | 2020-06-08 22:42:06 +0100 |
commit | 0792dd7d64d1056fae05eab8cebe91ffc993923e (patch) | |
tree | 6bf2a8de782d26744afdc701c0d06d78dbb43da0 /make_helpers/tbbr | |
parent | 967a6d162d9dc1c5ae154f289bcdecc03cb9eb7c (diff) | |
download | arm-trusted-firmware-0792dd7d64d1056fae05eab8cebe91ffc993923e.tar.gz |
cert_create: add SiP owned secure partitions support
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specification the support is only added for
dualroot CoT and not for TBBR CoT.
A single certificate file is generated containing hash of individual
packages. Maximum 8 secure partitions are supported.
Following new options added to cert_tool:
--sip-sp-cert --> SiP owned Secure Partition Content Certificate
--sp-pkg1 --> Secure Partition Package1 file
--sp-pkg2
.....
--sp-pkg8
Trusted world key pair is used for signing.
Going forward, this feature can be extended for Platfrom owned
Partitions, if required.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
Diffstat (limited to 'make_helpers/tbbr')
-rw-r--r-- | make_helpers/tbbr/tbbr_tools.mk | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk index f0adfe1ce..952093443 100644 --- a/make_helpers/tbbr/tbbr_tools.mk +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -99,3 +99,8 @@ ifneq (${COT},dualroot) $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/nt_fw_key.crt,--nt-fw-key-cert)) endif endif + +# Add SiP owned Secure Partitions CoT (image cert) +ifneq (${SP_LAYOUT_FILE},) + $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/sip_sp_content.crt,--sip-sp-cert)) +endif |