FVP: Enable capability to disable auth via dynamic config
This patch adds capability to FVP to disable authentication dynamically
via the `disable_auth` property in TB_FW_CONFIG. Both BL1 and BL2 parses
the TB_FW_CONFIG for the `disable_auth` property and invokes the
`load_dyn_disable_auth()` API to disable authentication if the
property is set to 1. The DYN_DISABLE_AUTH is enabled by default for
FVP as it is a development platform. Note that the TB_FW_CONFIG has to
be authenticated by BL1 irrespective of these settings.
The arm_bl2_dyn_cfg_init() is now earlier in bl2_plat_preload_setup()
rather than in bl2_platform_setup() as we need to get the value of
`disable_auth` property prior to authentication of any image by BL2.
Change-Id: I734acd59572849793e5020ec44c6ac51f654a4d1
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
diff --git a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
index 5c24f94..fb7e2c5 100644
--- a/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
+++ b/plat/arm/board/fvp/fdts/fvp_tb_fw_config.dts
@@ -12,5 +12,7 @@
compatible = "arm,tb_fw";
hw_config_addr = <0x0 0x82000000>;
hw_config_max_size = <0x01000000>;
+ /* Disable authentication for development */
+ disable_auth = <0x0>;
};
};
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index bb77538..c5e33d2 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -208,3 +208,11 @@
include plat/arm/board/common/board_common.mk
include plat/arm/common/arm_common.mk
+
+# FVP being a development platform, enable capability to disable Authentication
+# dynamically if TRUSTED_BOARD_BOOT and LOAD_IMAGE_V2 is set.
+ifeq (${TRUSTED_BOARD_BOOT}, 1)
+ ifeq (${LOAD_IMAGE_V2}, 1)
+ DYN_DISABLE_AUTH := 1
+ endif
+endif