FWU_FIP_DEPS += fwu_certificates
endif
-# For AArch32, enable new version of image loading.
-ifeq (${ARCH},aarch32)
- LOAD_IMAGE_V2 := 1
-endif
################################################################################
# Toolchain
endif
endif
-# TRUSTED_BOARD_BOOT is currently not supported when LOAD_IMAGE_V2 is enabled.
-ifeq (${LOAD_IMAGE_V2},1)
- ifeq (${TRUSTED_BOARD_BOOT},1)
- $(error "TRUSTED_BOARD_BOOT is currently not supported \
- for LOAD_IMAGE_V2=1")
- endif
-endif
-
-# For AArch32, LOAD_IMAGE_V2 must be enabled.
ifeq (${ARCH},aarch32)
+ # For AArch32, LOAD_IMAGE_V2 must be enabled.
ifeq (${LOAD_IMAGE_V2}, 0)
$(error "For AArch32, LOAD_IMAGE_V2 must be enabled.")
endif
+ # TRUSTED_BOARD_BOOT is currently not supported for AArch32.
+ ifeq (${TRUSTED_BOARD_BOOT},1)
+ $(error "TRUSTED_BOARD_BOOT is currently not supported for AArch32")
+ endif
endif
unsigned int flags)
{
uintptr_t base_addr;
- meminfo_t *mem_layout;
/* Get the image descriptor. */
image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
WARN("BL1-FWU: Copy arguments source/size not mapped\n");
return -ENOMEM;
}
-
+#if LOAD_IMAGE_V2
+ /* Check that the image size to load is within limit */
+ if (image_size > image_desc->image_info.image_max_size) {
+ WARN("BL1-FWU: Image size out of bounds\n");
+ return -ENOMEM;
+ }
+#else
/* Find out how much free trusted ram remains after BL1 load */
- mem_layout = bl1_plat_sec_mem_layout();
+ meminfo_t *mem_layout = bl1_plat_sec_mem_layout();
if ((image_desc->image_info.image_base < mem_layout->free_base) ||
(image_desc->image_info.image_base + image_size >
mem_layout->free_base + mem_layout->free_size)) {
WARN("BL1-FWU: Memory not available to copy\n");
return -ENOMEM;
}
+#endif
/* Update the image size. */
image_desc->image_info.image_size = image_size;
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_1, image_info_t, 0),
.image_info.image_base = BL2_BASE,
+#if LOAD_IMAGE_V2
+ .image_info.image_max_size = BL2_LIMIT - BL2_BASE,
+#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
VERSION_1, entry_point_info_t, SECURE),
},
SET_STATIC_PARAM_HEAD(image_info, PARAM_IMAGE_BINARY,
VERSION_1, image_info_t, 0),
.image_info.image_base = SCP_BL2U_BASE,
+#if LOAD_IMAGE_V2
+ .image_info.image_max_size = SCP_BL2U_LIMIT - SCP_BL2U_BASE,
+#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_IMAGE_BINARY,
VERSION_1, entry_point_info_t, SECURE),
},
SET_STATIC_PARAM_HEAD(image_info, PARAM_EP,
VERSION_1, image_info_t, 0),
.image_info.image_base = BL2U_BASE,
+#if LOAD_IMAGE_V2
+ .image_info.image_max_size = BL2U_LIMIT - BL2U_BASE,
+#endif
SET_STATIC_PARAM_HEAD(ep_info, PARAM_EP,
VERSION_1, entry_point_info_t, SECURE | EXECUTABLE),
.ep_info.pc = BL2U_BASE,
* SCP, it is discarded and BL31 is loaded over the top.
*/
#define SCP_BL2_BASE BL31_BASE
+#define SCP_BL2_LIMIT (SCP_BL2_BASE + PLAT_CSS_MAX_SCP_BL2_SIZE)
#define SCP_BL2U_BASE BL31_BASE
+#define SCP_BL2U_LIMIT (SCP_BL2U_BASE + PLAT_CSS_MAX_SCP_BL2U_SIZE)
#endif /* CSS_LOAD_SCP_IMAGES */
/* Load address of Non-Secure Image for CSS platform ports */
*/
#define PLAT_CSS_MAX_SCP_BL2_SIZE 0x1D000
+/*
+ * PLAT_CSS_MAX_SCP_BL2U_SIZE is calculated using the current
+ * SCP_BL2U size plus a little space for growth.
+ */
+#define PLAT_CSS_MAX_SCP_BL2U_SIZE 0x1D000
+
/*
* Define a list of Group 1 Secure and Group 0 interrupts as per GICv3
* terminology. On a GICv2 system or mode, the lists will be merged and treated
# mapping the former as executable and the latter as execute-never.
SEPARATE_CODE_AND_RODATA := 1
+# Enable new version of image loading on ARM platforms
+LOAD_IMAGE_V2 := 1
PLAT_INCLUDES += -Iinclude/common/tbbr \
-Iinclude/plat/arm/common
projects / project / bcm63xx / atf.git / commitdiff