xref: /rk3399_ARM-atf/include/lib/psa/measured_boot.h (revision 6d0525aafe17e7affb0f71e86a5121989c150c42) 
1758c6471STamas Ban /*
2758c6471STamas Ban  * Copyright (c) 2022, Arm Limited. All rights reserved.
3758c6471STamas Ban  *
4758c6471STamas Ban  * SPDX-License-Identifier: BSD-3-Clause
5758c6471STamas Ban  *
6758c6471STamas Ban  */
7758c6471STamas Ban 
8758c6471STamas Ban #ifndef PSA_MEASURED_BOOT_H
9758c6471STamas Ban #define PSA_MEASURED_BOOT_H
10758c6471STamas Ban 
11758c6471STamas Ban #include <stdbool.h>
12758c6471STamas Ban #include <stddef.h>
13758c6471STamas Ban #include <stdint.h>
14758c6471STamas Ban 
15758c6471STamas Ban #include "psa/error.h"
16758c6471STamas Ban 
17758c6471STamas Ban /* Minimum measurement value size that can be requested to store */
18758c6471STamas Ban #define MEASUREMENT_VALUE_MIN_SIZE	32U
19758c6471STamas Ban /* Maximum measurement value size that can be requested to store */
20758c6471STamas Ban #define MEASUREMENT_VALUE_MAX_SIZE	64U
21758c6471STamas Ban /* Minimum signer id size that can be requested to store */
22758c6471STamas Ban #define SIGNER_ID_MIN_SIZE		MEASUREMENT_VALUE_MIN_SIZE
23758c6471STamas Ban /* Maximum signer id size that can be requested to store */
24758c6471STamas Ban #define SIGNER_ID_MAX_SIZE		MEASUREMENT_VALUE_MAX_SIZE
25758c6471STamas Ban /* The theoretical maximum image version is: "255.255.65535\0" */
26758c6471STamas Ban #define VERSION_MAX_SIZE		14U
27758c6471STamas Ban /* Example sw_type: "BL_2, BL_33, etc." */
28758c6471STamas Ban #define SW_TYPE_MAX_SIZE		20U
29758c6471STamas Ban #define NUM_OF_MEASUREMENT_SLOTS	32U
30758c6471STamas Ban 
31758c6471STamas Ban 
32758c6471STamas Ban /**
33758c6471STamas Ban  * Extends and stores a measurement to the requested slot.
34758c6471STamas Ban  *
35758c6471STamas Ban  * index			Slot number in which measurement is to be stored
36758c6471STamas Ban  * signer_id			Pointer to signer_id buffer.
37758c6471STamas Ban  * signer_id_size		Size of the signer_id buffer in bytes.
38758c6471STamas Ban  * version			Pointer to version buffer.
39758c6471STamas Ban  * version_size			Size of the version buffer in bytes.
40758c6471STamas Ban  * measurement_algo		Algorithm identifier used for measurement.
41758c6471STamas Ban  * sw_type			Pointer to sw_type buffer.
42758c6471STamas Ban  * sw_type_size			Size of the sw_type buffer in bytes.
43758c6471STamas Ban  * measurement_value		Pointer to measurement_value buffer.
44758c6471STamas Ban  * measurement_value_size	Size of the measurement_value buffer in bytes.
45758c6471STamas Ban  * lock_measurement		Boolean flag requesting whether the measurement
46758c6471STamas Ban  *				is to be locked.
47758c6471STamas Ban  *
48758c6471STamas Ban  * PSA_SUCCESS:
49758c6471STamas Ban  *	- Success.
50758c6471STamas Ban  * PSA_ERROR_INVALID_ARGUMENT:
51758c6471STamas Ban  *	- The size of any argument is invalid OR
52758c6471STamas Ban  *	- Input Measurement value is NULL OR
53758c6471STamas Ban  *	- Input Signer ID is NULL OR
54758c6471STamas Ban  *	- Requested slot index is invalid.
55758c6471STamas Ban  * PSA_ERROR_BAD_STATE:
56758c6471STamas Ban  *	- Request to lock, when slot is already locked.
57758c6471STamas Ban  * PSA_ERROR_NOT_PERMITTED:
58758c6471STamas Ban  *	- When the requested slot is not accessible to the caller.
59758c6471STamas Ban  */
60758c6471STamas Ban 
61758c6471STamas Ban /* Not a standard PSA API, just an extension therefore use the 'rss_' prefix
62758c6471STamas Ban  * rather than the usual 'psa_'.
63758c6471STamas Ban  */
64758c6471STamas Ban psa_status_t
65758c6471STamas Ban rss_measured_boot_extend_measurement(uint8_t index,
66758c6471STamas Ban 				     const uint8_t *signer_id,
67758c6471STamas Ban 				     size_t signer_id_size,
68758c6471STamas Ban 				     const uint8_t *version,
69758c6471STamas Ban 				     size_t version_size,
70758c6471STamas Ban 				     uint32_t measurement_algo,
71758c6471STamas Ban 				     const uint8_t *sw_type,
72758c6471STamas Ban 				     size_t sw_type_size,
73758c6471STamas Ban 				     const uint8_t *measurement_value,
74758c6471STamas Ban 				     size_t measurement_value_size,
75758c6471STamas Ban 				     bool lock_measurement);
76758c6471STamas Ban 
77*6d0525aaSMate Toth-Pal /**
78*6d0525aaSMate Toth-Pal  * Retrieves a measurement from the requested slot.
79*6d0525aaSMate Toth-Pal  *
80*6d0525aaSMate Toth-Pal  * index			Slot number from which measurement is to be
81*6d0525aaSMate Toth-Pal  *				retrieved.
82*6d0525aaSMate Toth-Pal  * signer_id			Pointer to signer_id buffer.
83*6d0525aaSMate Toth-Pal  * signer_id_size		Size of the signer_id buffer in bytes.
84*6d0525aaSMate Toth-Pal  * signer_id_len		On success, number of bytes that make up
85*6d0525aaSMate Toth-Pal  * 				signer_id.
86*6d0525aaSMate Toth-Pal  * version			Pointer to version buffer.
87*6d0525aaSMate Toth-Pal  * version_size			Size of the version buffer in bytes.
88*6d0525aaSMate Toth-Pal  * version_len			On success, number of bytes that makeup the
89*6d0525aaSMate Toth-Pal  * 				version.
90*6d0525aaSMate Toth-Pal  * measurement_algo		Pointer to measurement_algo.
91*6d0525aaSMate Toth-Pal  * sw_type			Pointer to sw_type buffer.
92*6d0525aaSMate Toth-Pal  * sw_type_size			Size of the sw_type buffer in bytes.
93*6d0525aaSMate Toth-Pal  * sw_type_len			On success, number of bytes that makeup the
94*6d0525aaSMate Toth-Pal  * 				sw_type.
95*6d0525aaSMate Toth-Pal  * measurement_value		Pointer to measurement_value buffer.
96*6d0525aaSMate Toth-Pal  * measurement_value_size	Size of the measurement_value buffer in bytes.
97*6d0525aaSMate Toth-Pal  * measurement_value_len	On success, number of bytes that make up the
98*6d0525aaSMate Toth-Pal  * 				measurement_value.
99*6d0525aaSMate Toth-Pal  * is_locked			Pointer to lock status of requested measurement
100*6d0525aaSMate Toth-Pal  * 				slot.
101*6d0525aaSMate Toth-Pal  *
102*6d0525aaSMate Toth-Pal  * PSA_SUCCESS
103*6d0525aaSMate Toth-Pal  *	- Success.
104*6d0525aaSMate Toth-Pal  * PSA_ERROR_INVALID_ARGUMENT
105*6d0525aaSMate Toth-Pal  *	- The size of at least one of the output buffers is incorrect or the
106*6d0525aaSMate Toth-Pal  *	  requested slot index is invalid.
107*6d0525aaSMate Toth-Pal  * PSA_ERROR_DOES_NOT_EXIST
108*6d0525aaSMate Toth-Pal  *	- The requested slot is empty, does not contain a measurement.
109*6d0525aaSMate Toth-Pal  */
110*6d0525aaSMate Toth-Pal psa_status_t rss_measured_boot_read_measurement(uint8_t index,
111*6d0525aaSMate Toth-Pal 					uint8_t *signer_id,
112*6d0525aaSMate Toth-Pal 					size_t signer_id_size,
113*6d0525aaSMate Toth-Pal 					size_t *signer_id_len,
114*6d0525aaSMate Toth-Pal 					uint8_t *version,
115*6d0525aaSMate Toth-Pal 					size_t version_size,
116*6d0525aaSMate Toth-Pal 					size_t *version_len,
117*6d0525aaSMate Toth-Pal 					uint32_t *measurement_algo,
118*6d0525aaSMate Toth-Pal 					uint8_t *sw_type,
119*6d0525aaSMate Toth-Pal 					size_t sw_type_size,
120*6d0525aaSMate Toth-Pal 					size_t *sw_type_len,
121*6d0525aaSMate Toth-Pal 					uint8_t *measurement_value,
122*6d0525aaSMate Toth-Pal 					size_t measurement_value_size,
123*6d0525aaSMate Toth-Pal 					size_t *measurement_value_len,
124*6d0525aaSMate Toth-Pal 					bool *is_locked);
125*6d0525aaSMate Toth-Pal 
126758c6471STamas Ban #endif /* PSA_MEASURED_BOOT_H */
127