xref: /rk3399_ARM-atf/lib/psa/measured_boot.c (revision a1901c7d0d05ac02b254bf215fb889b9c0a9bc7d) 
1758c6471STamas Ban /*
2d9506028STamas Ban  * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
3758c6471STamas Ban  *
4758c6471STamas Ban  * SPDX-License-Identifier: BSD-3-Clause
5758c6471STamas Ban  *
6758c6471STamas Ban  */
7758c6471STamas Ban 
8758c6471STamas Ban #include <string.h>
9758c6471STamas Ban 
10758c6471STamas Ban #include <common/debug.h>
11d9506028STamas Ban #include <drivers/measured_boot/metadata.h>
12758c6471STamas Ban #include <measured_boot.h>
13758c6471STamas Ban #include <psa/client.h>
14758c6471STamas Ban #include <psa_manifest/sid.h>
15758c6471STamas Ban 
16758c6471STamas Ban #include "measured_boot_private.h"
17758c6471STamas Ban 
print_byte_array(const uint8_t * array __unused,size_t len __unused)182abd317dSSandrine Bailleux static void print_byte_array(const uint8_t *array __unused, size_t len __unused)
19758c6471STamas Ban {
202abd317dSSandrine Bailleux #if LOG_LEVEL >= LOG_LEVEL_INFO
21c32ab75cSDavid Vincze 	size_t i;
22758c6471STamas Ban 
23758c6471STamas Ban 	if (array == NULL || len == 0U) {
24758c6471STamas Ban 		(void)printf("\n");
25c32ab75cSDavid Vincze 	} else {
26758c6471STamas Ban 		for (i = 0U; i < len; ++i) {
27758c6471STamas Ban 			(void)printf(" %02x", array[i]);
28758c6471STamas Ban 			if ((i & U(0xF)) == U(0xF)) {
29758c6471STamas Ban 				(void)printf("\n");
30758c6471STamas Ban 				if (i < (len - 1U)) {
31758c6471STamas Ban 					INFO("\t\t:");
32758c6471STamas Ban 				}
33758c6471STamas Ban 			}
34758c6471STamas Ban 		}
35758c6471STamas Ban 	}
362abd317dSSandrine Bailleux #endif
37c32ab75cSDavid Vincze }
38758c6471STamas Ban 
log_measurement(uint8_t index,const uint8_t * signer_id,size_t signer_id_size,const uint8_t * version,size_t version_size,const uint8_t * sw_type,size_t sw_type_size,uint32_t measurement_algo,const uint8_t * measurement_value,size_t measurement_value_size,bool lock_measurement)39758c6471STamas Ban static void log_measurement(uint8_t index,
40758c6471STamas Ban 			    const uint8_t *signer_id,
41758c6471STamas Ban 			    size_t signer_id_size,
42758c6471STamas Ban 			    const uint8_t *version,     /* string */
43901b0a30STamas Ban 			    size_t version_size,
44758c6471STamas Ban 			    const uint8_t *sw_type,     /* string */
45901b0a30STamas Ban 			    size_t sw_type_size,
46901b0a30STamas Ban 			    uint32_t measurement_algo,
47758c6471STamas Ban 			    const uint8_t *measurement_value,
48758c6471STamas Ban 			    size_t measurement_value_size,
49758c6471STamas Ban 			    bool lock_measurement)
50758c6471STamas Ban {
51758c6471STamas Ban 	INFO("Measured boot extend measurement:\n");
52758c6471STamas Ban 	INFO(" - slot        : %u\n", index);
53758c6471STamas Ban 	INFO(" - signer_id   :");
54758c6471STamas Ban 	print_byte_array(signer_id, signer_id_size);
55758c6471STamas Ban 	INFO(" - version     : %s\n",  version);
56901b0a30STamas Ban 	INFO(" - version_size: %zu\n", version_size);
57758c6471STamas Ban 	INFO(" - sw_type     : %s\n",  sw_type);
58901b0a30STamas Ban 	INFO(" - sw_type_size: %zu\n", sw_type_size);
59901b0a30STamas Ban 	INFO(" - algorithm   : %x\n", measurement_algo);
60758c6471STamas Ban 	INFO(" - measurement :");
61758c6471STamas Ban 	print_byte_array(measurement_value, measurement_value_size);
62758c6471STamas Ban 	INFO(" - locking     : %s\n", lock_measurement ? "true" : "false");
63758c6471STamas Ban }
64758c6471STamas Ban 
65758c6471STamas Ban psa_status_t
rse_measured_boot_extend_measurement(uint8_t index,const uint8_t * signer_id,size_t signer_id_size,const uint8_t * version,size_t version_size,uint32_t measurement_algo,const uint8_t * sw_type,size_t sw_type_size,const uint8_t * measurement_value,size_t measurement_value_size,bool lock_measurement)66*d797665cSTamas Ban rse_measured_boot_extend_measurement(uint8_t index,
67758c6471STamas Ban 				     const uint8_t *signer_id,
68758c6471STamas Ban 				     size_t signer_id_size,
69758c6471STamas Ban 				     const uint8_t *version,
70758c6471STamas Ban 				     size_t version_size,
71758c6471STamas Ban 				     uint32_t measurement_algo,
72758c6471STamas Ban 				     const uint8_t *sw_type,
73758c6471STamas Ban 				     size_t sw_type_size,
74758c6471STamas Ban 				     const uint8_t *measurement_value,
75758c6471STamas Ban 				     size_t measurement_value_size,
76758c6471STamas Ban 				     bool lock_measurement)
77758c6471STamas Ban {
78758c6471STamas Ban 	struct measured_boot_extend_iovec_t extend_iov = {
79758c6471STamas Ban 		.index = index,
80758c6471STamas Ban 		.lock_measurement = lock_measurement,
81758c6471STamas Ban 		.measurement_algo = measurement_algo,
82758c6471STamas Ban 		.sw_type = {0},
83b85bcb8eSJimmy Brisson 		.sw_type_size = sw_type_size,
84758c6471STamas Ban 	};
85758c6471STamas Ban 
86b85bcb8eSJimmy Brisson 	if (version_size > VERSION_MAX_SIZE) {
87b85bcb8eSJimmy Brisson 		return PSA_ERROR_INVALID_ARGUMENT;
88b85bcb8eSJimmy Brisson 	}
89b85bcb8eSJimmy Brisson 
90b85bcb8eSJimmy Brisson 
91b85bcb8eSJimmy Brisson 	if (version_size > 0 && version[version_size - 1] == '\0') {
92b85bcb8eSJimmy Brisson 		version_size--;
93b85bcb8eSJimmy Brisson 	}
94b85bcb8eSJimmy Brisson 
95758c6471STamas Ban 	psa_invec in_vec[] = {
96758c6471STamas Ban 		{.base = &extend_iov,
97758c6471STamas Ban 			.len = sizeof(struct measured_boot_extend_iovec_t)},
98758c6471STamas Ban 		{.base = signer_id, .len = signer_id_size},
99b85bcb8eSJimmy Brisson 		{.base = version, .len = version_size },
100758c6471STamas Ban 		{.base = measurement_value, .len = measurement_value_size}
101758c6471STamas Ban 	};
102758c6471STamas Ban 
103758c6471STamas Ban 	if (sw_type != NULL) {
10485a14bc0SDavid Vincze 		if (extend_iov.sw_type_size > SW_TYPE_MAX_SIZE) {
105471c9895STamas Ban 			return PSA_ERROR_INVALID_ARGUMENT;
106471c9895STamas Ban 		}
107b85bcb8eSJimmy Brisson 		if (sw_type_size > 0 && sw_type[sw_type_size - 1] == '\0') {
108b85bcb8eSJimmy Brisson 			extend_iov.sw_type_size--;
109b85bcb8eSJimmy Brisson 		}
11085a14bc0SDavid Vincze 		memcpy(extend_iov.sw_type, sw_type, extend_iov.sw_type_size);
111758c6471STamas Ban 	}
112758c6471STamas Ban 
113758c6471STamas Ban 	log_measurement(index, signer_id, signer_id_size,
114901b0a30STamas Ban 			version, version_size, sw_type, sw_type_size,
115901b0a30STamas Ban 			measurement_algo, measurement_value,
116901b0a30STamas Ban 			measurement_value_size, lock_measurement);
117758c6471STamas Ban 
118*d797665cSTamas Ban 	return psa_call(RSE_MEASURED_BOOT_HANDLE,
119*d797665cSTamas Ban 			RSE_MEASURED_BOOT_EXTEND,
120758c6471STamas Ban 			in_vec, IOVEC_LEN(in_vec),
121758c6471STamas Ban 			NULL, 0);
122758c6471STamas Ban }
1230ce2072dSTamas Ban 
rse_measured_boot_read_measurement(uint8_t index,uint8_t * signer_id,size_t signer_id_size,size_t * signer_id_len,uint8_t * version,size_t version_size,size_t * version_len,uint32_t * measurement_algo,uint8_t * sw_type,size_t sw_type_size,size_t * sw_type_len,uint8_t * measurement_value,size_t measurement_value_size,size_t * measurement_value_len,bool * is_locked)124*d797665cSTamas Ban psa_status_t rse_measured_boot_read_measurement(uint8_t index,
1256d0525aaSMate Toth-Pal 					uint8_t *signer_id,
1266d0525aaSMate Toth-Pal 					size_t signer_id_size,
1276d0525aaSMate Toth-Pal 					size_t *signer_id_len,
1286d0525aaSMate Toth-Pal 					uint8_t *version,
1296d0525aaSMate Toth-Pal 					size_t version_size,
1306d0525aaSMate Toth-Pal 					size_t *version_len,
1316d0525aaSMate Toth-Pal 					uint32_t *measurement_algo,
1326d0525aaSMate Toth-Pal 					uint8_t *sw_type,
1336d0525aaSMate Toth-Pal 					size_t sw_type_size,
1346d0525aaSMate Toth-Pal 					size_t *sw_type_len,
1356d0525aaSMate Toth-Pal 					uint8_t *measurement_value,
1366d0525aaSMate Toth-Pal 					size_t measurement_value_size,
1376d0525aaSMate Toth-Pal 					size_t *measurement_value_len,
1386d0525aaSMate Toth-Pal 					bool *is_locked)
1396d0525aaSMate Toth-Pal {
1406d0525aaSMate Toth-Pal 	psa_status_t status;
1416d0525aaSMate Toth-Pal 	struct measured_boot_read_iovec_in_t read_iov_in = {
1426d0525aaSMate Toth-Pal 		.index = index,
1436d0525aaSMate Toth-Pal 		.sw_type_size = sw_type_size,
1446d0525aaSMate Toth-Pal 		.version_size = version_size,
1456d0525aaSMate Toth-Pal 	};
1466d0525aaSMate Toth-Pal 
1476d0525aaSMate Toth-Pal 	struct measured_boot_read_iovec_out_t read_iov_out;
1486d0525aaSMate Toth-Pal 
1496d0525aaSMate Toth-Pal 	psa_invec in_vec[] = {
1506d0525aaSMate Toth-Pal 		{.base = &read_iov_in,
1516d0525aaSMate Toth-Pal 		 .len = sizeof(struct measured_boot_read_iovec_in_t)},
1526d0525aaSMate Toth-Pal 	};
1536d0525aaSMate Toth-Pal 
1546d0525aaSMate Toth-Pal 	psa_outvec out_vec[] = {
1556d0525aaSMate Toth-Pal 		{.base = &read_iov_out,
1566d0525aaSMate Toth-Pal 		 .len = sizeof(struct measured_boot_read_iovec_out_t)},
1576d0525aaSMate Toth-Pal 		{.base = signer_id, .len = signer_id_size},
1586d0525aaSMate Toth-Pal 		{.base = measurement_value, .len = measurement_value_size}
1596d0525aaSMate Toth-Pal 	};
1606d0525aaSMate Toth-Pal 
161*d797665cSTamas Ban 	status = psa_call(RSE_MEASURED_BOOT_HANDLE, RSE_MEASURED_BOOT_READ,
1626d0525aaSMate Toth-Pal 					  in_vec, IOVEC_LEN(in_vec),
1636d0525aaSMate Toth-Pal 					  out_vec, IOVEC_LEN(out_vec));
1646d0525aaSMate Toth-Pal 
1656d0525aaSMate Toth-Pal 	if (status == PSA_SUCCESS) {
1666d0525aaSMate Toth-Pal 		*is_locked = read_iov_out.is_locked;
1676d0525aaSMate Toth-Pal 		*measurement_algo = read_iov_out.measurement_algo;
1686d0525aaSMate Toth-Pal 		*sw_type_len = read_iov_out.sw_type_len;
1696d0525aaSMate Toth-Pal 		*version_len = read_iov_out.version_len;
1706d0525aaSMate Toth-Pal 		memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len);
1716d0525aaSMate Toth-Pal 		memcpy(version, read_iov_out.version, read_iov_out.version_len);
1726d0525aaSMate Toth-Pal 		*signer_id_len = out_vec[1].len;
1736d0525aaSMate Toth-Pal 		*measurement_value_len = out_vec[2].len;
1746d0525aaSMate Toth-Pal 	}
1756d0525aaSMate Toth-Pal 
1766d0525aaSMate Toth-Pal 	return status;
1776d0525aaSMate Toth-Pal }
178