xref: /rk3399_ARM-atf/lib/psa/measured_boot.c (revision b85bcb8ec92126c238572ed7d242115125e411e1) 
1758c6471STamas Ban /*
2758c6471STamas Ban  * Copyright (c) 2022, Arm Limited. All rights reserved.
3758c6471STamas Ban  *
4758c6471STamas Ban  * SPDX-License-Identifier: BSD-3-Clause
5758c6471STamas Ban  *
6758c6471STamas Ban  */
7758c6471STamas Ban 
8758c6471STamas Ban #include <string.h>
9758c6471STamas Ban 
10758c6471STamas Ban #include <common/debug.h>
11758c6471STamas Ban #include <measured_boot.h>
12758c6471STamas Ban #include <psa/client.h>
13758c6471STamas Ban #include <psa_manifest/sid.h>
14758c6471STamas Ban 
15758c6471STamas Ban #include "measured_boot_private.h"
16758c6471STamas Ban 
172abd317dSSandrine Bailleux static void print_byte_array(const uint8_t *array __unused, size_t len __unused)
18758c6471STamas Ban {
192abd317dSSandrine Bailleux #if LOG_LEVEL >= LOG_LEVEL_INFO
20c32ab75cSDavid Vincze 	size_t i;
21758c6471STamas Ban 
22758c6471STamas Ban 	if (array == NULL || len == 0U) {
23758c6471STamas Ban 		(void)printf("\n");
24c32ab75cSDavid Vincze 	} else {
25758c6471STamas Ban 		for (i = 0U; i < len; ++i) {
26758c6471STamas Ban 			(void)printf(" %02x", array[i]);
27758c6471STamas Ban 			if ((i & U(0xF)) == U(0xF)) {
28758c6471STamas Ban 				(void)printf("\n");
29758c6471STamas Ban 				if (i < (len - 1U)) {
30758c6471STamas Ban 					INFO("\t\t:");
31758c6471STamas Ban 				}
32758c6471STamas Ban 			}
33758c6471STamas Ban 		}
34758c6471STamas Ban 	}
352abd317dSSandrine Bailleux #endif
36c32ab75cSDavid Vincze }
37758c6471STamas Ban 
38758c6471STamas Ban static void log_measurement(uint8_t index,
39758c6471STamas Ban 			    const uint8_t *signer_id,
40758c6471STamas Ban 			    size_t signer_id_size,
41758c6471STamas Ban 			    const uint8_t *version,     /* string */
42901b0a30STamas Ban 			    size_t version_size,
43758c6471STamas Ban 			    const uint8_t *sw_type,     /* string */
44901b0a30STamas Ban 			    size_t sw_type_size,
45901b0a30STamas Ban 			    uint32_t measurement_algo,
46758c6471STamas Ban 			    const uint8_t *measurement_value,
47758c6471STamas Ban 			    size_t measurement_value_size,
48758c6471STamas Ban 			    bool lock_measurement)
49758c6471STamas Ban {
50758c6471STamas Ban 	INFO("Measured boot extend measurement:\n");
51758c6471STamas Ban 	INFO(" - slot        : %u\n", index);
52758c6471STamas Ban 	INFO(" - signer_id   :");
53758c6471STamas Ban 	print_byte_array(signer_id, signer_id_size);
54758c6471STamas Ban 	INFO(" - version     : %s\n",  version);
55901b0a30STamas Ban 	INFO(" - version_size: %zu\n", version_size);
56758c6471STamas Ban 	INFO(" - sw_type     : %s\n",  sw_type);
57901b0a30STamas Ban 	INFO(" - sw_type_size: %zu\n", sw_type_size);
58901b0a30STamas Ban 	INFO(" - algorithm   : %x\n", measurement_algo);
59758c6471STamas Ban 	INFO(" - measurement :");
60758c6471STamas Ban 	print_byte_array(measurement_value, measurement_value_size);
61758c6471STamas Ban 	INFO(" - locking     : %s\n", lock_measurement ? "true" : "false");
62758c6471STamas Ban }
63758c6471STamas Ban 
640ce2072dSTamas Ban #if !PLAT_RSS_NOT_SUPPORTED
65758c6471STamas Ban psa_status_t
66758c6471STamas Ban rss_measured_boot_extend_measurement(uint8_t index,
67758c6471STamas Ban 				     const uint8_t *signer_id,
68758c6471STamas Ban 				     size_t signer_id_size,
69758c6471STamas Ban 				     const uint8_t *version,
70758c6471STamas Ban 				     size_t version_size,
71758c6471STamas Ban 				     uint32_t measurement_algo,
72758c6471STamas Ban 				     const uint8_t *sw_type,
73758c6471STamas Ban 				     size_t sw_type_size,
74758c6471STamas Ban 				     const uint8_t *measurement_value,
75758c6471STamas Ban 				     size_t measurement_value_size,
76758c6471STamas Ban 				     bool lock_measurement)
77758c6471STamas Ban {
78758c6471STamas Ban 	struct measured_boot_extend_iovec_t extend_iov = {
79758c6471STamas Ban 		.index = index,
80758c6471STamas Ban 		.lock_measurement = lock_measurement,
81758c6471STamas Ban 		.measurement_algo = measurement_algo,
82758c6471STamas Ban 		.sw_type = {0},
83*b85bcb8eSJimmy Brisson 		.sw_type_size = sw_type_size,
84758c6471STamas Ban 	};
85758c6471STamas Ban 
86*b85bcb8eSJimmy Brisson 	if (version_size > VERSION_MAX_SIZE) {
87*b85bcb8eSJimmy Brisson 		return PSA_ERROR_INVALID_ARGUMENT;
88*b85bcb8eSJimmy Brisson 	}
89*b85bcb8eSJimmy Brisson 
90*b85bcb8eSJimmy Brisson 
91*b85bcb8eSJimmy Brisson 	if (version_size > 0 && version[version_size - 1] == '\0') {
92*b85bcb8eSJimmy Brisson 		version_size--;
93*b85bcb8eSJimmy Brisson 	}
94*b85bcb8eSJimmy Brisson 
95758c6471STamas Ban 	psa_invec in_vec[] = {
96758c6471STamas Ban 		{.base = &extend_iov,
97758c6471STamas Ban 			.len = sizeof(struct measured_boot_extend_iovec_t)},
98758c6471STamas Ban 		{.base = signer_id, .len = signer_id_size},
99*b85bcb8eSJimmy Brisson 		{.base = version, .len = version_size },
100758c6471STamas Ban 		{.base = measurement_value, .len = measurement_value_size}
101758c6471STamas Ban 	};
102758c6471STamas Ban 
103758c6471STamas Ban 	if (sw_type != NULL) {
10485a14bc0SDavid Vincze 		if (extend_iov.sw_type_size > SW_TYPE_MAX_SIZE) {
105471c9895STamas Ban 			return PSA_ERROR_INVALID_ARGUMENT;
106471c9895STamas Ban 		}
107*b85bcb8eSJimmy Brisson 		if (sw_type_size > 0 && sw_type[sw_type_size - 1] == '\0') {
108*b85bcb8eSJimmy Brisson 			extend_iov.sw_type_size--;
109*b85bcb8eSJimmy Brisson 		}
11085a14bc0SDavid Vincze 		memcpy(extend_iov.sw_type, sw_type, extend_iov.sw_type_size);
111758c6471STamas Ban 	}
112758c6471STamas Ban 
113758c6471STamas Ban 	log_measurement(index, signer_id, signer_id_size,
114901b0a30STamas Ban 			version, version_size, sw_type, sw_type_size,
115901b0a30STamas Ban 			measurement_algo, measurement_value,
116901b0a30STamas Ban 			measurement_value_size, lock_measurement);
117758c6471STamas Ban 
118758c6471STamas Ban 	return psa_call(RSS_MEASURED_BOOT_HANDLE,
119758c6471STamas Ban 			RSS_MEASURED_BOOT_EXTEND,
120758c6471STamas Ban 			in_vec, IOVEC_LEN(in_vec),
121758c6471STamas Ban 			NULL, 0);
122758c6471STamas Ban }
1230ce2072dSTamas Ban 
1246d0525aaSMate Toth-Pal psa_status_t rss_measured_boot_read_measurement(uint8_t index,
1256d0525aaSMate Toth-Pal 					uint8_t *signer_id,
1266d0525aaSMate Toth-Pal 					size_t signer_id_size,
1276d0525aaSMate Toth-Pal 					size_t *signer_id_len,
1286d0525aaSMate Toth-Pal 					uint8_t *version,
1296d0525aaSMate Toth-Pal 					size_t version_size,
1306d0525aaSMate Toth-Pal 					size_t *version_len,
1316d0525aaSMate Toth-Pal 					uint32_t *measurement_algo,
1326d0525aaSMate Toth-Pal 					uint8_t *sw_type,
1336d0525aaSMate Toth-Pal 					size_t sw_type_size,
1346d0525aaSMate Toth-Pal 					size_t *sw_type_len,
1356d0525aaSMate Toth-Pal 					uint8_t *measurement_value,
1366d0525aaSMate Toth-Pal 					size_t measurement_value_size,
1376d0525aaSMate Toth-Pal 					size_t *measurement_value_len,
1386d0525aaSMate Toth-Pal 					bool *is_locked)
1396d0525aaSMate Toth-Pal {
1406d0525aaSMate Toth-Pal 	psa_status_t status;
1416d0525aaSMate Toth-Pal 	struct measured_boot_read_iovec_in_t read_iov_in = {
1426d0525aaSMate Toth-Pal 		.index = index,
1436d0525aaSMate Toth-Pal 		.sw_type_size = sw_type_size,
1446d0525aaSMate Toth-Pal 		.version_size = version_size,
1456d0525aaSMate Toth-Pal 	};
1466d0525aaSMate Toth-Pal 
1476d0525aaSMate Toth-Pal 	struct measured_boot_read_iovec_out_t read_iov_out;
1486d0525aaSMate Toth-Pal 
1496d0525aaSMate Toth-Pal 	psa_invec in_vec[] = {
1506d0525aaSMate Toth-Pal 		{.base = &read_iov_in,
1516d0525aaSMate Toth-Pal 		 .len = sizeof(struct measured_boot_read_iovec_in_t)},
1526d0525aaSMate Toth-Pal 	};
1536d0525aaSMate Toth-Pal 
1546d0525aaSMate Toth-Pal 	psa_outvec out_vec[] = {
1556d0525aaSMate Toth-Pal 		{.base = &read_iov_out,
1566d0525aaSMate Toth-Pal 		 .len = sizeof(struct measured_boot_read_iovec_out_t)},
1576d0525aaSMate Toth-Pal 		{.base = signer_id, .len = signer_id_size},
1586d0525aaSMate Toth-Pal 		{.base = measurement_value, .len = measurement_value_size}
1596d0525aaSMate Toth-Pal 	};
1606d0525aaSMate Toth-Pal 
1616d0525aaSMate Toth-Pal 	status = psa_call(RSS_MEASURED_BOOT_HANDLE, RSS_MEASURED_BOOT_READ,
1626d0525aaSMate Toth-Pal 					  in_vec, IOVEC_LEN(in_vec),
1636d0525aaSMate Toth-Pal 					  out_vec, IOVEC_LEN(out_vec));
1646d0525aaSMate Toth-Pal 
1656d0525aaSMate Toth-Pal 	if (status == PSA_SUCCESS) {
1666d0525aaSMate Toth-Pal 		*is_locked = read_iov_out.is_locked;
1676d0525aaSMate Toth-Pal 		*measurement_algo = read_iov_out.measurement_algo;
1686d0525aaSMate Toth-Pal 		*sw_type_len = read_iov_out.sw_type_len;
1696d0525aaSMate Toth-Pal 		*version_len = read_iov_out.version_len;
1706d0525aaSMate Toth-Pal 		memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len);
1716d0525aaSMate Toth-Pal 		memcpy(version, read_iov_out.version, read_iov_out.version_len);
1726d0525aaSMate Toth-Pal 		*signer_id_len = out_vec[1].len;
1736d0525aaSMate Toth-Pal 		*measurement_value_len = out_vec[2].len;
1746d0525aaSMate Toth-Pal 	}
1756d0525aaSMate Toth-Pal 
1766d0525aaSMate Toth-Pal 	return status;
1776d0525aaSMate Toth-Pal }
1786d0525aaSMate Toth-Pal 
1790ce2072dSTamas Ban #else /* !PLAT_RSS_NOT_SUPPORTED */
1800ce2072dSTamas Ban 
1810ce2072dSTamas Ban psa_status_t
1820ce2072dSTamas Ban rss_measured_boot_extend_measurement(uint8_t index,
1830ce2072dSTamas Ban 				     const uint8_t *signer_id,
1840ce2072dSTamas Ban 				     size_t signer_id_size,
1850ce2072dSTamas Ban 				     const uint8_t *version,
1860ce2072dSTamas Ban 				     size_t version_size,
1870ce2072dSTamas Ban 				     uint32_t measurement_algo,
1880ce2072dSTamas Ban 				     const uint8_t *sw_type,
1890ce2072dSTamas Ban 				     size_t sw_type_size,
1900ce2072dSTamas Ban 				     const uint8_t *measurement_value,
1910ce2072dSTamas Ban 				     size_t measurement_value_size,
1920ce2072dSTamas Ban 				     bool lock_measurement)
1930ce2072dSTamas Ban {
1940ce2072dSTamas Ban 	log_measurement(index, signer_id, signer_id_size,
195901b0a30STamas Ban 			version, version_size, sw_type, sw_type_size,
196901b0a30STamas Ban 			measurement_algo, measurement_value,
197901b0a30STamas Ban 			measurement_value_size, lock_measurement);
1980ce2072dSTamas Ban 
1990ce2072dSTamas Ban 	return PSA_SUCCESS;
2000ce2072dSTamas Ban }
2016d0525aaSMate Toth-Pal 
2026d0525aaSMate Toth-Pal psa_status_t rss_measured_boot_read_measurement(uint8_t index,
2036d0525aaSMate Toth-Pal 					uint8_t *signer_id,
2046d0525aaSMate Toth-Pal 					size_t signer_id_size,
2056d0525aaSMate Toth-Pal 					size_t *signer_id_len,
2066d0525aaSMate Toth-Pal 					uint8_t *version,
2076d0525aaSMate Toth-Pal 					size_t version_size,
2086d0525aaSMate Toth-Pal 					size_t *version_len,
2096d0525aaSMate Toth-Pal 					uint32_t *measurement_algo,
2106d0525aaSMate Toth-Pal 					uint8_t *sw_type,
2116d0525aaSMate Toth-Pal 					size_t sw_type_size,
2126d0525aaSMate Toth-Pal 					size_t *sw_type_len,
2136d0525aaSMate Toth-Pal 					uint8_t *measurement_value,
2146d0525aaSMate Toth-Pal 					size_t measurement_value_size,
2156d0525aaSMate Toth-Pal 					size_t *measurement_value_len,
2166d0525aaSMate Toth-Pal 					bool *is_locked)
2176d0525aaSMate Toth-Pal {
2186d0525aaSMate Toth-Pal 	return PSA_SUCCESS;
2196d0525aaSMate Toth-Pal }
2206d0525aaSMate Toth-Pal 
2210ce2072dSTamas Ban #endif /* !PLAT_RSS_NOT_SUPPORTED */
222