1 /* 2 * Copyright (c) 2022, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 * 6 */ 7 8 #include <string.h> 9 10 #include <common/debug.h> 11 #include <measured_boot.h> 12 #include <psa/client.h> 13 #include <psa_manifest/sid.h> 14 15 #include "measured_boot_private.h" 16 17 static void print_byte_array(const uint8_t *array __unused, size_t len __unused) 18 { 19 #if LOG_LEVEL >= LOG_LEVEL_INFO 20 size_t i; 21 22 if (array == NULL || len == 0U) { 23 (void)printf("\n"); 24 } else { 25 for (i = 0U; i < len; ++i) { 26 (void)printf(" %02x", array[i]); 27 if ((i & U(0xF)) == U(0xF)) { 28 (void)printf("\n"); 29 if (i < (len - 1U)) { 30 INFO("\t\t:"); 31 } 32 } 33 } 34 } 35 #endif 36 } 37 38 static void log_measurement(uint8_t index, 39 const uint8_t *signer_id, 40 size_t signer_id_size, 41 const uint8_t *version, /* string */ 42 size_t version_size, 43 const uint8_t *sw_type, /* string */ 44 size_t sw_type_size, 45 uint32_t measurement_algo, 46 const uint8_t *measurement_value, 47 size_t measurement_value_size, 48 bool lock_measurement) 49 { 50 INFO("Measured boot extend measurement:\n"); 51 INFO(" - slot : %u\n", index); 52 INFO(" - signer_id :"); 53 print_byte_array(signer_id, signer_id_size); 54 INFO(" - version : %s\n", version); 55 INFO(" - version_size: %zu\n", version_size); 56 INFO(" - sw_type : %s\n", sw_type); 57 INFO(" - sw_type_size: %zu\n", sw_type_size); 58 INFO(" - algorithm : %x\n", measurement_algo); 59 INFO(" - measurement :"); 60 print_byte_array(measurement_value, measurement_value_size); 61 INFO(" - locking : %s\n", lock_measurement ? "true" : "false"); 62 } 63 64 #if !PLAT_RSS_NOT_SUPPORTED 65 psa_status_t 66 rss_measured_boot_extend_measurement(uint8_t index, 67 const uint8_t *signer_id, 68 size_t signer_id_size, 69 const uint8_t *version, 70 size_t version_size, 71 uint32_t measurement_algo, 72 const uint8_t *sw_type, 73 size_t sw_type_size, 74 const uint8_t *measurement_value, 75 size_t measurement_value_size, 76 bool lock_measurement) 77 { 78 struct measured_boot_extend_iovec_t extend_iov = { 79 .index = index, 80 .lock_measurement = lock_measurement, 81 .measurement_algo = measurement_algo, 82 .sw_type = {0}, 83 .sw_type_size = sw_type_size, 84 }; 85 86 psa_invec in_vec[] = { 87 {.base = &extend_iov, 88 .len = sizeof(struct measured_boot_extend_iovec_t)}, 89 {.base = signer_id, .len = signer_id_size}, 90 {.base = version, .len = version_size}, 91 {.base = measurement_value, .len = measurement_value_size} 92 }; 93 94 if (sw_type != NULL) { 95 if (sw_type_size > SW_TYPE_MAX_SIZE) { 96 return PSA_ERROR_INVALID_ARGUMENT; 97 } 98 memcpy(extend_iov.sw_type, sw_type, sw_type_size); 99 } 100 101 log_measurement(index, signer_id, signer_id_size, 102 version, version_size, sw_type, sw_type_size, 103 measurement_algo, measurement_value, 104 measurement_value_size, lock_measurement); 105 106 return psa_call(RSS_MEASURED_BOOT_HANDLE, 107 RSS_MEASURED_BOOT_EXTEND, 108 in_vec, IOVEC_LEN(in_vec), 109 NULL, 0); 110 } 111 112 psa_status_t rss_measured_boot_read_measurement(uint8_t index, 113 uint8_t *signer_id, 114 size_t signer_id_size, 115 size_t *signer_id_len, 116 uint8_t *version, 117 size_t version_size, 118 size_t *version_len, 119 uint32_t *measurement_algo, 120 uint8_t *sw_type, 121 size_t sw_type_size, 122 size_t *sw_type_len, 123 uint8_t *measurement_value, 124 size_t measurement_value_size, 125 size_t *measurement_value_len, 126 bool *is_locked) 127 { 128 psa_status_t status; 129 struct measured_boot_read_iovec_in_t read_iov_in = { 130 .index = index, 131 .sw_type_size = sw_type_size, 132 .version_size = version_size, 133 }; 134 135 struct measured_boot_read_iovec_out_t read_iov_out; 136 137 psa_invec in_vec[] = { 138 {.base = &read_iov_in, 139 .len = sizeof(struct measured_boot_read_iovec_in_t)}, 140 }; 141 142 psa_outvec out_vec[] = { 143 {.base = &read_iov_out, 144 .len = sizeof(struct measured_boot_read_iovec_out_t)}, 145 {.base = signer_id, .len = signer_id_size}, 146 {.base = measurement_value, .len = measurement_value_size} 147 }; 148 149 status = psa_call(RSS_MEASURED_BOOT_HANDLE, RSS_MEASURED_BOOT_READ, 150 in_vec, IOVEC_LEN(in_vec), 151 out_vec, IOVEC_LEN(out_vec)); 152 153 if (status == PSA_SUCCESS) { 154 *is_locked = read_iov_out.is_locked; 155 *measurement_algo = read_iov_out.measurement_algo; 156 *sw_type_len = read_iov_out.sw_type_len; 157 *version_len = read_iov_out.version_len; 158 memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len); 159 memcpy(version, read_iov_out.version, read_iov_out.version_len); 160 *signer_id_len = out_vec[1].len; 161 *measurement_value_len = out_vec[2].len; 162 } 163 164 return status; 165 } 166 167 #else /* !PLAT_RSS_NOT_SUPPORTED */ 168 169 psa_status_t 170 rss_measured_boot_extend_measurement(uint8_t index, 171 const uint8_t *signer_id, 172 size_t signer_id_size, 173 const uint8_t *version, 174 size_t version_size, 175 uint32_t measurement_algo, 176 const uint8_t *sw_type, 177 size_t sw_type_size, 178 const uint8_t *measurement_value, 179 size_t measurement_value_size, 180 bool lock_measurement) 181 { 182 log_measurement(index, signer_id, signer_id_size, 183 version, version_size, sw_type, sw_type_size, 184 measurement_algo, measurement_value, 185 measurement_value_size, lock_measurement); 186 187 return PSA_SUCCESS; 188 } 189 190 psa_status_t rss_measured_boot_read_measurement(uint8_t index, 191 uint8_t *signer_id, 192 size_t signer_id_size, 193 size_t *signer_id_len, 194 uint8_t *version, 195 size_t version_size, 196 size_t *version_len, 197 uint32_t *measurement_algo, 198 uint8_t *sw_type, 199 size_t sw_type_size, 200 size_t *sw_type_len, 201 uint8_t *measurement_value, 202 size_t measurement_value_size, 203 size_t *measurement_value_len, 204 bool *is_locked) 205 { 206 return PSA_SUCCESS; 207 } 208 209 #endif /* !PLAT_RSS_NOT_SUPPORTED */ 210