xref: /rk3399_ARM-atf/lib/psa/measured_boot.c (revision b47dddd061e92054c3b2096fc8aa9688bfef68d6) 
1 /*
2  * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #include <string.h>
9 
10 #include <common/debug.h>
11 #include <drivers/measured_boot/metadata.h>
12 #include <measured_boot.h>
13 #include <psa/client.h>
14 #include <psa_manifest/sid.h>
15 
16 #include "measured_boot_private.h"
17 
18 static void print_byte_array(const uint8_t *array __unused, size_t len __unused)
19 {
20 #if LOG_LEVEL >= LOG_LEVEL_INFO
21 	size_t i;
22 
23 	if (array == NULL || len == 0U) {
24 		(void)printf("\n");
25 	} else {
26 		for (i = 0U; i < len; ++i) {
27 			(void)printf(" %02x", array[i]);
28 			if ((i & U(0xF)) == U(0xF)) {
29 				(void)printf("\n");
30 				if (i < (len - 1U)) {
31 					INFO("\t\t:");
32 				}
33 			}
34 		}
35 	}
36 #endif
37 }
38 
39 static void log_measurement(uint8_t index,
40 			    const uint8_t *signer_id,
41 			    size_t signer_id_size,
42 			    const uint8_t *version,     /* string */
43 			    size_t version_size,
44 			    const uint8_t *sw_type,     /* string */
45 			    size_t sw_type_size,
46 			    uint32_t measurement_algo,
47 			    const uint8_t *measurement_value,
48 			    size_t measurement_value_size,
49 			    bool lock_measurement)
50 {
51 	INFO("Measured boot extend measurement:\n");
52 	INFO(" - slot        : %u\n", index);
53 	INFO(" - signer_id   :");
54 	print_byte_array(signer_id, signer_id_size);
55 	INFO(" - version     : %s\n",  version);
56 	INFO(" - version_size: %zu\n", version_size);
57 	INFO(" - sw_type     : %s\n",  sw_type);
58 	INFO(" - sw_type_size: %zu\n", sw_type_size);
59 	INFO(" - algorithm   : %x\n", measurement_algo);
60 	INFO(" - measurement :");
61 	print_byte_array(measurement_value, measurement_value_size);
62 	INFO(" - locking     : %s\n", lock_measurement ? "true" : "false");
63 }
64 
65 psa_status_t
66 rse_measured_boot_extend_measurement(uint8_t index,
67 				     const uint8_t *signer_id,
68 				     size_t signer_id_size,
69 				     const uint8_t *version,
70 				     size_t version_size,
71 				     uint32_t measurement_algo,
72 				     const uint8_t *sw_type,
73 				     size_t sw_type_size,
74 				     const uint8_t *measurement_value,
75 				     size_t measurement_value_size,
76 				     bool lock_measurement)
77 {
78 	struct measured_boot_extend_iovec_t extend_iov = {
79 		.index = index,
80 		.lock_measurement = lock_measurement,
81 		.measurement_algo = measurement_algo,
82 		.sw_type = {0},
83 		.sw_type_size = sw_type_size,
84 	};
85 
86 	if (version_size > VERSION_MAX_SIZE) {
87 		return PSA_ERROR_INVALID_ARGUMENT;
88 	}
89 
90 
91 	if (version_size > 0 && version[version_size - 1] == '\0') {
92 		version_size--;
93 	}
94 
95 	psa_invec in_vec[] = {
96 		{.base = &extend_iov,
97 			.len = sizeof(struct measured_boot_extend_iovec_t)},
98 		{.base = signer_id, .len = signer_id_size},
99 		{.base = version, .len = version_size },
100 		{.base = measurement_value, .len = measurement_value_size}
101 	};
102 
103 	if (sw_type != NULL) {
104 		if (extend_iov.sw_type_size > SW_TYPE_MAX_SIZE) {
105 			return PSA_ERROR_INVALID_ARGUMENT;
106 		}
107 		if (sw_type_size > 0 && sw_type[sw_type_size - 1] == '\0') {
108 			extend_iov.sw_type_size--;
109 		}
110 		memcpy(extend_iov.sw_type, sw_type, extend_iov.sw_type_size);
111 	}
112 
113 	log_measurement(index, signer_id, signer_id_size,
114 			version, version_size, sw_type, sw_type_size,
115 			measurement_algo, measurement_value,
116 			measurement_value_size, lock_measurement);
117 
118 	return psa_call(RSE_MEASURED_BOOT_HANDLE,
119 			RSE_MEASURED_BOOT_EXTEND,
120 			in_vec, IOVEC_LEN(in_vec),
121 			NULL, 0);
122 }
123 
124 psa_status_t rse_measured_boot_read_measurement(uint8_t index,
125 					uint8_t *signer_id,
126 					size_t signer_id_size,
127 					size_t *signer_id_len,
128 					uint8_t *version,
129 					size_t version_size,
130 					size_t *version_len,
131 					uint32_t *measurement_algo,
132 					uint8_t *sw_type,
133 					size_t sw_type_size,
134 					size_t *sw_type_len,
135 					uint8_t *measurement_value,
136 					size_t measurement_value_size,
137 					size_t *measurement_value_len,
138 					bool *is_locked)
139 {
140 	psa_status_t status;
141 	struct measured_boot_read_iovec_in_t read_iov_in = {
142 		.index = index,
143 		.sw_type_size = sw_type_size,
144 		.version_size = version_size,
145 	};
146 
147 	struct measured_boot_read_iovec_out_t read_iov_out;
148 
149 	psa_invec in_vec[] = {
150 		{.base = &read_iov_in,
151 		 .len = sizeof(struct measured_boot_read_iovec_in_t)},
152 	};
153 
154 	psa_outvec out_vec[] = {
155 		{.base = &read_iov_out,
156 		 .len = sizeof(struct measured_boot_read_iovec_out_t)},
157 		{.base = signer_id, .len = signer_id_size},
158 		{.base = measurement_value, .len = measurement_value_size}
159 	};
160 
161 	status = psa_call(RSE_MEASURED_BOOT_HANDLE, RSE_MEASURED_BOOT_READ,
162 					  in_vec, IOVEC_LEN(in_vec),
163 					  out_vec, IOVEC_LEN(out_vec));
164 
165 	if (status == PSA_SUCCESS) {
166 		*is_locked = read_iov_out.is_locked;
167 		*measurement_algo = read_iov_out.measurement_algo;
168 		*sw_type_len = read_iov_out.sw_type_len;
169 		*version_len = read_iov_out.version_len;
170 		memcpy(sw_type, read_iov_out.sw_type, read_iov_out.sw_type_len);
171 		memcpy(version, read_iov_out.version, read_iov_out.version_len);
172 		*signer_id_len = out_vec[1].len;
173 		*measurement_value_len = out_vec[2].len;
174 	}
175 
176 	return status;
177 }
178