1 /*
2 * Copyright (c) 2025, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <drivers/arm/mhu.h>
8 #include <drivers/arm/rse_comms.h>
9 #include <drivers/measured_boot/metadata.h>
10 #include <drivers/measured_boot/rse/rse_measured_boot.h>
11 #include <plat/arm/common/plat_arm.h>
12 #include <tools_share/tbbr_oid.h>
13 #include <tools_share/zero_oid.h>
14
15 static int plat_rse_comms_init(void);
16
17 /*
18 * Platform specific table with image IDs and metadata. Intentionally not a
19 * const struct, some members might set by bootloaders during trusted boot.
20 */
21 struct rse_mboot_metadata rdaspen_rse_mboot_metadata[] = {
22 {
23 .id = FW_CONFIG_ID,
24 .slot = U(8),
25 .signer_id_size = SIGNER_ID_MIN_SIZE,
26 .sw_type = MBOOT_FW_CONFIG_STRING,
27 .lock_measurement = true,
28 .pk_oid = ZERO_OID
29 },
30 {
31 .id = HW_CONFIG_ID,
32 .slot = U(9),
33 .signer_id_size = SIGNER_ID_MIN_SIZE,
34 .sw_type = MBOOT_HW_CONFIG_STRING,
35 .lock_measurement = true,
36 .pk_oid = HW_CONFIG_KEY_OID
37 },
38 {
39 .id = BL31_IMAGE_ID,
40 .slot = U(10),
41 .signer_id_size = SIGNER_ID_MIN_SIZE,
42 .sw_type = MBOOT_BL31_IMAGE_STRING,
43 .lock_measurement = true,
44 .pk_oid = BL31_IMAGE_KEY_OID
45 },
46 {
47 .id = BL32_IMAGE_ID,
48 .slot = U(11),
49 .signer_id_size = SIGNER_ID_MIN_SIZE,
50 .sw_type = MBOOT_BL32_IMAGE_STRING,
51 .lock_measurement = true,
52 .pk_oid = BL32_IMAGE_KEY_OID
53 },
54 {
55 .id = BL33_IMAGE_ID,
56 .slot = U(12),
57 .signer_id_size = SIGNER_ID_MIN_SIZE,
58 .sw_type = MBOOT_BL33_IMAGE_STRING,
59 .lock_measurement = true,
60 .pk_oid = BL33_IMAGE_KEY_OID
61 },
62 {
63 .id = RSE_MBOOT_INVALID_ID
64 }
65 };
66
bl2_plat_mboot_init(void)67 void bl2_plat_mboot_init(void)
68 {
69 /* Initialize the communication channel between AP and RSE */
70 (void)plat_rse_comms_init();
71
72 rse_measured_boot_init(rdaspen_rse_mboot_metadata);
73 }
74
bl2_plat_mboot_finish(void)75 void bl2_plat_mboot_finish(void)
76 {
77 /* Nothing to do. */
78 }
79
plat_mboot_measure_image(unsigned int image_id,image_info_t * image_data)80 int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
81 {
82 int err;
83
84 /* Calculate image hash and record data in RSE */
85 err = rse_mboot_measure_and_record(rdaspen_rse_mboot_metadata,
86 image_data->image_base,
87 image_data->image_size,
88 image_id);
89 if (err != 0) {
90 ERROR("Measure and record failed for image id %u, err (%i)\n",
91 image_id, err);
92 }
93
94 return err;
95 }
96
plat_mboot_measure_key(const void * pk_oid,const void * pk_ptr,size_t pk_len)97 int plat_mboot_measure_key(const void *pk_oid, const void *pk_ptr,
98 size_t pk_len)
99 {
100 return rse_mboot_set_signer_id(rdaspen_rse_mboot_metadata, pk_oid, pk_ptr,
101 pk_len);
102 }
103
plat_rse_comms_init(void)104 static int plat_rse_comms_init(void)
105 {
106 struct mhu_addr mhu_addresses;
107
108 /* Get sender and receiver frames for AP-RSE communication */
109 mhu_addresses.sender_base = AP_RSE_SECURE_MHU_V3_PBX;
110 mhu_addresses.receiver_base = AP_RSE_SECURE_MHU_V3_MBX;
111
112 /* Initialize the communication channel between AP and RSE */
113 return rse_mbx_init(&mhu_addresses);
114 }
115