1fe7de035SAntonio Nino Diaz /* 2*02552d45Slaurenw-arm * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved. 3fe7de035SAntonio Nino Diaz * 482cb2c1aSdp-arm * SPDX-License-Identifier: BSD-3-Clause 5fe7de035SAntonio Nino Diaz */ 6fe7de035SAntonio Nino Diaz 7fe7de035SAntonio Nino Diaz #include <assert.h> 8fe7de035SAntonio Nino Diaz #include <stdint.h> 9fe7de035SAntonio Nino Diaz #include <string.h> 1009d40e0eSAntonio Nino Diaz 11bd363d35SSandrine Bailleux #include <lib/mmio.h> 1214d095c3SManish V Badarkhe #include <lib/fconf/fconf.h> 13a6ffddecSMax Shvetsov #include <plat/arm/common/plat_arm.h> 1414d095c3SManish V Badarkhe #include <plat/arm/common/fconf_nv_cntr_getter.h> 1509d40e0eSAntonio Nino Diaz #include <plat/common/platform.h> 16234bc7f8SAntonio Nino Diaz #include <platform_def.h> 17*02552d45Slaurenw-arm #include <tools_share/cca_oid.h> 18232c6b34SMasahiro Yamada 19fe7de035SAntonio Nino Diaz /* 20a6ffddecSMax Shvetsov * Return the ROTPK hash in the following ASN.1 structure in DER format: 21a6ffddecSMax Shvetsov * 22a6ffddecSMax Shvetsov * AlgorithmIdentifier ::= SEQUENCE { 23a6ffddecSMax Shvetsov * algorithm OBJECT IDENTIFIER, 24a6ffddecSMax Shvetsov * parameters ANY DEFINED BY algorithm OPTIONAL 25a6ffddecSMax Shvetsov * } 26a6ffddecSMax Shvetsov * 27a6ffddecSMax Shvetsov * DigestInfo ::= SEQUENCE { 28a6ffddecSMax Shvetsov * digestAlgorithm AlgorithmIdentifier, 29a6ffddecSMax Shvetsov * digest OCTET STRING 30a6ffddecSMax Shvetsov * } 31a6ffddecSMax Shvetsov */ 32a6ffddecSMax Shvetsov int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, 33a6ffddecSMax Shvetsov unsigned int *flags) 34a6ffddecSMax Shvetsov { 3588005701SSandrine Bailleux return arm_get_rotpk_info(cookie, key_ptr, key_len, flags); 36a6ffddecSMax Shvetsov } 37a6ffddecSMax Shvetsov 38a6ffddecSMax Shvetsov /* 39bd363d35SSandrine Bailleux * Store a new non-volatile counter value. 40bd363d35SSandrine Bailleux * 41bd363d35SSandrine Bailleux * On some FVP versions, the non-volatile counters are read-only so this 42bd363d35SSandrine Bailleux * function will always fail. 43fe7de035SAntonio Nino Diaz * 44fe7de035SAntonio Nino Diaz * Return: 0 = success, Otherwise = error 45fe7de035SAntonio Nino Diaz */ 46fe7de035SAntonio Nino Diaz int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) 47fe7de035SAntonio Nino Diaz { 48fe7de035SAntonio Nino Diaz const char *oid; 49bd363d35SSandrine Bailleux uintptr_t nv_ctr_addr; 50fe7de035SAntonio Nino Diaz 51fe7de035SAntonio Nino Diaz assert(cookie != NULL); 52fe7de035SAntonio Nino Diaz 53fe7de035SAntonio Nino Diaz oid = (const char *)cookie; 54fe7de035SAntonio Nino Diaz if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) { 5514d095c3SManish V Badarkhe nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr, 5614d095c3SManish V Badarkhe TRUSTED_NV_CTR_ID); 57fe7de035SAntonio Nino Diaz } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { 5814d095c3SManish V Badarkhe nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr, 5914d095c3SManish V Badarkhe NON_TRUSTED_NV_CTR_ID); 60*02552d45Slaurenw-arm } else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) { 61*02552d45Slaurenw-arm /* FVP does not support the CCA NV Counter so use the Trusted NV */ 62*02552d45Slaurenw-arm nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr, 63*02552d45Slaurenw-arm TRUSTED_NV_CTR_ID); 64fe7de035SAntonio Nino Diaz } else { 65fe7de035SAntonio Nino Diaz return 1; 66fe7de035SAntonio Nino Diaz } 67fe7de035SAntonio Nino Diaz 68bd363d35SSandrine Bailleux mmio_write_32(nv_ctr_addr, nv_ctr); 69fe7de035SAntonio Nino Diaz 70bd363d35SSandrine Bailleux /* 71bd363d35SSandrine Bailleux * If the FVP models a locked counter then its value cannot be updated 72bd363d35SSandrine Bailleux * and the above write operation has been silently ignored. 73bd363d35SSandrine Bailleux */ 74bd363d35SSandrine Bailleux return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1; 75fe7de035SAntonio Nino Diaz } 76*02552d45Slaurenw-arm 77*02552d45Slaurenw-arm /* 78*02552d45Slaurenw-arm * Return the non-volatile counter value stored in the platform. The cookie 79*02552d45Slaurenw-arm * will contain the OID of the counter in the certificate. 80*02552d45Slaurenw-arm * 81*02552d45Slaurenw-arm * Return: 0 = success, Otherwise = error 82*02552d45Slaurenw-arm */ 83*02552d45Slaurenw-arm int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr) 84*02552d45Slaurenw-arm { 85*02552d45Slaurenw-arm const char *oid; 86*02552d45Slaurenw-arm uint32_t *nv_ctr_addr; 87*02552d45Slaurenw-arm 88*02552d45Slaurenw-arm assert(cookie != NULL); 89*02552d45Slaurenw-arm assert(nv_ctr != NULL); 90*02552d45Slaurenw-arm 91*02552d45Slaurenw-arm oid = (const char *)cookie; 92*02552d45Slaurenw-arm if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) { 93*02552d45Slaurenw-arm nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, 94*02552d45Slaurenw-arm TRUSTED_NV_CTR_ID); 95*02552d45Slaurenw-arm } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { 96*02552d45Slaurenw-arm nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, 97*02552d45Slaurenw-arm NON_TRUSTED_NV_CTR_ID); 98*02552d45Slaurenw-arm } else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) { 99*02552d45Slaurenw-arm /* FVP does not support the CCA NV Counter so use the Trusted NV */ 100*02552d45Slaurenw-arm nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr, 101*02552d45Slaurenw-arm TRUSTED_NV_CTR_ID); 102*02552d45Slaurenw-arm } else { 103*02552d45Slaurenw-arm return 1; 104*02552d45Slaurenw-arm } 105*02552d45Slaurenw-arm 106*02552d45Slaurenw-arm *nv_ctr = (unsigned int)(*nv_ctr_addr); 107*02552d45Slaurenw-arm 108*02552d45Slaurenw-arm return 0; 109*02552d45Slaurenw-arm } 110