xref: /rk3399_ARM-atf/plat/arm/board/fvp/fvp_trusted_boot.c (revision 2ce78bff8b7c214b6f1c8ef46fa966afd14c0aa2) 
1 /*
2  * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <stdint.h>
9 #include <string.h>
10 
11 #include <lib/mmio.h>
12 #include <lib/fconf/fconf.h>
13 #include <plat/arm/common/plat_arm.h>
14 #include <plat/arm/common/fconf_nv_cntr_getter.h>
15 #include <plat/common/platform.h>
16 #include <platform_def.h>
17 #include <tools_share/cca_oid.h>
18 
19 /*
20  * Return the ROTPK hash in the following ASN.1 structure in DER format:
21  *
22  * AlgorithmIdentifier  ::=  SEQUENCE  {
23  *     algorithm         OBJECT IDENTIFIER,
24  *     parameters        ANY DEFINED BY algorithm OPTIONAL
25  * }
26  *
27  * DigestInfo ::= SEQUENCE {
28  *     digestAlgorithm   AlgorithmIdentifier,
29  *     digest            OCTET STRING
30  * }
31  */
32 int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len,
33 			unsigned int *flags)
34 {
35 	return arm_get_rotpk_info(cookie, key_ptr, key_len, flags);
36 }
37 
38 /*
39  * Store a new non-volatile counter value.
40  *
41  * On some FVP versions, the non-volatile counters are read-only so this
42  * function will always fail.
43  *
44  * Return: 0 = success, Otherwise = error
45  */
46 int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr)
47 {
48 	const char *oid;
49 	uintptr_t nv_ctr_addr;
50 
51 	assert(cookie != NULL);
52 
53 	oid = (const char *)cookie;
54 	if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
55 		nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
56 						TRUSTED_NV_CTR_ID);
57 	} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
58 		nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
59 						NON_TRUSTED_NV_CTR_ID);
60 	} else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
61 		/* FVP does not support the CCA NV Counter so use the Trusted NV */
62 		nv_ctr_addr = FCONF_GET_PROPERTY(cot, nv_cntr_addr,
63 						TRUSTED_NV_CTR_ID);
64 	} else {
65 		return 1;
66 	}
67 
68 	mmio_write_32(nv_ctr_addr, nv_ctr);
69 
70 	/*
71 	 * If the FVP models a locked counter then its value cannot be updated
72 	 * and the above write operation has been silently ignored.
73 	 */
74 	return (mmio_read_32(nv_ctr_addr) == nv_ctr) ? 0 : 1;
75 }
76 
77 /*
78  * Return the non-volatile counter value stored in the platform. The cookie
79  * will contain the OID of the counter in the certificate.
80  *
81  * Return: 0 = success, Otherwise = error
82  */
83 int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr)
84 {
85 	const char *oid;
86 	uint32_t *nv_ctr_addr;
87 
88 	assert(cookie != NULL);
89 	assert(nv_ctr != NULL);
90 
91 	oid = (const char *)cookie;
92 	if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) {
93 		nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
94 							TRUSTED_NV_CTR_ID);
95 	} else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) {
96 		nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
97 							NON_TRUSTED_NV_CTR_ID);
98 	} else if (strcmp(oid, CCA_FW_NVCOUNTER_OID) == 0) {
99 		/* FVP does not support the CCA NV Counter so use the Trusted NV */
100 		nv_ctr_addr = (uint32_t *)FCONF_GET_PROPERTY(cot, nv_cntr_addr,
101 							TRUSTED_NV_CTR_ID);
102 	} else {
103 		return 1;
104 	}
105 
106 	*nv_ctr = (unsigned int)(*nv_ctr_addr);
107 
108 	return 0;
109 }
110