1 /*
2 * Copyright (c) 2025, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <stdint.h>
8
9 #if TRANSFER_LIST
10 #include <tpm_event_log.h>
11 #endif
12 #include <plat/arm/common/plat_arm.h>
13
14 #include <drivers/auth/crypto_mod.h>
15 #include <drivers/measured_boot/metadata.h>
16 #include <event_measure.h>
17 #include <event_print.h>
18 #include <tools_share/zero_oid.h>
19
20 /* Event Log data */
21 static uint8_t *event_log;
22
23 /* Juno table with platform specific image IDs, names and PCRs */
24 const event_log_metadata_t juno_event_log_metadata[] = {
25 { FW_CONFIG_ID, MBOOT_FW_CONFIG_STRING, PCR_0 },
26 { TB_FW_CONFIG_ID, MBOOT_TB_FW_CONFIG_STRING, PCR_0 },
27 { BL2_IMAGE_ID, MBOOT_BL2_IMAGE_STRING, PCR_0 },
28 { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
29 };
30
bl1_plat_mboot_init(void)31 void bl1_plat_mboot_init(void)
32 {
33 #if TRANSFER_LIST
34 int rc;
35 size_t event_log_max_size = PLAT_ARM_EVENT_LOG_MAX_SIZE;
36 tpm_alg_id algos[] = {
37 #ifdef TPM_ALG_ID
38 TPM_ALG_ID,
39 #else
40 /*
41 * TODO: with MEASURED_BOOT=1 several algorithms now compiled into Mbed-TLS,
42 * we ought to query the backend to figure out what algorithms to use.
43 */
44 TPM_ALG_SHA256,
45 TPM_ALG_SHA384,
46 TPM_ALG_SHA512,
47 #endif
48 };
49
50 event_log =
51 transfer_list_event_log_extend(secure_tl, event_log_max_size);
52 assert(event_log != NULL);
53
54 rc = event_log_init_and_reg(event_log, event_log + event_log_max_size,
55 0U, crypto_mod_tcg_hash);
56 if (rc < 0) {
57 ERROR("Failed to initialize event log (%d).\n", rc);
58 panic();
59 }
60
61 rc = event_log_write_header(algos, ARRAY_SIZE(algos), 0, NULL, 0);
62 if (rc < 0) {
63 ERROR("Failed to write event log header (%d).\n", rc);
64 panic();
65 }
66 #endif
67 }
68
bl1_plat_mboot_finish(void)69 void bl1_plat_mboot_finish(void)
70 {
71 #if TRANSFER_LIST
72 uint8_t *rc __unused;
73 size_t event_log_cur_size = event_log_get_cur_size(event_log);
74
75 rc = transfer_list_event_log_finish(
76 secure_tl, (uintptr_t)event_log + event_log_cur_size);
77
78 if (rc != NULL)
79 return;
80
81 /*
82 * Panic if we fail to set up the event log for the next stage.
83 * This is a fatal error because, on the Juno platform,
84 * BL2 software assumes that a valid event Log buffer exists and
85 * will use the same event Log buffer to append image
86 * measurements.
87 */
88 panic();
89 #endif
90 }
91