1c4c9e2bcSAbhi Singh /* 2c4c9e2bcSAbhi Singh * Copyright (c) 2025, Arm Limited. All rights reserved. 3c4c9e2bcSAbhi Singh * 4c4c9e2bcSAbhi Singh * SPDX-License-Identifier: BSD-3-Clause 5c4c9e2bcSAbhi Singh */ 6c4c9e2bcSAbhi Singh 7c4c9e2bcSAbhi Singh #include <assert.h> 8c4c9e2bcSAbhi Singh #include <stdarg.h> 9c4c9e2bcSAbhi Singh #include <stdint.h> 10c4c9e2bcSAbhi Singh 11c4c9e2bcSAbhi Singh #include <plat/arm/common/plat_arm.h> 12c4c9e2bcSAbhi Singh #include <plat/common/platform.h> 13c4c9e2bcSAbhi Singh #include <platform_def.h> 14c4c9e2bcSAbhi Singh 15*b67e9846SHarrison Mutai #include <common/desc_image_load.h> 16*b67e9846SHarrison Mutai #include <common/ep_info.h> 17*b67e9846SHarrison Mutai #include <drivers/auth/crypto_mod.h> 18*b67e9846SHarrison Mutai #include <drivers/gpio_spi.h> 19*b67e9846SHarrison Mutai #include <drivers/measured_boot/metadata.h> 20*b67e9846SHarrison Mutai #include <drivers/tpm/tpm2.h> 21*b67e9846SHarrison Mutai #include <drivers/tpm/tpm2_chip.h> 22*b67e9846SHarrison Mutai #include <drivers/tpm/tpm2_slb9670/slb9670_gpio.h> 23*b67e9846SHarrison Mutai #include <event_measure.h> 24*b67e9846SHarrison Mutai #include <event_print.h> 254f9894dbSAbhi Singh #include <rpi_shared.h> 264f9894dbSAbhi Singh 27c4c9e2bcSAbhi Singh /* Event Log data */ 28c4c9e2bcSAbhi Singh uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE]; 29*b67e9846SHarrison Mutai static const struct event_log_hash_info crypto_hash_info = { 30*b67e9846SHarrison Mutai .func = crypto_mod_calc_hash, 31*b67e9846SHarrison Mutai .ids = (const uint32_t[]){ CRYPTO_MD_ID }, 32*b67e9846SHarrison Mutai .count = 1U, 33*b67e9846SHarrison Mutai }; 34c4c9e2bcSAbhi Singh 35c4c9e2bcSAbhi Singh /* RPI3 table with platform specific image IDs, names and PCRs */ 36c4c9e2bcSAbhi Singh const event_log_metadata_t rpi3_event_log_metadata[] = { 37c4c9e2bcSAbhi Singh { FW_CONFIG_ID, MBOOT_FW_CONFIG_STRING, PCR_0 }, 38c4c9e2bcSAbhi Singh { TB_FW_CONFIG_ID, MBOOT_TB_FW_CONFIG_STRING, PCR_0 }, 39c4c9e2bcSAbhi Singh { BL2_IMAGE_ID, MBOOT_BL2_IMAGE_STRING, PCR_0 }, 40c4c9e2bcSAbhi Singh 41c4c9e2bcSAbhi Singh { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */ 42c4c9e2bcSAbhi Singh }; 43c4c9e2bcSAbhi Singh 444f9894dbSAbhi Singh #if DISCRETE_TPM 454f9894dbSAbhi Singh extern struct tpm_chip_data tpm_chip_data; 464f9894dbSAbhi Singh #if (TPM_INTERFACE == FIFO_SPI) 474f9894dbSAbhi Singh extern struct gpio_spi_data tpm_rpi3_gpio_data; 484f9894dbSAbhi Singh struct spi_plat *spidev; 494f9894dbSAbhi Singh #endif 504f9894dbSAbhi Singh 514f9894dbSAbhi Singh static void rpi3_bl1_tpm_early_interface_setup(void) 524f9894dbSAbhi Singh { 534f9894dbSAbhi Singh #if (TPM_INTERFACE == FIFO_SPI) 544f9894dbSAbhi Singh tpm2_slb9670_gpio_init(&tpm_rpi3_gpio_data); 554f9894dbSAbhi Singh 564f9894dbSAbhi Singh tpm2_slb9670_reset_chip(&tpm_rpi3_gpio_data); 574f9894dbSAbhi Singh 584f9894dbSAbhi Singh spidev = gpio_spi_init(&tpm_rpi3_gpio_data); 594f9894dbSAbhi Singh #endif 604f9894dbSAbhi Singh } 614f9894dbSAbhi Singh #endif 624f9894dbSAbhi Singh 63c4c9e2bcSAbhi Singh void bl1_plat_mboot_init(void) 64c4c9e2bcSAbhi Singh { 654f9894dbSAbhi Singh #if DISCRETE_TPM 664f9894dbSAbhi Singh int rc; 674f9894dbSAbhi Singh 684f9894dbSAbhi Singh rpi3_bl1_tpm_early_interface_setup(); 694f9894dbSAbhi Singh rc = tpm_interface_init(&tpm_chip_data, 0); 704f9894dbSAbhi Singh if (rc != 0) { 714f9894dbSAbhi Singh ERROR("BL1: TPM interface init failed\n"); 724f9894dbSAbhi Singh panic(); 734f9894dbSAbhi Singh } 744f9894dbSAbhi Singh rc = tpm_startup(&tpm_chip_data, TPM_SU_CLEAR); 754f9894dbSAbhi Singh if (rc != 0) { 764f9894dbSAbhi Singh ERROR("BL1: TPM Startup failed\n"); 774f9894dbSAbhi Singh panic(); 784f9894dbSAbhi Singh } 794f9894dbSAbhi Singh #endif 804f9894dbSAbhi Singh 81*b67e9846SHarrison Mutai rc = event_log_init_and_reg(event_log, event_log + sizeof(event_log), 82*b67e9846SHarrison Mutai &crypto_hash_info); 83*b67e9846SHarrison Mutai if (rc < 0) { 84*b67e9846SHarrison Mutai ERROR("Failed to initialize event log (%d).\n", rc); 85*b67e9846SHarrison Mutai panic(); 86*b67e9846SHarrison Mutai } 87*b67e9846SHarrison Mutai 88*b67e9846SHarrison Mutai rc = event_log_write_header(); 89*b67e9846SHarrison Mutai if (rc < 0) { 90*b67e9846SHarrison Mutai ERROR("Failed to write event log header (%d).\n", rc); 91*b67e9846SHarrison Mutai panic(); 92*b67e9846SHarrison Mutai } 93c4c9e2bcSAbhi Singh } 94c4c9e2bcSAbhi Singh 95c4c9e2bcSAbhi Singh void bl1_plat_mboot_finish(void) 96c4c9e2bcSAbhi Singh { 97c4c9e2bcSAbhi Singh size_t event_log_cur_size; 98c4c9e2bcSAbhi Singh image_desc_t *image_desc; 99c4c9e2bcSAbhi Singh entry_point_info_t *ep_info; 100c4c9e2bcSAbhi Singh 101c4c9e2bcSAbhi Singh event_log_cur_size = event_log_get_cur_size(event_log); 102c4c9e2bcSAbhi Singh image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID); 103c4c9e2bcSAbhi Singh assert(image_desc != NULL); 104c4c9e2bcSAbhi Singh 105c4c9e2bcSAbhi Singh /* Get the entry point info */ 106c4c9e2bcSAbhi Singh ep_info = &image_desc->ep_info; 107c4c9e2bcSAbhi Singh ep_info->args.arg2 = (uint64_t) event_log; 108c4c9e2bcSAbhi Singh ep_info->args.arg3 = (uint32_t) event_log_cur_size; 1094f9894dbSAbhi Singh 1104f9894dbSAbhi Singh #if DISCRETE_TPM 1114f9894dbSAbhi Singh int rc; 1124f9894dbSAbhi Singh 1134f9894dbSAbhi Singh /* relinquish control of TPM locality 0 and close interface */ 1144f9894dbSAbhi Singh rc = tpm_interface_close(&tpm_chip_data, 0); 1154f9894dbSAbhi Singh if (rc != 0) { 1164f9894dbSAbhi Singh ERROR("BL1: TPM interface close failed\n"); 1174f9894dbSAbhi Singh panic(); 1184f9894dbSAbhi Singh } 1194f9894dbSAbhi Singh #endif 120c4c9e2bcSAbhi Singh } 121c4c9e2bcSAbhi Singh 122c4c9e2bcSAbhi Singh int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data) 123c4c9e2bcSAbhi Singh { 124c4c9e2bcSAbhi Singh int rc = 0; 125c4c9e2bcSAbhi Singh unsigned char hash_data[CRYPTO_MD_MAX_SIZE]; 126c4c9e2bcSAbhi Singh const event_log_metadata_t *metadata_ptr = rpi3_event_log_metadata; 127c4c9e2bcSAbhi Singh 128c4c9e2bcSAbhi Singh rc = event_log_measure(image_data->image_base, image_data->image_size, hash_data); 129c4c9e2bcSAbhi Singh if (rc != 0) { 130c4c9e2bcSAbhi Singh return rc; 131c4c9e2bcSAbhi Singh } 132c4c9e2bcSAbhi Singh 1334f9894dbSAbhi Singh #if DISCRETE_TPM 1344f9894dbSAbhi Singh rc = tpm_pcr_extend(&tpm_chip_data, 0, TPM_ALG_ID, hash_data, TCG_DIGEST_SIZE); 1354f9894dbSAbhi Singh if (rc != 0) { 1364f9894dbSAbhi Singh ERROR("BL1: TPM PCR-0 extend failed\n"); 1374f9894dbSAbhi Singh panic(); 1384f9894dbSAbhi Singh } 1394f9894dbSAbhi Singh #endif 1404f9894dbSAbhi Singh 141c4c9e2bcSAbhi Singh while ((metadata_ptr->id != EVLOG_INVALID_ID) && 142c4c9e2bcSAbhi Singh (metadata_ptr->id != image_id)) { 143c4c9e2bcSAbhi Singh metadata_ptr++; 144c4c9e2bcSAbhi Singh } 145c4c9e2bcSAbhi Singh assert(metadata_ptr->id != EVLOG_INVALID_ID); 146c4c9e2bcSAbhi Singh 147c4c9e2bcSAbhi Singh event_log_record(hash_data, EV_POST_CODE, metadata_ptr); 148c4c9e2bcSAbhi Singh 149c4c9e2bcSAbhi Singh /* Dump Event Log for user view */ 150126f278fSHarrison Mutai event_log_dump((uint8_t *)event_log, event_log_get_cur_size(event_log)); 151c4c9e2bcSAbhi Singh 152c4c9e2bcSAbhi Singh return rc; 153c4c9e2bcSAbhi Singh } 154