1 /*
2 * Copyright (c) 2025, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7 #include <assert.h>
8 #include <stdarg.h>
9 #include <stdint.h>
10
11 #include <plat/arm/common/plat_arm.h>
12 #include <plat/common/platform.h>
13 #include <platform_def.h>
14
15 #include <tpm2.h>
16 #include <tpm2_chip.h>
17
18 #include <common/desc_image_load.h>
19 #include <common/ep_info.h>
20 #include <drivers/auth/crypto_mod.h>
21 #include <drivers/delay_timer.h>
22 #include <drivers/gpio_spi.h>
23 #include <drivers/measured_boot/metadata.h>
24 #include <drivers/tpm/tpm2_slb9670/slb9670_gpio.h>
25 #include <event_measure.h>
26 #include <event_print.h>
27 #include <rpi_shared.h>
28
29 /* Event Log data */
30 uint8_t event_log[PLAT_ARM_EVENT_LOG_MAX_SIZE];
31
32 /* RPI3 table with platform specific image IDs, names and PCRs */
33 const event_log_metadata_t rpi3_event_log_metadata[] = {
34 { FW_CONFIG_ID, MBOOT_FW_CONFIG_STRING, PCR_0 },
35 { TB_FW_CONFIG_ID, MBOOT_TB_FW_CONFIG_STRING, PCR_0 },
36 { BL2_IMAGE_ID, MBOOT_BL2_IMAGE_STRING, PCR_0 },
37
38 { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */
39 };
40
41 #if DISCRETE_TPM
42 extern struct tpm_chip_data tpm_chip_data;
43 #if (TPM_INTERFACE == FIFO_SPI)
44
45 #endif
46
rpi3_bl1_tpm_early_interface_setup(void)47 static void rpi3_bl1_tpm_early_interface_setup(void)
48 {
49 #if TPM_INTERFACE_FIFO_SPI
50 int rc;
51 struct spi_plat *spidev;
52 const struct tpm_timeout_ops timeout_ops = {
53 .timeout_init_us = timeout_init_us,
54 .timeout_elapsed = timeout_elapsed
55 };
56 const struct gpio_spi_config *tpm_rpi3_gpio_data =
57 tpm2_slb9670_get_config();
58
59 tpm2_slb9670_gpio_init(tpm_rpi3_gpio_data);
60
61 tpm2_slb9670_reset_chip(tpm_rpi3_gpio_data);
62
63 spidev = gpio_spi_init(tpm_rpi3_gpio_data);
64
65 rc = tpm_interface_init(spidev, &timeout_ops, &tpm_chip_data, 0);
66 if (rc != 0) {
67 ERROR("BL1: TPM interface init failed\n");
68 panic();
69 }
70
71 #endif
72 }
73 #endif
74
bl1_plat_mboot_init(void)75 void bl1_plat_mboot_init(void)
76 {
77 tpm_alg_id algorithms[] = {
78 #ifdef TPM_ALG_ID
79 TPM_ALG_ID
80 #else
81 /*
82 * TODO: with MEASURED_BOOT=1 several algorithms now compiled into Mbed-TLS,
83 * we ought to query the backend to figure out what algorithms to use.
84 */
85 TPM_ALG_SHA256,
86 TPM_ALG_SHA384,
87 TPM_ALG_SHA512,
88 #endif
89 };
90 int rc;
91
92 #if DISCRETE_TPM
93
94 rpi3_bl1_tpm_early_interface_setup();
95 rc = tpm_startup(&tpm_chip_data, TPM_SU_CLEAR);
96 if (rc != 0) {
97 ERROR("BL1: TPM Startup failed\n");
98 panic();
99 }
100 #endif
101
102 rc = event_log_init_and_reg(event_log, event_log + sizeof(event_log),
103 0U, crypto_mod_tcg_hash);
104 if (rc < 0) {
105 ERROR("Failed to initialize event log (%d).\n", rc);
106 panic();
107 }
108
109 rc = event_log_write_header(algorithms, ARRAY_SIZE(algorithms), 0, NULL,
110 0);
111 if (rc < 0) {
112 ERROR("Failed to write event log header (%d).\n", rc);
113 panic();
114 }
115 }
116
bl1_plat_mboot_finish(void)117 void bl1_plat_mboot_finish(void)
118 {
119 size_t event_log_cur_size;
120 image_desc_t *image_desc;
121 entry_point_info_t *ep_info;
122
123 event_log_cur_size = event_log_get_cur_size(event_log);
124 image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
125 assert(image_desc != NULL);
126
127 /* Get the entry point info */
128 ep_info = &image_desc->ep_info;
129 ep_info->args.arg2 = (uint64_t) event_log;
130 ep_info->args.arg3 = (uint32_t) event_log_cur_size;
131
132 #if DISCRETE_TPM
133 int rc;
134
135 /* relinquish control of TPM locality 0 and close interface */
136 rc = tpm_interface_close(&tpm_chip_data, 0);
137 if (rc != 0) {
138 ERROR("BL1: TPM interface close failed\n");
139 panic();
140 }
141 #endif
142
143 /* Dump Event Log for user view */
144 event_log_dump((uint8_t *)event_log, event_log_get_cur_size(event_log));
145 }
146