xref: /rk3399_ARM-atf/plat/rpi/rpi3/rpi3_common_mboot.c (revision b50c7af1f59b3735ec63b69a1186f13a6caa5263) 
1*0087b24fSHarrison Mutai /*
2*0087b24fSHarrison Mutai  * Copyright (c) 2025, Arm Limited. All rights reserved.
3*0087b24fSHarrison Mutai  *
4*0087b24fSHarrison Mutai  * SPDX-License-Identifier: BSD-3-Clause
5*0087b24fSHarrison Mutai  */
6*0087b24fSHarrison Mutai 
7*0087b24fSHarrison Mutai #include <assert.h>
8*0087b24fSHarrison Mutai #include <stdarg.h>
9*0087b24fSHarrison Mutai #include <stdint.h>
10*0087b24fSHarrison Mutai 
11*0087b24fSHarrison Mutai #include <plat/common/common_def.h>
12*0087b24fSHarrison Mutai #include <plat/common/platform.h>
13*0087b24fSHarrison Mutai #include <platform_def.h>
14*0087b24fSHarrison Mutai 
15*0087b24fSHarrison Mutai #include <tpm2.h>
16*0087b24fSHarrison Mutai #include <event_measure.h>
17*0087b24fSHarrison Mutai #include <event_print.h>
18*0087b24fSHarrison Mutai #include <rpi3_measured_boot.h>
19*0087b24fSHarrison Mutai 
20*0087b24fSHarrison Mutai /* RPI3 table with platform specific image IDs, names and PCRs */
21*0087b24fSHarrison Mutai extern const event_log_metadata_t rpi3_event_log_metadata[];
22*0087b24fSHarrison Mutai 
23*0087b24fSHarrison Mutai #if DISCRETE_TPM
24*0087b24fSHarrison Mutai extern struct tpm_chip_data tpm_chip_data;
25*0087b24fSHarrison Mutai #endif
26*0087b24fSHarrison Mutai 
plat_mboot_measure_image(unsigned int image_id,image_info_t * image_data)27*0087b24fSHarrison Mutai int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
28*0087b24fSHarrison Mutai {
29*0087b24fSHarrison Mutai 	int rc = 0;
30*0087b24fSHarrison Mutai 	const event_log_metadata_t *metadata_ptr;
31*0087b24fSHarrison Mutai 	uint8_t digest_buf[MAX_TPML_BUFFER_SIZE] __unused;
32*0087b24fSHarrison Mutai 	size_t digest_size __unused;
33*0087b24fSHarrison Mutai 	tpmt_ha *digest __unused;
34*0087b24fSHarrison Mutai 
35*0087b24fSHarrison Mutai 	metadata_ptr = mboot_find_event_log_metadata(rpi3_event_log_metadata,
36*0087b24fSHarrison Mutai 						     image_id);
37*0087b24fSHarrison Mutai 	if (metadata_ptr == NULL) {
38*0087b24fSHarrison Mutai 		ERROR("Unable to find metadata for image %u.\n", image_id);
39*0087b24fSHarrison Mutai 		return -1;
40*0087b24fSHarrison Mutai 	}
41*0087b24fSHarrison Mutai 
42*0087b24fSHarrison Mutai #if !DISCRETE_TPM
43*0087b24fSHarrison Mutai 	/* Calculate image hash and record data in Event Log */
44*0087b24fSHarrison Mutai 	rc = event_log_measure_and_record(metadata_ptr->pcr,
45*0087b24fSHarrison Mutai 					  image_data->image_base,
46*0087b24fSHarrison Mutai 					  image_data->image_size,
47*0087b24fSHarrison Mutai 					  metadata_ptr->name,
48*0087b24fSHarrison Mutai 					  strlen(metadata_ptr->name) + 1U);
49*0087b24fSHarrison Mutai 	if (rc != 0) {
50*0087b24fSHarrison Mutai 		ERROR("Image measurement and recording failed (%d).\n", rc);
51*0087b24fSHarrison Mutai 		return rc;
52*0087b24fSHarrison Mutai 	}
53*0087b24fSHarrison Mutai #else
54*0087b24fSHarrison Mutai 	/* Calculate image hash and record data in Event Log */
55*0087b24fSHarrison Mutai 	rc = event_log_measure(image_data->image_base, image_data->image_size,
56*0087b24fSHarrison Mutai 			       digest_buf, sizeof(digest_buf));
57*0087b24fSHarrison Mutai 	if (rc != 0) {
58*0087b24fSHarrison Mutai 		ERROR("Image measurement failed (%d).\n", rc);
59*0087b24fSHarrison Mutai 		return rc;
60*0087b24fSHarrison Mutai 	}
61*0087b24fSHarrison Mutai 
62*0087b24fSHarrison Mutai 	/* Extend measurement to Event Log. */
63*0087b24fSHarrison Mutai 	rc = event_log_write_pcr_event2(metadata_ptr->pcr, EV_POST_CODE,
64*0087b24fSHarrison Mutai 					(const tpml_digest_values *)digest_buf,
65*0087b24fSHarrison Mutai 					(const uint8_t *)metadata_ptr->name,
66*0087b24fSHarrison Mutai 					strlen(metadata_ptr->name) + 1);
67*0087b24fSHarrison Mutai 	if (rc != 0) {
68*0087b24fSHarrison Mutai 		ERROR("Failed to record image measurement to event log (%d).\n",
69*0087b24fSHarrison Mutai 		      rc);
70*0087b24fSHarrison Mutai 		return rc;
71*0087b24fSHarrison Mutai 	}
72*0087b24fSHarrison Mutai 
73*0087b24fSHarrison Mutai 	/*
74*0087b24fSHarrison Mutai 	 * TODO: The TPM library currently supports extending only a single digest
75*0087b24fSHarrison Mutai 	 * at a time.  In practice, we should query the TPM to determine which hash
76*0087b24fSHarrison Mutai 	 * algorithms it supports, and update the library to allow submitting
77*0087b24fSHarrison Mutai 	 * multiple digest extensions in one call.
78*0087b24fSHarrison Mutai 	 */
79*0087b24fSHarrison Mutai 	digest = ((tpml_digest_values *)digest_buf)->digests;
80*0087b24fSHarrison Mutai 
81*0087b24fSHarrison Mutai 	rc = tpm_pcr_extend(&tpm_chip_data, PCR_0, digest->algorithm_id,
82*0087b24fSHarrison Mutai 			    digest->digest, TCG_DIGEST_SIZE);
83*0087b24fSHarrison Mutai 	if (rc != 0) {
84*0087b24fSHarrison Mutai 		ERROR("BL2: TPM PCR-0 extend failed\n");
85*0087b24fSHarrison Mutai 		panic();
86*0087b24fSHarrison Mutai 	}
87*0087b24fSHarrison Mutai #endif /* !DISCRETE_TPM */
88*0087b24fSHarrison Mutai 
89*0087b24fSHarrison Mutai 	return rc;
90*0087b24fSHarrison Mutai }
91