xref: /rk3399_ARM-atf/plat/rpi/rpi3/rpi3_common_mboot.c (revision f5c9c19cc80223281f45c0aabda7b5853936708c) 
1 /*
2  * Copyright (c) 2025, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <assert.h>
8 #include <stdarg.h>
9 #include <stdint.h>
10 
11 #include <plat/common/common_def.h>
12 #include <plat/common/platform.h>
13 #include <platform_def.h>
14 
15 #include <tpm2.h>
16 #include <event_measure.h>
17 #include <event_print.h>
18 #include <rpi3_measured_boot.h>
19 
20 /* RPI3 table with platform specific image IDs, names and PCRs */
21 extern const event_log_metadata_t rpi3_event_log_metadata[];
22 
23 #if DISCRETE_TPM
24 extern struct tpm_chip_data tpm_chip_data;
25 #endif
26 
27 int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
28 {
29 	int rc = 0;
30 	const event_log_metadata_t *metadata_ptr;
31 	uint8_t digest_buf[MAX_TPML_BUFFER_SIZE] __unused;
32 	size_t digest_size __unused;
33 	tpmt_ha *digest __unused;
34 
35 	metadata_ptr = mboot_find_event_log_metadata(rpi3_event_log_metadata,
36 						     image_id);
37 	if (metadata_ptr == NULL) {
38 		ERROR("Unable to find metadata for image %u.\n", image_id);
39 		return -1;
40 	}
41 
42 #if !DISCRETE_TPM
43 	/* Calculate image hash and record data in Event Log */
44 	rc = event_log_measure_and_record(metadata_ptr->pcr,
45 					  image_data->image_base,
46 					  image_data->image_size,
47 					  metadata_ptr->name,
48 					  strlen(metadata_ptr->name) + 1U);
49 	if (rc != 0) {
50 		ERROR("Image measurement and recording failed (%d).\n", rc);
51 		return rc;
52 	}
53 #else
54 	/* Calculate image hash and record data in Event Log */
55 	rc = event_log_measure(image_data->image_base, image_data->image_size,
56 			       digest_buf, sizeof(digest_buf));
57 	if (rc != 0) {
58 		ERROR("Image measurement failed (%d).\n", rc);
59 		return rc;
60 	}
61 
62 	/* Extend measurement to Event Log. */
63 	rc = event_log_write_pcr_event2(metadata_ptr->pcr, EV_POST_CODE,
64 					(const tpml_digest_values *)digest_buf,
65 					(const uint8_t *)metadata_ptr->name,
66 					strlen(metadata_ptr->name) + 1);
67 	if (rc != 0) {
68 		ERROR("Failed to record image measurement to event log (%d).\n",
69 		      rc);
70 		return rc;
71 	}
72 
73 	/*
74 	 * TODO: The TPM library currently supports extending only a single digest
75 	 * at a time.  In practice, we should query the TPM to determine which hash
76 	 * algorithms it supports, and update the library to allow submitting
77 	 * multiple digest extensions in one call.
78 	 */
79 	digest = ((tpml_digest_values *)digest_buf)->digests;
80 
81 	rc = tpm_pcr_extend(&tpm_chip_data, PCR_0, digest->algorithm_id,
82 			    digest->digest, TCG_DIGEST_SIZE);
83 	if (rc != 0) {
84 		ERROR("BL2: TPM PCR-0 extend failed\n");
85 		panic();
86 	}
87 #endif /* !DISCRETE_TPM */
88 
89 	return rc;
90 }
91