aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Vincze <david.vincze@arm.com>2020-01-08 17:42:30 +0100
committerDavid Vincze <david.vincze@arm.com>2020-01-27 14:54:41 +0100
commite13a48b65321a8828bd9e3a11e1652436df6c6b0 (patch)
treec9c421db5e31f4c60a04b67cc25f77bff2ce762a
parentead78fb7c1268e38e639eac8b45c11eb4ffbc315 (diff)
downloadtrusted-firmware-m-e13a48b65321a8828bd9e3a11e1652436df6c6b0.tar.gz
Attest: Accept empty shared data area
Introduce the BOOT_DATA_AVAILABLE CMake variable to indicate whether boot data is available in the shared data area (between the boot loader and runtime firmware). If it's false the content of the shared data area will be ignored and thus all the tests will pass for example when TF-M is used with a boot loader that doesn't provide any boot data or when a boot loader is not used at all. Change-Id: Ic6d32cfdc8741018c6668692d64f81236006b593 Signed-off-by: David Vincze <david.vincze@arm.com>
-rw-r--r--CommonConfig.cmake8
-rw-r--r--docs/user_guides/services/tfm_attestation_integration_guide.rst12
-rw-r--r--secure_fw/CMakeLists.txt4
-rw-r--r--secure_fw/core/tfm_boot_data.c13
-rw-r--r--secure_fw/services/initial_attestation/tfm_attestation.c12
5 files changed, 37 insertions, 12 deletions
diff --git a/CommonConfig.cmake b/CommonConfig.cmake
index fc4dd2d9df..cf711eb7c1 100644
--- a/CommonConfig.cmake
+++ b/CommonConfig.cmake
@@ -425,6 +425,14 @@ set(ATTEST_BOOT_INTERFACE "CBOR_ENCODED_CLAIMS" CACHE STRING "Set the format in
set_property(CACHE ATTEST_BOOT_INTERFACE PROPERTY STRINGS "INDIVIDUAL_CLAIMS;CBOR_ENCODED_CLAIMS")
validate_cache_value(ATTEST_BOOT_INTERFACE)
+if (NOT DEFINED BOOT_DATA_AVAILABLE)
+ if (BL2)
+ set(BOOT_DATA_AVAILABLE ON)
+ else()
+ set(BOOT_DATA_AVAILABLE OFF)
+ endif()
+endif()
+
##Set mbedTLS compiler flags for BL2 bootloader
set(MBEDCRYPTO_C_FLAGS_BL2 "-D__ARM_FEATURE_CMSE=${ARM_FEATURE_CMSE} -D__thumb2__ ${COMMON_COMPILE_FLAGS_STR} -DMBEDTLS_CONFIG_FILE=\\\\\\\"config-rsa.h\\\\\\\" -I${CMAKE_CURRENT_LIST_DIR}/bl2/ext/mcuboot/include")
if (MCUBOOT_SIGNATURE_TYPE STREQUAL "RSA-3072")
diff --git a/docs/user_guides/services/tfm_attestation_integration_guide.rst b/docs/user_guides/services/tfm_attestation_integration_guide.rst
index eb5601f0bb..80af21e2e1 100644
--- a/docs/user_guides/services/tfm_attestation_integration_guide.rst
+++ b/docs/user_guides/services/tfm_attestation_integration_guide.rst
@@ -307,6 +307,9 @@ Boot loader interface
It is **recommended** to have a secure boot loader in the boot chain, which is
capable of measuring the runtime firmware components (calculates the hash value
of firmware images) and provide other attributes of these (version, type, etc).
+If the used boot loader is not capable of sharing these information with the
+runtime software then the ``BOOT_DATA_AVAILABLE`` compiler flag **must** be
+set to false (see `Related compile time options`_).
The shared data between boot loader and runtime software is TLV encoded. The
definition of TLV structure is described in ``bl2/include/tfm_boot_status.h``.
@@ -445,6 +448,15 @@ those flags. The list of flags are:
unprotected header. Key-id is calculated and added to the COSE header based
on the value of this flag. Default value: False.
+Related compile time options
+----------------------------
+- ``BOOT_DATA_AVAILABLE``: The boot data is expected to be present in the shared
+ data area between the boot loader and the runtime firmware when it's true.
+ Otherwise, when it's false does not check the content of the shared data area.
+ Also assume that the TLV header is present and valid (the magic number is
+ correct) and there are no other data entries. Its default value depends on
+ the BL2 flag.
+
************
Verification
************
diff --git a/secure_fw/CMakeLists.txt b/secure_fw/CMakeLists.txt
index e71971ec2e..87211116c3 100644
--- a/secure_fw/CMakeLists.txt
+++ b/secure_fw/CMakeLists.txt
@@ -161,6 +161,10 @@ if(TARGET_NV_COUNTERS_ENABLE)
embedded_set_target_compile_defines(TARGET ${PROJECT_OBJ_LIB} LANGUAGE C DEFINES TFM_NVCOUNTERS_ENABLE APPEND)
endif()
+if(BOOT_DATA_AVAILABLE)
+ embedded_set_target_compile_defines(TARGET ${PROJECT_OBJ_LIB} LANGUAGE C DEFINES BOOT_DATA_AVAILABLE APPEND)
+endif()
+
if (NOT DEFINED CORE_TEST)
message(FATAL_ERROR "Incomplete build configuration: CORE_TEST is undefined.")
elseif(CORE_TEST)
diff --git a/secure_fw/core/tfm_boot_data.c b/secure_fw/core/tfm_boot_data.c
index 7a3edc91c7..079e0204ab 100644
--- a/secure_fw/core/tfm_boot_data.c
+++ b/secure_fw/core/tfm_boot_data.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -120,6 +120,7 @@ static int32_t tfm_core_check_boot_data_access_policy(uint8_t major_type)
void tfm_core_validate_boot_data(void)
{
+#ifdef BOOT_DATA_AVAILABLE
struct tfm_boot_data *boot_data;
boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE;
@@ -127,6 +128,9 @@ void tfm_core_validate_boot_data(void)
if (boot_data->header.tlv_magic == SHARED_DATA_TLV_INFO_MAGIC) {
is_boot_data_valid = BOOT_DATA_VALID;
}
+#else
+ is_boot_data_valid = BOOT_DATA_VALID;
+#endif /* BOOT_DATA_AVAILABLE */
}
void tfm_core_get_boot_data_handler(uint32_t args[])
@@ -136,8 +140,10 @@ void tfm_core_get_boot_data_handler(uint32_t args[])
uint16_t buf_size = (uint16_t)args[2];
uint8_t *ptr;
struct tfm_boot_data *boot_data;
+#ifdef BOOT_DATA_AVAILABLE
struct shared_data_tlv_entry tlv_entry;
uintptr_t tlv_end, offset;
+#endif /* BOOT_DATA_AVAILABLE */
#ifndef TFM_PSA_API
uint32_t running_partition_idx =
tfm_spm_partition_get_running_partition_idx();
@@ -188,10 +194,12 @@ void tfm_core_get_boot_data_handler(uint32_t args[])
return;
}
+#ifdef BOOT_DATA_AVAILABLE
/* Get the boundaries of TLV section */
boot_data = (struct tfm_boot_data *)BOOT_TFM_SHARED_DATA_BASE;
tlv_end = BOOT_TFM_SHARED_DATA_BASE + boot_data->header.tlv_tot_len;
offset = BOOT_TFM_SHARED_DATA_BASE + SHARED_DATA_HEADER_SIZE;
+#endif /* BOOT_DATA_AVAILABLE */
/* Add header to output buffer as well */
if (buf_size < SHARED_DATA_HEADER_SIZE) {
@@ -204,6 +212,7 @@ void tfm_core_get_boot_data_handler(uint32_t args[])
ptr = boot_data->data;
}
+#ifdef BOOT_DATA_AVAILABLE
/* Iterates over the TLV section and copy TLVs with requested major
* type to the provided buffer.
*/
@@ -226,6 +235,8 @@ void tfm_core_get_boot_data_handler(uint32_t args[])
boot_data->header.tlv_tot_len += tlv_entry.tlv_len;
}
}
+#endif /* BOOT_DATA_AVAILABLE */
+
args[0] = (uint32_t)TFM_SUCCESS;
return;
}
diff --git a/secure_fw/services/initial_attestation/tfm_attestation.c b/secure_fw/services/initial_attestation/tfm_attestation.c
index 1b8757ac79..7e20b2e3d4 100644
--- a/secure_fw/services/initial_attestation/tfm_attestation.c
+++ b/secure_fw/services/initial_attestation/tfm_attestation.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, Arm Limited. All rights reserved.
+ * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -57,22 +57,12 @@ attest_get_boot_data(uint8_t major_type,
uint32_t len)
{
enum psa_attest_err_t attest_res = PSA_ATTEST_ERR_SUCCESS;
-
-#ifndef BL2
- /* Avoid compiler warning due to unused argument */
- (void)len;
- (void)major_type;
-
- boot_data->header.tlv_magic = SHARED_DATA_TLV_INFO_MAGIC;
- boot_data->header.tlv_tot_len = SHARED_DATA_HEADER_SIZE;
-#else
int32_t tfm_res;
tfm_res = tfm_core_get_boot_data(major_type, boot_data, len);
if (tfm_res != (int32_t)TFM_SUCCESS) {
attest_res = PSA_ATTEST_ERR_INIT_FAILED;
}
-#endif /* BL2 */
return attest_res;
}