diff options
author | Tamas Ban <tamas.ban@arm.com> | 2019-01-05 08:59:30 +0000 |
---|---|---|
committer | Tamas Ban <tamas.ban@arm.com> | 2019-02-13 14:02:13 +0100 |
commit | 5b64747890bb391808a3714474d6beba68c9329b (patch) | |
tree | f92bc45f30cb9ad2ffbb1e3bed3ba2584fbd83d5 /bl2/include | |
parent | b6b8056aa8861f9ae2faf4f0c5e84ff82929e34f (diff) | |
download | trusted-firmware-m-5b64747890bb391808a3714474d6beba68c9329b.tar.gz |
Attest: Refactor shared data TLV entry header
It was done to make easier the lookup of boot status
relatead entries, which belongs to the same SW module.
Change-Id: I753dc03a2373d1975245502288e10c507402b6d5
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Diffstat (limited to 'bl2/include')
-rw-r--r-- | bl2/include/boot_record.h | 4 | ||||
-rw-r--r-- | bl2/include/tfm_boot_status.h | 197 |
2 files changed, 161 insertions, 40 deletions
diff --git a/bl2/include/boot_record.h b/bl2/include/boot_record.h index ab71a48629..f7a63087f1 100644 --- a/bl2/include/boot_record.h +++ b/bl2/include/boot_record.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Arm Limited. All rights reserved. + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -43,7 +43,7 @@ enum shared_memory_err_t { */ enum shared_memory_err_t boot_add_data_to_shared_area(uint8_t major_type, - uint8_t minor_type, + uint16_t minor_type, size_t size, const uint8_t *data); diff --git a/bl2/include/tfm_boot_status.h b/bl2/include/tfm_boot_status.h index 30a7b1c2cc..ca1679a9c4 100644 --- a/bl2/include/tfm_boot_status.h +++ b/bl2/include/tfm_boot_status.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Arm Limited. All rights reserved. + * Copyright (c) 2018-2019, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause * @@ -16,43 +16,165 @@ extern "C" { #endif -/* Major numbers to identify the consumer of shared data in runtime SW */ -#define TLV_MAJOR_CORE 0x0 -#define TLV_MAJOR_IAS 0x1 - -/* PSA Root of Trust */ -#define TLV_MINOR_IAS_PRoT_SHA256 0x00 -#define TLV_MINOR_IAS_PRoT_SW_VERSION 0x01 -#define TLV_MINOR_IAS_PRoT_EPOCH 0x02 - -/* Application Root of Trust */ -#define TLV_MINOR_IAS_ARoT_SHA256 0x03 -#define TLV_MINOR_IAS_ARoT_SW_VERSION 0x04 -#define TLV_MINOR_IAS_ARoT_EPOCH 0x05 - -/* Non-secure processing environment: single non-secure image */ -#define TLV_MINOR_IAS_NSPE_SHA256 0x06 -#define TLV_MINOR_IAS_NSPE_SW_VERSION 0x07 -#define TLV_MINOR_IAS_NSPE_EPOCH 0x08 - -/* ARoT + PRoT: single secure image */ -#define TLV_MINOR_IAS_S_SHA256 0x09 -#define TLV_MINOR_IAS_S_SW_VERSION 0x0a -#define TLV_MINOR_IAS_S_EPOCH 0x0b +/* Major numbers (4 bit) to identify + * the consumer of shared data in runtime SW + */ +#define TLV_MAJOR_CORE 0x0 +#define TLV_MAJOR_IAS 0x1 -/* S + NS: combined secure and non-secure image */ -#define TLV_MINOR_IAS_S_NS_SHA256 0x0c -#define TLV_MINOR_IAS_S_NS_SW_VERSION 0x0d -#define TLV_MINOR_IAS_S_NS_EPOCH 0x0e +/** + * The shared data between boot loader and runtime SW is TLV encoded. The + * shared data is stored in a well known location in secure memory and this is + * a contract between boot loader and runtime SW. + * + * The structure of shared data must be the following: + * - At the beginning there must be a header: struct shared_data_tlv_header + * This contains a magic number and a size field which covers the entire + * size of the shared data area including this header. + * - After the header there come the entries which are composed from an entry + * header structure: struct shared_data_tlv_entry and the data. In the entry + * header is a type field (tly_type) which identify the consumer of the + * entry in the runtime SW and specify the subtype of that data item. There + * is a size field (tlv_len) which covers the size of the entry header and + * the data. After this structure comes the actual data. + * - Arbitrary number and size of data entry can be in the shared memory area. + * + * This table gives of overview about the tlv_type field in the entry header. + * The tlv_type always composed from a major and minor number. Major number + * identifies the addressee in runtime SW, who should process the data entry. + * Minor number used to encode more info about the data entry. The actual + * definition of minor number could change per major number. In case of boot + * status data, which is going to be processed by initial attestation service + * the minor number is split further to two part: sw_module and claim. The + * sw_module identifies the SW component in the system which the data item + * belongs to and the claim part identifies the exact type of the data. + * + * |---------------------------------------| + * | tlv_type (16) | + * |---------------------------------------| + * | tlv_major(4)| tlv_minor(12) | + * |---------------------------------------| + * | MAJOR_IAS | sw_module(6) | claim(6) | + * |---------------------------------------| + * | MAJOR_CORE | TBD | + * |---------------------------------------| + */ +/* Initial attestation: SW components / SW modules + * This list is intended to be adjusted per device. It contains more SW + * components than currently available in TF-M project. It serves as an example, + * what kind of SW components might be available. + */ +#define SW_GENERAL 0x00 +#define SW_BL2 0x01 +#define SW_PROT 0x02 +#define SW_AROT 0x03 +#define SW_SPE 0x04 +#define SW_NSPE 0x05 +#define SW_S_NS 0x06 +#define SW_MAX 0x07 + +/* Initial attestation: Claim per SW components / SW modules */ +/* Bits: 0-2 */ +#define SW_VERSION 0x00 +#define SW_SIGNER_ID 0x01 +#define SW_EPOCH 0x02 +#define SW_TYPE 0x03 +/* Bits: 3-5 */ +#define SW_MEASURE_VALUE 0x08 +#define SW_MEASURE_TYPE 0x09 + +/* Initial attestation: General claim does not belong any particular SW + * component. But they might be part of the boot status. + */ +#define BOOT_SEED 0x00 +#define HW_ID 0x01 +#define SECURITY_LIFECYCLE 0x02 + +/* Minor numbers (12 bit) to identify attestation service related data */ +#define TLV_MINOR_IAS_BOOT_SEED ((SW_GENERAL << 6) | BOOT_SEED) +#define TLV_MINOR_IAS_HW_ID ((SW_GENERAL << 6) | HW_ID) +#define TLV_MINOR_IAS_SLC ((SW_GENERAL << 6) | SECURITY_LIFECYCLE) + +/* Bootloader - It can be more stage */ +#define TLV_MINOR_IAS_BL2_MEASURE_VALUE ((SW_BL2 << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_BL2_MEASURE_TYPE ((SW_BL2 << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_BL2_VERSION ((SW_BL2 << 6) | SW_VERSION) +#define TLV_MINOR_IAS_BL2_SIGNER_ID ((SW_BL2 << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_BL2_EPOCH ((SW_BL2 << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_BL2_TYPE ((SW_BL2 << 6) | SW_TYPE) + +/* PROT: PSA Root of Trust */ +#define TLV_MINOR_IAS_PROT_MEASURE_VALUE ((SW_PROT << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_PROT_MEASURE_TYPE ((SW_PROT << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_PROT_VERSION ((SW_PROT << 6) | SW_VERSION) +#define TLV_MINOR_IAS_PROT_SIGNER_ID ((SW_PROT << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_PROT_EPOCH ((SW_PROT << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_PROT_TYPE ((SW_PROT << 6) | SW_TYPE) + +/* AROT: Application Root of Trust */ +#define TLV_MINOR_IAS_AROT_MEASURE_VALUE ((SW_AROT << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_AROT_MEASURE_TYPE ((SW_AROT << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_AROT_VERSION ((SW_AROT << 6) | SW_VERSION) +#define TLV_MINOR_IAS_AROT_SIGNER_ID ((SW_AROT << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_AROT_EPOCH ((SW_AROT << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_AROT_TYPE ((SW_AROT << 6) | SW_TYPE) + +/* Non-secure processing environment - single non-secure image */ +#define TLV_MINOR_IAS_NSPE_MEASURE_VALUE ((SW_NSPE << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_NSPE_MEASURE_TYPE ((SW_NSPE << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_NSPE_VERSION ((SW_NSPE << 6) | SW_VERSION) +#define TLV_MINOR_IAS_NSPE_SIGNER_ID ((SW_NSPE << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_NSPE_EPOCH ((SW_NSPE << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_NSPE_TYPE ((SW_NSPE << 6) | SW_TYPE) + +/* Secure processing environment (ARoT + PRoT) - single secure image */ +#define TLV_MINOR_IAS_SPE_MEASURE_VALUE ((SW_SPE << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_SPE_MEASURE_TYPE ((SW_SPE << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_SPE_VERSION ((SW_SPE << 6) | SW_VERSION) +#define TLV_MINOR_IAS_SPE_SIGNER_ID ((SW_SPE << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_SPE_EPOCH ((SW_SPE << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_SPE_TYPE ((SW_SPE << 6) | SW_TYPE) + +/* SPE + NSPE - combined secure and non-secure image */ +#define TLV_MINOR_IAS_S_NS_MEASURE_VALUE ((SW_S_NS << 6) | SW_MEASURE_VALUE) +#define TLV_MINOR_IAS_S_NS_MEASURE_TYPE ((SW_S_NS << 6) | SW_MEASURE_TYPE) +#define TLV_MINOR_IAS_S_NS_VERSION ((SW_S_NS << 6) | SW_VERSION) +#define TLV_MINOR_IAS_S_NS_SIGNER_ID ((SW_S_NS << 6) | SW_SIGNER_ID) +#define TLV_MINOR_IAS_S_NS_EPOCH ((SW_S_NS << 6) | SW_EPOCH) +#define TLV_MINOR_IAS_S_NS_TYPE ((SW_S_NS << 6) | SW_TYPE) + +/* General macros to handle TLV type */ +#define MAJOR_MASK 0xF /* 4 bit */ +#define MAJOR_POS 12 /* 12 bit */ +#define MINOR_MASK 0xFFF /* 12 bit */ + +#define SET_TLV_TYPE(major, minor) \ + ((((major) & MAJOR_MASK) << MAJOR_POS) | ((minor) & MINOR_MASK)) +#define GET_MAJOR(tlv_type) ((tlv_type) >> MAJOR_POS) +#define GET_MINOR(tlv_type) ((tlv_type) & MINOR_MASK) + +/* Initial attestation specific macros */ +#define MODULE_POS 6 /* 6 bit */ +#define CLAIM_MASK 0x3F /* 6 bit */ +#define MEASUREMENT_CLAIM_POS 3 /* 3 bit */ + +#define GET_IAS_MODULE(tlv_type) (GET_MINOR(tlv_type) >> MODULE_POS) +#define GET_IAS_CLAIM(tlv_type) (GET_MINOR(tlv_type) & CLAIM_MASK) +#define SET_IAS_MINOR(sw_module, claim) (((sw_module) << 6) | (claim)) + +#define GET_IAS_MEASUREMENT_CLAIM(ias_claim) ((ias_claim) >> \ + MEASUREMENT_CLAIM_POS) + +/* Magic value which marks the beginning of shared data area in memory */ #define SHARED_DATA_TLV_INFO_MAGIC 0x2016 /** * Shared data TLV header. All fields in little endian. * - * --------------------------- - * | tlv_magic | tlv_tot_len | - * --------------------------- + * ----------------------------------- + * | tlv_magic(16) | tlv_tot_len(16) | + * ----------------------------------- */ struct shared_data_tlv_header { uint16_t tlv_magic; @@ -64,15 +186,14 @@ struct shared_data_tlv_header { /** * Shared data TLV entry header format. All fields in little endian. * - * --------------------------------------------- - * | tlv_major_type | tlv_minor_type | tlv_len | - * --------------------------------------------- - * | Raw data | - * --------------------------------------------- + * ------------------------------- + * | tlv_type(16) | tlv_len(16) | + * ------------------------------- + * | Raw data | + * ------------------------------- */ struct shared_data_tlv_entry { - uint8_t tlv_major_type; - uint8_t tlv_minor_type; + uint16_t tlv_type; uint16_t tlv_len; /* size of single TLV entry (including this header). */ }; |