TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / tf-m-extras / 537ddc858c62b3c840776f4604c59d4ce1ae6fd2^! / . / partitions / measured_boot / measured_boot.c
commit537ddc858c62b3c840776f4604c59d4ce1ae6fd2[log] [tgz]
authorMaulik Patel <Maulik.Patel@arm.com>Fri Jan 27 11:56:36 2023 +0000
committerMaulik Patel <Maulik.Patel@arm.com>Mon Jan 30 07:49:25 2023 +0000
treef6fb0476e2340294fd10c769b1eec967d83993ac
parentd2be59db92f8d03f5a6fef6188a25575ebaa297c [diff] [blame]
Measured boot: Extend measurement access update

Once slot is populated, extend the current measurement only when
new signer id and hash algorithm are same as in current slot
respectively.

Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: If90ec7381d720113232031835739c434deef798a

diff --git a/partitions/measured_boot/measured_boot.c b/partitions/measured_boot/measured_boot.c
index 2a1b13f..5172ad4 100644
--- a/partitions/measured_boot/measured_boot.c
+++ b/partitions/measured_boot/measured_boot.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  *
@@ -103,23 +103,24 @@
 
 /* TODO: Access control strategy to be updated */
 static bool is_slot_access_prohibited(uint8_t slot_index,
-                                      const uint8_t *signer_id)
+                                      const uint8_t *signer_id,
+                                      uint32_t measurement_algo)
 {
+    if (measurement_algo != measurement_slot[slot_index].measurement.metadata.measurement_algo) {
+        /* The client hash algorithm is different from the current slot hash algorithm */
+        return true;
+    }
+
     if (is_signer_id_different(slot_index, signer_id)) {
         /* The client signer id is different from the current slot signer id */
-        if (measurement_slot[slot_index].is_common) {
-            /* This slot holds common measurement and must be accessible to
-             * all
-             */
-            return false;
-        } else {
-            /* Check for read/extend permissions; deny access for now */
+        if (!measurement_slot[slot_index].is_common) {
+            /* This slot does NOT hold common measurements */
             return true;
         }
     }
 
-    /* The client signer id is same as the current slot signer id; hence it
-     * must be allowed full access
+    /* The client signer id and hash algo is same as the current slot signer id
+     * and hash algo respectively; hence it must be allowed full access
      */
     return false;
 }
@@ -313,11 +314,6 @@
                            measurement_value, measurement_value_size,
                            lock_measurement);
 
-    if (is_slot_access_prohibited(index, signer_id)) {
-        status = PSA_ERROR_NOT_PERMITTED;
-        goto error;
-    }
-
     if (is_measurement_slot_locked(index)) {
         /* Cannot write to measurement slot once locked */
         status = PSA_ERROR_BAD_STATE;
@@ -326,6 +322,11 @@
 
     /* Check how metadata needs updating for the requested slot */
     if (is_measurement_slot_populated(index)) {
+        if (is_slot_access_prohibited(index, signer_id, measurement_algo)) {
+            status = PSA_ERROR_NOT_PERMITTED;
+            goto error;
+        }
+
         /* Extend metadata */
         extend_metadata(index);
     } else {