Platform: Add security lifecycle to attest_hal
Security lifecycle is a global attribute of the device.
This patch introduces a hardware abstraction layer for
attestation. It defines a getter function to retrive
the security lifecycle value. Dummy implementation was
added to supported platforms.
Change-Id: Ie8721eda9ced3f79f63ec9e080342326eda3eab8
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/platform/ext/Mps2AN519.cmake b/platform/ext/Mps2AN519.cmake
index 532c4d7..9d3c612 100644
--- a/platform/ext/Mps2AN519.cmake
+++ b/platform/ext/Mps2AN519.cmake
@@ -115,6 +115,7 @@
elseif(BUILD_TARGET_CFG)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/mps2/an519/target_cfg.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/spm_hal.c")
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/native_drivers/mpu_armv8m_drv.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an519/tfm_platform_system.c")
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
diff --git a/platform/ext/Mps2AN521.cmake b/platform/ext/Mps2AN521.cmake
index 3502a11..80fe871 100644
--- a/platform/ext/Mps2AN521.cmake
+++ b/platform/ext/Mps2AN521.cmake
@@ -116,6 +116,7 @@
elseif(BUILD_TARGET_CFG)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/mps2/an521/target_cfg.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/spm_hal.c")
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/native_drivers/mpu_armv8m_drv.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/mps2/an521/tfm_platform_system.c")
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
diff --git a/platform/ext/musca_a.cmake b/platform/ext/musca_a.cmake
index daf11cd..b82ab81 100755
--- a/platform/ext/musca_a.cmake
+++ b/platform/ext/musca_a.cmake
@@ -119,6 +119,7 @@
elseif(BUILD_TARGET_CFG)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_a/target_cfg.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/spm_hal.c")
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/Native_Driver/mpu_armv8m_drv.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_a/tfm_platform_system.c")
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
diff --git a/platform/ext/musca_b1.cmake b/platform/ext/musca_b1.cmake
index 63fc134..9b57a94 100755
--- a/platform/ext/musca_b1.cmake
+++ b/platform/ext/musca_b1.cmake
@@ -115,6 +115,7 @@
elseif (BUILD_TARGET_CFG)
list(APPEND ALL_SRC_C "${PLATFORM_DIR}/target/musca_b1/target_cfg.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/spm_hal.c")
+ list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/attest_hal.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/Native_Driver/mpu_armv8m_drv.c")
list(APPEND ALL_SRC_C_S "${PLATFORM_DIR}/target/musca_b1/tfm_platform_system.c")
embedded_include_directories(PATH "${PLATFORM_DIR}/common" ABSOLUTE)
diff --git a/platform/ext/target/mps2/an519/attest_hal.c b/platform/ext/target/mps2/an519/attest_hal.c
new file mode 100644
index 0000000..59b2476
--- /dev/null
+++ b/platform/ext/target/mps2/an519/attest_hal.c
@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "platform/include/tfm_attest_hal.h"
+
+enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
+{
+ return TFM_SLC_SECURED;
+}
diff --git a/platform/ext/target/mps2/an521/attest_hal.c b/platform/ext/target/mps2/an521/attest_hal.c
new file mode 100644
index 0000000..59b2476
--- /dev/null
+++ b/platform/ext/target/mps2/an521/attest_hal.c
@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "platform/include/tfm_attest_hal.h"
+
+enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
+{
+ return TFM_SLC_SECURED;
+}
diff --git a/platform/ext/target/musca_a/attest_hal.c b/platform/ext/target/musca_a/attest_hal.c
new file mode 100644
index 0000000..59b2476
--- /dev/null
+++ b/platform/ext/target/musca_a/attest_hal.c
@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "platform/include/tfm_attest_hal.h"
+
+enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
+{
+ return TFM_SLC_SECURED;
+}
diff --git a/platform/ext/target/musca_b1/attest_hal.c b/platform/ext/target/musca_b1/attest_hal.c
new file mode 100644
index 0000000..59b2476
--- /dev/null
+++ b/platform/ext/target/musca_b1/attest_hal.c
@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "platform/include/tfm_attest_hal.h"
+
+enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
+{
+ return TFM_SLC_SECURED;
+}
diff --git a/platform/include/tfm_attest_hal.h b/platform/include/tfm_attest_hal.h
new file mode 100644
index 0000000..f22162e
--- /dev/null
+++ b/platform/include/tfm_attest_hal.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2019, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_ATTEST_HAL_H__
+#define __TFM_ATTEST_HAL_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Security lifecycle of the device
+ */
+enum tfm_security_lifecycle_t {
+ TFM_SLC_UNKNOWN = 0x0000u,
+ TFM_SLC_ASSEMBLY_AND_TEST = 0x1000u,
+ TFM_SLC_PSA_ROT_PROVISIONING = 0x2000u,
+ TFM_SLC_SECURED = 0x3000u,
+ TFM_SLC_NON_PSA_ROT_DEBUG = 0x4000u,
+ TFM_SLC_RECOVERABLE_PSA_ROT_DEBUG = 0x5000u,
+ TFM_SLC_DECOMMISSIONED = 0x6000u,
+};
+
+/**
+ * \brief Retrieve the security lifecycle of the device
+ *
+ * Security lifecycle is a mandatory claim in the initial attestation token.
+ *
+ * \return According to \ref tfm_security_lifecycle_t
+ */
+enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_ATTEST_HAL_H__ */