TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-RMM / tf-rmm / fabc0d0b77271ce592196855ac03da4c29c41f8e^! / . / runtime / rmi / pdev.c
commitfabc0d0b77271ce592196855ac03da4c29c41f8e[log] [tgz]
authorArunachalam Ganapathy <arunachalam.ganapathy@arm.com>Thu Jul 18 13:12:58 2024 +0100
committerSoby Mathew <soby.mathew@arm.com>Fri Jun 27 15:14:49 2025 +0100
tree93511369cdad2675a27be41accdf15e27a7c5280
parent55cd942359ef2ab4b45ff7812236be020a54fe7d [diff] [blame]
feat(app/device_assignment): add support for libspdm_get_certificate

In dev_assign_cmd_init_connection_main add support to do
libspdm_get_certificate. This retrivies device certificate in parts or
whole based on the size of device certificate and response buffer size.

As the device certificate is retrived, RMM does below steps
- Sets cache fields in DevCommExit for NS host to cache the device
  response.
- Computes spdm_cert_chain hash based on the negotiated hash algorithm.
- Computes x509_cert_chain hash based on the PDEV hash algorithm.
- Once the certificate is completed retrived, RMM sets the hash of the
  certificate in libspdm connection using custom set_data command
  LIBSPDM_DATA_PEER_USED_CERT_CHAIN_HASH.

Set LIBSPDM_MAX_CERT_CHAIN_SIZE to 0 as RMM do not store certificate
chain in libspdm context.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Change-Id: I56362c99c654178f4feb474fda031db2d9a74641

diff --git a/runtime/rmi/pdev.c b/runtime/rmi/pdev.c
index a52bc20..00b001c 100644
--- a/runtime/rmi/pdev.c
+++ b/runtime/rmi/pdev.c

@@ -423,20 +423,27 @@
 		struct rmi_dev_comm_exit *exit_args)
 {
 	int rc;
+	struct dev_obj_digest *comm_digest_ptr;
+
+	if (pd->rmi_state == RMI_PDEV_STATE_NEW) {
+		comm_digest_ptr = &pd->cert_digest;
+	} else {
+		comm_digest_ptr = NULL;
+	}
 
 	if (pd->dev_comm_state == DEV_COMM_ACTIVE) {
 		return dev_assign_dev_communicate(&pd->da_app_data, enter_args,
-			exit_args, DEVICE_ASSIGN_APP_FUNC_ID_RESUME);
+			exit_args, comm_digest_ptr, DEVICE_ASSIGN_APP_FUNC_ID_RESUME);
 	}
 
 	switch (pd->rmi_state) {
 	case RMI_PDEV_STATE_NEW:
 		rc = dev_assign_dev_communicate(&pd->da_app_data, enter_args,
-			exit_args, DEVICE_ASSIGN_APP_FUNC_ID_CONNECT_INIT);
+			exit_args, comm_digest_ptr, DEVICE_ASSIGN_APP_FUNC_ID_CONNECT_INIT);
 		break;
 	case RMI_PDEV_STATE_STOPPING:
 		rc = dev_assign_dev_communicate(&pd->da_app_data, enter_args,
-			exit_args, DEVICE_ASSIGN_APP_FUNC_ID_STOP_CONNECTION);
+			exit_args, comm_digest_ptr, DEVICE_ASSIGN_APP_FUNC_ID_STOP_CONNECTION);
 		break;
 	default:
 		assert(false);