TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TS / trusted-services / f6562655ae4cf98899696f9cd4b19eec337a8478 / . / deployments / attestation / common / attestation_sp.c
blob: aaa6695d0a3f7465ec8cd5ebd3979857f5d81d67 [file] [log] [blame]
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]1/*
Imre Kis9757f6b2022-07-26 17:19:46 +0200[diff] [blame]2 * Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]7#include <rpc/ffarpc/endpoint/ffarpc_call_ep.h>
8#include <protocols/rpc/common/packed-c/status.h>
9#include <config/ramstore/config_ramstore.h>
10#include <config/loader/sp/sp_config_loader.h>
11#include <service/attestation/provider/attest_provider.h>
12#include <service/attestation/provider/serializer/packed-c/packedc_attest_provider_serializer.h>
13#include <service/attestation/claims/claims_register.h>
14#include <service/attestation/claims/sources/event_log/event_log_claim_source.h>
15#include <service/attestation/claims/sources/boot_seed_generator/boot_seed_generator.h>
16#include <service/attestation/claims/sources/null_lifecycle/null_lifecycle_claim_source.h>
17#include <service/attestation/claims/sources/instance_id/instance_id_claim_source.h>
Julian Hall3b2fc5c2021-08-12 15:56:07 +0100[diff] [blame]18#include <service/attestation/claims/sources/implementation_id/implementation_id_claim_source.h>
Julian Hall644b57a2021-06-30 08:45:19 +0100[diff] [blame]19#include <service/attestation/key_mngr/local/local_attest_key_mngr.h>
Julian Hallc52807c2021-08-13 15:15:18 +0100[diff] [blame]20#include <service/crypto/client/psa/psa_crypto_client.h>
21#include <service_locator.h>
22#include <psa/crypto.h>
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]23#include <ffa_api.h>
24#include <sp_api.h>
25#include <sp_rxtx.h>
26#include <trace.h>
27
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]28static int sp_init(uint16_t *own_sp_id);
Julian Hallc52807c2021-08-13 15:15:18 +0100[diff] [blame]29static void locate_crypto_service(void);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]30
31void __noreturn sp_main(struct ffa_init_info *init_info)
32{
33 /* Service provider objects */
34 struct attest_provider attest_provider;
35 struct rpc_interface *attest_iface;
36 struct ffa_call_ep ffarpc_call_ep;
Julian Hall22c47a92021-07-09 14:49:16 +0100[diff] [blame]37 struct sp_msg req_msg;
Imre Kisf6562652022-07-04 15:33:13 +0200[diff] [blame^]38 uint16_t own_id = 0;
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]39
40 /* Claim source objects */
41 struct claim_source *claim_source;
42 struct event_log_claim_source event_log_claim_source;
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]43 struct boot_seed_generator boot_seed_claim_source;
44 struct null_lifecycle_claim_source lifecycle_claim_source;
45 struct instance_id_claim_source instance_id_claim_source;
Julian Hall3b2fc5c2021-08-12 15:56:07 +0100[diff] [blame]46 struct implementation_id_claim_source implementation_id_claim_source;
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]47
48 /*********************************************************
49 * Boot phase
50 *********************************************************/
51 if (sp_init(&own_id) != 0) goto fatal_error;
52
53 config_ramstore_init();
54 sp_config_load(init_info);
55
56 /**
Julian Hallc52807c2021-08-13 15:15:18 +0100[diff] [blame]57 * Locate crypto service endpoint and establish RPC session
Julian Hall6bab0212021-07-27 11:45:47 +0100[diff] [blame]58 */
Julian Hallc52807c2021-08-13 15:15:18 +0100[diff] [blame]59 locate_crypto_service();
Julian Hall6bab0212021-07-27 11:45:47 +0100[diff] [blame]60
61 /**
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]62 * Register claim sources for deployment
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]63 */
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]64 claims_register_init();
65
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]66 /* Boot measurement claim source */
67 claim_source = event_log_claim_source_init_from_config(&event_log_claim_source);
68 claims_register_add_claim_source(CLAIM_CATEGORY_BOOT_MEASUREMENT, claim_source);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]69
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]70 /* Boot seed claim source */
71 claim_source = boot_seed_generator_init(&boot_seed_claim_source);
72 claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]73
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]74 /* Lifecycle state claim source */
75 claim_source = null_lifecycle_claim_source_init(&lifecycle_claim_source);
76 claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]77
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]78 /* Instance ID claim source */
79 claim_source = instance_id_claim_source_init(&instance_id_claim_source);
80 claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]81
Julian Hall3b2fc5c2021-08-12 15:56:07 +0100[diff] [blame]82 /* Implementation ID claim source */
83 claim_source = implementation_id_claim_source_init(&implementation_id_claim_source,
84 "trustedfirmware.org.ts.attestation_sp");
85 claims_register_add_claim_source(CLAIM_CATEGORY_DEVICE, claim_source);
86
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]87 /**
88 * Initialize the service provider
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]89 */
Julian Hall644b57a2021-06-30 08:45:19 +0100[diff] [blame]90 local_attest_key_mngr_init(LOCAL_ATTEST_KEY_MNGR_VOLATILE_IAK);
91 attest_iface = attest_provider_init(&attest_provider);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]92
Julian Hall7048d302021-06-03 16:07:28 +0100[diff] [blame]93 attest_provider_register_serializer(&attest_provider,
94 TS_RPC_ENCODING_PACKED_C, packedc_attest_provider_serializer_instance());
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]95
Imre Kisd92645c2022-06-28 17:26:53 +0200[diff] [blame]96 ffa_call_ep_init(&ffarpc_call_ep, attest_iface, own_id);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]97
98 /*********************************************************
99 * End of boot phase
100 *********************************************************/
Julian Hall22c47a92021-07-09 14:49:16 +0100[diff] [blame]101 sp_msg_wait(&req_msg);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]102
103 while (1) {
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]104
Julian Hall22c47a92021-07-09 14:49:16 +0100[diff] [blame]105 struct sp_msg resp_msg;
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]106
Julian Hall22c47a92021-07-09 14:49:16 +0100[diff] [blame]107 ffa_call_ep_receive(&ffarpc_call_ep, &req_msg, &resp_msg);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]108
Julian Hall22c47a92021-07-09 14:49:16 +0100[diff] [blame]109 sp_msg_send_direct_resp(&resp_msg, &req_msg);
Julian Hallcaa4af82021-05-19 12:02:36 +0100[diff] [blame]110 }
111
112fatal_error:
113 /* SP is not viable */
114 EMSG("Attestation SP error");
115 while (1) {}
116}
117
118void sp_interrupt_handler(uint32_t interrupt_id)
119{
120 (void)interrupt_id;
121}
122
123static int sp_init(uint16_t *own_sp_id)
124{
125 int status = -1;
126 ffa_result ffa_res;
127 sp_result sp_res;
128 static uint8_t tx_buffer[4096] __aligned(4096);
129 static uint8_t rx_buffer[4096] __aligned(4096);
130
131 sp_res = sp_rxtx_buffer_map(tx_buffer, rx_buffer, sizeof(rx_buffer));
132 if (sp_res == SP_RESULT_OK) {
133 ffa_res = ffa_id_get(own_sp_id);
134 if (ffa_res == FFA_OK) {
135 status = 0;
136 }
137 }
138
139 return status;
140}
Julian Hallc52807c2021-08-13 15:15:18 +0100[diff] [blame]141
142void locate_crypto_service(void)
143{
144 service_locator_init();
145
146 int status;
147
148 /* todo - add option to use configurable crypto service location */
149 struct service_context *crypto_service_context =
150 service_locator_query("sn:ffa:d9df52d5-16a2-4bb2-9aa4-d26d3b84e8c0:0", &status);
151
152 if (crypto_service_context) {
153
154 struct rpc_caller *caller;
155
156 if (service_context_open(crypto_service_context, TS_RPC_ENCODING_PACKED_C, &caller)) {
157
158 psa_crypto_client_init(caller);
159 }
160 }
161
162 psa_crypto_init();
163}