| Abhi Singh | c4c9e2b | 2024-11-06 11:11:11 -0600 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2025, Arm Limited. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | */ |
| 6 | |
| 7 | #include <assert.h> |
| 8 | #include <stdarg.h> |
| 9 | #include <stdint.h> |
| 10 | |
| 11 | #include "./include/rpi3_measured_boot.h" |
| 12 | |
| 13 | #include <drivers/auth/crypto_mod.h> |
| 14 | #include <drivers/measured_boot/event_log/event_log.h> |
| 15 | #include <drivers/measured_boot/metadata.h> |
| 16 | #include <plat/common/common_def.h> |
| 17 | #include <plat/common/platform.h> |
| 18 | #include <platform_def.h> |
| 19 | #include <tools_share/tbbr_oid.h> |
| 20 | |
| 21 | /* RPI3 table with platform specific image IDs, names and PCRs */ |
| 22 | const event_log_metadata_t rpi3_event_log_metadata[] = { |
| 23 | { BL31_IMAGE_ID, MBOOT_BL31_IMAGE_STRING, PCR_0 }, |
| 24 | { BL33_IMAGE_ID, MBOOT_BL33_IMAGE_STRING, PCR_0 }, |
| 25 | { NT_FW_CONFIG_ID, MBOOT_NT_FW_CONFIG_STRING, PCR_0 }, |
| 26 | |
| 27 | { EVLOG_INVALID_ID, NULL, (unsigned int)(-1) } /* Terminator */ |
| 28 | }; |
| 29 | |
| 30 | static uint8_t *event_log_start; |
| 31 | static size_t event_log_size; |
| 32 | |
| 33 | void bl2_plat_mboot_init(void) |
| 34 | { |
| 35 | uint8_t *bl2_event_log_start; |
| 36 | uint8_t *bl2_event_log_finish; |
| 37 | |
| 38 | rpi3_mboot_fetch_eventlog_info(&event_log_start, &event_log_size); |
| 39 | bl2_event_log_start = event_log_start + event_log_size; |
| 40 | bl2_event_log_finish = event_log_start + PLAT_ARM_EVENT_LOG_MAX_SIZE; |
| 41 | event_log_init(bl2_event_log_start, bl2_event_log_finish); |
| 42 | } |
| 43 | |
| 44 | void bl2_plat_mboot_finish(void) |
| 45 | { |
| Abhi Singh | 6dfcf4e | 2024-11-07 16:40:57 -0600 | [diff] [blame] | 46 | int rc; |
| 47 | |
| 48 | /* Event Log address in Non-Secure memory */ |
| 49 | uintptr_t ns_log_addr; |
| 50 | |
| Abhi Singh | c4c9e2b | 2024-11-06 11:11:11 -0600 | [diff] [blame] | 51 | /* Event Log filled size */ |
| 52 | size_t event_log_cur_size; |
| 53 | |
| 54 | event_log_cur_size = event_log_get_cur_size((uint8_t *)event_log_start); |
| 55 | |
| Abhi Singh | 6dfcf4e | 2024-11-07 16:40:57 -0600 | [diff] [blame] | 56 | /* write the eventlog addr and size to NT_FW_CONFIG TPM entry */ |
| 57 | rc = rpi3_set_nt_fw_info(event_log_cur_size, &ns_log_addr); |
| 58 | if (rc != 0) { |
| 59 | ERROR("%s(): Unable to update %s_FW_CONFIG\n", |
| 60 | __func__, "NT"); |
| 61 | /* |
| 62 | * fatal error due to Bl33 maintaining the assumption |
| 63 | * that the eventlog is successfully passed via |
| 64 | * NT_FW_CONFIG. |
| 65 | */ |
| 66 | panic(); |
| 67 | } |
| 68 | |
| 69 | /* Copy Event Log to Non-secure memory */ |
| 70 | (void)memcpy((void *)ns_log_addr, (const void *)event_log_start, |
| 71 | event_log_cur_size); |
| 72 | |
| 73 | /* Ensure that the Event Log is visible in Non-secure memory */ |
| 74 | flush_dcache_range(ns_log_addr, event_log_cur_size); |
| 75 | |
| Abhi Singh | c4c9e2b | 2024-11-06 11:11:11 -0600 | [diff] [blame] | 76 | /* Dump Event Log for user view */ |
| 77 | dump_event_log((uint8_t *)event_log_start, event_log_cur_size); |
| 78 | } |
| 79 | |
| 80 | int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data) |
| 81 | { |
| 82 | int rc = 0; |
| 83 | |
| 84 | unsigned char hash_data[CRYPTO_MD_MAX_SIZE]; |
| 85 | const event_log_metadata_t *metadata_ptr = rpi3_event_log_metadata; |
| 86 | |
| 87 | /* Measure the payload with algorithm selected by EventLog driver */ |
| 88 | rc = event_log_measure(image_data->image_base, image_data->image_size, hash_data); |
| 89 | if (rc != 0) { |
| 90 | return rc; |
| 91 | } |
| 92 | |
| 93 | while ((metadata_ptr->id != EVLOG_INVALID_ID) && |
| 94 | (metadata_ptr->id != image_id)) { |
| 95 | metadata_ptr++; |
| 96 | } |
| 97 | assert(metadata_ptr->id != EVLOG_INVALID_ID); |
| 98 | |
| 99 | event_log_record(hash_data, EV_POST_CODE, metadata_ptr); |
| 100 | |
| 101 | return rc; |
| 102 | } |