Merge changes I072fe5fe,I4066d476,Ie4af38b8,I730e7b04,Iac3356f8, ... into integration
* changes:
fix(psa): extend measured boot logging
fix(rss): determine the size of sw_type in RSS mboot metadata
fix(psa): align with original API in tf-m-extras
fix(rss): clear the message buffer
feat(tc): enable RSS backend based measured boot
feat(tc): increase maximum BL1/BL2/BL31 sizes
diff --git a/drivers/arm/rss/rss_comms.c b/drivers/arm/rss/rss_comms.c
index 8b5002f..5e224e1 100644
--- a/drivers/arm/rss/rss_comms.c
+++ b/drivers/arm/rss/rss_comms.c
@@ -142,6 +142,9 @@
VERBOSE("out_vec[%lu].buf=%p\n", idx, (void *)out_vec[idx].base);
}
+ /* Clear the MHU message buffer to remove assets from memory */
+ memset(&io_buf, 0x0, sizeof(io_buf));
+
seq_num++;
return return_val;
diff --git a/drivers/measured_boot/rss/rss_measured_boot.c b/drivers/measured_boot/rss/rss_measured_boot.c
index 6cbb4dc..cf545a7 100644
--- a/drivers/measured_boot/rss/rss_measured_boot.c
+++ b/drivers/measured_boot/rss/rss_measured_boot.c
@@ -41,10 +41,21 @@
/* At this point it is expected that communication channel over MHU
* is already initialised by platform init.
*/
+ struct rss_mboot_metadata *metadata_ptr;
/* Get pointer to platform's struct rss_mboot_metadata structure */
plat_metadata_ptr = plat_rss_mboot_get_metadata();
assert(plat_metadata_ptr != NULL);
+
+ /* Use a local variable to preserve the value of the global pointer */
+ metadata_ptr = plat_metadata_ptr;
+
+ /* Init the non-const members of the metadata structure */
+ while (metadata_ptr->id != RSS_MBOOT_INVALID_ID) {
+ metadata_ptr->sw_type_size =
+ strlen((const char *)&metadata_ptr->sw_type) + 1;
+ metadata_ptr++;
+ }
}
int rss_mboot_measure_and_record(uintptr_t data_base, uint32_t data_size,
diff --git a/lib/psa/measured_boot.c b/lib/psa/measured_boot.c
index 90e4ef3..6e9ff78 100644
--- a/lib/psa/measured_boot.c
+++ b/lib/psa/measured_boot.c
@@ -39,8 +39,10 @@
const uint8_t *signer_id,
size_t signer_id_size,
const uint8_t *version, /* string */
- uint32_t measurement_algo,
+ size_t version_size,
const uint8_t *sw_type, /* string */
+ size_t sw_type_size,
+ uint32_t measurement_algo,
const uint8_t *measurement_value,
size_t measurement_value_size,
bool lock_measurement)
@@ -49,9 +51,11 @@
INFO(" - slot : %u\n", index);
INFO(" - signer_id :");
print_byte_array(signer_id, signer_id_size);
- INFO(" - version : %s\n", version);
+ INFO(" - version : %s\n", version);
+ INFO(" - version_size: %zu\n", version_size);
+ INFO(" - sw_type : %s\n", sw_type);
+ INFO(" - sw_type_size: %zu\n", sw_type_size);
INFO(" - algorithm : %x\n", measurement_algo);
- INFO(" - sw_type : %s\n", sw_type);
INFO(" - measurement :");
print_byte_array(measurement_value, measurement_value_size);
INFO(" - locking : %s\n", lock_measurement ? "true" : "false");
@@ -87,18 +91,17 @@
{.base = measurement_value, .len = measurement_value_size}
};
- uint32_t sw_type_size_limited;
-
if (sw_type != NULL) {
- sw_type_size_limited = (sw_type_size < SW_TYPE_MAX_SIZE) ?
- sw_type_size : SW_TYPE_MAX_SIZE;
- memcpy(extend_iov.sw_type, sw_type, sw_type_size_limited);
+ if (sw_type_size > SW_TYPE_MAX_SIZE) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
+ memcpy(extend_iov.sw_type, sw_type, sw_type_size);
}
log_measurement(index, signer_id, signer_id_size,
- version, measurement_algo, sw_type,
- measurement_value, measurement_value_size,
- lock_measurement);
+ version, version_size, sw_type, sw_type_size,
+ measurement_algo, measurement_value,
+ measurement_value_size, lock_measurement);
return psa_call(RSS_MEASURED_BOOT_HANDLE,
RSS_MEASURED_BOOT_EXTEND,
@@ -122,9 +125,9 @@
bool lock_measurement)
{
log_measurement(index, signer_id, signer_id_size,
- version, measurement_algo, sw_type,
- measurement_value, measurement_value_size,
- lock_measurement);
+ version, version_size, sw_type, sw_type_size,
+ measurement_algo, measurement_value,
+ measurement_value_size, lock_measurement);
return PSA_SUCCESS;
}
diff --git a/plat/arm/board/tc/include/platform_def.h b/plat/arm/board/tc/include/platform_def.h
index b63185c..bc4f254 100644
--- a/plat/arm/board/tc/include/platform_def.h
+++ b/plat/arm/board/tc/include/platform_def.h
@@ -101,7 +101,7 @@
* PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
* plus a little space for growth.
*/
-#define PLAT_ARM_MAX_BL1_RW_SIZE 0xC000
+#define PLAT_ARM_MAX_BL1_RW_SIZE 0xD000
/*
* PLAT_ARM_MAX_ROMLIB_RW_SIZE is define to use a full page
@@ -117,20 +117,19 @@
/*
* PLAT_ARM_MAX_BL2_SIZE is calculated using the current BL2 debug size plus a
- * little space for growth.
+ * little space for growth. Current size is considering that TRUSTED_BOARD_BOOT
+ * and MEASURED_BOOT is enabled.
*/
-#if TRUSTED_BOARD_BOOT
-# define PLAT_ARM_MAX_BL2_SIZE 0x20000
-#else
-# define PLAT_ARM_MAX_BL2_SIZE 0x14000
-#endif
+# define PLAT_ARM_MAX_BL2_SIZE 0x26000
+
/*
* Since BL31 NOBITS overlays BL2 and BL1-RW, PLAT_ARM_MAX_BL31_SIZE is
* calculated using the current BL31 PROGBITS debug size plus the sizes of
- * BL2 and BL1-RW
+ * BL2 and BL1-RW. Current size is considering that TRUSTED_BOARD_BOOT and
+ * MEASURED_BOOT is enabled.
*/
-#define PLAT_ARM_MAX_BL31_SIZE 0x3F000
+#define PLAT_ARM_MAX_BL31_SIZE 0x47000
/*
* Size of cacheable stacks
diff --git a/plat/arm/board/tc/platform.mk b/plat/arm/board/tc/platform.mk
index 1a1bc56..4f962cd 100644
--- a/plat/arm/board/tc/platform.mk
+++ b/plat/arm/board/tc/platform.mk
@@ -94,7 +94,6 @@
${TC_BASE}/tc_err.c \
drivers/arm/sbsa/sbsa.c
-
BL2_SOURCES += ${TC_BASE}/tc_security.c \
${TC_BASE}/tc_err.c \
${TC_BASE}/tc_trusted_boot.c \
@@ -162,6 +161,32 @@
override ENABLE_MPMM := 1
override ENABLE_MPMM_FCONF := 1
+# Include Measured Boot makefile before any Crypto library makefile.
+# Crypto library makefile may need default definitions of Measured Boot build
+# flags present in Measured Boot makefile.
+ifeq (${MEASURED_BOOT},1)
+ MEASURED_BOOT_MK := drivers/measured_boot/rss/rss_measured_boot.mk
+ $(info Including ${MEASURED_BOOT_MK})
+ include ${MEASURED_BOOT_MK}
+ $(info Including rss_comms.mk)
+ include drivers/arm/rss/rss_comms.mk
+
+ BL1_SOURCES += ${MEASURED_BOOT_SOURCES} \
+ plat/arm/board/tc/tc_common_measured_boot.c \
+ plat/arm/board/tc/tc_bl1_measured_boot.c \
+ lib/psa/measured_boot.c \
+ ${RSS_COMMS_SOURCES}
+
+ BL2_SOURCES += ${MEASURED_BOOT_SOURCES} \
+ plat/arm/board/tc/tc_common_measured_boot.c \
+ plat/arm/board/tc/tc_bl2_measured_boot.c \
+ lib/psa/measured_boot.c \
+ ${RSS_COMMS_SOURCES}
+
+PLAT_INCLUDES += -Iinclude/lib/psa
+
+endif
+
include plat/arm/common/arm_common.mk
include plat/arm/css/common/css_common.mk
include plat/arm/soc/common/soc_css.mk
diff --git a/plat/arm/board/tc/tc_bl1_measured_boot.c b/plat/arm/board/tc/tc_bl1_measured_boot.c
new file mode 100644
index 0000000..0d29c51
--- /dev/null
+++ b/plat/arm/board/tc/tc_bl1_measured_boot.c
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/arm/rss_comms.h>
+#include <drivers/measured_boot/rss/rss_measured_boot.h>
+#include <lib/psa/measured_boot.h>
+
+#include <plat/arm/common/plat_arm.h>
+#include <platform_def.h>
+
+/* Table with platform specific image IDs and metadata. Intentionally not a
+ * const struct, some members might set by bootloaders during trusted boot.
+ */
+struct rss_mboot_metadata tc_rss_mboot_metadata[] = {
+ {
+ .id = FW_CONFIG_ID,
+ .slot = U(6),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_FW_CONFIG_STRING,
+ .lock_measurement = true },
+ {
+ .id = TB_FW_CONFIG_ID,
+ .slot = U(7),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_TB_FW_CONFIG_STRING,
+ .lock_measurement = true },
+ {
+ .id = BL2_IMAGE_ID,
+ .slot = U(8),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_BL2_STRING,
+ .lock_measurement = true },
+
+ {
+ .id = RSS_MBOOT_INVALID_ID }
+};
+
+void bl1_plat_mboot_init(void)
+{
+ /* Initialize the communication channel between AP and RSS */
+ (void)rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE,
+ PLAT_RSS_AP_RCV_MHU_BASE);
+
+ rss_measured_boot_init();
+}
+
+void bl1_plat_mboot_finish(void)
+{
+ /* Nothing to do. */
+}
diff --git a/plat/arm/board/tc/tc_bl2_measured_boot.c b/plat/arm/board/tc/tc_bl2_measured_boot.c
new file mode 100644
index 0000000..7ea2c2e
--- /dev/null
+++ b/plat/arm/board/tc/tc_bl2_measured_boot.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdint.h>
+
+#include <drivers/arm/rss_comms.h>
+#include <drivers/measured_boot/rss/rss_measured_boot.h>
+#include <lib/psa/measured_boot.h>
+
+#include <plat/common/common_def.h>
+#include <platform_def.h>
+
+/* TC specific table with image IDs and metadata. Intentionally not a
+ * const struct, some members might set by bootloaders during trusted boot.
+ */
+struct rss_mboot_metadata tc_rss_mboot_metadata[] = {
+ {
+ .id = BL31_IMAGE_ID,
+ .slot = U(9),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_BL31_STRING,
+ .lock_measurement = true },
+ {
+ .id = HW_CONFIG_ID,
+ .slot = U(10),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_HW_CONFIG_STRING,
+ .lock_measurement = true },
+ {
+ .id = SOC_FW_CONFIG_ID,
+ .slot = U(11),
+ .signer_id_size = SIGNER_ID_MIN_SIZE,
+ .sw_type = RSS_MBOOT_SOC_FW_CONFIG_STRING,
+ .lock_measurement = true },
+ {
+ .id = RSS_MBOOT_INVALID_ID }
+};
+
+void bl2_plat_mboot_init(void)
+{
+ /* Initialize the communication channel between AP and RSS */
+ (void)rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE,
+ PLAT_RSS_AP_RCV_MHU_BASE);
+
+ rss_measured_boot_init();
+}
+
+void bl2_plat_mboot_finish(void)
+{
+ /* Nothing to do. */
+}
diff --git a/plat/arm/board/tc/tc_common_measured_boot.c b/plat/arm/board/tc/tc_common_measured_boot.c
new file mode 100644
index 0000000..fe71899
--- /dev/null
+++ b/plat/arm/board/tc/tc_common_measured_boot.c
@@ -0,0 +1,35 @@
+
+/*
+ * Copyright (c) 2022, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdint.h>
+
+#include <common/desc_image_load.h>
+#include <drivers/measured_boot/rss/rss_measured_boot.h>
+
+extern struct rss_mboot_metadata tc_rss_mboot_metadata[];
+
+struct rss_mboot_metadata *plat_rss_mboot_get_metadata(void)
+{
+ return tc_rss_mboot_metadata;
+}
+
+int plat_mboot_measure_image(unsigned int image_id, image_info_t *image_data)
+{
+ int err;
+
+ /* Calculate image hash and record data in RSS */
+ err = rss_mboot_measure_and_record(image_data->image_base,
+ image_data->image_size,
+ image_id);
+ if (err != 0) {
+ ERROR("%s%s image id %u (%i)\n",
+ "Failed to ", "record in RSS", image_id, err);
+ }
+
+ return err;
+}
diff --git a/plat/arm/board/tc/tc_plat.c b/plat/arm/board/tc/tc_plat.c
index a9668e1..77db023 100644
--- a/plat/arm/board/tc/tc_plat.c
+++ b/plat/arm/board/tc/tc_plat.c
@@ -135,7 +135,7 @@
}
#endif /* SPM_MM && defined(IMAGE_BL31) */
-#if TRUSTED_BOARD_BOOT
+#if TRUSTED_BOARD_BOOT || MEASURED_BOOT
int plat_get_mbedtls_heap(void **heap_addr, size_t *heap_size)
{
assert(heap_addr != NULL);