feat(tc): share DPE context handle with child component
To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from the parent
component via a DTB object.
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id357fab3586398b1933444e1d10d1ab6d8243ab9
diff --git a/drivers/measured_boot/rss/dice_prot_env.c b/drivers/measured_boot/rss/dice_prot_env.c
index 6417cdc..67b51a9 100644
--- a/drivers/measured_boot/rss/dice_prot_env.c
+++ b/drivers/measured_boot/rss/dice_prot_env.c
@@ -130,7 +130,7 @@
*/
VERBOSE("Share new_context_handle with child: 0x%x\n",
new_context_handle);
- /* TODO: share context handle */
+ plat_dpe_share_context_handle(&new_context_handle);
}
} else {
ERROR("dpe_derive_context failed: %d\n", ret);
diff --git a/include/drivers/measured_boot/rss/dice_prot_env.h b/include/drivers/measured_boot/rss/dice_prot_env.h
index b28192f..8d00d83 100644
--- a/include/drivers/measured_boot/rss/dice_prot_env.h
+++ b/include/drivers/measured_boot/rss/dice_prot_env.h
@@ -39,4 +39,9 @@
int dpe_set_signer_id(struct dpe_metadata *metadata,
const void *pk_oid, const void *pk_ptr, size_t pk_len);
+/* Child components inherit their first valid context handle from their parents.
+ * How to share context handle is platform specific.
+ */
+void plat_dpe_share_context_handle(int *ctx_handle);
+
#endif /* DICE_PROT_ENV_H */
diff --git a/plat/arm/board/tc/tc_bl1_dpe.c b/plat/arm/board/tc/tc_bl1_dpe.c
index 67b1d02..25fdf95 100644
--- a/plat/arm/board/tc/tc_bl1_dpe.c
+++ b/plat/arm/board/tc/tc_bl1_dpe.c
@@ -6,6 +6,7 @@
#include <stdint.h>
+#include <common/debug.h>
#include <drivers/arm/rss_comms.h>
#include <drivers/measured_boot/metadata.h>
#include <drivers/measured_boot/rss/dice_prot_env.h>
@@ -43,6 +44,13 @@
.id = DPE_INVALID_ID }
};
+/* Context handle is meant to be used by BL2. Sharing it via TB_FW_CONFIG */
+static int new_ctx_handle;
+
+void plat_dpe_share_context_handle(int *ctx_handle)
+{
+ new_ctx_handle = *ctx_handle;
+}
void bl1_plat_mboot_init(void)
{
@@ -55,5 +63,17 @@
void bl1_plat_mboot_finish(void)
{
- /* Nothing to do. */
+ int rc;
+
+ VERBOSE("Share DPE context handle with BL2: 0x%x\n", new_ctx_handle);
+ rc = arm_set_tb_fw_info(&new_ctx_handle);
+ if (rc != 0) {
+ ERROR("Unable to set DPE context handle in TB_FW_CONFIG\n");
+ /*
+ * It is a fatal error because on TC platform, BL2 software
+ * assumes that a valid DPE context_handle is passed through
+ * the DTB object by BL1.
+ */
+ plat_panic_handler();
+ }
}
diff --git a/plat/arm/board/tc/tc_bl2_dpe.c b/plat/arm/board/tc/tc_bl2_dpe.c
index 2d6b54d..17a6c30 100644
--- a/plat/arm/board/tc/tc_bl2_dpe.c
+++ b/plat/arm/board/tc/tc_bl2_dpe.c
@@ -6,13 +6,14 @@
#include <stdint.h>
+#include <common/debug.h>
#include <drivers/arm/rss_comms.h>
#include <drivers/measured_boot/metadata.h>
#include <drivers/measured_boot/rss/dice_prot_env.h>
#include <plat/arm/common/plat_arm.h>
#include <plat/common/platform.h>
#include <platform_def.h>
-#include <tools_share/zero_oid.h>
+#include <tools_share/tbbr_oid.h>
/*
* The content and the values of this array depends on:
@@ -164,6 +165,14 @@
.id = DPE_INVALID_ID }
};
+/* Context handle is meant to be used by BL33. Sharing it via NT_FW_CONFIG */
+static int new_ctx_handle;
+
+void plat_dpe_share_context_handle(int *ctx_handle)
+{
+ new_ctx_handle = *ctx_handle;
+}
+
void bl2_plat_mboot_init(void)
{
/* Initialize the communication channel between AP and RSS */
@@ -175,5 +184,17 @@
void bl2_plat_mboot_finish(void)
{
- /* Nothing to do. */
+ int rc;
+
+ VERBOSE("Share DPE context handle with BL33: 0x%x\n", new_ctx_handle);
+ rc = arm_set_nt_fw_info(&new_ctx_handle);
+ if (rc != 0) {
+ ERROR("Unable to set DPE context handle in NT_FW_CONFIG\n");
+ /*
+ * It is a fatal error because on TC platform, BL33 software
+ * assumes that a valid DPE context_handle is passed through
+ * the DTB object by BL2.
+ */
+ plat_panic_handler();
+ }
}