feat(tc): add delegated attest and measurement tests
This patch adds Delegated Attestation and Measured Boot tests to the
plat/arm/board/tc platform.
The test suite can be activated by adding the build time option
`PLATFORM_TEST=1` to the make command. In this case the boot sequence is
not finished, plat_error_handler is called after the tests are run
(regardless of the test result.)
The actual test code is coming from the Trusted-Firmware-M project. Some
of the files of the tf-m-tests and tf-m-extras repo are linked to the
BL31 image.
Versions used for testing:
https://git.trustedfirmware.org/TF-M/tf-m-tests
614e8c358377e4146e8ee13d1246e59d01b4bf1b
https: //git.trustedfirmware.org/TF-M/tf-m-extras
3be9fdd557e6df449de93c2101973fb011699b3d
Change-Id: I98f0f5f760a39d2d7e0dd11d33663ddb75f0b6fc
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
diff --git a/plat/arm/board/tc/include/platform_def.h b/plat/arm/board/tc/include/platform_def.h
index bc4f254..0fe4a0a 100644
--- a/plat/arm/board/tc/include/platform_def.h
+++ b/plat/arm/board/tc/include/platform_def.h
@@ -101,7 +101,7 @@
* PLAT_ARM_MAX_BL1_RW_SIZE is calculated using the current BL1 RW debug size
* plus a little space for growth.
*/
-#define PLAT_ARM_MAX_BL1_RW_SIZE 0xD000
+#define PLAT_ARM_MAX_BL1_RW_SIZE 0x12000
/*
* PLAT_ARM_MAX_ROMLIB_RW_SIZE is define to use a full page
@@ -129,7 +129,7 @@
* BL2 and BL1-RW. Current size is considering that TRUSTED_BOARD_BOOT and
* MEASURED_BOOT is enabled.
*/
-#define PLAT_ARM_MAX_BL31_SIZE 0x47000
+#define PLAT_ARM_MAX_BL31_SIZE 0x60000
/*
* Size of cacheable stacks
@@ -152,7 +152,7 @@
# if SPM_MM
# define PLATFORM_STACK_SIZE 0x500
# else
-# define PLATFORM_STACK_SIZE 0x400
+# define PLATFORM_STACK_SIZE 0xa00
# endif
#elif defined(IMAGE_BL32)
# define PLATFORM_STACK_SIZE 0x440
diff --git a/plat/arm/board/tc/include/tc_plat.h b/plat/arm/board/tc/include/tc_plat.h
index 28c0308..f7ce2fe 100644
--- a/plat/arm/board/tc/include/tc_plat.h
+++ b/plat/arm/board/tc/include/tc_plat.h
@@ -9,4 +9,8 @@
void tc_bl31_common_platform_setup(void);
+#ifdef PLATFORM_TEST
+void run_platform_tests(void);
+#endif
+
#endif /* TC_PLAT_H */
diff --git a/plat/arm/board/tc/plat_tc_mbedtls_config.h b/plat/arm/board/tc/plat_tc_mbedtls_config.h
new file mode 100644
index 0000000..d776b63
--- /dev/null
+++ b/plat/arm/board/tc/plat_tc_mbedtls_config.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef PLAT_TC_MBEDTLS_CONFIG_H
+#define PLAT_TC_MBEDTLS_CONFIG_H
+
+#include <mbedtls_config.h>
+#include <export/lib/utils_def_exp.h>
+
+#ifndef TF_MBEDTLS_HEAP_SIZE
+#error TF_MBEDTLS_HEAP_SIZE is not defined
+#else
+#define PLATFORM_TEST_MIN_MBEDTLS_HEAP_SIZE (8 * 1024)
+/* Only change heap size if it is less then the minimum required. */
+#if TF_MBEDTLS_HEAP_SIZE < PLATFORM_TEST_MIN_MBEDTLS_HEAP_SIZE
+#undef TF_MBEDTLS_HEAP_SIZE
+#define TF_MBEDTLS_HEAP_SIZE PLATFORM_TEST_MIN_MBEDTLS_HEAP_SIZE
+#endif
+#endif
+
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_TEST_NULL_ENTROPY
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+
+#endif /* PLAT_TC_MBEDTLS_CONFIG_H */
diff --git a/plat/arm/board/tc/platform.mk b/plat/arm/board/tc/platform.mk
index 37ba229..74c0f17 100644
--- a/plat/arm/board/tc/platform.mk
+++ b/plat/arm/board/tc/platform.mk
@@ -193,6 +193,11 @@
endif
+# Add this include as first, before arm_common.mk. This is necessary because
+# arm_common.mk builds Mbed TLS, and platform_test.mk can change the list of
+# Mbed TLS files that are to be compiled (LIBMBEDTLS_SRCS).
+include plat/arm/board/tc/platform_test.mk
+
include plat/arm/common/arm_common.mk
include plat/arm/css/common/css_common.mk
include plat/arm/soc/common/soc_css.mk
diff --git a/plat/arm/board/tc/platform_test.mk b/plat/arm/board/tc/platform_test.mk
new file mode 100644
index 0000000..c2ee69e
--- /dev/null
+++ b/plat/arm/board/tc/platform_test.mk
@@ -0,0 +1,80 @@
+# Copyright (c) 2022, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+ifeq (${PLATFORM_TEST},1)
+
+ # The variables need to be set to compile the platform test:
+ ifeq (${TF_M_TESTS_PATH},)
+ # Example: ../rss/tf-m-tests
+ $(error Error: TF_M_TESTS_PATH not set)
+ endif
+ ifeq (${TF_M_EXTRAS_PATH},)
+ # Example: ../rss/tf-m-extras
+ $(error Error: TF_M_EXTRAS_PATH not set)
+ endif
+ ifeq (${MEASUREMENT_VALUE_SIZE},)
+ MEASUREMENT_VALUE_SIZE := 32
+ endif
+ ifeq (${MEASURED_BOOT_HASH_ALG},)
+ MEASURED_BOOT_HASH_ALG := "PSA_ALG_SHA_256"
+ endif
+
+ DELEGATED_ATTEST_TESTS_PATH = $(TF_M_EXTRAS_PATH)/partitions/delegated_attestation/test
+ MEASURED_BOOT_TESTS_PATH = $(TF_M_EXTRAS_PATH)/partitions/measured_boot/test
+
+ MBEDTLS_CONFIG_FILE = "<plat_tc_mbedtls_config.h>"
+
+ LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \
+ entropy.c \
+ entropy_poll.c \
+ hmac_drbg.c \
+ psa_crypto.c \
+ psa_crypto_client.c \
+ psa_crypto_driver_wrappers.c \
+ psa_crypto_hash.c \
+ psa_crypto_rsa.c \
+ psa_crypto_ecp.c \
+ psa_crypto_slot_management.c \
+ )
+
+ BL31_SOURCES += ${RSS_COMMS_SOURCES} \
+ plat/arm/common/arm_dyn_cfg.c \
+ ${TC_BASE}/rss_ap_tests.c \
+ ${TC_BASE}/rss_ap_testsuites.c \
+ ${TC_BASE}/rss_ap_test_stubs.c \
+ $(TF_M_TESTS_PATH)/test/framework/test_framework.c \
+ $(MEASURED_BOOT_TESTS_PATH)/measured_boot_common.c \
+ $(MEASURED_BOOT_TESTS_PATH)/measured_boot_tests_common.c \
+ $(DELEGATED_ATTEST_TESTS_PATH)/delegated_attest_test.c \
+ drivers/auth/mbedtls/mbedtls_common.c \
+ lib/psa/measured_boot.c \
+ lib/psa/delegated_attestation.c
+
+ PLAT_INCLUDES += -I$(TF_M_EXTRAS_PATH)/partitions/measured_boot/interface/include \
+ -I$(TF_M_EXTRAS_PATH)/partitions/delegated_attestation/interface/include \
+ -I$(TF_M_TESTS_PATH)/test/framework \
+ -I$(TF_M_TESTS_PATH)/log \
+ -I$(TF_M_TESTS_PATH)/test/secure_fw/suites/extra \
+ -I$(MEASURED_BOOT_TESTS_PATH)/non_secure \
+ -I$(DELEGATED_ATTEST_TESTS_PATH) \
+ -I$(DELEGATED_ATTEST_TESTS_PATH)/non_secure \
+ -Iplat/arm/board/tc \
+ -Iinclude/drivers/auth/mbedtls \
+ -Iinclude/drivers/arm
+
+ # Some of the PSA functions are declared in multiple header files, that
+ # triggers this warning.
+ TF_CFLAGS += -Wno-error=redundant-decls
+
+ # TODO: Created patch for warning in tf-m-tests
+ TF_CFLAGS += -Wno-error=return-type
+
+ # Define macros that are used by the code coming from the tf-m-extras repo.
+ $(eval $(call add_define,MEASUREMENT_VALUE_SIZE))
+ $(eval $(call add_define,MEASURED_BOOT_HASH_ALG))
+ $(eval $(call add_define,DELEG_ATTEST_DUMP_TOKEN_AND_KEY))
+
+ $(eval $(call add_define,PLATFORM_TEST))
+endif
diff --git a/plat/arm/board/tc/region_defs.h b/plat/arm/board/tc/region_defs.h
new file mode 100644
index 0000000..d3dfd13
--- /dev/null
+++ b/plat/arm/board/tc/region_defs.h
@@ -0,0 +1,12 @@
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef REGION_DEFS_H
+#define REGION_DEFS_H
+
+#define PSA_INITIAL_ATTEST_TOKEN_MAX_SIZE 0x800
+
+#endif /* REGION_DEFS_H */
diff --git a/plat/arm/board/tc/rss_ap_test_stubs.c b/plat/arm/board/tc/rss_ap_test_stubs.c
new file mode 100644
index 0000000..aa97476
--- /dev/null
+++ b/plat/arm/board/tc/rss_ap_test_stubs.c
@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <stdarg.h>
+#include <stdbool.h>
+#include <stdio.h>
+
+#include <delegated_attestation.h>
+#include <measured_boot.h>
+#include <psa/error.h>
+
+
+psa_status_t
+tfm_measured_boot_extend_measurement(uint8_t index,
+ const uint8_t *signer_id,
+ size_t signer_id_size,
+ const uint8_t *version,
+ size_t version_size,
+ uint32_t measurement_algo,
+ const uint8_t *sw_type,
+ size_t sw_type_size,
+ const uint8_t *measurement_value,
+ size_t measurement_value_size,
+ bool lock_measurement)
+{
+ return rss_measured_boot_extend_measurement(index,
+ signer_id,
+ signer_id_size,
+ version,
+ version_size,
+ measurement_algo,
+ sw_type,
+ sw_type_size,
+ measurement_value,
+ measurement_value_size,
+ lock_measurement);
+}
+
+psa_status_t
+tfm_measured_boot_read_measurement(uint8_t index,
+ uint8_t *signer_id,
+ size_t signer_id_size,
+ size_t *signer_id_len,
+ uint8_t *version,
+ size_t version_size,
+ size_t *version_len,
+ uint32_t *measurement_algo,
+ uint8_t *sw_type,
+ size_t sw_type_size,
+ size_t *sw_type_len,
+ uint8_t *measurement_value,
+ size_t measurement_value_size,
+ size_t *measurement_value_len,
+ bool *is_locked)
+{
+ return rss_measured_boot_read_measurement(index,
+ signer_id,
+ signer_id_size,
+ signer_id_len,
+ version,
+ version_size,
+ version_len,
+ measurement_algo,
+ sw_type,
+ sw_type_size,
+ sw_type_len,
+ measurement_value,
+ measurement_value_size,
+ measurement_value_len,
+ is_locked);
+}
+
+psa_status_t
+tfm_delegated_attest_get_token(const uint8_t *dak_pub_hash,
+ size_t dak_pub_hash_size,
+ uint8_t *token_buf,
+ size_t token_buf_size,
+ size_t *token_size)
+{
+ return rss_delegated_attest_get_token(dak_pub_hash,
+ dak_pub_hash_size,
+ token_buf,
+ token_buf_size,
+ token_size);
+}
+
+psa_status_t
+tfm_delegated_attest_get_delegated_key(uint8_t ecc_curve,
+ uint32_t key_bits,
+ uint8_t *key_buf,
+ size_t key_buf_size,
+ size_t *key_size,
+ uint32_t hash_algo)
+{
+ return rss_delegated_attest_get_delegated_key(ecc_curve,
+ key_bits,
+ key_buf,
+ key_buf_size,
+ key_size,
+ hash_algo);
+}
+
+int tfm_log_printf(const char *fmt, ...)
+{
+ int count;
+ va_list ap;
+
+ va_start(ap, fmt);
+ count = vprintf(fmt, ap);
+ va_end(ap);
+
+ return count;
+}
+
+void printf_set_color(int color_id)
+{
+ (void)color_id;
+}
diff --git a/plat/arm/board/tc/rss_ap_tests.c b/plat/arm/board/tc/rss_ap_tests.c
new file mode 100644
index 0000000..b62043e
--- /dev/null
+++ b/plat/arm/board/tc/rss_ap_tests.c
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <assert.h>
+#include <stdio.h>
+
+#include <mbedtls_common.h>
+#include <plat/common/platform.h>
+#include <psa/crypto.h>
+#include <rss_comms.h>
+
+#include "rss_ap_testsuites.h"
+
+static struct test_suite_t test_suites[] = {
+ {.freg = register_testsuite_delegated_attest},
+ {.freg = register_testsuite_measured_boot},
+};
+
+static void run_tests(void)
+{
+ enum test_suite_err_t ret;
+ psa_status_t status;
+ size_t i;
+
+ rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE, PLAT_RSS_AP_RCV_MHU_BASE);
+ mbedtls_init();
+ status = psa_crypto_init();
+ if (status != PSA_SUCCESS) {
+ printf("\n\npsa_crypto_init failed (status = %d)\n", status);
+ assert(false);
+ plat_error_handler(-1);
+ }
+
+ for (i = 0; i < ARRAY_SIZE(test_suites); ++i) {
+ struct test_suite_t *suite = &(test_suites[i]);
+
+ suite->freg(suite);
+ ret = run_testsuite(suite);
+ if (ret != TEST_SUITE_ERR_NO_ERROR) {
+ printf("\n\nError during executing testsuite '%s'.\n", suite->name);
+ assert(false);
+ plat_error_handler(-1);
+ }
+ }
+ printf("\nAll tests are run.\n");
+}
+
+void run_platform_tests(void)
+{
+ size_t i;
+
+ run_tests();
+
+ printf("\n\n");
+
+ /* Print a summary of all the tests that had been run. */
+ printf("SUMMARY:\n");
+ for (i = 0; i < ARRAY_SIZE(test_suites); ++i) {
+
+ struct test_suite_t *suite = &(test_suites[i]);
+
+ switch (suite->val) {
+ case TEST_PASSED:
+ printf(" %s PASSED.\n", suite->name);
+ break;
+ case TEST_FAILED:
+ printf(" %s FAILED.\n", suite->name);
+ break;
+ case TEST_SKIPPED:
+ printf(" %s SKIPPED.\n", suite->name);
+ break;
+ default:
+ assert(false);
+ break;
+ }
+ }
+
+ printf("\n\n");
+}
diff --git a/plat/arm/board/tc/rss_ap_testsuites.c b/plat/arm/board/tc/rss_ap_testsuites.c
new file mode 100644
index 0000000..aa47d4c
--- /dev/null
+++ b/plat/arm/board/tc/rss_ap_testsuites.c
@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/*
+ * `delegated_attest_ns_interface_testsuite.c` and
+ * `measured_boot_ns_interface_testsuite.c` are not added to the build directly.
+ * but are included in this file, and this file is added to the build. This is
+ * necessary because both files define the function `extra_tests_init`, so a
+ * linker error occurs when both are linked to BL31. This file defines a macro
+ * that renames the colliding function names to something unique.
+ * `plat/arm/board/tc/rss_ap_tests.c` can call the test init functions with
+ * their new name.
+ */
+
+#define register_testsuite_extra_ns_interface \
+ register_testsuite_delegated_attest
+#include <delegated_attest_ns_interface_testsuite.c>
+
+#undef register_testsuite_extra_ns_interface
+#define register_testsuite_extra_ns_interface \
+ register_testsuite_measured_boot
+#include <measured_boot_ns_interface_testsuite.c>
\ No newline at end of file
diff --git a/plat/arm/board/tc/rss_ap_testsuites.h b/plat/arm/board/tc/rss_ap_testsuites.h
new file mode 100644
index 0000000..58502ab
--- /dev/null
+++ b/plat/arm/board/tc/rss_ap_testsuites.h
@@ -0,0 +1,16 @@
+
+/*
+ * Copyright (c) 2022, Arm Ltd. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef RSS_AP_TESTSUITES_H
+#define RSS_AP_TESTSUITES_H
+
+#include <test_framework.h>
+
+void register_testsuite_measured_boot(struct test_suite_t *p_test_suite);
+void register_testsuite_delegated_attest(struct test_suite_t *p_test_suite);
+
+#endif /* RSS_AP_TESTSUITES_H */
diff --git a/plat/arm/board/tc/tc_bl31_setup.c b/plat/arm/board/tc/tc_bl31_setup.c
index 0523ef8..674bded 100644
--- a/plat/arm/board/tc/tc_bl31_setup.c
+++ b/plat/arm/board/tc/tc_bl31_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -52,6 +52,12 @@
void tc_bl31_common_platform_setup(void)
{
arm_bl31_platform_setup();
+#ifdef PLATFORM_TEST
+ run_platform_tests();
+
+ /* Suspend booting */
+ plat_error_handler(-1);
+#endif
}
const plat_psci_ops_t *plat_arm_psci_override_pm_ops(plat_psci_ops_t *ops)