feat(measured-boot): make event log lib standalone
Remove dependencies on TF-A so the library can be conveniently exported
by other projets. The main changes are to remove explicit error
handling, and ensure that functions instead return errno codes that
consumers can rely on instead. Some work has also been done to make the
function naming a little more consistent.
Change-Id: Ic182dfe7dd6f56a4b73e0da4c9051813938cfe44
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
diff --git a/drivers/measured_boot/event_log/event_log.c b/drivers/measured_boot/event_log/event_log.c
index 6f2898d..9896521 100644
--- a/drivers/measured_boot/event_log/event_log.c
+++ b/drivers/measured_boot/event_log/event_log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2025, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,12 +7,9 @@
#include <assert.h>
#include <errno.h>
#include <string.h>
-#include <arch_helpers.h>
-#include <common/bl_common.h>
-#include <common/debug.h>
-#include <drivers/auth/crypto_mod.h>
-#include <drivers/measured_boot/event_log/event_log.h>
+#include "crypto_mod.h"
+#include "event_log.h"
#if TPM_ALG_ID == TPM_ALG_SHA512
#define CRYPTO_MD_ID CRYPTO_MD_SHA512
@@ -85,24 +82,25 @@
*
* There must be room for storing this new event into the event log buffer.
*/
-void event_log_record(const uint8_t *hash, uint32_t event_type,
+int event_log_record(const uint8_t *hash, uint32_t event_type,
const event_log_metadata_t *metadata_ptr)
{
void *ptr = log_ptr;
uint32_t name_len = 0U;
- assert(hash != NULL);
- assert(metadata_ptr != NULL);
/* event_log_buf_init() must have been called prior to this. */
- assert(log_ptr != NULL);
+ if (hash == NULL || metadata_ptr == NULL || log_ptr == NULL) {
+ return -EINVAL;
+ }
if (metadata_ptr->name != NULL) {
name_len = (uint32_t)strlen(metadata_ptr->name) + 1U;
}
/* Check for space in Event Log buffer */
- assert(((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) <
- log_end);
+ if (((uintptr_t)ptr + (uint32_t)EVENT2_HDR_SIZE + name_len) > log_end) {
+ return -ENOMEM;
+ }
/*
* As per TCG specifications, firmware components that are measured
@@ -145,18 +143,32 @@
/* End of event data */
log_ptr = (uint8_t *)((uintptr_t)ptr +
offsetof(event2_data_t, event) + name_len);
+
+ return 0;
}
-void event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+/*
+ * Initialise the Event Log buffer by setting global pointers
+ * to manage log entries.
+ *
+ * @param[in] event_log_start Base address of the Event Log buffer
+ * @param[in] event_log_finish End address of the Event Log buffer,
+ * pointing to the first byte past the buffer
+ */
+int event_log_buf_init(uint8_t *event_log_start, uint8_t *event_log_finish)
{
- assert(event_log_start != NULL);
- assert(event_log_finish > event_log_start);
+ if (event_log_start == NULL || event_log_finish == NULL ||
+ event_log_start > event_log_finish) {
+ return -EINVAL;
+ }
log_ptr = event_log_start;
log_end = (uintptr_t)event_log_finish;
+
+ return 0;
}
-/*
+/**
* Initialise Event Log global variables, used during the recording
* of various payload measurements into the Event Log buffer
*
@@ -165,18 +177,25 @@
* it is a first byte past end of the
* buffer
*/
-void event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
+int event_log_init(uint8_t *event_log_start, uint8_t *event_log_finish)
{
- event_log_buf_init(event_log_start, event_log_finish);
+ return event_log_buf_init(event_log_start, event_log_finish);
}
-void event_log_write_specid_event(void)
+int event_log_write_specid_event(void)
{
- void *ptr = log_ptr;
+ void *ptr;
/* event_log_buf_init() must have been called prior to this. */
- assert(log_ptr != NULL);
- assert(((uintptr_t)log_ptr + ID_EVENT_SIZE) < log_end);
+ if (log_ptr == NULL) {
+ return -EFAULT;
+ }
+
+ if (((uintptr_t)log_ptr + ID_EVENT_SIZE) > log_end) {
+ return -ENOMEM;
+ }
+
+ ptr = log_ptr;
/*
* Add Specification ID Event first
@@ -199,21 +218,30 @@
((id_event_struct_data_t *)ptr)->vendor_info_size = 0;
log_ptr = (uint8_t *)((uintptr_t)ptr +
offsetof(id_event_struct_data_t, vendor_info));
+
+ return 0;
}
/*
* Initialises Event Log by writing Specification ID and
* Startup Locality events
*/
-void event_log_write_header(void)
+int event_log_write_header(void)
{
const char locality_signature[] = TCG_STARTUP_LOCALITY_SIGNATURE;
void *ptr;
+ int rc;
+
+ rc = event_log_write_specid_event();
+ if (rc < 0) {
+ return rc;
+ }
- event_log_write_specid_event();
+ if (((uintptr_t)log_ptr + LOC_EVENT_SIZE) > log_end) {
+ return -ENOMEM;
+ }
ptr = log_ptr;
- assert(((uintptr_t)log_ptr + LOC_EVENT_SIZE) < log_end);
/*
* The Startup Locality event should be placed in the log before
@@ -250,6 +278,8 @@
*/
((startup_locality_event_t *)ptr)->startup_locality = 0U;
log_ptr = (uint8_t *)((uintptr_t)ptr + sizeof(startup_locality_event_t));
+
+ return 0;
}
int event_log_measure(uintptr_t data_base, uint32_t data_size,
@@ -279,14 +309,18 @@
unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
int rc;
- assert(metadata_ptr != NULL);
+ if (metadata_ptr == NULL) {
+ return -EINVAL;
+ }
/* Get the metadata associated with this image. */
- while ((metadata_ptr->id != EVLOG_INVALID_ID) &&
- (metadata_ptr->id != data_id)) {
+ while (metadata_ptr->id != data_id) {
+ if (metadata_ptr->id == EVLOG_INVALID_ID) {
+ return -EINVAL;
+ }
+
metadata_ptr++;
}
- assert(metadata_ptr->id != EVLOG_INVALID_ID);
/* Measure the payload with algorithm selected by EventLog driver */
rc = event_log_measure(data_base, data_size, hash_data);
@@ -294,7 +328,10 @@
return rc;
}
- event_log_record(hash_data, EV_POST_CODE, metadata_ptr);
+ rc = event_log_record(hash_data, EV_POST_CODE, metadata_ptr);
+ if (rc != 0) {
+ return rc;
+ }
return 0;
}
diff --git a/drivers/measured_boot/event_log/event_log.mk b/drivers/measured_boot/event_log/event_log.mk
index 9e0d6c4..df3460f 100644
--- a/drivers/measured_boot/event_log/event_log.mk
+++ b/drivers/measured_boot/event_log/event_log.mk
@@ -4,6 +4,8 @@
# SPDX-License-Identifier: BSD-3-Clause
#
+EVENT_LOG_SRC_DIR := drivers/measured_boot/event_log/
+
# Default log level to dump the event log (LOG_LEVEL_INFO)
EVENT_LOG_LEVEL ?= 40
@@ -40,7 +42,8 @@
EVENT_LOG_LEVEL \
)))
-EVENT_LOG_SRC_DIR := drivers/measured_boot/event_log/
+INCLUDES += -Iinclude/drivers/measured_boot/event_log \
+ -Iinclude/drivers/auth
EVENT_LOG_SOURCES := ${EVENT_LOG_SRC_DIR}event_log.c \
${EVENT_LOG_SRC_DIR}event_print.c
diff --git a/drivers/measured_boot/event_log/event_print.c b/drivers/measured_boot/event_log/event_print.c
index 1390427..f0b4c96 100644
--- a/drivers/measured_boot/event_log/event_print.c
+++ b/drivers/measured_boot/event_log/event_print.c
@@ -4,13 +4,14 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <assert.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdio.h>
#include <string.h>
#include <common/debug.h>
-#include <drivers/measured_boot/event_log/event_log.h>
+#include "event_log.h"
-#if LOG_LEVEL >= EVENT_LOG_LEVEL
/*
* Print TCG_EfiSpecIDEventStruct
@@ -18,7 +19,7 @@
* @param[in/out] log_addr Pointer to Event Log
* @param[in/out] log_size Pointer to Event Log size
*/
-static void event_log_print_id_event(uint8_t **log_addr, size_t *log_size)
+static int event_log_print_id_event(uint8_t **log_addr, size_t *log_size)
{
unsigned int i;
uint8_t info_size, *info_size_ptr;
@@ -27,12 +28,11 @@
id_event_algorithm_size_t *alg_ptr;
uint32_t event_size, number_of_algorithms;
size_t digest_len;
-#if ENABLE_ASSERTIONS
const uint8_t *end_ptr = (uint8_t *)((uintptr_t)*log_addr + *log_size);
- bool valid = true;
-#endif
- assert(*log_size >= sizeof(id_event_headers_t));
+ if (*log_size < sizeof(id_event_headers_t)) {
+ return -EINVAL;
+ }
/* The fields of the event log header are defined to be PCRIndex of 0,
* EventType of EV_NO_ACTION, Digest of 20 bytes of 0, and
@@ -40,10 +40,14 @@
*/
LOG_EVENT("TCG_EfiSpecIDEvent:\n");
LOG_EVENT(" PCRIndex : %u\n", event->header.pcr_index);
- assert(event->header.pcr_index == (uint32_t)PCR_0);
+ if (event->header.pcr_index != (uint32_t)PCR_0) {
+ return -EINVAL;
+ }
LOG_EVENT(" EventType : %u\n", event->header.event_type);
- assert(event->header.event_type == EV_NO_ACTION);
+ if (event->header.event_type != EV_NO_ACTION) {
+ return -EINVAL;
+ }
LOG_EVENT(" Digest :");
for (i = 0U; i < sizeof(event->header.digest); ++i) {
@@ -54,18 +58,12 @@
(void)printf("\n");
LOG_EVENT("\t\t :");
}
-#if ENABLE_ASSERTIONS
- if (val != 0U) {
- valid = false;
- }
-#endif
}
+
if ((i & U(0xF)) != 0U) {
(void)printf("\n");
}
- assert(valid);
-
/* EventSize */
event_size = event->header.event_size;
LOG_EVENT(" EventSize : %u\n", event_size);
@@ -90,7 +88,9 @@
/* Size of DigestSizes[] */
digest_len = number_of_algorithms * sizeof(id_event_algorithm_size_t);
- assert(((uintptr_t)alg_ptr + digest_len) <= (uintptr_t)end_ptr);
+ if (digest_len > (uintptr_t)end_ptr - (uintptr_t)alg_ptr) {
+ return -EFAULT;
+ }
LOG_EVENT(" DigestSizes :\n");
for (i = 0U; i < number_of_algorithms; ++i) {
@@ -110,7 +110,7 @@
default:
(void)printf("?\n");
ERROR("Algorithm 0x%x not found\n", algorithm_id);
- assert(false);
+ return -ENOENT;
}
LOG_EVENT(" DigestSize : %u\n",
@@ -119,17 +119,24 @@
/* Address of VendorInfoSize */
info_size_ptr = (uint8_t *)((uintptr_t)alg_ptr + digest_len);
- assert((uintptr_t)info_size_ptr <= (uintptr_t)end_ptr);
+ if ((uintptr_t)info_size_ptr > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
info_size = *info_size_ptr++;
LOG_EVENT(" VendorInfoSize : %u\n", info_size);
/* Check VendorInfo end address */
- assert(((uintptr_t)info_size_ptr + info_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)info_size_ptr + info_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
/* Check EventSize */
- assert(event_size == (sizeof(id_event_struct_t) +
- digest_len + info_size));
+ if (event_size !=
+ (sizeof(id_event_struct_t) + digest_len + info_size)) {
+ return -EFAULT;
+ }
+
if (info_size != 0U) {
LOG_EVENT(" VendorInfo :");
for (i = 0U; i < info_size; ++i) {
@@ -140,6 +147,8 @@
*log_size -= (uintptr_t)info_size_ptr - (uintptr_t)*log_addr;
*log_addr = info_size_ptr;
+
+ return 0;
}
/*
@@ -148,16 +157,16 @@
* @param[in/out] log_addr Pointer to Event Log
* @param[in/out] log_size Pointer to Event Log size
*/
-static void event_log_print_pcr_event2(uint8_t **log_addr, size_t *log_size)
+static int event_log_print_pcr_event2(uint8_t **log_addr, size_t *log_size)
{
uint32_t event_size, count;
size_t sha_size, digests_size = 0U;
void *ptr = *log_addr;
-#if ENABLE_ASSERTIONS
const uint8_t *end_ptr = (uint8_t *)((uintptr_t)*log_addr + *log_size);
-#endif
- assert(*log_size >= sizeof(event2_header_t));
+ if (*log_size < sizeof(event2_header_t)) {
+ return -EINVAL;
+ }
LOG_EVENT("PCR_Event2:\n");
LOG_EVENT(" PCRIndex : %u\n",
@@ -166,16 +175,25 @@
((event2_header_t *)ptr)->event_type);
count = ((event2_header_t *)ptr)->digests.count;
+ if (count < 1U) {
+ LOG_EVENT("Invalid Digests Count : %u\n", count);
+ return -EINVAL;
+ }
+
LOG_EVENT(" Digests Count : %u\n", count);
/* Address of TCG_PCR_EVENT2.Digests[] */
ptr = (uint8_t *)ptr + sizeof(event2_header_t);
- assert(((uintptr_t)ptr <= (uintptr_t)end_ptr) && (count != 0U));
+ if ((uintptr_t)ptr > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
for (unsigned int i = 0U; i < count; ++i) {
/* Check AlgorithmId address */
- assert(((uintptr_t)ptr +
- offsetof(tpmt_ha, digest)) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + offsetof(tpmt_ha, digest)) >
+ (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
LOG_EVENT(" #%u AlgorithmId : SHA", i);
switch (((tpmt_ha *)ptr)->algorithm_id) {
@@ -193,14 +211,16 @@
break;
default:
(void)printf("?\n");
- ERROR("Algorithm 0x%x not found\n",
+ printf("Algorithm 0x%x not found\n",
((tpmt_ha *)ptr)->algorithm_id);
- panic();
+ return -ENOENT;
}
/* End of Digest[] */
ptr = (uint8_t *)((uintptr_t)ptr + offsetof(tpmt_ha, digest));
- assert(((uintptr_t)ptr + sha_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + sha_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
/* Total size of all digests */
digests_size += sha_size;
@@ -218,7 +238,10 @@
}
/* TCG_PCR_EVENT2.EventSize */
- assert(((uintptr_t)ptr + offsetof(event2_data_t, event)) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + offsetof(event2_data_t, event)) >
+ (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
event_size = ((event2_data_t *)ptr)->event_size;
LOG_EVENT(" EventSize : %u\n", event_size);
@@ -227,7 +250,9 @@
ptr = (uint8_t *)((uintptr_t)ptr + offsetof(event2_data_t, event));
/* End of TCG_PCR_EVENT2.Event[EventSize] */
- assert(((uintptr_t)ptr + event_size) <= (uintptr_t)end_ptr);
+ if (((uintptr_t)ptr + event_size) > (uintptr_t)end_ptr) {
+ return -EFAULT;
+ }
if ((event_size == sizeof(startup_locality_event_t)) &&
(strcmp((const char *)ptr, TCG_STARTUP_LOCALITY_SIGNATURE) == 0)) {
@@ -241,8 +266,9 @@
*log_size -= (uintptr_t)ptr + event_size - (uintptr_t)*log_addr;
*log_addr = (uint8_t *)ptr + event_size;
+
+ return 0;
}
-#endif /* LOG_LEVEL >= EVENT_LOG_LEVEL */
/*
* Print Event Log
@@ -250,16 +276,26 @@
* @param[in] log_addr Pointer to Event Log
* @param[in] log_size Event Log size
*/
-void event_log_dump(uint8_t *log_addr, size_t log_size)
+int event_log_dump(uint8_t *log_addr, size_t log_size)
{
-#if LOG_LEVEL >= EVENT_LOG_LEVEL
- assert(log_addr != NULL);
+ int rc;
+
+ if (log_addr == NULL) {
+ return -EINVAL;
+ }
/* Print TCG_EfiSpecIDEvent */
- event_log_print_id_event(&log_addr, &log_size);
+ rc = event_log_print_id_event(&log_addr, &log_size);
+
+ if (rc < 0) {
+ return rc;
+ }
while (log_size != 0U) {
- event_log_print_pcr_event2(&log_addr, &log_size);
+ rc = event_log_print_pcr_event2(&log_addr, &log_size);
+ if (rc < 0) {
+ return rc;
+ }
}
-#endif
+ return 0;
}